No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

ME60 V800R010C10SPC500 Configuration Guide - IP Routing 01

This is ME60 V800R010C10SPC500 Configuration Guide - IP Routing
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Controlling OSPF Routing Information

Controlling OSPF Routing Information

You can control the advertising and receiving of OSPF routing information and import routes of other protocols.

Pre-configuration Tasks

Before controlling OSPF routing information, complete the following tasks:

Configuration Procedures

Perform one or more of the following configurations as required.

Configuring OSPF to Import External Routes

Importing the routes discovered by other routing protocols can enrich OSPF routing information.

Context

To access a ME device running a non-OSPF protocol, an OSPF-capable ME device needs to import routes of the non-OSPF protocol into the OSPF network.

OSPF provides loop-free intra-area routes and inter-area routes; however, OSPF cannot prevent external routing loops. Therefore, exercise caution when configuring OSPF to import external routes. For details, see "OSPF VPN Extension" in the HUAWEI ME60 Feature Description - VPN.

Perform the following steps on the ASBR running OSPF.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ospf [ process-id ]

    The OSPF process view is displayed.

  3. Run import-route { bgp [ permit-ibgp ] | direct | rip [ process-id-rip ] | static | unr | isis [ process-id-isis ] | ospf [ process-id-ospf ] } [ cost cost | tag tag | type type | route-policy route-policy-name | route-filter route-filter-name ] *

    Routes are imported from another protocol.

  4. (Optional) Run default { cost { cost | inherit-metric } | tag tag | type type } *

    The default values of parameters (the cost, number of routes, tag, and type) are set for imported routes.

    When OSPF imports external routes, you can set default values for some additional parameters, such as the cost, number of routes to be imported, route tag, and route type. The route tag is used to identify the protocol-related information. For example, it can be used to differentiate AS numbers carried in BGP routes imported by OSPF.

    NOTE:
    You can run one of the following commands to set the cost of the imported route. The following commands are listed in descending order of priorities.
    • Run the apply cost command to set the cost of a route.
    • Run the import-route command to set the cost of the imported route.
    • Run the default command to set the default cost of the imported route.

  5. (Optional) Run any of the following commands as required:

    • Based on the basic ACL:
      1. Run filter-policy { acl-number | acl-name acl-name } export [ direct | static | unr | bgp | { rip | isis | ospf } [ process-id ] ]

        Routes imported using 3 can be advertised only when meeting filtering conditions.

      2. Run quit

        Return to the system view.

      3. Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]

        The basic ACL view is displayed.

      4. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *

        The rule for the basic ACL is configured.

        When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.

        When a filtering policy of a routing protocol is used to filter routes:
        • If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.

        • If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.

        • If a route has not matched any ACL rules, the route will not be received or advertised by the system.

        • If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.

        • If the ACL referenced by the route-policy does not exist, all routes matching the route-policy will be received or advertised by the system.

        • In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:

          Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.

          Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.

    • Based on the IP prefix:

      Run filter-policy ip-prefix ip-prefix-name export [ protocol [ process-id ] ]

      Routes imported using 3 can be advertised only when meeting filtering conditions.

    OSPF filters the imported routes. OSPF uses Type 5 LSAs to carry routes that meet the filtering conditions and advertises these Type 5 LSAs.

    You can specify the parameter protocol [ process-id ] to filter the routes of a certain routing protocol or a certain OSPF process. If protocol [ process-id ] is not specified, OSPF filters all imported routes.

    The import-route command cannot be used to import the default route from another AS.

  6. Run import-route limit limit-number [ threshold-alarm upper-limit upper-limit-value lower-limit lower-limit-value ]

    A limit is configured on the number of LSAs generated when an OSPF process imports external routes.

    If OSPF imports a large number of external routes and advertises them to a device with a smaller routing table capacity, the device may restart unexpectedly. To address this problem, run the import-route limit command to configure a limit on the number of LSAs generated when an OSPF process imports external routes. Check the overload status based on the value of the Current status field in the display ospf brief command output.
    • Normal: The number of LSAs generated when an OSPF process imports external routes is less than or equal to the lower alarm threshold (in percentage) multiplied by the maximum number allowed.
    • Approach limit: The number of LSAs generated when an OSPF process imports external routes is approaching (reaching or exceeding 90% of) the upper alarm threshold.
    • Exceed limit: The number of LSAs generated when an OSPF process imports external routes has reached or exceeded the maximum number allowed.

    Ensure that upper-limit-value is greater than or equal to lower-limit-value.

  7. Run commit

    The configuration is committed.

Configuring OSPF to Import a Default Route

The default route is widely applied on the OSPF network to reduce routing entries in the routing table and filter specific routing information.

Context

On the area border and AS border of an OSPF network generally reside multiple ME devices for next-hop backup or traffic load balancing. A default route can be configured to reduce routing entries and improve resource usage on the OSPF network.

The default route is generally applied to the following scenarios:

  1. An ABR in an area advertises Type 3 LSAs carrying the default route within the area. ME devices in the area use the received default route to forward inter-area packets.
  2. An ASBR in an AS advertises Type 5 or Type 7 LSAs carrying the default route within the AS. ME devices in the AS use the received default route to forward AS external packets.

When no exactly matched route is discovered, the ME device can forward packets through the default route.

The preference of the default route in Type 3 LSAs is higher than that of the route in Type 5 or Type 7 LSAs.

The advertising mode of the default route is determined by the type of the area to which the default route is imported, as shown in Table 5-3.

Table 5-3 Default route advertising mode

Area Type

Generated By

Advertised By

LSA Type

Flooding Area

Common area

The default-route-advertise command

ASBR

Type 5 LSA

Common area

Stub area

Automatically

ABR

Type 3 LSA

Stub area

NSSA

The nssa [ default-route-advertise ] command

ASBR

Type 7 LSA

NSSA

Automatically

ABR

Type 3 LSA

NSSA

Totally NSSA

Automatically

ABR

Type 3 LSA

NSSA

Perform the following steps on the ASBR running OSPF.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ospf [ process-id ]

    The OSPF process view is displayed.

  3. Run default-route-advertise [ [ always | permit-calculate-other ] | cost cost | type type | { route-policy route-policy-name | route-filter route-filter-name } | distribute-delay delay-time ] *

    The default route is imported into the OSPF process.

    For details about how to configure the default route in the NSSA, see Configuring an NSSA.

  4. Run commit

    The configuration is committed.

Configuring Route Summarization

When a large-scale OSPF network is deployed, you can configure route summarization to reduce routing entries.

Context

Route summarization on a large-scale OSPF network reduces routing entries, minimizes system resource consumption, and maintains system performance. In addition, if a specific link frequently alternates between Up and Down, the links not involved in the route summarization will not be affected, which prevents route flapping and improves network stability.

Procedure

  • Configure ABR route summarization.

    Perform the following steps on the OSPF ABR:

    1. Run system-view

      The system view is displayed.

    2. Run ospf [ process-id ]

      The OSPF process view is displayed.

    3. Run area area-id

      The OSPF area view is displayed.

    4. Run abr-summary ip-address mask [ [ advertise | cost { cost | inherit-minimum } | generate-null0-route | hold-max-cost interval ] * | [ not-advertise | cost { cost | inherit-minimum | hold-max-cost interval } ] * | [ generate-null0-route | advertise | cost { cost | inherit-minimum } | hold-max-cost interval ] * ]

      ABR route summarization is configured.

    5. Run commit

      The configuration is committed.

  • Configure ASBR route summarization.

    Perform the following steps on the OSPF ASBR:

    1. Run system-view

      The system view is displayed.

    2. Run ospf [ process-id ]

      The OSPF process view is displayed.

    3. Run asbr-summary ip-address mask [ [ not-advertise | generate-null0-route ] | tag tag | cost cost | distribute-delay interval ] *

      ASBR route summarization is configured.

    4. Run commit

      The configuration is committed.

      NOTE:
      After route summarization is configured, the routing table on the local OSPF router remains the same. The routing table on another OSPF router, however, contains only one summarized route, no specific route. This summarized route is not removed until all specific routes are interrupted.

Configuring OSPF to Filter LSAs in an Area

Filtering LSAs in an area can prevent unnecessary LSA transmission. This reduces the size of the LSDB on the neighboring ME device and speeds up network convergence.

Context

After filtering conditions are set for the incoming or outgoing Type 3 LSAs (Summary LSAs) in an area, only the Type 3 LSAs that meet the filtering conditions can be received or advertised.

This function is applicable only to the ABR.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ospf [ process-id ]

    The OSPF process view is displayed.

  3. Run area area-id

    The OSPF area view is displayed.

  4. Filter incoming or outgoing Type 3 LSAs in the area.

    • Filter outgoing Type 3 LSAs in the area. Run any of the following commands as required:

      • Based on the basic ACL:
        1. Run filter { acl-number | acl-name acl-name } export

          Filter outgoing Type 3 LSAs in the area can be advertised.

        2. Run quit

          Return to the system view.

        3. Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]

          The basic ACL view is displayed.

        4. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *

          The rule for the basic ACL is configured.

          When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.

          When a filtering policy of a routing protocol is used to filter routes:
          • If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.

          • If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.

          • If a route has not matched any ACL rules, the route will not be received or advertised by the system.

          • If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.

          • If the ACL referenced by the route-policy does not exist, all routes matching the route-policy will be received or advertised by the system.

          • In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:

            Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.

            Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.

      • Based on the IP prefix:

        Run filter ip-prefix ip-prefix-name export

        Filter outgoing Type 3 LSAs in the area can be advertised.

      • Based on the Route-Policy:

        Run filter route-policy route-policy-name export

        Filter outgoing Type 3 LSAs in the area can be advertised.

      • Based on the XPL Route-Policy:

        Run filter route-filter route-filter-name export

        Filter outgoing Type 3 LSAs in the area can be advertised.

    • Filter incoming Type 3 LSAs in the area. Run any of the following commands as required:

      • Based on the basic ACL:
        1. Run filter { acl-number | acl-name acl-name } import [ include-abr-summary ]

          Filter incoming Type 3 LSAs in the area can be advertised.

        2. Run quit

          Return to the system view.

        3. Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]

          The basic ACL view is displayed.

        4. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *

          The rule for the basic ACL is configured.

          When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.

          When a filtering policy of a routing protocol is used to filter routes:
          • If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.

          • If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.

          • If a route has not matched any ACL rules, the route will not be received or advertised by the system.

          • If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.

          • If the ACL referenced by the route-policy does not exist, all routes matching the route-policy will be received or advertised by the system.

          • In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:

            Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.

            Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.

      • Based on the IP prefix:

        Run filter ip-prefix ip-prefix-name import [ include-abr-summary ]

        Filter incoming Type 3 LSAs in the area can be advertised.

      • Based on the Route-Policy:

        Run filter route-policy route-policy-name import [ include-abr-summary ]

        Filter incoming Type 3 LSAs in the area can be advertised.

      • Based on the XPL Route-Policy:

        Run filter route-filter route-filter-name import [ include-abr-summary ]

        Filter incoming Type 3 LSAs in the area can be advertised.

  5. Run commit

    The configuration is committed.

Configuring OSPF to Filter LSAs to Be Sent

Filtering the LSAs to be sent on the local router can prevent unnecessary LSA transmission. This reduces the size of the LSDB on the neighboring device and speeds up network convergence.

Context

When multiple links exist between two devices, you can configure the local device to filter the LSAs to be sent. This prevents unnecessary LSA transmission and saves bandwidth resources.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run interface interface-type interface-number

    The interface view is displayed.

  3. Based on the basic ACL:

    1. Run ospf filter-lsa-out { all | { summary [ acl { acl-number | acl-name } ] | ase [ acl { acl-number | acl-name } ] | nssa [ acl { acl-number | acl-name } ] } * }

      The LSAs to be sent are filtered.

    2. Run quit

      Return to the system view.

    3. Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]

      The basic ACL view is displayed.

    4. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *

      The rule for the basic ACL is configured.

      When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.

      When a filtering policy of a routing protocol is used to filter routes:
      • If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.

      • If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.

      • If a route has not matched any ACL rules, the route will not be received or advertised by the system.

      • If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.

      • If the ACL referenced by the route-policy does not exist, all routes matching the route-policy will be received or advertised by the system.

      • In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:

        Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.

        Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.

  4. Run commit

    The configuration is committed.

Configuring OSPF to Filter Received Routes

After a filtering policy is configured for the OSPF routes that need to be delivered to the routing management module, only the routes that match the policy will be added to the routing table.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ospf [ process-id ]

    The OSPF process view is displayed.

  3. Run any of the following commands as required:

    • Based on the basic ACL:
      1. Run filter-policy { acl-number | acl-name acl-name [ secondary ] } import

        OSPF is configured to filter received routes.

      2. Run quit

        Return to the system view.

      3. Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]

        The basic ACL view is displayed.

      4. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *

        The rule for the basic ACL is configured.

        When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.

        When a filtering policy of a routing protocol is used to filter routes:
        • If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.

        • If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.

        • If a route has not matched any ACL rules, the route will not be received or advertised by the system.

        • If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.

        • If the ACL referenced by the route-policy does not exist, all routes matching the route-policy will be received or advertised by the system.

        • In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:

          Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.

          Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.

    • Based on the IP prefix:

      Run filter-policy ip-prefix ip-prefix-name [ secondary ] import

      OSPF is configured to filter received routes.

    • Based on the Route-Policy:

      Run filter-policy route-policy route-policy-name [ secondary ] import

      OSPF is configured to filter received routes.

    • Based on the XPL Route-Policy:

      Run filter-policy route-filter route-filter-name [ secondary ] import

      OSPF is configured to filter received routes.

    OSPF is a link-state dynamic routing protocol, with routing information carried in the link status advertisement (LSA). Therefore, the filter-policy import command cannot be used to filter the advertised or received LSAs. The filter-policy import command is used to filter the routes calculated by OSPF. Only the routes that match the filtering rules are added to the routing table and can be advertised. Routes that do not match the filtering rules can be added to the OSPF routing table but not to the routing information base (RIB) and cannot be advertised.

  4. Run commit

    The configuration is committed.

Configuring the Maximum Number of External Routes Supported by the OSPF LSDB

You can set the maximum number of external routes in the LDSB to keep a proper number of external routes.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ospf [ process-id ]

    The OSPF process view is displayed.

  3. Run lsdb-overflow-limit number

    The maximum number of external routes supported by the OSPF LSDB is configured.

    If the number of external routes imported by OSPF exceeds the configured maximum number, the device deletes self-generated non-default external routes to ensure the proper forwarding of other external routes.

  4. Run commit

    The configuration is committed.

Verifying the Configuration of OSPF Routing Information Control

After OSPF routing information is controlled, you can check OSPF LSDB information.

Prerequisites

OSPF routing information has been controlled.

Procedure

  • Run the display ospf [ process-id ] lsdb command to check information about the OSPF LSDB.
  • Run the display ospf [ process-id ] asbr-summary [ ip-address mask ] command to check information about OSPF route summarization.

Example

Run the display ospf lsdb command to view information about the OSPF LSDB, including the link state IDs in the LSAs and information about the ME devices that advertise or generate LSAs.

<HUAWEI> display ospf lsdb
          OSPF Process 1 with Router ID 1.1.1.1
                  Link State Database

                          Area: 0.0.0.0
 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Metric
 Router    2.2.2.2         2.2.2.2             98  36    8000000B       1
 Network   10.1.1.2        2.2.2.2             98  32    80000004       0
 Sum-Net   20.1.1.0        2.2.2.2            286  28    80000001       1
 Sum-Asbr  2.2.2.2         1.1.1.1             61  28    80000001       1

                  AS External Database
 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Metric
 External  0.0.0.0         2.2.2.2           1128  36    80000001       1
 External  100.1.1.0       2.2.2.2            538  36    80000002       1

          Type 9 Opaque (Link-Local Scope) Database. Area: 0.0.0.0
 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Interfaces
 Opq-Link  3.0.0.0         2.2.2.2             12  44    80000001    10.1.1.1

                  Type 10 Opaque (Area-Local Scope) Database
 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Area
 Opq-Area  1.0.0.1         1.1.1.1              4  200   80000003    0.0.0.0
 Opq-Area  1.0.0.0         1.1.1.1           1641  28    80000001    0.0.0.0
Translation
Download
Updated: 2019-01-04

Document ID: EDOC1100059437

Views: 20376

Downloads: 15

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next