Zxr10 5900e Series

ZXR10 5900E Series
Easy-Maintenance MPLS Routing Switch

Configuration Guide (IPv4 Routing)
Version: 3.00.11
ZTE CORPORATION
No. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://support.zte.com.cn
E-mail: support@zte.com.cn
LEGAL INFORMATION
Copyright © 2014 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.
All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.
This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.
ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.
ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.
Users may visit the ZTE technical support website http://support.zte.com.cn to inquire for related information.
The ultimate right to interpret this product resides in ZTE CORPORATION.
Revision History
Revision No. Revision Date Revision Reason
R1.0 2015–01–15 First edition
Serial Number: SJ-20150114102049-003
Publishing Date: 2015-01-15 (R1.0)
SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

Contents
About This Manual ......................................................................................... I
Chapter 1 Static Route Configuration ...................................................... 1-1
1.1 Static Route Overview ........................................................................................ 1-1
1.2 Configuring a Static Route .................................................................................. 1-2
1.3 Maintaining Static Route ..................................................................................... 1-4
1.4 Static Route Configuration Examples................................................................... 1-6
1.4.1 Basic Static Route Configuration Example ................................................. 1-6
1.4.2 Static Route Summary Configuration Example ........................................... 1-8
1.4.3 Default Route Configuration Example ........................................................ 1-9
Chapter 2 RIP Configuration ..................................................................... 2-1

2.1 RIP Overview..................................................................................................... 2-1
2.2 Configuring RIP ................................................................................................. 2-3
2.3 RIP Maintenance................................................................................................ 2-8
2.4 RIP Configuration Example ............................................................................... 2-13
Chapter 3 OSPF Configuration.................................................................. 3-1

3.1 OSPF Overview ................................................................................................. 3-1
3.2 Configuring the OSPF Protocol ........................................................................... 3-8
3.3 Maintaining the OSPF Protocol ......................................................................... 3-38
3.4 OSPF Configuration Examples.......................................................................... 3-45
3.4.1 OSPF Configuration Example One .......................................................... 3-45
3.4.2 OSPF Configuration Example Two .......................................................... 3-47
3.4.3 OSPF Multi-Instance Configuration Example............................................ 3-49
Chapter 4 IS-IS Configuration ................................................................... 4-1

4.1 IS-IS Overview ................................................................................................... 4-1
4.2 Configuring the IS-IS Protocol ............................................................................4-11
4.3 Maintaining the IS-IS Protocol ........................................................................... 4-23
4.4 IS-IS Configuration Examples ........................................................................... 4-28
4.4.1 Single Area IS-IS Configuration Example ................................................. 4-28
4.4.2 Multiple Area IS-IS Configuration Example............................................... 4-32
4.4.3 IS-IS Multi-Instance Configuration Example ............................................. 4-38
Chapter 5 BGP Configuration.................................................................... 5-1

5.1 BGP Overview ................................................................................................... 5-1
5.2 Configuring BGP ................................................................................................ 5-4

5.3 Maintaining BGP .............................................................................................. 5-55
5.4 BGP Configuration Examples............................................................................ 5-60
5.4.1 BGP Configuration Example One ............................................................ 5-60
5.4.2 BGP Configuration Example Two ............................................................ 5-69
5.4.3 BGP FRR Configuration Example............................................................ 5-72
5.4.4 BGP Route Reflector Configuration Example ........................................... 5-74
5.4.5 BGP and VRRP Linkage Configuration Example ...................................... 5-75
5.4.6 BGP Graceful Restart Configuration Example .......................................... 5-77
Figures............................................................................................................. I
Glossary ........................................................................................................ III
II

About This Manual
Purpose
This manual is the ZXR10 5900E Series (V3.00.11) Easy-Maintenance MPLS Routing
Switch Configuration Guide (IPv4 Routing), which is applicable to the ZXR10 5900E
(V3.00.11) series switches.
Intended Audience
This manual is intended for:
l Network planning engineers
l Commissioning engineers
l On-duty personnel
What Is in This Manual

This manual contains the following chapters:
Chapter 1, Static Route Configuration Describes how to configure static route on the
ZXR10 5900E.
Chapter 2, RIP Configuration Describes how to configure Routing Information

Protocol (RIP) on the ZXR10 5900E.
Chapter 3, OSPF Configuration Describes how to configure Open Shortest Path

First (OSPF) on the ZXR10 5900E.
Chapter 4, IS-IS Configuration Describes how to configure IS-IS on the ZXR10

5900E.
Chapter 5, BGP Configuration Describes how to configure Border Gateway

Protocol (BGP) on the ZXR10 5900E.
Conventions
This manual uses the following typographical conventions:
Italics Variables in commands. It may also refer to other related manuals and documents.
Bold Menus, menu options, function names, input fields, option button names, check boxes,
drop-down lists, dialog box names, window names, parameters, and commands.
Constant Text that you type, program codes, filenames, directory names, and function names.
width
[] Optional parameters.
{} Mandatory parameters.
| Separates individual parameters in a series of parameters.

Danger: indicates an imminently hazardous situation. Failure to comply can result in
death or serious injury, equipment damage, or site breakdown.
Warning: indicates a potentially hazardous situation. Failure to comply can result in

serious injury, equipment damage, or interruption of major services.
Caution: indicates a potentially hazardous situation. Failure to comply can result in

moderate injury, equipment damage, or interruption of minor services.
Note: provides additional information about a certain topic.
II

Chapter 1
Static Route Configuration
Table of Contents
Static Route Overview ................................................................................................1-1
Configuring a Static Route..........................................................................................1-2
Maintaining Static Route.............................................................................................1-4
Static Route Configuration Examples .........................................................................1-6
1.1 Static Route Overview

Static route is the routing information that is designated by network administrator to the
routing table by means of commands. Unlike a dynamic route, it does not set up routing
table according to routing algorithm. In dynamic route configuration, routing information
of the entire Internet must be sent to a router. The router is hard to hold the load. In this
time, static routes can be used to solve the problem. Sometimes, use static route with
less configuration to avoid using dynamic route. However, in a routing environment where
there are multiple routers and paths, it is very complicated to configure static routes.
To generate a static unicast routing table, network administrator has to be familiar with the
network topology and configure it according to the actual routing requirements. In this way,
the routing action can be controlled accurately in network. The static routing table needs
to be reconfigured in time if the network topology is changed.
Static route is different from other dynamic routing protocol. Static route configuration
does not require that configure the related protocol data on interfaces. It only needs to
check the validity of static route parameters configured by users, but whether static route
configuration takes effect is still decided by the state changing of the corresponding egress
interface.
The following content is a routing table of ZXR10 5900E. Here, the administrator distance
of static route is 1.
ZXR10#show ip protocol routing

Protocol routes:
status codes:*valid, >best, i-internal, s-stale
Dest NextHop RoutePrf RouteMetric Protocol
*> 0.0.0.0/0 0.0.0.0 254 8 special
*> 2.2.2.2/32 2.2.2.2 0 0 connected
*> 120.2.2.0/24 120.2.2.2 1 0 static
*> 120.2.2.2/32 120.2.2.2 0 0 connected
*> 255.255.255.255/32 0.0.0.0 254 0 special
1-1

ZXR10 5900E Series Configuration Guide (IPv4 Routing)
1.2 Configuring a Static Route

Next hop addresses must be specified for all routing items. When a packet is sent, the
system queries the matched route in the routing table according to the destination address.
If the next hop address is not specified, the link layer cannot find the corresponding address
on the link layer, and the packet cannot be forwarded.
Configuring Direct Static Route

To configure direct static route on ZXR10 5900E, use the following command.
Command Function
ZXR10(config)#ip route [vrf <vrf-name>]<prefix><net-mask This configures direct static route.

>{<next hop address>|<interface-name><next hop address>}[<
distance-metric>]
Descriptions of the parameters used by command are shown below.
Parameter Description
<vrf-name> It is used to configure static route of the designated Virtual

Route Forwarding Table (VRF).
The length of VRF name ranges from 1 to 32 characters.
Management port (mng) is a special VRF.
<prefix> Network Internet Protocol (IP) prefix, in dotted decimal

notation
<net-mask> Network Mask, in dotted decimal notation
<next hop address> IP address of the next hop, in dotted decimal notation
<interface-name> Name of the used interface
<distance-metric> Management distance, ranging from 1 to 255
Configuring Indirect Static Route

To configure indirect static on ZXR10 5900E, use the following command.
Command Function
ZXR10(config)#ip route [vrf <vrf-name>]<prefix><net-mask>{<n This configures indirect static

ext hop address>[global]}[<distance-metric>][metric <metric>] route.
Judge whether the route is an
indirect static route according to IP
address of the next hop.
1-2

Chapter 1 Static Route Configuration
<vrf-name> It is used to configure static route of the designated VRF.

The length of VRF name ranges from 1 to 32 characters.
<prefix> Network IP Prefix of destination address, in dotted decimal

notation
<net-mask> Network mask of destination address, in dotted decimal

notation
<next hop address> IP address of the next hop, in dotted decimal notation
[global] Private network route can configure the next hop of public
network, only when the next hop of private network is
configured, it can be configured.
<interface-name> Name of the used interface
[metric <metric>] Metric value of route, range: 0-255, the default value is 0
<distance-metric> Management distance, ranging from 1 to 255
Configuration Example
Figure 1-1 Indirect Static Route Next Hop Configuration Example
As show in Figure 1-1, S2 advertises 20.20.20.0/24 to S1. The static route to 30.2.0.0/16
can be configured on S1, the next hop is 20.20.20.2.
The configuration of static route on S1:

S1(config)#ip route 30.2.0.0 255.255.0.0 20.20.20.2
View route table on S1:
ZXR10(config)#show ip protocol routing

Protocol routes:
status codes: *valid, >best, i-internal, s-stale

*> 10.10.10.0/24 10.10.10.1 0 0 connected
* 10.10.10.0/24 10.10.10.0 110 1 ospf
*> 10.10.10.1/32 10.10.10.1 0 0 connected
*> 20.20.20.0/24 10.10.10.2 110 2 ospf
*> 30.2.0.0/16 10.10.10.2 1 0 static
1-3

View forwarding table on S1:

ZXR10(config)#show ip forwarding route
IPv4 Routing Table:
Dest Gw Interface Owner Pri Metric
10.10.10.0/24 10.10.10.1 vlan1 direct 0 0
10.10.10.1/32 10.10.10.1 vlan1 address 0 0
20.20.20.0/24 10.10.10.2 vlan1 ospf 110 2
30.2.0.0/16 10.10.10.2 vlan1 static 1 0
224.0.0.0/4 224.0.0.0 NULL multicast 0 0
224.0.0.0/24 224.0.0.0 NULL multicast 0 0
255.255.255.255/32 255.255.255.255 NULL broadcast 254 0
Configuring FRR function of static routes.

To configure FRR function of static route on ZXR10 5900E, use the following command.
Command Function
ZXR10(config)#ip route-static [vrf <vrf-name>] fast-reroute [wtr This enables the FRR function of
<time-interval>] static routes.
The generation conditions for
the primary and standby routes
of static routes are: the same
destination address route with
different outgoing interfaces,
different administrative distances
or metric values.
<vrf-name> VRF name, range: 1–32 characters.
fast-reroute Enables the FRR function of static routes.
<time-interval> Interval of WTR, range: 0–12, default: 0.
1.3 Maintaining Static Route

To maintain static route on ZXR10 5900E, use the following command.
Command Function
ZXR10#show ip protocol routing [vrf <vrf_name>] This shows routing table of the
router. Vrf_name is the name of
vrf.
1-4

Command Function
ZXR10#show ip forwarding route [vrf <vrf_name>] This shows forwarding table of the
router. Vrf_name is the name of
vrf.
Use show ip protocol routing command to show global routing table of the router. Inspect
whether the configured static route exists in routing table. This command is often used for
routing protocol diagnose and maintenance.
This shows what will be displayed after show ip protocol routing is used.
ZXR10(config)#show ip protocol routing
Protocol routes:

*> 10.10.10.0/24 10.10.10.1 0 0 connected
* 10.10.10.0/24 10.10.10.0 110 1 ospf
*> 10.10.10.1/32 10.10.10.1 0 0 connected
*> 20.20.20.0/24 10.10.10.2 110 2 ospf
*> 30.2.0.0/16 10.10.10.2 1 0 static
Descriptions of command output are shown below.
Show Command Outout Description
Dest Destination IP address
NextHop IP address of next hop
RouteRrf Management distance metric
RouteMetric Route metric
Protocol Name of the corresponding routing protocol
Use show ip forwarding route command to show forwarding table of router for inspecting
whether there is static route in forwarding table.
This shows what will be displayed after show ip forwarding route is used.
ZXR10(config)#show ip forwarding route
Status codes: *valid, >best, M: Master, S: Slave;
IPv4 Routing Table:
10.10.10.0/24 10.10.10.1 vlan1 STAT 0 0
10.10.10.1/32 10.10.10.1 vlan1 ADDR 0 0
20.20.20.0/24 10.10.10.2 vlan1 ADDR 110 2
30.2.0.0/16 10.10.10.2 vlan1 DIRECT 1 0
224.0.0.0/4 224.0.0.0 NULL RIP 0 0
224.0.0.0/24 224.0.0.0 NULL DIRECT 0 0
1-5

255.255.255.255/32 255.255.255.255 NULL B 254 0
Show Command Outout Description
Dest Destination IP address
Gw Gateway
Interface Outgoing interface
Owner Route type
Pri Route priority
Metric Route metric
1.4 Static Route Configuration Examples

1.4.1 Basic Static Route Configuration Example
Configuration Description
As shown in Figure 1-2, if S1 wants to send packets to the remote network 140.1.1.0/24,
it needs to send the packets to S2 (10.6.1.18) first. S1 and S2 are directly connected.
You need to add a static route whose destination network segment is 140.1.1.0 and the
next hop is 10.6.1.18 on S1. In addition, you need to add a static route whose destination
network segment is 140.1.1.0/24 and the next hop is 10.9.1.39 on S2.
Figure 1-2 Static Route Configuration Example
Configuration Process
There are three methods to configure static routes on S1.
l This configures IP address of the next hop.
S1(config)#ip route 140.1.1.0 255.255.255.0 10.6.1.18
l This configures the local egress interface and the direct next hop.
S1(config)#ip route 140.1.1.0 255.255.255.0 vlan1 10.6.1.18
Configuration on S2:
S2(config)#ip route 140.1.1.0 255.255.255.0 10.9.1.39
1-6

Configuration Check
Use show command to validate configuration.
Validate configuration on S1:
S1(config)#show ip protocol routing network 140.1.1.0
Protocol routes:

*> 140.1.1.0/24 10.6.1.18 1 0 static

Protocol routes:

*> 140.1.1.0/24 10.9.1.39 1 0 static
If there are multiple paths to the same destination, a router can be configured with multiple
static routes with different administrative distances. However, routing table only displays
information about route with minimum distance because when router is informed of multiple
competition sources to a network, route with minimum administrative distance takes the
precedence.
Parameter <distance-metric> in static route configuration command about IP route can be
used to change administrative distance value of a static route. Supposing there are two
different routes from S1 to network section 140.1.1.0/24, the configuration is as follows:
S1(config)#ip route 140.1.1.0 255.255.255.0 10.6.1.18
S1(config)#ip route 140.1.1.0 255.255.255.0 10.6.1.1 20
Above commands are used to configure two different static routes arriving to the same
network segment. The first command does not configure administrative distance, so
default value “1” is used. The second command configures administrative distance of 20.
Since administrative distance of the first route is less than that of the second route, only
information about first route appears in routing table. That is, the switch sends packets to
destination network segment 140.1.1.0/24 through next-hop address 10.6.1.18 only. The
second route appears in routing table only when the first route fails and disappears from
the routing table. The two static routes can not have the same tag value, which go to the
same destination network but their next-hop is different.
Use show command to view on S1:
Protocol routes:
1-7

*> 140.1.1.0/24 10.6.1.18 1 0 static

* 140.1.1.0/24 10.6.1.1 20 0 static
1.4.2 Static Route Summary Configuration Example

A summary static route is a special kind of static routes, which can summarize two or
more special route expressions into one expression. In this way, entries of routing table is
reduced but all of original links is reserved.
As shown in Figure 1-3, S2 connects to two network segments 10.9.1.0/24 and 10.3.1.0/24.
If S1 wants to access these two network segments, it needs to have two static routes.
When there are lots of routes in routing table, people can use summary static route to
optimize S1's routing table.
Figure 1-3 Static Route Summary Configuration Example
Configuration Thought
Configure a static route whose destination address is 10.0.0.0 on S1. All the packets
transmitted to destination network segment 10.0.0.0/8 pass through 10.6.1.18. That is
to say, all the packets which destination address is 10.0.0.0/8 (sub networks 10.3.1.0/24
and 10.9.1.0/24) are sent to 10.6.1.18. In this way, multiple static routes with the same
destination can be summarized to a static route, which can optimize routing table.
S1(config)#ip route 10.0.0.0 255.0.0.0.0 10.6.1.18
Configuration Check
Use show command to view on S1:
S1(config)#show ip protocol routing

Protocol routes:
1-8

*> 10.9.1.0/24 10.6.1.18 1 0 static

*> 10.3.1.0/24 10.6.1.18 1 0 static
1.4.3 Default Route Configuration Example

Default route is also a kind of special static routes. When all routes are failed in routing
table, default route is adopted to make packet has a final destination. In this way, the
processing burden of router can be reduced a lot.
When a router cannot route a packet, the packet has to be dropped. However, this is not
hoped that packet is dropped in an "unknown" destination. To support complete connection
of router, this must have a route connected to a network. If router wants to keep complete
connection and meanwhile does not need to record each independent route, default route
can be used. By use of default route, an independent route can be designated to indicate
all other routes.
As shown in Figure 1-4, since there is no route pointing to Internet on S1, S1 needs to use
default route that send packets to S2 for processing.
Figure 1-4 Default Route Configuration Example
Default route configuration is completely the same as static route configuration and only
difference is that the network part and subnet mask part are all 0.0.0.0.
S1(config)#ip route 0.0.0.0 0.0.0.0 10.6.1.18
Configuration Check
Use show to view S1 routing table.
S1#show ip protocol routing
Protocol routes:
1-9


*> 0.0.0.0/0 10.6.1.18 1 0 static
Here, if the next hop is configured as null interface, the route is black hole route.
S1(config)#ip route 0.0.0.0 0.0.0.0 null1
View S1 routing table by show command:

S1#show ip protocol routing
Protocol routes:

*> 0.0.0.0/0 0.0.0.0 1 0 static
Default route is not always a static route. It also can be routes of other protocols, such
as Border Gateway Protocol (BGP), Routing Information Protocol (RIP) and so on. When
default route is used in routing protocol configuration, default route varies with routing
protocols.
If default route is configured on a router where RIP runs, the RIP will advertise the default
route to its neighbor, and even route redistribution is not needed in RIP domain.
For BGP protocol, a router where the BGP runs will not inject the default route into its
neighbor automatically. For BGP to send the default route to BGP domain, the command
default-information-originate has to be used first, and then redistribute default route.
1-10

Chapter 2
RIP Configuration
Table of Contents
RIP Overview .............................................................................................................2-1
Configuring RIP .........................................................................................................2-3
RIP Maintenance........................................................................................................2-8
RIP Configuration Example ......................................................................................2-13
2.1 RIP Overview

Introduction to RIP
RIP is relatively old but still commonly used interior gateway protocol created for use in
small and homogeneous networks. This is a classical distance-vector routing protocol.
RIPv1 is documented in Request For Comments (RFC) 1058. RIPv2 is documented in
RFC1723. ZXR10 5900E supports RIPv1 and RIPv2 completely. RIPv2 is used by default.
Compared to RIPv1, RIPv2 has the following advantages.
l Route updating with sub network mask
l Authentication for route updating
l Updating multicast routing
The following topics mainly introduce RIPv2. RIP refers RIPv2 unless special explain.
l RIP Route Metric and Administrative Distance
RIP uses User Datagram Protocol (UDP) packet (port number 520) to exchange RIP
routing information. The routing information containing in RIP packet includes the
number of routers that a route passes through, that is, hop count, according to which,
router determines the route to the destination network.
RFC stipulates that the maximum hop count must be less than 16, so RIP is only
applicable to small-sized network. Hop count of 16 indicates infinite distance,
representing unreachable route, which is one way for RIP to identify and prevent the
routing loop.
Only hop count is taken as the metric for RIP routing; bandwidth, delay and other
variable factors are not considered. RIP always takes paths with the least hop count
as the optimized path, which results that the selected path is not the best one.
Default Administrative Distance (AD) value of RIP is 120. As for AD, the lower the
value, the higher the reliability of routing source. Compared to other routing protocols,
RIP is not quite reliable.
l RIP Timers
2-1

RIP provides the following four types of timers:

à Update timer
Switch running RIP transmits route update message at a certain interval (30s by
default), which reflects all the routing information of the switch. This process is
called routing information advertisement.
à Invalid timer
Invalid timer: When a switch fails to receive update information from another
switch in a certain time period (180s by default), it marks the routes provided by
the switch to be "unavailable".
à Holddown timer
After learning that routes are unavailable, the switch will enter hold-down state.
If switch receives route update packet within the default 180 seconds or if switch
fails to receive route update packet after 180 seconds, the holddown timer will
stop timing.
à Flush Timer
When it is not updated in the succeeding period of time (240 s by default), the
switch clears the route completely from the routing table.
l RIP Route Update
RIP protocol employs trigger update to speed up the spread of routing changes in the
RIP routing domain. When a RIP router detects that an interface is working or has
stopped working, a neighbor node is down or a new subnet or neighbor node joins
in, it will transmit a trigger update. The trigger update packet only contains changed
route.
RIP protocol uses poison reverse to speed up protocol convergence. The poison
reverse sets the metric of the unreachable network prefixes to be 16 (meaning
unreachable). After receiving route update packet of the metric, the switch will
discard the route instead of waiting for the aging time.
RIP uses split horizon to prevent loop and reduce the size of route update packet. Split
horizon means that if an interface receives a route update packet, it will not transmit
this update packet from itself to others.
RIP Working Principle

RIP defines two kinds of message types, request and response messages. Request
message is used to send a update to neighbor switch, and response message is used
to transmit route update.
1. At the start, RIP broadcasts or multicast packets which contain request message from
every RIP interface.
2. Later, RIP enters a loop state, it always monitors the RIP request or response
messages from other switches, and the neighbor switches which accept the request
will reply response messages containing their routing tables.
2-2

Chapter 2 RIP Configuration
3. When the switch which sends request receives the response message, it will process
the route update message information containing in response message.
l For an new route entry, the router adds the new route and IP address of the ad-
vertised router to its routing table.
l For an existent RIP route, the router replaces the original route entry only when
the new route has less hop count.
2.2 Configuring RIP

RIP configuration includes the following contents, basic configuration, enhanced
configuration and version configuration.
Configuring RIP Basic Functions

To configure RIP basic function on ZXR10 5900E, perform the following steps.
1. Enabling RIP
Step Command Function
1 ZXR10(config)#router rip This enables RIP routing

process and enters RIP
configuration mode.
2 ZXR10(config-rip)#network < ip-address>< This designates a network

wildcard-mask> segment for RIP routing.
In case that the IP address
of the interface belongs
to the designated network
segment, RIP is enabled on
this interface.
2. Adjusting RIP timer
1 ZXR10(config)#router rip This enables RIP process

and enters RIP configuration
mode.
2 ZXR10(config-rip)#timers basic <update><invalid><hol This adjusts RIP network

ddown>< flush> timer.
3 ZXR10(config-rip)#output-delay < packets>< delay> This sets the delay time for
sending RIP update packets.
Descriptions of the parameters used by step 2 are shown below.
2-3

<update> The interval for sending update, the unit is second, the
range is 1-65535, and the default value is 30 seconds.
<invalid> Period before route invalidity in seconds, 1-65535. This

value shall be at least 3 times of update, 180 seconds by
default.
When there is no route refreshing, the route is ineffective.
Here, the route is blocked, marked as inaccessible, and
advertised as unreachable, but the route can still be used
to forward message packets.
<holddown> Period for suppressing optimized route in seconds,

0-65535. This value shall be at least 3 times of update,
180 seconds by default.
When the router receives the update message and
obtains a unreachable route, it will enter the blocked
state, be marked as inaccessible, and be advertised as
unreachable, but the route can still be used to forward
packets. After passing the blocked period, it receives the
routes advertised by other routers, and the route will be
accessible again.
<flush> Period from route invalidity to route clearing in seconds,

1-65535, 240 seconds by default.
The designated time must be greater than the holddown
value. Otherwise, it cannot pass the proper block time. In
this way, the new routes will be received before the block
expires.
<packets> The number of packets, ranging from 1 to 4294967295,

and the default value is 5.
<delay> The time interval for sending the packets in a designated

number.
The unit is second, the range is 0-100, and the default
value is 100ms.
This configures optional RIP parameters related to time.
ZXR10(config)#router rip
ZXR10(config-rip)#timers basic 5 15 15 30
ZXR10(config-rip)#output-delay 500 10
2-4

The following are the configuration effects:

l The interval for sending RIP update is 5 seconds.
l The Period before route becomes invalid is 5 seconds.
l Router has 15 seconds for waiting after enters blocked state.
l There are 30 seconds for waiting from the route entry becoming invalid to clearing the
route entry.
l There are 10ms interval for sending each 500 packets.
Configuring RIP Enhanced Functions

To configure RIP enhanced function on ZXR10 5900E, perform the following steps.
1. Configuring RIP neighbor
1 ZXR10(config)#router rip This enters RIP configuration

mode.
2 ZXR10(config-rip)#neighbor <ip-address> This command applies to

non-broadcast link.
This defines neighbor router to
exchange routing information
with the router.
There are 255 neighbors can
be found and configured.
By using this command, RIP routing information can be exchanged by point-to-point

method (non-broadcast). Once the neighbor is designated, the interfaces which
belong to the same network with the router will not use broadcasting (or multicast) to
exchange RIP routing information.
2. Configuring RIP authentication
RIPv2 supports plain text and MD5 authentication modes. Password is configured
on interfaces. Network neighbors have to use the same authentication mode and
password. RIPv1 does not support authentication.
To configure RIP packet plain text authentication mode, perform the following steps.

mode.
2 ZXR10(config)#interface <interface-name> This enters interface

configuration mode.
3 ZXR10(config-if)#ip rip authentication mode text This specifies the interface to

authenticate RIP packets by
plain text mode.
2-5

4 ZXR10(config-if)#ip rip authentication key <key> This sets the key for interface
plain text authentication.
The length of key is 1-16
characters.
To configure RIP packet MD5 authentication mode, perform the following steps.

mode.

configuration mode.
3 ZXR10(config-if)#ip rip authentication mode md5 This specifies the interface to

authenticate RIP packets with
MD5 mode.
4 ZXR10(config-if)#ip rip authentication key-chain This sets to provide

<key-id><key-string> key-chain in interface MD5
authentication.
<key-id> ID of the key node in key-chain, the range is 1-255.
<key-string> Value of the key, the range is 1-16 characters.
3. Configuring split horizon and poison reverse mechanisms

mode.

configuration mode.
3 ZXR10(config-if)#ip split-horizon This enables split horizon

mechanism.
By default, it is enabled. Use
no to disable split horizon
mechanism.
2-6

4 ZXR10(config-if)#ip poison-reverse This enables poison-reverse

mechanism.
By default, it is enabled. Use
no to disable poison-reverse
mechanism.
It is suggested that users do not change the default state of split horizon unless to
ensure to advertise route correctly. If the split horizon is disabled on serial port (and
the port connects to packet switching network), then those of all the related routers
and access servers have to be disabled.
4. Configuring route redistribution
To redistribute routes from a routing domain to RIP routing domain, perform the
following steps.

mode.
2 ZXR10(config-rip)#redistribute <protocol>[process-i This redistributes routes of

d][metric <metric-value>][route-map <name>] other routing protocols to RIP.
<protocol> Source routing protocol of route redistribution, which

can be the following keyword: ospf-ext, ospf-int, static,
bgp-ext, bgp-int, connected, isis-1, isis-2, and isis-1-2
<protocol> The source protocol redistributed. It can be ospf-ext,

ospf-int, static, bgp-ext, bgp-int, connected, isis-1, isis-2
or isis-1-2.
metric <metric-value> Specifies the route metric to introduce the route. If it is not
specified, the default-metric is used. Its range is 1-16.
route-map <map-tag> The name of the route map for redistribution, 1-31
characters.
Configuring RIP Version

ZXR10 5900E supports RIPv1 and RIPv2, and it uses RIPv2 by default.
To specify RIP version for router receiving or sending packets, use the following
commands.
2-7


mode.
2 ZXR10(config-rip)#version {1|2} This configures RIPv1 or RIPv2.

The default setting is RIPv2.
To specify the RIP version of packets to be sent or received by an interface, perform the
following commands.
RIP default state specified by version command can be ignored.

mode.

configuration mode.
3 ZXR10(config-if)#ip rip receive version {1 | 2} This specifies RIP version

(RIPv1 or RIPv2) of the packets
to be received by an interface.
Use default setting if version is
not used, that is, both of RIPv1
and RIPv2 packets are received
4 ZXR10(config-if)#ip rip send version {1 | 2 {broadcast This specifies RIP version

| multicast}} (RIPv1 or RIPv2) of the packets
to be sent by an interface.
1 The interface only sends RIPv1 packets
2 The interface only sends RIPv2 packets. Here, broadcast or multicast mode can
be selected.
broadcast The interface send compatible packets to broadcast address. All of routes are natural
networks, and no supernetting route.
multicast The interface sends RIPv2 packets to multicast address. By using auto-summary,
sub network route can be sent.
2.3 RIP Maintenance

To maintain RIP on ZXR10 5900E, use the following commands.
2-8

Command Function
ZXR10(config)#show ip rip [vrf <vrf-name>] This shows the basic information

of RIP running.
ZXR10(config)#show ip rip interface [vrf <vrf-name>]<interface- This shows the current

name> configuration and state of a
RIP interface.
ZXR10(config)#show ip rip database [vrf <vrf-name>][network This shows the route entries
<ip-address>[mask <net-mask>]] generated by RIP.
ZXR10(config)#show ip rip networks [vrf <vrf-name>] This shows information of all RIP
interfaces.
Descriptions of the parameters used by commands are shown below.
vrf <vrf-name> VRF name, the length is 1-32 characters.
network <ip-address> Network IP address, in dotted decimal notation.
mask <net-mask> Network mask, in dotted decimal notation
<interface-name> Name of RIP interface
This example shows what will be displayed after show ip rip is used.
ZXR10#show ip rip
router rip
auto-summary
default-metric 1
distance 120
validate-update-source
version 2
flash-update-threshold 5
maximum-paths 1
output-delay 5 100
timers basic 30 180 180 240
network
10.0.0.0 0.255.255.255
2-9

show Command Output Description
auto-summary This shows that only the summarized routes of natural

network and suppernetting can be sent (for RIPv2).
Use no to sent all RIP routes.
Be noted that the following policy is still available even if
auto-summary is used. When a router has the RIP sub
network route of the natural network to which the IP address
of a RIP interface belongs, the RIP update packet sent by the
RIP interface to outside does not contain the route of natural
network to which its IP address belongs, but it contains the
routes of other RIP sub networks which do not belong to the
same natural network segment with RIP the interface.
default-metric This sets the default metric value for redistributing the routes
generated by other protocol to RIP routes.
Use no to restore the default value of 1.
This command can be used with redistribute command
together to make route selection protocol use the same
metric value for all redistributed routes.
Default metric helps to solve the route redistribution problem
caused by routes adopting different metric values. It can
provide a reasonable alternative method to ensure that the
redistribution can be performed successfully.
distance This defines RIP route administrative distance.

This changes the decision of global routing table to select
optimized route.
validate-update-source This enables the function that check the validity of source IP
address of the received RIP updating packet.
Use no to disable this function.
flash-update-threshold This defines RIP flash timer.

Protocol flash timer can be set according to the actual
requirements.
maximum-paths This sets the number of routes supported by load balancing.

The number of routes received by RIP protocol can be
changed according to the actual load balancing requirements.
This command shows what will be displayed after show ip rip database is used.
ZXR10(config)#show ip rip database
Routes of rip:
h : is possibly down,in holddown time
2-10

f : out holddown time before flush

Dest Metric RtPrf InstanceID Time From
*> 137.1.0.0/16 1 254 0 00:00:12 0.0.0.0
*> 137.1.1.0/24 0 0 0 00:00:00 0.0.0.0
Metric It shows the weights of the route.

Metric value is 16 that indicates the route is invalid.
RtPrf Route priority

It shows the credibility of the route.
The priority of a summary route is 254, and 255 means a
invalid route.
InstanceID Instance number, only valid for OSPF instance and IS-IS
instance
Time It shows the existing time and timer state of the route.
From It indicates where the route is learnt.

From 0.0.0.0 indicates that the route is generated by the local
router.
This example shows what will be displayed after show ip rip interface is used.
ZXR10(config-rip)#show ip rip interface vlan1
vlan1 ip address:137.1.1.2/24 rip is enabled
receive version 1 2
send version 2
split horizon is effective
poison reverse is effective
send subnet only is ineffective
notify default unset
originate default unset
neighbor restrict is ineffective
interface is nomoral
authentication type:none
2-11

send subnet only This shows that after this command is used, the interface
only sends the information of the route which belongs to the
same sub network with itself, and it blocks the information of
the route which belongs to other sub network.
It applies to such a case that the lower router sends route
information to upper router. Only the information of local sub
network needs to be advertised. In this way, the route traffic
can be reduced a lot.
notify default The route entry sent by interface contains default route.
For parameter only, that means the route entry sent by
interface only contains default route.
originate default A default route is generated on interface, and it is forced to

advertise.
For parameter only, that means the interface only sends
default route. A default route is generated on interface, and it
is forced to advertise, but the default route is not added into
the routing table of local router but it is added into the routing
table of neighbor router.
neighbor restrict Interface neighbor restrict mode

When interface neighbor restrict mode is entered but
neighbor is not configured on the interface, the neighbor
still can be found but no point-to-point packets are sent to
neighbor, and only multicast packets are sent. In this time,
the neighbor can receive the packets. After a neighbor is
configured on the interface, the neighbor which is found
before will be deleted, and no neighbor can be found. At the
same time, the interface only sends point-to-point packets
to the configured neighbor. Meanwhile, the interface can
receive packets from the configured neighbor only, the
packets from other sources are discarded.
To realize the effect described above, neighbor restrict mode
has to be configured on both of routers, and the routers need
to enable neighbor.
This example shows what will be displayed after show ip rip neighbors is used.
ZXR10#show ip rip neighbors
neighbor address interface
10.1.1.15 vlan2
neighbor address IP address identifier of RIP neighbor
2-12

interface Learn an interface from the neighbor
2.4 RIP Configuration Example

Since the realizing principle and configuration of RIP are very simple, it is mainly used to
some simple networks. As shown in Figure 2-1, RIP run on both of S1 and S2.
Figure 2-1 RIP Configuration Example Topology
1. Configure interface IP addresses.
2. Configure RIP.
3. Enable RIP configurations on interfaces.
4. Test configuration result to make sure that neighborhood is established between S1
and S2. S1 and S2 can learn the routes advertised by the peer between each other.
S1(config)#interface vlan10
S1(config-if)#ip address 192.168.1.1 255.255.255.0
S1(config-if)#exit
S1(config-if)#exit
S1(config)#router rip
S1(config-rip)#network 192.168.1.1 0.0.0.255
S1(config-rip)#exit
S2(config-if)#exit
2-13


S2(config-if)#exit
S2(config-rip)#end
Configuration Check
After the configuration is finished, the following information needs to be displayed, that
indicates the neighborhood is established between S1 and S2, and they can learn routes
between each other.
Use show running-config rip on S1 to inspect whether RIP configuration is correct.
S1(config-rip)#show running-config rip
router rip
network 192.168.1.0 0.0.0.255
network 10.1.0.0 0.0.255.255
interface vlan10
$
interface vlan20
$
!
S1(config)#show ip rip database

Routes of rip:
Dest Metric RtPrf Time From

*> 10.0.0.0/8 2 120 00:00:12 192.168.1.2
* 10.0.0.0/8 1 254 00:00:29 0.0.0.0
*> 10.1.0.0/16 0 0 00:00:00 0.0.0.0
*> 192.168.1.0/24 0 0 00:00:00 0.0.0.0
S1(config)#show ip rip neighbors

192.168.1.2 vlan10
Use show running-config rip on S2 to inspect whether RIP configuration is correct.

S2(config)#show running-config rip
router rip
network 192.168.1.0 0.0.0.255
network 10.2.0.0 0.0.255.255
interface vlan30
$
2-14

interface vlan10
$
!
S2(config)#show ip rip database

Routes of rip:
Dest Metric RtPrf Time From

*> 10.0.0.0/8 1 254 00:00:03 0.0.0.0
*> 10.2.0.0/16 0 0 00:00:00 0.0.0.0
*> 192.168.1.0/24 0 0 00:00:00 0.0.0.0
S2(config)#show ip rip neighbors

192.168.1.1 vlan10
2-15

This page intentionally left blank.
2-16

Chapter 3
OSPF Configuration
Table of Contents
OSPF Overview .........................................................................................................3-1
Configuring the OSPF Protocol ..................................................................................3-8
Maintaining the OSPF Protocol ................................................................................3-38
OSPF Configuration Examples.................................................................................3-45
3.1 OSPF Overview

Open Shortest Path First (OSPF) is one of the most popular and widely used routing
protocols. OSPF is a link state protocol, which overcomes the disadvantages of RIP and
other distance vector protocols. OSPF version 1 is defined by RFC1131. At present, OSPF
version 2 is used, which is defined in RFC2328. ZXR10 5900E supports OSPF version 2
completely.
OSPF has the following features.
l It converges fast. To ensure the synchronization of database, OSPF fast floods the
updating of link state and calculates routing table at the same time.
l It does not have route loop. Shortest Path First (SPF) algorithm is applied to guarantee
that no loops will be generated.
l It adopts route aggregation, which reduces the size of the routing table.
l It supports Variable Length Subnet Mask (VLSM) and Classless Inter-Domain Routing
(CIDR).
l It uses trigger updating mechanism to send updating message only when network
changes.
l It supports interface packet authentication to guarantee the security of routing
calculation
l It sends update packet by multicast mode.
OSPF Basic
An OSPF switch generates the routing table by setting up a link state database. The link
state databases of all OSPF switchs must be the totally same. Link state database is built
according to Link State Advertisements (LSAs) which are generated by all switchs and
spread over the whole OSPF network. There are many types of LSAs, and a complete
LSA set shows an accurate distribution diagram over the whole network.
3-1

OSPF Algorithm
OSPF uses cost as the metric. The cost is distributed to each port of a switch. A port
calculates the cost based on 100 M benchmark by default. The path cost to a particular
destination is the total cost of all links between the switch and the destination.
To generate a routing table by using LSA database, a switch runs the Dijkstra SPF
algorithm to construct the shortest path tree. switch is the root of the path tree. The
Dijkstra algorithm calculates the a path with the lowest cost to any node on the network.
switch saves the routes of the paths in the routing table.
Compared to RIP, OSPF does not simply broadcast all its routing information regularly.
An OSPF switch uses hello packets to keep the neighborhood. When a switch does not
receive any hello packets from a neighbor within a period of time (dead-interval), then it
will consider that the neighbor is not already alive.
OSPF routes are incrementally updated. switch sends the update information only when
topology changes. When the age of an LSA reaches 1800 seconds (LSA updating interval,
LSRefreshTime), switch sends an LSA updating packet.
OSPF Network Types

OSPF network type determines the forming of adjacency relationship and the setting of
interface timer. There are five network types in OSPF, and they are as follows:
l Broadcast network
l Non-Broadcast Multiple Access (NBMA) network
l Point-to-Point network
l Point-to-Multipoint network
l Virtual Links network
HELLO Packet and Timer

OSPF routers exchange HELLO packets in a certain interval, which is to keep alive state
among neighbors. By using HELLO packet, router can detect OSPF neighbor and select
the Designated Router (DR) and the Backup Designated Router (BDR). In broadcast,
point-to-multipoint and point-to-point network types, HELLO packets can be sent in
multicast mode. In NBMA network, point-to-multipoint network and virtual links, HELLO
packets are sent in unicast mode.
OSPF uses three kinds of timers relating to HELLO packets:
1. Sending interval (HELLO interval)
HELLO interval is an attribute of interface, which defines the interval that a router sends
HELLO packets by a router from each interface. The default HELLO packet sending
interval depends on the network type.
In broadcast and point-to-point networks, the default HELLO packet sending interval
is 10 seconds. In NBMA and point-to-multipoint networks, the default HELLO packet
sending interval is 30 seconds. The adjacent routers must have the same Hello interval
so as to become neighbors.
3-2

Chapter 3 OSPF Configuration
2. Router dead-interval
The router dead-interval refers to the waiting time from the router receiving the last
hello packet to the router detecting that the neighbor is offline. The default router
dead-interval is four times of HELLO packet sending interval, which is applicable to all
network types.
3. Poll Interval
Poll interval only applies to NBMA network.
OSPF Neighbors
OSPF neighbors are a group of routers belonging to the same network. These routers
stipulate some configuration parameters. The routers must be neighbors to form
adjacency. To form adjacency, the routers have to be neighborhood.
Routers analyze their HELLO packets to make sure that the required parameters are
stipulated when they want to form neighborhood. The following parameters have to be
consistent so that the adjacent routers can set up neighborhood, area ID, area flag,
authentication information, HELLO packet sending interval and router dead interval.
Adjacency and DR
When two routers form an adjacency, they can exchange routing messages. Whether two
routers can form an adjacency depends upon network type connected to routers. The
network type of the connecting router decides whether two routers can form adjacency.
l There are only two routers in point-to point network or virtual links. The two routers
have to exchange the related routing information, so they can form an adjacency
automatically. A point-to-multipoint network can be regarded as a set of point-to-point
networks, so an adjacency is formed between each pair of routers.
l In a broadcast or an NBMA network, an adjacency may not be formed between two
neighbors. If adjacencies are already established among all routers (the number
of routers is "n" for example) on a network, each router will have "(n-1)" adjacent
connections and the network will have "n×(n-1)/2" adjacent connections.
In a large multi-access network, the router will be too heavy traffic if every one needs to
trace so many adjacent connections. Furthermore, the exchanging of routing information
between each adjacent routers wastes lots of network bandwidths.
Since a large multi-access network has a mass of redundancy information, OSPF defines
a DR and a BDR. The DR and BDR must form an adjacency with each OSPF router on
network. Each OSPF router only forms an adjacent relationships with DR and BDR. All
routers only send routing information to DR, and DR sends the information to other routers
in the same network segment. The two routers (neither DR nor BDR) do not establish an
adjacency between each other and neither will they exchange routing information. If the
DR stops working, the BDR will become a DR.
3-3

Router Priority and DR Election

Every interface has its own priority on router, which affects the capability of the router to
become a DR or BDR on the network. The priority of router interface is expressed by an
eight-bit unsigned integer, ranging from 0 to 255 (the default value is "1").
In DR election, the interface priorities are compared at first. The router with the highest
priority becomes a DR in the network segment. If the priorities of two routers are the same,
the router which router id is the largest will become a DR. The router which priority is 0
cannot be a DR or BDR.
DR is a concept used in network segment, which is based on router interface. That is,
a router can be a DR on its an interface, and it can be BDR or DROther on its another
interface.
OSPF Area
To reduce the information size that each router stores and maintains and shield the range
that network changing influences on, OSPF divides a network into some minor parts.
Each router must have the complete information of the area where it locates. Area
Border Router (ABR) is used to transmit routing information between different areas. The
information is shared by areas. The routing information can be filtered on area edge,
which reduces the routing information stored in routers.
An area is identified with 32-bit unsigned number. Area 0 is reserved to identify backbone
network, and all other areas must be connected to area 0. The backbone area of OSPF
network has to be continuous. Routers can be one or multiple of the following types
according to its tasks in the area, as shown in Figure 3-1.
Figure 3-1 OSPF Router Type
l Internal router
All interfaces of the router belong to the same OSPF area. An internal router only
generates a Router LSA and saves a Link-state Database (LSDB).
3-4

l Backbone router
A router that its one interface belongs to area 0 at least.
l ABR
A router that its one interface belongs to area 0 at least and one interface belongs to
other area at least.
All ABRs are backbone routers.
l Autonomous System Border Routers (ASBR)
The router has other routing protocols, such as static route, interface direct route and
RIP, IGRP and so on.
The advantages of area division are listed below:
l Since ABR generates LSAs according by using routes in its area after dividing areas,
the routes can be aggregated firstly according to the rule of IP addresses, and then
generate LSAs. In this way, the number of LSAs is reduced a lot in AS.
l After the area is divided, the changing of network topology is synchronized in the area
firstly. If the changing influences on the aggregated route, ABR will notify the changing
to other areas. In this way, most of topology changings are shielded in the area.
LSA Type and Flooding

LSA is a mode of exchanging link state database information among OSPF routers. A
router uses LSAs to construct an accurate and complete network diagram and generates
the routes used in its routing table. ZXR10 5900E supports the following eight types of
LSAs.
l Type 1: Router LSA
It is the basic LSA. Every OSPF router generates a Router LSA. Router LSA is used to
describe the information of the interface running OSPF on router, such as connection
status, cost and so on. An ABR generates a Router LSA for every area. A Router
LSA is transmitted in the whole area at where it locates.
l Type 2: Network LSA
The Network LSA is generated by DR. For a broadcast or NBMA network, to reduce
the times of packet exchanging between routers in a network segment, the concept
of DR is advanced. When a DR exists in a network segment, not only the method
of packets sending is changed, but also the description of link state is changed. The
Router LSA generated by a DROther or BDR only describes the connection from itself
to a DR. While, DR uses the Network LSA to describe all routers which already set
up adjacent relationships with itself in the network segment (it lists the Router IDs of
adjacent routers). A Network LSA is transmitted in the whole area at where it locates.
l Type 3: Network summary LSA
Network summary LSAs are generated by ABRs. When a ABR finishes routing
calculation in the area at where it locates, it enquires the routing table and
encapsulates each OSPF route into a Network Summary LSA. The Network
3-5

Summary LSAs are sent out area, which describe some information of a route, such
as the destination address, mask and cost. A Network summary LSA is transmitted
to all areas except the area which generates the LSA.
l Type 4: ASBR summary LSA
The ASBR summary LSA is also generated by an ABR. It describes the route that
goes to the ASBR in the area. The content of ASBR Summary LSA is almost the
same to that of Network summary LSA. The only difference is that the destination
address described by ASBR summary LSA is ASBR (host route, the mask is 0.0.0.0).
A ASBR summary LSA is transmitted to all areas except the area which generates
the LSA.
l Type 5: External LSA of AS
The external LSA of AS is generated by an ASBR. It mainly describes the information
of an route which goes to the external AS. An external LSA of AS contains some
information, such as destination address, mask and cost and so on. External LSA of
AS is an unique type that is independent of area. An external LSA of AS is transmitted
in the whole AS (except STUB area).
l Type 7: External LSA of Not-So-Stubby Area (NSSA)
External LSA of NSSA only applies to NSSA.
l Type 9: Local non-transparent LSA
l Type 10: Area non-transparent LSA
OSPF operation depends on all the routers in one area which share a common link state
database. Therefore, all LSAs are flooded through the area and the processing must be
reliable. A router which receives LSAs from a special area will flood the LSAs to other
interfaces which belong to the i area.
LSAs do not have their own packets, and they are contained in Link state Update (LSU)
packets. A LSU can contain many LSAs.
When a router receives a LSU, it abstracts the LSA from the packet and inputs the LSA to
its database. Meanwhile, the router constructs its own LSU and sends the updated LSU
to its adjacent neighbor router(s).
OSPF uses Link State Acknowledgement (LSAck) to confirm whether each LSA is
successfully received by its neighbor. A LSAck has the header of an acknowledged LSA,
which provides sufficient information for uniquely identifying an LSA.
When a router sends a LSA to an interface, the LSA is recorded in the retransmission
queue of the interface.
The router will wait the maximum time interval to receive the LSAck of LSA. If the router
does not receive the LSAck in the specified time, it will retransmit the LSA.
The router can send the original LSU in unicast or multicast mode, but the retransmitted
LSU is must in unicast mode.
3-6

Stub Area and Totally Stubby Area

When a non-backbone area does not have an ASBR, a router only has one path arriving
to an AS external network, that is, a path passing through an ABR. Therefore, the routers
belonging to these areas will send the LSAs sending to the unknown hosts outside the AS
to ABR.
In this way, it is not required that flood LSAs of type 5 to the area. The area does not have
the LSAs of type 4 either. The area is called stub area.
In a stub area, all routers must be configured as stub routers. A HELLO packet contains
a "stub area" flag bit. The flag bit must be consistent among neighbors.
The ABR in a stub area can filter LSAs of type 5 to prevent them from being advertised to
stub area. In meantime, the ABR generates an LSA of type 3 to advertise a default route
arriving to an AS external destination address.
If the ABR also filters the LSA of type 3 and advertises a default route arriving to an AS
external destination address, the area is called totally stubby area.
Not-So-Stubby Area
A router in a stub area refuses LSAs of type 5, so ASBR is not a part of the stub area.
However, it is hoped that a stub area with an ASBR can be generated. In this way, routers
in the area can receive AS external routes from the ASBR belonging to the same area, but
the external routing information from other areas will be blocked.
To realize such an area, OSPF defines NSSA. In a NSSA, an ASBR generates LSAs of
type 7 instead the LSAs of type 5. The ABR can not send the LSAs of type 7 to other
OSPF areas. On the one hand, it blocks external routes to arrive the NSSA area at the
area border. On the other hand, it converts the LSAs of tyoe 7 into the LSAs of type 5 and
sends them to other areas.
OSPF Authentication
Authentication is used to exchange packets between two OSPF neighbors. The
authentication type should be consistent on the OSPF neighbors. Authentication type is
contained by all packets.
Authentication type "0" indicates no authentication, "1" indicates simple password
authentication and "2" indicates MD5 encryption authentication.
For plain text authentication, an interface only allows a password. The password of each
interface can be different, but the interfaces in a special network must have the same
passwords. The simple password is sent through OSPF packets in plain text mode.
DownBit
When Multiprotocol BGP (MP-BGP) routes are redistributed to OSPF vrf instance to
generate LSAs, the option fields of type-3 and type-5 LSAs must be marked as down bit.
The LSAs are displayed as Downward. This is a method to prevent routing loopback.
3-7

When a PE router detects that a LSA is already marked as down bit, the PE will not
participate in the OSPF route calculation. When OSPF routes are redistributed to BGP,
the LSAs with down bit are not redistributed to be BGP route.
max-metric
Considering the requirements for traffic management and so on, some routers need to act
as the terminal rather than transit points of the route. In order to add the nodes without the
capability of traversing to the network, the max-metric function is used.
For example, a router just restarts, and BGP route does not converge, use the max-metric
router-lsa on-startup wait-for-bgp command to avoid route black hole.
3.2 Configuring the OSPF Protocol

Enabling the OSPF Protocol
To enable the Open Shortest Path First (OSPF) protocol on routers and make them learn
routes between each other by using the OSPF protocol, perform the following steps:
1 ZXR10(config)#router ospf <process-id>[vrf <vrf-name>] Starts the OSPF process and

enters OSPF configuration
mode.
After the OSPF protocol is
enabled, one of the current
interfaces (with IP addresses)
is selected as the address of
the OSPF router.
If no interface is configured with
an IP address on a router, the
interface (with IP addresses)
cannot be selected as the
address of the OSPF router.
To obtain an address as the
router ID, you can configure an
interface address or configure
a router ID manually. After you
configure a router ID, clear the
OSPF process.
2 ZXR10(config-ospfv2)#network <ip-address><wildcard- Sets an interface to run the

mask> area <area-id> OSPF protocol, and sets an
area ID for the interface.
If the area does not exist, the
system creates it automatically.
3-8

3 ZXR10(config-ospfv2)#router-id <ip-address> Configures an router ID for a

router.
You are recommended to use
the Loopback address as the
router ID.
4 ZXR10(config-ospfv2)#end Returns to privileged mode.
ZXR10#clear ip ospf process <process-id> Restarts the OSPF process.
Enable the OSPF protocol on S1, S2 and S3, see Figure 3-2.
Router IDs are listed below:
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
Figure 3-2 OSPF Basic Configuration Example
Run the following commands on S1:

S1(config-if-vlan10)#ip address 30.0.0.1 255.255.255.252
S1(config-if-vlan10)#exit
S1(config)#router ospf 10
S1(config-ospf-10)#network 30.0.0.0 0.0.0.3 area 0
S1(config-ospf-10)#exit
Run the following command to check the OSPF information:

S1(config)#show ip ospf
OSPF 10 Router ID 30.0.0.1 enable
Enabled for 00:00:21,Debug on
Number of areas 1, Stub 0, Transit 0
Number of interfaces 1
3-9

......
Area 0.0.0.0 enable
Enabled for 00:00:05
Area has no authentication
Times spf has been run 1
Number of interfaces 1. Up 1
The OSPF protocol is enabled and configured on S1. The router ID is the IP address of
interface vlan1.
Run the following commands on S2. To set up an OSPF connection by using the loopback
address, the loopback address needs to be configured first, and then you need to enable
the OSPF process.
S2(config)#interface loopback1
S2(config-if-loopback1)#ip adderss 1.1.1.3 255.255.255.255
S2(config-if-loopback1)#exit
Run the following command to check the OSPF information. OSPF selects the IP address
of loopback 1 as the router ID automatically.
Number of areas 0, Normal 0, Stub 0, NSSA 0

Run the following command to check the routing table on S3:

3-10

Protocol routes:
*> 1.1.1.4/0 192.168.14.2 115 20 isis-l2
*> 30.0.1.0/32 10.10.10.1 0 0 connected
*> 30.0.1.1/16 10.10.10.2 1 0 static
If you can ping S1 on S3, the route is configured correctly.
Configuring OSPF Interface Attributes

To set up OSPF neighborhood, perform the following steps to modify the attributes of an
OSPF interface. The attributes need to be consistent with each other if devices provided
by different manufactories need to be interconnected.
1 ZXR10(config)#router ospf <process-id>[vrf <vrf-name>] Enters OSPF configuration

mode.
2 ZXR10(config-ospfv2)#interface <interface-name> Enters interface configuration

mode or sub-interface
configuration mode.
3 ZXR10(config-ospfv2-if)#hello-interval <seconds> Sets the interval (second) for

sending HELLO packets on an
interface.
Range: 1-65535, default: 10.
ZXR10(config-ospfv2-if)#dead-interval <seconds> Sets the duration (second) for

considering a neighbor to be
dead.
ZXR10(config-ospfv2-if)#retransmit-interval <seconds> Specifies the interval (second)

for retransmitting LSA packets
on an interface.
ZXR10(config-ospfv2-if)#transmit-delay <seconds> Specifies the delay (second)

for sending a link state update
packet on an interface.
ZXR10(config-ospfv2-if)#cost <cost> Sets the interface cost.

Range: 1-65535, default: 100
M/interface bandwidth.
ZXR10(config-ospfv2-if)#priority <priority> Sets the interface priority.

3-11

Modify the OSPF parameters on interfaces that run the OSPF protocol, see Figure 3-3.
Router IDs are listed below:
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
Figure 3-3 OSPF Interface Attribute Configuration
Enable the OSPF protocol on S1 and S2, and advertise the network segment.
S1(config-ospf-10)#router-id 1.1.1.2

Modify the OSPF attributes.

3-12

S1(config-ospfv2-1)#interface vlan10
S1(config-ospfv2-1-if-vlan10)#hello-interval 20
/*Sets the interval for sending HELLO packets on the
specified interface to 20 seconds.*/
S1(config-ospfv2-1-if-vlan10)#dead-interval 80
/*Sets the duration for considering a neighbor to be dead
to 80 seconds.*/
S1(config-ospfv2-1-if-vlan10)#retransmit-interval 10
/*Sets the interval for retransmitting LSA to 10 seconds.*/
S1(config-ospfv2-1-if-vlan10)#retransmit-delay 2
/*Sets the delay for transmitting a link state update
packet to 2 seconds.*/
S1(config-ospfv2-1-if-vlan10)#cost 10
/*Sets the cost to 100.*/
S1(config-ospfv2-1-if-vlan10)#priority 10
/*Sets the interface priority to 10.*/
Configuring OSPF Authentication

To enhance routing safety on a network, perform the following steps to configure the
authentication function. The passwords used by OSPF neighbors must be the same.
1 ZXR10(config)#router ospf <process-id>[vrf <vrf-name>] Enters OSPF routing mode.
ZXR10(config-ospfv2)#area <area-id> authentication Enables the authentication

[message-digest] function for interfaces that run
the OSPF protocol.
2 ZXR10(config)#router ospf <process-id> Enters OSPF routing mode.
3 ZXR10(config-ospfv2)#interface <interface-name> Enters interface configuration

mode.
ZXR10(config-ospfv2-if)#authentication Sets the authentication function

[null|message-digest] on interfaces.
4 ZXR10(config-ospfv2-if)#authentication-key {<word>| Sets a password for the

encrypted <encrypted_password>} interface that is configured with
the authentication function.
ZXR10(config-ospfv2-if)#message-digest-key <keyid> Sets a key ID or an

md5 {<word>| encrypted <encrypted_password>[delay authentication password
<time>]} for the interface that uses MD5
authentication mode.
For a description of the parameters in Step 1, refer to the following table:
3-13

<keyid> Key ID. Integer type, range: 1-255.
md5 <password> Authentication password. Length: 1-16 characters (without

space).
delay <time> Time delay (minute). Range: 0-100000.
encypt Used to encrypt the password.
Configure the authentication function on OSPF interfaces of S1 and S2, see Figure 3-4.
Router IDs are listed below.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
Figure 3-4 OSPF Authentication Configuration Example
In area 0, establish OSPF neighborhood between S1 and S2. In area 1, establish OSPF
neighborhood between S2 and S3.
3-14



S3(config-ospf-10)#ospf-id 1.1.1.4
Enable the plain text authentication function on interfaces that belong to area 0, and set
the authentication password to zte.
S1(config-ospf-10)#area 0 authentication
S1(config-ospf-10)#interface vlan1
S1(config-ospf-10-if-vlan1)#authentication
S1(config-ospf-10-if-vlan1)#authentication-key zte
S1(config-ospf-10-if-vlan1)#exit

S2(config-ospf-1)#area 0 authentication
3-15

S2(config-ospf-1-if-vlan20)#authentication
S2(config-ospf-1-if-vlan20)#authentication-key zte
To check whether the authentication function is effective in area 0, run the show ip ospf
command.
Number of areas 1, Stub 0, Transit 0
......
Area 0.0.0.0 enable
Area has simple password authentication
Number of ASBR local to this area 0
Number of ABR local to this area 1
......
Enable the MD5 authentication function on interfaces that belong to area 1. The key ID is
1, and the authentication password is zte.
S2(config-ospf-10)#area 1 authentication message-digest
S2(config-ospf-10-if-vlan20)#authentication message-digest
S2(config-ospf-10-if-vlan20)#message-digest-key 1 md5 zte

S3(config-ospf-1)#area 1 authentication message-digest
S3(config-ospf-1-if-vlan10)#authentication message-digest
S3(config-ospf-1-if-vlan10)#message-digest-key 1 md5 zte
Run the following command on S3 to check the information of the OSPF interface. The
result shows that the authentication mode is MD5.
S3(config)#show ip ospf interface vlan10
OSPF Router with ID (1.1.1.4) (Process ID 10)
vlan1 is up
3-16

Internet Address 30.0.1.1 255.255.255.252 enable

Up for 00:09:38
In the area 0.0.0.1 BDR
Cost 1, Priority 1, Network Type broadcast
Transmit Delay(sec) 1, Authentication Type message-digest
......
Configuring an OSPF Stub Area

To configure an OSPF stub area, the following conditions are required: The OSPF protocol
is run on routers, and the area to be configured is a non-backbone area.
To configure an OSPF stub area on the ZXR10 5900E, perform the following steps:
1 ZXR10(config)#router ospf <process-id>[vrf <vrf-name>] Enters route configuration

mode.
2 ZXR10(config-ospfv2)#area <area-id> stub [default-cost Sets an area to a stub area.

<cost>]
3 ZXR10(config-ospfv2)#area <area-id> stub no-summary Configures ABR not to introduce

[default-cost <cost>] any type-3 route to a stub area.
In a stub area, only one default
type-3 route is supported.
no-summary Summary route information is forbidden to be sent to a stub

area.
default-cost <cost> Cost of the default route advertised to a stub area. Range:
0-65535.
Set area 1 to a stub area, see Figure 3-5.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-17

Figure 3-5 OSPF Stub Area Configuration Example

S1(config-ospf-10)#redistribute connected
S2(config-ospf-10)#area 1 stub
3-18

S3(config-ospf-10)#area 1 stub
To configure area 1 as a totally stubby area, run the following commands to modify the
configurations on S2:
S2(config-ospf-10)#area 1 stub no-summary
Run the following commands to modify the configurations on S3:

S3(config-ospf-10)#area 1 stub no-summary
Configuring an NSSA Area

To configure an NSSA area, the following conditions are required: The OSPF protocol is
run on routers, and the area to be configured is a stub area or a non-backbone area.
Create a stub area with an ASBR. Routers in this area receive routing messages from an
external AS through the ASBR. External routing messages from other areas are blocked.
Because some routers do not support the NSSA configuration and cannot recognize Type
7 LSAs, the protocol defines that the ABR on the NSSA converts Type 7 LSAs generated
within the NSSA to Type 5 LSAs, and then advertises the LSAs. At this time, the advertiser
of the LSAs is changed to the ABR. This is called routing translation. Using this method,
routers outside the NSSA area are not required to support the NSSA configuration.
To configure an NSSA area on the ZXR10 5900E, perform the following steps:
3-19

2 ZXR10(config-ospfv2)#area <area-id> nssa Configures an area to an NSSA

[no-redistribution][default-information-originate [metric area and specifies whether to
<metric-value>][metric-type <type>]][no-summary][ forbid ABR to send summary
trans-type7-suppress-fa ][ translator-role { always | candidate route information to the NSSA
}][ translator-stab-intv<stab-intv>] area, whether to introduce
external LSAs of type 7 to the
NSSA area, and whether to
generate type 7 default LSAs.
The summary route is not
forbidden by default.
Parameters Description
no-redistribution NSSA link state advertisements are not redistributed to the

NSSA area.
default-information-originate A default route LSA of type 7 is generated.
metric <metric-value> Cost for advertising a default LSA of type 7. Value: A 24-bit
integer, ranging from 1 to 16777214.
metric-type <type> Type of a default route LSA of type 7: ext-1 and ext-2.
no-summary Summary LSAs are forbidden to be sent to the NSSA area.
trans-type7-suppress-fa Suppress address forwarding when LSAs of type 7 are

converted to LSAs of type 5.
translator-role Translator role when LSAs of type 7 are converted to LSAs

of type 5.
{ always | candidate } Two roles are supported: always and candidate.
translator-stab-intv<stab-intv The duration for keeping a translator role after translator

qualification is lost.
Set area 1 to an NSSA area, see Figure 3-6.

Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-20

Figure 3-6 NSSA Area Configuration Example


S2(config-ospf-10)#area 1 nssa default-information-originate
3-21

S3(config-ospf-10)#area 1 nssa
To prevent routing messages of type 3 from being advertised to the NSSA area, run the
following commands to modify the configurations on S2:
S2(config-ospf-10)#area 1 nssa default-information-originate no-summary
Configuring OSPF Inter-Area Route Aggregation

Route aggregation saves the resource of backbone areas. You can advertise the
aggregated address instead of a group of network addresses by using route aggregation.
Before configuring inter-area route aggregation, the required areas must have been
created. This command can only be used on the ABR.
To configure route aggregation between OSPF areas, perform the following steps:
2 ZXR10(config-ospfv2)#area <area-id> range Sets the range of summary

<ip-address><net-mask>{ summary-link | nssa-external-link addresses in the area.
}[advertise | not-advertise][ cost <cost-value>]
summary-link | nssa-external-link summary-link: type-3 summary.

nssa-external-link: type-7 summary.
advertise Summary LSA of type 3 is advertised.
not-advertise Summary LSA of type 3 is disabled to be advertised. The

information of the network segment is not received by other
areas.
cost <cost-value> Metric for the range. Set the metric for the aggregation LSA.
Range: 1-16777214.
3-22

Configure the OSPF protocol on S1, S2 and S3. S2 operates as the ABR. Configure route
aggregation on S2, see Figure 3-7.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
Figure 3-7 OSPF Inter-Area Route Aggregation Configuration Example

3-23


After the configuration, run the following command to check the routing table. Routes not
aggregated are displayed.
S3#show ip forwarding route
IPv4 Routing Table:
Dest Gw Interface Owner pri metric
1.1.1.2 30.0.1.1 vlan10 ospf 110 20
1.1.1.4 1.1.1.4 loopback1 address 0 0
2.2.2.0 30.0.1.1 vlan10 ospf 110 20
2.2.2.4 30.0.1.1 vlan10 ospf 110 20
30.0.0.0 30.0.1.1 vlan10 ospf 110 2
30.0.1.0 30.0.1.2 vlan10 direct 0 0
30.0.1.2 30.0.1.2 vlan10 address 0 0
Run the following commands to configure inter-area route aggregation on S2:
S2(config-ospf-1)#area 1 range 2.2.2.0 255.255.255.248 summary-link
An aggregated route 2.2.2.0/29 is generated in the S3 routing table.
3-24


IPv4 Routing Table:
2.2.2.0 30.0.1.1 vlan10 ospf 110 3
30.0.0.0 30.0.1.1 vlan10 ospf 110 2
30.0.1.0 30.0.1.2 vlan10 direct 0 0
30.0.1.2 30.0.1.2 vlan10 address 0 0
The default setting of "area 1 range 2.2.2.2 255.255.255.248 "is advertise. If not-advertise
is chosen, aggregated route of 2.2.2.0 network segment is not displayed on S3, and this
network segment cannot be pinged.
S2(config-ospf-1)#area 1 range 2.2.2.0 255.255.255.248
summary-link not-advertise
S3(config)#show ip forwarding route
IPv4 Routing Table:
30.0.0.0 30.0.1.1 vlan10 ospf 110 2
30.0.1.0 30.0.1.2 vlan10 direct 0 0
30.0.1.2 30.0.1.2 vlan10 address 0 0
S3 does not learn the routing information from 2.2.2.0. The aggregated information of
2.2.2.0 still exists in S2 database, but the information is not advertised to other areas.
Configuring Route Aggregation upon Route Redistribution

The following configuration can only be used on ASBRs.
After routes using other routing protocols are redistributed to OSPF, each independent
route is advertised as an external LSA. By means of aggregating, these external routes
are advertised as a single route, which reduces the size of OSPF link state database.
To configure route aggregation upon route redistribution, perform the following steps:
Step Commands Function
2 ZXR10(config-ospfv2)#summary-address Creates an aggregate address

<ip-address><net-mask> cost<cost> for OSPF and summarizes
other routing protocol paths
being redistributed to the OSPF.
Cost range: 1-16777214.
Configure the OSPF on S1, S2 and S3. Advertise external routes of S1, and configure
ASBR route aggregation on S1, see Figure 3-8.
3-25

Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
Figure 3-8 Route Aggregation with Route Redistribution Configuration Example

S1(config-ospf-1)#summary-address 2.2.2.0 255.255.255.248

3-26


Run the following command to check the S2 routing table. An aggregated network segment
2.2.2.0/29 exists in the routing table.
IPv4 Routing Table:
1.1.1.2 30.0.0.2 vlan10 ospf 110 20
2.2.2.0 30.0.0.2 vlan10 ospf 110 20
30.0.0.0 30.0.0.1 vlan10 direct 0 0
30.0.0.1 30.0.0.1 vlan10 address 0 0
30.0.1.0 30.0.1.1 vlan20 direct 0 0
30.0.1.1 30.0.1.1 vlan20 address 0 0
Configuring OSPF Route Load Balancing

To configure load balancing on traffic when many paths exist in an OSPF routing table with
the same lowest metric values, perform the following steps.
3-27

2 ZXR10(config-ospfv2)#maximum-paths <number> Sets the path. The switch

supports up to 32 paths that
have the same cost.
Enable OSPF on S1 and S2, enable route load balancing between S1 and S2, and
configure the maximum number of routes that can be supported by OSPF when the load
is shared in balanced mode to two.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
Figure 3-9 OSPF Route Load Balancing Configuration Example

S1(config-ospf-1)#maximum-paths 2
/*Sets the maximum number of routes that can be supported by
OSPF when the load is shared in balanced mode to two*/
3-28


/*Sets the maximum number of routes that can be supported by
OSPF when the load is shared in balanced mode to two*/
Run the following command to check the routing table of S1. Two OSPF routes 2.2.2.4/30
with the same destinations are displayed.
IPv4 Routing Table:
2.2.2.0 2.2.2.2 vlan30 direct 0 0
2.2.2.2 2.2.2.2 vlan30 address 0 0
2.2.2.4 30.0.1.2 vlan20 ospf 110 2
2.2.2.4 30.0.0.2 vlan10 ospf 110 2
30.0.0.0 30.0.0.1 vlan10 direct 0 0
30.0.0.1 30.0.0.1 vlan10 address 0 0
30.0.1.0 30.0.1.1 vlan20 direct 0 0
30.0.1.1 30.0.1.1 vlan20 address 0 0
The similar route entries can be viewed on S2.
Configuring OSPF Route Redistribution

By means of advertising routing information of other route protocols to OSPF routers,
different dynamic route protocols can share the routing information.
3-29

To configure route redistribution, perform the following steps:
2 ZXR10(config-ospfv2)#redistribute<protocol>[as Controls the redistribution of

<as-number>][peer <peer-address>][tag <tag-value>][metric routes (these routes meet
<metric-value>][metric-type <type>][route-map <map-tag>] the relative conditions) of
other protocols into an OSPF
autonomous system. After
the command is executed, the
router becomes an ASBR.
protocol Perform filtering operations in accordance with protocol

types, Options: connected, static and RIP, bgp-ext and
bgp-int, IS-IS-1, IS-IS-1-2 and IS-IS-2.
as <as-number> If protocol is set to bgp-ext, two additional conditions are

available, <as-number> and <peer-address>. <as-number> is
the AS number of the peer router. Its range is from 1 to
65535.
peer <peer-address> IP address of the peer router.
tag <tag-value> Tag of the redistributed LSA. Range: 0-4294967295.
metric <metric-value> Metric value of the redistributed LSA. By default, use the
default metric. Range: 1-16777214.
metric-type <type> Metric-type of the redistributed LSA. Value: ext-1 and ext-2.
By default, it is ext-2.
route-map <map-tag> Redistributed route mapping name. Length: 1-16 characters.
Redistribute RIP routes in area 0, see Figure 3-10.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
3-30

Figure 3-10 OSPF Redistribution Route Configuration Example
1. Establish OSPF neighborhood between S1 and S2.


2. Run the RIP protocol on S1 and S3.
S1(config-rip)#exit

3-31

S3(config-if-loopback1)#ip address 2.2.2.1 255.255.255.0
S3(config-rip)#exit
The information related to S3 cannot be displayed in the OSPF area.

3. Run the following commands to redistribute RIP routes on S1:
S1(config-ospf-1)#redistribute rip
The information of 2.2.2.0 network segment is displayed on S2.

IPv4 Routing Table:
2.2.2.0 30.0.0.1 vlan10 ospf 110 20
30.0.0.0 30.0.0.2 vlan10 direct 0 0
30.0.0.2 30.0.0.2 vlan10 address 0 0
Run the following commands to redistribute directly-connected routes on S1:

The information of network segment 30.0.1.0 is displayed on S2.

IPv4 Routing Table:
1.1.1.2 30.0.0.1 vlan10 ospf 110 20
2.0.0.0 30.0.0.1 vlan10 ospf 110 20
30.0.0.0 30.0.0.2 vlan10 direct 0 0
30.0.0.2 30.0.0.2 vlan10 address 0 0
30.0.1.0 30.0.0.1 vlan10 ospf 110 20
3-32

Configuring an OSPF Default Route

If a router obtains a default route through other protocols or is configured with a static route,
it needs to advertise the route. If a default route does not exist, advertise reachable routes
in normal mode. After you run this command on a router, the router become an ASBR.

mode.
2 ZXR10(config-ospfv2)#notify default route When router obtains default

[always][metric <metric-value>][metric-type route 0/0 through other
<type>][route-map <map-tag>] protocols or is configured with
the route, it needs to advertise
this route.
always If always is specified, it means that the default route is

advertised no matter whether it exists. If not, whether to
advertise the default route is determined by whether the
default route exists in the routing table. If the default route
exists, it will be advertised.
metric <metric-value> Metric of the default route. Range: 1-16777214, default: 1.
metric-type <type> Type of the default route. Value: ext-1 and ext-2, default:
ext-2.
route-map <map-tag> Name of the route map for generating the default route.
Length: 1-16 characters.
Configuring an OSPF Virtual Link

On OSPF networks, all areas must be connected to the backbone area. An virtual link can
be used to connect a remote area to the backbone area through other areas.
To configure an OSPF virtual link, perform the following steps:
3-33

2 ZXR10(config-ospfv2)#area <area-id> virtual-link Defines an OSPF virtual link.

<router-id>[hello-interval <seconds>][retransmit-interval If the designated area does
<seconds>][transmit-delay <seconds>][dead-interval <sec not exist, an area is created
onds>][authentication-key <key>][message-digest-key automatically.
<keyid> md5 <cryptkey>[delay <time>]][authentication Use the no format of command
[null|message-digest]] to delete a designated virtual
link.
Virtual links cannot be created
in area 0, stub areas, and NSSA
areas.
<area-id> ID of the area through which the virtual link transits. The area
cannot be a stub area, an NSSA area, or area 0.
<router-id> ID of the peer router connected with the virtual link.
hello-interval <seconds> Interval (second) for sending HELLO packets on the virtual
link. Range: 1-8192, default: 10.
retransmit-interval <seconds> Retransmission interval (second) on the virtual link. Range:

1-8192, default: 5.
transmit-delay <seconds> Time delay (section) for transmitting a link state update
packet on the virtual link. Range: 1-8192, default: 1.
dead-interval <seconds> Duration (second) for considering a neighbor router to be

dead. Range: 1-8192, default: 40.
Establish a virtual link between the interconnected interfaces of S2 and S3, see Figure
3-11.
Device Router ID
S1 1.1.1.2
S2 1.1.1.3
S3 1.1.1.4
3-34

Figure 3-11 OSPF Virtual Link Configuration Example


S2(config-ospfv2)#area 1 virtual-link 1.1.1.4

S3(config-ospf-1)#network 10.0.1.0 0.0.0.3 area 0.0.0.1
3-35

S3(config-ospf-1)#network 2.2.2.4 0.0.0.3 area 0.0.0.2

S3(config-ospf-1)#area 1 virtual-link 1.1.1.3
Configuring Sham-link
Because the priority of an OSPF route is higher than that of a BGP route, an OSPF private
route is usually the first choice if both a public network route and an OSPF private network
route are available. However, comparing with the public network route, the private network
route is not suitable for carrying a large flow because its bandwidth is smaller. Therefore,
a mechanism is required to enable the public network to share the private network flow.
The public and private network can be selected flexibly to carry the flow.
As shown in Figure 3-12, S1 and S2 are in the same area. There are two types of LSAs
learnt by S1 when it accesses S2. One is LSAs of type 3 advertised by a PE router, another
is LSAs of type 1 flooded by area 0. In accordance with the OSPF route selection policy,
the route calculated by LSAs of type 1 is optimal, so the OSPF private network route is
selected. Sham-link is configured to enable the public network to share the flow.
Figure 3-12 Sham-link
Enable sham-link between PE routers, establish neighborhood, and establish an

interactive database. A private network router belonging to the same area can learn two
inner-area routes: one route uses sham-link (MPLS VPN Backbone), another uses the
private network. To select a route, modify metric attribute.
To configure sham-link on PEs, perform the following steps:
1 ZXR10(config)#router ospf <area-id> Enters OSPF configuration

mode.
2 ZXR10(config-ospfv2)#area <area-id> sham-link<ip-addr Sets up MPLS VPN between

ess1><ip-address2> cost<cost> two PE routers to transmit
OSPF protocol packets.
3-36

<area-id> Area ID.
<router-id1> ID of the local router in sham-link.
<router-id2> ID of the peer router in sham-link.
<cost> Cost value of the Shamlink. Range: 1-65535.
Configuring max-metric
To configure max-metric on the ZXR10 5900E, perform the following steps:
2 ZXR10(config-ospfv2)#max-metric router-lsa Configures a router not to learn

OSPF routes. Transit-link of
local router-lsa is set to 65535.
Only routes generated by
this router can be learnt by
other routers. The router is
accessible in topology, but other
routers cannot access through
it.
3 ZXR10(config-ospfv2)#max-metric router-lsa on-startup l If a BGP neighbor is up,

wait-for-bgp after one minute, it can be
accessed by other devices.
l If a BGP neighbor is down,
after 10 minutes, it can be
4 ZXR10(config-ospfv2)#max-metric router-lsa on-startup Configures the waiting time

timeout<seconds> (second) after restarting to
avoid a routing black hole.
The router needs to wait a
period and then it can be
Range: 5-86400.
Configuring the OSPF Graceful Restart

To configure the OSPF graceful restart, perform the flowing steps:

mode.
3-37

2 ZXR10(config-ospf-process-id)#nsf Runs the nsf command on the

help party.
When the OSPF GR is enabled,
there are two roles: the restart
party and the help party. The
restart party restarts a router
and the help party helps to
complete the GR operation.
3 ZXR10(config-ospf-process-id)#grace-period <time> (Optional) Configures the

duration for the OSPF GR. By
default, it is set to 120 seconds.
If there are too many route
entries to be switched, you can
prolong this duration.
4 ZXR10(config-ospf-process-id)#interface Enters OSPF interface

<interface-name> configuration mode.
5 ZXR10(config-ospf-process-id-if-interface- (Optional) This command is

name)#dead-interval <time> used when the rack switching
operation takes too long.
3.3 Maintaining the OSPF Protocol

To maintain the OSPF protocol on the ZXR10 5900E, run the following commands:
Command Function
ZXR10#show ip ospf [<process-id>] Displays the summary information

about the OSPF protocol and each
OSPF area.
ZXR10#show ip ospf interface [<interface-name>][process Displays the information about an

<process-id>] OSPF interface.
ZXR10#show ip ospf database [database-summary | adv-router Displays the information about an

<router-id>|self-originate][area <area-id>][process <process-id>] OSPF link state database.
ZXR10#show ip ospf database router [<link-state-id>][adv-router Displays the information about

<router-id>|self-originate][area <area-id>][process <process-id>] router LSAs in an OSPF link state
database.
ZXR10#show ip ospf database network [<link-state-id>][adv-router Displays the information about

<router-id>|self-originate][area <area-id>][process <process-id>] network LSAs in an OSPF link
state database.
3-38

Command Function
ZXR10#show ip ospf database summary [<link-state-id>][adv Displays the information about

-router <router-id>|self-originate][area <area-id>][process summary LSAs in an OSPF link
<process-id>] state database.
The following is sample output from the show ip ospf command:

ZXR10(config)#show ip ospf 1
Domain ID type 0x5,value 0.0.0.1
Number of areas 2, Normal 2, Stub 0, NSSA 0
Number of interfaces 2
Number of neighbors 2
Number of adjacent neighbors 2
Number of virtual links 0
Total number of entries in LSDB 13
Number of ASEs in LSDB 1, Checksum Sum 0x0000dc0d
Number of grace LSAs 0
Number of new LSAs received 23
Number of self originated LSAs 22
Hold time between consecutive SPF 1 secs
Non-stop Forwarding disabled, last NSF restart 00:21:13 ago (took 0 secs)
Area 0.0.0.0 enable (Demand circuit available)

Total number of intra/inter entries in LSDB 7. Checksum Sum 0x00046565
Area-filter out not set
Area-filter in not set
Area ranges count 0
Area 0.0.0.1 enable (Demand circuit available)

Total number of intra/inter entries in LSDB 5. Checksum Sum 0x00025888
Area-filter out not set
3-39

Area-filter in not set

Area ranges count 0
For a description of the parameters in the execution result, refer to the following table:
OSPF 1 Router ID 100.100.100.14 This OSPF instance is available.

enable
Domain ID type 0x5,value 0.0.0.1 The domain ID type is 0x5, and the value is 0.0.0.1.
Number of areas 2, Normal 2, Stub There are two areas: two normal areas, 0 stub area, and 0
0, NSSA 0 NSSA area.
Area 0.0.0.0 enable (Demand circuit Detailed content of each area.

available) and the following contents
The following is sample output from the show ip ospf interface command:
ZXR10(config)#show ip ospf interface
vlan1 is up
Up for 00:17:51
In the area 0.0.0.0 DR
Transmit Delay(sec) 1, Authentication Type null
Timer intervals(sec) : Hello 10, Dead 40, Retransmit 5
Designated Router (ID) 100.100.100.14, Interface address 100.100.100.14
Backup Designated router (ID) 100.1.1.2, Interface address 100.100.100.12
Number of Neighbors 1, Number of Adjacent neighbors 1
100.1.1.2 BDR
vlan2 is up
Up for 00:16:25
In the area 0.0.0.1 DR
Transmit Delay(sec) 1, Authentication Type null
Timer intervals(sec) : Hello 10, Dead 40, Retransmit 5
Designated Router (ID) 100.100.100.14, Interface address 1.1.1.1
Backup Designated router (ID) 100.1.1.2, Interface address 1.1.1.10
Number of Neighbors 1, Number of Adjacent neighbors 1
100.1.1.2 BDR
3-40

Internet Address 100.100.100.14 Interface address.

255.255.255.0 enable
In the area 0.0.0.0 DR The router operates as a DR in area 0.0.0.0.
Timer intervals(sec) : Hello 10, Dead The interval for sending Hello packets is 10 seconds, the
40, Retransmit 5 duration for considering a neighbor to be dead is 40 seconds,
and the interval for retransmitting LSAs is 5 seconds.
The following is sample output from the show ip ospf database command:
ZXR10#show ip ospf database
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# Checksum Link count
110.1.1.1 110.1.1.1 3 0x80000002 0x3dbe 1
Summary Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# Checksum
112.1.1.0 110.1.1.1 6 0x80000001 0xd99f
168.1.0.0 110.1.1.1 6 0x80000001 0xff43
Summary ASB Link States (Area 0.0.0.0)
168.1.1.3 110.1.1.1 6 0x80000001 0xc875
Link ID ADV Router Age Seq# Checksum Link count
110.1.1.1 110.1.1.1 3 0x80000025 0xf8f8 1
168.1.1.3 168.1.1.3 61 0x80000005 0x70e 2
Net Link States (Area 0.0.0.1)
168.1.1.1 110.1.1.1 1183 0x80000002 0x9787
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
113.1.0.0 168.1.1.3 48 0x80000001 0xa0dd 0
111.1.0.0 110.1.1.1 272 0x80000001 0x4ae3 3489660928
Link ID LSA ID
ADV Router Advertising router
Age Aging time
Seq# Sequence number of LSA
Checksum -
Link count Number of connections
3-41

The following is sample output from the show ip ospf database router command:
ZXR10#show ip ospf database router
Routing Bit Set on this LSA
LS age: 1700
Options: (No TOS-capability, No DC)
LS Type: Router Links
Link State ID: 110.1.1.1
Advertising Router: 110.1.1.1
LS Seq Number: 0x8000001f
Checksum: 0xf9e7
Length: 36
Number of Links: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 110.1.0.0
(Link Data) Network Mask: 255.255.0.0
Number of TOS metrics: 0
TOS 0 Metrics: 1
LS age LSA aging time
LS Type LSA type
Link State ID -
Advertising Router -
LS Seq Number LSA sequence number
Checksum -
Length -
The following is sample output from the show ip ospf database network command:
ZXR10#show ip ospf database network
Net Link States (Area 0.0.0.1)
Routing Bit Set on this LSA
LS age: 789
LS Type: Network Links
Link State ID: 168.1.1.1 (Address of Designated Router)
LS Seq Number: 0x80000002
Checksum: 0x9787
3-42

Length: 32
Network Mask: /16
Attached Router: 110.1.1.1
Attached Router: 168.1.1.3
LS Type LSA type
Link State ID -
Checksum -
Length -
The following is sample output from the show ip ospf database summary command:
ZXR10#show ip ospf database summary
Summary Net Link States (Area 0.0.0.0)
LS age: 129
LS Type: Summary Links(Network)
Link State ID: 112.1.1.0 (Summary Network Number)
Checksum: 0xd99f
Length: 28
Network Mask: /24
TOS: 0 Metric: 2
LS Type LSA type
Link State ID -
Checksum -
Length -
3-43

The following is sample output from the show ip ospf database external command:
ZXR10#show ip ospf database external
Type-5 AS External Link States
LS age: 18
LS Type: AS External Link
Link State ID: 111.1.0.0 (External Network Number)
Checksum: 0x4ae3
Length: 36
Network Mask: /16
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 110.1.1.111
External Route Tag: 3489660928
LS Type LSA type
Link State ID LS ID
The following is sample output from the show ip ospf database asbr-summary command:
ZXR10#show ip ospf database asbr-summary
Summary ASB Link States (Area 0.0.0.0)
LS age: 68
LS Type: Summary Links(AS Boundary Router)
Link State ID: 168.1.1.3 (AS Boundary Router address)
Checksum: 0xc875
Length: 28
Network Mask: /0
TOS: 0 Metric: 1
3-44

LS Type LSA type
Link State ID LS ID
Checksum -
3.4 OSPF Configuration Examples

3.4.1 OSPF Configuration Example One
As shown in Figure 3-13, S1 and S2 set up connection by two links, and advertise their
loopback address route respectively.
Figure 3-13 OSPF Configuration Example One
1. Configure IP addresses of the interconnected interfaces between S1 and S2, and
configure loopback interface IP address.
2. Add interfaces to OSPF area 0.
3. Configure load balancing on both S1 and S2. S1 and S2 can learn the loopback
address route advertised by the peer through two links.
3-45


Configuration Check
The following content will be shown after the configuration above is finished. It shows that
S1 and S2 set up neighborhood already. S1 and S2 ping the loopback interface of the
peer between each other, and the pings are successful. It shows that the configuration is
successful.
S1#show ip ospf neighbor
Neighbor ID Pri State DeadTime Address Interface

32.33.1.1 1 FULL/DR 00:00:40 11.22.1.2 vlan30
32.33.1.1 1 FULL/DR 00:00:37 11.22.10.2 vlan40
S1(config-ospf-1)#show ip forwarding route 1.1.1.22

IPv4 Routing Table:
1.1.1.22/32 11.22.1.2 vlan30 OSPF 110 2
3-46

1.1.1.22/32 11.22.10.2 vlan40 OSPF 110 2
Use ping to test the connectivity.

S1#ping 1.1.1.22
sending 5,100-byte ICMP echoes to 1.1.1.22,timeout is 2 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 1/1/2 ms.
3.4.2 OSPF Configuration Example Two

As shown in Figure 3-14, S1 does not need to learn the external route of backbone area,
while it needs to advertise itself external route. Here, establish NSSA area between S1
and S2, set up link between S2 and S3 in backbone area.
Figure 3-14 OSPF Configuration Example Two
1. Set up link between S1 and S2 in NSSA area 255, and set up link between S2 and S3
in area 0.
2. Redistribute direct-connected route on S3 and S1 respectively.
3. Configure NSSA default route advertisement on S2.
4. As a result, S1 can not learn the detailed route of S3 address, but there is a default
route pointing to S2. S3 can learn the direct-connected route redistributed by S1.
3-47

S1(config-ospf-1)#area 255 nssa
S2(config-ospf-1)#area 255 nssa default-information-originate
Configuration Check
Use show ip forwarding route 1.1.1.33 on S1 to view whether S1 learns the detailed route
of S3.
S1(config)#show ip forwarding route 1.1.1.33
IPv4 Routing Table:
Use show ip forwarding route 0.0.0.0 on S1 to view whether there is a default route pointing
to S2.
S1(config)#show ip forwarding route 0.0.0.0
IPv4 Routing Table:
0.0.0.0/0 11.22.1.2 vlan20 OSPF 110 2
Use show ip forwarding route 1.1.1.11 to inspect whether S3 learns the detailed route of
S1.
3-48

S3(config-ospf-1)#show ip forwarding route 1.1.1.11

IPv4 Routing Table:
1.1.1.11/32 33.32.1.1 vlan40 OSPF 110 2
Use ping on S2 to detect the connectivity from S3 to S1.

S3#ping 1.1.1.11
!!!!!
3.4.3 OSPF Multi-Instance Configuration Example

Users can configure multiple protocol instances. These protocol instances can belong
to the same VPN/public network or different Virtual Private Networks (VPNs). Different
protocol instances are independent of each other. They maintain the neighbor relationship,
LSDB of their own and calculate routes. However, the multiple instances belonging to the
same VPN/pbulic network share the same VPN/public network routing table. This is mainly
to divide and isolate networks.
In the following example, CE1 isolates the information flooded by PE1 and PE2. The
network topology is shown in Figure 3-15.
Figure 3-15 OSPF Multi-Instance Configuration Example
1. PE1 and CE1 establish OSPF neighbor relationship.
2. PE2 and CE1 establish OSPF neighbor relationship.
3. PE2 should not learn the link-state information related to vpn1.
Configuration on PE1:
3-49

PE1(config)#interface loopback1
PE1(config-if-loopback1)#ip vrf forwarding vpn1
PE1(config-if-loopback1)#ip address 1.1.1.17 255.255.255.255
PE1(config-if-loopback1)#exit
PE1(config)#interface vlan1
PE1(config-if-vlan1)#ip vrf forwarding vpn1
PE1(config-if-vlan1)#ip address 100.101.102.17 255.255.255.0
PE1(config-if-vlan1)#exit
PE1(config)#router ospf 1 vrf vpn1
PE1(config-ospf-1)#network 1.1.1.17 0.0.0.0 area 0
PE1(config-ospf-1)#exit
Configuration on CE1:
CE1(config)#interface loopback1
CE1(config-if-loopback1)#ip address 1.1.1.18 255.255.255.255
CE1(config-if-loopback1)#exit
CE1(config)#interface loopback2
CE1(config-if-loopback2)#ip address 2.2.2.18 255.255.255.255
CE1(config-if-loopback2)#exit
CE1(config)#interface vlan2
CE1(config-if-vlan2)#ip address 100.101.102.18 255.255.255.0
CE1(config-if-vlan2)#exit
CE1(config)#interface vlan3
CE1(config-if-vlan3)#ip address 100.102.102.18 255.255.255.0
CE1(config-if-vlan3)#exit
CE1(config)#router ospf 1
CE1(config-ospf-1)#network 1.1.1.18 0.0.0.0 area 0
CE1(config-ospf-1)#exit
CE1(config)#router ospf 2
CE1(config-ospf-2)#exit
Configuration on PE2:
PE2(config)#interface loopback1
PE2(config-if-loopback1)#ip vrf forwarding vpn2
PE2(config-if-loopback1)#ip address 1.1.1.19 255.255.255.255
PE2(config-if-loopback1)#exit
PE2(config)#interface vlan4
PE2(config-if-vlan4)#ip vrf forwarding vpn2
PE2(config-if-vlan4)#ip address 100.102.102.17 255.255.255.0
PE2(config-if-vlan4)#exit
PE2(config)#router ospf 1 vrf vpn2
3-50


PE2(config-ospf-1)#exit
Configuration Check
CE1 can learn the looback1 route advertised by PE1 and the loopback1 route advertised
by PE2. PE2 and PE1 cannot learn routes from each other. This indicates that the
multi-instance configuration takes effect.
CE1#show ip forwarding route ospf
IPv4 Routing Table:
1.1.1.17/32 100.101.102.17 vlan2 ospf 110 2
1.1.1.18/32 100.102.102.17 vlan3 ospf 110 2
PE2#show ip forwarding route vrf vpn2

IPv4 Routing Table:
2.2.2.18/32 100.102.102.18 vlan3 ospf 110 2
PE1#show ip forwarding route vrf vpn1

IPv4 Routing Table:
1.1.1.18/32 100.101.102.18 vlan1 ospf 110 2
3-51

This page intentionally left blank.
3-52

Chapter 4
IS-IS Configuration
Table of Contents
IS-IS Overview ...........................................................................................................4-1
Configuring the IS-IS Protocol ..................................................................................4-11
Maintaining the IS-IS Protocol ..................................................................................4-23
IS-IS Configuration Examples...................................................................................4-28
4.1 IS-IS Overview

Introduction to IS-IS
Intermediate System to-Intermediate System (IS-IS) is launched by International Standard
Organization (ISO), which is a routing protocol used for Connectionless Network Service
(CLNS). IS-IS is a network layer protocol of Open System Interconnection (OSI). By
expanding IS-IS protocol, the support to IP routing is added, and the integrated IS-IS
protocol is formed.
IS-IS is already widely used in network acting as a kind of Interior Gateway Protocol (IGP).
The working principle of IS-IS is similar to that of OSPF. IS-IS divides a network into some
areas. The routers of an area only manage the routing information of their area. In this
way, the router cost is saved. IS-IS can satisfy the requirements for middle and large-scale
network.
Since the IS-IS protocol is based on CLNS (not IP), IS-IS uses Protocol Data Unit (PDU)
defined by ISO to implement communication between routers. The types of PDUs used in
IS-IS protocol are as follows:
l Hello PDU
l Link state PDU (LSP)
l Sequence Number PDU (SNP)
Where, Hello PDU is similar to the HELLO packet in OSPF protocol, which is responsible
to form adjacency between routers, discovers new neighbors and detects the leaving of
any neighbors.
IS-IS routers uses LSA to exchange routing information, set up and maintain link state
database. A LSP indicates the important information related to a router, including the area
and the connected network. SNP is used to ensure that LSPs can be transmitted reliably.
SNP contains the summary information of every LSP on the network. When a router
receives a SNP, it compares the SNP with its link state database. If the router loses a
4-1

LSP existing in the SNP, it will send a SNP in multicast mode to ask for the required LSP
from other routers on the network.
By using LSPs in conjunction with SNPs, IS-IS protocol can interact routes reliably on a
large network.
Likewise, IS-IS protocol also uses the Dijkstra SPF algorithm to calculate routes. Based
on the link state database, it uses the SPF algorithm to calculate the optimal route and
then adds the route to IP routing table.
IS-IS Operation Principle

Basic IS-IS Concepts
l Area partition
The IS-IS dynamic route protocol uses a layered topology architecture. The network
consists two layers to reduce the load of the router. This architecture can better meet
the requirements of large scale network applications. For the architecture, see Figure
4-1.
Figure 4-1 IS-IS Architecture
The IS-IS architecture consists of two layers: L1 and L2. The L2 layer consists of L2
routers. It operates as the backbone network. The L1 layer consists of L1 routers and
L1/L2 routers. It operates as a non-backbone network. L1 routers can only exchange
routing information with L1 routers and L1/L2 routers in this area.
4-2

Chapter 4 IS-IS Configuration
The relation that can be established between routers is as follows:

à L1 neighbor relation can be established between two L1 routers only when the
area IDs of them match each other.
à L2 neighbor relation can be established between two L2 routers even if the area
IDs do not match each other.
à L1 neighbor relation can be established between one L1 router and one L1/L2
router only when the area IDs of them match each other.
à L2 neighbor relation can be established between one L2 router and one L1/L2
router even if the area IDs of the routers do not match each other.
à L1 neighbor relation and L2 neighbor relation can be established between two

L1/L2 routers at the same time if the area IDs of them match each other.
à L2 neighbor relation can be established between two L1/L2 routers if the ares IDs
of them do not match each other.
l IS-IS address architecture
ISO address is a network address. It is used to indicate the area ID and the system ID.
The NET address format can be expanded. The system ID usually consists 6 bytes.
It is used to identify the interface MAC address.
NSAP consists of the Initial Domain Part (IDP) and the Domain Specific Part (DSP),
see Figure 4-2. The IDP is similar to the network ID in an IP address, and the DSP is
similar to the subnet ID, host address, and the port in an IP address.
Figure 4-2 NSAP Address Architecture
The IDP is defined by the ISO. It consists of the Authority and Format Identifier (AFI)
and the Initial Domain Identifier (IDI). AFI refers to the address allocation organization
and the address format. The IDI is used to identify the domain.
The DSP consists of the High Order DSP, SystemID and the SEL.
à The HODSP is used to divide areas.

à The system ID is used to distinguish hosts.
à The SEL is used to indicate service type.
The length of the IDP and the DSP can be changed. The NSAP can be up to 20 bytes
in length and at least 8 bytes. The system ID identifies a unique host or a router in an
area. Its length is 48 bit (6 bytes) invariably. The SEL (NSAP Selector, sometimes it is
4-3

shorted to N-SEL) is similar to the protocol ID in an IP address. Different transmission

protocols have different SELs. In an IP address, the SEL is 00.
IS-IS neighbor establishment
The IS-IS distinguishes networks as point-to-point networks and broadcast networks. The
neighbor establish processes are different on these two types of networks.
l Establish neighbor on a point-to-point link
If the Intermediate System (IS) on the network is configured with the IS-IS routing
protocol and the interface is in UP state, the system sends IIH PDU packets. The other
neighboring intermediate systems perform the following operations after receiving the
packets:
When the IS receives a point-to-point IIH PDU packet, it compares the area addresses
of these two ISs to ensure that the neighbor can be established. If the two ISs have
the same area address, the neighbor can be established for all IS router combinations
(except the connection between one L1 IS and one L2 Only IS). However, if the area
addresses are different, the neighbor can only be established between two L2 ISs.
On a point-to-point network, if the area address is correct, the local intermediate
system matches the circuit type of the received IIH PDU packet with that in the local
intermediate system. If they match each other, neighbor relation can be established,
the neighbor information is added to the neighbor database, and the neighbor state is
set to UP. If the circuit types do not match each other, this packet is dropped.
The above neighbor establishment process is proposed in RFC1142, which is based
on the premise that the point-to-point network is absolutely reliable. However, the
network is not necessarily reliably. Therefore, the RFC3373 introduced the TLV.
Establish neighbor relation after three times of handshaking, see Figure 4-3.
Figure 4-3 Three Times of Handshaking
The IIH PDU sent by router RTA carries the type 240 TLV, in which, the neighbor's
three states are saved. When router RTB receives the packet, it confirms the next
neighbor state according to the state of its neighbor and the neighbor state in the TLV.
For the state changes, refer to Table 4-1.
Table 4-1 Neighbor State Changes
- Down Init Up
Down Init Up Down
4-4

Init Init Up Up
Up Init Accept Accept
l Establish neighbor on a broadcast link

On a broadcast network, neighbor relation is also established through three times of
handshaking. The L1 intermediate system sends L1 LAN IIH PDUs to the broadcast
address AllL1ISs, and intercepts packets based on this address. The L2 intermediate
system sends L2 LAN IIH PDUs to the broadcast address AllL2ISs, and intercepts
packets based on this address.
To create a neighbor for L1, the intermediate system receives a L1 LAN IIH PDU
packet on the broadcast address AllL1ISs. It compares every area address in the
received IIH PDU with the locally configured area address. If the area addresses do
not match each other, the neighbor cannot be created.
When the intermediate system receives a LAN IIH PDU packet, it checks whether the
neighbor already exists in its neighbor database.
à The neighbor's MAC is similar to the MAC source address in the PDU.
à The neighbor system ID is consistent with that of the PDU.
à The neighbor types are also consistent with each other.
If the above conditions are complied with, the neighbor exists, and the intermediate
system updates the timer, priority, and neighbor area addresses according to the
values in the PDU. If the above conditions are not complied with, for example, the
MAC addresses are in consistent with each other, this packet is dropped.
If the neighbor type is not consistent with the system ID, this neighbor is considered
to be a new neighbor, and this neighbor is added to the neighbor database. The state
of this neighbor will be set to INIT. The intermediate system then checks the neighbor
TLV carried in the IIH PDU packet. If its MAC address is contained in the neighbor TLV,
the state of the neighbor is set to UP, and an IIH PDU packet is sent. The intermediate
system neighbor TLV of the PDU will carry the MAC address of the neighbor.
After the neighbor receives the IIH PDU packet, it performs the similar operations. If
this neighbor does not exists, the neighbor is added to its neighbor state database
and the state is set to INIT. The intermediate system queries its MAC address in the
IIH PDU packet and sets the state to UP. For the process, see Figure 4-4.
4-5

Figure 4-4 Neighbor Establishment on a Broadcast Network
l DIS election on a broadcast link

The IS-IS protocol selects a specified Designate IS (DIS) to reduce the neighbor
information carried in the LSP sent on the broadcast network and simplify the network
architecture. The IS-IS protocol considers the network as a DIS or a pseudo-node.
Each intermediate system, including the DIS advertises links to the pseudo-node. The
DIS also advertises a link to all intermediate systems that are connected with itself,
see Figure 4-5.
Figure 4-5 DIS on a Broadcast Network
A DIS is the system that has the highest priority on a broadcast network. If the priorities
of all intermediate systems are the same, the intermediate system with the greatest
MAC address is the DIS. Generally, each network has two DISs: the L1 DIS and the
L2 DIS.
The conditions for electing a DIS are as follows:
à When the IS-IS process is started on a router, the DIS election is performed after
three Hello packets are sent
4-6

à At least one neighbor in UP state is required.

à If the state of a neighbor changes, DIS election is required.
à If the LAN ID in the IIH PDU carried by the neighbor changes, DIS election is
required.
Both the local router and other routers can be elected as the DIS. If the local router is
elected as the DIS, the DIS performs the following steps:
1. If other ISs exist, set the lifetime of the pseudo-nodes to 0 and delete them on the
network.
2. Generate new pseudo-node LSP and perform flooding.
3. Generate new nonpseudo-node LSP and perform flooding.
If the local IS does not operate as the DIS, perform the following steps:
1. Set the lifetime of the pseudo-nodes generated by itself to 0 and perform flooding
on the network.
2. Generate new nonpseudo-node LSP and perform flooding.
Reliable flooding and link state database synchronization
The following describes the frequently used terms in the IS-IS:
l CSNP: Complete Sequence Numbers Protocol Data Unit.
It is used to check link state consistency on both point-to-point links and broadcast
links.
l PSNP: Partial Sequence Numbers Protocol Data Unit.
It is used to
à acknowledge the received LSP on point-to-point links.
à apply for latest version or the lost LSP.

l SRM: Send Routing Message.
It is used to control the LSP to transmit messages to a neighbor router.
l SSN: Send Sequence Numbers Message.
It is used to
à acknowledge the received LSP that is flooded on point-to-point links.
à apply for the complete LSP information for synchronizing the database on
broadcast links.
l TLV: Type/Length/Value. Type: Type of a specified field. Length: Length of a specified
field. Value: Information contents.
The TLV is carried in the PDU of the IS-IS, and is used to describe the extendable
fields.
The CSNP and PSNP have the same package format, and carry the LSP abstract
information respectively. The difference between them is that the CSNP advertised
4-7

by a router carries all LSP abstract information that is available in the router link state
database. But the PSNP only carries a subset of the information.
The SRM and the SSN are mainly used for router selection information diffusion and
database synchronization.
l Point-to-point links
The IS-IS protocol uses a reliable flooding mechanism on point-to-point links. On a
point-to-point link, there is only one neighbor router on the opposite end of the link,
and the router uses limited bandwidth to trace acknowledge messages sent by the
neighbor router.
The CSNP simplifies the database synchronization process. When the neighbor
relation between two connected routers is established for the first time, all CSNPs on
the point-to-point link are exchanged. Through comparing the CSNP with the local
database and the database of each neighbor router, the missing or expired LSP can
be confirmed.
Use the PSNP to apply for the missing or the LSP of the current version. If the router
finds that some neighbor routers lack the LSP, the router can flood the LSP. During the
flooding, use the SSN to identify that it is the PSNP that needs to be sent, and use the
SRM to identify that it is the LSP that needs to be sent. When the PSNP acknowledge
packet is received from the peer end, the SRM tag can be cleared. If the acknowledge
packet is not received, the corresponding packet is resent after timeout.
For the example of the diffusion process on point-to-point networks, see Figure 4-6.
The neighbor relation between RTB and RTC is normal, and RTA and RTB establish
the adjacent relation for the first time.
Figure 4-6 Point-to-point Diffusion and Database Synchronization
1. The process for establishing the adjacent relation and database synchronization
is as follows:
Step RTA RTB
1 Send CSNP send CSNP
2 - Receives the CSNP from RTA and

sends the PSNP request. The RTA's
CSNP is lost. RTB finds the LSP of
the local link state database that is
lost by the RTA' CSNP, RTB sends the
RTC.00-00 LSP to RTA.
3 Receives the PSNP and sends RTA.00-00 -

LSP
4-8

Step RTA RTB
4 Receives the RTC.00-00 LSP and -

updates the database.
Sends the acknowledge PSNP of the
RTC.00-00 LSP
5 - Receives the RTA.00-00 LSP and

updates the database.
2. After the adjacent relation is established between RTB and RTA, the RTA
information is flooded to RTC. The process is as follows:
Step RTB RTC
1 Receives the RTA.00-00 from RTA, and Sends the CSNP.

the LSP from the SEQ 100 through
interface 2.
Checks the database and finds that the
LSP is unavailable.
Sets the SSN for the RTA.00-00 on
interface 2.
Sets the SRM for the RTA.00-00 on
interface 3.
Sends the PSNP acknowledge packet for
the RTA.00-00 on interface 2.
Clears the SSN on interface 2.
2 - Receives the RTA.00-00 SEQ 100

from RTB on interface 4.
Checks the database and finds
that the LSP is unavailable in the
database.
Sets the SSN for the RTA.00-00 on
interface 4.
Adds the RTA00-00 SEQ 100 to the
database.
Sends the PSNP acknowledge packet
for the RTA.00-00 on interface 4.
Clears the SSN on interface 4.
3 Receives the PSNP acknowledge packet -

for the RTA.00-00 on interface 3.
Clears the SRM for the RTA.00-00 on
interface 3.
l Broadcast links
4-9

On broadcast links, LSP is diffused to adjacent routers on layer 1 and layer 2 through
broadcast addresses ALL L1S and ALL L2S. The diffusion on broadcast links does
not require reliable transmission.
Unreliable diffusion requires a mechanism to guarantee database synchronization.
The IS-IS router uses the DIS to broadcast CNSP periodically to implement database
synchronization on broadcast links.
The DIS controls the diffusion and database synchronization on broadcast links. The
IS-IS protocol does not require that the IS-Is routers can only establish adjacent
relation with DIS on broadcast links. After the hello packet is broadcasted and three
times of handshaking, adjacent relation can be established between routers. Three
times of handshaking means that all routers report the detected routers. The CSNP
sent by the DIS is transmitted periodically to ensure that all routers on the LAN
receives a copy. Through comparing the CNSP and that in the link state database,
the missing LSP and new version LSP can be recognized. The router can then send
the PSNP packet to apply for the LSP.
Broadcasting CSNP periodically consumes lots of bandwidth and thus the cost is high.
However, this is a simple reliable transmission policy on a broadcast link. You can
reduce the sending frequency by increasing the sending interval.
RTA and RTB are connected to the link, and RTC is the last router that is connected
to the link. The RTA link state database contains RTA.00-00, RTA.01-00(pseudo lsp),
and RTB.00-00, see Figure 4-7.
Figure 4-7 Diffusion and Database Synchronization on a Broadcast Link
1. RTC generates an LSP (RTC.00-00) after RTA establishes the adjacent relation
with RTB. RTC then copies the LSP and saves it to its database. After this, RTC
diffuses another copy to the link through interface 3.
2. RTA that operates as the DIS advertises a CSNP to the link in broadcast mode.
3. After RTC receives the CSNP, it compares the CSNP with that in the local link
state database. It finds that three LSPs are unavailable: RTA.00-00, RTA.01-00,
and RTB.00-00. RTC sends a PSNP to the link to request for the LSPs.
4. RTA sends RTA.00-00, RTA.01-00, and RTB.00-00 in broadcast mode. After RTC
receives the copies, the RTC's database can be synchronized with the RTA's
database.
4-10

Route-leaking
Attatch bit: The RFC1195 defines that if an L1/L2 router in an area is connected with a
router in another area, the L1/L2 router sets the ATT bit in its L1 LSP to inform the L1
router in this area that there is an egress. the L1 router in this area selects the nearest L2
on which the ATT bit is set as the egress of the area, and then a default route is generated.
The L1 router selects the nearest L1/L2 router as the egress of this area, but the nearest
route is not necessarily the optimum route, the second optimum route may be used.
Therefore, the RFC2966 defined the route-leaking. To avoid the use of second optimum
route, the routing information in the backbone area is leaked to the Level–1 area. Using
this method, the common areas also have the routing information of the entire IS-IS route
domain.
For the route-leaking operation, see Figure 4-8.
Figure 4-8 Route-leaking
4.2 Configuring the IS-IS Protocol

The IS-IS configuration described in this section is based on IP routing. If no instance or
interface is specified in the following configurations, the process ID is assumed to be 0 and
VLAN100 is used as the interface.
Enabling the IS-IS Protocol

To enable the IS-IS protocol on the ZXR10 5900E, perform the following steps:
4-11

1 ZXR10(config)#router isis<process-id>[vrf <vrf-name>] Enables the IS-IS protocol.
2 ZXR10(config-isis-0)#area <area-address> Configures an IS-IS area in

IS-IS routing mode and set the
router to this area.
The area address is a hex
character string with 1-13
bytes.
3 ZXR10(config-isis-0)#system-id <system-id>[range Sets a system ID for the IS-IS

<range-number>] protocol. An system ID is used
to identify a router in an area.
It is a hex character string with
6 bytes. Usually, it is a MAC
address of an interface on the
router.
By default, a router running the
IS-IS protocol is identified to be
LEVEL-1-2.
4 ZXR10(config-isis-0)#interface <interface-name> Enters interface configuration

mode.
ZXR10(config-isis-0-if-vlan100)#ip router isis Specifies an interface to run

the IS-IS protocol.
Configuring IS-IS Global Parameters

For a network on which all ZXR10 series routers or switches run, use the default
parameters in IS-IS configuration. To connect to devices of other manufactories, the
related interface parameters and timers should be adjusted to acquire higher running
efficiency.
To configure IS-IS global parameters on the ZXR10 5900E, perform the following steps:
1 ZXR10(config)#router isis <process-id>[vrf <vrf-name>] Enters IS-IS route configuration

mode.
2 ZXR10(config-isis-0)#is-type {level-1 | level-1-2 | Sets an operation mode for the

level-2-only} router.
The operation modes
include level-1, level-1-2,
and level-2-only.
3 ZXR10(config-isis-0)#metric-style < narrow | wide > Configures the metric style.

Default: narrow.
4-12

4 ZXR10(config-isis-0)#lsp-refresh-time < refresh-time > Configures the interval

(second) for refreshing local
LSPs. Range: 1-65535.
On a stable network, the
local LSPs are refreshed
periodically.
Default: 900.
5 ZXR10(config-isis-0)#max-lsp-lifetime < time > Configures the maximum

duration (second) for
maintaining a local LSP
alive. Range: 1-65535.
Default: 1200.
6 ZXR10(config-isis-0)#distance < value > Sets the priority of the IS-IS

protocol on the local router.
7 ZXR10(config-isis-0-vlan100)#passive-mode Sets a passive interface. If an

interface is configured as a
passive interface, its address
information is added to the local
LSP, but the passive interface
is not used to forward packets.
8 ZXR10(config-isis-0)#set-overload-bit [on-start-up Sets an OL flag. If the router

{<5-86400>| auto | wait-for-bgp}][suppress {all | external fails to reach the required
| interlevel}] processing capability, it sends
advertising packets to other
routers that run the IS-IS
protocol.
9 ZXR10(config-isis-0)#default-information originate Originates a default route.

[always][metric <metric-value>][metric-type <type>][level-1 When you configure route
| level-1-2 | level-2] redistribution, run this
command to redistribute
default routes to IS-IS areas.
10 ZXR10(config-isis-0)#summary-address Configures the IS-IS protocol

<ip-address><net-mask>[metric <metric-value>][level-1 | to aggregate routes.
level-1-2 | level-2] The IS-IS protocol can
aggregate multiple route
entries to one aggregated route
and advertise this route instead
of advertising all routes.
4-13

11 ZXR10(config-isis-0)#hello padding {multi-point | Configures the IS-IS protocol

point-to-point } to pad hello packets to the
maximum length.
12 ZXR10(config-isis-0)#ignore-lsp-errors Configures the system to drop

the incorrect checksum LSPs
received by the IS-IS router.
13 ZXR10(config-isis-0)#i-spf Enables the IS-IS instance to

support the incremental SPF
calculation.
14 ZXR10(config-isis-0)#route-leak level-2 into level-1 Configures route-leaking from

route-map <map-tag> IS-IS level-2 to level-1
15 ZXR10(config-isis-0)#spf-interval <interval>[<initial-wai Configures the minimum

t>[<wait-first-second>]][{level-1|level-2}] interval for IS-IS topology
calculation.
For a description of the parameter in Step 3, refer to the following table:
< narrow | wide > In narrow mode, six bits are used to carry the metric value.
In wide mode, 24 bits are used to carry the metric value. In
addition, more TLVs can be carried in wide mode.
The range for bringing the metric value in narrow mode is
smaller than that in wide mode. When devices are connected
and form neighbor relations, a topology may fail to be
established because of different metric styles.
on-start-up { 5-86400 | auto | l 5-86400: After the router is restarted, the OL flag cannot
wait-for-bgp } be set after a period within this range.
l auto: The OL flag cannot be set after databases are
synchronized.
l wait-for-bgp: The OL flag cannot be set after the BGP
is synchronized.
suppress {all | external | interlevel} l all: Suppress the leakage of both external and internal
routes
l external: Suppress the local router to learn redistributed
routes
l interlevel: Suppress the leakage of internal routes
between level-1 and level-2.
4-14

always No matter whether a default route exists in redistributed route

entries, the system generates a default route advertisement
entry. If this parameter is not set, the system only advertises
a default route when the redistributed route entries have a
default route.
metric <metric-value> Metric value. Range: 0-4261412864.
metric-type <type> Metric type. Value: external and internal. Default, internal.
level-1 The default route is generated on level-1.
level-1-2 The default route is generated on both level-1 and level-2.
level-2 The default route is generated on level-2 (default setting).
<ip-address> Allocated aggregated address.
<net-mask> IP subnetwork mask. It is used to aggregate routes.
metric <metric-value> Metric value. Range: 0-4261412864.
level-1 Router locates at level-1.
level-1-2 Router locates at level-1-2.
level-2 Router locates at level-2.
<interval> Maximum interval (second) for calculating the SPF. Default:

10, range: 1-120.
<initial-wait> Initial waiting duration (millisecond) for calculating the SPF.

Default: 5500, range: 0-120000.
<wait-first-second> Minimum waiting duration (millisecond) between calculating

the SPF for the first time and the second time. Default: 5500,
range: 0-120000.
level-1 Interval for calculating the SPF on router level-1.
level-2 Interval for calculating the SPF on router level-2.
Configuring IS-IS Interface Parameters

To configure IS-IS interface parameters on the ZXR10 5900E, perform the following steps:
4-15

1 ZXR10(config)#router isis Enters IS-IS configuration

mode.
2 ZXR10(config-isis-0)#interface <interface-name> Enters IS-IS interface

configuration mode.
3 ZXR10(config-isis-0-if-vlan100)#circuit-type Configures an interface

{level-1|level-1-2|level-2-only} operation type.
Default: level-1-2.
The configuration must be
consistent with the IS-IS global
operation type. In addition, the
operation types of the directly
connected neighbors must also
be consistent with the operation
type.
ZXR10(config-isis-0-if-vlan100)#hello-interval Interval (second) for sending

<interval>[level-1 | level-2] Hello packets. Range:
1-65535, default, 10.
If optional parameters are
not set, the configuration is
effective for both level-1 and
level-2 operation types.
ZXR10(config-isis-0-if-vlan100)#hello-multiplier Configures the times of

<multiplier>[level-1 | level-2] the duration for keeping
neighborhood than the interval
for sending Hello packets.
ZXR10(config-isis-0-if-vlan100)#lsp-interval Configures the interval

<interval>[level-1 | level-2] (second) for transmitting LSPs.
ZXR10(config-isis-0-if-vlan100)#retransmit-interval Configures the interval

<interval>[level-1 | level-2] (second) for retransmitting
LSPs. Range: 1-65535,
default: 2.
4-16

The configuration only applies

to point-to-point links.
ZXR10(config-isis-0-if-vlan100)#priority Configures the DIS election

<priority>[level-1 | level-2] priority for an interface. Range:
0-127, default: 64. The router
with a higher priority is elected
to be the DIS.
The configuration is only
effective for broadcast links.
ZXR10(config-isis-0-if-vlan100)#metric Sets the metric value of an

<metric-value>[level-1 | level-2] IS-IS interface. In wide mode,
range: 1-16777215, default:
10. In narrow mode, range:
1-63.
The metric value is used when
the interface participates in the
calculation of the shortest IS-IS
path.
ZXR10(config-isis-0-if-vlan100)#network Configures the interface on

point-to-point which the IS-IS protocol
is enabled to simulate a
point-to-point interface.
ZXR10(config-isis-0-if-vlan100)#bfd-enable Enables the BFD function for

the IS-IS protocol.
ZXR10(config-isis-0-if-vlan100)#max-burst Sets the maximum number of

<number> LSPs that can be sent each
time. Range: 1-50.
4-17

ZXR10(config-isis-0-if-vlan100)#mtu <512-4096> Sets the maximum length

(byte) of hello packets sent by
the IS-IS interface.
ZXR10(config-isis-0-if-vlan100)#ignore-mtu Ignores the checking of IS-IS

packets if they can be received
when they exceed the MTU of
the corresponding interface.
If the length of the received
packets is too long that the
packets are not received
completely, this command is
not effective, and the length of
packets is checked.
ZXR10(config-isis-0-if-vlan100)#csnp-interval Defines the interval (second)

<interval>[level-1 | level-2] for sending CSNP packets.
Range: 1-65535. For
broadcast links, the default
setting is 10. For point-to-point
networks, the default value is
3600.
ZXR10(config-isis-0-if-vlan100)#psnp-interval Configures the interval

<interval>[level-1 | level-2] (second) for sending PSNP
packets on an interface.
PSNP usually applies to
point-to-point networks. If
optional parameters are
Configuring IS-IS Authentication

The ZXR10 5900E supports the following four IS-IS authentication types:
l Inter-neighbor authentication
l Intra-area authentication
l Inter-area authentication
l Inter-SNP authentication
4-18

At present, the ZXR10 5900E supports plain text and MD5 authentication modes.
To configure IS-IS authentication on the ZXR10 5900E, perform the following steps:
1 ZXR10(config)#router isis [process-id][vrf <vrf-name>] Enters IS-IS route configuration

mode.
2 ZXR10(config-isis-0)#authentication-type <type>[level-1 Configures an authentication

| level-2] mode: text or md5.
ZXR10(config-isis-0)#authentication [encrypt]<key>[lev Configures IS-IS authentication

el-1 | level-2] in routing mode. Password
length: 1-100 characters.
By default, SNP packets and
LSPs are authenticated
in routing mode. To
authenticate LSPs only, run
the disable-snp-authentication
command.
not set, the authentication is
effective for both SNP packets
of level-1 and level-2 operation
types.

configuration mode.
4 ZXR10(config-isis-0-if-vlan100)#authentication-type Configures authentication

<type>[level-1 | level-2] mode in interface mode,
If optional parameters are not
set, the authentication mode is
ZXR10(config-isis-0-if-vlan100)#authentication Configures the authentication

[encrypt]<key>[level-1 | level-2] mode for Hello packets.
Password range: 1-100
characters.
If optional parameters are not
set, the authentication mode
is effective for Hello packets
of both level-1 and level-2
operation types.
4-19


mode.
6 ZXR10(config-isis-0)#enable-snp-authentication Enables SNP authentication.
ZXR10(config-isis-0)#disable-snp-authentication Disables the authentication for

SNP packets.
Configuring an IS-IS Hostname

To configure an IS-IS hostname on the ZXR10 5900E, perform the following steps:

mode.
2 ZXR10(config-isis-0)#hostname dynamic enable Sets the IS-IS hostname

function to obtain system
names dynamically. By default,
this function is enabled.
ZXR10(config-isis-0)#hostname dynamic disable Disables the IS-IS hostname

function.
Configuring IS-IS Mesh-Group

To configure an IS-IS mesh-group on the ZXR10 5900E, perform the following steps:
1 ZXR10(config)#router isis [process-id][ vrf < vrf-name>] Enters IS-IS route configuration
mode.
2 ZXR10(config-isis-0)#interface <interface name> Enters interface configuration

mode.
3 ZXR10(config-isis-0-if-vlan100)#mesh-group blocked Set meshEnable to

meshBlocked. LSP packets
are blocked on the interface.
4 ZXR10(config-isis-0-if-vlan100)#mesh-group Configures an interface to a

<mesh_group_number> mesh_group. Mesh-group
number range: 1-4294967295.
Configuring IS-IS Redistribution

To configure IS-IS redistribution on the ZXR10 5900E, perform the following steps:

mode.
4-20

2 ZXR10(config-isis-0)#redistribute <protocol>[[level-1 Configures route redistribution

| level-1-2 | level-2][{[ metric <metric-value>]| in IS-IS routing mode.
with-originate-metric}][metric-type <type>][route-map
<map-tag>]]
<protocol> (Required) Protocol source. Options are as follows: connect,

static, rip, isis <process-id>, ospf <process-id> and bgp. It is
mandatory. To redistribute IS-IS/OSPF routes, it is necessary
to specify the process ID.
level-1 Sets the redistributed routes to enter Level-1.
level-1-2 Sets the redistributed routes to enter Level-1 and Level-2.
level-2 Sets the redistributed routes to enter Level-2.
with-originate-metric Uses the metric value in the originating routing protocol as

the flag.
<metric-value> Metric value. Range: 0-4261412864.
<metric-type> Whether to carry an external metric value of an interval

metric value.
route-map <map-name> Use a route-map.
Configuring IS-IS Load Balancing

IS-IS supports load balancing. Load balancing indicates that multiple links with the same
cost and destination can share traffic. Load balancing has two modes: packet-based and
flow-based. The default mode is flow-based.
To configure IS-IS load balancing on the ZXR10 5900E, perform the following steps:

mode.
2 ZXR10(config-isis-0)#maximum-paths <1-32> Configures load balancing in

IS-IS route configuration mode.
The parameter < 1-32>
indicates the load balancing
entries supported by the
system.
Configuring Traffic Engineering

The ZXR10 5900E IS-IS IPv4 supports the public network TE function.
4-21

To configure IS-IS traffic engineering on the ZXR10 5900E, perform the following steps:

mode.
2 ZXR10(config-isis-0)#metric-style wide In IS-IS routing mode, configure

the wide metric.
3 ZXR10(config-isis-0)#mpls traffic-eng level-1 Enables TE on IS-IS Level-1.
4 ZXR10(config-isis-0)#mpls traffic-eng level-2 Enables TE on IS-IS Level-2.
Configuring IS-IS FRR

The IS-IS FRR function is used to calculate the backup topology. If the active link is invalid,
traffic can be forwarded to the backup route immediately to avoid data loss.
To configure the IS-IS FRR function on the ZXR10 5900E, perform the following steps:

mode.
2 ZXR10(config-isis-0)#fast-reroute enable Configures the wide metric.
3 ZXR10(config-isis-0)#fast-reroute alternate-type Sets the IS-IS FRR calculation

down-stream-path mode to down-stream-path.
Default: LFA.
4 ZXR10(config-isis-0)#interface <interface-name> Enters route interface mode.
5 ZXR10(config-isis-0-if-interface-name)#fast-rero Sets this interface not to be

ute block used in IS-IS FRR calculation
and not to be used to form a
backup link.
Configuring IS-IS GR
The IS-IS Graceful Restart (GR) function is used to guarantee that the forwarding process
can continue if the corresponding router is restarted. A neighbor router can process
messages when it is restarted. With this function, this process does not result in route
oscillation.
To configure the graceful-restart on the ZXR10 5900E, perform the following steps:

mode.
2 ZXR10(config-isis-0)#restart enable Enables the graceful restart

function in IS-IS routing mode.
4-22

3 ZXR10(config-isis-0)#restart t2-timer <t2-interval>[lev Sets a database

el-1 | level-2] synchronization timer for
the graceful restart function.
4 ZXR10(config-isis-0)#restart t3-timer {adjacency | Sets a completion timer for the

manual<t3-interval>} graceful restart function.

configuration mode.
6 ZXR10(config-isis-0-if-vlan100)#restart {t1-retry Sets the retry times of t1

<retry-timers>[level-1 | level-2]}|{t1-timer <interval>[level-1 timer. For broadcast links,
| level-2]} if the router is selected as a
DIS router, and this command
is run on the interface, you
are recommended to run the
hello-multiplier command to
increase the hello-multiplier
value.
t1-retry Number of times that t1 timer is reset.
t1-timer Time set by t1 timer.
<retry-timers> Number of times that t1 timer can be reset. Default: 3.
<interval> Interval (second). Range: 1-65535, default: 3.
level-1 The router is in the Level-1 area.
level-2 The router is in the Level-2 area.
4.3 Maintaining the IS-IS Protocol

To maintain the IS-IS protocol on the ZXR10 5900E, run the following commands:
Command Function
ZXR10#show isis adjacency [up-time][ level-1 | level-2][process-id Displays the adjacency relations
<process-id>] and the status of current
neighbors.
ZXR10#show isis circuits [detail][process-id]show isis circuits Displays the information about the
[detail][process-id<process-id>] IS-IS interface.
ZXR10#show isis database [LSP-ID][level-1| level-2][verbose][de Displays the information about an

tail][process-id<process-id>] IS-IS neighbor.
4-23

Command Function
ZXR10#show isis topology [level-1|level-2][process-id<process-id Displays the IS-IS topology.

>][vrf < vrf-name>]
ZXR10#show isis mpls traffic-eng tunnel [process-id<process-id>] Displays the usage of the IS-IS
tunnel.
ZXR10#show isis fast-reroute-topology [ level-1|level-2][process-id] Displays the backup IS-IS

topology.
For a description of the parameters, refer to the following table:
level-1 A router locates in the level-1 area.
level-2 A router locates in the level-2 area.
up_time The up time of a neighbor.
process-id Instance number. Range: 0-65535.
detail Detailed information.
The following is sample output from the show isis adjacency command:
ZXR10(config-isis)#show isis adjacency
Process ID: 0
Interface System id State Lev Holds SNPA(802.2) Pri MT
gei-0/1/1/1 3333.3333.3333 UP L1 23 00E0.D021.0205 64
gei-0/1/1/2 3333.3333.3333 UP L2 24 00E0.D021.0203 64
Process ID Instance number.
Interface Name of the local interface that sets up neighborhood with

the peer.
System id System ID of a neighbor, in xxxx.xxxx.xxxx mode.
State Neighborhood status. Options: UP and INIT.
Lev The level where neighborhood locates. Three levels are

available: L1, L2, and L3.
Holds Duration for maintaining a neighborhood relation.
SNPA(802.2) Access point of a subnetwork.
Pri Priority of a router.
MT Multiple topology identifier.
The following is sample output from the show isis circuits command:
4-24

ZXR10(config)#show isis circuits

Process ID: 0
Interface State Lev CirId Level1-DR Level2-DR Pri(L1/L2)
gei-0/1/1/1 Up L1 2 No found Disabled 64/64
Interface IS-IS port name.
State If an interface that runs the IS-IS protocol is enabled, it is in

the UP state. If it is not enabled, it is in the down state.
Lev Interface level.
CirId Interface ID.
Level1-DR Router of level 1.
Level2-DR Router of level 2.
Pri(L1/L2) L1/L2 priority.
The following is sample output from the show isis database command:
ZXR10(config-isis-0)#show isis database detail

Process ID:0
IS-IS Level-1 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
0000.2222.6666-00-00 0x4 0x8b7a 1152 0/0/0
NLPID: 0xcc
Hostname: 8905E-1
Area Address: ff
IP Address: 1.1.1.48
Metric: 10 IS neighbor 0000.2222.6666-02
Metric: 10 IP-Internal 1.1.1.0 255.255.255.0
0000.2222.6666-02-00 0x1 0x3551 1047 0/0/0
0000.2222.7878-00-00* 0x13 0xfb1a 1034 0/0/0
NLPID: 0xcc
NLPID: 0x8e
Area Address: ff
IPv6 Address: 1::
4-25


Metric: 10 IPv6 1::/64
IS-IS Level-2 Link State Database:
0000.2222.6666-00-00 0x5 0xaf92 1151 0/0/0
NLPID: 0xcc
Hostname: 8905E-1
Area Address: ff
0000.2222.6666-02-00 0x1 0x3551 1046 0/0/0
0000.2222.7878-00-00* 0x13 0xfb1a 1032 0/0/0
NLPID: 0xcc
NLPID: 0x8e
Area Address: ff
IPv6 Address: 1::
Metric: 10 IPv6 1::/64
LSPID Link state packet ID.
LSP Seq Num Link state packet sequence number.
LSP Checksum Link state packet checksum.
LSP Holdtime LSP life time.
ATT/P/OL Whether to connect to external area (ATT) bit/partition

bit/overload bit.
The following is sample output from the show isis topology command:
ZXR10(config-isis-0)#show isis topology
4-26

Process ID: 0
IS-IS paths to Level-1 routers
System id Metric Next-Hop Interface SNPA
2222.2222.2222 10 2222.2222.2222 vlan1 00E0.D021.0204
3333.3333.3333 --
2222.2222.2222 10 2222.2222.2222 vlan2 00E0.D021.0205
3333.3333.3333 --
System id System ID of the destination IS.
Metric Metric value to the destination IS, "--" indicates itself, "**"
means that the route can not be calculated.
Next-Hop The next hop IS to the destination IS.
Interface Interface for forwarding route.
SNPA SNPA address of the next hop. P-P interface flag: "*ppp*".
The following is sample output from the show isis mpls traffic-eng tunnel command:
ZXR10(config)#show isis mpls traffic-eng tunnel
Process ID: 0
state codes: * the only next hop, ** one of next hops,
-not chosen as next hop
System id Tunnel-name Next-hop Metric Mode State

2222.2222.1111 te_tunnel1 1.1.2.110 10 Absolute **
System Id System ID of the destination IS.
Tunnel-name Tunnel name.
Next-Hop The next hop IS to the destination IS.
Metric The metric to the destination IS.
Mode Metric mode of an automatic tunnel.
State Usage state of an automatic tunnel in espf calculation.
The following is sample output from the show isis fast-reroute-topology command:
4-27

ZXR10(config-isis-0-if-vlan10)#show isis fast-reroute-topology

Process ID: 0
IS-IS ipfrr paths to Level-1 routers
System id Interface Ipfrr interface Ipfrr type metric
1111.1111.1111 vlan10 vlan20 Link 10
IS-IS ipfrr paths to Level-2 routers
System id Interface Ipfrr interface Ipfrr type metric
1111.1111.1111 vlan10 vlan20 Link 10
System id System ID of the destination IS.
Interface Master outgoing interface to the destination IS.
Ipfrr interface Backup outgoing interface to the destination IS.
Ipfrr type IS-IS FRR calculation mode, including LFA and

down-stream-path.
metric Metric to the destination IS.
4.4 IS-IS Configuration Examples

4.4.1 Single Area IS-IS Configuration Example
It is required that analyze the network before starting IS-IS configuration. According to
network size, decide the network topology that how many areas to be divided and how
many routing protocol to be ran on network. Configure IS-IS on a single area if the network
scale is not much larger.
As shown in Figure 4-9, configure IS-IS on a single area.
Figure 4-9 Single Area IS-IS Configuration Example
4-28

1. Configure IP addresses of interfaces
2. Configure IS-IS protocol
3. Enable IS-IS protocol on interface
4. Test the configuration result. Make sure that S1 and S2 can set up neighborhood
between each other and calculate topology correctly. Make sure that S1 and S2 can
ping the loopback interface of the peer between each other.
Configuration ON S1:
S1(config)#router isis
S1(config-isis-0)#area 01
S1(config-isis-0)#system-id 00D0.D0C7.5460
S1(config-isis-0)#interface vlan10
S1(config-isis-0-if-vlan10)#ip router isis
S1(config-isis-0-if-vlan10)#exit
S1(config-isis-0)#interface loopback1
S1(config-isis-0-if-loopback1)#ip router isis
S1(config-isis-0-if-loopback1)#exit
Configuration ON S2:
S2(config-isis-0)#system-id 00D0.D0C7.53E0
S2(config-isis-0)#interface loopback1
S2(config-isis-0-if-loopback1)#ip router isis
S2(config-isis-0-if-loopback1)#end
4-29

Configuration Check
After finishing the configuration above, the following content can be viewed on both S1
and S2. It means that S1 and S2 can set up neighborhood and calculate topology. Ping
the loopback address of the peer on S1 and S2 respectively.
Use show running-config isis on S1 to view whether the IS-IS configuration is correct.
S1(config)#show running-config isis
!
router isis
area 01
system-id 00D0.D0C7.5460
interface vlan10
ip router isis
$
interface loopback1
ip router isis
$
Use show isis adjacency on S1 to view whether the neighborhood is normal. After the
neighborhood is set up, UP will be shown under the field of state.
S1(config)#show isis adjacency
gei-0/1/1/1 00D0.D0C7.53E0 UP/UP L1L2 8/7 0030.3144.5566 64/64
Use show isis topology on S1 to view whether the topology can be calculated correctly. If
the topology is calculated correctly, the following entry can be viewed on the command
output. If "–" is shown under the field of metric, it means the local router. If "**" is shown
under the field of metric, it means inaccessible.
S1(config)#show isis topology
00D0.D0C7.53E0 10 00D0.D0C7.53E0 vlan10 0030.3144.5566
00D0.D0C7.5460 --

00D0.D0C7.53E0 10 00D0.D0C7.53E0 vlan10 0030.3144.5566
00D0.D0C7.5460 --
Use show isis circuits on S1 to view the interface information and the DIS election. The
UP means that the interface state is normal. The Down means that the interface state
is abnormal. For abnormal interface state, it is required that inspect the link state and IP
configuration.
S1(config)#show isis circuits
IS-IS interface database:
4-30

loopback1 Up L1L2 0 No found No found 64/64

gei-0/1/1/1 Up L1L2 2 00D0.D0C7.53E0-02 00D0.D0C7.53E0-02 64/64
S1#ping 192.168.6.1
!!!!!

!
router isis
area 01
system-id 00D0.D0C7.53E0
interface vlan10
ip router isis
$
interface loopback1
ip router isis
$
!
S2(config)#show isis circuits
loopback1 Up L1L2 0 No found No found 64/64
gei-0/1/1/1 Up L1L2 2 Dis is me Dis is me 64/64
ZXR10(config)#show isis adjacency
gei-0/1/1/1 00D0.D0C7.5460 UP/UP L1L2 23/23 0030.3144.5560 64/64
ZXR10(config)#show isis top
00D0.D0C7.53E0 --
00D0.D0C7.5460 10 00D0.D0C7.5460 vlan10 0030.3144.5560

00D0.D0C7.53E0 --
00D0.D0C7.5460 10 00D0.D0C7.5460 vlan10 0030.3144.5560
S2#ping 192.168.3.1
!!!!!
4-31

4.4.2 Multiple Area IS-IS Configuration Example

For a larger size network, use multiple IS-IS areas. According to the geographic locations
and the functions of routers, partition the close routers to an area. Area division helps
to lighten the demands for memory. The area only need to maintain a smaller link state
database. A router only needs to maintain a smaller link state database in its area.
As shown in Figure 4-10, S1 belongs to area 1, S2 belongs to area 0, and S3 and S4
belong to area 2. S1 aggregates the routes of the network segment in area 1, and S4
redistributes the default route to IS-IS.
Figure 4-10 Multiple Area IS-IS Configuration Example
1. Configure IP addresses of interfaces.
2. Configure IS-IS protocol.
3. Enable IS-IS protocol on interfaces.
4. Enable route aggregation on S1.
5. Configure static route on S4 and redistribute default route.
6. Test the configuration. Make sure that the neighborhood is set up between S1 and S2,
between S2 and S3, and between S3 and S4 already and the topology is calculated
correctly. Ping the peer interface by one of any pair of interfaces successfully.
4-32

S1(config-isis-0)#system-id 00D0.D0C7.5460
S1(config-isis-0)#is-type level-1-2
S1(config-isis-0-if-vlan10)#circuit-type level-2
S1(config-isis-0)#summary-address 192.168.100.0 255.255.252.0
S1(config-isis-0)#exit
S2(config-isis-0)#system-id 00D0.D0C7.53E0
4-33

S3(config-isis-0)#system-id EF00.AB00.DF12
S4(config-isis-0)#system-id 00DE.FD11.AD00
S4(config-isis-0)#is-type level-1
S4(config)#ip route 0.0.0.0 0.0.0.0 192.168.13.1
S4(config-isis-0)#default-information originate
S4(config-isis-0)#redistribute static metric 10
S4(config-isis-0)#end
Configuration Check
After the configuration above is finished, the following content can be viewed on one of
any pair of devices. It shows that the neighborhood is set up already and the topology is
4-34

calculated correctly. The peer interface can be pinged successfully by one end of any pair
of devices.
Use show ip protocol routing to view the default static route redistributed by S4 on S1.
!
router isis
area 01
system-id 00D0.D0C7.5460
is-type level-1-2
summary-address 192.168.100.0 255.255.252.0
interface vlan10
ip router isis
circuit-type level-2-only
$
interface vlan20
ip router isis
$
interface vlan30
ip router isis
$
interface vlan40
ip router isis
$
!
gei-0/1/1/3 00D0.D0C7.53E0 UP L2 7 0030.3144.5566 64
00D0.D0C7.5460 --

00D0.D0C7.53E0 10 00D0.D0C7.53E0 gei-0/1/1/3 0030.3144.5566
00D0.D0C7.5460 --
Router 30 00D0.D0C7.53E0 gei-0/1/1/3 0030.3144.5566
Router 20 00D0.D0C7.53E0 gei-0/1/1/3 0030.3144.5566

Protocol routes:
4-35


*> 0.0.0.0/0 192.168.15.2 115 30 isis-l2
* 0.0.0.0/0 0.0.0.0 254 8 special
View S2 configuration:
!
router isis
area 00
system-id 00D0.D0C7.53E0
is-type level-2-only
interface vlan20
ip router isis
$
interface vlan10
ip router isis
$
!

00D0.D0C7.53E0 --
00D0.D0C7.5460 10 00D0.D0C7.5460 gei-0/1/1/3 0030.3144.5560
Router 20 Router vlan10 CA00.1016.0008
Router 10 Router vlan10 CA00.1016.0008

gei-0/1/1/3 Up L2 3 Disabled Dis is me 64/64
gei-0/1/1/1 Up L2 2 Disabled Router.01 64/64
Protocol routes:

*> 0.0.0.0/0 192.168.14.2 115 20 isis-l2
* 0.0.0.0/0 0.0.0.0 254 8 special
4-36

*> 192.168.100.0/22 192.168.15.1 115 10 isis-l2
!
router isis
area 02
system-id EF00.AB00.DF12
is-type LEVEL-1-2
interface vlan10
ip router isis
$
interface vlan20
ip router isis
circuit-type level-1
$
!

IS-IS paths to level-1 routers
System Id Metric Next-Hop Interface SNPA
Router --

00D0.D0C7.53E0 10 00D0.D0C7.53E0 vlan10 0030.3144.5566
00D0.D0C7.5460 20 00D0.D0C7.53E0 vlan10 0030.3144.5566
Router 10 Router gei-0/1/1/3 ca01.1016.001c
Router --
System Id Type Interface IP Address State Holdtime Circuit Id

00D0.D0C7.53E0 L2 vlan10 192.168.14.1 UP 27 Router.01
Router L2 gei-0/1/1/3 192.168.13.2 UP 7 Router.01

Protocol routes:

*> 0.0.0.0/0 192.168.13.2 115 20 isis-l2
* 0.0.0.0/0 0.0.0.0 254 8 special
*> 192.168.100.0/22 192.168.14.1 115 10 isis-l2
4-37

S4(config)#show running-config
!
router isis
area 02
system-id 00de.fb11.ad00
is-type LEVEL-1
redistribute static ip metric 10
default-information originate
interface vlan10
ip router isis
circuit-type level-1
!
ip route 0.0.0.0 0.0.0.0 192.168.13.1

Router --

00D0.D0C7.53E0 20 Router gei-0/1/1/3 ca00.1016.001c
00D0.D0C7.5460 30 Router gei-0/1/1/3 ca00.1016.001c
Router --
Router 10 Router gei-0/1/1/3 ca00.1016.001c
S4(config)#show isis neighbors

System Id Type Interface IP Address State Holdtime Circuit Id
Router L2 gei-0/1/1/3 192.168.13.1 UP 29 Router.01
S4#ping 192.168.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 192/709/1148 ms
4.4.3 IS-IS Multi-Instance Configuration Example

It is required to configure two instances on S1, and then add vlan10 and vlan20 to the
instances. Meanwhile, configure two instances on S2, and then add two interfaces to
Instance 1 and Instance 2 respectively. The network topology is shown in Figure 4-11.
4-38

Figure 4-11 IS-IS Multi-Instance Configuration Example
1. Establish neighbor relationship on vlan10 of S1 and vlan10 of S2 in Instance 100.
2. Establish neighbor relationship on vlan20 of S1 and vlan20 of S2 in Instance 200.
3. Redistribute direct-connected routes in the instances of S1. Check whether load
sharing is performed through different instances on S2. (Load sharing cannot be
performed, as the route with a smaller instance number of the same prefix has a
higher priority.)
S1(config)#router isis 100
S1(config-isis-100)#system-id 1111.0100.0000
S1(config-isis-100)#redistribute connected
S1(config-isis-200)#redistribute connected

4-39

Configuration Check
S1#show isis adjacency
Process ID: 100
gei-0/1/1/1 S2 UP/UP L1L2 26/26 0021.8844.5541 64/64
Process ID: 200
gei-0/1/1/2 S2 UP/UP L1L2 25/25 0021.8844.5541 64/64
The result shows that the traffic goes through vlan10, that is, the route with a smaller
instance number is preferred.
S2#show ip forwarding route isis-l2
IPv4 Routing Table:
1.1.1.12/32 56.3.3.2 vlan10 isis_l2 115 10
88.6.5.5/32 56.3.3.2 vlan10 isis_l2 115 10
4-40

Chapter 5
BGP Configuration
Table of Contents
BGP Overview............................................................................................................5-1
Configuring BGP ........................................................................................................5-4
Maintaining BGP ......................................................................................................5-55
BGP Configuration Examples ...................................................................................5-60
5.1 BGP Overview

Introduction to BGP
BGP is an inter-domain routing protocol used between ASs. By means of BGP, ASs can
exchange the information of network reachability between each other. The information
is a list of ASs where a route passes through, which is sufficient to set up a diagram to
indicate the connection status of the ASs. In this way, AS-based routing selection policy
is available, and BGP also solves the problem of route loop.
BGP of version 4 (BGP4) is the latest BGP version, which is defined in RFC1771. It has
the following features,
l It supports to realize CIDR, supernet and subnet and so on.
l It supports route aggregation.
l BGP running is reliable. It uses Transfer Control Protocol (TCP) as its bottom layer
protocol. It uses TCP No.179 port.
l It only sends route updating information.
l It sends keepalive packets regularly to make sure that TCP connection is well.
l It has consummate metric values.
l It has abundant attributes and control functions.
l It applies to large-scale network especially.
The session which is set up by BGP routers belonging to different ASs is called External
Border Gateway Protocol (EBGP) session, while a session which is set up between BGP
routers belonging to the same AS is called Internal Border Gateway Protocol (IBGP)
session.
An administrative area with independent routing policies is called an AS. The important
feature of an AS is that it has a unified internal route for another AS, and it has a consistent
topology for reachable destinations. The AS indicator is a value of 16-bit, ranging from 1
to 65535, where, 1–32767 are assignable, 32768–64511 are reserved, and 64512–65534
are used for private ASs (similar to private network addresses). When 16–bit AS number
5-1

is used, the AS number range is 1–65535. Current version also supports 32–bit AS which
is in the range of 1-4294967295.
BGP Working Principle

l BGP Attribute
The router sends BGP update messages related to the destination network to its peer
router. The BGP updating messages contain the information related to BGP metric
(called path attribute). By means of BGP attributes, the special route can be described
in detail. In this way, user can select and filter routes. The path attributes have the
following four independent types:
1. Well-known mandatory attribute: This kind of attributes has to be contained by
route description.
à AS-path
à Next-hop
à Origin
2. Well-known discretionary attribute: The kind of attributes is not necessary
contained by route description.
à Local preference
à Atomic aggregate
3. Optional transitive attributes: This kind of attributes does not require that all BGP
examples support it. However, if it is supported, it can be transmitted to its BGP
neighbor. while, if it is not supported by the current router, it will be transmitted to
other BGP routers continuously.
à Aggregator
à Community
4. Optional nontransitive attribute: This kind of attributes shows that the routers
which do not support the attribute need to delete it.
Multi-Exit Discriminator (MED)
The kinds of BGP attributes can be expanded into 256 but not all attributes are used
together. The attributes can be used selectively and flexibly.
l BGP Message Type
Four types of messages are available for BGP working:
à OPEN
It establishes BGP connection. The message includes BGP version number, local
AS number and the shortest hold time for negotiation, BGP ROUTER-ID and
other optional parameters.
à UPDATE
5-2

Chapter 5 BGP Configuration
It sends BGP route updating packets. The message is sent only once route is
updated.
à KEEPALIVE
It confirms the peer status. The default sending interval is 60 seconds, and the
Hold-time is 180 seconds by default. Once the neighbor receives the KEEPALIVE
packet, the Hold-time timer will be reset. If the hold-time expires, then consider
that the neighbor is in abnormal status, and disconnect the BGP connection with
neighbor.
à NOTIFICATION
It is used to notify error. The router sends NOTIFICATION packet because of

errors, such as the TCP connection is failed with neighbor, failed authentication
and routing loop and so on. After sending NOTIFICATION packet, BGP
connection will be disabled.
l BGP Working Process
BGP working process is shown in Figure 5-1.
Figure 5-1 BGP Working Process
1. Idle State
It is the initial state. The BGP starts initialization after the protocol is activated. It
resets the timer, launches the first TCP connection and enters state 2.
2. Connect state
The BGP starts TCP connection and waits for the message of TCP successful
connection. If the connection is successful, then the BGP enters OpenSent state.
Otherwise, the BGP enters Active state.
5-3

3. Active state: The BGP always tries to establish TCP connection. If the connection
timer times out, then the BGP returns to Connect state. If TCP connection is
successful, then BGP enters OpenSent state.
4. OpenSent state
TCP connection is established already. The BGP sends the first OPEN packet
and waits for the reply from the peer. BGP examines the reply packet. If the BGP
finds error, it will send a NOTIFICATION packet and return to Idle state. If there
is no error in the reply packet, BGP will send a KEEPALIVE packet. KEEKALIVE
timer starts timing. The BGP enters into OpenConfirm state.
5. OpenConfirm state
The BGP waits for KEEPALIVE packet and resets the KEEPALIVE timer. When
the BGP receives a KEEPALIVE packet, it enters Established state.
6. Established state
Neighborhood is set up already. Router exchanges Update packet with its
neighbor, and meanwhile, the KEEPALIVE timer is reset.
In initial, the exchanging of routing information includes all BGP routes, that is, all
entries in BGP routing table will be exchanged. After the initial exchanging is finished,
the incremental and burst routing update is launched only when the route entries are
changed or been unavailable. The meaning of the so-called incremental is that not the
entity BGP table will be exchanged but only update the changed route entries. The
burst means that update routes only when the routing table is changed rather than
periodically route updating.
When a router sends route information to its neighbor, it will save the route entries sent
to neighbor at local. When the router receives a route updating packet, it will compare
updating packet with the locally saved routing entries. If this entry is not sent before,
then the router will send it to its neighbor. If the entry is sent already and better, the
router will send the entry to its neighbor and update its locally saved routing entries.
Compared with the conventional periodical routing table updating, this updating mode
saves the bandwidth a lot. Route updating is achieved by UPDATE packets.
During the process above, if the BGP connection fails to be established because of
any connection failure, authentication failure and route loopback and so on, the router
will send NOTIFICATION packet to its peer that close BGP session will be closed.
Later, the router enters Idle state.
5.2 Configuring BGP

BGP Neighborhood Establishment
Two routers are called as peers or neighbors if BGP session is set up between them.
There are two connection modes of peers, IBGP and EBGP. If the two routers which
exchange BGP packets belong to the same AS, then these two routers adopt IBGP as
5-4

their connection mode. Otherwise, if the two routers belong to different ASs, then they
adopt EBGP as their connection mode.
As shown in Figure 5-2, S1 and S2 are EBGP neighbors, S2 and S3 are IBGP neighbors.
Figure 5-2 IBGP and EBGP
l Establishing EBGP Neighborhood

Make sure that the physical connection between two nodes is normal and the nodes
belong to different ASs before configure EBGP neighbor.
In most of EBGP cases, two routers are directly connected by physical interfaces.
Usually, use the IP addresses of the interconnected interfaces to set up BGP
connection, but also can use loopback addresses to set up BGP connection.
What draws special attention during the configuration is that multi-hop connection
has to be specified if do not use physical connection to set up EBGP connection.
That because the router sets the TTL value of BGP protocol packet as 1 by default.
Therefore, even if TCP connection is set up, OPEN packets still can not be sent to the
CPU of the peer. In this way, BGP connection can not enter Established state.
To establish EBGP neighborhood, perform the following steps.
5-5

1 ZXR10(config)#router bgp <as-number> This starts BGP routing

process and specifies the AS
number of router.
<as-number>is the AS system
ID of router, the range is
1-65535. 1-64511 is the
global common AS number.
64512-65535 is used by
private networks. Current
version also supports 32-bit
AS which is in the range of
1-4294967295.
2 ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-gr This configures a BGP

oup-name>] remote-as <number> neighbor or the AS number of
a peer.
3 ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-gr This establishes EBGP

oup-name>] ebgp-multihop [ttl <value>] neighborhood on
indirect-connected networks.
4 ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-gr This specifies local loopback

oup-name>] update-source <interface-name> address as source IP address
to set up TCP connection.
<ipv4-address> IPv4 address of neighbor, in dotted decimal notation
<peer-group-name> peer-group name
<number> The AS system that the neighbor belongs to. The range of
a 2-byte AS number is 1-65535, and the range of a 4-byte
AS number is 1-4294967295.
<value> The number of ttl, the range is 1-255
5-6

<interface-name> The interface to be specified as source address to set up

TCP connection in BGP session
1. Set Up EBGP through Direct-Connected Address
As shown in Figure 5-3, S1 belongs to AS65000, and S2 belongs to AS65001.
Establish EBGP neighborhood between S1 and S2 through physical interfaces.
Figure 5-3 EBGP Physical Direct-Connected Configuration Topology
S1#config terminal
S1(config)#router bgp 65000
S1(config-bgp)#neighbor 129.213.1.2 remote-as 65001
S1(config-bgp)#exit
S2#config terminal
5-7

S2(config-bgp)#exit
View configuration result.

To view the established BGP neighborhood, use show ip bgp neighbor on S1.
S1#show ip bgp neighbor
BGP neighbor is 129.213.1.2, remote AS 65001, external link
BGP version 4, remote router ID 129.213.1.2
BGP state = Established, up for 00:04:21
hold time is 90 seconds, keepalive interval is 30 seconds
......
Connections established 1
Local host: 129.213.1.1, Local port: 179
Foreign host: 129.213.1.2, Foreign port: 1024
The IP address of BGP neighbor is 129.213.1.2. The neighbor belongs to

AS65001. EBGP connection is set up already. The router-ID of neighbor is
129.213.1.2 and the state is Established. The session is set up 4 minutes 21
seconds.
To view the established BGP neighborhood, use show ip bgp neighbor on S2.
......
2. Set Up EBGP through Loopback Addresses
As shown in Figure 5-4, EBGP neighborhood is set up through loopback
addresses between S1 and S2.
5-8

Figure 5-4 EBGP Configuration through Loopback Address
S1#config terminal
S1(config)#interface Loopback1
S1(config-bgp)#neighbor 1.1.1.2 ebgp-multihop ttl 5
S1(config-bgp)#neighbor 1.1.1.2 update-source loopback1
S1(config-bgp)#exit
S1(config)#ip route 1.1.1.2 255.255.255.255 192.168.1.2
S2#config terminal
5-9


S2(config-bgp)#exit
S2(config)#ip route 1.1.1.1 255.255.255.255 192.168.1.1
Note that if the number of hops is not designated behind ebgp-mulitihop, the
system will set TTL value as 1 by default.
To view the established BGP neighborhood, use the show ip bgp neighbor
command on S1.
......
S1 establishes EBGP connection with the router 1.1.1.2 belonging to AS 65000

already.
To view the established BGP neighborhood, use the show ip bgp neighbor
command on S2.
......
S2 establishes EBGP connection with the router 1.1.1.1 belonging to AS 65000

already.
l Establishing IBGP Neighborhood
Make sure that the physical connection between two nodes is normal and the nodes
belong to the same AS before configure IBGP neighbor.
IBGP is used to exchange BGP update packets in an AS and maintain the internal
connectivity.
BGP rules that an IBGP router can not send the routes received from another IBGP
router to the third IBGP router. This is the rule of Split-horizon. When a router receives
a update packet through EBGP, it will process and send the packet to all IGBP routers
and EBGP peers, but when a router receives update packet through IBGP, it will
process and send the packet through EBGP rather than send it to IBGP neighbors.
5-10

Therefore, to keep the connectivity of the BGP, BGP routers have to set up a full
meshed network through IBGP session.
1 ZXR10(config)#router bgp <as-number> This starts BGP process and

specifies the AS number of
router.
2 ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-gr This configures a BGP

oup-name>] remote-as <number> neighbor or AS number of the
peer.
3 ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-gr This specifies an interface to

oup-name>] update-source <interface-name> be used as source address
to set up TCP connection in
BGP session.
4 ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-g This makes the router itself as

roup-name>] next-hop-self the next hop for advertising
routes by constraint.
5 ZXR10(config-bgp)#no synchronization This makes BGP advertise a

network route without waiting
IGP.
<number> The AS that the neighbor belongs to. The range of a

2-byte AS number is 1-65535, and the range of a 4-byte
AS number is 1-4294967295.
<interface-name> The interface to be specified as source address to set up

TCP connection in BGP session
5-11

In step 4, NEXT_HOP is a BGP well-known mandatory attribute. It shows the IP

address of the next-hop to destination address. There are three kinds of conditions,
à If the advertising and receiving routers belong to different ASs, the next-hop is
the IP address of the interface of the advertising router.
à If the advertising and receiving routers belong to the same ASs, and the NLRI
destination address containing in updating message also belongs to the AS, the
next hop is the IP addressed of the neighbor of the advertised router.
à If the advertising and receiving routers are a pair of internal peers, and the NLRI
containing in updating message points to another AS, the next-hop is the IP
address of the external peer. The IP address has to be accessible, otherwise,
the advertised entry is invalid.
In step 5, the synchronization rule is that when an AS provides transition service for
another AS, after all the routers belonging to the AS receive the route through the
transmission of IGP route information, BGP can send the route to outside. When a
router receives a route updating message from IBGP, it will valid the synchronization
before forward the message to other EBGP peers. Once IGP routing table contains
the entry corresponding to the updating message, the router will forward the message
by EBGP. Otherwise, the router will not forward the message.
Synchronization rule is to ensure the connectivity in AS and prevent route blackhole.
However, in practical use, synchronization function is usually disabled, and IBGP full
meshed structure is adopted to ensure the connectivity in AS. Full-meshed structure
can avoid that lots of BGP routes are sent to IGP, which can quicken the speed of
router processing. Additionally, it ensures that the data packets are not lost. To disable
synchronization function, one of the following two conditions needs to be satisfied.
1. The AS at where routers locate only has one egress, or it is a stub AS. That is to
say, the AS only has one point to connect to external network.
2. The AS at where routers locate is a transition type (that is to say, an AS can
connect to the third AS through the AS), but all routers of the AS run BGP.
The second condition is common. Since all routers have BGP information in AS, IGP
only needs to transmit routing information for local AS.
Synchronization function is enabled on router by default. Use no synchronization to
cancel synchronization function.
As shown in Figure 5-5, S2 and S3 belong to the same AS. Set up IBGP connection
between S2 and S3 through Loopback addresses.
5-12

Figure 5-5 IBGP Configuration
S2#config terminal
S2(config-bgp)#neighbor 1.1.1.3 next-hop-self
S2(config-bgp)#no synchronization
S2(config-bgp)#exit
S2(config-ospfv2)#network 192.168.2.0 0.0.0.3 area 0
S2(config-ospfv2)#exit
S3#config terminal
5-13


S3(config-bgp)#exit
Use show ip bgp neighbor to view the established BGP neighborhood on S2.
BGP neighbor is 1.1.1.3, remote AS 65001, internal link
......
last error code is 6
S2 sets up IBGP neighborhood with S3 (1.1.1.3) already.

Use show ip bgp neighbor to view the established BGP neighborhood on S3.
BGP neighbor is 1.1.1.2, remote AS 65001, internal link
......
last error code is 5
S3 sets up IBGP connection with S2 (1.1.1.2) already.
l Configuring BGP Neighborhood Authentication Password

To make the MD5 authentication be available on TCP connection between a pair of
BGP peers, perform the following steps to configure neighborhood password. The
password can be encrypted to enhance the safety of BGP connection.
5-14


router.
2 ZXR10(config-bgp)#neighbor <ip-address> password This encrypts the

[<string 1>| encrypt < string 2>] neighborhood password.
<ip-address> IPv4 address of neighbor, in dotted decimal notation
<string 1> Character string password, in case sensitive, the length is

1-80 characters.
<string 2> The length is 81-120 characters
This example shows how to configure BGP neighbor password authentication and
encrypt the password.
ZXR10(config)#router bgp 100
ZXR10(config-bgp)#neighbor 192.168.0.2 remote-as 100
ZXR10(config-bgp)#neighbor 192.168.0.2 password 789
ZXR10(config-bgp)#neighbor 192.168.0.2 password encrypt 123
ZXR10(config-bgp)#show running-config bgp
router bgp 100
neighbor 192.168.0.2 password encrypt u5pd4oR1YGR1E+My5y4ec1dbC7
eZf4gsX0qhVYXcb6KV1CMnm8VFlX9dcceOjgUYrxPGh3Gy7Rl8VxSlqtHcujwZ5qzj
LbVOkiKWz41nHPk=
!
l Restarting BGP Process
When BGP neighbor enters abnormal state, restart BGP neighbor process to recover.
To restart a BGP neighbor, use the following command in global configuration mode.
Command Function
ZXR10(config)#reset ip bgp [vrf <vrf-name>][<ipv4-address This restarts BGP instance, a

>|<peer-group-name>] peer or a pair of peers.
<vrf-name> VRF name, the length is 1-32 characters.
<ipv4-address> IPv4 address of neighbor
5-15

<peer-group-name> Name of the peer group
Configuring BGP Route Advertisement

l BGP Route Advertisement Rules
The routes to be advertised by BGP have to exist in IGP routing table already. The
source of BGP route updating is that inject IGP routing information to BGP. It has
an influence on the stability of Internet routes directly. There are two route injection
methods, dynamic injection and static injection.
Dynamic injection is divided into two types, full dynamic injection and selective
dynamic injection.
Full dynamic injection means that all IGP routes are redistributed (Redistribution) to
BGP. This method is very easy to configure but controllability is weak and low efficient.
Selective dynamic injection means that inject a part of IGP routes to BGP (use
network command). This method verifies address and mask first, which improves
controllability and efficiency. In this way, the error routing information can be avoided
to inject.
However, no matter which method is adopted, the routes will be unstable. That
because dynamic injection totally depends on IGP information. When route flapping
occurs on IGP routes, BGP route update will be affected. Lots of updating packets
are generated because of the unstable routes, and the bandwidth will be wasted
heavily. To make up this disadvantage, route dampening and aggregation can be
adopted on the border.
Static injection solves the unstable routes greatly. It injects static routes to BGP.
Static routes are added manually, so it is influenced by IGP route flapping. Therefore,
the repeated updating will be prevented by the stability. However, if the subnetwork
partition is not very clear, static injection also brings data flow blocking.
In conclusion, there are three BGP route advertisement methods.

à Use network command to advertise routes.
à Use redistribute command to redistribute the routes learned by other protocols
to BGP.
à Use BGP route aggregation to advertisement.
l Advertising Routes by network Command
The routes to be advertised by BGP have to exist in IGP routing table already.
The common method of BGP route advertisement is to select the network segment to
advertise by the network command. This command specifies the destination network
segment and mask, and then the routes which match with the rule accurately will enter
into BGP routing table. The routes will be filtered and advertised.
5-16

For example, use network 18.0.0.0 255.0.0.0 in BGP. The network segments 18.0.0.0/8,
18.1.0.0/16 and 18.2.0.0/24 are added to BGP routing table. If these network
segments and subnetworks do not exist in routing table, then no route is injected to
BGP routing table. In order to cooperate with BGP route advertisement, it is required
that configure some static routes pointing to loopback address on router.
It is notable that not all routes injected to BGP routing table can be advertised. It
relates to BGP route filtering or routing policy.
In BGP, use network command to advertise known network to router. The known
network can be learned by direct-connected route, static route and dynamic route.
The usage of network in BGP is different to that of in IGP.

router.
2 ZXR10(config-bgp)#network<ip-address><net-mask>[r This outputs the routes to be

oute-map<map-tag>] advertised to BGP routing
table.
The routes are learnt from
the direct-connected route,
dynamic routing selection and
static route.
As shown in Figure 5-6, S2 runs OSPF as IGP protocol. S2 requires that advertise
the network segment 18.0.0.0/8 advertised by OSPF to BGP.
Figure 5-6 Use network Command to Advertise BGP Route
5-17

S2#config terminal
S2(config-bgp)#network 18.0.0.0 255.255.255.0
S2(config-bgp)#exit
S2(config-ospf)#network 18.0.0.0 0.255.255.255 area 0
S2(config-ospf)#exit
S1#config terminal
S1(config-bgp)#exit
Use show ip bgp route to view BGP routing table on S1.

S1#show ip bgp route
Status codes: *-valid, >-best, i-internal,s-stale
Origin codes: i-IGP, e-EGP, ?-incomplete
Network Next Hop Metric LocPrf RtPrf Path

*>18.0.0.0/8 192.168.2.1 20 65001 i
The address under the entry of Next-hop is the next-hop address of BGP route. If the
address is represented as full zero, that means this route is generated by router itself.
The value under the Local-Pre is the priority level of route which is learned by BGP.
The default value is 100.
The field Path shows the origin of this route. Three types: IGP, EGP and incomplete.
Note:
à The symbol * indicates the route is available.
à The symbol > indicates the route is the optimized choice.
à The symbol i indicates the route is a IBGP route.
à The route without "i" indicates this is a EBGP route or local route.
5-18

The above example shows that the network segment 18.0.0.0/8 exists in BGP routing
table already. The next hop address is the interface 192.168.2.1 of S2.
l Redistributing Routes by redistribute Command
IGP needs to be configured on router already.
Full dynamic injection has to be chosen to advertise BGP routes when there are lots
of route entries and aggregation is not convenient.
When there are lots of route entries and aggregation is not convenient, use redistrib
ute command to redistribute one or more IGP protocol (RIP, OSPF and IS-IS) routes
to BGP.
Make sure that IGP does not redistribute the routes learnt by BGP to BGP again. Use
filter command to avoid loopback if it is necessary.
To redistribute routes on ZXR10 5900E, perform the following steps.
1 ZXR10(config)#router bgp <as-number> This enters BGP route

configuration mode and
specifies AS number of
router.
2 ZXR10(config-bgp)#redistribute ospf-int <id>[metric | This redistributes the routes

route-map <map-tag>] learned by other routing
protocol to BGP routing table.
<protocol> The name of other protocols, connected, static and rip,

ospf-int and ospf-ext, isis-1, isis-2 and isis-1-2
<metric-value> Metric value of the redistributed routes. Use default value

if it is not specified. The range is 0-4294967295.
<map-tag> The name of route mapping of the redistributed route, the

length is 1-31 characters.
As shown in Figure 5-7, S2 runs OSPF as IGP protocol. It is required that redistribute
all OSPF routing information of S2 to BGP.
5-19

Figure 5-7 Redistribute OSPF Routes by Using redistribute Command
S2#config terminal
S2(config)#exit
S2(config-bgp)#redistribute ospf-int
S2(config-bgp)#redistribute connected
S2(config)#exit
Use show ip bgp route to view BGP routing table of S1.

*> 18.0.0.0/8 192.168.2.1 20 65001 ?
Add the OSPF external route to S2 and set the metric value as 5.
S2#config terminal
5-20

S2(config)#exit
S2(config-bgp)#redistribute ospf-ext metric 5
S2(config)#exit
l Configuring Route Aggregation
To prevent route blackhole, aggregate the routes with the same mask on router in
route aggregation configuration.
BGP protocol aggregates the learnt routes to a route for advertisement. Thus, route
entries can be reduced a lot in routing table.
To configure route aggregation, perform the following steps.

router.
2 ZXR10(config-bgp)#aggregate-address <ip-address><n This creates an aggregated

et-mask>[count <count>][as-set][summary-only][strict][su policy in BGP routing table.
bnet]<ip-address><net-mask>
<ip-address> The aggregation network to be aggregated, in dotted

decimal notation
<net-mask> The aggregation mask to be generated, in dotted decimal

notation
<count> The number of sub-networks, the range is 0-255, and the

default value is 1.
as-set Set path information
summary-only Filter the special routes from updates
strict According to RFC1771, only the routes which the attributes

of MED and NEXT_HOP are the same respecivetily can
be aggregated. If the command is used without strict, do
not consider MED and NEXT_HOP attributes.
1. Route Aggregation Configuration
5-21

As shown in Figure 5-8, S1 advertises the network segments 192.168.0.0/24,

192.168.1.0/24 and 192.168.2.0/24, 192.168.3.0/24 to S2 belonging to AS300.
Run OSPF routing protocol between S1 and S3.
Figure 5-8 Route Aggregation Configuration Example
S1(config-bgp)#aggregate-address 192.168.0.0 255.255.252.0 count 0 summary-only
S1(config-bgp)#exit
S1 learns four routes 192.168.0.0/24, 192.168.1.0/24, 192.168.2.0/24

and 192.168.3.0/24 through IBGP, but it advertises the aggregated route
192.168.0.0/22 to S2 running EBGP only. If the command is used without the
parameter summary-only, S2 will advertise the aggregated route and the detailed
routes.
Use show ip bgp route on S2 to view the routing table.
5-22


Status codes: *valid, >best, i-internal
*>192.168.0.0/22 2.2.2.2 20 100 i
S2#show ip bgp route detail 192.168.0.0 255.255.252.0

BGP routing table entry for 192.168.0.0/22
01:02:19 received from 2.2.2.2
Origin ?, nexthop 2.2.2.2,atomic,aggr 100 2.2.2.2,
As path [100]
As4 path
Received label notag
After the aggregation, there is only one route in BGP routing table of S2 belonging
to AS300. It reduces the size of routing table.
If the command is used without summary-only, S2 will advertise the detailed routes
with the aggregated route.

*>192.168.0.0/22 2.2.2.2 20 100 i
*>192.168.0.0/24 2.2.2.2 20 100 i
*>192.168.1.0/24 2.2.2.2 20 100 i
*>192.168.2.0/24 2.2.2.2 20 100 i
*>192.168.3.0/24 2.2.2.2 20 100 i
In BGP routing table, there are four routes 192.168.0.0/24, 192.168.1.0/24 and
192.168.2.0/24, 192.168.3.0/24 except the aggregated route 192.168.0.0/22.
The parameter count <count> indicates the number of subnetworks which
are waiting to implement aggregation. <count> ranges from 0 to 255 and the
default value is 1, which means the number of subnetworks has to exist in
IGP. If the parameter is 0, that means advertise the route 192.168.0.0/22 when
any subnetwork of 192.168.0.0 255.255.252.0 appears in IGP routes. If the
parameter is 1 or other value, the following command is required using to specify
the related subnetwork segment.
aggregate-address <ip-address><net-mask> subnet <subnet-address><subnet-mask>
The above command means that the routing information can be aggregated and
advertised only when the specified subnetwork routing information appears in IGP
routing table and the route number satisfies the defined count number.
2. Aggregate Routes using the Parameter count and subnet
5-23

When IGP ran by S1 confirms that the three routes 192.168.1.0/24,

192.168.2.0/24 and 192.168.3.0/24 exist in the routing table, it will send the
aggregated route 192.168.0.0/22 to S2.
S1(config-bgp)#aggregate-address 192.168.0.0 255.255.252.0
count 3 summary-only
subnet 192.168.1.0 255.255.255.0
subnet 192.168.2.0 255.255.255.0
subnet 192.168.3.0 255.255.255.0
S1(config-bgp)#exit
For that moment, as long as these three routes 192.168.1.0/24, 192.168.2.0/24

and 192.168.3.0/24 are normal, S2 will send an aggregated route 192.168.0.0/22
to S1 no matter whether 192.168.0.0/22 normal or not. However, if any one
of these three routes is abnormal, S2 will not advertise the aggregated route
192.168.0.0/22.
Configuring BGP Route Attribute and Route Filtering

l The concept of BGP Attributes
BGP defines various attributes. each attribute has its own function, that is why BGP
is the most flexible route protocol with the best expansibility and high controllability.
BGP routING attribute is the core concept of BGP route protocol. It is a group of
parameters sent to the connected peer in UPDATE packets. These parameters
records BGP routing information for route selection and filter, which can be considered
as Metric.
Route attributes are divided into four types:
à Well-known mandatory attributes
à Well-known discretionary attributes
5-24

à Optional transitive attributes

à Optional nontransitive attributes
The attribute Well-known is identified by all BGP routers. Each UPDATE message
has to contain the attribute mandatory, but the attribute discretionary is optional.
For an optional attribute, it is not supported by all BGP routers. When BGP does not
support an attribute, if it is transitive, it will be accepted and sent to other BGP peers.
If this attribute is nontransitive, it willl be ignored and not sent to other peers.
RFC1771 defines No.1-7 BGP route attribute, as follows:
à No.1: ORIGIN
Route origin, that is the AS that generate this routing information.
à No.2: AS_PATH
AS path, that is the AS group or series which has been passed by route entry.
à No.3: NEXT-HOP
The next hop address. IBGP connection will not change NEXT-HOP sent by
EBGP.
à No.4: MULTI_EXIT_DISC
It is used to distinguish many exits to other ASs, which is used by local AS router.
à No.5: LOCAL-PREF
It is transmitted within the local AS, indicating the priority of each path.
à No.6: ATOMIC_AGGREGATOR
à No.7: AGGREGATOR
à No.8: RFC1997 defines another common attribute: COMMUNITY
Here, No.1, 2 and 3 attribute are well-known mandatory attributes. No.5 and 6 are
well-konwn discretionary attributes. No.7 and 8 are optional transitive attributes. No.4
is optional nontransitive attribute. They have different priorities, LOCAL-PREF has the
highest priority, and the second one is AS-PATH and ORIGIN.
For other attributes used by BGP, please refer to FRC documentation.
l Filtering Routes by Route Map

The bases of performing BGP are route filter and attribute configuration. By means
of route filter, the input or output route attributes can be controlled.
Route map is used to control routing information, which redistributes routes between
routing areas by defining rules. The route map usually cooperates with the route
attributes to decide route.
To filter routes by route map, perform the following steps.
5-25

1 ZXR10(config)#route-map <map-tag>[permit | This defines a route map.

deny][<sequence-number>]
2 ZXR10(config)#ipv4-access-list { name <acl-name>} This configures serial number,

name or alias to an ACL in
standard ACL configuration
mode.
ZXR10(config-ipv4-acl)#rule <rule-no >{permit | This defines the rule of

deny}{<source>[<source-wildcard>]| any} standard ACL.
3 ZXR10(config)#router bgp <as-number> This starts BGP process

and specifies AS number of
router.
ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-gr This defines a route map.

oup-name>] route-map <map-tag>{in | out}
<map-tag> Name of route mapping, the length is 1-31 characters.
permit Permits redistribution or policy routing tag if the route map

meets the matching condition
deny Denies redistribution or policy routing tag if the route map

meets the matching condition
<sequence-number> Sequence No. in the range of 0-65535
<acl-name> Standard ACL list name, the length is 1-31 characters.
<rule-no > ACL rule range: 1-2147483644.
permit Permit the packets matching with the rule to pass
deny Deny the packets matching with the rule to pass
<source> Source IP address
<source-wildcard> Wild mask of source IP address
any Any source IP address
5-26

<map-tag> Name of route mapping, the length is 1-31 characters
in | out It applies to in or out
As shown in Figure 5-9, S1 and S2 set up EBGP connection between them. Configure
a route-map on S1. The route-map permits to advertise network 172.3.0.0/16 to
AS200, and set the MED value as 5.
Figure 5-9 Filter Routes by Using Route-Map
S1(config-bgp)#neighbor 182.17.20.1 route-map MAP1 out
S1(config-bgp)#neighbor 182.17.20.1 send-med
S1(config-bgp)#exit
S1(config)#route-map MAP1 permit 10
S1(config-route-map)#match ip address 1
S1(config-route-map)#set ip metric 5
S1(config-route-map)#exit
S1(config)#ipv4-access-list 1
S1(config-ipv4-acl)#rule 10 permit 172.3.0.0 0.0.255.255
S1(config-ipv4-acl)#exit
5-27

When filtering route through route map, the match and set commands are usually used
together with route map. The match command defines the matching standard. The
set command defines the action satisfying matching standard.
Use the neighbor 182.17.20.1 send-med command to send MED attribute with
advertising routes to neighbor 182.17.20.1.
To view BGP routing table on S2, use the show ip bgp route command.
*>172.3.0.0/16 182.17.20.2 5 20 100 i

07:18:49 received from 182.17.20.2 (172.3.0.1)
Origin ?, nexthop 182.17.20.2,metric 5,
As path [100]
As4 path
The above result shows that S2 learns the route from 172.3.0.0/16 only, and its MED
value is 5.
l Filtering Routes by Using NLRI

To restrict a router to receive or advertise routing information, filter the route updating
packets from or send to a special device. The filter includes a update list sent to
neighbor, or a list coming from neighbor.
To configure NLRI to filter route, perform the following steps.
1 ZXR10(config)#route-map <map-tag>[permit | This defines a route-map.

2 ZXR10(config)#ipv4-access-list { name <acl-name>} This enters standard ACL

specifies ACL sequence
number, name and alias.

5-28

3 ZXR10(config)#router bgp <as-number> This enters BGP route

configuration mode.
ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-gr This defines a route map,

oup-name>] route-map <map-tag>{in | out} filtering the routes which are
advertised by neighbor or are
sent to neighbor.
in implies the input route.
out implies the output route.
<map-tag> Name of route mapping, the length is 1-31 characters
permit Permit redistribution if the route mapping matches

condition
deny Do not permit redistribution if the route mapping matches

condition
<sequence-number> Sequence number, 0-65535
<acl-name> Standard ACL table name, the length is 1-31 characters
permit Permit the packets matching rule to pass
deny Deny the packets matching rule to pass
<map-tag> The name of route mapping, the length is 1-31 characters
in | out It applies to in or out
5-29

As shown in Figure 5-10, S1 and S2 are a pair of IBGP peers, S1 and S3 are a pair
of EBGP peers, S2 and S4 are a pair of EBGP peers, S2 and S4 are a pair of EBGP
peers. To avoid AS100 to act as transitive AS and prevent S1 from advertising network
segment 192.18.10.0/24 of AS300 to AS200, configure filter function on S1.
Figure 5-10 Filtering Route by Using NLRI
Configuration on S1(The following content omits configuration of port and IGP):

S1(config-bgp)#neighbor 182.17.20.1 route-map MAP1 out
S1(config-bgp)#exit
S1(config)#route-map MAP1 permit 10
S1(config-ipv4-acl)#rule 1 deny 192.18.10.0 0.0.0.255
S1(config-ipv4-acl)#rule 2 permit any
The route-map command and ACL are used to prevent S1 from advertising the route
with prefix 192.18.10.0/24 to AS200, that is, this route is filtered on S1. Therefore, S3
can not learn the route 192.18.10.0/24.
To view BGP routing table on S3, use the show ip bgp route command.
*>192.168.11.0/24 182.17.20.2 20 300 100 i
5-30

*>192.168.12.0/24 182.17.20.2 20 300 100 i

*>192.168.13..0/24 182.17.20.2 20 300 100 i
The above result shows S3 locating at AS200 does not learn the route pointing to
192.18.10.0/24.
l Restricting the Number of Route Advertisements Received by Neighbor
To restrict the number of route received by a neighbor, perform the following steps.

router.
2 ZXR10(config-bgp)#neighbor <ip-address> This configures the number of

maximum-prefix <value>[<threshold-value>| route received by a neighbor.
drop-routes | restart <time>| warning-only]
<ip-address> Neighbor IP address, in dotted decimal notation
<value> The maximum number of routes received by a neighbor,

the range is 1-4294967295, and the default value is
4294967295
<threshold-value> Generate an alarm when the number of the received

routes reaches to the threshold value, the unit is %.
drop-routes Drop the routes when the number of the received routes
exceeds the threshold value
<time> The connection will be disconnected when the number of

the received routes exceeds the threshold value, and set
up neighborhood after waiting a specified time. The unit is
minute, the range is 1-30000
warning-only Print the alarm when the number of the received routes
exceeds the threshold value
As shown in Figure 5-11, S1 can receive 10 routes advertised by S2 at most, and it will
drop routes if more than 10 routes are received. S2 can receive 20 routes advertised
by S1, and neighborhood will be disconnected and set up again after 10 minutes if
more than 20 routes advertised by S1.
5-31

Figure 5-11 Restrict the Number of Route Advertisements Received by Neighbor
S1(config-bgp)#neighbor 10.1.1.1 maximum-prefix 10 drop-routes
S2(config-bgp)#neighbor 10.1.1.2 maximum-prefix 20 restart 1
Without the configuration of time for waiting reconnection (use parameter warning-onl
y) , when S1 advertises more than 20 routes to S2, S2 will display the alarm information
only.
S2(config-bgp)#neighbor 10.1.1.2 maximum-prefix 20 warning-only
l Filtering Routes by Using AS_PATH
AS-PATH is a well-known mandatory attribute. The attribute is a path filed, which is
composed of a series of AS numbers passing by a route pointing to one destination.
When the origin AS initiates a route to other external BGP peers, it will add its AS
number into the route. Subsequently, each route receiver will add its AS number into
route and place AS number on the head of AS sequence when sending the route to
other BGP peers.
BGP adopts AS-PATH as the factor of its route update to realize no-loop topology
of Internet. Each route contains a list with all passed AS numbers. When the route
is advertised to its origin AS, AS examines its AS number has been existed in AS
sequence, and it will not accept this route. Meanwhile, AS-PATH will be used for
deciding the optimum route. When multiple routes (their attributes except for AS-PATH
are the same) to the same destination are available, BGP will select a route with
the shortest path as the optimum route according to AS-PATH. Therefore, increasing
AS-PATH can affect BGP route selection.
When all routes of one or multiple AS require filtering, the filter method based on
AS-PATH is usually adopted.
5-32

1 ZXR10(config)#route-map <map-tag>[permit | This defines a route-map

2 ZXR10(config)#ip as-path access-list <access-list-numbe This defines an ACL related

r>{permit | deny}<as-regular-expression> to BGP AS_PATH.
3 ZXR10(config)#route-map <map-tag>[permit | This enters route mapping

deny][<sequence-number>] configuration mode.
ZXR10(config-route-map)#set as-path prepend This modifies BGP route AS

<as-path-number>[<as-path-number>] path. as-path-number ranges
from 1 to 65535 or 1 to
4294967295.
<map-tag> The name of route mapping, the length is 1-31 characters.

condition

condition
<sequence-number> Sequence number, ranging from 0-65535
<access-list-number> The number of regular express access list

condition

condition
<as-regular-expression> Use AS represented as regular express in access list
As shown in Figure 5-12, in Internet, the route to 10.10.0.0/24 of AS 100 is the optimum
path, and the path must be AS500→AS300→AS200→AS100.
5-33

Figure 5-12 Filtering Routes by Using AS_PATH
Egress router of AS100 configuration:

ZXR10_AS100(config)#router bgp 100
ZXR10_AS100(config-bgp)#network 10.0.1.0 255.255.255.0
ZXR10_AS100(config-bgp)#neighbor 192.168.1.2 remote-as 400
ZXR10_AS100(config-bgp)#neighbor 192.168.1.2 activate
ZXR10_AS100(config-bgp)#neighbor 192.168.1.2 route_map PATH out
ZXR10_AS100(config-bgp)#exit
ZXR10_AS100(config)#ipv4-access-list 1
ZXR10_AS100(config-ipv4-acl)#permit 10.1.0.0 0.0.0.255
ZXR10_AS100(config-ipv4-acl)#exit
ZXR10_AS100(config)#route-map PATH permit 0
ZXR10_AS100config-route-map)#match ip address 1
ZXR10_AS100(config-route-map)#set as-path prepend 100 100 100 100
ZXR10-AS100(config-route-map)#exit
By means of routing policy, AS_PATH is configured on the advertised route. Thus, the
route from AS 500 to AS 100 is changed.
To view BGP routing table on a router in AS500, use the show ip bgp route command.
ZXR10_AS500#show ip bgp route
5-34

*>10.0.1.0/24 192.168.1.17 20 300 200 100 i

*>10.0.2.0/24 192.168.1.17 20 300 200 100 400 i
*>10.0.3.0/24 192.168.1.17 20 300 200 i
*>10.0.4.0/24 192.168.1.17 0 300 i
*>10.1.0.0/24 192.168.1.17 20 300 200 100 i
>10.1.0.0/24 192.168.1.13 20 400 100 100 100 100 100 i
ZXR10_AS500#show ip bgp route detail 10.1.0.0 255.255.255.0

01:19:50 received from 192.168.1.11 (10.0.2.1)
Origin ?, nexthop 192.168.1.13,
As path [400 100 100 100 100 100]
As4 path
AS 500 realizes that there are 6 ASs passing by the route from AS 400 to AS 100, and
3 ASs passing by the route if it is from AS 300 to AS 100. Therefore, BGP will select
the routing that passes the less ASs if other priorities are the default settings. That is,
the routing that is from AS 300 to AS 100 satisfies the configuration requirement.
l Selecting Routes by Using LOCAL_PREF
Local_PREF is a well-known discretionary attribute. The default value is 100.
When a BGP router broadcasts routes to other BGP routers in the same AS, this
attribute shall be used. The value of attribute has influence on the path priority directly.
The route with the highest priority will be chosen as the optimum path. This attribute
also affects the local outbound traffic, and it is only used for local AS, that is, other
ASs will not affected by this attribute. Local-PREF is only exchanged between IBGP
neighbors, and it will not be advertised to EBGP neighbors.


specifies ACL sequence
number, name or alias.


ZXR10(config-route-map)#set local-preference This specifies priority value

<value> for AS. 0-4294967295, and
the default value is 100.
5-35


condition

condition
<acl-name> Standard ACL list name, the length is l-31 characters.
permit Permit the matched packets to pass
deny Deny the matched packets to pass
As shown in Figure 5-13, S1, S2 and S3 adopts IBGP full connection. Use BGP
LOCAL-PREF attribute to meet the requirement that all egress services arrive AS300
by using the egress of S1.
5-36

Figure 5-13 Select Route by Using LOCAL_PREF Attribute
S1(config-bgp)#neighbor 172.16.1.2 activate
S1(config-bgp)#neighbor 172.16.1.2 route-map Local_Pref in
S1(config-bgp)#exit
S1(config-ipv4-acl)#permit any
S1(config)#route-map Local_Pref permit 10
S1(config-route-map)#set local-preference 200
5-37


S2(config-bgp)#neighbor 172.16.0.2 route-map Local_Pref in
S2(config)#route-map Local_Pref permit 10

*>i 10.0.0.0/24 192.168.1.6 200 200 300 i
*i 10.0.0.0/24 192.168.1.2 100 200 300 i

01:24:10 received from 192.168.1.2 (172.16.0.1)
Origin ?,nexthop 192.168.1.2, localpref 100,
as path [300]
01:21:46 received from 192.168.1.6 (172.16.1.1)
origin i,nexthop 192.168.1.6, localpref 200,
As path [300]
As4 path
Modify the Local_Pref value of S3 to specify an egress for the service. In this example,
the traffic going to 10.0.0.0/24 of AS300 are forwarded by S1 preferably. Therefore,
the route coming from S1 has higher Local_Pref value.
l Selecting Route by Using MED
MED is an optional nontransitive attribute. MED is used to affect the inbound service
flow. When there are many ingress in an AS, the one with the smallest MED will be
the ingress for external neighbor router entering AS. The default MED value is 0.

5-38


configures ACL number,
name and alias.


ZXR10(config-route-map)#set metric [+ | This sets the MED of BGP.

-]<metric-value>
<map-tag> The name of route mapping, the length is 1-31 characters

condition

condition
<acl-name> Standard ACL list name, the length is l-31 characters.
permit Permit the matched packets to pass
deny Deny the matched packets to pass
+ Add MED value
- Decrease MED value
<metric-value> MED value, the range is 0-4294967295
5-39

As shown in Figure 5-14, AS 100 and AS 400 are interconnected by two links.
Configure AS100 to make AS400 select link 1 to route to AS100 preferably.
Figure 5-14 Select Route by Using MED
Configuration on S1(The following content omits configuration of port and IGP):

S1(config-bgp)#neighbor 192.168.1.2 route-map Med1 out
S1(config-bgp)#neighbor 192.168.2.2 route-map Med2 out
S1(config-bgp)#exit
S1(config)#route-map Med1 permit 10
S1(config)#route-map Med2 permit 10
5-40

S2(config-bgp)#exit
To view BGP routing table on S2, use show ip bgp route.

S2(config-bgp)#show ip bgp route
*>10.0.1.0/24 192.168.2.1 50 20 100 i
*10.0.1.0/24 192.168.1.1 100 20 100 i
*>10.0.2.0/24 0.0.0.0 0 i
S2(config)#show ip bgp route detail 10.0.1.0 255.255.255.0

01:44:13 received from 192.168.2.1 (10.0.1.1)
origin i,nexthop 192.168.2.1,metric 50,
as path [100]
01:47:25 received from 192.168.1.1 (10.0.1.1)
As path [100]
As4 path
By means of MED modification, S2 selects the link 1 (MED value is 50 smaller than
that of link 2) to route to AS 100 preferably.
l Configuring BGP Community String Attributes
The community string attributes are optional transitive attributes. The community is a
group of destination routes with one or more common features. It has 4 bytes, the first
2 bytes are AS number and the last 2 bytes are identifier. When aggregate community
routes, the aggregated route inherits all the community attributes from all routes.
The definitions of several well-known community attributes are given as follows:
à no-export: Advertisement to EBGP neighbors is disabled.
à no-advertise: Advertisement to any BGP neighbors is disabled.

à no-export-subconfed: Forbid to advertise the route with this attribute to
confederation outside.
à local-AS: Advertise the route with this attribute to BGP neighbor routers in AS.
à Internet: Advertise the route with this attribute to all other routers.
5-41

To configure BGP community string attributes, perform the following steps.
1 ZXR10(config)#route-map <map-tag>[permit | This defines a route map.

2 ZXR10(config)#ip prefix-list <prefix-list-name>[seq This configures a list of

<seq-number>]{permit | deny}<network-num><len>[ge address prefixes. It is used
<value>| le <value>] to filter the advertisements of
routing protocol.

ZXR10(config-route-map)#set as-path prepend This modifies BGP route AS

<as-path-number>[<as-path-number>] path.
ZXR10(config-route-map)#set local-preference This specifies priority for AS

<value> path.
ZXR10(config-route-map)#setip metric [+ | This configures the metric of

-]<metric-value> routing.
ZXR10(config-route-map)#set community This sets community attribute

{none |[additive]{no-advertise | no-export | of BGP route.
no-export-subconfed |<aa:nn>|<nn>}[{no-advertise |
no-export | no-export-subconfed |<aa:nn>|<nn>}]}
ZXR10(config-route-map)#set dampening This sets BGP route

<half-life><reuse><suppress><max-suppress-time> dampening.

condition

condition
<prefix-list-name> The name of prefix-list, the length is 1-31 characters
seq <seq-number> Sequence number of prefix-list entry. The matching

starts from the one with smaller value. The range is
1-4294967294
5-42

permit If a IP address to be filtered is in the range of prefixes of

the entry, do not perform further matching.
If a IP address to be filtered is not in the range of prefixes
of the entry, perform further matching.
deny If a IP address to be filtered is in the range of prefixes

of the entry, the IP address will be filtered and do not
perform further matching.
If a IP address to be filtered is not in the range of prefixes
of the entry, perform further matching.
<network-num> Specify the range of IP address prefixes
<len> Specify the length of mask of IP address, the range is 0-32
ge <value> Specify the matching range of IP address prefixes, and

the length of the prefix of the matched IP address needs
to be larger than the specified value. The value ranges
from 1-32
le <value> Specify the matching range of IP address prefixes, and

the length of the prefix of the matched IP address needs
to be smaller than the specified value. The value ranges
from 0-32
1. Marking the Routes with Community
As shown in Figure 5-15, AS600 configures attribute values for the route coming
from different ASs. The attribute of AS300 is 300:1, and attribute of AS400 is
400:1.
5-43

Figure 5-15 Use Community to Control Routes
AS300 router (The following content omits configuration of port and IGP)
configuration:
ZXR10_AS300(config-bgp)#neighbor 192.168.1.18 route-map community out
ZXR10_AS300(config-bgp)#neighbor 192.168.1.18 send-community
ZXR10_AS300(config)#ip prefix-list AS200 seq 5 permit 10.0.3.0 24
ZXR10_AS300(config)#route-map Community permit 10
ZXR10_AS300(config-route-map)#match ip address prefix-list AS200
ZXR10_AS300(config-route-map)#set community 300:1
ZXR10_AS300(config-route-map)#exit
configuration:

5-44

ZXR10_AS400(config-bgp)#neighbor 192.168.1.14 route-map community out

ZXR10_AS400(config-bgp)#neighbor 192.168.1.14 send-community
ZXR10_AS400(config)#ipv4-access-list 1
ZXR10_AS400(config-ipv4-acl)#rule 1 permit any
ZXR10_AS400(config-ipv4-acl)#exit
ZXR10_AS400(config)#route-map Community permit 10
ZXR10_AS400(config-route-map)#match ip address 1
ZXR10_AS400(config-route-map)#set community 400:1
Use show ip bgp route to view BGP routing table on AS600.
ZXR10_AS600(config)#show ip bgp route

*>10.0.1.0/24 192.168.1.13 20 400 100 i
*>10.0.2.0/24 192.168.1.13 20 400 i
*>10.0.3.0/24 192.168.1.17 20 300 200 i
* 10.0.3.0/24 192.168.1.13 20 400 100 200 i
*>10.0.4.0/24 192.168.1.13 20 400 100 200 300 i
ZXR10_AS600(config)#show ip bgp route detail 10.0.3.0 255.255.255.0

00:28:52 received from 192.168.1.17 (10.0.4.1)
origin ?,nexthop 192.168.1.17,
community 300:1
as path [300 200]
00:28:54 received from 192.168.1.13 (10.0.2.1)
origin i,nexthop 192.168.1.13,
community 400:1
As path [400 100 200]
As4 path
The BGP routes received by AS600 device are marked, the routes coming from
AS300 are marked as 300:1, and the routes coming from AS400 are marked as
400:1.
2. Filter Routes by Using Community

Configuration requirements: According to Community attribute of AS600, select
route by configuring Local_Pref.
configuration:
5-45


ZXR10_AS600(config-bgp)#neighbor 192.168.1.13 route-map Local_Pref in
ZXR10_AS600(config)#route-map Local_Pref permit 10
ZXR10_AS600(config-route-map)#match community-list 1
ZXR10_AS600(config-route-map)#set local-preference 200
ZXR10_AS600(config)#ip community-list 1 permit 400:1
Use show ip bgp route to view BGP routing table of AS600.

ZXR10_AS600(config)#show ip bgp route
*>10.0.1.0/24 192.168.1.13 200 20 400 100 i
*>10.0.2.0/24 192.168.1.13 200 20 400 i
*>10.0.3.0/24 192.168.1.13 200 20 400 100 200 i
* 10.0.3.0/24 192.168.1.17 20 300 200 i
*>10.0.4.0/24 192.168.1.13 200 20 400 100 200 300 i
BGP select the route with higher Local_Pref value preferably. In this example, the
route from AS400 to 10.0.3.0/24 is selected.
BGP Configuration for Large-scale Network

Neighborhood must be established between every two BGP routers in the same AS to
form full interconnection. In this way, with the increasing of the number of IBGP routers,
the number of neighbors will increment by n (n-1)/2 (n is the number of IBGP routers).
To reduce the work load of maintenance and configuration, use route reflector and
confederation.
l Configuring BGP Route Reflector
IBGP routers are not fully connected in an AS, and every IBGP router has more than
100 BGP sessions.
For an AS of a large-scale network, select a IBGP router to be a Route Reflector (RR),
and all other IBGP routers serve as clients. Each client only establishes neighborhood
with RR and then multiple RRs establish neighborhood with each other. All clients
reflect routes through the RR. In this way, the number of neighbors is reduced to n-1.
The clients stand for that IBGP neighbors which set up full interconnection with the
RR. The clients form a group. IBGP neighbors of the RR whom do not belong to the
group are non-clients.
When a route is received by RR, it will be reflected according to the different peer
types.
5-46

à If the update message is sent by an EBGP neighbor, then advertise it to all clients
and non-clients.
à If the update message is sent by a non-client, then advertise it to clients.
à If the update message is sent by a RRC, then advertise it to all clients and
non-clients except the originator of this update message.
When multiple RRs are available in an AS, divide many RRs belonging to the same
AS to a cluster. An AS can have many clusters, and a cluster has one RR at least.
Note that RR is recommended to use only when every router holds more than 100
BGP sessions in an AS.
To configure BGP RR, perform the following steps.

router.
2 ZXR10(config-bgp)#bgp cluster-id {<value>|<ip-add This configures the cluster ID

ress>} of a RR.
By default, router-ID is the
cluster ID.
3 ZXR10(config-bgp)#neighbor [<ipv4-address>|<peer-gr This sets a neighbor or

oup-name>] router-reflector-client neighbor peer group to route
reflector client peer.
<value> Cluster ID, the range is 1-4294967295
<ip-address> Cluster ID, in dotted decimal notation
<ipv4-address> IPv4 address, in the dotted decimal notation
<peer-group-name> The name of peer-group
As shown in Figure 5-16, S1, S2 and S3 are IBGP neighbors but they are not fully
connected. Configure a router reflector to make S3 forward the routes received by an
IBGP neighbor to another IBGP neighbor. Considering IBGP neighbors are not fully
interconnected in AS600, configure router reflector to avoid full interconnection.
5-47

Figure 5-16 BGP Route Reflector Configuration Example
Configuration on S1 (The following content omits the configuration of port and IGP):
S1(config-bgp)#exit
Configuration on S2 (The following content omits the configuration of port and IGP):
S2(config-bgp)#bgp cluster-id 3.3.3.3
S2(config-bgp)#neighbor 192.168.1.2 route-reflector-client
S2(config-bgp)#exit
5-48


S3(config-bgp)#exit

S1(config)#show ip bgp route
Network NextHop Metric LocPrf RtPrf Path
*> 10.0.0.0/24 172.16.1.2 20 300 i
*>i 10.0.1.0/24 192.168.1.2 100 200 400 i

05:04:45 received from 192.168.1.5 (192.168.1.1)
origin i,nexthop 192.168.1.2,localpref 100, originator_id 172.16.0.1
cluster_list 3.3.3.3
As path [400]
As4 path

*>i 10.0.0.0/24 192.168.1.6 100 200 300 i
*> 10.0.1.0/24 172.16.0.2 20 400 i

05:05:19 received from 192.168.1.1 (192.168.1.1)
origin ?,nexthop 192.168.1.6,localpref 100, originator_id 172.16.1.1
cluster_list 3.3.3.3
As path [300]
As4 path
Here, S1 and S2 learn the route from their peers respectively.

l Configuring BGP Confederation
The function of route confederation is the same to that of RR. The route confederation
is used to reduce the number of BGP neighbor connections in an AS. Route
confederation divides an AS into many sub-ASs, and the IBGP routers in the AS
belong to different sub-ASs. IBGP is established inside each sub-AS, and EBGP is
established among sub-ASs. Sub-ASs are invisible to the external AS.
To configure BGP Confederation, perform the following steps.
5-49


router.
2 ZXR10(config-bgp)#bgp confederation identifier This sets confederation ID,

<value> the range is 1-65535.
3 ZXR10(config-bgp)#bgp confederation peers This configures the AS

<value>[<value>] number of confederation
peer. The range is 1-65535
As shown in Figure 5-17, use confederation to avoid IBGP full connection in AS600.
Figure 5-17 BGP Confederation Configuration Example
Configuration on S2(The following content omits the configuration of port and IGP):
S2(config-bgp)#bgp confederation identifier 600
S2(config-bgp)#bgp confederation peers 65001 65002
5-50


S2(config-bgp)#exit
Configuration on S4(The following content omits the configuration of port and IGP):
S4(config-bgp)#bgp confederation identifier 600
S4(config-bgp)#bgp confederation peers 65003
S4(config-bgp)#exit

*>i 10.0.0.0/24 172.16.1.2 100 200 65002 i
*> 10.1.0.0/24 172.16.2.2 20 500 i
The output above shows that there is a route pointing to S4 on S2.

*>10.0.0.0/24 0.0.0.0 0 i
*>10.1.0.0/24 172.16.2.2 100 200 65003 500 i

06:27:14 received from 172.16.1.1 (172.16.1.1)
origin i,nexthop 172.16.2.2,localpref 100,
As path (65003) [500]
As4 path
The output above shows that there is a route pointing to AS500 on R4.
A larger AS is divided into some smaller ASs, and these samller ASs are connected
by EBGP. Each AS acts as an independent BGP AS to run IBGP.
A complete AS only runs an IGP protocol, and every sub-AS has IGP routing
information of all other sub-ASs.
l Configuring BGP Route Dampening
5-51

BGP provides a mechanism called Route Dampening to reduce the network

instability caused by route flapping. Since the update and cancellation messages
are transmitted in network continually when route flapping occurs, the bandwidth and
router processing resource are used a lot.
The principle of BGP route dampening is that allocate a penalty of 1000 to route
whenever the route flapping occurs. When the penalty reaches to a suppress-limit, the
advertisement of the route will be suppressed. The penalty decreases geometrically
after passing every half-life-time. When the penalty reduces to the reuse-limit, the
route advertisement dampening will be cancelled.
The following values are used by BGP route dampening.
à Half-life-time: Ranging from 1 to 45 minutes (The default value is 15 minutes)
à Reuse-value: Ranging from 1 to 20000 (The default value is 750)
à Suppress-value: Ranging from 1 to 20000 (The default value is 2000)

à Max-suppress-time: Ranging from 1 to 255 (The default value is four times of the
value of half-life-time)
To configure BGP route dampening, perform the following steps.

router.
2 ZXR10(config-bgp)#bgp dampening [<half-life><reuse This activates BGP route

><suppress><max-suppress-time>| route-map <map-tag>] dampening and modifies the
factors of route dampening.
<half-life> Half-life, the range is 1-45, the default value is 15 and

the unit is minute.
<reuse> Reuse value, the range is 1-20000, and the default value
750
<suppress> Route suppress value, the range is 1-20000, and the

default value is 2000
<max-suppress-time> The maximum suppress time, the range is 1-255, the

default value is 60, and the unit is minute
<map-tag> Available route mapping tag, the length is 1-31 characters.
5-52

Enable BGP route dampening function on router. Set the half-life is 30 minutes, the
re-use value is 500, and the suppress value is 2000, the maximum suppress time is
120 minutes.
ZXR10(config-bgp)#bgp dampening 30 500 2000 120
ZXR10(config-bgp)#network 203.250.15.0 255.255.255.0
ZXR10(config-bgp)#neighbor 192.208.10.5 remote-as 300
ZXR10(config-bgp)#exit
Use show ip bgp protocol to view the configuration of route dampening on router.
ZXR10#show ip bgp protocol
BGP router ID is 1.1.1.2, Local as is 1
Hold time is 90 seconds, KeepAlive time is 30 seconds
Default local preference is 100
Default export metric is 0
IPv4 IGP synchronization is disabled
IGP synchronization is disabled
Default information advertise is disabled
Always compare med is disabled
Fast fallover is enabled
Client-to-client reflection is enabled
Enforce-first-as is enabled
IPv4 client-number: 1
Ipv4 unicast is activated
BGP FRR is disabled
BGP IPv6 frr is disabled
Router target is filtered
Graceful restart is disabled
As-path ignore is disabled
Router-id ignore is disabled
BGP advertise-active-only is disabled
BGP VPNv4 advertise-active-only is disabled
BGP IPv4 rib-only is disabled
Route dampening enabled, halflife-time is 30,
reuse is 500, suppress is 2000, max-suppress-time is 120
Distance : external 20 internal 200
Here, the route dampening mechanism is activated. The half-life is 30 minutes, the
reuse value is 500, and the suppress value is 2000, and the maximum suppress time
is 120 minutes.
l Configuring BGP Peer Group
BGP peer group is to implement cluster management to BGP peer, which adds
peers into the uniform peer group and configure them. In this way, reduce the work
5-53

load of peer configuration, simply the configuration process and manage peers in
classification, improve the reliability and convenience of maintenance.

router.
2 ZXR10(config-bgp)#neighbor <word> peer-group This creates a BGP peer

group. The length of peer
group ranges from 1 to 16
characters.
3 ZXR10(config-bgp)#neighbor <word> remote-as This configures an AS number

<number> of a neighbor peer group.
4 ZXR10(config-bgp)#neighbor <ip-address> peer-group This adds a neighbor to BGP

<word> peer group.
<word> Name of peer group, the length is 1-16 characters
<word> Name of peer group, the length is 1-16 characters.
<number> AS of neighbor, the range is 1-65535 or 1-4294967295
<ip-address> IPv4 address of neighbor, in dotted decimal notation
<word> Name of peergroup, the length is 1-16 characters
Create a BGP peer group. The name of the group is zte. In the AS100, add neighbors
192.168.0.2 and 192.168.0.3 to the group. Run the following command:

ZXR10(config-bgp)#neighbor zte peer-group
ZXR10(config-bgp)#neighbor zte remote-as 100
ZXR10(config-bgp)#neighbor 192.168.0.2 peer-group zte
ZXR10(config-bgp)#neighbor 192.168.0.3 peer-group zte
5-54

5.3 Maintaining BGP

If a BGP routing fault occurs, use debugging commands to locate and remove the fault.
The following show commands are the frequently used ones. They can be used to check
the current status of a BGP neighbor and the BGP routing information learned by a router.
To maintain BGP, use the following commands.
Command Function
ZXR10#show ip bgp protocol Displays the configuration of the

local BGP module.
ZXR10#.show ip bgp neighbor Displays an adjacent BGP

neighbor and the corresponding
status.
ZXR10#show ip bgp route [network <ip-address>[mask Displays entries in a BGP routing

<net-mask>]] table.
ZXR10#show ip bgp summary Displays the status of all BGP

neighbor connections.
The following is sample output from the show ip bgp protocol command:
ZXR10#show ip bgp protocol
BGP router ID is 1.1.1.2, Local as is 1
Hold time is 90 seconds, KeepAlive time is 30 seconds
Default local preference is 100
Default export metric is 0
IGP synchronization is disabled
Default information advertise is disabled
Always compare med is disabled
Fast fallover is enabled
Client-to-client reflection is enabled
Enforce-first-as is enabled
IPv4 client-number: 1
Ipv4 unicast is activated
BGP FRR is disabled
BGP IPv6 frr is disabled
Router target is filtered
Graceful restart is disabled
As-path ignore is disabled
Router-id ignore is disabled
BGP advertise-active-only is disabled
BGP VPNv4 advertise-active-only is disabled
5-55


Route dampening is disabled
Distance : external 20 internal 200
Hold time is 90 seconds, KeepAlive The hold period is 90 seconds, and the keep-alive period is
time is 30 seconds 30 seconds.
Default local preference is 100 By default, the priority of the local router is 100.
Default export metric is 0 By default, the export metric value is 0.
Distance : external 20 internal 200 The external administrative distance is 20, and the internal
administrative distance is 200.
The following is sample output from the show ip bgp neighbor command:
ZXR10#show ip bgp neighbor
Neighbor capabilities:
Route refresh: advertised and received
Address family IPv4 Unicast: advertised and received
All received 10 messages
0 updates, 0 errs
1 opens, 0 errs
9 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 ipv4 multicast refreshs, 0 ipv6 refreshs,
0 errs
0 notifications, 0 other errs
After last established received 8 messages
0 updates, 0 errs
0 opens, 0 errs
8 keepalives
0 errs
All sent 10 messages
0 updates, 1 opens, 9 keepalives
0 notifications
After last established sent 8 messages
0 updates, 0 opens, 8 keepalives
5-56

0 notifications
For address family: IPv4 Unicast

All received nlri 0, unnlri 0, 0 accepted prefixes
All sent nlri 0, unnlri 0, 0 advertised prefixes
maximum limit 4294967295
Minimum time between advertisement runs is 30 seconds
Minimum time between origin runs is 15 seconds
......
BGP neighbor is 129.213.1.2, remote The IP address of the BGP neighbor is 129.213.1.2. The peer
AS 65001, external link router belongs to AS65001, and it uses an EBGP connection.
BGP version 4, remote router ID BGP-4 is used. The ID of the peer BGP router is 129.213.1.2.
129.213.1.2
BGP state = Established, up for The neighbor status is Established. The session has been
00:04:21 established for 4 minutes and 21 seconds.
hold time is 90 seconds, keepalive The hold period is 90 seconds, and the keepalive period is
interval is 30 seconds 30 seconds.
Neighbor capabilities: The following content describes the capability of the peer
router.
Route refresh: advertised and The peer supports route refreshing.

received
Address family IPv4 Unicast: The peer supports unicast NLRI.

advertised and received
All received 10 messages Ten messages are received. The messages include one
0 updates, 0 errs open message, nine keepalive messages. A VPNV4 route
1 opens, 0 errs update message is not received. There is no IPv4 route
9 keepalives update message, Notification message, and error message.
0 vpnv4 refreshs, 0 ipv4 refreshs,
0 ipv4 multicast refreshs, 0 ipv6
refreshs, 0 errs
5-57

After last established received 8 Eight messages have been received since the neighborhood
messages is established for the last time. They are all keepalive
0 updates, 0 errs messages.
0 opens, 0 errs
8 keepalives
refreshs, 0 errs
All sent 10 messages Ten messages are sent. The messages include 0 update
0 updates, 1 opens, 9 keepalives message, one open message and nine keepalive messages.
refreshs, 0 notifications
After last established sent 8 Eight messages have been sent since the neighborhood is
messages 0 updates, 0 opens, 8 established for the last time. The messages include 0 update
keepalives 0 vpnv4 refreshs, 0 ipv4 message, 0 open message and eight keepalive messages.
refreshs, 0 ipv4 multicast refreshs, 0
ipv6 refreshs, 0 notifications
For address family: IPv4 Unicast Unicast IPv4 route.
All received nlri 0, unnlri 0, 0 accepted NLRI and unnlri messages are not received. The prefix of
prefixes unicast is not received.
All sent nlri 0, unnlri 0, 0 advertised NLRI and unnlri messages are not sent. A prefix of unicast
prefixes is advertised.
Minimum time between advertisement The minimum update interval is 30 seconds.

runs is 30 seconds
Connections established 1 A BGP connection with the peer is established once already.
Local host: 129.213.1.1, Local port: Local IP socket, including the local IP address and TCP port
179 number.
Foreign host: 129.213.1.2, Foreign Peer IP socket, including the peer IP address and TCP port
port: 1024 number.
The following is sample output from the show ip bgp route command:
ZXR10#show ip bgp route

*>10.0.1.0/24 192.168.2.1 50 20 100 i
*10.0.1.0/24 192.168.1.1 100 20 100 i
*>10.0.2.0/24 0.0.0.0 0 i
5-58

ZXR10(config)#show ip bgp route detail 10.0.1.0 255.255.255.0

01:44:13 received from 192.168.2.1 (10.0.1.1)
as path [100]
01:47:25 received from 192.168.1.1 (10.0.1.1)
As path [100]
As4 path
l The symbol * indicates that the route is available.
l The symbol > indicates that the route is the best choice.
l The symbol i indicates that this is an IBGP route.
l The route without "i" indicates that this is an EBGP route or a local route.
l The address under the entry of Next-hop is the next-hop address of the BGP route. If
the address is full zero, it means that this route is generated by the router itself.
l The value under the Local-Pre is the priority level of the route that is learned by BGP.
The default value is 100.
l The field path indicates the origin of this route. Three types are available: IGP, EGP
and incomplete.
The result shows that two routes arriving at 10.0.1.0/24 are valid. The next-hop addresses
are 192.168.2.1 and 192.168.1.1. The optimum route is the route whose nexthop is
192.168.2.1, because its metric value is 50, which is smaller than another route.
Network Destination address.
Next Hop The nexthop of the BGP route. The nexthop represented
as full zero means that the route is generated by the local
router itself.
Metric Metric value.
LocPrf The local priority of the route learnt by BGP.
RtPrf Route priority.
Path Route source. Options: IGP, EGP and incomplete.
The following is sample output from the show ip bgp summary command:
ZXR10#show ip bgp summary
Neighbor Ver As MsgRcvd MsgSend Up/Down(s) State/PfxRcd
1.1.1.1 4 2 14 13 00:06:06 6
1.1.1.3 4 1 6 9 00:02:33 2
5-59

Neighbor BGP neighbor.
Ver BGP version.
As AS number of a neighbor.
MsgRcvd Number of messages received by BGP.
MsgSend Number of messages sent by BGP.
Up/Down(s) The time for setting up a connection.
State/PfxRcd A number is displayed if the neighborhood is set up, indicating

the number of routes received. A character is displayed if the
neighborhood fails to be set up.
5.4 BGP Configuration Examples

5.4.1 BGP Configuration Example One
Scenario Description
S1 and S2 belong to AS1, S4 belongs to AS2, and S3 and S5 belong to AS3, see Figure
5-18. Loopback addresses of the routers are shown below.
Router Loopback Address
S1 1.1.1.2/32
S2 1.1.1.3/32
S3 1.1.1.4/32
S4 1.1.1.1/32
S5 1.1.1.5/32
5-60

Figure 5-18 BGP Configuration Example One
1. Establish an IBGP connection between S1 and S2. Establish an EBGP connection

between S1 and S4. Establish an EBGP connection between S2 and S3.
2. S3 and S5 are interconnected by static routes and OSPF routes.
3. S3 distributes OSPF routes to BGP, and set the metric value of the OSPF route is 122.
4. There are static routes pointing to 192.168.0.0/24, 192.168.1.0/24, 192.168.2.0/24,
192.168.3.0/24 and 192.168.100.0/24 and 10.1.1.0/24 on R4.
5. S4 distributes its static routes to BGP and sets the metric value to 33. The route of
192.168.100.0/24 requires filtering.
6. Implement route aggregation on S4 and advertise the detailed routes.
7. Ensure that PCs in AS2 can intercommunicate with 20.1.1.0/24 connecting to S5.
8. All routers use the address of Loopback1 as the source address for connection, and
the length of the interconnection address mask is 30 bits.
Configuration Flow
1. Configure a static route.
2. Configure an IGP (OSPF).
3. Enable BGP.
4. Configure a neighbor.
5. Modify a source address.
6. Configure route aggregation.
5-61

7. Configure multi-hops.
8. Cancel synchronization.
9. Configure a route-map to filter out specified routes.
10. Modify the metric value of the route to be advertised.
Configuration Commands
S1(config-bgp)#exit
S1(config)#ip route 1.1.1.1 255.255.255.255 11.1.1.1
S1(config)#ip route 1.1.1.3 255.255.255.255 13.1.1.2

5-62


S2(config-bgp)#exit
S2(config)#ip route 1.1.1.4 255.255.255.255 12.1.1.1
S2(config)#ip route 1.1.1.2 255.255.255.255 13.1.1.1

S3(config-bgp)#redistribute ospf-int 1 metric 122
S3(config-bgp)#exit
S3(config)#ip route 1.1.1.3 255.255.255.255 12.1.1.2
S3(config-ospfv2)#network 14.1.1.0 0.0.0.3 area 0.0.0.0
S4(config-if-vlan1)#negotiation auto
5-63

S4(config-bgp)#redistribute static
S4(config-bgp)#aggregate-address 192.168.0.0 255.255.252.0 count 0 as-set
S4(config-bgp)#neighbor 1.1.1.2 route-map test-static out
S4(config-bgp)#exit
S4(config)#ip route 1.1.1.2 255.255.255.255 11.1.1.2
S4(config)#ip route 192.168.100.0 255.255.255.0 10.1.1.2
S4(config)#ip route 192.168.1.0 255.255.255.0 10.1.1.2
S4(config)#ip route 192.168.0.0 255.255.255.0 10.1.1.2
S4(config)#ip route 192.168.3.0 255.255.255.0 10.1.1.2
S4(config)#ip route 192.168.2.0 255.255.255.0 10.1.1.2
S4(config)#route-map test-static permit 10

S5(config)#interface null1
S5(config-if-null1)#exit
S5(config-if-vlan2)#negotiation auto
5-64

S5(config)#ip route 0.0.0.0 0.0.0.0 14.1.1.1
Configuration Verification
Run the following command to check the BGP routing table and route forwarding table on
S1.
*>1.1.1.2/32 1.1.1.2 0 ?
*>10.1.1.0/24 1.1.1.1 33 20 2 i
*>11.1.1.0/30 11.1.1.2 0 ?
*>i 12.1.1.0/30 1.1.1.3 100 200 ?
*>13.1.1.0/30 13.1.1.1 0 ?
*i 13.1.1.0/30 1.1.1.3 100 200 ?
*>i 14.1.1.0/30 1.1.1.3 0 100 200 3 ?
*>i 20.1.1.0/24 1.1.1.3 122 100 200 3 ?
*>192.168.0.0/22 1.1.1.1 33 20 2 i
*>192.168.0.0/24 1.1.1.1 33 20 2 ?
*>192.168.1.0/24 1.1.1.1 33 20 2 ?
*>192.168.2.0/24 1.1.1.1 33 20 2 ?
*>192.168.3.0/24 1.1.1.1 33 20 2 ?

IPv4 Routing Table:
1.1.1.1 11.1.1.1 vlan1 static 1 0
1.1.1.3 13.1.1.2 vlan2 static 1 0
10.1.1.0 11.1.1.1 vlan1 bgp 20 33
11.1.1.0 11.1.1.2 vlan1 direct 0 0
11.1.1.2 11.1.1.2 vlan1 address 0 0
12.1.1.0 13.1.1.2 vlan1 bgp 200 0
13.1.1.0 13.1.1.1 vlan1 direct 0 0
13.1.1.1 13.1.1.1 vlan1 address 0 0
14.1.1.0 13.1.1.2 vlan1 bgp 200 0
20.1.1.0 13.1.1.2 vlan2 bgp 200 122
192.168.0.0 11.1.1.1 vlan1 bgp 20 33
192.168.0.0 11.1.1.1 vlan1 bgp 20 33
192.168.1.0 11.1.1.1 vlan1 bgp 20 33
192.168.2.0 11.1.1.1 vlan1 bgp 20 33
192.168.3.0 11.1.1.1 vlan1 bgp 20 33
S2.
5-65


*>1.1.1.3/32 1.1.1.3 0 ?
*>i 10.1.1.0/24 1.1.1.2 33 100 200 2 i
*>i 11.1.1.0/30 1.1.1.2 100 200 ?
*> 12.1.1.0/30 12.1.1.2 0 ?
* 12.1.1.0/30 1.1.1.4 0 20 3 ?
*> 13.1.1.0/30 13.1.1.2 0 ?
*i 13.1.1.0/30 1.1.1.2 100 200 ?
*>14.1.1.0/30 1.1.1.4 0 20 3 ?
*>20.1.1.0/24 1.1.1.4 122 20 3 ?
*>i 192.168.0.0/22 1.1.1.2 33 100 200 2 i
*>i 192.168.0.0/24 1.1.1.2 33 100 200 2 ?
*>i 192.168.1.0/24 1.1.1.2 33 100 200 2 ?
*>i 192.168.2.0/24 1.1.1.2 33 100 200 2 ?
*>i 192.168.3.0/24 1.1.1.2 33 100 200 2 ?

IPv4 Routing Table:
1.1.1.2 13.1.1.1 vlan1 static 1 0
1.1.1.4 12.1.1.1 vlan2 static 1 0
10.1.1.0 13.1.1.1 vlan1 bgp 200 33
11.1.1.0 13.1.1.1 vlan1 bgp 200 0
12.1.1.0 12.1.1.2 vlan1 direct 0 0
12.1.1.2 12.1.1.2 vlan1 address 0 0
13.1.1.0 13.1.1.2 vlan1 direct 0 0
13.1.1.2 13.1.1.2 vlan1 address 0 0
14.1.1.0 12.1.1.1 vlan1 bgp 20 0
20.1.1.0 12.1.1.1 vlan2 bgp 20 122
192.168.0.0 13.1.1.1 vlan1 bgp 200 33
192.168.0.0 13.1.1.1 vlan1 bgp 200 33
192.168.1.0 13.1.1.1 vlan1 bgp 200 33
192.168.2.0 13.1.1.1 vlan1 bgp 200 33
192.168.3.0 13.1.1.1 vlan1 bgp 200 33
S3.

5-66

*>1.1.1.4/32 1.1.1.4 0 ?
*>10.1.1.0/24 1.1.1.3 20 1 2 i
*>11.1.1.0/30 1.1.1.3 20 1 ?
*>12.1.1.0/30 12.1.1.1 0 ?
*12.1.1.0/30 1.1.1.3 20 1 ?
*>13.1.1.0/30 1.1.1.3 20 1 ?
*>14.1.1.0/30 14.1.1.1 0 ?
*>20.1.1.0/24 14.1.1.2 122 110 ?
*>192.168.0.0/22 1.1.1.3 20 1 2 ?
*>192.168.0.0/24 1.1.1.3 20 1 2 ?
*>192.168.1.0/24 1.1.1.3 20 1 2 ?
*>192.168.2.0/24 1.1.1.3 20 1 2 ?
*>192.168.3.0/24 1.1.1.3 20 1 2 ?

IPv4 Routing Table:
1.1.1.3 12.1.1.2 vlan1 static 1 0
10.1.1.0 12.1.1.2 vlan1 bgp 20 0
11.1.1.0 12.1.1.2 vlan1 bgp 20 0
12.1.1.0 12.1.1.1 vlan1 direct 0 0
12.1.1.1 12.1.1.1 vlan1 address 0 0
13.1.1.0 12.1.1.2 vlan1 bgp 20 0
14.1.1.0 14.1.1.1 vlan1 direct 0 0
14.1.1.1 14.1.1.1 vlan1 address 0 0
20.1.1.0 14.1.1.2 vlan1 ospf 110 2
192.168.0.0 12.1.1.2 vlan1 bgp 20 0
192.168.0.0 12.1.1.2 vlan1 bgp 20 0
192.168.1.0 12.1.1.2 vlan1 bgp 20 0
192.168.2.0 12.1.1.2 vlan1 bgp 20 0
192.168.3.0 12.1.1.2 vlan1 bgp 20 0
S3#show ip forwarding route ospf

IPv4 Routing Table:
20.1.1.0 14.1.1.2 vlan2 ospf 110 2
S4.

*>1.1.1.1/32 1.1.1.1 0 ?
5-67

*>1.1.1.2/32 11.1.1.2 1 ?
*>10.1.1.0/24 10.1.1.1 0 i
*>11.1.1.0/30 11.1.1.1 0 ?
*11.1.1.0/30 1.1.1.2 20 1 ?
*>12.1.1.0/30 1.1.1.2 20 1 ?
*>13.1.1.0/30 1.1.1.2 20 1 ?
*>14.1.1.0/30 1.1.1.2 20 1 3 ?
*>20.1.1.0/24 1.1.1.2 20 1 3 ?
*>192.168.0.0/22 0.0.0.0 254 i
*>192.168.0.0/24 10.1.1.2 1 ?
*>192.168.1.0/24 10.1.1.2 1 ?
*>192.168.2.0/24 10.1.1.2 1 ?
*>192.168.3.0/24 10.1.1.2 1 ?
*>192.168.100.0/24 10.1.1.2 1 ?

IPv4 Routing Table:
1.1.1.2 11.1.1.2 vlan1 static 1 0
10.1.1.0 10.1.1.1 vlan2 direct 0 0
10.1.1.1 10.1.1.1 vlan1 address 0 0
11.1.1.0 11.1.1.1 vlan1 direct 0 0
11.1.1.1 11.1.1.1 vlan1 address 0 0
12.1.1.0 11.1.1.2 vlan1 bgp 20 0
13.1.1.0 11.1.1.2 vlan1 bgp 20 0
14.1.1.0 11.1.1.2 vlan1 bgp 20 0
20.1.1.0 11.1.1.2 vlan1 bgp 20 0
192.168.0.0 10.1.1.2 vlan1 static 1 0
192.168.1.0 10.1.1.2 vlan1 static 1 0
192.168.2.0 10.1.1.2 vlan1 static 1 0
192.168.3.0 10.1.1.2 vlan1 static 1 0
192.168.100.0 10.1.1.2 vlan1 static 1 0
Run the following command to test network connectivity between S4 and S5.
S4#ping 20.1.1.1
sending 5,100-byte ICMP echos to 20.1.1.1,timeout is 2 seconds.
!!!!!
S4#trace 20.1.1.1
tracing the route to 20.1.1.1
1 11.1.1.2 20 ms <20ms <20ms
2 13.1.1.2 <20ms <20ms <20ms
3 12.1.1.1 <20ms <20ms <20ms
4 14.1.1.2 <20ms <20ms <20ms
5-68

[finished]
S5#ping 10.1.1.2
sending 5,100-byte ICMP echos to 10.1.1.2,timeout is 2 seconds.
!!!!!
S5#trace 10.1.1.2
tracing the route to 10.1.1.2
1 14.1.1.1 <20ms <20ms <20ms
2 12.1.1.2 <20ms <20ms <20ms
3 13.1.1.1 <20ms <20ms <20ms
4 11.1.1.1 <20ms <20ms <20ms
5 * * *
[finished]
Run the following command to test network connectivity on a PC (IP address is 10.1.1.2
255.255.255.0).
C:\Documents and Settings\Administrator>ping 20.1.1.1
Pinging 20.1.1.1 with 32 bytes of data:
Reply from 20.1.1.1: bytes=32 time=1ms TTL=251
Ping statistics for 20.1.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
C:\Documents and Settings\Administrator>tracert 20.1.1.1

Tracing route to 20.1.1.1 over a maximum of 30 hops
1 <1 ms 6 ms <1 ms 10.1.1.1
2 1 ms 1 ms 1 ms 11.1.1.2
3 1 ms 1 ms 1 ms 13.1.1.2
4 1 ms 1 ms 1 ms 12.1.1.1
5 1 ms 1 ms 1 ms 20.1.1.1
Trace complete.
The test results above show that AS2 can communicate with AS3 normally.
5.4.2 BGP Configuration Example Two

The following describes a BGP instance. In this instance, the application of route
aggregation and static route redistribution are described.
5-69

S4 and S1 establish an EBGP neighborhood, S1 and S2 establish an IBGP neighborhood,

S2 and S5 establish multi-hops EBGP neighborhood, see Figure 5-19. Assume that four
static routes exist on S4.
S4 only advertises the network segment 192.16.0.0/16 by aggregation, and it uses a route
map to forbid BGP to advertise network segment 170.16.10.0/24. S2 and S5 establish an
EBGP multi-hop connection through S3. Ensure that the addresses used by two routers
(S2 and S5) to establish neighborhood can be pinged mutually.
Figure 5-19 BGP Configuration Example

S2(config)#ip route 183.16.0.0 255.255.0.0 173.16.2.1
5-70

S4(config-bgp)#exit

S4(config-bgp)#redistribute static
S4(config-bgp)#aggregate-address 192.16.0.0 255.255.0.0 count 0
as-set summary-only
S4(config-bgp)#neighbor 172.16.20.2 route-map torouter1 out
S4(config-bgp)#exit
S4(config-ipv4-acl)#rule 1 deny 170.16.10.0 0.0.0.255
S4(config)#route-map torouter1 permit 10

S5(config)#ip route 173.16.0.0 255.255.0.0 183.16.20.1
Run the show ip bgp summary command to check the neighborhood on S4.
S4(config)#show ip bgp summary
172.16.20.2 4 1 46 140 00:22:35 0
Run the show ip bgp route command to check the BGP routing table on S4.

Status codes: *-valid, >-best, i-internal, s-stale
*> 192.16.0.0/16 0.0.0.0 254 i
*> 192.16.20.0/24 10.9.1.39 1 ?
*> 192.16.21.0/24 10.9.1.39 1 ?
*> 192.16.22.0/24 10.9.1.39 1 ?
*> 170.16.10.0/24 10.9.1.39 1 ?

172.16.20.1 4 2 46 140 00:22:35 1
5-71

172.16.1.2 4 1 46 140 00:22:35 0
Run the following command to check the BGP routing table on S1:
*> 192.16.0.0/16 172.16.20.1 20 i 2
183.16.20.2 4 3 46 140 00:22:35 0
172.16.1.1 4 1 46 140 00:22:35 1
*>i 192.16.0.0/16 172.16.1.1 20 i 2
Run the show ip bgp summay command to check the neighborhood on S5.

173.16.20.2 4 1 46 140 00:22:35 1
*> 192.16.0.0/16 173.16.20.2 20 i 1 2
5.4.3 BGP FRR Configuration Example

For the architecture of the BGP FRR configuration, see Figure 5-20.
5-72

Figure 5-20 BGP FRR Configuration Example
Configuration Flow
1. Establish EBGP neighbor relations among S1, S2, and S3. Set the priority of the route
learnt from S2 on S1 to 200.
2. Enable the BGP FRR function on S1.
Establish EBGP neighbor relations among S1, S2, and S3, and enable the FRR function
on S1. In the example, the priority of the route learnt from S2 on S1 is set to 200. The
optimal routing path for 1.1.1.150/32 advertised by S3 is S1→S2→S3.
/*Run the following commands to establish EBGP neighbor relations:*/

S1(config-bgp)#bgp frr /*Enables the FRR function*/
S1(config-bgp)#exit
S1(config)#route-map lt /*Configures the route map*/
S1(config-bgp)#neighbor 172.16.1.2 route-map lt in
S1(config-bgp)#exit

S2(config-bgp)#exit

S3(config-bgp)#exit
5-73

Run the show ip forwarding backup route command to check whether the configuration
can enable the FRR function:
Run the following command to check whether the BGP FRR function is enabled on S1:
S1#show ip forwarding backup route
IPv4 Backup Routing Table:
Dest Gw Interface Owner Pri Metric M/S Status
1.1.1.150/32 172.16.1.2 gei-0/1/1/1 BGP 20 0 M I
1.1.1.150/32 171.16.20.2 gei-0/1/1/2 BGP 20 0 S U
5.4.4 BGP Route Reflector Configuration Example

A BGP route reflector is used to advertise routes between clients, between a client and
a non-client, and between a client and an EBGP. For the procedure of advertising routes
among clients, see Figure 5-21.
Figure 5-21 BGP Route Reflector Configuration Example
Configuration Flow
1. Establish IBGP neighbor relations among S1, S2, and S3.
2. Configure S2 as the RR, and set S1 and S3 as clients of S2.
3. Redistribute a route on S1 and advertise it to S2.
4. S2 reflects this route to S3.
Run the following commands on S1 (the configuration of the interface address is omitted):
S1(config-bgp)#redistribute connected /*Redistribute a directly connected route
for ease of verifying a route*/
S1(config-bgp)#exit
5-74


S2(config-bgp)#exit
S3(config-bgp)#exit

*> 1.1.1.0/24 1.1.1.1 0 0 ?
Run the following command to check the route reflected by S2 on S3:


i 1.1.1.0/24 1.1.1.1 100 200 ?
5.4.5 BGP and VRRP Linkage Configuration Example

Configure the Virtual Router Redundancy Protocol (VRRP) on a downlink interface. The
virtual address is used as the gateway for accessed devices. The uplink interfaces are
connected through the BGP (IBGP, EBGP, MP-IBGP, and MP-EBGP), see Figure 5-22.
To guarantee that the uplink and downlink traffic are the same, the VRRP BGP route from
which master packets are sent must be set as the optimized route.
5-75

Figure 5-22 BGP and VRRP Linkage Configuration Example
Configuration Flow
1. Establish BGP relations between S1 and S3, and between S2 and S3.
2. Check active and standby routers status when S1 and S2 operate as VRRPs.
3. Configure a track samgr object in BGP mode.
Note:
For how to establish BGP neighbor relations between S1 and S3, and between S2 and
S3, refer to the BGP Configuration Example.
For how to check active and standby routers status when S1 and S2 operate as
VRRPs, refer to the VRRP Confguration section in the ZXR10 8900E (V3.01.01)
Series Core Switch Configuration Guide Configuration Guide (Reliability).
Run the following commands on S1
S1(config)#interface gei-0/1/1/1
S1(config-if-gei-0/1/1/1)#no shutdown
S1(config-if-gei-0/1/1/1)#ip address 13.13.13.1 255.255.255.0
/*Configure the VRRP interfaces in VRRP mode.

The virtual VRRP address is 13.13.13.66*/
S1(config-if-gei-0/1/1/1)#exit
S1(config)#vrrp
S1(config-vrrp)#interface gei-0/1/1/1
S1(config-vrrp-if-gei-0/1/1/1)#vrrp 66 ipv4 13.13.13.66
5-76

S1(config-vrrp-if-gei-0/1/1/1)#exit
S1(config-vrrp)#exit
/*Configure the track VRRP object in samgr mode*/

S1(config)#samgr
S1(config-samgr)#track zte vrrp interface gei-0/1/1/1 vrid 66
/*Configure the track samgr object in BGP address family mode*/

S1(config-samgr)#exit
S1(config)#router bgp 66.66
S1(config-bgp)#track zte adjust-priority 67

S2(config-if-gei-0/1/1/1)#no shutdown
/*Configure the VRRP interfaces in VRRP mode.

The virtual VRRP address is 13.13.13.66*/
S2(config)#vrrp
S2(config-vrrp)#interface gei-0/1/1/1
S2(config-vrrp-if-gei-0/1/1/1)#vrrp 66 ipv4 13.13.13.66
S2(config-vrrp-if-gei-0/1/1/1)#exit
S2(config-vrrp)#exit
/*Configure the track VRRP object in samgr mode*/

S2(config)#samgr
S2(config-samgr)#track zte vrrp interface gei-0/1/1/1 vrid 66
/*Configure the track samgr object in BGP address family mode*/

S2(config-samgr)#exit
S2(config)#router bgp 66.66
S2(config-bgp)#track zte adjust-priority 67
If S1 operates as the active router, traffic is forwarded from S1 to S3. If S1 is disconnected,
the traffic is forwarded from S2 to S3.
5.4.6 BGP Graceful Restart Configuration Example

S1 and S2 are in a BGP neighbor relation, see Figure 5-23. Enable the graceful restart
function on S1 and S2. One router operates as the GR and another as the helper. If
5-77

routes are limited, you can use the default configuration. If S1 or S2 is restarted, packets
forwarding is not interrupted.
Figure 5-23 BGP Graceful Restart Configuration Example
Configuration Flow
1. Establish a BGP neighbor relation between S1 and S2.
2. Enable the graceful restart function on S1 and S2 respectively.
S1(config-bgp)#bgp graceful-restart

S2(config-bgp)#bgp graceful-restart
/*To learn routes between loopback addresses, configure the IGP*/
If traffic can be forwarded properly after the active/standby switchover operation, the
configuration is performed correctly.
5-78

Figures
Figure 1-1 Indirect Static Route Next Hop Configuration Example............................. 1-3
Figure 1-2 Static Route Configuration Example......................................................... 1-6
Figure 1-3 Static Route Summary Configuration Example......................................... 1-8
Figure 1-4 Default Route Configuration Example ...................................................... 1-9
Figure 2-1 RIP Configuration Example Topology ..................................................... 2-13
Figure 3-1 OSPF Router Type .................................................................................. 3-4
Figure 3-2 OSPF Basic Configuration Example......................................................... 3-9
Figure 3-3 OSPF Interface Attribute Configuration .................................................. 3-12
Figure 3-4 OSPF Authentication Configuration Example ......................................... 3-14
Figure 3-5 OSPF Stub Area Configuration Example................................................ 3-18
Figure 3-6 NSSA Area Configuration Example........................................................ 3-21
Figure 3-7 OSPF Inter-Area Route Aggregation Configuration Example ................. 3-23
Figure 3-8 Route Aggregation with Route Redistribution Configuration
Example ............................................................................................... 3-26
Figure 3-9 OSPF Route Load Balancing Configuration Example............................. 3-28
Figure 3-10 OSPF Redistribution Route Configuration Example.............................. 3-31
Figure 3-11 OSPF Virtual Link Configuration Example ............................................ 3-35
Figure 3-12 Sham-link............................................................................................. 3-36
Figure 3-13 OSPF Configuration Example One....................................................... 3-45
Figure 3-14 OSPF Configuration Example Two....................................................... 3-47
Figure 3-15 OSPF Multi-Instance Configuration Example ....................................... 3-49
Figure 4-1 IS-IS Architecture..................................................................................... 4-2
Figure 4-2 NSAP Address Architecture ..................................................................... 4-3
Figure 4-3 Three Times of Handshaking ................................................................... 4-4
Figure 4-4 Neighbor Establishment on a Broadcast Network..................................... 4-6
Figure 4-5 DIS on a Broadcast Network .................................................................... 4-6
Figure 4-6 Point-to-point Diffusion and Database Synchronization ............................ 4-8
Figure 4-7 Diffusion and Database Synchronization on a Broadcast Link ................ 4-10
Figure 4-8 Route-leaking ........................................................................................ 4-11
Figure 4-9 Single Area IS-IS Configuration Example............................................... 4-28
Figure 4-10 Multiple Area IS-IS Configuration Example........................................... 4-32
Figure 4-11 IS-IS Multi-Instance Configuration Example ......................................... 4-39

Figure 5-1 BGP Working Process ............................................................................. 5-3

Figure 5-2 IBGP and EBGP ...................................................................................... 5-5
Figure 5-3 EBGP Physical Direct-Connected Configuration Topology ....................... 5-7
Figure 5-4 EBGP Configuration through Loopback Address...................................... 5-9
Figure 5-5 IBGP Configuration ............................................................................... 5-13
Figure 5-6 Use network Command to Advertise BGP Route ................................... 5-17
Figure 5-7 Redistribute OSPF Routes by Using redistribute Command................... 5-20
Figure 5-8 Route Aggregation Configuration Example ............................................ 5-22
Figure 5-9 Filter Routes by Using Route-Map ......................................................... 5-27
Figure 5-10 Filtering Route by Using NLRI.............................................................. 5-30
Figure 5-11 Restrict the Number of Route Advertisements Received by
Neighbor............................................................................................... 5-32
Figure 5-12 Filtering Routes by Using AS_PATH..................................................... 5-34
Figure 5-13 Select Route by Using LOCAL_PREF Attribute ................................... 5-37
Figure 5-14 Select Route by Using MED................................................................. 5-40
Figure 5-15 Use Community to Control Routes ....................................................... 5-44
Figure 5-16 BGP Route Reflector Configuration Example ....................................... 5-48
Figure 5-17 BGP Confederation Configuration Example ......................................... 5-50
Figure 5-18 BGP Configuration Example One......................................................... 5-61
Figure 5-19 BGP Configuration Example ................................................................ 5-70
Figure 5-20 BGP FRR Configuration Example ........................................................ 5-73
Figure 5-21 BGP Route Reflector Configuration Example ....................................... 5-74
Figure 5-22 BGP and VRRP Linkage Configuration Example.................................. 5-76
Figure 5-23 BGP Graceful Restart Configuration Example ...................................... 5-78
II

Glossary
ABR
- Area Border Router
AD
- Administrative Domain
ASBR
- Autonomous System Boundary Router
BDR
- Backup Designate Router
BGP
- Border Gateway Protocol
CIDR
- Classless Inter-Domain Routing
CLNS
- ConnectionLess Network Service
DIS
- Designate IS
DR
- Designated Router
EBGP
- External Border Gateway Protocol
IBGP
- Interior Border Gateway Protocol
IGP
- Interior Gateway Protocol
IP
- Intelligent Peripheral
IS-IS
- Intermediate System-to-Intermediate System
ISO
- International Organization for Standardization
LSA
- Link State Advertisement
LSDB
- Link-state Database
III

LSP
- Link State Packet
LSU
- Link State Update
MAC
- Media Access Control
MED
- MULTI_EXIT_DISC
MP-BGP
- Multiprotocol BGP
NBMA
- Non-Broadcast Multiple Access
NSAP
- Network Service Access Point
NSSA
- Not-So-Stubby Area
OSI
- Open System Interconnection
OSPF
- Open Shortest Path First
PDU
- Protocol Data Unit
PE
- Provider Edge
RFC
- Remote Feature Control
RIP
- Routing Information Protocol
RR
- Router Reflector
SNP
- Sequence Num PDU
SPF
- Shortest Path First
TCP
- Transmission Control Protocol
TLV
- Type/Length/Value
IV

Glossary
UDP
- User Datagram Protocol
VLSM
- Variable Length Subnet Mask
VPN
- Virtual Private Network
VRF
- Virtual Route Forwarding
VRRP
- Virtual Router Redundancy Protocol

Zxr10 5900e Series

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Zxr10 5900e Series

Caricato da

Copyright:

Formati disponibili

ZXR10 5900E Series

Easy-Maintenance MPLS Routing Switch

Revision No. Revision Date Revision Reason

R1.0 2015–01–15 First edition

Serial Number: SJ-20150114102049-003

Publishing Date: 2015-01-15 (R1.0)

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

Chapter 2 RIP Configuration ..................................................................... 2-1

Chapter 3 OSPF Configuration.................................................................. 3-1

Chapter 4 IS-IS Configuration ................................................................... 4-1

Chapter 5 BGP Configuration.................................................................... 5-1

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

What Is in This Manual

Chapter 2, RIP Configuration Describes how to configure Routing Information

Chapter 3, OSPF Configuration Describes how to configure Open Shortest Path

Chapter 4, IS-IS Configuration Describes how to configure IS-IS on the ZXR10

Chapter 5, BGP Configuration Describes how to configure Border Gateway

| Separates individual parameters in a series of parameters.

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

Warning: indicates a potentially hazardous situation. Failure to comply can result in

Caution: indicates a potentially hazardous situation. Failure to comply can result in

Note: provides additional information about a certain topic.

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

1.1 Static Route Overview

ZXR10#show ip protocol routing

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

1.2 Configuring a Static Route

Configuring Direct Static Route

ZXR10(config)#ip route [vrf <vrf-name>]<prefix><net-mask This configures direct static route.

Descriptions of the parameters used by command are shown below.

<vrf-name> It is used to configure static route of the designated Virtual

<prefix> Network Internet Protocol (IP) prefix, in dotted decimal

<net-mask> Network Mask, in dotted decimal notation

<interface-name> Name of the used interface

<distance-metric> Management distance, ranging from 1 to 255

Configuring Indirect Static Route

ZXR10(config)#ip route [vrf <vrf-name>]<prefix><net-mask>{<n This configures indirect static

Descriptions of the parameters used by command are shown below.

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

<vrf-name> It is used to configure static route of the designated VRF.

<prefix> Network IP Prefix of destination address, in dotted decimal

<net-mask> Network mask of destination address, in dotted decimal

<interface-name> Name of the used interface

<distance-metric> Management distance, ranging from 1 to 255

Figure 1-1 Indirect Static Route Next Hop Configuration Example

The configuration of static route on S1:

View route table on S1:

ZXR10(config)#show ip protocol routing

Dest NextHop RoutePrf RouteMetric Protocol

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

View forwarding table on S1:

Configuring FRR function of static routes.

Descriptions of the parameters used by command are shown below.

<vrf-name> VRF name, range: 1–32 characters.

fast-reroute Enables the FRR function of static routes.

<time-interval> Interval of WTR, range: 0–12, default: 0.

1.3 Maintaining Static Route

SJ-20150114102049-003|2015-01-15 (R1.0) ZTE Proprietary and Confidential

Dest NextHop RoutePrf RouteMetric Protocol

Descriptions of command output are shown below.

Show Command Outout Description

Dest Destination IP address

NextHop IP address of next hop