No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - IP Unicast Routing

CloudEngine 8800, 7800, 6800, and 5800 V200R005C10

This document describes the configurations of IP Unicast Routing, including IP Routing, Static Route, RIP, RIPng, OSPF, OSPFv3, IPv4 IS-IS, IPv6 IS-IS, BGP, Routing Policy, and PBR.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring ACL-based Simplified PBR

Example for Configuring ACL-based Simplified PBR

Networking Requirements

As shown in Figure 11-4, each access switch connects to N users. SwitchA functions as the forwarding device and connects to RouterA through two links: a low-speed link with the gateway address 10.1.20.1/24 and a high-speed link with the gateway address 10.1.30.1/24. Network administrators want to switch some of the packets destined for RouterA from the low-speed link to the high-speed link without compromising link reliability. To meet this requirement, configure PBR on SwitchA to redirect packets from the path SwitchA→SwitchB→RouterB (RouterA) to the path SwitchA→SwitchC→RouterC (RouterA).

Network administrators want the packets that carry the source IP address 192.168.100.0/24 and are forwarded by SwitchA to be transmitted over the high-speed link and the other packets forwarded by SwitchA to be transmitted over the low-speed link.

Figure 11-4 Networking diagram for ACL-based simplified PBR

Configuration Roadmap

The configuration roadmap is as follows:
  1. Create VLANs, configure interfaces, and enable OSPF on each switch to connect the users to the external network device (RouterA).
  2. Configure an ACL to match the packets with the source IP address 192.168.100.0/24.
  3. Configure an ACL-based simplified traffic policy to redirect the packets that match the ACL to 10.1.30.1/24.

Procedure

  1. Create VLANs, add interfaces to VLANs, and configure basic OSPF functions.

    # Configure SwitchA.

    # Create VLANs and add interfaces to respective VLANs on SwitchA.

    <HUAWEI> system-view
    [~HUAWEI] sysname SwitchA
    [*HUAWEI] commit
    [~SwitchA] vlan batch 100 200 300
    [*SwitchA] commit
    [~SwitchA] interface 10ge 1/0/1
    [~SwitchA-10GE1/0/1] port link-type trunk
    [*SwitchA-10GE1/0/1] port trunk allow-pass vlan 100
    [*SwitchA-10GE1/0/1] quit
    [*SwitchA] interface 10ge 1/0/2
    [*SwitchA-10GE1/0/2] port link-type trunk
    [*SwitchA-10GE1/0/2] port trunk allow-pass vlan 200
    [*SwitchA-10GE1/0/2] quit
    [*SwitchA] interface 10ge 1/0/3
    [*SwitchA-10GE1/0/3] port link-type trunk
    [*SwitchA-10GE1/0/3] port trunk allow-pass vlan 300
    [*SwitchA-10GE1/0/3] quit
    [*SwitchA] commit

    # Configure an IP address for each VLANIF interface on SwitchA.

    [~SwitchA] interface vlanif 100
    [*SwitchA-Vlanif100] ip address 172.16.1.2 24
    [*SwitchA-Vlanif100] quit
    [*SwitchA] interface vlanif 200
    [*SwitchA-Vlanif200] ip address 172.16.2.2 24
    [*SwitchA-Vlanif200] quit
    [*SwitchA] interface vlanif 300
    [*SwitchA-Vlanif300] ip address 172.16.3.2 24
    [*SwitchA-Vlanif300] quit
    [*SwitchA] commit

    # Enable OSPF on SwitchA.

    [~SwitchA] router id 10.1.1.1
    [*SwitchA] ospf 1
    [*SwitchA-ospf-1] area 0 
    [*SwitchA-ospf-1-area-0.0.0.0]  network 172.16.1.0 0.0.0.255 
    [*SwitchA-ospf-1-area-0.0.0.0]  network 172.16.2.0 0.0.0.255 
    [*SwitchA-ospf-1-area-0.0.0.0]  network 172.16.3.0 0.0.0.255 
    [*SwitchA-ospf-1-area-0.0.0.0] quit
    [*SwitchA-ospf-1] quit
    [*SwitchA] commit

    # Configure a default route on SwitchA to enable all packets to be forwarded through SwitchB and arrive at RouterA through the gateway 10.1.20.1/24.

    [~SwitchA] ip route-static 0.0.0.0 0.0.0.0 172.16.1.1
    [*HUAWEI] commit

    # Configure SwitchB.

    # Create VLANs and add interfaces to respective VLANs on SwitchB.

    <HUAWEI> system-view
    [~HUAWEI] sysname SwitchB
    [*HUAWEI] commit
    [~SwitchB] vlan batch 100
    [*SwitchB] quit
    [*SwitchB] interface 10ge 1/0/1
    [*SwitchB-10GE1/0/1] port link-type trunk
    [*SwitchB-10GE1/0/1] port trunk allow-pass vlan 100
    [*SwitchB-10GE1/0/1] quit
    [*SwitchB] interface vlanif 100
    [*SwitchB-Vlanif100] ip address 172.16.1.1 24
    [*SwitchB-Vlanif100] quit
    [*SwitchB] router id 10.2.2.2
    [*SwitchB] ospf 1
    [*SwitchB-ospf-1] area 0 
    [*SwitchB-ospf-1-area-0.0.0.0]  network 172.16.1.0 0.0.0.255 
    [*SwitchB-ospf-1-area-0.0.0.0] quit
    [*SwitchB] interface 10ge 1/0/2
    [*SwitchB-10GE1/0/2] undo portswitch
    [*SwitchB-10GE1/0/2] ip address 10.1.20.2 24
    [*SwitchB-10GE1/0/2] ospf enable 1 area 0
    [*SwitchB-10GE1/0/2] quit
    [*SwitchB] commit

    # The configurations of SwitchC and SwitchD are similar to that of SwitchB, and are not provided here.

  2. Configure an ACL.

    # Create an advanced ACL 3001 on SwitchA to allow packets with the source IP address 192.168.100.0/24 to pass through.

    [~SwitchA] acl 3001
    [*SwitchA-acl4-advance-3001] rule permit ip source 192.168.100.0 0.0.0.255
    [*SwitchA-acl4-advance-3001] quit
    [*SwitchA] commit

  3. Configure ACL-based simplified PBR to redirect packets to a specified remote next hop.

    # Create an ACL-based simplified traffic policy on SwitchA. The traffic policy uses ACL 3001 to match packets.

    [~SwitchA] traffic-redirect acl 3001 remote 10.1.30.1 global inbound
    [*SwitchA] commit

  4. Verify the configuration.

    # Verify the ACL configuration.

    [~SwitchA] display acl 3001
    Advanced ACL 3001, 1 rule                                                                                                           
    ACL's step is 5                                                                                                                     
     rule 5 permit ip source 192.168.100.0 0.0.0.255 (0 times matched)                                                                      

    # Check the use records of the traffic policy.

    [~SwitchA] display traffic-policy applied-record
    
      Total records : 1                                                                                                                   
    -------------------------------------------------------------------------------                                                     
    Policy Type/Name                 Apply Parameter             Slot   State                                                           
    -------------------------------------------------------------------------------                                                     
    traffic-redirect                 Global inbound                 4   success                                                         
    ------------------------------------------------------------------------------                                                     

Configuration files

  • SwitchA configuration file

    #
    sysname SwitchA
    #                                                                                                                                   
    router id 10.1.1.1                                                                                                                  
    #
    vlan batch 100 200 300
    #                                                                                                                                   
    acl number 3001                                                                                                                     
     rule 5 permit ip source 192.168.100.0 0.0.0.255                                                                                    
    #                                                                                                                                   
    traffic-redirect acl 3001 remote 10.1.30.1 global inbound                                                                         
    #                                                                                                                                   
    interface Vlanif100                                                                                                                 
     ip address 172.16.1.2 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface Vlanif200                                                                                                                 
     ip address 172.16.2.2 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface Vlanif300                                                                                                                 
     ip address 172.16.3.2 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface GE1/0/1                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 100                                                                                                  
    #                                                                                                                                   
    interface GE1/0/2                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 200                                                                                                 
    #                                                                                                                                   
    interface GE1/0/3                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 300                                                                                                 
     traffic-policy p1 inbound                                                                                                          
    #                                                                                                                                   
    ospf 1                                                                                                                           
     area 0.0.0.0                                                                                                                       
      network 172.16.1.0 0.0.0.255                                                                                                      
      network 172.16.2.0 0.0.0.255                                                                                                      
      network 172.16.3.0 0.0.0.255                                                                                                      
    #
    ip route-static 0.0.0.0 0.0.0.0 172.16.1.1
    #
    return
    
  • SwitchB configuration file

    #
    sysname SwitchB
    #                                                                                                                                   
    router id 10.2.2.2                                                                                                                  
    #
    vlan batch 100
    #                                                                                                                                   
    interface Vlanif100                                                                                                                 
     ip address 172.16.1.1 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface GE1/0/1                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 100                                                                                                  
    #                                                                                                                                   
    interface GE1/0/2                                                                                                                   
     undo portswitch                                                                                                                    
     ip address 10.1.20.2 255.255.255.0  
     ospf enable 1 area 0.0.0.0                                                                                               
    #                                                                                                                                   
    ospf 1                                                                                                                           
     area 0.0.0.0                                                                                                                       
      network 172.16.1.0 0.0.0.255                                                                                                                  
    #
    return
    
  • SwitchC configuration file

    #
    sysname SwitchC
    #                                                                                                                                   
    router id 10.3.3.3                                                                                                                  
    #
    vlan batch 200
    #                                                                                                                                   
    interface Vlanif200                                                                                                                 
     ip address 172.16.2.1 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface GE1/0/1                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 200                                                                                                  
    #                                                                                                                                   
    interface GE1/0/2                                                                                                                   
     undo portswitch                                                                                                                    
     ip address 10.1.30.2 255.255.255.0
     ospf enable 1 area 0.0.0.0                                                                                                 
    #                                                                                                                                   
    ospf 1                                                                                                                           
     area 0.0.0.0                                                                                                                       
      network 172.16.2.0 0.0.0.255                                                                                                      
    #
    return
    
  • SwitchD configuration file

    #
    sysname SwitchD
    #                                                                                                                                   
    router id 10.4.4.4                                                                                                                  
    #
    vlan batch 300
    #                                                                                                                                   
    interface Vlanif300                                                                                                                 
     ip address 172.16.3.1 255.255.255.0                                                                                                 
    #                                                                                                                                   
    interface GE1/0/1                                                                                                                   
     port link-type trunk                                                                                                               
     port trunk allow-pass vlan 300                                                                                                  
    #                                                                                                                                   
    ospf 1                                                                                                                           
     area 0.0.0.0                                                                                                                       
      network 172.16.3.0 0.0.0.255                                                                                                      
    #
    return
    
Translation
Download
Updated: 2019-04-20

Document ID: EDOC1100074760

Views: 47158

Downloads: 58

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next