Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Version: 3.00.11
ZTE CORPORATION
No. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://support.zte.com.cn
E-mail: support@zte.com.cn
LEGAL INFORMATION
Copyright © 2014 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.
All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.
This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.
ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.
ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.
Users may visit the ZTE technical support website http://support.zte.com.cn to inquire for related information.
The ultimate right to interpret this product resides in ZTE CORPORATION.
Revision History
Figures............................................................................................................. I
Glossary ........................................................................................................ III
II
Intended Audience
This manual is intended for:
l Network planning engineers
l Commissioning engineers
l On-duty personnel
Chapter 1, Static Route Configuration Describes how to configure static route on the
ZXR10 5900E.
Conventions
This manual uses the following typographical conventions:
Italics Variables in commands. It may also refer to other related manuals and documents.
Bold Menus, menu options, function names, input fields, option button names, check boxes,
drop-down lists, dialog box names, window names, parameters, and commands.
Constant Text that you type, program codes, filenames, directory names, and function names.
width
[] Optional parameters.
{} Mandatory parameters.
II
1-1
Command Function
Parameter Description
<next hop address> IP address of the next hop, in dotted decimal notation
Command Function
1-2
Parameter Description
<next hop address> IP address of the next hop, in dotted decimal notation
[global] Private network route can configure the next hop of public
network, only when the next hop of private network is
configured, it can be configured.
[metric <metric>] Metric value of route, range: 0-255, the default value is 0
Configuration Example
As show in Figure 1-1, S2 advertises 20.20.20.0/24 to S1. The static route to 30.2.0.0/16
can be configured on S1, the next hop is 20.20.20.2.
1-3
Command Function
ZXR10(config)#ip route-static [vrf <vrf-name>] fast-reroute [wtr This enables the FRR function of
<time-interval>] static routes.
The generation conditions for
the primary and standby routes
of static routes are: the same
destination address route with
different outgoing interfaces,
different administrative distances
or metric values.
Parameter Description
Command Function
ZXR10#show ip protocol routing [vrf <vrf_name>] This shows routing table of the
router. Vrf_name is the name of
vrf.
1-4
Command Function
ZXR10#show ip forwarding route [vrf <vrf_name>] This shows forwarding table of the
router. Vrf_name is the name of
vrf.
Use show ip protocol routing command to show global routing table of the router. Inspect
whether the configured static route exists in routing table. This command is often used for
routing protocol diagnose and maintenance.
This shows what will be displayed after show ip protocol routing is used.
ZXR10(config)#show ip protocol routing
Protocol routes:
status codes: *valid, >best, i-internal, s-stale
Use show ip forwarding route command to show forwarding table of router for inspecting
whether there is static route in forwarding table.
This shows what will be displayed after show ip forwarding route is used.
ZXR10(config)#show ip forwarding route
Status codes: *valid, >best, M: Master, S: Slave;
IPv4 Routing Table:
Dest Gw Interface Owner Pri Metric
10.10.10.0/24 10.10.10.1 vlan1 STAT 0 0
10.10.10.1/32 10.10.10.1 vlan1 ADDR 0 0
20.20.20.0/24 10.10.10.2 vlan1 ADDR 110 2
30.2.0.0/16 10.10.10.2 vlan1 DIRECT 1 0
224.0.0.0/4 224.0.0.0 NULL RIP 0 0
224.0.0.0/24 224.0.0.0 NULL DIRECT 0 0
1-5
Gw Gateway
Configuration Process
There are three methods to configure static routes on S1.
l This configures IP address of the next hop.
S1(config)#ip route 140.1.1.0 255.255.255.0 10.6.1.18
l This configures the local egress interface and the direct next hop.
S1(config)#ip route 140.1.1.0 255.255.255.0 vlan1 10.6.1.18
Configuration on S2:
S2(config)#ip route 140.1.1.0 255.255.255.0 10.9.1.39
1-6
Configuration Check
Use show command to validate configuration.
Validate configuration on S1:
S1(config)#show ip protocol routing network 140.1.1.0
Protocol routes:
status codes: *valid, >best, i-internal, s-stale
If there are multiple paths to the same destination, a router can be configured with multiple
static routes with different administrative distances. However, routing table only displays
information about route with minimum distance because when router is informed of multiple
competition sources to a network, route with minimum administrative distance takes the
precedence.
Parameter <distance-metric> in static route configuration command about IP route can be
used to change administrative distance value of a static route. Supposing there are two
different routes from S1 to network section 140.1.1.0/24, the configuration is as follows:
S1(config)#ip route 140.1.1.0 255.255.255.0 10.6.1.18
S1(config)#ip route 140.1.1.0 255.255.255.0 10.6.1.1 20
Above commands are used to configure two different static routes arriving to the same
network segment. The first command does not configure administrative distance, so
default value “1” is used. The second command configures administrative distance of 20.
Since administrative distance of the first route is less than that of the second route, only
information about first route appears in routing table. That is, the switch sends packets to
destination network segment 140.1.1.0/24 through next-hop address 10.6.1.18 only. The
second route appears in routing table only when the first route fails and disappears from
the routing table. The two static routes can not have the same tag value, which go to the
same destination network but their next-hop is different.
Use show command to view on S1:
S1(config)#show ip protocol routing network 140.1.1.0
Protocol routes:
status codes: *valid, >best, i-internal, s-stale
1-7
As shown in Figure 1-3, S2 connects to two network segments 10.9.1.0/24 and 10.3.1.0/24.
If S1 wants to access these two network segments, it needs to have two static routes.
When there are lots of routes in routing table, people can use summary static route to
optimize S1's routing table.
Configuration Thought
Configure a static route whose destination address is 10.0.0.0 on S1. All the packets
transmitted to destination network segment 10.0.0.0/8 pass through 10.6.1.18. That is
to say, all the packets which destination address is 10.0.0.0/8 (sub networks 10.3.1.0/24
and 10.9.1.0/24) are sent to 10.6.1.18. In this way, multiple static routes with the same
destination can be summarized to a static route, which can optimize routing table.
Configuration Process
Configuration on S1:
S1(config)#ip route 10.0.0.0 255.0.0.0.0 10.6.1.18
Configuration Check
Use show command to view on S1:
1-8
Configuration Thought
Default route configuration is completely the same as static route configuration and only
difference is that the network part and subnet mask part are all 0.0.0.0.
Configuration Process
Configuration on S1:
S1(config)#ip route 0.0.0.0 0.0.0.0 10.6.1.18
Configuration Check
Use show to view S1 routing table.
S1#show ip protocol routing
Protocol routes:
status codes: *valid, >best, i-internal, s-stale
1-9
Here, if the next hop is configured as null interface, the route is black hole route.
Configuration on S1:
S1(config)#ip route 0.0.0.0 0.0.0.0 null1
Default route is not always a static route. It also can be routes of other protocols, such
as Border Gateway Protocol (BGP), Routing Information Protocol (RIP) and so on. When
default route is used in routing protocol configuration, default route varies with routing
protocols.
If default route is configured on a router where RIP runs, the RIP will advertise the default
route to its neighbor, and even route redistribution is not needed in RIP domain.
For BGP protocol, a router where the BGP runs will not inject the default route into its
neighbor automatically. For BGP to send the default route to BGP domain, the command
default-information-originate has to be used first, and then redistribute default route.
1-10
2-1
2-2
3. When the switch which sends request receives the response message, it will process
the route update message information containing in response message.
l For an new route entry, the router adds the new route and IP address of the ad-
vertised router to its routing table.
l For an existent RIP route, the router replaces the original route entry only when
the new route has less hop count.
1. Enabling RIP
3 ZXR10(config-rip)#output-delay < packets>< delay> This sets the delay time for
sending RIP update packets.
2-3
Parameter Description
<update> The interval for sending update, the unit is second, the
range is 1-65535, and the default value is 30 seconds.
Parameter Description
Configuration Example
ZXR10(config)#router rip
ZXR10(config-rip)#timers basic 5 15 15 30
ZXR10(config-rip)#output-delay 500 10
2-4
2-5
4 ZXR10(config-if)#ip rip authentication key <key> This sets the key for interface
plain text authentication.
The length of key is 1-16
characters.
To configure RIP packet MD5 authentication mode, perform the following steps.
Parameter Description
2-6
It is suggested that users do not change the default state of split horizon unless to
ensure to advertise route correctly. If the split horizon is disabled on serial port (and
the port connects to packet switching network), then those of all the related routers
and access servers have to be disabled.
4. Configuring route redistribution
To redistribute routes from a routing domain to RIP routing domain, perform the
following steps.
Parameter Description
metric <metric-value> Specifies the route metric to introduce the route. If it is not
specified, the default-metric is used. Its range is 1-16.
route-map <map-tag> The name of the route map for redistribution, 1-31
characters.
To specify RIP version for router receiving or sending packets, use the following
commands.
2-7
To specify the RIP version of packets to be sent or received by an interface, perform the
following commands.
RIP default state specified by version command can be ignored.
Parameter Description
2 The interface only sends RIPv2 packets. Here, broadcast or multicast mode can
be selected.
broadcast The interface send compatible packets to broadcast address. All of routes are natural
networks, and no supernetting route.
multicast The interface sends RIPv2 packets to multicast address. By using auto-summary,
sub network route can be sent.
2-8
Command Function
ZXR10(config)#show ip rip database [vrf <vrf-name>][network This shows the route entries
<ip-address>[mask <net-mask>]] generated by RIP.
ZXR10(config)#show ip rip networks [vrf <vrf-name>] This shows information of all RIP
interfaces.
Parameter Description
This example shows what will be displayed after show ip rip is used.
ZXR10#show ip rip
router rip
auto-summary
default-metric 1
distance 120
validate-update-source
version 2
flash-update-threshold 5
maximum-paths 1
output-delay 5 100
timers basic 30 180 180 240
network
10.0.0.0 0.255.255.255
2-9
default-metric This sets the default metric value for redistributing the routes
generated by other protocol to RIP routes.
Use no to restore the default value of 1.
This command can be used with redistribute command
together to make route selection protocol use the same
metric value for all redistributed routes.
Default metric helps to solve the route redistribution problem
caused by routes adopting different metric values. It can
provide a reasonable alternative method to ensure that the
redistribution can be performed successfully.
validate-update-source This enables the function that check the validity of source IP
address of the received RIP updating packet.
Use no to disable this function.
This command shows what will be displayed after show ip rip database is used.
ZXR10(config)#show ip rip database
Routes of rip:
h : is possibly down,in holddown time
2-10
InstanceID Instance number, only valid for OSPF instance and IS-IS
instance
Time It shows the existing time and timer state of the route.
This example shows what will be displayed after show ip rip interface is used.
ZXR10(config-rip)#show ip rip interface vlan1
vlan1 ip address:137.1.1.2/24 rip is enabled
receive version 1 2
send version 2
split horizon is effective
poison reverse is effective
send subnet only is ineffective
notify default unset
originate default unset
neighbor restrict is ineffective
interface is nomoral
authentication type:none
2-11
send subnet only This shows that after this command is used, the interface
only sends the information of the route which belongs to the
same sub network with itself, and it blocks the information of
the route which belongs to other sub network.
It applies to such a case that the lower router sends route
information to upper router. Only the information of local sub
network needs to be advertised. In this way, the route traffic
can be reduced a lot.
notify default The route entry sent by interface contains default route.
For parameter only, that means the route entry sent by
interface only contains default route.
This example shows what will be displayed after show ip rip neighbors is used.
ZXR10#show ip rip neighbors
neighbor address interface
10.1.1.15 vlan2
2-12
Configuration Thought
1. Configure interface IP addresses.
2. Configure RIP.
3. Enable RIP configurations on interfaces.
4. Test configuration result to make sure that neighborhood is established between S1
and S2. S1 and S2 can learn the routes advertised by the peer between each other.
Configuration Process
Configuration on S1:
S1(config)#interface vlan10
S1(config-if)#ip address 192.168.1.1 255.255.255.0
S1(config-if)#exit
S1(config)#interface vlan20
S1(config-if)#ip address 10.1.0.1 255.255.0.0
S1(config-if)#exit
S1(config)#router rip
S1(config-rip)#network 192.168.1.1 0.0.0.255
S1(config-rip)#network 10.1.0.1 0.0.255.255
S1(config-rip)#exit
Configuration on S2:
S2(config)#interface vlan10
S2(config-if)#ip address 192.168.1.2 255.255.255.0
S2(config-if)#exit
S2(config)#interface vlan20
2-13
Configuration Check
After the configuration is finished, the following information needs to be displayed, that
indicates the neighborhood is established between S1 and S2, and they can learn routes
between each other.
Use show running-config rip on S1 to inspect whether RIP configuration is correct.
S1(config-rip)#show running-config rip
router rip
network 192.168.1.0 0.0.0.255
network 10.1.0.0 0.0.255.255
interface vlan10
$
interface vlan20
$
!
2-14
interface vlan10
$
!
2-15
2-16
OSPF Basic
An OSPF switch generates the routing table by setting up a link state database. The link
state databases of all OSPF switchs must be the totally same. Link state database is built
according to Link State Advertisements (LSAs) which are generated by all switchs and
spread over the whole OSPF network. There are many types of LSAs, and a complete
LSA set shows an accurate distribution diagram over the whole network.
3-1
OSPF Algorithm
OSPF uses cost as the metric. The cost is distributed to each port of a switch. A port
calculates the cost based on 100 M benchmark by default. The path cost to a particular
destination is the total cost of all links between the switch and the destination.
To generate a routing table by using LSA database, a switch runs the Dijkstra SPF
algorithm to construct the shortest path tree. switch is the root of the path tree. The
Dijkstra algorithm calculates the a path with the lowest cost to any node on the network.
switch saves the routes of the paths in the routing table.
Compared to RIP, OSPF does not simply broadcast all its routing information regularly.
An OSPF switch uses hello packets to keep the neighborhood. When a switch does not
receive any hello packets from a neighbor within a period of time (dead-interval), then it
will consider that the neighbor is not already alive.
OSPF routes are incrementally updated. switch sends the update information only when
topology changes. When the age of an LSA reaches 1800 seconds (LSA updating interval,
LSRefreshTime), switch sends an LSA updating packet.
3-2
2. Router dead-interval
The router dead-interval refers to the waiting time from the router receiving the last
hello packet to the router detecting that the neighbor is offline. The default router
dead-interval is four times of HELLO packet sending interval, which is applicable to all
network types.
3. Poll Interval
Poll interval only applies to NBMA network.
OSPF Neighbors
OSPF neighbors are a group of routers belonging to the same network. These routers
stipulate some configuration parameters. The routers must be neighbors to form
adjacency. To form adjacency, the routers have to be neighborhood.
Routers analyze their HELLO packets to make sure that the required parameters are
stipulated when they want to form neighborhood. The following parameters have to be
consistent so that the adjacent routers can set up neighborhood, area ID, area flag,
authentication information, HELLO packet sending interval and router dead interval.
Adjacency and DR
When two routers form an adjacency, they can exchange routing messages. Whether two
routers can form an adjacency depends upon network type connected to routers. The
network type of the connecting router decides whether two routers can form adjacency.
l There are only two routers in point-to point network or virtual links. The two routers
have to exchange the related routing information, so they can form an adjacency
automatically. A point-to-multipoint network can be regarded as a set of point-to-point
networks, so an adjacency is formed between each pair of routers.
l In a broadcast or an NBMA network, an adjacency may not be formed between two
neighbors. If adjacencies are already established among all routers (the number
of routers is "n" for example) on a network, each router will have "(n-1)" adjacent
connections and the network will have "n×(n-1)/2" adjacent connections.
In a large multi-access network, the router will be too heavy traffic if every one needs to
trace so many adjacent connections. Furthermore, the exchanging of routing information
between each adjacent routers wastes lots of network bandwidths.
Since a large multi-access network has a mass of redundancy information, OSPF defines
a DR and a BDR. The DR and BDR must form an adjacency with each OSPF router on
network. Each OSPF router only forms an adjacent relationships with DR and BDR. All
routers only send routing information to DR, and DR sends the information to other routers
in the same network segment. The two routers (neither DR nor BDR) do not establish an
adjacency between each other and neither will they exchange routing information. If the
DR stops working, the BDR will become a DR.
3-3
OSPF Area
To reduce the information size that each router stores and maintains and shield the range
that network changing influences on, OSPF divides a network into some minor parts.
Each router must have the complete information of the area where it locates. Area
Border Router (ABR) is used to transmit routing information between different areas. The
information is shared by areas. The routing information can be filtered on area edge,
which reduces the routing information stored in routers.
An area is identified with 32-bit unsigned number. Area 0 is reserved to identify backbone
network, and all other areas must be connected to area 0. The backbone area of OSPF
network has to be continuous. Routers can be one or multiple of the following types
according to its tasks in the area, as shown in Figure 3-1.
l Internal router
All interfaces of the router belong to the same OSPF area. An internal router only
generates a Router LSA and saves a Link-state Database (LSDB).
3-4
l Backbone router
A router that its one interface belongs to area 0 at least.
l ABR
A router that its one interface belongs to area 0 at least and one interface belongs to
other area at least.
All ABRs are backbone routers.
l Autonomous System Border Routers (ASBR)
The router has other routing protocols, such as static route, interface direct route and
RIP, IGRP and so on.
The advantages of area division are listed below:
l Since ABR generates LSAs according by using routes in its area after dividing areas,
the routes can be aggregated firstly according to the rule of IP addresses, and then
generate LSAs. In this way, the number of LSAs is reduced a lot in AS.
l After the area is divided, the changing of network topology is synchronized in the area
firstly. If the changing influences on the aggregated route, ABR will notify the changing
to other areas. In this way, most of topology changings are shielded in the area.
3-5
Summary LSAs are sent out area, which describe some information of a route, such
as the destination address, mask and cost. A Network summary LSA is transmitted
to all areas except the area which generates the LSA.
l Type 4: ASBR summary LSA
The ASBR summary LSA is also generated by an ABR. It describes the route that
goes to the ASBR in the area. The content of ASBR Summary LSA is almost the
same to that of Network summary LSA. The only difference is that the destination
address described by ASBR summary LSA is ASBR (host route, the mask is 0.0.0.0).
A ASBR summary LSA is transmitted to all areas except the area which generates
the LSA.
l Type 5: External LSA of AS
The external LSA of AS is generated by an ASBR. It mainly describes the information
of an route which goes to the external AS. An external LSA of AS contains some
information, such as destination address, mask and cost and so on. External LSA of
AS is an unique type that is independent of area. An external LSA of AS is transmitted
in the whole AS (except STUB area).
l Type 7: External LSA of Not-So-Stubby Area (NSSA)
External LSA of NSSA only applies to NSSA.
l Type 9: Local non-transparent LSA
l Type 10: Area non-transparent LSA
OSPF operation depends on all the routers in one area which share a common link state
database. Therefore, all LSAs are flooded through the area and the processing must be
reliable. A router which receives LSAs from a special area will flood the LSAs to other
interfaces which belong to the i area.
LSAs do not have their own packets, and they are contained in Link state Update (LSU)
packets. A LSU can contain many LSAs.
When a router receives a LSU, it abstracts the LSA from the packet and inputs the LSA to
its database. Meanwhile, the router constructs its own LSU and sends the updated LSU
to its adjacent neighbor router(s).
OSPF uses Link State Acknowledgement (LSAck) to confirm whether each LSA is
successfully received by its neighbor. A LSAck has the header of an acknowledged LSA,
which provides sufficient information for uniquely identifying an LSA.
When a router sends a LSA to an interface, the LSA is recorded in the retransmission
queue of the interface.
The router will wait the maximum time interval to receive the LSAck of LSA. If the router
does not receive the LSAck in the specified time, it will retransmit the LSA.
The router can send the original LSU in unicast or multicast mode, but the retransmitted
LSU is must in unicast mode.
3-6
If the ABR also filters the LSA of type 3 and advertises a default route arriving to an AS
external destination address, the area is called totally stubby area.
Not-So-Stubby Area
A router in a stub area refuses LSAs of type 5, so ASBR is not a part of the stub area.
However, it is hoped that a stub area with an ASBR can be generated. In this way, routers
in the area can receive AS external routes from the ASBR belonging to the same area, but
the external routing information from other areas will be blocked.
To realize such an area, OSPF defines NSSA. In a NSSA, an ASBR generates LSAs of
type 7 instead the LSAs of type 5. The ABR can not send the LSAs of type 7 to other
OSPF areas. On the one hand, it blocks external routes to arrive the NSSA area at the
area border. On the other hand, it converts the LSAs of tyoe 7 into the LSAs of type 5 and
sends them to other areas.
OSPF Authentication
Authentication is used to exchange packets between two OSPF neighbors. The
authentication type should be consistent on the OSPF neighbors. Authentication type is
contained by all packets.
Authentication type "0" indicates no authentication, "1" indicates simple password
authentication and "2" indicates MD5 encryption authentication.
For plain text authentication, an interface only allows a password. The password of each
interface can be different, but the interfaces in a special network must have the same
passwords. The simple password is sent through OSPF packets in plain text mode.
DownBit
When Multiprotocol BGP (MP-BGP) routes are redistributed to OSPF vrf instance to
generate LSAs, the option fields of type-3 and type-5 LSAs must be marked as down bit.
The LSAs are displayed as Downward. This is a method to prevent routing loopback.
3-7
When a PE router detects that a LSA is already marked as down bit, the PE will not
participate in the OSPF route calculation. When OSPF routes are redistributed to BGP,
the LSAs with down bit are not redistributed to be BGP route.
max-metric
Considering the requirements for traffic management and so on, some routers need to act
as the terminal rather than transit points of the route. In order to add the nodes without the
capability of traversing to the network, the max-metric function is used.
For example, a router just restarts, and BGP route does not converge, use the max-metric
router-lsa on-startup wait-for-bgp command to avoid route black hole.
3-8
Configuration Example
Enable the OSPF protocol on S1, S2 and S3, see Figure 3-2.
Router IDs are listed below:
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-9
......
Area 0.0.0.0 enable
Enabled for 00:00:05
Area has no authentication
Times spf has been run 1
Number of interfaces 1. Up 1
The OSPF protocol is enabled and configured on S1. The router ID is the IP address of
interface vlan1.
Run the following commands on S2. To set up an OSPF connection by using the loopback
address, the loopback address needs to be configured first, and then you need to enable
the OSPF process.
S2(config)#interface loopback1
S2(config-if-loopback1)#ip adderss 1.1.1.3 255.255.255.255
S2(config-if-loopback1)#exit
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 30.0.0.2 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#interface vlan20
S2(config-if-vlan20)#ip address 30.0.1.2 255.255.255.252
S2(config-if-vlan20)#exit
S2(config)#router ospf 10
S2(config-ospf-10)#network 30.0.0.0 0.0.0.3 area 0
S2(config-ospf-10)#network 30.0.1.0 0.0.0.3 area 0
S2(config-ospf-10)#exit
Run the following command to check the OSPF information. OSPF selects the IP address
of loopback 1 as the router ID automatically.
S2(config)#show ip ospf
OSPF 10 Router ID 1.1.1.3 enable
Enabled for 00:00:09,Debug on
Number of areas 0, Normal 0, Stub 0, NSSA 0
3-10
Protocol routes:
status codes: *valid, >best, i-internal, s-stale
Dest NextHop RoutePrf RouteMetric Protocol
*> 1.1.1.4/0 192.168.14.2 115 20 isis-l2
*> 30.0.1.0/32 10.10.10.1 0 0 connected
*> 30.0.1.1/16 10.10.10.2 1 0 static
Configuration Example
3-11
Modify the OSPF parameters on interfaces that run the OSPF protocol, see Figure 3-3.
Router IDs are listed below:
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
Enable the OSPF protocol on S1 and S2, and advertise the network segment.
Run the following commands on S1:
S1(config)#interface loopback1
S1(config-if-loopback1)#ip adderss 1.1.1.2 255.255.255.255
S1(config-if-loopback1)#exit
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 30.0.0.1 255.255.255.252
S1(config-if-vlan10)#exit
S1(config)#router ospf 10
S1(config-ospf-10)#network 30.0.0.0 0.0.0.3 area 0
S1(config-ospf-10)#router-id 1.1.1.2
S1(config-ospf-10)#exit
3-12
S1(config)#router ospf 1
S1(config-ospfv2-1)#interface vlan10
S1(config-ospfv2-1-if-vlan10)#hello-interval 20
/*Sets the interval for sending HELLO packets on the
specified interface to 20 seconds.*/
S1(config-ospfv2-1-if-vlan10)#dead-interval 80
/*Sets the duration for considering a neighbor to be dead
to 80 seconds.*/
S1(config-ospfv2-1-if-vlan10)#retransmit-interval 10
/*Sets the interval for retransmitting LSA to 10 seconds.*/
S1(config-ospfv2-1-if-vlan10)#retransmit-delay 2
/*Sets the delay for transmitting a link state update
packet to 2 seconds.*/
S1(config-ospfv2-1-if-vlan10)#cost 10
/*Sets the cost to 100.*/
S1(config-ospfv2-1-if-vlan10)#priority 10
/*Sets the interface priority to 10.*/
3-13
Parameter Description
Configuration Example
Configure the authentication function on OSPF interfaces of S1 and S2, see Figure 3-4.
Router IDs are listed below.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
In area 0, establish OSPF neighborhood between S1 and S2. In area 1, establish OSPF
neighborhood between S2 and S3.
Run the following commands on S1:
S1(config)#interface loopback1
S1(config-if-loopback1)#ip adderss 1.1.1.2 255.255.255.255
S1(config-if-loopback1)#exit
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 30.0.0.1 255.255.255.252
S1(config-if-vlan10)#exit
3-14
S1(config)#router ospf 10
S1(config-ospf-10)#router-id 1.1.1.2
S1(config-ospf-10)#network 30.0.0.0 0.0.0.3 area 0
S1(config-ospf-10)#exit
Enable the plain text authentication function on interfaces that belong to area 0, and set
the authentication password to zte.
Run the following commands on S1:
S1(config)#router ospf 10
S1(config-ospf-10)#area 0 authentication
S1(config-ospf-10)#interface vlan1
S1(config-ospf-10-if-vlan1)#authentication
S1(config-ospf-10-if-vlan1)#authentication-key zte
S1(config-ospf-10-if-vlan1)#exit
3-15
S2(config-ospf-1)#exit
S2(config-ospf-1)#interface vlan20
S2(config-ospf-1-if-vlan20)#authentication
S2(config-ospf-1-if-vlan20)#authentication-key zte
S2(config-ospf-1-if-vlan20)#exit
To check whether the authentication function is effective in area 0, run the show ip ospf
command.
S2(config)#show ip ospf
OSPF 10 Router ID 1.1.1.2 enable
Enabled for 02:37:38,Debug on
Number of areas 1, Stub 0, Transit 0
......
Area 0.0.0.0 enable
Enabled for 02:37:38
Area has simple password authentication
Times spf has been run 32
Number of interfaces 1. Up 1
Number of ASBR local to this area 0
Number of ABR local to this area 1
......
Enable the MD5 authentication function on interfaces that belong to area 1. The key ID is
1, and the authentication password is zte.
Run the following commands on S2:
S2(config)#router ospf 10
S2(config-ospf-10)#area 1 authentication message-digest
S2(config-ospf-10)#interface vlan20
S2(config-ospf-10-if-vlan20)#authentication message-digest
S2(config-ospf-10-if-vlan20)#message-digest-key 1 md5 zte
S2(config-ospf-10-if-vlan20)#exit
Run the following command on S3 to check the information of the OSPF interface. The
result shows that the authentication mode is MD5.
S3(config)#show ip ospf interface vlan10
OSPF Router with ID (1.1.1.4) (Process ID 10)
vlan1 is up
3-16
To configure an OSPF stub area on the ZXR10 5900E, perform the following steps:
Parameter Description
default-cost <cost> Cost of the default route advertised to a stub area. Range:
0-65535.
Configuration Example
Set area 1 to a stub area, see Figure 3-5.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-17
S2(config)#interface loopback1
S2(config-if-loopback1)#ip adderss 1.1.1.3 255.255.255.255
S2(config-if-loopback1)#exit
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 30.0.0.2 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#interface vlan20
S2(config-if-vlan20)#ip address 30.0.1.1 255.255.255.252
S2(config-if-vlan20)#exit
S2(config)#router ospf 10
S2(config-ospf-10)#router-id 1.1.1.3
S2(config-ospf-10)#network 30.0.0.0 0.0.0.3 area 0
S2(config-ospf-10)#network 30.0.1.0 0.0.0.3 area 1
S2(config-ospf-10)#area 1 stub
S2(config-ospf-10)#exit
3-18
S3(config)#interface loopback1
S3(config-if-loopback1)#ip adderss 1.1.1.4 255.255.255.255
S3(config-if-loopback1)#exit
S3(config)#interface vlan10
S3(config-if-vlan10)#ip address 30.0.1.2 255.255.255.252
S3(config-if-vlan10)#exit
S3(config)#router ospf 10
S3(config-ospf-10)#router-id 1.1.1.4
S3(config-ospf-10)#network 30.0.1.0 0.0.0.3 area 1
S3(config-ospf-10)#area 1 stub
S3(config-ospf-10)#exit
To configure area 1 as a totally stubby area, run the following commands to modify the
configurations on S2:
S2(config)#router ospf 10
S2(config-ospf-10)#area 1 stub no-summary
S2(config-ospf-10)#exit
3-19
Parameters Description
metric <metric-value> Cost for advertising a default LSA of type 7. Value: A 24-bit
integer, ranging from 1 to 16777214.
metric-type <type> Type of a default route LSA of type 7: ext-1 and ext-2.
Configuration Example
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-20
3-21
S3(config)#interface loopback1
S3(config-if-loopback1)#ip adderss 1.1.1.4 255.255.255.255
S3(config-if-loopback1)#exit
S3(config)#interface vlan10
S3(config-if-vlan10)#ip address 30.0.1.2 255.255.255.252
S3(config-if-vlan10)#exit
S3(config)#router ospf 10
S3(config-ospf-10)#router-id 1.1.1.4
S3(config-ospf-10)#network 30.0.1.0 0.0.0.3 area 1
S3(config-ospf-10)#redistribute connected
S3(config-ospf-10)#area 1 nssa
S3(config-ospf-10)#exit
To prevent routing messages of type 3 from being advertised to the NSSA area, run the
following commands to modify the configurations on S2:
S2(config)#router ospf 10
S2(config-ospf-10)#area 1 nssa default-information-originate no-summary
Parameter Description
cost <cost-value> Metric for the range. Set the metric for the aggregation LSA.
Range: 1-16777214.
3-22
Configuration Example
Configure the OSPF protocol on S1, S2 and S3. S2 operates as the ABR. Configure route
aggregation on S2, see Figure 3-7.
Router IDs are listed below.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-23
S2(config)#interface loopback1
S2(config-if-loopback1)#ip adderss 1.1.1.3 255.255.255.255
S2(config-if-loopback1)#exit
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 30.0.0.1 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#interface vlan20
S2(config-if-vlan20)#ip address 30.0.1.1 255.255.255.252
S2(config-if-vlan20)#exit
S2(config)#router ospf 1
S2(config-ospf-1)#router-id 1.1.1.3
S2(config-ospf-1)#network 30.0.0.0 0.0.0.3 area 1
S2(config-ospf-1)#network 30.0.1.0 0.0.0.3 area 0
S2(config-ospf-1)#exit
After the configuration, run the following command to check the routing table. Routes not
aggregated are displayed.
S3#show ip forwarding route
IPv4 Routing Table:
Dest Gw Interface Owner pri metric
1.1.1.2 30.0.1.1 vlan10 ospf 110 20
1.1.1.4 1.1.1.4 loopback1 address 0 0
2.2.2.0 30.0.1.1 vlan10 ospf 110 20
2.2.2.4 30.0.1.1 vlan10 ospf 110 20
30.0.0.0 30.0.1.1 vlan10 ospf 110 2
30.0.1.0 30.0.1.2 vlan10 direct 0 0
30.0.1.2 30.0.1.2 vlan10 address 0 0
S2(config)#router ospf 1
S2(config-ospf-1)#area 1 range 2.2.2.0 255.255.255.248 summary-link
S2(config-ospf-1)#exit
3-24
The default setting of "area 1 range 2.2.2.2 255.255.255.248 "is advertise. If not-advertise
is chosen, aggregated route of 2.2.2.0 network segment is not displayed on S3, and this
network segment cannot be pinged.
S2(config-ospf-1)#area 1 range 2.2.2.0 255.255.255.248
summary-link not-advertise
S2(config-ospf-1)#exit
S3(config)#show ip forwarding route
IPv4 Routing Table:
Dest Gw Interface Owner pri metric
1.1.1.4 1.1.1.4 loopback1 address 0 0
30.0.0.0 30.0.1.1 vlan10 ospf 110 2
30.0.1.0 30.0.1.2 vlan10 direct 0 0
30.0.1.2 30.0.1.2 vlan10 address 0 0
S3 does not learn the routing information from 2.2.2.0. The aggregated information of
2.2.2.0 still exists in S2 database, but the information is not advertised to other areas.
Configuration Example
Configure the OSPF on S1, S2 and S3. Advertise external routes of S1, and configure
ASBR route aggregation on S1, see Figure 3-8.
3-25
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-26
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 30.0.0.1 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#interface vlan20
S2(config-if-vlan20)#ip address 30.0.1.1 255.255.255.252
S2(config-if-vlan20)#exit
S2(config)#router ospf 1
S2(config-ospf-1)#router-id 1.1.1.3
S2(config-ospf-1)#network 30.0.0.0 0.0.0.3 area 1
S2(config-ospf-1)#network 30.0.1.0 0.0.0.3 area 0
S2(config-ospf-1)#exit
Run the following command to check the S2 routing table. An aggregated network segment
2.2.2.0/29 exists in the routing table.
S2(config)#show ip forwarding route
IPv4 Routing Table:
Dest Gw Interface Owner pri metric
1.1.1.2 30.0.0.2 vlan10 ospf 110 20
1.1.1.3 1.1.1.3 loopback1 address 0 0
2.2.2.0 30.0.0.2 vlan10 ospf 110 20
30.0.0.0 30.0.0.1 vlan10 direct 0 0
30.0.0.1 30.0.0.1 vlan10 address 0 0
30.0.1.0 30.0.1.1 vlan20 direct 0 0
30.0.1.1 30.0.1.1 vlan20 address 0 0
3-27
Configuration Example
Enable OSPF on S1 and S2, enable route load balancing between S1 and S2, and
configure the maximum number of routes that can be supported by OSPF when the load
is shared in balanced mode to two.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
3-28
S1(config-ospf-1)#exit
Run the following command to check the routing table of S1. Two OSPF routes 2.2.2.4/30
with the same destinations are displayed.
S1(config)#show ip forwarding route
IPv4 Routing Table:
Dest Gw Interface Owner pri metric
1.1.1.2 1.1.1.2 loopback1 address 0 0
2.2.2.0 2.2.2.2 vlan30 direct 0 0
2.2.2.2 2.2.2.2 vlan30 address 0 0
2.2.2.4 30.0.1.2 vlan20 ospf 110 2
2.2.2.4 30.0.0.2 vlan10 ospf 110 2
30.0.0.0 30.0.0.1 vlan10 direct 0 0
30.0.0.1 30.0.0.1 vlan10 address 0 0
30.0.1.0 30.0.1.1 vlan20 direct 0 0
30.0.1.1 30.0.1.1 vlan20 address 0 0
3-29
Parameter Description
metric <metric-value> Metric value of the redistributed LSA. By default, use the
default metric. Range: 1-16777214.
metric-type <type> Metric-type of the redistributed LSA. Value: ext-1 and ext-2.
By default, it is ext-2.
Configuration Example
Redistribute RIP routes in area 0, see Figure 3-10.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
3-30
3-31
S3(config)#interface vlan20
S3(config-if-vlan20)#ip address 30.0.2.1 255.255.255.252
S3(config-if-vlan20)#exit
S3(config)#interface loopback1
S3(config-if-loopback1)#ip address 2.2.2.1 255.255.255.0
S3(config-if-loopback1)#exit
S3(config)#router rip
S3(config-rip)#network 30.0.1.0 0.0.0.3
S3(config-rip)#network 30.0.2.0 0.0.0.3
S3(config-rip)#network 2.2.2.0 0.0.0.255
S3(config-rip)#exit
3-32
Parameter Description
metric-type <type> Type of the default route. Value: ext-1 and ext-2, default:
ext-2.
route-map <map-tag> Name of the route map for generating the default route.
Length: 1-16 characters.
3-33
Parameter Description
<area-id> ID of the area through which the virtual link transits. The area
cannot be a stub area, an NSSA area, or area 0.
hello-interval <seconds> Interval (second) for sending HELLO packets on the virtual
link. Range: 1-8192, default: 10.
transmit-delay <seconds> Time delay (section) for transmitting a link state update
packet on the virtual link. Range: 1-8192, default: 1.
Configuration Example
Establish a virtual link between the interconnected interfaces of S2 and S3, see Figure
3-11.
Router IDs are listed below.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-34
3-35
Configuring Sham-link
Because the priority of an OSPF route is higher than that of a BGP route, an OSPF private
route is usually the first choice if both a public network route and an OSPF private network
route are available. However, comparing with the public network route, the private network
route is not suitable for carrying a large flow because its bandwidth is smaller. Therefore,
a mechanism is required to enable the public network to share the private network flow.
The public and private network can be selected flexibly to carry the flow.
As shown in Figure 3-12, S1 and S2 are in the same area. There are two types of LSAs
learnt by S1 when it accesses S2. One is LSAs of type 3 advertised by a PE router, another
is LSAs of type 1 flooded by area 0. In accordance with the OSPF route selection policy,
the route calculated by LSAs of type 1 is optimal, so the OSPF private network route is
selected. Sham-link is configured to enable the public network to share the flow.
3-36
Parameter Description
Configuring max-metric
To configure max-metric on the ZXR10 5900E, perform the following steps:
3-37
Command Function
3-38
Command Function
3-39
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
Domain ID type 0x5,value 0.0.0.1 The domain ID type is 0x5, and the value is 0.0.0.1.
Number of areas 2, Normal 2, Stub There are two areas: two normal areas, 0 stub area, and 0
0, NSSA 0 NSSA area.
The following is sample output from the show ip ospf interface command:
ZXR10(config)#show ip ospf interface
OSPF Router with ID (100.100.100.14) (Process ID 1)
vlan1 is up
Internet Address 100.100.100.14 255.255.255.0 enable
Up for 00:17:51
In the area 0.0.0.0 DR
Cost 1, Priority 1, Network Type broadcast
Transmit Delay(sec) 1, Authentication Type null
Timer intervals(sec) : Hello 10, Dead 40, Retransmit 5
Designated Router (ID) 100.100.100.14, Interface address 100.100.100.14
Backup Designated router (ID) 100.1.1.2, Interface address 100.100.100.12
Number of Neighbors 1, Number of Adjacent neighbors 1
100.1.1.2 BDR
vlan2 is up
Internet Address 1.1.1.1 255.255.255.0 enable
Up for 00:16:25
In the area 0.0.0.1 DR
Cost 1, Priority 1, Network Type broadcast
Transmit Delay(sec) 1, Authentication Type null
Timer intervals(sec) : Hello 10, Dead 40, Retransmit 5
Designated Router (ID) 100.100.100.14, Interface address 1.1.1.1
Backup Designated router (ID) 100.1.1.2, Interface address 1.1.1.10
Number of Neighbors 1, Number of Adjacent neighbors 1
100.1.1.2 BDR
For a description of the parameters in the execution result, refer to the following table:
3-40
Parameter Description
Timer intervals(sec) : Hello 10, Dead The interval for sending Hello packets is 10 seconds, the
40, Retransmit 5 duration for considering a neighbor to be dead is 40 seconds,
and the interval for retransmitting LSAs is 5 seconds.
The following is sample output from the show ip ospf database command:
ZXR10#show ip ospf database
OSPF Router with ID (110.1.1.1) (Process ID 1)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# Checksum Link count
110.1.1.1 110.1.1.1 3 0x80000002 0x3dbe 1
Summary Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# Checksum
112.1.1.0 110.1.1.1 6 0x80000001 0xd99f
168.1.0.0 110.1.1.1 6 0x80000001 0xff43
Summary ASB Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# Checksum
168.1.1.3 110.1.1.1 6 0x80000001 0xc875
Router Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq# Checksum Link count
110.1.1.1 110.1.1.1 3 0x80000025 0xf8f8 1
168.1.1.3 168.1.1.3 61 0x80000005 0x70e 2
Net Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq# Checksum
168.1.1.1 110.1.1.1 1183 0x80000002 0x9787
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
113.1.0.0 168.1.1.3 48 0x80000001 0xa0dd 0
111.1.0.0 110.1.1.1 272 0x80000001 0x4ae3 3489660928
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
Link ID LSA ID
Checksum -
3-41
The following is sample output from the show ip ospf database router command:
ZXR10#show ip ospf database router
OSPF Router with ID (110.1.1.1) (Process ID 1)
Router Link States (Area 0.0.0.1)
Routing Bit Set on this LSA
LS age: 1700
Options: (No TOS-capability, No DC)
LS Type: Router Links
Link State ID: 110.1.1.1
Advertising Router: 110.1.1.1
LS Seq Number: 0x8000001f
Checksum: 0xf9e7
Length: 36
Number of Links: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 110.1.0.0
(Link Data) Network Mask: 255.255.0.0
Number of TOS metrics: 0
TOS 0 Metrics: 1
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
Link State ID -
Advertising Router -
Checksum -
Length -
The following is sample output from the show ip ospf database network command:
ZXR10#show ip ospf database network
OSPF Router with ID (110.1.1.1) (Process ID 1)
Net Link States (Area 0.0.0.1)
Routing Bit Set on this LSA
LS age: 789
Options: (No TOS-capability, No DC)
LS Type: Network Links
Link State ID: 168.1.1.1 (Address of Designated Router)
Advertising Router: 110.1.1.1
LS Seq Number: 0x80000002
Checksum: 0x9787
3-42
Length: 32
Network Mask: /16
Attached Router: 110.1.1.1
Attached Router: 168.1.1.3
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
Link State ID -
Advertising Router -
Checksum -
Length -
The following is sample output from the show ip ospf database summary command:
ZXR10#show ip ospf database summary
OSPF Router with ID (110.1.1.1) (Process ID 1)
Summary Net Link States (Area 0.0.0.0)
LS age: 129
Options: (No TOS-capability, No DC)
LS Type: Summary Links(Network)
Link State ID: 112.1.1.0 (Summary Network Number)
Advertising Router: 110.1.1.1
LS Seq Number: 0x80000001
Checksum: 0xd99f
Length: 28
Network Mask: /24
TOS: 0 Metric: 2
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
Link State ID -
Advertising Router -
Checksum -
Length -
3-43
The following is sample output from the show ip ospf database external command:
ZXR10#show ip ospf database external
OSPF Router with ID (110.1.1.1) (Process ID 1)
Type-5 AS External Link States
LS age: 18
Options: (No TOS-capability, No DC)
LS Type: AS External Link
Link State ID: 111.1.0.0 (External Network Number)
Advertising Router: 110.1.1.1
LS Seq Number: 0x80000001
Checksum: 0x4ae3
Length: 36
Network Mask: /16
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 110.1.1.111
External Route Tag: 3489660928
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
Link State ID LS ID
Advertising Router -
The following is sample output from the show ip ospf database asbr-summary command:
ZXR10#show ip ospf database asbr-summary
OSPF Router with ID (110.1.1.1) (Process ID 1)
Summary ASB Link States (Area 0.0.0.0)
LS age: 68
Options: (No TOS-capability, No DC)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 168.1.1.3 (AS Boundary Router address)
Advertising Router: 110.1.1.1
LS Seq Number: 0x80000001
Checksum: 0xc875
Length: 28
Network Mask: /0
TOS: 0 Metric: 1
For a description of the parameters in the execution result, refer to the following table:
3-44
Parameter Description
Link State ID LS ID
Advertising Router -
Checksum -
Configuration Thought
1. Configure IP addresses of the interconnected interfaces between S1 and S2, and
configure loopback interface IP address.
2. Add interfaces to OSPF area 0.
3. Configure load balancing on both S1 and S2. S1 and S2 can learn the loopback
address route advertised by the peer through two links.
Configuration Process
Configuration on S1:
S1(config)#interface vlan30
S1(config-if-vlan30)#ip address 11.22.1.1 255.255.255.0
S1(config-if-vlan30)#exit
S1(config)#interface vlan40
S1(config-if-vlan40)#ip address 11.22.10.1 255.255.255.0
S1(config-if-vlan40)#exit
S1(config)#interface loopback1
3-45
Configuration on S2:
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 11.22.1.2 255.255.255.0
S2(config-if-vlan10)#exit
S2(config)#interface vlan20
S2(config-if-vlan20)#ip address 11.22.10.2 255.255.255.0
S2(config-if-vlan20)#exit
S2(config)#interface loopback2
S2(config-if-loopback2)#ip address 1.1.1.22 255.255.255.255
S2(config-if-loopback2)#exit
S2(config)#router ospf 1
S2(config-ospf-1)#router-id 32.33.1.1
S2(config-ospf-1)#network 11.22.1.0 0.0.0.255 area 0
S2(config-ospf-1)#network 11.22.10.0 0.0.0.255 area 0
S2(config-ospf-1)#network 1.1.1.22 0.0.0.0 area 0
S2(config-ospf-1)#maximum-paths 2
S2(config-ospf-1)#exit
Configuration Check
The following content will be shown after the configuration above is finished. It shows that
S1 and S2 set up neighborhood already. S1 and S2 ping the loopback interface of the
peer between each other, and the pings are successful. It shows that the configuration is
successful.
S1#show ip ospf neighbor
OSPF Router with ID (1.1.1.32) (Process ID 1)
3-46
Configuration Thought
1. Set up link between S1 and S2 in NSSA area 255, and set up link between S2 and S3
in area 0.
2. Redistribute direct-connected route on S3 and S1 respectively.
3. Configure NSSA default route advertisement on S2.
4. As a result, S1 can not learn the detailed route of S3 address, but there is a default
route pointing to S2. S3 can learn the direct-connected route redistributed by S1.
Configuration Process
Configuration on S1:
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 11.22.1.1 255.255.255.0
S1(config-if-vlan10)#exit
S1(config)#interface loopback1
S1(config-if-loopback1)#ip address 1.1.1.11 255.255.255.255
S1(config-if-loopback1)#exit
3-47
S1(config)#router ospf 1
S1(config-ospf-1)#network 11.22.1.0 0.0.0.255 area 255
S1(config-ospf-1)#area 255 nssa
S1(config-ospf-1)#redistribute connected
S1(config-ospf-1)#exit
Configuration on S2:
S2(config)#interface vlan20
S2(config-if-vlan20)#ip address 11.22.1.2 255.255.255.0
S2(config-if-vlan20)#exit
S2(config)#interface vlan40
S2(config-if-vlan40)#ip address 33.22.1.2 255.255.255.0
S2(config-if-vlan40)#exit
S2(config)#router ospf 1
S2(config-ospf-1)#network 11.22.1.0 0.0.0.255 area 255
S2(config-ospf-1)#area 255 nssa default-information-originate
S2(config-ospf-1)#network 33.22.1.0 0.0.0.255 area 0
S2(config-ospf-1)#exit
Configuration on S3:
S3(config)#interface vlan50
S3(config-if-vlan50)#ip address 33.22.1.1 255.255.255.0
S3(config-if-vlan50)#exit
S3(config)#interface loopback1
S3(config-if-loopback1)#ip address 1.1.1.33 255.255.255.255
S3(config-if-loopback1)#exit
S3(config)#router ospf 1
S3(config-ospf-1)#redistribute connected
S3(config-ospf-1)#exit
Configuration Check
Use show ip forwarding route 1.1.1.33 on S1 to view whether S1 learns the detailed route
of S3.
S1(config)#show ip forwarding route 1.1.1.33
IPv4 Routing Table:
Dest Gw Interface Owner Pri Metric
Use show ip forwarding route 0.0.0.0 on S1 to view whether there is a default route pointing
to S2.
S1(config)#show ip forwarding route 0.0.0.0
IPv4 Routing Table:
Dest Gw Interface Owner Pri Metric
0.0.0.0/0 11.22.1.2 vlan20 OSPF 110 2
Use show ip forwarding route 1.1.1.11 to inspect whether S3 learns the detailed route of
S1.
3-48
Configuration Thought
1. PE1 and CE1 establish OSPF neighbor relationship.
2. PE2 and CE1 establish OSPF neighbor relationship.
3. PE2 should not learn the link-state information related to vpn1.
Configuration Process
Configuration on PE1:
3-49
PE1(config)#interface loopback1
PE1(config-if-loopback1)#ip vrf forwarding vpn1
PE1(config-if-loopback1)#ip address 1.1.1.17 255.255.255.255
PE1(config-if-loopback1)#exit
PE1(config)#interface vlan1
PE1(config-if-vlan1)#ip vrf forwarding vpn1
PE1(config-if-vlan1)#ip address 100.101.102.17 255.255.255.0
PE1(config-if-vlan1)#exit
PE1(config)#router ospf 1 vrf vpn1
PE1(config-ospf-1)#network 1.1.1.17 0.0.0.0 area 0
PE1(config-ospf-1)#network 100.101.102.0 0.0.0.255 area 0
PE1(config-ospf-1)#exit
Configuration on CE1:
CE1(config)#interface loopback1
CE1(config-if-loopback1)#ip address 1.1.1.18 255.255.255.255
CE1(config-if-loopback1)#exit
CE1(config)#interface loopback2
CE1(config-if-loopback2)#ip address 2.2.2.18 255.255.255.255
CE1(config-if-loopback2)#exit
CE1(config)#interface vlan2
CE1(config-if-vlan2)#ip address 100.101.102.18 255.255.255.0
CE1(config-if-vlan2)#exit
CE1(config)#interface vlan3
CE1(config-if-vlan3)#ip address 100.102.102.18 255.255.255.0
CE1(config-if-vlan3)#exit
CE1(config)#router ospf 1
CE1(config-ospf-1)#network 1.1.1.18 0.0.0.0 area 0
CE1(config-ospf-1)#network 100.101.102.0 0.0.0.255 area 0
CE1(config-ospf-1)#exit
CE1(config)#router ospf 2
CE1(config-ospf-2)#network 2.2.2.18 0.0.0.0 area 0
CE1(config-ospf-2)#network 100.102.102.0 0.0.0.255 area 0
CE1(config-ospf-2)#exit
Configuration on PE2:
PE2(config)#interface loopback1
PE2(config-if-loopback1)#ip vrf forwarding vpn2
PE2(config-if-loopback1)#ip address 1.1.1.19 255.255.255.255
PE2(config-if-loopback1)#exit
PE2(config)#interface vlan4
PE2(config-if-vlan4)#ip vrf forwarding vpn2
PE2(config-if-vlan4)#ip address 100.102.102.17 255.255.255.0
PE2(config-if-vlan4)#exit
PE2(config)#router ospf 1 vrf vpn2
3-50
Configuration Check
CE1 can learn the looback1 route advertised by PE1 and the loopback1 route advertised
by PE2. PE2 and PE1 cannot learn routes from each other. This indicates that the
multi-instance configuration takes effect.
CE1#show ip forwarding route ospf
IPv4 Routing Table:
Dest Gw Interface Owner Pri Metric
1.1.1.17/32 100.101.102.17 vlan2 ospf 110 2
1.1.1.18/32 100.102.102.17 vlan3 ospf 110 2
3-51
3-52
IS-IS routers uses LSA to exchange routing information, set up and maintain link state
database. A LSP indicates the important information related to a router, including the area
and the connected network. SNP is used to ensure that LSPs can be transmitted reliably.
SNP contains the summary information of every LSP on the network. When a router
receives a SNP, it compares the SNP with its link state database. If the router loses a
4-1
LSP existing in the SNP, it will send a SNP in multicast mode to ask for the required LSP
from other routers on the network.
By using LSPs in conjunction with SNPs, IS-IS protocol can interact routes reliably on a
large network.
Likewise, IS-IS protocol also uses the Dijkstra SPF algorithm to calculate routes. Based
on the link state database, it uses the SPF algorithm to calculate the optimal route and
then adds the route to IP routing table.
l Area partition
The IS-IS dynamic route protocol uses a layered topology architecture. The network
consists two layers to reduce the load of the router. This architecture can better meet
the requirements of large scale network applications. For the architecture, see Figure
4-1.
The IS-IS architecture consists of two layers: L1 and L2. The L2 layer consists of L2
routers. It operates as the backbone network. The L1 layer consists of L1 routers and
L1/L2 routers. It operates as a non-backbone network. L1 routers can only exchange
routing information with L1 routers and L1/L2 routers in this area.
4-2
The IDP is defined by the ISO. It consists of the Authority and Format Identifier (AFI)
and the Initial Domain Identifier (IDI). AFI refers to the address allocation organization
and the address format. The IDI is used to identify the domain.
The DSP consists of the High Order DSP, SystemID and the SEL.
The length of the IDP and the DSP can be changed. The NSAP can be up to 20 bytes
in length and at least 8 bytes. The system ID identifies a unique host or a router in an
area. Its length is 48 bit (6 bytes) invariably. The SEL (NSAP Selector, sometimes it is
4-3
The IIH PDU sent by router RTA carries the type 240 TLV, in which, the neighbor's
three states are saved. When router RTB receives the packet, it confirms the next
neighbor state according to the state of its neighbor and the neighbor state in the TLV.
For the state changes, refer to Table 4-1.
- Down Init Up
4-4
Init Init Up Up
To create a neighbor for L1, the intermediate system receives a L1 LAN IIH PDU
packet on the broadcast address AllL1ISs. It compares every area address in the
received IIH PDU with the locally configured area address. If the area addresses do
not match each other, the neighbor cannot be created.
When the intermediate system receives a LAN IIH PDU packet, it checks whether the
neighbor already exists in its neighbor database.
à The neighbor's MAC is similar to the MAC source address in the PDU.
à The neighbor system ID is consistent with that of the PDU.
à The neighbor types are also consistent with each other.
If the above conditions are complied with, the neighbor exists, and the intermediate
system updates the timer, priority, and neighbor area addresses according to the
values in the PDU. If the above conditions are not complied with, for example, the
MAC addresses are in consistent with each other, this packet is dropped.
If the neighbor type is not consistent with the system ID, this neighbor is considered
to be a new neighbor, and this neighbor is added to the neighbor database. The state
of this neighbor will be set to INIT. The intermediate system then checks the neighbor
TLV carried in the IIH PDU packet. If its MAC address is contained in the neighbor TLV,
the state of the neighbor is set to UP, and an IIH PDU packet is sent. The intermediate
system neighbor TLV of the PDU will carry the MAC address of the neighbor.
After the neighbor receives the IIH PDU packet, it performs the similar operations. If
this neighbor does not exists, the neighbor is added to its neighbor state database
and the state is set to INIT. The intermediate system queries its MAC address in the
IIH PDU packet and sets the state to UP. For the process, see Figure 4-4.
4-5
A DIS is the system that has the highest priority on a broadcast network. If the priorities
of all intermediate systems are the same, the intermediate system with the greatest
MAC address is the DIS. Generally, each network has two DISs: the L1 DIS and the
L2 DIS.
The conditions for electing a DIS are as follows:
à When the IS-IS process is started on a router, the DIS election is performed after
three Hello packets are sent
4-6
It is used to
à acknowledge the received LSP that is flooded on point-to-point links.
à apply for the complete LSP information for synchronizing the database on
broadcast links.
l TLV: Type/Length/Value. Type: Type of a specified field. Length: Length of a specified
field. Value: Information contents.
The TLV is carried in the PDU of the IS-IS, and is used to describe the extendable
fields.
The CSNP and PSNP have the same package format, and carry the LSP abstract
information respectively. The difference between them is that the CSNP advertised
4-7
by a router carries all LSP abstract information that is available in the router link state
database. But the PSNP only carries a subset of the information.
The SRM and the SSN are mainly used for router selection information diffusion and
database synchronization.
l Point-to-point links
The IS-IS protocol uses a reliable flooding mechanism on point-to-point links. On a
point-to-point link, there is only one neighbor router on the opposite end of the link,
and the router uses limited bandwidth to trace acknowledge messages sent by the
neighbor router.
The CSNP simplifies the database synchronization process. When the neighbor
relation between two connected routers is established for the first time, all CSNPs on
the point-to-point link are exchanged. Through comparing the CSNP with the local
database and the database of each neighbor router, the missing or expired LSP can
be confirmed.
Use the PSNP to apply for the missing or the LSP of the current version. If the router
finds that some neighbor routers lack the LSP, the router can flood the LSP. During the
flooding, use the SSN to identify that it is the PSNP that needs to be sent, and use the
SRM to identify that it is the LSP that needs to be sent. When the PSNP acknowledge
packet is received from the peer end, the SRM tag can be cleared. If the acknowledge
packet is not received, the corresponding packet is resent after timeout.
For the example of the diffusion process on point-to-point networks, see Figure 4-6.
The neighbor relation between RTB and RTC is normal, and RTA and RTB establish
the adjacent relation for the first time.
1. The process for establishing the adjacent relation and database synchronization
is as follows:
4-8
2. After the adjacent relation is established between RTB and RTA, the RTA
information is flooded to RTC. The process is as follows:
l Broadcast links
4-9
On broadcast links, LSP is diffused to adjacent routers on layer 1 and layer 2 through
broadcast addresses ALL L1S and ALL L2S. The diffusion on broadcast links does
not require reliable transmission.
Unreliable diffusion requires a mechanism to guarantee database synchronization.
The IS-IS router uses the DIS to broadcast CNSP periodically to implement database
synchronization on broadcast links.
The DIS controls the diffusion and database synchronization on broadcast links. The
IS-IS protocol does not require that the IS-Is routers can only establish adjacent
relation with DIS on broadcast links. After the hello packet is broadcasted and three
times of handshaking, adjacent relation can be established between routers. Three
times of handshaking means that all routers report the detected routers. The CSNP
sent by the DIS is transmitted periodically to ensure that all routers on the LAN
receives a copy. Through comparing the CNSP and that in the link state database,
the missing LSP and new version LSP can be recognized. The router can then send
the PSNP packet to apply for the LSP.
Broadcasting CSNP periodically consumes lots of bandwidth and thus the cost is high.
However, this is a simple reliable transmission policy on a broadcast link. You can
reduce the sending frequency by increasing the sending interval.
RTA and RTB are connected to the link, and RTC is the last router that is connected
to the link. The RTA link state database contains RTA.00-00, RTA.01-00(pseudo lsp),
and RTB.00-00, see Figure 4-7.
1. RTC generates an LSP (RTC.00-00) after RTA establishes the adjacent relation
with RTB. RTC then copies the LSP and saves it to its database. After this, RTC
diffuses another copy to the link through interface 3.
2. RTA that operates as the DIS advertises a CSNP to the link in broadcast mode.
3. After RTC receives the CSNP, it compares the CSNP with that in the local link
state database. It finds that three LSPs are unavailable: RTA.00-00, RTA.01-00,
and RTB.00-00. RTC sends a PSNP to the link to request for the LSPs.
4. RTA sends RTA.00-00, RTA.01-00, and RTB.00-00 in broadcast mode. After RTC
receives the copies, the RTC's database can be synchronized with the RTA's
database.
4-10
Route-leaking
Attatch bit: The RFC1195 defines that if an L1/L2 router in an area is connected with a
router in another area, the L1/L2 router sets the ATT bit in its L1 LSP to inform the L1
router in this area that there is an egress. the L1 router in this area selects the nearest L2
on which the ATT bit is set as the egress of the area, and then a default route is generated.
The L1 router selects the nearest L1/L2 router as the egress of this area, but the nearest
route is not necessarily the optimum route, the second optimum route may be used.
Therefore, the RFC2966 defined the route-leaking. To avoid the use of second optimum
route, the routing information in the backbone area is leaked to the Level–1 area. Using
this method, the common areas also have the routing information of the entire IS-IS route
domain.
For the route-leaking operation, see Figure 4-8.
4-11
4-12
4-13
Parameter Description
< narrow | wide > In narrow mode, six bits are used to carry the metric value.
In wide mode, 24 bits are used to carry the metric value. In
addition, more TLVs can be carried in wide mode.
The range for bringing the metric value in narrow mode is
smaller than that in wide mode. When devices are connected
and form neighbor relations, a topology may fail to be
established because of different metric styles.
Parameter Description
on-start-up { 5-86400 | auto | l 5-86400: After the router is restarted, the OL flag cannot
wait-for-bgp } be set after a period within this range.
l auto: The OL flag cannot be set after databases are
synchronized.
l wait-for-bgp: The OL flag cannot be set after the BGP
is synchronized.
suppress {all | external | interlevel} l all: Suppress the leakage of both external and internal
routes
l external: Suppress the local router to learn redistributed
routes
l interlevel: Suppress the leakage of internal routes
between level-1 and level-2.
4-14
Parameter Description
metric-type <type> Metric type. Value: external and internal. Default, internal.
For a description of the parameters in Step 10, refer to the following table:
Parameter Description
For a description of the parameters in Step 15, refer to the following table:
Parameter Description
4-15
4-16
4-17
4-18
At present, the ZXR10 5900E supports plain text and MD5 authentication modes.
To configure IS-IS authentication on the ZXR10 5900E, perform the following steps:
4-19
1 ZXR10(config)#router isis [process-id][ vrf < vrf-name>] Enters IS-IS route configuration
mode.
4-20
Parameter Description
4-21
To configure IS-IS traffic engineering on the ZXR10 5900E, perform the following steps:
Configuring IS-IS GR
The IS-IS Graceful Restart (GR) function is used to guarantee that the forwarding process
can continue if the corresponding router is restarted. A neighbor router can process
messages when it is restarted. With this function, this process does not result in route
oscillation.
To configure the graceful-restart on the ZXR10 5900E, perform the following steps:
4-22
Parameter Description
Command Function
ZXR10#show isis adjacency [up-time][ level-1 | level-2][process-id Displays the adjacency relations
<process-id>] and the status of current
neighbors.
ZXR10#show isis circuits [detail][process-id]show isis circuits Displays the information about the
[detail][process-id<process-id>] IS-IS interface.
4-23
Command Function
ZXR10#show isis mpls traffic-eng tunnel [process-id<process-id>] Displays the usage of the IS-IS
tunnel.
Parameter Description
The following is sample output from the show isis adjacency command:
ZXR10(config-isis)#show isis adjacency
Process ID: 0
Interface System id State Lev Holds SNPA(802.2) Pri MT
gei-0/1/1/1 3333.3333.3333 UP L1 23 00E0.D021.0205 64
gei-0/1/1/2 3333.3333.3333 UP L2 24 00E0.D021.0203 64
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
The following is sample output from the show isis circuits command:
4-24
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
The following is sample output from the show isis database command:
4-25
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
The following is sample output from the show isis topology command:
ZXR10(config-isis-0)#show isis topology
4-26
Process ID: 0
IS-IS paths to Level-1 routers
System id Metric Next-Hop Interface SNPA
2222.2222.2222 10 2222.2222.2222 vlan1 00E0.D021.0204
3333.3333.3333 --
IS-IS paths to Level-2 routers
System id Metric Next-Hop Interface SNPA
2222.2222.2222 10 2222.2222.2222 vlan2 00E0.D021.0205
3333.3333.3333 --
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
Metric Metric value to the destination IS, "--" indicates itself, "**"
means that the route can not be calculated.
SNPA SNPA address of the next hop. P-P interface flag: "*ppp*".
The following is sample output from the show isis mpls traffic-eng tunnel command:
ZXR10(config)#show isis mpls traffic-eng tunnel
Process ID: 0
state codes: * the only next hop, ** one of next hops,
-not chosen as next hop
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
The following is sample output from the show isis fast-reroute-topology command:
4-27
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
4-28
Configuration Thought
1. Configure IP addresses of interfaces
2. Configure IS-IS protocol
3. Enable IS-IS protocol on interface
4. Test the configuration result. Make sure that S1 and S2 can set up neighborhood
between each other and calculate topology correctly. Make sure that S1 and S2 can
ping the loopback interface of the peer between each other.
Configuration Process
Configuration ON S1:
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 192.168.2.1 255.255.255.0
S1(config-if-vlan10)#exit
S1(config)#interface loopback1
S1(config-if-loopback1)#ip address 192.168.3.1 255.255.255.0
S1(config-if-loopback1)#exit
S1(config)#router isis
S1(config-isis-0)#area 01
S1(config-isis-0)#system-id 00D0.D0C7.5460
S1(config-isis-0)#interface vlan10
S1(config-isis-0-if-vlan10)#ip router isis
S1(config-isis-0-if-vlan10)#exit
S1(config-isis-0)#interface loopback1
S1(config-isis-0-if-loopback1)#ip router isis
S1(config-isis-0-if-loopback1)#exit
Configuration ON S2:
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 192.168.2.2 255.255.255.0
S2(config-if-vlan10)#exit
S2(config)#interface loopback1
S2(config-if-loopback1)#ip address 192.168.6.1 255.255.255.0
S2(config-if-loopback1)#exit
S2(config)#router isis
S2(config-isis-0)#area 01
S2(config-isis-0)#system-id 00D0.D0C7.53E0
S2(config-isis-0)#interface vlan10
S2(config-isis-0-if-vlan10)#ip router isis
S2(config-isis-0-if-vlan10)#exit
S2(config-isis-0)#interface loopback1
S2(config-isis-0-if-loopback1)#ip router isis
S2(config-isis-0-if-loopback1)#end
4-29
Configuration Check
After finishing the configuration above, the following content can be viewed on both S1
and S2. It means that S1 and S2 can set up neighborhood and calculate topology. Ping
the loopback address of the peer on S1 and S2 respectively.
Use show running-config isis on S1 to view whether the IS-IS configuration is correct.
S1(config)#show running-config isis
!
router isis
area 01
system-id 00D0.D0C7.5460
interface vlan10
ip router isis
$
interface loopback1
ip router isis
$
Use show isis adjacency on S1 to view whether the neighborhood is normal. After the
neighborhood is set up, UP will be shown under the field of state.
S1(config)#show isis adjacency
Interface System id State Lev Holds SNPA(802.2) Pri MT
gei-0/1/1/1 00D0.D0C7.53E0 UP/UP L1L2 8/7 0030.3144.5566 64/64
Use show isis topology on S1 to view whether the topology can be calculated correctly. If
the topology is calculated correctly, the following entry can be viewed on the command
output. If "–" is shown under the field of metric, it means the local router. If "**" is shown
under the field of metric, it means inaccessible.
S1(config)#show isis topology
IS-IS paths to Level-1 routers
System id Metric Next-Hop Interface SNPA
00D0.D0C7.53E0 10 00D0.D0C7.53E0 vlan10 0030.3144.5566
00D0.D0C7.5460 --
Use show isis circuits on S1 to view the interface information and the DIS election. The
UP means that the interface state is normal. The Down means that the interface state
is abnormal. For abnormal interface state, it is required that inspect the link state and IP
configuration.
S1(config)#show isis circuits
IS-IS interface database:
Interface State Lev CirId Level1-DR Level2-DR Pri(L1/L2)
4-30
S1#ping 192.168.6.1
sending 5,100-byte ICMP echoes to 192.168.6.1,timeout is 2 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 12/22/54 ms.
S2#ping 192.168.3.1
sending 5,100-byte ICMP echoes to 192.168.3.1,timeout is 2 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 10/20/52 ms.
4-31
Configuration Thought
1. Configure IP addresses of interfaces.
2. Configure IS-IS protocol.
3. Enable IS-IS protocol on interfaces.
4. Enable route aggregation on S1.
5. Configure static route on S4 and redistribute default route.
6. Test the configuration. Make sure that the neighborhood is set up between S1 and S2,
between S2 and S3, and between S3 and S4 already and the topology is calculated
correctly. Ping the peer interface by one of any pair of interfaces successfully.
Configuration Process
Configuration on S1:
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 192.168.15.1 255.255.255.0
S1(config-if-vlan10)#exit
S1(config)#interface vlan20
S1(config-if-vlan20)#ip address 192.168.100.1 255.255.255.0
S1(config-if-vlan20)#exit
S1(config)#interface vlan30
S1(config-if-vlan30)#ip address 192.168.101.1 255.255.255.0
4-32
S1(config-if-vlan30)#exit
S1(config)#interface vlan40
S1(config-if-vlan40)#ip address 192.168.102.1 255.255.255.0
S1(config-if-vlan40)#exit
S1(config)#router isis
S1(config-isis-0)#area 01
S1(config-isis-0)#system-id 00D0.D0C7.5460
S1(config-isis-0)#is-type level-1-2
S1(config-isis-0)#interface vlan10
S1(config-isis-0-if-vlan10)#ip router isis
S1(config-isis-0-if-vlan10)#circuit-type level-2
S1(config-isis-0-if-vlan10)#exit
S1(config-isis-0)#interface vlan20
S1(config-isis-0-if-vlan20)#ip router isis
S1(config-isis-0-if-vlan20)#circuit-type level-2
S1(config-isis-0-if-vlan20)#exit
S1(config-isis-0)#interface vlan30
S1(config-isis-0-if-vlan30)#ip router isis
S1(config-isis-0-if-vlan30)#circuit-type level-2
S1(config-isis-0-if-vlan30)#exit
S1(config-isis-0)#interface vlan40
S1(config-isis-0-if-vlan40)#ip router isis
S1(config-isis-0-if-vlan40)#circuit-type level-2
S1(config-isis-0-if-vlan40)#exit
S1(config-isis-0)#summary-address 192.168.100.0 255.255.252.0
S1(config-isis-0)#exit
Configuration on S2:
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 192.168.15.2 255.255.255.0
S2(config-if-vlan10)#exit
S2(config)#interface vlan20
S2(config-if-vlan20)#ip address 192.168.14.1 255.255.255.0
S2(config-if-vlan20)#exit
S2(config)#router isis
S2(config-isis-0)#area 00
S2(config-isis-0)#system-id 00D0.D0C7.53E0
S2(config-isis-0)#is-type level-1-2
S2(config-isis-0)#interface vlan10
S2(config-isis-0-if-vlan10)#ip router isis
S2(config-isis-0-if-vlan10)#circuit-type level-2
S2(config-isis-0-if-vlan10)#exit
S2(config-isis-0)#interface vlan20
S2(config-isis-0-if-vlan20)#ip router isis
S2(config-isis-0-if-vlan20)#circuit-type level-2
4-33
S2(config-isis-0-if-vlan20)#exit
Configuration on S3:
S3(config)#interface vlan10
S3(config-if-vlan10)#ip address 192.168.14.2 255.255.255.0
S3(config-if-vlan10)#exit
S3(config)#interface vlan20
S3(config-if-vlan20)#ip address 192.168.13.1 255.255.255.0
S3(config-if-vlan20)#exit
S3(config)#router isis
S3(config-isis-0)#area 02
S3(config-isis-0)#system-id EF00.AB00.DF12
S3(config-isis-0)#is-type level-1-2
S3(config-isis-0)#interface vlan10
S3(config-isis-0-if-vlan10)#ip router isis
S3(config-isis-0-if-vlan10)#circuit-type level-2
S3(config-isis-0-if-vlan10)#exit
S3(config-isis-0)#interface vlan20
S3(config-isis-0-if-vlan20)#ip router isis
S3(config-isis-0-if-vlan20)#circuit-type level-1
S3(config-isis-0-if-vlan20)#exit
Configuration on S4:
S4(config)#interface vlan10
S4(config-if-vlan10)#ip address 192.168.13.2 255.255.255.0
S4(config-if-vlan10)#exit
S4(config)#router isis
S4(config-isis-0)#area 02
S4(config-isis-0)#system-id 00DE.FD11.AD00
S4(config-isis-0)#is-type level-1
S4(config-isis-0)#interface vlan10
S4(config-isis-0-if-vlan10)#ip router isis
S4(config-isis-0-if-vlan10)#circuit-type level-1
S4(config-isis-0-if-vlan10)#exit
S4(config-isis-0)#exit
S4(config)#ip route 0.0.0.0 0.0.0.0 192.168.13.1
S4(config)#router isis
S4(config-isis-0)#default-information originate
S4(config-isis-0)#redistribute static metric 10
S4(config-isis-0)#end
Configuration Check
After the configuration above is finished, the following content can be viewed on one of
any pair of devices. It shows that the neighborhood is set up already and the topology is
4-34
calculated correctly. The peer interface can be pinged successfully by one end of any pair
of devices.
Use show ip protocol routing to view the default static route redistributed by S4 on S1.
S1(config)#show running-config isis
!
router isis
area 01
system-id 00D0.D0C7.5460
is-type level-1-2
summary-address 192.168.100.0 255.255.252.0
interface vlan10
ip router isis
circuit-type level-2-only
$
interface vlan20
ip router isis
circuit-type level-2-only
$
interface vlan30
ip router isis
circuit-type level-2-only
$
interface vlan40
ip router isis
circuit-type level-2-only
$
!
S1(config)#show isis adjacency
Interface System id State Lev Holds SNPA(802.2) Pri MT
gei-0/1/1/3 00D0.D0C7.53E0 UP L2 7 0030.3144.5566 64
S1(config)#show isis topology
IS-IS paths to Level-1 routers
System id Metric Next-Hop Interface SNPA
00D0.D0C7.5460 --
4-35
View S2 configuration:
S2(config)#show running-config isis
!
router isis
area 00
system-id 00D0.D0C7.53E0
is-type level-2-only
interface vlan20
ip router isis
circuit-type level-2-only
$
interface vlan10
ip router isis
circuit-type level-2-only
$
!
S2(config)#show isis topology
IS-IS paths to Level-1 routers
System id Metric Next-Hop Interface SNPA
4-36
View S3 configuration:
S3(config)#show running-config isis
!
router isis
area 02
system-id EF00.AB00.DF12
is-type LEVEL-1-2
interface vlan10
ip router isis
circuit-type level-2-only
$
interface vlan20
ip router isis
circuit-type level-1
$
!
View S4 configuration:
4-37
S4(config)#show running-config
!
router isis
area 02
system-id 00de.fb11.ad00
is-type LEVEL-1
redistribute static ip metric 10
default-information originate
interface vlan10
ip router isis
circuit-type level-1
!
ip route 0.0.0.0 0.0.0.0 192.168.13.1
S4#ping 192.168.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 192/709/1148 ms
4-38
Configuration Thought
1. Establish neighbor relationship on vlan10 of S1 and vlan10 of S2 in Instance 100.
2. Establish neighbor relationship on vlan20 of S1 and vlan20 of S2 in Instance 200.
3. Redistribute direct-connected routes in the instances of S1. Check whether load
sharing is performed through different instances on S2. (Load sharing cannot be
performed, as the route with a smaller instance number of the same prefix has a
higher priority.)
Configuration Process
Configuration on S1:
S1(config)#router isis 100
S1(config-isis-100)#system-id 1111.0100.0000
S1(config-isis-100)#area 10
S1(config-isis-100)#redistribute connected
S1(config-isis-100)#interface vlan10
S1(config-isis-100-if-vlan10)#ip router isis
S1(config-isis-100-if-vlan10)#exit
S1(config-isis-100)#exit
S1(config)#router isis 200
S1(config-isis-200)#system-id 1111.0200.0000
S1(config-isis-200)#area 10
S1(config-isis-200)#redistribute connected
S1(config-isis-200)#interface vlan20
S1(config-isis-200-if-vlan20)#ip router isis
S1(config-isis-200-if-vlan20)#exit
S1(config-isis-200)#exit
Configuration on S2:
4-39
S2(config-isis-200)#area 10
S2(config-isis-200)#interface vlan20
S2(config-isis-200-if-vlan20)#ip router isis
S2(config-isis-200-if-vlan20)#exit
S2(config-isis-200)#exit
Configuration Check
S1#show isis adjacency
Process ID: 100
Interface System id State Lev Holds SNPA(802.2) Pri MT
gei-0/1/1/1 S2 UP/UP L1L2 26/26 0021.8844.5541 64/64
Process ID: 200
Interface System id State Lev Holds SNPA(802.2) Pri MT
gei-0/1/1/2 S2 UP/UP L1L2 25/25 0021.8844.5541 64/64
The result shows that the traffic goes through vlan10, that is, the route with a smaller
instance number is preferred.
S2#show ip forwarding route isis-l2
IPv4 Routing Table:
Dest Gw Interface Owner Pri Metric
1.1.1.12/32 56.3.3.2 vlan10 isis_l2 115 10
88.6.5.5/32 56.3.3.2 vlan10 isis_l2 115 10
4-40
The session which is set up by BGP routers belonging to different ASs is called External
Border Gateway Protocol (EBGP) session, while a session which is set up between BGP
routers belonging to the same AS is called Internal Border Gateway Protocol (IBGP)
session.
An administrative area with independent routing policies is called an AS. The important
feature of an AS is that it has a unified internal route for another AS, and it has a consistent
topology for reachable destinations. The AS indicator is a value of 16-bit, ranging from 1
to 65535, where, 1–32767 are assignable, 32768–64511 are reserved, and 64512–65534
are used for private ASs (similar to private network addresses). When 16–bit AS number
5-1
is used, the AS number range is 1–65535. Current version also supports 32–bit AS which
is in the range of 1-4294967295.
à Next-hop
à Origin
2. Well-known discretionary attribute: The kind of attributes is not necessary
contained by route description.
à Local preference
à Atomic aggregate
3. Optional transitive attributes: This kind of attributes does not require that all BGP
examples support it. However, if it is supported, it can be transmitted to its BGP
neighbor. while, if it is not supported by the current router, it will be transmitted to
other BGP routers continuously.
à Aggregator
à Community
4. Optional nontransitive attribute: This kind of attributes shows that the routers
which do not support the attribute need to delete it.
Multi-Exit Discriminator (MED)
The kinds of BGP attributes can be expanded into 256 but not all attributes are used
together. The attributes can be used selectively and flexibly.
l BGP Message Type
à OPEN
It establishes BGP connection. The message includes BGP version number, local
AS number and the shortest hold time for negotiation, BGP ROUTER-ID and
other optional parameters.
à UPDATE
5-2
It sends BGP route updating packets. The message is sent only once route is
updated.
à KEEPALIVE
It confirms the peer status. The default sending interval is 60 seconds, and the
Hold-time is 180 seconds by default. Once the neighbor receives the KEEPALIVE
packet, the Hold-time timer will be reset. If the hold-time expires, then consider
that the neighbor is in abnormal status, and disconnect the BGP connection with
neighbor.
à NOTIFICATION
1. Idle State
It is the initial state. The BGP starts initialization after the protocol is activated. It
resets the timer, launches the first TCP connection and enters state 2.
2. Connect state
The BGP starts TCP connection and waits for the message of TCP successful
connection. If the connection is successful, then the BGP enters OpenSent state.
Otherwise, the BGP enters Active state.
5-3
3. Active state: The BGP always tries to establish TCP connection. If the connection
timer times out, then the BGP returns to Connect state. If TCP connection is
successful, then BGP enters OpenSent state.
4. OpenSent state
TCP connection is established already. The BGP sends the first OPEN packet
and waits for the reply from the peer. BGP examines the reply packet. If the BGP
finds error, it will send a NOTIFICATION packet and return to Idle state. If there
is no error in the reply packet, BGP will send a KEEPALIVE packet. KEEKALIVE
timer starts timing. The BGP enters into OpenConfirm state.
5. OpenConfirm state
The BGP waits for KEEPALIVE packet and resets the KEEPALIVE timer. When
the BGP receives a KEEPALIVE packet, it enters Established state.
6. Established state
Neighborhood is set up already. Router exchanges Update packet with its
neighbor, and meanwhile, the KEEPALIVE timer is reset.
In initial, the exchanging of routing information includes all BGP routes, that is, all
entries in BGP routing table will be exchanged. After the initial exchanging is finished,
the incremental and burst routing update is launched only when the route entries are
changed or been unavailable. The meaning of the so-called incremental is that not the
entity BGP table will be exchanged but only update the changed route entries. The
burst means that update routes only when the routing table is changed rather than
periodically route updating.
When a router sends route information to its neighbor, it will save the route entries sent
to neighbor at local. When the router receives a route updating packet, it will compare
updating packet with the locally saved routing entries. If this entry is not sent before,
then the router will send it to its neighbor. If the entry is sent already and better, the
router will send the entry to its neighbor and update its locally saved routing entries.
Compared with the conventional periodical routing table updating, this updating mode
saves the bandwidth a lot. Route updating is achieved by UPDATE packets.
During the process above, if the BGP connection fails to be established because of
any connection failure, authentication failure and route loopback and so on, the router
will send NOTIFICATION packet to its peer that close BGP session will be closed.
Later, the router enters Idle state.
5-4
their connection mode. Otherwise, if the two routers belong to different ASs, then they
adopt EBGP as their connection mode.
As shown in Figure 5-2, S1 and S2 are EBGP neighbors, S2 and S3 are IBGP neighbors.
5-5
Parameter Description
<number> The AS system that the neighbor belongs to. The range of
a 2-byte AS number is 1-65535, and the range of a 4-byte
AS number is 1-4294967295.
Parameter Description
5-6
Parameter Description
Configuration Example
1. Set Up EBGP through Direct-Connected Address
As shown in Figure 5-3, S1 belongs to AS65000, and S2 belongs to AS65001.
Establish EBGP neighborhood between S1 and S2 through physical interfaces.
Configuration on S1:
S1#config terminal
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 129.213.1.1 255.255.255.252
S1(config-if-vlan10)#exit
S1(config)#router bgp 65000
S1(config-bgp)#neighbor 129.213.1.2 remote-as 65001
S1(config-bgp)#exit
Configuration on S2:
S2#config terminal
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 129.213.1.2 255.255.255.252
5-7
S2(config-if-vlan10)#exit
S2(config)#router bgp 65001
S2(config-bgp)#neighbor 129.213.1.1 remote-as 65000
S2(config-bgp)#exit
5-8
Configuration on S1:
S1#config terminal
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 192.168.1.1 255.255.255.252
S1(config-if-vlan10)#exit
S1(config)#interface Loopback1
S1(config-if-loopback1)#ip address 1.1.1.1 255.255.255.255
S1(config-if-loopback1)#exit
S1(config)#router bgp 65000
S1(config-bgp)#neighbor 1.1.1.2 remote-as 65001
S1(config-bgp)#neighbor 1.1.1.2 ebgp-multihop ttl 5
S1(config-bgp)#neighbor 1.1.1.2 update-source loopback1
S1(config-bgp)#exit
S1(config)#ip route 1.1.1.2 255.255.255.255 192.168.1.2
Configuration on S2:
S2#config terminal
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 192.168.1.2 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#interface Loopback1
S2(config-if-loopback1)#ip address 1.1.1.2 255.255.255.255
S2(config-if-loopback1)#exit
S2(config)#router bgp 65001
S2(config-bgp)#neighbor 1.1.1.1 remote-as 65000
S2(config-bgp)#neighbor 1.1.1.1 ebgp-multihop ttl 5
5-9
Note that if the number of hops is not designated behind ebgp-mulitihop, the
system will set TTL value as 1 by default.
To view the established BGP neighborhood, use the show ip bgp neighbor
command on S1.
S1#show ip bgp neighbor
BGP neighbor is 1.1.1.2, remote AS 65001, external link
BGP version 4, remote router ID 1.1.1.2
BGP state = Established, up for 00:01:01
hold time is 90 seconds, keepalive interval is 30 seconds
......
Connections established 1
Local host: 1.1.1.1, Local port: 179
Foreign host: 1.1.1.2, Foreign port: 1026
5-10
Therefore, to keep the connectivity of the BGP, BGP routers have to set up a full
meshed network through IBGP session.
Parameter Description
Parameter Description
Parameter Description
5-11
Parameter Description
1. The AS at where routers locate only has one egress, or it is a stub AS. That is to
say, the AS only has one point to connect to external network.
2. The AS at where routers locate is a transition type (that is to say, an AS can
connect to the third AS through the AS), but all routers of the AS run BGP.
The second condition is common. Since all routers have BGP information in AS, IGP
only needs to transmit routing information for local AS.
Synchronization function is enabled on router by default. Use no synchronization to
cancel synchronization function.
Configuration Example
As shown in Figure 5-5, S2 and S3 belong to the same AS. Set up IBGP connection
between S2 and S3 through Loopback addresses.
5-12
Configuration on S2:
S2#config terminal
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 192.168.2.1 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#interface Loopback1
S2(config-if-loopback1)#ip address 1.1.1.2 255.255.255.255
S2(config-if-loopback1)#exit
S2(config)#router bgp 65001
S2(config-bgp)#neighbor 1.1.1.3 remote-as 65001
S2(config-bgp)#neighbor 1.1.1.3 update-source loopback1
S2(config-bgp)#neighbor 1.1.1.3 next-hop-self
S2(config-bgp)#no synchronization
S2(config-bgp)#exit
S2(config)#router ospf 1
S2(config-ospfv2)#network 192.168.2.0 0.0.0.3 area 0
S2(config-ospfv2)#network 1.1.1.2 0.0.0.0 area 0
S2(config-ospfv2)#exit
Configuration on S3:
S3#config terminal
S3(config)#interface vlan10
S3(config-if-vlan10)#ip address 192.168.2.2 255.255.255.252
S3(config-if-vlan10)#exit
S3(config)#interface Loopback1
5-13
Use show ip bgp neighbor to view the established BGP neighborhood on S2.
S2#show ip bgp neighbor
BGP neighbor is 1.1.1.3, remote AS 65001, internal link
BGP version 4, remote router ID 1.1.1.3
BGP state = Established, up for 00:01:25
hold time is 90 seconds, keepalive interval is 30 seconds
......
Connections established 1
last error code is 6
Local host: 1.1.1.2, Local port: 179
Foreign host: 1.1.1.3, Foreign port: 1096
5-14
Parameter Description
Configuration Example
This example shows how to configure BGP neighbor password authentication and
encrypt the password.
ZXR10(config)#router bgp 100
ZXR10(config-bgp)#neighbor 192.168.0.2 remote-as 100
ZXR10(config-bgp)#neighbor 192.168.0.2 password 789
ZXR10(config-bgp)#neighbor 192.168.0.2 password encrypt 123
ZXR10(config-bgp)#show running-config bgp
router bgp 100
neighbor 192.168.0.2 password encrypt u5pd4oR1YGR1E+My5y4ec1dbC7
eZf4gsX0qhVYXcb6KV1CMnm8VFlX9dcceOjgUYrxPGh3Gy7Rl8VxSlqtHcujwZ5qzj
LbVOkiKWz41nHPk=
!
l Restarting BGP Process
When BGP neighbor enters abnormal state, restart BGP neighbor process to recover.
To restart a BGP neighbor, use the following command in global configuration mode.
Command Function
Parameter Description
5-15
Parameter Description
The routes to be advertised by BGP have to exist in IGP routing table already.
The common method of BGP route advertisement is to select the network segment to
advertise by the network command. This command specifies the destination network
segment and mask, and then the routes which match with the rule accurately will enter
into BGP routing table. The routes will be filtered and advertised.
5-16
For example, use network 18.0.0.0 255.0.0.0 in BGP. The network segments 18.0.0.0/8,
18.1.0.0/16 and 18.2.0.0/24 are added to BGP routing table. If these network
segments and subnetworks do not exist in routing table, then no route is injected to
BGP routing table. In order to cooperate with BGP route advertisement, it is required
that configure some static routes pointing to loopback address on router.
It is notable that not all routes injected to BGP routing table can be advertised. It
relates to BGP route filtering or routing policy.
In BGP, use network command to advertise known network to router. The known
network can be learned by direct-connected route, static route and dynamic route.
The usage of network in BGP is different to that of in IGP.
Configuration Example
As shown in Figure 5-6, S2 runs OSPF as IGP protocol. S2 requires that advertise
the network segment 18.0.0.0/8 advertised by OSPF to BGP.
5-17
Configuration on S2:
S2#config terminal
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 192.168.2.1 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#router bgp 65001
S2(config-bgp)#neighbor 192.168.2.2 remote-as 65000
S2(config-bgp)#network 18.0.0.0 255.255.255.0
S2(config-bgp)#exit
S2(config)#router ospf 1
S2(config-ospf)#network 18.0.0.0 0.255.255.255 area 0
S2(config-ospf)#exit
Configuration on S1:
S1#config terminal
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 192.168.2.2 255.255.255.252
S1(config-if-vlan10)#exit
S1(config)#router bgp 65000
S1(config-bgp)#neighbor 192.168.2.1 remote-as 65001
S1(config-bgp)#exit
The address under the entry of Next-hop is the next-hop address of BGP route. If the
address is represented as full zero, that means this route is generated by router itself.
The value under the Local-Pre is the priority level of route which is learned by BGP.
The default value is 100.
The field Path shows the origin of this route. Three types: IGP, EGP and incomplete.
Note:
à The symbol * indicates the route is available.
à The symbol > indicates the route is the optimized choice.
à The symbol i indicates the route is a IBGP route.
à The route without "i" indicates this is a EBGP route or local route.
5-18
The above example shows that the network segment 18.0.0.0/8 exists in BGP routing
table already. The next hop address is the interface 192.168.2.1 of S2.
l Redistributing Routes by redistribute Command
IGP needs to be configured on router already.
Full dynamic injection has to be chosen to advertise BGP routes when there are lots
of route entries and aggregation is not convenient.
When there are lots of route entries and aggregation is not convenient, use redistrib
ute command to redistribute one or more IGP protocol (RIP, OSPF and IS-IS) routes
to BGP.
Make sure that IGP does not redistribute the routes learnt by BGP to BGP again. Use
filter command to avoid loopback if it is necessary.
To redistribute routes on ZXR10 5900E, perform the following steps.
Parameter Description
Configuration Example
As shown in Figure 5-7, S2 runs OSPF as IGP protocol. It is required that redistribute
all OSPF routing information of S2 to BGP.
5-19
Configuration on S2:
S2#config terminal
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 192.168.2.1 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#router ospf 1
S2(config-ospfv2)#network 18.0.0.0 0.0.0.255 area 0
S2(config)#exit
S2(config)#router bgp 65001
S2(config-bgp)#neighbor 192.168.2.2 remote-as 65000
S2(config-bgp)#redistribute ospf-int
S2(config-bgp)#redistribute connected
S2(config)#exit
Add the OSPF external route to S2 and set the metric value as 5.
S2#config terminal
S2(config)#interface vlan10
S2(config-if-vlan10)#ip address 192.168.2.1 255.255.255.252
S2(config-if-vlan10)#exit
S2(config)#router ospf 1
S2(config-ospfv2)#network 18.0.0.0 0.0.0.255 area 0
5-20
S2(config)#exit
S2(config)#router bgp 65001
S2(config-bgp)#neighbor 1.1.1.1 remote-as 65000
S2(config-bgp)#redistribute ospf-ext metric 5
S2(config-bgp)#redistribute connected
S2(config)#exit
l Configuring Route Aggregation
To prevent route blackhole, aggregate the routes with the same mask on router in
route aggregation configuration.
BGP protocol aggregates the learnt routes to a route for advertisement. Thus, route
entries can be reduced a lot in routing table.
To configure route aggregation, perform the following steps.
Parameter Description
Configuration Example
1. Route Aggregation Configuration
5-21
Configuration on S1:
S1(config)#interface vlan10
S1(config-if-vlan10)#ip address 2.2.2.2 255.255.255.0
S1(config-if-vlan10)#exit
S1(config)#router bgp 100
S1(config-bgp)#neighbor 2.2.2.1 remote-as 300
S1(config-bgp)#aggregate-address 192.168.0.0 255.255.252.0 count 0 summary-only
S1(config-bgp)#redistribute ospf-int
S1(config-bgp)#redistribute connected
S1(config-bgp)#exit
S1(config)#router ospf 1
S1(config-ospfv2)#network 192.168.3.0 0.0.0.255 area 0
S1(config-ospfv2)#network 10.1.1.0 0.0.0.3 area 0
S1(config-ospfv2)#exit
5-22
After the aggregation, there is only one route in BGP routing table of S2 belonging
to AS300. It reduces the size of routing table.
If the command is used without summary-only, S2 will advertise the detailed routes
with the aggregated route.
S2#show ip bgp route
Status codes: *valid, >best, i-internal
Origin codes: i-IGP, e-EGP, ?-incomplete
In BGP routing table, there are four routes 192.168.0.0/24, 192.168.1.0/24 and
192.168.2.0/24, 192.168.3.0/24 except the aggregated route 192.168.0.0/22.
The parameter count <count> indicates the number of subnetworks which
are waiting to implement aggregation. <count> ranges from 0 to 255 and the
default value is 1, which means the number of subnetworks has to exist in
IGP. If the parameter is 0, that means advertise the route 192.168.0.0/22 when
any subnetwork of 192.168.0.0 255.255.252.0 appears in IGP routes. If the
parameter is 1 or other value, the following command is required using to specify
the related subnetwork segment.
aggregate-address <ip-address><net-mask> subnet <subnet-address><subnet-mask>
The above command means that the routing information can be aggregated and
advertised only when the specified subnetwork routing information appears in IGP
routing table and the route number satisfies the defined count number.
5-23
5-24
à No.5: LOCAL-PREF
It is transmitted within the local AS, indicating the priority of each path.
à No.6: ATOMIC_AGGREGATOR
à No.7: AGGREGATOR
à No.8: RFC1997 defines another common attribute: COMMUNITY
Here, No.1, 2 and 3 attribute are well-known mandatory attributes. No.5 and 6 are
well-konwn discretionary attributes. No.7 and 8 are optional transitive attributes. No.4
is optional nontransitive attribute. They have different priorities, LOCAL-PREF has the
highest priority, and the second one is AS-PATH and ORIGIN.
For other attributes used by BGP, please refer to FRC documentation.
Route map is used to control routing information, which redistributes routes between
routing areas by defining rules. The route map usually cooperates with the route
attributes to decide route.
To filter routes by route map, perform the following steps.
5-25
Parameter Description
Parameter Description
Parameter Description
5-26
Parameter Description
Configuration Example
As shown in Figure 5-9, S1 and S2 set up EBGP connection between them. Configure
a route-map on S1. The route-map permits to advertise network 172.3.0.0/16 to
AS200, and set the MED value as 5.
Configuration on S1:
S1(config)#router bgp 100
S1(config-bgp)#neighbor 182.17.20.1 remote-as 200
S1(config-bgp)#network 172.3.0.0 255.255.0.0
S1(config-bgp)#network 172.5.0.0 255.255.0.0
S1(config-bgp)#network 172.7.0.0 255.255.0.0
S1(config-bgp)#neighbor 182.17.20.1 route-map MAP1 out
S1(config-bgp)#neighbor 182.17.20.1 send-med
S1(config-bgp)#exit
S1(config)#route-map MAP1 permit 10
S1(config-route-map)#match ip address 1
S1(config-route-map)#set ip metric 5
S1(config-route-map)#exit
S1(config)#ipv4-access-list 1
S1(config-ipv4-acl)#rule 10 permit 172.3.0.0 0.0.255.255
S1(config-ipv4-acl)#exit
5-27
When filtering route through route map, the match and set commands are usually used
together with route map. The match command defines the matching standard. The
set command defines the action satisfying matching standard.
Use the neighbor 182.17.20.1 send-med command to send MED attribute with
advertising routes to neighbor 182.17.20.1.
To view BGP routing table on S2, use the show ip bgp route command.
S2#show ip bgp route
Status codes: *-valid, >-best, i-internal,s-stale
Origin codes: i-IGP, e-EGP, ?-incomplete
Network Next Hop Metric LocPrf RtPrf Path
*>172.3.0.0/16 182.17.20.2 5 20 100 i
The above result shows that S2 learns the route from 172.3.0.0/16 only, and its MED
value is 5.
5-28
Parameter Description
Parameter Description
Parameter Description
Configuration Example
5-29
As shown in Figure 5-10, S1 and S2 are a pair of IBGP peers, S1 and S3 are a pair
of EBGP peers, S2 and S4 are a pair of EBGP peers, S2 and S4 are a pair of EBGP
peers. To avoid AS100 to act as transitive AS and prevent S1 from advertising network
segment 192.18.10.0/24 of AS300 to AS200, configure filter function on S1.
The route-map command and ACL are used to prevent S1 from advertising the route
with prefix 192.18.10.0/24 to AS200, that is, this route is filtered on S1. Therefore, S3
can not learn the route 192.18.10.0/24.
To view BGP routing table on S3, use the show ip bgp route command.
S3#show ip bgp route
Status codes: *-valid, >-best, i-internal,s-stale
Origin codes: i-IGP, e-EGP, ?-incomplete
Network Next Hop Metric LocPrf RtPrf Path
*>192.168.11.0/24 182.17.20.2 20 300 100 i
5-30
The above result shows S3 locating at AS200 does not learn the route pointing to
192.18.10.0/24.
l Restricting the Number of Route Advertisements Received by Neighbor
To restrict the number of route received by a neighbor, perform the following steps.
Parameter Description
drop-routes Drop the routes when the number of the received routes
exceeds the threshold value
warning-only Print the alarm when the number of the received routes
exceeds the threshold value
Configuration Example
As shown in Figure 5-11, S1 can receive 10 routes advertised by S2 at most, and it will
drop routes if more than 10 routes are received. S2 can receive 20 routes advertised
by S1, and neighborhood will be disconnected and set up again after 10 minutes if
more than 20 routes advertised by S1.
5-31
Configuration on S1:
S1(config)#router bgp 100
S1(config-bgp)#neighbor 10.1.1.1 remote-as 200
S1(config-bgp)#neighbor 10.1.1.1 maximum-prefix 10 drop-routes
Configuration on S2:
S2(config)#router bgp 200
S2(config-bgp)#neighbor 10.1.1.2 remote-as 100
S2(config-bgp)#neighbor 10.1.1.2 maximum-prefix 20 restart 1
Without the configuration of time for waiting reconnection (use parameter warning-onl
y) , when S1 advertises more than 20 routes to S2, S2 will display the alarm information
only.
Configuration on S2:
S2(config)#router bgp 200
S2(config-bgp)#neighbor 10.1.1.2 remote-as 100
S2(config-bgp)#neighbor 10.1.1.2 maximum-prefix 20 warning-only
l Filtering Routes by Using AS_PATH
AS-PATH is a well-known mandatory attribute. The attribute is a path filed, which is
composed of a series of AS numbers passing by a route pointing to one destination.
When the origin AS initiates a route to other external BGP peers, it will add its AS
number into the route. Subsequently, each route receiver will add its AS number into
route and place AS number on the head of AS sequence when sending the route to
other BGP peers.
BGP adopts AS-PATH as the factor of its route update to realize no-loop topology
of Internet. Each route contains a list with all passed AS numbers. When the route
is advertised to its origin AS, AS examines its AS number has been existed in AS
sequence, and it will not accept this route. Meanwhile, AS-PATH will be used for
deciding the optimum route. When multiple routes (their attributes except for AS-PATH
are the same) to the same destination are available, BGP will select a route with
the shortest path as the optimum route according to AS-PATH. Therefore, increasing
AS-PATH can affect BGP route selection.
When all routes of one or multiple AS require filtering, the filter method based on
AS-PATH is usually adopted.
5-32
Parameter Description
Parameter Description
Configuration Example
As shown in Figure 5-12, in Internet, the route to 10.10.0.0/24 of AS 100 is the optimum
path, and the path must be AS500→AS300→AS200→AS100.
5-33
By means of routing policy, AS_PATH is configured on the advertised route. Thus, the
route from AS 500 to AS 100 is changed.
To view BGP routing table on a router in AS500, use the show ip bgp route command.
ZXR10_AS500#show ip bgp route
Status codes: *valid, >best, i-internal
Origin codes: i-IGP, e-EGP, ?-incomplete
5-34
AS 500 realizes that there are 6 ASs passing by the route from AS 400 to AS 100, and
3 ASs passing by the route if it is from AS 300 to AS 100. Therefore, BGP will select
the routing that passes the less ASs if other priorities are the default settings. That is,
the routing that is from AS 300 to AS 100 satisfies the configuration requirement.
l Selecting Routes by Using LOCAL_PREF
Local_PREF is a well-known discretionary attribute. The default value is 100.
When a BGP router broadcasts routes to other BGP routers in the same AS, this
attribute shall be used. The value of attribute has influence on the path priority directly.
The route with the highest priority will be chosen as the optimum path. This attribute
also affects the local outbound traffic, and it is only used for local AS, that is, other
ASs will not affected by this attribute. Local-PREF is only exchanged between IBGP
neighbors, and it will not be advertised to EBGP neighbors.
5-35
Parameter Description
Parameter Description
Configuration Example
As shown in Figure 5-13, S1, S2 and S3 adopts IBGP full connection. Use BGP
LOCAL-PREF attribute to meet the requirement that all egress services arrive AS300
by using the egress of S1.
5-36
Configuration on S1:
S1(config)#router bgp 600
S1(config-bgp)#no synchronization
S1(config-bgp)#neighbor 172.16.1.2 remote-as 300
S1(config-bgp)#neighbor 172.16.1.2 activate
S1(config-bgp)#neighbor 192.168.1.9 remote-as 600
S1(config-bgp)#neighbor 192.168.1.9 activate
S1(config-bgp)#neighbor 192.168.1.9 next-hop-self
S1(config-bgp)#neighbor 192.168.1.5 remote-as 600
S1(config-bgp)#neighbor 192.168.1.5 activate
S1(config-bgp)#neighbor 192.168.1.5 next-hop-self
S1(config-bgp)#neighbor 172.16.1.2 route-map Local_Pref in
S1(config-bgp)#exit
S1(config)#ipv4-access-list 1
S1(config-ipv4-acl)#permit any
S1(config)#route-map Local_Pref permit 10
S1(config-route-map)#match ip address 1
S1(config-route-map)#set local-preference 200
Configuration on S2:
S2(config)#router bgp 600
S2(config-bgp)#no synchronization
S2(config-bgp)#neighbor 172.16.0.2 remote-as 300
S2(config-bgp)#neighbor 172.16.0.2 activate
S2(config-bgp)#neighbor 192.168.1.1 remote-as 600
5-37
Modify the Local_Pref value of S3 to specify an egress for the service. In this example,
the traffic going to 10.0.0.0/24 of AS300 are forwarded by S1 preferably. Therefore,
the route coming from S1 has higher Local_Pref value.
l Selecting Route by Using MED
MED is an optional nontransitive attribute. MED is used to affect the inbound service
flow. When there are many ingress in an AS, the one with the smallest MED will be
the ingress for external neighbor router entering AS. The default MED value is 0.
5-38
Parameter Description
Parameter Description
Parameter Description
5-39
Configuration Example
As shown in Figure 5-14, AS 100 and AS 400 are interconnected by two links.
Configure AS100 to make AS400 select link 1 to route to AS100 preferably.
5-40
Configuration on S2:
S2(config)#router bgp 400
S2(config-bgp)#neighbor 192.168.1.1 remote-as 100
S2(config-bgp)#neighbor 192.168.1.1 activate
S2(config-bgp)#neighbor 192.168.2.1 remote-as 100
S2(config-bgp)#neighbor 192.168.2.1 activate
S2(config-bgp)#exit
By means of MED modification, S2 selects the link 1 (MED value is 50 smaller than
that of link 2) to route to AS 100 preferably.
l Configuring BGP Community String Attributes
The community string attributes are optional transitive attributes. The community is a
group of destination routes with one or more common features. It has 4 bytes, the first
2 bytes are AS number and the last 2 bytes are identifier. When aggregate community
routes, the aggregated route inherits all the community attributes from all routes.
The definitions of several well-known community attributes are given as follows:
à local-AS: Advertise the route with this attribute to BGP neighbor routers in AS.
à Internet: Advertise the route with this attribute to all other routers.
5-41
Parameter Description
Parameter Description
5-42
Parameter Description
Configuration Example
1. Marking the Routes with Community
As shown in Figure 5-15, AS600 configures attribute values for the route coming
from different ASs. The attribute of AS300 is 300:1, and attribute of AS400 is
400:1.
5-43
AS300 router (The following content omits configuration of port and IGP)
configuration:
ZXR10_AS300(config)#router bgp 300
ZXR10_AS300(config-bgp)#network 10.0.4.0 255.255.255.0
ZXR10_AS300(config-bgp)#neighbor 192.168.1.9 remote-as 200
ZXR10_AS300(config-bgp)#neighbor 192.168.1.9 activate
ZXR10_AS300(config-bgp)#neighbor 192.168.1.18 remote-as 600
ZXR10_AS300(config-bgp)#neighbor 192.168.1.18 activate
ZXR10_AS300(config-bgp)#network 10.0.4.0 255.255.255.0
ZXR10_AS300(config-bgp)#neighbor 192.168.1.18 route-map community out
ZXR10_AS300(config-bgp)#neighbor 192.168.1.18 send-community
ZXR10_AS300(config-bgp)#exit
ZXR10_AS300(config)#ip prefix-list AS200 seq 5 permit 10.0.3.0 24
ZXR10_AS300(config)#route-map Community permit 10
ZXR10_AS300(config-route-map)#match ip address prefix-list AS200
ZXR10_AS300(config-route-map)#set community 300:1
ZXR10_AS300(config-route-map)#exit
AS400 router (The following content omits configuration of port and IGP)
configuration:
5-44
The BGP routes received by AS600 device are marked, the routes coming from
AS300 are marked as 300:1, and the routes coming from AS400 are marked as
400:1.
AS600 router (The following content omits configuration of port and IGP)
configuration:
ZXR10_AS600(config)#router bgp 600
5-45
BGP select the route with higher Local_Pref value preferably. In this example, the
route from AS400 to 10.0.3.0/24 is selected.
5-46
à If the update message is sent by an EBGP neighbor, then advertise it to all clients
and non-clients.
à If the update message is sent by a non-client, then advertise it to clients.
à If the update message is sent by a RRC, then advertise it to all clients and
non-clients except the originator of this update message.
When multiple RRs are available in an AS, divide many RRs belonging to the same
AS to a cluster. An AS can have many clusters, and a cluster has one RR at least.
Note that RR is recommended to use only when every router holds more than 100
BGP sessions in an AS.
Parameter Description
Parameter Description
Configuration Example
As shown in Figure 5-16, S1, S2 and S3 are IBGP neighbors but they are not fully
connected. Configure a router reflector to make S3 forward the routes received by an
IBGP neighbor to another IBGP neighbor. Considering IBGP neighbors are not fully
interconnected in AS600, configure router reflector to avoid full interconnection.
5-47
Configuration on S1 (The following content omits the configuration of port and IGP):
S1(config)#router bgp 600
S1(config-bgp)#no synchronization
S1(config-bgp)#neighbor 172.16.1.2 remote-as 300
S1(config-bgp)#neighbor 172.16.1.2 activate
S1(config-bgp)#neighbor 192.168.1.5 remote-as 600
S1(config-bgp)#neighbor 192.168.1.5 activate
S1(config-bgp)#neighbor 192.168.1.5 next-hop-self
S1(config-bgp)#exit
Configuration on S2 (The following content omits the configuration of port and IGP):
S2(config)#router bgp 600
S2(config-bgp)#no synchronization
S2(config-bgp)#bgp cluster-id 3.3.3.3
S2(config-bgp)#neighbor 192.168.1.2 remote-as 600
S2(config-bgp)#neighbor 192.168.1.2 activate
S2(config-bgp)#neighbor 192.168.1.2 route-reflector-client
S2(config-bgp)#neighbor 192.168.1.6 remote-as 600
S2(config-bgp)#neighbor 192.168.1.6 activate
S2(config-bgp)#neighbor 192.168.1.6 route-reflector-client
S2(config-bgp)#exit
Configuration on S3:
S3(config)#router bgp 600
S3(config-bgp)#no synchronization
S3(config-bgp)#neighbor 172.16.0.2 remote-as 400
S3(config-bgp)#neighbor 172.16.0.2 activate
S3(config-bgp)#neighbor 192.168.1.1 remote-as 600
S3(config-bgp)#neighbor 192.168.1.1 activate
5-48
The function of route confederation is the same to that of RR. The route confederation
is used to reduce the number of BGP neighbor connections in an AS. Route
confederation divides an AS into many sub-ASs, and the IBGP routers in the AS
belong to different sub-ASs. IBGP is established inside each sub-AS, and EBGP is
established among sub-ASs. Sub-ASs are invisible to the external AS.
5-49
Configuration Example
As shown in Figure 5-17, use confederation to avoid IBGP full connection in AS600.
Configuration on S2(The following content omits the configuration of port and IGP):
S2(config)#router bgp 65003
S2(config-bgp)#bgp confederation identifier 600
S2(config-bgp)#no synchronization
S2(config-bgp)#bgp confederation peers 65001 65002
S2(config-bgp)#neighbor 172.16.0.2 remote-as 65001
S2(config-bgp)#neighbor 172.16.0.2 activate
S2(config-bgp)#neighbor 192.168.1.10 remote-as 65003
S2(config-bgp)#neighbor 192.168.1.10 activate
S2(config-bgp)#neighbor 192.168.1.1 remote-as 65001
S2(config-bgp)#neighbor 192.168.1.1 activate
S2(config-bgp)#neighbor 172.16.2.2 remote-as 500
5-50
Configuration on S4(The following content omits the configuration of port and IGP):
S4(config)#router bgp 65002
S4(config-bgp)#bgp confederation identifier 600
S4(config-bgp)#no synchronization
S4(config-bgp)#network 10.0.0.0 255.255.255.0
S4(config-bgp)#bgp confederation peers 65003
S4(config-bgp)#neighbor 172.16.1.1 remote-as 65003
S4(config-bgp)#neighbor 172.16.1.1 activate
S4(config-bgp)#exit
The output above shows that there is a route pointing to AS500 on R4.
A larger AS is divided into some smaller ASs, and these samller ASs are connected
by EBGP. Each AS acts as an independent BGP AS to run IBGP.
A complete AS only runs an IGP protocol, and every sub-AS has IGP routing
information of all other sub-ASs.
l Configuring BGP Route Dampening
5-51
Parameter Description
<reuse> Reuse value, the range is 1-20000, and the default value
750
Configuration Example
5-52
Enable BGP route dampening function on router. Set the half-life is 30 minutes, the
re-use value is 500, and the suppress value is 2000, the maximum suppress time is
120 minutes.
ZXR10(config)#router bgp 100
ZXR10(config-bgp)#bgp dampening 30 500 2000 120
ZXR10(config-bgp)#network 203.250.15.0 255.255.255.0
ZXR10(config-bgp)#neighbor 192.208.10.5 remote-as 300
ZXR10(config-bgp)#exit
Use show ip bgp protocol to view the configuration of route dampening on router.
ZXR10#show ip bgp protocol
BGP router ID is 1.1.1.2, Local as is 1
Hold time is 90 seconds, KeepAlive time is 30 seconds
Default local preference is 100
Default export metric is 0
IPv4 IGP synchronization is disabled
IPv6 IGP synchronization is disabled
IGP synchronization is disabled
Default information advertise is disabled
Always compare med is disabled
Fast fallover is enabled
Client-to-client reflection is enabled
Enforce-first-as is enabled
IPv4 client-number: 1
Ipv4 unicast is activated
BGP FRR is disabled
BGP IPv6 frr is disabled
Router target is filtered
Graceful restart is disabled
As-path ignore is disabled
Router-id ignore is disabled
BGP advertise-active-only is disabled
BGP VPNv4 advertise-active-only is disabled
BGP IPv4 rib-only is disabled
BGP IPv6 rib-only is disabled
Route dampening enabled, halflife-time is 30,
reuse is 500, suppress is 2000, max-suppress-time is 120
Distance : external 20 internal 200
Here, the route dampening mechanism is activated. The half-life is 30 minutes, the
reuse value is 500, and the suppress value is 2000, and the maximum suppress time
is 120 minutes.
l Configuring BGP Peer Group
BGP peer group is to implement cluster management to BGP peer, which adds
peers into the uniform peer group and configure them. In this way, reduce the work
5-53
load of peer configuration, simply the configuration process and manage peers in
classification, improve the reliability and convenience of maintenance.
Parameter Description
Parameter Description
Parameter Description
Configuration Example
Create a BGP peer group. The name of the group is zte. In the AS100, add neighbors
192.168.0.2 and 192.168.0.3 to the group. Run the following command:
5-54
Command Function
The following is sample output from the show ip bgp protocol command:
ZXR10#show ip bgp protocol
BGP router ID is 1.1.1.2, Local as is 1
Hold time is 90 seconds, KeepAlive time is 30 seconds
Default local preference is 100
Default export metric is 0
IPv4 IGP synchronization is disabled
IPv6 IGP synchronization is disabled
IGP synchronization is disabled
Default information advertise is disabled
Always compare med is disabled
Fast fallover is enabled
Client-to-client reflection is enabled
Enforce-first-as is enabled
IPv4 client-number: 1
Ipv4 unicast is activated
BGP FRR is disabled
BGP IPv6 frr is disabled
Router target is filtered
Graceful restart is disabled
As-path ignore is disabled
Router-id ignore is disabled
BGP advertise-active-only is disabled
BGP VPNv4 advertise-active-only is disabled
BGP IPv4 rib-only is disabled
5-55
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
Hold time is 90 seconds, KeepAlive The hold period is 90 seconds, and the keep-alive period is
time is 30 seconds 30 seconds.
Default local preference is 100 By default, the priority of the local router is 100.
Distance : external 20 internal 200 The external administrative distance is 20, and the internal
administrative distance is 200.
The following is sample output from the show ip bgp neighbor command:
ZXR10#show ip bgp neighbor
BGP neighbor is 129.213.1.2, remote AS 65001, external link
BGP version 4, remote router ID 129.213.1.2
BGP state = Established, up for 00:04:21
hold time is 90 seconds, keepalive interval is 30 seconds
Neighbor capabilities:
Route refresh: advertised and received
Address family IPv4 Unicast: advertised and received
All received 10 messages
0 updates, 0 errs
1 opens, 0 errs
9 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 ipv4 multicast refreshs, 0 ipv6 refreshs,
0 errs
0 notifications, 0 other errs
After last established received 8 messages
0 updates, 0 errs
0 opens, 0 errs
8 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 ipv4 multicast refreshs, 0 ipv6 refreshs,
0 errs
0 notifications, 0 other errs
All sent 10 messages
0 updates, 1 opens, 9 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 ipv4 multicast refreshs, 0 ipv6 refreshs,
0 notifications
After last established sent 8 messages
0 updates, 0 opens, 8 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 ipv4 multicast refreshs, 0 ipv6 refreshs,
5-56
0 notifications
For a description of the parameters in the execution result, refer to the following table:
Parameter Description
BGP neighbor is 129.213.1.2, remote The IP address of the BGP neighbor is 129.213.1.2. The peer
AS 65001, external link router belongs to AS65001, and it uses an EBGP connection.
BGP version 4, remote router ID BGP-4 is used. The ID of the peer BGP router is 129.213.1.2.
129.213.1.2
BGP state = Established, up for The neighbor status is Established. The session has been
00:04:21 established for 4 minutes and 21 seconds.
hold time is 90 seconds, keepalive The hold period is 90 seconds, and the keepalive period is
interval is 30 seconds 30 seconds.
Neighbor capabilities: The following content describes the capability of the peer
router.
All received 10 messages Ten messages are received. The messages include one
0 updates, 0 errs open message, nine keepalive messages. A VPNV4 route
1 opens, 0 errs update message is not received. There is no IPv4 route
9 keepalives update message, Notification message, and error message.
0 vpnv4 refreshs, 0 ipv4 refreshs,
0 ipv4 multicast refreshs, 0 ipv6
refreshs, 0 errs
0 notifications, 0 other errs
5-57
Parameter Description
After last established received 8 Eight messages have been received since the neighborhood
messages is established for the last time. They are all keepalive
0 updates, 0 errs messages.
0 opens, 0 errs
8 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs,
0 ipv4 multicast refreshs, 0 ipv6
refreshs, 0 errs
0 notifications, 0 other errs
All sent 10 messages Ten messages are sent. The messages include 0 update
0 updates, 1 opens, 9 keepalives message, one open message and nine keepalive messages.
0 vpnv4 refreshs, 0 ipv4 refreshs,
0 ipv4 multicast refreshs, 0 ipv6
refreshs, 0 notifications
After last established sent 8 Eight messages have been sent since the neighborhood is
messages 0 updates, 0 opens, 8 established for the last time. The messages include 0 update
keepalives 0 vpnv4 refreshs, 0 ipv4 message, 0 open message and eight keepalive messages.
refreshs, 0 ipv4 multicast refreshs, 0
ipv6 refreshs, 0 notifications
All received nlri 0, unnlri 0, 0 accepted NLRI and unnlri messages are not received. The prefix of
prefixes unicast is not received.
All sent nlri 0, unnlri 0, 0 advertised NLRI and unnlri messages are not sent. A prefix of unicast
prefixes is advertised.
Connections established 1 A BGP connection with the peer is established once already.
Local host: 129.213.1.1, Local port: Local IP socket, including the local IP address and TCP port
179 number.
Foreign host: 129.213.1.2, Foreign Peer IP socket, including the peer IP address and TCP port
port: 1024 number.
The following is sample output from the show ip bgp route command:
5-58
Parameter Description
Next Hop The nexthop of the BGP route. The nexthop represented
as full zero means that the route is generated by the local
router itself.
The following is sample output from the show ip bgp summary command:
ZXR10#show ip bgp summary
Neighbor Ver As MsgRcvd MsgSend Up/Down(s) State/PfxRcd
1.1.1.1 4 2 14 13 00:06:06 6
1.1.1.3 4 1 6 9 00:02:33 2
For a description of the parameters in the execution result, refer to the following table:
5-59
Parameter Description
As AS number of a neighbor.
S1 1.1.1.2/32
S2 1.1.1.3/32
S3 1.1.1.4/32
S4 1.1.1.1/32
S5 1.1.1.5/32
5-60
Configuration Flow
1. Configure a static route.
2. Configure an IGP (OSPF).
3. Enable BGP.
4. Configure a neighbor.
5. Modify a source address.
6. Configure route aggregation.
5-61
7. Configure multi-hops.
8. Cancel synchronization.
9. Configure a route-map to filter out specified routes.
10. Modify the metric value of the route to be advertised.
Configuration Commands
Run the following commands on S1:
S1(config)#interface loopback1
S1(config-if-loopback1)#ip address 1.1.1.2 255.255.255.255
S1(config-if-loopback1)#exit
S1(config)#interface vlan1
S1(config-if-vlan1)#ip address 11.1.1.2 255.255.255.252
S1(config-if-vlan1)#exit
S1(config)#interface vlan2
S1(config-if-vlan2)#ip address 13.1.1.1 255.255.255.252
S1(config-if-vlan2)#exit
S1(config)#router bgp 1
S1(config-bgp)#no synchronization
S1(config-bgp)#redistribute connected
S1(config-bgp)#neighbor 1.1.1.1 remote-as 2
S1(config-bgp)#neighbor 1.1.1.1 activate
S1(config-bgp)#neighbor 1.1.1.1 ebgp-multihop ttl 5
S1(config-bgp)#neighbor 1.1.1.1 update-source loopback1
S1(config-bgp)#neighbor 1.1.1.3 remote-as 1
S1(config-bgp)#neighbor 1.1.1.3 activate
S1(config-bgp)#neighbor 1.1.1.3 next-hop-self
S1(config-bgp)#neighbor 1.1.1.3 update-source loopback1
S1(config-bgp)#exit
S1(config)#ip route 1.1.1.1 255.255.255.255 11.1.1.1
S1(config)#ip route 1.1.1.3 255.255.255.255 13.1.1.2
5-62
S4(config)#interface loopback1
S4(config-if-loopback1)#ip address 1.1.1.1 255.255.255.255
S4(config-if-loopback1)#exit
S4(config)#interface vlan1
S4(config-if-vlan1)#ip address 11.1.1.1 255.255.255.252
S4(config-if-vlan1)#negotiation auto
S4(config-if-vlan1)#exit
S4(config)#interface vlan2
S4(config-if-vlan2)#ip address 10.1.1.1 255.255.255.0
5-63
S4(config-if-vlan2)#exit
S4(config)#router bgp 2
S4(config-bgp)#redistribute connected
S4(config-bgp)#redistribute static
S4(config-bgp)#network 10.1.1.0 255.255.255.0
S4(config-bgp)#aggregate-address 192.168.0.0 255.255.252.0 count 0 as-set
S4(config-bgp)#neighbor 1.1.1.2 remote-as 1
S4(config-bgp)#neighbor 1.1.1.2 activate
S4(config-bgp)#neighbor 1.1.1.2 ebgp-multihop ttl 5
S4(config-bgp)#neighbor 1.1.1.2 route-map test-static out
S4(config-bgp)#neighbor 1.1.1.2 send-med
S4(config-bgp)#neighbor 1.1.1.2 update-source loopback1
S4(config-bgp)#exit
S4(config)#ip route 1.1.1.2 255.255.255.255 11.1.1.2
S4(config)#ip route 192.168.100.0 255.255.255.0 10.1.1.2
S4(config)#ip route 192.168.1.0 255.255.255.0 10.1.1.2
S4(config)#ip route 192.168.0.0 255.255.255.0 10.1.1.2
S4(config)#ip route 192.168.3.0 255.255.255.0 10.1.1.2
S4(config)#ip route 192.168.2.0 255.255.255.0 10.1.1.2
S4(config)#ipv4-access-list 1
S4(config-ipv4-acl)#rule 1 permit 192.168.0.0 0.0.3.255
S4(config-ipv4-acl)#rule 2 permit 10.1.1.0 0.0.0.255
S4(config-ipv4-acl)#exit
S4(config)#route-map test-static permit 10
S4(config-route-map)#match ip address 1
S4(config-route-map)#set ip metric 33
S4(config-route-map)#exit
5-64
Configuration Verification
Run the following command to check the BGP routing table and route forwarding table on
S1.
S1#show ip bgp route
Status codes: *-valid, >-best, i-internal,s-stale
Origin codes: i-IGP, e-EGP, ?-incomplete
Network Next Hop Metric LocPrf RtPrf Path
*>1.1.1.2/32 1.1.1.2 0 ?
*>10.1.1.0/24 1.1.1.1 33 20 2 i
*>11.1.1.0/30 11.1.1.2 0 ?
*>i 12.1.1.0/30 1.1.1.3 100 200 ?
*>13.1.1.0/30 13.1.1.1 0 ?
*i 13.1.1.0/30 1.1.1.3 100 200 ?
*>i 14.1.1.0/30 1.1.1.3 0 100 200 3 ?
*>i 20.1.1.0/24 1.1.1.3 122 100 200 3 ?
*>192.168.0.0/22 1.1.1.1 33 20 2 i
*>192.168.0.0/24 1.1.1.1 33 20 2 ?
*>192.168.1.0/24 1.1.1.1 33 20 2 ?
*>192.168.2.0/24 1.1.1.1 33 20 2 ?
*>192.168.3.0/24 1.1.1.1 33 20 2 ?
Run the following command to check the BGP routing table and route forwarding table on
S2.
5-65
Run the following command to check the BGP routing table and route forwarding table on
S3.
5-66
*>1.1.1.4/32 1.1.1.4 0 ?
*>10.1.1.0/24 1.1.1.3 20 1 2 i
*>11.1.1.0/30 1.1.1.3 20 1 ?
*>12.1.1.0/30 12.1.1.1 0 ?
*12.1.1.0/30 1.1.1.3 20 1 ?
*>13.1.1.0/30 1.1.1.3 20 1 ?
*>14.1.1.0/30 14.1.1.1 0 ?
*>20.1.1.0/24 14.1.1.2 122 110 ?
*>192.168.0.0/22 1.1.1.3 20 1 2 ?
*>192.168.0.0/24 1.1.1.3 20 1 2 ?
*>192.168.1.0/24 1.1.1.3 20 1 2 ?
*>192.168.2.0/24 1.1.1.3 20 1 2 ?
*>192.168.3.0/24 1.1.1.3 20 1 2 ?
Run the following command to check the BGP routing table and route forwarding table on
S4.
5-67
*>1.1.1.2/32 11.1.1.2 1 ?
*>10.1.1.0/24 10.1.1.1 0 i
*>11.1.1.0/30 11.1.1.1 0 ?
*11.1.1.0/30 1.1.1.2 20 1 ?
*>12.1.1.0/30 1.1.1.2 20 1 ?
*>13.1.1.0/30 1.1.1.2 20 1 ?
*>14.1.1.0/30 1.1.1.2 20 1 3 ?
*>20.1.1.0/24 1.1.1.2 20 1 3 ?
*>192.168.0.0/22 0.0.0.0 254 i
*>192.168.0.0/24 10.1.1.2 1 ?
*>192.168.1.0/24 10.1.1.2 1 ?
*>192.168.2.0/24 10.1.1.2 1 ?
*>192.168.3.0/24 10.1.1.2 1 ?
*>192.168.100.0/24 10.1.1.2 1 ?
Run the following command to test network connectivity between S4 and S5.
S4#ping 20.1.1.1
sending 5,100-byte ICMP echos to 20.1.1.1,timeout is 2 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 0/4/20 ms.
S4#trace 20.1.1.1
tracing the route to 20.1.1.1
1 11.1.1.2 20 ms <20ms <20ms
2 13.1.1.2 <20ms <20ms <20ms
3 12.1.1.1 <20ms <20ms <20ms
4 14.1.1.2 <20ms <20ms <20ms
5-68
[finished]
S5#ping 10.1.1.2
sending 5,100-byte ICMP echos to 10.1.1.2,timeout is 2 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 0/0/0 ms.
S5#trace 10.1.1.2
tracing the route to 10.1.1.2
1 14.1.1.1 <20ms <20ms <20ms
2 12.1.1.2 <20ms <20ms <20ms
3 13.1.1.1 <20ms <20ms <20ms
4 11.1.1.1 <20ms <20ms <20ms
5 * * *
[finished]
Run the following command to test network connectivity on a PC (IP address is 10.1.1.2
255.255.255.0).
C:\Documents and Settings\Administrator>ping 20.1.1.1
Pinging 20.1.1.1 with 32 bytes of data:
Reply from 20.1.1.1: bytes=32 time=1ms TTL=251
Reply from 20.1.1.1: bytes=32 time=1ms TTL=251
Reply from 20.1.1.1: bytes=32 time=1ms TTL=251
Reply from 20.1.1.1: bytes=32 time=1ms TTL=251
Ping statistics for 20.1.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
The test results above show that AS2 can communicate with AS3 normally.
5-69
Configuration Commands
Run the following commands on S1:
S1(config)#router bgp 1
S1(config-bgp)#no synchronization
S1(config-bgp)#neighbor 172.16.1.2 remote-as 1
S1(config-bgp)#neighbor 172.16.1.2 next-hop-self
S1(config-bgp)#neighbor 172.16.20.1 remote-as 2
5-70
S4(config-bgp)#exit
Configuration Verification
Run the show ip bgp summary command to check the neighborhood on S4.
S4(config)#show ip bgp summary
Neighbor Ver As MsgRcvd MsgSend Up/Down(s) State/PfxRcd
172.16.20.2 4 1 46 140 00:22:35 0
Run the show ip bgp route command to check the BGP routing table on S4.
Run the show ip bgp summary command to check the neighborhood on S1.
5-71
Run the following command to check the BGP routing table on S1:
S1(config)#show ip bgp route
Status codes: *-valid, >-best, i-internal, s-stale
Origin codes: i-IGP, e-EGP, ?-incomplete
Network NextHop Metric LocPrf RtPrf Path
*> 192.16.0.0/16 172.16.20.1 20 i 2
Run the show ip bgp summary command to check the neighborhood on S2.
S2(config)#show ip bgp summary
Neighbor Ver As MsgRcvd MsgSend Up/Down(s) State/PfxRcd
183.16.20.2 4 3 46 140 00:22:35 0
172.16.1.1 4 1 46 140 00:22:35 1
Run the following command to check the BGP routing table on S2:
S2(config)#show ip bgp route
Status codes: *-valid, >-best, i-internal, s-stale
Origin codes: i-IGP, e-EGP, ?-incomplete
Network Next Hop Metric LocPrf RtPrf Path
*>i 192.16.0.0/16 172.16.1.1 20 i 2
Run the show ip bgp summay command to check the neighborhood on S5.
Run the following command to check the BGP routing table on S5:
S5(config)#show ip bgp route
Status codes: *-valid, >-best, i-internal, s-stale
Origin codes: i-IGP, e-EGP, ?-incomplete
Network Next Hop Metric LocPrf RtPrf Path
*> 192.16.0.0/16 173.16.20.2 20 i 1 2
5-72
Configuration Flow
1. Establish EBGP neighbor relations among S1, S2, and S3. Set the priority of the route
learnt from S2 on S1 to 200.
2. Enable the BGP FRR function on S1.
Configuration Commands
Establish EBGP neighbor relations among S1, S2, and S3, and enable the FRR function
on S1. In the example, the priority of the route learnt from S2 on S1 is set to 200. The
optimal routing path for 1.1.1.150/32 advertised by S3 is S1→S2→S3.
Run the following commands on S1:
S1(config)#router bgp 1
S1(config-bgp)#neighbor 172.16.1.2 remote-as 2
S1(config-bgp)#neighbor 171.16.20.2 remote-as 3
5-73
Configuration Verification
Run the show ip forwarding backup route command to check whether the configuration
can enable the FRR function:
Run the following command to check whether the BGP FRR function is enabled on S1:
S1#show ip forwarding backup route
IPv4 Backup Routing Table:
Dest Gw Interface Owner Pri Metric M/S Status
1.1.1.150/32 172.16.1.2 gei-0/1/1/1 BGP 20 0 M I
1.1.1.150/32 171.16.20.2 gei-0/1/1/2 BGP 20 0 S U
Configuration Flow
1. Establish IBGP neighbor relations among S1, S2, and S3.
2. Configure S2 as the RR, and set S1 and S3 as clients of S2.
3. Redistribute a route on S1 and advertise it to S2.
4. S2 reflects this route to S3.
Configuration Commands
Run the following commands on S1 (the configuration of the interface address is omitted):
S1(config)#router bgp 100
S1(config-bgp)#neighbor 1.1.1.2 remote-as 100
S1(config-bgp)#redistribute connected /*Redistribute a directly connected route
for ease of verifying a route*/
S1(config-bgp)#exit
Run the following commands on S2 (the configuration of the interface address is omitted):
S2(config)#router bgp 100
S2(config-bgp)#neighbor 1.1.1.1 remote-as 100
S2(config-bgp)#neighbor 2.1.1.2 remote-as 100
S2(config-bgp)#neighbor 1.1.1.1 route-reflector-client
5-74
Run the following commands on S3 (the configuration of the interface address is omitted):
S3(config)#router bgp 100
S3(config-bgp)#neighbor 2.1.1.1 remote-as 100
S3(config-bgp)#exit
Configuration Verification
S1(config-bgp)#show ip bgp route
Status codes: *-valid, >-best, i-internal, s-stale
Origin codes: i-IGP, e-EGP, ?-incomplete
5-75
Configuration Flow
1. Establish BGP relations between S1 and S3, and between S2 and S3.
2. Check active and standby routers status when S1 and S2 operate as VRRPs.
3. Configure a track samgr object in BGP mode.
Note:
For how to establish BGP neighbor relations between S1 and S3, and between S2 and
S3, refer to the BGP Configuration Example.
For how to check active and standby routers status when S1 and S2 operate as
VRRPs, refer to the VRRP Confguration section in the ZXR10 8900E (V3.01.01)
Series Core Switch Configuration Guide Configuration Guide (Reliability).
Configuration Commands
Run the following commands on S1
S1(config)#interface gei-0/1/1/1
S1(config-if-gei-0/1/1/1)#no shutdown
S1(config-if-gei-0/1/1/1)#ip address 13.13.13.1 255.255.255.0
5-76
S1(config-vrrp-if-gei-0/1/1/1)#exit
S1(config-vrrp)#exit
Configuration Verification
If S1 operates as the active router, traffic is forwarded from S1 to S3. If S1 is disconnected,
the traffic is forwarded from S2 to S3.
5-77
routes are limited, you can use the default configuration. If S1 or S2 is restarted, packets
forwarding is not interrupted.
Configuration Flow
1. Establish a BGP neighbor relation between S1 and S2.
2. Enable the graceful restart function on S1 and S2 respectively.
Configuration Commands
Run the following commands on S1:
S1(config)#interface loopback1
S1(config-if-loopback1)#ip address 172.20.96.1 255.255.255.255
S1(config-if-loopback1)#exit
S1(config)#interface gei-0/1/1/1
S1(config-if-gei-0/1/1/1)#ip address 25.60.61.60 255.255.255.252
S1(config-if-gei-0/1/1/1)#exit
S1(config)#router bgp 18004
S1(config-bgp)#neighbor 172.20.96.2 remote-as 18004
S1(config-bgp)#neighbor 172.20.96.2 update-source loopback1
S1(config-bgp)#bgp graceful-restart
Configuration Verification
If traffic can be forwarded properly after the active/standby switchover operation, the
configuration is performed correctly.
5-78
II
DR
- Designated Router
EBGP
- External Border Gateway Protocol
IBGP
- Interior Border Gateway Protocol
IGP
- Interior Gateway Protocol
IP
- Intelligent Peripheral
IS-IS
- Intermediate System-to-Intermediate System
ISO
- International Organization for Standardization
LSA
- Link State Advertisement
LSDB
- Link-state Database
III
LSP
- Link State Packet
LSU
- Link State Update
MAC
- Media Access Control
MED
- MULTI_EXIT_DISC
MP-BGP
- Multiprotocol BGP
NBMA
- Non-Broadcast Multiple Access
NSAP
- Network Service Access Point
NSSA
- Not-So-Stubby Area
OSI
- Open System Interconnection
OSPF
- Open Shortest Path First
PDU
- Protocol Data Unit
PE
- Provider Edge
RFC
- Remote Feature Control
RIP
- Routing Information Protocol
RR
- Router Reflector
SNP
- Sequence Num PDU
SPF
- Shortest Path First
TCP
- Transmission Control Protocol
TLV
- Type/Length/Value
IV
UDP
- User Datagram Protocol
VLSM
- Variable Length Subnet Mask
VPN
- Virtual Private Network
VRF
- Virtual Route Forwarding
VRRP
- Virtual Router Redundancy Protocol