53-1002603-01 28 September 2012 Brocade ICX 6650 Layer 3 Routing Configuration Guide Supporting FastIron Software Release 07.5.
Copyright © 2012 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Brocade Assurance, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, MLX, NetIron, SAN Health, ServerIron, TurboIron, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Contents About This Document Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Brocade ICX 6650 slot and port numbering . . . . . . . . . . . . . . . . . . . . xi How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring IP parameters – Layer 3 Switches . . . . . . . . . . . . . . . . . 19 Configuring IP addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Configuring 31-bit subnet masks on point-to-point networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Configuring DNS resolver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Configuring packet parameters . . . . . . . . . . . . . . . . . . . . . . . . . 28 Changing the router ID. . . . . . . . . . .
Chapter 2 Base Layer 3 and Routing Protocols Adding a static IP route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133 Adding a static ARP entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134 Modifying and displaying Layer 3 system parameter limits . . . . . .134 Layer 3 configuration notes. . . . . . . . . . . . . . . . . . . . . . . . . . . .134 Displaying Layer 3 system parameter limits . . . . . . . . . . . . . .135 Configuring RIP . . . . . . . . . . . . .
RIPng timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159 Updating RIPng timers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159 Route learning and advertising parameters . . . . . . . . . . . . . . . . . .160 Configuring default route learning and advertising . . . . . . . . .160 Advertising IPv6 address summaries . . . . . . . . . . . . . . . . . . . .160 Changing the metric of routes learned and advertised on an interface . . . . . . . . . . .
Configuring default route origination . . . . . . . . . . . . . . . . . . . .205 Modifying SPF timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .206 Modifying the redistribution metric type . . . . . . . . . . . . . . . . .207 Administrative distance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207 Configuring OSPF group Link State Advertisement pacing . . .208 Modifying OSPF traps generated . . . . . . . . . . . . . . . . . . . . . . .
Configuring the OSPF V3 LSA pacing interval . . . . . . . . . . . . .245 Modifying exit overflow interval. . . . . . . . . . . . . . . . . . . . . . . . .245 Modifying external link state database limit . . . . . . . . . . . . . .245 Modifying OSPF V3 interface defaults . . . . . . . . . . . . . . . . . . .246 Disabling or re-enabling event logging . . . . . . . . . . . . . . . . . . . 247 IPsec for OSPF V3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Advertising the default route. . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Changing the default MED (Metric) used for route redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Enabling next-hop recursion . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Changing administrative distances . . . . . . . . . . . . . . . . . . . . .313 Requiring the first AS to be the neighbor AS . . . . . . . . . . . . . .
Displaying BGP4 information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361 Displaying summary BGP4 information . . . . . . . . . . . . . . . . . .361 Displaying the active BGP4 configuration . . . . . . . . . . . . . . . .364 Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . .364 Displaying summary neighbor information . . . . . . . . . . . . . . .366 Displaying BGP4 neighbor information. . . . . . . . . . . . . . . . . . .367 Displaying peer group information . .
Comparison of VRRP and VRRP-E . . . . . . . . . . . . . . . . . . . . . . . . . .420 VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .420 VRRP-E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .420 Architectural differences between VRRP and VRRP-E. . . . . . .421 VRRP and VRRP-E parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .422 Note regarding disabling VRRP or VRRP-E . . . . . . . . . . . . . . . .
xii Brocade ICX 6650 Layer 3 Routing Configuration Guide 53-1002603-01
About This Document The Brocade ICX 6650 is a ToR (Top of Rack) Ethernet switch for campus LAN and classic Ethernet data center environments. Audience This document is designed for system administrators with a working knowledge of Layer 2 and Layer 3 switching and routing. If you are using a Brocade Layer 3 Switch, you should be familiar with the following protocols if applicable to your network: IP, RIP, OSPF, BGP, ISIS, PIM, and VRRP.
Brocade ICX 6650 slot and port numbering • Slot 2 is located on the back of the Brocade ICX 6650 device and contains ports 1 through 3 on the top row and port 4 on the bottom row. These ports are 2x40 GbE QSFP+. Refer to the following figure. Slot 2 Slot 2 Slot 3 • Slot 3 is located on the back of the Brocade ICX 6650 device and contains ports 1 through 8. These ports are 4 x 10 GbE breakout ports and require the use of a breakout cable. Refer to the previous figure.
Brocade ICX 6650 slot and port numbering Document conventions This section describes text formatting conventions and important notice formats used in this document.
Brocade ICX 6650 slot and port numbering ATTENTION An Attention statement indicates potential damage to hardware or data. CAUTION A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data. DANGER A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.
Brocade ICX 6650 slot and port numbering • Brocade ICX 6650 Diagnostic Reference • Unified IP MIB Reference • Ports-on-Demand Licensing for the Brocade ICX 6650 The latest versions of these guides are posted at http://www.brocade.com/ethernetproducts. Additional information This section lists additional Brocade and industry-specific documentation that you might find helpful. Brocade resources To get up-to-the-minute information, go to http://my.brocade.
Brocade ICX 6650 slot and port numbering Document feedback Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document. However, if you find an error or an omission, or you think that a topic needs further development, we want to hear from you. Forward your feedback to: documentation@brocade.
Chapter 1 IP Configuration Table 1 lists the IP features Brocade ICX 6650 devices support. These features are supported with the full Layer 3 software image, except where explicitly noted.
Basic IP configuration TABLE 1 Supported IP features (Continued) Feature Brocade ICX 6650 Local proxy ARP Yes Jumbo frames • Up to 10,240 bytes Yes IP MTU (individual port setting) Yes Path MTU discovery Yes ICMP Router Discovery Protocol (IRDP) Yes Domain Name Server (DNS) resolver Yes NOTE The terms Layer 3 Switch and router are used interchangeably in this chapter and mean the same. Basic IP configuration IP is enabled by default.
IP configuration overview • Route exchange protocols: - Routing Information Protocol (RIP) - Open Shortest Path First (OSPF) - Border Gateway Protocol version 4 (BGP4) • Multicast protocols: - Internet Group Membership Protocol (IGMP) - Protocol Independent Multicast Dense (PIM-DM) - Protocol Independent Multicast Sparse (PIM-SM) • Router redundancy protocols: - Virtual Router Redundancy Protocol Extended (VRRP-E) - Virtual Router Redundancy Protocol (VRRP) IP interfaces NOTE This section describes IPv4 a
IP configuration overview You can use any of the IP addresses you configure on the Layer 3 Switch for Telnet, or SNMP access. Layer 2 Switches You can configure an IP address on a Brocade Layer 2 Switch for management access to the Layer 2 Switch. An IP address is required for Telnet access and SNMP access. You also can specify the default gateway for forwarding traffic to other subnets.
IP configuration overview IP packet flow through a Layer 3 Switch Figure 1 shows how an IP packet moves through a Brocade Layer 3 Switch. FIGURE 1 IP Packet flow through a Brocade Layer 3 Switch Load Balancing Algorithm Y N PBR or IP acc policy Y Mult. Equalcost Paths Lowest Metric N RIP Incoming Port N Session Table Y Fwding Cache N IP Route Table Lowest Admin. Distance BGP4 Y Outgoing Port OSPF ARP Cache Static ARP Table Figure 1 shows the following packet flow: 1.
IP configuration overview 3. If the session table does not contain an entry that matches the packet source address and TCP or UDP port, the Layer 3 Switch looks in the IP forwarding cache for an entry that matches the packet destination IP address. If the forwarding cache contains a matching entry, the Layer 3 Switch forwards the packet to the IP address in the entry. The Layer 3 Switch sends the packet to a queue on the outgoing ports listed in the forwarding cache.
IP configuration overview Static ARP table In addition to the ARP cache, Layer 3 Switches have a static ARP table. Entries in the static ARP table are user-configured. You can add entries to the static ARP table regardless of whether or not the device the entry is for is connected to the Layer 3 Switch. NOTE Layer 3 Switches have a static ARP table. Layer 2 Switches do not. The software places an entry from the static ARP table into the ARP cache when the entry interface comes up.
IP configuration overview The IP route table contains the best path to a destination: • When the software receives paths from more than one of the sources listed above, the software compares the administrative distance of each path and selects the path with the lowest administrative distance. The administrative distance is a protocol-independent value from 1 through 255.
IP configuration overview 1 IP Address 192.168.1.11 Next Hop DIRECT MAC 0000.0000.0000 Type PU Port n/a Vlan Pri 0 Each IP forwarding cache entry contains the IP address of the destination, and the IP address and MAC address of the next-hop router interface to the destination. If the destination is actually an interface configured on the Layer 3 Switch itself, as shown here, then next-hop information indicates this.
IP configuration overview IP multicast protocols Brocade Layer 3 Switches also support the following Internet Group Membership Protocol (IGMP) based IP multicast protocols: • Protocol Independent Multicast – Dense mode (PIM-DM) • Protocol Independent Multicast – Sparse mode (PIM-SM) For configuration information, refer to the Brocade ICX 6650 IP Multicast Configuration Guide. . NOTE Brocade Layer 2 Switches support IGMP and can forward IP multicast packets.
Basic IP parameters and defaults – Layer 3 Switches Basic IP parameters and defaults – Layer 3 Switches IP is enabled by default.
Basic IP parameters and defaults – Layer 3 Switches TABLE 2 IP global parameters – Layer 3 Switches Parameter Description Default For more information IP state The Internet Protocol, version 4 Enabled n/a NOTE: You cannot disable IP. page 113 IP address and mask notation Format for displaying an IP address and its network mask information. You can enable one of the following: • Class-based format; example: 192.168.1.1 255.255.255.0 • Classless Interdomain Routing (CIDR) format; example: 192.
Basic IP parameters and defaults – Layer 3 Switches TABLE 2 IP global parameters – Layer 3 Switches (Continued) Parameter Description Default For more information Static ARP entries An ARP entry you place in the static ARP table. Static entries do not age out. No entries page 39 Time to Live (TTL) The maximum number of routers (hops) through which a packet can pass before being discarded. Each router decreases a packet TTL by 1 before forwarding the packet.
Basic IP parameters and defaults – Layer 3 Switches TABLE 2 IP global parameters – Layer 3 Switches (Continued) Parameter Description Default For more information Static RARP entries An IP address you place in the RARP table for RARP requests from hosts. No entries page 62 NOTE: You must enter the RARP entries manually. The Layer 3 Switch does not have a mechanism for learning or dynamically generating RARP entries.
Basic IP parameters and defaults – Layer 3 Switches TABLE 2 IP global parameters – Layer 3 Switches (Continued) Parameter Description Default For more information Static route An IP route you place in the IP route table. No entries page 45 Source interface The IP address the router uses as the source address for Telnet, RADIUS, or TACACS/TACACS+ packets originated by the router.
Basic IP parameters and defaults – Layer 3 Switches TABLE 3 IP interface parameters – Layer 3 Switches (Continued) Parameter Description Default For more information DHCP gateway stamp The router can assist DHCP/BootP Discovery packets from one subnet to reach DHCP/BootP servers on a different subnet by placing the IP address of the router interface that receives the request in the request packet Gateway field.
Basic IP parameters and defaults – Layer 2 Switches Basic IP parameters and defaults – Layer 2 Switches IP is enabled by default. The following tables list the Layer 2 Switch IP parameters, their default values, and where to find configuration information. NOTE Brocade Layer 2 Switches also provide IP multicast forwarding, which is enabled by default. For more information about this feature, refer to the Brocade ICX 6650 IP Multicast Configuration Guide.
Basic IP parameters and defaults – Layer 2 Switches TABLE 4 IP global parameters – Layer 2 Switches (Continued) Parameter Description Default For more information Domain name for Domain Name Server (DNS) resolver A domain name (example: brocade.router.com) you can use in place of an IP address for certain operations such as IP pings, trace routes, and Telnet management connections to the router.
Configuring IP parameters – Layer 3 Switches Interface IP parameters – Layer 2 Switches Table 5 lists the interface-level IP parameters for Layer 2 Switches. TABLE 5 Interface IP parameters – Layer 2 Switches Parameter Description Default For more information DHCP gateway stamp You can configure a list of DHCP stamp addresses for a port. When the port receives a DHCP/BootP Discovery packet from a client, the port places the IP addresses in the gateway list into the packet Gateway field.
Configuring IP parameters – Layer 3 Switches Brocade devices support both classical IP network masks (Class A, B, and C subnet masks, and so on) and Classless Interdomain Routing (CIDR) network prefix masks: • To enter a classical network mask, enter the mask in IP address format. For example, enter “192.168.22.99 255.255.255.0” for an IP address with a Class-C subnet mask. • To enter a prefix network mask, enter a forward slash ( / ) and the number of bits in the mask immediately after the IP address.
Configuring IP parameters – Layer 3 Switches NOTE All physical IP interfaces on Brocade Layer 3 devices share the same MAC address. For this reason, if more than one connection is made between two devices, one of which is a Brocade Layer 3 device, Brocade recommends the use of virtual interfaces. It is not recommended to connect two or more physical IP interfaces between two routers.
Configuring IP parameters – Layer 3 Switches Brocade(config)# vlan 2 name IP-Subnet_10.1.2.0/24 Brocade(config-vlan-2)# untag ethernet 1/1/1 to 1/1/4 Brocade(config-vlan-2)# router-interface ve1 Brocade(config-vlan-2)# interface ve1 Brocade(config-vif-1)# ip address 10.1.2.1/24 The first two commands in this example create a Layer 3 protocol-based VLAN name “IP-Subnet_10.1.2.0/24” and add a range of untagged ports to the VLAN.
Configuring IP parameters – Layer 3 Switches For number, enter the ID of the virtual routing interface. Use the no form of the command to disable the configuration. Virtual routing interface 2 and 3 do not have their own IP subnet addresses, but are sharing the IP address of virtual routing interface 1. Deleting an IP address To delete an IP address, enter the no ip address command. Brocade(config-if-e10000-1/1/1)# no ip address 10.1.2.1 This command deletes IP address 10.1.2.1.
Configuring IP parameters – Layer 3 Switches You can also enter the IP address and mask in the Classless Inter-domain Routing (CIDR) format, as follows. Brocade(config-if-e10000-1/1/5)# ip address 10.10.9.9/31 Syntax: [no] ip address ip-address ip-mask Syntax: [no] ip address ip-address/subnet mask-bits The ip-address variable specifies the host address. The ip-mask variable specifies the IP network mask. The subnet mask-bits variable specifies the network prefix mask.
Configuring IP parameters – Layer 3 Switches Displaying information for a 31-bit subnet mask Use the following commands to display information for the 31-bit subnet mask: • show run interface • show ip route • show ip cache Configuring DNS resolver The Domain Name System (DNS) resolver is a feature in a Layer 2 or Layer 3 switch that sends and receives queries to and from the DNS server on behalf of a client. You can create a list of domain names that can be used to resolve host names.
Configuring IP parameters – Layer 3 Switches FIGURE 3 DNS resolution with one domain name DNS Servers with host names and IP addresses configured DNS Server 1 Domain name eng.company.com is configured in the FastIron switch DNS Server 2 1. Client sends a command to ping "mary" DNS Server 3 2. FastIron switch sends "mary.eng.company.com to DNS servers for resolution. DNS Server 4 This server has “mary.eng.company.com” 4. If “mary.eng.company.com” is in the DNS servers, its IP address is returned.
Configuring IP parameters – Layer 3 Switches Defining a domain list If you want to use more than one domain name to resolve host names, you can create a list of domain names. For example, enter the commands such as the following. Brocade(config)# Brocade(config)# Brocade(config)# Brocade(config)# Brocade(config)# ip ip ip ip dns dns dns dns domain-list domain-list domain-list domain-list company.com ds.company.com hw_company.com qa_company.
Configuring IP parameters – Layer 3 Switches Configuring packet parameters You can configure the following packet parameters on Layer 3 Switches. These parameters control how the Layer 3 Switch sends IP packets to other devices on an Ethernet network. The Layer 3 Switch always places IP packets into Ethernet packets to forward them on an Ethernet port. • Encapsulation type – The format for the Layer 2 packets within which the Layer 3 Switch sends IP packets.
Configuring IP parameters – Layer 3 Switches The default MTU is 1500 bytes for Ethernet II packets and 1492 for Ethernet SNAP packets. MTU enhancements Brocade devices contain the following enhancements to jumbo packet support: • Hardware forwarding of Layer 3 jumbo packets – Layer 3 IP unicast jumbo packets received on a port that supports the frame MTU size and forwarded to another port that also supports the frame MTU size are forwarded in hardware. .
Configuring IP parameters – Layer 3 Switches Brocade(config)# jumbo Brocade(config)# write memory Brocade(config)# end Brocade# reload Syntax: [no] jumbo NOTE You must save the configuration change and then reload the software to enable jumbo support.
Configuring IP parameters – Layer 3 Switches Changing the router ID In most configurations, a Layer 3 Switch has multiple IP addresses, usually configured on different interfaces. As a result, a Layer 3 Switch identity to other devices varies depending on the interface to which the other device is attached.
Configuring IP parameters – Layer 3 Switches • • • • • • • TACACS/TACACS+ TFTP RADIUS Syslog SNTP SSH SNMP traps You can configure the Layer 3 Switch to always use the lowest-numbered IP address on a specific Ethernet, loopback, or virtual interface as the source addresses for these packets. When configured, the Layer 3 Switch uses the same IP address as the source for all packets of the specified type, regardless of the ports that actually sends the packets.
Configuring IP parameters – Layer 3 Switches TACACS/TACACS+ packets To specify the lowest-numbered IP address configured on a virtual interface as the device source for all TACACS/TACACS+ packets, enter commands such as the following. Brocade(config)# interface ve 1 Brocade(config-vif-1)# ip address 10.0.0.3/24 Brocade(config-vif-1)# exit Brocade(config)# ip tacacs source-interface ve 1 The commands in this example configure virtual interface 1, assign IP address 10.0.0.
Configuring IP parameters – Layer 3 Switches Syslog packets To specify the lowest-numbered IP address configured on a virtual interface as the device source for all Syslog packets, enter commands such as the following. Brocade(config)# interface ve 1 Brocade(config-vif-1)# ip address 10.0.0.4/24 Brocade(config-vif-1)# exit Brocade(config)# ip syslog source-interface ve 1 The commands in this example configure virtual interface 1, assign IP address 10.0.0.
Configuring IP parameters – Layer 3 Switches The commands in this example configure loopback interface 2, assign IP address 10.0.0.2/24 to the interface, then designate the interface as the source for all SSH packets from the Layer 3 Switch. Syntax: [no] ip ssh source-interface ethernet stack-unit/slotnum/portnum | loopback num | ve num | management num The num variable is a loopback interface, virtual interface or management interface number.
Configuring IP parameters – Layer 3 Switches For example, to forward a packet whose destination is multiple router hops away, the Layer 3 Switch must send the packet to the next-hop router toward its destination, or to a default route or default network route if the IP route table does not contain a route to the packet destination.
Configuring IP parameters – Layer 3 Switches To prevent the CPU from becoming flooded by ARP packets in a busy network, you can restrict the number of ARP packets the device will accept each second. When you configure an ARP rate limit, the device accepts up to the maximum number of packets you specify, but drops additional ARP packets received during the one-second interval.
Configuring IP parameters – Layer 3 Switches Enabling proxy ARP Proxy ARP allows a Layer 3 Switch to answer ARP requests from devices on one network on behalf of devices in another network. Since ARP requests are MAC-layer broadcasts, they reach only the devices that are directly connected to the sender of the ARP request. Thus, ARP requests do not cross routers. For example, if Proxy ARP is enabled on a Layer 3 Switch connected to two subnets, 192.168.10.0/24 and 192.168.20.
Configuring IP parameters – Layer 3 Switches Enabling local proxy ARP Brocade devices support Proxy Address Resolution Protocol (Proxy ARP), a feature that enables router ports to respond to ARP requests for subnets it can reach. However, router ports will not respond to ARP requests for IP addresses in the same subnet as the incoming ports, unless Local Proxy ARP per IP interface is enabled.
Configuring IP parameters – Layer 3 Switches The num parameter specifies the entry number. You can specify a number from 1 up to the maximum number of static entries allowed on the device. The ip-addr parameter specifies the IP address of the device that has the MAC address of the entry. The mac-addr parameter specifies the MAC address of the entry. The ethernet port command specifies the port number attached to the device that has the MAC address of the entry.
Configuring IP parameters – Layer 3 Switches Changing the TTL threshold The time to live (TTL) threshold prevents routing loops by specifying the maximum number of router hops an IP packet originated by the Layer 3 Switch can travel through. Each device capable of forwarding IP that receives the packet decrements (decreases) the packet TTL by one. If a device receives a packet with a TTL of 1 and reduces the TTL to zero, the device drops the packet. The default TTL is 64.
Configuring IP parameters – Layer 3 Switches • Strict source routing – requires the packet to pass through only the listed routers. If the Layer 3 Switch receives a strict source-routed packet but cannot reach the next hop interface specified by the packet, the Layer 3 Switch discards the packet and sends an ICMP Source-Route-Failure message to the sender. NOTE The Layer 3 Switch allows you to disable sending of the Source-Route-Failure messages. Refer to “Disabling ICMP messages” on page 43.
Configuring IP parameters – Layer 3 Switches NOTE You must save the configuration and reload the software to place this configuration change into effect. Syntax: [no] ip broadcast-zero Disabling ICMP messages Brocade devices are enabled to reply to ICMP echo messages and send ICMP Destination Unreachable messages by default.
Configuring IP parameters – Layer 3 Switches • Source-route-failure – The device received a source-routed packet but cannot locate the next-hop IP address indicated in the packet Source-Route option. You can disable the Brocade device from sending these types of ICMP messages on an individual basis. To do so, use the following CLI method. NOTE Disabling an ICMP Unreachable message type does not change the Brocade device ability to forward packets.
Configuring IP parameters – Layer 3 Switches To disable ICMP redirect messages globally, enter the following command at the global CONFIG level of the CLI: Brocade(config)# no ip icmp redirect Syntax: [no] ip icmp redirects To disable ICMP redirect messages on a specific interface, enter the following command at the configuration level for the interface: Brocade(config)# interface ethernet 1/1/1 Brocade(config-if-e10000-1/1/1)# no ip redirect Syntax: [no] ip redirect Static routes configuration The IP r
Configuring IP parameters – Layer 3 Switches Static IP route parameters When you configure a static IP route, you must specify the following parameters: • The IP address and network mask for the route destination network. • The route path, which can be one of the following: - The IP address of a next-hop gateway - An Ethernet port - A virtual interface (a routing interface used by VLANs for routing Layer 3 protocol traffic among one another) - A “null” interface.
Configuring IP parameters – Layer 3 Switches Static route states follow port states IP static routes remain in the IP route table only so long as the port or virtual interface used by the route is available. If the port or virtual routing interface becomes unavailable, the software removes the static route from the IP route table. If the port or virtual routing interface becomes available again later, the software adds the route back to the route table.
Configuring IP parameters – Layer 3 Switches Brocade(config)# ip route 192.168.2.71 255.255.255.0 ve 3 The command in the following example configures an IP static route that uses port 1/1/2 as its next hop. Brocade(config)# ip route 192.168.2.73 255.255.255.
Configuring IP parameters – Layer 3 Switches Configuring a “Null” route You can configure the Layer 3 Switch to drop IP packets to a specific network or host address by configuring a “null” (sometimes called “null0”) static route for the address. When the Layer 3 Switch receives a packet destined for the address, the Layer 3 Switch drops the packet instead of forwarding it. To configure a null static route, use the following CLI method.
Configuring IP parameters – Layer 3 Switches • Backup Routes – If you configure multiple static IP routes to the same destination, but give the routes different next-hop gateways and different metrics, the Layer 3 Switch will always use the route with the lowest metric. If this route becomes unavailable, the Layer 3 Switch will fail over to the static route with the next-lowest metric, and so on.
Configuring IP parameters – Layer 3 Switches This feature is especially useful for the following configurations. These are not the only allowed configurations but they are typical uses of this enhancement: • When you want to ensure that if a given destination network is unavailable, the Layer 3 Switch drops (forwards to the null interface) traffic for that network instead of using alternate paths to route the traffic.
Configuring IP parameters – Layer 3 Switches FIGURE 5 Standard and null static routes to the same destination network Two static routes to 192.168.7.0/24: --Standard static route through gateway 192.168.6.157, with metric 1 --Null route, with metric 2 192.168.6.188/24 192.168.6.157/24 Switch A 192.168.7.7/24 Switch B When standard static route is good, Switch A uses that route. 192.168.7.69/24 Switch A 192.168.6.188/24 192.168.6.
Configuring IP parameters – Layer 3 Switches FIGURE 6 Standard and interface routes to the same destination network Two static routes to 192.168.6.0/24: --Interface-based route through Port1/1/1, with metric 1. --Standard static route through gateway 192.168.8.11, with metric 3. Switch A 192.168.8.12/24 Port1/1/4 192.168.6.188/24 Port1/1/1 When route through interface 1/1/1 is available, Switch A always uses that route. 192.168.6.69/24 192.168.8.
Configuring IP parameters – Layer 3 Switches Configuring a default network route The Layer 3 Switch enables you to specify a candidate default route without the need to specify the next hop gateway. If the IP route table does not contain an explicit default route (for example, 0.0.0.0/0) or propagate an explicit default route through routing protocols, the software can use the default network route as a default route instead.
Configuring IP parameters – Layer 3 Switches Brocade# show ip route Total number of IP routes: 2 Start index: 1 B:BGP D:Connected R:RIP S:Static Destination NetMask Gateway 1 10.157.20.0 255.255.255.0 0.0.0.0 2 10.157.22.0 255.255.255.0 0.0.0.0 O:OSPF *:Candidate default Port Cost Type lb1 1 D 1/1/1 1 *D This example shows two routes. Both of the routes are directly attached, as indicated in the Type column. However, one of the routes is shown as type “*D”, with an asterisk (*).
Configuring IP parameters – Layer 3 Switches • Routes learned through BGP4 Administrative distance for each IP route The administrative distance is a unique value associated with each type (source) of IP route. Each path has an administrative distance. The administrative distance is not used when performing IP load sharing, but the administrative distance is used when evaluating multiple equal-cost paths to the same destination from different sources, such as RIP, OSPF and so on.
Configuring IP parameters – Layer 3 Switches The source of a path cost value depends on the source of the path: • IP static route – The value you assign to the metric parameter when you configure the route. The default metric is 1. Refer to “Configuring load balancing and redundancy using multiple static routes to the same destination” on page 49. • RIP – The number of next-hop routers to the destination. • OSPF – The Path Cost associated with the path.
Configuring IP parameters – Layer 3 Switches • If the IP load forwarding cache does not contain a forwarding entry for the destination, the software selects a path from among the available equal-cost paths to the destination, then creates a forwarding entry in the cache based on the calculation. Subsequent traffic for the same destination uses the forwarding entry.
Configuring IP parameters – Layer 3 Switches NOTE You can configure IRDP parameters only an individual port basis. To do so, IRDP must be disabled globally and enabled only on individual ports. You cannot configure IRDP parameters if the feature is globally enabled. When IRDP is enabled, the Layer 3 Switch periodically sends Router Advertisement messages out the IP interfaces on which the feature is enabled.
Configuring IP parameters – Layer 3 Switches Enabling IRDP on an individual port To enable IRDP on an individual interface and change IRDP parameters, enter commands such as the following. Brocade(config)# interface ethernet 1/1/3 Brocade(config-if-e10000-1/1/3)# ip irdp maxadvertinterval 400 This example shows how to enable IRDP on a specific port and change the maximum advertisement interval for Router Advertisement messages to 400 seconds.
Configuring IP parameters – Layer 3 Switches Reverse Address Resolution Protocol configuration The Reverse Address Resolution Protocol (RARP) provides a simple mechanism for directly-attached IP hosts to boot over the network. RARP allows an IP host that does not have a means of storing its IP address across power cycles or software reloads to query a directly-attached router for an IP address. RARP is enabled by default.
Configuring IP parameters – Layer 3 Switches Syntax: [no] ip rarp To re-enable RARP, enter the following command. Brocade(config)# ip rarp Creating static RARP entries You must configure the RARP entries for the RARP table. The Layer 3 Switch can send an IP address in reply to a client RARP request only if create a RARP entry for that client. To assign a static IP RARP entry for static routes on a Brocade router, enter a command such as the following. Brocade(config)# rarp 1 0000.0054.2348 192.168.4.
Configuring IP parameters – Layer 3 Switches You can configure the Layer 3 Switch to forward clients‘ requests to UDP application servers. To do so: • Enable forwarding support for the UDP application port, if forwarding support is not already enabled. • Configure a helper adders on the interface connected to the clients. Specify the helper address to be the IP address of the application server or the subnet directed broadcast address for the IP subnet the server is in.
Configuring IP parameters – Layer 3 Switches NOTE You also must configure a helper address on the interface that is connected to the clients for the application. The Layer 3 Switch cannot forward the requests unless you configure the helper address. Refer to “Configuring an IP helper address” on page 66. To enable the forwarding of SNMP trap broadcasts, enter the following command.
Configuring IP parameters – Layer 3 Switches To configure a helper address on an interface 2 on chassis module 1, enter the following commands. Brocade(config)# interface ethernet 1/1/2 Brocade(config-if-e10000-1/1/2)# ip helper-address 1 192.168.7.6 The commands in this example change the CLI to the configuration level for port 1/1/2, then add a helper address for server 192.168.7.6 to the port.
Configuring IP parameters – Layer 3 Switches • Hop count – Each router that forwards a BootP/DHCP packet increments the hop count by 1. Routers also discard a forwarded BootP/DHCP request instead of forwarding the request if the hop count is greater than the maximum number of BootP/DHCP hops allows by the router. By default, a Brocade Layer 3 Switch forwards a BootP/DHCP request if its hop count is four or less, but discards the request if the hop count is greater than four.
Configuring IP parameters – Layer 3 Switches Changing the maximum number of hops to a BootP relay server Each BootP or DHCP request includes a field Hop Count field. The Hop Count field indicates how many routers the request has passed through.
Configuring IP parameters – Layer 3 Switches In some environments, it may be necessary to reassign network addresses due to exhaustion of the available address pool. In this case, the allocation mechanism reuses addresses with expired leases. Configuration notes for configuring DHCP servers • DHCP server is supported in the Layer 2 and full Layer 3 software images.
Configuring IP parameters – Layer 3 Switches A DHCP server assigns and manages IPv4 addresses from multiple address pools, using dynamic address allocation. The DHCP server also contains the relay agent to forward DHCP broadcast messages to network segments that do not support these types of messages.
Configuring IP parameters – Layer 3 Switches FIGURE 7 DHCP Server configuration flow chart Classify incoming message Yes DHCP enabled? Yes No previous allocation in DB for this host? Reserve the previous allocated address Yes Send offer to host and listen for response Host responds? No No Use RX Portnum, Ciaddr field, and Giaddr field to select proper address pool End Reserve an address from the address pool Reserve the address No Available address in the pool? Yes Host options requested
Configuring IP parameters – Layer 3 Switches Configuring DHCP Server on a device Perform the following steps to configure the DHCP Server feature on your device: 1. Enable DHCP Server by entering a command similar to the following. Brocade(config)# ip dhcp-server enable 2. Create a DHCP Server address pool by entering a command similar to the following. Brocade(config)# ip dhcp-server pool cabo 3. Configure the DHCP Server address pool by entering commands similar to the following.
Configuring IP parameters – Layer 3 Switches TABLE 8 DHCP Server optional parameters command Command Description option merit-dump Specifies the path name of a file into which the client’s core image should be placed in the event that the client crashes (the DHCP application issues an exception in case of errors such as division by zero). option root-path Specifies the name of the path that contains the client’s root filesystem in NFS notation.
Configuring IP parameters – Layer 3 Switches TABLE 9 DHCP Server CLI commands (Continued) Command Description show ip dhcp-server address-pool name Displays a specific address pool or all address pools. Refer to “Displaying address-pool information” on page 78. show ip dhcp-server flash Displays the lease binding database that is stored in flash memory. Refer to “Displaying lease-binding information in flash memory” on page 79.
Configuring IP parameters – Layer 3 Switches Removing DHCP leases The clear ip dhcp-server binding command can be used to delete a specific lease, or all lease entries from the lease binding database. Brocade(config)# clear ip dhcp-server binding * Syntax: clear ip dhcp-server binding [address | *] • address - The IP address to be deleted • * - Clears all IP addresses Enabling DHCP Server The ip dhcp-server enable command enables DHCP Server, which is disabled by default.
Configuring IP parameters – Layer 3 Switches Creating an address pool The ip dhcp-server pool command puts you in pool configuration mode, and allows you to create an address pool. Brocade(config)# ip dhcp-server pool Brocade(config-dhcp-name)# ip dhcp-server pool monterey Brocade(config-dhcp-monterey)# These commands create an address pool named monterey.
Configuring IP parameters – Layer 3 Switches Deploying an address pool configuration to the server The deploy command sends an address pool configuration to the DHCP server. Brocade(config-dhcp-cabo)# deploy Syntax: deploy Specifying default routers available to the client The dhcp-default-router command specifies the ip addresses of the default routers for a client.
Configuring IP parameters – Layer 3 Switches Configuring the NetBIOS server for DHCP clients The netbios-name-server command specifies the IP address of a NetBIOS WINS server or servers that are available to Microsoft DHCP clients. Brocade(config-dhcp-cabo)# netbios-name-server 192.168.1.55 Syntax: netbios-name-server address [address2, address3] Configuring the subnet and mask of a DHCP address pool This network command configures the subnet network and mask of the DHCP address pool.
Configuring IP parameters – Layer 3 Switches Displaying DHCP Server information The following DHCP show commands can be entered from any level of the CLI. Displaying active lease entries The show ip dhcp-server binding command displays a specific active lease, or all active leases, as shown in the following example: Brocade# show ip dhcp-server binding The following output is displayed: Brocade# show ip dhcp-server binding Bindings from all pools: IP Address Client-ID/ Hardware address 192.168.1.2 192.
Configuring IP parameters – Layer 3 Switches lease: netbios-name-server: network: next-bootstrap-server: tftp-server: 0 0 30 192.168.1.101 192.168.1.0 255.255.255.0 192.168.1.102 192.168.1.103 Syntax: show ip dhcp-server address-pool[s] [name] • address-pool[s] - If you enter address-pools, the display will show all address pools • name - Displays information about a specific address pool Table 11 describes this output.
Configuring IP parameters – Layer 3 Switches Table 12 describes this output.
Configuring IP parameters – Layer 3 Switches • For a Layer 3 device, one leased address is granted (per device) to the interface that first receives a response from the DHCP server. 2. If auto-update is enabled, the TFTP flash image is downloaded and updated. The device compares the filename of the requested flash image with the image stored in flash. If the filenames are different, then the device will download the new image from a TFTP server, write the downloaded image to flash, then reload the device.
Configuring IP parameters – Layer 3 Switches • Although the DHCP server may provide multiple addresses, only one IP address is installed at a time. • This feature is not supported together with DHCP snooping. The following configuration rules apply to flash image update: • To enable flash image update (ip dhcp-client auto-update enable command), also enable auto-configuration (ip dhcp-client enable command). • The image filename to be updated must have the extension .bin.
Configuring IP parameters – Layer 3 Switches FIGURE 9 The DHCP Client-Based Auto-Configuration steps IP Address Validation and Lease Negotiation Legend: Typical process (may change depending on environment) System boot/ feature enable (start) Has IP address? Existing Device Asks server if Dynamic address is valid? (in pool and not leased) Static or dynamic address? Yes Static No Other Possible Events DHCP Yes server responds? (4 tries) Yes Is IP address valid? Dynamic IP is re-leased to syste
Configuring IP parameters – Layer 3 Switches 3. If the device has a dynamic address, the device asks the DHCP server to validate that address. If the server does not respond, the device will continue to use the existing address until the lease expires. If the server responds, and the IP address is outside of the DHCP address pool or has been leased to another device, it is automatically rejected, and the device receives a new IP address from the server.
Configuring IP parameters – Layer 3 Switches 1. When the device reboots, or the Auto-Configuration feature has been disabled and then re-enabled, the device uses information from the DHCP server to contact the TFTP server to update the running-configuration file: • If the DHCP server provides a TFTP server name or IP address, the device uses this information to request files from the TFTP server.
Configuring IP parameters – Layer 3 Switches • When DHCP is disabled, and then re-enabled, or if the system is rebooted, the TFTP process requires approximately three minutes to run in the background before file images can be downloaded manually. • Once a port is assigned a leased IP address, it is bound by the terms of the lease regardless of the link state of the port. Disabling or re-enabling Auto-Configuration For a switch, you can disable or enable this feature using the following commands.
Configuring IP parameters – Layer 3 Switches Brocade(config)# show ip address IP Address Type Lease Time 10.44.3.233 Dynamic 672651 10.0.0.1 Static N/A Interface 1/1/2 1/1/5 The following example shows a Layer 2 device configuration as a result of the show run command. Brocade(config)# show run Current configuration: ! ver 07.5.00b1T323 ! stack unit 1 module 1 icx6650-56-port-management-module module 2 icx6650-4-port-40g-module module 3 icx6650-8-port-10g-module ! ! ip address 10.44.16.116 255.255.255.
Configuring IP parameters – Layer 2 Switches 2d01h48m21s:I: DHCPC: 2d01h48m21s:I: DHCPC: 2d01h48m21s:I: DHCPC: 2d01h48m21s:I: DHCPC: 2d01h48m21s:I: DHCPC: 2d01h48m21s:I: DHCPC: 2d01h48m21s:I: DHCPC: 255.255.255.0 on port 2d01h48m21s:I: DHCPC: 2d01h48m21s:I: DHCPC: existing ip address found, no further action needed by DHCPC Starting DHCP Client service Stopped DHCP Client service ICX6650 Switch running-configuration changed sending TFTP request for bootfile name icx6650-switch.
Configuring IP parameters – Layer 2 Switches To specify the Layer 2 Switch default gateway, enter a command such as the following. Brocade(config)# ip default-gateway 192.168.6.1 Syntax: ip default-gateway ip-addr NOTE When configuring an IP address on a Layer 2 switch that has multiple VLANs, make sure the configuration includes a designated management VLAN that identifies the VLAN to which the global IP address belongs.
Configuring IP parameters – Layer 2 Switches Syntax: traceroute host-ip-addr [maxttl value] [minttl value] [numeric] [timeout value] [source-ip ip addr] The only required parameter is the IP address of the host at the other end of the route. After you enter the command, a message indicating that the DNS query is in process and the current gateway address (IP address of the domain name server) being queried appear on the screen. Type Control-c to abort Sending DNS Query to 192.168.22.
Configuring IP parameters – Layer 2 Switches Brocade(config)# ip ttl 25 Brocade(config)# exit Syntax: ip ttl 1-255 DHCP Assist configuration DHCP Assist allows a Brocade Layer 2 Switch to assist a router that is performing multi-netting on its interfaces as part of its DHCP relay function. DHCP Assist ensures that a DHCP server that manages multiple IP subnets can readily recognize the requester IP subnet, even when that server is not on the client local LAN segment.
Configuring IP parameters – Layer 2 Switches FIGURE 11 DHCP requests in a network without DHCP Assist on the Layer 2 Switch Step 3: DHCP Server generates IP addresses for Hosts 1,2,3 and 4. All IP address are assigned in the 192.168.5.1 range. DHCP Server 10.95.7.6 DHCP requests for the other sub-nets were not recognized by 192.168.5.5 the non-DHCP assist router causing 192.168.5.10 incorrect address assignments. 192.168.5.35 192.168.5.30 Step 2: Router assumes the lowest IP address (192.168.5.
Configuring IP parameters – Layer 2 Switches FIGURE 12 DHCP requests in a network with DHCP Assist operating on a FastIron Switch DHCP Server 10.95.7.6 Step 3: Router forwards the DHCP request to the server without touching the gateway address inserted in the packet by the switch. Router Step 2: FastIron stamps each DHCP request with the gateway address of the corresponding subnet of the receiving port. Layer 2 Switch Interface 14 Interface 2 Gateway addresses: 192.168.5.1 10.95.6.1 10.95.1.1 10.95.
Configuring IP parameters – Layer 2 Switches FIGURE 13 DHCP offers are forwarded back toward the requestors Step 4: DHCP Server extracts the gateway address from each packet and assigns IP addresses for each host within the appropriate range. DHCP Server 10.95.7.6 DHCP response with IP addresses for Subnets 1, 2, 3 and 4 192.168.5.10 10.95.6.15 10.95.1.35 10.95.5.25 Router Layer 2 Switch 192.168.5.10 Step 5: IP addresses are distributed to the appropriate hosts. 10.95.6.15 Host 2 Host 1 10.95.6.
IPv4 point-to-point GRE tunnels Example To create the configuration indicated in Figure 12 and Figure 13, enter commands such as the following. Brocade(config)# dhcp-gateway-list 1 192.168.5.1 Brocade(config)# dhcp-gateway-list 2 10.95.6.1 Brocade(config)# dhcp-gateway-list 3 10.95.1.1 10.95.5.
IPv4 point-to-point GRE tunnels FIGURE 14 GRE encapsulated packet structure Delivery Header GRE Header Payload Packet Figure 15 shows the GRE header format. FIGURE 15 Checksum GRE header format Reserved0 Ver Protocol Type Checksum (optional) Reserved (optional) The GRE header has the following fields: • Checksum – 1 bit. This field is assumed to be zero in this version.
IPv4 point-to-point GRE tunnels RFC 4459 describes solutions for issues with large packets over a tunnel. The following methods, from RFC 4459, are supported in Brocade IronWare software: • If a source attempts to send packets that are larger than the lowest MTU value along the path, PMTUD can signal to the source to send smaller packets. This method is described in Section 3.2 of RFC 4459.
IPv4 point-to-point GRE tunnels unicast, it is permissible for multiple tunnel interfaces to use a single loopback port. However, in multicast, this will not allow the hardware to determine the tunnel interface that the packet was received on in order to do an RPF check. Therefore, when IPv4 Multicast Routing is enabled on a GRE tunnel, the tunnel interface must have a dedicated loopback port.
IPv4 point-to-point GRE tunnels NOTE The above features are supported on VLANs that do not have VE ports. • Whenever multiple IP addresses are configured on a tunnel source, the primary address of the tunnel is always used for forming the tunnel connections. Therefore, carefully check the configurations when configuring the tunnel destination. • When a GRE tunnel is configured, you cannot configure the same routing protocol on the tunnel through which you learn the route to the tunnel destination.
IPv4 point-to-point GRE tunnels Configuration tasks for GRE tunnels Brocade recommends that you perform the configuration tasks in the order listed in Table 13.
IPv4 point-to-point GRE tunnels Creating a tunnel interface To create a tunnel interface, enter the following command at the Global CONFIG level of the CLI. Brocade(config)# interface tunnel 1 Brocade(config-tnif-1)# Syntax: [no] interface tunnel tunnel-number The tunnel-number is a numerical value that identifies the tunnel being configured. NOTE You can also use the port-name command to name the tunnel.
IPv4 point-to-point GRE tunnels Deleting an IP address from an interface configured as a tunnel source To delete an IP address from an interface that is configured as a tunnel source, first remove the tunnel source from the tunnel interface then delete the IP address, as shown in the following example. Brocade(config-if-e1000-1/1/3)# interface tunnel 8 Brocade(config-tnif-8)# no tunnel source 192.168.83.15 Brocade(config-tnif-8)# interface ethernet 1/1/3 Brocade(config-if-e10000-1/1/3)# no ip address 192.
IPv4 point-to-point GRE tunnels NOTE Before configuring a new GRE tunnel, the system should have at least one slot available for adding the default tunnel MTU value to the system tables. Depending on the configuration, the default tunnel MTU range is ((1500 or 10218) - 24) . To check for slot availability, or to see if the MTU value is already configured in the IP table, use the show ip mtu command.
IPv4 point-to-point GRE tunnels Changing the MTU value for a tunnel interface For important configuration considerations regarding this feature, refer to “GRE MTU configuration considerations” on page 99. You can set an MTU value for packets entering the tunnel.
IPv4 point-to-point GRE tunnels paths because the tunnel is always UP. To avoid this scenario, enable GRE link keepalive, which will maintain or place the tunnel in an UP or DOWN state based upon the periodic sending of keepalive packets and the monitoring of responses to the packets. If the packets fail to reach the tunnel far end more frequently than the configured number of retries, the tunnel is placed in the DOWN state.
IPv4 point-to-point GRE tunnels This command configures the device to wait for 20 minutes before resetting the path MTU to its original value. Syntax: [no] tunnel path-mtu-discovery age-timer minutes | infinite For minutes, enter a value from 10 to 30. Enter infinite to disable the timer. Clearing the PMTUD dynamic value To reset a dynamically-configured MTU on a tunnel Interface back to the configured value, enter the following command.
IPv4 point-to-point GRE tunnels Point-to-point GRE tunnel configuration example In the configuration example shown in Figure 16, a GRE Tunnel is configured between device A and device B. Traffic between networks 10.10.1.0/24 and 10.10.2.0/24 is encapsulated in a GRE packet sent through the tunnel on the 10.10.3.0 network, and unpacked and sent to the destination network. A static route is configured at each Layer 3 switch to go through the tunnel interface to the target network.
IPv4 point-to-point GRE tunnels Brocade(config-tnif-1)# ip address 10.10.3.2/24 Brocade(config-tnif-1)# exit Brocade(config)# ip route 192.168.8.0/24 192.168.5.1 Displaying GRE tunneling information This section describes the show commands that display the GRE tunnels configuration, the link status of the GRE tunnels, and the routes that use GRE tunnels. To display information about multicast protocols and GRE tunnels, refer to “Displaying multicast protocols and GRE tunneling information” on page 110.
IPv4 point-to-point GRE tunnels ip No No No arp-age: 10 minutes Helper Addresses are configured inbound ip access-list is set outgoing ip access-list is set Syntax: show ip interface tunnel [tunnel-ID] The tunnel-ID variable is a valid tunnel number or name. The show interface tunnel command displays the GRE tunnel configuration. Brocade# show int tunnel 3 Tunnel3 is up, line protocol is up Hardware is Tunnel Tunnel source 192.168.1.1 Tunnel destination is 192.168.2.
IPv4 point-to-point GRE tunnels Brocade# show ip tunnel traffic IP GRE Tunnels Tunnel Status Packet Received 1 up/up 362 3 up/up 0 10 down/down 0 Packet Sent 0 0 0 KA recv 362 0 0 KA sent 362 0 0 Syntax: show ip tunnel traffic The show statistics tunnel [tunnel-ID] command displays GRE tunnel statistics for a specific tunnel ID number. The following shows an example output for tunnel ID 1. Syntax: show statistics tunnel [tunnel-ID] The tunnel-ID variable specifies the tunnel ID number.
IPv4 point-to-point GRE tunnels The following shows an example output of the show ip pim interface command. The lines in bold highlight the GRE tunnel-specific information. Brocade# show ip pim interface Interface e1/1/1 PIM Dense: V2 TTL Threshold: 1, Enabled, DR: itself Local Address: 10.10.10.10 Interface tn1 PIM Dense: V2 TTL Threshold: 1, Enabled, DR: 10.1.1.20 on tn1:e2 Local Address: 10.1.1.10 Neighbor: 10.1.1.
IPv4 point-to-point GRE tunnels Brocade# show statistics Port 1 2 3 4 In Packets 0 1668 0 1668 Out Packets 1670 7 0 1668 In Errors 0 0 0 0 Out Errors 0 0 0 0 Syntax: show statistics The show ip mtu command can be used to see if there is space available for the ip_default_mtu_24 value in the system, or if the MTU value is already configured in the IP table. The following shows an example output of the show ip mtu command.
Displaying IP configuration information and statistics Displaying IP configuration information and statistics The following sections describe IP display options for Layer 3 Switches and Layer 2 Switches: • To display IP information on a Layer 3 Switch, refer to “Displaying IP information – Layer 3 Switches” on page 113. • To display IP information on a Layer 2 Switch, refer to “Displaying IP information – Layer 2 Switches” on page 128.
Displaying IP configuration information and statistics Brocade# show ip Global Settings ttl: 64, arp-age: 10, bootp-relay-max-hops: 4 router-id :10.95.11.128 enabled : UDP-Broadcast-Forwarding IRDP Proxy-ARP RARP OSPF disabled: BGP4 Load-Sharing RIP DVMRP FSRP VRRP Static Routes Index IP Address Subnet Mask Next Hop Router Metric Distance 1 0.0.0.0 0.0.0.0 10.157.23.2 1 1 Policies Index Action Source Destination Protocol Port Operator 1 deny 10.157.22.34 10.157.22.
Displaying IP configuration information and statistics TABLE 16 CLI display of global IP configuration information – Layer 3 Switch (Continued) Field Description Distance The administrative distance of the route. The default administrative distance for static IP routes in Brocade routers is 1. To list the default administrative distances for all types of routes or to change the administrative distance of a static route, refer to “Changing the administrative distance” on page 146.
Displaying IP configuration information and statistics Brocade# show process cpu Process Name 5Sec(%) 1Min(%) ACL 0.00 0.00 ARP 0.01 0.01 BGP 0.00 0.00 DOT1X 0.00 0.00 GVRP 0.00 0.00 ICMP 0.00 0.00 IP 0.00 0.00 L2VLAN 0.01 0.00 OSPF 0.00 0.00 RIP 0.00 0.00 STP 0.00 0.00 VRRP 0.00 0.00 5Min(%) 0.00 0.01 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 15Min(%) 0.00 0.01 0.00 0.00 0.00 0.00 0.00 0.01 0.00 0.00 0.00 0.
Displaying IP configuration information and statistics When you specify how many seconds’ worth of statistics you want to display, the software selects the sample that most closely matches the number of seconds you specified. In this example, statistics are requested for the previous two seconds. The closest sample available is actually for the previous 1 second plus 80 milliseconds. Syntax: show process cpu [num] The num parameter specifies the number of seconds and can be from 1 through 900.
Displaying IP configuration information and statistics To display detailed IP information for a specific interface, enter a command such as the following. Brocade# show ip interface ethernet 1/1/1 Interface Ethernet 1/1/1 port state: UP ip address: 192.168.9.51 subnet mask: 255.255.255.0 encapsulation: ETHERNET, mtu: 1500, metric: 1 directed-broadcast-forwarding: disabled proxy-arp: disabled ip arp-age: 10 minutes Ip Flow switching is disabled No Helper Addresses are configured.
Displaying IP configuration information and statistics NOTE The ip-mask parameter and mask parameter perform different operations. The ip-mask parameter specifies the network mask for a specific IP address, whereas the mask parameter provides a filter for displaying multiple MAC addresses that have specific values in common. The num parameter lets you display the table beginning with a specific entry number.
Displaying IP configuration information and statistics Displaying the static ARP table To display the static ARP table instead of the ARP cache, enter the following command at any CLI level. Brocade# show ip static-arp Static ARP table size: 512, configurable from 512 to 1024 Index IP Address MAC Address Port 1 10.95.6.111 0000.003b.d210 1/1/1 3 10.95.6.123 0000.003b.d211 1/1/2 This example shows two static entries.
Displaying IP configuration information and statistics TABLE 19 CLI display of static ARP table Field Description Static ARP table size The maximum number of static entries that can be configured on the device using the current memory allocation. The range of valid memory allocations for static ARP entries is listed after the current allocation. To change the memory allocation for static ARP entries, refer to“Changing the maximum number of entries the static ARP table can hold” on page 40.
Displaying IP configuration information and statistics TABLE 20 CLI display of IP forwarding cache – Layer 3 Switch (Continued) Field Description Type The type of host entry, which can be one or more of the following: • D – Dynamic • P – Permanent • F – Forward • U – Us • C – Complex Filter • W – Wait ARP • I – ICMP Deny • K – Drop • R – Fragment • S – Snap Encap Port The port through which this device reaches the destination.
Displaying IP configuration information and statistics The bgp option displays the BGP4 routes. The direct option displays only the IP routes that are directly attached to the Layer 3 Switch. The ospf option displays the OSPF routes. The rip option displays the RIP routes. The static option displays only the static IP routes. The default routes are displayed first. Here is an example of how to use the direct option.
Displaying IP configuration information and statistics Example Brocade# show ip route summary IP Routing Table - 35 entries: 6 connected, 28 static, 0 RIP, 1 OSPF, 0 BGP Number of prefixes: /0: 1 /16: 27 /22: 1 /24: 5 /32: 1 Syntax: show ip route summary In this example, the IP route table contains 35 entries. Of these entries, 6 are directly connected devices, 28 are static routes, and 1 route was calculated through OSPF.
Displaying IP configuration information and statistics To clear route 10.157.22.0/24 from the IP routing table, enter the clear ip route command. Brocade# clear ip route 10.157.22.0/24 Syntax: clear ip route [ip-addr ip-mask] or Syntax: clear ip route [ip-addr/mask-bits] Displaying IP traffic statistics To display IP traffic statistics, enter the show ip traffic command at any CLI level.
Displaying IP configuration information and statistics The show ip traffic command displays the following information. TABLE 22 CLI display of IP traffic statistics – Layer 3 Switch Field Description IP statistics received The total number of IP packets received by the device. sent The total number of IP packets originated and sent by the device. forwarded The total number of IP packets received by the device and forwarded to other devices.
Displaying IP configuration information and statistics TABLE 22 CLI display of IP traffic statistics – Layer 3 Switch (Continued) Field Description received The number of UDP packets received by the device. sent The number of UDP packets sent by the device. no port The number of UDP packets dropped because they did not have a valid UDP port number. input errors This information is used by Brocade customer support.
Displaying IP configuration information and statistics TABLE 22 CLI display of IP traffic statistics – Layer 3 Switch (Continued) Field Description resp from loopback The number of RIP responses received from loopback interfaces. packets rejected This information is used by Brocade customer support.
Displaying IP configuration information and statistics Displaying ARP entries To display the entries the Layer 2 Switch has placed in its ARP cache, enter the show arp command from any level of the CLI. Brocade# show arp Total Arp Entries : 1, maximum capacity: 1000 No. 1 IP Mac Port Age VlanId 192.168.1.170 0000.0011.d042 7 0 1 Syntax: show arp This display shows the following information. TABLE 24 CLI display of ARP cache Field Description Total ARP Entries The number of entries in the ARP cache.
Displaying IP configuration information and statistics Brocade# show ip traffic IP Statistics 27 received, 24 sent 0 fragmented, 0 reassembled, 0 bad header 0 no route, 0 unknown proto, 0 no buffer, 0 other errors ICMP Statistics Received: 0 total, 0 errors, 0 unreachable, 0 time exceed 0 parameter, 0 source quench, 0 redirect, 0 echo, 0 echo reply, 0 timestamp, 0 timestamp rely, 0 addr mask 0 addr mask reply, 0 irdp advertisement, 0 irdp solicitation Sent: 0 total, 0 errors, 0 unreachable, 0 time exceed 0
Displaying IP configuration information and statistics TABLE 25 CLI display of IP traffic statistics – Layer 2 Switch (Continued) Field Description total The total number of ICMP messages sent or received by the device. errors This information is used by Brocade customer support. unreachable The number of Destination Unreachable messages sent or received by the device. time exceed The number of Time Exceeded messages sent or received by the device.
Displaying IP configuration information and statistics TABLE 25 132 CLI display of IP traffic statistics – Layer 2 Switch (Continued) Field Description in segments The number of TCP segments received by the device. out segments The number of TCP segments sent by the device. retransmission The number of segments that this device retransmitted because the retransmission timer for the segment had expired before the device at the other end of the connection had acknowledged receipt of the segment.
Chapter Base Layer 3 and Routing Protocols 2 Table 26 lists the base Layer 3 features Brocade ICX 6650 devices support. These features are supported in full Layer 3 software images, except where explicitly noted. TABLE 26 Supported base Layer 3 features Feature Brocade ICX 6650 Static IP routing Yes Layer 3 system parameter limits Yes Static ARP entries Yes RIP V1 and V2 (Static RIP support only in the base Layer 3 image.
Adding a static ARP entry The next-hop-ip-addr variable is the IP address of the next hop router (gateway) for the route. The metric variable specifies the cost of the route and can be a number from 1 through 16. The default is 1. The metric is used by RIP. If you do not enable RIP, the metric is not used. The tag num parameter specifies the tag value of the route. The possible value is from 0 through 4294967295. The default value is 0.
Modifying and displaying Layer 3 system parameter limits The Layer 3 system parameter limits for IPv6 models are automatically adjusted by the system and cannot be manually modified. Displaying Layer 3 system parameter limits To display the Layer 3 system parameter defaults, maximum values, and current values, enter the show default value command at any level of the CLI. The following example shows the output on a Brocade ICX 6650 device.
Configuring RIP Configuring RIP If you want the Brocade device to use Routing Information Protocol (RIP), you must enable the protocol globally, and then enable RIP on individual ports. When you enable RIP on a port, you also must specify the version (version 1 only, version 2 only, or version 1 compatible with version 2). Optionally, you also can set or change the following parameters: • Route redistribution – You can enable the software to redistribute static routes from the IP route table into RIP.
Configuring RIP NOTE The option to set the metric is not applicable to static routes. 2. Enable redistribution. NOTE If you plan to configure redistribution filters, do not enable redistribution until you have configured the filters. When you enable redistribution, all types of routes are redistributed into RIP; redistribution is not limited to IP static routes. If you want to deny certain routes from being redistributed into RIP, configure deny filters for those routes before you enable redistribution.
Configuring RIP The following commands deny redistribution of all routes except routes for 10.10.10.x and 10.20.20.x. Brocade(config-rip-router)#deny redistribute 64 static address 255.255.255.255 255.255.255.255 Brocade(config-rip-router)#permit redistribute 1 static address 10.10.10.0 255.255.255.0 Brocade(config-rip-router)#permit redistribute 2 static address 10.20.20.0 255.255.255.0 Enabling redistribution After you configure redistribution parameters, you must enable redistribution.
Other Layer 3 protocols Other Layer 3 protocols For information about other IP configuration commands in the Layer 2 with base Layer 3 image that are not included in this chapter, refer to Chapter 1, “IP Configuration”. For information about enabling or disabling Layer 3 routing protocols, refer to “Enabling or disabling routing protocols” on page 139. Enabling or disabling routing protocols This section describes how to enable or disable routing protocols.
Enabling or disabling Layer 2 switching Configuration notes and feature limitations for Layer 2 switching • Enabling or disabling Layer 2 switching is supported in the full Layer 3 software image only. • Enabling or disabling Layer 2 switching is not supported on virtual interfaces. Command syntax for Layer 2 switching To globally disable Layer 2 switching on a Layer 3 switch, enter commands such as the following.
Chapter 3 RIP (IPv4) Table 27 lists the the Routing Information Protocol (RIP) for IPv4 features Brocade ICX 6650 devices support. These features are supported in the full Layer 3 software image.
RIP parameters and defaults Brocade Layer 3 Switches support the following RIP versions: • Version (V1) • V1 compatible with V2 • Version (V2) (the default) RIP parameters and defaults The following tables list the RIP parameters, their default values, and where to find configuration information. RIP global parameters Table 28 lists the global RIP parameters and their default values, and indicates where you can find configuration information.
RIP parameters and defaults TABLE 28 RIP global parameters (Continued) Parameter Description Default Reference Learning default routes The router can learn default routes from its RIP neighbors. Disabled page 149 Advertising and learning with specific neighbors The Layer 3 Switch learns and advertises RIP routes with all its neighbors by default. You can prevent the Layer 3 Switch from advertising routes to specific neighbors or learning routes from specific neighbors.
RIP parameter configuration RIP parameter configuration Use the following procedures to configure RIP parameters on a system-wide and individual interface basis. Enabling RIP RIP is disabled by default. To enable it, use the following procedure. NOTE You must enable the protocol globally and also on individual interfaces on which you want to advertise RIP. Globally enabling the protocol does not enable it on individual interfaces. To enable RIP globally, enter the router rip command.
RIP parameter configuration You can change the amount that an individual port adds to the metric of RIP routes learned on the port. To do so, use the following method. NOTE RIP considers a route with a metric of 16 to be unreachable. Use this metric only if you do not want the route to be used. You can prevent the Layer 3 Switch from using a specific port for routes learned though that port by setting its metric to 16.
RIP parameter configuration Brocade(config-rip-router)#offset-list 21 in 10 ethernet 1/1/2 Changing the administrative distance By default, the Layer 3 Switch assigns the default RIP administrative distance (120) to RIP routes. When comparing routes based on administrative distance, the Layer 3 Switch selects the route with the lower distance. You can change the administrative distance for RIP routes.
RIP parameter configuration NOTE The default redistribution action is permit, even after you configure and apply redistribution filters to the virtual routing interface. If you want to tightly control redistribution, apply a filter to deny all routes as the last filter (the filter with the highest ID), and then apply filters with lower filter IDs to allow specific routes. To configure a redistribution filter, enter a command such as the following.
RIP parameter configuration NOTE This example assumes that the highest RIP redistribution filter ID configured on the device is 64. Changing the redistribution metric When the Layer 3 Switch redistributes a route into RIP, the software assigns a RIP metric (cost) to the route. By default, the software assigns a metric of 1 to each route that is redistributed into RIP. You can increase the metric that the Layer 3 Switch assigns up to 15.
RIP parameter configuration • Update interval – The update interval specifies how often the Layer 3 Switch sends RIP route advertisements to its neighbors You can change the interval to a value from 1 through 1000 seconds. The default is 30 seconds. • Learning and advertising of RIP default routes – The Layer 3 Switch learns and advertises RIP default routes by default. You can disable learning and advertising of default routes on a global or individual interface basis.
RIP parameter configuration The following commands configure the Layer 3 Switch to learn routes from all neighbors except 192.168.1.170. Once you define a RIP neighbor filter, the default action changes from learning all routes from all neighbors to denying all routes from all neighbors except the ones you explicitly permit. To deny learning from a specific neighbor but allow all other neighbors, you must add a filter that allows learning from all neighbors.
RIP parameter configuration To disable split horizon and enable poison reverse on an interface, enter commands such as the following. Brocade(config)#interface ethernet 1/1/1 Brocade(config-if-e10000-1/1/1)#ip rip poison-reverse Suppressing RIP route advertisement on a VRRP or VRRP-E backup interface NOTE This section applies only if you configure the Layer 3 Switch for Virtual Router Redundancy Protocol (VRRP) or VRRP Extended (VRRP-E). Refer to Chapter 9, “VRRP and VRRP-E”.
RIP parameter configuration Syntax: filter filter-num permit | deny source-ip-address | any source-mask | any [log] Applying a RIP route filter to an interface Once you define RIP route filters, you must assign them to individual interfaces. The filters do not take effect until you apply them to interfaces.
Displaying RIP filters Displaying RIP filters To display the RIP filters configured on the router, enter the show ip rip command at any CLI level. Brocade#show ip rip Index 1 Index 1 RIP Route Filter Table Route IP Address Subnet Mask any any RIP Neighbor Filter Table Action Neighbor IP Address permit any Action deny Syntax: show ip rip Table 30 describes the information displayed by the show ip rip command.
Displaying CPU utilization statistics Displaying CPU utilization statistics You can display CPU utilization statistics for RIP and other IP protocols. To display CPU utilization statistics for RIP for the previous five-second, one-minute, five-minute, fifteen-minute, and runtime intervals, enter the show process cpu command at any level of the CLI. Brocade#show process cpu Process Name 5Sec(%) 1Min(%) ARP 0.01 0.03 BGP 0.04 0.06 GVRP 0.00 0.00 ICMP 0.00 0.00 IP 0.00 0.00 OSPF 0.00 0.00 RIP 0.04 0.07 STP 0.
Displaying CPU utilization statistics When you specify how many seconds’ worth of statistics you want to display, the software selects the sample that most closely matches the number of seconds you specified. In this example, statistics are requested for the previous two seconds. The closest sample available is for the previous 1 second and 80 milliseconds. Syntax: show process cpu [num] The num parameter specifies the number of seconds and can be from 1 through 900.
Displaying CPU utilization statistics 156 Brocade ICX 6650 Layer 3 Routing Configuration Guide 53-1002603-01
Chapter 4 RIP (IPv6) Table 31 lists the Routing Information Protocol (RIP) for IPv6 features Brocade ICX 6650 devices support. These features are supported with premium IPv6 devices running the full Layer 3 software image .
Summary of configuration tasks Summary of configuration tasks To configure RIPng, you must enable RIPng globally on the Brocade device and on individual router interfaces.
RIPng timers RIPng timers Table 32 describes the RIPng timers and provides their defaults. TABLE 32 RIPng timers Timer Description Default Update Amount of time (in seconds) between RIPng routing updates. 30 seconds. Timeout Amount of time (in seconds) after which a route is considered unreachable. 180 seconds. Hold-down Amount of time (in seconds) during which information about other paths is ignored. 180 seconds.
Route learning and advertising parameters Route learning and advertising parameters You can configure the following learning and advertising parameters: • Learning and advertising of RIPng default routes • Advertising of IPv6 address summaries • Metric of routes learned and advertised on a router interface By default, the Brocade device does not learn IPv6 default routes (::/0).
Redistributing routes into RIPng You must specify the ipv6-prefix parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373. You must specify the prefix-length parameter as a decimal value. A slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-length parameter. To stop the advertising of the summarized IPv6 prefix, use the no form of this command.
Controlling distribution of routes through RIPng Brocade(config)# ipv6 router rip Brocade(config-ripng-router)# redistribute ospf Syntax: redistribute bgp | connected | isis | ospf | static [metric number] For the metric, specify a numerical value that is consistent with RIPng. Controlling distribution of routes through RIPng You can create a prefix list and then apply it to RIPng routing updates that are received or sent on a router interface.
Clearing RIPng routes from the IPv6 route table Brocade(config)# ipv6 router rip Brocade(config-ripng-router)# poison-reverse Syntax: [no] poison-reverse To disable poison reverse, use the no form of this command. By default, if a RIPng interface goes down, the Brocade device does not send a triggered update for the interface IPv6 networks.
Displaying the RIPng configuration Displaying the RIPng configuration To display RIPng configuration information, enter the show ipv6 rip command at any CLI level.
Displaying RIPng routing table Displaying RIPng routing table To display the RIPng routing table, enter the show ipv6 rip route command at any CLI level.
Displaying RIPng routing table 166 Brocade ICX 6650 Layer 3 Routing Configuration Guide 53-1002603-01
Chapter 5 OSPF version 2 (IPv4) Table 35 lists the Open Shortest Path First (OSPF) Version 2 (IPv4) features Brocade ICX 6650 devices support. These features are supported in the full Layer 3 software image only.
OSPF overview This chapter describes how to configure OSPF Version 2 on Brocade Layer 3 Switches using the CLI. OSPF Version 2 is supported on devices running IPv4. NOTE The terms Layer 3 Switch and router are used interchangeably in this chapter and mean the same thing. OSPF overview Open Shortest Path First (OSPF) is a link-state routing protocol. The protocol uses link-state advertisements (LSAs) to update neighboring routers regarding its interfaces and information on those interfaces.
OSPF overview An Autonomous System Boundary Router (ASBR) is a router that is running multiple protocols and serves as a gateway to routers outside an area and those operating with different protocols. The ASBR is able to import and translate different protocol routes into OSPF through a process known as redistribution. For more details on redistribution and configuration examples, refer to “Enabling route redistribution” on page 200. FIGURE 17 OSPF operating in a network Area 0.0.0.0 Backbone Area 10.
OSPF overview In an OSPF point-to-point network, where a direct Layer 3 connection exists between a single pair of OSPF routers, there is no need for Designated and Backup Designated Routers, as is the case in OSPF multi-access networks. Without the need for Designated and Backup Designated routers, a point-to-point network establishes adjacency and converges faster. The neighboring routers become adjacent whenever they can communicate directly.
OSPF overview NOTE Priority is a configurable option at the interface level. You can use this parameter to help bias one router as the DR. FIGURE 19 Backup designated router becomes designated router Designated Router priority 10 Router A X Designated Backup Router priority 5 priority 20 Router C Router B If two neighbors share the same priority, the router with the highest router ID is designated as the DR. The router with the next highest router ID is designated as the BDR.
OSPF overview NOTE For details on how to configure the system to operate with the RFC 2178, refer to “Modifying the OSPF standard compliance setting” on page 210. Reduction of equivalent AS External LSAs An OSPF ASBR uses AS External link advertisements (AS External LSAs) to originate advertisements of a route to another routing domain, such as a BGP4 or RIP domain.
OSPF overview FIGURE 20 AS External LSA reduction Routers D, E, and F are OSPF ASBRs and EBGP routers. OSPF Autonomous System (AS) Another routing domain (such as BGP4 or RIP) Router A Router D Router ID: 10.2.2.2 Router F Router B Router E Router ID: 10.1.1.1 Router C Notice that both Router D and Router E have a route to the other routing domain through Router F.
OSPF overview Algorithm for AS External LSA reduction Figure 20 shows an example in which the normal AS External LSA reduction feature is in effect. The behavior changes under the following conditions: • There is one ASBR advertising (originating) a route to the external destination, but one of the following happens: - A second ASBR comes on-line A second ASBR that is already on-line begins advertising an equivalent route to the same destination.
OSPF overview When Appendix E is supported, the router generates the link state ID for a network as follows. 1. Does an LSA with the network address as its ID already exist? • No – Use the network address as the ID. • Yes – Go to step 2. 2. Compare the networks that have the same network address, to determine which network is more specific. The more specific network is the one that has more contiguous one bits in its network mask. For example, network 10.0.0.0 255.255.0.0 is more specific than network 10.
OSPF graceful restart Dynamic OSPF memory Brocade ICX 6650 devices dynamically allocate memory for Link State Advertisements (LSAs) and other OSPF data structures. This eliminates overflow conditions and does not require a reload to change OSPF memory allocation. So long as the Layer 3 Switch has free (unallocated) dynamic memory, OSPF can use the memory. To display the current allocations of dynamic memory, use the show memory command.
Configuring OSPF Configuring OSPF Perform the following steps to begin using OSPF on the router. 1. “Enabling OSPF on the router” on page 178 2. “Assigning OSPF areas” on page 179 3. “Assigning an area range (optional)” on page 183 4. “Assigning interfaces to an area” on page 184. 5. “Defining redistribution filters” on page 194 6. “Enabling route redistribution” on page 200. 7. “Modifying the OSPF standard compliance setting” on page 210 NOTE OSPF is automatically enabled without a system reset.
Configuring OSPF • • • • Enable redistribution Change the LSA pacing interval Modify OSPF Traps generated Modify database overflow interval Interface parameters • • • • • • • • • Assign interfaces to an area Define the authentication key for the interface Change the authentication-change interval Modify the cost for a link Modify the dead interval Modify MD5 authentication key parameters Modify the priority of the interface Modify the retransmit interval for the interface Modify the transit delay of the
Configuring OSPF Brocade(config-ospf-router)#no router ospf router ospf mode now disabled. All ospf config data will be lost when writing to flash! If you have disabled the protocol but have not yet saved the configuration to the startup-config file and reloaded the software, you can restore the configuration information by re-entering the command to enable the protocol (for example, router ospf).
Configuring OSPF • NSSA – The ASBR of an NSSA can import external route information into the area: - ASBRs redistribute (import) external routes into the NSSA as type 7 LSAs. Type-7 External LSAs are a special type of LSA generated only by ASBRs within an NSSA, and are flooded to all the routers within only that NSSA. - ABRs translate type 7 LSAs into type 5 External LSAs, which can then be flooded throughout the AS.
Configuring OSPF NOTE This feature applies only when the Layer 3 Switch is configured as an Area Border Router (ABR) for the area. To completely prevent summary LSAs from being sent to the area, disable the summary LSAs on each OSPF router that is an ABR for the area. This feature does not apply to Not-So-Stubby Areas (NSSAs). To disable summary LSAs for a stub area, enter commands such as the following.
Configuring OSPF FIGURE 21 OSPF network containing an NSSA RIP Domain Layer 3 Switch OSPF Area 0 Backbone NSSA Area 10.1.1.1 OSPF ABR Internal ASBR Layer 3 Switch Layer 3 Switch This example shows two routing domains, a RIP domain and an OSPF domain. The ASBR inside the NSSA imports external routes from RIP into the NSSA as Type-7 LSAs, which the ASBR floods throughout the NSSA. The ABR translates the Type-7 LSAs into Type-5 LSAs.
Configuring OSPF NOTE The Layer 3 Switch does not inject the default route into an NSSA by default. NOTE You can assign one area on a router interface. For example, if the system or chassis module has 16 ports, 16 areas are supported on the chassis or module. To configure additional parameters for OSPF interfaces in the NSSA, use the ip ospf area… command at the interface level of the CLI.
Configuring OSPF The ip-mask parameter specifies the portions of the IP address that a route must contain to be summarized in the summary route. In the example above, all networks that begin with 193.45 are summarized into a single route. Assigning interfaces to an area Once you define OSPF areas, you can assign interfaces to the areas. All router ports must be assigned to one of the defined areas on an OSPF router.
Configuring OSPF Auth-change-wait-time: OSPF gracefully implements authentication changes to allow all routers to implement the change and thus prevent disruption to neighbor adjacencies. During the authentication-change interval, both the old and new authentication information is supported. The default authentication-change interval is 300 seconds (5 minutes). You change the interval to a value from 0 through 14400 seconds.
Configuring OSPF Retransmit-interval: The time between retransmissions of link-state advertisements (LSAs) to adjacent routers for this interface. The value can be from 0 through 3600 seconds. The default is 5 seconds. Transit-delay: The time it takes to transmit Link State Update packets on this interface. The value can be from 0 through 3600 seconds. The default is 1 second.
Configuring OSPF • Outgoing OSPF packets – After you make the change, the software continues to use the old authentication to send packets, during the remainder of the current authentication-change interval. After this, the software uses the new authentication for sending packets. • Inbound OSPF packets – The software accepts packets containing the new authentication and continues to accept packets containing the older authentication for two authentication-change intervals.
Configuring OSPF Brocade(config-if-1/1/5)#ip ospf database-filter all out Brocade(config-if-1/1/5)#clear ip ospf all The first command in this example blocks all outbound LSAs on the OSPF interface configured on port 1/1/5. The second command resets OSPF and places the command into effect immediately. Syntax: [no] ip ospf database-filter all out To remove the filter, enter a command such as the following.
Configuring OSPF Example of specifying OSPF neighbor address Brocade#show ip ospf interface v20,OSPF enabled IP Address 10.1.20.4, Area 0 OSPF state BD, Pri 1, Cost 1, Options 2, Type non-broadcast Events 6 Timers(sec): Transit 1, Retrans 5, Hello 10, Dead 40 DR: Router ID 10.1.13.1 Interface Address 10.1.20.5 BDR: Router ID 10.2.2.1 Interface Address 10.1.20.4 Neighbor Count = 1, Adjacent Neighbor Count= 2 Non-broadcast neighbor config: 10.1.20.1, 10.1.20.2, 10.1.20.3, 10.1.20.5, Neighbor: 10.1.20.
Configuring OSPF FIGURE 22 Defining OSPF virtual links within a network OSPF Area 0 Router ID 192.168.22.1 DeviceC OSPF Area 1 “transit area” OSPF Area 2 Router ID 10.0.0.1 DeviceB DeviceA Example Figure 22 shows an OSPF area border router, DeviceA, that is cut off from the backbone area (area 0). To provide backbone access to DeviceA, you can add a virtual link between DeviceA and DeviceC using area 1 as a transit area.
Configuring OSPF Refer to “Modifying virtual link parameters” on page 191 for descriptions of the optional parameters. Modifying virtual link parameters OSPF has some parameters that you can modify for virtual links. Notice that these are the same parameters as the ones you can modify for physical interfaces. You can modify default values for virtual links using the following CLI command at the OSPF router level of the CLI, as shown in the following syntax.
Configuring OSPF Hello Interval: The length of time between the transmission of hello packets. The range is 1 through 65535 seconds. The default is 10 seconds. Retransmit Interval: The interval between the re-transmission of link state advertisements to router adjacencies for this interface. The range is 0 through 3600 seconds. The default is 5 seconds. Transmit Delay: The period of time it takes to transmit Link State Update packets on the interface. The range is 0 through 3600 seconds.
Configuring OSPF By default, an interface OSPF cost is based on the port speed of the interface. The cost is calculated by dividing the reference bandwidth by the port speed. The default reference bandwidth is 100 Mbps, which results in the following default costs: • 10 Mbps port – 10 • All other port speeds – 1 You can change the reference bandwidth, to change the costs calculated by the software. The software uses the following formula to calculate the cost.
Configuring OSPF • The cost of a virtual link is calculated using the Shortest Path First (SPF) algorithm and is not affected by the auto-cost feature. • The bandwidth for tunnel interfaces is 9 Kbps and is not affected by the auto-cost feature. Changing the reference bandwidth To change the reference bandwidth, enter the auto-cost reference-bandwidth command at the OSPF configuration level of the CLI.
Configuring OSPF NOTE The ASBR must be running both RIP and OSPF protocols to support this activity. To configure for redistribution, define the redistribution tables with deny and permit redistribution filters. Use the deny redistribute and permit redistribute commands for OSPF at the OSPF router level. NOTE Do not enable redistribution until you have configured the redistribution filters.
Configuring OSPF NOTE Redistribution is permitted for all routes by default, so the permit redistribute 1 all command in the example above is shown for clarity but is not required. You also have the option of specifying import of just OSPF, BGP4, or static routes, as well as specifying that only routes for a specific network or with a specific cost (metric) be imported, as shown in the following command syntax.
Configuring OSPF Preventing specific OSPF routes from being installed in the IP route table By default, all OSPF routes in the OSPF route table are eligible for installation in the IP route table. You can configure a distribution list to explicitly deny specific routes from being eligible for installation in the IP route table. NOTE This feature does not block receipt of LSAs for the denied routes. The Layer 3 Switch still receives the routes and installs them in the OSPF database.
Configuring OSPF Syntax: deny | permit source-ip wildcard The ACL-name | ACL-id parameter specifies the ACL name or ID. The in command applies the ACL to incoming route updates. The interface number parameter specifies the interface number on which to apply the ACL. Enter only one valid interface number. If necessary, use the show interface brief command to display a list of valid interfaces. If you do not specify an interface, the Brocade device applies the ACL to all incoming route updates.
Configuring OSPF Brocade(config)#ip access-list extended no_ip Brocade(config-ext-nACL)#deny ip 10.0.0.0 0.255.255.255 255.255.0.0 0.0.255.255 Brocade(config-ext-nACL)#permit ip any any Brocade(config-ext-nACL)#exit Brocade(config)#router ospf Brocade(config-ospf-router)#distribute-list no_ip in The first three commands configure an extended ACL that denies routes to any 10.x.x.x destination network with a 255.255.0.
Configuring OSPF NOTE If you enable the software to display IP subnet masks in CIDR format, the mask is saved in the file in “/mask-bits” format. To enable the software to display the CIDR masks, enter the ip show-subnet-length command at the global CONFIG level of the CLI. You can use the CIDR format to configure the ACL entry regardless of whether the software is configured to display the masks in CIDR format.
Configuring OSPF Example using a route map To configure a route map and use it for redistribution of routes into OSPF, enter commands such as the following. Brocade(config)#ip route 10.1.0.0 255.255.0.0 192.168.7.30 Brocade(config)#ip route 10.2.0.0 255.255.0.0 192.168.7.30 Brocade(config)#ip route 10.3.0.0 255.255.0.0 192.168.7.30 Brocade(config)#ip route 10.4.0.0 255.255.0.0 192.168.6.30 Brocade(config)#ip route 10.5.0.0 255.255.0.0 192.168.6.30 Brocade(config)#ip route 10.6.0.0 255.255.0.0 192.168.6.
Configuring OSPF NOTE When you use a route map for route redistribution, the software disregards the permit or deny action of the route map. NOTE For an external route that is redistributed into OSPF through a route map, the metric value of the route remains the same unless the metric is set by a set metric command inside the route map. The default-metric num command has no effect on the route. This behavior is different from a route that is redistributed without using a route map.
Configuring OSPF FIGURE 24 Example OSPF network with four equal-cost paths OSPF Area 0 R3 H1 R1 Brocade Switch H2 H3 R4 R5 H4 R6 In the example in Figure 24, the Brocade switch has four paths to R1: • • • • Brocade Switch->R3 Brocade Switch->R4 Brocade Switch->R5 Brocade Switch->R6 Normally, the Brocade switch will choose the path to the R1 with the lower metric. For example, if R3 metric is 1400 and R4 metric is 600, the Brocade switch will always choose R4.
Configuring OSPF Configuring external route summarization When the Layer 3 Switch is an OSPF Autonomous System Boundary Router (ASBR), you can configure it to advertise one external route as an aggregate for all redistributed routes that are covered by a specified address range. When you configure an address range, the range takes effect immediately. All the imported routes are summarized according to the configured address range.
Configuring OSPF To display the configured summary addresses, use the show ip ospf config command at any level of the CLI. The summary addresses display at the bottom of the output as shown in the following example. Brocade#show ip ospf config some lines omitted for brevity... OSPF Redistribution Address Ranges currently defined: Range-Address Subnetmask 10.0.0.0 255.0.0.0 10.0.1.0 255.255.255.0 10.0.2.0 255.255.255.
Configuring OSPF To disable the feature, enter the no default-information-originate command. Brocade(config-ospf-router)#no default-information-originate Syntax: [no] default-information-originate [always] [metric value] [metric-type type] The always parameter advertises the default route regardless of whether the router has a default route. This option is disabled by default. The metric value parameter specifies a metric for the default route.
Configuring OSPF Modifying the redistribution metric type The redistribution metric type is used by default for all routes imported into OSPF unless you specify different metrics for individual routes using redistribution filters. Type 2 specifies a big metric (three bytes). Type 1 specifies a small metric (two bytes). The default value is type 2. To modify the default value to type 1, enter the following command.
Configuring OSPF The external | inter-area | intra-area parameter specifies the route type for which you are changing the default administrative distance. The distance parameter specifies the new distance for the specified route type. Unless you change the distance for one of the route types using commands such as those shown above, the default is 110. To reset the administrative distance to its system default (110), enter a command such as the following.
Configuring OSPF To later re-enable the trap feature, enter snmp-server trap ospf. To disable a specific OSPF trap, enter the command as no snmp-server trap ospf ospf-trap. These commands are at the OSPF router level of the CLI.
Configuring OSPF Syntax: [no] log all | adjacency | bad_packet [checksum] | database | memory | retransmit The all option causes all OSPF-related Syslog messages to be logged. If you later disable this option with the no log all command, the OSPF logging options return to their default settings. The adjacency option logs essential OSPF neighbor state changes, especially on error cases. This option is disabled by default. The bad_packet checksum option logs all OSPF packets that have checksum errors.
Configuring OSPF Configuring an OSPF point-to-point link In an OSPF point-to-point link, a direct Layer 3 connection exists between a single pair of OSPF routers, without the need for Designated and Backup Designated routers. In a point-to-point link, neighboring routers become adjacent whenever they can communicate directly.
Clearing OSPF information Configuring the OSPF graceful restart time Use the following commands to specify the maximum amount of time advertised to a neighbor router to maintain routes from and forward traffic to a restarting router. Brocade(config) router ospf Brocade(config-ospf-router)# graceful-restart restart-time 120 Syntax: [no] graceful-restart restart-time seconds The seconds variable sets the maximum restart wait time advertised to neighbors. Possible values are from 10 through 1800 seconds.
Clearing OSPF information This command clears all OSPF neighbors and the OSPF routes exchanged with the neighbors in the Brocade OSPF link state database. After this information is cleared, adjacencies with all neighbors are re-established, and routes with these neighbors exchanged again. To clear information on the Brocade device about OSPF neighbor 10.10.10.1, enter the following command. Brocade#clear ip ospf neighbor ip 10.10.10.
Displaying OSPF information To clear information on the Brocade device about OSPF area 1, enter the following command. Brocade#clear ip ospf area 1 This command clears information about the specified area ID. Information about other OSPF areas is not affected. The command clears information about all OSPF neighbors belonging to the specified area, as well as all routes imported into the specified area.
Displaying OSPF information Router id: 192.168.2.
Displaying OSPF information If the software has been running less than 15 minutes (the maximum interval for utilization statistics), the command indicates how long the software has been running. Here is an example. Brocade#show process cpu The system has only been up for 6 seconds. Process Name 5Sec(%) 1Min(%) 5Min(%) ARP 0.01 0.00 0.00 BGP 0.00 0.00 0.00 GVRP 0.00 0.00 0.00 ICMP 0.01 0.00 0.00 IP 0.00 0.00 0.00 OSPF 0.00 0.00 0.00 RIP 0.00 0.00 0.00 STP 0.00 0.00 0.00 VRRP 0.00 0.00 0.00 15Min(%) 0.00 0.
Displaying OSPF information The area-id parameter shows information for the specified area. The num parameter displays the entry that corresponds to the entry number you enter. The entry number identifies the entry position in the area table. This display shows the following information. TABLE 36 CLI display of OSPF area information Field Definition Indx The row number of the entry in the router OSPF area table. Area The area number.
Displaying OSPF information The num parameter displays only the entry in the specified index position in the neighbor table. For example, if you enter “1”, only the first entry in the table is displayed. The detail parameter displays detailed information about the neighbor routers. These displays show the following information. TABLE 37 218 CLI display of OSPF neighbor information Field Description Port The port through which the Layer 3 Switch is connected to the neighbor.
Displaying OSPF information TABLE 37 CLI display of OSPF neighbor information (Continued) Field Description Opt The sum of the option bits in the Options field of the Hello packet. This information is used by Brocade technical support. Refer to Section A.2 in RFC 2178 for information about the Options field in Hello packets. Cnt The number of LSAs that were retransmitted.
Displaying OSPF information TABLE 38 Output of the show ip ospf interface command (Continued) Field Definition Type The area type, which can be one of the following: • Broadcast = 0x01 • NBMA = 0x02 • Point to Point = 0x03 • Virtual Link = 0x04 • Point to Multipoint = 0x05 Events OSPF Interface Event: Interface_Up = 0x00 Wait_Timer = 0x01 Backup_Seen = 0x02 Neighbor_Change = 0x03 Loop_Indication = 0x04 Unloop_Indication = 0x05 Interface_Down = 0x06 Interface_Passive = 0x07 • • • • • • • • Adjacent
Displaying OSPF information TABLE 39 CLI Display of OSPF route information (Continued) Field Definition Mask The network mask for the route. Path_Cost The cost of this route path. (A route can have multiple paths. Each path represents a different exit port for the Layer 3 Switch.) Type2_Cost The type 2 cost of this path. Path_Type The type of path, which can be one of the following: Inter – The path to the destination passes into another area.
Displaying OSPF information Syntax: show ip ospf redistribute route [ip-addr ip-mask] The ip-addr ip-mask parameter specifies a network prefix and network mask. Here is an example. Brocade#show ip ospf redistribute route 10.1.0.0 255.255.0.0 10.1.0.0 255.255.0.0 static Displaying OSPF external link state information To display external link state information, enter the show ip ospf database external-link-state command at any CLI level.
Displaying OSPF information TABLE 40 CLI display of OSPF external link state information (Continued) Field Definition LS ID The ID of the link-state advertisement from which the Layer 3 Switch learned this route. Router The router IP address. Seq(hex) The sequence number of the LSA. The OSPF neighbor that sent the LSA stamps it with a sequence number to enable the Layer 3 Switch and other OSPF routers to determine which LSA for a given route is the most recent.
Displaying OSPF information Displaying the data in an LSA You can use the CLI to display the data the Layer 3 Switch received in a specific External LSA packet or other type of LSA packet. For example, to display the LSA data in entry 3 in the External LSA table, enter the following command. Brocade#show ip ospf database external-link-state advertise 3 Index Aging LS ID Router Netmask Metric Flag 3 619 10.27.250.0 192.168.0.3 fffffe00 000003e8 b500 0.0.0.
Displaying OSPF information Brocade#show ip ospf virtual-link Syntax: show ip ospf virtual-link [num] The num parameter displays the table beginning at the specified entry number. Displaying OSPF ABR and ASBR information To display OSPF ABR and ASBR information, enter the show ip ospf border-routers command at any CLI level. Brocade#show ip ospf border-routers Syntax: show ip ospf border-routers [ip-addr] The ip-addr parameter displays the ABR and ASBR entries for the specified IP address.
Displaying OSPF information Displaying OSPF graceful restart information To display OSPF graceful restart information for OSPF neighbors, use the show ip ospf neighbors command. Brocade#show ip ospf neighbors Port Address Pri State Neigh Address Neigh ID 1/1/2 192.168.50.10 0 FULL/OTHER 192.168.50.1 10.10.10.30 < in graceful restart state, helping 1, timer 60 sec > Ev Opt Cnt 21 66 0 Syntax: show ip ospf neighbor Use the following command to display Type 9 grace LSAs on a Brocade Layer 3 switch.
Chapter 6 OSPF version 3 (IPv6) Table 42 lists the Open Shortest Path First (OSPF) version 3 (IPv6) features Brocade ICX 6650 devices support. These features are supported with premium IPv6 devices running the full Layer 3 software image.
Differences between OSPF V2 and OSPF V3 NOTE The terms Layer 3 Switch and router are used interchangeably in this chapter and mean the same thing. Differences between OSPF V2 and OSPF V3 IPv6 supports OSPF V3 functions similarly to OSPF V2 (the current version that IPv4 supports), except for the following enhancements: • Support for IPv6 addresses and prefixes. • While OSPF V2 runs per IP subnet, OSPF V3 runs per link.
OSPF V3 configuration OSPF V3 configuration To configure OSPF V3, you must perform the following tasks: 1. “Enabling OSPF V3” on page 229 2. “Assigning OSPF V3 areas” on page 230 3. “Assigning interfaces to an area” on page 231 The following configuration tasks are optional: • Configure a virtual link between an ABR without a physical connection to a backbone area and the Brocade device in the same area with a physical connection to the backbone area.
OSPF V3 configuration Brocade(config-ospf6-router)#no ipv6 router ospf ipv6 router ospf mode now disabled. All ospf config data will be lost when writing to flash! If you have disabled the protocol but have not yet saved the configuration to the startup-config file and reloaded the software, you can restore the configuration information by re-entering the command to enable the protocol (for example, ipv6 router ospf).
OSPF V3 configuration When you disable the summary LSAs, the change takes effect immediately. If you apply the option to a previously configured area, the router flushes all of the summary LSAs it has generated (as an ABR) from the area. NOTE This feature applies only when the Brocade device is configured as an Area Border Router (ABR) for the area. To completely prevent summary LSAs from being sent to the area, disable the summary LSAs on each OSPF router that is an ABR for the area.
OSPF V3 configuration • When assigned from the router interface requiring a logical connection, the neighbor router field is the router ID (IPv4 address) of the router that is physically connected to the backbone. When assigned from the router interface with the physical connection, the neighbor router is the router ID (IPv4) address of the router requiring a logical connection to the backbone.
OSPF V3 configuration The ethernet | loopback | tunnel | ve parameter specifies the interface from which the router derives the source IPv6 address for communication across the virtual link. If you specify an Ethernet interface, also specify the port number associated with the interface. If you specify a loopback, tunnel, or VE interface, also specify the number associated with the respective interface. To delete the source address for the virtual link, use the no form of this command.
OSPF V3 configuration Changing the reference bandwidth for the cost on OSPF V3 interfaces Each interface on which OSPF V3 is enabled has a cost associated with it. The Brocade device advertises its interfaces and their costs to OSPF V3 neighbors. For example, if an interface has an OSPF cost of ten, the Brocade device advertises the interface with a cost of ten to other OSPF routers. By default, an interface OSPF cost is based on the port speed of the interface.
OSPF V3 configuration • 155 Mbps port cost = 500/155 = 3.23, which is rounded up to 4 • 622 Mbps port cost = 500/622 = 0.80, which is rounded up to 1 • 2488 Mbps port cost = 500/2488 = 0.20, which is rounded up to 1 The costs for 10 Mbps, 100 Mbps, and 155 Mbps ports change as a result of the changed reference bandwidth. Costs for higher-speed interfaces remain the same.
OSPF V3 configuration The metric-type type parameter specifies an OSPF metric type for the redistributed route. You can specify external type 1 or external type 2. If a value is not specified for this option, the Brocade device uses the value specified by the metric-type command.
OSPF V3 configuration NOTE When you use a route map for route redistribution, the software disregards the permit or deny action of the route map. NOTE For an external route that is redistributed into OSPF V3 through a route map, the metric value of the route remains the same unless the metric is set by a set metric command inside the route map or the default-metric num command.
OSPF V3 configuration External route summarization When the Brocade device is an OSPF Autonomous System Boundary Router (ASBR), you can configure it to advertise one external route as an aggregate for all redistributed routes that are covered by a specified IPv6 address range. When you configure an address range, the range takes effect immediately. All the imported routes are summarized according to the configured address range.
OSPF V3 configuration Filtering OSPF V3 routes You can filter the routes to be placed in the OSPF V3 route table by configuring distribution lists. OSPF V3 distribution lists can be applied globally or to an interface. The functionality of OSPF V3 distribution lists is similar to that of OSPFv2 distribution lists.
OSPF V3 configuration After this distribution list is configured, route 2001:db8::/64 would be omitted from the OSPF V3 route table. Brocade#show ipv6 ospf route Current Route count: 4 Intra: 3 Inter: 0 External: 1 (Type1 0/Type2 1) Equal-cost multi-path: 0 Destination Options Area Next Hop Router Outgoing Interface *IA 2001:db8::/64 --------- 0.0.0.1 :: ve 10 *IA 2001:db8::/64 V6E---R-- 0.0.0.0 2001:db8:2e0:52ff:fe00:10 ve 10 *IA 2001:db8::/64 --------- 0.0.0.0 :: ve 11 *E2 2001:db8::/64 --------- 0.0.0.
OSPF V3 configuration Configuring an OSPF V3 distribution list using a route map as input The following commands configure a route map that matches internal routes. Brocade(config)#route-map allowInternalRoutes permit 10 Brocade(config-routemap allowInternalRoutes)#match route-type internal Refer to “Policy-Based Routing” for information on configuring route maps. The following commands configure a distribution list that applies the allowInternalRoutes route map globally to OSPF V3 routes.
OSPF V3 configuration NOTE The default action rule for route-map is to deny all routes that are not explicitly permitted. If you configure a “deny” route map but want to permit other routes that do not match the rule, configure an “empty” permit route map. For example. Brocade(config)#route-map abc deny 10 Brocade(config-routemap abc)#match metric 20 Brocade(config-routemap abc)#route-map abc permit 20 Without the last line in the above example, all routes would be denied.
OSPF V3 configuration The metric-type type parameter specifies the external link type associated with the default route advertised into the OSPF routing domain. The type can be one of the following: • 1 – Type 1 external route • 2 – Type 2 external route If you do not use this option, the default redistribution metric type is used for the route type. NOTE If you specify a metric and metric type, the values you specify are used even if you do not use the always option.
OSPF V3 configuration Administrative distance The Brocade device can learn about networks from various protocols, including IPv6, RIPng, and OSPF V3. Consequently, the routes to a network may differ depending on the protocol from which the routes were learned. By default, the administrative distance for OSPF V3 routes is 110. The device selects one route over another based on the source of the route information. To do so, the device can use the administrative distances assigned to the sources.
OSPF V3 configuration Configuring the OSPF V3 LSA pacing interval The Brocade device paces OSPF V3 LSA refreshes by delaying the refreshes for a specified time interval instead of performing a refresh each time an individual LSA refresh timer expires. The accumulated LSAs constitute a group, which the Brocade device refreshes and sends out together in one or more packets.
OSPF V3 configuration Brocade(config-ospf6-router)#external-lsdb-limit 3000 Syntax: ipv6 ospf area number | ipv4-address The entries parameter can be a numerical value from 500–8000 seconds. To reset the maximum number of entries to its system default, enter the no form of this command. Modifying OSPF V3 interface defaults OSPF V3 has interface parameters that you can configure. For simplicity, each of these parameters has a default value.
OSPF V3 configuration • Transmit-delay: The time it takes to transmit Link State Update packets on this interface. The command syntax is ipv6 ospf transmit-delay seconds. The value can be from 0–3600 seconds. The default is 1 second. Disabling or re-enabling event logging OSPF V3 does not currently support the generation of SNMP traps. Instead, you can disable or re-enable the logging of OSPF V3-related events such as neighbor state changes and database overflow conditions.
OSPF V3 configuration Instructions for configuring IPsec on these entities appear in “IPsec for OSPF V3 configuration” on page 248. IPsec on a virtual link is a global configuration. Interface and area IPsec configurations are more granular. Among the entities that can have IPsec protection, the interfaces and areas can overlap. The interface IPsec configuration takes precedence over the area IPsec configuration when an area and an interface within that area use IPsec.
OSPF V3 configuration General considerations when configuring IPsec for OSPF V3 The IPsec component generates security associations and security policies based on certain user-specified parameters. The parameters are described with the syntax of each command in this section and also pointed out in the section with the show command examples, “IPsec examples” on page 274.
OSPF V3 configuration Interface and area IPsec considerations This section describes the precedence of interface and area IPsec configurations. If you configure an interface IPsec by using the ipv6 ospf authentication command in the context of a specific interface, that interface’s IPsec configuration overrides the area configuration of IPsec.
OSPF V3 configuration NOTE The IPsec configuration for an interface applies to the inbound and outbound directions. Also, the same authentication parameters must be used by all routers on the network to which the interface is connected, as described in section 7 of RFC 4552.
OSPF V3 configuration Configuring IPsec for an area This application of the area command (for IPsec) applies to all of the interfaces that belong to an area unless an interface has its own IPsec configuration. (As described in “Disabling IPsec on an interface” on page 253, the interface IPsec can be operationally disabled if necessary.) To configure IPsec for an area in the IPv6 router OSPF context, proceed as in the following example.
OSPF V3 configuration Syntax: [no] area area-id virtual nbrid authentication ipsec spi spinum esp sha1 [no-encrypt] key The no form of this command deletes IPsec from the virtual link. The area command and the area-id variable specify the area is to be configured. The area-id can be an integer in the range 0–2,147,483,647 or have the format of an IP address. The virtual keyword indicates that this configuration applies to the virtual link identified by the subsequent variable nbrid.
Displaying OSPF V3 Information Changing the key rollover timer Configuration changes for authentication takes effect in a controlled manner through the key rollover procedure as specified in RFC 4552, Section 10.1. The key rollover timer controls the timing of the configuration changeover. The key rollover timer can be configured in the IPv6 router OSPF context, as the following example illustrates.
Displaying OSPF V3 Information • Virtual links • Virtual neighbors • IPsec Displaying OSPF V3 area information To display global OSPF V3 area information for the Brocade device, enter the following command at any CLI level.
Displaying OSPF V3 Information Displaying OSPF V3 database information You can display a summary of the link state database or detailed information about a specified LSA type. To display a summary of a device link state database, enter the show ipv6 ospf database command at any CLI level. Brocade#show ipv6 ospf database Area ID Type LS ID Adv Rtr 0 Link 000001e6 192.168.223.223 0 Link 000000d8 10.1.1.1 0 Link 00000185 192.168.223.223 0 Iap 00000077 192.168.223.223 0 Rtr 00000124 192.168.223.
Displaying OSPF V3 Information This display shows the following information. TABLE 44 OSPF V3 database summary fields Field Description Area ID The OSPF area in which the Brocade device resides. Type Type of LSA. LSA types can be the following: • Rtr – Router LSAs (Type 1). • Net – Network LSAs (Type 2). • Inap – Inter-area prefix LSAs for ABRs (Type 3). • Inar – Inter-area router LSAs for ASBRs (Type 4). • Extn – AS external LSAs (Type 5). • Link – Link LSAs (Type 8).
Displaying OSPF V3 Information Brocade#show ipv6 ospf database extensive Area ID Type LS ID Adv Rtr Seq(Hex) Age Cksum 0 Link 00000031 10.1.1.1 80000001 35 6db9 Router Priority: 1 Options: V6E---R-LinkLocal Address: 2001:db8::1 Number of Prefix: 1 Prefix Options: Prefix: 2001:db8::/64 ... Area ID Type LS ID Adv Rtr Seq(Hex) Age Cksum 0 Iap 00000159 192.168.223.223 800000ab 357 946b Number of Prefix: 2 Referenced LS Type: Network Referenced LS ID: 00000159 Referenced Advertising Router: 192.168.223.
Displaying OSPF V3 Information The fields that display depend upon the LSA type as shown in the following table. TABLE 45 OSPF V3 detailed database information fields Field Description Router LSA (Type 1) (Rtr) fields Capability Bits A bit that indicates the capability of the Brocade device. The bit can be set to one of the following: • B – The device is an area border router. • E – The device is an AS boundary router. • V – The device is a virtual link endpoint.
Displaying OSPF V3 Information TABLE 45 OSPF V3 detailed database information fields (Continued) Field Description Network LSA (Type 2) (Net) fields Options A 24-bit field that enables IPv6 OSPF routers to support the optional capabilities. When set, the following bits indicate the following: V6 – The device should be included in IPv6 routing calculations. E – The device floods AS-external-LSAs as described in RFC 2740. MC – The device forwards multicast packets as described in RFC 1586.
Displaying OSPF V3 Information TABLE 45 OSPF V3 detailed database information fields (Continued) Field Description Prefix Options An 8-bit field of capabilities that serve as input to various routing calculations: NU – The prefix is excluded from IPv6 unicast calculations. LA – The prefix is an IPv6 interface address of the advertising router. MC – The prefix is included in IPv6 multicast routing calculations. • • • Prefix The IPv6 prefix included in the LSA.
Displaying OSPF V3 Information This display shows the following information. TABLE 46 Summary of OSPF V3 interface information Field Description Interface The interface type, and the port number or number of the interface. OSPF Status State Area The state of OSPF V3 on the interface. Possible states include the following: Enabled. Disabled. • • The status of the link. Possible status include the following: Up. Down. • • The state of the interface.
Displaying OSPF V3 Information This display shows the following information. TABLE 47 Detailed OSPF V3 interface information Field Interface status Description The status of the interface. Possible status includes the following: Up. Down. • • Type The type of OSPF V3 circuit running on the interface. Possible types include the following: • BROADCAST • POINT TO POINT UNKNOWN IPv6 Address The IPv6 address(es) assigned to the interface. Instance ID An identifier for an instance of OSPF V3.
Displaying OSPF V3 Information TABLE 47 Detailed OSPF V3 interface information (Continued) Field Description Neighbor The router ID (IPv4 address) of the neighbor. This field also identifies the neighbor as a DR or BDR, if appropriate. Interface statistics The following statistics are provided for the interface: Unknown – The number of Unknown packets transmitted and received by the interface. Also, the total number of bytes associated with transmitted and received Unknown packets.
Displaying OSPF V3 Information This display shows the following information. TABLE 48 OSPF V3 memory usage information Field Description Total Static Memory Allocated A summary of the amount of static memory allocated, in bytes, to OSPF V3. Total Dynamic Memory Allocated A summary of the amount of dynamic memory allocated, in bytes, to OSPF V3. Memory Type The type of memory used by OSPF V3. (This information is for use by Brocade technical support in case of a problem.
Displaying OSPF V3 Information TABLE 49 Summary of OSPF V3 neighbor information (Continued) Field Description BDR The router ID (IPv4 address) of the BDR. Interface [State] The interface through which the router is connected to the neighbor. The state of the interface can be one of the following: • DR – The interface is functioning as the Designated Router for OSPF V3. • BDR – The interface is functioning as the Backup Designated Router for OSPF V3.
Displaying OSPF V3 Information TABLE 50 Detailed OSPF V3 neighbor information (Continued) Field Description DbDesc bit... The Database Description packet, which includes 3 bits of information: • The first bit can be “i” or “-”. “i” indicates the inet bit is set. “-” indicates the inet bit is not set. • The second bit can be “m” or “-”. “m” indicates the more bit is set. “-” indicates the more bit is not set. • The third bit can be “m” or “s”. An “m” indicates the master. An “s” indicates standby.
Displaying OSPF V3 Information Brocade#show ipv6 ospf redistribute route Id Prefix snIpAsPathAccessListStringRegExpression 1 2001:db8::/16 2 2001:db8::/32 Protocol Metric Type Metric Static Static Type-2 Type-2 1 1 Syntax: show ipv6 ospf redistribute route [ipv6-prefix] The ipv6-prefix parameter specifies an IPv6 network prefix. (You do not need to specify the length of the prefix.
Displaying OSPF V3 Information Brocade#show ipv6 ospf routes Current Route count: 4 Intra: 4 Inter: 0 External: 0 (Type1 0/Type2 0) Equal-cost multi-path: 0 Destination Options Area Next Hop Router Outgoing Interface *IA 2001db8::/64 V6E---R-- 0.0.0.0 :: ethe 1/1/2 *IA 2001db8:46a::/64 V6E---R-- 0.0.0.0 :: ethe 1/1/2 *IA 2001db8::1/128 --------- 0.0.0.0 :: loopback 2 *IA 2001db8::2/128 V6E---R-- 0.0.0.
Displaying OSPF V3 Information TABLE 52 OSPF V3 route information (Continued) Field Description Options A 24-bit field that enables IPv6 OSPF routers to support the optional capabilities. When set, the following bits indicate the following: V6 – The device should be included in IPv6 routing calculations. E – The device floods AS-external-LSAs as described in RFC 2740. MC – The device forwards multicast packets as described in RFC 1586. N – The device handles type 7 LSAs as described in RFC 1584.
Displaying OSPF V3 Information Syntax: show ipv6 ospf spf node area [area-id] The node keyword displays SPF node information. The area area-id parameter specifies a particular area. You can specify the area-id in the following formats: • As an IPv4 address; for example, 192.168.1.1. • As a numerical value from 0– 2,147,483,647. This display shows the following information. TABLE 53 OSPF V3 SPF node information Field Description SPF node Each SPF node is identified by its router ID (IPv4 address).
Displaying OSPF V3 Information TABLE 54 OSPF V3 SPF table Field Description Destination The destination of a route, which is identified by the following: • “R”, which indicates the destination is a router. “N”, which indicates the destination is a network. • An SPF node router ID (IPv4 address). If the node is a child node, it is additionally identified by an interface on which the node can be reached appended to the router ID in the format router-id:interface-id.
Displaying OSPF V3 Information Displaying IPv6 OSPF virtual link information To display OSPF V3 virtual link information for the Brocade device, enter the show ipv6 ospf virtual-link command at any level of the CLI. Brocade#show ipv6 ospf virtual-link Index Transit Area ID Router ID 1 1 10.1.1.1 Interface Address 2001:db8::2 State P2P Syntax: show ipv6 ospf virtual-link This display shows the following information.
Displaying OSPF V3 Information TABLE 56 OSPF V3 virtual neighbor information (Continued) Field Description State The state between the Brocade device and the virtual neighbor. The state can be one of the following: • Down • Attempt • Init • 2-Way • ExStart • Exchange • Loading • Full Interface The IPv6 address of the virtual neighbor. IPsec examples This section contains examples of IPsec configuration and the output from the IPsec-specific show commands.
Displaying OSPF V3 Information Showing IPsec policy The show ipsec policy command displays the database for the IPsec security policies. The fields for this show command output appear in the screen output example that follows. However, you should understand the layout and column headings for the display before trying to interpret the information in the example screen.
Displaying OSPF V3 Information TABLE 57 IPsec policy information (Continued) Field Description Source The source address consists of the IPv6 prefix and the TCP or UDP port identifier. Destination The destination address consists of the IPv6 prefix. Certain logical elements have a bearing on the meaning of the destination address and its format, as follows: For IPsec on an interface or area, the destination address is shown as a prefix of 0xFE80 (link local).
Displaying OSPF V3 Information Syntax: show ipsec statistics This command takes no parameters. Displaying IPsec configuration for an area The show ipv6 ospf area [area-id] command includes information about IPsec for one area or all areas. In the example that follows, the IPsec information is in bold. IPsec is enabled in the first area (area 0) in this example but not in area 3. Note that in area 3, the IPsec key was specified as not encrypted.
Displaying OSPF V3 Information TABLE 59 Area configuration of IPsec (Continued) Field Description New Shows new SPI (if changed), authentication algorithm (currently ESP only), encryption algorithm (currently SHA1 only), and the new key. Old Shows old SPI (if changed), authentication algorithm (currently ESP only), encryption algorithm (currently SHA1 only), and the old key.
Displaying OSPF V3 Information TABLE 60 Area configuration of IPsec Field Description Authentication This field shows whether or not authentication is configured. If this field says “Not Configured,” the IPsec-related fields (bold in example screen output) are not displayed at all. KeyRolloverTime The number of seconds between each initiation of a key rollover. This field shows the configured and current times.
Displaying OSPF V3 Information Syntax: show ipv6 ospf virtual-link [brief] The optional [brief] keyword limits the display to the Transit, Area ID, Router ID, Interface Address, and State fields for each link. Changing a key In this example, the key is changed as illustrated in the two command lines that follow. Note that the SPI value is changed from 300 to 310 to comply with the requirement that you change the SPI when you change the key. Initial configuration command.
Chapter 7 BGP (IPv4) Table 61 lists the Border Gateway Protocol (BGP4) features Brocade ICX 6650 devices support. BGP4 features are supported on Brocade ICX 6650 devices running the full Layer 3 software image.
BGP4 overview BGP4 overview Border Gateway Protocol 4 (BGP4) is the standard Exterior Gateway Protocol (EGP) used on the Internet to route traffic between Autonomous Systems (AS) and to maintain loop-free routing. An autonomous system is a collection of networks that share the same routing and administration characteristics. For example, a corporate intranet consisting of several networks under common administrative control might be considered an AS.
BGP4 overview Although a Layer 3 Switch BGP4 route table can have multiple routes to the same destination, the BGP4 protocol evaluates the routes and chooses only one of the routes to send to the IP route table. The route that BGP4 chooses and sends to the IP route table is the preferred route and will be used by the Brocade Layer 3 switch. If the preferred route goes down, BGP4 updates the route information in the IP route table with a new BGP4 preferred route.
BGP4 overview 3. If the weights are the same, prefer the route with the largest local preference. 4. If the routes have the same local preference, prefer the route that was originated locally (by this BGP4 Layer 3 switch). 5. If the local preferences are the same, prefer the route with the shortest AS-path. An AS-SET counts as 1. A confederation path length, if present, is not counted as part of the path length. 6. If the AS-path lengths are the same, prefer the route with the lowest origin type.
BGP4 overview NOTE Brocade Layer 3 switches support BGP4 load sharing among multiple equal-cost paths. BGP4 load sharing enables the Layer 3 switch to balance the traffic across the multiple paths instead of choosing just one path based on router ID. For EBGP routes, load sharing applies only when the paths are from neighbors within the same remote AS. EBGP paths from neighbors in different autonomous systems are not compared.
BGP4 overview UPDATE messages from BGP4 routers After BGP4 neighbors establish a BGP4 connection over TCP and exchange their BGP4 routing tables, they do not send periodic routing updates. Instead, a BGP4 neighbor sends an update to its neighbor when it has a new route to advertise or routes have changed or become unfeasible. An UPDATE message can contain the following information: • Network Layer Reachability Information (NLRI) – The mechanism by which BGP4 supports Classless Interdomain Routing (CIDR).
BGP4 graceful restart BGP4 graceful restart BGP4 graceful restart is a high-availability routing feature that minimizes disruption in traffic forwarding, diminishes route flapping, and provides continuous service during a system restart. During such events, routes remain available between devices. BGP4 graceful restart operates between a device and its peers, and must be configured on each participating device.
BGP4 parameters Brocade> enable Brocade#configure terminal Brocade(config)#router bgp BGP4: Please configure 'local-as' parameter in order to enable BGP4. Brocade(config-bgp-router)#local-as 10 Brocade(config-bgp-router)#neighbor 192.168.23.99 remote-as 100 Brocade(config-bgp-router)#write memory NOTE When BGP4 is enabled on a Brocade Layer 3 switch, you do not need to reset the system. The protocol is activated as soon as you enable it.
BGP4 parameters • Optional – Specify a list of individual networks in the local AS to be advertised to remote autonomous systems using BGP4. • • • • • • Optional – Change the default local preference for routes. • • • • • • • • • • • • • • • • • • • Optional – Require the first AS in an Update from an EBGP neighbor to be the neighbor AS. Optional – Enable the default route (default-information-originate). Optional – Enable use of a default route to resolve a BGP4 next-hop route.
BGP4 parameters • • • • • Add neighbors. • • • • • • • • • • • • • • • • Enable or disable use of a default route to resolve a BGP4 next-hop route. Change the update timer for route changes. Disable or enable fast external fallover. Specify individual networks that can be advertised. Change the default local preference, default information originate setting, or administrative distance. Enable or disable MED (metric) comparison.
Basic configuration tasks required for BGP4 Basic configuration tasks required for BGP4 The following sections describe how to perform the configuration tasks that are required to use BGP4 on the Brocade Layer 3 switch. You can modify many parameters in addition to the ones described in this section. Refer to “Optional BGP4 configuration tasks” on page 304. Enabling BGP4 on the router When you enable BGP4 on the router, BGP4 is automatically activated.
Basic configuration tasks required for BGP4 Setting the local AS number The local AS number identifies the AS the Brocade BGP4 router is in. The AS number can be from 1 through 65535. There is no default. AS numbers 64512 through 65535 are the well-known private BGP4 AS numbers and are not advertised to the Internet community. To set the local AS number, enter commands such as the following. Brocade(config)#router bgp BGP4: Please configure 'local-as' parameter in order to enable BGP4.
Basic configuration tasks required for BGP4 NOTE If the Layer 3 switch has multiple neighbors with similar attributes, you can simplify configuration by configuring a peer group, then adding individual neighbors to it. The configuration steps are similar, except you specify a peer group name instead of a neighbor IP address when configuring the neighbor parameters, then add individual neighbors to the peer group. Refer to “Adding a BGP4 peer group” on page 299.
Basic configuration tasks required for BGP4 advertisement-interval num specifies the minimum delay (in seconds) between messages to the specified neighbor. The default is 30 for EBGP neighbors (neighbors in other autonomous systems). The default is 5 for IBGP neighbors (neighbors in the same AS). The range is 0 through 600. NOTE The Layer 3 switch applies the advertisement interval only under certain conditions.
Basic configuration tasks required for BGP4 filter-list in | out num,num,.. specifies an AS-path filter list or a list of AS-path ACLs. The in | out keyword specifies whether the list is applied on updates received from the neighbor or sent to the neighbor. If you specify in or out, The num,num,... parameter specifies the list of AS-path filters. The router applies the filters in the order in which you list them and stops applying the filters in the AS-path filter list when a match is found.
Basic configuration tasks required for BGP4 NOTE If you want the software to assume that the value you enter is the clear-text form, and to encrypt display of that form, do not enter 0 or 1. Instead, omit the encryption option and allow the software to use the default behavior. If you specify encryption option 1, the software assumes that you are entering the encrypted form of the password or authentication string.
Basic configuration tasks required for BGP4 unsuppress-map map-name removes route dampening from a neighbor routes when those routes have been dampened due to aggregation. Refer to “Removing route dampening from neighbor routes suppressed due to aggregation” on page 357. update-source ip-addr | ethernet port | loopback num | ve num configures the router to communicate with the neighbor through the specified interface. There is no default.
Basic configuration tasks required for BGP4 Brocade#show ip bgp config Current BGP configuration: router bgp local-as 2 neighbor xyz peer-group neighbor xyz password 1 $!2d neighbor 10.10.200.102 peer-group xyz neighbor 10.10.200.102 remote-as 1 neighbor 10.10.200.102 password 1 $on-o Notice that the software has converted the commands that specify an authentication string into the new syntax (described below), and has encrypted display of the authentication strings.
Basic configuration tasks required for BGP4 The enable password-display command enables display of the authentication string, but only in the output of the show ip bgp neighbors command. Display of the string is still encrypted in the startup-config file and running-config. Enter the command at the global CONFIG level of the CLI. NOTE The command also displays SNMP community strings in clear text, in the output of the show snmp server command.
Basic configuration tasks required for BGP4 NOTE If you enter a command to remove the remote AS parameter from a peer group, the software checks to ensure that the peer group does not contain any neighbors. If the peer group does contain neighbors, the software does not allow you to remove the remote AS. The software prevents removing the remote AS in this case so that the neighbors in the peer group that are using the remote AS do not lose connectivity to the Layer 3 switch.
Basic configuration tasks required for BGP4 • If you add a parameter to a peer group that already contains neighbors, the parameter value is applied to neighbors that do not already have the parameter explicitly set. If a neighbor has the parameter explicitly set, the explicitly set value overrides the value you set for the peer group.
Basic configuration tasks required for BGP4 [soft-reconfiguration inbound] [shutdown] [timers keep-alive num hold-time num] [update-source loopback num] [weight num] The ip-addr | peer-group-name parameter indicates whether you are configuring a peer group or an individual neighbor. You can specify a peer group name or IP address with the neighbor command. If you specify a peer group name, you are configuring a peer group. If you specify a neighbor IP address, you are configuring that individual neighbor.
Basic configuration tasks required for BGP4 NOTE The software also contains an option to end the session with a BGP4 neighbor and thus clear the routes learned from the neighbor. Unlike this clear option, the option for shutting down the neighbor can be saved in the startup-config file and thus can prevent the Layer 3 switch from establishing a BGP4 session with the neighbor even after reloading the software.
Optional BGP4 configuration tasks To shut down a BGP4 neighbor, enter commands such as the following. Brocade(config)#router bgp Brocade(config-bgp-router)#neighbor 192.168.22.26 shutdown Brocade(config-bgp-router)#write memory Syntax: [no] neighbor ip-addr shutdown The ip-addr parameter specifies the IP address of the neighbor. Optional BGP4 configuration tasks The following sections describe how to perform optional BGP4 configuration tasks.
Optional BGP4 configuration tasks This command changes the update timer to 15 seconds. Syntax: [no] update-time secs The secs parameter specifies the number of seconds and can be from 1 through 30. The default is 5. Enabling fast external fallover BGP4 routers rely on KEEPALIVE and UPDATE messages from neighbors to signify that the neighbors are alive.
Optional BGP4 configuration tasks How load sharing affects route selection During evaluation of multiple paths to select the best path to a given destination for installment in the IP route table, the last comparison the Layer 3 switch performs is a comparison of the internal paths: • When IP load sharing is disabled, the Layer 3 switch prefers the path to the router with the lower router ID.
Optional BGP4 configuration tasks To change the maximum number of shared paths, enter commands such as the following. Brocade(config)#router bgp Brocade(config-bgp-router)#maximum-paths 4 Brocade(config-bgp-router)#write memory Syntax: [no] maximum-paths num The num parameter specifies the maximum number of paths across which the Layer 3 switch can balance traffic to a given BGP4 destination. You can change the maximum number of paths to a value from 2 through 4. The default is 1.
Optional BGP4 configuration tasks To configure the Layer 3 switch to advertise network 209.157.22.0/24, enter the following command. Brocade(config-bgp-router)#network 192.168.22.0 255.255.255.0 Syntax: network ip-addr ip-mask [nlri multicast | unicast | multicast unicast] [route-map map-name] | [weight num] | [backdoor] The ip-addr is the network number and the ip-mask specifies the network mask.
Optional BGP4 configuration tasks The route-map map-name parameter specifies the name of the route map you want to use to set or change BGP4 attributes for the network you are advertising. The route map must already be configured. For information about the other parameters, refer to “Defining route maps” on page 342.
Optional BGP4 configuration tasks Advertising the default route By default, the Layer 3 switch does not originate and advertise a default route using BGP4. A BGP4 default route is the IP address 0.0.0.0 and the route prefix 0 or network mask 0.0.0.0. For example, 0.0.0.0/0 is a default route. You can enable the router to advertise a default BGP4 route using either of the following methods. NOTE The Brocade Layer 3 switch checks for the existence of an IGP route for 0.0.0.
Optional BGP4 configuration tasks It is possible for the BGP route table to contain a route whose next-hop IP address is not reachable through an IGP route, even though a hop farther away can be reached by the Layer 3 switch through an IGP route. This can occur when the IGPs do not learn a complete set of IGP routes, resulting in the Layer 3 switch learning about an internal route through IBGP instead of through an IGP.
Optional BGP4 configuration tasks Brocade#show ip route 10.0.0.1 Total number of IP routes: 37 Network Address NetMask 10.0.0.0 255.255.255.0 Gateway 10.0.0.1 Port 1/1/1 Cost 1 Type B The route to the next-hop gateway is a BGP route, not an IGP route, and thus cannot be used to reach 192.168.0.0/24. In this case, the Layer 3 switch tries to use the default route, if present, to reach the subnet that contains the BGP route next-hop gateway. Brocade#show ip route 240.0.0.
Optional BGP4 configuration tasks Brocade#show ip bgp route 192.168.0.0 Number of BGP Routes matching display condition : 1 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED Prefix Next Hop Metric LocPrf Weight Status 1 192.168.0.0/24 10.0.0.1 1 100 0 BI AS_PATH: 65001 4355 1 The next-hop IP address for 192.0.0.1 is not an IGP route, which means the BGP route destination still cannot be reached through IP.
Optional BGP4 configuration tasks When selecting a route from among different sources (BGP4, OSPF, RIP, static routes, and so on), the software compares the routes on the basis of each route administrative distance. If the administrative distance of the paths is lower than the administrative distance of paths from other sources (such as static IP routes, RIP, or OSPF), the BGP4 paths are installed in the IP route table.
Optional BGP4 configuration tasks Requiring the first AS to be the neighbor AS By default, the Brocade device does not require the first AS listed in the AS_SEQUENCE field of an AS path Update from an EBGP neighbor to be the AS that the neighbor who sent the Update is in. You can enable the Brocade device for this requirement.
Optional BGP4 configuration tasks Brocade(config-bgp-router)#compare-routerid Syntax: [no] compare-routerid For more information, refer to “How BGP4 selects a path for a route” on page 283. Configuring the Layer 3 switch to always compare Multi-Exit Discriminators A Multi-Exit Discriminator (MED) is a value that the BGP4 algorithm uses when comparing multiple paths received from different BGP4 neighbors in the same AS for the same route.
Optional BGP4 configuration tasks Brocade(config-bgp-router)#med-missing-as-worst Syntax: [no] med-missing-as-worst NOTE This command affects route selection only when route paths are selected based on MED comparison. It is still possible for a route path that is missing its MED to be selected based on other criteria. For example, a route path with no MED can be selected if its weight is larger than the weights of the other route paths.
Optional BGP4 configuration tasks AS1 contains a cluster with two route reflectors and two clients. The route reflectors are fully meshed with other BGP4 routers, but the clients are not fully meshed. They rely on the route reflectors to propagate BGP4 route updates. FIGURE 26 Example of a route reflector configuration AS 1 AS 2 Cluster 1 Route Reflector 1 Route Reflector 2 EBGP Switch IBGP IBGP Route Reflector Client 1 Route Reflector Client 2 10.0.1.0 10.0.2.
Optional BGP4 configuration tasks • The Layer 3 switch adds the attributes only if it is a route reflector, and only when advertising IBGP route information to other IBGP neighbors. The attributes are not used when communicating with EBGP neighbors. • A Layer 3 switch configured as a route reflector sets the ORIGINATOR_ID attribute to the router ID of the router that originated the route.
Optional BGP4 configuration tasks For more information about the neighbor command, refer to “Adding BGP4 neighbors” on page 292. By default, the clients of a route reflector are not required to be fully meshed; the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required between clients. If you need to disable route reflection between clients, enter the following command.
Optional BGP4 configuration tasks Figure 27 shows an example of a BGP4 confederation. FIGURE 27 Example of a BGP4 confederation AS 20 Confederation 10 Sub-AS 64512 IBGP Switch A Switch B EBGP BGP4 Switch EBGP This BGP4 switch sees all traffic from Confederation 10 as traffic from AS 10. Sub-AS 64513 IBGP Switch C Switch D Switches outside the confederation do not know or care that the switches are subdivided into sub-ASs within a confederation.
Optional BGP4 configuration tasks • Configure the confederation ID. The confederation ID is the AS number by which BGP switches outside the confederation know the confederation. Thus, a BGP switch outside the confederation is not aware and does not care that your BGP switches are in multiple sub-autonomous systems. BGP switches use the confederation ID when communicating with switches outside the confederation. The confederation ID must be different from the sub-AS numbers.
Optional BGP4 configuration tasks Commands for router C BrocadeC(config)#router bgp BrocadeC(config-bgp-router)#local-as 64513 BrocadeC(config-bgp-router)#confederation identifier 10 BrocadeC(config-bgp-router)#confederation peers 64512 64513 BrocadeC(config-bgp-router)#write memory Commands for router D BrocadeD(config)#router bgp BrocadeD(config-bgp-router)#local-as 64513 BrocadeD(config-bgp-router)#confederation identifier 10 BrocadeD(config-bgp-router)#confederation peers 64512 64513 BrocadeD(config-b
Configuring BGP4 graceful restart The attribute-map map-name parameter configures the router to set attributes for the aggregate routes based on the specified route map. NOTE For the suppress-map, advertise-map, and attribute-map parameters, the route map must already be defined. Refer to “Defining route maps” on page 342 for information on defining a route map. Configuring BGP4 graceful restart By default, BGP4 graceful restart is enabled for the global routing instance.
BGP null0 routing Brocade(config-bgp)# graceful-restart stale-routes-time 120 Syntax: [no] graceful-restart stale-routes-time seconds The seconds variable is the maximum time before a helper device cleans up stale routes. Possible values are from 1 through 3600 seconds. The default value is 360 seconds. Configuring the BGP4 graceful restart purge timer Use the following command to specify the maximum amount of time a device will maintain stale routes in its routing table before purging them.
BGP null0 routing Figure 28 shows a topology for a null0 routing application example. FIGURE 28 Example of a null0 routing application Internet R1 R2 R3 AS 100 R5 R6 R4 R7 The following steps configure a null0 routing application for stopping denial of service attacks from remote hosts on the internet. Configuration steps for BGP null0 routing 1. Select one switch, S6, to distribute null0 routes throughout the BGP network. 2.
BGP null0 routing Configuration examples for BGP null0 routing S6 The following configuration defines specific prefixes to filter. Brocade(config)#ip route 10.0.0.40/29 ethernet 1/1/2 tag 50 Brocade(config)#ip route 10.0.0.192/27 ethernet 1/1/2 tag 50 Brocade(config)#ip route 10.0.14.0/23 ethernet 1/1/2 tag 50 The following configuration redistributes routes into BGP.
BGP null0 routing Brocade(config-bgp-router)#neighbor remote-as 100 Brocade (config-bgp-router)#neighbor remote-as 100 Brocade(config-bgp-router)#neighbor remote-as 100 Brocade(config-bgp-router)#neighbor remote-as 100 Show commands for BGP null0 routing After configuring the null0 application, you can display the output. S6 The following is the show ip route static output for S6.
BGP null0 routing Brocade#show ip bgp route Total number of BGP Routes: 126 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED s:STALE Prefix Next Hop Metric LocPrf Weight Status 1 10.0.1.0/24 10.0.1.3 0 100 0 BI AS_PATH: . .. . . . . 9 10.0.0.16/30 10.10.1.3 100 0 I AS_PATH: 85 10 10.0.0.40/29 199.199.1.1/32 1 1000000 32768 BL AS_PATH: 11 10.0.0.80/28 10.10.1.3 100 0 I . .. . . . . .. . . . . 36 10.0.0.96/28 10.0.1.
Modifying redistribution parameters Modifying redistribution parameters By default, the Layer 3 Switch does not redistribute route information between BGP4 and the IP IGPs (RIP and OSPF). You can configure the switch to redistribute OSPF routes, RIP routes, directly connected routes, or static routes into BGP4 by using the following methods. To enable redistribution of all OSPF routes and directly attached routes into BGP4, enter the following commands.
Modifying redistribution parameters Redistributing RIP routes To configure BGP4 to redistribute RIP routes and add a metric of 10 to the redistributed routes, enter the following command. Brocade(config-bgp-router)#redistribute rip metric 10 Syntax: redistribute rip [metric num] [route-map map-name] The rip parameter indicates that you are redistributing RIP routes into BGP4. The metric num parameter changes the metric. Specify a value from 0 through 4294967295. The default is 0.
Modifying redistribution parameters Redistributing static routes To configure the Layer 3 switch to redistribute static routes, enter the following command. Brocade(config-bgp-router)#redistribute static Syntax: redistribute static [metric num] [route-map map-name] The static parameter indicates that you are redistributing static routes into BGP4. The metric num parameter changes the metric. Specify a value from 0 through 4294967295. The default is 0.
Filtering Filtering This section describes the following: • • • • • • • • “Specific IP address filtering” on page 333 “AS-path filtering” on page 334 “BGP4 filtering communities” on page 338 “Defining IP prefix lists” on page 340 “Defining neighbor distribute lists” on page 341 “Defining route maps” on page 342 “Using a table map to set the tag value” on page 350 “Configuring cooperative BGP4 route filtering” on page 351 Specific IP address filtering You can configure the router to explicitly permit or
Filtering NOTE Once you define a filter, the default action for addresses that do not match a filter is “deny”. To change the default action to “permit”, configure the last filter as “permit any any”. The ip-addr parameter specifies the IP address. If you want the filter to match on all addresses, enter any. The wildcard parameter specifies the portion of the IP address to match against. The wildcard is in dotted-decimal notation (IP address format).
Filtering Defining an AS-path filter To define AS-path filter 4 to permit AS 2500, enter the following command. Brocade(config-bgp-router)#as-path-filter 4 permit 2500 Syntax: as-path-filter num permit | deny as-path The num parameter identifies the filter position in the AS-path filter list and can be from 1 through 100. Thus, the AS-path filter list can contain up to 100 filters. The Brocade Layer 3 switch applies the filters in numerical order, beginning with the lowest-numbered filter.
Filtering The neighbor command uses the filter-list parameter to apply the AS-path ACL to the neighbor. Refer to “Adding BGP4 neighbors” on page 292. Using regular expressions to filter You use a regular expression for the as-path parameter to specify a single character or multiple characters as a filter pattern. If the AS-path matches the pattern specified in the regular expression, the filter evaluation is true; otherwise, the evaluation is false.
Filtering TABLE 62 BGP4 special characters for regular expressions (Continued) Character Operation _ An underscore matches on one or more of the following: • , (comma) • { (left curly brace) • } (right curly brace) • ( (left parenthesis) • ) (right parenthesis) • The beginning of the input string • The end of the input string • A blank space For example, the following regular expression matches on “100” but not on “1002”, “2100”, and so on.
Filtering BGP4 filtering communities You can filter routes received from BGP4 neighbors based on community names. Use either of the following methods to do so. A community is an optional attribute that identifies the route as a member of a user-defined class of routes. Community names are arbitrary values made of two five-digit integers joined by a colon. You determine what the name means when you create the community name as one of a route attributes.
Filtering The num:num parameter indicates a specific community number to filter. Use this parameter to filter for a private (administrator-defined) community. You can enter up to 20 community numbers with the same command. If you want to filter for the well-known communities “LOCAL_AS”, “NO_EXPORT” or “NO_ADVERTISE”, use the corresponding keyword (described below). The internet keyword checks for routes that do not have the community attribute.
Filtering The deny | permit parameter specifies the action the software takes if a route community list matches a match statement in this ACL. To configure the community-list match statements in a route map, use the match community command. Refer to “Matching based on community ACL” on page 345. The community-num parameter specifies the community type or community number.
Filtering The deny | permit parameter specifies the action the software takes if a neighbor route is in this prefix list. The prefix-list matches only on this network unless you use the ge ge-value or le le-value parameters. (See below.) The network-addr/mask-bits parameter specifies the network number and the number of bits in the network mask. You can specify a range of prefix length for prefixes that are more specific than network-addr/mask-bits.
Filtering Defining route maps A route map is a named set of match conditions and parameter settings that the router can use to modify route attributes and to control redistribution of the routes into other protocols. A route map consists of a sequence of up to 50 instances. If you think of a route map as a table, an instance is a row in that table. The router evaluates a route according to a route map instances in ascending numerical order.
Filtering • • • • Set the MED (metric). Set the IP address of the next hop router. Set the origin to IGP or INCOMPLETE. Set the weight. For example, when you configure parameters for redistributing routes into RIP, one of the optional parameters is a route map. If you specify a route map as one of the redistribution parameters, the router will match the route against the match statements in the route map.
Filtering Specifying the match conditions Use the following command to define the match conditions for instance 1 of the route map GET_ONE. This instance compares the route updates against BGP4 address filter 11. Brocade(config-routemap GET_ONE)#match address-filters 11 Syntax: match [as-path num] | [address-filters | as-path-filters | community-filters num,num,..
Filtering NOTE By default, route maps apply to both unicast and multicast traffic. The route-type internal | external-type1 | external-type2 parameter applies only to OSPF routes. This parameter compares the route type to the specified value. The tag tag-value parameter compares the route tag to the specified value. Match examples using ACLs The following sections show some detailed examples of how to configure route maps that include match statements that match on ACLs.
Filtering Matching based on next-hop router To construct match statements for a route map that match based on the IP address of the next-hop router, use either of the following methods. You can use the results of an IP ACL or an IP prefix list as the match condition. To construct a route map that matches based on the next-hop router, enter commands such as the following.
Filtering The first command configures a community ACL that contains community number 12:34 and community name no-export. The remaining commands configure a route map that matches the community attributes field in BGP4 routes against the set of communities in the ACL. A route matches the route map only if the route contains all the communities in the ACL and no other communities. Syntax: match community ACL exact-match The ACL parameter specifies the name of a community list ACL.
Filtering The dampening [half-life reuse suppress max-suppress-time] parameter sets route dampening parameters for the route. The half-life parameter specifies the number of minutes after which the route penalty becomes half its value. The reuse parameter specifies how low a route penalty must become before the route becomes eligible for use again after being suppressed. The suppress parameter specifies how high a route penalty can become before the Layer 3 switch suppresses the route.
Filtering NOTE This parameter applies only to routes redistributed into OSPF. NOTE You also can set the tag value using a table map. The table map changes the value only when the Layer 3 switch places the route in the IP route table instead of changing the value in the BGP route table. Refer to “Using a table map to set the tag value” on page 350. The weight num parameter sets the weight for the route. You can specify a weight value from 0 through 4294967295.
Filtering Deleting a community from a BGP4 route To delete a community from a BGP4 route community attributes field, enter commands such as the following. Brocade(config)#ip community-list standard std_3 permit 12:99 12:86 Brocade(config)#route-map bgp6 permit 1 Brocade(config-routemap bgp6)#match ip address 1 Brocade(config-routemap bgp6)#set comm-list std_3 delete The first command configures a community ACL containing community numbers 12:99 and 12:86.
Filtering Configuring cooperative BGP4 route filtering By default, the Layer 3 switch performs all filtering of incoming routes locally, on the Layer 3 switch itself. You can use cooperative BGP4 route filtering to cause the filtering to be performed by a neighbor before it sends the routes to the Layer 3 switch. Cooperative filtering conserves resources by eliminating unnecessary route updates and filter processing.
Filtering The next two commands change the CLI to the BGP4 configuration level, then apply the IP prefix list to neighbor 10.2.3.4. The last command enables the Layer 3 switch to send the IP prefix list as an ORF to neighbor 10.2.3.4. When the Layer 3 switch sends the IP prefix list to the neighbor, the neighbor filters out the 10.20.0.x routes from its updates to the Layer 3 switch. (This assumes that the neighbor also is configured for cooperative filtering.
Filtering NOTE If the Layer 3 switch or the neighbor is not configured for cooperative filtering, the command sends a normal route refresh message. Displaying cooperative filtering information You can display the following cooperative filtering information: • The cooperative filtering configuration on the Layer 3 switch. • The ORFs received from neighbors. To display the cooperative filtering configuration on the Layer 3 switch, enter a command such as the following.
Route flap dampening configuration Route flap dampening configuration A “route flap” is the change in a route state, from up to down or down to up. When a route state changes, the state change causes changes in the route tables of the routers that support the route. Frequent changes in a route state can cause Internet instability and add processing overhead to the routers that support the route.
Route flap dampening configuration Globally configuring route flap dampening To enable route flap dampening using the default values, enter the following command. Brocade(config-bgp-router)#dampening Syntax: dampening [half-life reuse suppress max-suppress-time] The half-life parameter specifies the number of minutes after which the route penalty becomes half its value.
Route flap dampening configuration Brocade(config)#router bgp Brocade(config-bgp-router)#address-filter 9 permit 10.157.22.0 255.255.255.0 255.255.255.0 255.255.255.0 Brocade(config-bgp-router)#address-filter 10 permit 10.157.23.0 255.255.255.0 255.255.255.0 255.255.255.
Route flap dampening configuration Brocade(config)#route-map DAMPENING_MAP_ENABLE permit 1 Brocade(config-routemap DAMPENING_MAP_ENABLE)#exit Brocade(config)#route-map DAMPENING_MAP_NEIGHBOR_A permit 1 Brocade(config-routemap DAMPENING_MAP_NEIGHBOR_A)#set dampening Brocade(config-routemap DAMPENING_MAP_NEIGHBOR_A)#exit Brocade(config)#router bgp Brocade(config-bgp-router)#dampening route-map DAMPENING_MAP_ENABLE Brocade(config-bgp-router)#neighbor 10.10.10.
Route flap dampening configuration Here is an example. Brocade(config-bgp-router)#aggregate-address 10.1.0.0 255.255.0.0 summary-only Brocade(config-bgp-router)#show ip bgp route 10.1.0.0/16 longer Number of BGP Routes matching display condition : 2 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED F:FILTERED Prefix Next Hop Metric LocPrf Weight Status 1 10.1.0.0/16 0.0.0.0 101 32768 BAL AS_PATH: 2 10.1.44.0/24 10.2.0.
Route flap dampening configuration Brocade#show ip bgp route 10.1.44.0/24 Number of BGP Routes matching display condition : 1 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED F:FILTERED Prefix Next Hop Metric LocPrf Weight Status 1 10.1.44.0/24 10.2.0.1 1 101 32768 BLS AS_PATH: Route is advertised to 1 peers: 10.1.0.
Generating traps for BGP TABLE 63 Route flap dampening statistics Field Description Total number of flapping routes Total number of routes in the Layer 3 switch BGP4 route table that have changed state and thus have been marked as flapping routes. Status code Indicates the dampening status of the route, which can be one of the following: > – This is the best route among those in the BGP4 route table to the route destination. • d – This route is currently dampened, and thus unusable.
Displaying BGP4 information Syntax: [no] snmp-server enable traps bgp Use the no form of the command to disable BGP traps.
Displaying BGP4 information Brocade#show ip bgp summary BGP4 Summary Router ID: 10.0.0.1 Local AS Number : 4 Confederation Identifier : not configured Confederation Peers: 4 5 Maximum Number of Paths Supported for Load Sharing : 1 Number of Neighbors Configured : 11 Number of Routes Installed : 2 Number of Routes Advertising to All Neighbors : 8 Number of Attribute Entries Installed : 6 Neighbor Address AS# State Time Rt:Accepted Filtered Sent 10.2.3.4 200 ADMDN 0h44m56s 0 0 0 10.0.0.
Displaying BGP4 information TABLE 64 BGP4 summary information (Continued) Field Description State The state of this router neighbor session with each neighbor. The states are from this router perspective of the session, not the neighbor perspective. The state values are based on the BGP4 state machine values described in RFC 1771 and can be one of the following for each router: • IDLE – The BGP4 process is waiting to be started.
Displaying BGP4 information TABLE 64 BGP4 summary information (Continued) Field Filtered Description The routes or prefixes that have been filtered out: If soft reconfiguration is enabled, this field shows how many routes were filtered out (not placed in the BGP4 route table) but retained in memory. • If soft reconfiguration is not enabled, this field shows the number of BGP4 routes that have been filtered out. • Sent The number of BGP4 routes that the Layer 3 switch has sent to the neighbor.
Displaying BGP4 information Brocade#show process cpu Process Name 5Sec(%) 1Min(%) ARP 0.01 0.03 BGP 0.04 0.06 GVRP 0.00 0.00 ICMP 0.00 0.00 IP 0.00 0.00 OSPF 0.00 0.00 RIP 0.00 0.00 STP 0.00 0.00 VRRP 0.00 0.00 5Min(%) 0.09 0.08 0.00 0.00 0.00 0.00 0.00 0.00 0.00 15Min(%) 0.22 0.14 0.00 0.00 0.00 0.00 0.00 0.00 0.
Displaying BGP4 information Displaying summary neighbor information To display summary neighbor information, enter a command such as the following at any level of the CLI. Brocade#show ip bgp neighbors 192.168.4.211 routes-summary 1 IP Address: 192.168.4.
Displaying BGP4 information TABLE 65 BGP4 route summary information for a neighbor (Continued) Field Description NLRIs Received in Update Message The number of routes received in Network Layer Reachability (NLRI) format in UPDATE messages: • Withdraws – The number of withdrawn routes the Layer 3 switch has received. • Replacements – The number of replacement routes the Layer 3 switch has received.
Displaying BGP4 information Brocade#show ip bgp neighbors 10.4.0.2 1 IP Address: 10.4.0.2, AS: 5 (EBGP), RouterID: 10.10.0.1 Description: neighbor 10.4.0.
Displaying BGP4 information The attribute-entries option shows the attribute-entries associated with routes received from the neighbor. The flap-statistics option shows the route flap statistics for routes received from or sent to the neighbor. The last-packet-with-error option displays the last packet from the neighbor that contained an error. The packet's contents are displayed in decoded (human-readable) format.
Displaying BGP4 information TABLE 66 BGP4 neighbor information (Continued) Field Description RouterID The neighbor router ID. Description The description you gave the neighbor when you configured it on the Layer 3 switch. State The state of the router session with the neighbor. The states are from this router perspective of the session, not the neighbor perspective.
Displaying BGP4 information TABLE 66 BGP4 neighbor information (Continued) Field Description RemovePrivateAs Whether this option is enabled for the neighbor. RefreshCapability Whether this Layer 3 switch has received confirmation from the neighbor that the neighbor supports the dynamic refresh capability. CooperativeFilteringCapabilit y Whether the neighbor is enabled for cooperative route filtering. Distribute-list Lists the distribute list parameters, if configured.
Displaying BGP4 information TABLE 66 372 BGP4 neighbor information (Continued) Field Description Last Connection Reset Reason The reason the previous session with this neighbor ended. The reason can be one of the following.
Displaying BGP4 information TABLE 66 BGP4 neighbor information (Continued) Field Description Notification Sent If the router receives a NOTIFICATION message from the neighbor, the message contains an error code corresponding to one of the following errors. Some errors have subcodes that clarify the reason for the error. Where applicable, the subcode messages are listed underneath the error code messages.
Displaying BGP4 information TABLE 66 374 BGP4 neighbor information (Continued) Field Description TCP Connection state The state of the connection with the neighbor. The connection can have one of the following states: • LISTEN – Waiting for a connection request. • SYN-SENT – Waiting for a matching connection request after having sent a connection request. • SYN-RECEIVED – Waiting for a confirming connection request acknowledgment after having both received and sent a connection request.
Displaying BGP4 information TABLE 66 BGP4 neighbor information (Continued) Field Description RcvWnd The size of the receive window. SendQue The number of sequence numbers in the send queue. RcvQue The number of sequence numbers in the receive queue. CngstWnd The number of times the window has changed. Displaying route information for a neighbor You can display routes based on the following criteria: • A summary of the routes for a specific neighbor.
Displaying BGP4 information Table 67 lists the field definitions for the command output. TABLE 67 BGP4 route summary information for a neighbor Field Description Routes Received How many routes the Layer 3 switch has received from the neighbor during the current BGP4 session: • Accepted/Installed – Indicates how many of the received routes the Layer 3 switch accepted and installed in the BGP4 route table.
Displaying BGP4 information TABLE 67 BGP4 route summary information for a neighbor (Continued) Field Description NLRIs Sent in Update Message The number of NLRIs for new routes the Layer 3 switch has sent to this neighbor in UPDATE messages: • Withdraws – The number of routes the Layer 3 switch has sent to the neighbor to withdraw. • Replacements – The number of routes the Layer 3 switch has sent to the neighbor to replace routes the neighbor already has.
Displaying BGP4 information Displaying the best routes that were nonetheless not installed in the IP route table To display the BGP4 routes received from a specific neighbor that are the “best” routes to their destinations but are not installed in the Layer 3 switch IP route table, enter a command such as the following at any level of the CLI. Brocade#show ip bgp neighbors 192.168.4.
Displaying BGP4 information Brocade#show ip bgp peer-group pg1 1 BGP peer-group is pg Description: peer group abc SendCommunity: yes NextHopSelf: yes DefaultOriginate: yes Members: IP Address: 192.168.10.10, AS: 65111 Syntax: show ip bgp peer-group [peer-group-name] Only the parameters that have values different from their defaults are listed.
Displaying BGP4 information TABLE 68 BGP4 summary route information (Continued) Field Description IBGP routes selected as best routes The number of “best” routes in the BGP4 route table that are IBGP routes. EBGP routes selected as best routes The number of “best” routes in the BGP4 route table that are EBGP routes.
Displaying BGP4 information The community option lets you display routes for a specific community. You can specify local-as, no-export, no-advertise, internet, or a private community number. You can specify the community number as either two five-digit integer values of 1 through 65535, separated by a colon (for example, 12345:6789) or a single long integer value. The community-access-list num parameter filters the display using the specified community ACL.
Displaying BGP4 information Syntax: show ip bgp routes best For information about the fields in this display, refer to Table 69 on page 383. The fields in this display also appear in the show ip bgp display.
Displaying BGP4 information Displaying information for a specific route To display BGP4 network information by specifying an IP address within the network, enter a command such as the following at any level of the CLI. Brocade#show ip bgp 10.3.4.0 Number of BGP Routes matching display condition : 1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.3.4.0/24 192.168.4.
Displaying BGP4 information TABLE 69 BGP4 network information (Continued) Field Description Weight The value that this router associates with routes from a specific neighbor. For example, if the router receives routes to the same destination from two BGP4 neighbors, the router prefers the route from the neighbor with the larger weight. Path The route AS path. NOTE: This field appears only if you do not enter the route option. Origin code A character the display uses to indicate the route origin.
Displaying BGP4 information These displays show the following information. TABLE 70 BGP4 route information Field Description Total number of BGP Routes The number of BGP4 routes. Status codes A list of the characters the display uses to indicate the route status. The status code is appears in the left column of the display, to the left of each route. The status codes are described in the command output. Prefix The network prefix and mask length.
Displaying BGP4 information TABLE 70 BGP4 route information (Continued) Field Description Weight The value that this router associates with routes from a specific neighbor. For example, if the router receives routes to the same destination from two BGP4 neighbors, the router prefers the route from the neighbor with the larger weight. Atomic Whether network information in this route has been aggregated and this aggregation has resulted in information loss.
Displaying BGP4 information Table 71 lists the field definitions for the command output. TABLE 71 BGP4 route-attribute entries information Field Description Total number of BGP Attribute Entries The number of routes contained in this router BGP4 route table. Next Hop The IP address of the next hop router for routes that have this set of attributes. Metric The cost of the routes that have this set of attributes. Origin The source of the route information.
Displaying BGP4 information Brocade#show ip route Total number of IP routes: 50834 B:BGP D:Directly-Connected O:OSPF R:RIP S:Static Network Address NetMask Gateway 10.0.0.0 255.0.0.0 192.168.13.2 10.4.0.0 255.0.0.0 192.168.13.2 10.20.0.0 255.255.128.0 192.168.13.2 10.1.0.0 255.255.0.0 0.0.0.0 10.10.11.0 255.255.255.0 0.0.0.0 10.2.97.0 255.255.255.0 192.168.13.2 10.3.63.0 255.255.255.0 192.168.13.2 10.7.123.0 255.255.255.0 192.168.13.2 10.5.252.0 255.255.254.0 192.168.13.2 10.6.42.0 255.255.254.0 192.168.
Displaying BGP4 information TABLE 72 Route flap dampening statistics Field Description Total number of flapping routes The total number of routes in the Layer 3 switch BGP4 route table that have changed state and thus have been marked as flapping routes. Status code Indicates the dampening status of the route, which can be one of the following: > – This is the best route among those in the BGP4 route table to the route destination. • d – This route is currently dampened, and thus unusable.
Updating route information and resetting a neighbor session Brocade#show route-map setcomm route-map setcomm permit 1 set community 1234:2345 no-export This example shows the active configuration for a route map called “setcomm“. Syntax: show route-map [map-name] Displaying BGP4 graceful restart neighbor information Use the show ip bgp neighbors command to display BGP4 restart information for BGP4 neighbors. Brocade# show ip bgp neighbors Total number of BGP Neighbors: 6 1 IP Address: 10.50.50.
Updating route information and resetting a neighbor session Using soft reconfiguration The soft reconfiguration feature places policy changes into effect without resetting the BGP4 session. Soft reconfiguration does not request the neighbor or group to send its entire BGP4 table, nor does the feature reset the session with the neighbor or group. Instead, the soft reconfiguration feature stores all the route updates received from the neighbor or group.
Updating route information and resetting a neighbor session NOTE If you do not specify “in”, the command applies to both inbound and outbound updates. NOTE The syntax related to soft reconfiguration is shown. For complete command syntax, refer to “Dynamically refreshing routes” on page 394. Displaying the filtered routes received from the neighbor or peer group When you enable soft reconfiguration, the Layer 3 switch saves all updates received from the specified neighbor or peer group.
Updating route information and resetting a neighbor session Displaying all the routes received from the neighbor To display all the route information received in route updates from a neighbor since you enabled soft reconfiguration, enter a command such as the following at any level of the CLI. Brocade#show ip bgp neighbors 192.168.4.106 received-routes There are 97345 received routes from neighbor 192.168.4.106 Searching for matching routes, use ^C to quit...
Updating route information and resetting a neighbor session • RFC 2918, which describes the dynamic route refresh capability The dynamic route refresh capability is enabled by default and cannot be disabled. When the Layer 3 switch sends a BGP4 OPEN message to a neighbor, the Layer 3 switch includes a Capability Advertisement to inform the neighbor that the Layer 3 switch supports dynamic route refresh.
Updating route information and resetting a neighbor session NOTE The soft-outbound parameter updates all outbound routes by applying the new or changed filters, but sends only the existing routes affected by the new or changed filters to the neighbor. The soft out parameter updates all outbound routes, then sends the Layer 3 switch entire BGP4 route table (Adj-RIB-Out) to the neighbor, after changing or excluding the routes affected by the filters. Use soft-outbound if only the outbound policy is changed.
Updating route information and resetting a neighbor session Brocade#show ip bgp neighbors 10.4.0.2 1 IP Address: 10.4.0.2, AS: 5 (EBGP), RouterID: 10.10.10.1 Description: neighbor 10.4.0.
Clearing traffic counters neighbor as needed. This ensures that the neighbor receives only the routes you want it to contain. Even if the neighbor already contains a route learned from the Layer 3 switch that you later decided to filter out, using the soft-outbound option removes that route from the neighbor. You can specify a single neighbor or a peer group. To close a neighbor session and thus flush all the routes exchanged by the Layer 3 switch and the neighbor, enter the following command.
Clearing route flap dampening statistics Syntax: clear ip bgp neighbor all | ip-addr | peer-group-name | as-num traffic The all | ip-addr | peer-group-name | as-num option specifies the neighbor. The ip-addr parameter specifies a neighbor by its IP interface with the Layer 3 switch. The peer-group-name specifies all neighbors in a specific peer group. The as-num parameter specifies all neighbors within the specified AS. The all parameter specifies all neighbors.
Clearing diagnostic buffers Clearing diagnostic buffers The Layer 3 switch stores the following BGP4 diagnostic information in buffers: • The first 400 bytes of the last packet that contained an error • The last NOTIFICATION message either sent or received by the Layer 3 switch To display these buffers, use options with the show ip bgp neighbors command. Refer to “Displaying BGP4 neighbor information” on page 367.
Clearing diagnostic buffers 400 Brocade ICX 6650 Layer 3 Routing Configuration Guide 53-1002603-01
Chapter 8 IPv6 Table 73 lists the IPv6 features Brocade ICX 6650 devices support. These features are supported in the Layer 2 and full Layer 3 software images, except where explicitly noted.
Static IPv6 route configuration Table 74 describes the parameters associated with this command and indicates the status of each parameter. TABLE 74 Static IPv6 route parameters Parameter Configuration details Status The IPv6 prefix and prefix length of the route’s destination network. You must specify the dest-ipv6-prefix parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373. You must specify the prefix-length parameter as a decimal value.
IPv6 over IPv4 tunnels The administrative distance is a value that the Layer 3 switch uses to compare this route with routes from other route sources that have the same destination. (The Layer 3 switch performs this comparison before placing a route in the IPv6 route table.) This parameter does not apply to routes that are already in the IPv6 route table. In general, a low administrative distance indicates a preferred route.
IPv6 over IPv4 tunnels Configuring a manual IPv6 tunnel You can use a manually configured tunnel to connect two isolated IPv6 domains. You should deploy this point-to-point tunnelling mechanism if you need a permanent and stable connection. To configure a manual IPv6 tunnel, enter commands such as the following on a Layer 3 Switch running both IPv4 and IPv6 protocol stacks on each end of the tunnel.
IPv6 over IPv4 tunnels Clearing IPv6 tunnel statistics You can clear statistics (reset all fields to zero) for all IPv6 tunnels or for a specific tunnel interface. For example, to clear statistics for tunnel 1, enter the following command at the Privileged EXEC level or any of the Config levels of the CLI. Brocade#clear ipv6 tunnel 1 To clear statistics for all IPv6 tunnels, enter the following command.
IPv6 over IPv4 tunnels Brocade#show interfaces tunnel 1 Tunnel1 is up, line protocol is up Hardware is Tunnel Tunnel source ve 30 Tunnel destination is 10.2.2.10 Tunnel mode ipv6ip No port name MTU 1480 bytes, encapsulation IPV4 Syntax: show interfaces tunnel number The number parameter indicates the tunnel interface number for which you want to display information. This display shows the following information.
IPv6 over IPv4 tunnels Brocade#show ipv6 inter tunnel 1 Interface Tunnel 1 is up, line protocol is up IPv6 is enabled, link-local address is 2001:db8::3:4:2 [Preferred] Global unicast address(es): 2001:db8::1 [Preferred], subnet is 2001:db8::/64 2001:db8::1 [Preferred], subnet is 2001:db8::/64 Joined group address(es): 2001:db8::1:ff04:2 2001:db8::5 2001:db8::1:ff00:1 2001:db8::2 2001:db8::1 MTU is 1480 bytes ICMP redirects are enabled No Inbound Access List Set No Outbound Access List Set OSPF enabled Th
ECMP load sharing for IPv6 ECMP load sharing for IPv6 The IPv6 route table selects the best route to a given destination from among the routes in the tables maintained by the configured routing protocols (BGP4, OSPF, static, and so on). The IPv6 route table can contain more than one path to a given destination. When this occurs, the Brocade device selects the path with the lowest cost for insertion into the routing table.
ECMP load sharing for IPv6 Disabling or re-enabling ECMP load sharing for IPv6 ECMP load sharing for IPv6 is enabled by default. To disable the feature, enter the following command. Brocade(config)#no ipv6 load-sharing If you want to re-enable the feature after disabling it, you must specify the number of load-sharing paths. The maximum number of paths the device supports is a value from 2–8. By entering a command such as the following, iPv6 load-sharing will be re-enabled.
ECMP load sharing for IPv6 410 Brocade ICX 6650 Layer 3 Routing 53-1002603-01
Chapter 9 VRRP and VRRP-E Table 78 lists the Virtual Router Redundancy Protocol (VRRP) and Virtual Router Redundancy Protocol Extended (VRRP-E) features Brocade ICX 6650 devices support. NOTE VRRP and VRRP-E is supported Brocade ICX 6650 devices that are running the full Layer 3 image.
VRRP and VRRP-E overview NOTE The maximum number of supported VRRP or VRRP-E router instances is 254 for IPv4 environments. The maximum number of supported VRRP or VRRP-E router instances is 128 for IPv6 environments. For a summary of how these two router redundancy protocols differ, refer to “Comparison of VRRP and VRRP-E” on page 420. VRRP and VRRP-E overview The following sections describe VRRP and VRRP-E. The protocols both provide redundant paths for IP addresses.
VRRP and VRRP-E overview If Switch 1 fails, you could configure Host1 to use Switch 2. Configuring one host with a different default gateway might not require too much extra administration. However, consider a more realistic network with dozens or even hundreds of hosts per subnet; reconfiguring the default gateways for all the hosts is impractical. It is much simpler to configure a VRRP virtual router on Switch 1 and Switch 2 to provide a redundant path for the hosts.
VRRP and VRRP-E overview Virtual router ID A virtual router ID (VRID) consists of one Master router and one or more Backup routers. The Master router is the router that owns the IP addresses you associate with the VRID. For this reason, the Master router is sometimes called the “Owner”. Configure the VRID on the router that owns the default gateway interface.
VRRP and VRRP-E overview Master negotiation The routers within a VRID use the VRRP priority values associated with each router to determine which router becomes the Master. When you configure the VRID on a router interface, you specify whether the router is the Owner of the IP addresses you plan to associate with the VRID or a Backup router.
VRRP and VRRP-E overview NOTE Regardless of the setting for the preempt parameter, the Owner always becomes the Master again when it comes back online. Track ports and track priority The Brocade implementation of VRRP enhances the protocol by giving a VRRP router the capability to monitor the state of the interfaces on the other end of the route path through the router.
VRRP and VRRP-E overview NOTE The HMAC-MD5-96 authentication type is supported for VRRP-E, but not supported for VRRP. Independent operation of VRRP alongside RIP, OSPF, and BGP4 VRRP operation is independent of RIP, OSPF, and BGP4; therefore, RIP, OSPF, and BGP4 are not affected if VRRP is enabled on one of these interfaces. Dynamic VRRP configuration All VRRP global and interface parameters take effect immediately. You do not need to reset the system to place VRRP configuration parameters into effect.
VRRP and VRRP-E overview • Hello packets - VRRP sends Hello messages to IP Multicast address 224.0.0.18. - VRRP-E uses UDP to send Hello messages in IP multicast messages. The Hello packets use the MAC address of the interface and the IP address as the source addresses. The destination MAC address is 00-00-00-00-00-02, and the destination IP address is 224.0.0.2 (the well-known IP multicast address for “all routers”). Both the source and destination UDP port number is 8888.
VRRP and VRRP-E overview Figure 32 shows an example of a VRRP-E configuration. FIGURE 32 Switch 1 and Switch 2 are configured to provide dual redundant network access for the host Internet VRID 1 Switch 1 = Master Virtual IP address 192.168.5.254 Priority = 110 Track Port = e 1/1/2 Track Priority = 20 e 1/1/2 e 1/1/3 Switch 1 e 1/1/6 Switch 2 192.168.5.2 e 1/1/5 192.168.5.3 VRID 1 Switch 2 = Backup Virtual IP address 192.168.5.
Comparison of VRRP and VRRP-E ARP behavior with VRRP-E In the VRRP-E implementation, the source MAC address of the gratuitous Address Resolution Protocol (ARP) request sent by the VRRP-E Master router is the VRRP-E virtual MAC address. When the router (either the Master or Backup router) sends an ARP request or reply packet, the sender’s MAC address becomes the MAC address of the interface on the router.
Comparison of VRRP and VRRP-E Architectural differences between VRRP and VRRP-E The protocols have the following architectural differences. Management protocol • VRRP – VRRP routers send VRRP Hello and Hello messages to IP Multicast address 224.0.0.18. • VRRP-E – VRRP-E sends messages to destination MAC address 01-00-5E-00-00-02 and destination IP address 224.0.0.2 (the standard IP multicast address for “all routers”).
VRRP and VRRP-E parameters VRRP and VRRP-E parameters Table 79 lists the VRRP and VRRP-E parameters. Most of the parameters and default values are the same for both protocols. The exceptions are noted in the table. TABLE 79 Parameter Description Default For more information Protocol The Virtual Router Redundancy Protocol (VRRP) based on RFC 2338 or VRRP-Extended, the Brocade-enhanced implementation of VRRP.
VRRP and VRRP-E parameters TABLE 79 VRRP and VRRP-E parameters (Continued) Parameter Description Default For more information Authentication type The type of authentication the VRRP or VRRP-E interfaces use to validate VRRP or VRRP-E packets. • No authentication – The interfaces do not use authentication. This is the VRRP default. • Simple – The interface uses a simple text-string as a password in packets sent on the interface.
VRRP and VRRP-E parameters TABLE 79 VRRP and VRRP-E parameters (Continued) Parameter Description Default For more information Dead interval The number of seconds or milliseconds a Backup waits for a Hello message from the Master for the VRID before determining that the Master is no longer active. If the Master does not send a Hello message before the dead interval expires, the Backups negotiate (compare priorities) to select a new Master for the VRID.
Basic VRRP parameter configuration TABLE 79 VRRP and VRRP-E parameters (Continued) Parameter Description Default For more information VRRP-E slow start timer Causes a specified amount of time to elapse between the time the original Master is restored and when it takes over from the Backup. This interval allows time for OSPF convergence when the Master is restored. For VRRP-E only. Disabled page 441 Short-path forwarding Enables VRRP-E extension for server virtualization.
Basic VRRP parameter configuration • The IP addresses associated with the VRID must already be configured on the router that will be the Owner. • An IP address associated with the VRID must be on only one router. • The Hello interval must be set to the same value on the Owner and Backup routers for the VRID. • The dead interval must be set to the same value on the Owner and Backup routers for the VRID. • The track priority on a router must be lower than the router VRRP priority.
Basic VRRP parameter configuration NOTE You must first configure the ipv6 unicast-routing command at the global configuration level to enable IPv6 VRRP on the router.
Basic VRRP parameter configuration Syntax: [no] ip-address ip-addr Syntax: [no] ip vrrp vrid num Syntax: [no] backup [priority value] [track-priority value] Syntax: [no] advertise backup Syntax: [no] activate When you configure a Backup router, the router interface on which you are configuring the VRID must have a real IP address that is in the same subnet as the address associated with the VRID by the Owner. However, the address cannot be the same. The num variable specifies the virtual router ID.
Basic VRRP parameter configuration By default, Backup routers do not send Hello messages to advertise themselves to the Master. The advertise backup command is used to enable a Backup router to send Hello messages to the Master.
Basic VRRP-E parameter configuration Basic VRRP-E parameter configuration The following sections describe the configuration of the parameters specific to IPv4 and IPv6 VRRP-E. Configuration rules for VRRP-E Consider the following rules when configuring VRRP-E: • • • • • The interfaces of all routers in a VRID must be in the same IP subnet. The IP address associated with the VRID cannot be configured on any of the Layer 3 switches.
Basic VRRP-E parameter configuration NOTE You also can use the enable command to activate the configuration. This command does the same thing as the activate command. Configuring IPv6 VRRP-E To implement an IPv6 VRRP-E configuration using all the default values, enter the following commands. NOTE You must first configure the ipv6 unicast-routing command at the global configuration level to enable IPv6 VRRP-E on the router.
Additional VRRP and VRRP-E parameter configuration When the no ipv6 router vrrp-extended command is enabled, all IPv6 VRRP-E instances for a specific VRID are deleted from the interface, and the running configuration is lost when writing to flash. You must enable the write memory command to save your configuration. The following message is displayed when the no ipv6 router vrrp-extended command is enabled. Brocade Router2(config)#no ipv6 router vrrp-extended ipv6 router VRRP-E is disabled.
Additional VRRP and VRRP-E parameter configuration VRRP and VRRP-E authentication types This section describes VRRP and VRRP-E authentication parameters. Configuring authentication type The Brocade implementation of VRRP and VRRP-E supports the following authentication types for authenticating VRRP and VRRP-E traffic: • No authentication – The interfaces do not use authentication. This is the default for VRRP and VRRP-E.
Additional VRRP and VRRP-E parameter configuration VRRP-E syntax For IPv4 VRRP-E: Syntax: ip vrrp-extended auth-type no-auth | simple-text-auth auth-data | md5-auth [0 |1] key For IPv6 VRRP-E: Syntax: ipv6 vrrp-extended auth-type no-auth | simple-text-auth auth-data | md5-auth [0 |1] key The values for the no-auth and simple-text-auth auth-data options are the same as for VRRP. The md5-auth option configures the interface to use HMAC-MD5-96 for VRRP-E authentication.
Additional VRRP and VRRP-E parameter configuration VRRP router type A VRRP interface is either an Owner or a Backup router for a given VRID. By default, the Owner becomes the Master. A Backup router becomes the Master only if the Master becomes unavailable. A VRRP-E interface is always a Backup router for its VRID. The Backup router with the highest VRRP priority becomes the Master.
Additional VRRP and VRRP-E parameter configuration Configuring an IPv6 VRRP v3 interface as a Backup for a VRID To configure an IPv6 VRRP v3 interface as a Backup for a VRID, and set its VRRP priority and track priority, enter commands such as the following.
Additional VRRP and VRRP-E parameter configuration Suppressing RIP advertisements for the backed-up interface in Router 2 To suppress RIP advertisements for the backed-up interface in Router 2, enter the following commands. Brocade Router2(config)#router rip Brocade Router2(config-rip-router)#use-vrrp-path Syntax: use-vrrp-path The syntax is the same for VRRP and VRRP-E. Hello interval configuration The Master periodically sends Hello messages to the Backup routers.
Additional VRRP and VRRP-E parameter configuration Dead interval configuration The dead interval is the number of seconds a Backup router waits for a Hello message from the Master before determining that the Master is dead. When Backup routers determine that the Master is dead, the Backup with the highest priority becomes the new Master.
Additional VRRP and VRRP-E parameter configuration Track port configuration NOTE Track port is not supported by VRRP v3. You can configure the VRID on one interface to track the link state of another interface on the Layer 3 switch. This capability is quite useful for tracking the state of the exit interface for the path for which the VRID is providing redundancy. Refer to “Track ports and track priority” on page 416.
Additional VRRP and VRRP-E parameter configuration Backup preempt configuration By default, a Backup that has a higher priority than another Backup that has become the Master can preempt the Master, and take over the role of Master. If you want to prevent this behavior, disable preemption. Preemption applies only to Backups and takes effect only when the Master has failed and a Backup has assumed ownership of the VRID.
Additional VRRP and VRRP-E parameter configuration TABLE 80 Time scale values (Continued) Timer Timer scale Timer value Backup Hello interval 1 60 seconds 2 30 seconds 1 2 seconds 2 1 second Hold-down interval If you configure the device to receive its timer values from the Master, the Backup also receives the timer scale value from the Master. To change the timer scale, enter a command such as the following at the global CONFIG level of the CLI.
Additional VRRP and VRRP-E parameter configuration The VRRP-E slow start timer is effective only if the VRRP-E Backup router detects another VRRP-E Master (Standby) router. It is not effective during the initial bootup. The slow start timer is effective on a Backup router if the priority of the Backup router is equal to the configured priority on the Backup state router. NOTE The VRRP-E slow start timer applies only to VRRP-E configurations. It does not apply to VRRP configurations.
Additional VRRP and VRRP-E parameter configuration FIGURE 33 VRRP-E Extension for short-path forwarding To Clients 10.32.0.X To Clients 10.0.0.X R1 WAN Link VRRPE Master 10.71.2.1 VRRPE Backup WAN Link ing Normal forward Short-path-forwarding enabled Host Server 2 (with virtualization software) Host Server 1 (with virtualization software) Virtual server 3 GW: 10.71.2.1 Virtual server 1 GW: 10.71.2.1 Virtual Servers can move between Host Server 1 and Host Server 2 Virtual server 4 GW: 10.71.2.
Additional VRRP and VRRP-E parameter configuration The revert-priority value parameter uses the priority value as the threshold to determine whether the short-path forwarding (SPF) behavior is effective. Typically, when short-path forwarding is enabled, the Backup router enforces SPF. For each port that goes down, the current priority of the VRRP-E router is lowered by the number specified in the track-port command.
Forcing a Master router to abdicate to a Backup router Forcing a Master router to abdicate to a Backup router NOTE Forcing a Master router to abdicate to a Backup router is not supported for IPv6 VRRP, IPv4 VRRP-E, and IPv6 VRRP-E. It is only supported for IPv4 VRRP. You can force a VRRP Master to abdicate (give away control) of a VRID to a Backup router by temporarily changing the Master priority to a value less than that of the Backup router. The VRRP Owner always has priority 255.
Displaying VRRP and VRRP-E information To change the Master priority back to the default Owner priority 255, enter no followed by the command you entered to change the priority. For example, to change the priority of a VRRP Owner back to 255 from 110, enter the following command. Brocade(config-if-e10000-1/1/6-vrid-1)#no owner priority 110 You cannot set the priority to 255 using the owner priority command.
Displaying VRRP and VRRP-E information To display summary information for IPv6 VRRP-E v3 , enter the show ipv6 vrrp-extended brief command at any level of the CLI.
Displaying VRRP and VRRP-E information TABLE 81 CLI display of VRRP or VRRP-E summary information (Continued) Field Description VRID The VRID configured on this interface. If multiple VRIDs are configured on the interface, information for each VRID is listed in a separate row. CurPri The current VRRP or VRRP-E priority of this Layer 3 switch for the VRID. P Whether the backup preempt mode is enabled. If the backup preempt mode is enabled, this field contains a “P”.
Displaying VRRP and VRRP-E information The following example is for a VRRP Backup. Brocade#show ip vrrp Total number of VRRP routers defined: 1 Interface ethernet v3 auth-type simple text password VRID 3 state backup administrative-status enabled mode non-owner(backup) priority 110 current priority 110 hello-interval 1000 msec dead-interval 0 msec current dead-interval 3500 msec preempt-mode true ip-address 192.168.3.1 virtual mac address 0000.0000.
Displaying VRRP and VRRP-E information The ve num option specifies a virtual interface. If you use this option, the command displays VRRP or VRRP-E information only for the specified virtual interface. The stat option displays statistics. Refer to “Displaying statistics” on page 454. Table 82 shows a description of the output for the show ip vrrp and show ip vrrp-extended commands.
Displaying VRRP and VRRP-E information TABLE 82 CLI display of VRRP or VRRP-E detailed information (Continued) Field Description current priority The current VRRP, VRRP v3, VRRP-E, or IPv6 VRRP-E priority of this Layer 3 switch for the VRID.
Displaying VRRP and VRRP-E information TABLE 82 CLI display of VRRP or VRRP-E detailed information (Continued) Field Description next hello sent in time How long until the Backup sends its next Hello message. NOTE: This field applies only when this Layer 3 switch is the Master and the Backup is configured to send Hello messages (the advertise backup option is enabled). master router ip-addr expires in time The IP address of the Master and the amount of time until the Master dead interval expires.
Displaying VRRP and VRRP-E information Brocade#show ipv6 vrrp vrid 1 VRID 1 Interface ethernet 5 state backup administrative-status enabled version v3 mode non-owner(backup) priority 100 current priority 100 hello-interval 1000 msec dead-interval 0 msec current dead-interval 3000 msec preempt-mode true ip-address 2001:db8:a7a7::1 virtual mac address 0000.0000.0201 advertise backup: enabled next hello sent in 00:00:38.
Displaying VRRP and VRRP-E information TABLE 83 Output from the show ip vrrp vrid command (Continued) Field Description current dead interval The current value of the dead interval. This value is equal to the value configured for the dead interval. If the value for the dead interval is not configured, then the current dead interval is equal to three times the Hello interval plus Skew time (where Skew time is equal to 256 minus priority divided by 256). NOTE: This field does not apply to VRRP Owners.
Displaying VRRP and VRRP-E information Table 84 shows a description of the output for the show ip vrrp stat and show ip vrrp- extended stat commands. TABLE 84 CLI display of VRRP or VRRP-E statistics Field Description Interface statistics Interface The interface on which VRRP or VRRP-E is configured. If VRRP or VRRP-E is configured on more than one interface, the display lists the statistics separately for each interface.
Displaying VRRP and VRRP-E information Clearing VRRP or VRRP-E statistics To clear VRRP or VRRP-E statistics, enter the clear ip vrrp-stat command at the Privileged EXEC level or any configuration level of the CLI. Brocade#clear ip vrrp-stat Syntax: clear ip vrrp-stat To clear IPv6 VRRP v3 or IPv6 VRRP-E v3 statistics, enter the following command at the Privileged EXEC level or any configuration level of the CLI.
Displaying VRRP and VRRP-E information Brocade#show process cpu The system has only been up for 6 seconds. Process Name 5Sec(%) 1Min(%) 5Min(%) ARP 0.01 0.00 0.00 BGP 0.00 0.00 0.00 GVRP 0.00 0.00 0.00 ICMP 0.01 0.00 0.00 IP 0.00 0.00 0.00 OSPF 0.00 0.00 0.00 RIP 0.00 0.00 0.00 STP 0.00 0.00 0.00 VRRP 0.00 0.00 0.00 15Min(%) 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Runtime(ms) 0 0 0 1 0 0 0 0 0 To display utilization statistics for a specific number of seconds, enter a command such as the following.
Displaying VRRP and VRRP-E information for IPv6 Displaying VRRP and VRRP-E information for IPv6 You can display information for IPv6 VRRP or VRRP-E v3. Displaying detailed information for IPv6 VRRP v3 and IPv6 VRRP-E v3 To display information for an IPv6 VRRP Owner, enter the show ipv6 vrrp command at any level of the CLI.
Displaying VRRP and VRRP-E information for IPv6 Brocade#show ipv6 vrrp Total number of VRRP routers defined: 26 Interface ethernet v52 auth-type no authentication VRID 52 state backup administrative-status enabled version v3 mode non-owner(backup) priority 101 current priority 20 track-priority 20 hello-interval 100 msec dead-interval 0 msec current dead-interval 300 msec preempt-mode true ipv6-address 2001:db8::52:3 virtual mac address 0000.0000.0234 advertise backup: enabled next hello sent in 00:00:36.
Configuration examples Configuration examples The following sections contain the CLI commands for implementing the VRRP and VRRP-E configurations shown in Figure 31 on page 413 and Figure 32 on page 419. VRRP example To implement the VRRP configuration shown in Figure 31 on page 413, use the following method. Configuring Switch 1 To configure VRRP Switch 1, enter the following commands.
Configuration examples NOTE When you configure a Backup router, the router interface on which you are configuring the VRID must have a real IP address that is in the same subnet as the address associated with the VRID by the Owner. However, the address cannot be the same. The priority parameter establishes the router VRRP priority in relation to the other VRRP routers in this virtual router.
Configuration examples NOTE The address you enter with the ip-address command cannot be the same as a real IP address configured on the interface. Configuring Switch 2 To configure Switch 2, enter the following commands. Brocade-Switch1(config)#router vrrp-extended Brocade-Switch1(config-vrrpe-router)#interface ethernet 1/2/1 Brocade-Switch1(config-if-e10000-1/1/6)#ip address 192.168.5.
Configuration examples Syntax: ip-address ip-addr Syntax: activate Brocade ICX 6650 Layer 3 Routing Configuration Guide 53-1002603-01 463
Configuration examples 464 Brocade ICX 6650 Layer 3 Routing Configuration Guide 53-1002603-01
Index Numerics 31-bit subnet mask, 23 A access policies, ACL and IP, 10 ACL and IP access policies, 10 deny | permit, 199 using as input to the OSPF distribution list, 197 Address Resolution Protocol (ARP) changing the aging period, 37 configuration, 35 configuring forwarding parameters, 40 creating static entries, 39 enabling on an interface, 38 enabling the proxy, 38, 39 enabling the proxy globally, 38 how it works, 35 rate limiting ARP packets, 36 ARP cache and static table, 6 displaying entries, 7, 11
displaying dynamic refresh information, 395 displaying filtered routes, 392 displaying graceful restart neighbor information, 390 displaying information, 361 displaying information for a specific route, 383 displaying peer group information, 378 displaying recursive route lookups, 311 displaying route flap dampening statistics, 388 displaying route information for a neighbor, 375 displaying route-attribute entries, 386 displaying routes BGP4 has placed in route table, 387 displaying routes whose destination
clear ip ospf topology, 213 clear ip route, 124 clear ip tunnel, 112 clear ip vrrp-stat, 456 clear ipsec statistics, 254 clear ipv6 rip route, 163 clear ipv6 tunnel, 405 client-to-client-reflection, 320 community-filter, 338 compare-routerid, 316 confederation identifier, 322 confederation peers, 322 dampening, 355 database-overflow-interval, 210 dead-interval, 438 default-information-originate, 205, 242, 310 default-local-preference, 309 default-metric, 148, 237, 310 deny redistribute, 195 deploy, 76 dhcp-
match ip route-source, 346 maximum-paths, 307 med-missing-as-worst, 317 metric-type, 207, 237 mtu-exceed, 29 multipath ebgp, 307 neighbor, 149, 293, 301, 302, 319, 341, 391 netbios-name-server, 77 network, 77, 308 next-bootstrap-server, 77 next-hop-enable-default, 309 next-hop-recursion, 313 no ip icmp unreachable, 44 offset-list, 145 owner priority, 446 permit redistribute, 195 poison-local-routes, 163 poison-reverse, 162 prefix-list, 239 rarp, 62 readvertise, 332 redistribute, 161 redistribute connected,
show ipv6 ospf virtual-link, 273 show ipv6 ospf virtual-neighbor, 273 show ipv6 rip, 164 show ipv6 rip route, 165 configuration DNS resolver, 25 IP addresses, 19 IP load sharing, 55 IP parameters on Layer 2 switches, 88 manual IPv6 tunnel, 404 packet parameters, 28 route learning and advertising, 160 static routes, 45 TFTP server, 77 CPU utilization displaying OSPF statistics, 215 displaying statistics, 154 displaying statistics for VRRP and VRRP-E, 456 CPU utilization statistics displaying, 115 D DHCP cha
parameters, 59 Interface dhcp-gateway-list, 95 interface loopback, 292 interface ve, 22 ip address, 20 ip arp-age, 37 ip bootp-gateway, 66 ip dhcp-client enable, 86 ip encapsulation snap, 28 ip follow ve, 22 ip helper-address, 65 ip irdp, 60 ip local-proxy-arp, 39 ip metric, 145 ip mtu, 30 ip ospf auth-change-wait-time, 187 ip ospf database-filter all out, 188 ip ospf network non-broadcast, 188 ip ospf network point-to-point, 211 ip proxy-arp enable | disable, 38 ip rip filter-group in | out, 152 ip rip lea
enabling multicast routing on GRE tunnels, 106 GRE packet, 95 multicast routing over GRE tunnels, 97 point-to-point GRE tunnels, 95 IPv6 advertising address summaries, 160 clearing RIPng routes, 163 clearing tunnel statistics, 405 configuring a manual tunnel, 404 displaying ECMP load-sharing information, 409 displaying interface-level settings, 406 displaying tunnel information, 405 ECMP load sharing, 408 static route parameters, 402 IPv6 over IPv4 tunnels, 403 ipv6 rip summary-address, 160 L Layer 2 enabl
designated routers in multi-access networks, 170 disabling or re-enabling load sharing, 202 displaying ABR information, 225 displaying area information, 216 displaying data in an LSA, 224 displaying graceful restart information, 226 displaying information, 214 displaying interface information, 218, 219 displaying link state information, 223 displaying route information, 220 displaying trap status, 225 displaying virtual link information, 224 displaying virtual neighbor information, 224 dynamic activation an
P packet parameters, configuring, 28 path MTU discovery, 96 R Reverse Address Resolution Protocol (RARP) changing the maximum number of supported entries, 62 configuration, 61 creating static entries, 62 disabling, 61 how it differs from BootP and DHCP, 61 RIP suppression of advertisements, 436 route, 343 route learning configuring, 160 with Routing Information Protocol (RIP), 148 Routemap match, 344 match as-path, 345 match community, 345 match community exact-match, 347 match ip address, 345 match ip add
redistribute static, 332 redistribution, 138, 148, 196, 201 rfc1583-compatibility, 210 router vrrp, 461 slow-start, 441 snmp-server trap ospf, 209 summary address, 183 summary-address, 204, 238 timers, 159 timers keep-alive hold-time, 304 timers lsa-group-pacing, 208, 245 timers spf, 206, 243 update-time, 149, 305 use-vrrp-path, 151, 437 virtual-link-if-address interface ethernet, 232 router ID, changing, 31 Routing Information Protocol (RIP) applying route filter to an interface, 152 changing the administr
show ip ospf routes, 220 show ip ospf trap, 225 show ip ospf virtual-link, 224 show ip ospf virtual-neighbor, 224 show ip pim flow, 111 show ip pim interface, 111 show ip pim mcache, 111 show ip pim nbr, 111 show ip rip, 153 show ip route, 108, 122, 387 show ip route static, 328 show ip route summary, 124 show ip traffic, 124, 129 show ip tunnel traffic, 109 show ip vrrp brief, 446 show ip vrrp stat, 454 show ip vrrp vrid, 452 show ipsec policy, 275 show ipsec sa, 274 show ipsec statistics, 254, 276 show ip
additional configuration, 432 archtectural differences between VRRP-E, 421 authentication, 416 authentication types, 433 backup preempt configuration, 440 basic configuration, 425 changing the timer scale, 440 clearing statistics, 456 comparison to VRRP-E, 420 configuration considerations for IPv6 version 3, 429 configuration examples, 460 configuring a backup for IPv4, 427 configuring a backup for IPv6, 428 configuring the Hello interval, 437 configuring the owner for IPv6, 426 dead interval configuration,
