Routing Table Types

Each router maintains a local core routing table, and each routing protocol maintains its own routing table.

• Protocol routing table

  A protocol routing table stores routing information discovered by the protocol.

  A routing protocol can import and advertise routes generated by other routing protocols. For example, if a router that runs Open Shortest Path First (OSPF) needs to use OSPF to advertise direct routes, static routes, or Intermediate System to Intermediate System (IS-IS) routes, the router needs to import these routes into the OSPF routing table.

• Local core routing table

  A local core routing table stores protocol routes and optimal routes and selects routes based on the priorities of routing protocols and costs of routes. You can run the display ip routing-table command to view the local core routing table of a router.

  Each router that supports Layer 3 virtual private network (L3VPN) maintains a management routing table (local core routing table) for each VPN instance.

Contents in the Routing Table

On the NE5000E, the display ip routing-table command displays brief information about the routing table.

<HUAWEI> display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table: Public
         Destinations : 8        Routes : 8

Destination/Mask  Proto  Pre  Cost   Flags NextHop        Interface

         0.0.0.0/0      Static 60   0      D     10.1.4.2       GigabitEthernet1/0/0
         10.1.4.0/30    OSPF   10   0      D     10.1.4.1       GigabitEthernet1/0/0
         10.1.4.1/32    Direct 0    0      D     127.0.0.1      InLoopBack0
         10.1.4.2/32    OSPF   10   0      D     10.1.4.2       GigabitEthernet1/0/0
       127.0.0.0/8      Direct 0    0      D     127.0.0.1      InLoopBack0
       127.0.0.1/32     Direct 0    0      D     127.0.0.1      InLoopBack0
 127.255.255.255/32     Direct 0    0      D     127.0.0.1      InLoopBack0
 255.255.255.255/32     Direct 0    0      D     127.0.0.1      InLoopBack0

A routing table contains the following key entries:

• Destination: indicates the destination IP address or the destination network address of an IP packet.

• Mask: indicates the network mask. The network mask and the destination address are used together to identify the address of the network segment where the destination host or router resides.

  • The address of the network segment where the destination host or router resides can be calculated using after the AND operation on the destination address and network mask. For example, if the destination address is 1.1.1.1 and the mask is 255.255.255.0, the address of the network segment where the host or the router resides is 1.1.1.0.

  • The mask, which consists of several consecutive 1s, can be expressed either in dotted decimal notation or by the number of consecutive 1s in the mask. For example, the length of the mask 255.255.255.0 is 24, and therefore, the mask can also be expressed as 24.

• Protocol: indicates the name of a routing protocol.

• Pre: indicates the priority of a route that is added to the IP routing table. If multiple routes have the same destination but different next hops or outbound interfaces or these routes are static routes or discovered by different routing protocols, the one with the highest priority (the smallest value) is selected as the optimal route. For the route priority of each routing protocol, see Table 10-1.

• Cost: indicates the route cost. When multiple routes to the same destination have the same priority, the route with the smallest cost is selected as the optimal route.

  The Preference is used during the selection of routes discovered by different routing protocols, whereas the Cost is used during the selection of routes discovered by the same routing protocol.

• Flags:
  Route flag:

  • R: indicates a recursive route.
  • D: indicates a route that is downloaded to the FIB.
  • T: indicates a route whose next hop belongs to a VPN instance.
  • B: indicates a black-hole route.

• Next hop: indicates the IP address of the next router through which an IP packet passes.

• Interface: indicates the outbound interface that forwards an IP packet.

Based on the destination addresses, routes can be classified into the following types:

• Network segment route: The destination is a network segment.

• Host route: The destination is a host.

In addition, based on whether the destination is directly connected to the router, route types are as follows:

• Direct route: The router is directly connected to the destination network.

• Indirect route: The router is indirectly connected to the destination network.

Setting a default route can reduce the number of routing entries in the routing table. When a router cannot find a route in the routing table, the router uses the default route (destined for 0.0.0.0/0) to send packets.

In Figure 10-2, Device A is connected to three networks, and therefore, it has three IP addresses and three outbound interfaces. Figure 10-2 shows the routing table on Device A.

Figure 10-2 Routing table

Based on the Application Scope

Based on the application scope, routing protocols are classified into the following types:

• Interior Gateway Protocols (IGPs): run within an AS. Common IGPs include RIP, OSPF, and IS-IS.

• Exterior Gateway Protocols (EGPs): run between ASs. At present, BGP is the most widely used EGP.

Based on the Routing Algorithm

Based on the algorithm used, routing protocols can be classified into the following types:

• Distance-vector routing protocols: include RIP and BGP. BGP is also called a path-vector protocol.

• Link-state routing protocols: include OSPF and IS-IS.

The main difference between the preceding two algorithms lies in the methods of discovering and calculating routes.

Based on the Destination Address Type

Based on the destination address type, routing protocols are classified into the following types:

• Unicast routing protocols: include RIP, OSPF, BGP, and IS-IS.

• Multicast routing protocols: include Protocol Independent Multicast-Sparse Mode (PIM-SM).

This chapter describes unicast routing protocols. For details about multicast routing protocols, see HUAWEI NetEngine5000ECore Router Feature Description - IP Multicast.

Static routes and dynamic routes discovered by routing protocols are managed in a unified manner. These routes can be imported from each other to implement Re-advertisement of Routing Information.

Route Priority

Routing protocols (including static route) may discover different routes to the same destination, but not all the routes are optimal. Only one routing protocol is used each time to determine the optimal route to a destination. Routing protocols and static routes have their priorities. When multiple route sources exist, the route with the highest priority (smallest value) is selected as the optimal route. Table 10-1 lists routing protocols and their default priorities.

Value 0 indicates a direct route, and value 255 indicates any route learned from an unreliable source. A smaller value indicates a higher priority.

Priorities can be manually configured for routes of routing protocols, except for direct routes. In addition, the priorities of static routes can be different.

The NE5000E defines external and internal priorities. The external priorities refer to the priorities set by users for routing protocols. Table 10-1 lists the default external priorities.

When different routing protocols are configured with the same priority, the system selects the optimal route based on the internal priority. For the internal priority of each routing protocol, see Table 10-2.

For example, both an OSPF route and a static route are destined for 10.1.1.0/24, and their protocol priorities are set to 5. In this case, the NE5000E selects the optimal route based on the internal priorities listed in Table 10-2. The internal priority of OSPF (10) is higher than that of the static route (60). Therefore, the device selects the route discovered by OSPF as the optimal route.

• If multiple OSPFv2 processes learn routes to the same destination and the external and internal priorities of the routes are the same, the system selects the route with the smallest link cost; if the link costs of the routes are the same, the routes participate in load balancing. If multiple OSPFv3 processes learn routes to the same destination and the external and internal priorities of the routes are the same, the system selects the route with the smallest process ID.
• If multiple IS-IS processes learn routes to the same destination and the external and internal priorities of the routes are the same, the device selects the route with the smallest link cost; if the link costs of the routes are the same, the routes perform load balancing.
• If multiple RIP/RIPng processes learn routes to the same destination and the external and internal priorities of the routes are the same, the device selects the route with the smallest link cost; if the link costs of the routes are the same, the routes perform load balancing.

Definition

Priority-based route convergence is an important technology to improve network reliability. It provides faster route convergence for key services. For example, when a fault occurs on the network, to shorten the interruption of key services, real-time multicast services require fast convergence of routes to the multicast source. The MPLS VPN transport network requires fast convergence of end-to-end routes between PEs.

Different routes can be set with different convergence priorities, which can be critical, high, medium, and low listed in descending order. Critical is the highest convergence priority; low is the lowest convergence priority. The system performs route convergence based on the convergence priorities and certain convergence rules. That is, route convergence is performed based on a certain scheduling ratio to guide uninterrupted service forwarding.

Purpose

With the network convergence, requirements on service differentiation increase. Carriers require that routes for key services, such as voice over IP (VoIP) and video conferencing services, converge faster than those for common services. Therefore, the system needs to process different routes based on different convergence priorities to improve network reliability.

Route Convergence Priority

Priorities in route convergence are critical, high, medium, and low, which are listed in descending order. Table 10-3 lists the default convergence priorities of public network routes. You can set convergence priorities for routes as needed based on the specific networking.

For VPN routes, the convergence priorities of only the OSPF and IS-IS host routes with 32-bit masks are medium, and those of the other routes are low.

Typical Application

IGPs run on the network shown in Figure 10-3, the receiver is connected to Device A, and the multicast source server 10.10.10.10/32 is connected to Device B. It is required that the route to the multicast server converge prior to other routes such as 10.12.10.0/24. In this case, you can set the convergence priority of the route 10.10.10.10/32 to be higher than that of the route 10.12.10.0/24. In this manner, when routes converge on the network, the route 10.10.10.10/32 to the multicast source converges first, ensuring the forwarding of multicast services.

Figure 10-3 Network diagram of priority-based route convergence

Load Balancing

The NE5000E supports the multi-route model (multiple routes with the same destination and priority). Load balancing can be performed among multiple routes discovered by the same routing protocol if they have the same destination and cost. In each routing protocol view, you can run the maximum load-balancing number command to perform load balancing. Load balancing is classified into the following types:

• Per-packet load balancing

  When per-packet load balancing is configured, the router forwards packets destined for the same destination through each path at the IP layer, and each time the next hop address is different from the one selected last time.

• Per-flow load balancing

  When per-flow load balancing is configured, the router forwards packets according to the 5-tuple (source IP address, destination IP address, source port number, destination port number, and protocol). If packets have the same 5-tuple, the router always selects the next hop address that is the same as the one selected last time to send the packets. Figure 10-4 shows the networking.

  Figure 10-4 Networking diagram of per-flow load balancing
  
  

  Device A needs to forward packets to 10.1.1.0/24 and 10.2.1.0/24. In per-flow load balancing, packets of the same flow are always transmitted along the previous path. Device A forwards packets as follows:

  • The first packet P1 to 10.1.1.0/24 is forwarded through Port 1, and all subsequent packets to 10.1.1.0/24 are forwarded through Port 1.

  • The first packet P1 to 10.2.1.0/24 is forwarded through Port 2, and all subsequent packets to 10.2.1.0/24 are forwarded through Port 2.

Currently, RIP, OSPF, BGP, and IS-IS support load balancing, and static routes also support load balancing.

The maximum number of equal-cost routes for load balancing varies with the router model.

Route Backup

The NE5000E supports route backup to improve network reliability. You can configure multiple routes to the same destination as required. The route with the highest priority functions as the primary route, and the other routes with lower priorities function as backup routes.

In most cases, the NE5000E uses the primary route to forward packets. If the link of the primary route fails, the primary route becomes inactive. The NE5000E then selects a backup route with the highest priority to forward packets, and the original primary route becomes a backup route. When the original primary route recovers, the NE5000E restores and reselects the optimal route. Because the original primary route has the highest priority, the NE5000E selects this route to send packets. Therefore, the backup route becomes the primary route.

Overview

Fast Reroute (FRR) functions when the lower layer (physical layer or data link layer) detects a fault. The lower layer reports the fault to the upper layer routing system and immediately forwards packets through a backup link.

If a link fails, FRR helps reduce the impact of the link failure on services transmitted on the link.

Background

On traditional IP networks, when a fault occurs at the lower layer of the forwarding link, the physical interface on the router goes Down. After the router detects the fault, it instructs the upper layer routing system to recalculate routes and then update routing information. The routing system takes several seconds to reselect an available route.

For services that are sensitive to packet loss and delay, a convergence time of several seconds is intolerable because it may lead to service interruptions. For example, the maximum convergence time tolerable for Voice over IP (VoIP) services is within milliseconds. IP FRR enables the forwarding system to detect a fault and then to take measures to restore services as soon as possible.

Classification and Implementation

IP FRR, which is designed for routes on IP networks, consists of public network IP FRR and VPN IP FRR.

• Public network IP FRR: protects routers on the public network.

• VPN IP FRR: protects Customer Edges (CEs).

The static routes that are imported between public and private networks do not support IP FRR.

IP FRR is implemented as follows:

• IP FRR can be enabled or disabled using commands.

• When optimal routes are selected from the routes discovered by routing protocols, a backup link is selected for each preferred primary link based on the protocol priority, and then the forwarding information of primary and backup links is provided for the forwarding engine.

Implementation of IP FRR Between Different Protocols

When IP FRR between different protocols is enabled, and optimal routes are selected from protocol routes, a backup link is selected for each preferred primary link based on the protocol priority, and then the forwarding information of primary and backup links is provided for the forwarding engine.

If the forwarding engine detects that the primary link is unavailable after IP FRR between different protocols is enabled, the system can use the backup link to forward traffic before the routes converge on the control plane.

Comparison Between IP FRR and Load Balancing

Definition

Indirect next hop is a technique used to speed up route convergence. This technique can change the direct association between route prefixes and next hop information into an indirect association. Indirect next hop allows next hop information to be refreshed independently of the prefixes of the same next hop, which speeds up route convergence.

Purpose

In the scenario requiring route recursion, when IGP routes or tunnels are switched, forwarding entries are rapidly refreshed, which implements fast route convergence and reduces the impact of route or tunnel switching on services.

Mapping Between the Route Prefix and the Next Hop

Mapping between route prefixes and next hops is the basis of indirect next hop. To meet the requirements of route recursion and tunnel recursion in different scenarios, next hop information includes the address family, original next hop address, and tunnel policy. The system assigns an index to each next hop, performs route recursion, communicates the recursion result to the routing protocol, and then delivers forwarding entries.

On-Demand Route Recursion

On the NE5000E, the route to a reachable address is called a dependent route. The system forwards packets based on dependent routes. The process of finding a dependent route based on the next hop address is called route recursion.

On-demand route recursion indicates that when a dependent route changes, only the next hop associated with the dependent route performs recursion again. If the route destination address is the original next hop address or network segment address of next hop information, any route changes affect the recursion result of the next hop information. Otherwise, route changes do not affect next hop information. Therefore, when a route changes, you can perform recursion again only on the associated next hop by assessing the destination address of the route. For example, if the original next hop address of the route 2.2.2.2/32 is 1.1.1.1, the route that the original next hop 1.1.1.1 depends on may be 1.1.1.1/32 or 1.1.0.0/16. If the route 1.1.1.1/32 or 1.1.0.0/16 changes, the recursion result of the original next hop 1.1.1.1 is affected.

With respect to tunnel recursion, when a tunnel alternates between Up and Down, perform recursion again on the next hop whose original next hop address is the same as the destination address of the tunnel.

Recursion Policy

A recursion policy is used to control the recursion result of the next hop to meet requirements of different scenarios. In route recursion, behaviors do not need to be controlled by the recursion policy. Instead, recursion behaviors only need to comply with the longest match rule. In addition, the recursion policy needs to be applied only when VPN routes recurse to tunnels.

By default, the system selects Label Switched Paths (LSPs) for VPNs without performing load balancing. If load balancing or other types of tunnels are required, configure a tunnel policy and bind it to a tunnel. After the tunnel policy is applied, the system uses the tunnel bound to the tunnel policy or selects a tunnel based on the priorities specified in the tunnel policy during next hop recursion.

Mechanism for Indirect Next Hop

Without indirect next hop, the forwarding information corresponds to the prefix, and therefore, the route convergence time is decided by the number of route prefixes. With indirect next hop, multiple route prefixes correspond to one next hop. Forwarding information is added to the forwarding table using the next hop, and traffic with relevant route prefixes can be switched, which speeds up route convergence.

Figure 10-5 Implementation without indirect next hop

As shown in Figure 10-5, without indirect next hop, prefixes are totally independent, each corresponding to its next hop and forwarding information. When a dependent route changes, the next hop corresponding to each prefix performs recursion and forwarding information is updated based on the prefix. In this case, the convergence time is decided by the number of prefixes.

Note that prefixes of a BGP peer have the same next hop, forwarding information, and refreshed forwarding information.

Figure 10-6 Implementation with indirect next hop

As shown in Figure 10-6, with indirect next hop, prefixes of routes from the same BGP peer share the same next hop. When a dependent route changes, only the shared next hop performs recursion and forwarding information is updated based on the next hop. In this case, routes of all prefixes can converge at a time. Therefore, the convergence time is irrelevant to the number of prefixes.

Comparison Between Route Recursion and Tunnel Recursion

The following table lists differences between route recursion and tunnel recursion.

IBGP Route Recursion to an IGP Route

Figure 10-7 Networking for IBGP route recursion

In Figure 10-7, an IBGP peer relationship is established between Device A and Device D. The IBGP peer relationship is established between two loopback interfaces on the routers, but the next hop cannot be used to guide packet forwarding, because it is not directly reachable. Therefore, to refresh the forwarding table and guide packet forwarding, the system needs to search for the actual outbound interface and directly connected next hop based on the original IBGP next hop.

Device D receives 100,000 routes from Device A. These routes have the same original BGP next hop. After recursion, these routes eventually follow the same IGP path (A->B->D). If the IGP path (A->B->D) fails, these IBGP routes do not need to perform recursion separately, and the relevant forwarding entries do not need to be refreshed one by one. Note that only the shared next hop needs to perform recursion and be refreshed. Consequently, these IBGP routes converge to the path (A->C->D) on the forwarding plane. Therefore, the convergence time depends on only the number of next hops, not the number of prefixes.

If Device A and Device D establish a multi-hop EBGP peer relationship, the convergence procedure is the same as the preceding one. Indirect next hop also applies to the recursion of a multi-hop EBGP route.

VPN Routes Recursion to a Tunnel

Figure 10-8 Networking for VPN route recursion

In Figure 10-8, a neighbor relationship is established between PE1 and PE2, and PE2 receives 100,000 VPN routes from PE1. These routes have the same original BGP next hop. After recursion, these VPN routes eventually follow the same public network tunnel (tunnel 1). If tunnel 1 fails, these routes do not need to perform recursion separately, and the relevant forwarding entries do not need to be refreshed one by one. Note that only the shared next hop needs to perform recursion, and the relevant forwarding entries need to be refreshed. Consequently, these VPN routes converge to tunnel 2 on the forwarding plane. In this manner, the convergence time depends on only the number of next hops, not the number of prefixes.

Multi-Topology Overview

On a traditional IP network, only one unicast topology exists, and only one unicast forwarding table is available on the forwarding plane, which forces services transmitted from one router to the same destination address to share the same next hop, and various end-to-end services, such as voice and data services, to share the same physical links. As a result, some links may become heavily congested whereas others remain relatively idle. To address this problem, configure multi-topology to divide a physical network into different logical topologies for different services.

By default, the base topology is created on the public network. The class-specific topology can be added or deleted in the public network address family view. Each topology contains its own routing table. The class-specific topology supports the addition, deletion, and import of protocol routes.

The base topology cannot be deleted.

Direct Routes Supporting Multi-Topology

Direct routes can be added to or deleted from the routing table of any topology. The same routes can also be added to multiple topologies, independent of each other.

Direct routes associated with interfaces are added to the base topology by default. Direct routes in the base topology are not deleted, and the base topology contains all direct routes.

Static Routes Supporting Multi-Topology

Static routes can be added to or deleted from the routing table of any topology. The routes with the same prefix, outbound interface, and next hop can also be added to multiple topologies, independent of each other.

Static routes, by default, are configured in the base topology. However, they can be configured in a specified class-specific topology and can be changed or deleted.

Static routes have no outbound interfaces, and therefore, need to perform recursion based on the next hop. In this case, you cannot specify the topology in which the next hop resides.

Public network static route recursion to a VPN next hop or VPN static route recursion to a public network next hop can be configured only in the base topology. When configuring static routes, you cannot specify the name of the topology in which the destination resides.

Background

A VRRP group is configured on Device1 and Device2 on the network shown in Figure 10-9. Device1 is a master device, whereas Device2 is a backup device. The VRRP group serves as a gateway for users. User-to-network traffic travels through Device1. However, network-to-user traffic may travel through Device1, Device2, or both of them over a path determined by a dynamic routing protocol. Therefore, user-to-network traffic and network-to-user traffic may travel along different paths, which interrupts services if firewalls are attached to devices in the VRRP group, complicates traffic monitoring or statistics collection, and increases costs.

To address the preceding problems, the routing protocol is expected to select a route passing through the master device so that the user-to-network and network-to-user traffic travels along the same path. Association between direct routes and a VRRP group can meet expectations by allowing the dynamic routing protocol to select a route based on the VRRP status.

Figure 10-9 Association between direct routes and a VRRP group

Related Concepts

VRRP is a widely used fault-tolerant protocol that groups multiple routing devices into a VRRP group, improving network reliability. A VRRP group consists of a master device and one or more backup devices. If the master device fails, the VRRP group switches services to a backup device to ensure communication continuity and reliability.

A device in a VRRP group operates in one of three states:

• Master: If a network is working correctly, the master device transmits all services.
• Backup: If the master device fails, the VRRP group selects a backup device as the new master device to take over traffic and ensure uninterrupted service transmissions.
• Initialize: A device in the Initialize state is waiting for an interface Startup message to switch its status to Master or Backup.

For details about VRRP, see HUAWEI NetEngine5000E Core Router Feature Description - Network Reliability - VRRP.

Implementation

Association between direct routes and a VRRP group allows VRRP interfaces to adjust the costs of direct network segment routes based on the VRRP status. The direct route with the master device as the next hop has the lowest cost. A dynamic routing protocol imports the direct routes and selects the direct route with the lowest cost. For example, VRRP interfaces on Device1 and Device2 on the network shown in Figure 10-9 are configured with association between direct routes and the VRRP group. The implementation is as follows:

• Device1 in the Master state sets the cost of its route to the directly connected virtual IP network segment to 0 (default value).

• Device2 in the Backup state increases the cost of its route to the directly connected virtual IP network segment.

A dynamic routing protocol selects the route with Device1 as the next hop because this route costs less than the other route. Therefore, both user-to-network traffic and network-to-user traffic travel through Device1.

Usage Scenario

When a data center is used, firewalls are attached to devices in a VRRP group to improve network security. Network-to-user traffic cannot pass through a firewall if it travels over a path different than the one used by user-to-network traffic.

When an IP radio access network (RAN) is configured, VRRP is configured to set the master/backup status of aggregation site gateways (ASGs) and radio service gateways (RSGs). Network-to-user and user-to-network traffic may pass through different paths, complicating network operation and management.

Association between direct routes and a VRRP group can address the preceding problems by ensuring the user-to-network and network-to-user traffic travels along the same path.

Background

By default, ARP or IPv6 NDP Vlink direct routes are used only for data forwarding in the same VLAN. To control the routing table size and maintain routing table stability, these direct routes cannot be imported to dynamic routing protocols for advertisement. In some cases, the device needs to perform operations based on specific routes of VLAN users. For example, a device needs to apply a unique export policy for each VLAN user to divert traffic from a remote device. In this case, ARP or IPv6 NDP Vlink routes need to be imported to a dynamic routing protocol and advertised to the remote device.

Related Concepts

ARP Vlink direct routes: routes with VLAN users' physical interfaces that are learned using ARP. Such routes are used to forward IP packets in VLAN networking because packets cannot be forwarded through some logical interfaces. After the , QinQ interface learns an ARP entry of a remote end, an ARP Vlink direct route with a 32-bit mask is generated and displayed in the routing table. A common physical interface does not generate an ARP Vlink direct route with a 32-bit mask.

NDP Vlink direct routes: routing entries carrying IPv6 addresses of VLAN users' physical interfaces. These IPv6 addresses are learned and resolved using NDP.

Implementation

On the network shown in Figure 10-10, three users (Device A, Device B, and Device C) are connected to the logical interface of Device D. Device E needs to communicate with Device B, not with Device A or Device C. In this scenario, Vlink direct route advertisement can be enabled on Device D. Then Device D obtains each physical interface of the three users and uses a route-policy to filter out network segment routes and the routes destined for Device A and Device C.

Figure 10-10 Networking for Vlink direct route advertisement

Usage Scenario

Vlink direct route advertisement is applicable to networks in which a device needs to add Vlink direct routes with physical interfaces of VLAN users to the routing table of a dynamic routing protocol before advertising the routes to remote ends.

Benefits

With Vlink direct route advertisement, a device can import Vlink direct routes into the routing table of a dynamic routing protocol (such as an IGP or BGP) and then use different export policies during route advertisement to implement precise route control.