Upload
doantuong
View
224
Download
2
Embed Size (px)
Citation preview
PrefaceIn this issue of ZTE's "Maintenance Experience", we continue to
pass on various field reports and resolutions that are gathered by ZTE
engineers and technicians around the world.
This issue presents the following content:
● Eight maintenance cases related to ZTE's Data Products● Two special Documents
Have you examined your service polices and procedures lately? Are
you confident that your people are using all the tools at their disposal? Are
they trained to analyze each issue in a logical manner that provides for
less downtime and maximum customer service? A close look at the cases
reveals how to isolate suspected faulty or mis-configured equipment, and
how to solve a problem step by step, etc. As success in commissioning
and service is usually a mix of both discovery and analysis, consider
using this type of approach as an example of successful troubleshooting
investigations.
While corporate leaders maintain and grow plans for expansion,
ZTE employees in all regions carry out with individual efforts towards
internationalization of the company. Momentum continues to build, in
all levels, from office interns to veteran engineers, who work together to
bring global focus into their daily work.
If you would like to subscribe to this magazine (electronic version) or
review additional articles and relevant technical materials concerning ZTE
products, please visit the technical support website of ZTE Corporation
(http://support.zte.com.cn).
If you have any ideas and suggestions or want to offer your
contributions, you can contact us at any time via the following email:
Thank you for making ZTE a part of your telecom experience!
Maintenance Experience Editorial CommitteeZTE CorporationOctober, 2007
Maintenance ExperienceEditorial Committee
Director: Zhou Susu
Deputy Director: Chen Jianzhou
Editor-in-Chief: Yang Cheng
Editors:Jiang Guobing, Zhang Shoukui,Tang Hongxuan,Wu Feng,Yuan Yufeng, Chen Huachun,Gu Yu,Li Gangyi,Song Jianbo,Tian Jinhua,Liu Xianmin,Zhu Wensheng,Ling Changwen,Zhu Xiaodong,Zhang Zhongdong,Wang Zhaozheng,Lei Kun,Wang Tiancheng,Chen Fuqi,Cai Hongming
Technical Senior Editors:Hu Jia,Tao Minjuan,Zhang Fan
Executive Editor:Bai Jianwen
Maintenance ExperienceNewsroom
Address: ZTE Plaza, Keji Road South, Hi-Tech
Industrial Park, Nanshan District,
Shenzhen, P.R.China
Postal code: 518057
Contact: Song Chunping
Email: [email protected]
Tel: +86-755-26770600,26771195
Fax: +86-755-26772236
Document support mail box: [email protected]
Technical support website: http://ensupport.zte. com.cn
Contents
OSPF Problem on ZXR10 T160G 2
Network Malfunction Caused by PPP Interconnection 4
Cluster Malfunction Processing 6
BGP Connection Interruption Processing 8
MPLS VPN Malfunction Processing 11
E1 Docking Processing 15
Configuring Route Filtration on T64E 18
Policy Routing Application 20
VRRP Configuration 23
BGP Route 33
October 2007 Issue 74
Maintenance Experience2
OSPF Problem on ZXR10 T160G⊙ Li Budong, ZTE Corporation
1 Malfunction SituationA ZXR10 T160G switch is connected
w i t h f o u r d e v i c e s a t a t i m e : a n
OminiSwtich8800 and an OminiSwtich7700
of Bell ALCATEL, a GSR12012 router of
Cisco and an EX1400 router of SIEMENS.
OSPF is configured on ZXR10 T160G and
these four devices, as shown in Figure 1.
Z X T 1 0 T 1 6 0 G e s t a b l i s h e s
OSPF adjacency relat ionships with
OminiSwtich8800 and OminiSwtich7700.
They learn routes from each other. ZXR10
T160G fails to establish OSPF adjacency
relationships with GSR12012 router of
Cisco and an EX1400 router. When using
show ip ospf neighbor command to view
information, it is found that Router ID
of these two devices can be viewed on
T160G, but OSPF neighbor establishment
state is not Full, as shown below.
ZXR10#show ip ospf neighbor
OSPF Router with ID (10.10.10.10)
Keyword: ZXR10 T160G, OSPF, MTU
(Process ID 200)
Neighbor 134.1.1.201
In the area 0.0.0.0
via interface gei_2/1 134.1.1.201
Neighbor is DROTHER
State 2way, priority 0, Cost 1
Queue count : Retransmit 0, DD 0, LS Req 0
Dead time : 00:00:38 Options : 0x42
In Full State for 00:00:00
2 Malfunction AnalysisTo analyze this malfunction, perform the
following steps.
(1) Check detail configuration on T160G, and
no problem is found.
(2) Use show interface [<port-name>] command
to view interface state on T160G that connects with
GSR12012. Output is shown below.
ZXR10#show interface gei_2/1
gei_2/1 is up, line protocol is up
Description is none
Duplex full
The port is electric
vlan mode is hybrid, pvid 1
MTU 1500 bytes
BW 1000000 Kbits
Syslog send disable
Last clearing of "show interface" counters never
120 seconds input rate 0 Bps, 0 pps
120 seconds output rate 0 Bps, 0 pps
Interface peak rate : input 58 Bps, output 64
Bps
Interface utilization: input 0%, output 0%
Input:Figure 1. Network Topology
www.zte.com.cn
3Data Products
Packets : 33 Bytes: 3378
Unicasts : 0 Multicasts: 0 Broadcasts: 10
Undersize: 0 Oversize : 0 CRC-
ERROR : 0
(3) Use show interface [<port-name>] command
to view interface state on GSR12012 that connects
with T160G. Output is shown below.
Router# show interfaces ethernet 0/0
Ethernet0/0 is up, line protocol is up
Hardware is AmdP2, address is 0003.e39b.9220
(bia 0003.e39b.9220)
Internet address is 134.1.1.201/8
MTU 1526 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input 4d06h, output never, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0
drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
19 packets input, 2330 bytes, 0 no buffer
Received 19 broadcasts, 0 runts, 0 giants, 0
throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0
ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped
out
Results in step2 and step3 show that MTU on
interface of GSR12012 is 1526 bytes, while MTU
on interface of T160G is set to 1500 bytes. They do
not match.
W h e n e s t a b l i s h i n g a d j a c e n c y
relationship and exchanging DD message,
T160G checks MTU va lue. I f MTU
values of both sides are not the same,
OSPF adjacency relationship can not be
established.
3 SolutionMTU value on interface of T160G can
not be set to a bigger value. It is required
to change MTU value to 1500 bytes on
GSR12012. There are other services on
GSR12012, so MTU value on GSR12012
can not be changed.
To solve this problem, use ip ospf
mtu-ignore command on the interface of
T160G that connects with GSR12012. This
command is to ignore the check of MTU
value consistency.
Interface configuration is shown below.
ZXR10(config)#interface gei_2/1
ZXR10(config-if)#ip ospf mtu-ignore
The problem that OSPF adjacency
relat ionship can not be establ ished
normally between T160G and EX1400 is
also caused by MTU value. To solve this
problem, use ip ospf mtu-ignore command
on the interface of T160G that connects
with EX1400.
Use show ip ospf neighbor command
on T160G to view information about OSPF
adjacency relationship. Result shows that
OSPF adjacency establishment state is
Full, as shown below.
ZXR10#show ip ospf neighbor
OSPF Router with ID (10.10.10.10)
(Process ID 200)
Neighbor 134.1.1.201
October 2007 Issue 74
Maintenance Experience4
Network Malfunction Caused by PPP Interconnection⊙ Wei Hui, ZTE Corporation
In the area 0.0.0.0
via interface gei_2/1 134.1.1.201
Neighbor is DROTHER
State FULL, priority 0, Cost 1
Queue count : Retransmit 0, DD 0, LS
Req 0
Dead time : 00:00:38 Options : 0x42
In Full State for 00:03:52
Now the malfunction is solved.
5 Experience SummaryWhen establishing OSPF adjacency
relationship, both sides exchange and
view DD messages. MTU value check is
to check whether the MTU value in DD message
of the peer is the same as that in DD message
on local interface. If MUT values are not the
same, OSPF adjacency relationship can not be
established.
In actual applications, different MTU values are
used in different services. When it is inconvenient
to change MTU value, use ip ospf mtu-ignore
command on the interface that runs OSPF. This is
to ignore the check of MTU value consistency. This
command is not by default. Use no ip ospf mtu-
ignore command to recover to default state, that is,
MTU value in DD message is checked. ■
Keyword: PPP, NAT, static route, routing
1 Malfunction SituationAs shown in Figure 1, ZXR10 GAR connects
with a Cisco router through a serial interface. PPP
is encapsulated at both sides. NAT is enabled
on ZXR10 GAR. The serial interface via which
GAR connects with Cisco router is used as an
outside interface, with IP address 219.17.20.26/28.
Internal network addresses of users are in
192.168.20.0/24 network segment. Internal IP
addresses are translated to public network address
219.17.20.27/28.
User's PC which connects with ZXR10 GAR
fails to get on-line and can not ping to IP address
of Cisco router 219.17.20.25/28 successfully.Figure 1. Network Topology
www.zte.com.cn
5Data Products
2 Malfunction AnalysisNetwork topology of this malfunction is very
simple, so the problem may be caused by the
following points:● User PC● ZXR10 GAR● Cisco Router● Physical link
Perform the following steps to find out the
cause.
(1) Change a PC and perform tests. The
malfunction does not disappear. PC configuration is
very simple, so the malfunction can not be caused
by PC.
(2) Perform tests, and the results show that
user PC can ping to outside interface on ZXR10
GAR successfully. ZXR10 GAR also can ping to
Cisco router successfully. This means that the
physical link has no problem.
(3) Use show run command to view ZXR10
GAR configuration and no problem is found. View
NAT translation table of GAR and it is found that
there are translation entries of user, as shown
below.
XR10#show ip nat translations
Pro Inside global Inside local TYPE
--- 219.17.20.27 192.168.20.1 S/-
--- 219.17.20.27:1024 192.168.20.3 D/e
--- 219.17.20.27:1025 192.168.20.4 D/e
……
Output above shows that NAT function on GAR
is normal.
GAR can ping to Cisco router successfully,
which means the PPP interconnection is normal.
(4) User can ping to outside interface on GAR
successfully but can not ping to Cisco router
successfully. So the problem may be caused by
Cisco router. View routing tables on Cisco router
and GAR; it is found that direct routes are normal.
Public network address is directly interconnected
network segment address, i t is not
required to configure back route on Cisco
router in theory. On the view of above
indication, data packets are discarded
after they reach Cisco router.
(5) ZXR10 GAR connects with Cisco
router through PPP, which may be the
cause.
PPP is one of the earliest routing
protocols. It only requires routers can
visit each other and it does not provide
any routing. PPP is used to connect two
networks that both have their own routing
protocols. PPP transfers basic structure
information of data groups between two
routers.
That is, PPP does not provide routing
function. When routes are not configured
on a router, this router can only ping to
the interconnection address successfully
and other addresses in the same network
segment are unreachable for this router.
3 SolutionAdd a back route on Cisco router, as
shown below.
ip route 219.17.20.27 255.255.255.248
219.17.20.26
October 2007 Issue 74
Maintenance Experience�
Perform tests, and the results show
that use can get on-line successfully.
The malfunction is solved.
4 Experience SummaryIt is common to use NAT function
compounding static route, especially for
networks of middle and small enterprises. This
structure needs less device investment and the
configuration is simple. It is easy to maintain
devices and troubleshooting malfunctions.
It is not advised to use PPP on outside interface
of routers, as this has relationship with the peer
routers, usually ISP routers. ■
Cluster Malfunction Processing⊙ Wei Hui, ZTE Corporation
1 Malfunction SituationAs shown in Figure 1, cluster function
is enabled on ZXR10 3906, ZXR10 2826S
and ZXR10 2618. ZXR10 3906 is a
command switch, while others are member
switches.
Network administrator fails to log in
member switch ZXR10 2826S to manage it through
command switch ZXR10 3906. Delete user service
Vlan and then cluster management recovers.
2 Malfunction AnalysisTo analyze the malfunction, perform the
following steps.
(1) Use show ztp device-list command on
ZXR10 3906 to view ztp device list. Result is
shown below.
ZXR10 3906#show ztp device-list
Index DeviceID MacAddress Hop SwitchType
Platform
-------------------------------------------------------------
1 1 0 0 d 0 . d 0 c 2 . c 2 2 3 1
MEMBER_SWITCH ZXR10 2816
2 2 0 0 . d 0 . d 0 . f c . 7 6 . f 1 1
MEMBER_SWITCH ZXR10 2826S
3 0 0 0 d 0 . d 0 c 6 . 5 5 8 1 0
COMMAND_SWITCH ZXR10 3906
Keyword: cluster, command switch, member switch, address pool
Figure 1. Network Topology
www.zte.com.cn
7Data Products
Above result shows that ZXR10 2826S is a
member switch.
(2) Use show group member command on
ZXR10 3906 to view group members, as shown
below.
ZXR10 3906#show group members
Index MemberID MacAddress IpAddress
Mask Status
---------------------------------------------------------------
1 1 00d0.d0c6.5581 192.168.1.1
255.255.255.0 Up
2 2 00d0.d0c2.c223 192.168.1.2
255.255.255.0 Up
Above result shows that ZXR10 2826S is not in
cluster group, so network administrator fails to log
in and manage it by command switch ZXR10 3906.
(3) Use show run command on ZXR10 2826S
to check configuration, and no problem is found.
(4) Use group member mac <mac_addr>
command on command switch to add ZXR10
2826S to cluster group, as shown below.
ZXR10 3906 (config)#group member mac 00d0.
d0fc.76f1 member 3
//add ZXR10 2826S to the cluster and designate its
member is to 3
Perform tests. The results show that network
administrator fails to manage ZXR10 2826S.
(5) Cluster management can be recovered
by deleting user service Vlan. Recover service
Vlan configuration and input show arp command.
Result shows that MAC address that corresponds
to management address 192.168.1.6 of ZXR10
2826S is not MAC address of ZXR10 2826S. The
malfunction may be caused by confliction of user
address and management address.
3 SolutionA s s i g n a n a d d r e s s p o o l f o r c l u s t e r
management, as shown below.
group switch-type commander ip-pool
10.0.0.1 length 24
Address pool is in 10.0.0.0/24 network
segment which is different from user
address. Perform tests and the result is as
shown below.
ZXR10 3906#show group members
Index MemberID MacAddress
IpAddress Mask Status
----------------------------------------------------
-----------
1 1 00d0.d0c6.5581 10.0.0.1
255.255.255.0 Up
2 2 00d0.d0c2.c223 10.0.0.2
255.255.255.0 Up
3 3 00d0.d0fc.76f1 10.0.0.3
255.255.255.0 Up
Now ZXR10 2826S is in cluster group
and its state is Up. Cluster management is
normal and the problem is solved.
4 Experience SummaryThe following experience is concluded
from this example:● Plan addresses before configuring
cluster management. Assign cluster
address pool to avoid confl ict ion
with user addresses. By default,
management network segment for
cluster switches is 192.168.1.0/24,
so make sure there is no conflict with
other addresses when using this
default value.● Do no t con f igure a L3 address
manually when configuring cluster
management Vlan. I t is because
when command switch executes
October 2007 Issue 74
Maintenance Experience8
BGP Connection Interruption Processing⊙ Chen Mingfeng, ZTE Corporation
group switch-type command, the
switch enables a L3 interface in this
Vlan automatically. If L3 address is
configured, system prompts “%Code
11727: Create L3 interface failed”.
When a L3 address is configured
manually on a member switch, L3
interface can not be created.● When the following situation appears
on a member switch:
(1) Input show ztp device-list command
and result shows that it is a member
switch.
( 2 ) I n p u t s h o w g r o u p m e m b e r
command and result shows that this switch
is not seen or its state is always Down.
(3) Check conf igurat ion and no
problem is found.
(4) Input no group member mac <mac_addr>
command to set the member switch to a candidate
switch. Result shows it fails.
To process this problem, perform the following
steps.
(1) Use set group independent command on
this member switch to set it to an independent
switch. Then use set group candidate command to
set it to a candidate switch. Do not set the member
switch as a candidate switch directly.
(2) Use no group member [<mem_id>|all]
command on command switch to delete the
member switch.
(3) Use group member {mac <mac_addr>
member <mem_id> | device <device_id> | all-
candidates} command to add the switch as a
member switch again. ■
1 Malfunction SituationConnection between ZXR10 T64E
and Cisco7301 router is established.
After several minutes, the connection is
interrupted.
2 Malfunction AnalysisTo find out the cause of connection
interruption, log on to ZXT10 T64E through
console interface. Use show logging alarm
command to view alarm information on the device.
Result is shown below.
……
22:14:22 11/20/2005 UTC alarm 17961 occurred
%BGP% 00:46:31: BGP: 83.222.168.225 NOTIFY
rcvd sent by UPC(RPU) 1
22:14:24 11/20/2005 UTC alarm 17961 occurred
%BGP% 00:46:31: BGP: 83.222.168.225 reset due
to BGP Notification received sent by UPC(RPU) 1
Keyword: BGP, T64E, timeout
www.zte.com.cn
9Data Products
22:14:24 11/20/2005 UTC alarm 17961 occurred
%BGP% 00:46:31: BGP: 83.222.168.225 went
from Established to Idle sent by UPC(RPU) 1
……
Use show ip bgp neighbor command to view
BGP neighbor state. Result is shown below.
router-sf-0#show ip bgp neighbor
BGP neighbor is 83.222.168.225, remote AS
12615, internal link
BGP version 4, remote router ID 87.246.0.1
BGP state = Established, up for 00:00:15
Last read update 00:00:12, hold t ime is 90
seconds, keepalive interval is 30 seconds
Neighbor capabilities:
Route refresh: advertised and received
Address family IPv4 Unicast: advertised and
received
All received 849 messages
827 updates, 0 errs
3 opens, 0 errs
17 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 errs
2 notifications, 0 other errs
After last established received 270 messages
269 updates, 0 errs, 0 opens, 0 errs
1 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 errs
0 notifications, 0 other errs
All sent 11719 messages
11709 updates, 3 opens, 7 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 notifications
After last established sent 890 messages
890 updates, 0 opens, 0 keepalives
0 vpnv4 refreshs, 0 ipv4 refreshs, 0 notifications
For address family: IPv4 Unicast
Route-Reflector Client
All received nlri 1580, unnlri 0, 1580 accepted
prefixes
All sent nlri 912, unnlri 0, 912 advertised prefixes
maximum limit 4294967295
Minimum time between advertisement
runs is 30 seconds
Minimum time between origin runs is 15
seconds
For address family: VPNv4 Unicast no
activate
All received nlri 0, unnlri 0, 0 accepted
prefixes
All sent nlri 0, unnlri 0, 0 advertised
prefixes
maximum limit 4294967295
Connections established 3
last error code is 4
Last reset 00:00:21, reset due to BGP
Notification received
Local host: 83.222.168.226, Local port:
1031
Foreign host: 83.222.168.225, Foreign
port: 179
Analyze result above. Information “hold
time is 90 seconds, keepalive interval is
30 seconds” shows that hold time of this
BGP session is 90 seconds and keepalive
interval is 30 seconds.
Accord ing to a la rm in fo rmat ion
“BGP: 83.222.168.225 reset due to BGP
Notification received sent by UPC(RPU) 1”
and “Last reset 00:00:21, reset due to BGP
Notification received”, BGP connection is
October 2007 Issue 74
Maintenance Experience10
ENVIRON, ICMP, IGMP, IP, ISIS, OAM, OSPF,
PORT, RIP, RMON, ROS, SECURITY, SNMP, TCP-
UDP, TELNET, URPF and NAT
The four optional parameters are used to
display alarm information. For example, to display
alarm information with IP type and start-date
October 28, 2007, use the following command.
ZXR10#show logging alarm typeid ip start-time
10-28-2007
To clear contents in alarm log buffer, input clear
logging command in privileged mode.
The following is an example that explains how
to analyze alarm information on ZXR10 T64E.
Alarm information is shown below.
23:05:36 11/27/2005 UTC alarm 17954 occurred
%BGP% Neighbor 83.222.168.249 fail send feas
pkt tcb block sent by UPC(RPU) 1
23:05:36 11/27/2005 UTC alarm 17950 occurred
%BGP% Neighbor 83.222.168.249 fail send pkt tcb
block sent by UPC(RPU) 1
23:05:37 11/27/2005 UTC alarm 17950 occurred
%BGP% Neighbor 83.222.168.249 fail send pkt tcb
block sent by UPC(RPU) 1
23:05:37 11/27/2005 UTC alarm 17950 occurred
%BGP% Neighbor 83.222.168.249 fail send pkt tcb
block sent by UPC(RPU) 1
……
Each piece of alarm information starts from
the time when an event begins. Alarm information
above means that when BGP messages are failed
to be sent to TCP layer, and messages are blocked.
TCP un-smooth connection of both sides
causes TCP block. With debug ip tcp packet
command, information about TCP retransmission is
displayed. That peer does not response with ACK
message makes local retransmission timer out-
time or require the peer to retransmit.
Malfunction of this example is caused by ROS
checksum algorithm of V2.6.02, which can be
solved by upgrading the version. ■
interrupted because ZXR10 T64E receives
notification message. That is, it is because
the peer does not receive any keepalive
message within 90 seconds of holdtime
interval and sends notification message to
release the connection.
3 SolutionCheck the devices and it is found that
the ROS version causes the peer device
to receive disorderly TCP messages and
overflows it buffer. This makes TCB block
and the peer device does not receive
keepalive message sent by ZXR10 T64E.
At last, holdtime timer is time out and BGP
connection is released.
The old version is v2.6.02. Upgrade the
version of ZXR10 T64E. The malfunction
is solved.
4 Experience SummaryTo process malfunction, show logging
alarm command is used to view alarm
information on devices. This command
is useful for analyzing malfunctions and
finding out causes.
The complete format of show logging
alarm command is show logging alarm
{[typeid <type>] [start-date <date>] [end-
date <date>] [level <level>]}.
The parameters in this command are
described in Table 1
ARP, BGP, BOARD, DATABASE, DRP,
Parameter Description
typeid <type> Alarm type of alarm information to be displayed
start-date <date> Alarm information to be displayed is started from this date (this date included)
end-date <date> Alarm information to be displayed is ended by this date (this date included)
level <level>Level of alarm information to be displayed (1: emergencies, 2: alerts, 3: critical, 4: errors, 5: warnings, 6: notifications)
Table1. Parameter Descriptions
www.zte.com.cn
11Data Products
MPLS VPN Malfunction Processing⊙ Zhang Jintao, ZTE Corporation
1 Topology OverviewMPLS VPN network topology is shown in
Figure 1. Routing protocols are described as
follows.● OSPF: All devices run OSPF as IGP except
CE.● MPLS/VPN: Two 12416 routers work as P
devices and Router Reflectors (RR). T64E-1,
T64E-2 and HW5200G work as PE devices.
Default routes on CE are to 5200G and T64E-2.
These two routes are with different priorities
and they are back up of each other. VPN back
routes are configured on 5200G and T64E-2.● MP-BGP: All devices in Figure 1 are in AS
“FCNGN”, with AS number 64525. T64E-1 is
also in AS “CN2”, with AS number 4809.
2 Malfunction 1
2.1 Malfunction Situation
T64E-1 and T64E-2 can not ping VPN routes
to each other successfully. For example,
configure loopback address 10.10.10.3/32
on T64E-1 and 10.10.10.6/32 on T64E-2.
Add the two addresses to VPN “FCNGN”.
Keyword: MPLS VPN, OSPF, cost, LDP, LSR, LSP
Figure 1. MPLS VPN Network Topology
October 2007 Issue 74
Maintenance Experience12
Two T64E routers can not ping to the peer
loopback address successfully.
2.2 Malfunction Analysis
Check configuration information on
each device and it is found that LDP
neighbor relationship is not established
on the two P devices when malfunction
appears. When LDP neighbor relationship
is not established on the two P devices,
T64E-1 and T64E-2 can ping VPN routes
to each other successfully. Change over
VPN routes that are distributed by CE
from 5200G to T64E-2, and NGN services
run normally.
To test and verify the malfunction
cause further, make LDP neighbors
be tween the two P dev ices down.
Malfunction appears again. This shows
that LDP neighbor relationship interruption
between the two P devices causes this
function.
Now perform the following test.
(1) Trace loopback address o f
T64E-1 on T64E-2, as shown below.
FC-T64E#trace 61.220.18.2
tracing the route to 61.220.18.2
1 61.220.18.81 0 ms 0 ms 0 ms
2 61.220.18.165 0 ms 0 ms 0 ms
3 61.220.18.70 0 ms 1 ms 0 ms
[finished]
Route is T64E-2→12416-2→12416-1→
T64E-1.
(2) Trace loopback address of T64E-2 on
T64E-1, as shown below.
YZ-T64E#trace 61.220.18.6
tracing the route to 61.220.18.6
1 61.220.18.69 1 ms 0 ms 0 ms
2 61.220.18.190 0 ms 0 ms 0 ms
3 61.220.18.82 0 ms 0 ms 0 ms
[finished]
Route is T64E-1→12416-1→5200G→T64E-2.
Route that packets going from a PE to another
PE is controlled by Label Switching Path (LSP).
Results above show that routes that packets go
from T64E-1 to T64E-2 and from T64E-2 to T64E-1
are different. It is because LSP is interrupted,
which is due to LDP neighbor relationship between
two 12416 routers are not established.
Check configuration information on each
device and cost value on each interface of these
devices are shown in Figure 2.
As shown in Figure 2, the best route from
T64E-2 to T64E-1 is T64E-2→12416-2→12416-1
→T64E-1, with total cost value 5+10+10=25.
The best route from T64E-1 to T64E-2 is
T64E-1→12416-1→HW5200G→T64E-2, with total
cost value 10+10+5=25.
Cost values of OSPF interconnection are
different, so routes from T64E-2 to T64E-1 and
from T64E-1 to T64E-2 are different.
To share load that goes out from HW5200G on Figure 2. Cost Value
www.zte.com.cn
13Data Products
both 12416 routers, cost values are modified, as
shown in Figure 2. Cost value from HW5200G to
12416-1 is 10, and to 12416-2 is 5+5=10, so load
is balanced.
N o w a n a l y z e r e l a t e d i n f o r m a t i o n f o r
establishing LDP neighbor relationship. Take T64E
for example.
YZ-T64E#show mpls ldp neighbor
Peer LDP Ident: 61.220.18.59:0; Local LDP Ident
61.220.18.2:0
TCP connection: 61.220.18.59.44195 -
61.220.18.2.646
state: Oper; Msgs sent/rcvd: 27573/25458;
Downstream
Up Time: 12d23h
LDP discovery sources:
gei_1/1; Src IP addr: 61.220.18.69
Addresses bound to peer LDP Ident:
61.220.18.59 61.220.18.162 61.220.18.189
61.220.18.193
61.220.18.197 61.220.18.201 61.220.18.205
61.220.18.237
61.220.18.77 61.220.18.141 61.220.18.241
61.220.18.65
61.220.18.117 61.220.18.69 61.220.18.221
61.220.18.177
61.220.18.173 61.220.18.229 61.220.18.169
61.220.18.165
61.220.18.154 59.43.67.50 59.43.67.54
Bold contents are basic information for
establishing LDP neighbor relationship, including:● Peer LDP ID
LDP ID is a field of 6 bytes. Its format is shown
as follows.
LDP router-id (4 bytes) L a b e l S p a c e I D ( 2
bytes)
Label Space is divided into two types:
Each port label space
Each interface running MPLS maintains its
own label space. It is used in VCI of ATM
and DLCI of frame relay.
Each platform label space
Interfaces running MPLS on a
device share a label space. At
present, almost routers of different
vendors support each platform label
space. In each platform label space,
the last two bytes are 0. It is seen
that T64E in this example uses each
platform label space.● TCP connection
T C P c o n n e c t i o n e s t a b l i s h e d
through IGP routes requires two
Label Switching Routers (LSRs) to
establish LDP neighbor relationship.
LSRs exchange UDP messages and
destination port number is fixed to 646.● Negotiation information for establishing
LDP neighbor relationship
Negotiation information includes label
distribution mode (downstream-on-
demand or downstream-unsolicited),
L D P v e r s i o n , t i m e a n d o t h e r
parameters.
Requirement for establishing LDP
neighbor relationship is that the two LSRs
should be neighbors. That is, LSPs should
be directly connected, and routes between
LSRs are direct. For example, when user
traces the peer router ID on each LSR,
there is only one hop to the peer, as
shown below.
YZ-T64E#trace 61.220.18.59
tracing the route to 61.220.18.59
1 61.220.18.69 0 ms 0 ms 0 ms
[finished]
To test and verify this requirement
further, perform the following test.
As shown in Figure 3, LDP neighbor
October 2007 Issue 74
Maintenance Experience14
relat ionships between 12416-1 and
5200G, 12416-2 and 5200G are normal.
Now change cost value on interface
connecting with 12416-2 on 5200G to
100. Trace lookback address of 12416-2
on 5200G. Result shows that the route
does not take the direct link, and LDP
neighbor relationships between 12416-2
and 5200G is interrupted.
In Figure 1, cost values are modified,
so routes between LDP router IDs of two
12416 routers are not directly next hop
routes. Then LDP neighbor relationship is
interrupted.
2.3 Solution
To maintain normal status of VPN
services, modify cost value on interface
connecting with T64E-2 on HW5200G,
and make sure routing paths on T64E-1
and T64E-2 to each other are the same.
3 Malfunction 2
3.1 Malfunction Situation
T64E-1 and T64E-2 fail to learn VPN
routes on HW5200G. HW5200G also
fails to learn VPN routes on T64E-1 and
T64E-2. VPN name is FCNGN.
3.2 Malfunction Analysis
Related VPN configuration information
on ZXR10 T64E is shown below.
ip vrf FCNGN
rd 64525:1
route-target import 64525:1
route-target export 64525:1
!
Related VPN configuration information on
HW5200G is shown below.
route-target import 100:1
route-target export 100:1
……
Information above shows that route-target
import and export are different on ZXR10 T64E
and HW5200G.
In MPLS/VPN network, when CE distributes a
VPN route to PE, route-target export information
is added to this route by PE. Then PE distributes
this route to other PEs. When other PEs receive
this route, they check whether route-target export
information in this route is the same with route-
target import information of their own. If it is the
same, PE receives this route; otherwise, this route
is discarded.
As route-target import and export information
on ZXR10 T64E is not the same as that on
HW5200G, T64E-1 and T64E-2 do not receive
VPN routes sent by HW5200G. HW5200G does
not receive VPN routes sent by T64E-1 and
T64E-2, either.
3.3 Solution
Modify route-target import and export values
on HW5200G to 64525:1.
The malfunction is solved.
3.4 Experience Summary
The following experience is concluded from
this example:
Figure 3. Verifying LDP Neighbor Relationship Requirement
www.zte.com.cn
15Data Products
● Cost values on interfaces of metropolitan area
network devices (12416 routers) are modified,
so routes between LDP router IDs of two 12416
routers are not directly next hop routes. Then
LDP neighbor relationship is interrupted.● Cost values on interfaces of metropolitan
area network devices (T64E-2 and 5200G)
are modified, so routes that packets go from
T64E-1 to T64E-2 and from T64E-2 to T64E-1
are different. Then LDP neighbor relationship
between two 12416 routers is interrupted and
LSP from T64E-2 to T64E-1 is interrupted,
which interrupts VPN services.● Route- ta rget impor t and expor t
are different on ZXR10 T64E and
HW5200G, so T64E-1 and T64E-2 fail
to learn VPN routes on HW5200G,
and HW5200G also fails to learn VPN
routes on T64E-1 and T64E-2.
According to analysis given above,
when extending capacity of metropolitan
area network devices, avoid implementing
load balance by modifying cost values. ■
E1 Docking Processing⊙ Wang Wenke, ZTE Corporation
1 Malfunction SituationWhen routers ZXR10 1842 and ZXR10 1822
connect with Cisco 2811 router by CE1 module,
protocol negotiation fails. The version of Cisco
2811 router is 12.4.
2 E1 BackgroundE1 link is one of the most widely used WAN
links. It has the following features.● Bandwidth of an E1 link is 2.048M. E1 link uses
PCM coding.● Frame length of an E1 link is 256 bits. It is
divided into 32 time slots, with 8 bits for each.● 8k E1 frames pass an interface per second, so
transmission rate is 8k*256bps=2048kbps.● Each time slot occupies 8 bits in an E1 frame.
8*8k=64k, so there are 32 64k on an
E1 link.
3 Frame Structure of E1 ChannelOn an E1 link, 8 bits form a Time Slot
(TS), and 32 time slots form a Frame
(F), then 16 frames form a multi-frame.
In a frame, TS0 is used to transmit FAS,
CRC-4 and the peer alarm indication.
TS16 is used to transmit CAS, multi-
frame alignment signal and multi-frame
peer alarm indication. TS1~TS15 and
TS17~TS31 are used to transmit voice
or data information. TS1~TS15 and
TS17~TS31 are called payload, while TS0
Keyword: channelized E1, un-channelized E1, ZXR10 1842/1822, Cisco 2811
October 2007 Issue 74
Maintenance Experience1�
and TS16 are called cost. When out-band
CCS is used, TS16 transmits information
instead of signaling. In this situation,
TS1~TS31 are payload and only TS0 is
cost.
4 E1 InterfacesThere are two types of E1 interfaces:
● G.703 unbalanced 75 ohm interface● G.703 balanced 120 ohm interface
5 E1 Link UsesThere are three types of E1 uses:
● Use the whole 2M bandwidth as a link,
such as DDN 2M.● Divide the whole 2M bandwidth into
multiple 64k bandwidths and make
different combinations, such as 128K
and 256K. This is CE1.● Divide the whole 2M bandwidth into
32 time slots. This is applied in digital
frame relay of voice switch and the
primary use of E1 link. TS0 and TS16
are used to transmit signaling, so 30
ways of voice signaling. PRI is one
of the most commonly used access
methods. Its standard is called PRA
signaling.
6 Working PatternsThere are two working patterns on CE1/PRI
interface:● E1 working pattern (channelized E1)● CE1/PRI working pattern (un-channelized E1)
When CE1/PRI interface works in channelized
E1 pattern, the interface equals an interface
with 2Mbps data bandwidth and no time slot. Its
logical characteristic is the same with that of a
synchronous serial interface, supporting data
link protocols such as PPP, FR and HDLC, and
network protocols such as IP and IPX.
When CE1/PRI in te r face works in un-
channelized E1 pattern, a frame is divided into
32 time slots physically. Numbers range from 0 to
31. In this pattern, the interface is used as a CE1
interface or a PRI interface.
7 Malfunction AnalysisThere are two modes to connect ZXR10 1800
routers with Cisco routers through CE1 interface,
channelized E1 and un-channelized E1.
In this malfunction, un-channelized E1 mode is
used to connect ZXR10 routers with Cisco router.
Protocol negotiation fails. Alarm information on
ZXR10 1800 routers is shown below.
00:01:00 01/01/2001 UTC alarm 18721 occurred
%IP% Interface down on.
Look up related information and it is found
that E1 card on Cisco 2811 router only supports
channelized encapsulation, so protocol negotiation
fails.
8 SolutionIn channelized E1 configuration, Cisco router is
in “controller” mode and there is no framing crc32
command for docking with ZXR10 1800 routers.
There is only framing crc4 command option in
current version of Cisco router. Command format
is as shown below:
www.zte.com.cn
17Data Products
Cisco-Router(config-controller)#linecode {ami |
hdb3} framing {crc4 | no-crc4}
To solve this problem, it is recommended not
to configure this command. It is recommended to
configure Cisco router and ZXR10 1800 routers as
follows.
Cisco router configuration:
Cisco(config)#controller e1 0/0/0
Cisco(config-controller)#linecode hdb3
Cisco(config-controller)#channel-group 0 timeslots
1-31
Cisco(config-controller)#exit
Cisco(config)#interface serial 0/0/0:0
Cisco(config-if)#encapsulation ppp
Cisco(config-if)#ip address …… ……
ZXR10 1800 router configuration:
Zxr10(config)#controller ce1_1/1
Zxr10(config-controller)#channel-group 1
timesulots 1-31
Zxr10(config-controller)#exit
Zxr10(config)#interface ce1_1/1.1
Zxr10(confgi-subif)#encapsulation ppp
Zxr10(config-subif)#ip address …… ……
Note : By de fau l t , PPP packe ts
are encapsulated on E1 interfaces of
ZXR10 routers. While HDLC packets are
encapsulated on E1 interfaces of Cisco
routers by default. When connecting
ZXR10 routers with Cisco routers, change
encapsulation mode on either ZXR10
routers or Cisco routers. ■
October 2007 Issue 74
Maintenance Experience18
Configuring Route Filtration on T64E⊙ Yuan Yuejun, ZTE Corporation
Keyword: route policy, BGP, route entry, route-map
1 Malfunction SituationBusiness-net spots connecting with
ZXT10 T64E router can not be operated
normally. View interface information with
malfunction on T64E. Result shows that
interface states are Up but it fails to ping
to T64E successfully or telnet to T64E.
Network topology is as shown in Figure 1.
2 Malfunction AnalysisCheck devices in each business spot.
Routers that connect with T64E in each
business spot are low-end routers. View
information via console interface on these
routers. It is found that there is alarm information
for memory lack, as shown below.
%% Low on memory; try again later %OSPF-3-
NOMEMORY: No memory for link state database
%OSPF-3-NOMEMORY: No memory for link state
database
Routers in each business port are old and
memory is only 1M. It is inferred that OSPF link
state database costs too memories, which causes
this malfunction.
Use show ip protocol rout ing summary
command to view related information on T64E. It is
found that number of route entries that are learned
from BGP and DCN network increase from 10 to
more than 1300, as shown below.
JZ-T64E-1#show ip protocol routing summary
Route Source count
connected : 31
static: 25
ospf: 32
rip: 0
bgp: 1362
isis: 0
Total: 1450
BGP routes are redistributed to OSPF on T64E,
so all routers in business ports have learnt BGP
routes. As these routers are low-end routers, they
can not afford so many routes.Figure 1. Network Topology
www.zte.com.cn
19Data Products
3 Solutions
3.1 Solution 1
As network topology is simple, delete OSPF on
routers in each business spot. Configure a static
route to T64E on each router. Services in each
business spot recover.
3.2 Solution 2
Configure route filtration on T64E to restricting
the number of learnt BGP route.
Suppose IP address on interface of T64E that
connects with DCN network is 133.134.46.1/30.
Route filtration configuration is shown below.
access-list 10 permit 133.128.0.0 0.0.255.255
//network segment of user addresses
access-list 10 permit 133.134.46.0 0.0.0.3
//network segment of interconnection address
route-map guolv permit 5
match ip address 10
//define a route-map “guolv”
neighbor 133.134.46.2 route-map guolv in
Use show ip protocol rout ing summary
command to view BGP route after a certain
period. It is found that the amount of route entries
decreases obviously. Services recover. After route
filtration, route summary is as shown below.
JZ-T64E-1#show ip protocol routing summary
Route Source count
connected : 31
static: 25
ospf: 32
rip: 0
bgp: 10
isis: 0
Total: 98
The malfunction is solved.
4 Experience SummaryThe following experience is concluded
from this example:● To tackle malfunction, show logging
alarm command is usually used to
view alarm information on devices. It is
useful for analyzing malfunctions and
finding out causes.
The complete format of show logging
alarm command is show logging alarm
{[typeid <type>] [start-date <date>]
[end-date <date>] [level <level>]}.
The parameters in this command are
described in Table .● Route filtration is used to filter some
unnecessary route entries. In BGP,
neighbor route-map command is used.
The complete format of neighbor route-
map command is neighbor [<ipv4-
address>|<ipv6-address>|<peer-group-
name>]route-map <map-tag> {in|out}
The parameters in this command are
described in Table 2. ■
Parameter Description
typeid <type> Alarm type of alarm information to be displayed
start-date <date> Alarm information to be displayed is started from this date (this date included)
end-date <date> Alarm information to be displayed is ended by this date (this date included)
level <level>Level of alarm information to be displayed (1: emergencies, 2: alerts, 3: critical, 4: errors, 5: warnings, 6: notifications)
Table1. Parameter Descriptions
Parameter Description
ipv4-address IPv4 address of neighbor
ipv6-address IPv6 address of neighbor
peer-group-name Peer group name
map-tag Name of route-map
in|out Application direction
Table2. Parameter Descriptions
October 2007 Issue 74
Maintenance Experience20
Figure 1. Network Topology
Policy Routing Application⊙ Zhang Fan, ZTE Corporation
Keyword: policy routing, route priority, next hop
1 Policy Routing Overview
1.1 Policy Routing Background
Policy routing is different from general
routing. General routing means that
routers route data packets according to
routing tables that are calculated from
routing protocols. Policy routing means
that routers route data packets according
to special rules that are defined by users.
Priority of policy based route is higher than
that of general routing protocols. When
policy routing function is run normally on
a router, the router routes data packets
according to policy first, then according
to routing tables that are calculated from
routing protocols.
Policy routing is widely applied to
multi-exit network to control flow direction
of special data packets. Policy routing
topology is shown in Figure 1.
In Figure 1, router A connects with router B.
Both routers run OSPF and are in area 0. As an
exit of the network, router A connects with ISP1
and ISP2. 202.102.11.0/24 is assigned by ISP1
and 222.1.0.0/24 is assigned by ISP2. It is required
to achieve the following two points:● Next hop of users with IP addresses in
2 0 2 . 1 0 2 . 11 . 0 / 2 4 n e t w o r k s e g m e n t i s
212.0.1.1/30 of ISP1.● Nex t hop o f use rs w i t h IP add resses
i n 2 2 2 . 1 . 0 . 0 / 2 4 n e t w o r k s e g m e n t i s
200.30.10.1/30 of ISP2.
1.2 Demand Analysis
Static route, default route and OSPF make
router control flow direction of data packets
according to destination addresses. It is impossible
to use static route, default route or OSPF to
achieve the above points. In network shown in
Figure 1, packets should be transmitted according
to both source address and destination address.
It is suitable to use policy routing in this
situation. Configure an ACL to define a special flow,
then compel the flow to next hop or interface.
1.3 Configuration Commands
Configure the following commands on router A.
(1) Configure an ACL to define a special flow.
access-list 101 permit ip 202.102.11.0 0.0.0.255
any
access-list 102 permit ip 222.1.0.0 0.0.0.255 any
www.zte.com.cn
21Data Products
(2) Configure policy routing function.
route-map test permit 5
match ip address 101
set ip next hop 212.0.1.1
route-map test permit 10
match ip address 102
set ip next hop 200.30.10.1
(3) Configure a private address on fei_1/1 and
apply policy routing on this interface.
interface fei_1/1
ip address 192.168.0.1 255.255.255.252
ip policy route-map test
Another method is to use next hop in set
command to replace next IP address. Use the
following contents to replace commands in step 2
and step 3.
route-map test permit 5
match ip address 101
set ip next hop fei_1/2
route-map test permit 10
match ip address 102
set ip next hop fei_1/3
2 Classical Malfunction Processing
2.1 Malfunction Situation
In topology shown in Figure 1, after network
administrator configures pol icy, network is
interrupted.
Users with IP addresses in network segment
202.102.11.0/24 and 222.1.0.0/24 can not get on-
line.
2.2 Malfunction Analysis
To analyze malfunction, perform the following
steps.
(1) Check whether the interface states of
router is normal or not.
Use show interface fei_1/1, show
interface fei_1/2, and show interface
fei_1/3 commands to view states of three
interfaces on router A. Results show that
physical state and data link layer protocol
state are UP, which means states are
normal.
(2) Check whether the next hop is
normal or not.
Delete commands related to policy
routing. Add a static route to 212.0.1.1/30
on router A and a back route to router B.
Add a default route to fei_1/1 of router A
on router B.
Ping to 212.0.1.1 with addresses in
network segment 202.102.11.0/24 and
222.1.0.0/24. It is successful.
Delete the route to 212.0.1.1 on
router A. Add a route to 200.30.10.1/30.
Ping to 200.30.10.1/30 with addresses
in network segment 202.102.11.0/24 and
222.1.0.0/24. It is successful.
Results show that network connectivity
is normal.
(3) Check policy routing configuration.
Policy routing configuration is as
follows.
access-list 101 permit ip 202.102.11.0
0.0.0.255 any
access- l ist 102 permit ip 222.1.0.0
0.0.0.255 any
!
route-map test permit 5
match ip address 101
set ip next hop 212.0.1.1
!
route-map test permit 10
match ip address 102
set ip next hop 200.30.10.1
!
October 2007 Issue 74
Maintenance Experience22
interface fei_1/2
ip policy route-map test
……
It is found that policy routing is applied
on fei_1/2, while it should be applied on
fei_1/1.
2.3 Solution
Modify configuration as follows.
interface fei_1/2
no ip policy route-map test
!
interface fei_1/1
ip policy route-map test
Use t race r t command on a PC
with an address in network segment
202.102.11.0/24 to test. Use a random
destination address, for example, www.
sina.com.cn. Result is shown below.
C : \ D o c u m e n t s a n d S e t t i n g s \
Administrator>tracert www.sina.com.cn
Tracing route to jupiter.sina.com.cn
[202.108.33.32]
over a maximum of 30 hops:
1 < 1 m s < 1 m s < 1 m s
202.102.11.254
2 <1 ms <1 ms <1 ms 192.168.0.1
3 1 ms 1 ms 1 ms 202.0.1.1
……
Result shows that next hop of users with IP
address 202.102.11.0/24 is 212.0.1.1/30 of ISP1.
Use the same command on a PC with an
address in network segment 222.1.0.0/24 to test.
Result is shown below.
C:\DocumentsandSettings\Administrator>tracert
www.sina.com.cn
Tracing route to jupiter.sina.com.cn [202.108.33.32]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 222.1.0.254
2 <1 ms <1 ms <1 ms 192.168.0.1
3 1 ms 1 ms 1 ms 200.30.10.1
……
Result shows that next hop of users with
IP address in network segment 222.1.0.0/24 is
200.30.10.1/30 of ISP2.
Now the malfunction is solved.
2.4 Experience Summary
Policy routing should be applied on interfaces
through which data flows into routers. ■
www.zte.com.cn
23Data Products
VRRP Configuration⊙ Qian Yuemei, ZTE Corporation
Keyword: VRRP, router redundancy, backup
1 VRRP OverviewVirtual Router Redundancy Protocol (VRRP)
has the following concepts:● VRRP router
Routers that run VRRP are called VRRP routers.
It can be one or more than one virtual routers.● Virtual router
Virtual router is an abstract object managed by
VRRP that works as default router in a LAN.
It consists of a virtual router ID (VRID) and a
group of associated IP addresses in a LAN.
A VRRP router can has more than one virtual
router.● IP address owner
A router that uses LAN interface address as the
IP address of virtual router is called IP address
owner. When VRRP is configured, IP address
owner responds to data packets to this address.● Master router
A master router transmits data packets that are
associated with IP addresses of virtual routers.
It also responds to ARP requests for
these IP addresses. IP address owner
works as Master.● Backup router
Backup routers are a group of available
routers. When the master router is not
valid, a backup router works as master.
Master router transmits keepalive
advertisement. Transmission frequency
d e p e n d s o n p a r a m e t e r v a l u e o f
advertisement interval. By default, it is 1
second.
When a router has the IP address of
virtual router, priority of this virtual router
is 255 and it is unchangeable. Priority
values of other routers can be modified,
with default value 100. When the master
router is rebooted or interface is shutdown,
priority is set to 0. This means the master
router gives up its position and backup
routers begin to elect a new master router.
October 2007 Issue 74
Maintenance Experience24
If backup routers do not receive
keepalive advertisement from the master
router, they consider themselves as
master routers automatically and advertise
themselves.
Wait ing t ime of backup router is
calculated in the fol lowing way: 3×
advertisement interval+(256-priority)/256,
where priority is the value of backup
priority.
When the master router is rebooted
or the interface is shutdown manually, the
master router transmits a special keepalive
advertisement to notify backup routers that
a new master router is required.
Virtual router responds to ARP request
with a special virtual MAC address. The
master router responds to ARP request
with this MAC address. This makes IP
address and MAC address are unique for
clients no matter how the master router
and backup routers are changed. The
virtual MAC address format is as follows:
00005E:0001XX (XX is the virtual router
ID).
When multiple virtual routers are
created on an interface, each virtual router
ID should be unique. When virtual routers
are created on different interfaces, virtual
router ID can be used repeatedly.
2 Working MechanismVRRP is used to configure multiple router
interfaces in a broadcast domain into a group to
form a virtual router and assigns an IP address to
the router to function as its interface address. This
interface address may be the address of one of
router interfaces or the third party address.
Router is used as the master router if its
interface address is used and other routers are used
as the backup ones. The router with high priority is
used as the master router if the third party address
is used. If two routers have the same priority, the
one with the greater interface address wins.
As shown in Figure 1, set the IP address of
the virtual router to gateway on the host in this
broadcast domain. The master router is replaced
with the backup router with the highest priority if
the master router is faulty, without affecting the
host in this domain. The host in this domain cannot
communicate with outside world only when all
routers in the VRRP group work abnormally.
If uplink of master router is down, its state
“Master” is not changed. Host routes in this domain
still go to this router. This causes that host in this
domain cannot communicate with outside world.
Link state detection is added in VRRP to solve this
problem.
Configure a VRRP group to trace a link state.
When interface state changes from up to down, its
priority decreases. When interface state becomes
up from down, its priority increases.
These routers can be configured into multiple
groups for mutual backup. The hosts in the
domain use different IP addresses as gateway to
implement data load balance.
3 Classical Topologies
3.1 Basic VRRP Configuration Topology
As shown in Figure 2, DUT1 and DUT2 run Figure 1. VRRP Packet Transmission
www.zte.com.cn
25Data Products
VRRP protocol. DUT1 interface address 20.1.1.1 is
used as the VRRP virtual address, therefore DUT1
is considered as a master router.
3.2 Symmetric VRRP Configuration Topology
Two VRRP groups are booted, where PC1
and PC2 use virtual router in Group 1 as default
gateway with address 20.1.1.1. PC3 and PC4 use
virtual router in Group 2 as default gateway with
address 20.1.1.2. R1 and R2 serve as mutual
backup. Four hosts cannot communicate with
outside world until both routers become invalid, as
shown in Figure3.
3.3 Mult i -Backup VRRP Configuration Topology
In multi-backup VRRP configuration, each
router is set as the master router of a virtual router
and also set as the backup router of other backup
routers. Once the master router is in fault, one
of the backup routers takes IP address of virtual
router. Network topology is shown in Figure 4.
As each master router has more than one
backup router, it is required to set priorities for
these backup routers. When the master router is
in fault, the backup router with the highest priority
becomes the master router. When there is more
than one backup router with the second highest
priority, the one with the highest IP address
becomes the master router.
3.4 Configuring VRRP
To configure VRRP, perform the following steps.
(1)To configure virtual IP address at interface to
run VRRP, use the following command.
Figure 2. Basic VRRP Configuration Topology
Figure 3. Symmetric VRRP Configuration Topology
Figure 4. Multi-Backup VRRP Configuration Topology
Format FunctionZXR10(config-if)#vrrp <group> ip <ip-address> [secondary]
This configures virtual IP address at interface to run VRRP
October 2007 Issue 74
Maintenance Experience26
Parameters in this command are
described in Table 1.
(2)To configure VRRP priority on
interface, use the following command.
function is provided.
2) To track l ink state, use the fol lowing
command.Parameter Description
<group>
Group number of group that runs VRRPRange: 0~255Multiple VRRP groups are allowed to run in the same interface.
<ip-address>Virtual IP address set for VRRP groupThis address can be the same with interface address, or different from any interface addresses.
[secondary]This parameter means this router supports multiple virtual IP addresses. Hosts connecting with the router can use any of these addresses as gateway.
Table1. Parameter Descriptions
Format FunctionZXR10(config-if)#vrrp <group> priority <priority>
This configures VRRP priority on interface
Note: Priority range is 1~254. The
bigger value is, the higher priority is. By
default, priority is 100.
When VRRP virtual IP address is the
same with that of an interface, priority of
this interface is set to 255 automatically.
Therefore, this router becomes master
router. When VRRP virtual IP address is
different with any interface addresses,
master router is elected according to
VRRP priority. Router with the highest
priority becomes master router.
(3) To configure VRRP up link status
track, perform the following steps.
1) To track interface state or protocol
state, use the following command.
Format FunctionZXR10(config)# track <track-num> interface <type-name> line-protocol
This tracks interface state or protocol state
Note: ● <track-num> means track ID, ranging
from 1 to 256.● <type-name> means interface to be
tracked.● At present, only interface state track
Format FunctionZXR10(config-if)# vrrp <group> track <track-num> [decrement <priority>]
This tracks link state
Note: <priority> means priority value that is to
be reduced. It ranges from 1 to 254, with default
value 10.
(4) To configure an interval for sending a VRRP
advertisement on the interface, use the following
command.
Format Function
ZXR10(config-if)#vrrp <group> advertise [msec] <interval>
This configures an interval f o r s e n d i n g a V R R P adver t isement on the interface
Note: ● Msec means changing unit of advertisement
interval from second to millisecond.● <interval> means interval of master router to
transmit VRRP advertisement. When it is in its
unit of second, it ranges from 1 to 255. When it
is in its unit of millisecond, it ranges from 100 to
1000. Default value is 1 second.
(5) To configure whether the virtual equipment
can preempt in backup status, use the following
command.
Format FunctionZXR10(config-if)#vrrp <group> preempt [delay <seconds>]
This configures whether the virtual equipment can preempt in backup status
Note: ● Delay <seconds> is delay time before VRRP
router advertises it self as master router. It
ranges from 0 to 3600 (unit: second), the
default value is 0.● By default, router is in preempting mode. When
user sets router not to preempt, the master
router and backup router are not changed over
when backup router has higher priority.
www.zte.com.cn
27Data Products
● In preempting mode, when a new VRRP router
has higher priority than the master router, the
router preempts master position. Therefore, IP
address owner has master position after it is
rebooted.
4 Examples of VRRP Configuration
4.1 Basic VRRP Configuration Example
As shown in Figure 2, virtual IP address of
VRRP group is 20.1.1.1. DUT1 is the master
router, with down link IP 20.1.1.1 and default
priority 255. DUT2 is the backup router, with down
link IP 20.1.1.2 and default priority 200. Track
function is configured on both routers. Decrement
priority is 100. Configure a loopback address on
R1. Configure a gateway on PC that pings to R1
loopback address successfully.
DUT1 configuration:
ZXR10(config)#interface fei_1/1
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 1 0 . 1 . 1 . 1
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 2 0 . 1 . 1 . 1
255.255.255.0
ZXR10(config-if)#vrrp 1 ip 20.1.1.1
ZXR10(config-if)#vrrp 1 track 1 decrement 100
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.0 0.0.0.3
area 0
ZXR10(config-router)#network 20.1.1.0 0.0.0.255
area 0
ZXR10(config-router)#exit
ZXR10(config)#track 1 interface fei_1/1 line-
protocol
DUT2 configuration:
ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip address 10.1.1.5
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
ZXR10(config-if)#ip address 20.1.1.2
255.255.255.0
ZXR10(config-if)#vrrp 1 ip 20.1.1.1
ZXR10(config-if)#vrrp 1 priority 200
ZXR10(config-if)#vrrp 1 track 1 decrement
100
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.4
0.0.0.3 area 0
ZXR10(config-router)#network 20.1.1.0
0.0.0.255 area 0
ZXR10(config-router)#exit
ZXR10(config)#track 1 interface fei_1/1
line-protocol
R1 configuration:
ZXR10(config)#interface loopback1
ZXR10(config-if)#ip address 1.1.1.1
255.255.255.255
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip address 10.1.1.2
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
ZXR10(config-if)#ip address 10.1.1.6
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.0
0.0.0.3 area 0
ZXR10(config-router)#network 10.1.1.4
0.0.0.3 area 0
ZXR10(con f ig - rou te r )# red is t r ibu te
connected
ZXR10(config-router)#exit
October 2007 Issue 74
Maintenance Experience28
4.2 Symmetric VRRP Configuration Example
As shown in Figure 3, there are two
VRRP groups. PC1 and PC2 are in the
same group, using gateway 20.1.1.1. PC3
and PC4 are in the same group, using
gateway 20.1.1.2. Configure a loopback
address on R1. Configure a gateway on
PC that pings to R1 loopback address
successfully.
DUT1 configuration:
ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip address 10.1.1.1
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
ZXR10(config-if)#ip address 20.1.1.1
255.255.255.0
ZXR10(config-if)#vrrp 1 ip 20.1.1.1
ZXR10(config-if)#vrrp 2 ip 20.1.1.2
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.0
0.0.0.3 area 0
ZXR10(config-router)#network 20.1.1.0
0.0.0.255 area 0
ZXR10(config-router)#exit
DUT2 configuration:
ZXR10(config)#interface fei_1/1
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 1 0 . 1 . 1 . 5
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 2 0 . 1 . 1 . 2
255.255.255.0
ZXR10(config-if)#vrrp 1 ip 20.1.1.1
ZXR10(config-if)#vrrp 2 ip 20.1.1.2
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.4 0.0.0.3
area 0
ZXR10(config-router)#network 20.1.1.0 0.0.0.255
area 0
ZXR10(config-router)#exit
R1 configuration:
ZXR10(config)#interface loopback1
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 1 . 1 . 1 . 1
255.255.255.255
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/1
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 1 0 . 1 . 1 . 2
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 1 0 . 1 . 1 . 6
255.255.255.252
www.zte.com.cn
29Data Products
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.0 0.0.0.3
area 0
ZXR10(config-router)#network 10.1.1.4 0.0.0.3
area 0
ZXR10(config-router)# redistribute connected
ZXR10(config-router)#exit
4.3 Mult i -Backup VRRP Configuration Example
Topology is shown in Figure 4. Virtual router ID
and priority of each device are shown as follows:
DUT1 configuration:
ZXR10(config)#interface fei_1/1
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 1 0 . 1 . 1 . 1
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 2 0 . 1 . 1 . 1
255.255.255.0
ZXR10(config-if)#vrrp 1 ip 20.1.1.1
ZXR10(config-if)#vrrp 2 ip 20.1.1.2
ZXR10(config-if)#vrrp 3 ip 20.1.1.3
ZXR10(config-if)#vrrp 2 priority 200
ZXR10(config-if)#vrrp 3 priority 200
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.0 0.0.0.3
area 0
ZXR10(config-router)#network 20.1.1.0 0.0.0.255
area 0
ZXR10(config-router)#exit
DUT2 configuration:
ZXR10(config)#interface fei_1/1
Z X R 1 0 ( c o n f i g - i f ) # i p a d d r e s s 1 0 . 1 . 1 . 5
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
ZXR10(config-if)#ip address 20.1.1.2
255.255.255.0
ZXR10(config-if)#vrrp 1 ip 20.1.1.1
ZXR10(config-if)#vrrp 2 ip 20.1.1.2
ZXR10(config-if)#vrrp 3 ip 20.1.1.3
ZXR10(config-if)#vrrp 1 priority 200
ZXR10(config-if)#vrrp 3 priority 100
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.4
0.0.0.3 area 0
ZXR10(config-router)#network 20.1.1.0
0.0.0.255 area 0
ZXR10(config-router)#exit
DUT3 configuration:
ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip address 10.1.1.9
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
ZXR10(config-if)#ip address 20.1.1.3
255.255.255.0
ZXR10(config-if)#vrrp 1 ip 20.1.1.1
Virtual Router Default Priority Configured Priority
VRID=1 255 255
VRID=2 100 200
VRID=3 100 200
DUT1:
Virtual Router Default Priority Configured Priority
VRID=1 100 200
VRID=2 255 255
VRID=3 100 100
DUT1:
Virtual Router Default Priority Configured Priority
VRID=1 100 100
VRID=2 100 100
VRID=3 255 255
DUT1:
October 2007 Issue 74
Maintenance Experience30
ZXR10(config-if)#vrrp 2 ip 20.1.1.2
ZXR10(config-if)#vrrp 3 ip 20.1.1.3
ZXR10(config-if)#vrrp 1 priority 100
ZXR10(config-if)#vrrp 2 priority 100
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.8
0.0.0.3 area 0
ZXR10(config-router)#network 20.1.1.0
0.0.0.255 area 0
ZXR10(config-router)#exit
R1 configuration:
ZXR10(config)#interface loopback1
ZXR10(config-if)#ip address 1.1.1.1
255.255.255.255
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip address 10.1.1.2
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
ZXR10(config-if)#ip address 10.1.1.6
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/3
ZXR10(config-if)#ip address 10.1.1.10
255.255.255.252
ZXR10(config-if)#exit
ZXR10(config)#router ospf 1
ZXR10(config-router)#network 10.1.1.0 0.0.0.3
area 0
ZXR10(config-router)#network 10.1.1.4 0.0.0.3
area 0
ZXR10(config-router)#network 10.1.1.8 0.0.0.3
area 0
ZXR10(config-router)# redistribute connected
ZXR10(config-router)#exit
5 VRRP Maintenance and Diagnosis(1)To show the configuration information of all
the VRRP groups, use the following command.
Format FunctionZXR10#show vrrp [<group>|brief|interface <interface-name>|all]
T h i s s h o w s t h e configuration information of all the VRRP groups
Example:
In basic VRRP configuration example, when
DUT1 up link is normal, use this command to show
VRRP group configuration information.
DUT1#show vrrp
fei_1/2 - Group 1
State is Master
Virtual IP address is 20.1.1.1
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption is enabled
min delay is 0.000 sec
Priority is 255 (config 100)
Authentication is disabled
Track object 1 decrement 100
Master Router is 20.1.1.1 (local), priority is 255
Master Advertisement interval is 1.000 sec
Master Down interval is 3.003 sec
DUT2#show vrrp
fei_1/2 - Group 1
State is Backup
Virtual IP address is 20.1.1.1
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
www.zte.com.cn
31Data Products
Preemption is enabled
min delay is 0.000 sec
Priority is 200 (config 200)
Authentication is disabled
Track object 1 decrement 100
Master Router is 20.1.1.1 , priority is 255
Master Advertisement interval is 1.000 sec
Master Down interval is 3.218 sec (expires in 2.318
sec)
When DUT1 uplink is down, priority decreases
by 100. DUT1 priority becomes 155 and DUT2
priority is still 200, therefore DUT2 becomes the
master router and DUT1 becomes the backup
router.
DUT1#show vrrp
fei_1/2 - Group 1
State is Backup
Virtual IP address is 20.1.1.1
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption is enabled
min delay is 0.000 sec
Priority is 155 (config 100)
Authentication is disabled
Track object 1 decrement 100
Master Router is 20.1.1.2 , priority is 200
Master Advertisement interval is 1.000 sec
Master Down interval is 3.394 sec (expires in 3.194
sec)
DUT2#show vrrp
fei_1/2 - Group 1
State is Master
Virtual IP address is 20.1.1.1
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption is enabled
min delay is 0.000 sec
Priority is 200 (config 200)
Authentication is disabled
Track object 1 decrement 100
Master Router is 20.1.1.2 (local), priority
is 200
Master Advertisement interval is 1.000
sec
Master Down interval is 3.218 sec
(2)To show all the track configuration
information, use the following command.
Format Function
ZXR10#show track [<track-num>] T h i s s h o w s a l l t h e t r a c k configuration information
Example: use this command to show
track information in symmetric VRRP
configuration example.
DUT1#show track
Track 1
Interface fei_1/1 line-protocol
Line protocol is up
6 change, last change 00:44:10
Tracked by :
VRRP fei_1/2 1
(3) To t u r n o n V R R P d e b u g
information switch, use the following
command.
Format FunctionZXR10#debug vrrp {state | packet | event | error | all }
T h i s t u r n s o n V R R P d e b u g information switch
Example:
This shows an example of debugging
VRRP.
3952-1#debug vrrp all
VRRP debugging is on
00:54:47: VRRP: Interface vlan2 Grp
1 Advertisement priority 150, ipaddr
10.10.10.3
00:54:47: VRRP: Grp 1 Event - Advert
higher or equal priority
October 2007 Issue 74
Maintenance Experience32
00:54:49: VRRP: Interface vlan2 Grp
1 Advertisement priority 150, ipaddr
10.10.10.3
00:54:49: VRRP: Grp 1 Event - Advert
higher or equal priority
00:54:58: VRRP: Interface vlan2 Grp 1
sending Advertisement
00:54:58: VRRP: Grp 1 Event - Master
down timer expired
00:54:58: VRRP: Grp 1 changing to
V_STATE_MASTER
16:34:45 08/18/2007 UTC alarm 22016
occurred %VRRP% Group 1 of vlan2 changing to
Master sent by MCP
00:54:59: VRRP: Interface vlan2 Grp 1 sending
Advertisement
0 0 : 5 5 : 0 5 : V R R P : I n t e r f a c e v l a n 2 G r p 1
Advertisement priority 150, ipaddr 10.10.10.3
……
Note: The use o f the debug command
may affect the performance of routers. This is
recommended that the no command be used to
disable the debug command after debugging. ■
www.zte.com.cn
33Data Products
BGP Route⊙ Yang Zhiwei, ZTE Corporation
1 Topology IntroductionAs shown in Figure 1, EBGP is configured on
two GER routers for interaction.
2 BGP Route AdvertisementBGP (Border Gateway Protocol) is a common
inter-area routing protocol. After BGP neighbor
relationship is established, routers learn routers
advertised by peers and advertise their own routes
according to their configuration.
BGP is used to advertise routers. Each BGP
router advertises local network to Internet, then
thousands of route entries are advertised by these
routers. That is why users can get various services
on Internet.
Before BGP routers advertise routes, these
routes must exit in IGP (such as static, RIP, OSPF
and IS-IS) routing tables. Sources of BGP route
update are IGP routes that are added to BGP. This
has influence on Internet route stability.
There are two modes to add routes to BGP:
dynamic and static. Static mode solves
the problem of route instability effectively.
It is to add route entries to BGP manually.
Therefore, these route entries are not
affected by IGP fluctuation and avoid
repeat ing update caused by route
fluctuation. When subnets are not divided
well and clearly, static mode also causes
data block.
3 Advertisement ModesThere are two commands that are
used in static mode.● network● aggregate-address
Keyword: BGP, Static Route Advertisement, Network, Aggregate-Address
Figure 1. EBGP Topology
October 2007 Issue 74
Maintenance Experience34
3.1 Network Command
Network command is most commonly
used to advertise routes in BGP. Its format
is as follows:
network <ip-address> <net-mask>
This command designates destination
network segment and mask, so a pack of
routes that match this condition are added
to BGP routing table and are advertised
after filtration. This pack of routes includes
routes to all subnets in this network
segment.
For example, use network 10.61.8.0
255.255.254.0 command to add routes
to BGP. If network segment 10.61.8.0/23
in IGP routing table has subnets such as
network segment 10.61.9.0/30, all routes
to network segment 10.61.8.0/23 and its
subnets are added to BGP. If network
segment 10.61.8.0/23 does not exist in
IGP routing table and there is no subnet,
no routes are added to BGP.
As shown in F igu re 1 , t he two
GER routers establish EBGP neighbor
relationship. Use network <ip-address>
<net-mask> command to add route
information on GER-1 to EBGP. IGP
routing table of GER-1 is shown below:
GER-1#show ip route
IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
10.61.4.0 255.255.255.192 10.61.4.226
fei_3/1 ospf 110 11
1 0 . 6 1 . 4 . 1 6 2 2 5 5 . 2 5 5 . 2 5 5 . 2 5 5
10.61.4.210 fei_3/8 ospf 110 2
1 0 . 6 1 . 4 . 1 6 5 2 5 5 . 2 5 5 . 2 5 5 . 2 5 5
10.61.4.226 fei_3/1 ospf 110 1
1 0 . 6 1 . 4 . 1 6 6 2 5 5 . 2 5 5 . 2 5 5 . 2 5 5
10.61.4.210 fei_3/8 ospf 110 1
1 0 . 6 1 . 4 . 1 9 6 2 5 5 . 2 5 5 . 2 5 5 . 2 5 2
10.61.4.210 fei_3/8 ospf 110 2
10.61.4.228 255.255.255.252 10.61.4.210
fei_3/8 ospf 110 11
10.61.8.0 255.255.255.0 10.61.4.210 fei_3/8
ospf 110 20
10.61.9.0 255.255.255.252 10.61.9.1
loopback10 direct 0 0
Configuration of BGP route advertisement is
shown below:
GER-1#
router bgp 65510
no synchronization
aggregate-address 10.61.4.0 255.255.255.0 count
0 summary-only
aggregate-address 10.61.5.0 255.255.255.0 count
0 summary-only
network 10.61.8.0 255.255.254.0
neighbor 59.43.185.17 remote-as 4809
neighbor 59.43.185.17 activate
neighbor 59.43.185.17 route-map filter in
neighbor 10.61.4.162 remote-as 65510
neighbor 10.61.4.162 activate
neighbor 10.61.4.162 next-hop-self
neighbor 10.61.4.162 update-source loopback1
!
The route advertised to BGP neighbor is shown
below:
GER-1#show ip bgp neighbor out 59.43.185.17
Routes Sent to This neighbor:
Dest NextHop Metric LocPrf Path
10.61.8.0/23 59.43.185.18 i
10.61.9.0/30 59.43.185.18 i
10.61.4.0/24 59.43.185.18 i
Above result shows that route to 10.61.8.0/23
is advertised with command network 10.61.8.0
255.255.254.0. Routes to subnets 10.61.8.0/23
www.zte.com.cn
35Data Products
and 10.61.9.0/30 are also advertised.
3.2 Aggregate-address Command
Aggregate-address command format is as
follows:● aggregate-address <ip-address> <net-mask>
[count <count>] [as-set] [summary-only] [strict]● aggregate-address <ip-address> <net-mask>
subnet <subnet-address> <subnet-mask>
Parameters in these two commands are
described in Table 1.
To use aggregate-address command to add
routes to BGP, perform the following steps.
(1) As shown in Figure 1, to establish BGP
neighbor relationship between the two routers,
configure the following command on GER-1.
router bgp 65510
no synchronization
aggregate-address 10.61.4.0 255.255.255.0 count
0 summary-only
aggregate-address 10.61.5.0 255.255.255.0 count
0 summary-only
aggregate-address 10.61.8.0 255.255.255.0 count
0 summary-only
neighbor 59.43.185.17 remote-as 4809
neighbor 59.43.185.17 activate
neighbor 59.43.185.17 route-map filter in
neighbor 10.61.4.162 remote-as 65510
neighbor 10.61.4.162 activate
neighbor 10.61.4.162 next-hop-self
neighbor 10.61.4.162 update-source loopback1
!
(2) Use show ip bgp neighbor out command to
view related information. Result shows that route to
10.61.8.0 255.255.255.0 is not advertised to BGP
neighbor successfully, as shown below:
GER-1#show ip bgp neighbor out 59.43.185.17
Routes Sent to This neighbor:
Dest NextHop Metric LocPrf
Path
10.61.4.0/24 59.43.185.18 i
Routes in local IGP routing table of
GER-1 are show below:
GER-1#show ip route
IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
……
10.61.8.0 255.255.255.0 10.61.4.210
fei_3/8 ospf 110 20
……
A g g r e g a t e d r o u t e s c a n n o t b e
advertised according to above result.
(3) Use the following command to
replace aggregate-address 10.61.8.0
255.255.255.0 count 0 summary-only
command.
a g g r e g a t e - a d d r e s s 1 0 . 6 1 . 8 . 0
255.255.254.0 count 0 summary-only
(4) Use show ip bgp neighbor out
command to view related information.
Result shows that only summary route to
Parameter Description
<ip-address> Network address to be aggregated
<net-mask> Mask of network address to be aggregated
count <count>
Number of subnets that routes to be aggregated should matchValue range: 0~255Default value: 1
as-set Generating AS path
summary-only Filtering special routes after update
strictAccording to RFC1771, only routes with the same MED and NEXT_HOP attributes can be aggregated. Otherwise loosen requirements.
<subnet-address> IP addresses of subnets to be aggregated
<subnet-mask> Masks of subnets to be aggregated
Table1. Parameter Descriptions
October 2007 Issue 74
Maintenance Experience36
10.61.8.0 255.255.255.0 is advertised, as
shown below:
GYHM-GER-1#show ip bgp neighbor out
59.43.185.17
Routes Sent to This neighbor:
Dest NextHop Metric LocPrf
Path
10.61.8.0/23 59.43.185.18 i
10.61.4.0/24 59.43.185.18 i
(5) Use the following command to
replace aggregate-address 10.61.8.0
255.255.254.0 count 0 summary-only
command.
a g g r e g a t e - a d d r e s s 1 0 . 6 1 . 8 . 0
255.255.254.0 count 0
(6) Use show ip bgp neighbor out
command to view related information.
Result is shown below:
GYHM-GER-1#show ip bgp neighbor
out 59.43.185.17
Routes Sent to This neighbor:
Dest NextHop Metric LocPrf
Path
10.61.8.0/23 59.43.185.18 i
10.61.9.0/30 59.43.185.18 i
10.61.4.0/24 59.43.185.18 i
Results of above steps show the following
points:● summary-only means only summary route after
aggregation is advertised. Routes to subnets
are advertised after aggregation without this
parameter.● Default value of count <count> parameter is
1. When this value is 0, as long as there is
any subnet of 10.61.8.0 255.255.254.0 in IGP
routing table, aggregated route 10.61.8.0/23 is
advertised. When this value is modified to other
values except 0, use additional commands to
designate subnet segments that are advertised,
for example:
aggregate-address 10.61.8.0 255.255.254.0
subnet 10.61.8.0 255.255.255.0
aggregate-address 10.61.8.0 255.255.254.0
subnet 10.61.9.0 255.255.255.252
Above commands mean that there are routes
to subnet segments in IGP routing table and
the number equals to the value of count
<count> parameter; corresponding routes are
aggregated and advertised. ■