No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Private Network IP FRR

Configuring Private Network IP FRR

This section describes how to configure private network IP FRR. At a VPN site where multiple CEs connect to the same PE, this feature can immediately switch traffic to another PE-CE link when the next hop of the active route is unreachable.

Usage Scenario

This feature is suitable for IP services that are sensitive to the packet loss and delay on a private network. After private network IP FRR is configured, traffic is immediately switched to another PE-CE link when the next hop of the active route is unreachable. This reduces IP service interruption time.

On the network shown in Figure 5-15, in normal situations, the PE selects Link_A to forward traffic to site vpn1 and uses Link_B as the backup link. If the PE detects that the route to CE1 is unreachable, it will immediately switch traffic to Link_B and private network routes will be converged. Private network IP FRR minimizes the impact on VPN services.

Figure 5-15 Private network IP FRR

At present, the NE supports the following private network IP FRR modes:

  • IP FRR: applies to the networking where different PE-CE pairs use different routing protocols.

  • Private network BGP auto FRR: applies to the networking where BGP runs between the PEs and CE.

Pre-configuration Tasks

Before configuring private network IP FRR, complete the following tasks:

  • Configure a BGP/MPLS IP VPN.

  • Configure the PE to learn private network routes with the same prefix from different CEs attached to it.

Procedure

  • Configure IP FRR.
    1. Run system-view

      The system view is displayed.

    2. Run ip vpn-instance vpn-instance-name

      The VPN instance view is displayed.

    3. Run ipv4-family

      The VPN instance IPv4 address family view is displayed.

    4. Run ip frr

      Private network IP FRR is enabled.

    5. Run commit

      The configuration is committed.

  • Configure private network BGP auto FRR.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run ipv4-family vpn-instance vpn-instance-name

      The BGP-VPN instance IPv4 address family view is displayed.

    4. Run auto-frr

      BGP auto FRR is enabled.

    5. (Optional) Run route-select delay delay-value

      A delay for selecting a route to the intermediate device on the primary path is configured. After the primary path recovers, an appropriate delay ensures that traffic switches back to the primary path after the intermediate device completes refreshing forwarding entries.

    6. Run commit

      The configuration is committed.

  • (Optional) Enable IP FRR poison reverse.
    1. Run interface interface-type interface-number

      The interface or sub-interface view is displayed.

      The Eth-Trunk interface, Eth-Trunk sub-interface, GE interface, or GE sub-interface view can be displayed.

    2. Run poison-reverse enable

      IP FRR poison reverse is enabled.

      On an IP ring network configured with IP FRR, the poison-reverse enable command is used to prevent instantaneous traffic storms caused by the route convergence.

      In a load balancing scenario, poison reverse does not take effect.

Example

Run the display ip routing-table vpn-instance vpn-instance-name [ ipv4-address ] verbose command to check the backup outbound interface and backup next hop of the IP route in the routing table.

Run the display ip routing-table vpn-instance vpn-instance-name verbose command on a PE. The command output shows that the route has a backup outbound interface and a backup next hop.

<HUAWEI> display ip routing-table vpn-instance vpna 4.4.4.9 verbose
Route Flags: R - relay, D - download
to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : vpna
Summary Count : 1

Destination: 4.4.4.9/32          
     Protocol: EBGP            Process ID: 0              
   Preference: 255                   Cost: 1              
      NextHop: 10.1.1.2         Neighbour: 0.0.0.0        
        State: Active Adv Relied      Age: 00h00m04s           
          Tag: 0                 Priority: low            
        Label: NULL               QoSInfo: 0x0            
   IndirectID: 0xc7          
 RelayNextHop: 10.1.1.2         Interface: Gigabitethernet0/1/0
     TunnelID: 0x0                  Flags: RD             
    BkNextHop: 10.2.1.2       BkInterface: Gigabitethernet0/2/0
      BkLabel: NULL           SecTunnelID: 0x0              
 BkPETunnelID: 0x0        BkPESecTunnelID: 0x0              
 BkIndirectID: 0xc8 
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 27515

Downloads: 53

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next