No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

ME60 V800R010C10SPC500 Configuration Guide - IP Routing 01

This is ME60 V800R010C10SPC500 Configuration Guide - IP Routing
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Importing IPv6 NDP Vlink Direct Routes to BGP4+

Example for Importing IPv6 NDP Vlink Direct Routes to BGP4+

By importing IPv6 NDP Vlink direct routes to BGP4+, you can enable the remote device to obtain information about detailed routes in the VLAN, allowing precise control of data traffic.

Networking Requirements

As networks develop, the VLAN technology is widely used. If a user outside a VLAN needs to communicate with users within the VLAN, advertising routes destined for the network segment of the VLAN can achieve this purpose. When users outside the VLAN need to know the IPv6 NDP Vlink direct routes of the VLAN, and apply different traffic policies to routes of the VLAN users, advertising the routes destined for the network segment of the VLAN cannot meet this requirement. In this case, you can enable the function of IPv6 NDP Vlink direct route advertisement.

As shown in Figure 2-13, Device C is connected to two VLAN sites through VLANIF interfaces. Device D communicates with Device B, but not with Device A. You can enable the function of IPv6 NDP Vlink direct route advertisement on Device C, and use a route-policy to filter out the routes to the network segment of the VLAN and the route to Device A.

Figure 2-13 Networking diagram of importing IPv6 NDP Vlink direct routes to BGP4+
NOTE:

Interfaces 1 through 3 in this example are GE 1/0/0, GE 2/0/0, GE 3/0/0, respectively.



Configuration Roadmap

The configuration roadmap is as follows:

  1. Create VLANIF interfaces on Switch A and Device C and assign IPv6 addresses to the VLANIF interfaces, and ensure that Device A, Device B, Switch A, and Device C can communicate with each other.

  2. Enable BGP4+ on Device C and Device D, ensuring that Device C and Device D are able to advertise IPv6 routes to each other.
  3. Enable the function of IPv6 NDP Vlink direct route advertisement on Device C.

  4. Configure a route-policy on Device C, allowing IPv6 routes only from Device B to pass through.

  5. Enable BGP4+ on Device C and import IPv6 direct routes to BGP4+, and use the route-policy to import IPv6 routes only from Device B to BGP4+.

  6. Associate BGP4+ with the route-policy on Device C to filter out the network segment route of the VLAN so that Device D cannot learn the network segment route and can communicate with VLAN users only based on IPv6 NDP Vlink direct routes.

Data Preparation

To complete the configuration, you need the following data:

  • ID of the VLAN in which Switch A and Device C reside (the VLAN ID is 10 in this example)

  • Router IDs and AS numbers of Devices C and D (router ID of Device C is 1.1.1.1 and router ID of Device D is 2.2.2.2, and Devices C and D are in AS 100 in this example)

  • Route-policy used to filter direct routes (the route-policy is policy1 in this example)

  • Route-policy used to advertise BGP4+ routes on Device C (the route-policy is policy2 in this example)

Procedure

  1. Configure an IP address for each interface.

    # Configure Device A.

    <HUAWEI> system-view
    [~] sysname DeviceA
    [*] commit
    [~DeviceA] ipv6
    [*DeviceA] interface GigabitEthernet 1/0/0
    [*DeviceA-GigabitEthernet1/0/0] undo shutdown
    [*DeviceA-GigabitEthernet1/0/0] ipv6 enable
    [*DeviceA-GigabitEthernet1/0/0] ipv6 address 2001:db8:2000::3 64
    [*DeviceA-GigabitEthernet1/0/0] commit
    [~DeviceA-GigabitEthernet1/0/0] quit

    # Configure Device B.

    <HUAWEI> system-view
    [~HUAWEI] sysname DeviceB
    [*HUAWEI] commit
    [~DeviceB] ipv6
    [*DeviceB] interface GigabitEthernet 1/0/0
    [*DeviceB-GigabitEthernet1/0/0] undo shutdown
    [*DeviceB-GigabitEthernet1/0/0] ipv6 enable
    [*DeviceB-GigabitEthernet1/0/0] ipv6 address 2001:db8:2000::4 64
    [*DeviceB-GigabitEthernet1/0/0] commit
    [~DeviceB-GigabitEthernet1/0/0] quit

    # Configure Device C.

    <HUAWEI> system-view
    [~HUAWEI] sysname DeviceC
    [*HUAWEI] commit
    [~DeviceC] ipv6
    [*DeviceC] interface GigabitEthernet 2/0/0
    [*DeviceC-GigabitEthernet2/0/0] undo shutdown
    [*DeviceC-GigabitEthernet2/0/0] ipv6 enable
    [*DeviceC-GigabitEthernet2/0/0] ipv6 address 2001:db8:2001::1 64
    [*DeviceC-GigabitEthernet2/0/0] commit
    [~DeviceC-GigabitEthernet2/0/0] quit

    # Configure Device D.

    <HUAWEI> system-view
    [~HUAWEI] sysname DeviceD
    [*HUAWEI] commit
    [~DeviceD] ipv6
    [*DeviceD] interface GigabitEthernet 1/0/0
    [*DeviceD-GigabitEthernet1/0/0] undo shutdown
    [*DeviceD-GigabitEthernet1/0/0] ipv6 enable
    [*DeviceD-GigabitEthernet1/0/0] ipv6 address 2001:db8:2001::2 64
    [*DeviceD-GigabitEthernet1/0/0] commit
    [~DeviceD-GigabitEthernet1/0/0] quit

  2. Configure basic VLAN functions. Create VLANIF 10 on Switch A and Device C and assign IP addresses to the VLANIF interfaces.

    # Configure Switch A.

    <HUAWEI> system-view
    [~HUAWEI] sysname SwitchA
    [*HUAWEI] commit
    [~SwitchA] ipv6
    [*SwitchA] vlan 10
    [*SwitchA-vlan10] quit
    [*SwitchA] interface GigabitEthernet 1/0/0
    [*SwitchA-GigabitEthernet1/0/0] portswitch
    [*SwitchA-GigabitEthernet1/0/0] undo shutdown
    [*SwitchA-GigabitEthernet1/0/0] port link-type access
    [*SwitchA-GigabitEthernet1/0/0] port default vlan 10
    [*SwitchA-GigabitEthernet1/0/0] quit
    [*SwitchA] interface GigabitEthernet 2/0/0
    [*SwitchA-GigabitEthernet2/0/0] portswitch
    [*SwitchA-GigabitEthernet2/0/0] undo shutdown
    [*SwitchA-GigabitEthernet2/0/0] port link-type access
    [*SwitchA-GigabitEthernet2/0/0] port default vlan 10
    [*SwitchA-GigabitEthernet2/0/0] quit
    [*SwitchA] interface GigabitEthernet 3/0/0
    [*SwitchA-GigabitEthernet3/0/0] portswitch
    [*SwitchA-GigabitEthernet3/0/0] undo shutdown
    [*SwitchA-GigabitEthernet3/0/0] port link-type access
    [*SwitchA-GigabitEthernet3/0/0] port default vlan 10
    [*SwitchA-GigabitEthernet3/0/0] quit
    [*SwitchA] interface Vlanif 10
    [*SwitchA-Vlanif10] ipv6 enable
    [*SwitchA-Vlanif10] ipv6 address 2001:db8:2000::2 64
    [*SwitchA-Vlanif10] commit
    [~SwitchA-Vlanif10] quit

    # Configure Device C.

    [~DeviceC] vlan 10
    [*DeviceC-vlan10] quit
    [*DeviceC] interface GigabitEthernet 1/0/0
    [*DeviceC-GigabitEthernet1/0/0] portswitch
    [*DeviceC-GigabitEthernet1/0/0] undo shutdown
    [*DeviceC-GigabitEthernet1/0/0] port link-type access
    [*DeviceC-GigabitEthernet1/0/0] port default vlan 10
    [*DeviceC-GigabitEthernet1/0/0] quit
    [*DeviceC] interface Vlanif 10
    [*DeviceC-Vlanif10] ipv6 enable
    [*DeviceC-Vlanif10] ipv6 address 2001:db8:2000::1 64
    [*DeviceC-Vlanif10] commit
    [~DeviceC-Vlanif10] quit

  3. Configure BGP4+ between Device C and Device D.

    # Configure Device C.

    [~DeviceC] bgp 100
    [*DeviceC-bgp] router-id 1.1.1.1
    [*DeviceC-bgp] peer 2001:db8:2001::2 as-number 100
    [*DeviceC-bgp] ipv6-family unicast
    [*DeviceC-bgp-af-ipv6] peer 2001:db8:2001::2 enable
    [*DeviceC-bgp-af-ipv6] commit
    [~DeviceC-bgp-af-ipv6] quit
    [~DeviceC-bgp] quit

    # Configure Device D.

    [~DeviceD] bgp 100
    [*DeviceD-bgp] router-id 2.2.2.2
    [*DeviceD-bgp] peer 2001:db8:2001::1 as-number 100
    [*DeviceD-bgp] ipv6-family unicast
    [*DeviceD-bgp-af-ipv6] peer 2001:db8:2001::1 enable
    [*DeviceD-bgp-af-ipv6] commit
    [~DeviceD-bgp-af-ipv6] quit
    [~DeviceD-bgp] quit

    After the configuration is complete, run the display bgp ipv6 peer command to view statuses of IPv6 IBGP peer relationships. The command output shows that the IBGP peer relationship has been established between Device C and Device D. Use the display on Device D as an example.

    [~DeviceD] display bgp ipv6 peer
     BGP local router ID : 2.2.2.2
     Local AS number : 100
     Total number of peers : 1                 Peers in established state : 1
    
      Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv
    
      2001:db8:2001::1         4         100       64       59     0 00:52:15 Established       0
    

  4. Configure BGP4+ on Device C and import direct routes to BGP4+. Then view the routing tables of Devices C and D.

    # Configure Device C.

    [~DeviceC] bgp 100
    [*DeviceC-bgp] ipv6-family unicast
    [*DeviceC-bgp-af-ipv6] import-route direct
    [*DeviceC-bgp-af-ipv6] commit
    [~DeviceC-bgp-af-ipv6] quit
    [~DeviceC-bgp] quit

    # Display the BGP4+ routing table of Device C.

    [~DeviceC] display bgp ipv6 routing-table
     BGP Local router ID is 1.1.1.1
     Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
                   h - history,  i - internal, s - suppressed, S - Stale
                   Origin : i - IGP, e - EGP, ? - incomplete
     RPKI validation codes: V - valid, I - invalid, N - not-found
    
     Total Number of Routes: 12
     *>  Network  : ::1                                      PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2000::                          PrefixLen : 64
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2000::1                         PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2000::2                         PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2001::                          PrefixLen : 64
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2001::1                         PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : FE80::                                   PrefixLen : 10
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : FE80::2E0:39FF:FE18:8300                 PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : FE80::2E0:91FF:FE4F:8100                 PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : FE80::2E0:9BFF:FE7E:7800                 PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
    

    # Display the BGP4+ routing table of Device D.

    [~DeviceD] display bgp ipv6 routing-table
     BGP Local router ID is 2.2.2.2
     Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
                   h - history,  i - internal, s - suppressed, S - Stale
                   Origin : i - IGP, e - EGP, ? - incomplete
     RPKI validation codes: V - valid, I - invalid, N - not-found
    
     Total Number of Routes: 2
     *>i Network  : 2001:db8:2000::                          PrefixLen : 64
         NextHop  : 2001:db8:2001::1                         LocPrf    : 100
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
       i Network  : 2001:db8:2001::                          PrefixLen : 64
         NextHop  : 2001:db8:2001::1                         LocPrf    : 100
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
    

    You can see that Device D haven't learned the two IPv6 NDP Vlink direct routes 2001:db8:2000::3/128 and 2001:db8:2000::4/128.

  5. Enable the function of IPv6 NDP Vlink direct route advertisement on Device C and configure the route-policy policy1 to filter out the routes to the network segment of the VLAN and the IPv6 NDP Vlink direct route from Device A, 2001:db8:2000::3/128.

    # Configure Device C.

    [~DeviceC] ip ipv6-prefix prefix1 permit 2001:db8:2000::4 128
    [*DeviceC] route-policy policy1 permit node 10
    [*DeviceC-route-policy] if-match ipv6 address prefix-list prefix1
    [*DeviceC-route-policy] quit
    [*DeviceC] ipv6 nd vlink-direct-route advertise route-policy policy1
    [*DeviceC] commit

    # Display the BGP4+ routing table of Device C.

    [~DeviceC] display bgp ipv6 routing-table
     BGP Local router ID is 1.1.1.1
     Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
                   h - history,  i - internal, s - suppressed, S - Stale
                   Origin : i - IGP, e - EGP, ? - incomplete
     RPKI validation codes: V - valid, I - invalid, N - not-found
    
     Total Number of Routes: 12
     *>  Network  : ::1                                      PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2000::                          PrefixLen : 64
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2000::1                         PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2000::2                         PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2000::3                         PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2000::4                         PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2001::                          PrefixLen : 64
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : 2001:db8:2001::1                         PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : FE80::                                   PrefixLen : 10
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : FE80::2E0:39FF:FE18:8300                 PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : FE80::2E0:91FF:FE4F:8100                 PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>  Network  : FE80::2E0:9BFF:FE7E:7800                 PrefixLen : 128
         NextHop  : ::                                       LocPrf    :
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
    

    # Display the BGP4+ routing table of Device D.

    [~DeviceD] display bgp ipv6 routing-table
     BGP Local router ID is 2.2.2.2
     Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
                   h - history,  i - internal, s - suppressed, S - Stale
                   Origin : i - IGP, e - EGP, ? - incomplete
     RPKI validation codes: V - valid, I - invalid, N - not-found
    
     Total Number of Routes: 3
     *>i Network  : 2001:db8:2000::                          PrefixLen : 64
         NextHop  : 2001:db8:2001::1                         LocPrf    : 100
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
     *>i Network  : 2001:db8:2000::4                         PrefixLen : 128
         NextHop  : 2001:db8:2001::1                         LocPrf    : 100
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
       i Network  : 2001:db8:2001::                          PrefixLen : 64
         NextHop  : 2001:db8:2001::1                         LocPrf    : 100
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
    

    You can see that Device D has learned the IPv6 NDP Vlink direct route 2001:db8:2000::4/128, whereas the route 2001:db8:2000::3/128 has been filtered out.

  6. Use the route-policy policy2 to filter out the network segment route 2001:db8:2000::/64 on Device C when BGP4+ routes are advertised.

    # Configure Device C.

    [~DeviceC] ip ipv6-prefix prefix2 index 10 deny 2001:db8:2000:: 64
    [*DeviceC] ip ipv6-prefix prefix2 index 20 permit :: 0 less-equal 128
    [*DeviceC] route-policy policy2 permit node 10
    [*DeviceC-route-policy] if-match ipv6 address prefix-list prefix2
    [*DeviceC-route-policy] quit
    [*DeviceC] bgp 100
    [*DeviceC-bgp] ipv6-family unicast
    [*DeviceC-bgp-af-ipv6] peer 2001:db8:2001::2 route-policy policy2 export
    [*DeviceC-bgp-af-ipv6] commit
    [~DeviceC-bgp-af-ipv6] quit
    [~DeviceC-bgp] quit
    [~DeviceC] quit

    # Display the BGP4+ routing table of Device D.

    [~DeviceD] display bgp ipv6 routing-table
     BGP Local router ID is 2.2.2.2
     Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
                   h - history,  i - internal, s - suppressed, S - Stale
                   Origin : i - IGP, e - EGP, ? - incomplete
     RPKI validation codes: V - valid, I - invalid, N - not-found
    
     Total Number of Routes: 2
     *>i Network  : 2001:db8:2000::4                         PrefixLen : 128
         NextHop  : 2001:db8:2001::1                         LocPrf    : 100
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
       i Network  : 2001:db8:2001::                          PrefixLen : 64
         NextHop  : 2001:db8:2001::1                         LocPrf    : 100
         MED      : 0                                        PrefVal   : 0
         Label    :
         Path/Ogn : ?
    

    You can see that the route 2001:db8:2000::/64 does not exist in the BGP4+ routing table of Device D. As a result, Device D can communicate with Device B, but cannot communicate with Device A.

Configuration Files

  • Configuration file of Switch A

    #
    sysname switchA
    #
    ipv6
    #
    vlan batch 10
    #
    interface Vlanif10
     ipv6 enable
     ipv6 address 2001:db8:2000::2/64
    #
    interface GigabitEthernet1/0/0
     portswitch
     undo shutdown
     port link-type access
     port default vlan 10
    #
    interface GigabitEthernet2/0/0
     portswitch
     undo shutdown
     port link-type access
     port default vlan 10
    #
    interface GigabitEthernet3/0/0
     portswitch
     undo shutdown
     port link-type access
     port default vlan 10
    #
    return
  • Configuration file of Device A

    #
    sysname DeviceA
    #
    ipv6
    #
    interface GigabitEthernet1/0/0
     undo shutdown
     ipv6 enable
     ipv6 address 2001:db8:2000::3/64
    #
    return
  • Configuration file of Device B

    #
    sysname DeviceB
    #
    ipv6
    #
    interface GigabitEthernet1/0/0
     undo shutdown
     ipv6 enable
     ipv6 address 2001:db8:2000::4/64
    #
    return
  • Configuration file of Device C

    #
    sysname DeviceC
    #
    ipv6
    #
    ipv6 nd vlink-direct-route advertise route-policy policy1
    #
    vlan batch 10
    #
    interface Vlanif10
     ipv6 enable
     ipv6 address 2001:db8:2000::1/64
    #
    interface GigabitEthernet1/0/0
     portswitch
     undo shutdown
     port link-type access
     port default vlan 10
    #
    interface GigabitEthernet2/0/0
     undo shutdown
     ipv6 enable
     ipv6 address 2001:db8:2001::1/64
    #
    bgp 100
     router-id 1.1.1.1
     peer 2001:db8:2001::2 as-number 100
     #
     ipv4-family unicast
      undo synchronization
     #
     ipv6-family unicast
      undo synchronization
      import-route direct
      peer 2001:db8:2001::2 enable
      peer 2001:db8:2001::2 route-policy policy2 export
    #
    route-policy policy1 permit node 10
     if-match ip-prefix prefix1
     if-match ipv6 address prefix-list prefix1
    #
    route-policy policy2 permit node 10
     if-match ipv6 address prefix-list prefix2
    #
    ip ipv6-prefix prefix1 index 10 permit 2001:db8:2000::4 128
    ip ipv6-prefix prefix2 index 10 deny 2001:db8:2000:: 64
    ip ipv6-prefix prefix2 index 20 permit :: 0 less-equal 128
    #
    return
    
  • Configuration file of Device D

    #
    sysname DeviceD
    #
    ipv6
    #
    interface GigabitEthernet1/0/0
     undo shutdown
     ipv6 enable
     ipv6 address 2001:db8:2001::2/64
    #
    bgp 100
     router-id 2.2.2.2
     peer 2001:db8:2001::1 as-number 100
     #
     ipv4-family unicast
      undo synchronization
     #
     ipv6-family unicast
      undo synchronization
      peer 2001:db8:2001::1 enable
    #
    return
    
Translation
Download
Updated: 2019-01-04

Document ID: EDOC1100059437

Views: 20414

Downloads: 15

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next