Huawei Certification HCNP Lab Guide HCNP-IERN V1.6 OSPF BGP ACL Multicast 473 Pages
May 8, 2017 | Author: Chua Hian Koon | Category: N/A
Short Description
Huawei Certification HCNP Lab Guide HCNP-IERN V1.6 OSPF BGP ACL Multicast 473 Pages...
Description
HCNP-IERN
Huawei Certification
HCNP-IERN Implementing Enterprise Routing Network Lab Guide
Huawei Technologies Co.,Ltd
HUAWEI TECHNOLOGIES
HCNP-IERN
Copyright © Huawei Technologies Co., Ltd. 2010. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice
The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, expressed or implied.
Huawei Certification HCNP-IERN Implementing Enterprise Routing Network Lab Guide
Edition 1.6
HUAWEI TECHNOLOGIES
HCNP-IERN
Huawei Certification System Relying on its strong technical and professional training system, in accordance with different customers at different levels of ICT technology, Huawei certification is committed to provide customs with authentic, professional certification. Based on characteristics of ICT technologies and customers’needs at different levels, Huawei certification provides customers with certification system of four levels. HCNA (Huawei Certified Network Associate) is primary for IP network maintenance engineers, and any others who want to build an understanding of the IP network. HCNA certification covers the TCP/IP basics, routing, switching and other common foundational knowledge of IP networks, together with Huawei communications products, versatile routing platform VRP characteristics and basic maintenance. HCNP-Enterprise (Huawei Certified Network Professional-Enterprise) is aimed at enterprise-class network maintenance engineers, network design engineers, and any others who want to grasp in depth routing, switching, network adjustment and optimization technologies. HCNP-Enterprise consists of IESN (Implement Enterprise Switch Network), IERN (Implement Enterprise Routing Network), and IENP (Improving Enterprise Network performance), which includes advanced IPv4 routing and switching technology principles, network security, high availability and QoS, as well as the configuration of Huawei products. HCIE-Enterprise (Huawei Certified Internetwork Expert-Enterprise) is designed to endue engineers with a variety of IP technologies and proficiency in the maintenance, diagnostics and troubleshooting of Huawei products, which equips engineers with competence in planning, design and optimization of large-scale IP networks.
HUAWEI TECHNOLOGIES
HCNP-IERN
Referenced icon
Router
L3 Switch
L2 Switch
Firewall
Serial line
Ethernet line
HUAWEI TECHNOLOGIES
Net cloud
HCNP-IERN
Lab environment specification The Lab environment is suggested below:
Identifier
Device
OS version
R1
AR 2220
Version 5.90 ( V200R001C01SPC300)
R2
AR 2220
Version 5.90 ( V200R001C01SPC300)
R3
AR 2220
Version 5.90 ( V200R001C01SPC300)
R4
AR 1220
Version 5.90 ( V200R001C01SPC300)
R5
AR 1220
Version 5.90 ( V200R001C01SPC300)
S1
S5700-28C-EI-24S
Version 5.70 (V100R006C00SPC800)
S2
S5700-28C-EI-24S
Version 5.70 (V100R006C00SPC800)
S3
S3700-28TP-EI-AC
Version 5.70 (V100R006C00SPC800)
S4
S3700-28TP-EI-AC
Version 5.70 (V100R006C00SPC800)
FW1
Eudemon 200E-X2
Version 5.30 (V100R005C00SPC100)
FW2
Eudemon 200E-X2
Version 5.30 (V100R005C00SPC100)
HUAWEI TECHNOLOGIES
HCNP-IERN
CONTENTS Chapter 1 Implementing RIP features ................................................................................................ 1 Lab 1-1 RIPv1 and RIPv2 ................................................................................................................. 1 Chapter 2 Implementing OSPF design structures.............................................................................. 22 Lab 2-1 Single-Area OSPF ............................................................................................................. 22 Lab 2-2 Multi-Area OSPF .............................................................................................................. 43 Lab 2-3 OSPF Adjacency Relationships and Various Types of LSAs................................................ 69 Lab 2-4 OSPF Stub Area and NSSA .............................................................................................. 100 Lab 2-5 OSPF VCs and Inter-Area Route Filtering........................................................................ 124 Lab 2-6 OSPF Troubleshooting.................................................................................................... 149 Lab 2-7 Advanced OSPF Features ............................................................................................... 175 Chapter 3 BGP application and management ................................................................................. 199 Lab 3-1 IBGP and EBGP............................................................................................................... 199 Lab 3-2 BGP Route Aggregation.................................................................................................. 222 Lab 3-3 BGP Attributes and Path Selection 1 .............................................................................. 240 Lab 3-4 BGP Attributes and Path Selection 2 (Optional) ............................................................. 260 Lab 3-5 BGP Multi-homing ......................................................................................................... 278 Lab 3-6 BGP Troubleshooting ..................................................................................................... 305 Lab 3-7 BGP Route Reflector ...................................................................................................... 328 Lab 3-8 BGP Confederation (Optional) ....................................................................................... 352 Chapter 4 Traffic filtering and access control ................................................................................. 375 Lab 4-1 Access Control for Enterprise Data Using an ACL............................................................ 375 Lab 4-2 Route Import and Routing Control ................................................................................. 397 Chapter 5 Implementing multicast technologies ............................................................................ 421 Lab 5-1 Multicast, IGMP, and PIM DM Protocols ........................................................................ 421
HUAWEI TECHNOLOGIES
HCNP-IERN
Lab 5-2 PIM-SM and Dynamic RP ............................................................................................... 444
HUAWEI TECHNOLOGIES
HCNP-IERN
HUAWEI TECHNOLOGIES
HCNP-IERN Chapter 1 Implementing RIP features
Chapter 1 Implementing RIP features Lab 1-1 RIPv1 and RIPv2 Learning Objectives The objectives of this lab are to learn and understand: •
RIPv2 configuration mode
•
RIPv2 summarization mode
•
RIPv2 authentication configuration mode
•
RIPv2 passive interface configuration and effects
•
RIPv2 and RIPv1 compatibility configuration
Topology
Figure 1-1 RIPv1 and RIPv2 HC Series
HUAWEI TECHNOLOGIES
1
HCNP-IERN Chapter 1 Implementing RIP features
Scenario R1, R2, and R3 are connected to the network segment 10.0.123.0/24 through Ethernet switches. R1 and R4 are connected using a serial cable. The entire network uses the RIP protocol. You need to perform the following steps to understand the configuration, route summarization, and authentication configuration of the RIP protocol as well as the RIPv2 and RIPv1 compatibility configuration.
Tasks Step 1 Configure IP addresses. Configure IP addresses for all routers. system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R1 [R1]interface loopback 0 [R1-LoopBack0]ip address 10.0.1.1 24 [R1-LoopBack0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 24 [R1-Serial3/0/0]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ip address 10.0.123.1 24
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R2 [R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.123.2 24 [R2-GigabitEthernet0/0/0]interface loopback 0 [R2-LoopBack0]ip address 10.0.2.2 24
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R3 [R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]ip address 10.0.123.3 24 [R3-GigabitEthernet0/0/0]interface loopback 0 [R3-LoopBack0]ip address 10.0.3.3 24
2
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 1 Implementing RIP features system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R4 [R4]interface serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 24 [R4-Serial1/0/0]interface loopback 0 [R4-LoopBack0]ip address 10.1.0.1 24 [R4-LoopBack0]interface loopback 1 [R4-LoopBack1]ip address 10.1.1.1 24
After you have configured the IP addresses, test the connectivity between R1 and R2, between R1 and R3, and between R1 and R4. [R1]ping 10.0.123.2 PING 10.0.123.2: 56 data bytes, press CTRL_C to break Reply from 10.0.123.2: bytes=56 Sequence=1 ttl=255 time=3 ms Reply from 10.0.123.2: bytes=56 Sequence=2 ttl=255 time=2 ms Reply from 10.0.123.2: bytes=56 Sequence=3 ttl=255 time=2 ms Reply from 10.0.123.2: bytes=56 Sequence=4 ttl=255 time=2 ms Reply from 10.0.123.2: bytes=56 Sequence=5 ttl=255 time=2 ms
--- 10.0.123.2 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/3 ms
[R1]ping 10.0.123.3 PING 10.0.123.3: 56 data bytes, press CTRL_C to break Reply from 10.0.123.3: bytes=56 Sequence=1 ttl=255 time=3 ms Reply from 10.0.123.3: bytes=56 Sequence=2 ttl=255 time=2 ms Reply from 10.0.123.3: bytes=56 Sequence=3 ttl=255 time=2 ms Reply from 10.0.123.3: bytes=56 Sequence=4 ttl=255 time=2 ms Reply from 10.0.123.3: bytes=56 Sequence=5 ttl=255 time=2 ms
--- 10.0.123.3 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/3 ms
[R1]ping 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break
HC Series
HUAWEI TECHNOLOGIES
3
HCNP-IERN Chapter 1 Implementing RIP features Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=42 ms Reply from 10.0.14.4: bytes=56 Sequence=2 ttl=255 time=37 ms Reply from 10.0.14.4: bytes=56 Sequence=3 ttl=255 time=37 ms Reply from 10.0.14.4: bytes=56 Sequence=4 ttl=255 time=37 ms Reply from 10.0.14.4: bytes=56 Sequence=5 ttl=255 time=37 ms
--- 10.0.14.4 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 37/38/42 ms
Step 2 Configure RIPv2. Configure RIPv2 for all routers and summarization function.
disable the automatic
You can configure a process ID during the RIP configuration. The process ID 1 is used in this lab, however in this case it carries no real function. [R1]rip 1 [R1-rip-1]version 2 [R1-rip-1]network 10.0.0.0 [R1-rip-1]undo summary
[R2]rip 1 [R2-rip-1]version 2 [R2-rip-1]network 10.0.0.0 [R2-rip-1]undo summary
[R3]rip 1 [R3-rip-1]version 2 [R3-rip-1]network 10.0.0.0 [R3-rip-1]undo summary
[R4]rip 1 [R4-rip-1]version 2 [R4-rip-1]network 10.0.0.0 [R4-rip-1]undo summary
4
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 1 Implementing RIP features
After you have configured RIPv2, check the routing table of R2 and test the connectivity between R2 and R4. [R2]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 5
Routes : 5
RIP routing table status : Destinations : 5
Destination/Mask
Routes : 5
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.0.3.0/24 RIP
100 1
D
10.0.123.3
GigabitEthernet0/0/0
10.0.14.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.1.0.0/24 RIP
100 2
D
10.0.123.1
GigabitEthernet0/0/0
10.1.1.0/24 RIP
100 2
D
10.0.123.1
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
[R2]ping 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=37 ms Reply from 10.0.14.4: bytes=56 Sequence=2 ttl=255 time=32 ms Reply from 10.0.14.4: bytes=56 Sequence=3 ttl=255 time=32 ms Reply from 10.0.14.4: bytes=56 Sequence=4 ttl=255 time=32 ms Reply from 10.0.14.4: bytes=56 Sequence=5 ttl=255 time=32 ms
--- 10.0.14.4 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 32/33/37 ms
The preceding information shows that R2 learns five RIP routes through G0/0/0 and R2 can communicate with R4 successfully.
Step 3 Configure manual summarization on R4. Configure manual summarization on R4 to summarize routes HC Series
HUAWEI TECHNOLOGIES
5
HCNP-IERN Chapter 1 Implementing RIP features
10.1.0.0/24 and 10.1.1.0/24 to route 10.1.0.0/23. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]rip summary-address 10.1.0.0 255.255.254.0
After you have configured manual summarization, check the routing table of R2. [R2]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 4
Routes : 4
RIP routing table status : Destinations : 4
Destination/Mask
Routes : 4
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.0.3.0/24 RIP
100 1
D
10.0.123.3
GigabitEthernet0/0/0
10.0.14.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.1.0.0/23 RIP
100 2
D
10.0.123.1
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
The preceding information shows that only the summarized route 10.1.0.0/23 exists in the routing table and the routes 10.1.0.0/24 and 10.1.1.0/24 do not exist. Delete the IP address of Loopback1 on R4, that is, delete the network segment10.1.1.0/24, and then view changes in the routing table of R2. [R4]interface loopback 1 [R4-LoopBack1]undo ip address
[R2]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 4
Routes : 4
RIP routing table status :
6
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 1 Implementing RIP features Destinations : 4
Destination/Mask
Routes : 4
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.0.3.0/24 RIP
100 1
D
10.0.123.3
GigabitEthernet0/0/0
10.0.14.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.1.0.0/23 RIP
100 2
D
10.0.123.1
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
The preceding information shows that entries in the routing table of R2 do not change. The summarized route still exists in the routing table. If you delete the IP address of Loopback0 on R4, the summarized route will be deleted from the routing table of R2.
Step 4 Enable RIPv2 plain text authentication on the network segment 10.0.123.0/24. Configure RIP authentication on G0/0/0 interfaces of R1, R2, and R3, and set the authentication mode to plain text and password to huawei. [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]rip authentication-mode simple huawei
[R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]rip authentication-mode simple huawei
[R2]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 3
Routes : 3
RIP routing table status : Destinations : 3
Destination/Mask
Proto
10.0.1.0/24 RIP 10.0.14.0/24 RIP
HC Series
Routes : 3
Pre Cost
100 1 100 1
Flags NextHop
Interface
D
10.0.123.1
GigabitEthernet0/0/0
D
10.0.123.1
GigabitEthernet0/0/0
HUAWEI TECHNOLOGIES
7
HCNP-IERN Chapter 1 Implementing RIP features 10.1.0.0/23 RIP
100 2
D
10.0.123.1
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
The routing table of R2 shows that R2 has learned two routes from R1 but does not learn any routes from R3. Till now, RIP authentication is not configured on R3. Check routes learned by R3. [R3]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 10
Destination/Mask
Proto
Routes : 10
Pre Cost
Flags NextHop
Interface
10.0.3.0/24 Direct 0
0
D
10.0.3.3
LoopBack0
10.0.3.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.0/24 Direct 0
0
D
10.0.123.3 GigabitEthernet0/0/0
10.0.123.3/32 Direct 0
0
D
127.0.0.1
10.0.123.255/32 Direct 0 127.0.0.0/8
0
D
127.0.0.1
InLoopBack0 InLoopBack0
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The preceding information shows that there is no route learned from other routers through RIP in the routing table of R3. R3 fails to learn routes because the authentication mode of R3 is different from that of R1 and R2. You can run the debugging command to view the processing of routing information received by R3. terminal debugging debugging rip 1 packet Nov 9 2011 11:39:08.180.1+00:00 R3 RM/6/RMDEBUG: 6: 11698: RIP 1: Receive response from 10.0.123.2 on GigabitEthernet0/0/0 Nov 9 2011 11:39:08.180.2+00:00 R3 RM/6/RMDEBUG: 6: 11709: Packet: Version 2,
8
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 1 Implementing RIP features Cmd response, Length 44 Nov 9 2011 11:39:08.180.3+00:00 R3 RM/6/RMDEBUG: 6: 11833: Authentication-mode – Simple: huawei Nov 9 2011 11:39:08.180.4+00:00 R3 RM/6/RMDEBUG: 6: 11777: Dest 10.0.2.0/24, Nexthop 0.0.0.0, Cost 1, Tag 0 Nov 9 2011 11:39:08.180.5+00:00 R3 RM/3/RMDEBUG: 6: 10855: RIP 1: Authentication failure Nov 9 2011 11:39:08.180.6+00:00 R3 RM/6/RMDEBUG: 6: 1662: RIP 1: Process message failed Nov 9 2011 11:39:14.800.1+00:00 R3 RM/6/RMDEBUG: 6: 11689: RIP 1: Sending response on interface GigabitEthernet0/0/0 from 10.0.123.3 to 224.0.0.9 undo debug all
The preceding information shows that G0/0/0 of R3 receives RIP routing information from other routers but the authentication fails because the authentication mode of R3 is different from that of R1 and R2. Run the debugging command to check the processing of routing information received by R2 from R3 and R1. terminal debugging Info: Current terminal debugging is on. debugging rip 1 packet Nov 9 2011 11:39:16.260.1+00:00 R2 RM/6/RMDEBUG: 6: 11698: RIP 1: Receive response from 10.0.123.1 on GigabitEthernet0/0/0 Nov 9 2011 11:39:16.260.2+00:00 R2 RM/6/RMDEBUG: 6: 11709: Packet: Version 2, Cmd response, Length 84 Nov 9 2011 11:39:16.260.3+00:00 R2 RM/6/RMDEBUG: 6: 11833: Authentication-mode – Simple: huawei Nov 9 2011 11:39:16.260.4+00:00 R2 RM/6/RMDEBUG: 6: 11777: Dest 10.0.1.0/24, Nexthop 0.0.0.0, Cost 1, Tag 0 Nov 9 2011 11:39:16.260.5+00:00 R2 RM/6/RMDEBUG: 6: 11777: Dest 10.0.14.0/24, Nexthop 0.0.0.0, Cost 1, Tag 0 Nov 9 2011 11:39:16.260.6+00:00 R2 RM/6/RMDEBUG: 6: 11777: Dest 10.1.0.0/16, Nexthop 0.0.0.0, Cost 2, Tag 0 Nov 9 2011 11:39:23.940.1+00:00 R2 RM/6/RMDEBUG: 6: 11689: RIP 1: Sending response on interface GigabitEthernet0/0/0 from 10.0.123.2 to 224.0.0.9 Nov 9 2011 11:39:23.940.2+00:00 R2 RM/6/RMDEBUG: 6: 11709: Packet: Version 2, Cmd response, Length 44 Nov 9 2011 11:39:23.940.3+00:00 R2 RM/6/RMDEBUG: 6: 11833: Authentication-mode – Simple: huawei Nov 9 2011 11:39:23.940.4+00:00 R2 RM/6/RMDEBUG: 6: 11777: Dest 10.0.2.0/24, Nexthop 0.0.0.0, Cost 1, Tag 0
HC Series
HUAWEI TECHNOLOGIES
9
HCNP-IERN Chapter 1 Implementing RIP features undo debug all Info: All possible debugging has been turned off
Configure RIP plain text authentication on R3. [R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]rip authentication-mode simple huawei
View the routing table of R3. The authentication mode of R3 is the same as that of R1 and R2, and R3 can learn RIP routes from other routers. [R3]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 4
Routes : 4
RIP routing table status : Destinations : 4
Destination/Mask
Routes : 4
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.0.2.0/24 RIP
100 1
D
10.0.123.2
GigabitEthernet0/0/0
10.0.14.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.1.0.0/23 RIP
100 2
D
10.0.123.1
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
Test the connectivity between R3 and other network segments from R3. [R3]ping 10.1.0.1 PING 10.1.0.1: 56 data bytes, press CTRL_C to break Reply from 10.1.0.1: bytes=56 Sequence=1 ttl=254 time=42 ms Reply from 10.1.0.1: bytes=56 Sequence=2 ttl=254 time=38 ms Reply from 10.1.0.1: bytes=56 Sequence=3 ttl=254 time=38 ms Reply from 10.1.0.1: bytes=56 Sequence=4 ttl=254 time=38 ms Reply from 10.1.0.1: bytes=56 Sequence=5 ttl=254 time=38 ms
--- 10.1.0.1 ping statistics --5 packet(s) transmitted
10
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 1 Implementing RIP features 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 38/38/42 ms
Step 5 Enable RIPv2 MD5 authentication on the network segment 10.0.14.0. Configure RIPv2 MD5 authentication on R1 and set the password to huawei. [R1]interface Serial 3/0/0 [R1-Serial3/0/0]rip authentication-mode md5 usual huawei
Check the routing table of R4 before configuring MD5 authentication on R4. There is no RIP route in the routing table of R4 because the authentication mode of R4 is different from that of R1. You can run the debugging command to view information about learned RIP routes and the authentication failure. [R4]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 14
Destination/Mask
Proto
Routes : 14
Pre Cost
Flags NextHop
Interface
10.0.14.0/24 Direct 0
0
D
10.0.14.4
Serial1/0/0
10.0.14.1/32 Direct 0
0
D
10.0.14.1
Serial1/0/0
10.0.14.4/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.0.0/24 Direct 0
0
D
10.1.0.1
LoopBack0
10.1.0.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.0.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.1.0/24 Direct 0
0
D
10.1.1.1
LoopBack1
10.1.1.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.1.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
HC Series
HUAWEI TECHNOLOGIES
11
HCNP-IERN Chapter 1 Implementing RIP features terminal debugging Info: Current terminal debugging is on. debugging rip 1 packet Nov 9 2011 14:51:02.810.1+00:00 R4 RM/6/RMDEBUG: 6: 11698: RIP 1: Receive response from 10.0.14.1 on Serial1/0/0 Nov 9 2011 14:51:02.810.2+00:00 R4 RM/6/RMDEBUG: 6: 11709: Packet: Version 2, Cmd response, Length 128 Nov 9 2011 14:51:02.810.3+00:00 R4 RM/6/RMDEBUG: 6: 11869: Authentication-mode - MD5 Digest: f8e1dc30.deb83bb7.1b8ce4e5.0e92e4a1 Nov 9 2011 14:51:02.810.4+00:00 R4 RM/6/RMDEBUG: 6: 11901: Sequence: 00011728 Nov 9 2011 14:51:02.810.5+00:00 R4 RM/6/RMDEBUG: 6: 11777: Dest 10.0.1.0/24, Nexthop 0.0.0.0, Cost 1, Tag 0 Nov 9 2011 14:51:02.810.6+00:00 R4 RM/6/RMDEBUG: 6: 11777: Dest 10.0.2.0/24, Nexthop 0.0.0.0, Cost 2, Tag 0 Nov 9 2011 14:51:02.810.7+00:00 R4 RM/6/RMDEBUG: 6: 11777: Dest 10.0.3.0/24, Nexthop 0.0.0.0, Cost 2, Tag 0 Nov 9 2011 14:51:02.810.8+00:00 R4 RM/6/RMDEBUG: 6: 11777: Dest 10.0.14.0/24, Nexthop 0.0.0.0, Cost 1, Tag 0 Nov 9 2011 14:51:02.810.9+00:00 R4 RM/6/RMDEBUG: 6: 11777: Dest 10.0.123.0/24, Nexthop 0.0.0.0, Cost 1, Tag 0 Nov 9 2011 14:51:02.810.10+00:00 R4 RM/3/RMDEBUG: 6: 10855: RIP 1: Authentication failure Nov 9 2011 14:51:02.810.11+00:00 R4 RM/6/RMDEBUG: 6: 1662: RIP 1: Process message failed
Configure RIP MD5 authentication on R4. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]rip authentication-mode md5 usual huawei
After you have configured MD5 authentication, view the routing table of R4. R4 has learned routes from other routers. [R4]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 4
Routes : 4
RIP routing table status : Destinations : 4
Destination/Mask
12
Proto
Routes : 4
Pre Cost
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
HC Series
HCNP-IERN Chapter 1 Implementing RIP features
10.0.1.0/24 RIP
100 1
D
10.0.14.1
Serial1/0/0
10.0.2.0/24 RIP
100 2
D
10.0.14.1
Serial1/0/0
10.0.3.0/24 RIP
100 2
D
10.0.14.1
Serial1/0/0
10.0.123.0/24 RIP
100 1
D
10.0.14.1
Serial1/0/0
RIP routing table status : Destinations : 0
Routes : 0
Test the network connectivity on R4. [R4]ping 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=46 ms Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=254 time=30 ms Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=254 time=30 ms Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=254 time=30 ms Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=254 time=48 ms
--- 10.0.3.3 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 30/36/48 ms
[R4]ping 10.0.2.2 PING 10.0.2.2: 56 data bytes, press CTRL_C to break Reply from 10.0.2.2: bytes=56 Sequence=1 ttl=254 time=33 ms Reply from 10.0.2.2: bytes=56 Sequence=2 ttl=254 time=30 ms Reply from 10.0.2.2: bytes=56 Sequence=3 ttl=254 time=30 ms Reply from 10.0.2.2: bytes=56 Sequence=4 ttl=254 time=30 ms Reply from 10.0.2.2: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 10.0.2.2 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 30/30/33 ms
HC Series
HUAWEI TECHNOLOGIES
13
HCNP-IERN Chapter 1 Implementing RIP features
Step 6 Configure a RIP silent interface. In actual network applications, you need to forbid RIP from sending RIP updates on some interfaces to guarantee network security after configuring the RIP protocol. Configure S1/0/0 of R4 as a silent interface. [R4]rip 1 [R4-rip-1]silent-interface Serial 1/0/0
After you have configured the silent interface, disable and then enable S1/0/0 of R4 so that R4 learns routes again. Then, observe routes learned by R4. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]shutdown [R4-Serial1/0/0]undo shutdown
Wait for R4 to learn routes completely and observe the routing table of R4. [R4]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 4
Routes : 4
RIP routing table status : Destinations : 4
Destination/Mask
Proto
Routes : 4
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 RIP
100 1
D
10.0.14.1
Serial1/0/0
10.0.2.0/24 RIP
100 2
D
10.0.14.1
Serial1/0/0
10.0.3.0/24 RIP
100 2
D
10.0.14.1
Serial1/0/0
10.0.123.0/24 RIP
100 1
D
10.0.14.1
Serial1/0/0
RIP routing table status : Destinations : 0
Routes : 0
The preceding information shows that the routing table of R4 keeps unchanged and R4 still learns routes of the entire network.
14
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 1 Implementing RIP features
View routing tables of R1 and R3 and compare them with original routing tables. [R1]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 2
Routes : 2
RIP routing table status : Destinations : 2
Destination/Mask
Routes : 2
Proto
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 RIP
100 1
D
10.0.123.2
GigabitEthernet0/0/0
10.0.3.0/24 RIP
100 1
D
10.0.123.3
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
[R3]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 3
Routes : 3
RIP routing table status : Destinations : 3
Destination/Mask
Proto
Routes : 3
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.0.2.0/24 RIP
100 1
D
10.0.123.2
GigabitEthernet0/0/0
10.0.14.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
The preceding information shows that the route 10.1.0.0/23 does not exist in the routing tables of R1 and R3. R4 only learns existing routes on the network and does not advertise its routes because S1/0/0 of R4 is configured as a silent interface. Therefore, R1, R2, and R3 cannot learn routes from R4. HC Series
HUAWEI TECHNOLOGIES
15
HCNP-IERN Chapter 1 Implementing RIP features
Step 7 Configure RIPv1 and RIPv2 compatibility. Change the version of RIP to version 1 on R2 and R3. [R2]rip 1 [R2-rip-1]version 1
[R3]rip 1 [R3-rip-1]version 1
Disable and then enable G0/0/0 of R1 so that R1 recalculates routes. [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]shutdown [R1-GigabitEthernet0/0/0]undo shutdown
Then, observe the routing table of each router. [R1]display ip routing-table protocol rip [R1]
There is no RIP route in the routing table of R1 because of the following causes: A silent interface is configured on R4, and therefore R4 does not send route updates to R1. R2 and R3 run RIPv1 and R1 runs RIPv2. R1 cannot receive routing information from R2 and R3. You can run the debugging command to view receiving and sending status of routing information. terminal debugging Info: Current terminal debugging is on. debugging rip 1 packet Nov 10 2011 20:47:53.190.1+00:00 R1 RM/6/RMDEBUG: 6: 11689: RIP 1: Sending response on interface GigabitEthernet0/0/0 from 10.0.123.1 to 224.0.0.9 Nov 10 2011 20:47:53.190.2+00:00 R1 RM/6/RMDEBUG: 6: 11709: Packet: Version 2, Cmd response, Length 84 Nov 10 2011 20:48:13.540.1+00:00 R1 RM/6/RMDEBUG: 6: 11698: RIP 1: Receive response from 10.0.123.3 on GigabitEthernet0/0/0 Nov 10 2011 20:48:13.540.2+00:00 R1 RM/6/RMDEBUG: 6: 11709: Packet: Version 1, Cmd response, Length 24 Nov 10 2011 20:48:13.540.3+00:00 R1 RM/6/RMDEBUG: 6: 11758: Dest 10.0.3.0, Cost 1 Nov 10 2011 20:48:13.540.4+00:00 R1 RM/6/RMDEBUG: 6: 2410: RIP 1: Ignoring packet.
16
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 1 Implementing RIP features This version is not configured. Nov 10 2011 20:48:13.980.1+00:00 R1 RM/6/RMDEBUG: 6: 11698: RIP 1: Receive response from 10.0.123.2 on GigabitEthernet0/0/0 Nov 10 2011 20:48:13.980.2+00:00 R1 RM/6/RMDEBUG: 6: 11709: Packet: Version 1, Cmd response, Length 24 Nov 10 2011 20:48:13.980.4+00:00 R1 RM/6/RMDEBUG: 6: 2410: RIP 1: Ignoring packet. This version is not configured. undo debugging all Info: All possible debugging has been turned off
The preceding information shows that R1 sends routing information of RIPv2 but receives routing information of RIPv1from R2 and R3. R1 ignores information of RIPv1 due to different RIP versions. Likewise, R2 and R3 do not learn RIP routes from R1 due to different RIP versions. You can run the debugging command to view route learning status on R2 and R3. RIPv1 and RIPv2 may coexist in the actual network environment. Compatibility has been considered in RIPv2 design. You can make proper configuration to enable RIPv1 routers and RIPv2 routers to exchange routing information. Configure G0/0/0 of R1 to run in RIPv1 mode so that R1 can identify routing information of RIPv1 received by G0/0/0. [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]rip version 1 [R1-GigabitEthernet0/0/0]display this [V200R001C00SPC200] # interface GigabitEthernet0/0/0 ip address 10.0.123.1 255.255.255.0 rip authentication-mode simple huawei rip version 1 # Return
View routing tables of R1, R2, and R3. Each router can learn routes from other routers. [R1]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP
HC Series
HUAWEI TECHNOLOGIES
17
HCNP-IERN Chapter 1 Implementing RIP features Destinations : 2
Routes : 2
RIP routing table status : Destinations : 2
Destination/Mask
Routes : 2
Proto
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 RIP
100 1
D
10.0.123.2
GigabitEthernet0/0/0
10.0.3.0/24 RIP
100 1
D
10.0.123.3
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
[R2]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 3
Routes : 3
RIP routing table status : Destinations : 3
Destination/Mask
Routes : 3
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
10.0.3.0/24 RIP
100 1
D
10.0.123.3
GigabitEthernet0/0/0
10.0.14.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
[R3]display ip routing-table protocol rip Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : RIP Destinations : 3
Routes : 3
RIP routing table status : Destinations : 3
Destination/Mask
Proto
10.0.1.0/24 RIP
18
Routes : 3
Pre Cost
100 1
Flags NextHop
D
10.0.123.1
HUAWEI TECHNOLOGIES
Interface
GigabitEthernet0/0/0
HC Series
HCNP-IERN Chapter 1 Implementing RIP features 10.0.2.0/24 RIP
100 1
D
10.0.123.2
GigabitEthernet0/0/0
10.0.14.0/24 RIP
100 1
D
10.0.123.1
GigabitEthernet0/0/0
RIP routing table status : Destinations : 0
Routes : 0
Final Configurations [R1]display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 rip authentication-mode md5 usual gg^dP=F.[>=H)H2[EInB~.2# interface GigabitEthernet0/0/0 ip address 10.0.123.1 255.255.255.0 rip authentication-mode simple huawei rip version 1 # interface LoopBack0 ip address 10.0.1.1 255.255.255.0 # rip 1 undo summary version 2 network 10.0.0.0 # Return
[R2]display current-configuration [V200R001C00SPC200] # sysname R2 # interface GigabitEthernet0/0/0 ip address 10.0.123.2 255.255.255.0 rip authentication-mode simple huawei # interface LoopBack0
HC Series
HUAWEI TECHNOLOGIES
19
HCNP-IERN Chapter 1 Implementing RIP features ip address 10.0.2.2 255.255.255.0 # rip 1 version 1 network 10.0.0.0 # Return
[R3]display current-configuration [V200R001C00SPC200] # sysname R3 # interface GigabitEthernet0/0/0 ip address 10.0.123.3 255.255.255.0 rip authentication-mode simple huawei # interface LoopBack0 ip address 10.0.3.3 255.255.255.0 # rip 1 version 1 network 10.0.0.0 # Return
[R4]display current-configuration [V200R001C00SPC200] # sysname R4 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0
20
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 1 Implementing RIP features rip authentication-mode md5 usual gg^dP=F.[>=H)H2[EInB~.2# rip summary-address 10.1.0.0 255.255.254.0 # interface LoopBack0 ip address 10.1.0.1 255.255.255.0 # interface LoopBack1 ip address 10.1.1.1 255.255.255.0 # rip 1 undo summary version 2 network 10.0.0.0 silent-interface Serial1/0/0 # return
HC Series
HUAWEI TECHNOLOGIES
21
HCNP-IERN Chapter 2 Implementing OSPF design structures
Chapter 2 Implementing OSPF design structures Lab 2-1 Single-Area OSPF Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Configure single-area OSPF.
•
Configure OSPF authentication.
•
Establish neighbor relationships on multi-access networks.
•
Use OSPF to advertise the subnet mask of the network to which
the loopback interface connects. •
Change cost values for OSPF interfaces.
•
Configure an interface as a silent interface.
•
View OSPF status using the display command.
•
View OSPF neighbor relationships and troubleshoot faults using
the debug command.
22
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Topology
Figure 2-1 Single-area OSPF
Scenario Assume that you are a network administrator of a company that has three ARG3 routers. These routers are interconnected over the Ethernet. A broadcast multi-access network, such as Ethernet, has security threats. Therefore, OSPF area authentication is required to prevent malicious route attacks. A network connectivity problem occurs during network deployment. You must rectify the fault using the display and debug commands, and finally resume normal network operation.
Tasks Step 1 Perform basic configuration and IP addressing. Configure IP addresses and subnet masks for R1, R2, and R3. Configure a 24-bit subnet mask for the loopback interface to simulate an independent network segment. system-view Enter system view, return user view with Ctrl+Z. [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ip address 10.0.123.1 24
HC Series
HUAWEI TECHNOLOGIES
23
HCNP-IERN Chapter 2 Implementing OSPF design structures [R1-GigabitEthernet0/0/0]quit [R1]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 24 [R1-LoopBack0]quit
system-view Enter system view, return user view with Ctrl+Z. [R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.123.2 24 [R2-GigabitEthernet0/0/0]quit [R2]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24 [R2-LoopBack0]quit
system-view Enter system view, return user view with Ctrl+Z. [R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]ip address 10.0.123.3 24 [R3-GigabitEthernet0/0/0]quit [R3]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 24 [R3-LoopBack0]quit
Verify the connectivity between routers. [R1]ping -c 1 10.0.123.2 PING 10.0.123.2: 56 data bytes, press CTRL_C to break Reply from 10.0.123.2: bytes=56 Sequence=1 ttl=255 time=2 ms
--- 10.0.123.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/2 ms
[R1]ping -c 1 10.0.123.3 PING 10.0.123.3: 56 data bytes, press CTRL_C to break Reply from 10.0.123.3: bytes=56 Sequence=1 ttl=255 time=2 ms
--- 10.0.123.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss
24
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures round-trip min/avg/max = 2/2/2 ms
[R2]ping -c 1 10.0.123.3 PING 10.0.123.3: 56 data bytes, press CTRL_C to break Reply from 10.0.123.3: bytes=56 Sequence=1 ttl=255 time=2 ms
--- 10.0.123.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/2 ms
Step 2 Configure single-area OSPF. Configure single-area OSPF and deploy all routers in area 0. Configure OSPF process 1. In addition, configure area authentication and set the password to huawei. Huawei's equipment supports plain text and MD5 authentication. Plain text authentication is used for this step. Note that the wildcard subnet mask 0.0.0.0 is used when you use the network command. Router IDs are usually specified using the router-id parameter so that they will not change. [R1]ospf 1 router-id 10.0.1.1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.123.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
[R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.123.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
[R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.123.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
View the routing tables and test the connectivity of the entire network. View the routing table of R1.
HC Series
HUAWEI TECHNOLOGIES
25
HCNP-IERN Chapter 2 Implementing OSPF design structures [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Routes : 12
Proto Pre Cost
Flags NextHop
Interface
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
10.0.2.2/32
OSPF
10
1
D
10.0.123.2
GigabitEthernet0/0/0
InLoopBack0
10.0.3.3/32
OSPF
10
1
D
10.0.123.3
GigabitEthernet0/0/0 GigabitEthernet0/0/0
10.0.123.0/24
Direct 0
0
D
10.0.123.1
10.0.123.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
R1 learns two routes from OSPF: 10.0.2.2/32 and 10.0.3.3/32. The next hops of the two routes are 10.0.123.2 and 10.0.123.3 respectively. Check whether the loopback addresses configured for R2 and R3 are reachable from R1. [R1]ping -c 1 10.0.2.2 PING 10.0.2.2: 56 data bytes, press CTRL_C to break Reply from 10.0.2.2: bytes=56 Sequence=1 ttl=255 time=3 ms
--- 10.0.2.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 3/3/3 ms
[R1]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=255 time=2 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss 26
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures round-trip min/avg/max = 2/2/2 ms
Run the display ospf brief command to view basic OSPF information. [R1]display ospf brief
OSPF Process 1 with Router ID 10.0.1.1 OSPF Protocol Information
RouterID: 10.0.1.1
Border Router:
Multi-VPN-Instance is not enabled Global DS-TE Mode: Non-Standard IETF Mode Graceful-restart capability: disabled Helper support capability : not configured Spf-schedule-interval: max 10000ms, start 500ms, hold 1000ms Default ASE parameters: Metric: 1 Tag: 1 Type: 2 Route Preference: 10 ASE Route Preference: 150 SPF Computation Count: 18 RFC 1583 Compatible Retransmission limitation is disabled Area Count: 1
Nssa Area Count: 0
ExChange/Loading Neighbors: 0
Area: 0.0.0.0 Authtype: Simple
Area flag: Normal
SPF scheduled Count: 18 ExChange/Loading Neighbors: 0
Interface: 10.0.123.1 (GigabitEthernet0/0/0) Cost: 1
State: DROther
Type: Broadcast
MTU: 1500
Priority: 1 Designated Router: 10.0.123.2 Backup Designated Router: 10.0.123.3 Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Interface: 10.0.1.1 (LoopBack0) Cost: 0
State: P-2-P
Type: P2P
MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
The preceding information shows that plain text authentication (Authtype: Simple) is enabled in area 0, and two interfaces run OSPF:
HC Series
HUAWEI TECHNOLOGIES
27
HCNP-IERN Chapter 2 Implementing OSPF design structures
GigabitEthernet 0/0/0 and LoopBack 0. GigabitEthernet 0/0/0: the network type is broadcast, the cost is 1, and priority is 1. The role of R1 is DROther. The information about the DR (10.0.123.2) and BDR (10.0.123.3) is also provided. The network type of OSPF-enabled LoopBack 0 is P2P. Run the display ospf peer brief command to view the OSPF neighbor relationships between routers. [R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.0
GigabitEthernet0/0/0
10.0.2.2
Full
0.0.0.0
GigabitEthernet0/0/0
10.0.3.3
Full
----------------------------------------------------------------------------
The preceding information shows that R1 has two neighbors in area 0.0.0.0. The IDs of the two neighbors are 10.0.2.2 and 10.0.3.3 respectively. The two neighbor relationships are in the Full state. Run the display ospf lsdb command to view the OSPF LSDB of R1. [R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Area: 0.0.0.0 Type
LinkState ID
Router
10.0.3.3
Router
10.0.2.2
Router
10.0.1.1
Network
10.0.123.2
AdvRouter 10.0.3.3 10.0.2.2 10.0.1.1 10.0.2.2
Age Len 98 48
98 48 96 48
Sequence
80000011
1
80000016
80000013
99 36
Metric
8000000F
1 1 0
There are four link-state advertisements (LSAs), among which the first three LSAs are Type 1 LSAs and are respectively generated by R1, R2, and R3. The AdvRouter field indicates the router that generates a specific LSA. The fourth LSA is a Type2 LSA that is generated by the DR on a network segment. R2 is the DR on the network segment 10.0.123.0/24. Therefore, the AdvRouter field value of this LSA is 28
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
10.0.2.2. View the details about the LSA generated by R1. [R1]display ospf lsdb router self-originate
OSPF Process 1 with Router ID 10.0.1.1 Area: 0.0.0.0 Link State Database
Type
: Router
Ls id
: 10.0.1.1
Adv rtr
: 10.0.1.1
Ls age
: 680
Len
: 48
Options
: E
seq#
: 80000013
chksum
: 0x7787
Link count: 2 * Link ID: 10.0.123.2 Data
: 10.0.123.1
Link Type: TransNet Metric : 1 * Link ID: 10.0.1.1 Data
: 255.255.255.255
Link Type: StubNet Metric : 0 Priority : Medium
The LSA generated by R1 describes two network segments. The first network segment interconnects the three routers. The value of Link Type is TransNet, the value of Link ID is the interface IP address (10.0.123.2) of the DR, and the value of Data is the IP address (10.0.123.1) of the local interface on this network segment. The second network segment is the network segment where the loopback interface resides. The value of Link Type is StubNet, and the values of Link ID and Data are the IP address and subnet mask of the stub network segment respectively. View the details about the LSA generated by R2. [R2]dis ospf lsdb network self-originate
OSPF Process 1 with Router ID 10.0.2.2 Area: 0.0.0.0 Link State Database
HC Series
HUAWEI TECHNOLOGIES
29
HCNP-IERN Chapter 2 Implementing OSPF design structures Type
: Network
Ls id
: 10.0.123.2
Adv rtr
: 10.0.2.2
Ls age
: 1369
Len
: 36
Options
: E
seq#
: 8000000f
chksum
: 0xa7e
Net mask : 255.255.255.0 Priority : Low Attached Router
10.0.2.2
Attached Router
10.0.1.1
Attached Router
10.0.3.3
The Type 2 LSA describes the neighbor relationship information about the network segment where the DR resides.
Step 3 Observe relationships
how
routers
establish
neighbor
over Ethernet.
On the network segment 10.0.123.0/24, observe and analyze how the DR and BDR are elected, and check whether the same routers are elected as the DR and BDR when others carry out the experiment. Observe how the DR and BDR are elected on the network segment 10.0.123.0/24. [R1]display ospf peer
OSPF Process 1 with Router ID 10.0.1.1 Neighbors
Area 0.0.0.0 interface 10.0.123.1(GigabitEthernet0/0/0)'s neighbors Router ID: 10.0.2.2
Address: 10.0.123.2
State: Full Mode:Nbr is Master Priority: 1 DR: 10.0.123.2 BDR: 10.0.123.3 MTU: 0 Dead timer due in 40 sec Retrans timer interval: 5 Neighbor is up for 00:32:27 Authentication Sequence: [ 0 ]
Router ID: 10.0.3.3
Address: 10.0.123.3
State: Full Mode:Nbr is Master Priority: 1
30
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures DR: 10.0.123.2 BDR: 10.0.123.3 MTU: 0 Dead timer due in 33 sec Retrans timer interval: 3 Neighbor is up for 00:32:28 Authentication Sequence: [ 0 ]
The preceding information shows that the interface IP address of the DR is 10.0.123.2 on this network segment and the interface IP address of the BDR is 10.0.123.3. The elected DR and BDR may be different when different engineers carry out the experiment. This is because the DR is not preempted in OSPF. In other words, when a DR or BDR exists on the network, a newly deployed router cannot be elected as the DR or BDR. On a network, the router that first starts the OSPF process or connects to the network is the DR on the corresponding network segment, and others are the BDR and DROther routers. When the DR becomes faulty, the BDR functions as the DR. In the experiment, reset the OSPF process to observe how the DR role changes. Reset the OSPF process on R2. reset ospf process Warning: The OSPF process will be reset. Continue? [Y/N]:y
[R2]display ospf peer
OSPF Process 1 with Router ID 10.0.2.2 Neighbors
Area 0.0.0.0 interface 10.0.123.2(GigabitEthernet0/0/0)'s neighbors Router ID: 10.0.1.1
Address: 10.0.123.1
State: Full Mode:Nbr is Slave Priority: 1 DR: 10.0.123.3 BDR: 10.0.123.1 MTU: 0 Dead timer due in 33 sec Retrans timer interval: 4 Neighbor is up for 00:00:35 Authentication Sequence: [ 0 ]
Router ID: 10.0.3.3
Address: 10.0.123.3
State: Full Mode:Nbr is Master Priority: 1 DR: 10.0.123.3 BDR: 10.0.123.1 MTU: 0 Dead timer due in 33 sec Retrans timer interval: 5 Neighbor is up for 00:00:35
HC Series
HUAWEI TECHNOLOGIES
31
HCNP-IERN Chapter 2 Implementing OSPF design structures Authentication Sequence: [ 0 ]
After the OSPF process is reset on R2, the BDR (10.0.123.3) on this network segment becomes the new DR and the DROther router (10.0.123.1) becomes the new BDR. Disable G0/0/0 interface on R1, R2, and R3, and run the debugging ospf 1 event command to view the process of establishing OSPF neighbor relationships. Then enable this interface on R1, R2, and R3, at the same time if possible. Observe how the neighbor status changes on the broadcast multi-access network, and how the DR and BDR are elected. debugging ospf 1 event terminal debugging [R1]int GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]shut [R1-GigabitEthernet0/0/0]undo shut
Perform the same operations on R2 and R3 and view the debugging information about R3. The default interface priority of all routers is 1. The router ID is referenced during DR election. R3 has the largest router ID among the three routers and becomes the DR on the network segment. [R3-GigabitEthernet0/0/0]undo shutdown Nov 22 2011 18:41:50.990.3+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802c Line: 1268 Level: 0x20 OSPF 1: Intf 10.0.123.3 Rcv InterfaceUp State Down -> Waiting. Nov 22 2011 18:41:50.990.4+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802c Line: 1382 Level: 0x20 OSPF 1 Send Hello Interface Up on 10.0.123.3 Nov 22 2011 18:41:57.470.1+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802d Line: 1132 Level: 0x20 OSPF 1: Nbr 10.0.123.1 Rcv HelloReceived State Down -> Init. Nov 22 2011 18:41:57.480.1+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802d Line: 1728 Level: 0x20 OSPF 1: Nbr 10.0.123.1 Rcv 2WayReceived State Init -> 2Way. Nov 22 2011 18:41:59.510.3+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802d Line: 1132 Level: 0x20 OSPF 1: Nbr 10.0.123.2 Rcv HelloReceived State Down -> Init. Nov 22 2011 18:41:59.510.4+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802d Line: 1728 Level: 0x20 OSPF 1: Nbr 10.0.123.2 Rcv 2WayReceived State Init -> 2Way. Nov 22 2011 18:42:28.350.4+00:00 R3 RM/6/RMDEBUG:
32
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures FileID: 0xd017802d Line: 1728 Level: 0x20 OSPF 1: Nbr 10.0.123.1 Rcv AdjOk? State 2Way -> ExStart. Nov 22 2011 18:42:28.350.5+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802d Line: 1728 Level: 0x20 OSPF 1: Nbr 10.0.123.2 Rcv AdjOk? State 2Way -> ExStart. Nov 22 2011 18:42:28.350.6+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802c Line: 2045 Level: 0x20 OSPF 1 Send Hello Interface State Changed on 10.0.123.3 Nov 22 2011 18:42:28.350.7+00:00 R3 RM/6/RMDEBUG: FileID: 0xd017802c Line: 2056 Level: 0x20 OSPF 1: Intf 10.0.123.3 Rcv WaitTimer State Waiting -> DR.
After G0/0/0 interface is enabled, its status changes from Down to Waiting. Then the routers start to exchange Hello packets. After about 40 seconds, the status of G0/0/0 interface on R3 changes from Waiting to DR.
Step 4 Configure the network type of the OSPF loopback interface. Observe the two routes 10.0.2.2/32 and 10.0.3.3/32 in the routing table of R1. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Routes : 12
Proto Pre Cost
Flags NextHop
Interface
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.2/32
OSPF
10
1
D
10.0.123.2
10.0.3.3/32
OSPF
10
1
D
10.0.123.3
GigabitEthernet0/0/0 GigabitEthernet0/0/0
10.0.123.0/24
Direct 0
0
D
10.0.123.1
10.0.123.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
HC Series
HUAWEI TECHNOLOGIES
GigabitEthernet0/0/0
33
HCNP-IERN Chapter 2 Implementing OSPF design structures 255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The subnet masks of the loopback interfaces of both R2 and R3 contain 24 bits. Analyze why the subnet mask in the routing table contains 32 bits. Run the display ospf interface LoopBack 0 verbose command to view the OSPF status on interface LoopBack 0. [R1]display ospf interface LoopBack 0 verbose
OSPF Process 1 with Router ID 10.0.1.1 Interfaces
Interface: 10.0.1.1 (LoopBack0) Cost: 0
State: P-2-P
Type: P2P
MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1 IO Statistics Type
Input
Hello
0
0
DB Description
0
0
Link-State Req
0
0
0
0
0
0
Link-State Update Link-State Ack
Output
ALLSPF GROUP OpaqueId: 0
PrevState: Down
OSPF learns that the network segment where LoopBack 0 resides has only one IP address. Therefore, the subnet masks of the advertised routes contain 32 bits. Change the network type of LoopBack 0 on R2 to broadcast. In OSPF, a 24-bit subnet mask is used to advertise the network information about this interface. [R2]interface LoopBack 0 [R2-LoopBack0]ospf network-type broadcast
On R1, the route subnet masks of LoopBack 0 advertised by R2 contain 24 binary digits. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
34
Routes : 12
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Destination/Mask
Proto Pre Cost
Flags NextHop
Interface
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.0/24
OSPF
10
1
D
10.0.123.2
GigabitEthernet0/0/0
10.0.3.3/32
OSPF
10
1
D
10.0.123.3
GigabitEthernet0/0/0
0
D
10.0.123.1
GigabitEthernet0/0/0
10.0.123.0/24
Direct 0
10.0.123.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Run the display ospf interface LoopBack 0 verbose command to view the operating status of the LoopBack 0 interface. The command output shows that the network type of this interface is broadcast. [R2]display ospf interface LoopBack 0 verbose
OSPF Process 1 with Router ID 10.0.2.2 Interfaces
Interface: 10.0.2.2 (LoopBack0) Cost: 0
State: DR
Type: Broadcast
MTU: 1500
Priority: 1 Designated Router: 10.0.2.2 Backup Designated Router: 0.0.0.0 Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1 IO Statistics Type Hello
Input
Output
0
0
DB Description
0
0
Link-State Req
0
0
0
0
0
0
Link-State Update Link-State Ack ALLSPF GROUP ALLDR GROUP OpaqueId: 0
HC Series
PrevState: Waiting
HUAWEI TECHNOLOGIES
35
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 5 Change OSPF cost values of interfaces. On R1, view the cost value of the route to LoopBack 0 of R3. The cost value of the route to 10.0.3.3/32 is 1. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Routes : 12
Proto Pre Cost
Flags NextHop
Interface
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.0/24
OSPF
10
1
D
10.0.123.2
GigabitEthernet0/0/0
10.0.3.3/32
OSPF
10
1
D
10.0.123.3
GigabitEthernet0/0/0 GigabitEthernet0/0/0
10.0.123.0/24
Direct 0
0
D
10.0.123.1
10.0.123.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Change the cost value of G0/0/0 of R1 to 20 and that of R3 to 10. [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ospf cost 20
[R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]ospf cost 10
On R1, view the cost value of the route to LoopBack 0 of R3. The cost value of the route to 10.0.3.3/32 is 20. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
36
Routes : 12
Proto Pre Cost
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.0/24
OSPF
10
20
D
10.0.123.2
GigabitEthernet0/0/0
10.0.3.3/32
OSPF
10
20
D
10.0.123.3
GigabitEthernet0/0/0 GigabitEthernet0/0/0
10.0.123.0/24
Direct 0
0
D
10.0.123.1
10.0.123.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
On R3, view the cost value of the route destined for address 10.0.1.1/32. The command output shows that the cost value is 10. [R3]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Routes : 12
Proto Pre Cost
Flags NextHop
Interface
10.0.1.1/32
OSPF
10
10
D
10.0.123.1
GigabitEthernet0/0/0
10.0.2.0/24
OSPF
10
10
D
10.0.123.2
GigabitEthernet0/0/0
10.0.3.0/24
Direct 0
0
D
10.0.3.3
LoopBack0
10.0.3.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.0/24
Direct 0
0
D
10.0.123.3
GigabitEthernet0/0/0
10.0.123.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Different cost values can be configured at the two ends of a link. The cost values of a link take effect only for local devices.
HC Series
HUAWEI TECHNOLOGIES
37
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 6 Configure OSPF silent interfaces. Configure G0/0/0 of R1 as a silent interface. [R1]ospf 1 [R1-ospf-1]silent-interface GigabitEthernet 0/0/0
Observe neighbor relationships and learned routes on R1. It is found that the routes learned from OSPF do not exist in the routing table. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Routes : 12
Proto Pre Cost
Flags NextHop
Interface
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.0/24
Direct 0
0
D
10.0.123.1
10.0.123.1/32
Direct 0
0
D
127.0.0.1
GigabitEthernet0/0/0 InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
View the neighbor list of R1. The neighbor relationships between R1 and R2 and between R1 and R3 are interrupted. In RIP, an interface no longer sends RIP update messages after being configured as a silent interface. In OSPF, routers exchange routing information only after establishing neighbor relationships with each other. After an interface is configured as a silent interface, it no longer sends or receives Hello packets. As a result, neighbor relationships with other routers cannot be established through this interface. [R1]display ospf interface GigabitEthernet 0/0/0
OSPF Process 1 with Router ID 10.0.1.1 Interfaces
38
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Interface: 10.0.123.1 (GigabitEthernet0/0/0) Cost: 20
State: DR
Type: Broadcast
MTU: 1500
Priority: 10 Designated Router: 10.0.123.1 Backup Designated Router: 0.0.0.0 Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1 Silent interface, No hellos
Run the debugging ip packet command to view the packets received by R1. It is found that R1 discards an OSPF packet (protocol = 89) after receiving it. debugging ip packet Nov 23 2011 09:51:53.500.1+00:00 R1 IP/7/debug_case: Receiving, interface = GE0/0/0, version = 4, headlen = 20, tos = 192, pktlen = 68, pktid = 7272, offset = 0, ttl = 1, protocol = 89, checksum = 14129, s = 10.0.123.3, d = 224.0.0.5 prompt: Receiving IP packet from GE0/0/0
Nov 23 2011 09:51:53.500.2+00:00 R1 IP/7/debug_case: Receiving, interface = GigabitEthernet0/0/0, version = 4, headlen = 20, tos = 192, pktlen = 68, pktid = 7272, offset = 0, ttl = 1, protocol = 89, checksum = 14129, s = 10.0.123.3, d = 224.0.0.5 prompt: IP_ProcessByBoard Begin!
Nov 23 2011 09:51:53.500.3+00:00 R1 IP/7/debug_case: Discarding, interface = GE0/0/0, version = 4, headlen = 20, tos = 192, pktlen = 68, pktid = 7272, offset = 0, ttl = 1, protocol = 89, checksum = 14129, s = 10.0.123.3, d = 224.0.0.5 prompt: IP_Distribute: The packet was dropped by security application.
Restore G0/0/0 of R1 to its default state and configure LoopBack 0 interface as a silent interface for all the three routers. [R1]ospf 1 [R1-ospf-1]undo silent-interface GigabitEthernet0/0/0 [R1-ospf-1]silent-interface LoopBack 0
[R2]ospf 1 [R2-ospf-1]silent-interface LoopBack 0
HC Series
HUAWEI TECHNOLOGIES
39
HCNP-IERN Chapter 2 Implementing OSPF design structures
[R3]ospf 1 [R3-ospf-1]silent-interface LoopBack 0
Check the routing table of R1. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Routes : 12
Proto Pre Cost
Flags NextHop
Interface
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.2/24
OSPF
10
20
D
10.0.123.2
GigabitEthernet0/0/0
10.0.3.3/32
OSPF
10
20
D
10.0.123.3
GigabitEthernet0/0/0 GigabitEthernet0/0/0
10.0.123.0/24
Direct 0
0
D
10.0.123.1
10.0.123.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The preceding information shows that information about LoopBack 0 interface can be still advertised routes properly after loopback is configured as a silent interface.
Additional Exercises: Analyzing and Verifying The wildcard subnet mask 0.0.0.0 is used during OSPF configuration. In practice, the wildcard subnet mask 0.0.0.255 can also be used. Think about what are the differences between the two subnet masks. Figure out which types of interfaces must be configured as silent interfaces on live networks.
Final Configurations display current-configuration
40
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [V200R001C00SPC200] # sysname R1 # interface GigabitEthernet0/0/0 ip address 10.0.123.1 255.255.255.0 ospf cost 20 # interface LoopBack0 ip address 10.0.1.1 255.255.255.0 # ospf 1 router-id 10.0.1.1 silent-interface LoopBack0 area 0.0.0.0 authentication-mode simple plain huawei network 10.0.123.1 0.0.0.0 network 10.0.1.1 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface GigabitEthernet0/0/0 ip address 10.0.123.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.2.2 silent-interface LoopBack0 area 0.0.0.0 authentication-mode simple plain huawei network 10.0.123.2 0.0.0.0 network 10.0.2.2 0.0.0.0 # return
display current-configuration [V200R001C00SPC200]
HC Series
HUAWEI TECHNOLOGIES
41
HCNP-IERN Chapter 2 Implementing OSPF design structures # sysname R3 # interface GigabitEthernet0/0/0 ip address 10.0.123.3 255.255.255.0 ospf cost 10 # interface LoopBack0 ip address 10.0.3.3 255.255.255.0 # ospf 1 router-id 10.0.3.3 silent-interface LoopBack0 area 0.0.0.0 authentication-mode simple plain huawei network 10.0.123.3 0.0.0.0 network 10.0.3.3 0.0.0.0 # Return
42
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Lab 2-2 Multi-Area OSPF Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Configure a specified router ID.
•
Configure multi-area OSPF.
•
Configure route summarization among OSPF areas.
•
Configure OSPF reference bandwidth.
•
Configure OSPF to import external routes.
•
Conduct route summarization when OSPF imports external
routes. •
Import default routes to OSPF.
•
Change priorities of OSPF routes.
Topology
Figure 2-2 Multi-area OSPF
HC Series
HUAWEI TECHNOLOGIES
43
HCNP-IERN Chapter 2 Implementing OSPF design structures
Scenario Assume that you are a network administrator of a company that has five ARG3 routers, of which R1, R2, and R4 are in the headquarters and interconnected over Ethernet. R3 and R5 are in branches. R3 and R2, as well as R5 and R3, are connected through a dedicated line. Multi-area OSPF is enabled to avoid the flooding of link-state advertisements (LSAs) as the network is of a large scale. Loopback 0 interfaces and interconnection interfaces of R2 and R3 belong to area 0; the network segment interconnecting R3 and R5, and Loopback 0/1/2 of R5 belong to area 1; the network segments interconnecting R4, R1, and R2, and the Loopback 0 interfaces of R1 and R4 belong to area 2. Fixed IP addresses are used as router IDs to ensure that router IDs do not change. Automatic route summarization is enabled at area borders to improve routing and forwarding efficiency. R1 connects to external networks. Routes outside the OSPF areas are configured to be imported to the OSPF areas. R4 connects to the Internet. Therefore, a default route must be configured and imported to the OSPF areas so that all routers in these areas understand how to connect to the Internet. OSPF routes are classified into internal routes and external routes. The priorities of OSPF routes are changed to avoid risks. In OSPF, the metric value of specific routes is the sum of the cost values of all links that are passed to reach the target network. The cost value of a link is obtained by comparing the actual interface bandwidth with the reference bandwidth. For example, the reference bandwidth is 100 Mbit/s and the actual interface bandwidth may be 1000 Mbit/s. The metric is an integer. Therefore, the OSPF cost value is 1 for both FE and GE interfaces. The reference bandwidth is set to 10 Gbit/s to distinguish links. Network faults occur during device configuration. The faults are rectified using the display and debug commands.
44
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Tasks Step 1 Perform basic configurations and IP addressing. Configure IP addresses and subnet masks for all routers. The subnet masks of all loopback interfaces contain 24 bits to simulate an independent network segment. system-view Enter system view, return user view with Ctrl+Z. [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ip address 10.0.124.1 24 [R1-GigabitEthernet0/0/0]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 24 [R1-LoopBack0]interface LoopBack 1 [R1-LoopBack1]ip address 10.2.0.1 24 [R1-LoopBack1]interface LoopBack 2 [R1-LoopBack2]ip address 10.2.1.1 24
system-view Enter system view, return user view with Ctrl+Z. [R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.124.2 24 [R2-GigabitEthernet0/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 24 [R2-Serial2/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24
system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 24 [R3-Serial2/0/0]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 24 [R3-Serial3/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 24
system-view Enter system view, return user view with Ctrl+Z. [R4]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ip address 10.0.124.4 24 [R4-GigabitEthernet0/0/0]interface LoopBack 0
HC Series
HUAWEI TECHNOLOGIES
45
HCNP-IERN Chapter 2 Implementing OSPF design structures [R4-LoopBack0]ip address 10.0.4.4 24
system-view Enter system view, return user view with Ctrl+Z. [R5]interface Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 24 [R5-Serial1/0/0]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 24 [R5-LoopBack0]interface LoopBack 1 [R5-LoopBack1]ip address 10.1.0.1 24 [R5-LoopBack1]interface LoopBack 2 [R5-LoopBack2]ip address 10.1.1.1 24
Check the connectivity of direct links. [R2]ping -c 1 10.0.124.1 PING 10.0.124.1: 56 data bytes, press CTRL_C to break Reply from 10.0.124.1: bytes=56 Sequence=1 ttl=255 time=5 ms
--- 10.0.124.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 5/5/5 ms
[R2]ping -c 1 10.0.124.4 PING 10.0.124.4: 56 data bytes, press CTRL_C to break Reply from 10.0.124.4: bytes=56 Sequence=1 ttl=255 time=14 ms
--- 10.0.124.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 14/14/14 ms
[R2]ping -c 1 10.0.23.3 PING 10.0.23.3: 56 data bytes, press CTRL_C to break Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=41 ms
--- 10.0.23.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss
46
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures round-trip min/avg/max = 41/41/41 ms
[R3]ping -c 1 10.0.35.5 PING 10.0.35.5: 56 data bytes, press CTRL_C to break Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=255 time=38 ms
--- 10.0.35.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 38/38/38 ms
Step 2 Configure multi-area OSPF. Usually, router IDs are manually specified to ensure that they do not change. There are two methods of specifying the ID of an OSPF-enabled router. The first method is to run the router id command in the system view. [R1]router id 10.0.1.1
The second method is to add the router-id parameter when the OSPF process is started. [R1]ospf 1 router-id 10.0.1.1
If both methods are used to specify the ID of a router, the router ID specified using the second method takes effect. When a router must start multiple OSPF processes and each OSPF process requires a unique router ID, only the second method can be used to specify router IDs. On R1, configure Loopback 0 and GigabitEthernet 0/0/0 interfaces in area 2. Change the network type of the loopback interfaces in all OSPF areas to broadcast so that OSPF advertises actual subnet masks of the loopback interfaces. [R1]ospf 1 router-id 10.0.1.1 [R1-ospf-1]area 2 [R1-ospf-1-area-0.0.0.2]network 10.0.124.1 0.0.0.0 [R1-ospf-1-area-0.0.0.2]quit [R1-ospf-1]quit [R1]interface LoopBack 0 [R1-LoopBack0]ospf network-type broadcast
HC Series
HUAWEI TECHNOLOGIES
47
HCNP-IERN Chapter 2 Implementing OSPF design structures [R1-LoopBack0]quit
On R2, configure loopback 0 and Serial 2/0/0 in area 0, and GigabitEthernet 0/0/0 in area 2. [R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]quit [R2-ospf-1]area 2 [R2-ospf-1-area-0.0.0.2]network 10.0.124.2 0.0.0.0 [R2-ospf-1-area-0.0.0.2]quit [R2-ospf-1]quit [R2]interface LoopBack 0 [R2-LoopBack0]ospf network-type broadcast [R2-LoopBack0]quit
On R3, configure Loopback 0 and Serial 2/0/0 interfaces in area 0, and serial 3/0/0 in area 1. [R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]quit [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]network 10.0.35.3 0.0.0.0 [R3-ospf-1-area-0.0.0.1]quit [R3-ospf-1]quit [R3]interface LoopBack 0 [R3-LoopBack0]ospf network-type broadcast [R3-LoopBack0]quit
On R4, configure Loopback 0 and GigabitEthernet 0/0/0 interfaces in area 2. [R4]ospf 1 router-id 10.0.4.4 [R4-ospf-1]area 2 [R4-ospf-1-area-0.0.0.2]network 10.0.4.4 0.0.0.0 [R4-ospf-1-area-0.0.0.2]network 10.0.124.4 0.0.0.0 [R4-ospf-1-area-0.0.0.2]quit [R4-ospf-1]quit [R4]interface LoopBack 0
48
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R4-LoopBack0]ospf network-type broadcast [R4-LoopBack0]quit
On R5, configure all loopback interfaces and serial 1/0/0 in area 1. [R5]ospf 1 router-id 10.0.5.5 [R5-ospf-1]area 1 [R5-ospf-1-area-0.0.0.1]network 10.0.5.5 0.0.0.0 [R5-ospf-1-area-0.0.0.1]network 10.1.0.1 0.0.0.0 [R5-ospf-1-area-0.0.0.1]network 10.1.1.1 0.0.0.0 [R5-ospf-1-area-0.0.0.1]network 10.0.35.5 0.0.0.0 [R5-ospf-1-area-0.0.0.1]quit [R5-ospf-1]quit [R5]interface LoopBack 0 [R5-LoopBack0]ospf network-type broadcast [R5-LoopBack0]quit [R5]interface LoopBack 1 [R5-LoopBack1]ospf network-type broadcast [R5-LoopBack1]quit [R5]interface LoopBack 2 [R5-LoopBack2]ospf network-type broadcast [R5-LoopBack2]quit
View the routing table on R1. [R1]display ip routing-table Route Flags: R - relay, D - download to fib --------------------------------------------------------------------------Routing Tables: Public Destinations : 24
Destination/Mask
Routes : 24
Proto Pre Cost
Flags NextHop
Interface
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.0/24
OSPF
10
1
D
10.0.124.2
GigabitEthernet0/0/0
10.0.3.0/24
OSPF
10
1563
D
10.0.124.2
GigabitEthernet0/0/0
10.0.4.0/24
OSPF
10
1
D
10.0.124.4
GigabitEthernet0/0/0
10.0.5.0/24
OSPF
10
3125
D
10.0.124.2
GigabitEthernet0/0/0
10.0.23.0/24
OSPF
10
1563
D
10.0.124.2
GigabitEthernet0/0/0
10.0.35.0/24
OSPF
10
3125
D
10.0.124.2
GigabitEthernet0/0/0 GigabitEthernet0/0/0
10.0.124.0/24
Direct 0
0
D
10.0.124.1
10.0.124.1/32
Direct 0
0
D
127.0.0.1
HC Series
HUAWEI TECHNOLOGIES
InLoopBack0
49
HCNP-IERN Chapter 2 Implementing OSPF design structures 10.0.124.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.0.0/24
OSPF
10
3125
D
10.0.124.2
GigabitEthernet0/0/0
10.1.1.0/24
OSPF
10
3125
D
10.0.124.2
GigabitEthernet0/0/0
10.2.0.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.2.1.0/24
Direct 0
0
D
10.2.1.1
LoopBack2
10.2.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.2.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The routing table of R1 contains all routing entries on the network. On R1, test whether the routes to the loopback interfaces of other routers are reachable. [R1]ping -c 1 10.0.2.2 PING 10.0.2.2: 56 data bytes, press CTRL_C to break Reply from 10.0.2.2: bytes=56 Sequence=1 ttl=255 time=3 ms
--- 10.0.2.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 3/3/3 ms
[R1]ping -c 1 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=253 time=88 ms
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 88/88/88 ms
[R1]ping -c 1 10.0.4.4 PING 10.0.4.4: 56 data bytes, press CTRL_C to break Reply from 10.0.4.4: bytes=56 Sequence=1 ttl=255 time=3 ms
--- 10.0.4.4 ping statistics --1 packet(s) transmitted 1 packet(s) received
50
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures 0.00% packet loss round-trip min/avg/max = 3/3/3 ms
On R2, run the display ospf brief command to view basic OSPF information. [R2]display ospf brief
OSPF Process 1 with Router ID 10.0.2.2 OSPF Protocol Information
RouterID: 10.0.2.2
Border Router: AREA
Multi-VPN-Instance is not enabled Global DS-TE Mode: Non-Standard IETF Mode Graceful-restart capability: disabled Helper support capability : not configured Spf-schedule-interval: max 10000ms, start 500ms, hold 1000ms Default ASE parameters: Metric: 1 Tag: 1 Type: 2 Route Preference: 10 ASE Route Preference: 150 SPF Computation Count: 19 RFC 1583 Compatible Retransmission limitation is disabled Area Count: 2
Nssa Area Count: 0
ExChange/Loading Neighbors: 0
Area: 0.0.0.0 Authtype: None
Area flag: Normal
SPF scheduled Count: 19 ExChange/Loading Neighbors: 0
Interface: 10.0.2.2 (LoopBack0) Cost: 0
State: DR
Type: Broadcast
MTU: 1500
Priority: 1 Designated Router: 10.0.2.2 Backup Designated Router: 0.0.0.0 Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Interface: 10.0.23.2 (Serial2/0/0) --> 10.0.23.3 Cost: 1562
State: P-2-P
Type: P2P
MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Area: 0.0.0.2
HC Series
HUAWEI TECHNOLOGIES
51
HCNP-IERN Chapter 2 Implementing OSPF design structures Authtype: None
Area flag: Normal
SPF scheduled Count: 17 ExChange/Loading Neighbors: 0
Interface: 10.0.124.2 (GigabitEthernet0/0/0) Cost: 1
State: BDR
Type: Broadcast
MTU: 1500
Priority: 1 Designated Router: 10.0.124.1 Backup Designated Router: 10.0.124.2 Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
In the preceding information, Border Router: AREA indicates that this router is an area border router (ABR). The value is blank if the router is an intra-domain router. The value is AS if the router is an ASBR. The router has three interfaces involved in OSPF calculation. The network type of the Loopback 0 interface has been changed to Broadcast manually. The encapsulation type of Serial 2/0/0 is PPP. Therefore, the default network type is PPP. GigabitEthernet 0/0/0 connects to area 2 and the network type is broadcast. On R2, run the display ospf peer brief command to view the OSPF neighbor relationships between routers. R2 has one neighbor 10.0.3.3 in area 0 and two neighbors (10.0.1.1 and 10.0.4.4) in area 2. Adjacencies are established between R2 and all its neighbors, which is called Full adjacency. [R2]display ospf peer brief
OSPF Process 1 with Router ID 10.0.2.2 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.0
Serial2/0/0
10.0.3.3
Full
0.0.0.2
GigabitEthernet0/0/0
10.0.1.1
Full
0.0.0.2
GigabitEthernet0/0/0
10.0.4.4
Full
----------------------------------------------------------------------------
On R2, run the display ospf lsdb command to view OSPF database information. R2 has two link state databases (LSDBs) to respectively describe the routes in area 0 and area 2 because it is an ABR. [R2]display ospf lsdb
52
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures OSPF Process 1 with Router ID 10.0.2.2 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.3.3
10.0.3.3
788 60
80000008
0
Router
10.0.2.2
10.0.2.2
869 60
80000008
0
Sum-Net
10.0.35.0
10.0.3.3
846 28
80000002
1562
Sum-Net
10.0.124.0
10.0.2.2
1259 28
80000002
1
Sum-Net
10.1.1.0
10.0.3.3
1565 28
80000001
1562
Sum-Net
10.0.5.0
10.0.3.3
1594 28
80000001
1562
Sum-Net
10.1.0.0
10.0.3.3
1584 28
80000001
1562
Sum-Net
10.0.4.0
10.0.2.2
538 28
80000002
1
Area: 0.0.0.2 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.4.4
10.0.4.4
504 48
80000008
1
Router
10.0.2.2
10.0.2.2
558 36
80000006
1
Router
10.0.1.1
10.0.1.1
568 60
80000011
1
Network
10.0.124.1
10.0.1.1
559 36
80000005
0
Sum-Net
10.0.35.0
10.0.2.2
846 28
80000002
3124
Sum-Net
10.0.3.0
10.0.2.2
830 28
80000002
1562
Sum-Net
10.0.2.0
10.0.2.2
1249 28
80000002
0
Sum-Net
10.1.1.0
10.0.2.2
1565 28
80000001
3124
Sum-Net
10.0.5.0
10.0.2.2
1595 28
80000001
3124
Sum-Net
10.1.0.0
10.0.2.2
1584 28
80000001
3124
Sum-Net
10.0.23.0
10.0.2.2
1261 28
80000002
1562
Step 3 Configure route summarization between OSPF areas. View the routing tables of R2 and R3. [R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 8
Routes : 8
OSPF routing table status : Destinations : 8
Destination/Mask
HC Series
Routes : 8
Proto Pre Cost
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
53
HCNP-IERN Chapter 2 Implementing OSPF design structures
10.0.3.0/24 OSPF
10
1562
D
10.0.23.3
Serial2/0/0
10.0.4.0/24 OSPF
10
1
D
10.0.124.4
10.0.5.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
10.0.35.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
10.1.0.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
10.1.1.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
[R3]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 8
Routes : 8
OSPF routing table status : Destinations : 8
Destination/Mask
Proto
Routes : 8
Pre Cost
Flags NextHop
Interface
10.0.2.0/24
OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.4.0/24
OSPF
10
1563
D
10.0.23.2
Serial2/0/0
10.0.5.0/24
OSPF
10
1562
D
10.0.35.5
Serial3/0/0
10.0.124.0/24
OSPF
10
1563
D
10.0.23.2
Serial2/0/0
10.1.0.0/24
OSPF
10
1562
D
10.0.35.5
Serial3/0/0
10.1.1.0/24
OSPF
10
1562
D
10.0.35.5
Serial3/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The two routes 10.1.0.0/24 and 10.1.1.0/24 are provided as specific routes. Information about such routes can be summarized and forwarded to other OSPF areas. This reduces the routing entries in routing tables of routers in other areas and minimizes the possibility of route flapping. On R3, run the abr-summary command to summarize the routes on the network segment of Loopback1 and Loopback2 of R5. [R3]ospf 1 [R3-ospf-1]area 1
54
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R3-ospf-1-area-0.0.0.1]abr-summary 10.1.0.0 255.255.254.0
View summarized routing information on R2 and R3. [R3]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 8
Routes : 8
OSPF routing table status : Destinations : 8
Destination/Mask
Routes : 8
Proto
Pre Cost
Flags NextHop
Interface
10.0.2.0/24
OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.4.0/24
OSPF
10
1563
D
10.0.23.2
Serial2/0/0
10.0.5.0/24
OSPF
10
1562
D
10.0.35.5
Serial3/0/0
10.0.124.0/24
OSPF
10
1563
D
10.0.23.2
Serial2/0/0
10.1.0.0/24
OSPF
10
1562
D
10.0.35.5
Serial3/0/0
10.1.1.0/24
OSPF
10
1562
D
10.0.35.5
Serial3/0/0
OSPF routing table status : Destinations : 0
Routes : 0
[R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
Proto
Routes : 7
Pre Cost
Flags NextHop
Interface
10.0.3.0/24 OSPF
10
1562
D
10.0.23.3
Serial2/0/0
10.0.4.0/24 OSPF
10
1
D
10.0.124.4
10.0.5.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
10.0.35.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
10.1.0.0/23 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
GigabitEthernet0/0/0
OSPF routing table status :
HC Series
HUAWEI TECHNOLOGIES
55
HCNP-IERN Chapter 2 Implementing OSPF design structures Destinations : 0
Routes : 0
The preceding information shows that the two routes are provided as specific routes in the routing table of R3, and only the summarized route 10.1.0.0/23 exists in the routing table of R2. Test whether the routes from other routers to 10.1.0.0/24 and 10.1.1.0/24 are reachable. [R1]ping -c 1 10.1.0.1 PING 10.1.0.1: 56 data bytes, press CTRL_C to break Reply from 10.1.0.1: bytes=56 Sequence=1 ttl=253 time=66 ms
--- 10.1.0.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 66/66/66 ms
[R1]ping -c 1 10.1.1.1 PING 10.1.1.1: 56 data bytes, press CTRL_C to break Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=253 time=66 ms
--- 10.1.1.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 66/66/66 ms
[R2]ping -c 1 10.1.0.1 PING 10.1.0.1: 56 data bytes, press CTRL_C to break Reply from 10.1.0.1: bytes=56 Sequence=1 ttl=254 time=69 ms
--- 10.1.0.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 69/69/69 ms
[R3]ping -c 1 10.1.0.1 PING 10.1.0.1: 56 data bytes, press CTRL_C to break Reply from 10.1.0.1: bytes=56 Sequence=1 ttl=255 time=29 ms
56
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures --- 10.1.0.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 29/29/29 ms
Step 4 Change the reference bandwidth of OSPF. GE and even 10 GE networks may be used in practice. Because the default OSPF reference bandwidth is 100 Mbit/s and the cost values of interfaces are integers, OSPF cannot distinguish FE and GE networks based on the bandwidth. On R2, change the OSPF reference bandwidth to 10 Gbit/s. Run the bandwidth-reference command to change the reference bandwidth. Note that the unit of bandwidth is Mbit/s. [R2-ospf-1]bandwidth-reference 10000
On R2, view OSPF neighbor relationships and learned routes. The cost values have changed in the routing table. [R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
Proto
Routes : 7
Pre Cost
Flags NextHop
Interface
10.0.3.0/24 OSPF
10
65535
D
10.0.23.3
Serial2/0/0
10.0.4.0/24 OSPF
10
100
D
10.0.124.4
10.0.5.0/24 OSPF
10
67097
D
10.0.23.3
Serial2/0/0
10.0.35.0/24 OSPF
10
67097
D
10.0.23.3
Serial2/0/0
10.1.0.0/23 OSPF
10
67097
D
10.0.23.3
Serial2/0/0
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The OSPF reference bandwidth must be the same across OSPF areas; HC Series
HUAWEI TECHNOLOGIES
57
HCNP-IERN Chapter 2 Implementing OSPF design structures
otherwise, OSPF cannot work properly. Change the OSPF reference bandwidth to 10 Gbit/s for all routers. [R1-ospf-1]bandwidth-reference 10000 [R3-ospf-1]bandwidth-reference 10000 [R4-ospf-1]bandwidth-reference 10000 [R5-ospf-1]bandwidth-reference 10000
On R2, view the neighbor list and routing table to check whether the OSPF neighbor relationships and routing information are correct. [R2]display ospf peer brief
OSPF Process 1 with Router ID 10.0.2.2 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.0
Serial2/0/0
10.0.3.3
Full
0.0.0.2
GigabitEthernet0/0/0
10.0.1.1
Full
0.0.0.2
GigabitEthernet0/0/0
10.0.4.4
Full
----------------------------------------------------------------------------
[R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
Proto
Routes : 7
Pre Cost
Flags NextHop
Interface
10.0.3.0/24 OSPF
10
65535
D
10.0.23.3
Serial2/0/0
10.0.4.0/24 OSPF
10
100
D
10.0.124.4
10.0.5.0/24 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.0.35.0/24 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.1.0.0/23 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The preceding information shows that the routing information is
58
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
correct. You can test the network connectivity.
Step 5 Summarize direct routes and import them to OSPF areas. The Loopback1 and Loopback2 interfaces of R1 do not belong to any OSPF areas. Import these two routes to OSPF areas and conduct route summarization on R1. [R1]ospf [R1-ospf-1]import-route direct [R1-ospf-1]asbr-summary 10.2.0.0 255.255.254.0
View information about external routes on R1. [R1]display ospf lsdb ase 10.2.0.0
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Type
: External
Ls id
: 10.2.0.0
Adv rtr
: 10.0.1.1
Ls age
: 293
Len
: 36
Options
: E
seq#
: 80000001
chksum
: 0x2b6
Net mask : 255.255.254.0 TOS 0 Metric: 2 E type
: 2
Forwarding Address : 0.0.0.0 Tag
: 1
Priority : Low
R1 advertises the network segment 10.2.0.0 to other routers through a Type5 LSA and the subnet mask is 255.255.254.0. View summarized route information on other routers and test network connectivity. [R2]display ip routing-table protocol ospf
HC Series
HUAWEI TECHNOLOGIES
59
HCNP-IERN Chapter 2 Implementing OSPF design structures Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
Routes : 7
Proto
Pre Cost
Flags NextHop
Interface
GigabitEthernet0/0/0
10.0.1.0/24 O_ASE
150 1
D
10.0.124.1
10.0.3.0/24 OSPF
10
65535
D
10.0.23.3
10.0.4.0/24 OSPF
10
100
D
10.0.124.4
10.0.5.0/24 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.0.35.0/24 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.1.0.0/23 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.2.0.0/23 O_ASE
150 2
D
10.0.124.1
Serial2/0/0 GigabitEthernet0/0/0
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
[R2]ping -c 1 10.2.0.1 PING 10.2.0.1: 56 data bytes, press CTRL_C to break Reply from 10.2.0.1: bytes=56 Sequence=1 ttl=255 time=2 ms
--- 10.2.0.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/2 ms
[R2]ping -c 1 10.2.1.1 PING 10.2.1.1: 56 data bytes, press CTRL_C to break Reply from 10.2.1.1: bytes=56 Sequence=1 ttl=255 time=2 ms
--- 10.2.1.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/2 ms
A summarized route with a 23-digit subnet mask is found on R2.
60
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Disable the Loopback2 interface on R1 and then view routing entries on R2. The summarized route still exists after the Loopback2 interface is disabled. [R1]undo interface LoopBack 2
[R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
Proto
Routes : 7
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 O_ASE
150 1
D
10.0.124.1
GigabitEthernet0/0/0
10.0.3.0/24 OSPF
10
65535
D
10.0.23.3
10.0.4.0/24 OSPF
10
100
D
10.0.124.4
10.0.5.0/24 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.0.35.0/24 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.1.0.0/23 OSPF
10
131070
D
10.0.23.3
10.2.0.0/23 O_ASE
150 2
D
10.0.124.1
Serial2/0/0 GigabitEthernet0/0/0
Serial2/0/0 GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
Enable R5 to send Tracert packets to 10.2.1.1. tracert 10.2.1.1 traceroute to 10.2.1.1(10.2.1.1), max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.0.35.3 62 ms 28 ms 27 ms 2 10.0.23.2 54 ms 58 ms 57 ms 3 * * * ...
After the Loopback2 interface on R1 is disabled, packets bound for this interface are still forwarded by R2 and R3 and are discarded after arriving at R1.
HC Series
HUAWEI TECHNOLOGIES
61
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 6 Import default routes to OSPF. The Loopback 0 interface of R4 connects to the Internet. On R4, configure a default route whose next hop points to the Loopback 0 interface. [R4]ip route-static 0.0.0.0 0.0.0.0 LoopBack 0
Import this default route to OSPF areas, with the type set to 1, cost value set to 10, and import always enabled. [R4]ospf 1 [R4-ospf-1]default-route-advertise always type 1
On R2, view the default route learning status. R2 learns a default route through a Type5 LSA. The next hop of this route is the interface IP address of R4. [R2]dis ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 8
Routes : 8
OSPF routing table status : Destinations : 8
Routes : 8
Destination/Mask
Proto
Pre Cost
Flags NextHop
Interface
0.0.0.0/0
O_ASE
150 101
D
10.0.124.4
GigabitEthernet0/0/0
10.0.1.0/24 O_ASE
150 1
D
10.0.124.1
GigabitEthernet0/0/0
10.0.3.0/24 OSPF
10
65535
D
10.0.23.3
10.0.4.0/24 OSPF
10
100
D
10.0.124.4
10.0.5.0/24 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.0.35.0/24 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.1.0.0/23 OSPF
10
131070
D
10.0.23.3
Serial2/0/0
10.2.0.0/23 O_ASE
150 2
D
10.0.124.1
Serial2/0/0 GigabitEthernet0/0/0
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
Test whether the route from R5 to 10.0.4.4 is reachable. [R5]ping -c 1 10.0.4.4
62
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures PING 10.0.4.4: 56 data bytes, press CTRL_C to break Reply from 10.0.4.4: bytes=56 Sequence=1 ttl=253 time=78 ms
--- 10.0.4.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 78/78/78 ms
Step 7 Change the priorities of two types of OSPF routes. View the routing table of R1 and observe the priorities of different types of OSPF routes. [R1]dis ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 8
Routes : 8
OSPF routing table status : Destinations : 8
Destination/Mask
0.0.0.0/0
Proto
O_ASE
Routes : 8
Pre Cost
Flags NextHop
Interface
150 101
D
10.0.124.4
GigabitEthernet0/0/0
10.0.2.0/24 OSPF
10
100
D
10.0.124.2
GigabitEthernet0/0/0
10.0.3.0/24 OSPF
10
65635
D
10.0.124.2
GigabitEthernet0/0/0
10.0.4.0/24 OSPF
10
100
D
10.0.124.4
GigabitEthernet0/0/0
10.0.5.0/24 OSPF
10
131170
D
10.0.124.2
GigabitEthernet0/0/0
10.0.23.0/24 OSPF
10
65635
D
10.0.124.2
GigabitEthernet0/0/0
10.0.35.0/24 OSPF
10
131170
D
10.0.124.2
GigabitEthernet0/0/0
10.1.0.0/23 OSPF
10
131170
D
10.0.124.2
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
By default, the priority of the internal OSPF routes found within an OSPF area or between OSPF areas is 10. The priority of OSPF external routes is 150. Change the priority of the internal OSPF routes to 20 for R1 and R4,
HC Series
HUAWEI TECHNOLOGIES
63
HCNP-IERN Chapter 2 Implementing OSPF design structures
and the priority of OSPF external routes to 50. [R1]ospf [R1-ospf-1]preference 20 [R1-ospf-1]preference ase 50
[R4]ospf [R4-ospf-1]preference 20 [R4-ospf-1]preference ase 50
Check that the priorities of internal and external routes in the routing table have been changed successfully. [R1]dis ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 8
Routes : 8
OSPF routing table status : Destinations : 8
Routes : 8
Destination/Mask
Proto
Pre Cost
Flags NextHop
Interface
0.0.0.0/0
O_ASE
50
101
D
10.0.124.4
GigabitEthernet0/0/0
10.0.2.0/24 OSPF
20
100
D
10.0.124.2
GigabitEthernet0/0/0
10.0.3.0/24 OSPF
20
65635
D
10.0.124.2
GigabitEthernet0/0/0
10.0.4.0/24 OSPF
20
100
D
10.0.124.4
GigabitEthernet0/0/0
10.0.5.0/24 OSPF
20
131170
D
10.0.124.2
GigabitEthernet0/0/0
10.0.23.0/24 OSPF
20
65635
D
10.0.124.2
GigabitEthernet0/0/0
10.0.35.0/24 OSPF
20
131170
D
10.0.124.2
GigabitEthernet0/0/0
10.1.0.0/23 OSPF
20
131170
D
10.0.124.2
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The route priority takes effect only for local devices and represents the preference of routes learned locally by various means. The routes of routers in an OSPF area may have different priorities.
Additional Exercises: Analyzing and Verifying Why is the default route configured to be always advertised in step 6? 64
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
What are the advantages and disadvantages?
Route summarization has strong points and drawbacks. Sum up the strong points and drawbacks of route summarization and analyze how to avoid these drawbacks.
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface GigabitEthernet0/0/0 ip address 10.0.124.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.0 ospf network-type broadcast # interface LoopBack1 ip address 10.2.0.1 255.255.255.0 # ospf 1 router-id 10.0.1.1 asbr-summary 10.2.0.0 255.255.254.0 import-route direct preference 20 preference ase 50 bandwidth-reference 10000 area 0.0.0.2 network 10.0.124.1 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial2/0/0 link-protocol ppp
HC Series
HUAWEI TECHNOLOGIES
65
HCNP-IERN Chapter 2 Implementing OSPF design structures ip address 10.0.23.2 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.124.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.2.2 bandwidth-reference 10000 area 0.0.0.0 network 10.0.23.2 0.0.0.0 network 10.0.2.2 0.0.0.0 area 0.0.0.2 network 10.0.124.2 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.3.3 bandwidth-reference 10000 area 0.0.0.0 network 10.0.3.3 0.0.0.0 network 10.0.23.3 0.0.0.0 area 0.0.0.1 abr-summary 10.1.0.0 255.255.254.0
66
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures network 10.0.35.3 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface GigabitEthernet0/0/0 ip address 10.0.124.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.4.4 default-route-advertise always type 1 preference 20 preference ase 50 bandwidth-reference 10000 area 0.0.0.2 network 10.0.4.4 0.0.0.0 network 10.0.124.4 0.0.0.0 # ip route-static 0.0.0.0 0.0.0.0 LoopBack0 # return
display current-configuration [V200R001C00SPC200] # sysname R5 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.0 ospf network-type broadcast # interface LoopBack1
HC Series
HUAWEI TECHNOLOGIES
67
HCNP-IERN Chapter 2 Implementing OSPF design structures ip address 10.1.0.1 255.255.255.0 ospf network-type broadcast # interface LoopBack2 ip address 10.1.1.1 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.5.5 bandwidth-reference 10000 area 0.0.0.1 network 10.0.5.5 0.0.0.0 network 10.1.0.1 0.0.0.0 network 10.1.1.1 0.0.0.0 network 10.0.35.5 0.0.0.0 # Return
68
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Lab 2-3 OSPF Adjacency Relationships and Various Types of LSAs Learning Objectives The objectives of this lab are to learn and understand: •
Process of establishing neighbor relationships over Ethernet
•
Method of intervening in DR election in OSPF
•
Content of five types of LSAs and their functions
•
Exchange of LSR, LSU, and LSAck packets in OSPF
Topology
Figure 2-3 OSPF adjacency relationships and various types of LSAs
HC Series
HUAWEI TECHNOLOGIES
69
HCNP-IERN Chapter 2 Implementing OSPF design structures
Scenario Assume that you are a network administrator of a company that has five ARG3 routers, of which R1, R2, R3, and R4 are in the headquarters and interconnected over Ethernet. R5 is in a branch and connects to R3 through a dedicated line. Multi-area OSPF is enabled to avoid the flooding of LSAs as the network is of a large scale. The Loopback 0 interface of R1 belongs to area 2. The Loopback 0 interfaces of R2, R3, and R4, and network segment 10.1.234.0/24 belong to area 0. The network segment interconnecting R3 and R5 belongs to area 1. The Loopback 0 interface of R5 belongs to a network outside OSPF areas. Fixed IP addresses are used as router IDs to ensure that router IDs do not change. Manual intervention is required in the election of the DR and BDR on the network segment where R4 interconnects with R1, R2, and R3. In practice, configure R3 as the designated router (DR), R2 as the backup designated router (BDR), and R4 as the DROther router.
Tasks Step 1 Perform basic configurations and IP addressing. Configure IP addresses and subnet masks for all routers. The subnet masks of all loopback interfaces contain 24 bits to simulate an independent network segment. system-view Enter system view, return user view with Ctrl+Z. [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ip address 10.1.234.1 24 [R1-GigabitEthernet0/0/0]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 24
system-view Enter system view, return user view with Ctrl+Z. [R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.1.234.2 24
70
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R2-GigabitEthernet0/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24
system-view Enter system view, return user view with Ctrl+Z. [R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]ip address 10.1.234.3 24 [R3-GigabitEthernet0/0/0]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 24 [R3-Serial3/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 24
system-view Enter system view, return user view with Ctrl+Z. [R4]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ip address 10.1.234.4 24 [R4-GigabitEthernet0/0/0]interface LoopBack 0 [R4-LoopBack0]ip address 10.0.4.4 24
system-view Enter system view, return user view with Ctrl+Z. [R5]interface Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 24 [R5-Serial1/0/0]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 24
Check the connectivity of direct links. [R1]ping -c 1 10.1.234.2 PING 10.1.234.2: 56 data bytes, press CTRL_C to break Reply from 10.1.234.2: bytes=56 Sequence=1 ttl=255 time=13 ms
--- 10.1.234.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 13/13/13 ms
[R1]ping -c 1 10.1.234.4 PING 10.1.234.4: 56 data bytes, press CTRL_C to break Reply from 10.1.234.4: bytes=56 Sequence=1 ttl=255 time=6 ms
--- 10.1.234.4 ping statistics ---
HC Series
HUAWEI TECHNOLOGIES
71
HCNP-IERN Chapter 2 Implementing OSPF design structures 1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 6/6/6 ms
[R3]ping -c 1 10.1.234.1 PING 10.1.234.1: 56 data bytes, press CTRL_C to break Reply from 10.1.234.1: bytes=56 Sequence=1 ttl=255 time=13 ms
--- 10.1.234.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 13/13/13 ms
[R3]ping -c 1 10.0.35.5 PING 10.0.35.5: 56 data bytes, press CTRL_C to break Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=255 time=32 ms
--- 10.0.35.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 32/32/32 ms
Step 2 Configure multi-area OSPF. On R1, configure GigabitEthernet 0/0/0 in area 0, and Loopback 0 interface in area 2. Change the network type of the loopback interfaces in all OSPF areas to broadcast to help OSPF advertise actual subnet masks of the loopback interfaces. [R1]ospf 1 router-id 10.0.1.1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.1.234.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]area 2 [R1-ospf-1-area-0.0.0.2]network 10.0.1.1 0.0.0.0 [R1-ospf-1-area-0.0.0.2]interface LoopBack 0 [R1-LoopBack0]ospf network-type broadcast
All interfaces of R2 and R4 belong to area 0.
72
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.1.234.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]interface LoopBack 0 [R2-LoopBack0]ospf network-type broadcast
[R4]ospf 1 router-id 10.0.4.4 [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.1.234.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]interface LoopBack 0 [R4-LoopBack0]ospf network-type broadcast
On R3, configure Loopback 0 and GigabitEthernet 0/0/0 interfaces to belong to area 0, and serial 3/0/0 to belong to area 2. [R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.1.234.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]area 1 [R3-ospf-1-area-0.0.0.1]network 10.0.35.3 0.0.0.0 [R3-ospf-1-area-0.0.0.1]interface LoopBack 0 [R3-LoopBack0]ospf network-type broadcast [R3-LoopBack0]quit
On R5, configure serial 1/0/0 to belong to area 1, and Loopback 0 not to belong to any OSPF area. [R5]ospf 1 router-id 10.0.5.5 [R5-ospf-1]area 1 [R5-ospf-1-area-0.0.0.1]network 10.0.35.5 0.0.0.0
View the routing table on R1. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 14
Destination/Mask
HC Series
Proto
Routes : 14
Pre Cost
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
73
HCNP-IERN Chapter 2 Implementing OSPF design structures 10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.0/24
OSPF
10
1
D
10.1.234.2
GigabitEthernet0/0/0
10.0.3.0/24
OSPF
10
1
D
10.1.234.3
GigabitEthernet0/0/0
10.0.4.0/24
OSPF
10
1
D
10.1.234.4
GigabitEthernet0/0/0
10.0.35.0/24
OSPF
10
1563
D
10.1.234.3
GigabitEthernet0/0/0 GigabitEthernet0/0/0
10.1.234.0/24
Direct 0
0
D
10.1.234.1
10.1.234.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.234.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The routing table on R1 contains all routes of the entire network except the routes of 10.0.5.5/24 that are not advertised to OSPF areas. Test the network connectivity. [R1]ping -c 1 10.0.2.2 PING 10.0.2.2: 56 data bytes, press CTRL_C to break Reply from 10.0.2.2: bytes=56 Sequence=1 ttl=255 time=2 ms
--- 10.0.2.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/2 ms
[R1]ping -c 1 10.0.4.4 PING 10.0.4.4: 56 data bytes, press CTRL_C to break Reply from 10.0.4.4: bytes=56 Sequence=1 ttl=255 time=3 ms
--- 10.0.4.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 3/3/3 ms
[R3]ping -c 1 10.0.1.1 PING 10.0.1.1: 56 data bytes, press CTRL_C to break Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=255 time=3 ms
74
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures --- 10.0.1.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 3/3/3 ms
Run the display ospf brief command to view basic OSPF information. R1 is an area border router (ABR) because its Loopback 0 is in area 2. The network to which GigabitEthernet 0/0/0 of R1 connects is a broadcast network and R1 is the DR on this network segment. [R1]display ospf brief
OSPF Process 1 with Router ID 10.0.1.1 OSPF Protocol Information
RouterID: 10.0.1.1
Border Router: AREA
Multi-VPN-Instance is not enabled Global DS-TE Mode: Non-Standard IETF Mode Graceful-restart capability: disabled Helper support capability : not configured Spf-schedule-interval: max 10000ms, start 500ms, hold 1000ms Default ASE parameters: Metric: 1 Tag: 1 Type: 2 Route Preference: 10 ASE Route Preference: 150 SPF Computation Count: 26 RFC 1583 Compatible Retransmission limitation is disabled Area Count: 2
Nssa Area Count: 0
ExChange/Loading Neighbors: 0
Area: 0.0.0.0 Authtype: None
Area flag: Normal
SPF scheduled Count: 26 ExChange/Loading Neighbors: 0
Interface: 10.1.234.1 (GigabitEthernet0/0/0) Cost: 1
State: DR
Type: Broadcast
MTU: 1500
Priority: 1 Designated Router: 10.1.234.1 Backup Designated Router: 10.1.234.2 Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
HC Series
HUAWEI TECHNOLOGIES
75
HCNP-IERN Chapter 2 Implementing OSPF design structures Area: 0.0.0.2 Authtype: None
Area flag: Normal
SPF scheduled Count: 25 ExChange/Loading Neighbors: 0
Interface: 10.0.1.1 (LoopBack0) Cost: 0
State: DR
Type: Broadcast
MTU: 1500
Priority: 1 Designated Router: 10.0.1.1 Backup Designated Router: 0.0.0.0 Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Run the display ospf peer brief command to view the OSPF neighbor relationships between routers. As the DR, R1 establishes adjacency relationships with all routers on this network segment. View neighbor relationships on R3. A neighbor relationship instead of an adjacency relationship is established between R3 and R4. [R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
0.0.0.0
GigabitEthernet0/0/0
0.0.0.0
GigabitEthernet0/0/0
10.0.3.3
Full
0.0.0.0
GigabitEthernet0/0/0
10.0.4.4
Full
10.0.2.2
State Full
----------------------------------------------------------------------------
[R3]display ospf peer brief
OSPF Process 1 with Router ID 10.0.3.3 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.0
GigabitEthernet0/0/0
10.0.1.1
Full
0.0.0.0
GigabitEthernet0/0/0
10.0.2.2
Full
0.0.0.0
GigabitEthernet0/0/0
10.0.4.4
2-Way
0.0.0.1
Serial3/0/0
10.0.5.5
Full
----------------------------------------------------------------------------
On R5, run the display ospf lsdb command to view the OSPF link
76
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
state database (LSDB). [R5]display ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5 Link State Database
Area: 0.0.0.1 Type
LinkState ID
AdvRouter
Router
10.0.5.5
10.0.5.5
Age Len 1182 48
Sequence
Metric
80000002
1562
Router
10.0.3.3
10.0.3.3
1183 48
80000002
1562
Sum-Net
10.0.3.0
10.0.3.3
1429 28
80000001
0
Sum-Net
10.0.2.0
10.0.3.3
1429 28
80000001
1
Sum-Net
10.0.1.0
10.0.3.3
1429 28
80000001
1
Sum-Net
10.1.234.0
10.0.3.3
1429 28
80000001
1
Sum-Net
10.0.4.0
10.0.3.3
1430 28
80000001
1
Area 1 has only two routers. Therefore, the LSDB of R5 contains only two Type1 LSAs. The other five Type3 LSAs are inter-area routes advertised by R3 to R5. On R2, run the display ospf lsdb command to view OSPF database information. [R2]display ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Age Len
Sequence
Router
10.0.3.3
10.0.3.3
4 48
80000009
1
Router
10.0.4.4
10.0.4.4
150 48
80000009
1
Router
10.0.2.2
10.0.2.2
149 48
8000000C
1
Router
10.0.1.1
10.0.1.1
149 36
8000000B
1
Network
10.1.234.1
10.0.1.1
149 40
80000007
0
Sum-Net
10.0.35.0
10.0.3.3
1790 28
80000001
Sum-Net
10.0.1.0
10.0.1.1
817 28
80000002
Metric
1562 0
R2 contains four Type1 LSAs and one Type2 LSA. GigabitEthernet 0/0/0 of R2 connects to a broadcast network. The DR on this network generates a Type2 LSA to describe all its neighbors. The AdvRouter field indicates that this LSA is generated by R1 as expected. On R1, run the display ospf lsdb command to view OSPF database HC Series
HUAWEI TECHNOLOGIES
77
HCNP-IERN Chapter 2 Implementing OSPF design structures
information. [R1]display ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Age Len
Sequence
Router
10.0.3.3
10.0.3.3
447 48
80000009
Metric 1
Router
10.0.4.4
10.0.4.4
592 48
80000009
1
Router
10.0.2.2
10.0.2.2
592 48
8000000C
1
Router
10.0.1.1
10.0.1.1
591 36
8000000B
1
Network
10.1.234.1
10.0.1.1
591 40
80000007
0
Sum-Net
10.0.35.0
10.0.3.3
434 28
80000002
1562
Sum-Net
10.0.1.0
10.0.1.1
1259 28
80000002
0
Area: 0.0.0.2 Type
LinkState ID
AdvRouter
Router
10.0.1.1
10.0.1.1
Age Len 1223 36
Sequence
Metric
80000004
0
Sum-Net
10.0.35.0
10.0.1.1
433 28
80000002
1563
Sum-Net
10.0.3.0
10.0.1.1
541 28
80000002
1
Sum-Net
10.0.2.0
10.0.1.1
909 28
80000002
1
Sum-Net
10.1.234.0
10.0.1.1
1269 28
80000002
1
Sum-Net
10.0.4.0
10.0.1.1
711 28
80000002
1
Loopback 0 of R1 is in area 2. Therefore, R1 has the LSDBs serving two areas: area 0 and area 2. On R4, run the display ospf lsdb command to view OSPF database information. [R4]display ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Age Len
Sequence
Router
10.0.3.3
10.0.3.3
745 48
80000009
1
Router
10.0.4.4
10.0.4.4
888 48
80000009
1
Router
10.0.2.2
10.0.2.2
889 48
8000000C
1
Router
10.0.1.1
10.0.1.1
889 36
8000000B
1
Network
10.1.234.1
10.0.1.1
889 40
80000007
0
78
HUAWEI TECHNOLOGIES
Metric
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Sum-Net
10.0.35.0
10.0.3.3
732 28
80000002
1562
Sum-Net
10.0.1.0
10.0.1.1
1556 28
80000002
0
The content of LSDB varies according to the role of the OSPF router. Compare the LSDBs of R5, R2, R1, and R4, and find out their differences.
Step 3 Change the priority of the OSPF interface of a router to affect DR election. Configure the priority of G0/0/0 of R3 to 255 to ensure that R3 is the DR on the network segment 10.1.234.0/24. Configure the priority of G0/0/0 of R2 to 254 to ensure that R2 is the BDR on the network segment 10.1.234.0/24. Configure the priority of G0/0/0 of R4 to 0 to ensure that R4 is the DROther router on the network segment 10.1.234.0/24. [R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]ospf dr-priority 255
[R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ospf dr-priority 254
[R4]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ospf dr-priority 0
Disable the G0/0/0 interfaces of R1, R2, R3, and R4 and then enable the G0/0/0 interfaces of R3, R2, R1, and R4 in sequence. This is because the BR and BDR have been elected and cannot be preempted. [R1-GigabitEthernet0/0/0]shutdown
[R2-GigabitEthernet0/0/0]shutdown
[R3-GigabitEthernet0/0/0]shutdown
[R4-GigabitEthernet0/0/0]shutdown
[R1-GigabitEthernet0/0/0]undo shutdown
[R2-GigabitEthernet0/0/0]undo shutdown
[R3-GigabitEthernet0/0/0]undo shutdown
HC Series
HUAWEI TECHNOLOGIES
79
HCNP-IERN Chapter 2 Implementing OSPF design structures
[R4-GigabitEthernet0/0/0]undo shutdown
View the DR/BDR election on the network segment 10.1.234.0/24. [R3]display ospf peer
OSPF Process 1 with Router ID 10.0.3.3 Neighbors
Area 0.0.0.0 interface 10.1.234.3(GigabitEthernet0/0/0)'s neighbors Router ID: 10.0.1.1
Address: 10.1.234.1
State: Full Mode:Nbr is Slave Priority: 1 DR: 10.1.234.3 BDR: 10.1.234.2 MTU: 0 Dead timer due in 29 sec Retrans timer interval: 3 Neighbor is up for 00:02:17 Authentication Sequence: [ 0 ]
Router ID: 10.0.2.2
Address: 10.1.234.2
State: Full Mode:Nbr is Slave Priority: 254 DR: 10.1.234.3 BDR: 10.1.234.2 MTU: 0 Dead timer due in 35 sec Retrans timer interval: 6 Neighbor is up for 00:01:14 Authentication Sequence: [ 0 ]
Router ID: 10.0.4.4
Address: 10.1.234.4
State: Full Mode:Nbr is Master Priority: 0 DR: 10.1.234.3 BDR: 10.1.234.2 MTU: 0 Dead timer due in 32 sec Retrans timer interval: 3 Neighbor is up for 00:01:26 Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.1 interface 10.0.35.3(Serial3/0/0)'s neighbors Router ID: 10.0.5.5
Address: 10.0.35.5
State: Full Mode:Nbr is Master Priority: 1 DR: None
BDR: None
MTU: 0
Dead timer due in 27 sec Retrans timer interval: 4
80
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Neighbor is up for 00:53:37 Authentication Sequence: [ 0 ]
After the G0/0/0 interfaces are enabled again, R3 becomes the DR on the network segment and R2 becomes the BDR. View the neighbor relationship between R4 and R1. [R4]display ospf peer 10.0.1.1
OSPF Process 1 with Router ID 10.0.4.4 Neighbors
Area 0.0.0.0 interface 10.1.234.4(GigabitEthernet0/0/0)'s neighbors Router ID: 10.0.1.1
Address: 10.1.234.1
State: 2-Way Mode:Nbr is Slave Priority: 1 DR: 10.1.234.3 BDR: 10.1.234.2 MTU: 0 Dead timer due in 30 sec Retrans timer interval: 0 Neighbor is up for 00:00:00 Authentication Sequence: [ 0 ]
R1 and R4 are both DROther routers and therefore they are the neighbor of each other and remain in the 2-way state.
Step 4 Configure direct routes to be summarized and imported to OSPF areas. Loopback 0 of R5 does not belong to any OSPF area. Import this direct route to OSPF areas. [R5]ospf [R5-ospf-1]import-route direct
View the imported external routes on R1 and R3. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 6
Routes : 6
OSPF routing table status :
HC Series
HUAWEI TECHNOLOGIES
81
HCNP-IERN Chapter 2 Implementing OSPF design structures Destinations : 6
Destination/Mask
Proto
Routes : 6
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1
D
10.1.234.2
GigabitEthernet0/0/0
10.0.3.0/24 OSPF
10
1
D
10.1.234.3
GigabitEthernet0/0/0
10.0.4.0/24 OSPF
10
1
D
10.1.234.4
GigabitEthernet0/0/0
10.0.5.0/24 O_ASE
150 1
D
10.1.234.3
GigabitEthernet0/0/0
10.0.35.0/24 OSPF
10
D
10.1.234.3
GigabitEthernet0/0/0
10.0.35.3/32 O_ASE
150 1
D
10.1.234.3
GigabitEthernet0/0/0
1563
OSPF routing table status : Destinations : 0
Routes : 0
[R3]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 5
Routes : 5
OSPF routing table status : Destinations : 4
Destination/Mask
Proto
Routes : 4
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1
D
10.1.234.1
GigabitEthernet0/0/0
10.0.2.0/24 OSPF
10
1
D
10.1.234.2
GigabitEthernet0/0/0
10.0.4.0/24 OSPF
10
1
D
10.1.234.4
GigabitEthernet0/0/0
10.0.5.0/24 O_ASE
150 1
D
10.0.35.5
Serial3/0/0
OSPF routing table status : Destinations : 1
Destination/Mask
Proto
10.0.35.3/32 O_ASE
Routes : 1
Pre Cost
150 1
Flags NextHop
10.0.35.5
Interface
Serial3/0/0
The two external routes 10.0.5.0/24 and 10.0.35.3/32 can be viewed on R1 and R3. 10.0.5.0/24 is the loopback interface of R5. Why does another external route exist? View the routing table on R5. PPP is used for data transmission between R3 and R5, and the IP address of Serial 3/0/0 of R3 is included in 82
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
the routing table of R5 to describe a direct route. Therefore, this route is also advertised after the import-route direct command is run on R5. [R5]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 16
Destination/Mask
Proto
Routes : 16
Pre Cost
Flags NextHop
Interface
10.0.35.0/24
Direct 0
0
D
10.0.35.5
Serial1/0/0
10.0.35.3/32
Direct 0
0
D
10.0.35.3
Serial1/0/0
10.0.35.5/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
Test the network connectivity. [R1]ping -c 1 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=254 time=41 ms
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 41/41/41 ms
On R1, view the OSPF external routes in the LSDB. The LSDB of R1 has three external routes: 10.0.5.0/24, 10.0.35.0/24, and 10.0.35.3/32. However, the routing table on R1 has only two external routes. [R1]display ospf lsdb ase
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Type
: External
Ls id
: 10.0.5.0
Adv rtr
: 10.0.5.5
Ls age
: 834
Len
: 36
Options seq#
: E : 80000001
HC Series
HUAWEI TECHNOLOGIES
83
HCNP-IERN Chapter 2 Implementing OSPF design structures chksum
: 0xa904
Net mask : 255.255.255.0 TOS 0 Metric: 1 E type
: 2
Forwarding Address : 0.0.0.0 Tag
: 1
Priority : Low
Type
: External
Ls id
: 10.0.35.0
Adv rtr
: 10.0.5.5
Ls age
: 1342
Len
: 36
Options
: E
seq#
: 80000001
chksum
: 0x5e31
Net mask : 255.255.255.0 TOS 0 Metric: 1 E type
: 2
Forwarding Address : 0.0.0.0 Tag
: 1
Priority : Low
Type
: External
Ls id
: 10.0.35.3
Adv rtr
: 10.0.5.5
Ls age
: 1344
Len
: 36
Options
: E
seq#
: 80000001
chksum
: 0x404c
Net mask : 255.255.255.255 TOS 0 Metric: 1 E type
: 2
Forwarding Address : 0.0.0.0 Tag
: 1
Priority : Medium
The route 10.0.35.0/24 is provided as an internal route in the routing table. This route can be found in the Type3 LSA of the LSDB of R1. [R1]display ospf lsdb summary 10.0.35.0
84
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
OSPF Process 1 with Router ID 10.0.1.1 Area: 0.0.0.0 Link State Database
Type
: Sum-Net
Ls id
: 10.0.35.0
Adv rtr
: 10.0.3.3
Ls age
: 136
Len
: 28
Options
: E
seq#
: 80000004
chksum
: 0x1ae2
Net mask : 255.255.255.0 Tos 0 metric: 1562 Priority : Low
When the routes advertised by a Type3 LSA and a Type5 LSA share the same network ID and subnet mask, the route advertised by the Type3 LSA takes precedence and is therefore added to the routing table.
Step 5 View different types of LSAs. On R1, view the content of the Type1 LSA 10.0.1.0 in area 0 and area 2. [R1]display ospf lsdb router 10.0.1.1
OSPF Process 1 with Router ID 10.0.1.1 Area: 0.0.0.0 Link State Database
Type
: Router
Ls id
: 10.0.1.1
Adv rtr
: 10.0.1.1
Ls age
: 591
Len
: 36
Options
: ABR E
seq#
: 8000001e
chksum
: 0xbc70
Link count: 1
HC Series
HUAWEI TECHNOLOGIES
85
HCNP-IERN Chapter 2 Implementing OSPF design structures * Link ID: 10.1.234.3 Data
: 10.1.234.1
Link Type: TransNet Metric : 1 Area: 0.0.0.2 Link State Database
Type
: Router
Ls id
: 10.0.1.1
Adv rtr
: 10.0.1.1
Ls age
: 627
Len
: 36
Options
: ABR E
seq#
: 80000008
chksum
: 0x1018
Link count: 1 * Link ID: 10.0.1.0 Date
: 255.255.255.0
Link Type: StubNet Metric : 0 Priority: Low
For Type1 LSAs, the Ls id field indicates the ID of the router that generates this LSA. R1 generates two Type1 LSAs and one is flooded in area 0. R1 connects to a transit network segment in area 0. Therefore, the value of Link Type is TransNet. For a transit network segment, the Link ID field indicates the interface IP address of the DR on this network segment, and Data indicates the IP address of the local interface. The second Type1 LSA is flooded in area 2 by R1. R1 connects to area 2 through a loopback interface. For the loopback interface, the value of Link Type is StubNet. The Link ID field indicates the IP address of the stub network segment, and Data indicates the network mask. On R2, R3, and R4, view the content of the Type2 LSA 10.1.234.0 in area 0. [R2]display ospf lsdb network 10.1.234.3
OSPF Process 1 with Router ID 10.0.2.2 Area: 0.0.0.0
86
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Link State Database
Type
: Network
Ls id
: 10.1.234.3
Adv rtr
: 10.0.3.3
Ls age
: 115
Len
: 40
Options
: E
seq#
: 8000000f
chksum
: 0x807e
Net mask : 255.255.255.0 Priority : Low Attached Router
10.0.3.3
Attached Router
10.0.1.1
Attached Router
10.0.2.2
Attached Router
10.0.4.4
The content of this LSA is the same on R2, R3, and R4. The Adv rtr field indicates that this LSA is generated by R3. The Ls id field of the Type2 LSA indicates the interface IP address of the DR on the network segment, and Attached Router indicates the IDs of all routers. On R1 and R3, view the content of the Type3 LSA 10.0.35.0/24 in area 0. [R3]display ospf lsdb summary 10.0.35.0
OSPF Process 1 with Router ID 10.0.3.3 Area: 0.0.0.0 Link State Database
Type
: Sum-Net
Ls id
: 10.0.35.0
Adv rtr
: 10.0.3.3
Ls age
: 591
Len
: 28
Options
: E
seq#
: 8000000a
chksum
: 0xee8
Net mask : 255.255.255.0 Tos 0 metric: 1562
HC Series
HUAWEI TECHNOLOGIES
87
HCNP-IERN Chapter 2 Implementing OSPF design structures Priority : Low
The preceding information shows that this route is advertised by R3 to area 0. The Ls id field indicates the network address of the target network segment, and Net mask indicates the mask. [R1]display ospf lsdb summary 10.0.35.0
OSPF Process 1 with Router ID 10.0.1.1 Area: 0.0.0.0 Link State Database
Type
: Sum-Net
Ls id
: 10.0.35.0
Adv rtr
: 10.0.3.3
Ls age
: 136
Len
: 28
Options
: E
seq#
: 80000004
chksum
: 0x1ae2
Net mask : 255.255.255.0 Tos 0 metric: 1562 Priority : Low Area: 0.0.0.2 Link State Database
Type
: Sum-Net
Ls id
: 10.0.35.0
Adv rtr
: 10.0.1.1
Ls age
: 382
Len
: 28
Options
: E
seq#
: 80000002
chksum
: 0x42bf
Net mask : 255.255.255.0 Tos 0 metric: 1563 Priority : Low
R1 has two Type3 LSAs that describe 10.0.35.0/24. The Adv rtr field indicates that the LSA in area 0 is generated by R3. As R1 is an ABR, it generates an LSA after receiving the LSA and advertises the generated 88
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
LSA to area 2. On R1, view the content of the Type4 LSA 10.0.5.0 in area 2. The Type4 LSA describes the route to the ASBR. [R1]display ospf lsdb asbr 10.0.5.5
OSPF Process 1 with Router ID 10.0.1.1 Area: 0.0.0.0 Link State Database
Type
: Sum-Asbr
Ls id
: 10.0.5.5
Adv rtr
: 10.0.3.3
Ls age
: 1119
Len
: 28
Options
: E
seq#
: 80000008
chksum
: 0x1df3
Tos 0 metric: 1562 Area: 0.0.0.2 Link State Database
Type
: Sum-Asbr
Ls id
: 10.0.5.5
Adv rtr
: 10.0.1.1
Ls age
: 1118
Len
: 28
Options
: E
seq#
: 80000008
chksum
: 0x41d2
Tos 0 metric: 1563
The preceding information shows that R1 receives a Type4 LSA from R3. The Ls id field indicates the router ID of the ASBR. Because this type of LSA cannot be flooded across OSPF areas, R1 generates a Type4 LSA and advertises it to area 2. This LSA exists in the LSDBs of R2, R3, and R4 in area 0. The ASBR (R5) is in a different area from these routers and therefore they need to learn the location of the ASBR through a Type4 LSA. [R2]display ospf lsdb asbr
HC Series
HUAWEI TECHNOLOGIES
89
HCNP-IERN Chapter 2 Implementing OSPF design structures
OSPF Process 1 with Router ID 10.0.2.2 Area: 0.0.0.0 Link State Database
Type
: Sum-Asbr
Ls id
: 10.0.5.5
Adv rtr
: 10.0.3.3
Ls age
: 1676
Len
: 28
Options
: E
seq#
: 80000008
chksum
: 0x1df3
Tos 0 metric: 1562
This Type4 LSA does not exist in area 1. Routers in the same area do not need to learn the location of the ASBR through this Type4 LSA.
Step 6 Observe the exchange of LSR, LSU, and LSAck packets. Observe the process of sending OSPF Update and ACK packets. On R1, run the debugging ospf packet update and debugging ospf packet ack commands. terminal monitor % Current terminal monitor is on terminal debugging % Current terminal debugging is on debugging ospf packet update OSPF Link State Update PACKET debugging switch is on debugging ospf packet ack OSPF Link State Acknowledgment PACKET debugging switch is on
By default, the OSPF router updates information at 30-minute intervals when the network runs properly. The Loopback 0 interface of R3 is disabled to trigger information query and update. [R3]undo interface LoopBack 0
R1 receives the Update message sent from 10.1.234.3. The 90
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
destination IP address of this message is 224.0.0.5, which indicates all OSPF routers. This message describes a network segment (# Links: 1) and contains the LinkID and LinkData of the network segment. Nov 24 2011 16:08:19.740.1+00:00 R1 RM/6/RMDEBUG: FileID: 0xd0178024 Line: 2178 Level: 0x20 OSPF 1: RECV Packet. Interface: GigabitEthernet0/0/0 Nov 24 2011 16:08:19.740.2+00:00 R1 RM/6/RMDEBUG: Source Address: 10.1.234.3 Nov 24 2011 16:08:19.740.3+00:00 R1 RM/6/RMDEBUG: Destination Address: 224.0.0.5 Nov 24 2011 16:08:19.740.4+00:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 4 (Link-State Update) Nov 24 2011 16:08:19.740.5+00:00 R1 RM/6/RMDEBUG: Length: 64, Router: 10.0.3.3 Nov 24 2011 16:08:19.740.6+00:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: 3671 Nov 24 2011 16:08:19.740.7+00:00 R1 RM/6/RMDEBUG: AuType: 00 Nov 24 2011 16:08:19.740.8+00:00 R1 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 24 2011 16:08:19.740.9+00:00 R1 RM/6/RMDEBUG: # LSAS: 1 Nov 24 2011 16:08:19.740.10+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:08:19.740.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.3.3
Nov 24 2011 16:08:19.740.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:08:19.740.13+00:00 R1 RM/6/RMDEBUG:
LSA Age: 1
Nov 24 2011 16:08:19.740.14+00:00 R1 RM/6/RMDEBUG:
Options: ExRouting:ON
Nov 24 2011 16:08:19.740.15+00:00 R1 RM/6/RMDEBUG:
Length: 36, Seq# 8000004f
Nov 24 2011 16:08:19.740.16+00:00 R1 RM/6/RMDEBUG: Nov 24 2011 16:08:19.740.17+00:00 R1 RM/6/RMDEBUG:
CheckSum: 32bf NtBit: 0 VBit: 0 EBit: 0
BBit: 1 Nov 24 2011 16:08:19.740.18+00:00 R1 RM/6/RMDEBUG:
# Links: 1
Nov 24 2011 16:08:19.740.19+00:00 R1 RM/6/RMDEBUG:
LinkID: 10.1.234.3
Nov 24 2011 16:08:19.740.20+00:00 R1 RM/6/RMDEBUG:
LinkData: 10.1.234.3
Nov 24 2011 16:08:19.740.21+00:00 R1 RM/6/RMDEBUG:
LinkType: 2
Nov 24 2011 16:08:19.740.22+00:00 R1 RM/6/RMDEBUG:
TOS# 0 Metric 1
Then R1 receives an ACK message. The content of this message indicates that this message is sent from the BDR. R1 receives this message because the destination address in this message is 224.0.0.5. The serial number (Seq# 8000004f) of this message indicates that this message is the response to the Update message. Nov 24 2011 16:08:20.360.1+00:00 R1 RM/6/RMDEBUG: FileID: 0xd0178024 Line: 2178 Level: 0x20 OSPF 1: RECV Packet. Interface: GigabitEthernet0/0/0 Nov 24 2011 16:08:20.360.2+00:00 R1 RM/6/RMDEBUG: Source Address: 10.1.234.2 Nov 24 2011 16:08:20.360.3+00:00 R1 RM/6/RMDEBUG: Destination Address: 224.0.0.5 Nov 24 2011 16:08:20.360.4+00:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 5 (Link-State Ack)
HC Series
HUAWEI TECHNOLOGIES
91
HCNP-IERN Chapter 2 Implementing OSPF design structures Nov 24 2011 16:08:20.360.5+00:00 R1 RM/6/RMDEBUG: Length: 64, Router: 10.0.2.2 Nov 24 2011 16:08:20.360.6+00:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: 9b07 Nov 24 2011 16:08:20.360.7+00:00 R1 RM/6/RMDEBUG: AuType: 00 Nov 24 2011 16:08:20.360.8+00:00 R1 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 24 2011 16:08:20.360.9+00:00 R1 RM/6/RMDEBUG: # LSA Headers: 2 Nov 24 2011 16:08:20.360.10+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:08:20.360.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.3.3
Nov 24 2011 16:08:20.360.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:08:20.360.13+00:00 R1 RM/6/RMDEBUG:
LSA Age: 6
Nov 24 2011 16:08:20.360.14+00:00 R1 RM/6/RMDEBUG: Nov 24 2011 16:08:20.360.15+00:00 R1 RM/6/RMDEBUG:
Options: ExRouting:ON Length: 36, Seq# 8000004f
Nov 24 2011 16:08:20.360.16+00:00 R1 RM/6/RMDEBUG:
CheckSum: 32bf
Finally R1 sends an ACK message. The source address of this message is the interface IP address of the interface GigabitEthernet 0/0/0 of R1 and the destination address is 224.0.0.6. The message is bound for the DR and the BDR. The serial number of this message is also 8000004f. Nov 24 2011 16:08:20.650.1+00:00 R1 RM/6/RMDEBUG: FileID: 0xd0178025 Line: 4383 Level: 0x20 OSPF 1: SEND Packet. Interface: GigabitEthernet0/0/0 Nov 24 2011 16:08:20.650.2+00:00 R1 RM/6/RMDEBUG: Source Address: 10.1.234.1 Nov 24 2011 16:08:20.650.3+00:00 R1 RM/6/RMDEBUG: Destination Address: 224.0.0.6 Nov 24 2011 16:08:20.650.4+00:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 5 (Link-State Ack) Nov 24 2011 16:08:20.650.5+00:00 R1 RM/6/RMDEBUG: Length: 44, Router: 10.0.1.1 Nov 24 2011 16:08:20.650.6+00:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: 2392 Nov 24 2011 16:08:20.650.7+00:00 R1 RM/6/RMDEBUG: AuType: 00 Nov 24 2011 16:08:20.650.8+00:00 R1 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 24 2011 16:08:20.650.9+00:00 R1 RM/6/RMDEBUG: # LSA Headers: 1 Nov 24 2011 16:08:20.650.10+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:08:20.650.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.3.3
Nov 24 2011 16:08:20.650.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:08:20.650.13+00:00 R1 RM/6/RMDEBUG:
LSA Age: 2
Nov 24 2011 16:08:20.650.14+00:00 R1 RM/6/RMDEBUG:
Options: ExRouting:ON
Nov 24 2011 16:08:20.650.15+00:00 R1 RM/6/RMDEBUG: Nov 24 2011 16:08:20.650.16+00:00 R1 RM/6/RMDEBUG:
Length: 36, Seq# 8000004f CheckSum: 32bf
Enable the Loopback 0 interface on R3. [R3]interface loopback 0 [R3-LoopBack0]ip address 10.0.3.3 24
92
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
R1 receives the Update message sent from R3. This message advertises a new network segment and therefore the value of # Links is 2. The network ID and mask of the new network segment are also provided. Nov 24 2011 16:13:50.110.1+00:00 R1 RM/6/RMDEBUG: FileID: 0xd0178024 Line: 2178 Level: 0x20 OSPF 1: RECV Packet. Interface: GigabitEthernet0/0/0 Nov 24 2011 16:13:50.110.2+00:00 R1 RM/6/RMDEBUG: Source Address: 10.1.234.3 Nov 24 2011 16:13:50.110.3+00:00 R1 RM/6/RMDEBUG: Destination Address: 224.0.0.5 Nov 24 2011 16:13:50.110.4+00:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 4 (Link-State Update) Nov 24 2011 16:13:50.110.5+00:00 R1 RM/6/RMDEBUG: Length: 76, Router: 10.0.3.3 Nov 24 2011 16:13:50.110.6+00:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: 8516 Nov 24 2011 16:13:50.110.7+00:00 R1 RM/6/RMDEBUG: AuType: 00 Nov 24 2011 16:13:50.110.8+00:00 R1 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 24 2011 16:13:50.110.9+00:00 R1 RM/6/RMDEBUG: # LSAS: 1 Nov 24 2011 16:13:50.110.10+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:13:50.110.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.3.3
Nov 24 2011 16:13:50.110.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:13:50.110.13+00:00 R1 RM/6/RMDEBUG:
LSA Age: 1
Nov 24 2011 16:13:50.110.14+00:00 R1 RM/6/RMDEBUG:
Options: ExRouting:ON
Nov 24 2011 16:13:50.110.15+00:00 R1 RM/6/RMDEBUG:
Length: 48, Seq# 80000056
Nov 24 2011 16:13:50.110.16+00:00 R1 RM/6/RMDEBUG: Nov 24 2011 16:13:50.110.17+00:00 R1 RM/6/RMDEBUG:
CheckSum: d3f6 NtBit: 0 VBit: 0 EBit: 0
BBit: 1 Nov 24 2011 16:13:50.110.18+00:00 R1 RM/6/RMDEBUG:
# Links: 2
Nov 24 2011 16:13:50.110.19+00:00 R1 RM/6/RMDEBUG:
LinkID: 10.1.234.3
Nov 24 2011 16:13:50.110.20+00:00 R1 RM/6/RMDEBUG:
LinkData: 10.1.234.3
Nov 24 2011 16:13:50.110.21+00:00 R1 RM/6/RMDEBUG:
LinkType: 2
Nov 24 2011 16:13:50.110.22+00:00 R1 RM/6/RMDEBUG:
TOS# 0 Metric 1
Nov 24 2011 16:13:50.110.23+00:00 R1 RM/6/RMDEBUG: Nov 24 2011 16:13:50.110.24+00:00 R1 RM/6/RMDEBUG:
LinkID: 10.0.3.3 LinkData: 255.255.255.255
Nov 24 2011 16:13:50.110.25+00:00 R1 RM/6/RMDEBUG:
LinkType: 3
Nov 24 2011 16:13:50.110.26+00:00 R1 RM/6/RMDEBUG:
TOS# 0 Metric 0
Nov 24 2011 16:13:50.110.27+00:00 R1 RM/6/RMDEBUG: Nov 24 2011 16:13:50.360.1+00:00 R1 RM/6/RMDEBUG:
R1 receives the ACK message sent from the BDR. FileID: 0xd0178024 Line: 2178 Level: 0x20 OSPF 1: RECV Packet. Interface: GigabitEthernet0/0/0 Nov 24 2011 16:13:50.360.2+00:00 R1 RM/6/RMDEBUG: Source Address: 10.1.234.2 Nov 24 2011 16:13:50.360.3+00:00 R1 RM/6/RMDEBUG: Destination Address: 224.0.0.5
HC Series
HUAWEI TECHNOLOGIES
93
HCNP-IERN Chapter 2 Implementing OSPF design structures Nov 24 2011 16:13:50.360.4+00:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 5 (Link-State Ack) Nov 24 2011 16:13:50.360.5+00:00 R1 RM/6/RMDEBUG: Length: 44, Router: 10.0.2.2 Nov 24 2011 16:13:50.360.6+00:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: 8147 Nov 24 2011 16:13:50.360.7+00:00 R1 RM/6/RMDEBUG: AuType: 00 Nov 24 2011 16:13:50.360.8+00:00 R1 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 24 2011 16:13:50.360.9+00:00 R1 RM/6/RMDEBUG: # LSA Headers: 1 Nov 24 2011 16:13:50.360.10+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:13:50.360.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.3.3
Nov 24 2011 16:13:50.360.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:13:50.360.13+00:00 R1 RM/6/RMDEBUG:
LSA Age: 1
Nov 24 2011 16:13:50.360.14+00:00 R1 RM/6/RMDEBUG:
Options: ExRouting:ON
Nov 24 2011 16:13:50.360.15+00:00 R1 RM/6/RMDEBUG:
Length: 48, Seq# 80000056
Nov 24 2011 16:13:50.360.16+00:00 R1 RM/6/RMDEBUG:
CheckSum: d3f6
Nov 24 2011 16:13:50.360.17+00:00 R1 RM/6/RMDEBUG: Nov 24 2011 16:13:50.570.1+00:00 R1 RM/6/RMDEBUG:
R1 sends an ACK message. FileID: 0xd0178025 Line: 4383 Level: 0x20 OSPF 1: SEND Packet. Interface: GigabitEthernet0/0/0 Nov 24 2011 16:13:50.570.2+00:00 R1 RM/6/RMDEBUG: Source Address: 10.1.234.1 Nov 24 2011 16:13:50.570.3+00:00 R1 RM/6/RMDEBUG: Destination Address: 224.0.0.6 Nov 24 2011 16:13:50.570.4+00:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 5 (Link-State Ack) Nov 24 2011 16:13:50.570.5+00:00 R1 RM/6/RMDEBUG: Length: 44, Router: 10.0.1.1 Nov 24 2011 16:13:50.570.6+00:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: 8248 Nov 24 2011 16:13:50.570.7+00:00 R1 RM/6/RMDEBUG: AuType: 00 Nov 24 2011 16:13:50.570.8+00:00 R1 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 24 2011 16:13:50.570.9+00:00 R1 RM/6/RMDEBUG: # LSA Headers: 1 Nov 24 2011 16:13:50.570.10+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:13:50.570.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.3.3
Nov 24 2011 16:13:50.570.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:13:50.570.13+00:00 R1 RM/6/RMDEBUG:
LSA Age: 1
Nov 24 2011 16:13:50.570.14+00:00 R1 RM/6/RMDEBUG:
Options: ExRouting:ON
Nov 24 2011 16:13:50.570.15+00:00 R1 RM/6/RMDEBUG: Nov 24 2011 16:13:50.570.16+00:00 R1 RM/6/RMDEBUG:
Length: 48, Seq# 80000056 CheckSum: d3f6
View the Request message. In normal cases, a router does not send this message proactively. Restart the OSPF process on R1. R1 sends an LS Request message to R2. reset ospf process Warning: The OSPF process will be reset. Continue? [Y/N]:y 94
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Nov 24 2011 16:31:42.270.1+00:00 R1 RM/6/RMDEBUG: FileID: 0xd0178025 Line: 2842 Level: 0x20 OSPF 1: SEND Packet. Interface: GigabitEthernet0/0/0 Nov 24 2011 16:31:42.270.2+00:00 R1 RM/6/RMDEBUG: Source Address: 10.1.234.1 Nov 24 2011 16:31:42.270.3+00:00 R1 RM/6/RMDEBUG: Destination Address: 10.1.234.2 Nov 24 2011 16:31:42.270.4+00:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 3 (Link-State Req) Nov 24 2011 16:31:42.270.5+00:00 R1 RM/6/RMDEBUG: Length: 144, Router: 10.0.1.1 Nov 24 2011 16:31:42.270.6+00:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: a316 Nov 24 2011 16:31:42.270.7+00:00 R1 RM/6/RMDEBUG: AuType: 00 Nov 24 2011 16:31:42.270.8+00:00 R1 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 24 2011 16:31:42.270.9+00:00 R1 RM/6/RMDEBUG: # Requesting LSAs: 10 Nov 24 2011 16:31:42.270.10+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:31:42.270.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.1.1
Nov 24 2011 16:31:42.270.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.1.1
Nov 24 2011 16:31:42.270.13+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:31:42.270.14+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.3.3
Nov 24 2011 16:31:42.270.15+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:31:42.280.1+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:31:42.280.2+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.4.4
Nov 24 2011 16:31:42.280.3+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.4.4
Nov 24 2011 16:31:42.280.4+00:00 R1 RM/6/RMDEBUG: LSA Type 2 Nov 24 2011 16:31:42.280.5+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.1.234.3
Nov 24 2011 16:31:42.280.6+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:31:42.280.7+00:00 R1 RM/6/RMDEBUG: LSA Type 3 Nov 24 2011 16:31:42.280.8+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.35.0
Nov 24 2011 16:31:42.280.9+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:31:42.280.10+00:00 R1 RM/6/RMDEBUG: LSA Type 3 Nov 24 2011 16:31:42.280.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.1.0
Nov 24 2011 16:31:42.280.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.1.1
Nov 24 2011 16:31:42.280.13+00:00 R1 RM/6/RMDEBUG: LSA Type 4 Nov 24 2011 16:31:42.280.14+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.5.5
Nov 24 2011 16:31:42.280.15+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.3.3
Nov 24 2011 16:31:42.280.16+00:00 R1 RM/6/RMDEBUG: LSA Type 5 Nov 24 2011 16:31:42.280.17+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.35.0
Nov 24 2011 16:31:42.280.18+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.5.5
Nov 24 2011 16:31:42.280.19+00:00 R1 RM/6/RMDEBUG: LSA Type 5 Nov 24 2011 16:31:42.280.20+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.35.3
Nov 24 2011 16:31:42.280.21+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.5.5
Nov 24 2011 16:31:42.280.22+00:00 R1 RM/6/RMDEBUG: LSA Type 5 Nov 24 2011 16:31:42.280.23+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.5.0
Nov 24 2011 16:31:42.280.24+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.5.5
HC Series
HUAWEI TECHNOLOGIES
95
HCNP-IERN Chapter 2 Implementing OSPF design structures
R1 receives the LS Request message from R3. Nov 24 2011 16:31:48.320.1+00:00 R1 RM/6/RMDEBUG: FileID: 0xd0178024 Line: 2178 Level: 0x20 OSPF 1: RECV Packet. Interface: GigabitEthernet0/0/0 Nov 24 2011 16:31:48.320.2+00:00 R1 RM/6/RMDEBUG: Source Address: 10.1.234.3 Nov 24 2011 16:31:48.320.3+00:00 R1 RM/6/RMDEBUG: Destination Address: 10.1.234.1 Nov 24 2011 16:31:48.320.4+00:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 3 (Link-State Req) Nov 24 2011 16:31:48.320.5+00:00 R1 RM/6/RMDEBUG: Length: 48, Router: 10.0.3.3 Nov 24 2011 16:31:48.320.6+00:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: c4c2 Nov 24 2011 16:31:48.320.7+00:00 R1 RM/6/RMDEBUG: AuType: 00 Nov 24 2011 16:31:48.320.8+00:00 R1 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 24 2011 16:31:48.320.9+00:00 R1 RM/6/RMDEBUG: # Requesting LSAs: 2 Nov 24 2011 16:31:48.320.10+00:00 R1 RM/6/RMDEBUG: LSA Type 1 Nov 24 2011 16:31:48.320.11+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.1.1
Nov 24 2011 16:31:48.320.12+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.1.1
Nov 24 2011 16:31:48.320.13+00:00 R1 RM/6/RMDEBUG: LSA Type 3 Nov 24 2011 16:31:48.320.14+00:00 R1 RM/6/RMDEBUG:
LS ID: 10.0.1.0
Nov 24 2011 16:31:48.320.15+00:00 R1 RM/6/RMDEBUG:
Adv Rtr: 10.0.1.1
Additional Exercises: Analyzing and Verifying Assume that area 2 has a router R6. What are the differences between R6 and R2/R3 in the procedure for calculating the routes to the network segment 10.0.5.0/24?
When is the Type4 LSA used?
What risks exist if both R1 and R4 are configured as DROther routers?
Final Configurations display current-configuration [V200R001C00SPC200]
96
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures # sysname R1 # interface GigabitEthernet0/0/0 ip address 10.1.234.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.1.1 area 0.0.0.0 network 10.1.234.1 0.0.0.0 area 0.0.0.2 network 10.0.1.1 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface GigabitEthernet0/0/0 ip address 10.1.234.2 255.255.255.0 ospf dr-priority 254 # interface LoopBack0 ip address 10.0.2.2 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.2.2 area 0.0.0.0 network 10.1.234.2 0.0.0.0 network 10.0.2.2 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R3 #
HC Series
HUAWEI TECHNOLOGIES
97
HCNP-IERN Chapter 2 Implementing OSPF design structures interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.1.234.3 255.255.255.0 ospf dr-priority 255 # interface LoopBack0 ip address 10.0.3.3 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.3.3 area 0.0.0.0 network 10.1.234.3 0.0.0.0 network 10.0.3.3 0.0.0.0 area 0.0.0.1 network 10.0.35.3 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface GigabitEthernet0/0/0 ip address 10.1.234.4 255.255.255.0 ospf dr-priority 0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.4.4 area 0.0.0.0 network 10.1.234.4 0.0.0.0 network 10.0.4.4 0.0.0.0 # return
display current-configuration [V200R001C00SPC200]
98
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures # sysname R5 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.0 # ospf 1 router-id 10.0.5.5 import-route direct area 0.0.0.1 network 10.0.35.5 0.0.0.0 # return
HC Series
HUAWEI TECHNOLOGIES
99
HCNP-IERN Chapter 2 Implementing OSPF design structures
Lab 2-4 OSPF Stub Area and NSSA Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Configure stub areas in OSPF.
•
Configure Not-So-Stubby Areas (NSSAs) in OSPF.
•
View the content of Type 7 link-state advertisements (LSAs).
•
Comprehend the translation between Type 7 LSAs and Type 5
LSAs.
Topology
Figure 2-4 OSPF stub area and NSSA
100
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Scenario Assume that you are a network administrator of a company that has five ARG3 routers: R1, R2, R3, R4, and R5. Of these routers, R2, R3, and R4 are in the headquarters, R5 is in a branch and connects to R3 through a dedicated line, and R1 is in another branch and connects to R2 through a dedicated line. The network segments 10.0.23.0/24, 10.0.2.0/24, and 10.0.3.0/24 belong to area 0. 10.0.35.0/24 belongs to area 1, which is an NSSA. The Loopback 0 interface of R5 does not belong to any OSPF areas. 10.0.24.0/24 belongs to area 3. The Loopback 0 interface of R4 connects to the Internet and therefore a default route must be configured. The network segments 10.0.12.0/24 and 10.0.1.0/24 belong to area 2, which is a stub area. Fixed IP addresses are used as router IDs to ensure that the router IDs do not change.
Tasks Step 1 Perform basic configurations and IP addressing. Configure IP addresses and subnet masks for all routers. The subnet masks of all loopback interfaces contain 24 binary digits to simulate an independent network segment. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]quit [R1]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 24 [R1-LoopBack0]quit
system-view Enter system view, return user view with Ctrl+Z.
HC Series
HUAWEI TECHNOLOGIES
101
HCNP-IERN Chapter 2 Implementing OSPF design structures [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0]quit [R2]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 24 [R2-Serial2/0/0]quit [R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.24.2 24 [R2-GigabitEthernet0/0/0]quit [R2]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24 [R2-LoopBack0]quit
system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 24 [R3-Serial2/0/0]quit [R3]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 24 [R3-Serial3/0/0]quit [R3]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 24 [R3-LoopBack0]quit
system-view Enter system view, return user view with Ctrl+Z. [R4]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ip address 10.0.24.4 24 [R4-GigabitEthernet0/0/0]quit [R4]interface LoopBack 0 [R4-LoopBack0]ip address 10.0.4.4 24 [R4-LoopBack0]quit
system-view Enter system view, return user view with Ctrl+Z. [R5]interface Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 24 [R5-Serial1/0/0]quit [R5]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 24 [R5-LoopBack0]quit
102
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Test the connectivity of direct links. [R2]ping -c 1 10.0.12.1 PING 10.0.12.1: 56 data bytes, press CTRL_C to break Reply from 10.0.12.1: bytes=56 Sequence=1 ttl=255 time=30 ms
--- 10.0.12.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 30/30/30 ms
[R2]ping -c 1 10.0.24.4 PING 10.0.24.4: 56 data bytes, press CTRL_C to break Reply from 10.0.24.4: bytes=56 Sequence=1 ttl=255 time=6 ms
--- 10.0.24.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 6/6/6 ms
[R2]ping -c 1 10.0.23.3 PING 10.0.23.3: 56 data bytes, press CTRL_C to break Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=31 ms
--- 10.0.23.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 31/31/31 ms
[R3]ping -c 1 10.0.35.5 PING 10.0.35.5: 56 data bytes, press CTRL_C to break Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=255 time=38 ms
--- 10.0.35.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 38/38/38 ms
HC Series
HUAWEI TECHNOLOGIES
103
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 2 Configure multi-area OSPF. Configure the S1/0/0 and Loopback 0 interfaces of R1 to belong to area 0. Change the network type of the loopback interfaces in all OSPF areas to Broadcast so that OSPF advertises actual subnet masks of the loopback interfaces. The IP addresses of the Loopback 0 interfaces are used as router IDs. [R1]ospf 1 router-id 10.0.1.1 [R1-ospf-1]area 2 [R1-ospf-1-area-0.0.0.2]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.2]network 10.0.1.1 0.0.0.0 [R1-ospf-1-area-0.0.0.2]quit [R1-ospf-1]quit [R1]interface LoopBack 0 [R1-LoopBack0]ospf network-type broadcast [R1-LoopBack0]quit
On R2, configure the S2/0/0 and Loopback 0 interfaces to belong to area 0, S1/0/0 to belong to area 2, and G0/0/0 to belong area 3. [R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]quit [R2-ospf-1]area 2 [R2-ospf-1-area-0.0.0.2]network 10.0.12.2 0.0.0.0 [R2-ospf-1-area-0.0.0.2]quit [R2-ospf-1]area 3 [R2-ospf-1-area-0.0.0.3]network 10.0.24.2 0.0.0.0 [R2-ospf-1-area-0.0.0.3]qui [R2-ospf-1]quit [R2]int LoopBack 0 [R2-LoopBack0]ospf network-type broadcast [R2-LoopBack0]quit
On R3, configure the Loopback 0 and S2/0/0 interfaces to belong to area 0, and S3/0/0 to belong to area 1. [R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0
104
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]quit [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]network 10.0.35.3 0.0.0.0 [R3-ospf-1-area-0.0.0.1]quit [R3-ospf-1]quit [R3]interface LoopBack 0 [R3-LoopBack0]ospf network-type broadcast [R3-LoopBack0]quit
On R4, configure the G0/0/0 interface to belong to area 3, and the Loopback 0 interface not to belong to any OSPF areas. [R4]ospf 1 router-id 10.0.4.4 [R4-ospf-1]area 3 [R4-ospf-1-area-0.0.0.3]network 10.0.24.4 0.0.0.0 [R4-ospf-1-area-0.0.0.3]quit [R4-ospf-1]quit
On R5, configure the S1/0/0 interface to belong to area 1, and the Loopback 0 interface not to belong to any OSPF areas. [R5]ospf 1 router-id 10.0.5.5 [R5-ospf-1]area 1 [R5-ospf-1-area-0.0.0.1]network 10.0.35.5 0.0.0.0 [R5-ospf-1-area-0.0.0.1]quit [R5-ospf-1]quit
View the routing table of R1. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 16
Destination/Mask
Proto
Routes : 16
Pre Cost
Flags NextHop
Interface
10.0.1.0/24
Direct 0
0
D
10.0.1.1
LoopBack0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.0/24
OSPF
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.0/24
OSPF
10
3124
D
10.0.12.2
Serial1/0/0
0
D
10.0.12.1
Serial1/0/0
10.0.12.0/24
HC Series
Direct 0
HUAWEI TECHNOLOGIES
105
HCNP-IERN Chapter 2 Implementing OSPF design structures 10.0.12.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.2/32
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.0/24
OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.24.0/24
OSPF
10
1563
D
10.0.12.2
Serial1/0/0
10.0.35.0/24
OSPF
10
4686
D
10.0.12.2
Serial1/0/0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Test the network connectivity. [R1]ping -c 1 10.0.35.5 PING 10.0.35.5: 56 data bytes, press CTRL_C to break Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=253 time=114 ms
--- 10.0.35.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 114/114/114 ms
[R1]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=74 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 74/74/74 ms
[R1]ping -c 1 10.0.24.4 PING 10.0.24.4: 56 data bytes, press CTRL_C to break Reply from 10.0.24.4: bytes=56 Sequence=1 ttl=254 time=34 ms
--- 10.0.24.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
106
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 3 Import external routes to OSPF. Import the network segment 10.0.5.0/24 where the Loopback 0 interface of R5 resides to OSPF areas. Use the default configurations to import the route. [R5]ospf 1 [R5-ospf-1]import-route direct
View this route on R1 and test the network connectivity. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
Proto
Routes : 7
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.5.0/24 O_ASE
150 1
D
10.0.12.2
Serial1/0/0
10.0.23.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.24.0/24 OSPF
10
1563
D
10.0.12.2
Serial1/0/0
10.0.35.0/24 OSPF
10
4686
D
10.0.12.2
Serial1/0/0
10.0.35.3/32 O_ASE
150 1
D
10.0.12.2
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
[R1]ping -c 1 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=253 time=111 ms
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 111/111/111 ms
HC Series
HUAWEI TECHNOLOGIES
107
HCNP-IERN Chapter 2 Implementing OSPF design structures
On R4, configure a default route whose next hop is the Loopback 0 interface. Import this default route to OSPF areas. Set the type to 1 and cost value to 20, and configure the default route not to be advertised permanently. [R4]ip route-static 0.0.0.0 0.0.0.0 LoopBack 0 [R4]ospf 1 [R4-ospf-1]default-route-advertise type 1 cost 20 [R4-ospf-1]quit
Check whether R1 learns this default route and test the network connectivity. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
0.0.0.0/0
Proto
O_ASE
Routes : 7
Pre Cost
Flags NextHop
Interface
150 1583
D
10.0.12.2
Serial1/0/0
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.5.0/24 O_ASE
150 1
D
10.0.12.2
Serial1/0/0
10.0.23.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.24.0/24 OSPF
10
1563
D
10.0.12.2
Serial1/0/0
10.0.35.0/24 OSPF
10
4686
D
10.0.12.2
Serial1/0/0
10.0.35.3/32 O_ASE
150 1
D
10.0.12.2
Serial1/0/0
10.0.2.0/24 OSPF
OSPF routing table status : Destinations : 0
Routes : 0
[R1]ping -c 1 10.0.4.4 PING 10.0.4.4: 56 data bytes, press CTRL_C to break Reply from 10.0.4.4: bytes=56 Sequence=1 ttl=254 time=39 ms
--- 10.0.4.4 ping statistics --1 packet(s) transmitted 1 packet(s) received
108
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures 0.00% packet loss round-trip min/avg/max = 39/39/39 ms
Step 4 Configure area 2 as a stub area. View information about OSPF routes on R1. Note that the preceding default route is an external route (O_ASE) and learned through a Type 5 LSA advertised by R4. [R1]display ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Area: 0.0.0.2 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.2.2
10.0.2.2
12 48
80000003
1562
Router
10.0.1.1
10.0.1.1
11 60
80000003
0
Sum-Net
10.0.35.0
10.0.2.2
33 28
80000001
3124
Sum-Net
10.0.24.0
10.0.2.2
33 28
80000001
1
Sum-Net
10.0.3.0
10.0.2.2
33 28
80000001
1562
Sum-Net
10.0.2.0
10.0.2.2
33 28
80000001
0
Sum-Net
10.0.23.0
10.0.2.2
34 28
80000001
1562
Sum-Asbr 10.0.4.4
10.0.2.2
34 28
80000001
1
Sum-Asbr 10.0.5.5
10.0.2.2
34 28
80000001
3124
AS External Database Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
External 0.0.0.0
10.0.4.4
1049 36
80000002
20
External 10.0.5.0
10.0.5.5
1350 36
80000001
1
External 10.0.35.0
10.0.5.5
1350 36
80000001
1
External 10.0.35.3
10.0.5.5
1350 36
80000001
1
[R1]display ospf lsdb ase 0.0.0.0
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Type
: External
Ls id
: 0.0.0.0
Adv rtr
: 10.0.4.4
HC Series
HUAWEI TECHNOLOGIES
109
HCNP-IERN Chapter 2 Implementing OSPF design structures Ls age
: 504
Len
: 36
Options
: E
seq#
: 80000002
chksum
: 0xa981
Net mask
: 0.0.0.0
TOS 0 Metric: 20 E type
: 1
Forwarding Address : 0.0.0.0 Tag
: 1
Priority : Low
Configure area 2 as a stub area on R1 and R2. [R1]ospf 1 [R1-ospf-1]area 2 [R1-ospf-1-area-0.0.0.2]stub [R1-ospf-1-area-0.0.0.2]quit [R1-ospf-1]quit
[R2]ospf 1 [R2-ospf-1]area 2 [R2-ospf-1-area-0.0.0.2]stub [R2-ospf-1-area-0.0.0.2]quit [R2-ospf-1]quit
View the routing table of R1 and view information about the learned routes. The external route disappears and the default route becomes an internal route. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 6
Routes : 6
OSPF routing table status : Destinations : 6
Destination/Mask
Routes : 6
Proto
Pre Cost
0.0.0.0/0
OSPF
10
1563
D
10.0.12.2
Serial1/0/0
10.0.2.0/24
OSPF
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.0/24
OSPF
10
3124
D
10.0.12.2
Serial1/0/0
110
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures 10.0.23.0/24
OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.24.0/24
OSPF
10
1563
D
10.0.12.2
Serial1/0/0
10.0.35.0/24
OSPF
10
4686
D
10.0.12.2
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
View the link state database (LSDB) of R1. The LSA that describes the external route also disappears. The default route is learned through a Type 3 LSA. [R1]display ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Area: 0.0.0.2 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.2.2
10.0.2.2
182 48
80000003
1562
Router
10.0.1.1
10.0.1.1
182 60
80000004
0
Sum-Net
0.0.0.0
10.0.2.2
183 28
80000001
1
Sum-Net
10.0.35.0
10.0.2.2
183 28
80000001
Sum-Net
10.0.24.0
10.0.2.2
183 28
80000001
1
Sum-Net
10.0.3.0
10.0.2.2
183 28
80000001
1562
Sum-Net
10.0.2.0
10.0.2.2
184 28
80000001
0
Sum-Net
10.0.23.0
10.0.2.2
184 28
80000001
3124
1562
The details about this Type 3 LSA show that this default route is advertised by R2. This proves that after an area is configured as a stub area, the area border router (ABR) blocks Type 4 and Type 5 LSAs bound for the stub area. The ABR also floods a default route pointing to the ABR itself within the stub area through a Type 3 LSA. [R1]display ospf lsdb summary 0.0.0.0
OSPF Process 1 with Router ID 10.0.1.1 Area: 0.0.0.2 Link State Database
Type
: Sum-Net
Ls id
: 0.0.0.0
Adv rtr
: 10.0.2.2
Ls age
: 114
HC Series
HUAWEI TECHNOLOGIES
111
HCNP-IERN Chapter 2 Implementing OSPF design structures Len
: 28
Options
: None
seq#
: 80000001
chksum
: 0x1f31
Net mask
: 0.0.0.0
Tos 0 metric: 1 Priority
: Low
On R2, configure area 2 as a totally stub area (no-summary). [R2]ospf 1 [R2-ospf-1]area 2 [R2-ospf-1-area-0.0.0.2]stub no-summary [R2-ospf-1-area-0.0.0.2]quit [R2-ospf-1]quit
View the routing table of R1 and it is found that only a default route is learned over OSPF. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 1
Routes : 1
OSPF routing table status : Destinations : 1
Destination/Mask
0.0.0.0/0
Routes : 1
Proto
Pre Cost
OSPF
10
1563
Flags NextHop
D
10.0.12.2
Interface
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
View the LSDB of R1. Besides the Type 1 LSAs generated by R1 and R2, only a Type 3 LSA advertised by R2 is found. This proves that the ABR in a totally stub area blocks Type 3, Type 4, and Type 5 LSAs and generates a Type 3 LSA to advertise a default route that points to the ABR. [R1]display ospf lsdb
112
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Area: 0.0.0.2 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.2.2
10.0.2.2
167 48
80000004
1562
Router
10.0.1.1
10.0.1.1
166 60
80000006
0
Sum-Net
0.0.0.0
10.0.2.2
549 28
80000001
1
Step 5 Configure area 1 as an NSSA. View the routing table of R3. The route 10.0.5.0/24 advertised by R5 is an external route. [R3]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 6
Destination/Mask
0.0.0.0/0
Proto
O_ASE
Routes : 6
Pre Cost
Flags NextHop
Interface
150 1583
D
10.0.23.2
Serial2/0/0
10.0.1.0/24 OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.2.0/24 OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.5.0/24 O_ASE
150 1
D
10.0.35.5
Serial3/0/0
10.0.12.0/24 OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.24.0/24 OSPF
10
1563
D
10.0.23.2
Serial2/0/0
OSPF routing table status : Destinations : 1
Destination/Mask
Proto
10.0.35.3/32 O_ASE
Routes : 1
Pre Cost
150 1
Flags NextHop
Interface
10.0.35.5
Serial3/0/0
View the routing table and LSDB of R5. R5 learns an external route from R4 and the other routes are internal routes. R5 advertises the route 10.0.5.0/24 through a Type 5 LSA. HC Series
HUAWEI TECHNOLOGIES
113
HCNP-IERN Chapter 2 Implementing OSPF design structures [R5]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
0.0.0.0/0
Proto
O_ASE
Routes : 7
Pre Cost
Flags NextHop
Interface
150 3145
D
10.0.35.3
Serial1/0/0
10.0.1.0/24 OSPF
10
4686
D
10.0.35.3
Serial1/0/0
10.0.2.0/24 OSPF
10
3124
D
10.0.35.3
Serial1/0/0
10.0.3.0/24 OSPF
10
1562
D
10.0.35.3
Serial1/0/0
10.0.12.0/24 OSPF
10
4686
D
10.0.35.3
Serial1/0/0
10.0.23.0/24 OSPF
10
3124
D
10.0.35.3
Serial1/0/0
10.0.24.0/24 OSPF
10
3125
D
10.0.35.3
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
[R5]display ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5 Link State Database
Area: 0.0.0.1 Type
LinkState ID
AdvRouter
Router
10.0.5.5
10.0.5.5
882 48
80000004
1562
Router
10.0.3.3
10.0.3.3
1309 48
80000003
1562
Sum-Net
10.0.24.0
10.0.3.3
65 28
80000003
1563
Sum-Net
10.0.12.0
10.0.3.3
819 28
80000001
3124
Sum-Net
10.0.3.0
10.0.3.3
65 28
80000003
0
Sum-Net
10.0.2.0
10.0.3.3
65 28
80000003
1562
Sum-Net
10.0.1.0
10.0.3.3
812 28
80000001
3124
Sum-Net
10.0.23.0
10.0.3.3
65 28
80000003
1562
10.0.3.3
602 28
80000002
1563
AdvRouter
Age Len
Sequence
Metric
10.0.5.5
882 36
80000002
Sum-Asbr 10.0.4.4
Age Len
Sequence
Metric
AS External Database Type
LinkState ID
External 10.0.5.0
114
HUAWEI TECHNOLOGIES
1
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures External 10.0.35.0
10.0.5.5
883 36
80000002
1
External 10.0.35.3
10.0.5.5
883 36
80000002
1
External 0.0.0.0
10.0.4.4
586 36
80000003
20
Configure area 1 where R3 and R5 reside as an NSSA. [R3]ospf [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]nssa
[R5]ospf [R5-ospf-1]area 1 [R5-ospf-1-area-0.0.0.1]nssa
View the routing table of R3 after neighbor relationships are reestablished. [R3]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 6
Destination/Mask
0.0.0.0/0
Proto
O_ASE
Routes : 6
Pre Cost
Flags NextHop
Interface
150 1583
D
10.0.23.2
Serial2/0/0
10.0.1.0/24 OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.2.0/24 OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.5.0/24 O_NSSA
150 1
D
10.0.35.5
Serial3/0/0
10.0.12.0/24 OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.24.0/24 OSPF
10
1563
D
10.0.23.2
Serial2/0/0
OSPF routing table status : Destinations : 1
Destination/Mask
Proto
Routes : 1
Pre Cost
10.0.35.3/32 O_NSSA 150 1
Flags NextHop
Interface
10.0.35.5
Serial3/0/0
The external route advertised by R5 is displayed as an NSSA-specific external route (O_NSSA) in the routing table of R3. HC Series
HUAWEI TECHNOLOGIES
115
HCNP-IERN Chapter 2 Implementing OSPF design structures
View the routing table of R5. [R5]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
0.0.0.0/0
Routes : 7
Proto
Pre Cost
O_NSSA 150 1
Flags NextHop
Interface
D
10.0.35.3
Serial1/0/0
10.0.1.0/24 OSPF
10
4686
D
10.0.35.3
Serial1/0/0
10.0.2.0/24 OSPF
10
3124
D
10.0.35.3
Serial1/0/0
10.0.3.0/24 OSPF
10
1562
D
10.0.35.3
Serial1/0/0
10.0.12.0/24 OSPF
10
4686
D
10.0.35.3
Serial1/0/0
10.0.23.0/24 OSPF
10
3124
D
10.0.35.3
Serial1/0/0
10.0.24.0/24 OSPF
10
3125
D
10.0.35.3
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The default route is displayed as an external route (O_ASE) before but as an NSSA-specific external route (O_NSSA) now. View the LSDB of R5. [R5]display ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5 Link State Database
Area: 0.0.0.1 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.5.5
10.0.5.5
811 48
80000007
1562
Router
10.0.3.3
10.0.3.3
811 48
80000007
1562
Sum-Net
10.0.24.0
10.0.3.3
929 28
80000005
1563
Sum-Net
10.0.12.0
10.0.3.3
929 28
80000005
3124
Sum-Net
10.0.3.0
10.0.3.3
929 28
80000005
0
Sum-Net
10.0.2.0
10.0.3.3
929 28
80000005
1562
Sum-Net
10.0.1.0
10.0.3.3
930 28
80000005
3124
Sum-Net
10.0.23.0
10.0.3.3
930 28
80000005
1562
116
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures NSSA
10.0.5.0
10.0.5.5
819 36
80000005
1
NSSA
10.0.35.0
10.0.5.5
819 36
80000006
1
NSSA
10.0.35.3
10.0.5.5
819 36
80000005
1
NSSA
0.0.0.0
10.0.3.3
930 36
80000005
1
The Type 5 LSA disappears and the external routes are advertised through Type 7 LSAs. View details about the default route. [R5]display ospf lsdb nssa 0.0.0.0
OSPF Process 1 with Router ID 10.0.5.5 Area: 0.0.0.1 Link State Database
Type
: NSSA
Ls id
: 0.0.0.0
Adv rtr
: 10.0.3.3
Ls age
: 1149
Len
: 36
Options
: None
seq#
: 80000005
chksum
: 0x7745
Net mask
: 0.0.0.0
TOS 0 Metric: 1 E type
: 2
Forwarding Address : 0.0.0.0 Tag
: 1
Priority
: Low
On R5, the default route is advertised by R4. However, the preceding information shows that this default route is advertised by R3. The NSSA blocks external Type 4 and Type 5 LSAs and the ABR in the NSSA advertises a default route through a Type 7 LSA. The autonomous system boundary router (ASBR) advertises the external routes to the NSSA through Type 7 LSAs. The NSSA differs from the stub area in that the NSSA allows external routes to be imported whereas the stub area does not.
HC Series
HUAWEI TECHNOLOGIES
117
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 6 Observe the changes caused by NSSA to OSPF. Run the display ospf brief command to view the role of R3 in OSPF. The Border Router field has three values: AREA, AS, and NSSA, where AREA indicates that the router is an ABR, AS indicates that the router is an ASBR, and NSSA indicates that the router has at least one interface in the NSSA. [R3]display ospf brief
OSPF Process 1 with Router ID 10.0.3.3 OSPF Protocol Information
RouterID: 10.0.3.3
Border Router: AREA AS NSSA
Multi-VPN-Instance is not enabled Global DS-TE Mode: Non-Standard IETF Mode Graceful-restart capability: disabled Helper support capability : not configured Spf-schedule-interval: max 10000ms, start 500ms, hold 1000ms Default ASE parameters: Metric: 1 Tag: 1 Type: 2 Route Preference: 10 ASE Route Preference: 150 SPF Computation Count: 15 RFC 1583 Compatible Retransmission limitation is disabled Area Count: 2
Nssa Area Count: 1
ExChange/Loading Neighbors: 0
Area: 0.0.0.0 Authtype: None
Area flag: Normal
SPF scheduled Count: 7 ExChange/Loading Neighbors: 0
Interface: 10.0.3.3 (LoopBack0) Cost: 0
State: P-2-P
Type: P2P
MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Interface: 10.0.23.3 (Serial2/0/0) --> 10.0.23.2 Cost: 1562
State: P-2-P
Type: P2P
MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Area: 0.0.0.1
118
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Authtype: None
Area flag:
NSSA
SPF scheduled Count: 8 ExChange/Loading Neighbors: 0 NSSA Translator State: Elected
Interface: 10.0.35.3 (Serial3/0/0) --> 10.0.35.5 Cost: 1562
State: P-2-P
Type: P2P
MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Because Type 5 LSAs are not allowed in the NSSA, the ASBR advertises external routes to the NSSA through Type 7 LSAs. Type 7 LSAs are allowed only in the NSSA. Therefore, the ABR in the NSSA translates the received Type 7 LSAs into Type 5 LSAs and then advertises them to other OSPF areas. Observe the translation process on R3. The network segment 10.0.5.0/24 is used as an example to describe how routing information is transmitted. In Type 7 LSAs, the Ls id field indicates the target network segment and Net mask indicates the subnet mask of the target network segment. If the Options field is set to NP, this LSA can be translated into a Type 5 LSA. If the value of Options indicates that this LSA cannot be translated into a Type 5 LSA, the Forwarding Address field can be set to 0.0.0.0; otherwise, the Forwarding Address field cannot be set to 0.0.0.0. The next hop of each imported external route does not point to any OSPF areas. Therefore, the Forwarding Address field is set to the IP address of an interface of the ASBR. This interface must be in the stub area. Here the Forwarding Address field is set to the IP address of the S1/0/0 interface of R5. [R3]display ospf lsdb nssa 10.0.5.0
OSPF Process 1 with Router ID 10.0.3.3 Area: 0.0.0.0 Link State Database
Area: 0.0.0.1 Link State Database
Type
: NSSA
Ls id
: 10.0.5.0
Adv rtr
: 10.0.5.5
Ls age
: 836
Len
: 36
HC Series
HUAWEI TECHNOLOGIES
119
HCNP-IERN Chapter 2 Implementing OSPF design structures Options
: NP
seq#
: 80000001
chksum
: 0xb0c2
Net mask : 255.255.255.0 TOS 0 Metric: 1 E type
: 2
Forwarding Address : 10.0.35.5 Tag
: 1
Priority : Low
View the Type 5 LSA generated by R3 to describe the network segment 10.0.5.0/24. [R3]display ospf lsdb ase 10.0.5.0
OSPF Process 1 with Router ID 10.0.3.3 Link State Database
Type
: External
Ls id
: 10.0.5.0
Adv rtr
: 10.0.3.3
Ls age
: 882
Len
: 36
Options
: E
seq#
: 80000001
chksum
: 0x413e
Net mask : 255.255.255.0 TOS 0 Metric: 1 E type
: 2
Forwarding Address : 10.0.35.5 Tag
: 1
Priority : Low
The values of Ls id, Network Mask, and Forwarding Address are copied from the original Type 7 LSA. In this way, the network segment 10.0.5.0/24 is advertised to other OSPF areas.
Additional Exercises: Analyzing and Verifying Figure out the application scenarios of the NSSA. Analyze the reasons why R3 is defined as the ASBR.
120
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.1.1 area 0.0.0.2 network 10.0.12.1 0.0.0.0 network 10.0.1.1 0.0.0.0 stub # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.24.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.0 ospf network-type broadcast
HC Series
HUAWEI TECHNOLOGIES
121
HCNP-IERN Chapter 2 Implementing OSPF design structures # ospf 1 router-id 10.0.2.2 area 0.0.0.0 network 10.0.23.2 0.0.0.0 network 10.0.2.2 0.0.0.0 area 0.0.0.2 network 10.0.12.2 0.0.0.0 stub no-summary area 0.0.0.3 network 10.0.24.2 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.3.3 area 0.0.0.0 network 10.0.23.3 0.0.0.0 network 10.0.3.3 0.0.0.0 area 0.0.0.1 network 10.0.35.3 0.0.0.0 nssa # return
display current-configuration [V200R001C00SPC200] #
122
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures sysname R4 # interface GigabitEthernet0/0/0 ip address 10.0.24.4 255.255.255.0 # interface NULL0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.4.4 default-route-advertise cost 20 type 1 area 0.0.0.3 network 10.0.24.4 0.0.0.0 # ip route-static 0.0.0.0 0.0.0.0 LoopBack0 # return
display current-configuration [V200R001C00SPC200] # sysname R5 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.0 # ospf 1 router-id 10.0.5.5 import-route direct area 0.0.0.1 network 10.0.35.5 0.0.0.0 nssa # Return
HC Series
HUAWEI TECHNOLOGIES
123
HCNP-IERN Chapter 2 Implementing OSPF design structures
Lab 2-5 OSPF VCs and Inter-Area Route Filtering Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Repair a discontinuous area 0 using Open Shortest Path First
(OSPF) virtual circuits (VCs). •
Connect non-backbone areas to area 0 using OSPF VCs.
•
Configure inter-area route filtering and control.
Topology
Figure 2-5 OSPF VCs and inter-area route filtering
124
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Scenario Assume that you are a network administrator of a company that has merged two small companies. R4 and R5 are deployed in the two companies respectively. To combine the networks quickly, networks are interconnected using VCs instead of being re-planned. However, it is found that area 0 is discontinuous and there is no direct link between area 0 and area 3. VCs need to be established between R1 and R2 to interconnect area 3 and area 0. VCs also need to be established between R3 and R5 to connect the two parts of area 0, as shown in the preceding figure. Fixed IP addresses are used as router IDs to ensure that the router IDs do not change.
Tasks Step 1 Perform basic configurations and IP addressing. Configure IP addresses and subnet masks for all routers. The subnet masks of all loopback interfaces contain 24 binary digits to simulate an independent network segment. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 24 [R1-Serial3/0/0]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 24
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 24 [R2-Serial2/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24
HC Series
HUAWEI TECHNOLOGIES
125
HCNP-IERN Chapter 2 Implementing OSPF design structures system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 24 [R3-Serial2/0/0]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 24 [R3-Serial3/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 24
system-view Enter system view, return user view with Ctrl+Z. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 24 [R4-Serial1/0/0]interface LoopBack 0 [R4-LoopBack0]ip address 10.0.4.4 24
system-view Enter system view, return user view with Ctrl+Z. [R5]interface Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 24 [R5-Serial1/0/0]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 24
Test whether direct links are reachable. [R1]ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=39 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 39/39/39 ms
[R1]ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=29 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss
126
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures round-trip min/avg/max = 29/29/29 ms
[R3]ping -c 1 10.0.23.2 PING 10.0.23.2: 56 data bytes, press CTRL_C to break Reply from 10.0.23.2: bytes=56 Sequence=1 ttl=255 time=45 ms
--- 10.0.23.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 45/45/45 ms
[R3]ping -c 1 10.0.35.5 PING 10.0.35.5: 56 data bytes, press CTRL_C to break Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=255 time=32 ms
--- 10.0.35.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 32/32/32 ms
Step 2 Configure multi-area OSPF. On R1, configure the Loopback 0 and S1/0/0 interfaces to belong to area 2, and S3/0/0 to belong to area 3. Change the network type of the loopback interfaces in all OSPF areas to Broadcast so that OSPF advertises actual subnet masks of the loopback interfaces. The IP addresses of the Loopback 0 interfaces are used as router IDs. [R1]ospf 1 router-id 10.0.1.1 [R1-ospf-1]area 2 [R1-ospf-1-area-0.0.0.2]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.2]network 10.0.1.1 0.0.0.0 [R1-ospf-1-area-0.0.0.2]area 3 [R1-ospf-1-area-0.0.0.3]network 10.0.14.1 0.0.0.0 [R1-ospf-1-area-0.0.0.3]interface LoopBack 0 [R1-LoopBack0]ospf network-type broadcast
On R2, configure the Loopback 0 and S2/0/0 interfaces to belong to area 0, and S1/0/0 to belong to area 2.
HC Series
HUAWEI TECHNOLOGIES
127
HCNP-IERN Chapter 2 Implementing OSPF design structures [R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 2 [R2-ospf-1-area-0.0.0.2]network 10.0.12.2 0.0.0.0 [R2-ospf-1-area-0.0.0.2]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]int LoopBack 0 [R2-LoopBack0]ospf network-type broadcast
On R3, configure the Loopback 0 and S2/0/0 interfaces to belong to area 0, and S3/0/0 to belong to area 1. [R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]area 1 [R3-ospf-1-area-0.0.0.1]network 10.0.35.3 0.0.0.0 [R3-ospf-1-area-0.0.0.1]interface LoopBack 0 [R3-LoopBack0]ospf network-type broadcast
On R4, configure the Loopback 0 and S1/0/0 interfaces to belong to area 3. [R4]ospf 1 router-id 10.0.4.4 [R4-ospf-1]area 3 [R4-ospf-1-area-0.0.0.3]network 10.0.14.4 0.0.0.0 [R4-ospf-1-area-0.0.0.3]network 10.0.4.4 0.0.0.0 [R4-ospf-1-area-0.0.0.3]interface LoopBack 0 [R4-LoopBack0]ospf network-type broadcast
On R5, configure S1/0/0 to belong to area 1, and the Loopback 0 interface to belong area 0. [R5]ospf 1 router-id 10.0.5.5 [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]area 1 [R5-ospf-1-area-0.0.0.1]network 10.0.35.5 0.0.0.0 [R5-ospf-1-area-0.0.0.1]interface LoopBack 0 [R5-LoopBack0]ospf network-type broadcast
128
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 3 View the routing table of each router. View the routing table of R4. R4 does not learn OSPF routes though it establishes a neighbor relationship with R1. [R4]display ip routing-table protocol ospf [R4]display ospf peer
OSPF Process 1 with Router ID 10.0.4.4 Neighbors
Area 0.0.0.3 interface 10.0.14.4(Serial1/0/0)'s neighbors Router ID: 10.0.1.1
Address: 10.0.14.1
State: Full Mode:Nbr is Slave Priority: 1 DR: None
BDR: None
MTU: 0
Dead timer due in 39 sec Retrans timer interval: 4 Neighbor is up for 00:21:33 Authentication Sequence: [ 0 ]
View the link state database (LSDB) of R4. Only Type 1 link-state advertisements (LSAs) are found. This indicates that R1 does not advertise the routes of other OSPF areas to area 3. [R4]display ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4 Link State Database
Area: 0.0.0.3 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.4.4
10.0.4.4
571 60
80000005
0
Router
10.0.1.1
10.0.1.1
616 48
80000003
1562
View the routing table of R1. The route 10.0.5.0/24 is not found. Analyze the LSDB of R3 to find the cause. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 5
HC Series
Routes : 5
HUAWEI TECHNOLOGIES
129
HCNP-IERN Chapter 2 Implementing OSPF design structures OSPF routing table status : Destinations : 5
Destination/Mask
Proto
Routes : 5
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.4.0/24 OSPF
10
1562
D
10.0.14.4
Serial3/0/0
10.0.23.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.35.0/24 OSPF
10
4686
D
10.0.12.2
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
View the LSDB of R1. According to OSPF, routing information cannot be directly advertised between non-backbone areas to avoid inter-area routing loops. The information in the LSDB of R1 shows that the area border router (ABR) does not forward the Type 3 LSAs sent from non-backbone areas. There are four inter-area routes in area 2 and these routes are learned from R2 (10.0.2.2). R1 does not forward the LSAs that describe these routes to area 3 and therefore R4 cannot learn these routes. The ABR does not advertise the routes learned from a non-backbone area to another non-backbone area. The routes learned by R1 from R4 are not advertised to area 2 through Type 3 LSAs. Therefore, R2, R3, and R5 cannot learn the routes in area 3. [R1]display ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Area: 0.0.0.2 Type
LinkState ID
AdvRouter
Router
10.0.2.2
10.0.2.2
Router
10.0.1.1
Sum-Net
Age Len
Sequence
Metric
1251 48
80000023
1562
10.0.1.1
1266 60
80000024
0
10.0.35.0
10.0.2.2
1178 28
8000001B
3124
Sum-Net
10.0.3.0
10.0.2.2
1178 28
8000001B
1562
Sum-Net
10.0.2.0
10.0.2.2
1228 28
80000021
0
Sum-Net
10.0.23.0
10.0.2.2
1189 28
8000001B
1562
Area: 0.0.0.3
130
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.4.4
10.0.4.4
855 60
80000024
0
Router
10.0.1.1
10.0.1.1
898 48
80000022
1562
View the routing table of R2. The routes to the network segments 10.0.4.0/24, 10.0.5.0/24, and 10.0.14.0/24 are not found. [R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 3
Routes : 3
OSPF routing table status : Destinations : 3
Destination/Mask
Proto
Routes : 3
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1562
D
10.0.12.1
Serial1/0/0
10.0.3.0/24 OSPF
10
1562
D
10.0.23.3
Serial2/0/0
10.0.35.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
OSPF routing table status : Destinations : 0
Routes : 0
View the LSDB of R2. R1 does not advertise the routes in area 3 to R2. Therefore, the routes 10.0.4.0/24 and 10.0.14.0/24 are not found in the routing table of R2. In area 0, R3 does not advertise the route 10.0.5.0/24 to R2. [R2]display ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Router
10.0.3.3
10.0.3.3
973 60
80000027
0
Router
10.0.2.2
10.0.2.2
972 60
80000028
0
Sum-Net
10.0.35.0
10.0.3.3
984 28
8000001D
1562
Sum-Net
10.0.12.0
10.0.2.2
1035 28
80000022
1562
Sum-Net
10.0.1.0
10.0.2.2
1035 28
80000022
1562
HC Series
Age Len
HUAWEI TECHNOLOGIES
Sequence
Metric
131
HCNP-IERN Chapter 2 Implementing OSPF design structures Area: 0.0.0.2 Type
LinkState ID
AdvRouter
Router
10.0.2.2
10.0.2.2
Router
10.0.1.1
Sum-Net
Age Len
Sequence
Metric
1046 48
80000024
1562
10.0.1.1
1063 60
80000025
0
10.0.35.0
10.0.2.2
973 28
8000001C
3124
Sum-Net
10.0.3.0
10.0.2.2
973 28
8000001C
1562
Sum-Net
10.0.2.0
10.0.2.2
1023 28
80000022
0
Sum-Net
10.0.23.0
10.0.2.2
984 28
8000001C
1562
View the routing table of R3. The routes 10.0.4.0/24, 10.0.5.0/24, and 10.0.14.0/24 are not found. [R3]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 3
Routes : 3
OSPF routing table status : Destinations : 3
Destination/Mask
Proto
Routes : 3
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.2.0/24 OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.12.0/24 OSPF
10
3124
D
10.0.23.2
Serial2/0/0
OSPF routing table status : Destinations : 0
Routes : 0
View the LSDB of R3. R3 receives a Type 3 LSA that describes 10.0.5.0/24 from R5 in area 1. According to the defined principle, Type 3 LSAs received from non-backbone areas are not forwarded. Therefore, R3 does not advertise this Type 3 LSA to area 0 and the route 10.0.5.0/24 cannot be learned by R1 and R2. [R3]display ospf lsdb
OSPF Process 1 with Router ID 10.0.3.3 Link State Database
Area: 0.0.0.0
132
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.3.3
10.0.3.3
111 60
80000028
0
Router
10.0.2.2
10.0.2.2
112 60
80000029
0
Sum-Net
10.0.35.0
10.0.3.3
122 28
8000001E
1562
Sum-Net
10.0.12.0
10.0.2.2
175 28
80000023
1562
Sum-Net
10.0.1.0
10.0.2.2
175 28
80000023
1562
Age Len
Sequence
Metric
Area: 0.0.0.1 Type
LinkState ID
AdvRouter
Router
10.0.5.5
10.0.5.5
117 48
8000001E
1562
Router
10.0.3.3
10.0.3.3
117 48
80000020
1562
Sum-Net
10.0.12.0
10.0.3.3
107 28
8000001D
3124
Sum-Net
10.0.3.0
10.0.3.3
128 28
8000001D
0
Sum-Net
10.0.2.0
10.0.3.3
107 28
8000001D
1562
Sum-Net
10.0.1.0
10.0.3.3
108 28
8000001D
3124
Sum-Net
10.0.5.0
10.0.5.5
128 28
8000001D
0
Sum-Net
10.0.23.0
10.0.3.3
124 28
8000001D
1562
The Type 3 LSA that describes the route 10.0.5.0/24 is found in the LSDB of R3, but not found in the routing table of R3. Check the routing table of R5. [R5]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 5
Routes : 5
OSPF routing table status : Destinations : 5
Destination/Mask
Proto
Routes : 5
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
4686
D
10.0.35.3
Serial1/0/0
10.0.2.0/24 OSPF
10
3124
D
10.0.35.3
Serial1/0/0
10.0.3.0/24 OSPF
10
1562
D
10.0.35.3
Serial1/0/0
10.0.12.0/24 OSPF
10
4686
D
10.0.35.3
Serial1/0/0
10.0.23.0/24 OSPF
10
3124
D
10.0.35.3
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
[R5]display ospf lsdb
HC Series
HUAWEI TECHNOLOGIES
133
HCNP-IERN Chapter 2 Implementing OSPF design structures
OSPF Process 1 with Router ID 10.0.5.5 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.5.5
10.0.5.5
820 36
80000002
Sum-Net
10.0.35.0
10.0.5.5
861 28
80000001
1562
Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.5.5
10.0.5.5
1096 48
80000003
1562
Router
10.0.3.3
10.0.3.3
1097 48
80000002
1562
Sum-Net
10.0.12.0
10.0.3.3
1129 28
80000001
3124
Sum-Net
10.0.3.0
10.0.3.3
1129 28
80000001
0
Sum-Net
10.0.2.0
10.0.3.3
1129 28
80000001
1562
Sum-Net
10.0.1.0
10.0.3.3
1129 28
80000001
3124
Sum-Net
10.0.5.0
10.0.5.5
861 28
80000001
Sum-Net
10.0.23.0
10.0.3.3
1129 28
80000001
0
Area: 0.0.0.1
0 1562
The routes to 10.0.4.0/24 and 10.0.14.0/24 are not found in the routing table of R5. However, the route to the Loopback 0 interface of R3 is found. R3 has a physical interface connected to area 0 and therefore it can exchange routing information with other routers in area 0. R3 does not add a route to its routing table if the route is learned from a Type 3 LSA that is sent from a non-backbone area. The Loopback 0 interface of R5 is in area 0 and its link type is StubNet in OSPF route calculation. View the Type 1 LSA generated by R3. [R3]display ospf lsdb router 10.0.3.3
OSPF Process 1 with Router ID 10.0.3.3 Area: 0.0.0.0 Link State Database
Type
: Router
Ls id
: 10.0.3.3
Adv rtr
: 10.0.3.3
Ls age
: 732
134
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Len
: 60
Options
: ABR E
seq#
: 80000158
chksum
: 0xde39
Link count: 3 * Link ID: 10.0.3.3 Data
: 255.255.255.255
Link Type: StubNet Metric : 0 Priority : Medium * Link ID: 10.0.2.2 Data
: 10.0.23.3
Link Type: P-2-P Metric : 1562 * Link ID: 10.0.23.0 Data
: 255.255.255.0
Link Type: StubNet Metric : 1562 Priority : Low
The preceding information shows that the link between R3 and R2 is a point-to-point (P2P) link. Routers with P2P, TransNet, or virtual links exchange information with other routes. Therefore, a router that is connected to a backbone area through any of these types of links does not add a route to its routing table if this route is learned from a Type 3 LSA that is sent from a non-backbone area. [R5]display ospf lsdb router 10.0.5.5
OSPF Process 1 with Router ID 10.0.5.5 Area: 0.0.0.0 Link State Database
Type
: Router
Ls id
: 10.0.5.5
Adv rtr
: 10.0.5.5
Ls age
: 583
Len
: 36
Options
: ABR E
seq#
: 80000040
chksum
: 0x6d69
Link count: 1
HC Series
HUAWEI TECHNOLOGIES
135
HCNP-IERN Chapter 2 Implementing OSPF design structures * Link ID: 10.0.5.5 Data
: 255.255.255.255
Link Type: StubNet Metric : 0 Priority : Medium
On R5, only the Loopback 0 interface is in the backbone area. In the LSA that describes this interface, the link type is StubNet, which indicates that the interface does not connect to other routers. Then, R5 receives Type 3 LSAs from non-backbone areas.
Step 4 Connect the two parts of area 0. Configure a VC between R3 and R5. The value of vlink-peer is the router ID of the peer ABR. [R3]ospf 1 [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]vlink-peer 10.0.5.5
[R5]ospf [R5-ospf-1]area 1 [R5-ospf-1-area-0.0.0.1]vlink-peer 10.0.3.3
Check whether the VC neighbor is in the Full state. [R3]display ospf vlink
OSPF Process 1 with Router ID 10.0.3.3 Virtual Links
Virtual-link Neighbor-id -> 10.0.5.5, Neighbor-State: Full
Interface: 10.0.35.3 (Serial3/0/0) Cost: 1562 State: P-2-P Type: Virtual Transit Area: 0.0.0.1 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1 GR State: Normal
Observe the changes of routing information. [R3]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib
136
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 4
Routes : 4
OSPF routing table status : Destinations : 4
Destination/Mask
Routes : 4
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.2.0/24 OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.5.0/24 OSPF
10
1562
D
10.0.35.5
Serial3/0/0
10.0.12.0/24 OSPF
10
3124
D
10.0.23.2
Serial2/0/0
OSPF routing table status : Destinations : 0
Routes : 0
View the routing table of R3. The route 10.0.5.0/24 is found. Test the network connectivity. R3 can communicate with the network segment to which the Loopback 0 interface of R5 connects. [R3]ping -c 1 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=255 time=34 ms
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
View the LSDB of R3. dis ospf lsdb
OSPF Process 1 with Router ID 10.0.3.3 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Router
10.0.5.5
10.0.5.5
1098 48
80000005
0
Router
10.0.3.3
10.0.3.3
1096 72
80000008
0
Router
10.0.2.2
10.0.2.2
920 60
80000006
0
HC Series
Age Len
HUAWEI TECHNOLOGIES
Sequence
Metric
137
HCNP-IERN Chapter 2 Implementing OSPF design structures Sum-Net
10.0.35.0
10.0.3.3
830 28
80000002
1562
Sum-Net
10.0.35.0
10.0.5.5
565 28
80000002
1562
Sum-Net
10.0.12.0
10.0.2.2
1124 28
80000002
1562
Sum-Net
10.0.1.0
10.0.2.2
1110 28
80000002
1562
Sequence
Metric
Area: 0.0.0.1 Type
LinkState ID
AdvRouter
Age Len
Router
10.0.5.5
10.0.5.5
1098 48
80000004
1562
Router
10.0.3.3
10.0.3.3
1096 48
80000003
1562
Sum-Net
10.0.12.0
10.0.3.3
830 28
80000002
3124
Sum-Net
10.0.3.0
10.0.3.3
831 28
80000002
0
Sum-Net
10.0.2.0
10.0.3.3
831 28
80000002
1562
Sum-Net
10.0.1.0
10.0.3.3
831 28
80000002
3124
Sum-Net
10.0.5.0
10.0.5.5
566 28
80000002
0
Sum-Net
10.0.23.0
10.0.3.3
831 28
80000002
1562
R3 receives two Type 1 LSAs from R5. The first LSA is received in area 0 and the VC belongs to area 0. Therefore, the LSA is actually learned through the VC. The other LSA is learned in area 1 and exists before the VC is configured. The route 10.0.5.0/24 is calculated based on the LSA learned from area 0. View details about the Type 1 LSA 10.0.5.5 in the LSDB of R3. [R3]display ospf lsdb router 10.0.5.5
OSPF Process 1 with Router ID 10.0.3.3 Area: 0.0.0.0 Link State Database
Type
: Router
Ls id
: 10.0.5.5
Adv rtr
: 10.0.5.5
Ls age
: 621
Len
: 48
Options
: ABR E
seq#
: 80000005
chksum
: 0x1291
Link count: 2 * Link ID: 10.0.5.0 Data
: 255.255.255.0
Link Type: StubNet
138
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Metric : 0 Priority : Low * Link ID: 10.0.3.3 Data
: 10.0.35.5
Link Type: Virtual Metric : 1562 Area: 0.0.0.1 Link State Database
Type
: Router
Ls id
: 10.0.5.5
Adv rtr
: 10.0.5.5
Ls age
: 621
Len
: 48
Options
: ABR VIRTUAL E
seq#
: 80000004
chksum
: 0x3530
Link count: 2 * Link ID: 10.0.3.3 Data
: 10.0.35.5
Link Type: P-2-P Metric : 1562 * Link ID: 10.0.35.0 Data
: 255.255.255.0
Link Type: StubNet Metric : 1562 Priority : Low
The LSA describes the network segment 10.0.5.0/24 and therefore this route exists on R3. The Type 1 LSA learned from area 1 describes the network segment that interconnects R3 and R5. View the LSDB of R5. [R5]display ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Router
10.0.5.5
10.0.5.5
577 48
80000005
0
Router
10.0.3.3
10.0.3.3
577 72
80000008
0
HC Series
Age Len
HUAWEI TECHNOLOGIES
Sequence
Metric
139
HCNP-IERN Chapter 2 Implementing OSPF design structures Router
10.0.2.2
10.0.2.2
401 60
80000006
0
Sum-Net
10.0.35.0
10.0.5.5
45 28
80000002
1562
Sum-Net
10.0.35.0
10.0.3.3
312 28
80000002
1562
Sum-Net
10.0.12.0
10.0.2.2
606 28
80000002
1562
Sum-Net
10.0.1.0
10.0.2.2
593 28
80000002
1562
Age Len
Sequence
Metric
Area: 0.0.0.1 Type
LinkState ID
AdvRouter
Router
10.0.5.5
10.0.5.5
578 48
80000004
1562
Router
10.0.3.3
10.0.3.3
578 48
80000003
1562
Sum-Net
10.0.12.0
10.0.3.3
313 28
80000002
3124
Sum-Net
10.0.3.0
10.0.3.3
313 28
80000002
0
Sum-Net
10.0.2.0
10.0.3.3
313 28
80000002
1562
Sum-Net
10.0.1.0
10.0.3.3
313 28
80000002
3124
Sum-Net
10.0.5.0
10.0.5.5
46 28
80000002
Sum-Net
10.0.23.0
10.0.3.3
313 28
80000002
0 1562
The preceding information is the same as that in the LSDB of R3. After a VC is configured between R3 and R5, both routers have interfaces in area 0 and therefore their LSDBs are synchronous.
Step 5 Connect area 3 to area 0 through a VC. Configure a VC between R1 and R2. [R1]ospf 1 [R1-ospf-1]area 2 [R1-ospf-1-area-0.0.0.2]vlink-peer 10.0.2.2 [R1-ospf-1-area-0.0.0.2]quit [R1-ospf-1]quit
[R2]ospf [R2-ospf-1]area 2 [R2-ospf-1-area-0.0.0.2]vlink-peer 10.0.1.1 [R2-ospf-1-area-0.0.0.2]quit [R2-ospf-1]quit
Check the routing table of R4. [R4]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF
140
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Destinations : 7
Routes : 7
OSPF routing table status : Destinations : 7
Destination/Mask
Proto
Routes : 7
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1562
D
10.0.14.1
Serial1/0/0
10.0.2.0/24 OSPF
10
3124
D
10.0.14.1
Serial1/0/0
10.0.3.0/24 OSPF
10
4686
D
10.0.14.1
Serial1/0/0
10.0.5.0/24 OSPF
10
6248
D
10.0.14.1
Serial1/0/0
10.0.12.0/24 OSPF
10
3124
D
10.0.14.1
Serial1/0/0
10.0.23.0/24 OSPF
10
4686
D
10.0.14.1
Serial1/0/0
10.0.35.0/24 OSPF
10
6248
D
10.0.14.1
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The preceding information shows that the routing table of R4 contains all routes of the entire network. Test the network connectivity. [R4]ping -c 1 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=252 time=132 ms
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 132/132/132 ms
View the LSDB of R1. [R1]display ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Router
10.0.5.5
10.0.5.5
419 48
80000006
0
Router
10.0.3.3
10.0.3.3
418 72
80000009
0
HC Series
Age Len
HUAWEI TECHNOLOGIES
Sequence
Metric
141
HCNP-IERN Chapter 2 Implementing OSPF design structures Router
10.0.2.2
10.0.2.2
232 72
8000000A
0
Router
10.0.1.1
10.0.1.1
233 36
80000001
1562
Sum-Net
10.0.35.0
10.0.3.3
151 28
80000003
1562
Sum-Net
10.0.35.0
10.0.5.5
1687 28
80000002
1562
Sum-Net
10.0.14.0
10.0.1.1
291 28
80000001
1562
Sum-Net
10.0.12.0
10.0.1.1
291 28
80000001
1562
Sum-Net
10.0.12.0
10.0.2.2
444 28
80000003
1562
Sum-Net
10.0.1.0
10.0.1.1
291 28
80000001
0
Sum-Net
10.0.1.0
10.0.2.2
430 28
80000003
1562
Sum-Net
10.0.4.0
10.0.1.1
291 28
80000001
1562
Age Len
Sequence
Metric
Area: 0.0.0.2 Type
LinkState ID
AdvRouter
Router
10.0.2.2
10.0.2.2
235 48
80000005
1562
Router
10.0.1.1
10.0.1.1
234 60
80000009
0
Sum-Net
10.0.35.0
10.0.2.2
151 28
80000003
3124
Sum-Net
10.0.14.0
10.0.1.1
291 28
80000001
1562
Sum-Net
10.0.3.0
10.0.2.2
234 28
80000003
1562
Sum-Net
10.0.2.0
10.0.2.2
443 28
80000003
0
Sum-Net
10.0.5.0
10.0.2.2
402 28
80000002
3124
Sum-Net
10.0.4.0
10.0.1.1
292 28
80000001
1562
Sum-Net
10.0.23.0
10.0.2.2
286 28
80000003
1562
Age Len
Sequence
Metric
Area: 0.0.0.3 Type
LinkState ID
AdvRouter
Router
10.0.4.4
10.0.4.4
1193 60
80000005
0
Router
10.0.1.1
10.0.1.1
292 48
80000004
1562
Sum-Net
10.0.35.0
10.0.1.1
292 28
80000001
4686
Sum-Net
10.0.12.0
10.0.1.1
294 28
80000001
1562
Sum-Net
10.0.3.0
10.0.1.1
294 28
80000001
3124
Sum-Net
10.0.2.0
10.0.1.1
294 28
80000001
1562
Sum-Net
10.0.1.0
10.0.1.1
294 28
80000001
0
Sum-Net
10.0.5.0
10.0.1.1
294 28
80000001
4686
Sum-Net
10.0.23.0
10.0.1.1
294 28
80000001
3124
After the VC is configured, R1 receives LSAs from area 0 and therefore area 0 and area 3 can exchange routing information. R1 advertises the routing information about area 0 to area 3 through Type 3 LSAs. View the LSDB of R4. [R4]display ospf lsdb
142
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
OSPF Process 1 with Router ID 10.0.4.4 Link State Database
Area: 0.0.0.3 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.4.4
10.0.4.4
1303 60
80000005
0
Router
10.0.1.1
10.0.1.1
404 48
80000004
1562
Sum-Net
10.0.35.0
10.0.1.1
404 28
80000001
4686
Sum-Net
10.0.12.0
10.0.1.1
404 28
80000001
1562
Sum-Net
10.0.3.0
10.0.1.1
404 28
80000001
3124
Sum-Net
10.0.2.0
10.0.1.1
404 28
80000001
1562
Sum-Net
10.0.1.0
10.0.1.1
405 28
80000001
0
Sum-Net
10.0.5.0
10.0.1.1
405 28
80000001
4686
Sum-Net
10.0.23.0
10.0.1.1
405 28
80000001
3124
R4 learns the Type 3 LSAs advertised by R1. The routing table of R4 contains routes of other areas.
Step 6 Configure inter-area route filtering. Restrict the advertisement of the route 10.0.4.0/24 so that R1 can learn this route but R2, R3, and R5 cannot. Configure an access control list (ACL). [R1]acl number 2000 [R1-acl-basic-2000]rule deny source 10.0.4.0 0.0.0.255 [R1-acl-basic-2000]rule permit
Configure R1 to filter Type 3 LSAs. R1 is configured to filter Type 3 LSAs that are sent from area 3 to advertise route updates to other areas. [R1]ospf 1 [R1-ospf-1]area 3 [R1-ospf-1-area-0.0.0.3]filter 2000 export
View route filtering status on R2. [R2]dis ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 5
HC Series
Routes : 5
HUAWEI TECHNOLOGIES
143
HCNP-IERN Chapter 2 Implementing OSPF design structures
OSPF routing table status : Destinations : 5
Destination/Mask
Proto
Routes : 5
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1562
D
10.0.12.1
Serial1/0/0
10.0.3.0/24 OSPF
10
1562
D
10.0.23.3
Serial2/0/0
10.0.5.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
10.0.14.0/24 OSPF
10
3124
D
10.0.12.1
Serial1/0/0
10.0.35.0/24 OSPF
10
3124
D
10.0.23.3
Serial2/0/0
OSPF routing table status : Destinations : 0
Routes : 0
R2 cannot learn the route 10.0.4.0/24. However, this route is found in the routing table of R1. This is because R1 and R4 are in the same area and R4 advertises this route to R1 through a Type 1 LSA. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 6
Routes : 6
OSPF routing table status : Destinations : 6
Destination/Mask
Proto
Routes : 6
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.4.0/24 OSPF
10
1562
D
10.0.14.4
Serial3/0/0
10.0.5.0/24 OSPF
10
4686
D
10.0.12.2
Serial1/0/0
10.0.23.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.35.0/24 OSPF
10
4686
D
10.0.12.2
Serial1/0/0
OSPF routing table status : Destinations : 0
144
Routes : 0
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Additional Exercises: Analyzing and Verifying Figure out why area 0 must be continuous in OSPF.
Figure out whether Type 1 and Type 2 LSAs can be filtered.
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # acl number 2000 rule 5 deny source 10.0.4.0 0.0.0.255 rule 10 permit # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.1.1 area 0.0.0.0 area 0.0.0.2 network 10.0.1.1 0.0.0.0 network 10.0.12.1 0.0.0.0 vlink-peer 10.0.2.2 area 0.0.0.3 filter 2000 export network 10.0.14.1 0.0.0.0 #
HC Series
HUAWEI TECHNOLOGIES
145
HCNP-IERN Chapter 2 Implementing OSPF design structures return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.2.2 area 0.0.0.0 network 10.0.23.2 0.0.0.0 network 10.0.2.2 0.0.0.0 area 0.0.0.2 network 10.0.12.2 0.0.0.0 vlink-peer 10.0.1.1 # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 # interface LoopBack0
146
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures ip address 10.0.3.3 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.3.3 area 0.0.0.0 network 10.0.3.3 0.0.0.0 network 10.0.23.3 0.0.0.0 area 0.0.0.1 network 10.0.35.3 0.0.0.0 vlink-peer 10.0.5.5 # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.4.4 area 0.0.0.3 network 10.0.14.4 0.0.0.0 network 10.0.4.4 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R5 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 # interface LoopBack0
HC Series
HUAWEI TECHNOLOGIES
147
HCNP-IERN Chapter 2 Implementing OSPF design structures ip address 10.0.5.5 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.5.5 area 0.0.0.0 network 10.0.5.5 0.0.0.0 area 0.0.0.1 network 10.0.35.5 0.0.0.0 vlink-peer 10.0.3.3 # Return
148
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Lab 2-6 OSPF Troubleshooting Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Troubleshoot the mismatch of area IDs in single-area Open
Shortest Path First (OSPF). •
Troubleshoot subnet mask errors in single-area OSPF.
•
Troubleshoot the fault that the interval for sending Hello packets
is different on routers in single-area OSPF. •
Troubleshoot router ID conflicts in single-area OSPF.
•
Troubleshoot OSPF authentication faults.
•
Troubleshoot OSPF route summarization faults.
•
Troubleshoot virtual circuit (VC) faults.
Topology
Figure 2-6 OSPF troubleshooting HC Series
HUAWEI TECHNOLOGIES
149
HCNP-IERN Chapter 2 Implementing OSPF design structures
Scenario Assume that you are a network administrator of a company that uses OSPF for its network. OSPF provides powerful functions but its configurations are complex. In network planning, OSPF features and virtual links are used. Many network communication problems occur in implementation. The problems are finally resolved and the network resumes normal.
Tasks Step 1 Perform basic configurations and IP addressing. Configure IP addresses and subnet masks for all routers. The subnet masks of all loopback interfaces contain 24 binary digits to simulate an independent network segment. system-view Enter system view, return user view with Ctrl+Z. [R1]int Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]interface LoopBack 0 [R1-LoopBack0]ip address 10.1.1.1 24
system-view Enter system view, return user view with Ctrl+Z. [R2]int Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 24 [R2-Serial2/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24
To simulate an error, set the IP address of the G0/0/0 interface of R3 to 10.0.75.3/25 and the IP addresses of other interfaces according to the topology. system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 24
150
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R3-Serial2/0/0]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]ip address 10.0.75.3 25 [R3-GigabitEthernet0/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 24
system-view Enter system view, return user view with Ctrl+Z. [R4]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ip address 10.0.75.4 24 [R4-GigabitEthernet0/0/0]interface LoopBack 0 [R4-LoopBack0]ip address 10.1.4.4 24
system-view Enter system view, return user view with Ctrl+Z. [R5]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.75.5 24 [R5-GigabitEthernet0/0/0]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 24
Test whether direct links are reachable. [R3]ping -c 1 10.0.75.4 PING 10.0.75.4: 56 data bytes, press CTRL_C to break Reply from 10.0.75.4: bytes=56 Sequence=1 ttl=255 time=5 ms
--- 10.0.75.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 5/5/5 ms
[R3]ping -c 1 10.0.75.5 PING 10.0.75.5: 56 data bytes, press CTRL_C to break Reply from 10.0.75.5: bytes=56 Sequence=1 ttl=255 time=5 ms
--- 10.0.75.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 5/5/5 ms
[R3]ping -c 1 10.0.23.2 PING 10.0.23.2: 56 data bytes, press CTRL_C to break
HC Series
HUAWEI TECHNOLOGIES
151
HCNP-IERN Chapter 2 Implementing OSPF design structures Reply from 10.0.23.2: bytes=56 Sequence=1 ttl=255 time=41 ms
--- 10.0.23.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 41/41/41 ms
[R1]ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=37 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 37/37/37 ms
Step 2 Configure multi-area OSPF. Configure the S1/0/0 and Loopback 0 interfaces of R1 to belong to area 2. The IP address of the Loopback 0 interface is used as the ID of R1. Change the network type of the loopback interfaces in all OSPF areas to Broadcast so that OSPF advertises actual subnet masks of the loopback interfaces. [R1]ospf 1 router-id 10.1.1.1 [R1-ospf-1]area 2 [R1-ospf-1-area-0.0.0.2]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.2]network 10.1.1.1 0.0.0.0 [R1-ospf-1-area-0.0.0.2]interface LoopBack 0 [R1-LoopBack0]ospf network-type broadcast
On R2, configure the Loopback 0 and S2/0/0 interfaces to belong to area 1, and S1/0/0 to belong to area 2. The router ID is not specified in static mode when OSPF is enabled on R2. [R2]ospf 1 [R2-ospf-1]area 1 [R2-ospf-1-area-0.0.0.1]network 10.0.23.2 0.0.0.0 [R2-ospf-1-area-0.0.0.1]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.1]area 2
152
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R2-ospf-1-area-0.0.0.2]network 10.0.12.2 0.0.0.0 [R2-ospf-1-area-0.0.0.2]int LoopBack 0 [R2-LoopBack0]ospf network-type broadcast
On R3, configure the Loopback 0 and S2/0/0 interfaces to belong to area 1, and G0/0/0 to belong to area 0. [R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]network 10.0.23.3 0.0.0.0 [R3-ospf-1-area-0.0.0.1]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.75.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]interface LoopBack 0 [R3-LoopBack0]ospf network-type broadcast
On R4, configure the G0/0/0 interface to belong to area 1, and the Loopback 0 interface not to belong to any OSPF areas. When configuring the OSPF process, run the ospf 1 router-id command to set the router ID of R4 to 10.0.5.5. [R4]ospf 1 router-id 10.0.5.5 [R4-ospf-1]area 1 [R4-ospf-1-area-0.0.0.1]network 10.0.75.4 0.0.0.0
On R5, configure the Loopback 0 and G0/0/0 interfaces to belong to area 0. [R5]ospf 1 router-id 10.0.5.5 [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]network 10.0.75.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]interface LoopBack 0 [R5-LoopBack0]ospf network-type broadcast
Step 3 Troubleshoot OSPF faults. View the neighbor list of R4. R4 does not establish neighbor relationships with other routers. [R4]display ospf peer
OSPF Process 1 with Router ID 10.0.5.5
HC Series
HUAWEI TECHNOLOGIES
153
HCNP-IERN Chapter 2 Implementing OSPF design structures
Run the display ospf error command on R3, R4, and R5 to view the OSPF errors. [R3]display ospf error
OSPF Process 1 with Router ID 10.0.3.3 OSPF error statistics
General packet errors: 0
: IP: received my own packet
2450 : Bad packet
0
: Bad version
0
: Bad checksum
1032 : Bad area id
0
: Drop on unnumbered interface
0
: Bad virtual link
0
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
2
: Interface down
0
: Unknown neighbor
2450 : Netmask mismatch
0
: Hello timer mismatch
0
0
: Extern option mismatch
HELLO packet errors:
: Dead timer mismatch
0
: Router id confusion
0
: Virtual neighbor unknown
0
: NBMA neighbor unknown
0
: Invalid Source Address
[R4]display ospf error
OSPF Process 1 with Router ID 10.0.5.5 OSPF error statistics
General packet errors: 0
: IP: received my own packet 1354 : Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
1032 : Bad virtual link
0
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
3
: Interface down
0
: Unknown neighbor
1354 : Netmask mismatch
0
: Hello timer mismatch
0
0
: Extern option mismatch
HELLO packet errors:
: Dead timer mismatch
1155 : Router id confusion
0
: Virtual neighbor unknown
0
0
: Invalid Source Address
: NBMA neighbor unknown
154
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
[R5]display ospf error
OSPF Process 1 with Router ID 10.0.5.5 OSPF error statistics
General packet errors: 0
: IP: received my own packet
1216 : Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
0
: Bad virtual link
0
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
3
: Interface down
0
: Unknown neighbor
1216 : Netmask mismatch
0
: Hello timer mismatch
0
0
: Extern option mismatch
1169 : Router id confusion
0
: Virtual neighbor unknown
0
0
: Invalid Source Address
HELLO packet errors:
: Dead timer mismatch
: NBMA neighbor unknown
The preceding information shows that five types of errors occur on R3, R4, and R5: router ID errors (Router id confusion), subnet mask errors (Netmask mismatch), area ID errors (Bad area id), packet errors (Bad packet), and VC errors (Bad virtual link). Because no VC is configured, VC errors actually indicate area ID errors. If R4 receives an OSPF packet with the area ID 0 over an interface with the area ID 1, R4 considers that this packet is sent through a VC. Actually no VC is configured on R4. Subnet mask errors belong to packet errors. When packet errors occur, rectify subnet mask errors first. First rectify the conflict of router IDs. View the ID of each router to find the routers with the same ID. Or, view system logs by running the display logbuffer command. [R5]display logbuffer Logging buffer configuration and contents: enabled Allowed max buffer size: 1024 Actual buffer size: 512 Channel number: 4, Channel name: logbuffer Dropped messages: 0 Overwritten messages: 0
HC Series
HUAWEI TECHNOLOGIES
155
HCNP-IERN Chapter 2 Implementing OSPF design structures Current messages: 66
Nov 29 2011 13:38:22+00:00 R5 %%01OSPF/4/CONFLICT_ROUTERID_INTF(l)[0]:OSPF Router id conflict is detected on interface. (ProcessId=1, RouterId=10.0.5.5, AreaId=0.0.0.0, InterfaceName=GigabitEthernet0/0/0, IpAddr=10.0.75.5, PacketSrcIp=10.0.75.4)
The preceding information shows that the interface IP address of the router whose ID conflicts with R5 is 10.0.75.4. View the topology and it is found that 10.0.75.4 is the interface IP address of R4. Then view the router ID of R4 and it is found that its ID is the same as that of R5. The area ID of R4 is also incorrect. [R4]display ospf brief
OSPF Process 1 with Router ID 10.0.5.5 OSPF Protocol Information
RouterID: 10.0.5.5
Border Router:
Multi-VPN-Instance is not enabled Global DS-TE Mode: Non-Standard IETF Mode Graceful-restart capability: disabled Helper support capability : not configured Spf-schedule-interval: max 10000ms, start 500ms, hold 1000ms Default ASE parameters: Metric: 1 Tag: 1 Type: 2 Route Preference: 10 ASE Route Preference: 150 SPF Computation Count: 13 RFC 1583 Compatible Retransmission limitation is disabled Area Count: 1
Nssa Area Count: 0
ExChange/Loading Neighbors: 0
Area: 0.0.0.1 Authtype: None
Area flag: Normal
SPF scheduled Count: 2 ExChange/Loading Neighbors: 0
Interface: 10.0.75.4 (GigabitEthernet0/0/0) Cost: 1
State: DR
Type: Broadcast
MTU: 1500
Priority: 1 Designated Router: 10.0.75.4 Backup Designated Router: 0.0.0.0
156
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Change the router ID and area ID of R4. [R4]ospf 1 router-id 10.1.4.4 [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.0.75.4 0.0.0.0
reset ospf process Warning: The OSPF process will be reset. Continue? [Y/N]:y
Run the reset ospf counter command to reset the OSPF counter. Note that this command must be run in the user view. reset ospf counters
Wait for a moment and then run the display ospf error command to check whether the errors are rectified. display ospf error
OSPF Process 1 with Router ID 10.1.4.4 OSPF error statistics
General packet errors: 0
: IP: received my own packet
2
: Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
0
: Bad virtual link
0
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
0
: Interface down
0
: Unknown neighbor
HELLO packet errors: 2
: Netmask mismatch
0
: Hello timer mismatch
0
: Dead timer mismatch
0
: Extern option mismatch
0
: Router id confusion
0
: Virtual neighbor unknown
0
: NBMA neighbor unknown
0
: Invalid Source Address
The preceding information shows that the router ID error and area ID error are rectified but the subnet mask of a router is incorrect. View debugging information on R4 to identify the router with the incorrect subnet mask.
HC Series
HUAWEI TECHNOLOGIES
157
HCNP-IERN Chapter 2 Implementing OSPF design structures terminal debugging Info: Current terminal debugging is on. debugging ospf packet hello Nov 29 2011 14:56:16.720.1+00:00 R4 RM/6/RMDEBUG: FileID: 0xd0178024 Line: 2178 Level: 0x20 OSPF 1: RECV Packet. Interface: GigabitEthernet0/0/0 Nov 29 2011 14:56:16.720.2+00:00 R4 RM/6/RMDEBUG: Source Address: 10.0.75.3 Nov 29 2011 14:56:16.720.3+00:00 R4 RM/6/RMDEBUG: Destination Address: 224.0.0.5 Nov 29 2011 14:56:16.720.4+00:00 R4 RM/6/RMDEBUG: Ver# 2, Type: 1 (Hello) Nov 29 2011 14:56:16.720.5+00:00 R4 RM/6/RMDEBUG: Length: 44, Router: 10.0.3.3 Nov 29 2011 14:56:16.720.6+00:00 R4 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: 9a18 Nov 29 2011 14:56:16.720.7+00:00 R4 RM/6/RMDEBUG: AuType: 00 Nov 29 2011 14:56:16.720.8+00:00 R4 RM/6/RMDEBUG: Key(ascii): 0 0 0 0 0 0 0 0 Nov 29 2011 14:56:16.720.9+00:00 R4 RM/6/RMDEBUG: Net Mask: 255.255.255.128 Nov 29 2011 14:56:16.720.10+00:00 R4 RM/6/RMDEBUG: Hello Int: 10, Option: _E_ Nov 29 2011 14:56:16.720.11+00:00 R4 RM/6/RMDEBUG: Rtr Priority: 1, Dead Int: 40 Nov 29 2011 14:56:16.720.12+00:00 R4 RM/6/RMDEBUG: DR: 10.0.75.3 Nov 29 2011 14:56:16.720.13+00:00 R4 RM/6/RMDEBUG: BDR: 0.0.0.0 Nov 29 2011 14:56:16.730.1+00:00 R4 RM/6/RMDEBUG: # Attached Neighbors: 0
The preceding information shows that the subnet mask carried in the Hello packets sent from 10.0.75.3 is 255.255.255.128. View the topology. The subnet mask of R3 is incorrectly configured. [R3-GigabitEthernet0/0/0]display this [V200R001C00SPC200] # interface GigabitEthernet0/0/0 ip address 10.0.75.3 255.255.255.128 # return [R3-GigabitEthernet0/0/0]ip address 10.0.75.3 24
Reset the OSPF counter again and check for errors. reset ospf counters
display ospf error
OSPF Process 1 with Router ID 10.0.3.3 OSPF error statistics
General packet errors: 158
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures 0
: IP: received my own packet
0
: Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
0
: Bad virtual link
0
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
0
: Interface down
0
: Unknown neighbor
HELLO packet errors: 0
: Netmask mismatch
0
: Hello timer mismatch
0
: Dead timer mismatch
0
: Extern option mismatch
0
: Router id confusion
0
: Virtual neighbor unknown
0
: NBMA neighbor unknown
0
: Invalid Source Address
View the neighbor list of R3. All neighbors are in normal status. [R3]display ospf peer brief
OSPF Process 1 with Router ID 10.0.3.3 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
0.0.0.0
GigabitEthernet0/0/0
Neighbor id 10.1.4.4
State Full
0.0.0.0
GigabitEthernet0/0/0
10.0.5.5
Full
0.0.0.1
Serial2/0/0
10.0.2.2
Full
----------------------------------------------------------------------------
Change the interval for R4 to send Hello packets through the G0/0/0 interface to 5 seconds and observe whether neighbor relationships are established. [R4]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ospf timer hello 5
After about 30 seconds, the neighbors of R4 disappear. [R4]display ospf peer brief
OSPF Process 1 with Router ID 10.1.4.4 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
----------------------------------------------------------------------------
HC Series
HUAWEI TECHNOLOGIES
159
HCNP-IERN Chapter 2 Implementing OSPF design structures
View OSPF errors. [R4]display ospf error
OSPF Process 1 with Router ID 10.1.4.4 OSPF error statistics
General packet errors: 0
: IP: received my own packet
2
: Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
0
: Bad virtual link
0
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
0
: Interface down
0
: Unknown neighbor
HELLO packet errors: 0
: Netmask mismatch
2
: Hello timer mismatch
0
: Dead timer mismatch
0
: Extern option mismatch
0
: Router id confusion
0
: Virtual neighbor unknown
0
: NBMA neighbor unknown
0
: Invalid Source Address
The preceding information shows that the interval for sending Hello packets is incorrect on a router. This indicates that the interval for sending Hello packets must be set to the same value on neighbor routers. Cancel the change of the interval for R4 to send Hello packets. View the neighbor list of R4. [R4-GigabitEthernet0/0/0]undo ospf timer hello [R4]display ospf peer brief
OSPF Process 1 with Router ID 10.1.4.4 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.0
GigabitEthernet0/0/0
10.0.3.3
Full
0.0.0.0
GigabitEthernet0/0/0
10.0.5.5
Full
----------------------------------------------------------------------------
The neighbor relationships with other routers resume.
160
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 4 Troubleshoot OSPF authentication faults. Configure interface-based authentication on R1 and R2. R1 uses plain text authentication and the key is 123. R2 uses MD5 authentication and the key is huawei. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ospf authentication-mode simple plain 123
[R2]interface Serial 1/0/0 [R2-Serial1/0/0]ospf authentication-mode md5 1 plain huawei
An OSPF error is found on R1. [R1-Serial1/0/0]display ospf error
OSPF Process 1 with Router ID 10.1.1.1 OSPF error statistics
General packet errors: 0
: IP: received my own packet
15
: Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
0
: Bad virtual link
15
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
0
: Interface down
0
: Unknown neighbor
Configure R1 to use MD5 authentication and then check for errors. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ospf authentication-mode md5 1 plain 123 [R1-Serial1/0/0]return reset ospf counters display ospf error
OSPF Process 1 with Router ID 10.1.1.1 OSPF error statistics
General packet errors: 0
: IP: received my own packet
1
: Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
HC Series
HUAWEI TECHNOLOGIES
161
HCNP-IERN Chapter 2 Implementing OSPF design structures 0
: Bad virtual link
1
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
0
: Interface down
0
: Unknown neighbor
The OSPF error still exists. Change the key to huawei for R1 and then view the neighbor relationships. [R1]interface Serial 1/0/0 [R1-Serial1/0/0] ospf authentication-mode md5 1 plain huawei [R1-Serial1/0/0]quit [R1]display ospf peer brief
OSPF Process 1 with Router ID 10.1.1.1 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.2
Serial1/0/0
10.0.2.2
Full
----------------------------------------------------------------------------
The preceding information shows that R1 establishes a neighbor relationship with R2.
Step 5 Troubleshoot VC faults. Configure a VC between R2 and R3 for communication between area 2 and area 0. [R2]ospf 1 [R2-ospf-1]area 1 [R2-ospf-1-area-0.0.0.1]vlink-peer 10.0.3.3
[R3]ospf 1 [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]vlink-peer 10.0.2.2
Check whether the VC is configured successfully and whether R1 learns the routes of the entire network. [R2]display ospf vlink
OSPF Process 1 with Router ID 10.0.2.2
162
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Full
Interface: 10.0.23.2 (Serial2/0/0) Cost: 1562 State: P-2-P Type: Virtual Transit Area: 0.0.0.1 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1 GR State: Normal
[R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 5
Routes : 5
OSPF routing table status : Destinations : 5
Destination/Mask
Routes : 5
Proto
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.5.0/24 OSPF
10
3125
D
10.0.12.2
Serial1/0/0
10.0.23.0/24 OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.75.0/24 OSPF
10
3125
D
10.0.12.2
Serial1/0/0
OSPF routing table status : Destinations : 0
Routes : 0
Test the route from R1 to R5 and it is found that this route is reachable. [R1]ping -c 1 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=253 time=81 ms
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 81/81/81 ms
HC Series
HUAWEI TECHNOLOGIES
163
HCNP-IERN Chapter 2 Implementing OSPF design structures
Disable the Loopback 0 interface of R2. [R2]undo interface LoopBack 0
R2 restarts due to an accident. Simulate a restart of R2 by restarting the OSPF process on R2. reset ospf process Warning: The OSPF process will be reset. Continue? [Y/N]:y
Users connected to R1 cannot access routers in other areas. Log in to R1 and it is found that R1 cannot communicate with the Loopback 0 interface of R5. [R1]ping -c 1 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
Check the VC between R2 and R3. The VC is in abnormal status and the router ID of R2 changes. [R2]display ospf vlink
OSPF Process 1 with Router ID 10.0.23.2 Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Down
Interface: 10.0.23.2 (Serial2/0/0) Cost: 1562 State: P-2-P Type: Virtual Transit Area: 0.0.0.1 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1 GR State: Normal
The VC is established based on the router ID of R2. The VC is faulty because the router ID of R2 changes. Typically, the ID of a router is specified when the OSPF process is started on the router. This is to ensure that the router ID does not change. 164
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Set the router ID of R2 to 10.0.2.2 and enable the Loopback 0 interface of R2. Then restart the OSPF process. [R2]ospf 1 router-id 10.0.2.2 Info: The configuration succeeded. You need to restart the OSPF process to validate the new router ID. [R2-ospf-1]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24 [R2-LoopBack0]quit reset ospf process Warning: The OSPF process will be reset. Continue? [Y/N]:y
View the status of the VC. [R2]display ospf vlink
OSPF Process 1 with Router ID 10.0.2.2 Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Full
Interface: 10.0.23.2 (Serial2/0/0) Cost: 1562 State: P-2-P Type: Virtual Transit Area: 0.0.0.1 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1 GR State: Normal
The VC resumes normal. To ensure security, area-based authentication is enabled in area 0 and MD5 is used to encrypt packets. The key is huawei. [R3]ospf 1 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]authentication-mode md5 1 plain huawei
[R4]ospf 1 [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]authentication-mode md5 1 plain huawei
[R5]ospf 1 [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]authentication-mode md5 1 plain huawei
It is found that users in area 2 cannot access routers in other areas. HC Series
HUAWEI TECHNOLOGIES
165
HCNP-IERN Chapter 2 Implementing OSPF design structures
Check the VC and it is found faulty. [R2]dis ospf vlink
OSPF Process 1 with Router ID 10.0.2.2 Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Down
Interface: 10.0.23.2 (Serial2/0/0) Cost: 1562 State: P-2-P Type: Virtual Transit Area: 0.0.0.1 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
Check for OSPF errors and an authentication error is found. [R2]display ospf error
OSPF Process 1 with Router ID 10.0.2.2 OSPF error statistics
General packet errors: 0
: IP: received my own packet
2
: Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
0
: Bad virtual link
2
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
0
: Interface down
0
: Unknown neighbor
HELLO packet errors: 0
: Netmask mismatch
0
: Hello timer mismatch
0
: Dead timer mismatch
0
: Extern option mismatch
0
: Router id confusion
0
: Virtual neighbor unknown
0
: NBMA neighbor unknown
0
: Invalid Source Address
The OSPF VC belongs to area 0. If area-based authentication is enabled in area 0, it must also be enabled on the VC. [R2]ospf [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]authentication-mode md5 1 plain huawei
The VC resumes normal and R1 can access other areas. 166
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R2]display ospf vlink
OSPF Process 1 with Router ID 10.0.2.2 Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Full
Interface: 10.0.23.2 (Serial2/0/0) Cost: 1562 State: P-2-P Type: Virtual Transit Area: 0.0.0.1 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1 GR State: Normal
[R1]ping -c 1 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=253 time=73 ms
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 73/73/73 ms
Step 6 Troubleshoot OSPF route summarization faults. On R4, import the IP address of the Loopback 0 interface as an external route and summarize the route. The subnet mask of the summarized route contains 16 binary digits. [R4]ospf [R4-ospf-1]import-route direct [R4-ospf-1]asbr-summary 10.1.0.0 255.255.0.0
After a period of time, configure inter-area route summarization on R2 so that the network segment to which the Loopback 0 interface of R1 connects is summarized as a route with a 16-bit subnet mask. [R2]ospf [R2-ospf-1]area 2 [R2-ospf-1-area-0.0.0.2]abr-summary 10.1.0.0 255.255.0.0
Except the users connected to R4, other users cannot access the Loopback 0 interface (IP address: 10.1.4.4) of R4. HC Series
HUAWEI TECHNOLOGIES
167
HCNP-IERN Chapter 2 Implementing OSPF design structures
View the routing table of R5, which is in the same area as R4. It is found that the route to 10.1.4.4 is 10.1.0.0/16, but the next hop of this route is 10.0.75.3. Why is this incorrect route added to the routing table of R5? [R5]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 5
Routes : 5
OSPF routing table status : Destinations : 5
Destination/Mask
Proto
Routes : 5
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1563
D
10.0.75.3
GigabitEthernet0/0/0
10.0.3.0/24 OSPF
10
1
D
10.0.75.3
GigabitEthernet0/0/0
10.0.12.0/24 OSPF
10
3125
D
10.0.75.3
GigabitEthernet0/0/0
10.0.23.0/24 OSPF
10
1563
D
10.0.75.3
GigabitEthernet0/0/0
10.1.0.0/16 OSPF
10
3125
D
10.0.75.3
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
View the link state database (LSDB) of R5. [R5]display ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5 Link State Database
Area: 0.0.0.0 Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
Router
10.0.5.5
10.0.5.5
214 48
80000025
0
Router
10.0.3.3
10.0.3.3
1246 48
80000024
1
Router
10.0.2.2
10.0.2.2
1247 36
80000005
1562
Router
10.1.4.4
10.1.4.4
648 36
8000000D
Network
10.0.75.4
10.1.4.4
206 36
1
80000004
0
Sum-Net
10.0.12.0
10.0.2.2
916 28
80000002
Sum-Net
10.0.3.0
10.0.3.3
893 28
80000008
0
Sum-Net
10.0.3.0
10.0.2.2
916 28
80000002
1562
Sum-Net
10.0.2.0
10.0.3.3
919 28
80000003
1562
168
HUAWEI TECHNOLOGIES
1562
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures Sum-Net
10.0.2.0
10.0.2.2
916 28
80000002
0
Sum-Net
10.1.0.0
10.0.2.2
538 28
80000001
1562
Sum-Net
10.0.23.0
10.0.3.3
893 28
80000008
1562
Sum-Net
10.0.23.0
10.0.2.2
917 28
80000002
1562
AS External Database Type
LinkState ID
AdvRouter
Age Len
Sequence
Metric
External
10.0.75.0
10.1.4.4
649 36
80000001
1
External
10.1.0.0
10.1.4.4
620 36
80000001
2
There are two LSAs that describe 10.1.0.0. View details about the LSAs. The following Type 3 LSA is originated from R2 and the Type 5 LSA is originated from R5. The two LSAs describe the same network segment. [R5]display ospf lsdb summary 10.1.0.0
OSPF Process 1 with Router ID 10.0.5.5 Area: 0.0.0.0 Link State Database
Type
: Sum-Net
Ls id
: 10.1.0.0
Adv rtr
: 10.0.2.2
Ls age
: 767
Len
: 28
Options
: E
seq#
: 80000001
chksum
: 0xa380
Net mask : 255.255.0.0 Tos 0 metric: 1562 Priority : Low
[R5]display ospf lsdb ase 10.1.0.0
OSPF Process 1 with Router ID 10.0.5.5 Link State Database
Type
: External
Ls id
: 10.1.0.0
Adv rtr
: 10.1.4.4
HC Series
HUAWEI TECHNOLOGIES
169
HCNP-IERN Chapter 2 Implementing OSPF design structures Ls age
: 871
Len
: 36
Options
: E
seq#
: 80000001
chksum
: 0xe3cd
Net mask : 255.255.0.0 TOS 0 Metric: 2 E type
: 2
Forwarding Address : 0.0.0.0 Tag
: 1
Priority : Low
In OSPF, Type 3 LSAs always take precedence over Type 5 LSAs. Therefore, the next hop of the route 10.1.0.0/16 in the routing table of R5 is R3. To avoid such problems, disable the function of summarizing external routes on R4. Then, this route is added to the routing tables of other routers. [R4-ospf-1]undo asbr-summary 10.1.0.0 255.255.0.0
[R5]display ip routing-table protocol os Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 6
Routes : 6
OSPF routing table status : Destinations : 6
Destination/Mask
Proto
Routes : 6
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1563
D
10.0.75.3
GigabitEthernet0/0/0
10.0.3.0/24 OSPF
10
1
D
10.0.75.3
GigabitEthernet0/0/0
10.0.12.0/24 OSPF
10
3125
D
10.0.75.3
GigabitEthernet0/0/0
10.0.23.0/24 OSPF
10
1563
D
10.0.75.3
GigabitEthernet0/0/0
10.1.0.0/16 OSPF
10
3125
D
10.0.75.3
GigabitEthernet0/0/0
10.1.4.4/24 O_ASE
150 1
D
10.0.75.4
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
170
Routes : 0
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
The preceding information shows that R5 learns the route 10.1.4.4/24 correctly. On R1, test whether the route is reachable. [R1]ping -c 1 10.1.4.4 PING 10.1.4.4: 56 data bytes, press CTRL_C to break Reply from 10.1.4.4: bytes=56 Sequence=1 ttl=253 time=71 ms
--- 10.1.4.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 71/71/71 ms
The preceding information shows that the network resumes normal.
Additional Exercises: Analyzing and Verifying Figure out whether area-based authentication and interface-based authentication can be enabled concurrently in an area. Figure out whether area IDs of non-backbone areas can be the same.
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 ospf authentication-mode md5 1 plain huawei # interface LoopBack0 ip address 10.1.1.1 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.1.1.1 area 0.0.0.2 network 10.0.12.1 0.0.0.0 network 10.1.1.1 0.0.0.0 #
HC Series
HUAWEI TECHNOLOGIES
171
HCNP-IERN Chapter 2 Implementing OSPF design structures return display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 ospf authentication-mode md5 1 plain huawei # interface LoopBack0 ip address 10.0.2.2 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.2.2 area 0.0.0.0 authentication-mode md5 1 plain huawei area 0.0.0.1 network 10.0.23.2 0.0.0.0 network 10.0.2.2 0.0.0.0 vlink-peer 10.0.3.3 area 0.0.0.2 abr-summary 10.1.0.0 255.255.0.0 network 10.0.12.2 0.0.0.0 # return display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.75.3 255.255.255.0 # interface LoopBack0
172
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures ip address 10.0.3.3 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.3.3 area 0.0.0.0 authentication-mode md5 1 plain huawei network 10.0.75.3 0.0.0.0 area 0.0.0.1 network 10.0.23.3 0.0.0.0 network 10.0.3.3 0.0.0.0 vlink-peer 10.0.2.2 # return display current-configuration [V200R001C00SPC200] # sysname R4 # interface GigabitEthernet0/0/0 ip address 10.0.75.4 255.255.255.0 # interface LoopBack0 ip address 10.1.4.4 255.255.255.0 # ospf 1 router-id 10.1.4.4 import-route direct area 0.0.0.0 authentication-mode md5 1 plain huawei network 10.0.75.4 0.0.0.0 # return display current-configuration [V200R001C00SPC200] # sysname R5 # interface GigabitEthernet0/0/0 ip address 10.0.75.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.0
HC Series
HUAWEI TECHNOLOGIES
173
HCNP-IERN Chapter 2 Implementing OSPF design structures ospf network-type broadcast # ospf 1 router-id 10.0.5.5 area 0.0.0.0 authentication-mode md5 1 plain huawei network 10.0.75.5 0.0.0.0 network 10.0.5.5 0.0.0.0 # Return
174
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Lab 2-7 Advanced OSPF Features Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Configure OSPF neighbors on the non-broadcast multi-access
(NBMA) network. •
Control designated router (DR) election on the NBMA network.
•
Configure OSPF to work in NBMA mode.
•
Configure OSPF to work in Broadcast mode on a frame relay (FR)
network. •
Configure OSPF to work in point-to-multipoint (P2MP) mode on
an FR network. •
Configure OSPF to work in P2MP-P2P hybrid mode.
•
Configure OSPF to work in point-to-point (P2P) mode.
HC Series
HUAWEI TECHNOLOGIES
175
HCNP-IERN Chapter 2 Implementing OSPF design structures
Topology
Figure 2-7 Advanced OSPF features
Scenario Assume that you are a network administrator of a company that uses OSPF for its network. The company has three branches, in which R1, R2, and R3 are deployed respectively. A virtual circuit (VC) is rent between R1 and R2, and between R1 and R3 to reduce the costs. No VC is rent between R2 and R3. Enable OSPF on the NBMA network and observe the running status of OSPF. Then change the network type to Broadcast, P2MP, P2MP-P2P hybrid, and P2P, and observe the running status of OSPF.
Tasks Step 1 Perform FR interconnection configurations and IP addressing. Configure IP addresses and subnet masks for all routers. The subnet masks of all loopback interfaces contain 24 binary digits to simulate an independent network segment.
176
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
By default, the inverse FR Address Resolution Protocol (ARP) feature is enabled on routers. Disable this feature manually and establish APR mapping between R1 and R2, and between R1 and R3. By default, the FR line does not allow broadcast packets to pass through. To enable OSPF neighbor discovery, add the Broadcast parameter when mapping the FR address. This is to allow broadcast packets to pass through an FR line. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 2/0/0 [R1-Serial2/0/0]link-protocol fr Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y [R1-Serial2/0/0]ip address 10.0.123.1 24 [R1-Serial2/0/0]undo fr inarp [R1-Serial2/0/0]fr map ip 10.0.123.2 102 broadcast [R1-Serial2/0/0]fr map ip 10.0.123.3 103 broadcast [R1-Serial2/0/0]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 24
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 3/0/0 [R2-Serial3/0/0]link-protocol fr Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y [R2-Serial3/0/0]ip address 10.0.123.2 24 [R2-Serial3/0/0]undo fr inarp [R2-Serial3/0/0]fr map ip 10.0.123.1 201 broadcast [R2-Serial3/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24
system-view Enter system view, return user view with Ctrl+Z. [R3]interface s1/0/0 [R3-Serial1/0/0]link-protocol fr Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y [R3-Serial1/0/0]ip address 10.0.123.3 24 [R3-Serial1/0/0]undo fr inarp [R3-Serial1/0/0]fr map ip 10.0.123.1 301 broadcast [R3-Serial1/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 24
Run the display fr map-info command to view the FR address HC Series
HUAWEI TECHNOLOGIES
177
HCNP-IERN Chapter 2 Implementing OSPF design structures
mapping table. Then test the link connectivity. [R1]display fr map-info Map Statistics for interface Serial2/0/0 (DTE) DLCI = 102, IP 10.0.123.2, Serial2/0/0 create time = 2011/11/30 09:06:43, status = ACTIVE encapsulation = ietf, vlink = 3, broadcast DLCI = 103, IP 10.0.123.3, Serial2/0/0 create time = 2011/11/30 09:06:53, status = ACTIVE encapsulation = ietf, vlink = 4, broadcast
[R1]ping -c 1 10.0.123.2 PING 10.0.123.2: 56 data bytes, press CTRL_C to break Reply from 10.0.123.2: bytes=56 Sequence=1 ttl=255 time=66 ms
--- 10.0.123.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 66/66/66 ms
[R1]ping -c 1 10.0.123.3 PING 10.0.123.3: 56 data bytes, press CTRL_C to break Reply from 10.0.123.3: bytes=56 Sequence=1 ttl=255 time=56 ms
--- 10.0.123.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 56/56/56 ms
Step 2 Configure OSPF to work in NBMA mode. Configure 10.0.123.0/24 and the Loopback 0 interfaces of all routers to belong to OSPF area 0. Change the network type of the Loopback 0 interfaces of all routers to Broadcast. The IP addresses of the Loopback 0 interfaces are used as router IDs. Note that the wildcard mask 0.0.0.0 is used when you use the network command. According to OSPF, the default network type is NBMA on an FR
178
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
network. OSPF neighbors must be manually configured on an NBMA network. After configuration, check the neighbor relationships between routers. [R1]ospf 1 router-id 10.0.123.1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.123.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]quit [R1-ospf-1]peer 10.0.123.2 [R1-ospf-1]peer 10.0.123.3 [R1-ospf-1]interface LoopBack 0 [R1-LoopBack0]ospf network-type broadcast
[R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.123.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]quit [R2-ospf-1]peer 10.0.123.1 [R2-ospf-1]int LoopBack 0 [R2-LoopBack0]ospf network-type broadcast
[R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.123.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]quit [R3-ospf-1]peer 10.0.123.1 [R3-ospf-1]interface LoopBack 0 [R3-LoopBack0]ospf network-type broadcast
R1 is the DR on the network segment 10.0.123.0 because OSPF is enabled on R1 first. Run the reset ospf process command to restart the OSPF process on R1. reset ospf process Warning: The OSPF process will be reset. Continue? [Y/N]:y
[R2]display ospf peer
OSPF Process 1 with Router ID 10.0.2.2 Neighbors
HC Series
HUAWEI TECHNOLOGIES
179
HCNP-IERN Chapter 2 Implementing OSPF design structures Area 0.0.0.0 interface 10.0.123.2(Serial3/0/0)'s neighbors Router ID: 10.0.123.1
Address: 10.0.123.1
State: Full Mode:Nbr is Master Priority: 1 DR: 10.0.123.2 BDR: 10.0.123.1 MTU: 0 Dead timer due in 93 sec Retrans timer interval: 6 Neighbor is up for 00:01:23 Authentication Sequence: [ 0 ]
The preceding information shows that R2 becomes the DR. View the routing table of R2. [R2]dis ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 1
Routes : 1
OSPF routing table status : Destinations : 1
Destination/Mask
Proto
10.0.1.0/24 OSPF
Routes : 1
Pre Cost
10
Flags NextHop
1562
D
10.0.123.1
Interface
Serial3/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The routing table of R2 contains only one OSPF route, that is, the route to the network segment where the Loopback 0 interface of R1 resides. R2 does not learn the route to the network segment where the Loopback 0 interface of R3 resides. The reasons are described as follows: In this experiment, no VC is configured between R2 and R3 and they do not have a direct neighbor relationship. R2 is the DR and the routing information about R3 cannot be forwarded to R2. Therefore, R1 must be the DR all the time. Change the OSPF priorities of the interfaces of R2 and R3 to ensure that R1 is always the DR. In OSPF, a router whose interface priority is 0 cannot be elected as the DR or BDR. [R2]interface s3/0/0 [R2-Serial3/0/0]ospf dr-priority 0
180
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
[R3]interface Serial 1/0/0 [R3-Serial1/0/0]ospf dr-priority 0
View the routing table of R2 and check for missing routes. [R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 2
Routes : 2
OSPF routing table status : Destinations : 2
Destination/Mask
Routes : 2
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1562
D
10.0.123.1
Serial3/0/0
10.0.3.0/24 OSPF
10
1562
D
10.0.123.3
Serial3/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The route to the network segment where the Loopback 0 interface of R3 resides is found in the routing table of R2. Then test whether this route is reachable on R2. [R2]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
R2 cannot access the Loopback 0 interface of R3. View the routing table of R2. The next hop of the route to 10.0.3.3 is 10.0.123.3. Test whether the IP address (10.0.123.3) of the next hop is reachable. [R2]ping -c 1 10.0.123.3 PING 10.0.123.3: 56 data bytes, press CTRL_C to break
HC Series
HUAWEI TECHNOLOGIES
181
HCNP-IERN Chapter 2 Implementing OSPF design structures Request time out
--- 10.0.123.3 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
The IP address 10.0.123.3 is on the same network segment as the interface IP address 10.0.123.2 of R1. View the FR address mapping table. [R2]display fr map-info Map Statistics for interface Serial3/0/0 (DTE) DLCI = 201, IP 10.0.123.1, Serial3/0/0 create time = 2011/11/30 10:03:37, status = ACTIVE encapsulation = ietf, vlink = 1, broadcast
Only the mapping to 10.0.123.1 is found. Add the mapping from R2 to R3 and from R3 to R2 to the FR address mapping table. [R2]interface Serial 3/0/0 [R2-Serial3/0/0]fr map ip 10.0.123.3 201 [R2-Serial3/0/0]quit
[R3]interface Serial 1/0/0 [R3-Serial1/0/0]fr map ip 10.0.123.2 301 [R3-Serial1/0/0]quit
Test whether R2 can access R3. [R2]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=122 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 122/122/122 ms
R2 can access R3.
182
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 3 Configure OSPF to work in broadcast mode. By default, the FR line does not allow broadcast packets to pass through. To transmit Broadcast packets in OSPF areas, the Broadcast parameter is added when interface IP addresses of routers are mapped to FR addresses. This is to allow broadcast packets to pass through an FR line. Configure the network type to Broadcast so that OSPF runs in broadcast mode over FR. [R1]interface Serial 2/0/0 [R1-Serial2/0/0]ospf network-type broadcast
[R2]interface Serial 3/0/0 [R2-Serial3/0/0]ospf network-type broadcast
[R3]interface Serial 1/0/0 [R3-Serial1/0/0]ospf network-type broadcast
Neighbors do not need to be manually configured on the broadcast network. Delete the neighbors manually configured for the OSPF process. [R1]ospf 1 [R1-ospf-1]undo peer 10.0.123.2 [R1-ospf-1]undo peer 10.0.123.3
[R2]ospf 1 [R2-ospf-1]undo peer 10.0.123.1
[R3]ospf 1 [R3-ospf-1]undo peer 10.0.123.1
Check neighbor relationships on R1 and view the routing table of R2. Then test the connectivity between R1 and R2. [R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.123.1 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.0
Serial2/0/0
10.0.2.2
Full
HC Series
HUAWEI TECHNOLOGIES
183
HCNP-IERN Chapter 2 Implementing OSPF design structures 0.0.0.0
Serial2/0/0
10.0.3.3
Full
----------------------------------------------------------------------------
[R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 2
Routes : 2
OSPF routing table status : Destinations : 2
Destination/Mask
Routes : 2
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1562
D
10.0.123.1
Serial3/0/0
10.0.3.0/24 OSPF
10
1562
D
10.0.123.3
Serial3/0/0
OSPF routing table status : Destinations : 0
Routes : 0
The network resumes normal. The next hop of the route to 10.0.3.0/24 is 10.0.123.3. This is the same as the result of setting the network type to NBMA for OSPF. Therefore, FR address mapping between R2 and R3 must be configured for the broadcast network. On R2, test whether the network is normal. [R2]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C
to break
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=114 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 114/114/114 ms
Step 4 Configure OSPF to work in P2MP mode. OSPF neighbors do not need to be manually configured on the P2MP
184
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
network. Change the network type to P2MP for all interfaces and delete the priority configurations for them. The election of the DR and BDR is not required on the P2MP network. [R1]interface Serial 2/0/0 [R1-Serial2/0/0]ospf network-type p2mp
[R2]interface Serial 3/0/0 [R2-Serial3/0/0]undo ospf dr-priority [R2-Serial3/0/0]ospf network-type p2mp
[R3]interface Serial 1/0/0 [R3-Serial1/0/0]undo ospf dr-priority [R3-Serial1/0/0]ospf network-type p2mp
View neighbor relationships on R1. [R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.123.1 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.0
Serial2/0/0
10.0.2.2
Full
0.0.0.0
Serial2/0/0
10.0.3.3
Full
----------------------------------------------------------------------------
View the routing tables of R1 and R2. It is found that routing information is transmitted properly between R1 and R2. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 4
Routes : 4
OSPF routing table status : Destinations : 2
Destination/Mask
Proto
10.0.2.0/24 OSPF
HC Series
Routes : 2
Pre Cost
10
1562
Flags NextHop
D
10.0.123.2
HUAWEI TECHNOLOGIES
Interface
Serial2/0/0
185
HCNP-IERN Chapter 2 Implementing OSPF design structures 10.0.3.0/24 OSPF
10
1562
D
10.0.123.3
Serial2/0/0
OSPF routing table status : Destinations : 2
Destination/Mask
Routes : 2
Proto
Pre Cost
Flags NextHop
Interface
10.0.123.2/32 OSPF
10
1562
10.0.123.2
Serial2/0/0
10.0.123.3/32 OSPF
10
1562
10.0.123.3
Serial2/0/0
[R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 4
Routes : 4
OSPF routing table status : Destinations : 2
Destination/Mask
Routes : 2
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1562
D
10.0.123.1
Serial3/0/0
10.0.3.0/24 OSPF
10
3124
D
10.0.123.1
Serial3/0/0
OSPF routing table status : Destinations : 2
Destination/Mask
Proto
Routes : 2
Pre Cost
Flags NextHop
Interface
10.0.123.1/32 OSPF
10
1562
10.0.123.1
Serial3/0/0
10.0.123.3/32 OSPF
10
3124
10.0.123.1
Serial3/0/0
In the routing table of R2, the next hop of the route to the network segment 10.0.3.0/24 is 10/0/123.1. Therefore, only the FR mapping to this IP address is required. Delete unwanted IP address mapping from R2 and test whether the route is reachable. [R2]interface Serial 3/0/0 [R2-Serial3/0/0]undo fr map ip 10.0.123.3 201
[R3]interface Serial 1/0/0
186
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures [R3-Serial1/0/0]undo fr map ip 10.0.123.2 301
On R2, test whether the route to 10.0.3.0/24 is reachable. If yes, R2 communicates with R3 properly. [R2]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=119 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 119/119/119 ms
View the changes in the routing table of R2 after the FR mapping to 10.0.123.3 is deleted. [R2-Serial3/0/0]disp ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 4
Routes : 4
OSPF routing table status : Destinations : 3
Destination/Mask
Routes : 3
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24
OSPF
10
1562
D
10.0.123.1
Serial3/0/0
10.0.3.0/24
OSPF
10
3124
D
10.0.123.1
Serial3/0/0
10.0.123.3/32
OSPF
10
3124
D
10.0.123.1
Serial3/0/0
OSPF routing table status : Destinations : 1
Destination/Mask
Proto
10.0.123.1/32 OSPF
Routes : 1
Pre Cost
10
1562
Flags NextHop
10.0.123.1
Interface
Serial3/0/0
The route 10.0.123.1/32 is inactive because it is a direct route in the routing table. After the FR mapping to 10.0.123.3 is deleted from the FR, this route becomes an OSPF route in the routing table.
HC Series
HUAWEI TECHNOLOGIES
187
HCNP-IERN Chapter 2 Implementing OSPF design structures
Step 5 Configure OSPF to work in P2MP-P2P hybrid mode. P2MP and P2P can coexist. Change the network type to P2P for R2 and R3. The network type of R1 remains unchanged, that is, P2MP. [R2]interface Serial 3/0/0 [R2-Serial3/0/0]ospf network-type p2p
[R3]interface Serial 1/0/0 [R3-Serial1/0/0]ospf network-type p2p
The preceding information shows that the neighbor relationships between routers disappear and are not established after a period of time. Check for OSPF errors. The intervals for sending Hello packets are different on routers. Nov 30 2011 14:16:10+00:00 R2 %%01OSPF/3/NBR_CHG_DOWN(l)[0]:Neighbor event:neighbor state changed to Down. (ProcessId=1, NeighborAddress=10.0.123.1, NeighborEvent=KillNbr, NeighborPreviousState=Full, NeighborCurrentState=Down)
[R2]display ospf error
OSPF Process 1 with Router ID 10.0.2.2 OSPF error statistics
General packet errors: 0
: IP: received my own packet
6
: Bad packet
0
: Bad version
0
: Bad checksum
0
: Bad area id
0
: Drop on unnumbered interface
0
: Bad virtual link
0
: Bad authentication type
0
: Bad authentication key
0
: Packet too small
0
: Packet size > ip length
0
: Transmit error
7
: Interface down
0
: Unknown neighbor
HELLO packet errors: 0
: Netmask mismatch
6
: Hello timer mismatch
0
: Dead timer mismatch
0
: Extern option mismatch
0
: Router id confusion
0
: Virtual neighbor unknown
0
: NBMA neighbor unknown
0
: Invalid Source Address
The default interval for sending Hello packets is 30 seconds on the 188
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
P2MP network, and is 10 seconds on the P2P network. Change the interval for sending Hello packets on R1. [R1]interface Serial 2/0/0 [R1-Serial2/0/0]ospf timer hello 10
Observe whether neighbor relationships are established after about 30 seconds. [R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.123.1 Peer Statistic Information ---------------------------------------------------------------------------Area Id
Interface
Neighbor id
State
0.0.0.0
Serial2/0/0
10.0.2.2
Full
0.0.0.0
Serial2/0/0
10.0.3.3
Full
----------------------------------------------------------------------------
The preceding information shows that neighbor relationships are established again. Check whether routing information is properly transmitted between the routers. First view the routing table of R1. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 3
Routes : 4
OSPF routing table status : Destinations : 2
Destination/Mask
Proto
Routes : 2
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1562
D
10.0.123.2
Serial2/0/0
10.0.3.0/24 OSPF
10
1562
D
10.0.123.3
Serial2/0/0
OSPF routing table status : Destinations : 1
Destination/Mask
HC Series
Proto
Routes : 2
Pre Cost
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
189
HCNP-IERN Chapter 2 Implementing OSPF design structures 10.0.123.0/24 OSPF
10
3124
10.0.123.2
Serial2/0/0
10.0.123.0/24 OSPF
10
3124
10.0.123.3
Serial2/0/0
The routing table of R1 contains the routes to the network segments where the Loopback 0 interfaces of R2 and R3 reside. View the routing table of R2. [R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 3
Routes : 3
OSPF routing table status : Destinations : 2
Destination/Mask
Routes : 2
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1562
D
10.0.123.1
Serial3/0/0
10.0.3.0/24 OSPF
10
3124
D
10.0.123.1
Serial3/0/0
OSPF routing table status : Destinations : 1
Destination/Mask
Routes : 1
Proto
10.0.123.1/32 OSPF
Pre Cost
10
1562
Flags NextHop
10.0.123.1
Interface
Serial3/0/0
The routing table of R2 contains the routes to R1 and R3. Test whether these routes are reachable. [R2]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
[R2]ping -c 1 10.0.1.1 PING 10.0.1.1: 56 data bytes, press CTRL_C to break Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=255 time=63 ms
190
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
--- 10.0.1.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 63/63/63 ms
R2 cannot access R3 directly but can access R1. Find the next hop where packets bound for 10.0.3.3 are discarded. [R2]tracert 10.0.3.3 traceroute to 10.0.3.3(10.0.3.3), max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.0.123.1 61 ms 42 ms 42 ms 2 * * * ...
The preceding information shows that the packets arrive at R1 but are discarded after arriving at R3. View the global routing table of R3. [R3]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 13
Destination/Mask
Routes : 13
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.0/24
OSPF
10
1562
D
10.0.123.1
Serial1/0/0
10.0.2.0/24
OSPF
10
3124
D
10.0.123.1
Serial1/0/0
10.0.3.0/24
Direct 0
0
D
10.0.3.3
LoopBack0
10.0.3.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.0/24
Direct 0
0
D
10.0.123.3
Serial1/0/0
10.0.123.1/32
Direct 0
0
D
10.0.123.1
Serial1/0/0
10.0.123.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.123.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
When a ping packet is sent from R2 to the Loopback 0 interface of R3, the source IP address carried in the Layer 3 header of the packet is the HC Series
HUAWEI TECHNOLOGIES
191
HCNP-IERN Chapter 2 Implementing OSPF design structures
interface IP address of R2, that is, 10.0.123.2. This packet is discarded because the routing table of R3 does not contain the route to 10.0.123.2/32. After the network type is changed from P2MP to P2P, R2 and R3 cannot learn the IP addresses of the direct interfaces of each other. This does not affect the communication between users connected to R2 and R3. The source IP address can be used to test the connectivity between R2 and R3. R2 can communicate with R3 if the source IP address of the ping packet is set to the IP address of the Loopback 0 interface of R2. [R2]ping -c 1 -a 10.0.2.2 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=123 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 123/123/123 ms
Step 6 Configure OSPF to work in P2P mode.
192
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures
If the network type is set to P2P, IP addresses need to be re-planned. As shown in the preceding figure, R1 interconnects with R2 on 10.0.12.0/24 and with R3 on 10.0.13.0/24. Configure subinterfaces and their IP addresses. Set the interface type to P2P when configuring subinterfaces. [R1]interface s2/0/0 [R1-Serial2/0/0]undo fr map ip 10.0.123.2 102 [R1-Serial2/0/0]undo fr map ip 10.0.123.3 103 [R1-Serial2/0/0]undo ospf network-type [R1-Serial2/0/0]undo ospf timer hello [R1-Serial2/0/0]interface Serial 2/0/0.102 p2p [R1-Serial2/0/0.102]ip address 10.0.12.1 24 [R1-Serial2/0/0.102]ospf network-type p2p [R1-Serial2/0/0.102]fr dlci 102 [R1-fr-dlci-Serial2/0/0.102-102]interface Serial 2/0/0.103 p2p [R1-Serial2/0/0.103]ip address 10.0.13.1 24 [R1-Serial2/0/0.103]ospf network-type p2p [R1-Serial2/0/0.103]fr dlci 103
[R2]interface Serial 3/0/0 [R2-Serial3/0/0]undo fr map ip 10.0.123.1 201 [R2-Serial3/0/0]undo ip address [R2-Serial3/0/0]undo ospf network-type [R2-Serial3/0/0]interface Serial 3/0/0.201 p2p [R2-Serial3/0/0.201]ip address 10.0.12.2 24 [R2-Serial3/0/0.201]ospf network-type p2p [R2-Serial3/0/0.201]fr dlci 201
[R3]interface Serial 1/0/0 [R3-Serial1/0/0]undo ip address [R3-Serial1/0/0]undo fr map ip 10.0.123.1 301 [R3-Serial1/0/0]undo ospf network-type [R3-Serial1/0/0]interface Serial 1/0/0.301 p2p [R3-Serial1/0/0.301]ip address 10.0.13.3 24 [R3-Serial1/0/0.301]ospf network-type p2p [R3-Serial1/0/0.301]fr dlci 301
Test the network connectivity. [R1]ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=59 ms
HC Series
HUAWEI TECHNOLOGIES
193
HCNP-IERN Chapter 2 Implementing OSPF design structures
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 59/59/59 ms
[R1]ping -c 1 10.0.13.3 PING 10.0.13.3: 56 data bytes, press CTRL_C to break Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=59 ms
--- 10.0.13.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 59/59/59 ms
Modify the network segment to be advertised in OSPF. [R1]ospf 1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]undo network 10.0.123.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0
[R2]ospf 1 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]undo network 10.0.123.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R3]ospf 1 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]undo network 10.0.123.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0
View the OSPF neighbor list. [R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.123.1 Peer Statistic Information ---------------------------------------------------------------------------Area Id
194
Interface
Neighbor id
HUAWEI TECHNOLOGIES
State
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures 0.0.0.0
Serial2/0/0.102
10.0.2.2
Full
0.0.0.0
Serial2/0/0.103
10.0.3.3
Full
----------------------------------------------------------------------------
View the routing tables of R1 and R2. [R1]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 2
Routes : 2
OSPF routing table status : Destinations : 2
Destination/Mask
Proto
Routes : 2
Pre Cost
Flags NextHop
Interface
10.0.2.0/24 OSPF
10
1562
D
10.0.12.2
Serial2/0/0.102
10.0.3.0/24 OSPF
10
1562
D
10.0.13.3
Serial2/0/0.103
OSPF routing table status : Destinations : 0
Routes : 0
[R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 3
Routes : 3
OSPF routing table status : Destinations : 3
Destination/Mask
Proto
Routes : 3
Pre Cost
Flags NextHop
Interface
10.0.1.0/24 OSPF
10
1562
D
10.0.12.1
Serial3/0/0.201
10.0.3.0/24 OSPF
10
3124
D
10.0.12.1
Serial3/0/0.201
10.0.13.0/24 OSPF
10
3124
D
10.0.12.1
Serial3/0/0.201
OSPF routing table status : Destinations : 0
Routes : 0
Test the network connectivity. [R2]ping -c 1 10.0.1.1
HC Series
HUAWEI TECHNOLOGIES
195
HCNP-IERN Chapter 2 Implementing OSPF design structures PING 10.0.1.1: 56 data bytes, press CTRL_C to break Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=255 time=65 ms
--- 10.0.1.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 65/65/65 ms
[R2]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=255 time=95 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 95/95/95 ms
Additional Exercises: Analyzing and Verifying Figure out the precautions to be taken if the NBMA network type is used when not all routers on the network are interconnected.
Figure out the differences between NBMA, P2MP, and P2P.
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial2/0/0 link-protocol fr undo fr inarp # interface Serial2/0/0.102 p2p
196
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 2 Implementing OSPF design structures fr dlci 102 ip address 10.0.12.1 255.255.255.0 ospf network-type p2p # interface Serial2/0/0.103 p2p fr dlci 103 ip address 10.0.13.1 255.255.255.0 ospf network-type p2p # interface LoopBack0 ip address 10.0.1.1 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.123.1 area 0.0.0.0 network 10.0.1.1 0.0.0.0 network 10.0.12.1 0.0.0.0 network 10.0.13.1 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial3/0/0 link-protocol fr undo fr inarp # interface Serial3/0/0.201 p2p fr dlci 201 ip address 10.0.12.2 255.255.255.0 ospf network-type p2p # interface LoopBack0 ip address 10.0.2.2 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.2.2 area 0.0.0.0 network 10.0.2.2 0.0.0.0 network 10.0.12.2 0.0.0.0
HC Series
HUAWEI TECHNOLOGIES
197
HCNP-IERN Chapter 2 Implementing OSPF design structures # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial1/0/0 link-protocol fr fr map ip 10.0.13.1 301 broadcast ip address 10.0.13.3 255.255.255.0 ospf network-type p2p # interface LoopBack0 ip address 10.0.3.3 255.255.255.0 ospf network-type broadcast # ospf 1 router-id 10.0.3.3 area 0.0.0.0 network 10.0.3.3 0.0.0.0 network 10.0.13.3 0.0.0.0 # Return
198
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Chapter 3 BGP application and management Lab 3-1 IBGP and EBGP Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Configure single-area Border Gateway Protocol (BGP).
•
Configure multi-area BGP.
•
View the BGP neighbor list and database.
•
Configure BGP update sources.
•
Configure multi-hop external BGP (EBGP).
•
Observe change of the next hops of Internal BGP (IBGP) routes
and EBGP routes. •
Configure the next hops for IBGP routes.
•
Configure the network command in BGP.
HC Series
HUAWEI TECHNOLOGIES
199
HCNP-IERN Chapter 3 BGP application and management
Topology
Figure 3-1 IBGP and EBGP
Scenario Assume that you are a network administrator of a company that uses BGP for its network. The network serving the company consists of multiple autonomous systems (ASs). Different branches use different AS IDs. The task is to complete network construction. In the headquarters, Open Shortest Path First (OSPF) is used as the Interior Gateway Protocol (IGP). The branches use private BGP AS IDs. After network construction, observe the transmission of BGP routing information.
Tasks Step 1 Perform basic configurations and IP addressing. Configure IP addresses and subnet masks for all routers. The subnet masks of the Loopback 1 interfaces of R4 and R5 contain 24 binary digits to simulate the user network. system-view
200
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management Enter system view, return user view with Ctrl+Z. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 24 [R1-Serial3/0/0]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 32
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 24 [R2-Serial2/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 32
system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 24 [R3-Serial2/0/0]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 24 [R3-Serial3/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 32
system-view Enter system view, return user view with Ctrl+Z. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 24 [R4-Serial1/0/0]interface LoopBack 0 [R4-LoopBack0]ip address 10.0.4.4 32
system-view Enter system view, return user view with Ctrl+Z. [R5]interface Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 24 [R5-Serial1/0/0]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 32
Test the connectivity of direct links. ping -c 1 10.0.12.2
HC Series
HUAWEI TECHNOLOGIES
201
HCNP-IERN Chapter 3 BGP application and management PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=34 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=40 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 40/40/40 ms
ping -c 1 10.0.23.2 PING 10.0.23.2: 56 data bytes, press CTRL_C to break Reply from 10.0.23.2: bytes=56 Sequence=1 ttl=255 time=33 ms
--- 10.0.23.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 33/33/33 ms
ping -c 1 10.0.35.5 PING 10.0.35.5: 56 data bytes, press CTRL_C to break Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=255 time=35 ms
--- 10.0.35.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 35/35/35 ms
The preceding information shows that the direct links are reachable.
202
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Step 2 Configure single-area IGP. Configure AS 64512 to use OSPF as IGP to advertise the network segments where the Loopback 0 interfaces reside to OSPF. Enable OSPF on the network segment where the S1/0/0 interface of R1 resides. [R1]router id 10.0.1.1 [R1]ospf 1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
Enable OSPF on the network segment where the S1/0/0 and S2/0/0 interfaces of R2 reside. [R2]router id 10.0.2.2 [R2]ospf 1 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
Enable OSPF on the network segment where the S2/0/0 interface of R3 resides. [R3]router id 10.0.3.3 [R3]ospf 1 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
Note that the wildcard mask 0.0.0.0 is used when you use the network command. Check whether OSPF neighbor relationships are established. [R2]display ospf peer
OSPF Process 1 with Router ID 10.0.2.2 Neighbors
Area 0.0.0.0 interface 10.0.12.2(Serial1/0/0)'s neighbors Router ID: 10.0.1.1
Address: 10.0.12.1
State: Full Mode:Nbr is Slave Priority: 1
HC Series
HUAWEI TECHNOLOGIES
203
HCNP-IERN Chapter 3 BGP application and management DR: None
BDR: None
MTU: 0
Dead timer due in 31 sec Retrans timer interval: 4 Neighbor is up for 00:00:29 Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.0 interface 10.0.23.2(Serial2/0/0)'s neighbors Router ID: 10.0.3.3
Address: 10.0.23.3
State: Full Mode:Nbr is Master Priority: 1 DR: None
BDR: None
MTU: 0
Dead timer due in 34 sec Retrans timer interval: 4 Neighbor is up for 00:00:06 Authentication Sequence: [ 0 ]
View the routing table of each router. Check whether a router learns the route to the network segment where the Loopback 0 interface of the peer router resides. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 15
Destination/Mask
Routes : 15
Proto
Pre Cost
Flags NextHop
10.0.1.1/32
Direct
0
0
D
10.0.2.2/32
OSPF
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.3/32
OSPF
10
3124
D
10.0.12.2
Serial1/0/0
127.0.0.1
Interface
InLoopBack0
10.0.12.0/24
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.2/32
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.1
Serial3/0/0
10.0.14.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.4/32
Direct 0
0
D
10.0.14.4
Serial3/0/0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.0/24
OSPF
3124
D
10.0.12.2
Serial1/0/0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
204
10
D
127.0.0.1
HUAWEI TECHNOLOGIES
InLoopBack0
HC Series
HCNP-IERN Chapter 3 BGP application and management 127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
[R2]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 15
Destination/Mask
Proto
10.0.1.1/32
OSPF
10.0.2.2/32
10
Routes : 15
Pre Cost
Flags NextHop
Interface
1562
D
10.0.12.1
Serial1/0/0
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.3/32
OSPF
1562
D
10.0.23.3
Serial2/0/0
10.0.12.0/24
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.0/24
0
D
10.0.23.2
Serial2/0/0
10
Direct 0
10.0.23.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.3/32
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
[R3]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 16
Destination/Mask
Routes : 16
Proto
Pre Cost
10.0.1.1/32
OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.2.2/32
OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.3.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.0/24
OSPF
3124
D
10.0.23.2
Serial2/0/0
10.0.23.0/24
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
10.0.23.2
Serial2/0/0
10.0.23.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
HC Series
10
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
205
HCNP-IERN Chapter 3 BGP application and management 10.0.35.0/24
Direct 0
0
D
10.0.35.3
Serial3/0/0
10.0.35.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.5/32
Direct 0
0
D
10.0.35.5
Serial3/0/0
10.0.35.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The preceding information shows that each of R1, R2, and R3 can learn the routes to the network segments where the Loopback 0 interfaces of the other two routers reside.
Step 3 Establish IBGP peers. Configure full-mesh IBGP interconnection on R1, R2, and R3. Use the Loopback 0 interfaces as update sources. [R1]bgp 64512 [R1-bgp]peer 10.0.2.2 as-number 64512 [R1-bgp]peer 10.0.2.2 connect-interface LoopBack 0 [R1-bgp]peer 10.0.3.3 as-number 64512 [R1-bgp]peer 10.0.3.3 connect-interface LoopBack 0
[R2]bgp 64512 [R2-bgp]peer 10.0.1.1 as-number 64512 [R2-bgp]peer 10.0.1.1 connect-interface loopback 0 [R2-bgp]peer 10.0.3.3 as-number 64512 [R2-bgp]peer 10.0.3.3 connect-interface LoopBack 0
[R3]bgp 64512 [R3-bgp]peer 10.0.1.1 as-number 64512 [R3-bgp]peer 10.0.1.1 connect-interface loopback 0 [R3-bgp]peer 10.0.2.2 as-number 64512 [R3-bgp]peer 10.0.2.2 connect-interface LoopBack 0
Run the display tcp status command to view the status of Transmission Control Protocol (TCP) ports. [R2]display tcp status TCPCB
Tid/Soid Local Add:port
Foreign Add:por
VPNID State
194a3c7c 8 /2
0.0.0.0:22
0.0.0.0:0
23553
Listening
194a3b18 8 /1
0.0.0.0:23
0.0.0.0:0
23553
Listening
206
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management 194a3850 106/1
0.0.0.0:80
0.0.0.0:0
0
Listening
19ec2bb8 234/2
0.0.0.0:179
10.0.1.1:0
0
Listening
19ec2360 234/5
0.0.0.0:179
10.0.3.3:0
0
Listening
194a3de0 8 /3
0.0.0.0:830
0.0.0.0:0
23553
Listening
194a39b4 6 /1
0.0.0.0:7547
0.0.0.0:0
0
Listening
19ec3410 234/11
10.0.2.2:179
10.0.3.3:49663
0
Established
19ec2a54 234/4
10.0.2.2:50151
10.0.1.1:179
0
Established
The value of Local Add is 10.0.2.2, which is the IP address of the Loopback 0 interface of R2, and the port number is 179, which is the TCP port number of BGP. The status of the TCP connections between 10.0.2.2 and 10.0.3.3, and between 10.0.2.2 and 10.0.1.1 is Established. This indicates that TCP connections are established between R2 and R1, and between R2 and R3. Run the display bgp peer command to view the BGP neighbor relationships on the routers. [R1]display bgp peer
BGP local router ID : 10.0.1.1 Local AS number : 64512 Total number of peers : 2
Peer
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.2.2
4
64512
273
277
0 02:15:53 Established
0
10.0.3.3
4
64512
276
276
0 02:15:53 Established
0
[R2]display bgp peer
BGP local router ID : 10.0.2.2 Local AS number : 64512 Total number of peers : 2
Peer
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down
10.0.1.1
4
64512
38
10.0.3.3
4
64512
1000
State
PrefRcv
38
0 00:18:02 Established
0
1000
0 16:38:38 Established
0
[R3]display bgp peer
BGP local router ID : 10.0.3.3
HC Series
HUAWEI TECHNOLOGIES
207
HCNP-IERN Chapter 3 BGP application and management Local AS number : 64512 Total number of peers : 2
Peer
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down
10.0.1.1
4
64512
39
10.0.2.2
4
64512
1001
State PrefRcv
39
0 00:18:35 Established
0
1001
0 16:39:11 Established
0
The preceding information shows that BGP neighbor relationships are established between the three routers. On R1, run the timer command to change the keepalive time of BGP to 30 seconds, and the hold time to 90 seconds. Run the display bgp peer verbose command to view the negotiated interval after a peer relationship is established between R1 and R2. [R1-bgp] timer keepalive 30 hold 90
Note that the BGP neighbors of R1 will restart if the keepalive time and hold time are changed. [R2]display bgp peer verbose
BGP Peer is 10.0.1.1, remote AS 64512 Type: IBGP link BGP version 4, Remote router ID 10.0.1.1 Update-group ID: 1 BGP current state: Established, Up for 00h07m19s BGP current event: KATimerExpired BGP last state: OpenConfirm BGP Peer Up count: 2 Received total routes: 0 Received active routes total: 0 Advertised total routes: 0 Port: Local - 50117
Remote - 179
Configured: Connect-retry Time: 32 sec Configured: Active Hold Time: 180 sec
Keepalive Time:60 sec
Received : Active Hold Time: 90 sec Negotiated: Active Hold Time: 90 sec
Keepalive Time:30 sec
Peer optional capabilities: Peer supports bgp multi-protocol extension Peer supports bgp route refresh capability Peer supports bgp 4-byte-as capability Address family IPv4 Unicast: advertised and received
208
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management Received: Total 16 messages Update messages
0
Open messages
1
KeepAlive messages
15
Notification messages
0
Refresh messages
0
Sent: Total 16 messages Update messages
0
Open messages
1
KeepAlive messages
15
Notification messages
0
Refresh messages
0
Authentication type configured: None Last keepalive received: 2011/12/07 08:33:52 Minimum route advertisement interval is 15 seconds Optional capabilities: Route refresh capability has been enabled 4-byte-as capability has been enabled Connect-interface has been configured Peer Preferred Value: 0 Routing policy configured: No routing policy is configured
BGP Peer is 10.0.3.3, remote AS 64512 Type: IBGP link BGP version 4, Remote router ID 10.0.3.3 Update-group ID: 1 BGP current state: Established, Up for 16h28m14s BGP current event: RecvKeepalive BGP last state: OpenConfirm BGP Peer Up count: 1 Received total routes: 0 Received active routes total: 0 Advertised total routes: 0 Port: Local - 179
Remote - 49663
Configured: Connect-retry Time: 32 sec Configured: Active Hold Time: 180 sec
Keepalive Time:60 sec
Received : Active Hold Time: 180 sec Negotiated: Active Hold Time: 180 sec
Keepalive Time:60 sec
Peer optional capabilities: Peer supports bgp multi-protocol extension Peer supports bgp route refresh capability Peer supports bgp 4-byte-as capability
HC Series
HUAWEI TECHNOLOGIES
209
HCNP-IERN Chapter 3 BGP application and management Address family IPv4 Unicast: advertised and received Received: Total 990 messages Update messages
0
Open messages
1
KeepAlive messages
989
Notification messages
0
Refresh messages
0
Sent: Total 990 messages Update messages
0
Open messages
1
KeepAlive messages
989
Notification messages
0
Refresh messages
0
Authentication type configured: None Last keepalive received: 2011/12/07 08:34:17 Minimum route advertisement interval is 15 seconds Optional capabilities: Route refresh capability has been enabled 4-byte-as capability has been enabled Connect-interface has been configured Peer Preferred Value: 0 Routing policy configured: No routing policy is configured
On R2, Active Hold Time is set to 180 seconds and Keepalive Time to 60 seconds by default. After the keepalive time and hold time are changed for R1, the value of Active Hold Time carried in the packets received by R2 is 90 sec. During negotiation, the smaller values take effect. Therefore, the negotiated value of Active Hold Time is 90 sec, and that of Keepalive Time is 30 sec. The default values of the two parameters are retained for R3. The same as R3, Active Hold Time is set to 180 sec and Keepalive Time to 60 sec by default on R2.
Step 4 Configure EBGP peers. Configure BGP on R4 and configure the local AS ID to 64513. Establish a peer relationship between R4 and R1. When establishing the peer relationship, set the IP address of the Loopback 0 interface as the
210
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
update source and set ebgp-max-hop to 2. Add a static route with a 32-bit subnet mask to the IP address of the peer Loopback 0 interface so that the peer relationship can be established successfully. [R1]ip route-static 10.0.4.4 32 10.0.14.4 [R4]ip route-static 10.0.1.1 32 10.0.14.1
[R1]bgp 64512 [R1-bgp]peer 10.0.4.4 as-number 64513 [R1-bgp]peer 10.0.4.4 ebgp-max-hop 2 [R1-bgp]peer 10.0.4.4 connect-interface LoopBack0
[R4]bgp 64513 [R4-bgp]peer 10.0.1.1 as-number 64512 [R4-bgp]peer 10.0.1.1 ebgp-max-hop 2 [R4-bgp]peer 10.0.1.1 connect-interface LoopBack0
Run the display bgp peer command to view the peer relationship. [R4]display bgp peer
BGP local router ID : 10.0.4.4 Local AS number : 64513 Total number of peers : 1
Peer
V
10.0.1.1
Peers in established state : 1
AS MsgRcvd
4
64512
MsgSent
4
5
OutQ
Up/Down State PrefRcv
0 00:01:18
Established
0
On R4, run the debugging ip packet verbose command to view the time to live (TTL) of keepalive packets. debugging ip packet verbose Dec 7 2011 09:09:07.240.2+00:00 R4 IP/7/debug_case: Delivering, interface = S1/0/0, version = 4, headlen = 20, tos = 192, pktlen = 40, pktid = 11346, offset = 0, ttl = 2, protocol = 6, checksum = 29370, s = 10.0.1.1, d = 10.0.4.4 prompt: Packet is before IP_Reass before really deliver to up.
45 c0 00 28 2c 52 00 00 02 06 72 ba 0a 00 01 01 0a 00 04 04 c7 cd 00 b3 91 99 51 7b 2b aa b0 8f 50 10 40 00 cf 00 00 00
Dec 7 2011 09:11:07.640.3+00:00 R4 IP/7/debug_case:
HC Series
HUAWEI TECHNOLOGIES
211
HCNP-IERN Chapter 3 BGP application and management Delivering, interface = S1/0/0, version = 4, headlen = 20, tos = 192, pktlen = 40, pktid = 11383, offset = 0, ttl = 2, protocol = 6, checksum = 29333, s = 10.0.1.1, d = 10.0.4.4 prompt: IP packet is delivering up!
The TTL of the received packets is 2. Establish an EBGP peer relationship between R3 and R5 using their physical interface. [R3]bgp 64512 [R3-bgp]peer 10.0.35.5 as-number 64514
[R5]bgp 64514 [R5-bgp]peer 10.0.35.3 as-number 64512 [R5-bgp]display bgp peer
BGP local router ID : 10.1.5.5 Local AS number : 64514 Total number of peers : 1
Peer
10.0.35.3
V
AS
4
Peers in established state : 1
MsgRcvd MsgSent
64512
2
2
OutQ Up/Down
0 00:00:57
State
PrefRcv
Established
0
Step 5 Advertise routing information using the network command. Set the IP address to 10.1.4.4/24 for the Loopback 1 interface of R4. Run the network command to advertise this network segment to BGP. [R4]interface LoopBack 1 [R4-LoopBack1]ip address 10.1.4.4 24 [R4-LoopBack1]bgp 64513 [R4-bgp]network 10.1.4.4 24
Check whether the route 10.1.4.4/24 exists in the global routing tables of R1 and R3. View the BGP routing table of R3 to find the next hop of this route. [R1]display ip routing-table
212
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 18
Destination/Mask
Proto
Routes : 18
Pre Cost
Flags NextHop
Interface
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.2/32
OSPF
10
1562
D
10.0.12.2
Serial1/0/0
10.0.3.3/32
OSPF
10
3124
D
10.0.12.2
Serial1/0/0
10.0.4.4/32
Static 60
0
RD
10.0.14.4
Serial3/0/0
10.0.12.0/24
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.2/32
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.1
Serial3/0/0
10.0.14.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.4/32
Direct 0
0
D
10.0.14.4
Serial3/0/0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.0/24
OSPF
10
3124
10.1.4.0/24
EBGP
255 0
10.0.12.2
Serial1/0/0
RD
D
10.0.4.4
Serial3/0/0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/3
0
D
127.0.0.1
InLoopBack0
Direct 0
E1 learns the EBGP route 10.1.4.0/24. Check whether the routing table of R3 contains the route 10.1.4.0/24. [R3]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 16
Destination/Mask
Routes : 16
Proto
Pre Cost
10.0.1.1/32
OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.2.2/32
OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.3.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.0/24
OSPF
3124
D
10.0.23.2
Serial2/0/0
10.0.23.0/24
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
10.0.23.2
Serial2/0/0
HC Series
10
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
213
HCNP-IERN Chapter 3 BGP application and management 10.0.23.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.0/24
Direct 0
0
D
10.0.35.3
Serial3/0/0
10.0.35.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.5/32
Direct 0
0
D
10.0.35.5
Serial3/0/0
10.0.35.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The routing table of R3 does not contain the route 10.1.4.0/24. View the BGP routing table of R3. [R3]display bgp routing-table
BGP Local router ID is 10.0.3.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
i 10.1.4.0/24
NextHop
MED
10.0.4.4
0
LocPrf
100
PrefVal Path/Ogn
0
64513i
The route 10.1.4.0/24 is found in the BGP routing table of R3 but it does not have an asterisk (*). This indicates that this route is not the optimal route and therefore not used. This is because the next hop of this route is 10.0.4.4 but R3 does not have a route to 10.0.4.4. According to BGP, a route is not used if its next hop is unreachable. Configure next-hop-local on R1 and then view the routing table of R3. [R1]bgp 64512 [R1-bgp]peer 10.0.3.3 next-hop-local [R1-bgp]peer 10.0.2.2 next-hop-local [R1-bgp]quit [R3]display bgp routing-table
214
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management BGP Local router ID is 10.0.3.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
NextHop
*>i 10.1.4.0/24
MED
10.0.1.1
LocPrf
0
100
PrefVal Path/Ogn
0
64513i
The next hop of the BGP route 10.1.4.0/24 is 10.0.1.1 and this route has an asterisk (*) and a greater-than sign (>). This indicates that the route is correct and optimal. View the routing table of R3. [R3]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 17
Destination/Mask
Routes : 17
Proto
Pre Cost
10.0.1.1/32
OSPF
10
3124
D
10.0.23.2
Serial2/0/0
10.0.2.2/32
OSPF
10
1562
D
10.0.23.2
Serial2/0/0
10.0.3.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.0/24
OSPF
3124
D
10.0.23.2
Serial2/0/0
10.0.23.0/24
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
10.0.23.2
Serial2/0/0
10.0.23.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.0/24
Direct 0
0
D
10.0.35.3
Serial3/0/0
10.0.35.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.5/32
Direct 0
0
D
10.0.35.5
Serial3/0/0
10.0.35.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
255 0
RD
10.0.1.1
Serial2/0/0
10.1.4.0/24
IBGP
10
Flags NextHop
Interface
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The route 10.1.4.0/24 is found. HC Series
HUAWEI TECHNOLOGIES
215
HCNP-IERN Chapter 3 BGP application and management
Set the IP address to 10.1.5.5/24 for the Loopback 1 interface of R5. Advertise this route to BGP and configure next-hop-local on R3. [R5]interface LoopBack 1 [R5-LoopBack1]ip address 10.1.5.5 24 [R5-LoopBack1]quit
[R5]bgp 64514 [R5-bgp]network 10.1.5.0 24
[R3]bgp 64512 [R3-bgp]peer 10.0.1.1 next-hop-local [R3-bgp]peer 10.0.2.2 next-hop-local
Check whether R4 learns the route to the network segment where the Loopback 1 interface of R5 resides. Analyze the output of the display bgp routing-table command. [R4]display bgp routing-table
BGP Local router ID is 10.0.4.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
*>
10.1.4.0/24
0.0.0.0
*>
10.1.5.0/24
10.0.1.1
MED
LocPrf
0
PrefVal Path/Ogn
0
i
0
64512 64514i
On R5, ping the Loopback 1 interface of R4 from the Loopback 1 interface of R5. [R5]ping -c 1 -a 10.1.5.5 10.1.4.4 PING 10.1.4.4: 56 data bytes, press CTRL_C to break Reply from 10.1.4.4: bytes=56 Sequence=1 ttl=252 time=125 ms
--- 10.1.4.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss
216
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management round-trip min/avg/max = 125/125/125 ms
Additional Exercises: Analyzing and Verifying Figure out when physical interfaces should be used to establish EBGP neighbor relationships. Figure out why the TTL of the packets sent to EBGP neighbors is 1. Figure out the default value of hop-count in the peer group_name ebgp-max-hop [hop-count] command.
Final Configurations [R1]display current-configuration [V200R001C00SPC200] # sysname R1 # router id 10.0.1.1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 # bgp 64512 timer keepalive 30 hold 90 peer 10.0.2.2 as-number 64512 peer 10.0.2.2 connect-interface LoopBack0 peer 10.0.3.3 as-number 64512 peer 10.0.3.3 connect-interface LoopBack0 peer 10.0.4.4 as-number 64513 peer 10.0.4.4 ebgp-max-hop 2 peer 10.0.4.4 connect-interface LoopBack0 # ipv4-family unicast
HC Series
HUAWEI TECHNOLOGIES
217
HCNP-IERN Chapter 3 BGP application and management undo synchronization peer 10.0.2.2 enable peer 10.0.2.2 next-hop-local peer 10.0.3.3 enable peer 10.0.3.3 next-hop-local peer 10.0.4.4 enable # ospf 1 area 0.0.0.0 network 10.0.12.0 0.0.0.255 network 10.0.1.1 0.0.0.0 # ip route-static 10.0.4.4 255.255.255.255 10.0.14.4 return
[R2]display current-configuration [V200R001C00SPC200] # sysname R2 # router id 10.0.2.2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 # bgp 64512 peer 10.0.1.1 as-number 64512 peer 10.0.1.1 connect-interface LoopBack0 peer 10.0.3.3 as-number 64512 peer 10.0.3.3 connect-interface LoopBack0 # ipv4-family unicast undo synchronization peer 10.0.1.1 enable peer 10.0.3.3 enable
218
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management # ospf 1 area 0.0.0.0 network 10.0.12.0 0.0.0.255 network 10.0.23.0 0.0.0.255 network 10.0.2.2 0.0.0.0 return
[R3]display current-configuration [V200R001C00SPC200] # sysname R3 # router id 10.0.3.3 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # bgp 64512 peer 10.0.1.1 as-number 64512 peer 10.0.1.1 connect-interface LoopBack0 peer 10.0.2.2 as-number 64512 peer 10.0.2.2 connect-interface LoopBack0 peer 10.0.35.5 as-number 64514 # ipv4-family unicast undo synchronization peer 10.0.1.1 enable peer 10.0.1.1 next-hop-local peer 10.0.2.2 enable peer 10.0.2.2 next-hop-local peer 10.0.35.5 enable # ospf 1 area 0.0.0.0
HC Series
HUAWEI TECHNOLOGIES
219
HCNP-IERN Chapter 3 BGP application and management network 10.0.23.0 0.0.0.255 network 10.0.3.3 0.0.0.0 return
[R4]display current-configuration [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 # interface LoopBack1 ip address 10.1.4.4 255.255.255.0 # bgp 64513 peer 10.0.1.1 as-number 64512 peer 10.0.1.1 ebgp-max-hop 2 peer 10.0.1.1 connect-interface LoopBack0 # ipv4-family unicast undo synchronization network 10.0.4.0 255.255.255.0 network 10.1.4.0 255.255.255.0 peer 10.0.1.1 enable # ip route-static 10.0.1.1 255.255.255.255 10.0.14.1 return
[R5]display current-configuration [V200R001C00SPC200] # sysname R5 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 # interface LoopBack0
220
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management ip address 10.0.5.5 255.255.255.255 # interface LoopBack1 ip address 10.1.5.5 255.255.255.0 # bgp 64514 peer 10.0.35.3 as-number 64512 # ipv4-family unicast undo synchronization network 10.1.5.0 255.255.255.0 peer 10.0.35.3 enable return
HC Series
HUAWEI TECHNOLOGIES
221
HCNP-IERN Chapter 3 BGP application and management
Lab 3-2 BGP Route Aggregation Learning Objectives The objectives of this lab are to learn and understand: •
Method used to configure BGP route aggregation by using the network command
•
Method used to configure aggregation suppression of a specific BGP route
•
Method used to modify attributes of summarized routes
•
Method of using the AS-SET attribute during route aggregation
Topology
Figure 3-2 BGP route aggregation
222
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Scenario Assume that you are a network engineer of a company. The network of the company uses BGP as the routing protocol. The network comprises of multiple Autonomous Systems (AS). Different branches use different AS numbers. Routing tables of routers increase with growth of the company. Therefore, BGP route aggregation is pressing. You select a proper route aggregation method after several tests.
Tasks Step 1 Configure IP addresses. Configure IP addresses and masks for the physical interfaces and loopback interfaces of all routers. Loopback interfaces use 32-bit masks. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 255.255.255.0 [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 255.255.255.0 [R1-Serial3/0/0]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ip add 10.0.15.1 255.255.255.0 [R1-GigabitEthernet0/0/0]interface LoopBack 0 [R1-LoopBack0]ip address 10.1.1.1 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 255.255.255.0 [R2-Serial1/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 255.255.255.0 [R2-Serial2/0/0]interface loopback 0 [R2-LoopBack0]ip address 10.1.2.2 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 255.255.255.0 [R3-Serial2/0/0]interface loopback 1
HC Series
HUAWEI TECHNOLOGIES
223
HCNP-IERN Chapter 3 BGP application and management [R3-LoopBack1]ip address 10.1.3.3 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 255.255.255.0 [R4-Serial1/0/0]interface loopback 0 [R4-LoopBack0]ip address 10.0.4.4 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R5]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.15.5 255.255.255.0 [R5-GigabitEthernet0/0/0]interface loopback 0 [R5-LoopBack0]ip address 10.1.5.5 255.255.255.255
After you have configured IP addresses and masks for the interfaces, test the connectivity of direct links. [R1]ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=41 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 41/41/41 ms
[R1]ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=41 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 41/41/41 ms
[R1]ping -c 1 10.0.15.5 PING 10.0.15.5: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=34 ms
224
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management --- 10.0.15.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
[R1]ping -c 1 10.0.23.3 PING 10.0.23.3: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=34 ms
--- 10.0.23.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
Step 2 Configure EBGP and advertise routes. Establish BGP peer relationships between direct routers by using the IP addresses of physical interfaces. [R1]bgp 64513 [R1-bgp]peer 10.0.12.2 as-number 64514 [R1-bgp]peer 10.0.14.4 as-number 64512 [R1-bgp]peer 10.0.15.5 as-number 64516
[R2]bgp 64514 [R2-bgp]peer 10.0.12.1 as-number 64513 [R2-bgp]peer 10.0.23.3 as-number 64515
[R3]bgp 64515 [R3-bgp]peer 10.0.23.2 as-number 64514
[R4]bgp 64512 [R4-bgp]peer 10.0.14.1 as-number 64513
[R5]bgp 64516 [R5-bgp]peer 10.0.15.1 as-number 64513
After you have completed the configuration, check the peer relationships.
HC Series
HUAWEI TECHNOLOGIES
225
HCNP-IERN Chapter 3 BGP application and management [R1]display bgp peer BGP local router ID : 10.0.12.1 Local AS number : 64513 Total number of peers : 3
Peer
V
Peers in established state : 3
AS MsgRcvd MsgSent OutQ
Up/Down
State
PrefRcv
10.0.12.2
4
64514
3
3
0 00:01:55 Established
0
10.0.14.4
4
64512
3
3
0 00:01:03 Established
0
10.0.15.5
4
64516
2
3
0 00:00:03 Established
0
[R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64514 Total number of peers : 2
Peer
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.12.1
4
64513
4
6
0 00:02:51 Established
0
10.0.23.3
4
64515
6
6
0 00:04:42 Established
0
[R3]display bgp peer
BGP local router ID : 10.0.23.3 Local AS number : 64515 Total number of peers : 1
Peer
V
10.0.23.2
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
64514
6
6
State PrefRcv
0 00:04:54 Established
0
[R4]display bgp peer
BGP local router ID : 10.0.14.4 Local AS number : 64512 Total number of peers : 1
Peer
V
10.0.14.1
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
64513
4
4
State PrefRcv
0 00:02:46 Established
[R5]display bgp peer
226
HUAWEI TECHNOLOGIES
HC Series
0
HCNP-IERN Chapter 3 BGP application and management
BGP local router ID : 10.0.15.5 Local AS number : 64516 Total number of peers : 1
Peer
V
10.0.15.1
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
64513
3
3
State PrefRcv
0 00:01:26 Established
0
Currently, all BGP peer relationships are in the Established state. Run the network command to advertise to BGP the routes for the network segment where the routers’ loopback interfaces reside.. [R1]bgp 64513 [R1-bgp]network 10.1.1.1 255.255.255.255
[R2]bgp 64514 [R2-bgp]network 10.1.2.2 255.255.255.255
[R3]bgp 64515 [R3-bgp]network 10.1.3.3 255.255.255.255
[R4]bgp 64512 [R4-bgp]network 10.0.4.4 255.255.255.255
[R5]bgp 64516 [R5-bgp]network 10.1.5.5 255.255.255.255
View the BGP routing table of R4 to verify the AS-PATH attribute. [R4]display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 5 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>
10.0.4.4/32
0.0.0.0
0
0
i
*>
10.1.1.1/32
10.0.14.1
0
0
64513i
*>
10.1.2.2/32
10.0.14.1
0
64513 64514i
HC Series
HUAWEI TECHNOLOGIES
227
HCNP-IERN Chapter 3 BGP application and management *>
10.1.3.3/32
10.0.14.1
0
64513 64514
10.0.14.1
0
64513 64516i
64515i *>
10.1.5.5/32
Step 3 Run the network command to summarize BGP routes. Summarize routes on R1. Add the static route 10.1.0.0/16 to the Null0 interface on R1 and run the network command to advertise the route. [R1]ip route-static 10.1.0.0 16 NULL 0 [R1]bgp 64513 [R1-bgp]network 10.1.0.0 255.255.0.0
View the routing table of R4 to check whether the summarized route is available. display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>
10.0.4.4/32
0.0.0.0
0
0
i
*>
10.1.0.0/16
10.0.14.1
0
0
64513i
*>
10.1.1.1/32
10.0.14.1
0
0
64513i
*>
10.1.2.2/32
10.0.14.1
0
64513 64514i
*>
10.1.3.3/32
10.0.14.1
0
64513 64514
10.0.14.1
0
64513 64516i
64515i *>
10.1.5.5/32
Configure a prefix list pref_detail_control to filter routes sent to the peer R4 and prevent specific route information contained in the summarized route from being sent. 228
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R1]ip ip-prefix pref_detail_control index 10 permit 10.1.0.0 8 less-equal 24 [R1]bgp 64513 [R1-bgp]peer 10.0.14.4 ip-prefix pref_detail_control export
View the BGP routing table of R4 to check the AS-PATH attribute of the summarized route. display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>
10.0.4.4/32
0.0.0.0
0
0
i
*>
10.1.0.0/16
10.0.14.1
0
0
64513i
Step 4 Run the aggregate command to summarize BGP routes. Delete the prefix list used in step 3 and the summarized route advertised through the network command. Run the aggregate command to summarize the route 10.1.0.0/16 by using the default mode. [R1]undo ip ip-prefix pref_detail_control [R1]bgp 64513 [R1-bgp]undo network 10.1.0.0 255.255.0.0 [R1-bgp]undo peer 10.0.14.4 ip-prefix pref_detail_control export [R1-bgp]aggregate 10.1.0.0 255.255.0.0
View the routing tables of R1 and R4 to check the Origin attribute of the summarized route. [R1]display bgp routing-table
BGP Local router ID is 10.0.12.1 Status codes: * - valid, > - best, d - damped,
HC Series
HUAWEI TECHNOLOGIES
229
HCNP-IERN Chapter 3 BGP application and management h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6 Network
NextHop
MED
*>
10.0.4.4/32
10.0.14.4
*>
10.1.0.0/16
127.0.0.1
*>
10.1.1.1/32
0.0.0.0
*>
10.1.2.2/32
10.0.12.2
*>
10.1.3.3/32
10.0.12.2
*>
10.1.5.5/32
10.0.15.5
LocPrf
PrefVal Path/Ogn
0
0
64512i
0
i
0
0
i
0
0
64514i
0
64514 64515i
0
64516i
0
display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6 Network
NextHop
MED
*>
10.0.4.4/32
0.0.0.0
*>
10.1.0.0/16
10.0.14.1
*>
10.1.1.1/32
10.0.14.1
*>
10.1.2.2/32
*>
10.1.3.3/32
LocPrf
0
PrefVal Path/Ogn
0
i
0
64513i
0
64513i
10.0.14.1
0
64513 64514i
10.0.14.1
0
64513 64514
10.0.14.1
0
64513 64516i
0
64515i *>
10.1.5.5/32
The Origin attribute of the summarized route is not modified. It is still IGP. Prevent specific routes from being advertised when configuring route aggregation on R1. Advertise only the summarized route. [R1-bgp]aggregate 10.1.0.0 255.255.0.0 detail-suppressed
View the BGP routing table of R4. [R4]display bgp routing-table
230
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 2 Network
NextHop
MED
*>
10.0.4.4/32
0.0.0.0
*>
10.1.0.0/16
10.0.14.1
LocPrf
0
PrefVal Path/Ogn
0
i
0
64513i
No specific route is available on R4. View the global routing table of R1 to check the next hop of the route 10.1.0.0/16. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 21
Destination/Mask
10.0.4.4/32
Routes : 21
Proto
Pre Cost
EBGP
255 0
Flags NextHop
Interface
D
10.0.14.4
Serial3/0/0
10.0.12.0/24
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.2/32
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.1
Serial3/0/0
10.0.14.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.4/32
Direct 0
0
D
10.0.14.4
Serial3/0/0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.0/24
Direct 0
0
D
10.0.15.1
10.0.15.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.0.0/16
Static 60
0
D
0.0.0.0
NULL0
10.1.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.2.2/32
EBGP
255 0
D
10.0.12.2
Serial1/0/0
10.1.3.3/32
EBGP
255 0
D
10.0.12.2
Serial1/0/0
10.1.5.5/32
EBGP
255 0
D
10.0.15.5
GigabitEthernet0/0/0
GigabitEthernet0/0/0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
HC Series
HUAWEI TECHNOLOGIES
231
HCNP-IERN Chapter 3 BGP application and management 255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The summarized route is configured on R1; therefore, the outbound interface is Null0. Route aggregation can avoid routing loops. View the BGP routing table of R1 to check specific routes. [R1]display bgp routing-table
BGP Local router ID is 10.0.12.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6 Network
NextHop
MED
*>
10.0.4.4/32
10.0.14.4
*>
10.1.0.0/16
127.0.0.1
s>
10.1.1.1/32
0.0.0.0
s>
10.1.2.2/32
10.0.12.2
s>
10.1.3.3/32
10.0.12.2
s>
10.1.5.5/32
10.0.15.5
LocPrf
0
PrefVal Path/Ogn
0
64512i
0
i
0
0
i
0
0
64514i
0
64514 64515i
0
64516i
0
The detail-suppressed parameter is used; therefore, only the summarized route is sent. The letter "s" is added before each specific route, which indicates that the specific routes are suppressed during route aggregation.
Step 5 Modify the attributes of a summarized route. By default, BGP does not advertise the community attribute to any peer. Enable R5 to advertise the community attribute to R1 and enable R1 to advertise the community attribute to R4. [R5]bgp 64516 [R5-bgp]peer 10.0.15.1 advertise-community
[R1]bgp 64513 [R1-bgp]peer 10.0.14.4 advertise-community
232
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Verify that the community attribute will be lost after route aggregation. Add the community attribute with the value 100 to the route 10.1.5.5/32 on R5 and advertise the route to R1. [R5]acl number 2000 [R5-acl-basic-2000]rule 0 permit source 10.1.5.5 0 [R5-acl-basic-2000]route-policy set_comm permit node 10 [R5-route-policy]if-match acl 2000 [R5-route-policy]apply community 100 [R5-route-policy]bgp 64516 [R5-bgp]peer 10.0.15.1 route-policy set_comm export
Check whether the summarized route carries the community attribute on R1. display bgp routing-table community
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
*>
10.1.5.0/24
NextHop
MED
LocPrf
PrefVal Community
10.0.15.5
0
Check whether the summarized route carries the community attribute on R4. display bgp routing-table community
Total Number of Routes: 0
No route carrying the community attribute is available on R4. Create the routing policy dd_comm on R1 and add the community attribute with the value 100:2 to the summarized route. [R1]acl number 2000 [R1-acl-basic-2000]rule 0 permit source 10.1.0.0 0.0.255.255 [R1-acl-basic-2000]route-policy add_comm permit node 10 [R1-route-policy]if-match acl 2000
HC Series
HUAWEI TECHNOLOGIES
233
HCNP-IERN Chapter 3 BGP application and management [R1-route-policy]apply community 100:2 [R1-route-policy]bgp 64513 [R1-bgp]aggregate 10.1.0.0 255.255.0.0 attribute-policy add_comm
Check whether the summarized route carries the community attribute with the value 100:2 on R4. display bgp routing-table community BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
*>
NextHop
10.1.0.0/16
MED
LocPrf
10.0.14.1
PrefVal Community
0
The summarized route learned by R4 carries the community attribute.
Step 6 Configure the AS-PATH attribute by using the AS-SET attribute. A summarized route discards the AS-PATH attribute by default. Loss of the AS-PATH attribute may cause loops. To avoid information loss, add the AS-SET attribute to summarized routes. Add the AS-SET attribute to a summarized route on R1. [R1]bgp 64513 [R1-bgp]aggregate 10.1.0.0 255.255.0.0 detail-suppressed as-set
View the AS-PATH attribute of the summarized route in the BGP routing tables on R1 and R4. [R1]display bgp routing-table
BGP Local router ID is 10.0.12.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
234
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management Total Number of Routes: 6 Network
NextHop
MED
*>
10.0.4.4/32
10.0.14.4
*>
10.1.0.0/16
127.0.0.1
LocPrf
0
PrefVal Path/Ogn
0
64512i
0
{64514 64515
64516}i s>
10.1.1.1/32
0.0.0.0
0
0
i
s>
10.1.2.2/32
10.0.12.2
0
0
64514i
s>
10.1.3.3/32
10.0.12.2
0
64514 64515i
s>
10.1.5.5/32
10.0.15.5
0
64516i
0
display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
*>
10.0.4.4/32
0.0.0.0
*>
10.1.0.0/16
10.0.14.1
LocPrf
0
PrefVal Path/Ogn
0
i
0
64513 {64514
64515 64516}i
After the AS-SET attribute is added, the AS-PATH attribute of a summarized route contains AS path information about detailed routes. Stop advertising the route 10.1.3.3/32 on R3 to reset the peer relationship. [R3]bgp 64515 [R3-bgp]undo network 10.1.3.3 255.255.255.255 [R3-bgp]return reset bgp all
After the peer relationship is re-established, view the AS-PATH attribute of the summarized route learned by R4. display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale
HC Series
HUAWEI TECHNOLOGIES
235
HCNP-IERN Chapter 3 BGP application and management Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
*>
10.0.4.4/32
0.0.0.0
*>
10.1.0.0/16
10.0.14.1
LocPrf
0
PrefVal Path/Ogn
0
i
0
64513 {64514
64516}i
The AS-PATH attribute does not contain the AS number 64515.
Additional Exercises: Analyzing and Verifying After you complete step 6 in the preceding example, can R5 access the loopback address of R3?
What are the differences between the aggregate and summary automatic commands?
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # acl number 2000 rule 0 permit source 10.1.0.0 0.0.255.255 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.15.1 255.255.255.0 #
236
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management interface LoopBack0 ip address 10.1.1.1 255.255.255.255 # bgp 64513 peer 10.0.12.2 as-number 64514 peer 10.0.14.4 as-number 64512 peer 10.0.15.5 as-number 64516 # ipv4-family unicast undo synchronization aggregate 10.1.0.0 255.255.0.0 as-set detail-suppressed network 10.1.1.1 255.255.255.255 peer 10.0.12.2 enable peer 10.0.14.4 enable peer 10.0.14.4 advertise-community peer 10.0.15.5 enable # route-policy add_comm permit node 10 if-match acl 2000 apply community 100:2 # ip route-static 10.1.0.0 255.255.0.0 NULL0 # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface LoopBack0 ip address 10.1.2.2 255.255.255.255 # bgp 64514 peer 10.0.12.1 as-number 64513
HC Series
HUAWEI TECHNOLOGIES
237
HCNP-IERN Chapter 3 BGP application and management peer 10.0.23.3 as-number 64515 # ipv4-family unicast undo synchronization network 10.1.2.2 255.255.255.255 peer 10.0.12.1 enable peer 10.0.23.3 enable # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface LoopBack1 ip address 10.1.3.3 255.255.255.255 # bgp 64515 peer 10.0.23.2 as-number 64514 # ipv4-family unicast undo synchronization peer 10.0.23.2 enable # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 #
238
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management bgp 64512 peer 10.0.14.1 as-number 64513 # ipv4-family unicast undo synchronization network 10.0.4.4 255.255.255.255 peer 10.0.14.1 enable # return
display current-configuration [V200R001C00SPC200] # sysname R5 # acl number 2000 rule 0 permit source 10.1.5.5 0 # interface GigabitEthernet0/0/0 ip address 10.0.15.5 255.255.255.0 # interface LoopBack0 ip address 10.1.5.5 255.255.255.255 # bgp 64516 peer 10.0.15.1 as-number 64513 # ipv4-family unicast undo synchronization network 10.1.5.5 255.255.255.255 peer 10.0.15.1 enable peer 10.0.15.1 advertise-community peer 10.0.15.1 route-policy set_comm export # route-policy set_comm permit node 10 if-match acl 2000 apply community 100 # Return
HC Series
HUAWEI TECHNOLOGIES
239
HCNP-IERN Chapter 3 BGP application and management
Lab 3-3 BGP Attributes and Path Selection 1 Learning Objectives The objectives of this lab are to learn and understand: •
Method used to change path selection by configuring the AS-PATH attribute
•
Method used to change path selection by configuring the Origin attribute
•
Method used to change path selection by configuring the Local-Pref attribute
•
Method used to change path selection by configuring the MED attribute
Topology
Figure 3-3 BGP attributes and path selection
240
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Scenario Assume that you are a network engineer of a company. The network of the company uses BGP to access two service providers. The company uses the private AS 64512. The AS number for ISP1 is 100, and 200 for ISP2. The company provides two links for access to ISP1 and rents a line for access to ISP2. Certain Internet subscribers complain that the network speed of the company is too slow. Therefore, you modify BGP attributes to adjust route directions.
Tasks Step 1 Configure IP addresses. Configure IP addresses and masks for the physical interfaces and loopback interfaces of all routers. Loopback0 interfaces use 32-bit masks. system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R1 [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 255.255.255.0 [R1-Serial1/0/0]interface GigabitEthernet 0/0/2 [R1-GigabitEthernet0/0/2]ip address 10.0.15.1 255.255.255.0 [R1-GigabitEthernet0/0/2]interface GigabitEthernet 0/0/1 [R1-GigabitEthernet0/0/1]ip address 10.0.111.1 255.255.255.0 [R1-GigabitEthernet0/0/1]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R2 [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 255.255.255.0 [R2-Serial1/0/0]int Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 255.255.255.0 [R2-Serial2/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 255.255.255.0
system-view
HC Series
HUAWEI TECHNOLOGIES
241
HCNP-IERN Chapter 3 BGP application and management Enter system view, return user view with Ctrl+Z. [Huawei]sysname R3 [R3]interface GigabitEthernet 0/0/2 [R3-GigabitEthernet0/0/2]ip address 10.0.15.3 255.255.255.0 [R3-GigabitEthernet0/0/2]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 255.255.255.0 [R3-Serial2/0/0]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 255.255.255.0 [R3-Serial3/0/0]interface loopback 0 [R3-LoopBack0]ip address 10.0.3.3 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R4 [R4]interface GigabitEthernet 0/0/1 [R4-GigabitEthernet0/0/1]ip address 10.0.114.4 255.255.255.0 [R4-GigabitEthernet0/0/1]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ip address 10.0.45.4 255.255.255.0 [R4-GigabitEthernet0/0/0]interface loopback 0 [R4-LoopBack0]ip address 10.0.4.4 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R5 [R5]interface Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 255.255.255.0 [R5-Serial1/0/0]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.45.5 255.255.255.0 [R5-GigabitEthernet0/0/0]interface loopback 0 [R5-LoopBack0]ip address 10.0.5.5 255.255.255.255
After you have configured IP addresses and masks, test the connectivity of direct links. ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=29 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 29/29/29 ms
242
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
[R1]ping -c 1 10.0.15.3 PING 10.0.15.3: 56 data bytes, press CTRL_C to break Reply from 10.0.15.3: bytes=56 Sequence=1 ttl=255 time=59 ms
--- 10.0.15.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 59/59/59 ms
ping -c 1 10.0.23.3 PING 10.0.23.3: 56 data bytes, press CTRL_C to break Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=32 ms
--- 10.0.23.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 32/32/32 ms
[R3]ping -c 1 10.0.35.5 PING 10.0.35.5: 56 data bytes, press CTRL_C to break Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=255 time=36 ms
--- 10.0.35.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 36/36/36 ms
ping -c 1 10.0.45.5 PING 10.0.45.5: 56 data bytes, press CTRL_C to break Reply from 10.0.45.5: bytes=56 Sequence=1 ttl=255 time=11 ms
--- 10.0.45.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 11/11/11 ms
HC Series
HUAWEI TECHNOLOGIES
243
HCNP-IERN Chapter 3 BGP application and management
Step 2 Configure IGP and BGP. Configure AS 64512 to use OSPF as the IGP and add all devices in AS 64512 to area 0. Enable OSPF on the network segments of both G0/0/1 and Loopback0 of R1. [R1]ospf [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.111.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
Create VLAN 111 on S1 and configure a Vlanif IP address for interconnection with R1. Create VLAN 114 on S1 and configure a Vlanif IP address for interconnection with R4. Set the working mode of the interconnected interfaces to Access and enable OSPF overVlanif 111 and Vlanif 114 of S1 and the Loopback0 interface. [S1]vlan 111 [S1-vlan111]vlan 114 [S1]interface vlan 111 [S1-Vlanif111]ip address 10.0.111.11 255.255.255.0 [S1-Vlanif111]int vlan 114 [S1-Vlanif114]ip address 10.0.114.11 255.255.255.0 [S1]interface loopback 0 [S1-LoopBack0]ip address 10.0.11.11 255.255.255.255 [S1-LoopBack0]interface GigabitEthernet 0/0/1 [S1-GigabitEthernet0/0/1]port link-type access [S1-GigabitEthernet0/0/1]port default vlan 111 [S1-GigabitEthernet0/0/1]interface GigabitEthernet 0/0/4 [S1-GigabitEthernet0/0/4]port link-type access [S1-GigabitEthernet0/0/4]port default vlan 114 [S1-GigabitEthernet0/0/4]ospf [S1-ospf-1]area 0 [S1-ospf-1-area-0.0.0.0]network 10.0.111.11 0.0.0.0 [S1-ospf-1-area-0.0.0.0]network 10.0.114.11 0.0.0.0 [S1-ospf-1-area-0.0.0.0]network 10.0.11.11 0.0.0.0
Enable OSPF on the network segments of both G0/0/1 and 244
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Loopback0 of R4. [R4]ospf [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.0.114.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
Check whether the routers have learned the routes associated with the Loopback0 interfaces of other devices. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 23
Destination/Mask
Proto
Routes : 23
Pre Cost
Flags NextHop
Interface
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.4.4/32
OSPF
10
2
D
10.0.111.11 GigabitEthernet0/0/1
10.0.11.11/32
OSPF
10
1
D
10.0.111.11 GigabitEthernet0/0/1
10.0.12.0/24
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.2/32
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.1
Serial3/0/0
10.0.14.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.4/32
Direct 0
0
D
10.0.14.4
Serial3/0/0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.0/24
Direct 0
0
D
10.0.15.1
Serial2/0/0
10.0.15.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.3/32
Direct 0
0
D
10.0.15.3
Serial2/0/0
10.0.15.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.111.0/24
Direct 0
0
D
10.0.111.1 GigabitEthernet0/0/1
10.0.111.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.111.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
OSPF
2
D
10.0.111.11 GigabitEthernet0/0/1
10.0.114.0/24
10
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
[S1]display ip routing-table Route Flags: R - relay, D - download to fib
HC Series
HUAWEI TECHNOLOGIES
245
HCNP-IERN Chapter 3 BGP application and management ---------------------------------------------------------------------------Routing Tables: Public Destinations : 11
Destination/Mask
Routes : 11
Proto Pre Cost
Flags NextHop
Interface
10.0.1.1/32
OSPF
10
1
D
10.0.111.1
Vlanif111
10.0.4.4/32
OSPF
10
1
D
10.0.114.4
Vlanif114
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.11.11/32 10.0.111.0/24
Direct 0
0
D
10.0.111.11
Vlanif111
10.0.111.11/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.0/24
Direct 0
0
D
10.0.114.11
Vlanif114
10.0.114.11/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.11.0/24
Direct 0
0
D
10.1.11.11
LoopBack1
10.1.11.11/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 18
Destination/Mask
Routes : 18
Proto
Pre Cost
10.0.1.1/32
OSPF
10
10.0.4.4/32 10.0.11.11/32
Flags NextHop
Interface
2
D
10.0.114.11 GigabitEthernet0/0/1
Direct 0
0
D
127.0.0.1
OSPF
1
D
10.0.114.11 GigabitEthernet0/0/1
10
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.4
Serial1/0/0
10.0.14.1/32
Direct 0
0
D
10.0.14.1
Serial1/0/0
10.0.14.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.45.0/24
Direct 0
0
D
10.0.45.4
10.0.45.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.45.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.111.0/24
OSPF
2
D
10.0.114.11 GigabitEthernet0/0/1
10.0.114.0/24
Direct 0
0
D
10.0.114.4 GigabitEthernet0/0/1
10.0.114.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
246
10
HUAWEI TECHNOLOGIES
GigabitEthernet0/0/0
HC Series
HCNP-IERN Chapter 3 BGP application and management 255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Configure BGP on R1, R4, and S1 and use their Loopback0 interfaces to establish peer relationships. Use the peer group AS64512 for configuration. The load balancing function of BGP is disabled by default. Enable load balancing on all routers and set the maximum number of concurrent equal-cost paths to 4. [R1]bgp 64512 [R1-bgp]group as64512 internal [R1-bgp]peer 10.0.11.11 group as64512 [R1-bgp]peer 10.0.11.11 connect-interface LoopBack 0 [R1-bgp]maximum load-balancing 4
[S1]bgp 64512 [S1-bgp]group as64512 internal [S1-bgp]peer 10.0.4.4 group as64512 [S1-bgp]peer 10.0.4.4 connect-interface LoopBack 0 [S1-bgp]maximum load-balancing 4 [S1-bgp]peer 10.0.1.1 group as64512 [S1-bgp]peer 10.0.1.1 connect-interface LoopBack 0
[R4]bgp 64512 [R4-bgp]group as64512 internal [R4-bgp]peer 10.0.11.11 group as64512 [R4-bgp]peer 10.0.11.11 connect-interface LoopBack 0 [R4-bgp]maximum load-balancing 4
Configure EBGP on R1, R2, R3, R4, and R5. Establish peer relationships by using the IP addresses of physical interfaces. For the AS topology, refer to the diagram. [R1]bgp 64512 [R1-bgp]peer 10.0.12.2 as-number 200 [R1-bgp]peer 10.0.15.3 as-number 100
[R2]bgp 200 [R2-bgp]peer 10.0.12.1 as-number 64512 [R2-bgp]peer 10.0.23.3 as-number 100 [R2-bgp]maximum load-balancing 4
[R3]bgp 100
HC Series
HUAWEI TECHNOLOGIES
247
HCNP-IERN Chapter 3 BGP application and management [R3-bgp]peer 10.0.23.2 as-number 200 [R3-bgp]peer 10.0.35.5 as-number 100 [R3-bgp]peer 10.0.15.1 as-number 64512 [R3-bgp]maximum load-balancing 4
[R4]bgp 64512 [R4-bgp]peer 10.0.45.5 as-number 100
[R5]bgp 100 [R5-bgp]peer 10.0.35.3 as-number 100 [R5-bgp]peer 10.0.45.4 as-number 64512 [R5-bgp]maximum load-balancing 4
Step 3 Configure the AS-PATH attribute. Create Loopback1 on S1 that uses the IP address 10.1.11.11/24. Run the network command to advertise the route 10.1.11.0/24 to BGP. [S1]interface loopback 1 [S1-LoopBack1]ip address 10.1.11.11 255.255.255.0 [S1-LoopBack1]bgp 64512 [S1-bgp]network 10.1.11.11 255.255.255.0
View the BGP routing table of R2. The route 10.1.11.0/24 selects the next hop based on the AS-PATH attribute. [R2]display bgp routing-table
BGP Local router ID is 10.0.12.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
*>
10.1.11.0/24
*
NextHop
MED
LocPrf
PrefVal Path/Ogn
10.0.12.1
0
64512i
10.0.23.3
0
100 64512i
The bandwidth between R1 and R4 is limited; therefore, R2 needs to access the network segment 10.1.11.0/24 through AS 100. 248
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
The AS-PATH attribute is used to change path selection. Create the routing policy as_path on R1 to add two same AS numbers for the route 10.1.11.0/24. [R1]acl number 2001 [R1-acl-basic-2001]rule 5 permit source 10.1.11.0 0.0.0.255 [R1-acl-basic-2001]route-policy as_path permit node 10 [R1-route-policy]if-match acl 2001 [R1-route-policy]apply as-path 64512 64512 additive
Create a routing policy on R1 so that the AS-PATH attribute of the route that R2 learns from R1 has three values. [R1]bgp 64512 [R1-bgp]peer 10.0.12.2 route-policy as_path export
View the BGP routing table of R2. display bgp routing-table
BGP Local router ID is 10.0.12.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
*>
NextHop
10.1.11.0/24
*
MED
LocPrf
PrefVal Path/Ogn
10.0.23.3
0
100 64512i
10.0.12.1
0
64512 64512
64512i
R2 accesses the network segment 10.1.11.0/24 through AS 100.
Step 4 Configure the Origin attribute. View the routing table of R3. display bgp routing-table
BGP Local router ID is 10.0.15.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale
HC Series
HUAWEI TECHNOLOGIES
249
HCNP-IERN Chapter 3 BGP application and management Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2
*>
Network
NextHop
10.1.11.0/24
10.0.15.1
* i
MED
LocPrf
10.0.35.5
100
PrefVal Path/Ogn
0
64512i
0
64512i
The next hop of the route to network segment 10.1.11.0/24 is R1. It is expected that R3 will access AS 64512 through R5. It is found that the value of the Origin attribute contained in the route 10.1.11.0/24 is IGP. Change the status of the route that R1 advertises to R3 to ‘incomplete’. [R1]route-policy 22 permit node 10 [R1-route-policy]if-match acl 2001 [R1-route-policy]apply origin incomplete [R1-route-policy]bgp 64512 [R1-bgp]peer 10.0.15.3 route-policy 22 export
After the routing policy has taken effect, view the BGP routing table of R3. display bgp routing-table
BGP Local router ID is 10.0.15.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
*>i 10.1.11.0/24
10.0.35.5
*
10.0.15.1
MED
LocPrf
100
PrefVal Path/Ogn
0
64512i
0
64512?
The next hop of the route from R3 to network segment 10.1.11.0/24 is R5.
250
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Step 5 Configure the Local-Pref attribute. The Local-Pref attribute has a high priority in path selection. Modifying the Local-Pref attribute can change path selection. Create Loopback1 on R3 with IP address 10.1.3.3/24. Advertise the route 10.1.3.0/24 to BGP. [R3]interface loopback 1 [R3-LoopBack1]ip address 10.1.3.3 255.255.255.0 [R3-LoopBack1]bgp 100 [R3-bgp]network 10.1.3.3 255.255.255.0
Create Loopback1 on R5 with IP address 10.1.5.5/24. Advertise the route 10.1.5.0/24 to BGP. [R5]interface loopback 1 [R5-LoopBack1]ip address 10.1.5.5 255.255.255.0 [R5-LoopBack1]bgp 100 [R5-bgp]network 10.1.5.5 255.255.255.0
View the routing table of S1. [S1]display bgp routing-table
Total Number of Routes: 5
BGP Local router ID is 10.0.111.11 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Network
NextHop
MED
10.0.1.1
* i
10.0.4.4
100
0
100i
*>i 10.1.5.0/24
10.0.1.1
100
0
100i
* i
10.0.4.4
100
0
100i
10.1.11.0/24
0.0.0.0
0
100
PrefVal Path/Ogn
*>i 10.1.3.0/24
*>
0
LocPrf
0
0
0
100i
i
It is expected that the traffic to network segment 10.1.5.0/24 will arrive through R4 and that the traffic to the network segment 10.1.3.0/24 will arrivethrough R1.
HC Series
HUAWEI TECHNOLOGIES
251
HCNP-IERN Chapter 3 BGP application and management
Create the routing policy Pref4 on R4, find the route 10.1.5.0/24, and set the Local-Pref attribute of the route to 110. Create the routing policy Pref1 on R1, find the route 10.1.3.0/24, set the Local-Pref attribute of the route to 110, and apply the routing policy to the IBGP peer group. [R4]acl number 2001 [R4-acl-basic-2001]rule 5 permit source 10.1.5.0 0.0.0.255 [R4-acl-basic-2001]quit [R4]route-policy Pref4 permit node 10 [R4-route-policy]if-match acl 2001 [R4-route-policy]apply local-preference 110 [R4-route-policy]route-policy Pref4 permit node 20 [R4-route-policy]bgp 64512 [R4-bgp]peer as64512 route-policy Pref4 export
[R1]acl number 2002 [R1-acl-basic-2002]rule 5 permit source 10.1.3.0 0.0.0.255 [R1-acl-basic-2002]route-policy Pref1 permit node 10 [R1-route-policy]if-match acl 2002 [R1-route-policy]apply local-preference 110 [R1-route-policy]route-policy Pref1 permit node 20 [R1-route-policy]bgp 64512 [R1-bgp]peer as64512 route-policy Pref1 export
View the BGP routing table of S1. [S1]display bgp routing-table
Total Number of Routes: 3
BGP Local router ID is 10.0.111.11 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Network
*>i 10.1.3.0/24 * i
NextHop
MED
10.0.1.1
0
10.0.4.4
*>i 10.1.5.0/24 * i
10.0.4.4 10.0.1.1
252
0 0
LocPrf
PrefVal Path/Ogn
110
0
100i
100
0
100i
110
0
100i
100
HUAWEI TECHNOLOGIES
0
100i
HC Series
HCNP-IERN Chapter 3 BGP application and management *>
10.1.11.0/24
0.0.0.0
0
0
i
Paths can be selected based on the Local-Pref attribute. The route with a greater attribute value is selected first.
Step 6 Configure the MED attribute. Delete the routing policy from step 4 that changes the path for the route 10.1.11.0/24 in AS 100 by using the Origin attribute. In this step, the MED attribute is modified to change path selection. [R1]undo route-policy 22 [R1]bgp 64512 [R1-bgp]undo peer 10.0.15.3 route-policy 22 export
Create the routing policy med on R1, set the MED attribute to 100 for the route 10.1.11.0/24, and apply the routing policy to the peer R3. [R1]route-policy med permit node 10 [R1-route-policy]if-match acl 2001 [R1-route-policy]apply cost 100 [R1-route-policy]bgp 64512 [R1-bgp]peer 10.0.15.3 route-policy med export
View the BGP routing table of R3. dis bgp routing-table
BGP Local router ID is 10.0.15.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4 Network
*>
10.1.3.0/24
NextHop
MED
0.0.0.0
0
*>i 10.1.5.0/24
10.0.35.5
0
*>i 10.1.11.0/24
10.0.35.5
*
10.0.15.1
LocPrf
PrefVal Path/Ogn
0
i
100
0
i
100
0
64512i
0
64512i
100
The route with a smaller MED attribute value is selected first.
HC Series
HUAWEI TECHNOLOGIES
253
HCNP-IERN Chapter 3 BGP application and management
The effect of modifying the MED attribute is the same as that of modifying the Origin attribute.
Additional Exercises: Analyzing and Verifying Disable S1/0/0 of R1 after completing the operations at step 6. In this case, what is the value of the MED attribute for the route 10.1.11.0/24 learned by R2?
Can a routing policy be used to delete an AS from the AS-PATH attribute?
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 10.0.111.1 255.255.255.0 # interface GigabitEthernet0/0/2 ip address 10.0.15.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 # bgp 64512 peer 10.0.12.2 as-number 200 peer 10.0.15.3 as-number 100
254
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management group as64512 internal peer 10.0.11.11 as-number 64512 peer 10.0.11.11 group as64512 peer 10.0.11.11 connect-interface LoopBack0 # ipv4-family unicast undo synchronization maximum load-balancing 4 peer 10.0.12.2 enable peer 10.0.12.2 route-policy as_path export peer 10.0.15.3 enable peer 10.0.15.3 route-policy med export peer as64512 enable peer as64512 route-policy Pref1 export peer 10.0.11.11 enable peer 10.0.11.11 group as64512 # ospf 1 area 0.0.0.0 network 10.0.1.1 0.0.0.0 network 10.0.111.1 0.0.0.0 # route-policy as_path permit node 10 if-match acl 2001 apply as-path 64512 64512 additive # route-policy Pref1 permit node 10 if-match acl 2002 apply local-preference 110 # route-policy Pref1 permit node 20 # route-policy med permit node 10 if-match acl 2001 apply cost 100 # return
display current-configuration [V200R001C00SPC200] # sysname R2 #
HC Series
HUAWEI TECHNOLOGIES
255
HCNP-IERN Chapter 3 BGP application and management interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.0 # bgp 200 peer 10.0.12.1 as-number 64512 peer 10.0.23.3 as-number 100 # ipv4-family unicast undo synchronization maximum load-balancing 4 peer 10.0.12.1 enable peer 10.0.23.3 enable # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 # interface GigabitEthernet0/0/2 ip address 10.0.15.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # interface LoopBack1
256
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management ip address 10.1.3.3 255.255.255.0 # bgp 100 peer 10.0.15.1 as-number 64512 peer 10.0.23.2 as-number 200 peer 10.0.35.5 as-number 100 # ipv4-family unicast undo synchronization network 10.1.3.0 255.255.255.0 maximum load-balancing 4 peer 10.0.15.1 enable peer 10.0.23.2 enable peer 10.0.35.5 enable # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.45.4 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 10.0.114.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 # bgp 64512 peer 10.0.45.5 as-number 100 group as64512 internal peer 10.0.11.11 as-number 64512 peer 10.0.11.11 group as64512 peer 10.0.11.11 connect-interface LoopBack0 # ipv4-family unicast
HC Series
HUAWEI TECHNOLOGIES
257
HCNP-IERN Chapter 3 BGP application and management undo synchronization maximum load-balancing 4 peer 10.0.45.5 enable peer as64512 enable peer as64512 route-policy Pref4 export peer 10.0.11.11 enable peer 10.0.11.11 group as64512 # ospf 1 area 0.0.0.0 network 10.0.114.4 0.0.0.0 network 10.0.4.4 0.0.0.0 # route-policy Pref4 permit node 10 if-match acl 2001 apply local-preference 110 # route-policy Pref4 permit node 20 # return
display current-configuration [V200R001C00SPC200] # sysname R5 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.45.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.255 # interface LoopBack1 ip address 10.1.5.5 255.255.255.0 # bgp 100 peer 10.0.35.3 as-number 100 peer 10.0.45.4 as-number 64512 #
258
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management ipv4-family unicast undo synchronization network 10.1.5.0 255.255.255.0 maximum load-balancing 4 peer 10.0.35.3 enable peer 10.0.45.4 enable # return
HC Series
HUAWEI TECHNOLOGIES
259
HCNP-IERN Chapter 3 BGP application and management
Lab 3-4 BGP Attributes and Path Selection 2 (Optional) Learning Objectives The objectives of this lab are to learn and understand: •
Method used to change path selection by modifying community
attributes •
Method used to filter BGP routing information by configuring
routing policies
Topology
Figure 3-4 BGP attributes and path selection 2
Scenario Assume that you are a network engineer of a company. The networks of the company are interconnected over BGP. The preceding topology shows the AS plan . Not all departments can access each other for the
260
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
sake of network security. You need to filter BGP routes by using BGP community attributes to control the transmission of routing information.
Tasks Step 1 Configure IP addresses. Configure IP addresses and masks for the physical interfaces and Loopback0 interfaces of all routers. Loopback0 interfaces use 32-bit masks. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 255.255.255.0 [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 255.255.255.0 [R1-Serial3/0/0]interface loopback 0 [R1-LoopBack0]ip address 10.0.1.1 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 255.255.255.0 [R2-Serial1/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 255.255.255.0 [R2-Serial2/0/0]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.25.2 255.255.255.0 [R2-GigabitEthernet0/0/0]interface loopback 0 [R2-LoopBack0]ip add 10.0.2.2 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 255.255.255.0 [R3-Serial2/0/0]interface loopback 0 [R3-LoopBack0]ip address 10.0.3.3 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 255.255.255.0
HC Series
HUAWEI TECHNOLOGIES
261
HCNP-IERN Chapter 3 BGP application and management [R4-Serial1/0/0]interface loopback 0 [R4-LoopBack0]ip address 10.0.4.4 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R5]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.25.5 255.255.255.0 [R5-GigabitEthernet0/0/0]interface loopback 0 [R5-LoopBack0]ip address 10.0.5.5 255.255.255.255
After you have configured IP addresses and masks, test the connectivity of direct links. ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=40 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 40/40/40 ms
ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=61 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 61/61/61 ms
ping -c 1 10.0.25.5 PING 10.0.25.5: 56 data bytes, press CTRL_C to break Reply from 10.0.25.5: bytes=56 Sequence=1 ttl=255 time=14 ms
--- 10.0.25.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 14/14/14 ms
262
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management ping -c 1 10.0.23.2 PING 10.0.23.2: 56 data bytes, press CTRL_C to break Reply from 10.0.23.2: bytes=56 Sequence=1 ttl=255 time=2 ms
--- 10.0.23.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/2 ms
Step 2 Configure BGP. R1 and R2 are IBGP peers and other routers are EBGP peers. [R1]bgp 64513 [R1-bgp]peer 10.0.12.2 as-number 64513 [R1-bgp]peer 10.0.14.4 as-number 64512
[R2]bgp 64513 [R2-bgp]peer 10.0.12.1 as-number 64513 [R2-bgp]peer 10.0.23.3 as-number 64514 [R2-bgp]peer 10.0.25.5 as-number 64515
[R3]bgp 64514 [R3-bgp]peer 10.0.23.2 as-number 64513
[R4]bgp 64512 [R4-bgp]peer 10.0.14.1 as-number 64513
[R5]bgp 64515 [R5-bgp]peer 10.0.25.2 as-number 64513
After you have configured BGP, check the peer relationship status between routers. [R1]display bgp peer
BGP local router ID : 10.0.12.1 Local AS number : 64513 Total number of peers : 2
Peer
HC Series
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down
HUAWEI TECHNOLOGIES
State
PrefRcv
263
HCNP-IERN Chapter 3 BGP application and management
10.0.12.2
4
64513
5
6
0
00:03:28
Established
0
10.0.14.4
4
64512
2
3
0
00:00:39
Established
0
[R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64513 Total number of peers : 3
Peer
V
Peers in established state : 3
AS MsgRcvd MsgSent OutQ Up/Down
State
PrefRcv
10.0.12.1
4
64513
6
5
0
00:04:00
Established
0
10.0.23.3
4
64514
4
6
0
00:02:44
Established
0
10.0.25.5
4
64515
2
3
0
00:00:41
Established
0
[R3]display bgp peer
BGP local router ID : 10.0.23.3 Local AS number : 64514 Total number of peers : 1
Peer
V
10.0.23.2
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
64513
4
4
0
State
PrefRcv
00:02:59 Established
0
[R4]display bgp peer
BGP local router ID : 10.0.14.4 Local AS number : 64512 Total number of peers : 1
Peer
V
10.0.14.1
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ
64513
3
3
Up/Down
0 00:01:40
State
PrefRcv
Established
0
[R5]display bgp peer
BGP local router ID : 10.0.25.5 Local AS number : 64515 Total number of peers : 1
Peer
V
264
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
HUAWEI TECHNOLOGIES
State
PrefRcv
HC Series
HCNP-IERN Chapter 3 BGP application and management
10.0.25.2
4
64513
3
3
0
00:01:23
Established
0
The preceding information shows that BGP peer relationships are all in the Established state.
Step 3 Configure common community attributes. Create Loopback1, Loopback2, and Loopback3 on R5, set their IP addresses to 10.1.5.5/24, 10.2.5.5/24, and 10.3.5.5/24 respectively, and then run the network command to advertise the routes 10.1.5.0/24, 10.2.5.0/24, and 10.3.5.0/24 to BGP. [R5]interface loopback 1 [R5-LoopBack1]ip address 10.1.5.5 255.255.255.0 [R5-LoopBack1]interface loopback 2 [R5-LoopBack2]ip address 10.2.5.5 255.255.255.0 [R5-LoopBack2]interface loopback 3 [R5-LoopBack3]ip address 10.3.5.5 255.255.255.0 [R5-LoopBack3]quit [R5]bgp 64515 [R5-bgp]network 10.1.5.5 255.255.255.0 [R5-bgp]network 10.2.5.5 255.255.255.0 [R5-bgp]network 10.3.5.5 255.255.255.0
[R2]bgp 64513 [R2-bgp]peer 10.0.12.1 next-hop-local
Check whether routing information for the network segments 10.1.5.0/24, 10.2.5.0/24, and 10.3.5.0/24 is transmitted correctly on R2 and R4. [R2]display bgp routing-table
BGP Local router ID is 10.0.12.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3 Network
HC Series
NextHop
MED
LocPrf
HUAWEI TECHNOLOGIES
PrefVal Path/Ogn
265
HCNP-IERN Chapter 3 BGP application and management *>
10.1.5.0/24
10.0.25.5
0
0
64515i
*>
10.2.5.0/24
10.0.25.5
0
0
64515i
*>
10.3.5.0/24
10.0.25.5
0
0
64515i
[R4]display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3 Network
NextHop
MED
LocPrf
PrefVal
Path/Ogn
*>
10.1.5.0/24
10.0.14.1
0
64513 64515i
*>
10.2.5.0/24
10.0.14.1
0
64513 64515i
*>
10.3.5.0/24
10.0.14.1
0
64513 64515i
Create the routing policy comm_r5 on R5, and add the community attribute 100 for the route 10.1.5.0/24. [R5]acl number 2000 [R5-acl-basic-2000]rule 0 permit source 10.1.5.0 0.0.0.255 [R5-acl-basic-2000]quit [R5]route-policy comm_r5 permit node 10 [R5-route-policy]if-match acl 2000 [R5-route-policy]apply community 100 [R5-route-policy]quit
[R5]bgp 64515 [R5-bgp]peer 10.0.25.2 route-policy comm_r5 export
Routers are allowed to advertise community attributes in this lab. Configure routers to advertise the community attributes between all BGP peers. [R1]bgp 64513 [R1-bgp]peer 10.0.14.4 advertise-community [R1-bgp]peer 10.0.12.2 advertise-community
[R2]bgp 64513 [R2-bgp]peer 10.0.12.1 advertise-community
266
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R2-bgp]peer 10.0.23.3 advertise-community [R2-bgp]peer 10.0.25.5 advertise-community
[R3]bgp 64514 [R3-bgp]peer 10.0.23.2 advertise-community
[R4]bgp 64512 [R4-bgp]peer 10.0.14.1 advertise-community
[R5]bgp 64515 [R5-bgp]peer 10.0.25.2 advertise-community
Check whether the community attribute 100 is transmitted successfully on R2 and R4. display bgp routing-table community
BGP Local router ID is 10.0.12.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 5
*>
Network
NextHop
MED
10.1.5.0/24
10.0.25.5
LocPrf
0
PrefVal Community
0
display bgp routing-table community
BGP Local router ID is 10.0.12.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 5
*>
Network
NextHop
10.1.5.0/24
10.0.25.5
HC Series
MED
LocPrf
0
HUAWEI TECHNOLOGIES
PrefVal Community
0
267
HCNP-IERN Chapter 3 BGP application and management
Step 4 Configure special community attributes. Add the special community attribute no-export for the route 10.2.5.0/24 and add the special community attribute no-advertise for the route 10.3.5.0/24, using the routing policy on R5. [R5]acl 2001 [R5-acl-basic-2001]rule 0 permit source 10.2.5.0 0.0.0.255 [R5-acl-basic-2001]quit
[R5]route-policy comm_r5 permit node 20 [R5-route-policy]if-match acl 2001 [R5-route-policy]apply community no-export
[R5]acl number 2002 [R5-acl-basic-2002]rule 0 permit source 10.3.5.0 0.0.0.255 [R5-acl-basic-2002]quit
[R5]route-policy comm_r5 permit node 30 [R5-route-policy]if-match acl 2002 [R5-route-policy]apply community no-advertise
View community attributes of learned routes on R2. dis bgp routing-table community
BGP Local router ID is 10.0.12.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4 Network
*> *> *>
10.1.5.0/24 10.2.5.0/24 10.3.5.0/24
NextHop
MED
10.0.25.5 10.0.25.5 10.0.25.5
LocPrf
0 0 0
PrefVal Community
0 0 0
no-export no-advertise
View the transmission status of the routes that carry community attributes in the BGP routing tables of R2, R1, and R4. display bgp routing-table
268
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management BGP Local router ID is 10.0.12.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>
10.1.5.0/24
10.0.25.5
0
0
64515i
*>
10.2.5.0/24
10.0.25.5
0
0
64515i
*>
10.3.5.0/24
10.0.25.5
0
0
64515i
display bgp routing-table
BGP Local router ID is 10.0.12.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.1.5.0/24
10.0.12.2
0
100
0
64515i
*>i 10.2.5.0/24
10.0.12.2
0
100
0
64515i
[R4]display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
*>
10.1.5.0/24
NextHop
MED
LocPrf
10.0.14.1
PrefVal
0
Path/Ogn
64513 64515i
The preceding information shows that R2 does not advertise the BGP route 10.2.5.0/24, (to which the special community attribute no-export is applied), to routers outside the AS, but advertises the route to R1 in the HC Series
HUAWEI TECHNOLOGIES
269
HCNP-IERN Chapter 3 BGP application and management
AS. R2 does not advertise the BGP route 10.3.5.0/24, to which the community attribute no-advertise is applied, to any peers.
Step 5 Configure
community
attributes
with
address
aggregation. Create Loopback1 and Loopback2 on R3, set their IP addresses to 10.1.3.3/24 and 10.2.3.3/24 respectively, and then run the network command to advertise the routes 10.1.3.0/24 and 10.2.3.0/24 to BGP. [R3]interface LoopBack 1 [R3-LoopBack1]ip address 10.1.3.3 255.255.255.0 [R3-LoopBack1]interface loopback 2 [R3-LoopBack2]ip address 10.2.3.3 255.255.255.0 [R3-LoopBack2]quit [R3]bgp 64514 [R3-bgp]network 10.1.3.3 255.255.255.0 [R3-bgp]network 10.2.3.3 255.255.255.0
You need to aggregate the route 10.1.5.0/24 advertised by R5, and the route 10.2.3.0/24 advertised by R3, to a class A network segment 10.0.0.0/8. Specific routes need to be suppressed during advertisement. The aggregated route needs to carry the community attribute 200 when it is advertised to R4. Specific route 10.1.3.0/24 needs to be reserved and advertised to R4. Create the routing policy comm_r3 on R3 and add the community attribute 100 to the community attributes of the route 10.2.3.0/24 advertised by R3. [R3]acl number 2001 [R3-acl-basic-2001]rule 0 permit source 10.2.3.0 0.0.0.255 [R3-acl-basic-2001]route-policy comm_r3 permit node 10 [R3-route-policy]if-match acl 2001 [R3-route-policy]apply community 100 [R3-route-policy]route-policy comm_r3 permit node 20 [R3-route-policy]quit [R3]bgp 64514 [R3-bgp]peer 10.0.23.2 route-policy comm_r3 export
Check whether the learned routes 10.1.5.0/24 and 10.2.3.0/24 carry the community attribute 100 on R1. 270
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management display bgp routing-table community
BGP Local router ID is 10.0.12.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3 Network
NextHop
MED
LocPrf
PrefVal Community
*>i 10.1.5.0/24
10.0.12.2
0
100
0
*>i 10.2.3.0/24
10.0.12.2
0
100
0
*>i 10.2.5.0/24
10.0.12.2
0
100
0
no-export
Create a community attribute filter list to obtain routes whose community attribute is 100. [R1]ip community-filter 1 permit 100
Create the routing policy match_comm to obtain routes whose community attribute is 100. [R1]route-policy match_comm permit node 10 [R1-route-policy]if-match community-filter 1
Create the routing policy add_comm and add the community attribute 200:1 to the community attributes of the aggregated route. [R1]route-policy add_comm permit node 10 [R1-route-policy]apply community 200:1 additive
Aggregate routes that conform to the routing policy match_comm on R1, and add community attributes using the routing policy add_comm. [R1]bgp 64513 [R1-bgp]aggregate 10.0.0.0 255.0.0.0 detail-suppressed origin-policy match_comm attribute-policy add_comm
View the BGP routing table of R4. display bgp routing-table
HC Series
HUAWEI TECHNOLOGIES
271
HCNP-IERN Chapter 3 BGP application and management BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>
10.0.0.0
10.0.14.1
0
64513i
*>
10.1.3.0/24
10.0.14.1
0
64513 64514i
View community attributes of the aggregated route on R4. display bgp routing-table community
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
*>
10.0.0.0
NextHop
MED
LocPrf
10.0.14.1
PrefVal Community
0
Additional Exercises: Analyzing and Verifying If the attribute of route 10.2.5.0/24 is changed to no advertise in Step 4, how is the routing information transmitted between R1, R2, and R4?
How can R4 be configured so that the specific routes 10.1.3.0/24 and 10.2.3.0/24 are preserved and only the route 10.1.5.0/24 is suppressed?
272
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 # bgp 64513 peer 10.0.12.2 as-number 64513 peer 10.0.14.4 as-number 64512 # ipv4-family unicast undo synchronization aggregate 10.0.0.0 255.0.0.0 detail-suppressed origin-policy match_comm attribute-policy add_comm peer 10.0.12.2 enable peer 10.0.12.2 advertise-community peer 10.0.14.4 enable peer 10.0.14.4 advertise-community # route-policy match_comm permit node 10 if-match community-filter 1 # route-policy add_comm permit node 10 apply community 200:1 additive # ip community-filter 1 permit 100 # return
display current-configuration
HC Series
HUAWEI TECHNOLOGIES
273
HCNP-IERN Chapter 3 BGP application and management [V200R001C00SPC200] # sysname R2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.25.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 # bgp 64513 peer 10.0.12.1 as-number 64513 peer 10.0.23.3 as-number 64514 peer 10.0.25.5 as-number 64515 # ipv4-family unicast undo synchronization peer 10.0.12.1 enable peer 10.0.12.1 next-hop-local peer 10.0.12.1 advertise-community peer 10.0.23.3 enable peer 10.0.23.3 advertise-community peer 10.0.25.5 enable peer 10.0.25.5 advertise-community # return
display current-configuration [V200R001C00SPC200] # sysname R3 # acl number 2001 rule 0 permit source 10.2.3.0 0.0.0.255 #
274
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # interface LoopBack1 ip address 10.1.3.3 255.255.255.0 # interface LoopBack2 ip address 10.2.3.3 255.255.255.0 # bgp 64514 peer 10.0.23.2 as-number 64513 # ipv4-family unicast undo synchronization network 10.1.3.0 255.255.255.0 network 10.2.3.0 255.255.255.0 peer 10.0.23.2 enable peer 10.0.23.2 route-policy comm_r3 export peer 10.0.23.2 advertise-community # route-policy comm_r3 permit node 10 if-match acl 2001 apply community 100 # route-policy comm_r3 permit node 20 # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.255
HC Series
HUAWEI TECHNOLOGIES
275
HCNP-IERN Chapter 3 BGP application and management # bgp 64512 peer 10.0.14.1 as-number 64513 # ipv4-family unicast undo synchronization peer 10.0.14.1 enable peer 10.0.14.1 advertise-community # Return
display current-configuration [V200R001C00SPC200] # sysname R5 # interface GigabitEthernet0/0/0 ip address 10.0.25.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.255 # interface LoopBack1 ip address 10.1.5.5 255.255.255.0 # interface LoopBack2 ip address 10.2.5.5 255.255.255.0 # interface LoopBack3 ip address 10.3.5.5 255.255.255.0 # bgp 64515 peer 10.0.25.2 as-number 64513 # ipv4-family unicast undo synchronization network 10.1.5.0 255.255.255.0 network 10.2.5.0 255.255.255.0 network 10.3.5.0 255.255.255.0 peer 10.0.25.2 enable peer 10.0.25.2 route-policy comm_r5 export peer 10.0.25.2 advertise-community #
276
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management route-policy comm_r5 permit node 10 if-match acl 2000 apply community 100 # route-policy comm_r5 permit node 20 if-match acl 2001 apply community no-export # route-policy comm_r5 permit node 30 if-match acl 2002 apply community no-advertise # return
HC Series
HUAWEI TECHNOLOGIES
277
HCNP-IERN Chapter 3 BGP application and management
Lab 3-5 BGP Multi-homing Learning Objectives The objectives of this lab are to learn and understand: •
Method used to configure the default routes in the BGP multi-homing environment
•
Method used to configure default routes and filter some routes in the BGP multi-homing environment
•
Method used to configure BGP routes in the BGP multi-homing environment
Topology
Figure 3-5 BGP multi-homing
278
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Scenario Assume that you are a network engineer of a company. The network of the company uses BGP to access ISP 1. The company uses the private AS 64512 and ISP 1 uses AS 100. The company uses two routers to access ISP 1. The company uses the default routing mode to access the Internet through ISP 1 initially. As the company grows, the default routing mode cannot meet path selection requirements. You need to import some Internet routes into the AS of the company. The company rents another line to access ISP 2 after a period of time. The AS number of ISP 2 is 200. Now, the company wishes to implement a multi-homed network that selects paths over BGP.
Tasks Step 1 Configure IP addresses. Configure IP addresses and masks for the physical interfaces and loopback interfaces of all routers. Loopback0 interfaces use 32-bit masks. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 255.255.255.0 [R1-Serial3/0/0]interface loopback 0 [R1-LoopBack0]ip address 10.0.1.1 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 255.255.255.0 [R2-Serial1/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 255.255.255.0 [R2-Serial2/0/0]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.25.2 255.255.255.0 [R2-GigabitEthernet0/0/0]interface loopback 0 [R2-LoopBack0]ip address 10.0.2.2 255.255.255.255
HC Series
HUAWEI TECHNOLOGIES
279
HCNP-IERN Chapter 3 BGP application and management system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 255.255.255.0 [R3-Serial2/0/0]interface GigabitEthernet 0/0/1 [R3-GigabitEthernet0/0/1]ip address 10.0.113.3 255.255.255.0 [R3-GigabitEthernet0/0/1]interface loopback 0 [R3-LoopBack0]ip address 10.0.3.3 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 255.255.255.0 [R4-Serial1/0/0]interface GigabitEthernet 0/0/1 [R4-GigabitEthernet0/0/1]ip address 10.0.114.4 255.255.255.0 [R4-GigabitEthernet0/0/1]interface LoopBack 0 [R4-LoopBack0]ip address 10.0.4.4 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R5]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.25.5 255.255.255.0 [R5-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1 [R5-GigabitEthernet0/0/1]ip address 10.0.115.5 255.255.255.0 [R5-GigabitEthernet0/0/1]interface loopback 0 [R5-LoopBack0]ip address 10.0.5.5 255.255.255.255
After you have configured IP addresses and masks, test the connectivity of direct links. ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=33 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 33/33/33 ms
ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=34 ms
280
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
ping -c 1 10.0.25.5 PING 10.0.25.5: 56 data bytes, press CTRL_C to break Reply from 10.0.25.5: bytes=56 Sequence=1 ttl=255 time=13 ms
--- 10.0.25.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 13/13/13 ms
ping -c 1 10.0.23.3 PING 10.0.23.3: 56 data bytes, press CTRL_C to break Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=39 ms
--- 10.0.23.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 39/39/39 ms
Step 2 Configure IGP and BGP. Configure AS 64512 to use OSPF as its IGP and add all devices in AS 64512 to area 0. Enable OSPF on the network segments Loopback0 of R3.
of both G0/0/1 and
[R3]ospf [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.113.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
Enable OSPF on the network segments Loopback0 of R4.
HC Series
HUAWEI TECHNOLOGIES
of both G0/0/1 and
281
HCNP-IERN Chapter 3 BGP application and management [R4]ospf [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.0.114.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
Enable OSPF on the network segments Loopback0 of R5.
of both G0/0/1 and
[R5]ospf [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]network 10.0.115.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0
Create VLAN 13 on S1 and configure a VLANif IP address for interconnection with R3. Create VLAN 14 and interconnection with R4.
configure
a
VLANif
IP
address
for
Create VLAN 15 and interconnection with R5.
configure
a
VLANif
IP
address
for
Set the working mode of interconnected interfaces to Access and run OSPF over the network segments on Vlanif 13 and Loopback0, on Vlanif14 and Loopback0, and on Vlanif 15 and Loopback0. [S1]vlan batch 13 to 15 [S1]interface vlan 13 [S1-Vlanif13]ip address 10.0.113.1 255.255.255.0 [S1-Vlanif13]interface vlan 14 [S1-Vlanif14]ip address 10.0.114.1 255.255.255.0 [S1-Vlanif14]interface vlan 15 [S1-Vlanif15]ip address 10.0.115.1 255.255.255.0 [S1-Vlanif15]interface g0/0/3 [S1-GigabitEthernet0/0/3]port link-type access [S1-GigabitEthernet0/0/3]port default vlan 13 [S1-GigabitEthernet0/0/3]interface g0/0/4 [S1-GigabitEthernet0/0/4]port link-type access [S1-GigabitEthernet0/0/4]port default vlan 14 [S1-GigabitEthernet0/0/4]interface g0/0/5 [S1-GigabitEthernet0/0/5]port link-type access [S1-GigabitEthernet0/0/5]port default vlan 15 [S1-GigabitEthernet0/0/5]interface loopback 0 [S1-LoopBack0]ip add 10.0.1.11 255.255.255 [S1-LoopBack0]ospf
282
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [S1-ospf-1]area 0 [S1-ospf-1-area-0.0.0.0]network 10.0.113.1 0.0.0.0 [S1-ospf-1-area-0.0.0.0]network 10.0.114.1 0.0.0.0 [S1-ospf-1-area-0.0.0.0]network 10.0.115.1 0.0.0.0 [S1-ospf-1-area-0.0.0.0]network 10.0.1.11 0.0.0.0
Check whether the routers have learned routes of Loopback0 interfaces of other devices. display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 17
Destination/Mask
10.0.1.11/32
Routes : 17
Proto
Pre Cost
OSPF
10
Flags NextHop
Interface
1
D
10.0.113.1 GigabitEthernet0/0/1
10.0.3.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.4.4/32
OSPF
10
2
D
10.0.113.1 GigabitEthernet0/0/1
10.0.5.5/32
OSPF
10
2
D
10.0.113.1 GigabitEthernet0/0/1
10.0.23.0/24
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
10.0.23.2
Serial2/0/0
10.0.23.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.113.0/24
Direct 0
0
D
10.0.113.3 GigabitEthernet0/0/1
10.0.113.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.113.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.0/24
OSPF
10
2
D
10.0.113.1 GigabitEthernet0/0/1
10.0.115.0/24
OSPF
10
2
D
10.0.113.1 GigabitEthernet0/0/1
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 17
Destination/Mask
HC Series
Proto
Routes : 17
Pre Cost
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
283
HCNP-IERN Chapter 3 BGP application and management 10.0.1.11/32
OSPF
10
1
D
10.0.114.1 GigabitEthernet0/0/1
10.0.3.3/32
OSPF
10
2
D
10.0.114.1 GigabitEthernet0/0/1
10.0.4.4/32
Direct 0
0
D
127.0.0.1
10.0.5.5/32
OSPF
2
D
10.0.114.1 GigabitEthernet0/0/1
10
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.4
Serial1/0/0
10.0.14.1/32
Direct 0
0
D
10.0.14.1
Serial1/0/0
10.0.14.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.113.0/24
OSPF
2
D
10.0.114.1 GigabitEthernet0/0/1
10.0.114.0/24
Direct 0
0
D
10.0.114.4 GigabitEthernet0/0/1
10.0.114.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
OSPF
2
D
10.0.114.1 GigabitEthernet0/0/1
10.0.115.0/24
10
10
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 16
Destination/Mask
Routes : 16
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.11/32
OSPF
10
1
D
10.0.115.1 GigabitEthernet0/0/1
10.0.3.3/32
OSPF
10
2
D
10.0.115.1 GigabitEthernet0/0/1
10.0.4.4/32
OSPF
10
2
D
10.0.115.1 GigabitEthernet0/0/1
10.0.5.5/32
Direct 0
0
D
127.0.0.1
10.0.25.0/24
Direct 0
0
D
10.0.25.5
InLoopBack0
10.0.25.5/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.25.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.113.0/24
OSPF
10
2
D
10.0.115.1 GigabitEthernet0/0/1
10.0.114.0/24
OSPF
10
2
D
10.0.115.1 GigabitEthernet0/0/1
10.0.115.0/24
Direct 0
0
D
10.0.115.5 GigabitEthernet0/0/1
10.0.115.5/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.115.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
GigabitEthernet0/0/0
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
284
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [S1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
10.0.1.11/32
Routes : 12
Proto Pre Cost
Flags NextHop
Interface
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.3/32
OSPF
10
1
D
10.0.113.3
Vlanif13
10.0.4.4/32
OSPF
10
1
D
10.0.114.4
Vlanif14
10.0.5.5/32
OSPF
10
1
D
10.0.115.5
Vlanif15
10.0.113.0/24
Direct 0
0
D
10.0.113.1
Vlanif13
10.0.113.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.0/24
Direct 0
0
D
10.0.114.1
Vlanif14
10.0.114.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.115.0/24
Direct 0
0
D
10.0.115.1
Vlanif15
10.0.115.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
Configure EBGP on R2, R3, and R5. Establish EBGP peer relationships by using the IP addresses of physical interfaces. S1 does not run BGP. For the AS topology, refer to the diagram. [R2]bgp 100 [R2-bgp]peer 10.0.25.5 as-number 64512 [R2-bgp]peer 10.0.23.3 as-number 64512
[R3]bgp 64512 [R3-bgp]peer 10.0.23.2 as-number 100
[R5]bgp 64512 [R5-bgp]peer 10.0.25.2 as-number 100
After you have configured IGP and BGP, verify whether the BGP peer relationships have been established. [R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 100
HC Series
HUAWEI TECHNOLOGIES
285
HCNP-IERN Chapter 3 BGP application and management Total number of peers : 2
Peer
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down State
PrefRcv
10.0.23.3
4
64512
7
9
0 00:05:55 Established
0
10.0.25.5
4
64512
6
7
0 00:04:17 Established
0
[R3]display bgp peer
BGP local router ID : 10.0.23.3 Local AS number : 64512 Total number of peers : 1
Peer
V
10.0.23.2
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
100
8
8
State
PrefRcv
0 00:06:09 Established
0
display bgp peer
BGP local router ID : 10.0.25.5 Local AS number : 64512 Total number of peers : 1
Peer
V
10.0.25.2
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
100
7
7
State
PrefRcv
0 00:05:31 Established
0
Step 3 Configure default routes for home data to use a single ISP. The load balancing function of BGP is disabled by default. Enable load balancing on all routers and set the maximum number of concurrent paths to 4. [R1]bgp 200 [R1-bgp]maximum load-balancing 4
[R2]bgp 100 [R2-bgp]maximum load-balancing 4
286
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R3]bgp 64512 [R3-bgp]maximum load-balancing 4
[R4]bgp 64512 [R4-bgp]maximum load-balancing 4
[R5]bgp 64512 [R5-bgp]maximum load-balancing 4
Create Loopback1 and Loopback2 on R2, set their IP addresses to 10.1.2.2/24 and 10.2.2.2/24 respectively, and then run the network command to advertise the routes 10.1.2.0/24 and 10.2.2.0/24 to BGP. [R2]interface LoopBack 1 [R2-LoopBack1]ip address 10.1.2.2 255.255.255.0 [R2]interface LoopBack 2 [R2-LoopBack2]ip address 10.2.2.2 255.255.255.0
[R2]bgp 100 [R2-bgp]network 10.1.2.2 255.255.255.0 [R2-bgp]network 10.2.2.0 255.255.255.0
Check whether R3 and R5 have learned the routes 10.1.2.0/24 and 10.2.2.0/24. [R3]display bgp routing-table
BGP Local router ID is 10.0.23.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>
10.1.2.0/24
10.0.23.2
0
0
100i
*>
10.2.2.0/24
10.0.23.2
0
0
100i
display bgp routing-table
BGP Local router ID is 10.0.25.5 Status codes: * - valid, > - best, d - damped,
HC Series
HUAWEI TECHNOLOGIES
287
HCNP-IERN Chapter 3 BGP application and management h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>
10.1.2.0/24
10.0.25.2
0
0
100i
*>
10.2.2.0/24
10.0.25.2
0
0
100i
The link from R3 to ISP 1 is the active link and the link from R5 to ISP 1 is the standby link . Run the import-route command on R3 and R5 to import OSPF routes into BGP. [R3]bgp 64512 [R3-bgp]import-route ospf 1
[R5]bgp 64512 [R5-bgp]import-route ospf 1
Advertise default routes to area 0 forcibly as type 1 external route on R3 and R5. Set the costs of the default routes advertised by R3 and R5 to 20 and 40 respectively. [R3]ospf [R3-ospf-1]default-route-advertise always cost 20 type 1
[R5]ospf [R5-ospf-1]default-route-advertise always cost 40 type 1
View the routing table of S1. [S1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 13
Destination/Mask
0.0.0.0/0
Routes : 13
Proto Pre Cost
Flags NextHop
Interface
O_ASE 150 21
D
10.0.113.3
Vlanif13
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.3/32
OSPF
10
1
D
10.0.113.3
Vlanif13
10.0.4.4/32
OSPF
10
1
D
10.0.114.4
Vlanif14
10.0.1.11/32
288
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management 10.0.5.5/32
OSPF
10
1
D
10.0.115.5
Vlanif15
10.0.113.0/24
Direct 0
0
D
10.0.113.1
Vlanif13
10.0.113.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.0/24
Direct 0
0
D
10.0.114.1
Vlanif14
10.0.114.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.115.0/24
Direct 0
0
D
10.0.115.1
Vlanif15
10.0.115.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
View the path of the route to the IP address 10.1.2.2 on S1. [S1]tracert 10.1.2.2 traceroute to 10.1.2.2(10.1.2.2), max hops: 30 ,packet length: 40 1 10.0.113.3 10 ms 1 ms 1 ms 2 10.0.23.2 40 ms 20 ms 20 ms
The preceding information shows that S1 uses the default route learned from R3, that is, S1 accesses the IP address 10.1.2.2 through the active link . Disable S2/0/0 of R3 to simulate a and ISP 1.
link failure between the company
[R3]interface s2/0/0 [R3-Serial2/0/0]shutdown
View the routing table of S1 after route convergence and check the connectivity to the IP address 10.1.2.2. [S1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 13
Destination/Mask
0.0.0.0/0 10.0.1.11/32
Routes : 13
Proto Pre Cost
O_ASE 150 21
Flags NextHop
D
10.0.113.3
Interface
Vlanif13
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.3/32
OSPF
10
1
D
10.0.113.3
Vlanif13
10.0.4.4/32
OSPF
10
1
D
10.0.114.4
Vlanif14
10.0.5.5/32
OSPF
10
1
D
10.0.115.5
Vlanif15
Direct 0
0
D
10.0.113.1
Vlanif13
10.0.113.0/24
HC Series
HUAWEI TECHNOLOGIES
289
HCNP-IERN Chapter 3 BGP application and management 10.0.113.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.0/24
Direct 0
0
D
10.0.114.1
Vlanif14
10.0.114.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.115.0/24
Direct 0
0
D
10.0.115.1
Vlanif15
10.0.115.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
[S1]ping 10.1.2.2 PING 10.1.2.2: 56 data bytes, press CTRL_C to break Request time out Request time out Request time out Request time out Request time out
--- 10.1.2.2 ping statistics --5 packet(s) transmitted 0 packet(s) received 100.00% packet loss
The preceding information shows that the routing table of S1 remains unchanged and S1 is still able to access the target network through R3. The simulated fault is an upstream link failure. In the downstream direction, S1 selects the default route advertised by R3 by comparing the costs of the default routes advertised by R3 and R5. The upstream link and downstream link are independent of each other and therefore, the network does not function properly. Enable S2/0/0 of R3 and disable G0/0/1 to simulate a downstream link failure on R3. View route convergence and check the connectivity. [R3]interface s2/0/0 [R3-Serial2/0/0]undo shutdown
[R3]interface g0/0/1 [R3-GigabitEthernet0/0/1]shutdown
[S1]display ip routing-table Route Flags: R - relay, D - download to fib
290
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management ---------------------------------------------------------------------------Routing Tables: Public Destinations : 10
Destination/Mask
0.0.0.0/01
Routes : 10
Proto Pre Cost
Flags NextHop
Interface
O_ASE 150 41
D
10.0.115.5
Vlanif15
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.4.4/32
OSPF
10
1
D
10.0.114.4
Vlanif14
10.0.5.5/32
OSPF
10.0.1.11/32
10
1
D
10.0.115.5
Vlanif15
10.0.114.0/24
Direct 0
0
D
10.0.114.1
Vlanif14
10.0.114.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.115.0/24
Direct 0
0
D
10.0.115.1
Vlanif15
10.0.115.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
[S1]ping 10.1.2.2 PING 10.1.2.2: 56 data bytes, press CTRL_C to break Reply from 10.1.2.2: bytes=56 Sequence=1 ttl=254 time=1 ms Reply from 10.1.2.2: bytes=56 Sequence=2 ttl=254 time=1 ms Reply from 10.1.2.2: bytes=56 Sequence=3 ttl=254 time=1 ms Reply from 10.1.2.2: bytes=56 Sequence=4 ttl=254 time=1 ms Reply from 10.1.2.2: bytes=56 Sequence=5 ttl=254 time=1 ms
--- 10.1.2.2 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/1/1 ms
S1 learns the default route from R5. That is, S1 accesses the target network through the standby link. Enable G0/0/1 of R3. [R3]interface g0/0/1 [R3-GigabitEthernet0/0/1]undo shutdown
HC Series
HUAWEI TECHNOLOGIES
291
HCNP-IERN Chapter 3 BGP application and management
Step 4 Configure default routes and route filtering for home data to use a single ISP. Configure IBGP peer relationships between R3 and S1, between R4 and S1, and between R5 and S1, and add the next-hop-local parameter to the peer relationships to ensure that S1 learns route updates sent from ISPs. [R3]bgp 64512 [R3-bgp]peer 10.0.113.1 as-number 64512 [R3-bgp]peer 10.0.113.1 next-hop-local
[R4]bgp 64512 [R4-bgp]peer 10.0.114.1 as-number 64512 [R4-bgp]peer 10.0.114.1 next-hop-local
[R5]bgp 64512 [R5-bgp]peer 10.0.115.1 as-number 64512 [R5-bgp]peer 10.0.115.1 next-hop-local
[S1]bgp 64512 [S1-bgp]peer 10.0.113.3 as-number 64512 [S1-bgp]peer 10.0.114.4 as-number 64512 [S1-bgp]peer 10.0.115.5 as-number 64512
Check whether S1 has learned the routes 10.1.2.0/24 and 10.2.2.0/24. [S1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 15
Destination/Mask
0.0.0.0/0
Routes : 15
Proto Pre Cost
Flags NextHop
Interface
O_ASE 150 21
D
10.0.113.3
Vlanif13
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.3/32
OSPF
10
1
D
10.0.113.3
Vlanif13
10.0.4.4/32
OSPF
10
1
D
10.0.114.4
Vlanif14
10.0.5.5/32
OSPF
10
1
D
10.0.115.5
Vlanif15
10.0.113.0/24
Direct 0
0
D
10.0.113.1
Vlanif13
10.0.113.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.11/32
292
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management 10.0.114.0/24
Direct 0
0
D
10.0.114.1
Vlanif14
10.0.114.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.115.0/24
Direct 0
0
D
10.0.115.1
Vlanif15
10.0.115.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.2.0/24
BGP
255 0
RD
10.0.113.3
Vlanif13
10.2.2.0/24
BGP
255 0
RD
10.0.113.3
Vlanif13
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
You need to configure BGP to change path selection. Create the routing policy policy_r3 on R3 to filter out the route 10.1.2.0/24. [R3]acl number 2001 [R3-acl-basic-2001]rule 0 permit source 10.1.2.0 0.0.0.255 [R3-acl-basic-2001]route-policy policy_r3 deny node 10 [R3-route-policy]if-match acl 2001 [R3-route-policy]route-policy policy_r3 permit node 20 [R3-route-policy]bgp 64512 [R3-bgp]peer 10.0.113.1 route-policy policy_r3 export
Create the routing policy policy_r5 on R5 to filter out the route 10.2.2.0/24. [R5]acl number 2001 [R5-acl-basic-2001]rule 0 permit source 10.2.2.0 0.0.0.255 [R5-acl-basic-2001]route-policy policy_r5 deny node 10 [R5-route-policy]if-match acl 2001 [R5-route-policy]route-policy policy_r5 permit node 20 [R5-route-policy]bgp 64512 [R5-bgp]peer 10.0.115.1 route-policy policy_r5 export
View the routing table of S1. [S1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 15
Destination/Mask
0.0.0.0/0 10.0.1.11/32 10.0.3.3/32
HC Series
Routes : 15
Proto Pre Cost
Flags NextHop
Interface
O_ASE 150 21
D
10.0.113.3
Vlanif13
Direct 0
0
D
127.0.0.1
InLoopBack0
OSPF
1
D
10.0.113.3
Vlanif13
10
HUAWEI TECHNOLOGIES
293
HCNP-IERN Chapter 3 BGP application and management 10.0.4.4/32
OSPF
10
1
D
10.0.114.4
Vlanif14
10.0.5.5/32
OSPF
10
1
D
10.0.115.5
Vlanif15
10.0.113.0/24
Direct 0
0
D
10.0.113.1
Vlanif13
10.0.113.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.0/24
Direct 0
0
D
10.0.114.1
Vlanif14
10.0.114.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.115.0/24
Direct 0
0
D
10.0.115.1
Vlanif15
10.0.115.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.1.2.0/24
BGP
255 0
RD
10.0.115.5
Vlanif15
10.2.2.0/24
BGP
255 0
RD
10.0.113.3
Vlanif13
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
The preceding information shows that the next hop to the network segment 10.1.2.0/24 is R5 and the next hop to the network segment 10.2.2.0/24 is R3. Disable S2/0/0 of R3. [R3]interface s2/0/0 [R3-Serial2/0/0]shutdown
View the routing table of S1 and test the connectivity to the IP address 10.1.2.2. [S1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 14
Destination/Mask
0.0.0.0/0
Routes : 14
Proto Pre Cost
Flags NextHop
Interface
O_ASE 150 21
D
10.0.113.3
Vlanif13
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.3.3/32
OSPF
10
1
D
10.0.113.3
Vlanif13
10.0.4.4/32
OSPF
10
1
D
10.0.114.4
Vlanif14
10.0.5.5/32
OSPF
10
1
D
10.0.115.5
Vlanif15
10.0.113.0/24
Direct 0
0
D
10.0.113.1
Vlanif13
10.0.113.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.114.0/24
Direct 0
0
D
10.0.114.1
Vlanif14
10.0.114.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.115.0/24
Direct 0
0
D
10.0.115.1
Vlanif15
10.0.115.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.1.11/32
294
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management 10.1.2.0/24
BGP
255 0
RD
10.0.115.5
Vlanif15
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
There is only the 10.1.2.0/24 route in the routing table of S1 because a routing policy is applied on R5 to filter out the route 10.2.2.0/24. [S1]ping 10.1.2.2 PING 10.1.2.2: 56 data bytes, press CTRL_C to break Reply from 10.1.2.2: bytes=56 Sequence=1 ttl=254 time=1 ms Reply from 10.1.2.2: bytes=56 Sequence=2 ttl=254 time=1 ms Reply from 10.1.2.2: bytes=56 Sequence=3 ttl=254 time=1 ms Reply from 10.1.2.2: bytes=56 Sequence=4 ttl=254 time=1 ms Reply from 10.1.2.2: bytes=56 Sequence=5 ttl=254 time=1 ms
--- 10.1.2.2 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/1/1 ms
Enable S2/0/0 on R3. [R3]interface s2/0/0 [R3-Serial2/0/0]undo shutdown
Step 5 Configure BGP routes for home data to use multiple ISP. The company rents another Internet line to connect to ISP 2. To select paths over BGP, delete default routes advertised by OSPF in the previous steps. [R3]ospf [R3-ospf-1]undo default-route-advertise
[R5]ospf [R5-ospf-1]undo default-route-advertise
Delete the policies for filtering out routes from R3 and R5. [R3]undo route-policy policy1
HC Series
HUAWEI TECHNOLOGIES
295
HCNP-IERN Chapter 3 BGP application and management
[R5]undo route-policy policy2
Delete the commands for importing OSPF routes into BGP from R3 and R5. [R3]bgp 64512 [R3-bgp]undo import-route ospf 1
[R5]bgp 64512 [R5-bgp]undo import-route ospf 1
Establish EBGP peer relationships between R1 and R2 and between R1 and R4 so that ISP 2 can transmit the routes 10.1.2.0/24 and 10.2.2.0/24. [R1]bgp 200 [R1-bgp]peer 10.0.12.2 as-number 100 [R1-bgp]peer 10.0.14.4 as-number 64512
[R2]bgp 100 [R2-bgp]peer 10.0.12.1 as-number 200
[R4]bgp 64512 [R4-bgp]peer 10.0.14.1 as-number 200
View the status of the routes 10.1.2.0/24 and 10.2.2.0/24 on S1 and pay attention to the current path selection principle. [S1]display bgp routing-table
Total Number of Routes: 6
BGP Local router ID is 10.0.11.11 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.1.2.0/24
10.0.113.3
0
100
0
100i
* i
10.0.115.5
0
100
0
100i
* i
10.0.114.4
100
0
200 100i
*>i 10.2.2.0/24
10.0.113.3
100
0
100i
296
0
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management * i
10.0.115.5
* i
10.0.114.4
0
100
0
100i
100
0
200 100i
The company needs to access the network segment 10.2.2.0/24 by using the new link connected to ISP 2. Create the routing policy policy_r4 on R4 and change local preference attribute of the route to 150. [R4]acl number 2001 [R4-acl-basic-2001]rule 0 permit source 10.2.2.0 0.0.0.255 [R4-acl-basic-2001]route-policy policy_r4 permit node 10 [R4-route-policy]if-match acl 2001 [R4-route-policy]apply local-preference 150 [R4-route-policy]route-policy policy_r4 permit node 20
Advertise the routing policy to S1. [R4]bgp 64512 [R4-bgp]peer 10.0.114.1 route-policy policy_r4 export
View the BGP routing table of S1. [S1]display bgp routing-table
Total Number of Routes: 6
BGP Local router ID is 10.0.11.11 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.1.2.0/24
10.0.113.3
0
100
0
100i
* i
10.0.115.5
0
100
0
100i
* i
10.0.114.4
100
0
200 100i
*>i 10.2.2.0/24
10.0.114.4
150
0
200 100i
* i
10.0.113.3
0
100
0
100i
* i
10.0.115.5
0
100
0
100i
The preceding information shows that S1 accesses the network segment 10.2.2.0/24 through the link from ISP 2 to R4. Disable S1/0/0 of R4 to simulate a fault. [R4]interface s1/0/0
HC Series
HUAWEI TECHNOLOGIES
297
HCNP-IERN Chapter 3 BGP application and management [R4-Serial1/0/0]shutdown
View the BGP routing table of S1. [S1]display bgp routing-table
Total Number of Routes: 4
BGP Local router ID is 10.0.11.11 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.1.2.0/24
10.0.113.3
0
100
0
100i
* i
10.0.115.5
0
100
0
100i
*>i 10.2.2.0/24
10.0.113.3
0
100
0
100i
* i
10.0.115.5
0
100
0
100i
The preceding information shows that S1 accesses the network segments 10.1.2.0/24 and 10.2.2.0/24 through the link from ISP 1 to R3. Enable S1/0/0 on R4. [R4]interface s1/0/0 [R4-Serial1/0/0]undo shutdown
View the BGP routing table of S1 to check whether the routing information has been recovered. [S1]display bgp routing-table
Total Number of Routes: 6
BGP Local router ID is 10.0.11.11 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Network
*>i 10.1.2.0/24
298
NextHop
10.0.113.3
MED
0
LocPrf
100
HUAWEI TECHNOLOGIES
PrefVal Path/Ogn
0
100i
HC Series
HCNP-IERN Chapter 3 BGP application and management * i
10.0.115.5
* i
0
100
0
100i
10.0.114.4
100
0
200 100i
*>i 10.2.2.0/24
10.0.114.4
150
0
200 100i
* i
10.0.113.3
0
100
0
100i
* i
10.0.115.5
0
100
0
100i
Additional Exercises: Analyzing and Verifying After S2/0/0 of R3 is disabled in Step 3, the standby link between R5 and ISP 1 still functions properly, though the active link between the company and ISP 1 does not. In this case, how can the connectivity problem be resolved?
How can load balancing for ingress traffic be implemented in the same network segment when data is homed to two ISPs?
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 # bgp 200 peer 10.0.12.2 as-number 100 peer 10.0.14.4 as-number 64512 #
HC Series
HUAWEI TECHNOLOGIES
299
HCNP-IERN Chapter 3 BGP application and management ipv4-family unicast undo synchronization maximum load-balancing 4 peer 10.0.12.2 enable peer 10.0.14.4 enable # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.25.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 # interface LoopBack1 ip address 10.1.2.2 255.255.255.0 # interface LoopBack2 ip address 10.2.2.2 255.255.255.0 # bgp 100 peer 10.0.12.1 as-number 200 peer 10.0.23.3 as-number 64512 peer 10.0.25.5 as-number 64512 # ipv4-family unicast undo synchronization network 10.1.2.0 255.255.255.0 network 10.2.2.0 255.255.255.0 maximum load-balancing 4
300
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management peer 10.0.12.1 enable peer 10.0.23.3 enable peer 10.0.25.5 enable # return
display current-configuration [V200R001C00SPC200] # sysname R3 # acl number 2001 rule 0 permit source 10.1.2.0 0.0.0.255 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 10.0.113.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # bgp 64512 peer 10.0.23.2 as-number 100 peer 10.0.113.1 as-number 64512 # ipv4-family unicast undo synchronization maximum load-balancing 4 peer 10.0.23.2 enable peer 10.0.113.1 enable peer 10.0.113.1 next-hop-local # ospf 1 area 0.0.0.0 network 10.0.113.3 0.0.0.0 network 10.0.3.3 0.0.0.0 # return
display current-configuration
HC Series
HUAWEI TECHNOLOGIES
301
HCNP-IERN Chapter 3 BGP application and management [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 10.0.114.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 # bgp 64512 peer 10.0.14.1 as-number 200 peer 10.0.114.1 as-number 64512 # ipv4-family unicast undo synchronization maximum load-balancing 4 peer 10.0.14.1 enable peer 10.0.114.1 enable peer 10.0.114.1 route-policy policy_r4 export peer 10.0.114.1 next-hop-local # ospf 1 area 0.0.0.0 network 10.0.114.4 0.0.0.0 network 10.0.4.4 0.0.0.0 # route-policy policy_r4 permit node 10 if-match acl 2001 apply local-preference 150 route-policy policy_r4 permit node 20 # Return
display current-configuration [V200R001C00SPC200] # sysname R5 #
302
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management interface GigabitEthernet0/0/0 ip address 10.0.25.5 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 10.0.115.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.255 # bgp 64512 peer 10.0.25.2 as-number 100 peer 10.0.115.1 as-number 64512 # ipv4-family unicast undo synchronization maximum load-balancing 4 peer 10.0.25.2 enable peer 10.0.115.1 enable peer 10.0.115.1 next-hop-local # ospf 1 area 0.0.0.0 network 10.0.115.5 0.0.0.0 network 10.0.5.5 0.0.0.0 # return
display current-configuration # !Software Version V100R005C01SPC100 sysname S1 # interface Vlanif13 ip address 10.0.113.1 255.255.255.0 # interface Vlanif14 ip address 10.0.114.1 255.255.255.0 # interface Vlanif15 ip address 10.0.115.1 255.255.255.0 # interface GigabitEthernet0/0/3 port link-type access
HC Series
HUAWEI TECHNOLOGIES
303
HCNP-IERN Chapter 3 BGP application and management port default vlan 13 # interface GigabitEthernet0/0/4 port link-type access port default vlan 14 # interface GigabitEthernet0/0/5 port link-type access port default vlan 15 # interface LoopBack0 ip address 10.0.1.11 255.255.255.255 # bgp 64512 peer 10.0.113.3 as-number 64512 peer 10.0.114.4 as-number 64512 peer 10.0.115.5 as-number 64512 # ipv4-family unicast undo synchronization peer 10.0.113.3 enable peer 10.0.114.4 enable peer 10.0.115.5 enable # ospf 1 area 0.0.0.0 network 10.0.113.1 0.0.0.0 network 10.0.114.1 0.0.0.0 network 10.0.115.1 0.0.0.0 network 10.0.1.11 0.0.0.0 # return
304
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Lab 3-6 BGP Troubleshooting Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Troubleshoot the failure in establishing Border Gateway Protocol
(BGP) neighbors. •
Use BGP hard reset.
•
Use BGP soft reset.
•
Use debugging commands in BGP.
Topology
Figure 3-6 BGP troubleshooting
Scenario Assume that you are a network administrator of a company that uses BGP for its network. The network serving the company consists of multiple autonomous systems (AS). Different branches use different AS IDs. Many problems occur during BGP configuration and are resolved finally.
HC Series
HUAWEI TECHNOLOGIES
305
HCNP-IERN Chapter 3 BGP application and management
Tasks Step 1 Perform basic configurations and IP addressing. Configure IP addresses and subnet masks for the physical and Loopback 0 interfaces of all routers. The subnet masks for the Loopback 0 interfaces contain 32 binary digits. The IP address planning is shown in the preceding figure. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]quit [R1]interface LoopBack 0 [R1-LoopBack0]ip add 10.0.1.1 32 [R1-LoopBack0]quit
[R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0]quit [R2]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 24 [R2-Serial2/0/0]quit [R2]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 32 [R2-LoopBack0]quit
[R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 24 [R3-Serial2/0/0]quit [R3]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 32 [R3-LoopBack0]quit
Test whether direct links are reachable. [R2]ping -c 1 10.0.12.1 PING 10.0.12.1: 56 data bytes, press CTRL_C to break Reply from 10.0.12.1: bytes=56 Sequence=1 ttl=255 time=40 ms
--- 10.0.12.1 ping statistics ---
306
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management 1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 40/40/40 ms
[R2]ping -c 1 10.0.23.3 PING 10.0.23.3: 56 data bytes, press CTRL_C to break Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=38 ms
--- 10.0.23.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 38/38/38 ms
The preceding information shows that the direct links are reachable.
Step 2 Configure Interior Gateway Protocol (IGP) and BGP. Configure AS 64512 to use OSPF as IGP and all routers belong to area 0. The IP addresses of the Loopback 0 interfaces are used as router IDs. Enable OSPF on the network segment where the S1/0/0 and Loopback 0 interfaces of R1 reside. [R1]ospf 1 router-id 10.0.1.1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
Enable OSPF on the network segment where the S1/0/0 and Loopback 0 interfaces of R2 reside. [R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
Test whether the route from R1 to the Loopback 0 interface of R2 is reachable. [R1]ping -c 1 -a 10.0.1.1 10.0.2.2 PING 10.0.2.2: 56 data bytes, press CTRL_C to break Reply from 10.0.2.2: bytes=56 Sequence=1 ttl=255 time=40 ms
HC Series
HUAWEI TECHNOLOGIES
307
HCNP-IERN Chapter 3 BGP application and management --- 10.0.2.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 40/40/40 ms
Configure IBGP between R1 and R2 and EBGP between R2 and R3. Establish peer relationships between R2 and R1 and between R2 and R3 using loopback interface IP addresses. To ensure that routing information is transmitted correctly, the next-hop-local parameter is set for R1 on R2. On R3, configure the AS ID to 64514 for the peer 10.0.2.2. This is to simulate an error. [R1]bgp 64512 [R1-bgp]peer 10.0.2.2 as-number 64512
[R2]bgp 64512 [R2-bgp]peer 10.0.1.1 as-number 64512 [R2-bgp]peer 10.0.1.1 next-hop-local [R2-bgp]peer 10.0.3.3 as-number 64513
[R3]bgp 64513 [R3-bgp]peer 10.0.2.2 as-number 64514
Step 3 Troubleshoot
faults
in
establishing
peer
relationships. Peer relationships are not established between routers. First view the peer relationships on R2. [R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 2
Peer
V
Peers in established state : 0
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.1.1
4
64512
0
0
0 00:05:36
Active
0
10.0.3.3
4
64513
0
0
0 00:05:21
Idle
0
308
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
The preceding information shows that 10.0.1.1 is in the Active state and 10.0.2.2 is in the Idle state. If BGP peer relationships are established successfully, both 10.0.1.1 and 10.0.2.2 should be in the Established state. If either stays in another state for a long period of time, a fault occurs. If the peer IP address is unreachable, its status is displayed as Idle on the local router. When this fault occurs, the reason may be that the local router does not initiate a TCP connection to the peer router. If the peer IP address is reachable but a TCP connection fails to be established, the peer router stays in the Active state. If the peer router stays in another state instead of Established for a long period of time, test the connectivity between the Loopback 0 interfaces of R2 and R3. [R2]ping -c 1 -a 10.0.2.2 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
The Loopback 0 interfaces of R2 and R3 cannot communicate with each other. Check the routing table of R2. [R2]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 14
Destination/Mask
Routes : 14
Proto
Pre Cost
10.0.1.1/32
OSPF
10
10.0.2.2/32
Flags NextHop
Interface
1562
D
10.0.12.1
Serial1/0/0
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.0/24
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.0/24
Direct 0
0
D
10.0.23.2
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
HC Series
HUAWEI TECHNOLOGIES
309
HCNP-IERN Chapter 3 BGP application and management 10.0.23.3/32
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The routing table of R2 does not contain the route to the Loopback 0 interface (10.0.3.3) of R3. Check the routing table of R3. [R3]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 9
Destination/Mask
Proto
Routes : 9
Pre Cost
Flags NextHop
Interface
10.0.3.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.0/24
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
10.0.23.2
Serial2/0/0
10.0.23.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The routing table of R3 does not contain the route to the Loopback 0 interface (10.0.2.2) of R2. Static routes can enable the loopback interfaces of neighbor routers in different ASs to communicate with each other. Add a static route to the network segment where the loopback interface of the peer router resides for both R2 and R3. [R2]ip route-static 10.0.3.3 32 10.0.23.3
[R3]ip route-static 10.0.2.2 32 10.0.23.2
Test whether the route from R2 to R3 is reachable.
310
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R2]ping -c 1 -a 10.0.2.2 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=255 time=30 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 30/30/30 ms
View the BGP peer relationships on R2. [R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 2
Peers in established state : 0
Peer
V
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.1.1
4
64512
0
0
0 05:23:27
Active
0
10.0.3.3
4
64513
0
0
0 05:23:02
Active
0
The state of R3 changes from Idle to Active. Check the peer relationship between R1 and R2. The connectivity between the loopback interfaces of R1 and R2 has been proved after OSPF configuration. BGP communication is implemented using TCP port 179. Check whether port 179 is enabled on the routers. View the TCP connection status on R1 and R2. [R1]display tcp status TCPCB
Tid/Soid Local Add:port
Foreign Add:port
VPNID State
194b9500 8 /2
0.0.0.0:22
0.0.0.0:0
23553
Listening
194b939c 8 /1
0.0.0.0:23
0.0.0.0:0
23553
Listening
194b90d4 106/1
0.0.0.0:80
0.0.0.0:0
0
Listening
194b9a90 234/2
0.0.0.0:179
10.0.2.2:0
0
Listening
194b9664 8 /3
0.0.0.0:830
0.0.0.0:0
23553
Listening
194b9238 6 /1
0.0.0.0:7547
0.0.0.0:0
0
Listening
[R2]display tcp status TCPCB
Tid/Soid Local Add:port
HC Series
Foreign Add:port
HUAWEI TECHNOLOGIES
VPNID State
311
HCNP-IERN Chapter 3 BGP application and management 1949a048 234/5
0.0.0.0:0
0.0.0.0:0
0
Closed
19499d80 8 /2
0.0.0.0:22
0.0.0.0:0
23553
Listening
19499c1c 8 /1
0.0.0.0:23
0.0.0.0:0
23553
Listening
19499954 106/1
0.0.0.0:80
0.0.0.0:0
0
Listening
1949a474 234/2
0.0.0.0:179
10.0.1.1:0
0
Listening
1949a310 234/4
0.0.0.0:179
10.0.3.3:0
0
Listening
19499ee4 8 /3
0.0.0.0:830
0.0.0.0:0
23553
Listening
19499ab8 6 /1
0.0.0.0:7547
0.0.0.0:0
0
Listening
The preceding information shows that port 179 is in the Listening state. BGP works properly on every single router. Run the debug command to check whether R1 receives BGP packets from R2. terminal debugging debugging tcp packet Dec 7 2011 10:08:16.620.1+00:00 R1 SOCKET/7/TCP PACKET: TCP debug packet information: 1323252496: Input: no port, (src = 10.0.12.2:52688,dst = 10.0.1.1:179,VrfIndex = 0,seq = 2254758724, ack = 0,datalen = 0,optlen = 4,flag = SYN ,window = 16384,ttl = 0,tos = 0,MSS = 0)
Dec 7 2011 10:08:16.620.2+00:00 R1 SOCKET/7/TCP PACKET: TCP debug packet information: 1323252496: Output: task = (0), socketid = 0, (src = 10.0.1.1:179,dst = 10.0.12.2:52688,VrfIndex = 0,seq = 0, ack = 2254758725,datalen = 0,optlen = 0,flag = ACK RST ,window = 0,ttl = 255,tos = 0,MSS = 0)
The source IP address of the packets sent from R2 to port 179 is 10.0.12.2. View the topology and it is found that 10.0.12.2 is the IP address of the S1/0/0 interface of R2. However, the loopback interface of R2 is used to establish a peer relationship with R1. Therefore, a peer relationship cannot be established between R1 and R2. To resolve this problem, specify the IP address of the update source using the connect-interface parameter when a peer relationship is established. This problem also exists in an attempt to establish a peer relationship between R2 and R3. Specify the IP address of the update source for R2 to establish a peer relationship with R3 properly. 312
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R1]bgp 64512 [R1-bgp]peer 10.0.2.2 connect-interface LoopBack 0
[R2]bgp 64512 [R2-bgp]peer 10.0.1.1 connect-interface LoopBack 0 [R2-bgp]peer 10.0.3.3 connect-interface LoopBack 0
[R3]bgp 64513 [R3-bgp]peer 10.0.2.2 connect-interface LoopBack 0
View the peer relationships on R2. [R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 2
Peer
V
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
10.0.1.1
4
64512
16
17
10.0.3.3
4
64513
0
0
State PrefRcv
0 00:14:18 Established
0
0 00:14:35
0
Active
The state of R1 is displayed as Established on R2. Run the debug command to check whether R3 receives a BGP packet from R2, and view the content of the packet. terminal debugging debugging ip packet Dec 7 2011 10:51:44.30.5+00:00 R3 IP/7/debug_case: Delivering, interface = S2/0/0, version = 4, headlen = 20, tos = 192, pktlen = 40, pktid = 4752, offset = 0, ttl = 1, protocol = 6, checksum = 36220, s = 10.0.2.2, d = 10.0.3.3 prompt: Packet is before IP_Reass before really deliver to up.
Dec 7 2011 10:51:44.30.6+00:00 R3 IP/7/debug_case: Sending, interface = S2/0/0, version = 4, headlen = 20, tos = 0, pktlen = 40, pktid = 9953, offset = 0, ttl = 255, protocol = 6, checksum = 31722, s = 10.0.3.3, d = 10.0.2.2 prompt: Sending the packet from local at S2/0/0
The TTL of the BGP packet received by R3 is 1. The default TTL of packets exchanged between EBGP peers is 1.
HC Series
HUAWEI TECHNOLOGIES
313
HCNP-IERN Chapter 3 BGP application and management
A peer relationship is established between R2 and R3 using loopback interfaces. The route from the loopback interface of R2 to that of R3 has two next hops. The packet is discarded before arriving at the loopback interface of R2 because the TTL is exceeded. Change the TTL of the packets exchanged between EBGP peers to resolve this problem. [R2]bgp 64512 [R2-bgp]peer 10.0.3.3 ebgp-max-hop 2
[R3]bgp 64513 [R3-bgp]peer 10.0.2.2 ebgp-max-hop 2
View the peer relationships on R2. [R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 2
Peer
V
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
State
PrefRcv
10.0.1.1
4
64512
3
4
0 00:01:34 Established
0
10.0.3.3
4
64513
0
1
0 00:00:44
0
Active
The state of R3 is still displayed as Active on R2. Check for BGP errors on R3. [R3]display bgp error Error Type
: Peer Error
Date/Time
: 2011/12/07 11:24:37
Peer Address : 10.0.2.2 VRF Name
: Public
Error Info
: Incorrect remote AS
Error Type
: Peer Error
Date/Time
: 2011/12/07 11:25:09
Peer Address : 10.0.2.2 VRF Name
: Public
Error Info
: Incorrect remote AS
314
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management Error Type
: Peer Error
Date/Time
: 2011/12/07 11:25:41
Peer Address : 10.0.2.2 VRF Name
: Public
Error Info
: Incorrect remote AS
terminal debugging debugging bgp packet verbose Dec 7 2011 11:31:01.540.1+00:00 R3 RM/6/RMDEBUG: BGP.Public: Err/SubErr: 2/2 Errdata: 41040000fc00 Identified in OPEN MSG from 10.0.2.2.
Dec 7 2011 11:31:01.540.2+00:00 R3 RM/6/RMDEBUG:
Dec 7 2011 11:31:01.540.3+00:00 R3 RM/6/RMDEBUG: BGP.Public: Err/SubErr: 2/2 Errdata: 41040000fc00 Identified in OPEN MSG from 10.0.2.2.
An AS ID error is found. Run the debug command to view details. The preceding information shows that the error ID and sub-ID are both 2. This error ID indicates that the AS ID is incorrect. Change the AS ID of the peer router on R3. [R3]bgp 64513 [R3-bgp]undo peer 10.0.2.2 [R3-bgp]peer 10.0.2.2 as-number 64512 [R3-bgp]peer 10.0.2.2 ebgp-max-hop 2 [R3-bgp]peer 10.0.2.2 connect-interface LoopBack0
View the peer relationship between R2 and R3. [R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 2
Peer
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.1.1
4
64512
81
82
0 01:19:18 Established
0
10.0.3.3
4
64513
3
4
0 00:01:12 Established
0
HC Series
HUAWEI TECHNOLOGIES
315
HCNP-IERN Chapter 3 BGP application and management
Step 4 Troubleshoot BGP security faults. BGP is typically applied on the backbone network and therefore its security is extremely important. A large part of the network may fail if a BGP router is attacked. MD5 authentication is used for sessions between BGP peers. This is to prevent illegitimate routers from establishing peer relationships with BGP routers on the network. Enable MD5 authentication between R1 and R2. Set incorrect keys. Set the key to huawei on R1 and to 123 on R2. View the change of the peer relationship between R1 and R2. [R1]bgp 64512 [R1-bgp]peer 10.0.2.2 password simple huawei
[R2]bgp 64512 [R2-bgp]peer 10.0.1.1 password simple 123
Reset the BGP peer relationship on R1. The states of R1 and R2 are respectively displayed as Connect and Active on each other. reset bgp 10.0.2.2 [R1]display bgp peer
BGP local router ID : 10.0.12.1 Local AS number : 64512 Total number of peers : 1
Peer
V
10.0.2.2
4
Peers in established state : 0
AS MsgRcvd MsgSent OutQ Up/Down
64512
0
0
0 00:03:39
State PrefRcv
Connect
Change the key to huawei on R2. [R2-bgp]undo peer 10.0.1.1 password [R2-bgp]peer 10.0.1.1 password simple huawei
Wait about 30 seconds and view the peer relationship again. [R2]display bgp peer
BGP local router ID : 10.0.12.2
316
HUAWEI TECHNOLOGIES
HC Series
0
HCNP-IERN Chapter 3 BGP application and management Local AS number : 64512 Total number of peers : 2
Peer
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down
10.0.1.1
4
64512
2
10.0.3.3
4
64513
166
State PrefRcv
2
0 00:00:34 Established
0
167
0 02:44:05 Established
0
The states of R1 and R2 are displayed as Established on each other and this indicates that a peer relationship is successfully established between R1 and R2. The actual AS ID of AS 64512 needs to be hidden to routers in AS 64513. The fake-as command can be used on a router to configure a false AS ID for its peer router. Run the fake-as command on R2 to configure the false AS ID of R3 to 100. On R3, configure a false AS ID for R2. [R2]bgp 64512 [R2-bgp]peer 10.0.3.3 fake-as 100
[R3]bgp 64513 [R3-bgp]undo peer 10.0.2.2 [R3-bgp]peer 10.0.2.2 as-number 100 [R3-bgp]peer 10.0.2.2 ebgp-max-hop 2 [R3-bgp]peer 10.0.2.2 connect-interface LoopBack0
View information about the peer router on R3. The AS ID of R2 is 100. [R3]display bgp peer
BGP local router ID : 10.0.23.3 Local AS number : 64513 Total number of peers : 1
Peers in established state : 1
Peer
V
AS MsgRcvd MsgSent OutQ Up/Down
10.0.2.2
4
100
2
2
0 00:00:28
State
PrefRcv
Established
0
R2 advertises the network segment where its Loopback 0 resides. View the value of As-Path of the BGP route learned by R3. HC Series
HUAWEI TECHNOLOGIES
317
HCNP-IERN Chapter 3 BGP application and management [R2]bgp 64512 [R2-bgp]network 10.0.2.2 32
[R3]display bgp routing-table
BGP Local router ID is 10.0.23.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
10.0.2.2/32
NextHop
MED
10.0.2.2
0
LocPrf
PrefVal Path/Ogn
0
100i
The value of As-Path of the route 10.0.2.2/32 learned by R3 is 100. R3 considers that this route is originated from AS 100 though actually it is originated from AS 64512. BGP provides another security feature named Generalized TTL Security Mechanism (GTSM). The GTSM feature checks whether the TTL carried in IP packet headers is within the specified range to determine whether to protect routers. A packet is discarded if the TTL of the BGP packet is beyond the specified range. Both the GTSM feature and the ebgp-max-hop parameter affect the TTL of BGP packets. The two are mutually exclusive for a pair of peers or peer groups. Enable the GTSM feature for the link between R2 and R3 and then view the exchange of BGP packets between them. In the system view of R2, set the default action to be taken in the case of violation of the GTSM rule. Here configure R2 to discard the BGP packets that do not meet the conditions. [R2]gtsm default-action drop
In the BGP view of R2, enable the GTSM feature specific to R3. Before enabling the GTSM feature, delete the value of ebgp-max-hop from R2. Set valid-ttl-hops to 1 because there is a direct link between R2 and R3. [R2]bgp 64512 [R2-bgp]undo peer 10.0.3.3 ebgp-max-hop [R2-bgp]peer 10.0.3.3 valid-ttl-hops 1 [R2-bgp]peer 10.0.1.1 valid-ttl-hops 1
318
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Perform the same operations on R1 and R3. [R1]gtsm default-action drop [R1]bgp 64512 [R1-bgp]peer 10.0.2.2 valid-ttl-hops 1
[R3]gtsm default-action drop [R3]bgp 64513 [R3-bgp]undo peer 10.0.2.2 ebgp-max-hop [R3-bgp]peer 10.0.2.2 valid-ttl-hops 1
View the peer relationship between R2 and R3. [R3]dis bgp peer
BGP local router ID : 10.0.23.3 Local AS number : 64513 Total number of peers : 1
Peer
10.0.2.2
V
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
100
3
2
0 00:00:06
State PrefRcv
Established
1
On R3, view the change of the TTL of BGP packets. debugging ip packet Dec 7 2011 16:34:51.10.1+00:00 R3 IP/7/debug_case: Receiving, interface = S2/0/0, version = 4, headlen = 20, tos = 192, pktlen = 59, pktid = 8820, offset = 0, ttl = 255, protocol = 6, checksum = 32644, s = 10.0.2.2, d = 10.0.3.3 prompt: Receiving IP packet from S2/0/0
Dec 7 2011 16:34:51.10.2+00:00 R3 IP/7/debug_case: Receiving, interface = Serial2/0/0, version = 4, headlen = 20, tos = 192, pktlen = 59, pktid = 8820, offset = 0, ttl = 255, protocol = 6, checksum = 32644, s = 10.0.2.2, d = 10.0.3.3 prompt: IP_ProcessByBoard Begin!
The TTL of the packets sent from R2 to R3 is 255, instead of the default value 1. To ensure that BGP packets whose TTLs are beyond the specified range are discarded, enable the log function on R3 so that a log is generated when a packet is discarded. [R3]gtsm log drop-packet all
HC Series
HUAWEI TECHNOLOGIES
319
HCNP-IERN Chapter 3 BGP application and management
Configure the ebgp-max-hop parameter on R2 so that the TTL of the BGP packets sent from R2 to R3 is smaller than 254. [R2]bgp 64512 [R2-bgp]undo peer 10.0.3.3 valid-ttl-hops [R2-bgp]peer 10.0.3.3 ebgp-max-hop 253
Wait for a period of time. The peer relationship between R2 and R3 enters the IDLE state. View GTSM statistics on R3 and some packets are found discarded. Dec 7 2011 16:48:34+00:00 R3 %%01BGP/3/STATE_CHG_UPDOWN(l)[4]:The status of the peer 10.0.2.2 changed from ESTABLISHED to IDLE. (InstanceName=Public, StateChangeReason=Hold Timer Expired) [R3]display gtsm statistics all GTSM Statistics Table ---------------------------------------------------------------SlotId Protocol Total Counters Drop Counters Pass Counters ---------------------------------------------------------------0
BGP
83
27
56
0
OSPF
0
0
0
0
LDP
0
0
0
----------------------------------------------------------------
Restore the previous configuration of R2. Wait for a period of time and check whether packets are discarded. [R2-bgp]undo peer 10.0.3.3 ebgp-max-hop [R2-bgp]peer 10.0.3.3 valid-ttl-hops 1
[R3]display gtsm statistics all GTSM Statistics Table ---------------------------------------------------------------SlotId Protocol Total Counters Drop Counters Pass Counters ---------------------------------------------------------------0
BGP
89
27
62
0
OSPF
0
0
0
0
LDP
0
0
0
----------------------------------------------------------------
The preceding information shows that no more packets are discarded.
320
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Step 5 Troubleshoot BGP relationship reset faults. During routing policy configuration, BGP relationships need to be reset for the configured routing policy to take effect. On the versatile routing platform (VRP), there are two reset modes: hard reset (reset) and soft reset (refresh). The reset bgp command releases the TCP connection between BGP peers. After this command is executed, the peer relationship changes to IDLE, OPEN, OPENCONFIRM, and finally ESTABLISHED. The change process lasts for more than 30 seconds. BGP relationships must be reset if the routing policy is modified. If hard reset is performed, network interruption lasts more than 30 seconds. This is not tolerable on the core network. The soft reset performed by running the refresh bgp command does not release the TCP connection between BGP peers. This command only synchronizes the routing tables between the BGP peers. The soft reset process takes much shorter time than the hard reset process. The network interruption cannot be sensed if the routing tables of the BGP peers do not contain a huge number of routes. Note that the reset bgp and refresh bgp commands must be run in the user view. View the hard reset process. Run the reset bgp all command on R2 and view the BGP peer relationship immediately. reset bgp all Dec 21 2011 14:39:26+00:00 R2 %%01BGP/3/STATE_CHG_UPDOWN(l)[3]:The status of the peer 10.0.1.1 changed from ESTABLISHED to IDLE. (InstanceName=Public, StateChangeReason=CEASE/Administrative Reset) Dec 21 2011 14:39:26+00:00 R2 %%01BGP/3/STATE_CHG_UPDOWN(l)[4]:The status of the peer 10.0.3.3 changed from ESTABLISHED to IDLE. (InstanceName=Public, StateChangeReason=CEASE/Administrative Reset) display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 2
Peer
V
10.0.1.1
4
HC Series
Peers in established state : 0
AS MsgRcvd MsgSent OutQ Up/Down
64512
0
0
0 00:00:08
HUAWEI TECHNOLOGIES
State PrefRcv
Idle
0
321
HCNP-IERN Chapter 3 BGP application and management 10.0.3.3
4
64513
0
0
0 00:00:08
Idle
0
The peer relationship is established again after about 30 seconds. Dec 21 2011 14:39:58+00:00 R2 %%01BGP/3/STATE_CHG_UPDOWN(l)[5]:The status of the peer 10.0.3.3 changed from OPENCONFIRM to ESTABLISHED. (InstanceName=Public, StateChangeReason=Up) Dec 21 2011 14:39:58+00:00 R2 %%01BGP/3/STATE_CHG_UPDOWN(l)[6]:The status of the peer 10.0.1.1 changed from OPENCONFIRM to ESTABLISHED. (InstanceName=Public, StateChangeReason=Up)
The reset bgp all command resets all BGP peers. Add the peer IP address or the name of the peer group to the reset bgp command to reset the BGP peer relationship between a specific pair of routers. Reset the peer relationship between R2 and R3. reset bgp 10.0.3.3 Dec 21 2011 14:42:13+00:00 R2 %%01BGP/3/STATE_CHG_UPDOWN(l)[7]:The status of the peer 10.0.3.3 changed from ESTABLISHED to IDLE. (InstanceName=Public, StateChangeReason=CEASE/Administrative Reset) display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 2
Peers in established state : 1
Peer
V
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.1.1
4
64512
5
7
0 00:03:03 Established
0
10.0.3.3
4
64513
0
0
0 00:00:15
0
Idle
The preceding information shows that only R3 (10.0.3.3) enters the Idle state and R1 is still in the Established state. Configure a routing policy on R2 to check whether the soft reset updates BGP routing tables. The network segment where the Loopback 0 interface of R2 resides is advertised to BGP in preceding steps. The route to this network segment can be found in the routing table of R3 and the value of Origin of this route is IGP.
322
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R3]display bgp routing-table
BGP Local router ID is 10.0.23.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
NextHop
10.0.2.2/32
MED
10.0.2.2
LocPrf
PrefVal Path/Ogn
0
0
100i
Configure an access control list (ACL) and routing policy, and change the value of Origin to EGP for this route. [R2]acl number 2001 [R2-acl-basic-2001]rule permit source 10.0.2.2 0 [R2-acl-basic-2001]quit [R2]route-policy change_origin permit node 10 Info: New Sequence of this List. [R2-route-policy]if-match acl 2001 [R2-route-policy]apply origin egp 100
Apply the routing policy on R3 and soft reset the peer relationship between R2 and R3. [R2]bgp 64512 [R2-bgp]peer 10.0.3.3 route-policy change_origin export [R2-bgp]return refresh bgp 10.0.3.3 export
View the BGP peer relationship immediately and it still exists. [R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 2
Peers in established state : 2
Peer
V
10.0.1.1
4
64512
19
21
0 00:17:28 Established
0
10.0.3.3
4
64513
16
18
0 00:14:08 Established
0
HC Series
AS MsgRcvd MsgSent OutQ Up/Down
HUAWEI TECHNOLOGIES
State PrefRcv
323
HCNP-IERN Chapter 3 BGP application and management
View the BGP routing table of R3. The value of Original of this route changes to EGP. [R3]display bgp routing-table
BGP Local router ID is 10.0.3.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
NextHop
10.0.2.2/32
MED
10.0.2.2
LocPrf
0
PrefVal Path/Ogn
0
100e
The refresh bgp command is used only when R2 actively sends its routing information to R3. If the peer router (R3) needs to update the BGP routing table actively, the keep-all-routes parameter must be set for the peer relationship. [R3-bgp]peer 10.0.2.2 keep-all-routes
Delete the routing policy from R2. Reset the peer relationship between R2 and R3 when R3 actively requests routing information from R2. In the BGP routing table of R3, the value of Origin of this route changes to IGP. [R2]bgp 64512 [R2-bgp]undo peer 10.0.3.3 route-policy change_origin export
refresh bgp all import display bgp routing-table
BGP Local router ID is 10.0.3.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
10.0.2.2/32
324
NextHop
10.0.2.2
MED
LocPrf
0
HUAWEI TECHNOLOGIES
PrefVal Path/Ogn
0
100i
HC Series
HCNP-IERN Chapter 3 BGP application and management
Additional Exercises: Analyzing and Verifying Figure out which type of attacks GTSM can defend against.
Figure out whether the fake-as command can be used when a BGP confederation is configured.
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # gtsm default-action drop # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 # bgp 64512 peer 10.0.2.2 as-number 64512 peer 10.0.2.2 connect-interface LoopBack0 peer 10.0.2.2 password simple huawei peer 10.0.2.2 valid-ttl-hops 1 # ipv4-family unicast undo synchronization peer 10.0.2.2 enable # ospf 1 router-id 10.0.1.1 area 0.0.0.0 network 10.0.12.1 0.0.0.0 network 10.0.1.1 0.0.0.0 # return
HC Series
HUAWEI TECHNOLOGIES
325
HCNP-IERN Chapter 3 BGP application and management
display current-configuration [V200R001C00SPC200] # sysname R2 # gtsm default-action drop # acl number 2001 rule 5 permit source 10.0.2.2 0 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 # bgp 64512 peer 10.0.1.1 as-number 64512 peer 10.0.1.1 connect-interface LoopBack0 peer 10.0.1.1 password simple huawei peer 10.0.1.1 valid-ttl-hops 1 peer 10.0.3.3 as-number 64513 peer 10.0.3.3 connect-interface LoopBack0 peer 10.0.3.3 fake-as 100 peer 10.0.3.3 valid-ttl-hops 1 # ipv4-family unicast undo synchronization network 10.0.2.2 255.255.255.255 peer 10.0.1.1 enable peer 10.0.1.1 next-hop-local peer 10.0.3.3 enable # ospf 1 router-id 10.0.2.2 area 0.0.0.0 network 10.0.12.2 0.0.0.0 network 10.0.2.2 0.0.0.0
326
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management # route-policy change_origin deny node 10 if-match acl 2001 apply origin egp 100 # ip route-static 10.0.3.3 255.255.255.255 10.0.23.3 # return
display current-configuration [V200R001C00SPC200] # sysname R3 # gtsm default-action drop gtsm log drop-packet all # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # bgp 64513 peer 10.0.2.2 as-number 100 peer 10.0.2.2 connect-interface LoopBack0 peer 10.0.2.2 valid-ttl-hops 1 # ipv4-family unicast undo synchronization peer 10.0.2.2 enable # ip route-static 10.0.2.2 255.255.255.255 10.0.23.2 # return
HC Series
HUAWEI TECHNOLOGIES
327
HCNP-IERN Chapter 3 BGP application and management
Lab 3-7 BGP Route Reflector Learning Objectives The objectives of this lab are to learn and understand: •
How to configure the BGP route reflector.
•
How the three kinds of BGP routers exchange information.
•
View the attributes of the route information reflected by
reflectors. •
Role of the cluster list and how to configure the cluster ID.
Topology
Figure 3-7 BGP route reflector
328
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Scenario Assume that you are a network engineer of a company. The network of the company interworks with other autonomous systems (ASs) using the Border Gateway Protocol (BGP). The BGP protocol requires that internal BGP (IBGP) peers fully interwork with each other. The company plans to deploy route reflectors in ASs to reduce the IBGP peer relationship. After detailed planning, you carry out the deployment and achieve the expected results.
Tasks Step 1 Configure IP addresses. Configure IP addresses and masks for the physical interfaces and loopback interfaces of all routers. Loopback interfaces use 32-bit masks. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 24 [R1-Serial3/0/0]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 32
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 24 [R2-Serial2/0/0]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.245.2 24 [R2-GigabitEthernet0/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 32
system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 24
HC Series
HUAWEI TECHNOLOGIES
329
HCNP-IERN Chapter 3 BGP application and management [R3-Serial2/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 32
system-view Enter system view, return user view with Ctrl+Z. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 24 [R4-Serial1/0/0]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ip add 10.0.245.4 24 [R4-GigabitEthernet0/0/0]interface LoopBack 0 [R4-LoopBack0]ip address 10.0.4.4 32
system-view Enter system view, return user view with Ctrl+Z. [R5]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.245.5 24 [R5-GigabitEthernet0/0/0]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 32
After you have configured IP addresses and masks for the interfaces, test the connectivity of direct links. [R2]ping -c 1 10.0.12.1 PING 10.0.12.1: 56 data bytes, press CTRL_C to break Reply from 10.0.12.1: bytes=56 Sequence=1 ttl=255 time=41 ms
--- 10.0.12.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 41/41/41 ms
[R2]ping -c 1 10.0.23.3 PING 10.0.23.3: 56 data bytes, press CTRL_C to break Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=43 ms
--- 10.0.23.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 43/43/43 ms
[R2]ping -c 1 10.0.245.4
330
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management PING 10.0.245.4: 56 data bytes, press CTRL_C to break Reply from 10.0.245.4: bytes=56 Sequence=1 ttl=255 time=7 ms
--- 10.0.245.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 7/7/7 ms
[R2]ping -c 1 10.0.245.5 PING 10.0.245.5: 56 data bytes, press CTRL_C to break Reply from 10.0.245.5: bytes=56 Sequence=1 ttl=255 time=14 ms
--- 10.0.245.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 14/14/14 ms
Step 2 Configure the IGP and BGP. Use the Open Shortest Path First (OSPF) as the Interior Gateway Protocol (IGP) for AS 64512 and classify all devices into area 0. Enable the OSPF on the network segment that connects the G0/0/0 and S2/0/0 interfaces of R2 with the Loopback0 interface. [R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.245.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]quit [R2-ospf-1]quit
Enable the OSPF on the network segment that connects the S2/0/0 interface of R3 with the Loopback0 interface. [R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]quit
HC Series
HUAWEI TECHNOLOGIES
331
HCNP-IERN Chapter 3 BGP application and management [R3-ospf-1]quit
Enable the OSPF on the network segment that connects the G0/0/0 interface of R4 with the Loopback0 interface. [R4]ospf 1 router-id 10.0.4.4 [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.0.245.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]quit [R4-ospf-1]quit
Enable the OSPF on the network segment that connects the G0/0/0 interface of R5 with the Loopback0 interface. [R5]ospf 1 router-id 10.0.5.5 [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]network 10.0.245.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]quit [R5-ospf-1]quit
Verify that R2 has learned loopback IP addresses of other devices in the same area. [R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 3
Routes : 3
OSPF routing table status : Destinations : 3
Destination/Mask Proto
Routes : 3
Pre Cost
Flags NextHop
Interface
10.0.3.3/32 OSPF
10
1562
D
10.0.23.3
10.0.4.4/32 OSPF
10
1
D
10.0.245.4
GigabitEthernet0/0/0
Serial2/0/0
10.0.5.5/32 OSPF
10
1
D
10.0.245.5
GigabitEthernet0/0/0
OSPF routing table status : Destinations : 0
Routes : 0
Establish the external BGP (EBGP) peer relationship between R1 and 332
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
R2 using physical interfaces. 0 shows the AS planning topology. Temporarily, do not establish the EBGP peer relationship between R1 and R4. All BGP routers use the IP address of the Loopback0 interface as router IDs. [R1]bgp 100 [R1-bgp]router-id 10.0.1.1 [R1-bgp]peer 10.0.12.2 as-number 64512
[R2]bgp 64512 [R2-bgp]router-id 10.0.2.2 [R2-bgp]peer 10.0.12.1 as-number 100
Check the EBGP peer relationship after the configuration is completed. [R1]display bgp peer
BGP local router ID : 10.0.12.1 Local AS number : 100 Total number of peers : 1
Peer
V
10.0.12.2
4
Peers in established state : 1
AS MsgRcvd MsgSent OutQ Up/Down
64512
2
2
State PrefRcv
0 00:00:24 Established
0
Step 3 Configure the route reflector. Configure R2 as the route reflector, R3 and R5 as the client of R2, and R4 as non-client. Create the peer group rr_group on R2 to establish the peer relationship between R2 and R3, and R2 and R5. Establish the IBGP peer relationship between R2 and R4 so that routers in ASs can learn routes from AS 100. Add in the next-hop-local parameter when establishing the IBGP peer relationship. [R2-bgp]group rr_group internal [R2-bgp]peer 10.0.3.3 group rr_group [R2-bgp]peer 10.0.5.5 group rr_group [R2-bgp]peer rr_group connect-interface LoopBack 0 [R2-bgp]peer rr_group reflect-client
HC Series
HUAWEI TECHNOLOGIES
333
HCNP-IERN Chapter 3 BGP application and management [R2-bgp]peer rr_group next-hop-local [R2-bgp]peer 10.0.4.4 as-number 64512 [R2-bgp]peer 10.0.4.4 connect-interface LoopBack 0 [R2-bgp]peer 10.0.4.4 next-hop-local
Establish peer relationships between R3 and R2 on R3, and between R5 and R2 on R5. No extra configuration is needed on the clients of R2. [R3]bgp 64512 [R3-bgp]router-id 10.0.3.3 [R3-bgp]peer 10.0.2.2 as-number 64512 [R3-bgp]peer 10.0.2.2 connect-interface LoopBack 0
[R5]bgp 64512 [R5-bgp]router-id 10.0.5.5 [R5-bgp]peer 10.0.2.2 as-number 64512 [R5-bgp]peer 10.0.2.2 connect-interface LoopBack 0
Add the IBGP peer relationship between the non-client R4 and R2 on R4. [R4]bgp 64512 [R4-bgp]router-id 10.0.4.4 [R4-bgp]peer 10.0.2.2 as-number 64512 [R4-bgp]peer 10.0.2.2 connect-interface LoopBack 0
Verify on R2 that all BGP peers have been established. [R2]display bgp peer
BGP local router ID : 10.0.12.2 Local AS number : 64512 Total number of peers : 4
Peers in established state : 4
Peer
V
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.3.3
4
64512
4
4
0 00:02:09 Established
0
10.0.4.4
4
64512
3
4
0 00:01:43 Established
0
10.0.5.5
4
64512
2
4
0 00:00:09 Established
0
10.0.12.1
4
100
36
37
0 00:34:31 Established
0
Check the detailed BGP peer information on R2. It is displayed that R3 and R5 are the clients of R2.
334
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R2]display bgp peer verbose
BGP Peer is 10.0.3.3, remote AS 64512 Type: IBGP link BGP version 4, Remote router ID 10.0.23.3 Update-group ID: 0 BGP current state: Established, Up for 00h06m02s BGP current event: RecvKeepalive BGP last state: OpenConfirm BGP Peer Up count: 1 Received total routes: 0 Received active routes total: 0 Advertised total routes: 0 Port: Local - 179
Remote - 50122
Configured: Connect-retry Time: 32 sec Configured: Active Hold Time: 180 sec
Keepalive Time:60 sec
Received: Active Hold Time: 180 sec Negotiated: Active Hold Time: 180 sec
Keepalive Time:60 sec
Peer optional capabilities: Peer supports bgp multi-protocol extension Peer supports bgp route refresh capability Peer supports bgp 4-byte-as capability Address family IPv4 Unicast: advertised and received Received: Total 8 messages Update messages
0
Open messages
1
KeepAlive messages
7
Notification messages
0
Refresh messages
0
Sent: Total 8 messages Update messages
0
Open messages
1
KeepAlive messages
7
Notification messages
0
Refresh messages
0
Authentication type configured: None Last keepalive received: 2011/12/08 15:22:07 Minimum route advertisement interval is 15 seconds Optional capabilities: Route refresh capability has been enabled 4-byte-as capability has been enabled It's route-reflector-client Connect-interface has been configured
HC Series
HUAWEI TECHNOLOGIES
335
HCNP-IERN Chapter 3 BGP application and management Peer Preferred Value: 0 Routing policy configured: No routing policy is configured ……output omit……
Step 4 Check how the route reflector transmits route information. Create a loopback interface on the router to check the route information transmission. Use the network command to advertise the network segment to the BGP. The first observed scenario is how the IBGP non-client advertises routes. Create the loopback 1 interface on R4, set its IP address to 10.1.4.4/24, and advertise the route to the BGP. [R4]interface LoopBack 1 [R4-LoopBack1]ip address 10.1.4.4 24 [R4-LoopBack1]quit [R4]bgp 64512 [R4-bgp]network 10.1.4.0 24
Check on R2 whether R2 has learned the route. [R2]display bgp routing-table
BGP Local router ID is 10.0.12.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
*>i 10.1.4.0/24
NextHop
MED
10.0.4.4
LocPrf
0
100
PrefVal Path/Ogn
0
i
Check whether the route exists on R3 and R5. Because R3 and R5 are the clients of R2, they have learned the route. [R3]display bgp routing-table
BGP Local router ID is 10.0.23.3 Status codes: * - valid, > - best, d - damped,
336
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
NextHop
*>i 10.1.4.0/24
MED
10.0.4.4
LocPrf
0
100
PrefVal Path/Ogn
0
i
[R5]display bgp routing-table
BGP Local router ID is 10.0.245.5 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
NextHop
*>i 10.1.4.0/24
MED
10.0.4.4
0
LocPrf
100
PrefVal Path/Ogn
0
i
The preceding observation shows the first principle for a reflector to advertise routes: Routes learned from the non-client IBGP peer are advertised to all clients of the reflector. R1 has also learned the route. R2 advertises route 10.1.4.0/24 to R1 not because R1 is the reflector, but because BGP routers advertise routes that are learned from IBGP peers to EBGP peers, but not to other IBGP peers. Observe the scenario where route information is initiated by clients. Create the loopback 1 interface on R3, set its IP address to 10.1.3.3/24, and advertise the network segment to the BGP. [R3]interface LoopBack 1 [R3-LoopBack1]ip address 10.1.3.3 24 [R3-LoopBack1]bgp 64512 [R3-bgp]network 10.1.3.0 24 [R3-bgp]quit
View routing tables on R4 and R5 respectively. [R4]display bgp routing-table
HC Series
HUAWEI TECHNOLOGIES
337
HCNP-IERN Chapter 3 BGP application and management
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
*>i 10.1.3.0/24
10.0.3.3
0
*>
0.0.0.0
0
10.1.4.0/24
LocPrf
100
PrefVal Path/Ogn
0
i
0
i
[R5]display bgp routing-table
BGP Local router ID is 10.0.245.5 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.1.3.0/24
10.0.3.3
0
100
0
i
*>i 10.1.4.0/24
10.0.4.4
0
100
0
i
R4 and R5 have learned the route. The observation result shows the second principle for a reflector to advertise routes: Routes learned from clients are advertised to all non-clients and clients of the reflector (except the client that initiates the route). Observe the scenario where EBGP peers initiate the route update: Create the loopback 1 interface on R1, set its IP address to 10.1.1.1/24, and advertise the network segment to the BGP. [R1]interface LoopBack 1 [R1-LoopBack1]ip address 10.1.1.1 24 [R1-LoopBack1]bgp 100 [R1-bgp]network 10.1.1.0 24
View routing tables on R4 and R5 respectively.
338
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R4]display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.1.1.0/24
10.0.2.2
0
100
0
100i
*>i 10.1.3.0/24
10.0.3.3
0
100
0
i
*>
0.0.0.0
0
0
i
10.1.4.0/24
[R5]display bgp routing-table
BGP Local router ID is 10.0.245.5 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.1.1.0/24
10.0.2.2
0
100
0
100i
*>i 10.1.3.0/24
10.0.3.3
0
100
0
i
*>i 10.1.4.0/24
10.0.4.4
0
100
0
i
R4 and R5 have learned the route. The observation result shows the third principle for a reflector to advertise routes: Routes learned from EBGP peers are advertised to all non-clients and clients of the reflector.
Step 5 Check the attributes of the route information reflected by the reflector. Check the NextHop attribute in the scenario with a reflector. View the BGP routing table of R3. [R3]display bgp routing-table
HC Series
HUAWEI TECHNOLOGIES
339
HCNP-IERN Chapter 3 BGP application and management
BGP Local router ID is 10.0.3.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3 Network
NextHop
MED
*>i 10.1.1.0/24
10.0.2.2
0
*>
0.0.0.0
0
10.0.4.4
0
10.1.3.0/24
*>i 10.1.4.0/24
LocPrf
100
100
PrefVal Path/Ogn
0
100i
0
i
0
i
R3 learns two routes from other routers. One of the routes is 10.1.1.0/24 that is advertised by R1, and learned by R2 from EBGP peers. The Next-hop-local parameter is configured on R2. Therefore, after R3 learned the route, the next hop of the route is the loopback IP address of R2. Route 10.1.4.0/24 is learned by R3 from R4. R2 reflects the route and the next hop of the route is 10.0.4.4, the initiator of the route. Therefore, although the Next-hop-local parameter is configured on R2, the reflector does not change the next hop of the route advertised by the non-client, and directly advertises the route to the client. Next, observe the scenario where a reflector advertises routes from its clients to the non-client. Configure the loopback 1 interface on R5 and advertise the IP address of the network segment using the BGP. [R5]interface LoopBack 1 [R5-LoopBack1]ip address 10.1.5.5 24 [R5]bgp 64512 [R5-bgp]network 10.1.5.0 24
Observe on R4 about the 10.1.5.0/24 route advertised by R5. [R4]display bgp routing-table
BGP Local router ID is 10.0.4.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale
340
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.1.1.0/24
10.0.2.2
0
100
0
100i
*>i 10.1.3.0/24
10.0.3.3
0
100
0
i
*>
0.0.0.0
0
0
i
10.0.5.5
0
0
i
10.1.4.0/24
*>i 10.1.5.0/24
100
The next hop of the route is the IP address of the loopback interface on R5. Conclusion: the reflector does not change the next hop of the route that is learned from IBGP peers. The following describes the attributes of Originator and Cluster list. Routing loop may be generated in ASs because the route reflector advertises to other IBGP peers about the routes that BGP routers learn from IBGP peers. Originator and Cluster list are used to detect and prevent routing loop. Check the detailed information of the BGP route 10.1.4.0 on R4 to view the attributes of Originator and Cluster list. [R3]display bgp routing-table 10.1.4.0
BGP local router ID : 10.0.3.3 Local AS number : 64512 Paths:
1 available, 1 best, 1 select
BGP routing table entry information of 10.1.4.0/24: From: 10.0.2.2 (10.0.2.2) Route Duration: 00h02m07s Relay IP Nexthop: 10.0.23.2 Relay IP Out-Interface: Serial2/0/0 Original nexthop: 10.0.4.4 Qos information : 0x0 AS-path Nil, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, best, select, active, pre 255 Originator: 10.0.4.4 Cluster list: 10.0.2.2 Not advertised to any peer yet
When a route is reflected by a reflector for the first time, the reflector adds the Originator attribute to the route to identify the initiating HC Series
HUAWEI TECHNOLOGIES
341
HCNP-IERN Chapter 3 BGP application and management
router. If the Originator attribute has been contained in the route, the reflector does not create the new Originator attribute. The originator of route 10.1.4.0 is the router whose router ID is 10.0.4.4. Therefore, R2 sets the Originator attribute to 10.0.4.4. When a BGP router receives a route, it compares the value of the Originator attribute with the local router ID. If the two IDs are the same, the BGP router drops the route to avoid loop. Cluster list lists the reflectors that reflect a route. Route 10.1.4.0 is reflected by R2 whose router ID is 10.0.2.2. Therefore, 10.0.2.2 is contained in Cluster list.
Step 6 Configure the cluster ID. Multiple route reflectors may need to be configured for a cluster to increase the network reliability and avoid single point of failure. Route reflectors in a cluster must be configured with the same cluster ID to avoid routing loop. In this lab, configure R4 as a route reflector, and R5 as the client of R4. Establish the EBGP peer relationship between R1 and R4. [R1]bgp 100 [R1-bgp]peer 10.0.14.4 as-number 64512
[R4]bgp 64512 [R4-bgp]peer 10.0.14.1 as-number 100 [R4-bgp]group rr_group internal [R4-bgp]peer 10.0.5.5 group rr_group [R4-bgp]peer rr_group connect-interface LoopBack 0 [R4-bgp]peer rr_group next-hop-local [R4-bgp]peer rr_group reflect-client
[R5]bgp 64512 [R5-bgp]peer 10.0.4.4 as-number 64512 [R5-bgp]peer 10.0.4.4 connect-interface LoopBack 0
In total, two reflectors reflect routes to R5. A reflector checks the Cluster list when it receives an update route notification. The reflector drops the route when the local cluster ID is contained in Cluster list. To avoid routing loop, set the same cluster ID for R2 and R4. 342
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R2-bgp]reflector cluster-id 1
[R4-bgp]reflector cluster-id 1
Change the maximum load-balancing parameter of BGP to 2 so that R5 can simultaneously select the two paths to reach 10.1.1.0/24. [R5-bgp]maximum load-balancing 2
Check the detailed BGP route information on R5. View the routing table of route 10.1.4.0. [R5]display bgp routing-table 10.1.4.0
BGP local router ID : 10.0.5.5 Local AS number : 64512 Paths:
2 available, 1 best, 1 select
BGP routing table entry information of 10.1.4.0/24: From: 10.0.4.4 (10.0.4.4) Route Duration: 00h34m36s Relay IP Nexthop: 10.0.245.4 Relay IP Out-Interface: GigabitEthernet0/0/0 Original nexthop: 10.0.4.4 Qos information : 0x0 AS-path Nil, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, best, select, active, pre 255 Not advertised to any peer yet
BGP routing table entry information of 10.1.4.0/24: From: 10.0.2.2 (10.0.2.2) Route Duration: 00h00m51s Relay IP Nexthop: 10.0.245.4 Relay IP Out-Interface: GigabitEthernet0/0/0 Original nexthop: 10.0.4.4 Qos information : 0x0 AS-path Nil, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, pre 255, not preferred for Cluster List Originator: 10.0.4.4 Cluster list: 0.0.0.1 Not advertised to any peer yet
The preceding information shows that R5 learns route 10.1.4.0/24 from two routers whose router IDs are 10.0.4.4 and 10.0.2.2 respectively. The router whose router ID is 10.0.4.4 is the originator of the route. The HC Series
HUAWEI TECHNOLOGIES
343
HCNP-IERN Chapter 3 BGP application and management
router does not include the Originator and Cluster list attributes in the route. R2 whose router ID is 10.0.2.2 is the reflector. R2 reflects the route to R5, sets Originator to 10.0.4.4, and adds 10.0.2.2 to the Cluster list. R5 prefers the BGP route advertised by R4 because R4 directly advertise the route to R5 while R2 needs a reflector for advertisement. [R5]display bgp routing-table 10.1.3.0
BGP local router ID : 10.0.5.5 Local AS number : 64512 Paths:
1 available, 1 best, 1 select
BGP routing table entry information of 10.1.3.0/24: From: 10.0.2.2 (10.0.2.2) Route Duration: 00h01m17s Relay IP Nexthop: 10.0.245.2 Relay IP Out-Interface: GigabitEthernet0/0/0 Original nexthop: 10.0.3.3 Qos information : 0x0 AS-path Nil, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, best, select, active, pre 255 Originator: 10.0.3.3 Cluster list: 0.0.0.1 Not advertised to any peer yet
Note that route 10.1.3.0/24 can only be learned from R2, and R4 does not advertise the route to R5 again. View route 10.1.3.0/24 on R4. [R4]display bgp routing-table
BGP Local router ID is 10.0.4.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3 Network
*>
10.1.1.0/24
* I *>
10.1.4.0/24
344
NextHop
MED
10.0.14.1
0
10.0.2.2
0
0.0.0.0
0
LocPrf
100
HUAWEI TECHNOLOGIES
PrefVal Path/Ogn
0
100i
0
100i
0
i
HC Series
HCNP-IERN Chapter 3 BGP application and management *>i 10.1.5.0/24
10.0.245.5
0
100
0
i
The preceding information shows that R4 has not learned route 10.1.3.0/24. Because R3 is the client of R2, R2 adds its cluster ID 0.0.0.1 to the Cluster list of the route advertised by R3. R4 drops the 10.1.3.0/24 advertised by R2 because R2 and R4 use the same cluster ID. Therefore, after a reflector cluster is established, IBGP peer relationship must be established between clients in the cluster and all reflectors. Establish the peer relationship between R3 and R4. [R4-bgp]peer 10.0.3.3 group rr_group
[R3-bgp]peer 10.0.4.4 as-number 64512 [R3-bgp]peer 10.0.4.4 connect-interface LoopBack 0
View the routing table of R4. [R4]display bgp routing-table
BGP Local router ID is 10.0.4.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4 Network
*>
10.1.1.0/24
NextHop
MED
10.0.14.1
0
* I
10.0.2.2
0
*>i 10.1.3.0/24
10.0.3.3
0
*>
0.0.0.0
0
10.0.245.5
0
10.1.4.0/24
*>i 10.1.5.0/24
LocPrf
PrefVal Path/Ogn
0
100i
100
0
100i
100
0
i
0
i
0
i
100
The preceding information shows that 10.1.3.0 is included in the table. Check the detailed route information of route 10.1.3.0 on R5. The information shows that R5 receives the route from R2 and R4 at the same time. Cluster ID 0.0.0.1 is added to the Cluster list after the route is reflected. [R5]display bgp routing-table 10.1.3.0
HC Series
HUAWEI TECHNOLOGIES
345
HCNP-IERN Chapter 3 BGP application and management
BGP local router ID : 10.0.5.5 Local AS number : 64512 Paths:
2 available, 1 best, 1 select
BGP routing table entry information of 10.1.3.0/24: From: 10.0.2.2 (10.0.2.2) Route Duration: 16h16m56s Relay IP Nexthop: 10.0.245.2 Relay IP Out-Interface: GigabitEthernet0/0/0 Original nexthop: 10.0.3.3 Qos information : 0x0 AS-path Nil, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, best, select, active, pre 255 Originator: 10.0.3.3 Cluster list: 0.0.0.1 Not advertised to any peer yet
BGP routing table entry information of 10.1.3.0/24: From: 10.0.4.4 (10.0.4.4) Route Duration: 00h07m25s Relay IP Nexthop: 10.0.245.2 Relay IP Out-Interface: GigabitEthernet0/0/0 Original nexthop: 10.0.3.3 Qos information : 0x0 AS-path Nil, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, pre 255, not preferred for peer address Originator: 10.0.3.3 Cluster list: 0.0.0.1 Not advertised to any peer yet
Additional Exercises: Analyzing and Verifying Can reflectors be the client of each other in a cluster?
Final Configurations display current-configuration [V200R001C00SPC200] #
346
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 # interface LoopBack1 ip address 10.1.1.1 255.255.255.0 # bgp 100 router-id 10.0.1.1 peer 10.0.12.2 as-number 64512 peer 10.0.14.4 as-number 64512 # ipv4-family unicast undo synchronization network 10.1.1.0 255.255.255.0 peer 10.0.12.2 enable peer 10.0.14.4 enable # return
display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface GigabitEthernet0/0/0
HC Series
HUAWEI TECHNOLOGIES
347
HCNP-IERN Chapter 3 BGP application and management ip address 10.0.245.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 # bgp 64512 router-id 10.0.2.2 peer 10.0.4.4 as-number 64512 peer 10.0.4.4 connect-interface LoopBack0 peer 10.0.12.1 as-number 100 group rr_group internal peer rr_group connect-interface LoopBack0 peer 10.0.3.3 as-number 64512 peer 10.0.3.3 group rr_group peer 10.0.5.5 as-number 64512 peer 10.0.5.5 group rr_group # ipv4-family unicast undo synchronization reflector cluster-id 1 peer 10.0.4.4 enable peer 10.0.4.4 next-hop-local peer 10.0.12.1 enable peer rr_group enable peer rr_group reflect-client peer rr_group next-hop-local peer 10.0.3.3 enable peer 10.0.3.3 group rr_group peer 10.0.5.5 enable peer 10.0.5.5 group rr_group # ospf 1 router-id 10.0.2.2 area 0.0.0.0 network 10.0.12.2 0.0.0.0 network 10.0.2.2 0.0.0.0 network 10.0.245.2 0.0.0.0 network 10.0.23.2 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] #
348
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management sysname R1 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # interface LoopBack1 ip address 10.1.3.3 255.255.255.0 # bgp 64512 router-id 10.0.3.3 peer 10.0.2.2 as-number 64512 peer 10.0.2.2 connect-interface LoopBack0 peer 10.0.4.4 as-number 64512 peer 10.0.4.4 connect-interface LoopBack0 # ipv4-family unicast undo synchronization network 10.1.3.0 255.255.255.0 peer 10.0.2.2 enable peer 10.0.4.4 enable # ospf 1 router-id 10.0.3.3 area 0.0.0.0 network 10.0.23.3 0.0.0.0 network 10.0.3.3 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.245.4 255.255.255.0
HC Series
HUAWEI TECHNOLOGIES
349
HCNP-IERN Chapter 3 BGP application and management # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 # interface LoopBack1 ip address 10.1.4.4 255.255.255.0 # bgp 64512 router-id 10.0.4.4 peer 10.0.2.2 as-number 64512 peer 10.0.2.2 connect-interface LoopBack0 peer 10.0.14.1 as-number 100 group rr_group internal peer rr_group connect-interface LoopBack0 peer 10.0.3.3 as-number 64512 peer 10.0.3.3 group rr_group peer 10.0.5.5 as-number 64512 peer 10.0.5.5 group rr_group # ipv4-family unicast undo synchronization reflector cluster-id 1 network 10.1.4.0 255.255.255.0 peer 10.0.2.2 enable peer 10.0.14.1 enable peer rr_group enable peer rr_group reflect-client peer rr_group next-hop-local peer 10.0.3.3 enable peer 10.0.3.3 group rr_group peer 10.0.5.5 enable peer 10.0.5.5 group rr_group # ospf 1 router-id 10.0.4.4 area 0.0.0.0 network 10.0.245.4 0.0.0.0 network 10.0.4.4 0.0.0.0 # return
display current-configuration [V200R001C00SPC200]
350
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management # sysname R1 # interface GigabitEthernet0/0/0 ip address 10.0.245.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.255 # interface LoopBack1 ip address 10.1.5.5 255.255.255.0 # bgp 64512 router-id 10.0.5.5 peer 10.0.2.2 as-number 64512 peer 10.0.2.2 connect-interface LoopBack0 peer 10.0.4.4 as-number 64512 peer 10.0.4.4 connect-interface LoopBack0 # ipv4-family unicast undo synchronization network 10.1.4.0 255.255.255.0 maximum load-balancing 2 peer 10.0.2.2 enable peer 10.0.4.4 enable # ospf 1 router-id 10.0.5.5 area 0.0.0.0 network 10.0.245.5 0.0.0.0 network 10.0.5.5 0.0.0.0 # Return
HC Series
HUAWEI TECHNOLOGIES
351
HCNP-IERN Chapter 3 BGP application and management
Lab 3-8 BGP Confederation (Optional) Learning Objectives The objectives of this lab are to learn and understand: •
How to hide BGP AS numbers.
•
How to configure a BGP confederation.
•
How BGP attributes change in the BGP confederation
environment.
Topology
Figure 3-8 BGP confederation
352
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Scenario Assume that you are a network engineer of a company. The company applies for the AS number 200 on the public network from the carrier and uses it to access the Internet. Development of the company and network requires more AS numbers. However, the company can use only private AS numbers due to the shortage of public AS numbers. To ensure that routes advertised by the private AS can be learned by routers on the public network, you use hidden AS numbers to access the Internet at first. The company deploys a BGP confederation after a period of time. In this manner, all routers of the company are deployed in the AS 200 and each branch use one private AS number.
Tasks Step 1 Configure IP addresses. Configure IP addresses and masks for the physical interfaces and loopback interfaces of all routers. Loopback0 interfaces use 32-bit masks. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 24 [R1-Serial3/0/0]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24 [R1-GigabitEthernet0/0/0]interface LoopBack 0 [R1-LoopBack0]ip add 10.0.1.1 32
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 32
system-view Enter system view, return user view with Ctrl+Z.
HC Series
HUAWEI TECHNOLOGIES
353
HCNP-IERN Chapter 3 BGP application and management [R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]ip address 10.0.13.3 24 [R3-GigabitEthernet0/0/0]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 24 [R3-Serial3/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 32
system-view Enter system view, return user view with Ctrl+Z. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 24 [R4-Serial1/0/0]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ip add 10.0.245.4 24 [R4- Serial1/0/0]interface LoopBack 0 [R4-LoopBack0]ip address 10.0.4.4 32
system-view Enter system view, return user view with Ctrl+Z. [R5]interface Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 24 [R5-Serial1/0/0]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 32
After you have configured IP addresses and masks, test the connectivity of direct links. [R1]ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=41 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 41/41/41 ms
[R1]ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=34 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received
354
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
[R1]ping -c 1 10.0.13.3 PING 10.0.13.3: 56 data bytes, press CTRL_C to break Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=13 ms
--- 10.0.13.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 13/13/13 ms
[R5]ping -c 1 10.0.35.3 PING 10.0.35.3: 56 data bytes, press CTRL_C to break Reply from 10.0.35.3: bytes=56 Sequence=1 ttl=255 time=36 ms
--- 10.0.35.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 36/36/36 ms
Step 2 Configure the BGP connection. In the early stage, the company directly accesses the network carrier using the Border Gateway Protocol (BGP) and has only one autonomous system (AS 200). Development of the company and network requires more ASs. Therefore, the company adds ASs that use private AS numbers. Use physical interfaces to directly establish BGP peer relationships. The following figure shows the planned AS topology.
HC Series
HUAWEI TECHNOLOGIES
355
HCNP-IERN Chapter 3 BGP application and management
[R1]bgp 200 [R1-bgp]router-id 10.0.1.1 [R1-bgp]peer 10.0.14.4 as-number 100 [R1-bgp]peer 10.0.13.3 as-number 200 [R1-bgp]peer 10.0.13.3 next-hop-local [R1-bgp]peer 10.0.12.2 as-number 64513
[R2]bgp 64513 [R2-bgp]router-id 10.0.2.2 [R2-bgp]peer 10.0.12.1 as-number 200
[R3]bgp 200 [R3-bgp]router-id 10.0.3.3 [R3-bgp]peer 10.0.13.1 as-number 200 [R3-bgp]peer 10.0.13.1 next-hop-local [R3-bgp]peer 10.0.35.5 as-number 64514
[R4]bgp 100 [R4-bgp]router-id 10.0.4.4 [R4-bgp]peer 10.0.14.1 as-number 200
356
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
[R5]bgp 64514 [R5-bgp]router-id 10.0.5.5 [R5-bgp]peer 10.0.35.3 as-number 200
After you have established peer relationships, check the peer relationships on R1. [R1]display bgp peer
BGP local router ID : 10.0.1.1 Local AS number : 64512 Total number of peers : 3
Peer
V
Peers in established state : 2
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.12.2
4
64513
17
20
0 00:15:24 Established
1
10.0.13.3
4
64512
6
7
0 00:06:02 Established
1
10.0.14.4
4
100
6
5
0 00:04:44 Established
1
Step 3 Advertise routes and hide AS numbers. Run the network command to advertise the network segments that connect the loopback interfaces of all routers to BGP, and view route information transmission. [R1]bgp 200 [R1-bgp]network 10.0.1.1 32
[R2]bgp 64513 [R2-bgp]network 10.0.2.2 32
[R3]bgp 200 [R3-bgp]network 10.0.3.3 32
[R4]bgp 100 [R4-bgp]network 10.0.4.4 32
[R5]bgp 64514 [R5-bgp]network 10.0.5.5 32
After routes are advertised, check the BGP routing table of R4. HC Series
HUAWEI TECHNOLOGIES
357
HCNP-IERN Chapter 3 BGP application and management [R4]display bgp routing-table
BGP Local router ID is 10.0.4.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 5 Network
NextHop
MED
*>
10.0.1.1/32
10.0.14.1
*>
10.0.2.2/32
*>
LocPrf
0
PrefVal Path/Ogn
0
200i
10.0.14.1
0
200 64513i
10.0.3.3/32
10.0.14.1
0
200i
*>
10.0.4.4/32
0.0.0.0
0
i
*>
10.0.5.5/32
10.0.14.1
0
200 64514i
0
The preceding BGP routing table shows that the AS-Path attribute of routes 10.0.2.2/32 and 10.0.5.5/32 are 64513 and 64514, indicating that the two routes are originated by AS 64513 and AS 64514. Routing information containing private AS numbers cannot be transmitted on the public network. Therefore, the private AS numbers must be hidden on R1. Run the public-as-only command on R1 to hide the private AS numbers. [R1-bgp]peer 10.0.14.4 public-as-only
Check whether routing information is changed in the BGP routing table of R4. [R4]display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 5 Network
*>
10.0.1.1/32
358
NextHop
MED
10.0.14.1
LocPrf
0
HUAWEI TECHNOLOGIES
PrefVal Path/Ogn
0
200i
HC Series
HCNP-IERN Chapter 3 BGP application and management *>
10.0.2.2/32
10.0.14.1
0
200i
*>
10.0.3.3/32
10.0.14.1
0
200i
*>
10.0.4.4/32
0.0.0.0
0
i
*>
10.0.5.5/32
10.0.14.1
0
200i
0
In the preceding information, the values of the AS-Path attribute of routes 10.0.2.2/32 and 10.0.5.5/32 do not contain private AS numbers. Perform the following to test the connectivity of links between R4 and loopback0 interfaces of R2 and R5. Interconnection IP addresses between routers are not advertised to BGP. Therefore, use extended ping commands with the source IP addresses to test the network connectivity. [R4]ping -c 1 -a 10.0.4.4 10.0.2.2 PING 10.0.2.2: 56 data bytes, press CTRL_C to break Reply from 10.0.2.2: bytes=56 Sequence=1 ttl=254 time=70 ms
--- 10.0.2.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 70/70/70 ms
[R4]ping -c 1 -a 10.0.4.4 10.0.5.5 PING 10.0.5.5: 56 data bytes, press CTRL_C to break Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=253 time=71 ms
--- 10.0.5.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 71/71/71 ms
In this manner, the connectivity between the network of the company and the external network is verified.
Step 4 Configure the BGP confederation. Recently, the company plans to deploy a BGP confederation for Internet access, instead of hiding private AS numbers on R1. In the initial planning, the network of the company is configured in AS 200, and the
HC Series
HUAWEI TECHNOLOGIES
359
HCNP-IERN Chapter 3 BGP application and management
original router of AS 200 uses the private AS number 64512. Reconfigure the BGP before configuring the confederation. On R1 and R3, remove the existing BGP processes, use the new AS numbers to start the BGP processes, and configure peer relationships. [R1]undo bgp Warning: All BGP configurations will be deleted. Continue? [Y/N]: y [R1]bgp 64512 [R1-bgp]router-id 10.0.1.1 [R1-bgp]confederation id 200 [R1-bgp]confederation peer-as 64513 [R1-bgp]peer 10.0.14.4 as-number 100 [R1-bgp]peer 10.0.13.3 as-number 64512 [R1-bgp]peer 10.0.13.3 next-hop-local [R1-bgp]peer 10.0.12.2 as-number 64513 [R1-bgp]network 10.0.1.1 32
[R3]undo bgp Warning: All BGP configurations will be deleted. Continue? [Y/N]: y [R3]bgp 64512 [R3-bgp]confederation id 200 [R3-bgp]confederation peer-as 64514 [R3-bgp]peer 10.0.13.1 as-number 64512 [R3-bgp]peer 10.0.13.1 next-hop-local [R3-bgp]peer 10.0.35.5 as-number 64514 [R3-bgp]network 10.0.3.3 32
Modify peer relationships on R2 and R5, and add confederation configurations. [R2]bgp 64513 [R2-bgp]undo peer 10.0.12.1 [R2-bgp]confederation id 200 [R2-bgp]confederation peer-as 64512 [R2-bgp]peer 10.0.12.1 as-number 64512
[R5]bgp 64514 [R5-bgp]undo peer 10.0.35.3 [R5-bgp]confederation id 200 [R5-bgp]confederation peer-as 64512 [R5-bgp]peer 10.0.35.3 as-number 64512
360
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Check peer relationships on R1 and R3 respectively. [R1]display bgp peer
BGP local router ID : 10.0.1.1 Local AS number : 64512 Total number of peers : 3
Peer
V
Peers in established state : 3
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.12.2
4
64513
3
5
0 00:00:09 Established
1
10.0.13.3
4
64512
22
24
0 00:18:16 Established
2
10.0.14.4
4
100
25
27
0 00:22:39 Established
1
[R3]display bgp peer
BGP local router ID : 10.0.13.3 Local AS number : 64512 Total number of peers : 2
Peers in established state : 2
Peer
V
AS MsgRcvd MsgSent OutQ Up/Down
State PrefRcv
10.0.13.1
4
64512
23
22
0 00:18:46 Established
3
10.0.35.5
4
64514
10
12
0 00:07:32 Established
1
View the BGP routing table of R1. The route 10.0.4.4/32 is learned from an EBGP peer. Therefore, it is marked as an external route. [R1]display bgp routing-table 10.0.4.4
BGP local router ID : 10.0.1.1 Local AS number : 64512 Paths:
1 available, 1 best, 1 select
BGP routing table entry information of 10.0.4.4/32: From: 10.0.14.4 (10.0.14.4) Route Duration: 00h58m01s Direct Out-interface: Serial3/0/0 Original nexthop: 10.0.14.4 Qos information : 0x0 AS-path 100, origin igp, MED 0, pref-val 0, valid, external, best, select, active, pre 255 Advertised to such 2 peers: 10.0.13.3 10.0.12.2
HC Series
HUAWEI TECHNOLOGIES
361
HCNP-IERN Chapter 3 BGP application and management
R1 and R2 are in different sub-ASs of AS 200. Therefore, route 10.0.2.2/32 originated by R2 has the external-confed attribute, indicating that the route is learned from an EBGP peer in the confederation. [R1]display bgp routing-table 10.0.2.2
BGP local router ID : 10.0.1.1 Local AS number : 64512 Paths:
1 available, 1 best, 1 select
BGP routing table entry information of 10.0.2.2/32: From: 10.0.12.2 (10.0.12.2) Route Duration: 00h36m05s Relay IP Nexthop: 0.0.0.0 Relay IP Out-Interface: Serial1/0/0 Original nexthop: 10.0.12.2 Qos information : 0x0 AS-path (64513), origin igp, MED 0, localpref 100, pref-val 0, valid, external-confed, best, select, active, pre 255 Advertised to such 2 peers: 10.0.14.4 10.0.13.3
View route 10.0.3.3/32 originated by R3. R1 and R3 are in the same sub-AS in the confederation. Therefore, the route has the internal-confed attribute, indicating that the route is learned from an IBGP peer in the confederation. [R1]display bgp routing-table 10.0.3.3
BGP local router ID : 10.0.1.1 Local AS number : 64512 Paths:
1 available, 1 best, 1 select
BGP routing table entry information of 10.0.3.3/32: From: 10.0.13.3 (10.0.13.3) Route Duration: 00h53m23s Relay IP Nexthop: 0.0.0.0 Relay IP Out-Interface: GigabitEthernet0/0/0 Original nexthop: 10.0.13.3 Qos information : 0x0 AS-path Nil, origin igp, MED 0, localpref 100, pref-val 0, valid, internal-confed, best, select, active, pre 255 Advertised to such 2 peers:
362
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management 10.0.14.4 10.0.12.2
Step 5 View attributes of the confederation. Certain BGP attributes of network segments between sub-ASs may be changed after the confederation is deployed. Check the AS-Path and Next-hop attributes first. View the BGP routing table of R1. The value of the AS-Path attribute is 100 for route 10.0.4.4/32 that is learned from R4 indicating that R1 learns this route from an EBGP peer. The values of the AS-Path attribute of routes 10.0.2.2/32 and 10.0.5.5/32 are in parentheses, indicating that R1 learns these routes from other sub-ASs. A route is learned from another sub-AS if the value of its AS-Path attribute is in parentheses. [R1]display bgp routing-table
BGP Local router ID is 10.0.1.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 5 Network
*>
10.0.1.1/32
NextHop
MED
LocPrf
0.0.0.0
0
*>i 10.0.2.2/32
10.0.12.2
0
*>i 10.0.3.3/32
10.0.13.3
0
*>
10.0.4.4/32
10.0.14.4
0
i 10.0.5.5/32
10.0.35.5
0
PrefVal Path/Ogn
0
i
100
0
(64513)i
100
0
i
0
100i
0
(64514)i
100
Route 10.0.5.5/32 is not preferred by BGP on R1, indicating that R1 does not advertise the route to R4. The next hop of the route is 10.0.35.5, which is the IP address of R5 used to interconnect R3. The routing table of R1 does not contain any route to 10.0.5.5/32.
HC Series
HUAWEI TECHNOLOGIES
363
HCNP-IERN Chapter 3 BGP application and management
Check the configurations of R3. The Next-hop-local attribute is configured for the peer 10.0.13.1, but the next hop advertised from R3 remains the same. In conclusion, next hops of routes remain the same even if the Next-hop-local attribute is configured for networks between sub-ASs in the confederation. The following routing table of R3 shows that R3 learns routes 10.0.2.2/32 and 10.0.4.4/32 from other peers. R1 learns route 10.0.4.4/32 from AS 100 and changes the next hop to 10.0.13.1 (R1 itself) before advertising the route to R3. R1 and R2 are in different sub-ASs of AS 200. Therefore, after learning the route 10.0.2.2/32 from R2, R1 directly advertises the route to R3 without changing the next hop. [R3]display bgp routing-table
BGP Local router ID is 10.0.3.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 5 Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.0.1.1/32
10.0.13.1
0
100
0
i
i 10.0.2.2/32
10.0.12.2
0
100
0
(64513)i
0.0.0.0
0
0
i
*>i 10.0.4.4/32
10.0.13.1
0
100
0
100i
*>i 10.0.5.5/32
10.0.35.5
0
100
0
(64514)i
*>
10.0.3.3/32
Run the network command to advertise the interconnection IP addresses to ensure the normal transmission of routing information after confederation deployment. [R1-bgp]network 10.0.12.0 24 [R1-bgp]network 10.0.13.0 24
[R3-bgp]network 10.0.13.0 24 [R3-bgp]network 10.0.35.0 24
364
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management
Check the routing table of R4. R4 learns loopback addresses of all routers. In addition, the routes that R4 learns from other ASs have the same value (200) of the AS-Path attribute. That is, instead of sub-AS numbers, the confederation ID is advertised to ASs outside the confederation. [R4]display bgp routing-table
BGP Local router ID is 10.0.14.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 7 Network
NextHop
MED
*>
10.0.1.1/32
10.0.14.1
*>
10.0.2.2/32
*>
LocPrf
0
200i
10.0.14.1
0
200i
10.0.3.3/32
10.0.14.1
0
200i
*>
10.0.4.4/32
0.0.0.0
0
i
*>
10.0.5.5/32
10.0.14.1
0
200i
*>
10.0.12.0/24
10.0.14.1
0
0
200i
0
0
200i
0
200i
*> *>
10.0.13.0/24 10.0.35.0/24
0
PrefVal Path/Ogn
0
10.0.14.1 10.0.14.1
View the BGP routing table of R5. Route 10.0.4.4/32 learned from R4 is originated by AS 100 and traverses sub-AS 64512 (The AS number 64512 is in parentheses.). It indicates that AS 100 is not in the confederation and AS 64512 is a sub-AS in the confederation. [R5]display bgp routing-table
BGP Local router ID is 10.0.5.5 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 9 Network
HC Series
NextHop
MED
LocPrf
HUAWEI TECHNOLOGIES
PrefVal Path/Ogn
365
HCNP-IERN Chapter 3 BGP application and management *>i 10.0.1.1/32 *>i 10.0.2.2/32
10.0.13.1 10.0.12.2
0 0
100 100
0 0
(64512)i (64512 64513)i
*>i 10.0.3.3/32
10.0.35.3
0
100
0
(64512)i
*>i 10.0.4.4/32
10.0.13.1
0
100
0
(64512) 100i
*>
0.0.0.0
0
0
i
*>i 10.0.12.0/24
10.0.13.1
0
100
0
(64512)i
*>i 10.0.13.0/24
10.0.35.3
0
100
0
(64512)i
*>i 10.0.35.0/24
10.0.35.3
0
100
0
(64512)i
10.0.5.5/32
Routes having the no-advertise attribute are not advertised to any peers, and routes having the no-export attribute can be advertised to only local ASs. The special community attribute no-export-subconfed is configured for the confederation. Routes having this attribute can be advertised only in local sub-AS. To rectify this feature, create a routing policy, add the community attribute no-export-subconfed to route 10.0.5.5/32 advertised by R5, allow transmission of the community attribute between routers, and view the transmission process of the routing information. Create the access control list ACL2001 on R5, and allow the access of route 10.0.5.5/32 advertised by R5. [R5]acl number 2001 [R5-acl-basic-2001]rule permit source 10.0.5.5 0.0.0.0 [R5-acl-basic-2001]quit
Create the routing policy confed_community_control, and add the no-export-subconfed attribute to the route permitted by ACL2001. [R5]route-policy confed_community_control permit node 10 Info: New Sequence of this List. [R5-route-policy]if-match acl 2001 [R5-route-policy]apply community no-export-subconfed [R5-route-policy]quit
Apply the routing policy to the outbound of the peer 10.0.35.3, and allow R5 to advertise the community attribute to the peer. Reset the peer relationship between R3 and R5 to ensure that the routing policy takes effect. [R5]bgp 64514 [R5-bgp]peer 10.0.35.3 advertise-community [R5-bgp]peer 10.0.35.3 route-policy confed_community_control export
366
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management [R5-bgp]return refresh bgp all export
Check the BGP routing table of R3. R3 has learned the community attribute no-export-subconfed. Advertise the community attribute from R3 to R1. [R3]display bgp routing-table community
BGP Local router ID is 10.0.3.3 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
NextHop
*>i 10.0.5.5/32
MED
10.0.35.5
0
LocPrf
100
PrefVal Community
0
no-export-subconfed
[R3]bgp 64512 [R3-bgp]peer 10.0.13.1 advertise-community
Advertise the community attribute to other peers after R1 learns the community attribute. [R1]display bgp routing-table community
BGP Local router ID is 10.0.1.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1 Network
NextHop
MED
*>i 10.0.5.5/32
10.0.35.5
0
LocPrf
100
PrefVal Community
0
no-export-subconfed
[R1]bgp 64512 [R1-bgp]peer 10.0.14.4 advertise-community [R1-bgp]peer 10.0.12.2 advertise-community
Check the BGP routing tables of R2 and R4 for routes that have community attributes. No such route is found.
HC Series
HUAWEI TECHNOLOGIES
367
HCNP-IERN Chapter 3 BGP application and management [R2]display bgp routing-table community
Total Number of Routes: 0
[R4]display bgp routing-table community
Total Number of Routes: 0
It indicates that routes with the community attribute no-export-subconfed can be transmitted only in local sub-AS. View the transmission processes of the MED attribute and local preference attribute among the sub-ASs in the confederation. Neither of the attributes can be transmitted before the confederation is deployed. Create a routing policy on R2, and add the MED attribute and local preference attribute to route 10.0.2.2/32 advertised by R2. [R2]acl number 2001 [R2-acl-basic-2001]rule permit source 10.0.2.2 0.0.0.0 [R2-acl-basic-2001]quit [R2]route-policy r2 permit node 10 Info: New Sequence of this List. [R2-route-policy]if-match acl 2001 [R2-route-policy]apply cost 100 [R2-route-policy]apply local-preference 150 [R2-route-policy]quit [R2]bgp 64513 [R2-bgp]peer 10.0.12.1 route-policy r2 export
After you have reset the peer relationship between R1 and R2, check the BGP routing table of R1. [R1]display bgp routing-table
BGP Local router ID is 10.0.1.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 8 Network
368
NextHop
MED
LocPrf
HUAWEI TECHNOLOGIES
PrefVal Path/Ogn
HC Series
HCNP-IERN Chapter 3 BGP application and management *>
10.0.1.1/32
0.0.0.0
0
*>i 10.0.2.2/32
10.0.12.2
100
*>i 10.0.3.3/32
10.0.13.3
0
*>
10.0.4.4/32
10.0.14.4
0
*>i 10.0.5.5/32
10.0.35.5
0
*>
10.0.12.0/24
0.0.0.0
*>
10.0.13.0/24
0.0.0.0
i
10.0.13.3
*>i 10.0.35.0/24
0
i
150
0
(64513)i
100
0
i
0
100i
0
(64514)i
0
0
i
0
0
i
0
10.0.13.3
100
100 0
0 100
i 0
i
The value of the MED attribute is 100 and the value of the local preference attribute is 150 for route 10.0.2.2/32, as configured on R2. Check the BGP routing tables of R4 and R5, and view the transmission of the MED attribute and local preference attribute. [R4]display bgp routing-table
BGP Local router ID is 10.0.4.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 7 Network
NextHop
MED
*>
10.0.1.1/32
10.0.14.1
*>
10.0.2.2/32
*>
LocPrf
PrefVal Path/Ogn
0
0
200i
10.0.14.1
0
200i
10.0.3.3/32
10.0.14.1
0
200i
*>
10.0.4.4/32
0.0.0.0
0
0
i
*>
10.0.12.0/24
10.0.14.1
0
0
200i
*>
10.0.13.0/24
10.0.14.1
0
0
200i
*>
10.0.35.0/24
10.0.14.1
0
200i
[R5]display bgp routing-table
BGP Local router ID is 10.0.5.5 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 8
HC Series
HUAWEI TECHNOLOGIES
369
HCNP-IERN Chapter 3 BGP application and management Network
NextHop
MED
LocPrf
PrefVal Path/Ogn
*>i 10.0.1.1/32
10.0.13.1
0
100
0
(64512)i
*>i 10.0.2.2/32
10.0.12.2
100
150
0
(64512 64513)i
*>i 10.0.3.3/32
10.0.35.3
0
100
0
(64512)i
*>i 10.0.4.4/32
10.0.13.1
0
100
0
(64512) 100i
*>
0.0.0.0
0
0
i
*>i 10.0.12.0/24
10.0.13.1
0
100
0
(64512)i
*>i 10.0.13.0/24
10.0.35.3
0
100
0
(64512)i
*>i 10.0.35.0/24
10.0.35.3
0
100
0
(64512)i
10.0.5.5/32
The preceding information shows that the MED attribute and local preference attribute can be normally transmitted within the confederation but cannot be transmitted outside the confederation.
Additional Exercises: Analyzing and Verifying In the confederation environment, can BGP routes be aggregated on the borders of sub-ASs by running the aggregate command?
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.13.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.255
370
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management # bgp 64512 router-id 10.0.1.1 confederation id 200 confederation peer-as 64513 peer 10.0.12.2 as-number 64513 peer 10.0.13.3 as-number 64512 peer 10.0.14.4 as-number 100 # ipv4-family unicast undo synchronization network 10.0.1.1 255.255.255.255 network 10.0.12.0 255.255.255.0 network 10.0.13.0 255.255.255.0 peer 10.0.12.2 enable peer 10.0.12.2 advertise-community peer 10.0.13.3 enable peer 10.0.13.3 next-hop-local peer 10.0.13.3 advertise-community peer 10.0.14.4 enable peer 10.0.14.4 advertise-community # return
display current-configuration [V200R001C00SPC200] # sysname R2 # acl number 2001 rule 5 permit source 10.0.2.2 0 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 # bgp 64513 router-id 10.0.2.2 confederation id 200 confederation peer-as 64512
HC Series
HUAWEI TECHNOLOGIES
371
HCNP-IERN Chapter 3 BGP application and management peer 10.0.12.1 as-number 64512 # ipv4-family unicast undo synchronization network 10.0.2.2 255.255.255.255 peer 10.0.12.1 enable peer 10.0.12.1 route-policy r2 export # route-policy r2 permit node 10 if-match acl 2001 apply local-preference 150 apply cost 100 # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.13.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # bgp 64512 router-id 10.0.3.3 confederation id 200 confederation peer-as 64514 peer 10.0.13.1 as-number 64512 peer 10.0.35.5 as-number 64514 # ipv4-family unicast undo synchronization network 10.0.3.3 255.255.255.255 network 10.0.13.0 255.255.255.0 network 10.0.35.0 255.255.255.0 peer 10.0.13.1 enable
372
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 3 BGP application and management peer 10.0.13.1 next-hop-local peer 10.0.13.1 advertise-community peer 10.0.35.5 enable # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 # bgp 100 router-id 10.0.4.4 peer 10.0.14.1 as-number 200 # ipv4-family unicast undo synchronization network 10.0.4.4 255.255.255.255 peer 10.0.14.1 enable # return
display current-configuration [V200R001C00SPC200] # sysname R5 # acl number 2001 rule 5 permit source 10.0.5.5 0 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.255
HC Series
HUAWEI TECHNOLOGIES
373
HCNP-IERN Chapter 3 BGP application and management # bgp 64514 router-id 10.0.5.5 confederation id 200 confederation peer-as 64512 peer 10.0.35.3 as-number 64512 # ipv4-family unicast undo synchronization network 10.0.5.5 255.255.255.255 peer 10.0.35.3 enable peer 10.0.35.3 route-policy confed_community_control export peer 10.0.35.3 advertise-community # route-policy confed_community_control permit node 10 if-match acl 2001 apply community no-export-subconfed # return
374
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Chapter 4 Traffic filtering and access control Lab 4-1 Access Control for Enterprise Data Using an ACL Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Filter data using a basic ACL.
•
Modify a basic ACL to implement enhanced functions.
•
Filter data using an advanced ACL.
•
Modify an advanced ACL to implement enhanced functions.
Topology
Figure 4-1 Access control for enterprise data using an ACL
HC Series
HUAWEI TECHNOLOGIES
375
HCNP-IERN Chapter 4 Traffic filtering and access control
Scenario Assume that you are a network administrator of a company that has two networks: one is the network serving the headquarters and the other is the network serving the branch. R1 is deployed at the border of the network serving the headquarters and R4 is deployed on the network serving the branch. The two routers are interconnected over the Internet. The company needs to control the access of employees. Firstly, the company requires that the PCs in some departments in the headquarters and the branch cannot access each other. Secondly, the access over Telnet needs to be controlled. Only certain PCs at the headquarters can access the Internet over Telnet. Hosts on the Internet cannot access the network serving the headquarters over Telnet. This is to improve security. Thirdly, the time for employees to access the Internet is specified on the egress router at the headquarters. Use R2, R3, R5, and S1 to simulate clients for network tests.
Tasks Step 1 Perform basic configurations and IP addressing. Configure IP addresses and subnet masks for all routers. system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R1 [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ip address 10.0.0.1 24 [R1-GigabitEthernet0/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.12.1 24
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R2 [R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.0.2 24 [R2-GigabitEthernet0/0/0]quit [R2]ip route-static 0.0.0.0 0 10.0.0.1
376
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R3 [R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]ip address 10.0.0.6 24 [R3-GigabitEthernet0/0/0]quit [R3]ip route-static 0.0.0.0 0 10.0.0.1
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R4 [R4]inter g0/0/1 [R4-GigabitEthernet0/0/1]ip address 10.0.24.4 24 [R4-GigabitEthernet0/0/1]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.12.4 24
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R5 [R5]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.0.8 24 [R5-GigabitEthernet0/0/0]quit [R5]ip route-static 0.0.0.0 0 10.0.0.1
system-view Enter system view, return user view with Ctrl+Z. [Quidway]sysname S1 [S1]interface Vlanif 1 [S1-Vlanif1]ip address 10.0.24.1 24 [S1-Vlanif1]quit [S1]ip route-static 0.0.0.0 0 10.0.24.4
On R2, test whether the direct routes to R3, R5, and R1 are reachable. [R2]ping -c 1 10.0.0.6 PING 10.0.0.6: 56 data bytes, press CTRL_C to break Reply from 10.0.0.6: bytes=56 Sequence=1 ttl=255 time=14 ms
--- 10.0.0.6 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss
HC Series
HUAWEI TECHNOLOGIES
377
HCNP-IERN Chapter 4 Traffic filtering and access control round-trip min/avg/max = 14/14/14 ms
[R2]ping -c 1 10.0.0.8 PING 10.0.0.8: 56 data bytes, press CTRL_C to break Reply from 10.0.0.8: bytes=56 Sequence=1 ttl=255 time=13 ms
--- 10.0.0.8 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 13/13/13 ms
[R2]ping -c 1 10.0.0.1 PING 10.0.0.1: 56 data bytes, press CTRL_C to break Reply from 10.0.0.1: bytes=56 Sequence=1 ttl=255 time=13 ms
--- 10.0.0.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 13/13/13 ms
On R1, test whether the direct route to R4 is reachable. [R1]ping -c 1 10.0.12.4 PING 10.0.12.4: 56 data bytes, press CTRL_C to break Reply from 10.0.12.4: bytes=56 Sequence=1 ttl=255 time=42 ms
--- 10.0.12.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 42/42/42 ms
[R4]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Reply from 10.0.24.1: bytes=56 Sequence=1 ttl=255 time=11 ms
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 11/11/11 ms
378
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Step 2 Configure OSPF to implement interworking between networks. On R1 and R4, enable OSPF so that R1 and R4 can advertise their respective interconnected networks. In this experiment, single-area OSPF is used. [R1]ospf 1 router-id 10.0.12.1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.0.1 0.0.0.0
[R4]ospf 1 router-id 10.0.12.4 [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.0.12.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.24.4 0.0.0.0
View the routing tables of R1 and R4. [R1]disp ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Proto
Routes : 12
Pre Cost
Flags NextHop
Interface
10.0.0.0/24 Direct 0
0
D
10.0.0.1
10.0.0.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.0.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.0/24 Direct 0
0
D
10.0.12.1
Serial3/0/0
10.0.12.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.4/32 Direct 0
0
D
10.0.12.4
Serial3/0/0
10.0.12.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
1563
D
10.0.12.4
Serial3/0/0
10.0.24.0/24 OSPF 127.0.0.0/8
10
GigabitEthernet0/0/0
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
[R4]disp ip routing-table Route Flags: R - relay, D - download to fib
HC Series
HUAWEI TECHNOLOGIES
379
HCNP-IERN Chapter 4 Traffic filtering and access control ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Routes : 12
Proto
10.0.0.0/24 OSPF
Pre Cost
10
Flags NextHop
Interface
1563
D
10.0.12.1
Serial1/0/0
10.0.12.0/24 Direct 0
0
D
10.0.12.4
Serial1/0/0
10.0.12.1/32 Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.4/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.24.0/24 Direct 0
0
D
10.0.24.4
10.0.24.4/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.24.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
GigabitEthernet0/0/1
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32 Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
R1 and R4 learn the network information about each other correctly. On R2, run the ping command to test whether the route to S1 is reachable. [R2]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Reply from 10.0.24.1: bytes=56 Sequence=1 ttl=253 time=31 ms
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 31/31/31 ms
On S1, run the ping command to test whether the route to R3 is reachable. [S1]ping -c 1 10.0.0.6 PING 10.0.0.6: 56 data bytes, press CTRL_C to break Reply from 10.0.0.6: bytes=56 Sequence=1 ttl=253 time=30 ms
--- 10.0.0.6 ping statistics --1 packet(s) transmitted 1 packet(s) received
380
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control 0.00% packet loss round-trip min/avg/max = 30/30/30 ms
Step 3 Configure a basic ACL. Restrict the mutual access between S1 and R2, R3, and R5 using a basic ACL. The Match-order parameter can be used to control the sequence of ACL statements to maximize configuration scalability. On R4, configure a basic ACL to prevent R2, R3, and R5 from accessing S1. [R4]acl 2000 [R4-acl-basic-2000]rule deny source 10.0.0.0 0.0.0.255 [R4-acl-basic-2000]rule permit source any
Run the display acl all command to check the ACL configuration result. [R4]disp acl all Total nonempty ACL number is 1
Basic ACL 2000, 2 rules Acl's step is 5 rule 5 deny source 10.0.0.0 0.0.0.255 rule 10 permit
On R4, configure an Outside zone and an Inside zone, and set their priorities to 1 and 10 respectively. [R4]firewall zone outside [R4-zone-outside]priority 1 [R4-zone-outside]quit [R4]firewall zone inside [R4-zone-inside]priority 10
Add the S1/0/0 interface of R4 to the Outside zone and G0/0/1 to the Inside zone. [R4]interface Serial 1/0/0 [R4-Serial1/0/0]zone outside [R4-Serial1/0/0]inter g0/0/1 [R4-GigabitEthernet0/0/1]zone inside
HC Series
HUAWEI TECHNOLOGIES
381
HCNP-IERN Chapter 4 Traffic filtering and access control
Configure ACL-based packet filtering on R4. [R4]firewall interzone inside outside [R4-interzone-inside-outside]packet-filter 2000 inbound [R4-interzone-inside-outside]firewall enable
Run the display firewall interzone command to check the configuration result. [R4]display firewall interzone inside outside interzone inside outside firewall enable packet-filter default deny inbound packet-filter default permit outbound packet-filter 2000 inbound
Test whether the routes from R2, R3, and R5 to R4 are reachable. [R2]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
[R3]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss [R5]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
382
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
[R1]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Reply from 10.0.24.1: bytes=56 Sequence=1 ttl=254 time=35 ms
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 35/35/35 ms
The preceding information shows that the basic ACL takes effect. R2, R3, and R5 cannot communicate with S1. R1 can still communicate with S1. Add an ACL statement to the basic ACL so that R5 cannot access R4 but R2 and R3 can access R4. On R4, add an ACL statement that enables R2 and R3 to access R4 to the ACL named ACL 2000. [R4]acl 2000 [R4-acl-basic-2000]rule permit source 10.0.0.2 0.0.0.252
Run the display acl all command to check the ACL configuration result. [R4-acl-basic-2000]disp acl all Total nonempty ACL number is 1
Basic ACL 2000, 3 rules Acl's step is 5 rule 5 deny source 10.0.0.0 0.0.0.255 rule 10 permit rule 15 permit source 10.0.0.2 0.0.0.252
Set the Match-order parameter to change the execution sequence of ACL statements. [R4]acl 2000 match-order config [R4-acl-basic-2000]undo rule 15 [R4-acl-basic-2000]rule 1 permit source 10.0.0.2 0.0.0.252
Run the display acl all command to check the ACL configuration result. HC Series
HUAWEI TECHNOLOGIES
383
HCNP-IERN Chapter 4 Traffic filtering and access control [R4]disp acl all Total nonempty ACL number is 1
Basic ACL 2000, 3 rules Acl's step is 5 rule 1 permit source 10.0.0.2 0.0.0.252 rule 5 deny source 10.0.0.0 0.0.0.255 rule 10 permit
The execution sequence of an ACL statement changes from Rule 15 to Rule 1. Test whether the routes from R2, R3, and R5 to S1 are reachable. [R2]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Reply from 10.0.24.1: bytes=56 Sequence=1 ttl=253 time=34 ms
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
[R3]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Reply from 10.0.24.1: bytes=56 Sequence=1 ttl=253 time=37 ms
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 37/37/37 ms
[R5]ping -c 1 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.24.1 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
384
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Step 4 Configure an advanced ACL. Use an advanced ACL to exert strict restriction on the access over Telnet. The SYN-flag bit contained in TCP packets is used to implement access control. Enable the Telnet service on R4. [R4]user-interface vty 0 4 [R4-ui-vty0-4]authentication-mode password [R4-ui-vty0-4]set authentication password simple huawei
Test whether R4 can be accessed over Telnet from R2 and R3. telnet 10.0.12.4 Press CTRL_] to quit telnet mode Trying 10.0.12.4 ... Connected to 10.0.12.4 ...
Login authentication
Password: quit Configuration console exit, please retry to log on
The connection was closed by the remote host
telnet 10.0.12.4 Press CTRL_] to quit telnet mode Trying 10.0.12.4 ... Connected to 10.0.12.4 ...
Login authentication
Password: quit Configuration console exit, please retry to log on
The connection was closed by the remote host
HC Series
HUAWEI TECHNOLOGIES
385
HCNP-IERN Chapter 4 Traffic filtering and access control
Configure an advanced ACL on R1 so that only R2 can access the S1/0/0 interface of R4 over Telnet. [R1]acl 3000 [R1-acl-adv-3000]rule permit tcp source 10.0.0.2 0 destination-port eq telnet [R1-acl-adv-3000]rule deny tcp destination-port eq telnet
Check the ACL configuration result. [R1]display acl all Total nonempty ACL number is 1
Advanced ACL 3000, 2 rules Acl's step is 5 rule 5 permit tcp source 10.0.0.2 0 destination-port eq telnet rule 10 deny tcp destination-port eq telnet
Configure ACL-based packet filtering on R1. [R1]firewall zone out [R1-zone-out]priority 1 [R1-zone-out]quit [R1]firewall zone int [R1-zone-int]priority 10 [R1-zone-int]quit [R1]inter s3/0/0 [R1-Serial3/0/0]zone out [R1-Serial3/0/0]inter g0/0/0 [R1-GigabitEthernet0/0/0]zone int [R1-GigabitEthernet0/0/0]quit [R1]firewall interzone int out [R1-interzone-int-out]packet-filter 3000 outbound [R1-interzone-int-out]firewall enable
Run the display firewall interzone command to check the configuration result. [R1]display firewall interzone int out interzone int out firewall enable packet-filter default deny inbound packet-filter default permit outbound packet-filter 3000 outbound
386
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Test whether the S1/0/0 interface of R4 can be accessed over Telnet from R2 and R3. telnet 10.0.12.4 Press CTRL_] to quit telnet mode Trying 10.0.12.4 ... Connected to 10.0.12.4 ...
Login authentication
Password: quit Configuration console exit, please retry to log on The connection was closed by the remote host
telnet 10.0.12.4 Press CTRL_] to quit telnet mode Trying 10.0.12.4 ... Error: Can't connect to the remote host
Enable the Telnet service on R2. [R2]user-interface vty 0 4 [R2-ui-vty0-4]authentication-mode password [R2-ui-vty0-4]set authentication password simple huawei
R1 provides the firewall function to block active content access from the Internet. Therefore, S1 cannot communicate with R2. ping -c 1 10.0.0.2 PING 10.0.0.2: 56 data bytes, press CTRL_C to break Request time out
--- 10.0.0.2 ping statistics --1 packet(s) transmitted 0 packet(s) received 100.00% packet loss
Modify the firewall policy on R1 to allow the access from the Internet to the intranet. [R1]firewall interzone int out
HC Series
HUAWEI TECHNOLOGIES
387
HCNP-IERN Chapter 4 Traffic filtering and access control [R1-interzone-int-out]packet-filter default permit inbound
Test whether R2 can be accessed over Telnet from S1. telnet 10.0.0.2 Trying 10.0.0.2 ... Press CTRL+K to abort Connected to 10.0.0.2 ...
Login authentication
Password: quit Configuration console exit, please retry to log on
Info: The connection was closed by the remote host.
Configure an advanced ACL on R1 so that employees in the headquarters can access the Internet over Telnet but hosts on the Internet cannot access the intranet. [R1]acl 3100 [R1-acl-adv-3100]rule deny tcp destination-port eq 23 tcp-flag ack
Check the ACL configuration result. [R1]display acl all Total nonempty ACL number is 2
Advanced ACL 3000, 2 rules Acl's step is 5 rule 5 permit tcp source 10.0.0.2 0 destination-port eq telnet rule 10 deny tcp destination-port eq telnet
Advanced ACL 3100, 1 rule Acl's step is 5 rule 5 deny tcp destination-port eq telnet tcp-flag ack
Configure ACL-based packet filtering on R1. [R1]firewall interzone int out [R1-interzone-int-out]packet-filter 3100 inbound
388
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Run the display firewall interzone command to check the configuration result. [R1]disp fire inte int out interzone int out firewall enable packet-filter default permit outbound packet-filter 3100 inbound packet-filter 3000 outbound packet-filter default permit inbound
Access R4 over Telnet from R2 and access R2 over Telnet from S1. telnet 10.0.12.4 Trying 10.0.12.4 ... Press CTRL+K to abort Connected to 10.0.12.4 ...
Login authentication
Password: quit Configuration console exit, please retry to log on
Info: The connection was closed by the remote host.
telnet 10.0.0.2 Trying 10.0.0.2 ... Press CTRL+K to abort Error: Failed to connect to the remote host.
Run the Debug command on R1 to commission the access from S1 to R2 over Telnet. terminal debugging terminal monitor debugging tcp packet
telnet 10.0.0.2 Trying 10.0.0.2 ... Press CTRL+K to abort
HC Series
HUAWEI TECHNOLOGIES
389
HCNP-IERN Chapter 4 Traffic filtering and access control Dec 15 2011 16:36:25.370.1-05:13 S1 SOCKET/7/TCP PACKET: TCP debug packet information: 1323966985: Output: task = co0 (6), socketid = 1, (State:Syn_Sent,src = 10.0.24.1:51451,dst = 10.0.0.2:23,VrfIndex = 0,seq = 3774177805, ack = 0,datalen = 0,optlen = 4,flag = SYN ,window = 8192,ttl = 255,tos = 0,MSS = 512)
Dec 15 2011 16:36:31.40.1-05:13 S1 SOCKET/7/TCP PACKET: TCP debug packet information: 1323966991: Output: task = co0 (6), socketid = 1, (State:Syn_Sent,src = 10.0.24.1:51451,dst = 10.0.0.2:23,VrfIndex = 0,seq = 3774177805, ack = 0,datalen = 0,optlen = 4,flag = SYN ,window = 8192,ttl = 255,tos = 0,MSS = 512)
Dec 15 2011 16:36:55.40.1-05:13 S1 SOCKET/7/TCP PACKET: TCP debug packet information: 1323967015: Output: task = co0 (6), socketid = 1, (State:Syn_Sent,src = 10.0.24.1:51451,dst = 10.0.0.2:23,VrfIndex = 0,seq = 3774177805, ack = 0,datalen = 0,optlen = 4,flag = SYN ,window = 8192,ttl = 255,tos = 0,MSS = 512)
Error: Failed to connect to the remote host.
The preceding information shows that only TCP SYN packets are found and other types of packets such as ACK packets are not found. This is because the ACL (ACL3100) on R1 rejects all TCP connections from the Internet.
Step 5 Configure a time-based ACL. Use a time-based ACL to implement access control based on time periods. Configure a time-based ACL on R1 so that R2 can access the Internet over Telnet from 08:00 to 18:00 on weekdays and from 23:00 on Saturday to 01:00 on Monday. Define time periods. [R1]time-range Telnet_Control 8:00 to 18:00 working-day
390
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control [R1]time-range Telnet_Control 23:00 to 0:00 Sat [R1]time-range Telnet_Control 0:00 to 1:00 Sun
Run the disp time-range all command to view the defined time periods. [R1]disp time-range all Current time is 17:31:30 12-15-2011 Thursday
Time-range : Telnet_Control ( Active ) 08:00 to 18:00 working-day 23:00 to 00:00 Sat 00:00 to 01:00 Sun
On R1, enable the access from the intranet to the Internet and define the time periods in which this type of access is permitted. [R1]acl 3000 [R1-acl-adv-3000]rule 5 permit tcp source 10.0.0.2 0 destination-port eq telnet time-range Telnet_Control
Check the ACL configuration result. [R1-acl-adv-3000]disp acl 3000 Advanced ACL 3000, 2 rules Acl's step is 5 rule 5 permit tcp source 10.0.0.2 0 destination-port eq telnet time-range Telnet_Control (Active) rule 10 deny tcp destination-port eq telnet
Test whether R2 can access the Internet over Telnet. The test is to check that R2 can access R4 over Telnet within the time periods defined by Telnet_Control and cannot access R4 within other time periods. display clock 2011-12-15 17:44:16 Thursday Time Zone(Default Zone Name) : UTC+00:00
Test whether R2 can access the Internet over Telnet in the current configurations. telnet 10.0.12.4 Press CTRL_] to quit telnet mode Trying 10.0.12.4 ...
HC Series
HUAWEI TECHNOLOGIES
391
HCNP-IERN Chapter 4 Traffic filtering and access control Connected to 10.0.12.4 ...
Login authentication
Password: quit Configuration console exit, please retry to log on
The connection was closed by the remote host
Change the system time to a time point beyond the defined time periods. clock datetime 10:0:0 2011-12-17 disp clock 2011-12-17 10:00:05
Test whether R2 can access the Internet over Telnet in the current configurations. telnet 10.0.12.4 Press CTRL_] to quit telnet mode Trying 10.0.12.4 ... Error: Can't connect to the remote host
Change the system time to a time point within the defined time period on Saturday. clock datetime 23:10:0 2011-12-17 disp clock 2011-12-17 23:10:02
Test whether R2 can access the Internet over Telnet in the current configurations. telnet 10.0.12.4 Press CTRL_] to quit telnet mode Trying 10.0.12.4 ... Connected to 10.0.12.4 ...
Login authentication
392
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Password: quit Configuration console exit, please retry to log on
The connection was closed by the remote host
Additional Exercises: Analyzing and Verifying Think about whether the basic ACL and advanced ACL should be deployed near the source network or target network, and the reasons.
Final Configurations [R1]display current-configuration [V200R001C00SPC200] # sysname R1 # time-range telnet_control 08:00 to 18:00 working-day time-range telnet_control 23:00 to 00:00 Sat time-range telnet_control 00:00 to 01:00 Sun # acl number 3000 rule 5 permit tcp source 10.0.0.2 0 destination-port eq telnet time-range telnet_control rule 10 deny tcp destination-port eq telnet # acl number 3100 rule 5 deny tcp destination-port eq telnet tcp-flag ack # firewall zone int priority 10 # firewall zone out priority 1 # firewall interzone int out firewall enable packet-filter 3100 inbound
HC Series
HUAWEI TECHNOLOGIES
393
HCNP-IERN Chapter 4 Traffic filtering and access control packet-filter 3000 outbound packet-filter default permit inbound # interface Serial3/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 zone out # interface GigabitEthernet0/0/0 ip address 10.0.0.1 255.255.255.0 zone int # ospf 1 router-id 10.0.12.1 area 0.0.0.0 network 10.0.12.1 0.0.0.0 network 10.0.0.1 0.0.0.0 # Return
[R2]display current-configuration [V200R001C00SPC500] # sysname R2 # interface GigabitEthernet0/0/0 ip address 10.0.0.2 255.255.255.0 # ip route-static 0.0.0.0 0 10.0.0.1 # return
[R3]display current-configuration [V200R001C00SPC500] # sysname R3 # interface GigabitEthernet0/0/0 ip address 10.0.0.6 255.255.255.0 # ip route-static 0.0.0.0 0 10.0.0.1 # return
394
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control [R4]display current-configuration [V200R001C00SPC500] # sysname R4 # acl number 2000 rule 1 permit source 10.0.0.2 0.0.0.252 rule 5 deny source 10.0.0.0 0.0.0.255 rule 10 permit # firewall zone inside priority 10 # firewall zone outside priority 1 # firewall interzone inside outside firewall enable packet-filter 2000 inbound # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.4 255.255.255.0 zone outside # interface GigabitEthernet0/0/0 # interface GigabitEthernet0/0/1 ip address 10.0.24.4 255.255.255.0 zone inside # ospf 1 router-id 10.0.12.4 area 0.0.0.0 network 10.0.12.4 0.0.0.0 network 10.0.24.4 0.0.0.0 # user-interface vty 0 4 set authentication password simple huawei user-interface vty 16 20 # Return
[R5]display current-configuration
HC Series
HUAWEI TECHNOLOGIES
395
HCNP-IERN Chapter 4 Traffic filtering and access control [V200R001C00SPC500] # sysname R5 # interface GigabitEthernet0/0/0 ip address 10.0.0.8 255.255.255.0 # ip route-static 0.0.0.0 0 10.0.0.1 # return
[S1]display current-configuration # !Software Version V100R005C01SPC100 sysname S1 # interface Vlanif1 ip address 10.0.24.1 255.255.255.0 # ip route-static 0.0.0.0 0 10.0.24.4 # Return
396
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Lab 4-2 Route Import and Routing Control Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Import Open Shortest Path First (OSPF) routes to Routing
Information Protocol (RIP) and import RIP routes to OSPF. •
Filter routing information based on an address prefix list.
•
Filter routing information based on the routing policy.
Topology
Figure 4-2 Route import and routing control
Scenario Assume that you are a network administrator of a company. The company network is divided into two routing areas: one area runs OSPF and the other runs RIP. The two areas must import the routes of each other to implement interworking. Problems occur in typical bidirectional point-to-point route import. To resolve these problems and avoid HC Series
HUAWEI TECHNOLOGIES
397
HCNP-IERN Chapter 4 Traffic filtering and access control
routing loops and sub-optimal routes, routing control must be performed based on the prefix list and routing policy.
Tasks Step 1 Perform basic configurations and IP addressing. Configure physical interfaces for all routers, and IP addresses and subnet masks for the loopback interfaces of these routers. The subnet mask of each Loopback 0 interface contains 32 binary digits. system-view Enter system view, return user view with Ctrl+Z. [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 255.255.255.0 [R1-Serial1/0/0]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ip address 10.0.15.1 255.255.255.0 [R1-GigabitEthernet0/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip add 10.0.14.1 255.255.255.0 [R1-Serial3/0/0]int LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R2]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 255.255.255.0 [R2-Serial1/0/0]interface Serial 2/0/0 [R2-Serial2/0/0]ip address 10.0.23.2 255.255.255.0 [R2-Serial2/0/0]interface LoopBack 0 [R2-LoopBack0]ip add 10.0.2.2 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R3]interface Serial 2/0/0 [R3-Serial2/0/0]ip address 10.0.23.3 255.255.255.0 [R3-Serial2/0/0]int Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 255.255.255.0 [R3-Serial3/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z.
398
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control [R4]int Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 255.255.255.0 [R4-Serial1/0/0]int LoopBack 0 [R4-LoopBack0]ip add 10.0.4.4 255.255.255.255
system-view Enter system view, return user view with Ctrl+Z. [R5]int Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 255.255.255.0 [R5-Serial1/0/0]int GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.15.5 255.255.255.0 [R5-GigabitEthernet0/0/0]int LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 255.255.255.255
Test whether direct links are reachable. [R1]ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=38 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 38/38/38 ms
[R1]ping -c 1 10.0.15.5 PING 10.0.15.5: 56 data bytes, press CTRL_C to break Reply from 10.0.15.5: bytes=56 Sequence=1 ttl=255 time=12 ms
--- 10.0.15.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 12/12/12 ms
[R1]ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=33 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received
HC Series
HUAWEI TECHNOLOGIES
399
HCNP-IERN Chapter 4 Traffic filtering and access control 0.00% packet loss round-trip min/avg/max = 33/33/33 ms
[R2]ping -c 1 10.0.23.3 PING 10.0.23.3: 56 data bytes, press CTRL_C to break Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=34 ms
--- 10.0.23.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/34/34 ms
[R3]ping -c 1 10.0.35.5 PING 10.0.35.5: 56 data bytes, press CTRL_C to break Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=255 time=39 ms
--- 10.0.35.5 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 39/39/39 ms
Step 2 Configure the Interior Gateway Protocol (IGP). Enable OSPF on R1, R2, R4, and R5. All routers belong to area 0. Enable OSPF on the network segment that interconnects the Loopback 0, S1/0/0, S3/0/0, and G0/0/0 interfaces of R1. [R1]ospf 1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.15.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.14.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
Enable OSPF on the network segment where the S1/0/0 interface of R2 resides. [R2]ospf 1 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
400
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Enable OSPF on the network segment that interconnects the S1/0/0 and Loopback 0 interfaces of R4. [R4]ospf 1 [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.0.14.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
Enable OSPF on the network segment where the G0/0/0 interface of R5 resides. [R5]ospf 1 [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]network 10.0.15.5 0.0.0.0
Check whether each router learns the routes on the network segment where the Loopback 0 interface of other routers resides. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 17
Destination/Mask
Proto
Routes : 17
Pre Cost
Flags NextHop
Interface
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.4.4/32
OSPF
1562
D
10.0.14.4
Serial3/0/0
10
10.0.12.0/24
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.2/32
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.1
Serial3/0/0
10.0.14.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.4/32
Direct 0
0
D
10.0.14.4
Serial3/0/0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
10.0.15.0/24
Direct 0
0
D
10.0.15.1
10.0.15.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
HC Series
HUAWEI TECHNOLOGIES
InLoopBack0 GigabitEthernet0/0/0
401
HCNP-IERN Chapter 4 Traffic filtering and access control
[R2]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 17
Destination/Mask
Routes : 17
Proto
Pre Cost
10.0.1.1/32
OSPF
10
1562
D
10.0.12.1
Serial1/0/0
10.0.2.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.4.4/32
OSPF
3124
D
10.0.12.1
Serial1/0/0
10
Flags NextHop
Interface
10.0.12.0/24
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
OSPF
10
3124
D
10.0.12.1
Serial1/0/0
10.0.15.0/24
OSPF
10
1563
D
10.0.12.1
Serial1/0/0
10.0.23.0/24
Direct 0
0
D
10.0.23.2
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.3/32
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
[R4]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 12
Destination/Mask
Routes : 12
Proto
Pre Cost
10.0.1.1/32
OSPF
10
10.0.4.4/32
Flags NextHop
Interface
1562
D
10.0.14.1
Serial1/0/0
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.0/24
OSPF
3124
D
10.0.14.1
Serial1/0/0
10.0.14.0/24
Direct 0
0
D
10.0.14.4
Serial1/0/0
10.0.14.1/32
Direct 0
0
D
10.0.14.1
Serial1/0/0
10.0.14.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
OSPF
1563
D
10.0.14.1
Serial1/0/0
10.0.15.0/24
402
10
10
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control 127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
[R5]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 16
Destination/Mask
Routes : 16
Proto
Pre Cost
Flags NextHop
10.0.1.1/32
OSPF
10
1
10.0.4.4/32
OSPF
10
1563
D
10.0.15.1 GigabitEthernet0/0/0
10.0.5.5/32
Direct 0
0
D
127.0.0.1
10.0.12.0/24
OSPF
10
1563
D
10.0.15.1 GigabitEthernet0/0/0
10.0.14.0/24
OSPF
10
1563
D
10.0.15.1 GigabitEthernet0/0/0
10.0.15.0/24
Direct 0
0
D
10.0.15.5
D
10.0.15.1
Interface
GigabitEthernet0/0/0
InLoopBack0
GigabitEthernet0/0/0
10.0.15.5/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.0/24
Direct 0
0
D
10.0.35.5
Serial1/0/0
10.0.35.3/32
Direct 0
0
D
10.0.35.3
Serial1/0/0
10.0.35.5/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Enable RIP on R2, R3, and R5. Enable RIP on the network segment that interconnects the S2/0/0 and Loopback 0 interfaces of R2. [R2]rip [R2-rip-1]version 2 [R2-rip-1]network 10.0.0.0
Enable RIP on the network segment that interconnects the S2/0/0, S3/0/0, and Loopback 0 interfaces of R3. [R3]rip [R3-rip-1]version 2
HC Series
HUAWEI TECHNOLOGIES
403
HCNP-IERN Chapter 4 Traffic filtering and access control [R3-rip-1]network 10.0.0.0
Enable RIP on the network segment that interconnects the S1/0/0 and Loopback 0 interfaces of R5. [R5]rip [R5-rip-1]version 2 [R5-rip-1]network 10.0.0.0
Check whether each router learns the IP address of the Loopback 0 interface of other routers. [R2]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 20
Destination/Mask
Routes : 20
Proto
Pre Cost
10.0.1.1/32
OSPF
10
10.0.2.2/32
Direct 0
10.0.3.3/32
Flags NextHop
Interface
1562
D
10.0.12.1
Serial1/0/0
0
D
127.0.0.1
InLoopBack0
RIP
100 1
D
10.0.23.3
Serial2/0/0
10.0.4.4/32
OSPF
10
10.0.12.1
Serial1/0/0
10.0.5.5/32
RIP
100 2
3124
D D
10.0.23.3
Serial2/0/0
10.0.12.0/24
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
OSPF
10
3124
D
10.0.12.1
Serial1/0/0
10.0.15.0/24
OSPF
10
1563
D
10.0.12.1
Serial1/0/0
10.0.23.0/24
Direct 0
0
D
10.0.23.2
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.3/32
Direct 0
0
D
10.0.23.3
Serial2/0/0
Direct 0
0
D
127.0.0.1
InLoopBack0
100 1
D
10.0.23.3
Serial2/0/0
10.0.23.255/32 10.0.35.0/24
RIP
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
[R3]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------404
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control Routing Tables: Public Destinations : 17
Destination/Mask
Routes : 17
Proto
Pre Cost
10.0.2.2/32
RIP
100 1
10.0.3.3/32
Direct 0
10.0.5.5/32
Flags NextHop
Interface
D
10.0.23.2
Serial2/0/0
0
D
127.0.0.1
InLoopBack0
RIP
100 1
D
10.0.35.5
Serial3/0/0
10.0.12.0/24
RIP
100 1
D
10.0.23.2
Serial2/0/0
10.0.15.0/24
RIP
100 1
D
10.0.35.5
Serial3/0/0
10.0.23.0/24
Direct 0
0
D
10.0.23.3
Serial2/0/0
10.0.23.2/32
Direct 0
0
D
10.0.23.2
Serial2/0/0
10.0.23.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.23.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.0/24
Direct 0
0
D
10.0.35.3
Serial3/0/0
10.0.35.3/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.5/32
Direct 0
0
D
10.0.35.5
Serial3/0/0
10.0.35.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
[R5]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 19
Destination/Mask
Routes : 19
Proto
Pre Cost
Flags NextHop
Interface
10.0.1.1/32
OSPF
10
1
D
10.0.15.1
10.0.2.2/32
RIP
100 2
D
10.0.35.3
Serial1/0/0
10.0.3.3/32
RIP
100 1
D
10.0.35.3
Serial1/0/0
10.0.4.4/32
OSPF
10
10.0.5.5/32
GigabitEthernet0/0/0
1563
D
10.0.15.1 GigabitEthernet0/0/0
Direct 0
0
D
127.0.0.1
10.0.12.0/24
OSPF
10
1563
D
10.0.15.1 GigabitEthernet0/0/0
10.0.14.0/24
OSPF
10
1563
D
10.0.15.1 GigabitEthernet0/0/0
10.0.15.0/24
Direct 0
0
D
10.0.15.5
10.0.15.5/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
100 1
D
10.0.35.3
Serial1/0/0
D
10.0.35.5
Serial1/0/0
10.0.23.0/24
RIP
10.0.35.0/24
Direct 0
HC Series
0
HUAWEI TECHNOLOGIES
InLoopBack0
GigabitEthernet0/0/0
405
HCNP-IERN Chapter 4 Traffic filtering and access control 10.0.35.3/32
Direct 0
0
D
10.0.35.3
Serial1/0/0
10.0.35.5/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Step 3 Configure a prefix list to filter routing information. On R1, create four static routes: 1.1.1.1/32, 1.1.1.0/24, 1.1.1.0/25, 1.1.0.0/16, and 1.0.0.0/8. All these routers are bound for the NULL 0 interface. Run the import-route static command to import these routes to the OSPF area. [R1]ip route-static 1.1.1.1 255.255.255.255 NULL 0 [R1]ip route-static 1.1.1.0 255.255.255.0 NULL 0 [R1]ip route-static 1.1.1.0 255.255.255.128 NULL 0 [R1]ip route-static 1.1.0.0 255.255.0.0 NULL 0 [R1]ip route-static 1.0.0.0 255.0.0.0 NULL 0 [R1]ospf 1 [R1-ospf-1]import-route static
Check whether R4 receives the static routes created on R1. [R4]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 17
Routes : 17
Destination/Mask
Proto
Pre Cost
1.0.0.0/8
O_ASE
150 1
D
10.0.14.1
Serial1/0/0
1.1.0.0/16
O_ASE
150 1
D
10.0.14.1
Serial1/0/0
1.1.1.0/24
O_ASE
150 1
D
10.0.14.1
Serial1/0/0
1.1.1.0/25
O_ASE
150 1
D
10.0.14.1
Serial1/0/0
1.1.1.1/32
O_ASE
150 1
D
10.0.14.1
Serial1/0/0
10.0.1.1/32
OSPF
10
1562
D
10.0.14.1
Serial1/0/0
10.0.4.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.0/24
OSPF
3124
D
10.0.14.1
Serial1/0/0
10.0.14.0/24
Direct 0
0
D
10.0.14.4
Serial1/0/0
406
10
Flags NextHop
HUAWEI TECHNOLOGIES
Interface
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control 10.0.14.1/32
Direct 0
0
D
10.0.14.1
Serial1/0/0
10.0.14.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.0/24
OSPF
1563
D
10.0.14.1
Serial1/0/0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
10
Configure a prefix list named pref_r1 on R1. The route to this prefix list is 1.1.1.0/24. [R1]ip ip-prefix pref_r1 index 10 permit 1.1.1.0 24 greater-equal 24 less-equal 24
Create a routing policy named policy_r1 and invoke the configured prefix list to control the static routes imported from R1. [R1]route-policy policy_r1 per node 10 [R1-route-policy]if-match ip-prefix pref_r1 [R1-route-policy]ospf [R1-ospf-1]import-route static route-policy policy_r1
View the routing table on R4. [R4]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 13
Destination/Mask
Routes : 13
Proto
Pre Cost
O_ASE
150 1
D
10.0.14.1
Serial1/0/0
10.0.1.1/32
OSPF
10
1562
D
10.0.14.1
Serial1/0/0
10.0.4.4/32
1.1.1.0/24
Flags NextHop
Interface
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.0/24
OSPF
3124
D
10.0.14.1
Serial1/0/0
10.0.14.0/24
Direct 0
0
D
10.0.14.4
Serial1/0/0
10.0.14.1/32
Direct 0
0
D
10.0.14.1
Serial1/0/0
10.0.14.4/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.0/24
OSPF
1563
D
10.0.14.1
Serial1/0/0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
HC Series
10
10
HUAWEI TECHNOLOGIES
407
HCNP-IERN Chapter 4 Traffic filtering and access control 127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
Step 4 Filter routing information based on the routing policy to avoid routing loops. On R4, enable the Loopback 1 interface with the IP address 10.1.4.4/24. Then run the import-route direct command to import this route to the OSPF area. [R4]interface LoopBack 1 [R4-LoopBack1]ip address 10.1.4.4 255.255.255.0 [R4-LoopBack1]ospf 1 [R4-ospf-1]import-route direct
Import the OSPF routes to the RIP area on R2, and the RIP routes to the OSPF area on R5. [R2]rip [R2-rip-1]import-route ospf
[R5]ospf [R5-ospf-1]import-route rip
On R1, test whether the route to 10.1.4.4 is reachable. [R1]ping 10.1.4.4 PING 10.1.4.4: 56 data bytes, press CTRL_C to break Request time out Request time out Request time out Request time out Request time out
--- 10.1.4.4 ping statistics --5 packet(s) transmitted 0 packet(s) received 100.00% packet loss
This route is unreachable. View the routing table on R1. [R1]display ip routing-table
408
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 28
Destination/Mask
Proto
Routes : 28
Pre Cost
Flags NextHop
Interface
1.0.0.0/8
Static 60
0
D
0.0.0.0
NULL0
1.1.0.0/16
Static 60
0
D
0.0.0.0
NULL0
1.1.1.0/24
Static 60
0
D
0.0.0.0
NULL0
1.1.1.0/25
Static 60
0
D
0.0.0.0
NULL0
1.1.1.1/32
Static 60
0
D
0.0.0.0
NULL0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.2/32
O_ASE
150 1
D
10.0.15.5
GigabitEthernet0/0/0
10.0.3.3/32
O_ASE
150 1
D
10.0.15.5
GigabitEthernet0/0/0
10.0.4.4/32
OSPF
10
D
10.0.14.4
10.0.5.5/32
O_ASE
150 1
D
10.0.15.5
1562
Serial3/0/0 GigabitEthernet0/0/0
10.0.12.0/24
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.2/32
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.1
Serial3/0/0
10.0.14.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.4/32
Direct 0
0
D
10.0.14.4
Serial3/0/0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.0/24
Direct 0
0
D
10.0.15.1
10.0.15.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
150 1
D
10.0.15.5
10.0.23.0/24
O_ASE
GigabitEthernet0/0/0
GigabitEthernet0/0/0
10.0.35.0/24
O_ASE
150 1
D
10.0.15.5
GigabitEthernet0/0/0
10.1.4.0/24
O_ASE
150 1
D
10.0.15.5
GigabitEthernet0/0/0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The next hop of the route 10.1.4.0/24 on R1 is R5. View this route in the routing tables of R2, R3, and R5. [R2]display ip routing-table 10.1.4.0 Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Table : Public
HC Series
HUAWEI TECHNOLOGIES
409
HCNP-IERN Chapter 4 Traffic filtering and access control Summary Count : 1 Destination/Mask
10.1.4.0/24
Proto
Pre Cost
O_ASE
150 1
Flags NextHop
D
10.0.12.1
Interface
Serial1/0/0
[R3]display ip routing-table 10.1.4.0 Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Table : Public Summary Count : 1 Destination/Mask
10.1.4.0/24
Proto
Pre Cost
RIP
100 1
Flags NextHop
D
10.0.23.2
Interface
Serial2/0/0
[R5]display ip routing-table 10.1.4.0 Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Table : Public Summary Count : 1 Destination/Mask
10.1.4.0/24
Proto
Pre Cost
RIP
100 2
Flags NextHop
D
10.0.35.3
Interface
Serial1/0/0
Run the tracert command on R1 to view the path to 10.1.4.4. [R1]tracert 10.1.4.4 traceroute to 10.1.4.4(10.1.4.4), max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.0.15.5 61 ms 2 ms 2 ms 2 10.0.35.3 29 ms 28 ms 29 ms 3 10.0.23.2 31 ms 36 ms 36 ms 4 10.0.12.1 34 ms 36 ms 36 ms 5 10.0.15.5 34 ms 37 ms 37 ms 6 10.0.35.3 55 ms 59 ms 59 ms 7 10.0.23.2 60 ms 66 ms 66 ms 8 10.0.12.1 63 ms 66 ms 66 ms 9 10.0.15.5 65 ms 67 ms 67 ms
A routing loop is found. After route import is enabled, R5 can learn the route 10.1.4.0/24 in both the RIP area and OSPF area. RIP routes take precedence over OSPF external routes. Therefore, R5 410
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
uses the route learned from the RIP area. R1 can learn this route from both R5 and R4. The routes learned from R5 and R4 are both OSPF external routes. Therefore, the cost values of the two routes are compared. R1 connects to R5 over a GE link and this link takes precedence over the serial link to R4. R1 uses the route learned from R5 and a routing loop is formed. Enable the routing policy named policy_r5 on R5 to add the tag 100 to the route 10.1.4.0/24. [R5]acl number 2001 [R5-acl-basic-2001]rule 0 permit source 10.1.4.0 0.0.0.255 [R5-acl-basic-2001]route-policy add_tag per node 10 [R5-route-policy]if-match acl 2001 [R5-route-policy]apply tag 100 [R5-route-policy]route-policy add_tag permit node 20 [R5-route-policy]ospf [R5-ospf-1]import-route rip route-policy add_tag
View information about OSPF routes on R1. [R1]display ospf routing
OSPF Process 1 with Router ID 10.0.12.1 Routing Tables
Routing for Network Destination
Cost Type
10.0.1.1/32
0
10.0.12.0/24 10.0.14.0/24
NextHop
Stub
AdvRouter
Area
10.0.1.1
10.0.12.1
0.0.0.0
1562 Stub
10.0.12.1
10.0.12.1
0.0.0.0
1562 Stub
10.0.14.1
10.0.12.1
0.0.0.0
10.0.15.0/24
1
10.0.15.1
10.0.4.4/32
1562 Stub
Transit
10.0.14.4
10.0.12.1
0.0.0.0
10.0.14.4
0.0.0.0
NextHop
AdvRouter
Routing for ASEs Destination
Cost
1.1.1.0/24
1
Type2
1
10.0.15.5
10.0.35.5
10.0.2.2/32
1
Type2
1
10.0.15.5
10.0.35.5
10.0.3.3/32
1
Type2
1
10.0.15.5
10.0.35.5
10.0.5.5/32
1
Type2
1
10.0.15.5
10.0.35.5
10.0.14.1/32
1
Type2
1
10.0.15.5
10.0.35.5
10.0.23.0/24
1
Type2
1
10.0.15.5
10.0.35.5
10.0.35.0/24
1
Type2
1
10.0.15.5
10.0.35.5
10.1.4.0/24
1
Type2
100
10.0.15.5
10.0.35.5
HC Series
Type
Tag
HUAWEI TECHNOLOGIES
411
HCNP-IERN Chapter 4 Traffic filtering and access control
Total Nets: 13 Intra Area: 5 Inter Area: 0 ASE: 8 NSSA: 0
The route 10.1.4.0/24 with the tag 100 is found in the routing table of R1. This proves that R1 learns this route from R5. To avoid routing loops, filter the route 10.1.4.0/24 when R5 imports RIP routes to the OSPF area. Configure the routing policy named route_delete on R5 to control the RIP routes imported to the OSPF area. [R5]route-policy route_delete deny node 10 [R5-route-policy]if-match acl 2001 [R5-route-policy]route-policy route_delete permit node 20 [R5-route-policy]ospf 1 [R5-ospf-1]import-route rip route-policy route_delete
View the routing table on R1. [R1]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 28
Destination/Mask
Proto
Routes : 28
Pre Cost
Flags NextHop
Interface
1.0.0.0/8
Static 60
0
D
0.0.0.0
NULL0
1.1.0.0/16
Static 60
0
D
0.0.0.0
NULL0
1.1.1.0/24
Static 60
0
D
0.0.0.0
NULL0
1.1.1.0/25
Static 60
0
D
0.0.0.0
NULL0
1.1.1.1/32
Static 60
0
D
0.0.0.0
NULL0
10.0.1.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.2.2/32
O_ASE
150 1
D
10.0.15.5
GigabitEthernet0/0/0
10.0.3.3/32
O_ASE
150 1
D
10.0.15.5
GigabitEthernet0/0/0
10.0.4.4/32
OSPF
10
D
10.0.14.4
O_ASE
150 1
10.0.5.5/32
1562
Serial3/0/0
D
10.0.15.5
10.0.12.0/24
Direct 0
0
D
10.0.12.1
Serial1/0/0
10.0.12.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.12.2/32
Direct 0
0
D
10.0.12.2
Serial1/0/0
10.0.12.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.0/24
Direct 0
0
D
10.0.14.1
Serial3/0/0
412
HUAWEI TECHNOLOGIES
GigabitEthernet0/0/0
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control 10.0.14.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.14.4/32
Direct 0
0
D
10.0.14.4
Serial3/0/0
10.0.14.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.0/24
Direct 0
0
D
10.0.15.1
10.0.15.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.15.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
GigabitEthernet0/0/0
10.0.23.0/24
O_ASE
150 1
D
10.0.15.5
GigabitEthernet0/0/0
10.0.35.0/24
O_ASE
150 1
D
10.0.15.5
GigabitEthernet0/0/0
10.1.4.0/24
O_ASE
150 1
D
10.0.14.4
Serial3/0/0
127.0.0.0/8
Direct 0
0
D
127.0.0.1
InLoopBack0
127.0.0.1/32
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
The routing information is correct. Test whether the route from R1 to 10.1.4.4 is reachable. [R1]ping 10.1.4.4 PING 10.1.4.4: 56 data bytes, press CTRL_C to break Reply from 10.1.4.4: bytes=56 Sequence=1 ttl=255 time=33 ms Reply from 10.1.4.4: bytes=56 Sequence=2 ttl=255 time=29 ms Reply from 10.1.4.4: bytes=56 Sequence=3 ttl=255 time=29 ms Reply from 10.1.4.4: bytes=56 Sequence=4 ttl=255 time=29 ms Reply from 10.1.4.4: bytes=56 Sequence=5 ttl=255 time=29 ms
--- 10.1.4.4 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 29/29/33 ms
On R1, detect the path to 10.1.4.4. [R1]tracert 10.1.4.4 traceroute to 10.1.4.4(10.1.4.4), max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.0.14.4 61 ms 29 ms 29 ms
The next hop of the route 10.1.4.0/24 on R1 is R4. This avoids routing loops.
HC Series
HUAWEI TECHNOLOGIES
413
HCNP-IERN Chapter 4 Traffic filtering and access control
Step 5 Change the priorities of routes based on the routing policy to avoid routing loops. Check the routing table of R5. View the next hop of the route 10.1.4.0/24. [R5]display ip routing-table Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Tables: Public Destinations : 22
Destination/Mask
Routes : 22
Proto
Pre Cost
Flags NextHop
Interface
1.1.1.0/24
RIP
100 2
D
10.0.35.3
10.0.1.1/32
OSPF
10
1
D
10.0.15.1
10.0.2.2/32
RIP
100 2
D
10.0.35.3
Serial1/0/0
10.0.3.3/32
RIP
100 1
D
10.0.35.3
Serial1/0/0
10.0.4.4/32
OSPF
10
10.0.5.5/32
Serial1/0/0 GigabitEthernet0/0/0
1563
D
10.0.15.1 GigabitEthernet0/0/0
Direct 0
0
D
127.0.0.1
10.0.12.0/24
OSPF
10
1563
D
10.0.15.1 GigabitEthernet0/0/0
10.0.14.0/24
OSPF
10
1563
D
10.0.15.1 GigabitEthernet0/0/0
10.0.14.1/32
RIP
100 2
10.0.15.0/24
Direct 0
10.0.15.5/32
Direct 0
10.0.15.255/32
Direct 0
InLoopBack0
D
10.0.35.3
Serial1/0/0
0
D
10.0.15.5
0
D
127.0.0.1
InLoopBack0
0
D
127.0.0.1
InLoopBack0
100 1
D
10.0.35.3
Serial1/0/0
GigabitEthernet0/0/0
10.0.23.0/24
RIP
10.0.35.0/24
Direct 0
0
D
10.0.35.5
Serial1/0/0
10.0.35.3/32
Direct 0
0
D
10.0.35.3
Serial1/0/0
10.0.35.5/32
Direct 0
0
D
127.0.0.1
InLoopBack0
10.0.35.255/32
Direct 0
0
D
127.0.0.1
InLoopBack0
100 2
D
10.0.35.3
Serial1/0/0
D
127.0.0.1
InLoopBack0
10.1.4.0/24
RIP
127.0.0.0/8
Direct 0
127.0.0.1/32
0
Direct 0
0
D
127.0.0.1
InLoopBack0
127.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
255.255.255.255/32 Direct 0
0
D
127.0.0.1
InLoopBack0
On R5, detect the path to 10.1.4.4. [R5]tracert 10.1.4.4 traceroute to 10.1.4.4(10.1.4.4), max hops: 30 ,packet length: 40,press CTRL_C
414
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control to break 1 10.0.35.3 62 ms 24 ms 24 ms 2 10.0.23.2 43 ms 44 ms 44 ms 3 10.0.12.1 33 ms 33 ms 33 ms 4 10.0.14.4 74 ms 55 ms 55 ms
It is found that route filtering avoids routing loops but R5 still learns the route 10.1.4.0/24 from the RIP area. In other words, a sub-optimal route exists. Enable R5 to learn the route 10.1.4.0/24 from the OSPF area instead of the RIP area to avoid routing loops and sub-optimal routes. Delete the routing policy named route_delete from R5. [R5]undo route-policy route_delete
Configure the routing policy named route_pref on R5 and change the priority of the route 10.1.4.0/24 to 180 so that this route has a lower priority than OSPF routes. [R5]route-policy route_pref per node 10 [R5-route-policy]if-match acl 2001 [R5-route-policy]apply preference 180
Enable the routing policy named route_pref to control the routes advertised by the RIP area to the OSPF area. [R5]rip [R5-rip-1]preference route-policy route_pref
View the next hop of the route 10.1.4.0/24 in the routing tables of R5 and R1. [R5]display ip routing-table 10.1.4.0 Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Routing Table : Public Summary Count : 1 Destination/Mask
10.1.4.0/24
Proto
Pre Cost
O_ASE
150 1
Flags NextHop
D
10.0.15.1
Interface
GigabitEthernet0/0/0
[R1]display ip routing-table 10.1.4.0 Route Flags: R - relay, D - download to fib
HC Series
HUAWEI TECHNOLOGIES
415
HCNP-IERN Chapter 4 Traffic filtering and access control ---------------------------------------------------------------------------Routing Table : Public Summary Count : 1 Destination/Mask
10.1.4.0/24
Proto
Pre Cost
O_ASE
150 1
Flags NextHop
D
10.0.14.4
Interface
Serial3/0/0
Test whether the route from R1 to 10.1.4.0/24 is reachable. [R1]ping 10.1.4.4 PING 10.1.4.4: 56 data bytes, press CTRL_C to break Reply from 10.1.4.4: bytes=56 Sequence=1 ttl=255 time=39 ms Reply from 10.1.4.4: bytes=56 Sequence=2 ttl=255 time=35 ms Reply from 10.1.4.4: bytes=56 Sequence=3 ttl=255 time=35 ms Reply from 10.1.4.4: bytes=56 Sequence=4 ttl=255 time=35 ms Reply from 10.1.4.4: bytes=56 Sequence=5 ttl=255 time=35 ms
--- 10.1.4.4 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 35/35/39 ms
On R1, detect the path to 10.1.4.4. [R1]tracert 10.1.4.4 traceroute to 10.1.4.4(10.1.4.4), max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.0.14.4 61 ms 25 ms 25 ms
On R5, detect the path to 10.1.4.4. [R5]tracert 10.1.4.4 traceroute to 10.1.4.4(10.1.4.4), max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.0.15.1 61 ms 2 ms 2 ms 2 10.0.14.4 41 ms 28 ms 27 ms
No routing loop is found. The next hop of the route 10.1.4.0/24 on R1 is R4. The next hop of the route 10.1.4.0/24 on R5 is R1. No sub-optimal route exists.
416
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control
Additional Exercises: Analyzing and Verifying Figure out whether an ACL can be used in step 3 to filter routing information, and the differences between an ACL and a prefix list. In step 5, figure out why the route 10.0.15.0/24 in the routing table of R3 has two next hops whereas the route 10.0.12.0/24 has only one next hop.
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.15.1 255.255.255.0 # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 # ospf 1 import-route static route-policy policy_r1 area 0.0.0.0 network 10.0.12.1 0.0.0.0 network 10.0.15.1 0.0.0.0 network 10.0.14.1 0.0.0.0 network 10.0.1.1 0.0.0.0 # route-policy policy_r1 permit node 10 if-match ip-prefix pref_r1 # ip ip-prefix pref_r1 index 10 permit 1.1.1.0 24 greater-equal 24 less-equal 24
HC Series
HUAWEI TECHNOLOGIES
417
HCNP-IERN Chapter 4 Traffic filtering and access control # ip route-static 1.0.0.0 255.0.0.0 NULL0 ip route-static 1.1.0.0 255.255.0.0 NULL0 ip route-static 1.1.1.0 255.255.255.0 NULL0 ip route-static 1.1.1.0 255.255.255.128 NULL0 ip route-static 1.1.1.1 255.255.255.255 NULL0 # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 # interface Serial2/0/0 link-protocol ppp ip address 10.0.23.2 255.255.255.0 # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 # ospf 1 area 0.0.0.0 network 10.0.12.2 0.0.0.0 # rip 1 version 2 network 10.0.0.0 import-route ospf 1 # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial2/0/0 link-protocol ppp
418
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 4 Traffic filtering and access control ip address 10.0.23.3 255.255.255.0 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # rip 1 version 2 network 10.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 # interface LoopBack1 ip address 10.1.4.4 255.255.255.0 # ospf 1 import-route direct area 0.0.0.0 network 10.0.14.4 0.0.0.0 network 10.0.4.4 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R5 #
HC Series
HUAWEI TECHNOLOGIES
419
HCNP-IERN Chapter 4 Traffic filtering and access control interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 10.0.15.5 255.255.255.0 # interface LoopBack0 ip address 10.0.5.5 255.255.255.255 # ospf 1 import-route rip 1 route-policy route_delete area 0.0.0.0 network 10.0.15.5 0.0.0.0 # rip 1 version 2 network 10.0.0.0 preference route-policy route_pref # route-policy add_tag permit node 10 if-match acl 2001 apply tag 100 # route-policy add_tag permit node 20 # route-policy route_pref permit node 10 if-match acl 2001 apply preference 180 # Return
420
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies
Chapter 5 Implementing multicast technologies Lab 5-1 Multicast, IGMP, and PIM DM Protocols Learning Objectives The objectives of this lab are to learn and understand: •
Multicast route configuration
•
IGMP configuration
•
PIM DM configuration
•
Method to check and test multicast
•
PIM advanced features and configuration
Topology
Figure 5-1 Multicast, IGMP, and PIM DM protocols
HC Series
HUAWEI TECHNOLOGIES
421
HCNP-IERN Chapter 5 Implementing multicast technologies
Scenario Assume that you are a network administrator of a company. Services are forwarded through multicast. On a small-scale network, PIM DM is used to learn multicast routes. During multicast packet forwarding, consider IGMP version compatibility and the method to test multicast on the network. To improve network efficiency and security, PIM DM functions such as PIM peer control and graft are used. Faults occur before multicast packets are forwarded. After the fault location, the network works properly.
Tasks Step 1 Perform basic configurations
and configure IP
addresses. S2 is used to connect R1 and R3. You do not need to configure S2. Before the lab, delete configuration on S2 and restart it. Configure IP addresses and masks for all routers. Configure all the loopback interfaces with 32-bit masks. system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R1 [R1]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 24 [R1-Serial3/0/0]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]interface GigabitEthernet 0/0/2 [R1-GigabitEthernet0/0/2]ip address 10.0.13.1 24 [R1-GigabitEthernet0/0/2]interface LoopBack 0 [R1-LoopBack0]ip address 10.0.1.1 24
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R2 [R2]interface Serial 1/0/0
422
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0] interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.25.2 24 [R2-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1 [R2-GigabitEthernet0/0/1]ip address 10.0.24.2 24 [R2-GigabitEthernet0/0/1]interface LoopBack 0 [R2-LoopBack0]ip address 10.0.2.2 24
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R3 [R3]interface GigabitEthernet 0/0/2 [R3-GigabitEthernet0/0/2]ip address 10.0.13.3 24 [R3-GigabitEthernet0/0/2]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 24 [R3-Serial3/0/0]interface LoopBack 0 [R3-LoopBack0]ip address 10.0.3.3 24
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R4 [R4]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 24 [R4-Serial1/0/0]interface GigabitEthernet 0/0/1 [R4-GigabitEthernet0/0/1]ip address 10.0.24.4 24 [R4-GigabitEthernet0/0/1]interface LoopBack 0 [R4-LoopBack0]ip address 10.0.4.4 24
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R5 [R5]interface Serial 1/0/0 [R5-Serial1/0/0]ip address 10.0.35.5 24 [R5-Serial1/0/0]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.25.5 24 [R5-GigabitEthernet0/0/0]interface LoopBack 0 [R5-LoopBack0]ip address 10.0.5.5 24
After the configuration is complete, check the connectivity between routers. [R1]ping -c 1 10.0.13.3 PING 10.0.13.3: 56 data bytes, press CTRL_C to break
HC Series
HUAWEI TECHNOLOGIES
423
HCNP-IERN Chapter 5 Implementing multicast technologies Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=5 ms
--- 10.0.13.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 5/5/5 ms
[R1]ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=37 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 37/37/37 ms
[R1]ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=38 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 38/38/38 ms
[R5]ping -c 1 10.0.35.3 PING 10.0.35.3: 56 data bytes, press CTRL_C to break Reply from 10.0.35.3: bytes=56 Sequence=1 ttl=255 time=33 ms
--- 10.0.35.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 33/33/33 ms
[R5]ping -c 1 10.0.25.2 PING 10.0.25.2: 56 data bytes, press CTRL_C to break Reply from 10.0.25.2: bytes=56 Sequence=1 ttl=255 time=10 ms
--- 10.0.25.2 ping statistics ---
424
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies 1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 10/10/10 ms
Step 2 Configure multicast on all routers. Enable multicast on R1, R2, R3, R4, and R5. Run the multicast routing-enable command in the system view to enable multicast. By default, multicast on VRP is disabled. When using PIM or IGMP, you need to enable multicast globally. [R1]multicast routing-enable
Run the pim dm command in the interface view to enable multicast. [R1]interface GigabitEthernet 0/0/2 [R1-GigabitEthernet0/0/2]pim dm [R1-GigabitEthernet0/0/2]interface Serial 1/0/0 [R1-Serial1/0/0]pim dm [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]pim dm
Perform similar configuration on R2, R3, R4, and R5. Enable PIM DM on interfaces connecting routers. [R2]multicast routing-enable [R2]interface Serial 1/0/0 [R2-Serial1/0/0]pim dm [R2-Serial1/0/0]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]pim dm
[R3]multicast routing-enable [R3]interface GigabitEthernet 0/0/2 [R3-GigabitEthernet0/0/2]pim dm [R3-GigabitEthernet0/0/2]interface Serial 3/0/0 [R3-Serial3/0/0]pim dm
[R4]multicast routing-enable [R4]interface Serial 1/0/0 [R4-Serial1/0/0]pim dm [R4-Serial1/0/0]interface GigabitEthernet 0/0/1
HC Series
HUAWEI TECHNOLOGIES
425
HCNP-IERN Chapter 5 Implementing multicast technologies [R4-GigabitEthernet0/0/1]pim dm
[R5]multicast routing-enable [R5]interface Serial 1/0/0 [R5-Serial1/0/0]pim dm [R5-Serial1/0/0]interface GigabitEthernet 0/0/0 [R5-GigabitEthernet0/0/0]pim dm
After the configuration is complete, check the PIM running status on interfaces. [R1]display pim interface VPN-Instance: public net Interface
State NbrCnt HelloInt DR-Pri
DR-Address
GE0/0/2
up
1
30
1
10.0.13.3
S1/0/0
up
1
30
1
10.0.12.2
S3/0/0
up
1
30
1
10.0.14.4
You can see that PIM is enabled on three interfaces on R1and has one peer (NbrCnt) on each interface. The router with the largest interface IP address functions as the DR in the network segment. Check detailed PIM information on G/0/0/2 of R1. [R1]display pim interface GigabitEthernet 0/0/2 verbose VPN-Instance: public net Interface: GigabitEthernet0/0/2, 10.0.13.1 PIM version: 2 PIM mode: Dense PIM state: up PIM DR: 10.0.13.3 PIM DR Priority (configured): 1 PIM neighbor count: 1 PIM hello interval: 30 s PIM LAN delay (negotiated): 500 ms PIM LAN delay (configured): 500 ms PIM hello override interval (negotiated): 2500 ms PIM hello override interval (configured): 2500 ms PIM Silent: disabled PIM neighbor tracking (negotiated): disabled PIM neighbor tracking (configured): disabled PIM generation ID: 0X5325911 PIM require-GenID: disabled PIM hello hold interval: 105 s
426
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies PIM assert hold interval: 180 s PIM triggered hello delay: 5 s PIM J/P interval: 60 s PIM J/P hold interval: 210 s PIM state-refresh processing: enabled PIM state-refresh interval: 60 s PIM graft retry interval: 3 s PIM state-refresh capability on link: capable PIM dr-switch-delay timer : not configured Number of routers on link not using DR priority: 0 Number of routers on link not using LAN delay: 0 Number of routers on link not using neighbor tracking: 2 ACL of PIM neighbor policy: ACL of PIM ASM join policy: ACL of PIM SSM join policy: ACL of PIM join policy: -
By default, the interval at which Hello packets are sent is 30 seconds. The holding time is 105s and is 3.5 times the interval at which Hello packets are sent. View the peer list of R1. Three routers establish PIM peer relationships with R1. The default DR priority is 1. [R1]display pim neighbor VPN-Instance: public net Total Number of Neighbors = 3
Neighbor
Interface
Uptime
Expires Dr-Priority
10.0.13.3
GE0/0/2
01:40:27 00:01:18
1
10.0.12.2
S1/0/0
01:42:21 00:01:24
1
10.0.14.4
S3/0/0
01:38:02 00:01:16
1
View detailed information for R3. Uptime indicates the time the neighbor relationship was established. Expiry time indicates the time before the PIM peer expires. LAN delay indicates the delay in transmitting Prune message. Override interval indicates the interval at which the Prune action is overridden. [R1]display pim neighbor 10.0.13.3 verbose VPN-Instance: public net Neighbor: 10.0.13.3 Interface: GigabitEthernet0/0/2 Uptime: 01:41:00
HC Series
HUAWEI TECHNOLOGIES
427
HCNP-IERN Chapter 5 Implementing multicast technologies Expiry time: 00:01:45 DR Priority: 1 Generation ID: 0XD1A5CA9 Holdtime: 105 s LAN delay: 500 ms Override interval: 2500 ms State refresh interval: 60 s Neighbor tracking: Disabled
Step 3 Configure IGMP. In this lab, connect multicast users to the switch S1. Run the igmp enable command to enable IGMP on G0/0/1 connecting R2 and R4. [R2]interface GigabitEthernet 0/0/1 [R2-GigabitEthernet0/0/1]igmp enable
[R4]interface GigabitEthernet 0/0/1 [R4-GigabitEthernet0/0/1]igmp enable
Add static multicast groups on G0/0/1 interfaces connecting R2 and R4. By doing this, G0/0/1 interfaces always forward multicast traffic with the destination address 225.1.1.1. [R2]interface GigabitEthernet 0/0/1 [R2-GigabitEthernet0/0/1]igmp static-group 225.1.1.1
[R4]interface GigabitEthernet 0/0/1 [R4-GigabitEthernet0/0/1]igmp static-group 225.1.1.1
By default, VRP uses IGMPv2. The following output displays that 10.0.24.2 (R2) is the querier in the network segment where G0/0/1 is located. IGMPv2 uses the router with the smallest IP address in a network segment as the querier. [R2]display igmp interface GigabitEthernet 0/0/1 Interface information GigabitEthernet0/0/1(10.0.24.2): IGMP is enabled Current IGMP version is 2 IGMP state: up IGMP group policy: none IGMP limit: -
428
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies Value of query interval for IGMP (negotiated): Value of query interval for IGMP (configured): 60 s Value of other querier timeout for IGMP: 0 s Value of maximum query response time for IGMP: 10 s Querier for IGMP: 10.0.24.2 (this router)
[R4]display igmp interface GigabitEthernet 0/0/1 Interface information GigabitEthernet0/0/1(10.0.24.4): IGMP is enabled Current IGMP version is 2 IGMP state: up IGMP group policy: none IGMP limit: Value of query interval for IGMP (negotiated): Value of query interval for IGMP (configured): 60 s Value of other querier timeout for IGMP: 123 s Value of maximum query response time for IGMP: 10 s Querier for IGMP: 10.0.24.2
View static IGMP group on interfaces. You can see the multicast group 225.1.1.1. [R2]display igmp group static Static join group information Total 1 entry, Total 1 active entry Group Address 225.1.1.1
Source Address Interface 0.0.0.0
GE0/0/1
State
Expires
UP
never
Check IGMP routing table on the interface. [R2]display igmp routing-table Routing table Total 1 entry
00001. (*, 225.1.1.1) List of 1 downstream interface GigabitEthernet0/0/1 (10.0.24.2), Protocol: STATIC
IGMP routing entries are generated only when the interface is configured with IGMP but not PIM and the interface functions as a querier. The routing entry cannot be viewed on R4, because R2 is the querier in the network segment 10.0.24.0/24. HC Series
HUAWEI TECHNOLOGIES
429
HCNP-IERN Chapter 5 Implementing multicast technologies
By default, the interval at which query packets are sent is 60 seconds. You can run the igmp timer query command to shorten the interval so that users can join the multicast group. [R2]interface GigabitEthernet 0/0/1 [R2-GigabitEthernet0/0/1]igmp timer query 20
After the configuration is complete, verify the configuration. [R2]display igmp interface GigabitEthernet 0/0/1 Interface information GigabitEthernet0/0/1(10.0.24.4): IGMP is enabled Current IGMP version is 1 IGMP state: up IGMP group policy: none IGMP limit: Value of query interval for IGMP (negotiated): Value of query interval for IGMP (configured): 20 s Value of other querier timeout for IGMP: 0 s Value of maximum query response time for IGMP: Querier for IGMP: 10.0.24.4 (this router)
Enable debugging. Interfaces send General Query packets every 20 seconds. terminal debugging debugging igmp query send Dec 29 2011 16:33:17.350.1+00:00 R4 MGMD/7/QUERY:Send version 1 general query on GigabitEthernet0/0/1(10.0.24.4) to destination 224.0.0.1 (G073088) Dec 29 2011 16:33:37.130.1+00:00 R4 MGMD/7/QUERY:Send version 1 general query on GigabitEthernet0/0/1(10.0.24.4) to destination 224.0.0.1 (G073088) Dec 29 2011 16:33:57.510.1+00:00 R4 MGMD/7/QUERY:Send version 1 general query on GigabitEthernet0/0/1(10.0.24.4) to destination 224.0.0.1 (G073088) Dec 29 2011 16:34:17.480.1+00:00 R4 MGMD/7/QUERY:Send version 1 general query on GigabitEthernet0/0/1(10.0.24.4) to destination 224.0.0.1 (G073088)
The robustness variable describes IGMP robustness. By default, the robustness variable is 2. Shut down the interface to test robustness. View the default interval at which IGMP Query messages are sent. terminal debugging debugging igmp query send Dec 31 2011 12:37:58.100.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query
430
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) Dec 31 2011 12:38:18.100.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) system-view Enter system view, return user view with Ctrl+Z. Dec 31 2011 12:38:38.100.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) [R2]interface GigabitEthernet 0/0/1 [R2-GigabitEthernet0/0/1]shutdown Dec 31 2011 12:38:53+00:00 R2 %%01IFPDT/4/IF_STATE(l)[0]:Interface GigabitEthernet0/0/1 has turned into DOWN state. Dec 31 2011 12:38:53+00:00 R2 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol on the interface GigabitEthernet0/0/1 has entered the DOWN state. [R2-GigabitEthernet0/0/1]undo shutdown Dec 31 2011 12:39:02+00:00 R2 %%01IFPDT/4/IF_STATE(l)[2]:Interface GigabitEthernet0/0/1 has turned into UP state. Dec 31 2011 12:39:02+00:00 R2 %%01IFNET/4/LINK_STATE(l)[3]:The line protocol on the interface GigabitEthernet0/0/1 has entered the UP state. Dec 31 2011 12:39:03.100.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) Dec 31 2011 12:39:08.100.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) Dec 31 2011 12:39:28.100.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088)
Before the interface is shut down, it sends General Query messages every 20 seconds. When the interface is enabled again, the interval for the two Query messages is 5 seconds. When the router starts, it sends general query messages robust-value times. The interval between the messages is 1/4 of the interval for sending IGMP general query messages. Run the robust-count command to configure the robustness variable. The robustness variable takes effect only in IGMPv2 and IGMPv3. Set the robustness variable to 3 on G0/0/1 of R2. [R2-GigabitEthernet0/0/1]igmp robust-count 3
Enable debugging to check General Query message sending. terminal debugging Info: Current terminal debugging is on. debugging igmp query send Dec 31 2011 13:17:48.440.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query
HC Series
HUAWEI TECHNOLOGIES
431
HCNP-IERN Chapter 5 Implementing multicast technologies on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) system-view Enter system view, return user view with Ctrl+Z. [R2]interface GigabitEthernet 0/0/1 [R2-GigabitEthernet0/0/1]shutdown Dec 31 2011 13:17:58+00:00 R2 %%01IFPDT/4/IF_STATE(l)[0]:Interface GigabitEthernet0/0/1 has turned into DOWN state. Dec 31 2011 13:17:58+00:00 R2 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol on the interface GigabitEthernet0/0/1 has entered the DOWN state. [R2-GigabitEthernet0/0/1]undo shutdown Dec 31 2011 13:18:05+00:00 R2 %%01IFPDT/4/IF_STATE(l)[2]:Interface GigabitEthernet0/0/1 has turned into UP state. Dec 31 2011 13:18:05+00:00 R2 %%01IFNET/4/LINK_STATE(l)[3]:The line protocol on the interface GigabitEthernet0/0/1 has entered the UP state. Dec 31 2011 13:18:06.440.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) Dec 31 2011 13:18:11.440.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) Dec 31 2011 13:18:16.440.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088) Dec 31 2011 13:18:36.440.1+00:00 R2 MGMD/7/QUERY:Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073088)
When the robustness variable is 3 and the interface is enabled, the interval for the former three General Query messages is 5 seconds. From the fourth General Query message, the interval becomes 20 seconds.
Step 4 View the multicast routing table. Enable OSPF. [R1]ospf 1 router-id 10.0.1.1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.14.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R2]ospf 1 router-id 10.0.2.2 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.25.2 0.0.0.0
432
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies [R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R3]ospf 1 router-id 10.0.3.3 [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.35.3 0.0.0.0
[R4]ospf 1 router-id 10.0.4.4 [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.14.4 0.0.0.0
[R5]ospf 1 router-id 10.0.5.5 [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]network 10.0.25.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]network 10.0.35.5 0.0.0.0
After the configuration is complete, routers can learn loopback address from each other. [R2]display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ---------------------------------------------------------------------------Public routing table : OSPF Destinations : 7
Routes : 8
OSPF routing table status : Destinations : 7
Routes : 8
Destination/Mask Proto Pre Cost
Flags NextHop
Interface
10.0.1.1/32 OSPF 10
1562
D
10.0.12.1
Serial1/0/0
10.0.3.3/32 OSPF 10
1563
D
10.0.12.1
Serial1/0/0
OSPF 10
1563
D
10.0.25.5
10.0.4.4/32 OSPF 10
3124
D
10.0.12.1
10.0.5.5/32 OSPF 10
1
D
10.0.25.5
10.0.13.0/24 OSPF 10
1563
D
10.0.12.1
Serial1/0/0
10.0.14.0/24 OSPF 10
3124
D
10.0.12.1
Serial1/0/0
10.0.35.0/24 OSPF 10
1563
D
10.0.25.5
GigabitEthernet0/0/0 Serial1/0/0 GigabitEthernet0/0/0
GigabitEthernet0/0/0
OSPF routing table status :
HC Series
HUAWEI TECHNOLOGIES
433
HCNP-IERN Chapter 5 Implementing multicast technologies Destinations : 0
Routes : 0
To stimulate multicast message transmission, use the loopback interface IP address on R3 as the source address. Send Ping packet to the destination address 225.1.1.1 to stimulate multicast source. [R3]ping -a 10.0.3.3 -c 300 225.1.1.1
After several minutes, you can see the multicast routing table on all the other routers. View the routing table on R2. [R2]display pim routing-table VPN-Instance: public net Total 1(*, G) entry; 1 (S, G) entry
(*, 225.1.1.1) Protocol: pim-dm, Flag: WC EXT UpTime: 00:09:04 Upstream interface: NULL Upstream neighbor: NULL RPF prime neighbor: NULL Downstream interface(s) information: None
(10.0.3.3, 225.1.1.1) Protocol: pim-dm, Flag: UpTime: 00:00:52 Upstream interface: GigabitEthernet0/0/0 Upstream neighbor: 10.0.25.5 RPF prime neighbor: 10.0.25.5 Downstream interface(s) information: None
Two entries are displayed. The first entry (*, 225.1.1.1) is generated after a static IGMP group is configured on the interface. The second entry (10.0.3.3, 225.1.1.1) is generated on the router after multicast traffic is flooded. The preceding information shows that the upstream router of R2 is 10.0.25.5. After PIM is enabled, routers use the unicast routing table to perform RPF check. The following output shows that the RPF peer of the multicast source 10.0.3.3 is 10.0.25.5. 434
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies [R2]display multicast rpf-info 10.0.3.3 VPN-Instance: public net RPF information about source: 10.0.3.3 RPF interface: GigabitEthernet0/0/0, RPF neighbor: 10.0.25.5 Referenced route/mask: 10.0.3.3/32 Referenced route type: unicast Route selection rule: preference-preferred Load splitting rule: disable
Step 5 Adjust PIM DM parameters. Run the rpf-route-static command to modify the RPF path statically so that the traffic is not forwarded to the destination along the unicast route path. In this lab, change the RPF path from 10.0.25.5 to 10.0.12.1. [R2]ip rpf-route-static 10.0.3.0 255.255.255.0 10.0.12.1
After the configuration is complete, the RPF peer becomes 10.0.12.1. [R2]display multicast rpf-info 10.0.3.3 VPN-Instance: public net RPF information about source: 10.0.3.3 RPF interface: Serial1/0/0, RPF neighbor: 10.0.12.1 Referenced route/mask: 10.0.3.0/24 Referenced route type: mstatic Route selection rule: preference-preferred Load splitting rule: disable
To view PIM prune and graft messages, delete or add static IGMP groups to stimulate user addition and deletion. Enable debugging on R2. debugging pim join-prune terminal debugging
Delete static IGMP group 225.1.1.1 on R2. [R2-GigabitEthernet0/0/1]undo igmp static-group 225.1.1.1 Dec 31 2011 15:00:05.300.1+00:00 R2 PIM/7/JP:(public net): PIM ver 2 JP sending 10.0.12.2 -> 224.0.0.13 on Serial1/0/0 (P012689) Dec 31 2011 15:00:05.300.2+00:00 R2 PIM/7/JP:(public net): Upstream 10.0.12.1, Groups 1, Holdtime 210 (P012693) Dec 31 2011 15:00:05.300.3+00:00 R2 PIM/7/JP:(public net): Group: 225.1.1.1/32 --- 0 joins 1 prunes (P012701) Dec 31 2011 15:00:05.310.1+00:00 R2 PIM/7/JP:(public net): Prune: 10.0.3.3/32
HC Series
HUAWEI TECHNOLOGIES
435
HCNP-IERN Chapter 5 Implementing multicast technologies (P012707) Dec 31 2011 15:00:05.350.1+00:00 R2 PIM/7/JP:(public net): PIM ver 2 JP receiving 10.0.12.1 -> 224.0.0.13 on Serial1/0/0 (P012689) Dec 31 2011 15:00:05.350.2+00:00 R2 PIM/7/JP:(public net): Upstream 10.0.12.1, Groups 1, Holdtime 207 (P012693) Dec 31 2011 15:00:05.350.3+00:00 R2 PIM/7/JP:(public net): Group: 225.1.1.1/32 --- 0 joins 1 prunes (P012701) Dec 31 2011 15:00:05.350.4+00:00 R2 PIM/7/JP:(public net): Prune: 10.0.3.3/32 (P012707)
R2 uses the multicast address 224.0.0.13 to send prune messages to the upstream interface. The address of the upstream route is 10.0.12.1. The multicast group 225.1.1.1 has been pruned. R1 sends messages to R2 to confirm that the group has been pruned. Then add the deleted static IGMP multicast group. [R2-GigabitEthernet0/0/1] igmp static-group 225.1.1.1 Dec 31 2011 15:00:19.440.1+00:00 R2 PIM/7/JP:(public net): PIM ver 2 GFT sending 10.0.12.2 -> 10.0.12.1 on Serial1/0/0 (P012633) Dec 31 2011 15:00:19.440.2+00:00 R2 PIM/7/JP:(public net): Upstream 10.0.12.1, Groups 1, Holdtime 0 (P012639) Dec 31 2011 15:00:19.440.3+00:00 R2 PIM/7/JP:(public net): Group: 225.1.1.1/32 --- 1 joins 0 prunes (P012648) Dec 31 2011 15:00:19.440.4+00:00 R2 PIM/7/JP:(public net): Join: 10.0.3.3/32 (P012654) Dec 31 2011 15:00:19.480.1+00:00 R2 PIM/7/JP:(public net): PIM ver 2 GAK receiving 10.0.12.1 -> 10.0.12.2 on Serial1/0/0 (P012633) Dec 31 2011 15:00:19.480.2+00:00 R2 PIM/7/JP:(public net): Upstream 10.0.12.2, Groups 1, Holdtime 0 (P012639) Dec 31 2011 15:00:19.480.3+00:00 R2 PIM/7/JP:(public net): Group: 225.1.1.1/32 --- 1 joins 0 prunes (P012648) Dec 31 2011 15:00:19.480.4+00:00 R2 PIM/7/JP:(public net): Join: 10.0.3.3/32 (P012654)
R2 instantly sends a unicast graft message to the upstream device, asking for joining 225.1.1.1. R1 responses graft message in a unicast manner. The prune message is sent in multicast address 224.0.0.13, whereas the graft message is sent to the upstream device in unicast mode. Run the multicast boundary command to specify boundary for a certain multicast group or multicast address segment so that multicast
436
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies
traffic is transmitted only in specified range. Perform the following configuration to the interface connecting R1 and R4 so that the traffic of multicast group 225.1.1.2 is not transmitted to R4. [R1-Serial3/0/0]multicast boundary 225.1.1.2 255.255.255.255
Stimulate multicast traffic with destination address 225.1.1.2 on R3. [R3]ping -a 10.0.3.3 -c 300 225.1.1.2
View multicast routing tables on R2 and R4. The multicast routing table on R2 has the entry (10.0.3.3, 225.1.1.2), but the multicast routing table on R4 does not have this entry. This indicates that multicast traffic is not transmitted to R4. [R2]display pim routing-table VPN-Instance: public net Total 1 (*, G) entry; 2 (S, G) entries
(*, 225.1.1.1) Protocol: pim-dm, Flag: WC EXT UpTime: 00:09:04 Upstream interface: NULL Upstream neighbor: NULL RPF prime neighbor: NULL Downstream interface(s) information: None
(10.0.3.3, 225.1.1.1) Protocol: pim-dm, Flag: EXT UpTime: 00:02:11 Upstream interface: Serial1/0/0 Upstream neighbor: 10.0.12.1 RPF prime neighbor: 10.0.12.1 Downstream interface(s) information: None
(10.0.3.3, 225.1.1.2) Protocol: pim-dm, Flag: UpTime: 00:00:08 Upstream interface: Serial1/0/0 Upstream neighbor: 10.0.12.1 RPF prime neighbor: 10.0.12.1 Downstream interface(s) information: None
HC Series
HUAWEI TECHNOLOGIES
437
HCNP-IERN Chapter 5 Implementing multicast technologies [R4]display pim routing-table VPN-Instance: public net Total 1 (*, G) entry; 1 (S, G) entry
(*, 225.1.1.1) Protocol: pim-dm, Flag: WC UpTime: 00:08:03 Upstream interface: NULL Upstream neighbor: NULL RPF prime neighbor: NULL Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet0/0/1 Protocol: static, UpTime: 00:08:03, Expires: never
(10.0.3.3, 225.1.1.1) Protocol: pim-dm, Flag: UpTime: 00:02:43 Upstream interface: Serial1/0/0 Upstream neighbor: 10.0.14.1 RPF prime neighbor: 10.0.14.1 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet0/0/1 Protocol: pim-dm, UpTime: 00:02:43, Expires: -
By default, PIM DM use router with the highest interface IP address as DR. [R2]display pim interface VPN-Instance: public net Interface
State NbrCnt HelloInt DR-Pri
DR-Address
GE0/0/0
up
1
30
1
10.0.25.5
S1/0/0
up
1
30
1
10.0.12.2
(local)
Check the interface status on R2. R5 functions as the DR on the interface connected to R5. Set the interface priority to perform DR selection. The priority is a 32-bit value. The default value is 1. In the following examples, set the priority value of the interface connecting R2 to R5 to 100. [R2-GigabitEthernet0/0/0]pim hello-option dr-priority 100
438
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies [R2]display pim interface VPN-Instance: public net Interface
State NbrCnt HelloInt DR-Pri
DR-Address
GE0/0/0
up
1
30
100
10.0.25.2
(local)
S1/0/0
up
1
30
1
10.0.12.2
(local)
When the priority value of the router interface is set to 100, R2 functions as the DR. To ensure security, run the pim silent command to stop sending and receiving PIM Hello packets on user-side interfaces. [R4-GigabitEthernet0/0/1]pim silent
PIM Silent takes effect after configuration is complete. [R4]display pim interface GigabitEthernet 0/0/1 verbose VPN-Instance: public net Interface: GigabitEthernet0/0/1, 10.0.24.4 PIM version: 2 PIM mode: Dense PIM state: up PIM DR: 10.0.24.4 (local) PIM DR Priority (configured): 1 PIM neighbor count: 0 PIM hello interval: 30 s PIM LAN delay (negotiated): 500 ms PIM LAN delay (configured): 500 ms PIM hello override interval (negotiated): 2500 ms PIM hello override interval (configured): 2500 ms PIM Silent: enabled PIM neighbor tracking (negotiated): disabled PIM neighbor tracking (configured): disabled PIM generation ID: 0XAD457D14 PIM require-GenID: disabled PIM hello hold interval: 105 s PIM assert hold interval: 180 s PIM triggered hello delay: 5 s PIM J/P interval: 60 s PIM J/P hold interval: 210 s PIM state-refresh processing: enabled PIM state-refresh interval: 60 s PIM graft retry interval: 3 s PIM state-refresh capability on link: capable
HC Series
HUAWEI TECHNOLOGIES
439
HCNP-IERN Chapter 5 Implementing multicast technologies PIM dr-switch-delay timer : not configured Number of routers on link not using DR priority: 0 Number of routers on link not using LAN delay: 0 Number of routers on link not using neighbor tracking: 1 ACL of PIM neighbor policy: ACL of PIM ASM join policy: ACL of PIM SSM join policy: ACL of PIM join policy: -
Additional Exercises: Analyzing and Verifying PIM DM applies to scenarios with many users that are densely distributed. In which scenarios is PIM DM applicable? What are the characteristics of the scenarios?
What are the disadvantages of PIM DM on a large-scale network?
Final Configurations display current-configuration [V200R001C00SPC200] # sysname R1 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 pim dm # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 pim dm multicast boundary 225.1.1.2 32 # ip address 10.0.13.1 255.255.255.0
440
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies pim dm # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 # ospf 1 router-id 10.0.1.1 area 0.0.0.0 network 10.0.1.1 0.0.0.0 network 10.0.14.1 0.0.0.0 network 10.0.13.1 0.0.0.0 network 10.0.12.1 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R2 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 pim dm # interface GigabitEthernet0/0/0 ip address 10.0.25.2 255.255.255.0 pim hello-option dr-priority 100 pim dm # interface GigabitEthernet0/0/1 ip address 10.0.24.2 255.255.255.0 igmp enable igmp robust-count 3 igmp timer query 20 igmp static-group 225.1.1.1 # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 # ospf 1 router-id 10.0.2.2 area 0.0.0.0 network 10.0.2.2 0.0.0.0 network 10.0.25.2 0.0.0.0
HC Series
HUAWEI TECHNOLOGIES
441
HCNP-IERN Chapter 5 Implementing multicast technologies network 10.0.12.2 0.0.0.0 # ip rpf-route-static 10.0.3.0 24 10.0.12.1 # return
display current-configuration [V200R001C00SPC200] # sysname R3 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 pim dm # interface GigabitEthernet0/0/2 ip address 10.0.13.3 255.255.255.0 pim dm # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 # ospf 1 router-id 10.0.3.3 area 0.0.0.0 network 10.0.3.3 0.0.0.0 network 10.0.13.3 0.0.0.0 network 10.0.35.3 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R4 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 pim dm # interface GigabitEthernet0/0/1 ip address 10.0.24.4 255.255.255.0
442
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies pim silent igmp enable igmp static-group 225.1.1.1 # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 # ospf 1 router-id 10.0.4.4 area 0.0.0.0 network 10.0.4.4 0.0.0.0 network 10.0.14.4 0.0.0.0 # return
display current-configuration [V200R001C00SPC200] # sysname R5 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 pim dm # interface GigabitEthernet0/0/0 ip address 10.0.25.5 255.255.255.0 pim dm # interface LoopBack0 ip address 10.0.5.5 255.255.255.255 # ospf 1 router-id 10.0.5.5 area 0.0.0.0 network 10.0.5.5 0.0.0.0 network 10.0.25.5 0.0.0.0 network 10.0.35.5 0.0.0.0 # return
HC Series
HUAWEI TECHNOLOGIES
443
HCNP-IERN Chapter 5 Implementing multicast technologies
Lab 5-2 PIM-SM and Dynamic RP Learning Objectives The objectives of this lab are to learn and understand how to perform the following operations: •
Configure Protocol Independent Multicast Sparse Mode (PIM-SM).
•
Configure static rendezvous points (RPs) and load balancing among
RPs. •
Configure switchover between RP Tree (RPT) and Shortest Path Tree
(SPT). •
Configure Auto-RP.
Topology
Figure 5-2 PIM-SM and dynamic RP
444
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies
Scenario Assume that you are a network administrator of a company. Originally Protocol Independent Multicast Dense Mode (PIM-DM) is used for learning multicast routes. The multicast service quality deteriorates as multicast applications become popular. To improve multicast reliability, security, and efficiency, PIM-SM is used for learning multicast routes. In PIM-SM, an RP must be defined to function as the RPT root. The actual configuration is much more complex. Load balancing must be implemented among multicast RPs. In addition, the Auto-RP function needs to be deployed when the multicast forwarding scale increases. Some network faults occur before multicast forwarding is implemented. The network resumes normal after the faults are rectified.
Tasks Step 1 Perform basic configurations and IP addressing. S2 does not need to be configured though it is involved in the experiment. Before carrying out the experiment, clear the configurations on S2 and restart it. Configure IP addresses and subnet masks for all routers. The subnet masks of all loopback interfaces contain 32 binary digits. system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R1 [R1]interface GigabitEthernet0/0/2 [R1-GigabitEthernet0/0/2]ip address 10.0.13.1 24 [R1-GigabitEthernet0/0/2]interface Serial 1/0/0 [R1-Serial1/0/0]ip address 10.0.12.1 24 [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]ip address 10.0.14.1 24 [R1-Serial3/0/0]interface loopback 0 [R1-LoopBack0]ip address 10.0.1.1 32
system-view Enter system view, return user view with Ctrl+Z.
HC Series
HUAWEI TECHNOLOGIES
445
HCNP-IERN Chapter 5 Implementing multicast technologies [Huawei]sysname R2 [R2]interface GigabitEthernet0/0/0 [R2-GigabitEthernet0/0/0]ip address 10.0.25.2 24 [R2-GigabitEthernet0/0/0]interface GigabitEthernet0/0/1 [R2-GigabitEthernet0/0/1]ip address 10.0.24.2 24 [R2-GigabitEthernet0/0/1]interface Serial 1/0/0 [R2-Serial1/0/0]ip address 10.0.12.2 24 [R2-Serial1/0/0]interface loopback 0 [R2-LoopBack0]ip address 10.0.2.2 32
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R3 [R3]interface GigabitEthernet0/0/2 [R3-GigabitEthernet0/0/2]ip address 10.0.13.3 24 [R3-GigabitEthernet0/0/2]interface Serial 3/0/0 [R3-Serial3/0/0]ip address 10.0.35.3 24 [R3-Serial3/0/0]interface loopback 0 [R3-LoopBack0]ip address 10.0.3.3 32
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R4 [R4]interface GigabitEthernet0/0/1 [R4-GigabitEthernet0/0/1]ip address 10.0.24.4 24 [R4-GigabitEthernet0/0/1]interface Serial 1/0/0 [R4-Serial1/0/0]ip address 10.0.14.4 24 [R4-Serial1/0/0]interface loopback 0 [R4-LoopBack0]ip address 10.0.4.4 32
system-view Enter system view, return user view with Ctrl+Z. [Huawei]sysname R5 [R5]interface GigabitEthernet0/0/0 [R5-GigabitEthernet0/0/0]ip address 10.0.25.5 24 [R5-GigabitEthernet0/0/0]interface Serial 1/0/0 [R5-Serial1/0/0]ip add 10.0.35.5 24 [R5-Serial1/0/0]interface loopback 0 [R5-LoopBack0]ip add 10.0.5.5 32
system-view Enter system view, return user view with Ctrl+Z. [Quidway]sysname S1
446
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies [S1]interface Vlanif 1 [S1-Vlanif1]ip address 10.0.24.1 24 [S1-Vlanif1]interface loopback 0 [S1-LoopBack0]ip address 10.0.11.11 24
Test whether direct links are reachable. [R1]ping -c 1 10.0.12.2 PING 10.0.12.2: 56 data bytes, press CTRL_C to break Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=41 ms
--- 10.0.12.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 41/41/41 ms
[R1]ping -c 1 10.0.13.3 PING 10.0.13.3: 56 data bytes, press CTRL_C to break Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=5 ms
--- 10.0.13.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 5/5/5 ms
[R1]ping -c 1 10.0.14.4 PING 10.0.14.4: 56 data bytes, press CTRL_C to break Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=62 ms
--- 10.0.14.4 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 62/62/62 ms
[R5]ping -c 1 10.0.25.2 PING 10.0.25.2: 56 data bytes, press CTRL_C to break Reply from 10.0.25.2: bytes=56 Sequence=1 ttl=255 time=7 ms
--- 10.0.25.2 ping statistics --1 packet(s) transmitted
HC Series
HUAWEI TECHNOLOGIES
447
HCNP-IERN Chapter 5 Implementing multicast technologies 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 7/7/7 ms
[R5]ping -c 1 10.0.35.3 PING 10.0.35.3: 56 data bytes, press CTRL_C to break Reply from 10.0.35.3: bytes=56 Sequence=1 ttl=255 time=37 ms
--- 10.0.35.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 37/37/37 ms
[S1]ping -c 1 10.0.24.2 PING 10.0.24.2: 56 data bytes, press CTRL_C to break Reply from 10.0.24.2: bytes=56 Sequence=1 ttl=255 time=1 ms
--- 10.0.24.2 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/1/1 ms
Enable OSPF on R1, R2, R3, R4, R5, and S1 for interworking between networks. [R1]ospf 1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 10.0.14.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R2]ospf 1 [R2-ospf-1]area 0 [R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.24.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.25.2 0.0.0.0 [R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R3]ospf 1 [R3-ospf-1]area 0
448
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies [R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.35.3 0.0.0.0 [R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R4]ospf 1 [R4-ospf-1]area 0 [R4-ospf-1-area-0.0.0.0]network 10.0.14.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.24.4 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
[R5]ospf 1 [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]network 10.0.25.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]network 10.0.35.5 0.0.0.0 [R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0
[S1]ospf 1 [S1-ospf-1]area 0 [S1-ospf-1-area-0.0.0.0]network 10.0.24.1 0.0.0.0 [S1-ospf-1-area-0.0.0.0]network 10.0.11.11 0.0.0.0
After OSPF neighbor relationships are established and routing information is exchanged, test whether the route from S1 to the Loopback 0 interface of R3 is reachable. [S1]ping -c 1 10.0.3.3 PING 10.0.3.3: 56 data bytes, press CTRL_C to break Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=253 time=37 ms
--- 10.0.3.3 ping statistics --1 packet(s) transmitted 1 packet(s) received 0.00% packet loss round-trip min/avg/max = 37/37/37 ms
The preceding information shows that the network runs properly.
Step 2 Configure PIM-SM for all routers. Enable multicast routing on R1, R2, R3, R4, R5, and S1. [R1]multicast routing-enable
HC Series
HUAWEI TECHNOLOGIES
449
HCNP-IERN Chapter 5 Implementing multicast technologies [R2]multicast routing-enable
[R3]multicast routing-enable
[R4]multicast routing-enable
[R5]multicast routing-enable
[S1]multicast routing-enable
Enable PIM-SM for all interfaces of the routers. [R1]interface GigabitEthernet0/0/2 [R1-GigabitEthernet0/0/2]pim sm [R1-GigabitEthernet0/0/2]interface Serial 1/0/0 [R1-Serial1/0/0]pim sm [R1-Serial1/0/0]interface Serial 3/0/0 [R1-Serial3/0/0]pim sm [R1-Serial3/0/0]interface loopback 0 [R1-LoopBack0]pim sm
[R2]interface GigabitEthernet0/0/0 [R2-GigabitEthernet0/0/0]pim sm [R2-GigabitEthernet0/0/0]interface GigabitEthernet0/0/1 [R2-GigabitEthernet0/0/1]pim sm [R2-GigabitEthernet0/0/1]interface Serial 1/0/0 [R2-Serial1/0/0]pim sm [R2-Serial1/0/0]interface loopback 0 [R2-LoopBack0]pim sm
[R3]interface GigabitEthernet0/0/2 [R3-GigabitEthernet0/0/2]pim sm [R3-GigabitEthernet0/0/2]interface Serial 3/0/0 [R3-Serial3/0/0]pim sm [R3-Serial3/0/0]interface loopback 0 [R3-LoopBack0]pim sm
[R4]interface GigabitEthernet0/0/1 [R4-GigabitEthernet0/0/1]pim sm [R4-GigabitEthernet0/0/1]interface Serial 1/0/0 [R4-Serial1/0/0]pim sm [R4-Serial1/0/0]interface loopback 0 [R4-LoopBack0]pim sm
450
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies
[R5]interface GigabitEthernet0/0/0 [R5-GigabitEthernet0/0/0]pim sm [R5-GigabitEthernet0/0/0]interface Serial 1/0/0 [R5-Serial1/0/0]pim sm [R5-Serial1/0/0]interface loopback 0 [R5-LoopBack0]pim sm
[S1]interface Vlanif 1 [S1-Vlanif1]pim sm [S1-Vlanif1]interface loopback 0 [S1-LoopBack0]pim sm
View the PIM neighbors learned by R1, R5, and S1. display pim neighbor VPN-Instance: public net Total Number of Neighbors = 3
Neighbor
Interface
Uptime
Expires Dr-Priority
10.0.13.3
GE0/0/2
00:08:52 00:01:23 1
10.0.12.2
S1/0/0
00:40:44 00:01:30 1
10.0.14.4
S3/0/0
00:07:53 00:01:23 1
[R5]display pim neighbor VPN-Instance: public net Total Number of Neighbors = 2
Neighbor
Interface
Uptime
Expires Dr-Priority
10.0.25.2
GE0/0/0
00:08:38 00:01:30 1
10.0.35.3
S1/0/0
00:08:38 00:01:28 1
[S1]display pim neighbor VPN-Instance: public net Total Number of Neighbors = 2
Neighbor
Interface
Uptime
Expires Dr-Priority BFD-Session
10.0.24.4
Vlanif1
00:01:24 00:01:23 1
N
10.0.24.2
Vlanif1
00:01:22 00:01:17 1
N
The preceding information shows that PIM runs properly on the network.
HC Series
HUAWEI TECHNOLOGIES
451
HCNP-IERN Chapter 5 Implementing multicast technologies
Step 3 Configure load balancing among static RPs. Specify static RPs manually to control multicast data streams on the network. For all devices, configure the S3/0/0 interface of R1 as a static RP on the network. [R1]pim [R1-pim]static-rp 10.0.14.1
[R2]pim [R2-pim]static-rp 10.0.14.1
[R3]pim [R3-pim]static-rp 10.0.14.1
[R4]pim [R4-pim]static-rp 10.0.14.1
[R5]pim [R5-pim]static-rp 10.0.14.1
[S1]pim [S1-pim]static-rp 10.0.14.1
S1 simulates the Layer 3 switch that multicast users on the network access. Enable the Internet Group Management Protocol (IGMP) function on the Loopback 0 interface of S1. [S1]interface LoopBack 0 [S1-LoopBack0]igmp enable
Add the Loopback 0 interface of S1 to the 225.0.0.1 multicast group in static mode and simulate a connection to the multicast group. [S1]interface LoopBack 0 [S1-LoopBack0]igmp static-group 225.0.0.1
Run the display pim routing-table command to view the PIM routing tables of R1, R4, and S1. [R1]display pim routing-table VPN-Instance: public net
452
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies Total 1 (*, G) entry; 0 (S, G) entry
(*, 225.0.0.1) RP: 10.0.14.1 (local) Protocol: pim-sm, Flag: WC UpTime: 00:02:40 Upstream interface: Register Upstream neighbor: NULL RPF prime neighbor: NULL Downstream interface(s) information: Total number of downstreams: 1 1: Serial3/0/0 Protocol: pim-sm, UpTime: 00:02:40, Expires: 00:02:50
[R4]display pim routing-table VPN-Instance: public net Total 1 (*, G) entry; 0 (S, G) entry
(*, 225.0.0.1) RP: 10.0.14.1 Protocol: pim-sm, Flag: WC UpTime: 00:01:46 Upstream interface: Serial1/0/0 Upstream neighbor: 10.0.14.1 RPF prime neighbor: 10.0.14.1 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet0/0/1 Protocol: pim-sm, UpTime: 00:01:46, Expires: 00:02:43
[S1-LoopBack0]display pim routing-table VPN-Instance: public net Total 1 (*, G) entry; 0 (S, G) entry
(*, 225.0.0.1) RP: 10.0.14.1 Protocol: pim-sm, Flag: WC UpTime: 00:01:19 Upstream interface: Vlanif1 Upstream neighbor: 10.0.24.4 RPF prime neighbor: 10.0.24.4 Downstream interface(s) information: Total number of downstreams: 1
HC Series
HUAWEI TECHNOLOGIES
453
HCNP-IERN Chapter 5 Implementing multicast technologies 1: LoopBack0 Protocol: static, UpTime: 00:01:19, Expires: -
The preceding information shows that R1 is the RP on the network where a static RP is specified. S1 generates a multicast route that reaches R1 through R4. Create an ACL and apply it on the static RP. Configure R1 as an RP to serve the 255.0.0.0/24 network segment. Configure R5 as an RP to serve the 255.0.1.0/24 network segment. [R1]acl 2000 [R1-acl-basic-2000]rule permit source 225.0.0.0 0.0.0.255 [R1-acl-basic-2000]acl 2001 [R1-acl-basic-2001]rule permit source 225.0.1.0 0.0.0.255 [R1-acl-basic-2001]pim [R1-pim]static-rp 10.0.14.1 2000 [R1-pim]static-rp 10.0.25.5 2001
[R2]acl 2000 [R2-acl-basic-2000]rule permit source 225.0.0.0 0.0.0.255 [R2-acl-basic-2000]acl 2001 [R2-acl-basic-2001]rule permit source 225.0.1.0 0.0.0.255 [R2-acl-basic-2001]pim [R2-pim]static-rp 10.0.14.1 2000 [R2-pim]static-rp 10.0.25.5 2001
[R3]acl 2000 [R3-acl-basic-2000]rule permit source 225.0.0.0 0.0.0.255 [R3-acl-basic-2000]acl 2001 [R3-acl-basic-2001]rule permit source 225.0.1.0 0.0.0.255 [R3-acl-basic-2001]pim [R3-pim]static-rp 10.0.14.1 2000 [R3-pim]static-rp 10.0.25.5 2001
[R4]acl 2000 [R4-acl-basic-2000]rule permit source 225.0.0.0 0.0.0.255 [R4-acl-basic-2000]acl 2001 [R4-acl-basic-2001]rule permit source 225.0.1.0 0.0.0.255 [R4-acl-basic-2001]pim [R4-pim]static-rp 10.0.14.1 2000 [R4-pim]static-rp 10.0.25.5 2001
454
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies [R5]acl 2000 [R5-acl-basic-2000]rule permit source 225.0.0.0 0.0.0.255 [R5-acl-basic-2000]acl 2001 [R5-acl-basic-2001]rule permit source 225.0.1.0 0.0.0.255 [R5-acl-basic-2001]pim [R5-pim]static-rp 10.0.14.1 2000 [R5-pim]static-rp 10.0.25.5 2001
[S1]acl 2000 [S1-acl-basic-2000]rule permit source 225.0.0.0 0.0.0.255 [S1-acl-basic-2000]acl 2001 [S1-acl-basic-2001]rule permit source 225.0.1.0 0.0.0.255 [S1-acl-basic-2001]pim [S1-pim]static-rp 10.0.14.1 2000 [S1-pim]static-rp 10.0.25.5 2001
Add the Loopback 0 interface of S1 to the 225.0.1.1 multicast group in static mode and simulate a connection to the multicast group. [S1]interface LoopBack 0 [S1-LoopBack0]igmp static-group 225.0.1.1
Run the display pim routing-table command to view the PIM routing tables of R2, R5, and S1. [R5]dis pim routing-table VPN-Instance: public net Total 1 (*, G) entry; 0 (S, G) entry
(*, 225.0.1.1) RP: 10.0.25.5 (local) Protocol: pim-sm, Flag: WC UpTime: 00:03:13 Upstream interface: Register Upstream neighbor: NULL RPF prime neighbor: NULL Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet0/0/0 Protocol: pim-sm, UpTime: 00:03:13, Expires: 00:03:17
[R2]display pim routing-table VPN-Instance: public net Total 1 (*, G) entry; 0 (S, G) entry
HC Series
HUAWEI TECHNOLOGIES
455
HCNP-IERN Chapter 5 Implementing multicast technologies
(*, 225.0.1.1) RP: 10.0.25.5 Protocol: pim-sm, Flag: WC UpTime: 00:03:41 Upstream interface: GigabitEthernet0/0/0 Upstream neighbor: 10.0.25.5 RPF prime neighbor: 10.0.25.5 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet0/0/1 Protocol: pim-sm, UpTime: 00:03:41, Expires: 00:02:48
[S1]display pim routing-table VPN-Instance: public net Total 2 (*, G) entries; 0 (S, G) entry
(*, 225.0.0.1) RP: 10.0.14.1 Protocol: pim-sm, Flag: WC UpTime: 00:17:09 Upstream interface: Vlanif1 Upstream neighbor: 10.0.24.4 RPF prime neighbor: 10.0.24.4 Downstream interface(s) information: Total number of downstreams: 1 1: LoopBack0 Protocol: static, UpTime: 00:17:09, Expires: -
(*, 225.0.1.1) RP: 10.0.25.5 Protocol: pim-sm, Flag: WC UpTime: 00:03:58 Upstream interface: Vlanif1 Upstream neighbor: 10.0.24.2 RPF prime neighbor: 10.0.24.2 Downstream interface(s) information: Total number of downstreams: 1 1: LoopBack0 Protocol: static, UpTime: 00:03:58, Expires: -
The preceding information shows that S1 generates two multicast
456
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies
routes for 255.0.0.1 and 255.0.1.1 respectively. The multicast route for 255.0.1.1 reaches the R5 through R2.
Step 4 Configure Auto-RP. Configure R3 as the Candidate-BSR (C-BSR) by using the Auto-RP function to control multicast borders. Enable PIM to automatically elect the RP from R1 and R5. Delete the static RP configurations from all routers to prevent the static RP from disturbing the Auto-RP experiment. [R1]undo pim Warning: This operation will lead to the deletion of all the IPv4 global PIM configurations in the public instance. Continue? [Y/N]:y
[R2]undo pim Warning: This operation will lead to the deletion of all the IPv4 global PIM configurations in the public instance. Continue? [Y/N]:y
[R3]undo pim Warning: This operation will lead to the deletion of all the IPv4 global PIM configurations in the public instance. Continue? [Y/N]:y
[R4]undo pim Warning: This operation will lead to the deletion of all the IPv4 global PIM configurations in the public instance. Continue? [Y/N]:y
[R5]undo pim Warning: This operation will lead to the deletion of all the IPv4 global PIM configurations in the public instance. Continue? [Y/N]:y
[S1]undo pim
Configure Auto-RP on R1 and R5. [R1]pim [R1-pim]c-rp LoopBack 0
[R5]pim [R5-pim]c-rp LoopBack 0
Configure R3 as the C-BSR.
HC Series
HUAWEI TECHNOLOGIES
457
HCNP-IERN Chapter 5 Implementing multicast technologies [R3]pim [R3-pim]c-bsr LoopBack 0
Run the display pim bsr-info command on R1 to view information about the C-BSR on the network. [R1]display pim bsr-info VPN-Instance: public net Elected AdminScoped BSR Count: 0 Elected BSR Address: 10.0.3.3 Priority: 0 Hash mask length: 30 State: Accept Preferred Scope: Not scoped Uptime: 00:02:46 Expires: 00:01:34 C-RP Count: 2
Run the display pim rp-info command on R1 to view information about the RPs on the network. [R1]display pim rp-info VPN-Instance: public net PIM-SM BSR RP Number:2 Group/MaskLen: 224.0.0.0/4 RP: 10.0.1.1 (local) Priority: 0 Uptime: 00:04:51 Expires: 00:01:39 Group/MaskLen: 224.0.0.0/4 RP: 10.0.5.5 Priority: 0 Uptime: 00:04:51 Expires: 00:01:39
View PIM information on S1. [S1]display pim routing-table VPN-Instance: public net Total 2 (*, G) entries; 0 (S, G) entry
(*, 225.0.0.1) RP: 10.0.5.5 Protocol: pim-sm, Flag: WC
458
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies UpTime: 00:31:32 Upstream interface: Vlanif1 Upstream neighbor: 10.0.24.2 RPF prime neighbor: 10.0.24.2 Downstream interface(s) information: Total number of downstreams: 1 1: LoopBack0 Protocol: static, UpTime: 00:31:32, Expires: -
(*, 225.0.1.1) RP: 10.0.1.1 Protocol: pim-sm, Flag: WC UpTime: 00:18:21 Upstream interface: Vlanif1 Upstream neighbor: 10.0.24.4 RPF prime neighbor: 10.0.24.4 Downstream interface(s) information: Total number of downstreams: 1 1: LoopBack0 Protocol: static, UpTime: 00:18:21, Expires: -
The preceding information shows that R3 is the C-BSR, R1 is the RP for the 255.0.1.1 multicast group, and R5 is the RP for the 225.0.0.1 multicast group. The route for 255.0.1.1 is from R4 to R1 and that for 255.0.0.1 is from R2 to R5.
Additional Exercises: Analyzing and Verifying PIM-SM applies to scenarios where users are scattered. Figure out the network applications where PIM-SM can be applied to forward data, and the features of these applications.
Final Configurations [R1]display current-configuration [V200R001C00SPC200] # sysname R1 # board add 0/1 1SA board add 0/2 1SA
HC Series
HUAWEI TECHNOLOGIES
459
HCNP-IERN Chapter 5 Implementing multicast technologies board add 0/3 1SA # multicast routing-enable # acl number 2000 rule 5 permit source 225.0.0.0 0.0.0.255 # acl number 2001 rule 5 permit source 225.0.1.0 0.0.0.255 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.1 255.255.255.0 pim sm # interface Serial3/0/0 link-protocol ppp ip address 10.0.14.1 255.255.255.0 pim sm # interface GigabitEthernet0/0/2 ip address 10.0.13.1 255.255.255.0 pim sm # interface LoopBack0 ip address 10.0.1.1 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.0.14.1 0.0.0.0 network 10.0.12.1 0.0.0.0 network 10.0.13.1 0.0.0.0 network 10.0.1.1 0.0.0.0 # pim c-rp LoopBack0 # Return
[R2]display current-configuration [V200R001C00SPC200] #
460
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies sysname R2 # board add 0/1 1SA board add 0/2 1SA board add 0/3 1SA # multicast routing-enable # acl number 2000 rule 5 permit source 225.0.0.0 0.0.0.255 # acl number 2001 rule 5 permit source 225.0.1.0 0.0.0.255 # interface Serial1/0/0 link-protocol ppp ip address 10.0.12.2 255.255.255.0 pim sm # interface GigabitEthernet0/0/0 ip address 10.0.25.2 255.255.255.0 pim sm # interface GigabitEthernet0/0/1 ip address 10.0.24.2 255.255.255.0 pim sm # interface LoopBack0 ip address 10.0.2.2 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.0.12.2 0.0.0.0 network 10.0.24.2 0.0.0.0 network 10.0.25.2 0.0.0.0 network 10.0.2.2 0.0.0.0 # Return
[R3]display current-configuration [V200R001C00SPC200] #
HC Series
HUAWEI TECHNOLOGIES
461
HCNP-IERN Chapter 5 Implementing multicast technologies sysname R3 # board add 0/1 1SA board add 0/2 1SA board add 0/3 1SA # multicast routing-enable # acl number 2000 rule 5 permit source 225.0.0.0 0.0.0.255 # acl number 2001 rule 5 permit source 225.0.1.0 0.0.0.255 # interface Serial3/0/0 link-protocol ppp ip address 10.0.35.3 255.255.255.0 pim sm # interface GigabitEthernet0/0/2 ip address 10.0.13.3 255.255.255.0 pim sm # interface LoopBack0 ip address 10.0.3.3 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.0.13.3 0.0.0.0 network 10.0.35.3 0.0.0.0 network 10.0.3.3 0.0.0.0 # pim c-bsr LoopBack0 # Return
[R4]display current-configuration [V200R001C00SPC500] # sysname R4 #
462
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies board add 0/1 1SA board add 0/2 2FE # multicast routing-enable # acl number 2000 rule 5 permit source 225.0.0.0 0.0.0.255 # acl number 2001 rule 5 permit source 225.0.1.0 0.0.0.255 # interface Serial1/0/0 link-protocol ppp ip address 10.0.14.4 255.255.255.0 pim sm # interface GigabitEthernet0/0/1 ip address 10.0.24.4 255.255.255.0 pim sm # interface LoopBack0 ip address 10.0.4.4 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.0.14.4 0.0.0.0 network 10.0.24.4 0.0.0.0 network 10.0.4.4 0.0.0.0 # Return
[R5]display current-configuration [V200R001C00SPC500] # sysname R5 # board add 0/1 1SA board add 0/2 2FE # multicast routing-enable # acl number 2000
HC Series
HUAWEI TECHNOLOGIES
463
HCNP-IERN Chapter 5 Implementing multicast technologies rule 5 permit source 225.0.0.0 0.0.0.255 # acl number 2001 rule 5 permit source 225.0.1.0 0.0.0.255 # interface Serial1/0/0 link-protocol ppp ip address 10.0.35.5 255.255.255.0 pim sm # interface GigabitEthernet0/0/0 ip address 10.0.25.5 255.255.255.0 pim sm # interface LoopBack0 ip address 10.0.5.5 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.0.25.5 0.0.0.0 network 10.0.35.5 0.0.0.0 network 10.0.5.5 0.0.0.0 # pim c-rp LoopBack0 # Return
[S1]display current-configuration !Software Version V100R006C00SPC800 sysname S1 # multicast routing-enable # acl number 2000 rule 5 permit source 225.0.0.0 0.0.0.255 # acl number 2001 rule 5 permit source 225.0.1.0 0.0.0.255 # interface Vlanif1 ip address 10.0.24.1 255.255.255.0
464
HUAWEI TECHNOLOGIES
HC Series
HCNP-IERN Chapter 5 Implementing multicast technologies pim sm # interface LoopBack0 ip address 10.0.11.11 255.255.255.0 pim sm igmp enable igmp static-group 225.0.0.1 igmp static-group 225.0.1.1 # ospf 1 area 0.0.0.0 network 10.0.24.1 0.0.0.0 network 10.0.11.11 0.0.0.0 # pim # Return
HC Series
HUAWEI TECHNOLOGIES
465
View more...
Comments
