No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring VPN GR Helper (IPv6)

Configuring VPN GR Helper (IPv6)

In the process of master/slave control board switchover or the system upgrade, you can configure VPN Graceful Restart (GR) Helper to ensure that VPN traffic is not interrupted on the PE, CE, or P. The NE supports only the GR Helper.

Usage Scenario

The VPN GR is enabled for the BGP/MPLS IPv6 VPN that needs the GR capability. Configuring VPN GR on the NE that undertakes the VPN service can ensure that NE keeps forwarding when the NE performs the AMB/SMB switchover and the VPN traffic is not broken.

NOTE:

The GR capability cannot ensure that the traffic is not broken if the neighboring NE performs the AMB/SMB switchover at the same time.

When configuring VPN GR, you must configure the IGP GR, BGP GR and MPLS LDP GR on the PE, configure the IGP GR and the MPLS LDP GR on the P, and configure the IGP GR or the BGP GR on the CE. If more than one domain is traversed, you must configure the IGP GR, BGP GR and MPLS LDP GR on the ASBR.

NOTE:

The NE supports only the GR Helper.

Pre-configuration Tasks

Before configuring VPN GR, complete the following tasks:

  • Establishing the VPN environment and configuring the VPN

  • Configuring the common IGP GR (such as the IS-IS GR and the OSPF GR), BGP GR and MPLS LDP GR on PEs and Ps in all related backbone networks to ensure that the backbone network has the GR capability

Configuration Procedures

You can choose one or several configuration tasks (excluding "Checking the Configurations") as required.

Configuring IGP GR Helper on the Backbone Network

You can configure IGP GR Helper based on the specific IGP running on the backbone network.

Context

By default, a device running IS-IS supports the IS-IS GR Helper function. If IS-IS is running on a backbone network, you do not need to perform this configuration. If OSPF is running on a backbone network, perform the following operations to configure the OSPF GR Helper function.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ospf [ process-id ]

    The OSPF view is displayed.

  3. Run opaque-capability enable

    The opaque-LSA capability is enabled.

    The opaque-LSA capability of OSPF needs to be enabled first because OSPF supports GR through Type 9 LSAs.

  4. Run graceful-restart [ helper-role { { { { ip-prefix ip-prefix-name | acl-number acl-number | acl-name acl-name } | ignore-external-lsa | planned-only } * } | never } ]

    GR Helper is enabled.

    You can use the ignore-external-lsa parameter to configure the GR Helper not to check AS-external LSAs.

    You can use the planned-only parameter to configure the GR Helper to support only planned GR.

    NOTE:
    To specify acl-number acl-number or acl-name acl-name perform the following steps in the system view:
    1. Run quit, return to the system view.

    2. Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ], the ACL view is displayed.

    3. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *, a rule is configured for the ACL.

  5. Run commit

    The configuration is committed.

Configuring MPLS GR Helper on the Backbone Network

In the process of master/slave control board switchover or the system upgrade, you can configure MPLS GR Helper to ensure normal MPLS traffic forwarding. If LDP LSPs are configured on the backbone network, you can configure MPLS LDP GR Helper; if RSVP-TE tunnels are configured on the backbone network, you can configure MPLS RSVP GR Helper; if other types of tunnels are configured on the backbone network, you do not need to perform the operation.

Context

You can configure different MPLS GR Helper functions on a backbone network for different tunnel types.
  • If LDP LSPs are used, configure the MPLS LDP GR Helper function on the backbone network.

  • If RSVP-TE tunnels are used, configure the MPLS RSVP GR Helper function on the backbone network.

Procedure

  • Configure MPLS LDP GR.
    1. Run system-view

      The system view is displayed.

    2. Run mpls ldp

      LDP is enabled on the local LSR and the MPLS LDP view is displayed.

    3. Run graceful-restart

      LDP GR is enabled.

      By default, LDP GR is disabled.

      NOTE:
      • Enabling or disabling LDP GR can lead reestablishment of an LDP session.

      • During the LDP GR, the undo mpls ldp command and the reset mpls ldp command cannot be run.

    4. (Optional) Run graceful-restart timer reconnect timer

      The value of a Reconnect timer is set.

      By default, the Reconnect timer is set to 300 seconds.

      After a GR Restarter performs an active/standby switchover, a GR helper detects that an LDP session established between the GR Helper and Restarter fails and then starts a Reconnect timer and waits for the reestablishment of the LDP session.
      • If the Reconnect timer expires before the LDP session between the GR Helper and Restarter is established, the GR Helper immediately deletes MPLS forwarding entries associated with the GR Restarter and exits from the GR Helper process.

      • If the LDP session between the GR Helper and Restarter is established before the Reconnect timer expires, the GR Helper deletes the timer and starts a Recovery timer.

      When the GR Restarter and Helper negotiate the time to reestablish the LDP session, the value of the Reconnect timer that takes effect on the local end is the smaller value between the Neighbor-liveness timer value on the GR Helper and the Reconnect timer value on the GR Restarter.

    5. (Optional) Run graceful-restart timer recovery timer

      The value of a Recovery timer is set.

      By default, the MPLS LDP recovery period is 300 seconds.

      A GR Helper starts a Recovery timer after an LDP session is reestablished and waits for LSP recovery.
      • If the Recovery timer expires before LSPs are reestablished, the GR Helper considers that the GR process is completed on the GR Restarter and deletes the unrecovered LSPs.

      • If all LSPs recover before the Recovery timer expires, the GR Helper considers that the GR process is completed on the GR Restarter only after the Recovery timer expires.

      On a network with a large number of routes is faulty, run the graceful-restart timer recovery command to increase the value of the Recovery timer to ensure that all LSPs recover before the timer expires.

      LDP GR devices negotiate the LSP Recovery timer values. The value that takes effect on the local end is the smaller one between the locally configured value and the value sent by the peer.

    6. (Optional) Run graceful-restart timer neighbor-liveness timer

      The value of a Neighbor-liveness timer is set.

      By default, the Neighbor-liveness is set to 600 seconds.

      LDP GR-enabled devices negotiate the LDP reconnection time and uses the smaller value between the Neighbor-liveness time configured on a Helper and the Reconnect time configured on the Restarter. On a network with a few LSPs, the graceful-restart timer neighbor-liveness command can be run to set a small value for the Neighbor-liveness timer to shorten the GR period.

    7. Run commit

      The configurations are committed.

  • Configure RSVP GR.
    1. Run system-view

      The system view is displayed.

    2. Run mpls

      The MPLS view is displayed.

    3. Run mpls rsvp-te

      RSVP-TE is enabled.

    4. Run mpls rsvp-te hello

      The RSVP Hello extension is enabled globally.

    5. Run mpls rsvp-te hello support-peer-gr

      The RSVP GR support function is enabled.

    6. (Optional) Run mpls rsvp-te hello nodeid-session ip-address

      A Hello session is set up between two RSVP neighboring nodes.

      ip-address specifies the LSR ID of an RSVP neighboring node.

      On a TE FRR network, to ensure the protection of the primary tunnel when FRR and RSVP-TE GR simultaneously occur, run the mpls rsvp-te hello nodeid-session command to establish a Hello session between a Point of Local Repair (PLR) node and a Merge Point (MP).

    7. Run quit

      The system view is displayed.

    8. Run interface interface-type interface-number

      The view of an RSVP-enabled interface is displayed.

    9. Run mpls rsvp-te hello

      The RSVP Hello extension is enabled on an interface.

      After RSVP Hello extension is enabled globally on a node, enable the RSVP Hello extension on each interface of the node.

    10. Run commit

      The configuration is committed.

Configuring GR Helper of the Routing Protocol Between PEs and CEs

You can configure GR Helper of a routing protocol according to the specific routing protocol running between the CE and the PE.

Context

The precautions for configuring GR Helper of different protocols are as follows:
  • The procedure for configuring the BGP GR Helper function on the PE or CE is the same as that for configuring a common BGP GR Helper function.

  • By default, a device running IS-IS supports the IS-IS GR Helper function. If IS-IS is running between the PE and CE, you do not need to configure the IS-IS GR Helper function.

  • The procedure for configuring the OSPF GR Helper function on the CE is the same as that for configuring a common OSPF GR Helper function. For details, see Configuring IGP GR Helper on the Backbone Network. The following describes how to configure the OSPF GR Helper function on the PE.

Procedure

  • Configure the BGP GR Helper.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run graceful-restart

      BGP GR is enabled.

      By default, BGP GR is disabled.

    4. Run graceful-restart timer wait-for-rib timer

      The period during which the restarting speaker and receiving speaker wait for End-Of-RIB messages is set.

      By default, the period for waiting for End-Of-RIB messages is 600 seconds.

      NOTE:

      You can adjust parameter values of a BGP GR session as required. Generally, the default values of parameters are recommended.

    5. Run commit

      The configuration is committed.

  • Configure the OSPF GR Helper function on the PE.
    1. Run system-view

      The system view is displayed.

    2. Run ospfv3 process-id vpn-instance vpn-instance-name

      The OSPFv3 multi-instance view is displayed.

    3. Run helper-role [ { ip-prefix ip-prefix-name | acl-number acl-number | acl-name acl-name } | max-grace-period period | planned-only | lsa-checking-ignore ] *

      The OSPFv3 GR helper function is enabled.

      By default, the OSPFv3 GR helper function is disabled.

      NOTE:
      To specify acl-number acl-number or acl-name acl-name perform the following steps in the system view:
      • Run quit, return to the system view.

      • Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ], the ACL view is displayed.

      • Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *, a rule is configured for the ACL.

    4. Run commit

      The configuration is committed.

Configuring BGP GR Helper for MP-BGP

When MP-BGP restarts, the peer relationship is re-established and traffic forwarding is interrupted. If BGP GR Helper is enabled, traffic interruption can be prevented.

Context

Configure BGP GR Helper for MP-BGP on all the PEs (including the PE that serves as the ASBR) and the RRs that reflect the VPNv4 route, unless BGP GR Helper has been configured for MP-BGP when BGP GR Helper is configured between PEs and CEs.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run bgp as-number

    The BGP view is displayed.

  3. Run graceful-restart

    BGP GR is enabled.

    By default, BGP GR is disabled.

  4. Run graceful-restart timer wait-for-rib timer

    The period during which the restarting speaker and receiving speaker wait for End-Of-RIB messages is set.

    By default, the period for waiting for End-Of-RIB messages is 600 seconds.

    NOTE:

    You can adjust parameter values of a BGP GR session as required. Generally, the default values of parameters are recommended.

  5. Run commit

    The configuration is committed.

Verifying the VPN GR Helper Configuration

After configuring VPN GR Helper, you can view status information about IGP GR Helper, MPLS GR Helper and BGP GR Helper.

Prerequisites

The configurations of the VPN GR function are complete.

Procedure

  • Run the display ospfv3 [ process-id ] graceful-restart-information command to check information about OSPFv3 GR.
  • Run the display mpls ldp [ all ] [ verbose ] command to check information about LDP.
  • Run the display mpls ldp session [ all ] [ verbose ] command to check information about LDP sessions.
  • Run the display mpls rsvp-te graceful-restart command to check the RSVP-TE GR status.
  • Run the display mpls rsvp-te graceful-restart peer [ { interface interface-type interface-number | node-id } [ ip-address ] ] command to check information about the RSVP GR status on a neighbor.
  • Run the display bgp peer verbose command to check the BGP GR status.

Example

Run the display ospfv3 graceful-restart-information command. The command output shows the status of OSPFv3 GR.

<HUAWEI> display ospfv3 graceful-restart-information
            OSPFv3 Router with ID (0.0.0.0) (Process 1)

  Graceful-restart capability      : enabled
  Graceful-restart support         : planned and unplanned, strict lsa check
  Grace-Period Configured          : 120 Sec
  Last Restart-exit Reason         : none

  Helper capability                : enabled
  Helper support                   : planned and unplanned, strict lsa check
  Max Grace-Period Configured      : 1800 Sec
  Last Helper-exit Reason          : none

After the configurations, run one of the preceding commands. The command output shows the following results:

  • Run the display mpls ldp command. The command output shows that the GR status is On, which indicates that LDP GR is enabled.

    <HUAWEI> display mpls ldp
                               LDP Global Information
     ------------------------------------------------------------------------------
     Protocol Version        : V1            Neighbor Liveness     : 600 Sec
     Graceful Restart        : On            FT Reconnect Timer    : 300 Sec
     MTU Signaling           : On            Recovery Timer        : 300 Sec
     P2MP Capability         : Off           MP2MP Capability      : Off
    
                              LDP Instance Information
     ------------------------------------------------------------------------------
     Instance ID             : 0             VPN-Instance          :
     Instance Status         : Active        LSR ID                : 1.1.1.1
     Hop Count Limit         : 32            Path Vector Limit     : 32
     Loop Detection          : Off
     DU Re-advertise Timer   : 10 Sec        DU Re-advertise Flag  : Off
     DU Explicit Request     : Off           Request Retry Flag    : Off
     Label Distribution Mode : Ordered       Label Retention Mode  : Liberal
     Graceful-Delete         : Off           Graceful-Delete Timer : 5 Sec
     Igp-sync-delay Timer    : 10 Sec       
     Ipv6-family             : Off
     Local-ipv6-transport-address   :  -
     ------------------------------------------------------------------------------
  • Run the display mpls ldp session verbose command. The command output shows the value of the Session FT Flag field is On, which indicates that LDP GR is enabled.

                   LDP Session(s) in Public Network
     ------------------------------------------------------------------------
     Peer LDP ID     : 2.2.2.2:0            Local LDP ID   : 1.1.1.1:0
     TCP Connection  : 1.1.1.1 <- 2.2.2.2
     Session State   : Operational          Session Role   : Passive
     Session FT Flag : On                   MD5 Flag       : Off
     Reconnect Timer : 300 Sec              Recovery Timer : 300 Sec
     Keychain Name   : ---
     P2MP Capability      : Off
     MP2MP Capability     : Off
     Negotiated Keepalive Hold Timer   : 45 Sec
     Configured Keepalive Send Timer   : ---
     Keepalive Message Sent/Rcvd       : 3/3 (Message Count)
     Label Advertisement Mode          : Downstream Unsolicited
     Label Resource Status(Peer/Local) : Available/Available
     Session Age                       : 0000:00:00  (DDDD:HH:MM)
    
     Outbound Policies applied: NULL
     
     Addresses received from peer: ( Count: 3 )
     2.1.1.2           2.2.2.2           3.1.1.1           
     ------------------------------------------------------------------------

Run the following commands to check the previous configurations.

Run the display mpls rsvp-te graceful-restart command. The command output shows the RSVP GR status on the local node. For example:

<HUAWEI> display mpls rsvp-te graceful-restart
Display Mpls Rsvp te graceful restart information
 LSR ID: 3.3.3.3
 Graceful-Restart Capability:    GR-Support
 Restart Time:  90000 Milli Second
 Recovery Time: 0 Milli Second
 GR Status:  Gracefully Restart Not going on
 Number of Restarting neighbors: 0
 Received Gr Path message count: 0
 Send Gr Path message count: 0
 Received RecoveryPath message count: 0
 Send RecoveryPath message count: 0

Run the display mpls rsvp-te graceful-restart peer command. The command output shows the RSVP GR status on a neighbor. For example:

<HUAWEI> display mpls rsvp-te graceful-restart peer
Remote Node id Neighbor
 Neighbor Addr: 2.2.2.2
 SrcInstance: 0xFE88AC7E             NbrSrcInstance: 0x0
 Neighbor Capability:
                      No Gr capabilities
 GR Status:           Normal
 Restart Time: 0 Millisecond
 Recovery Time: 0 Millisecond
 Stored GR message number: 0

Neighbor on Interface GigabitEthernet0/1/0
 Neighbor Addr: 2.1.1.2
 SrcInstance: 0xFE88AC7E             NbrSrcInstance: 0x0
 Neighbor Capability:
                      No Gr capabilities
 GR Status:           Normal
 Restart Time: 0 Millisecond
 Recovery Time: 0 Millisecond
 Stored GR message number: 0

Run the display bgp peer verbose command. The command output shows the BGP GR status. For example:

<HUAWEI> display bgp peer 2.2.2.9 verbose

         BGP Peer is 2.2.2.9,  remote AS 200,
         Type: EBGP link 
         BGP version 4, Remote router ID 0.0.0.0

Group ID : 0
Peer Local Interface Name: Pos0/1/0
Local Ifnet Tunnel: 0xb0010000
         BGP current state: Established, Up for 20h21m17s
         BGP current event: KATimerExpired
         BGP last state: OpenConfirm
         BGP Peer Up count: 3
         Received total routes: 0
         Received active routes total: 0
         Advertised total routes: 0
         Port:  Local - 179      Remote - 54446
         Configured: Active Hold Time: 180 sec   Keepalive Time:60 sec
         Received  : Active Hold Time: 180 sec
         Negotiated: Active Hold Time: 180 sec   Keepalive Time:60 sec
         Peer optional capabilities:
         Peer supports bgp multi-protocol extension
         Peer supports bgp route refresh capability
         Peer supports bgp 4-byte-as capability
         Graceful Restart Capability: advertised
         Address family IPv4 Unicast: advertised and received
 
 Received: Total 76 messages
                  Update messages                0
                  Open messages                  5
                  KeepAlive messages             71
                  Notification messages          0
                  Refresh messages               0

 Sent: Total 91 messages
                  Update messages                0
                  Open messages                  10
                  KeepAlive messages             77
                  Notification messages          4
                  Refresh messages               0
 Last keepalive received: 2009-03-30 09:14:14
 Minimum route advertisement interval is 30 seconds 
 Optional capabilities: 
 Route refresh capability has been enabled
 4-byte-as capability has been enabled
 Listen-only has been configured
 Peer Preferred Value: 0
 Routing policy configured:
 No routing policy is configured
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 31780

Downloads: 57

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next