No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - IP Unicast Routing

CloudEngine 8800, 7800, 6800, and 5800 V200R005C10

This document describes the configurations of IP Unicast Routing, including IP Routing, Static Route, RIP, RIPng, OSPF, OSPFv3, IPv4 IS-IS, IPv6 IS-IS, BGP, Routing Policy, and PBR.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring NQA for PBR

Example for Configuring NQA for PBR

Networking Requirements

As shown in Figure 11-3, each access switch is connected to N users. SwitchA functions as the forwarding device and connects to RouterA through two links, namely, a low-speed link with the gateway 10.1.20.1/24 and a high-speed link with the gateway 10.1.30.1/24. Network administrators want some packets forwarded over the low-speed link to RouterA to be transmitted over the high-speed link while requiring high link reliability. To meet this requirement, you can configure PBR on SwitchA to redirect packets from the previous forwarding path SwitchA→SwitchB→RouterB (RouterA) to a new path SwitchA→SwitchC→RouterC (RouterA) and bind an NQA test instance to PBR to detect the link status of the new path. If the NQA test instance finds that the link of the new path is working properly, packets can be forwarded normally. If the NQA test instance finds that the link of the new path is Down and the number of link detection times exceeds the specified value, the PBR configuration will automatically become ineffective, and packets will be forwarded along the previous forwarding path.

Network administrators want the packets that carry the source IP address 192.168.100.0/24 and are forwarded by SwitchA to be transmitted over the high-speed link and the other packets forwarded by SwitchA to be transmitted over the low-speed link.

Figure 11-3 Configuring NQA for PBR

Configuration Roadmap

The configuration roadmap is as follows:
  1. Create VLANs, configure interfaces, and enable OSPF on each switch to connect the users to the external network device (RouterA).
  2. Configure an ACL to match the packets with the source IP address 192.168.100.0/24.
  3. Configure a traffic classifier to match the ACL so that SwitchA can differentiate packets.
  4. Configure a traffic behavior to redirect the packets that match the ACL to 10.1.30.1/24.
  5. Configure a traffic policy, bind the traffic classifier and traffic behavior to it, and apply it to the inbound direction of 10GE1/0/3 on SwitchA to implement PBR.

Procedure

  1. Create VLANs, configure interfaces, and enable basic OSPF functions.

    # Configure SwitchA.

    # Create VLANs and add interfaces to respective VLANs on SwitchA.

    <HUAWEI> system-view
    [~HUAWEI] sysname SwitchA
    [*HUAWEI] commit
    [~SwitchA] vlan batch 100 200 300
    [*SwitchA] commit
    [~SwitchA] interface 10ge 1/0/1
    [~SwitchA-10GE1/0/1] port link-type trunk
    [*SwitchA-10GE1/0/1] port trunk allow-pass vlan 100
    [*SwitchA-10GE1/0/1] quit
    [*SwitchA] interface 10ge1/0/2
    [*SwitchA-10GE1/0/2] port link-type trunk
    [*SwitchA-10GE1/0/2] port trunk allow-pass vlan 200
    [*SwitchA-10GE1/0/2] quit
    [*SwitchA] interface 10ge 1/0/3
    [*SwitchA-10GE1/0/3] port link-type trunk
    [*SwitchA-10GE1/0/3] port trunk allow-pass vlan 300
    [*SwitchA-10GE1/0/3] quit
    [*SwitchA] commit

    # Configure an IP address for each VLANIF interface on SwitchA.

    [~SwitchA] interface vlanif 100
    [*SwitchA-Vlanif100] ip address 172.16.1.2 24
    [*SwitchA-Vlanif100] quit
    [*SwitchA] interface vlanif 200
    [*SwitchA-Vlanif200] ip address 172.16.2.2 24
    [*SwitchA-Vlanif200] quit
    [*SwitchA] interface vlanif 300
    [*SwitchA-Vlanif300] ip address 172.16.3.2 24
    [*SwitchA-Vlanif300] quit
    [*SwitchA] commit

    # Enable OSPF on SwitchA.

    [~SwitchA] router id 10.1.1.1
    [*SwitchA] ospf 1
    [*SwitchA-ospf-1] area 0 
    [*SwitchA-ospf-1-area-0.0.0.0]  network 172.16.1.0 0.0.0.255 
    [*SwitchA-ospf-1-area-0.0.0.0]  network 172.16.2.0 0.0.0.255 
    [*SwitchA-ospf-1-area-0.0.0.0]  network 172.16.3.0 0.0.0.255 
    [*SwitchA-ospf-1-area-0.0.0.0] quit
    [*SwitchA-ospf-1] quit
    [*SwitchA] commit

    # Configure SwitchB. The configurations of SwitchC and SwitchD are similar to that of SwitchB, and are not provided here.

    # Create VLANs and add interfaces to respective VLANs on SwitchB.

    <HUAWEI> system-view
    [~HUAWEI] sysname SwitchB
    [*HUAWEI] commit
    [~SwitchB] vlan batch 100
    [*SwitchB] quit
    [*SwitchB] interface 10ge 1/0/1
    [*SwitchB-10GE1/0/1] port link-type trunk
    [*SwitchB-10GE1/0/1] port trunk allow-pass vlan 100
    [*SwitchB-10GE1/0/1] quit
    [*SwitchB] interface vlanif 100
    [*SwitchB-Vlanif100] ip address 172.16.1.1 24
    [*SwitchB-Vlanif100] quit
    [*SwitchB] interface 10ge 1/0/2
    [*SwitchB-10GE1/0/2] undo portswitch
    [*SwitchB-10GE1/0/2] ip address 10.1.20.2 24
    [*SwitchB-10GE1/0/2] quit
    [*SwitchB] commit

    # Enable OSPF on SwitchB.

    [~SwitchB] router id 10.2.2.2
    [*SwitchB] ospf 1
    [*SwitchB-ospf-1] area 0 
    [*SwitchB-ospf-1-area-0.0.0.0]  network 172.16.1.0 0.0.0.255 
    [*SwitchB-ospf-1-area-0.0.0.0]  network 10.1.20.0 0.0.0.255 
    [*SwitchB-ospf-1-area-0.0.0.0] quit
    [*SwitchB] commit

  2. Configure an NQA test instance.

    # Enable the NQA client and create an ICMP NQA test instance on SwitchA.

    [~SwitchA] nqa test-instance admin icmp
    [*SwitchA-nqa-admin-icmp] test-type icmp
    [*SwitchA-nqa-admin-icmp] destination-address ipv4 10.1.30.1
    [*SwitchA-nqa-admin-icmp] frequency 10
    [*SwitchA-nqa-admin-icmp] probe-count 2
    [*SwitchA-nqa-admin-icmp] interval seconds 5
    [*SwitchA-nqa-admin-icmp] timeout 4
    [*SwitchA-nqa-admin-icmp] start now
    [*SwitchA-nqa-admin-icmp] quit
    [*SwitchA] commit

  3. Configure an ACL.

    # Create an advanced ACL 3001 on SwitchA to allow packets with the source IP address 192.168.100.0/24 to pass through.

    [~SwitchA] acl 3001
    [*SwitchA-acl4-advance-3001] rule permit ip source 192.168.100.0 0.0.0.255
    [*SwitchA-acl4-advance-3001] quit
    [*SwitchA] commit

  4. Configure a traffic classifier.

    # Create a traffic classifier c1, and bind c1 to ACL 3001.

    [~SwitchA] traffic classifier c1 
    [*SwitchA-classifier-c1] if-match acl 3001
    [*SwitchA-classifier-c1] quit
    [*SwitchA] commit

  5. Configure a traffic behavior.

    # Create a traffic behavior b1 on SwitchA to redirect packets to 10.1.30.1/24.

    [~SwitchA] traffic behavior b1
    [*SwitchA-behavior-b1] redirect remote 10.1.30.1 track nqa admin icmp reaction probe-failtimes 3
    [*SwitchA-behavior-b1] quit
    [*Switch] commit

  6. Configure a traffic policy and apply the traffic policy to an interface.

    # Create a traffic policy p1 on SwitchA, and bind the traffic classifier and traffic behavior to the traffic policy.

    [~SwitchA] traffic policy p1
    [*SwitchA-trafficpolicy-p1] classifier c1 behavior b1
    [*SwitchA-trafficpolicy-p1] quit
    [*SwitchA] commit

    # Apply the traffic policy p1 to the inbound direction on 10GE1/0/3.

    [~SwitchA] interface 10ge 1/0/3
    [*SwitchA-10GE1/0/3] traffic-policy p1 inbound
    [*SwitchA-10GE1/0/3] quit
    [*SwitchA] commit

  7. Verify the configuration.

    # Check the configuration of NQA for PBR.

    [~SwitchA] display current-configuration | include nqa
     redirect remote 10.1.30.1 track nqa admin icmp reaction probe-failtimes 3
    nqa test-instance admin icmp

    # Check the NQA test results.

    [~SwitchA] display nqa results test-instance admin icmp
                                                                                                                                        
    NQA entry(admin, icmp): test flag is active, test type is ICMP                                                                      
      1 . Test 73 result   The test is finished                                                                                         
       Send operation times: 2                Receive response times: 2                                                                 
       Completion: success                    RTD over thresholds number: 0                                                             
       Attempts number: 1                     Drop operation number: 0                                                                  
       Disconnect operation number: 0         Operation timeout number: 0                                                               
       System busy operation number: 0        Connection fail number: 0                                                                 
       Operation sequence errors number: 0    RTT Status errors number: 0                                                               
       Destination IP address: 10.1.30.1                                                                                                
       Min/Max/Average completion time: 4/4/4                                                                                           
       Sum/Square-Sum  completion time: 8/32                                                                                            
       Last response packet receiving time: 2015-09-10 08:58:07.8                                                                       
       Lost packet ratio: 0 %                                                                                                           
      2 . Test 74 result   The test is finished                                                                                         
       Send operation times: 2                Receive response times: 2                                                                 
       Completion: success                    RTD over thresholds number: 0                                                             
       Attempts number: 1                     Drop operation number: 0                                                                  
       Disconnect operation number: 0         Operation timeout number: 0                                                               
       System busy operation number: 0        Connection fail number: 0                                                                 
       Operation sequence errors number: 0    RTT Status errors number: 0                                                               
       Destination IP address: 10.1.30.1                                                                                                
       Min/Max/Average completion time: 4/4/4                                                                                           
       Sum/Square-Sum  completion time: 8/32                                                                                            
       Last response packet receiving time: 2015-09-10 08:58:17.7                                                                       
       Lost packet ratio: 0 %                                                                                                           
      3 . Test 75 result   The test is finished                                                                                         
       Send operation times: 2                Receive response times: 2                                                                 
       Completion: success                    RTD over thresholds number: 0                                                             
       Attempts number: 1                     Drop operation number: 0                                                                  
       Disconnect operation number: 0         Operation timeout number: 0                                                               
       System busy operation number: 0        Connection fail number: 0                                                                 
       Operation sequence errors number: 0    RTT Status errors number: 0                                                               
       Destination IP address: 10.1.30.1                                                                                                
       Min/Max/Average completion time: 4/4/4                                                                                           
       Sum/Square-Sum  completion time: 8/32                                                                                            
       Last response packet receiving time: 2015-09-10 08:58:27.7                                                                       
       Lost packet ratio: 0 %                                                                                                           
      4 . Test 76 result   The test is finished                                                                                         
       Send operation times: 2                Receive response times: 2                                                                 
       Completion: success                    RTD over thresholds number: 0                                                             
       Attempts number: 1                     Drop operation number: 0                                                                  
       Disconnect operation number: 0         Operation timeout number: 0                                                               
       System busy operation number: 0        Connection fail number: 0                                                                 
       Operation sequence errors number: 0    RTT Status errors number: 0                                                               
       Destination IP address: 10.1.30.1                                                                                                
       Min/Max/Average completion time: 4/4/4                                                                                           
       Sum/Square-Sum  completion time: 8/32                                                                                            
       Last response packet receiving time: 2015-09-10 08:58:37.6                                                                       
       Lost packet ratio: 0 %                                                                                                           
      5 . Test 77 result   The test is finished                                                                                         
       Send operation times: 2                Receive response times: 2                                                                 
       Completion: success                    RTD over thresholds number: 0                                                             
       Attempts number: 1                     Drop operation number: 0                                                                  
       Disconnect operation number: 0         Operation timeout number: 0                                                               
       System busy operation number: 0        Connection fail number: 0                                                                 
       Operation sequence errors number: 0    RTT Status errors number: 0                                                               
       Destination IP address: 10.1.30.1                                                                                                
       Min/Max/Average completion time: 4/4/4                                                                                           
       Sum/Square-Sum  completion time: 8/32                                                                                            
       Last response packet receiving time: 2015-09-10 08:58:47.6                                                                       
       Lost packet ratio: 0 %                                                                                                           

    # Check the ACL configuration.

    [~SwitchA] display acl 3001
    Advanced ACL 3001, 1 rule                                                                                                           
    ACL's step is 5                                                                                                                     
     rule 5 permit ip source 192.168.100.0 0.0.0.255 (0 times matched)                                                                  

    # Check the traffic classifier configuration.

    [~SwitchA] display traffic classifier 
      Traffic Classifier Information:                                                                                                   
        Classifier: c1                                                                                                                  
          Type: OR                                                                                                                      
          Rule(s):                                                                                                                      
            if-match acl 3001                                                                                                           
                                                                                                                                        
    Total classifier number is 1                                                                                                        

    # Check the traffic policy configuration.

    [~SwitchA] display traffic policy
      Traffic Policy Information:                                                                                                       
        Policy: p1                                                                                                                      
          Classifier: c1                                                                                                                
            Type: OR                                                                                                                    
          Behavior: b1                                                                                                                  
            Redirect:                                                                                                                   
              Redirect remote 10.1.30.1 track nqa admin icmp reaction probe-failtimes 3                                                 
                                                                                                                                        
    Total policy number is 1                                                                                                            

Configuration Files

  • SwitchA configuration file

    #
    sysname SwitchA
    #                                                                                                                                   
    router id 10.1.1.1                                                                                                                  
    #
    vlan batch 100 200 
    #                                                                                                                                   
    acl number 3001                                                                                                                     
     rule 5 permit ip source 192.168.100.0 0.0.0.255                                                                                    
    #                                                                                                                                   
    traffic classifier c1 type or                                                                                                       
     if-match acl 3001                                                                                                                  
    #                                                                                                                                   
    traffic behavior b1                                                                                                                 
     redirect remote 10.1.30.1 track nqa admin icmp reaction probe-failtimes 3                                                          
    #                                                                                                                                   
    traffic policy p1                                                                                                                   
     classifier c1 behavior b1 precedence 5                                                                                             
    #                                                                                                                                   
    interface Vlanif100                                                                                                                 
     ip address 172.16.1.2 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface Vlanif200                                                                                                                 
     ip address 172.16.2.2 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface Vlanif300                                                                                                                 
     ip address 172.16.3.2 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface GE1/0/1                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 100                                                                                                  
    #                                                                                                                                   
    interface GE1/0/2                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 200                                                                                                 
    #                                                                                                                                   
    interface GE1/0/3                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 300                                                                                                 
     traffic-policy p1 inbound                                                                                                          
    #                                                                                                                                   
    ospf 1                                                                                                                           
     area 0.0.0.0                                                                                                                       
      network 172.16.1.0 0.0.0.255                                                                                                      
      network 172.16.2.0 0.0.0.255                                                                                                      
      network 172.16.3.0 0.0.0.255                                                                                                      
    #                                                                                                                                   
    nqa test-instance admin icmp                                                                                                        
     test-type icmp                                                                                                                     
     destination-address ipv4 10.1.30.1                                                                                                 
     interval seconds 5                                                                                                                 
     timeout 4                                                                                                                          
     probe-count 2                                                                                                                      
     frequency 10                                                                                                                       
     start now                                                                                                                          
    #
    return
    
  • SwitchB configuration file

    #
    sysname SwitchB
    #                                                                                                                                   
    router id 10.2.2.2                                                                                                                  
    #
    vlan batch 100
    #                                                                                                                                   
    interface Vlanif100                                                                                                                 
     ip address 172.16.1.1 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface GE1/0/1                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 100                                                                                                  
    #                                                                                                                                   
    interface GE1/0/2                                                                                                                   
     undo portswitch                                                                                                                    
     ip address 10.1.20.2 255.255.255.0                                                                                                 
    #                                                                                                                                   
    ospf 1                                                                                                                           
     area 0.0.0.0                                                                                                                       
      network 172.16.1.0 0.0.0.255                                                                                                      
      network 10.1.20.0 0.0.0.255                                                                                                      
    #
    return
    
  • SwitchC configuration file

    #
    sysname SwitchC
    #                                                                                                                                   
    router id 10.3.3.3                                                                                                                  
    #
    vlan batch 200
    #                                                                                                                                   
    interface Vlanif200                                                                                                                 
     ip address 172.16.2.1 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface GE1/0/1                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 200                                                                                                  
    #                                                                                                                                   
    interface GE1/0/2                                                                                                                   
     undo portswitch                                                                                                                    
     ip address 10.1.30.2 255.255.255.0                                                                                                 
    #                                                                                                                                   
    ospf 1                                                                                                                           
     area 0.0.0.0                                                                                                                       
      network 172.16.2.0 0.0.0.255                                                                                                      
      network 10.1.30.0 0.0.0.255                                                                                                      
    #
    return
    
  • SwitchD configuration file

    #
    sysname SwitchD
    #                                                                                                                                   
    router id 10.4.4.4                                                                                                                  
    #
    vlan batch 300
    #                                                                                                                                   
    interface Vlanif300                                                                                                                 
     ip address 172.16.3.1 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface GE1/0/1                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 300                                                                                                  
    #                                                                                                                                   
    ospf 1                                                                                                                           
     area 0.0.0.0                                                                                                                       
      network 172.16.3.0 0.0.0.255                                                                                                      
    #
    return
    
Translation
Download
Updated: 2019-04-20

Document ID: EDOC1100074760

Views: 57597

Downloads: 63

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next