HP-UX Routing Services Administrator’s Guide HP-UX 11i v2, HP-UX 11i v3 HP Part Number: B2355-91153 Published: November 2011 Edition: 2
Legal Notices © Copyright 2011 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Contents About This Document.....................................................................................5 Intended Audience....................................................................................................................5 HP-UX Release Name and Release Identifier.................................................................................5 Publishing History.....................................................................................................................
The interface Statement..................................................................................................31 Multicast Interfaces...................................................................................................32 Non-Broadcast Multi-Access (NBMA) Interface.............................................................33 Point-to-Point Interfaces..............................................................................................34 Stub Areas...........................
About This Document This document describes the various routing daemons supported in the HP-UX 11i v2 and HP-UX 11i v3 operating systems. It is one of the documents available for the Internet Services suite of products. For a list of other Internet Services documents, see “Related Documentation” (page 6). These documents replace the document Installing and Administering Internet Services (B2355-90685), which was shipped with releases prior to the HP-UX 11i v2 operating system.
Chapter 3 Configuring gated Describes how to configure gated on RIP, OSPF, and RDP protocols. This chapter also describes how to specify tracing options, route preference, and some troubleshooting measures in gated. Related Documentation For more information about the Internet Services suite of products, see the following books: • HP-UX Internet Services Administrator’s Guide at: http://www.docs.hp.com/hpux/netcom/index.
Variable The name of a variable that you may replace in a command or function or information in a display that represents several possible values. [] The contents are optional in formats and command descriptions. If the contents are a list separated by |, you can choose one of the items. {} The contents are required in formats and command description. If the contents are a list separated by |, you must choose one of the items.
1 Overview A router is a device that has multiple network interfaces and that transfers Internet Protocol (IP) packets from one network or subnet to another within an internetwork. In many IP-related documents, this device is also referred to as a gateway. The term router is used in this manual. The router stores all the routing information in the form of a routing table.
mrouted structures routing information in the form of a pruned broadcast delivery tree that contains routing information. mrouted structures routing information only to those subnets that have members of the destination multicast group. In other words, each router determines which of its virtual network interfaces are in the shortest path tree. In this way, DVMRP can determine if an IP multicast datagram needs to be forwarded.
You can use IP multicast addresses only as destination addresses, and they must never appear in the source address field of a datagram. Internet Control Message Protocol (ICMP) error messages are not generated for multicast datagrams. Because IP Internet addressing is a software manifestation of the underlying physical network, you must map IP addresses to physical addresses that the hardware comprising the network understands. Normally, IP multicast addresses are mapped to 802.
In large local networks, multiple paths often exist to other parts of the local network. You can use gated to maintain nearly optimal routing to other parts of the local network, and to recover from link failures. Advantages gated offers the following advantages: • Dynamic routing eliminates the need to reset routes manually. When network failures occur, routes are automatically rerouted. • Dynamic routing facilitates adding and administering nodes.
gated supports the following interior gateway protocols, as defined in IETF RFCs: • Routing Information Protocol (RIP) is a common routing protocol used within an autonomous system. A de facto industry standard, it is also used by routed, a service distributed by Berkeley. RIP is not intended for use in wide area network (WAN) applications. There are currently two versions of RIP implementations: Version 1, as defined in RFC 1058, and Version 2, as defined in RFC 1388.
systems that must be traversed to reach a destination. gated supports BGP Versions 2, 3, and 4, as described in RFCs 1163 and 1267. gated also supports the Router Discovery Protocol (RDP), which is neither an interior nor an exterior gateway protocol. RDP is used to inform hosts of the existence of routers to which the hosts can send packets. It is used instead of, or in addition to, a statically configured default router.
2 Configuring mrouted This chapter describes how to configure mrouted and the various configuration commands in mrouted. It also provides information on starting and verifying the mrouted installation. A description of the mrouted routing tables is also provided, along with the various multicast routing support tools.
replace the remote IP address, remote-addr, by a host name, but only if the host name has a single IP address associated with it. Before you can use a tunnel, it must be set up in the mrouted configuration files of both the mrouted routers participating in the tunnel. mrouted 3.8 does not support the srcrt option. (It provided backward compatibility with older versions of mrouted that implemented IP multicast datagram encapsulation using IP source routing.
The primary use of the boundary option is to allow concurrent use of the same IP multicast addresses on downstream subnets, without interfering with multicast broadcasts using the same IP multicast addresses on subnets that are upstream from the mrouted gateway. The cache_lifetime value determines the amount of time that a cached multicast route remains in the kernel before timing out. This value is specified in seconds and must be between 300 (5 minutes) and 86400 (24 hours). The default value is 300.
Displaying mrouted Routing Tables mrouted contains three routing tables: the virtual interface table, the multicast routing table, and the multicast routing cache table. The virtual interface table displays the following topological information for each virtual interface: • Physical and tunnel interfaces. • The number of incoming and outgoing packets at each interface. • The value of specific configuration parameters, such as metric and threshold.
QUIT Dumps the internal routing tables (virtual interface table and multicast routing table) to stderr (only if mrouted was invoked with a nonzero debug level). You can send signals to mrouted by issuing the HP-UX kill command at the HP-UX prompt. For example: kill -USR1 pid where pid is the process ID of the mrouted daemon. For more information on the routing tables, type man 1M mrouted at the HP-UX command prompt, and see the EXAMPLE section.
3 Configuring gated gated handles multiple routing protocols. You can configure the gated daemon to perform all or any combination of the supported protocols. The HP-UX 11i v2 and HP-UX 11i v3 operating systems support gated 3.5.9. This chapter contains information about how to configure gated on various routing protocols. It also describes how to specify the tracing options and route preference in gated, and discusses certain troubleshooting measures.
some new global options have been added, and options have been added for some of the protocols. For details about the new syntax, type man 4 gated.conf at the HP-UX prompt. If you do not want to use any of the gated 3.5.9 features and do not have any tracing configured in your gated 3.0 /etc/gated.conf configuration file, you can continue to use your 3.0 configuration file with gated 3.5.9. If you do have tracing configured in your gated 3.
The default route may be a local interface, such as in topologies that include a proxy ARP server on the local network. If the default route is a local interface, add the following entry to /etc/gated.conf: static { default interface local_IP_Address retain ; } ; The local_IP_Address is the local system’s IP address of the interface or network interface name (that is, lan0, lan1, and so on) that acts as the default route.
input_config_file_name is the name of the gated 3.0 file you want to convert. You must specify this name, because the tool does not assume that you are converting the default file, /etc/gated.conf. output_config_file is the name of the new configuration file for gated 3.5.9. You must specify this name, because the tool does not assume that you are coverting the default file, /etc/gated.conf. For example, to convert the gated 3.0 configuration file to gated 3.5.
finds two or more network interfaces, the node not only listens but also broadcasts or multicasts the RIP information. If you do not specify a RIP statement in your configuration file, rip on is assumed. The following describes the various options in the RIP statement: • broadcast specifies that RIP packets are always generated. If the RIP protocol is enabled and more than one interface is specified, broadcast is assumed.
clauses. version 2 multicast implies that you want to send Version 2 packets (containing subnet mask information). version 2 broadcast implies that you want to send Version 2 packets. If you do not specify a version, version 1 is assumed. • [secondary] authentication [none [simple | md5] password] specifies the type of authentication for RIP Version 2 packets (it is ignored for Version 1 packets).
and update its routing table. The first syntax statement enables RIP on node A’s interface (121.1.0.10) to multicast routing information. The second statement specifies a static local default route to prevent gated from deleting it. B: RIP Router Set up /etc/gated.conf as follows: rip yes { interface all version 2 multicast ; }; This enables the RIP protocol to multicast routing information on all interfaces.
}; rip yes { interface 130.15.0.6 noripout ; interface 121.1.0.92 version 2 multicast; }; static { default gateway 121.1.0.2 preference 255 ; }; In the previous example, setting rip to yes is similar to setting rip to broadcast. Both the arguments inform the node to send out RIP packets, because the node has at least two interfaces. To reduce traffic on the 130.15.0.0 LAN, use the noripout option on this interface. This prevents RIP from sending packets on the 130.15.0.0 network. To isolate the 130.15.0.
Controlling RIP Traffic This section describes configuration options for RIP routing information sent by gated from the node. Use these options to hide all or part of your network from other networks or to limit network traffic. The RIP protocol definition in the /etc/gated.conf file contains the following two options for limiting RIP routing information exported by gated: • The noripout clause in the interface definition informs gated not to send any RIP information through the listed interfaces.
Figure 6 Areas Defined in an Autonomous System Internal routers have all their directly connected networks in the same area. In Figure 6, routers A, B, and H are internal routers. Routers that are connected to multiple areas are called area border routers. In Figure 6, routers F and G are area border routers. Routers that connect one AS to another are called AS boundary routers. In Figure 6, router D is an AS boundary router. Neighbor routers are routers that interface to a common network.
Table 2 Types of Link State Advertisements Type Content Originated By Flooded Throughout Router link Router’s links to area Internal and area border routers Area Network link List of routers attached to network Designated router Area Summary link Routes to destinations outside area but within AS Area border router Area AS external link Routes to destinations outside AS AS boundary router AS AS boundary routers exchange routing information with routers in other autonomous systems.
10. Determine if routing packets are authenticated for each area. See “Authentication” (page 37) for more information 11. Identify AS boundary routers. See “AS External Routes (AS Boundary Routers Only)” (page 39) for more information. Enabling OSPF The default router identifier used by OSPF is the address of the first interface on the router encountered by gated. To set the router identifier to a specific address, specify the routerid interface statement in the Definition class of the /etc/gated.
You can define various characteristics for an area and interfaces. The following sections describe the configuration statements that you can use in defining an area. The networks Statement The networks statement defines the address ranges that forms an OSPF area. This definition applies only to area border routers, where multiple areas are specified, and is required only if you need to compress a number of subnets using a network mask.
You can specify the cost clause optionally to define a cost of sending a packet on the interface. This cost is advertised as the link cost for this interface. See “Cost” (page 38) for more information on setting interface costs. You can also enable or disable the interface definition. If you do not explicitly specify disable, an interface definition is enabled by default.
• routerdeadinterval specifies the time interval (in seconds) for which the Hello packets are not received from a router before it is considered down or inactive by its neighbors. This value must be a multiple of the hellointerval value. ◦ Default: None (you must specify a value) ◦ Range: 0 – 65535 NOTE: • The routerdeadinterval value must be the same for all OSPF routers. You can use the password authkey to validate the protocol packets received on the router interface.
pollinterval must be larger than the value of hellointerval. A sample value for an X.25 network is 2 minutes. • ◦ Default: None (you must specify a value) ◦ Range: 0 – 255 routers specify the list of routers attached to the non-broadcast network. Routers are defined by their IP interface addresses. You must define the routers that are eligible to be designated routers as eligible. Figure 10 shows an example of a router (A) that is connected to an NBMA network through the interface 193.2.1.35.
NOTE: • The hellointerval value must be the same for all OSPF routers. routerdeadinterval specifies the time interval (in seconds) for which the Hello packets are not received from a router before it is considered down or inactive by its neighbors. This value must be a multiple of the hellointerval value. ◦ Default: None (you must specify a value) ◦ Range: 0 – 65535 NOTE: The routerdeadinterval value must be the same for all OSPF routers.
An area border router advertises a default route in the stub area as the summary of all the IP destinations that are reachable outside the AS. Summary link advertisements (routes to destinations outside the area but within the AS) are still sent into the stub area. The stub statement specifies that the area is a stub area. You can optionally define a cost clause to specify the cost associated with the default route that is advertised in the stub area.
Figure 13 Backbone Configuration Example The following is an example of the backbone router definition in router A’s /etc/gated.conf file: backbone { interface 15.13.115.156 { enable ; transitdelay 20 ; priority 20 ; hellointerval 30 ; routerdeadinterval 120 ; retransmitinterval 60 ; } ; } ; If the router is directly attached via a point-to-point interface to a host that is not running OSPF, you can prevent sending OSPF Hello packets to the host.
Figure 14 Simple Password Authentication The following example shows an authtype statement that enables a simple password authentication for the routers in the area and an authkey statement in the interface definition that defines a password (travis) to validate protocol packets received by the router: area 0.0.0.1 { authtype simple ; networks { 193.2.1.16 mask 0xfffffff0 ; 193.2.1.32 mask 0xfffffff0 ; } ; interface 193.2.1.35 nonbroadcast cost 5 { routers { 193.2.1.33 eligible ; 193.2.1.
Figure 15 Cost Configuration Example In Figure 15, there are two possible packet routes between nodes A and D: one route goes through node B and the other route goes through node C. The cost of each route is calculated as follows: Node A to node B and node B to node D: 5+5 = 10 Node A to node C and node C to node D: 5+10 = 15 The lowest cost OSPF path between nodes A and D is therefore through node B. However, packets are rerouted through node C if there is a link failure between node B and LAN 2.
You must specify the defaults statements in the OSPF protocol configuration only for AS boundary routers. These statements specify how external routing information is handled by the OSPF protocol. You can define the following in the defaults statements: • • preference specifies the preference value given to the ASE routes imported from other autonomous systems. The preference value determines the order of routes to the same destination in the routing table.
Figure 16 OSPF Sample Configuration A: Internal Router (Non-Stub Area) Set up /etc/gated.conf as follows: # Router A Configuration OSPF yes { area 0.0.0.1 { interface 193.2.1.35 priority 5 ; enable ; hellointerval 5 ; routerdeadinterval retransmitinterval } ; } ; } ; (non-stub area) cost 5 { 20 ; 10 ; The configuration for the internal router A is for a multicast interface. For an NBMA interface, you can set the configuration in /etc/gated.
OSPF yes { defaults { cost 5 ; } ; area 0.0.0.1 { interface 193.2.1.33 cost 5 { priority 15 ; enable ; hellointerval 5 ; routerdeadinterval 20 ; retransmitinterval 10 ; } ; } ; area 0.0.0.2 { interface 193.2.1.17 cost 5 { priority 15 ; enable ; hellointerval 5 ; routerdeadinterval 20 ; retransmitinterval 10 ; } ; } ; backbone { interface 15.13.115.
/usr/sbin/ospfagt gated must be running before ospfagt is started. Both gated and ospfagt must be running to retrieve OSPF MIB objects. To load the OSPF MIB, select Load/Unload SNMP:MIBS ... from the Options menu of OpenView. Configuring RDP You can use Router Discovery Protocol (RDP), a standard protocol, to inform hosts of the presence of routers to which they can send packets. You can also use RDP instead of host wiretapping routing protocols (for example, RIP).
multicast address 224.0.0.2 or to the interface’s broadcast address (if multicasting is not supported). When the RDP client receives a router advertisement, the host installs a default route to each of the addresses listed in the advertisement.
Installing Static Routes The static statement specifies a router or an interface in the kernel routing tables. The following is an example of a static route: static { 193.2.1.32 mask 0xfffffff0 gateway 193.2.1.30 preference 8 retain ; } ; If you specify an export statement for the default route, the route is passed on to other routers. If you specify only the static statement and not an export statement, then the default route is not passed on as a route to other routers.
configuration file, type man 4 gated.conf at the HP-UX prompt. See “Troubleshooting gated” (page 49) for more information on tracing options. Specifying Route Preference gated maintains a routing table that consists of the route information learned from OSPF and from other active routing protocols, such as RIP or EGP. You can also configure static routes in the /etc/gated.conf file with one or more static clauses (see “Installing Static Routes” (page 45) for more information).
• In a defaults statement in the OSPF protocol configuration. This preference definition specifies the preference value of ASE routes that are imported into OSPF. See “AS External Routes (AS Boundary Routers Only)” (page 39) for more information. ASE routes are imported into OSPF with a default preference of 150. • In an import statement in the Control class of the /etc/gated.conf file. This preference definition overrides any preference defined in the defaults section of the OSPF protocol configuration.
}; }; Starting gated To start gated, complete the following steps: 1. Set the environment variable GATED to 1 in the file /etc/rc.config.d/netconf to start gated automatically upon system startup. 2. Reboot your system, or issue the following command to run the gated startup script: /sbin/init.d/gated start You can also start gated by running the command gdc start.
Troubleshooting gated This section describes the following techniques for troubleshooting gated and some common problems encountered with gated operation: • “Checking for Syntax Errors in the Configuration File” (page 49) • “Tracing gated Activity” (page 49) • “Operational User Interface for gated – gdc” (page 50) • “The gated Routing Table” (page 50) • “The ripquery Tool” (page 50) • “The ospf_monitor Tool” (page 50) • “Common Problems” (page 50) Checking for Syntax Errors in the Configuratio
Operational User Interface for gated – gdc gdc provides a user-oriented interface for the operation of gated. It provides the following functions: • Starting and stopping gated. • Delivery of signals to manipulate gated. • Maintenance and checking the gated configuration file for syntax. • Production and removal of state dumps and core dumps. gdc determines the state of gated and produces a reliable exit status during errors, which is useful in shell scripts that manipulate gated.
Interface Configuration With strictintfs Option Specified The following configuration references a non-existent interface. The options strictintfs line in the interfaces statement ensures that all the configured interfaces exit before gated starts.
lan2 Index 3 Address 802.2 8:0:9:3d:2c:b1 Refcount: 2 Up-down transitions: 0 Change: <> State: <> 198.1.1.17 Metric: 0 MTU: 1436 Refcount: 4 Preference: 0 Down: 120 Change: <> State: Broadcast Address: 198.1.1.255 Subnet Number: 198.1.1 Subnet Mask: 255.255.255 lan1 Index 4 Address 802.2 8:0:9:3d:3c:69 Refcount: 2 Up-down transitions: 0 Change: <> State: <> 198.2.1.
Perform one of the following actions: • If the route was learned over RIP, use /usr/sbin/ripquery to query the first-hop router for the route. That router may claim to have heard the route from another router. • If the first-hop router is another host running gated, have that host’s gated dump its routing table to find out where it learned about the route. You may have to repeat this process several times to track down the original source of the route.
Index A all hosts group, 9 area border router, 28 configuration example, 36 area statement in /etc/gated.conf file, 30 areas, OSPF, 29 example configuration, 30 AS, 11 Assigned Numbers Authority, 29 authentication in OSPF, 37 authkey statement in /etc/gated.conf file, 33, 37 authtype statement in /etc/gated.conf file, 37 autonomous system areas, 28 boundary routers, 28 external routes, 39 obtaining a number for, 11 obtaining a number from IANA, 29 routing levels, 29 B backbone statement in /etc/gated.
static statement, 44 stub statement, 36 stubhosts statement, 35, 39 tag value, 40 traceoptions statement, 24 transmitdelay statement, 32 trustedgateways clause, 24, 27 type value, 40 version clause, 24 EGP routing protocol, 12 encapsulation, 9 equal cost multipath in OSPF protocol, 12 Ethernet multicast address, 10 export statement in /etc/gated.conf file, 39, 45 exporting RIP routes, 27 exportinterval value in /etc/gated.conf file, 40 exportlimit value in /etc/gated.
multicast routing cache table, 17 multicast routing table, 17 multicasting, 8 ospf statement in /etc/gated.conf file, 30 ospf_monitor command, 50 N P name command in mrouted, 16 NBMA, 32 network interface, 32, 33 neighbor routers, 28 netconf file, 48 netid see network ID field network definition for OSPF, 31 network ID field in IP address, 9 networks statement in /etc/gated.conf file, 31 nobroadcast clause in /etc/gated.conf file, 23, 24 nocheckzero statement in /etc/gated.
router interfaces in OSPF, 29 router solicitation, 43 routerdeadinterval statement in /etc/gated.conf file, 33, 35 routers statement in /etc/gated.
