View
1.079
Download
173
Category
Tags:
Preview:
DESCRIPTION
ZXR10 T160G/T64G10-Gigabit Routing SwitchUser Manual
Citation preview
ZXR10 T160G/T64G10-Gigabit Routing Switch
User Manual
Version 2.6
ZTE CORPORATION ZTE Plaza, Keji Road South, Hi-Tech Industrial Park, Nanshan District, Shenzhen, P. R. China 518057 Tel: (86) 755 26771900 800-9830-9830 Fax: (86) 755 26772236 URL: http://support.zte.com.cn E-mail: doc@zte.com.cn
LEGAL INFORMATION Copyright © 2005 ZTE CORPORATION. The contents of this document are protected by copyright laws and international treaties. Any reproduction or distribution of this document or any portion of this document, in any form by any means, without the prior written consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by contractual confidentiality obligations. All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE CORPORATION or of their respective owners. This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose, title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the use of or reliance on the information contained herein. ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications covering the subject matter of this document. Except as expressly provided in any written license between ZTE CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter herein. The contents of this document and all policies of ZTE CORPORATION, including without limitation policies related to support or training are subject to change without notice.
Revision History
Date Revision No. Serial No. Description
20050511 R1.1 sjzl20052424
20070105 R1.2 sjzl20052424
ZTE CORPORATION Values Your Comments & Suggestions! Your opinion is of great value and will help us improve the quality of our product documentation and offer better services to our customers.
Please fax to: (86) 755-26772236; or mail to Publications R&D Department, ZTE CORPORATION, ZTE Plaza, A Wing, Keji Road South, Hi-Tech Industrial Park, Shenzhen, P. R. China 518057.
Thank you for your cooperation!
Document Name ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
Product Version V2.6 Document
Revision Number R1.2
Equipment Installation Date
Presentation: (Introductions, Procedures, Illustrations, Completeness, Level of Detail, Organization, Appearance)
Good Fair Average Poor Bad N/A
Accessibility: (Contents, Index, Headings, Numbering, Glossary)
Good Fair Average Poor Bad N/A
Your evaluation of this documentation
Intelligibility: (Language, Vocabulary, Readability & Clarity, Technical Accuracy, Content)
Good Fair Average Poor Bad N/A
Your suggestions for improvement of this documentation
Please check the suggestions which you feel can improve this documentation: Improve the overview/introduction Make it more concise/brief
Improve the Contents Add more step-by-step procedures/tutorials
Improve the organization Add more troubleshooting information
Include more figures Make it less technical
Add more examples Add more/better quick reference aids
Add more detail Improve the index
Other suggestions
__________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
# Please feel free to write any comments on an attached sheet.
If you wish to be contacted regarding your comments, please complete the following:
Name Company
Postcode Address
Telephone E-mail
This page is intentionally blank.
Contents
About this User Manual...............................................................................i Purpose of this User Manual...................................................................................... i Introduction to this Manual....................................................................................... i Typographical Conventions......................................................................................iii Mouse Operation Conventions................................................................................. iv Safety Signs.......................................................................................................... iv How to Get in Touch ...............................................................................................v
Customer Support...................................................................................................................v Documentation Support...........................................................................................................v
Chapter 1........................................................................................ 1
Safety Instructions.....................................................................................1
Chapter 2........................................................................................ 3
Introduction to the System........................................................................3 Product Overview ...................................................................................................3 Functional Introduction............................................................................................4 Technical Features and Parameters ..........................................................................6
Chapter 3........................................................................................ 9
Structure and Principle ..............................................................................9 Working Principle....................................................................................................9 Hardware Structure ..............................................................................................10 Unit/Component Introduction ................................................................................14
Control Switching Board ........................................................................................................14 Line interface card.................................................................................................................16 Power Supply Module ............................................................................................................25 Fan Plug-in Box.....................................................................................................................27
Chapter 4...................................................................................... 29
Usage and Operation............................................................................... 29
Configuration Mode...............................................................................................29 Serial Interface Connection Configuration ...............................................................................30 Telnet Connection Configuration.............................................................................................32
SSH Connection Configuration ...............................................................................................35 SNMP Connection Configuration.............................................................................................40
Command Mode...................................................................................................41 Command Line Application ....................................................................................43
Online Help ...........................................................................................................................43 Command Abbreviation .........................................................................................................45 Command History .................................................................................................................45
Chapter 5...................................................................................... 47
System Management .............................................................................. 47 File System Management ......................................................................................47
Introduction to File System....................................................................................................47 File System Operation ...........................................................................................................48
Data Backup and Restoration.................................................................................51 Importing/Exporting Configuration .........................................................................52
Version Upgrade in the case of System Anomaly.....................................................................53 Version Upgrade when the System is Normal .........................................................................55
Setting System Parameters ...................................................................................56 Viewing System Information..................................................................................57
Chapter 6...................................................................................... 59
Port Configuration................................................................................... 59 Basic Port Configuration ........................................................................................59
Principle of Port Naming.........................................................................................................60 Configuring Basic Port Parameters..........................................................................................60 Show Port Information...........................................................................................................62 Line Diagnosis Analysis Test...................................................................................................64
Port Mirroring Configuration...................................................................................65 Port Mirroring Overview.........................................................................................................65 Port Mirroring Configuration ...................................................................................................65 Example of Configuring Port...................................................................................................66
Chapter 7...................................................................................... 69
VLAN Configuration................................................................................. 69 VLAN Overview ....................................................................................................69
VLAN Types ..........................................................................................................................70 VLAN Tab..............................................................................................................................70 VLAN Link Type.....................................................................................................................70 Default VLAN.........................................................................................................................71
VLAN Configuration...............................................................................................71 Example of VLAN Configuration..............................................................................74 PVLAN Configuration.............................................................................................75
QinQ Configuration ...............................................................................................76 SuperVLAN Configuration ......................................................................................78 VLAN Maintenance and Diagnosis...........................................................................80
Chapter 8...................................................................................... 83
MAC Table Operation............................................................................... 83 MAC Address Table Overview.................................................................................83
The Composition and Meaning of MAC Address Table..............................................................83 MAC Address Categories........................................................................................................84 MAC Address Table Creation and Deletion...............................................................................84 Setting MAC Address Aging Time ...........................................................................................86 Burning MAC Address............................................................................................................86 Binding MAC Address to Port..................................................................................................87 Enable Port MAC Address Learning.........................................................................................87 Limit Number of Port MAC Address.........................................................................................87 Port MAC Address Learning Protection....................................................................................88 MAC Address Filtering............................................................................................................88 View MAC Address Table........................................................................................................89
Examples of MAC Address Table Configuration ........................................................90
Chapter 9...................................................................................... 93
STP Configuration.................................................................................... 93
STP Overview.......................................................................................................93 SSTP Mode ...........................................................................................................................93 RSTP Mode ...........................................................................................................................94 MSTP Mode...........................................................................................................................94
Configuring STP....................................................................................................96 Enable/Disable STP ...............................................................................................................96 Configuring STP Mode............................................................................................................96 Configuring STP Protocol Parameters......................................................................................96 Creating Instances ................................................................................................................97 Update MST Configuration Name and Configuration Version....................................................98 Configuring Switch Priority and Port Priority ............................................................................98 Configuring Whether a Port in STP Protocol Participates in Spanning Tree Calculation ...............99
Instances of Configuring STP .................................................................................99 Instance 1.............................................................................................................................99 Instance 2...........................................................................................................................101
STP Maintenance and Diagnosis........................................................................... 101
Chapter 10..................................................................................103
Link Aggregation Configuration............................................................ 103
Overview of Link Aggregation .............................................................................. 103
Configuring Link Aggregation............................................................................... 104 Instances of Configuring Link Aggregation ............................................................ 105 Link Aggregation Maintenance and Diagnosis ........................................................ 106
Chapter 11..................................................................................109
IGMP Snooping Configuration .............................................................. 109 Overview of IGMP Snooping ................................................................................ 109
Join a Multicast Group..........................................................................................................110 Leave a Multicast Group.......................................................................................................110 Fast Leave ..........................................................................................................................110
Configuring IGMP Snooping ................................................................................. 110 Basic Configuration..............................................................................................................110 Configure Proxy Querier.......................................................................................................111 Limit Multicast Group...........................................................................................................112 Static Configuration.............................................................................................................112 Modify Default Time.............................................................................................................112
Instances of IGMP Snooping Configuration............................................................ 113 IGMP Snooping Maintenance and Diagnosis .......................................................... 113
Chapter 12..................................................................................115
Network Protocol Configuration........................................................... 115 IP Address ......................................................................................................... 115
Introduction to IP Address ...................................................................................................115 Basic Configuration of IP Address .........................................................................................116 Instances of IP Address Configuration ..................................................................................117
ARP Configuration............................................................................................... 117 Overview of ARP..................................................................................................................117 Basic Configuration of ARP...................................................................................................117 Instances of configuring ARP................................................................................................118
Chapter 13..................................................................................119
Static Route Configuration.................................................................... 119 Basic Configuration of Static Route....................................................................... 119 Instance of Static Route Configuration.................................................................. 120
Configuring Static Route ......................................................................................................120 Summarizing Static Routes..................................................................................................121 Default Route Configuration.................................................................................................121
Maintenance and Diagnosis of Static Route ........................................................... 123
Chapter 14..................................................................................125
RIP Configuration.................................................................................. 125
Overview of RIP.................................................................................................. 125
RIP Fundamentals ...............................................................................................................125 Metric and Administrative Distance.......................................................................................125 Timer..................................................................................................................................126 Route Update......................................................................................................................126
Configuring RIP .................................................................................................. 126 Basic Configuration..............................................................................................................127 Enhanced Configuration.......................................................................................................127 Version:..............................................................................................................................128
Instances of configuring RIP ................................................................................ 128 RIP Maintenance and Diagnosis ........................................................................... 129
Chapter 15..................................................................................131
OSPF Configuration............................................................................... 131 OSPF overview ................................................................................................... 131
OSPF Fundamental..............................................................................................................131 OSPF Algorithm...................................................................................................................132 OSPF Network Types...........................................................................................................132 Hello Packet and Timer........................................................................................................133 OSPF Neighbor....................................................................................................................133 Adjacency and Designated Router........................................................................................133 Router Priority and DR Election ............................................................................................134 OSPF Area ..........................................................................................................................134 LSA Types and Diffusion ......................................................................................................135 Stub Area and Totally Stubby Area.......................................................................................135 Not-So-Stubby Area............................................................................................................136 OSPF Authentication............................................................................................................136
Configuring OSPF................................................................................................ 136 Basic Configuration..............................................................................................................136 Configure Basic Attributes of Interface..................................................................................137 Configure Neighbor Router...................................................................................................138 Set OSPF Area ....................................................................................................................138 Configure Inter-area Route Convergence..............................................................................138 Generate Default Route .......................................................................................................139 Configure Virtual Link ..........................................................................................................139 Redistribute Other Routing Protocols ....................................................................................139 Configure Route Convergence of Route Redistribution...........................................................140 Configure OSPF Authentication.............................................................................................140 Configure Routes Supporting Opaque LSA............................................................................140 Modify OSPF Administrative Distance....................................................................................141
Instances of Configuring OSPF............................................................................. 141 Basic OSPF Configuration.....................................................................................................141 Configure Multiple-area OSPF...............................................................................................142
Configure OSPF Virtual Link .................................................................................................144 Configure OSPF Authentication.............................................................................................145
OSPF Maintenance and Diagnosis......................................................................... 146
Chapter 16..................................................................................149
IS-IS Configuration............................................................................... 149 IS-IS Overview................................................................................................... 149
IS-IS Fundamental..............................................................................................................149 IS-IS Area...........................................................................................................................150 IS-IS Network Types ...........................................................................................................151 DIS and Router Priority........................................................................................................151
Configuring IS-IS................................................................................................ 151 Configuring Basic IS-IS........................................................................................................151 Set IS-IS Global Parameters ................................................................................................152 Set IS-IS Interface Parameters ............................................................................................153 Configuring IS-IS Authentication..........................................................................................155
Instances of Configuring IS-IS ............................................................................. 156 Single-Area IS-IS Configuration ...........................................................................................156 Multiple-Area IS-IS Configuration.........................................................................................157
IS-IS Maintenance and Diagnosis......................................................................... 160
Chapter 17..................................................................................163
BGP Configuration................................................................................. 163
BGP Overview .................................................................................................... 163 Configuring BGP ................................................................................................. 164
Basic BGP Configuration ......................................................................................................164 Advertising BGP Routes .......................................................................................................165 Advertising BGP Aggregation ...............................................................................................167 Configuring EBGP Multihop...................................................................................................168 Filtering Routes via the Route Map .......................................................................................169 Filtering Routes via NLRI......................................................................................................170 Filtering Routes via AS_PATH...............................................................................................170 LOCAL_PREF Attribute.........................................................................................................171 MED Attribute .....................................................................................................................173 Community String Attribute .................................................................................................175 BGP Synchronization ...........................................................................................................175 BGP Route Reflector ............................................................................................................177 BGP Confederation ..............................................................................................................178 BGP Route Dampening ........................................................................................................180
Example of Configuring BGP ................................................................................ 180 BGP Maintenance and Diagnosis .......................................................................... 182
Chapter 18..................................................................................185
Multicasting Route Configuration......................................................... 185
Multicast Overview.............................................................................................. 185 Multicast Address ................................................................................................................186 IGMP ..................................................................................................................................186 Multicast Tree......................................................................................................................186 PIM-SM...............................................................................................................................187 MSDP .................................................................................................................................188
Configuring Public Multicast ................................................................................. 189 Configuring IGMP................................................................................................ 189
Configuring IGMP Versions...................................................................................................190 Configuring IGMP Groups on Interfaces ................................................................................190 Configuring IGMP Timers .....................................................................................................191
Configuring PIM-SM............................................................................................ 192 PIM-SM Basic Configurations................................................................................................192 Enhanced PIM-SM Configurations.........................................................................................193
Configuring MSDP............................................................................................... 195 Basic MSDP Configuration....................................................................................................195 Enhanced MSDP Configurations............................................................................................196
Example of Configuring Multicasting ..................................................................... 197 Multicasting Maintenance and Diagnosis ............................................................... 199
Common Show Commands .................................................................................................199 IGMP ..................................................................................................................................200 PIM-SM...............................................................................................................................201 MSDP .................................................................................................................................203
Chapter 19..................................................................................205
ACL Configuration ................................................................................. 205 ACL Overview..................................................................................................... 205 Configuring ACLs ................................................................................................ 206
Configure a Time Range ......................................................................................................206 Defining ACLs......................................................................................................................206 Applying ACLs to Physical Ports............................................................................................211
Examples of Configuring ACL............................................................................... 211 ACL Maintenance and Diagnosis........................................................................... 213
Chapter 20..................................................................................215
QoS Configuration ................................................................................. 215 QoS Overview .................................................................................................... 215
Traffic Classification .............................................................................................................216 Traffic Monitoring and Control ..............................................................................................216 Traffic Shaping....................................................................................................................216 Queue Scheduling and Default 802.1p Priority ......................................................................217
Redirection and Policy Routing .............................................................................................217 Priority Tagging...................................................................................................................218 Traffic Mapping....................................................................................................................218 Traffic Statistics...................................................................................................................218
Configuring QoS ................................................................................................. 218 Traffic Monitoring and Control ..............................................................................................218 Traffic Shaping....................................................................................................................219 Queue Scheduling and Default 802.1p Priority ......................................................................220 Redirection and Policy Routing .............................................................................................220 Priority Tagging...................................................................................................................221 Traffic Mapping....................................................................................................................221 Traffic Statistics...................................................................................................................222
Example of Configuring QoS ................................................................................ 222 Example of a Typical QoS Configuration................................................................................222 Example of Configuring Policy Routing..................................................................................224
QoS Maintenance and Diagnosis .......................................................................... 225
Chapter 21..................................................................................227
DHCP Configuration............................................................................... 227
DHCP Overview.................................................................................................. 227 Configuring DHCP............................................................................................... 228 Examples of Configuring DHCP ............................................................................ 230
Example of Configuring a DHCP Server.................................................................................230 Example of Configuring DHCP Relay.....................................................................................230
DHCP Maintenance and Diagnosis ........................................................................ 231
Chapter 22..................................................................................233
VRRP Configuration............................................................................... 233 VRRP Overview .................................................................................................. 233 Configuring VRRP ............................................................................................... 234 Examples of Configuring VRRP............................................................................. 235
Basic VRRP Configuration.....................................................................................................235 Symmetric VRRP Configuration ............................................................................................236
VRRP Maintenance and Diagnosis......................................................................... 237
Chapter 23..................................................................................239
Load Balance Configuration.................................................................. 239 Load Balance Overview ....................................................................................... 239 Configuring Load Balance .................................................................................... 240 Examples of Configuring Load Balance.................................................................. 240
Static Route ........................................................................................................................241 OSPF ..................................................................................................................................242
Load Balance Maintenance and Diagnosis ............................................................. 243
Chapter 24..................................................................................245
Network Management Configuration ................................................... 245 NTP................................................................................................................... 245
NTP Overview .....................................................................................................................245 Configuring NTP ..................................................................................................................245 Examples of Configuring NTP ...............................................................................................246
RADIUS Authentication ....................................................................................... 247 RADIUS Overview ...............................................................................................................247 Configuring RADIUS ............................................................................................................247 Example of Configuring RADIUS...........................................................................................247 SNMP Overview...................................................................................................................248 Configuring SNMP................................................................................................................248 Example of Configuring SNMP..............................................................................................250
Remote Monitoring ............................................................................................. 250 Remote Monitoring Overview...............................................................................................250 Configuring RMON...............................................................................................................250 Examples of Configuring RMON............................................................................................251
System Log........................................................................................................ 253 SysLog Overview.................................................................................................................253 Configuring SysLog..............................................................................................................253 Example of Configuring SysLog............................................................................................254
Acronyms and Abbreviations.....................................................255
Figures........................................................................................259
Tables .........................................................................................261
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION i
About this User Manual
Purpose of this User Manual ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual is applicable to ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch (ZXR10 T160G/T64G for short, and in the general part, it is also called switch). The accessory manuals of ZXR10 T160G/T64G include:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch Installation Manual
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch Command Manual (Functional Architecture Volume)
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch Command Manual (Protocol Suites Volume)
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch Command Manual (System Management Volume)
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch Information Manual
Introduction to this Manual This manual introduces various functional configurations of ZXR10 T160G/T64G 10-Gigabit Routing Switch.
This manual consists of 24 chapters and one appendix.
Chapter 1 consists of Safety Instructions: introduces the safety instructions and safety signs.
Chapter 2 consists of Introduction to the System of ZXR10 T160G/T64G system.
Chapter 3 consists of Structure and Principle: introduces ZXR10 T160G/T64G structure and principle.
Chapter 4 consists of Usage and Operation: in this chapter, you will learn about the configuration mode, command mode, and command line usage of ZXR10 T160G/T64G.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
ii Confidential and Proprietary Information of ZTE CORPORATION
Chapter 5 consists of System Management: introduces the ZXR10 T160G/T64G system management.
Chapter 6 consists of Port Configuration: introduces the configuration of port parameter and port mirror.
Chapter 7 consists of VLAN Configuration: introduces basic configuration and extended configuration of VLAN.
Chapter 8 consists of MAC Table Operation: introduces MAC table and MAC-address-related configuration.
Chapter 9 consists of STP Configuration: introduces the configuration of STP.
Chapter 10 consists of Link Aggregation Configuration: introduces LACP and static trunk configuration.
Chapter 11 consists of IGMP Snooping Configuration: introduces the configuration of IGMP Snooping.
Chapter 12 consists of Network Protocol Configuration: introduces IP address and ARP configuration.
Chapter 13 consists of Static Route Configuration: introduces the configuration of static route.
Chapter 14 consists of RIP Configuration: introduces the configuration of RIP.
Chapter 15 consists of OSPF Configuration: introduces the configuration of OSPF.
Chapter 16 consists of IS-IS Configuration: introduces the configuration of IS-IS protocol.
Chapter 17 consists of BGP Configuration: introduces the configuration of BGP.
Chapter 18 consists of Multicast Route Configuration: introduces the configuration of multicast routing protocol.
Chapter 19 consists of ACL Configuration: introduces the configuration of ACL.
Chapter 20 consists of QoS Configuration: introduces the configuration of QoS.
Chapter 21 consists of DHCP Configuration: introduces the configuration of DHCP.
Chapter 22 consists of VRRP Configuration: introduces the configuration of VRRP.
Chapter 23 consists of Load Balance Configuration: introduces the configuration of load sharing function.
About this User Manual
Confidential and Proprietary Information of ZTE CORPORATION iii
Chapter 24 consists of Network Management Configuration: introduces frequently used functions in the network management including NTP, RADIUS authentication, SNMP, RMON and system log configuration.
Appendix A consists of Acronyms and Abbreviations.
Typographical Conventions ZTE documents employ with the following typographical conventions.
T AB L E 1 TY P O G R AP H I C AL C O N V E N T I O N S
Typeface Meaning
Italics References to other guides and documents.
“Quotes” Links on screens.
Bold Menus, menu options, function names, input fields, radio button names, check boxes, drop-down lists, dialog box names, window names.
CAPS Keys on the keyboard and buttons on screens and company name.
Constant width Text that you type, program code, files and directory names, and function names.
[ ] Optional parameters
{ } Mandatory parameters
| Select one of the parameters that are delimited by it
Note: Provides additional information about a certain topic.
Checkpoint: Indicates that a particular step needs to be checked before proceeding further.
Tip: Indicates a suggestion or hint to make things easier or more productive for the reader.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
iv Confidential and Proprietary Information of ZTE CORPORATION
Mouse Operation Conventions T AB L E 2 M O U S E OP E R AT I O N C O N V E N T I O N S
Safety Signs T AB L E 3 S AF E T Y S I G N S
Safety Signs Meaning
Danger: Indicates an imminently hazardous situation, which if not avoided, will result in death or serious injury. This signal word should be limited to only extreme situations.
Warning: Indicates a potentially hazardous situation, which if not avoided, could result in death or serious injury.
Caution: Indicates a potentially hazardous situation, which if not avoided, could result in minor or moderate injury. It may also be used to alert against unsafe practices.
Erosion: Beware of erosion.
Electric shock: There is a risk of electric shock.
Electrostatic: The device may be sensitive to static electricity.
Microwave: Beware of strong electromagnetic field.
Laser: Beware of strong laser beam.
No flammables: No flammables can be stored.
Typeface Meaning
Click Refers to clicking the primary mouse button (usually the left mouse button) once.
Double-click Refers to quickly clicking the primary mouse button (usually the left mouse button) twice.
Right-click Refers to clicking the secondary mouse button (usually the right mouse button) once.
Drag Refers to pressing and holding a mouse button and moving the mouse.
About this User Manual
Confidential and Proprietary Information of ZTE CORPORATION v
Safety Signs Meaning
No touching: Do not touch.
No smoking: Smoking is forbidden.
How to Get in Touch The following sections provide information on how to obtain support for the documentation and the software.
Customer Support If you have problems, questions, comments, or suggestions regarding your product, contact us by e-mail at support@zte.com.cn. You can also call our customer support center at (86) 755 26771900 and (86) 800-9830-9830.
Documentation Support ZTE welcomes your comments and suggestions on the quality and usefulness of this document. For further questions, comments, or suggestions on the documentation, you can contact us by e-mail at doc@zte.com.cn; or you can fax your comments and suggestions to (86) 755 26772236. You can also explore our website at http://support.zte.com.cn, which contains various interesting subjects like documentation, knowledge base, forum and service request.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
vi Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank
Confidential and Proprietary Information of ZTE CORPORATION 1
C h a p t e r 1
Safety Instructions
In this chapter, you will learn about safety instructions and signs.
Only qualified professionals can perform installation, operation and maintenance owing to the high temperature and high voltage in the equipment.
Please observe the local safety codes and relevant operation procedures in equipment installation, operation and maintenance; otherwise personal injury or equipment damage could be caused. The safety precautions introduced in this Manual are only supplementary to the local safety codes.
ZTE shall not bear any liabilities incurred by violation of the universal safety operation requirements or violation of the safety standards for designing, manufacturing and using the equipment.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
2 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 3
C h a p t e r 2
Introduction to the System
This chapter introduces ZXR10 T160G/T64G, at the same time, it describes
the diversified functions of software and hardware provided by ZXR10
T160G/T64G in detail.
Product Overview
Function introduction
Technical Features and Parameters
Product Overview ZXR10 T160G/T64G is an Ethernet routing switch developed by ZTE
Corporation which can be applicable to the backbone layer or convergence
layer of MAN and can also server as backbone/convergence layer switch in
corporate network and campus network.
ZXR10 T160G/T64G provides the interfaces including fast Ethernet, gigabit
Ethernet and 10-gigabit and supports L2/L3 wire-speed forwarding of all
ports. Therefore, it can satisfy the increasing requirements for bandwidth.
ZXR10 T160G/T64G also supports multiple unicast and multicasting
protocols.
The service categories carried by data network increase rapidly with the
development of network, which requires higher QoS and better security for
network equipment. ZXR10 T160G/T64G provides abundant policies and
resources regarding QoS and ACL, assuring QoS and system security.
As the important switching node of backbone/convergence layer, ZXR10
T160G/T64G provides the hot-backup function of power module and control
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
4 Confidential and Proprietary Information of ZTE CORPORATION
& switching module, therefore, it is applicable to large-capacity network with
high reliability.
It has the following characteristics:
Carrier-class reliability
Full-wire-speed forwarding and filtering capability
Supports abundant network protocols
Open architecture, supporting high upgrading performance
Functional Introduction ZXR10 T160G/T64G adopts the structure of standard 19-inch plug-in box.
ZXR10 T160G has 10 plug-in slots, two of which are slots for control and
switching board, and the other eight ones are slots for line interface card.
ZXR10 T64G has 6 plug-in slots, one of which is slot for control and switching
board, four of which are for line interface card, and the left one can serve as
the slot for control and switching board or line interface card.
Control and switching board is the core of the system implementing the
functions including switching, protocol processing, system configuration
management and network management interface; it can perform 1+1
redundancy configuration.
Line interface card performs the operations of message processing including
forwarding, discarding, and reporting to implement wire-speed forwarding of
service flow. ZXR10 T160G/T64G supports line interface cards of multiple
categories and port density.
One port 10-gigabit Ethernet optical interface board
Two-port 10-gigabit Ethernet optical interface board
Twelve-port gigabit Ethernet optical interface board
Twenty-four-port gigabit Ethernet optical interface board
Twelve-port gigabit Ethernet electrical interface board
Twenty-four-port gigabit Ethernet electrical interface board
44+4 fast Ethernet electrical interface board
ZXR10 T160G/T64G implements full-wire-speed Layer2/3 switching function
and supports multiple protocols.
Chapter 2 Introduction to the System
Confidential and Proprietary Information of ZTE CORPORATION 5
ZXR10 T160G/T64G provides the following functions which are given below:
Physical interface
Supports the configuration of port rate, duplex mode, and
self-adaptive
Supports port mirroring
Supports broadcast storm suppression
Supports line diagnosis analysis test
VLAN
Supports the VLAN based on port
Supports IEEE 802.1Q, the maximum of VLAN is 4094
Supports PVLAN
Supports VLAN double layer tab
Supports SuperVLAN
Layer 2 protocol
Supports STP, RSTP and MSTP
Supports static Trunk and LACP
Supports IGMP Snooping
Routing Protocol
Supports the unicast protocols including static routing, RIP v1/v2,
OSPF, IS-IS, and BGP
Supports multicasting protocols including IGMP v1/v2, PIM-SM, and
MSDP
ACL
Supports standard ACL, extended ACL, Layer 2 ACL and mixed ACL
Supports ACL time segment restriction
QoS
Supports 802.1p priority
Supports SP and WRR queue dispatching mode
Supports traffic monitoring and management
Supports flow-based redirection
Supports flow mirroring and traffic statistic
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
6 Confidential and Proprietary Information of ZTE CORPORATION
Access authentication
Supports Radius Client
Supports DHCP Relay and DHCP Server
Reliability
Supports VRRP
Supports routing load sharing
Network Management
Supports CLI configuration mode
Supports configuring via Console, Telnet, and SSH
Supports SNMP and RMON
Supports ZXNM01 universal network management system
Technical Features and Parameters Technical features and parameters of ZXR10 T160G/T64G are listed in Table
4.
T AB L E 4 ZXR10 T160G/T64G TE C H N I C AL FE AT U R E S AN D P AR AM E T E R S
Item Description
Dimensions ZXR10 T160G: 577mm (H)× 442mm (W) ×450mm (D) ZXR10 T64G:
443.7mm(H)× 442mm(W)× 450mm(D)
Weight ZXR10 T160G: 49kg
ZXR10 T64G: 46kg
Power Supply DC: 100V~240V, 50Hz ~60Hz AC: -57V~-40V
Power
Consumption
ZXR10 T160G the total power consumption fully configured is 1200W
ZXR10 T64G total power consumption of full configuration is 720W
Reliability
MTBF>200000 Hours
MTTR< 30 minutes
All boards support hot swap, control switching board, and power
redundancy backup
Chapter 2 Introduction to the System
Confidential and Proprietary Information of ZTE CORPORATION 7
Item Description
Lightening
Protection 4KV
Ambient
Temperature
Working ambient temperature: -5ºC~+45ºC
Storing ambient temperature: -40ºC~+70ºC
Ambient
Humidity Relative humidity 20%~90%, non-condensing
Memory
Capacity
ZXR10 T160G: 512M
ZXR10 T64G: 256M
Backplane
Bandwidth
ZXR10 T160G: 1.44Tbps
ZXR10 T64G: 810Gbps
Switching
Capacity
ZXR10 T160G: 1152Gbps
ZXR10 T64G: 576Gbps
Packet
Forwarding
Rate
ZXR10 T160G: 576M
ZXR10 T64G: 360M
Routing table
entries 500K
MAC address
table depth 64K
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
8 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 9
C h a p t e r 3
Structure and Principle
This chapter describes ZXR10 T160G/T64G including:
Overall Structure and Working Principles
Control switching board
Line interface card
Power supply module
Fan plug-in box
Working Principle ZXR10 T160G/T64G is a large-capacity rack mountable Ethernet switch,
which implements wire-speed Layer2/3 switching via two-level hardware
switching. Level 1 switching is between ports of line interface cards; level 2
switching between line interface cards is implemented via control switching
board.
ZXR10 T160G/T64G hardware design complies with the principle of system
modulization, which, according to function system, includes the following
four modules:
Control module: is composed of main processor and some external
functional chips, which implements processing to applications of the
system. It provides various operational interfaces including serial
interface and Ethernet interface to perform data operation and
maintenance.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
10 Confidential and Proprietary Information of ZTE CORPORATION
Switching module: It provides multiplex high-speed bi-directional serial
interface to implement wire-speed data switch between line interface
cards.
Packet processing and interface module: Interface module is the external
interface of ZXR10 T160G/T64G, providing one or multiple physical ports.
Different line interface cards can implement access of different rates and
types.
Power supply module: It adopts 220V AC power supply or –48V DC power
supply, providing power for other parts of the system.
Abridged General View of ZXR10 T160G/T64G system principle is shown in
Figure 1.
F I G U R E 1 ZXR10 T160G/T64G S K E T C H M AP O F S Y S T E M P R I N C I P L E
High-speed XAUIInterface
High-speed XAUIInterface
Line InterfaceCard 5
High-speedXAUI Interface
High-speedXAUI Interface
Line InterfaceCard 4
High-speed XAUIInterface
High-speedXAUI Interface
Line InterfaceCard 8
High-speedXAUI Interface
High-speedXAUI Interface
SwitchingNetwork
Control ModulePower Supply
.... ....
Line InterfaceCard 1
Hardware Structure ZXR10 T160G/T64G system is composed of chassis, power supply plug-in
box, board, fan plug-in box and backplane. The system adopts international
standard 19-inch plug-in box, which can lay-out solely or fix in standard
chassis.
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 11
ZXR10 T160G and ZXR10 T64G adopt same hardware structure with
control/switching board and various line interface cards shared, only the
number of line interface cards supported are different. In ZXR10 T160G, 8
line interface cards can be plugged in; while in ZXR10 T64G, when
master/slave control is not needed, 5 line interface cards can be plugged in,
and when master/slave control is needed, 4 line interface cards can be
plugged in.
The location of ZXR10 T160G components is shown in Figure 2, and the
corresponding front panel is as shown in Figure 3.
F I G U R E 2 AB R I D G E D GE N E R A L V I E W O F ZXR10 T160G C O M P O N E N T S P O S I T I O N
19"
AC/DCModule
AC/DCModule
AC/DCModule
Line Interface Card
Line Interface Card
Line Interface Card
Line Interface Card
Line Interface Card
Line Interface Card
Line Interface Card
Line Interface Card
Controlled Switching Card
Controlled Switching CardFan
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
12 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 3 ZXR10 T160G FR O N T P AN E L
The position of ZXR10 T64G components is shown in Figure 4, and the
corresponding front panel is as shown in Figure 5.
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 13
F I G U R E 4 AB R I D G E D GE N E R A L V I E W O F ZXR10 T64G C O M P O N E N T S P O S I T I O N
19"
AC/DCModule
AC/DCModule
AC/DCModule
Line Interface Card
Controlled Switching Card
Controlled Switching Card/Line Interface Card
Line Interface Card
Line Interface Card
Line Interface Card
Fan
F I G U R E 5 ZXR10 T64G FR O N T P AN E L
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
14 Confidential and Proprietary Information of ZTE CORPORATION
Unit/Component Introduction Control Switching Board Control switching board (MCS) is the core of ZXR10 T160G/T64G,
implementing the functions of control module and switching module. The
control switching board provides the function of master/slave switchover; it
can also perform 1+1 redundancy configuration.
The front panel of ZXR10 T160G MCS is shown in Figure 6; the front panel of
ZXR10 T64G MCS is shown in Figure 7.
F I G U R E 6 TH E F R O N T P AN E L O F ZXR10 T160G MCS
F I G U R E 7 TH E F R O N T P AN E L O F ZXR10 T64G MCS
Interface
Console Interface
Console interface is used to connect background management terminal, on
which it performs operation and maintenance to ZXR10 T160G/T64G via
tools such as Super Terminal. Console interface is a RJ45 socket, connected
to COM port of background management terminal via serial cable. One end
of serial cable connecting ZXR10 T160G/T64G is RJ45 connector, the other
end connecting background management terminal is DB9 female connector.
10/100Base-TX Ethernet interface
10/100Base-TX Ethernet interface (MGT) on the control switching board is
the management interface connecting background, which can be used as the
switch outband NM interface.
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 15
The characteristics of 10/100Base-TX Ethernet interface are shown in Table
5.
T AB L E 5 FE A T U R E S O F F AS T E T H E R N E T MAN AG E M E N T IN T E R F AC E
Port Type Characteristics
10/100Base-TX In compliance with IEEE 802.3/802.3u standard, RJ45 connector
Using UTP5, the maximum transmission distance is 100m
LEDs
The functions of the twenty-eight LEDs in the front panel of control switching
board are described in Table 6.
T AB L E 6 FU N C T I O N AL D E S C R I P T I O N O F F R O N T P AN E L LED S I N T H E C O N T R O L S W I T C H I N G
B O AR D
LEDs Description
RUN
Off, the interface board of corresponding line is faulty or off
position
Blinking, the interface board of corresponding line is working
normally 1~8
ALM
Off, the interface board of corresponding line alarm cleared or
is off position
On, corresponding line interface card alarms
RUN Off, corresponding power module is faulty or off position
On, the corresponding power module is working normally
PWR1~3
ALM
Off, corresponding power module alarm cleared or is off
position
On, the corresponding power module alarms
RUN Off, the control switching board is faulty
Blinking, the control switching board is working normally MST
ALM Off, the control switching board alarm cleared
On, the control switching board alarms
RES RUN On, the board is in standby status
Off, the board is in active status
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
16 Confidential and Proprietary Information of ZTE CORPORATION
ALM On, active/standby status anomaly
Off, active/standby status is normal
ACT Blinking, data transmission and reception in the interface
LINK On, the interface link created
Off, the interface is disconnected from others
Buttons
The functions of the two buttons in the front panel of control switching board
are described in Table 7.
T AB L E 7 FU N C T I O N AL D E S C R I P T I O N O F B U T T O N S I N T H E C O N T R O L S W I T C H I N G B O AR D
Buttons Function
RST Board reset button, for resetting the whole board
EXCH
Board switchover button, switch the control switching board as
standby, If press the button in the standby board, the system will not
perform any operation
Line interface card ZXR10 T160G/T64G line interface card includes: Fast Ethernet interface
board, gigabit Ethernet interface board and 10gigabit Ethernet interface
board. The optical interface of line interface card adopts pluggable optical
module, supporting various transmission media and transmission distance.
44+4 Fast Ethernet Electrical Interface Board
44+4 fast Ethernet electrical interface board provides 44 fast Ethernet
electrical interfaces and 4 gigabit Ethernet electrical interfaces, totally 48
Ethernet electrical interfaces, in which, fast Ethernet electrical interface
supports 10/100M self-adaptive, gigabit Ethernet electrical interface
supports 10/100/1000M self-adaptive.
Powerful NP (Network Processor) can be added to the board based on actual
demands to process packet from L2 to L7, to meet the complex application in
practical networking.
The front panel is shown in Figure 8.
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 17
F I G U R E 8 FR O N T P AN E L O F 44+4 F AS T E T H E R N E T E L E C T R I C AL I N T E R F AC E B O AR D
The characteristics of 44 +4 fast Ethernet electrical interface board are
shown in Table 8.
T AB L E 8 C H A R AC T E R I S T I C S O F 44+4 F AS T E T H E R N E T EL E C T R I C AL I N T E R F AC E B O A R D
Port Type Characteristics
10/100Base-TX
In compliance with IEEE 802.3/802.3u standard RJ45 connector
Using UTP5, the maximum transmission distance is 100m
MDI/MDIX
1000Base-T
In compliance with IEEE 802.3/802.3z standard, RJ45 connector
Using UTP5, the maximum transmission distance is 100m
MDI/MDIX
The functions of forty-eight ports corresponding to the 48 LEDs in the front
panel of 44+4 fast Ethernet interface board are described in Table 9:
T AB L E 9 FU N C T I O N AL D E S C R I P T I O N O F F R O N T P AN E L LED S I N 44+4 F AS T E T H E R N E T
I N T E R F AC E B O AR D
Port Type Characteristics
LINK/ACT
On, the port link is created
Off, the port is disconnected from others
Blinking, data transmission and reception in the port
Twelve-port Gigabit Ethernet Optical Interface Board
Twelve-port gigabit Ethernet optical interface board provides 12 gigabit
Ethernet optical interfaces, 4 of which support Optoelectronic self-adaptive.
Powerful NP (Network Processor) can be added to the board based on actual
demands to process packet from L2 to L7, to meet the complex application in
practical networking.
The front panel is shown in Figure 9.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
18 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 9 FR O N T P AN E L V I E W O F T W E L V E-P O R T G I G AB I T E T H E R N E T O P T I C AL I N T E R F AC E
The optical module used by gigabit Ethernet optical interface is pluggable
SFP optical module. Every port supports four kinds of common distances
used by gigabit Ethernet, as shown in Table 10.
T AB L E 10 C H AR AC T E R I S T I C S O F T W E L V E -P O R T G I G AB I T E T H E R N E T O P T I C AL I N T E R F AC E
B O AR D
Port Type Characteristics
SX(SFP-M500)
LC connector, multi-mode optical fiber, with the wavelength of
850nm, maximum transmission distance is 500m
Transmission power range: -9.5dBm~-4dBm, receiving
sensitivity<-18dBm
LX(SFP-S10K)
LC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 10km
Transmission power range: -9.5dBm~-3dBm, receiving
sensitivity<-20dBm
LH(SFP-S40K)
LC connector, singlemode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 40km
Transmission power range: -4dBm~0dBm, receiving
sensitivity<-22dBm
LH(SFP-S80K)
LC connector, singlemode optical fiber, with the wavelength of
1550nm, maximum transmission distance is 80km
Transmission power range: 0dBm~5dBm, receiving
sensitivity<-22dBm
1000Base-T RJ45 connector, using UTP5
There are 32 LEDs in front panel of 12-port gigabit Ethernet optical interface
board, with each has two LEDs. The functions are described in Table 11.
T AB L E 11 FU N C T I O N AL D E S C R I P T I O N O F F R O N T P AN E L LED S I N 12 -P O R T G I G AB I T
E T H E R N E T O P T I C AL I N T E R F AC E B O AR D
Port Type Characteristics
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 19
LINK On, the port link is created
Off, the port is disconnected from others
ACT Off, no data transmission or reception in the port
Blinking, data transmission and reception in the port
Twenty-four-port Gigabit Ethernet Optical Interface Board
Twenty-four-port gigabit Ethernet optical interface board provides 24 gigabit
Ethernet optical interfaces, 4 of which support Optoelectronic self-adaptive.
The front panel is shown in Figure 10.
F I G U R E 10 FR O N T P AN E L V I E W O F T W E N T Y-F O U R -P O R T G I G AB I T E T H E R N E T O P T I C AL
I N T E R F AC E B O AR D
Optical module used by gigabit Ethernet optical interface is pluggable SFP
optical module. Every port supports four kinds of common distances used by
gigabit Ethernet, as shown in Table 12.
T AB L E 12 C H AR AC T E R I S T I C S O F T W E N T Y -F O U R -P O R T G I G AB I T E T H E R N E T O P T I C AL
I N T E R F AC E B O AR D
Port Type Characteristics
SX(SFP-M500)
LC connector, multiple-mode optical fiber, with the wavelength of
850nm, maximum transmission distance is 500m
Transmission power range: -9.5dBm~-4dBm, receiving
sensitivity<-18dBm
LX(SFP-S10K)
LC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 10km
Transmission power range: -9.5dBm~-3dBm, receiving
sensitivity<-20dBm
LH(SFP-S40K)
LC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 40km
Transmission power range: -4dBm~0dBm, receiving
sensitivity<-22dBm
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
20 Confidential and Proprietary Information of ZTE CORPORATION
LH(SFP-S80K)
LC connector, single-mode optical fiber, with the wavelength of
1550nm, maximum transmission distance is 80km
Transmission power range: 0dBm~5dBm, receiving
sensitivity<-22dBm
1000Base-T RJ45 connector, using UTP5
There are 56 LEDs in the front panel of 24-port gigabit Ethernet optical
interface board, with each has two LEDs. The functions are described in
Table 13.
T AB L E 13 FU N C T I O N AL D E S C R I P T I O N O F F R O N T P AN E L LED S I N 24 -P O R T G I G AB I T
E T H E R N E T O P T I C AL I N T E R F AC E B O AR D
Port Type Characteristics
LINK On, the port link is created
Off, the port is disconnected from others
ACT Off, no data transmission or reception in the port
Blinking, data transmission and reception in the port
Twelve-port Gigabit Ethernet Electrical Interface Board
Twelve-port gigabit Ethernet electrical interface board provides 12 gigabit
Ethernet electrical interfaces, 4 of which support Optoelectronic self-adaptive.
Powerful NP (Network Processor) can be added to the board based on actual
demands to process packet from L2 to L7, to meet the complex application in
practical networking.
The front panel is shown in Figure 11.
F I G U R E 11 FR O N T P AN E L V I E W O F T W E L V E-P O R T G I G AB I T E T H E R N E T E L E C T R I C AL
I N T E R F AC E B O AR D
The optical interface part of the four ports supporting optoelectronic
self-adaptive adopts pluggable SFP optical module, supporting four kinds of
common distances used by gigabit Ethernet. The characteristics are shown
in Table 14.
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 21
T AB L E 14 C H A R AC T E R I S T I C S O F T W E L V E -P O R T G I G AB I T E T H E R N E T E L E C T R I C AL I N T E R F AC E
B O AR D
Port Type Characteristics
1000Base-T RJ45 connector, using UTP5
SX(SFP-M500)
LC connector, multiple-mode optical fiber, with the wavelength of
850nm, maximum transmission distance is 500m
Transmission power range: -9.5dBm~-4dBm, receiving
sensitivity<-18dBm
LX(SFP-S10K)
LC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 10km
Transmission power range: -9.5dBm~-3dBm, receiving
sensitivity<-20dBm
LH(SFP-S40K)
LC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 40km
Transmission power range: -4dBm~0dBm, receiving
sensitivity<-22dBm
LH(SFP-S80K)
LC connector, single-mode optical fiber, with the wavelength of
1550nm, maximum transmission distance is 80km
Transmission power range: 0dBm~5dBm, receiving
sensitivity<-22dBm
There are 32 LEDs in the front panel of 12-port gigabit Ethernet electrical
interface board, with each has two LEDs. The functions are described in
Table 15.
T AB L E 15 FU N C T I O N AL D E S C R I P T I O N O F F R O N T P AN E L LED S I N 12 -P O R T G I G AB I T
E T H E R N E T E L E C T R I C AL I N T E R F AC E B O AR D
Port Type Characteristics
LINK On, the port link is created
Off, the port is disconnected from others
ACT Off, no data transmission or reception in the port
Blinking, data transmission and reception in the port
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
22 Confidential and Proprietary Information of ZTE CORPORATION
Twenty-four-port Gigabit Ethernet Electrical Interface
Board
Twelve-port gigabit Ethernet electrical interface board provides 24 gigabit
Ethernet electrical interfaces, 4 of which support Optoelectronic self-adaptive.
The front panel is shown in Figure 12.
F I G U R E 12 FR O N T P AN E L V I E W O F T W E N T Y-F O U R -P O R T G I G AB I T E T H E R N E T E L E C T R I C AL
I N T E R F AC E B O AR D
Optical interface part of the four ports supporting optoelectronic
self-adaptive adopts pluggable SFP optical module, supporting four kinds of
common distances used by gigabit Ethernet. The characteristics are shown
in Table 16.
T AB L E 16 C H AR AC T E R I S T I C S O F T W E N T Y -F O U R -P O R T G I G AB I T E T H E R N E T E L E C T R I C AL
I N T E R F AC E B O AR D
Port Type Characteristics
1000Base-T RJ45 connector, using UTP5
SX(SFP-M500)
LC connector, multiple-mode optical fiber, with the wavelength of
850nm, maximum transmission distance is 500m
Transmission power range: -9.5dBm~-4dBm, receiving
sensitivity<-18dBm
LX(SFP-S10K)
LC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 10km
Transmission power range: -9.5dBm~-3dBm, receiving
sensitivity<-20dBm
LH(SFP-S40K)
LC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 40km
Transmission power range: -4dBm~0dBm, receiving
sensitivity<-22dBm
LH(SFP-S80K) LC connector, single-mode optical fiber, with the wavelength of
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 23
1550nm, maximum transmission distance is 80km
Transmission power range: 0dBm~5dBm, receiving
sensitivity<-22dBm
There are 56 LEDs in the front panel of 24-port gigabit Ethernet electrical
interface board, with each has two LEDs. The functions are described in
Table 17.
T AB L E 17 FU N C T I O N AL D E S C R I P T I O N O F F R O N T P AN E L LED S I N 24 -P O R T G I G AB I T
E T H E R N E T E L E C T R I C AL I N T E R F AC E B O AR D
Port Type Characteristics
LINK On, the port link is created
Off, the port is disconnected from others
ACT Off, no data transmission or reception in the port
Blinking, data transmission and reception in the port
One port 10-gigabit Ethernet Optical Interface Board
One port 10-gigabit Ethernet optical interface board provides
one-XENPAK-interface 10-gigabit Ethernet interface.
Powerful NP (Network Processor) can be added to the board based on actual
demands to process packet from L2 to L7, to meet the complex application in
practical networking.
The front panel is shown in Figure 13.
F I G U R E 13 FR O N T P AN E L V I E W O F O N E-P O R T 10 -G I G AB I T E T H E R N E T O P T I C AL I N T E R F AC E
B O AR D
One-port 10-gigabit Ethernet optical interface board adopts hot-swappable
XENPAK optical module, supporting multiple transmission distance
requirements; the characteristics are shown in Table 18.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
24 Confidential and Proprietary Information of ZTE CORPORATION
T AB L E 18 C H AR AC T E R I S T I C S O F O N E -P O R T 10 -G I G AB I T E T H E R N E T O P T I C AL I N T E R F AC E
B O AR D
Port Type Characteristics
LR(XENPAK-S10
K)
SC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 10km
LH(XENPAK-S40
K)
SC connector, single-mode optical fiber, with the wavelength of
1550nm, maximum transmission distance is 40km
There are two LEDs in the front panel of one-port 10-gigabit Ethernet optical
interface board, the functions of which are shown in Table 19.
T AB L E 19 FU N C T I O N AL D E S C R I P T I O N O F F R O N T P AN E L LED S I N O N E -P O R T 10 -G I G AB I T
E T H E R N E T O P T I C AL I N T E R F AC E B O AR D
Port Type Characteristics
LINK On, the port link is created
Off, the port is disconnected from others
ACT Off, no data transmission or reception in the port
Blinking, data transmission and reception in the port
Two-port 10-gigabit Ethernet Optical Interface Board
Two-port 10-gigabit Ethernet optical interface board provides
two-XENPAK-interface 10-gigabit Ethernet interface.
The front panel is shown in Figure 14.
F I G U R E 14 FR O N T P AN E L V I E W O F T W O -P O R T 10 -G I G AB I T E T H E R N E T O P T I C AL I N T E R F AC E
B O AR D
Two-port 10-gigabit Ethernet optical interface board adopts hot-swappable
XENPAK optical module, supporting multiple transmission distance
requirements; the characteristics are shown in Table 20.
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 25
T AB L E 20 C H AR AC T E R I S T I C S O F T W O -P O R T 10 -G I G AB I T E T H E R N E T O P T I C AL I N T E R F AC E
B O AR D
Port Type Characteristics
LR(XENPAK-S10
K)
SC connector, single-mode optical fiber, with the wavelength of
1310nm, maximum transmission distance is 10km
LH(XENPAK-S40
K)
SC connector, single-mode optical fiber, with the wavelength of
1550nm, maximum transmission distance is 40km
There are 4 LEDs in the front panel of 2-port 10-gigabit Ethernet optical
interface board, with each has two LEDs. The functions are described in
Table 21.
T AB L E 21 FU N C T I O N AL D E S C R I P T I O N O F F R O N T P AN E L LED S I N T W O -P O R T 10 -G I G AB I T
E T H E R N E T O P T I C AL I N T E R F AC E B O AR D
Port Type Characteristics
LINK On, the interface link created
Off, the interface is disconnected from others
ACT Off, no data transmission or reception in the interface
Blinking, data transmission and reception in the interface
Power Supply Module Considering the practical requirements of core switch, ZXR10 T160G/T64G
employs hot-backup design in power supply part, at the same time, it
provides –48V DC power supply and 220V AC power supply. DC power
supply adopts 1+1 backup mode, the power is supplied by two group of –48V
DC simultaneously; while AC power supply adopts 2+1 backup mode, thus,
the reliability of power supply system is enhanced.
The power supply system adopts modularization design, in which power
supply types and number of modules can be selected in accordance with
requirements. The front panel view of power supply module is as shown in
Figure 15.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
26 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 15 FR O N T P AN E L V I E W O F P O W E R S U P P L Y M O D U L E
The rear panel view of DC power supply board is shown in Figure 16.
F I G U R E 16 R E AR P AN E L V I E W O F DC P O W E R S U P P L Y B O A R D
DC power supply adopts 1+1 backup mode. Each system is configured with
two DC modules, the technical parameters of which are as follows:
Rated voltage: -48V
Allowed voltage range: -57V~-40V
Input electrical current: 25A
Maximum power consumption: 1200 W
The rear panel view of AC power supply board is shown in Figure 17.
F I G U R E 17 R E AR P AN E L V I E W O F AC P O W E R S U P P L Y B O A R D
Chapter 3 Structure and Principle
Confidential and Proprietary Information of ZTE CORPORATION 27
AC power supply adopts 2+1 backup mode. Each system is configured with
1~3 AC modules, the technical parameters of which are as follows:
Input voltage: Single phase 220VAC±10%
Input electrical current: 4A
Frequency: 50±5%
Maximum power consumption: 900 W
Line voltage waveform distortion rate<5%
Fan Plug-in Box ZXR10 T160G/T64G adopts left side indraft heat dissipation mode, at the left
side (front view) of the chassis, multiple fans are drafting air from the
internal; the left side of the chassis lies air inlet due to of which flue is formed
from right to left. The cool airflow the fan sucked in exchanges with the hot
airflow of the single board and power board. Major heating chips adopts
aluminium radiator. Air-filter is set at the inlet, which can be disassembled
from back of the chassis, facilitating maintenance and cleaning.
The front panel view of fan plug-in box is shown in Figure 18.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
28 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 18 FR O N T P AN E L V I E W O F F AN P L U G - I N B O X
Fan Plug-in Box of ZXR10 T160G Fan Plug-in Box of ZXR10 T64G
There are 6 LEDs in the front panel of fan plug-in box, each indicating the fan
operating status. On for normal working status while Off for faulty.
Confidential and Proprietary Information of ZTE CORPORATION 29
C h a p t e r 4
Usage and Operation
In this chapter, you will learn about the configuration mode of ZXR10
T160G/T64G in common use. It covers:
Configuration mode
Command mode
Command line application
Configuration Mode ZXR10 T160G/T64G provides multiple configuration modes, as shown in
Figure 19, the user can select appropriate configuration mode according to
the connected network.
Serial interface connection configuration
Telnet connection configuration
SSH (Secure Shell) connection configuration
FTP/TFTP connection configuration
SNMP connection configuration
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
30 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 19 ZXR10 T160G/T64G C O N F I G U R AT I O N M O D E
Telnet HostSNMP Network
Management
Hyperterminal
Serial Interface
ZXR10
FTP/TFTPServer
Serial Interface Connection Configuration Serial interface connection configuration is the principle configuration mode
of ZXR10 series switch.
Serial configuration line is delivered with ZXR10 T160G/T64G, one end is
DB9 serial interface (Connected to computer serial interface), the other is
RJ45 interface (Connected to Console interface in MP board of ZXR10
T160G/T64G) The serial connection configuration adopts VT100 terminal
mode, using the HyperTerminal tool provided by Windows OS.
The operation procedure is as follows:
1. Connect the computer serial port to ZXR10 T160G/T64G Console port
using serial configuration line.
2. Open the HyperTerminal, as shown in Figure 20. Input the connection
name, such as ZXR10, and select an icon.
Chapter 4 Usage and Operation
Confidential and Proprietary Information of ZTE CORPORATION 31
F I G U R E 20 H Y P E R T E R M I N AL C O N F I G U R AT I O N 1
3. Click Ok, the window as shown in Figure 21 appears. Select using COM
port such as COM1 when connecting.
F I G U R E 21 H Y P E R T E R M I N AL C O N F I G U R AT I O N 2
4. Click Ok, the COM port attribute setup window appears, as shown in
Figure 22.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
32 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 22 H Y P E R T E R M I N AL C O N F I G U R AT I O N 3
The settings of the COM port of the HyperTerminal are: “115200” for data
rate, “8” for data bit, “None” for parity check, “1” for stop bit, and “None”
for flow control.
5. Click Ok to complete setting, the ZXR10 T160G/T64G configuration
window appears, and start command operation.
Telnet Connection Configuration Configure ZXR10 T160G/T64G via Telnet locally or remotely. Telnet
configuration is the principal mode configuring ZXR10 T160G/T64G
remotely.
Username and password must be set in the switch to prevent illegal users
from accessing the switch via Telnet.Only the users with valid username and
password could login to the switch. Use the following commands to configure
username and password.
Chapter 4 Usage and Operation
Confidential and Proprietary Information of ZTE CORPORATION 33
Command format Command
mode
Command function:
username <username> password
<password> Global
Configure username and
password of Telnet login
Connect ion through Management Port
Configure the switch through management Ethernet port (10/100Base-TX)
in the MP board.
1. Configure IP address of management port via Console port.
2. Configure username and password of Telnet login via Console port.
3. Use straight-through Ethernet cable to connect host network interface
and switch management Ethernet interface.
4. Set the IP address of the host, which should be in the same network
segment with the switch management Ethernet port.
5. Run Telnet command in the host, input the IP address of the switch
management Ethernet port, as shown in Figure 23.
F I G U R E 23 R U N N I N G TE L N E T
6. Click Ok, the window as shown in Figure 24 appears.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
34 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 24 T E L N E T L O G I N S C H E M A T I C D I A G R A M
7. Input valid username and password as prompted to access the switch
configuration mode.
Note: ZXR10 T160G/T64G allows up to four Telnet users logging in simultaneously. If
“**” appears after inputting username and password, it indicates that the number of
users reach the limit, please retry later or relogin after logging out other users.
When performing Telnet configuration via management port connecting to the
switch, the IP address of management port cannot be modified or deleted, otherwise,
Telnet will be disconnected.
Connection through VLAN Port
Two modes exist for Telnet connection through VLAN port.
Connects to switch via host by Telnet
i. Configure IP address of VLAN and VLAN interface via Console port.
ii. Configure username and password of Telnet login via Console port.
iii. Connect the host network interface to the Ethernet port of switch.
iv. Set the IP address of host, enabling the host to ping the IP address of
VLAN interface in the switch successfully.
Chapter 4 Usage and Operation
Confidential and Proprietary Information of ZTE CORPORATION 35
v. Run Telnet command in the host, input the IP address of VLAN
interface, login to the switch. For the detailed procedures, please
refer to Connection through Management Port
Connect to switch via other devices (such as switch and router) by Telnet
i. Configure IP address of VLAN and VLAN interface via Console port.
ii. Configure username and password of Telnet login via Console port.
iii. Take a router connected to a switch as an example, from which, the
IP address of VLAN interface can be pinged successfully.
iv. Run Telnet command in the router, input the IP address of VLAN
interface, login to the switch. For the detailed procedures, please
refer to Connection through Management Port
Note: When performing Telnet configuration via VLAN interface connecting to the switch,
the IP address of VLAN and VLAN interface cannot be modified or deleted, otherwise,
Telnet will be disconnected.
SSH Connection Configuration Traditional Telnet and FTP connection are somewhat insecure, for the clear
text transfer password and data used in the network is apt to be captured by
attackers. There are some weaknesses with Telnet and FTP security
certificate, so it is apt to be attacked by the means of Man-in-the-middle,
which imitates the server to receive the data transmitted by the client
terminal and then imitates the client terminal to transmit data to the real
server.
SSH (Secure Shell) can solve the problem. SSH establishes a secure channel
for remote login and other network services in the insecure network. It
encrypts and compresses the transmitted data to prevent anybody captured
the data from getting useful information.
Two incompatible versions of SSH protocol are available: SSH v1.x and SSH
v2.x. ZXR10 T160G/T64G supports SSH v2.0, provides secure remote login
function.
SSH falls into two parts including server and client terminal. ZXR10
T160G/T64G serves as the server of SSH; the host logs in to the switch by
running SSH client terminal.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
36 Confidential and Proprietary Information of ZTE CORPORATION
Use the following commands to enable SSH server function in the ZXR10
T160G/T64G. The SSH server function is disabled by default.
Command format Command
mode
Command function:
ssh server enable Global Enable SSH server function
Connect the host network interface to the Ethernet port of the switch,
enable the host to ping the IP address of VLAN interface in the switch by
configuring.
Run SSH client terminal software (Frequently used software is putty) in
the host.
Set the IP address and port No of SSH server, as shown in Figure 25.
F I G U R E 25 S E T T I N G T H E IP A D D R E S S A N D P O R T N O O F SSH S E R V E R
Set SSH version, as shown in Figure 26.
Chapter 4 Usage and Operation
Confidential and Proprietary Information of ZTE CORPORATION 37
F I G U R E 26 S E T T I N G SSH V E R S I O N
Click Open to login to the switch, input valid username and password as
prompted.
FTP/TFTP Connection Configuration ZXR10 T160G/T64G can serve as the client terminal of FTP/TFTP. We can
back up and restore the files in the ZXR10 T160G/T64G by FTP/TFTP, in
addition, we can import and export configuration.
Switch Serving as FTP Client Terminal
Enable FTP server software in the background host and switch
communicates as client terminal. The configuration of background FTP
server is illustrated taking WFTPD as an example, shown as follows:
1. Run WFTPD software in the background host, the window as shown in
Figure 27 appears.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
38 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 27 WFTPD W I N D O W
2. Click Security, select User/Rights…, perform the following operations
in the popup dialog box:
Click New User… to create a new user, such as target, with
password enabled
Select user name target in the drop-down list of User Name
Input the directory saving version files or configuration files in the
Home Directory box, such as D: \IMG
After configuration, the dialog box is shown in Figure 28.
F I G U R E 28 U S E R /R I G H T S S E C U R I T Y D I AL O G B O X
Chapter 4 Usage and Operation
Confidential and Proprietary Information of ZTE CORPORATION 39
3. Click Done to complete setting.
After enabling FTP server, execute copy command in the switch to
backup/restore file and import/export configuration.
Switch Serving as TFTP Client Terminal
Enable TFTP server software in the background host and switch
communicates as client terminal. The configuration of background TFTP
server is illustrated taking TFTPD as an example, shown as follows:
1. Run TFTPD software in the background host, the window as shown in
Figure 29 appears.
F I G U R E 29 TFTPD W I N D O W
2. Click TFTPD>Configure, a dialog box appears, click Browse, select the
file saving version files or configuration files, such as D:\IMG.
After configuration, the dialog box is shown in Figure 30.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
40 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 30 C O N F I G U R AT I O N D I AL O G B O X
3. Click Ok to complete setting.
After enabling TFTP server, execute copy command in the switch to
backup/restore file and import/export configuration.
SNMP Connection Configuration Simple Network Management Protocol (SNMP) is the most popular NM
protocol, through which, one NM server can manage all devices in the
network.
SNMP adopts management based on server and client terminal. The
background NM server serves as the SNMP server, and the foreground
network equipment ZXR10 T160G/T64G serves as SNMP client terminal. The
foreground and background share the same MIB management database,
performing communication via SNMP protocol.
The background NM server needs installing NM software supporting SNMP
protocol; It performs management configuration over ZXR10 T160G/T64G
via NM software. For the SNMP configuration in ZXR10 T160G/T64G, please
refer to SNMP
Chapter 4 Usage and Operation
Confidential and Proprietary Information of ZTE CORPORATION 41
Command Mode ZXR10 T160G/T64G assigns commands to different modes according to
function and authority to facilitate switch configuration and management.
One command can only be executed under specific mode. Input question
mark (?) under any command mode to query the applicable commands
under the mode. Major command modes of ZXR10 T160G/T64G are listed in
Table 22.
T AB L E 22 C O M M A N D M O D E
Mode Prompt Accessing Command Functions
User Mode ZXR10> Access directly after login View simple
information
Privileged
Mode ZXR10# Enable (User mode)
Configuring
system
parameters
Global
configuration
mode
ZXR10(config)# Configure terminal
(Privileged mode)
Configuring
global service
parameters
Port
configuration
mode
ZXR10(config-if)#
interface
{<interface-name>|byna
me <by-name>} (Global
configuration mode)
Configuring port
parameters
VLAN
database
configuration
mode
ZXR10(vlan-db)# vlan database
(Privileged mode)
Creating or
deleting VLAN in
batch
VLAN
configuration
mode
ZXR10(config-vlan)#
vlan
{<vlan-id>|<vlan-name>
} (Global configuration
mode)
Configuring
VLAN
parameters
VLAN
interface
configuration
mode
ZXR10(config-if)#
interface {vlan
<vlan-id>|<vlan-if>}
(Global configuration
mode)
Configuring IP
address of VLAN
interface
MSTP
configuration ZXR10 (config-mstp)#
spanning-tree mst
configuration (Global
Configuring
MSTP
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
42 Confidential and Proprietary Information of ZTE CORPORATION
Mode Prompt Accessing Command Functions
mode configuration mode) parameters
Basic ACL
configuration
mode
ZXR10 (config-basic-acl)#
acl basic {number
<acl-number>| name
<acl-name>} (Global
configuration mode)
Defining basic
ACL regulations
Extended ACL
configuration
mode
ZXR10(config-ext-acl)#
acl extend {number
<acl-number>| name
<acl-name>} (Global
configuration mode)
Defining
extended ACL
regulations
Layer2 ACL
configuration
mode
ZXR10(config-link-acl)#
acl link {number
<acl-number>| name
<acl-name>} (Global
configuration mode)
Defining layer2
ACL regulations
Mixed ACL
configuration
mode
ZXR10(config-hybd-acl)#
acl hybrid {number
<acl-number>| name
<acl-name>} (Global
configuration mode)
Defining mixed
ACL regulations
VRF
configuration
mode
ZXR10(config-vrf)# ip vrf <vrf-name> (Global
configuration mode)
Configuring VRF
protocol
parameters
Router RIP
configuration
mode
ZXR10(config-router)# router rip (Global
configuration mode)
Configuring RIP
protocol
parameters
Router RIP
address
configuration
mode
ZXR10(config-router-af)#
address-family ipv4 vrf
<vrf-name>(Router RIP
configuration mode)
Configuring RIP
VRF protocol
parameters
Router OSPF
configuration
mode
ZXR10(config-router)#
router ospf <process-id>
[vrf <vrf-name>] (Global
configuration mode)
Configuring
OSPF protocol
parameters
Router IS-IS
configuration
mode
ZXR10(config-router)#
router isis [vrf
<vrf-name>] (Global
configuration mode)
Configuring IS-IS
protocol
parameters
Router BGP
configuration
mode
ZXR10(config-router)#
router bgp <as-number>
(Global configuration
mode)
Configuring BGP
protocol
parameters
Chapter 4 Usage and Operation
Confidential and Proprietary Information of ZTE CORPORATION 43
Mode Prompt Accessing Command Functions
Router BGIP
address
configuration
mode
ZXR10(config-router-af)#
address-family vpnv4
(Router BGP configuration
mode)
address-family ipv4 vrf
<vrf-name>(Router BGP
configuration mode)
Configuring BGP
VPN and VRF
protocol
parameters
Router
PIM-SM
configuration
mode
ZXR10(config-router)# router pimsm (Global
configuration mode)
Configuring
PIM-SM protocol
parameters
Route-map
configuration
mode
ZXR10(config-route-map)
#
route-map <map-tag>
[permit|deny]
[<sequence-number>]
(Global configuration
mode)
Configuring
route-map
matched items
and operations
Diagnosis test
mode ZXR10(diag)#
diagnose (Privileged
mode)
Test the usage of
CPU and Memory
The ways to quit various command modes:
In privileged mode, use disable command to return to user mode.
In user mode and privileged mode, use exit command to quit the switch;
in other mode, use exit command to return to the previous mode.
In the modes other than user mode and privileged mode, use end
command or press Ctrl+z to return to the privileged mode.
Command Line Application Online Help In any command mode, the available commands list will be displayed if
inputting a question mark (?) following the system prompt. The list of
command key words and parameters can also be obtained via online help.
1. Input question mark (?) in any command mode prompt, all commands
and brief command descriptions of the mode will be displayed. For
example:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
44 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10>?
Exec commands:
enable Turn on privileged commands
exit Exit from the EXEC
login Login as a particular user
logout Exit from the EXEC
ping Send echo messages
quit Quit from the EXEC
show Show running system information
telnet Open a telnet connection
trace Trace route to destination
who List users who is logining on
ZXR10>
2. Input a question mark (?) following character or character string, the list
of commands or key words with the character or character string as the
prefix will be displayed. Note that there is no space between character
(Character string) and the question mark (?). For example:
ZXR10#co?
configure copy
ZXR10#co
3. Press Tab after the character, if the command or key word with the
character string as the prefix is unique, make it aligned and add a space
after it. Note that there is no space between character string and Tab.
For example:
ZXR10#con<Tab>
ZXR10#configure (There is a space between configure
and cursor)
4. Input a question mark (?) after commands, key words and parameters,
you can list the key words or parameters to be input next and provide
brief description. Note that space should be input before the question
mark (?). For example:
ZXR10#configure ?
terminal Enter configuration mode
ZXR10#configure
5. If inputting incorrect command, key words or parameters, the subscriber
interface will provide error isolation with “^” after carriage return. “^”
will appear below the first character of the input incorrect command, key
work or parameter. For example:
ZXR10#von ter
Chapter 4 Usage and Operation
Confidential and Proprietary Information of ZTE CORPORATION 45
^
% Invalid input detected at '^' marker.
ZXR10#
In the instances below, make use of the online help to set system clock.
ZXR10#cl?
clear clock
ZXR10#clock ?
set Set the time and date
ZXR10#clock set ?
hh:mm:ss Current Time
ZXR10#clock set 13:32:00
% Incomplete command.
ZXR10#
At the end of the above example, it is concluded that the system prompts
that command is incomplete. This command indicates inputting of other key
words or parameters are required.
Note: All commands in the command line operation are case-insensitive
Command Abbreviation ZXR10 T160G/T64G allows abbreviating commands and key word to
character or character string identifying the command or key word uniquely,
for example, abbreviate show command to sh or sho
Command History The user interface provides a record of commands up to 10 you have entered.
This feature is particularly useful to recall long or complex commands.
Reinvoke commands from the record buffer, execute one of the following
operations.
Command Function
Press Ctrl+P or < >↑ Recalls commands in the history buffer in a forward
sequence
Press Ctrl+N or < >↓ Recalls commands in the history buffer in a backward
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
46 Confidential and Proprietary Information of ZTE CORPORATION
sequence
In the privileged mode, use show history command to list the most recent
commands.
Confidential and Proprietary Information of ZTE CORPORATION 47
C h a p t e r 5
System Management
This chapter introduces ZXR10 T160G/T64G system management. It
illustrates file system and operation of switches, presents the procedure for
updating software version. This chapter covers the following topics:
File system management
Data backup and restoration
Importing/exporting configuration
Software version upgrade
Setting system parameters
Viewing system information
File System Management Introduction to File System In ZXR10 T160G/T64G, the major storage device that we usually see is the
FLASH in MP board, which is for storing ZXR10 T160G/T64G version files and
configuration files. Operation over FLASH is needed when upgrading
software version and saving configuration.
FLASH contains three default directories including IMG, CFG and DATA.
1. IMG: The directory is for storing software version files. The software
version file of ZXR10 T160G/T64G has the extension name of .zar, which
is dedicated compression file. Version upgrade is to change the software
version file in the directory.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
48 Confidential and Proprietary Information of ZTE CORPORATION
Note: The default name of ZXR10 T160G/T64G software version file is zxr10.zar. If it uses
other names, Boot Path must be modified in Boot status. Otherwise, the version
cannot be loaded when starting the system. It is recommended using default file
name.
2. CFG: The directory is for saving configuration files, whose name is
startrun.dat. The information is saved in the Memory when using
command to modify the switch configuration. To prevent the
configuration information loss at the time of restarting the switch, use
write command to write the information in the Memory into FLASH, and
save the information in the startrun.dat file. When needing to clear the
old configuration in the switch to reconfigure data, use delete command
to delete startrun.dat file, then restart the switch.
3. DATA: The directory is for saving log.dat file which records alarm
information.
Note: If IMG, CFG or DATA is unavailable in FLASH, create them manually using mkdir
command.
File System Operation ZXR10 T160G/T64G provides many commands for file operation, whose
formats are similar to that of DOS operating system. The frequently used file
operation commands are as follows:
1. Copy files between FLASH devices and FTP/TFTP servers.
Command format Command
Mode
Command function:
copy <source-device> <source-file>
<destination-device> <destination-file> Privileged Copying files.
2. View the current directory path
Command format Command
Mode
Command function:
Chapter 5 System Management
Confidential and Proprietary Information of ZTE CORPORATION 49
pwd Privileged View the current directory path
3. View the file and subdirectory information in the specified devices or
directories.
Command format Command
Mode
Command function:
dir [<directory>] Privileged
View the file and subdirectory
information in the specified
devices or directories.
4. Delete the file in the specified directory of the current device
Command format Command
Mode
Command function:
delete <filename> PrivilegedDelete the file in the specified
directory of the current device
5. Access the specified file device or the file directory of the current device
Command format Command
Mode
Command function:
cd <directory> Privileged
Access the specified file device or
the file directory of the current
device
6. Back to the upper-level directory
Command format Command
Mode
Command function:
cd .. Privileged Back to the upper-level directory
7. Create new subdirectory in the current directory
Command format Command
Mode
Command function:
mkdir <directory> PrivilegedCreate new subdirectory in the
current directory
8. Delete the specified file directories
Command format Command
Mode
Command function:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
50 Confidential and Proprietary Information of ZTE CORPORATION
rmdir <directory> PrivilegedDelete the specified file
directories
9. Modify the name of specified file or directory
Command format Command
Mode
Command function:
rename <old-filename>
<new-filename>
Privileged
Modify the name of file or
directory
The application of file operation command will be illustrated by instances as
follows:
1. View the current file information in FLASH
ZXR10#dir
Directory of flash:/
attribute size date time name
1 drwx 512 MAY-17-2004 14:22:10 IMG
2 drwx 512 MAY-17-2004 14:38:22 CFG
3 drwx 512 MAY-17-2004 14:38:22 DATA
65007616 bytes total (48863232 bytes free)
ZXR10#cd img (Access version directory IMG)
ZXR10#dir (Show the current directory information)
Directory of flash:/img
attribute size date time name
1 drwx 512 MAY-17-2004 14:22:10 .
2 drwx 512 MAY-17-2004 14:22:10 ..
3 -rwx 15922273 MAY-17-2004 14:29:18
ZXR10.ZAR
65007616 bytes total (48863232 bytes free)
ZXR10#
2. Create directory ABC in FLASH, then delete it.
ZXR10#mkdir ABC (Add a subdirectory ABC in the current
directory)
ZXR10#dir (View the current directory information,
finding that subdirectory ABC has been added successfully)
Directory of flash:/
attribute size date time name
1 drwx 512 MAY-17-2004 14:22:10 IMG
2 drwx 512 MAY-17-2004 14:38:22 CFG
3 drwx 512 MAY-17-2004 14:38:22 DATA
4 drwx 512 MAY-17-2004 15:40:24 ABC
Chapter 5 System Management
Confidential and Proprietary Information of ZTE CORPORATION 51
65007616 bytes total (48861184 bytes free)
ZXR10#rmdir ABC (Delete subdirectory ABC)
ZXR10#dir (View the current directory information,
finding that subdirectory ABC has been deleted
successfully)
Directory of flash:/
attribute size date time name
1 drwx 512 MAY-17-2004 14:22:10 IMG
2 drwx 512 MAY-17-2004 14:38:22 CFG
3 drwx 512 MAY-17-2004 14:38:22 DATA
65007616 bytes total (48863232 bytes free)
ZXR10#
Data Backup and Restoration Using FTP/TFTP, we can back up the software version files, configuration files,
and log files in ZXR10 T160G/T64G to background server or restore the
backup files from background server. As for the configuration of background
FTP/TFTP server, please refer to section FTP/TFTP Connection Configuration
The backup and restoration of files can be implemented via command copy.
1. Configuration file backup
After saving the configuration information to startrun.dat using
command write, back it up to the background FTP/TFTP server to
prevent restoration failure owing to file corruption.
Execute the following command to back up the configuration files in
FLASH to background TFTP server:
ZXR10#copy flash: /cfg/startrun.dat tftp:
//168.1.1.1/startrun.dat
2. Configuration files restoration
Execute the following command to restore backup configuration files
from background TFTP server:
ZXR10#copy tftp: //168.1.1.1/startrun.dat flash:
/cfg/startrun.dat
3. Version file backup
Back the running version files up to background server before upgrading
software version. If failed to load new version, you can restore the old
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
52 Confidential and Proprietary Information of ZTE CORPORATION
version from the background server. Software version file backup is
similar to configuration file backup.
Execute the following command to back up the software version file in
FLASH to directory IMG in root directory of background TFTP server:
ZXR10#copy flash: /img/zxr10.zar tftp:
//168.1.1.1/img/zxr10.zar
4. Version Restoration
The purpose of version restoration is to retransmit the backup software
version file in background server via FTP/TFTP to FLASH in foreground
switch. It is important to perform restoration operation when version
upgrade failed.
The procedures of version restoration and version upgrade are almost
the same, please refer to section Software Version Upgrade.
Importing/Exporting Configuration ZXR10 T160G/T64G supports the function of importing/exporting
configuration files. Copy configuration file startrun.dat to background host
via FTP/TFTP, in the background host, edit the file startrun.dat using text
editing tool, and then copy the modified configuration file via FTP/TFTP to the
directory CFG in FLASH device of foreground switch. The file will take effect
after restart.
Note: When editing startrun.dat using text editing tool, note that the format should comply
with the requirements of command.
Software Version Upgrade Upgrade the software version only when the old version does not support
some functions or the device cannot run normally owing to some specific
causes. Improper operation may cause upgrade failure, which leads to boot
failure. Therefore, the maintenance personnel must be familiar with the
principles and operations of ZXR10 T160G/T64G and learn the upgrade
procedures carefully before software version upgrade.
Chapter 5 System Management
Confidential and Proprietary Information of ZTE CORPORATION 53
Version Upgrade in the case of System Anomaly The upgrade procedures when the ZXR10 T160G/T64G cannot be started
normally are presented as follows:
1. Connect the configuration port (Console port of MP board) of ZXR10
T160G/T64G to the serial interface of background host by configuration
line delivered with the product; connect administrative Ethernet
interface of the switch (10/100M Ethernet interface) to network interface
of background host by straight-through Ethernet line. Make sure that
both are properly connected.
2. The IP address of background host for upgrade and that of the switch
administrative Ethernet port should be set to the same network
segment.
3. Start the background FTP server according to the methods in FTP/TFTP
Connection Configuration
4. Start ZXR10 T160G/T64G, in HyperTerminal, press any key as prompted
to enter Boot status The following content will appear:
ZXR10 System Boot Version: 1.0
Creation date: Dec 31 2002, 14:01:52
(Omitted)
Press any key to stop for change parameters...
2
[ZXR10 Boot]:
Input “c” in Boot status, enter parameter modification status after
carriage return. Change the boot mode to boot from background FTP;
change the FTP server address to the corresponding background host
address; change the client terminal address and gateway address to
switch administrative Ethernet interface address, set corresponding
subnet mask and FTP username and password. The [ZXR10 Boot]
prompt appears after completing parameter modification.
[ZXR10 Boot]:c
'.' = clear field; '-' = go to previous field; ^D = quit
Boot Location [0:Net,1:Flash] : 0 (0 means booting from
background FTP; 1 means booting from FLASH)
Client IP [0:bootp]: 168.4.168.168 Corresponds to
administrative Ethernet port address
Netmask: 255.255.0.0
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
54 Confidential and Proprietary Information of ZTE CORPORATION
Server IP [0:bootp]: 168.4.168.89 (Corresponds to
background FTP server address)
Gateway IP: 168.4.168.168 (Corresponds to
administrative Ethernet port address)
FTP User: target (Corresponds to FTP username
target)
FTP Password: (Corresponds to target user
password)
FTP Password Confirm:
Boot Path: zxr10.zar (Use default)
Enable Password: (Use default)
Enable Password Confirm: (Use default)
[ZXR10 Boot]:
5. Input “@”, the system boots the version from background FTP server
automatically after carriage return.
[ZXR10 Boot]:@
Loading... get file zxr10.zar[15922273] successfully!
file size 15922273.
(Omitted)
******************************************************
Welcome to ZXR10 10G Routing switch of ZTE Corporation
******************************************************
ZXR10>
6. If booted normally, use command show version to check whether the
new version is running in the Memory, if it is the old version that is
running, it indicates that booting from background server failed, you
have to repeat the operations from step 1.
7. Delete the old version file zxr10.zar in the directory IMG in FLASH using
command delete, Old version file can be renamed for backup due to of
space in FLASH is sufficient.
8. Copy the new version file in background FTP server to IMG directory in
FLASH. The version file name is zxr10.zar.
ZXR10#copy ftp: mng
//168.4.168.89/zxr10.zar@target:target flash:
/img/zxr10.zar
Starting copying file
.......................................................
Chapter 5 System Management
Confidential and Proprietary Information of ZTE CORPORATION 55
..........
.......................................................
..........
......................................
file copying successful.
ZXR10#
Note:
If copying version files from the management Ethernet of MP board, in the command
copy, ftp: must be followed with mng.
9. Check whether new version file is available in FLASH. If the new version
file is unavailable, it indicates the copy failure, please execute step 8 to
recopy the version.
10. Restart ZXR10 T160G/T64G, follow the methods in step 4, and make
boot from FLASH enabled, at this time, “Boot path ”will change
into“ /flash/img/zxr10.zar automatically.
Note:
The boot mode can be changed to boot from FLASH by using command nvram
imgfile-location local in global configuration mode.
11. Input “@” in [ZXR10 Boot]:, the system will boot new version from
FLASH after carriage return.
12. After booting normally, check the running version to confirm that the
upgrade is successful.
Version Upgrade when the System is Normal There are a variety of ways to upgrade software version if the switch is
running normally before upgrade, for example, take the switch as FTP or
TFTP client terminal to copy versions; remote upgrade can be performed
making use of FTP. The procedures of taking the switch as the FTP client
terminal to upgrade locally are described below.
1. Connect the configuration port (Console port of MP board) of ZXR10
T160G/T64G to the serial interface of background host by configuration
line delivered with the product; connect management Ethernet interface
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
56 Confidential and Proprietary Information of ZTE CORPORATION
of the switch (10/100M Ethernet interface) to network interface of
background host by straight-through Ethernet line. Make sure that both
are properly connected.
2. The IP address of background host for upgrade and that of the switch
management Ethernet port should be set to the same network segment
to ensure that the background host could ping the management Ethernet
address successfully.
3. Start the background FTP server according to the methods in FTP/TFTP
Connection Configuration
4. View the information of the running version.
5. Delete the old version file in the directory IMG in FLASH using command
delete You can remain the old version file having it renamed, if the space
in FLASH is not sufficient.
6. Copy the new version file in background FTP server to IMG directory in
FLASH. The version file name is zxr10.zar.
7. Check whether new version file is available in directory IMG in FLASH. If
the new version file is unavailable, it indicates the copy failure, please
execute step 5 to recopy the version.
8. After booting the switch normally, check the running version to confirm
that the upgrade is successful.
Setting System Parameters The system parameters of ZXR10 T160G/T64G contains host name,
password of privileged mode etc.
1. Set the name of system host
The default host name of the system is ZXR10, which can be modified in
global configuration mode using command hostname.
Command format Command
Mode
Command function:
hostname <network-name> Global Modify host name of the switch
Relogin to the switch after modifying the host name, new host name will
be used in the prompt.
2. Set the greeting words for system startup
Chapter 5 System Management
Confidential and Proprietary Information of ZTE CORPORATION 57
Greeting words can be set using command banner. It starts and ends
with custom-defined character, for example:
ZXR10(config)#banner incoming #
Enter TEXT message. End with the character '#'.
***********************************
Welcome to ZXR10 Switch World
***********************************
#
ZXR10(config)#
3. Set the password of privileged mode
In privileged mode, you can set operational parameters, and access
configuration mode. The password of accessing privileged mode must be
set to prevent unauthorized user from modifying the configuration.
Command format Command
Mode
Command function:
enable secret {0 <password>|5
<password>|<password>} Global
Set the password of privileged
mode
4. Set Telnet user and password
Command format Command
Mode
Command function:
username <username> password
<password> Global Set Telnet user and password
5. Setting system clock
Command format Command
Mode
Command function:
clock set <current-time> <month>
<day> <year> Privileged Setting system clock
Viewing System Information In ZXR10 T160G/T64G, we usually use show command to view information.
What described below is about viewing version information and configuration
information.
1. Show version information of system software and hardware
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
58 Confidential and Proprietary Information of ZTE CORPORATION
Command format Command
Mode
Command function:
show version User/ PrivilegedView version information of
system software and hardware
Execute command show version to display the information similar to the
follows.
ZXR10#show version
ZXR10 Router Operating System Software, ZTE Corporation
ZXR10 ROS Version V4.6
ZXR10 T160G Software, Version V2.6.01, RELEASE SOFTWARE
Copyright (c) 2000-2003 by ZTE Corporation
Compiled Dec 2 2004, 14:52:13
System image files from net <ftp://168.1.70.155/zxr10.zar>
System uptime is 0 days, 0 hours, 19 minutes
ZXR10#
2. Show the running configuration information
Command format Command
Mode
Command function:
show running-config PrivilegedView the running configuration
information
Confidential and Proprietary Information of ZTE CORPORATION 59
C h a p t e r 6
Port Configuration
This chapter introduces the configuration of ZXR10 T160G/T64G port parameters and port mirroring function. It covers:
Basic port configuration
Introduces basic port parameter configuration, port traffic statistics, and port line diagnosis analysis test
Port mirroring
Introduces the concept, basic configuration and configuration instances of port mirroring
Basic Port Configuration ZXR10 T160G/T64G provides fast Ethernet port, gigabit Ethernet port and 10-giagabit Ethernet port.
Fast Ethernet electrical interface supports full-duplex/half-duplex, 10/100M and MDI/MDIX self-adaptive function. The default working mode is auto-negotiation. It negotiates working mode and rate with the opposite end devices.
Gigabit Ethernet electrical interface supports full-duplex/half-duplex, 10/100/1000M and MDI/MDIX self-adaptive function. The default working mode is auto-negotiation. It negotiates working mode and rate with the opposite end devices.
Gigabit Ethernet electrical interface works in gigabit full-duplex mode. The duplex mode and rate of the port cannot be configured, instead, auto-negotiation can.
10-Gigabit Ethernet optical interface works in 10-gigabit full-duplex mode. The auto-negotiation, duplex mode and rate of the port cannot be configured.
The system adopts the mode of adding ports automatically: the user plug in interface board to the corresponding slot, when the interface board starts
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
60 Confidential and Proprietary Information of ZTE CORPORATION
normally, we can see that the port of the interface board has been added to the system port list automatically.
Principle of Port Naming ZXR10 T160G/T64G names the ports as follows:
Port type_Slot No/Port No
Port type covers:
FEI Fast Ethernet Interface
GEI Gigabit Ethernet Interface
XGEI 10-Gigabit Ethernet Interface
Slot No.
ZXR10 T160G provides 10 plug-in slots, numbering from top to down, where No 5 and No 6 are MP plug-in slots, the rest are interface board module plug-in slots.
ZXR10 T64G provides 6 plug-in slots, numbering from top to down, where No 3 slot is MP board plug-in slot, No 1, 2 ,5, and 6 are interface board module plug-in slots; No 4 slot can serve as MP board plug-in slot or interface board module plug-in slot.
Port No.
The interface board ports are numbered from 1.
For example:
fei_2/8 Means the 8th port in the No 2 slot fast Ethernet interface board.
gei_6/1 Means the first port in the No 6 slot gigabit Ethernet interface board.
xgei_7/2 Means the second port in the No 7 slot 10-gigabit Ethernet interface board.
Configuring Basic Port Parameters The configuration of port parameters is performed in port configuration mode, which covers:
1. Accessing port configuration mode
Command format Command Mode Command function:
interface {<port-name>|byname <by-name>} Global Accessing port configuration
mode
2. Close/open Ethernet port
Command format Command Mode Command function:
shutdown Port Close Ethernet port
no shutdown Port Open Ethernet port
Chapter 6 Port Configuration
Confidential and Proprietary Information of ZTE CORPORATION 61
Note: Command shutdown makes the physical link status of the port change into down and the link LED of the port go dark. All ports are open by default.
3. Enable/close Ethernet port auto-negotiation
Command format Command Mode Command function:
negotiation auto Port Enable port auto-negotiation
no negotiation auto Port Close port auto-negotiation
Note: 10-gigabit Ethernet optical interface does not support auto-negotiation. It is fixed to work in 10-gigabit full-duplex mode.
4. Set Ethernet port duplex mode
Command format Command Mode Command function:
duplex {half|full} Port Set port duplex mode
5. Set Ethernet port rate
Command format Command Mode Command function:
speed {10|100|1000} Port Set port rate
Note: Only the Ethernet electrical interface can be configured with duplex mode and rate, remember to disable port self-negotiation function.
6. Set Ethernet port flow control
The Ethernet port uses flow control to restrain the packets sent to the port in a period of time. When the receiving buffer is full, the port sends a “pause” packet notifying the remote port to suspend packet transmission for a period of time. The Ethernet port can also receive “pause” packet from other devices, and execute operations according to the regulation of the packet.
Command format Command Mode Command function:
flowcontrol {enable|disable} Port Enable/disable port flow control
7. Allow jumbo-frame to pass the Ethernet port or prohibit it
Command format Command
Mode Command function:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
62 Confidential and Proprietary Information of ZTE CORPORATION
jumbo-frame {enable|disable} Port Allow jumbo-frame to pass the Ethernet port or prohibit it
Note: By default, the maximum allowed length of the frame passing Ethernet port is 1560 bytes, and jumbo frame is prohibited from passing. When jumbo frame is allowed, the maximum allowed length is 9216 bytes.
8. Port byname
The purpose of setting port byname is to distinguish the ports for easier memorization. You can replace the port name with byname when performing operation over the port.
Command format Command Mode Command function:
byname <by-name> Port Set Ethernet port byname
9. Set Ethernet port broadcast storm suppression
You can limit the volume of broadcast flow that is allowed to pass through the Ethernet port. The system will discard the broadcast flow exceeding the set value to lower the rate of broadcast flow to a reasonable range, so as to suppress broadcast storm and avoid network congestion, ensuring normal operation of network service. Broadcast storm suppression ratio takes the line speed percentage of maximum flow as the parameter; the lower the percentage is, the smaller the allowed broadcast flow is. 100% means that the broadcast storm passing through the port will not be suppressed
Command format Command
Mode Command function:
broadcast-limit <percent-value> Port Set port broadcast storm suppression ratio
Show Port Information ZXR10 T160G/T64G provides the following commands to view port information.
1. View status information of Ethernet port
Command format Command Mode Command function:
show interface [<port-name>] All modes except user mode
show status information of Ethernet port
Example: View status and statistic information of port gei_2/1.
ZXR10#show interface gei_2/1
gei_4/1 is down, line protocol is down
Description is none
Chapter 6 Port Configuration
Confidential and Proprietary Information of ZTE CORPORATION 63
Keepalive set:10 sec
The port is electric
Duplex half
vlan mode is access, pvid 2 BW 1000000 Kbits
Last clearing of "show interface" counters never
120 seconds input rate 0 Bps, 0 pps
120 seconds output rate 0 Bps, 0 pps
Interface peak rate : input 0 Bps, output 0 Bps
Interface utilization: input 0%, output 0%
/* Statistic of input/output transmit message, including
statistic of error message */
Input:
Packets : 338 Bytes:
41572
Unicasts : 0 Multicasts: 328
Broadcasts: 10
Undersize: 0 Oversize : 0
CRC-ERROR : 0
Dropped : 0 Fragments : 0
Jabber : 0
MacRxErr : 0
Output:
Packets : 1017 Bytes:
125470
Unicasts : 0 Multicasts: 1017
Broadcasts: 0
Collision: 0
LateCollision: 0
Total:
64B : 20 65-127B : 975
128-255B : 360
256-511B : 0 512-1023B : 0
1024-1518B: 0
ZXR10#
Use the following commands to clear port statistical information
Command format Command Mode Command function:
clear counter [<port-name>] Privileged Clear statistical information of specified ports
2. Show configuration information of Ethernet port
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
64 Confidential and Proprietary Information of ZTE CORPORATION
Command format Command Mode Command function:
show running-config interface <port-name>
All modes except user mode
Show configuration information of Ethernet port
Example: Show configuration information of port fei_2/4.
ZXR10(config)#show running-config interface fei_2/4
Building configuration...
interface fei_2/4
negotiation auto
broadcast-limit 10
switchport access vlan 1
switchport qinq normal
ZXR10(config)#
Line Diagnosis Analysis Test ZXR10 T160G/T64G supports cable line diagnosis analysis test function, which could detect the anomaly of line or line connection and locate the exact position of cable fault, facilitating network management and locating fault.
Both fast Ethernet electrical interface and gigabit Ethernet electrical interface are connected to other devices by network wire. There are four pairs of twisted pair cables in the network wire, in which, fast Ethernet electrical interface uses 1-2 and 3-6 twisted pair cables, gigabit Ethernet electrical interface uses all the four pairs of twisted pair cables including 1-2, 3-6, 4-5 and 7-8. Line detection can detect the status of every twisted pair cable, which are listed below:
1. Open: Open circuit
2. Short: Short circuit
3. Mismatch: Circuit impedance mismatched
4. Good: The circuit is in good condition
5. Broken: the circuit is open or short
6. Unknown: The result is unknown or undetected
7. Fail: Detection failed
If the circuit is faulty, the test result will output the location of circuit fault; if the circuit is in good condition, the approximate length of the normal circuit will be presented.
Configuring line diagnosis analysis test is not required; run command show in privileged or global mode directly.
Command format Command Mode Command function:
show vct interface <port-name> All modes Run specified line diagnosis
Chapter 6 Port Configuration
Confidential and Proprietary Information of ZTE CORPORATION 65
except user mode
analysis test
Example: Detect line of port gei_3/1
ZXR10(config)#show vct interface gei_3/1
CableStatus Fault
Pair 1-2 3-6 4-5 7-8
Status Open Open Good Good
Length 4m 4m <50m <50m
ZXR10(config)#
Note:The related ports will be restarted when using line diagnosis analysis test, the link will disconnect and then become normal. It is usually for testing faulty ports, please be cautious if the port is connected with users.
Port Mirroring Configuration Port Mirroring Overview The port mirroring function copies the data of one or more ports (mirrored ports) in the switch to a designated port (monitoring port). It can retrieve the data of mirrored port in the monitoring port via mirroring. Through which it can perform network flow analysis, and error diagnosis.
Using port mirroring function in the ZXR10 T160G/T64G should comply with the following rules:
Supports up to 8 groups of port mirroring, each can support up to 8 mirrored ports.
In one interface board, maximally one group of port mirroring can be configured.
Supports cross-interface-board port mirroring, i.e. the mirrored port and the monitoring port can be in different interface boards, here, the switch can be configured with one port mirroring at most.
Monitor the data transmitted or received by the mirrored port only.
Port Mirroring Configuration Port mirroring configuration covers:
Create a session
Command format Command Command function:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
66 Confidential and Proprietary Information of ZTE CORPORATION
Mode
monitor session <session-number> Global Create a session
Set mirrored port
Command format Command Mode Command function:
monitor session <session-number> source [direction {both|tx|rx}] Port Set mirrored port and data flow
direction
Set monitoring port
Command format Command Mode Command function:
monitor session <session-number> destination Port Set monitoring port
Show configuration and status of port mirroring
Command format Command Mode Command function:
show monitor session {all|<session-number>}
All modes except user mode
Show port mirroring configuration of all groups or specified group
Example of Configuring Port As shown in Figure 31, port gei_3/3 is connected with a computer, monitoring the data received by gei_1/1 and the data received and transmitted by gei_1/2.
F I G U R E 31 EXAMPLE OF PORT MIRRORING
gei_1/2gei_1/1
gei_3/3Switch
Switch configuration:
ZXR10(config)#interface gei_1/1
ZXR10(config-if)#monitor session 1 source direction rx
ZXR10(config)#interface gei_1/2
ZXR10(config-if)#monitor session 1 source
ZXR10(config)#interface gei_3/3
ZXR10(config-if)#monitor session 1 destination
Chapter 6 Port Configuration
Confidential and Proprietary Information of ZTE CORPORATION 67
Show configuration of port mirroring
ZXR10(config)#show monitor session 1
Session 1
-----------------------------------------------
Source Ports:
Port: gei_1/1 Monitor Direction: rx
Port: gei_1/2 Monitor Direction: both
Destination Port:
Port: gei_3/3
-----------------------------------------------
ZXR10(config)#
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
68 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 69
C h a p t e r 7
VLAN Configuration
This chapter introduces basic operation of VLAN configuration in ZXR10 T160G/T64G, and VLAN extended configuration including PVLAN, QinQ and SuperVLAN. It covers:
VLAN overview
VLAN Configuration
Example of VLAN configuration
PVLAN Configuration
QinQ configuration
SuperVLAN configuration
VLAN maintenance and diagnosis
VLAN Overview Virtual Local Area Network (VLAN) is a technology dividing physical network into multiple logical (virtual) LAN. Every VLAN has a VLAN identifier (VID).
Taking advantage of VLAN technology, network administrators can divide the users in the same physical LAN into different broadcast domain (one broadcast domain is one VLAN), ensuring that the users with the same demands belong to same broad domain and users with different demands belong to different broadcast domain. Every VLAN is like an independent LAN logically, having the same attribute with physical LAN. All broadcast and unicast traffic in the same VLAN are restricted to the VLAN instead of being forwarded to other VLAN. The communication between devices belonging to different VLAN must be forwarded by the layer3 routers
The features of VLAN are as follows:
Reduce broadcast traffic in the network
Enhance network security
Simplify network management and control
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
70 Confidential and Proprietary Information of ZTE CORPORATION
VLAN Types The type of VLAN is determined by the method dividing a received frame to a specific VLAN. ZXR10 T160G/T64G presently supports port-based VLAN, which is the most simple and effective method. It assigns ports of switching equipment to different VLAN; consequently, the traffic received from the port belongs to the VLAN connected to the port. For example, if port 1, port 2 and port 3 belong to the same VLAN, and other ports belong to other VLANs, the frame received by port 1 can be transmitted over port 2 and port 3 exclusively. If a user in VLAN move to a new place, it does not belong to the old VLAN unless VLAN is reconfigured.
VLAN Tab Multiple VLAN services can be transmitted in one link if the VLAN that the frame resides in can be presented in a certain method when frame is transmitting in the network. IEEE 802.1Q implements the function by inserting a VLAN tag into Ethernet frame structure.
The VLAN tag is 4-byte long, in Ethernet frame, its location is behind source MAC address, and before length/type segment. The format of VLAN tag is shown in Figure 32.
F I G U R E 32 TH E FO R M AT O F VL AN T AG
TPID (2 Bytes) TCI (2 Bytes)
VIDPriority CFI
7 5 4 0 7 0
VLAN tag is most frequently applied in the case of cross-switch creating VLAN, here the connection between switches is called Trunk. Cross-multiple-switch VLAN can be created via one or more trunks after applying tag. When the port connected to the switch receives a tagged frame, it can judge which VLAN the frame belongs to according to VLAN tag.
Every 802.1Q port is allocated with a default VLAN ID, which is called PVID. When the port receives untagged frame, the frame is considered to belong to port default VLAN, and forwarded in the VLAN.
ZXR10 T160G/T64G supports IEEE 802.1Q standard tag.
VLAN Link Type ZXR10 T160G/T64G port supports the following three kinds of connection modes
Access link
Chapter 7 VLAN Configuration
Confidential and Proprietary Information of ZTE CORPORATION 71
Access link is used to connect the devices (e.g. workstation) that cannot identify VLAN tag to VLAN switch port. It only transmits untagged VLAN frame and is associated with only one VLAN.
Trunk Link
Trunk link is for connecting two devices that can identify VLAN tag and transmits multiple VLAN services. It only transmits tagged VLAN frame and can bear multiple VLANs. The most popular trunk link is one connecting two VLAN switches.
Hybrid Link
Hybrid link can transmit tagged and untagged frames. However, for a specific VLAN, all frames transmitted by the hybrid link must be the same type.
Default VLAN ZXR10 T160G/T64G initially has a default VLAN with the following features:
The VLAN ID of default VLAN is 1.
The name of default VLAN is VLAN0001.
The default VLAN contains all ports.
All ports of default VLAN is untagged by default.
VLAN Configuration The basic configuration of VLAN covers:
Create Single VLAN
Command format Command Mode Command function:
vlan {<vlan-id>|<vlan-name>} Global Create VLAN and access VLAN configuration mode
Create VLAN in batch
Command format Command Mode Command function:
vlan <vlan-list> [name <vlan-name>]
VLAN database Create VLAN in batch
Set VLAN byname
VLAN byname is for distinguishing VLANs, which could be group name, department or region. By default, VLAN byname is VLAN + VLAN ID, in which VLAN ID is 4 digits, if it is less than 4 digits, zeros will be added to make it a digit length of 4, for example, the VLAN byname is VLAN0004 by default if the ID is 4.
Command format Command Mode Command function:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
72 Confidential and Proprietary Information of ZTE CORPORATION
name <vlan-name> VLAN Specify VLAN byname
Set VLAN link types of Ethernet port
VLAN link types of ZXR10 T160G/T64G Ethernet port include: Access mode, Trunk mode and Hybrid mode, the default is Access mode.
The port of access mode, which is untagged, can only belong to one VLAN, it usually serves as the port connecting computer.
Trunk mode port, which must be tagged, can belong to multiple VLANs; it can receive and transmit message of multiple VLANs; usually it serves as trunk port of connection between switches.
Hybrid mode port can belong to multiple VLANs, whether it should be tagged is determined by the user; it can receive and transmit message of multiple VLANs; it can be applied in connection between switches and can also be applied in connecting user computer.
The difference between hybrid port and trunk port lies in: Hybrid port can transmit tagged or untagged frame, while trunk port untagged when transmitting default VLAN message.
Command format Command Mode Command function:
switchport mode {access|trunk|hybrid} Port Set VLAN link types of the port
Add Ethernet port to specified VLAN
Access port can only be added to one VLAN, while trunk port and hybrid port can be added to multiple VLANs.
Command format Command Mode Command function:
switchport access vlan {<vlan-id>|<vlan-name>} Port Add Access port to specified
VLAN
switchport trunk vlan <vlan-list> Port Add Trunk port to specified VLAN
switchport hybrid vlan <vlan-list> [tag|untag] Port Add hybrid port to specified
VLAN
Set native VLAN(PVID) of Ethernet port
Access port belongs to only one VLAN, so its native VLAN is the VLAN it resides in, it is not necessary to set.
Trunk port and hybrid port belong to multiple VLANs, so it is necessary to set native VLAN. If the port native VLAN is set, when the port cannot receive frame without VLAN tag, forward the frame to the port belonging to the native VLAN. By default, the native VLAN of trunk port and hybrid port is VLAN 1.
Command format Command Mode Command function:
switchport trunk native vlan {<vlan-id>|<vlan-name>} Port Set native VLAN of trunk port
switchport hybrid native vlan {<vlan-id>|<vlan-name>} Port Set native VLAN of hybrid port
Chapter 7 VLAN Configuration
Confidential and Proprietary Information of ZTE CORPORATION 73
Add VLAN member ports in batch
Command format Command Mode Command function
switchport {pvid|tag|untag} <port-list> VLAN Add VLAN member ports in batch
Switchport PVID is valid for all types of ports including Access, Trunk and Hybrid. All the PVIDs of selected ports become VLAN ID of specified VLAN after running the configuration.
Switchport tag is valid for Trunk and Hybrid ports.
Switchport untag is valid for Hybrid port.
Set port VLAN filtration
After enabling entrance filtration, if the entrance port is not included in the VLAN member set that the port-received frame belongs to, the frame will be discarded. By default, VLAN entrance filtration is enabled.
Command format Command Mode Command function
ingress filtering {enable|disable} Port Set port VLAN filtration mode
Port frame type filtration
Configuration port can accept all frames (including untagged and tagged frames) or only accept tagged frame. By default, it receives all frames.
Command format Command Mode Command function
acceptable frame types {all|tag} Port Set port-acceptable frame types
Create VLAN Layer3 interface
This VLAN must be created before creating VLAN layer3 interface.
Command format Command Mode Command function
interface {vlan <vlan-id>|<vlan-if>} Global Create VLAN layer3 interface
Open/Close VLAN Layer3 Interface
Open/Close VLAN Layer3 interface is to open/close VLAN Layer3 forwarding function, imposing no impact on the member ports of this VLAN. By default, when all Ethernet ports are in down status, the VLAN interface status is down; when one or more Ethernet ports are in up status, the VLAN interface status is up. The VLAN interface in up status can be shut forcibly.
Command format Command Mode Command function
shutdown VLAN interface Shut VLAN layer3 interface
no shutdown VLAN interface Open VLAN layer3 interface
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
74 Confidential and Proprietary Information of ZTE CORPORATION
Example of VLAN Configuration As shown in Figure 33, ports gei_3/1 and gei_3/2 of switch A and ports gei_7/1 and gei_7/2 of switch B belong to VLAN 10; ports gei_3/4 and gei_3/5 of switch A and gei_7/4 and gei_7/5 of switch B belong to VLAN 20, all are Access ports. The two switches are connected via ports gei_3/24 and gei_7/24 by trunk mode; the two ports are trunk ports.
F I G U R E 33 TY P I C AL N E T W O R K I N G O F VLAN
Vlan 10 Vlan 20
Trunkvlan 10,20
gei_3/24 gei_7/24
Vlan 10 Vlan 20
Switch BSwitch A
gei_3/1gei_3/2 gei_3/5
gei_3/4 gei_7/1gei_7/2 gei_7/5
gei_7/4
Switch A configuration:
ZXR10_A(config)#vlan 10
ZXR10_A(config-vlan)#switchport pvid gei_3/1-2
ZXR10_A(config)#vlan 20
ZXR10_A(config-vlan)#switchport pvid gei_3/4-5
ZXR10_A(config)#interface gei_3/24
ZXR10_A(config-if)#switchport mode trunk
ZXR10_A(config-if)#switchport trunk vlan 10
ZXR10_A(config-if)#switchport trunk vlan 20
Switch B configuration:
ZXR10_B(config)#vlan 10
ZXR10_B(config-vlan)#switchport pvid gei_7/1-2
ZXR10_B(config)#vlan 20
ZXR10_B(config-vlan)#switchport pvid gei_7/4-5
ZXR10_B(config)#interface gei_7/24
ZXR10_B(config-if)#switchport mode trunk
ZXR10_B(config-if)#switchport trunk vlan 10
ZXR10_B(config-if)#switchport trunk vlan 20
Chapter 7 VLAN Configuration
Confidential and Proprietary Information of ZTE CORPORATION 75
PVLAN Configuration To isolate messages of users for better network security, the traditional solution is to assign a VLAN to each user. The limitations of this method are as follows:
Presently, the maximum number of VLAN supported by IEEE 802.1Q standard is 4094, so the number of users is limited; consequently, it goes against network expansion.
Each VLAN is corresponding to one IP subnet, so a large quantity of subnets divided is a waste of IP addresses.
Planning and management of a large quantity of VLAN and IP subnets complicates network management.
The new technology PVLAN (Private VLAN) solves all the problems.
PVLAN classifies ports in VLAN into two categories: Isolate port connecting with users, and Promiscuous port uplinking router. Isolate port can communicate with promiscuous port only, the communication between them are disabled. So, ports in the same VLAN are isolated, users can only communicate with default gateway, as a result, the network security is ensured.
ZXR10 T160G/T64G supports 20 PVLAN groups, each group can select any port to isolate from each other. At most 8 ports can be selected to be uplink port.
Use the following commands to configure PVLAN:
Command format Command Mode Command function
vlan private-map session-id <id> [isolate <port-list>] [promis <port-list>]
Global Configure Isolate port and Promiscuous port
Use the following command to show PVLAN configuration:
Command format Command Mode Command function
show vlan private-map All modes except user mode
Show PVLAN configuration
Two Isolate groups are configured in the following configuration example:
Isolate group 1: gei_3/1, gei_3/2, fei_7/4 and fei_7/5 are isolate ports; gei_5/10 is promiscuous port.
Isolate group 2: gei_3/7, gei_3/8, fei_7/10 and fei_7/11 are isolate ports; gei_5/12 is promiscuous port.
The detailed configuration is as follows:
ZXR10(config)#vlan private-map session-id 1 isolate gei_3/1-2,fei_7/4-5 promis gei_5/10
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
76 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10(config)#vlan private-map session-id 2 isolate gei_3/7-8,fei_7/10-11 promis gei_5/12
ZXR10(config)#show vlan private-map
Session_id Isolate_Ports Promis_Ports
---------- ------------------------ ------------------------
1 gei_3/1-2,fei_7/4-5, gei_5/10
2 gei_3/7-8, gei_5/12
ZXR10#
QinQ Configuration QinQ is a vivid name for the tunnel protocol based on IEEE 802.1Q encapsulation, which is also called VLAN stack. QinQ technology is to add a VLAN tag (outer tag) other than old VLAN tag (inner tag), the outer tag can shield the inner tag.
QinQ requires no support from protocol, by which L2VPN can be realized; it is particularly suitable for the small LAN with layer3 switch as the backbone.
The typical networking or QinQ technology is shown in Figure 34. The port connecting user network is called customer port; the port connecting SP network is called uplink port; the edge access device of SP network is called Provider Edge (PE).
F I G U R E 34 TY P I C AL Q I N Q N E T W O R K I N G
User Network 2CVLAN 1~100
SPVLAN 10customer port
SPVLAN 10uplink port
Switch APE PE
Switch B
User Network 1CVLAN 1~100
SPVLAN 10customer port
SPVLAN 10uplink port
SP Network
SPVLAN: Service Provider VLAN: CVLAN: Customer VLAN
The user network is usually accessed to PE via Trunk VLAN mode; Uplink ports in Service Provider (SP) network are symmetrically connected via Trunk VLAN mode.
When message reaches customer port of switch A from user network 1, no matter the message is tagged or untagged, switch A inserts outer tag (VLAN ID is 10) forcibly. In the SP network, the message transmits along VLAN 10 ports until it reaches switch B. Switch B finds that the port connecting user network 2 is customer port, so it peels off the outer tag according to
Chapter 7 VLAN Configuration
Confidential and Proprietary Information of ZTE CORPORATION 77
traditional 802.1Q, resumes the original message and transmits it to user network 2.
As a result, user network 1 and 2 can perform transparent transmission via SP network; user network can define its own private network VLAN ID, which will not cause conflict with SP network VLAN ID.
Use the following command to configure QinQ:
Command format Command Mode Command function
switchport <port-list> qinq {normal|uplink|customer|tpid <tpid>}
Global configure QinQ function of specified port
switchport qinq {normal|uplink|customer|tpid <tpid>}
Port Configure port QinQ function
Note:
When configuring QinQ, customer port of SPVLAN should be set to be untagged and uplink port should be set to be tagged.
Use the following command to view QinQ configuration information:
Command format Command Mode Command function
show qinq All modes except user mode
Show QinQ configuration information
As shown in Figure 34, assuming customer port of switch A is gei_3/1, uplink port is gei_3/24; if customer port of switch B is gei_7/1, uplink port is gei_7/24.
Switch A configuration:
ZXR10_A(config)#vlan 10
ZXR10_A(config)#interface gei_3/1
ZXR10_A(config-if)#switchport qinq customer
ZXR10_A(config-if)#switchport access vlan 10
ZXR10_A(config)#interface gei_3/24
ZXR10_A(config-if)#switchport qinq uplink
ZXR10_A(config-if)#switchport mode trunk
ZXR10_A(config-if)#switchport trunk vlan 10
Switch B configuration:
ZXR10_B(config)#vlan 10
ZXR10_B(config)#interface gei_7/1
ZXR10_B(config-if)#switchport qinq customer
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
78 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_B(config-if)#switchport access vlan 10
ZXR10_B(config)#interface gei_7/24
ZXR10_B(config-if)#switchport qinq uplink
ZXR10_B(config-if)#switchport mode trunk
ZXR10_B(config-if)#switchport trunk vlan 10
SuperVLAN Configuration Traditional ISP network assigns one IP subnet to each user. Three IP addresses are occupied when one subnet is assigned, which respectively serve as subnet number, broadcast address and default gateway. A large quantity of unassigned IP addresses in the user subnets cannot be assigned to other users. Obviously this method is a waste of IP address.
SuperVLAN solves the problem effectively. It converges multiple VLANs (called subvlan) into a SuperVLAN; all the subvlans use the same IP subnet and default gateway.
Taking advantage of SuperVLAN technology, what is needed for ISP is to assign one IP subnet for SuperVLAN and create one subvlan for each user; all subvlans can assign IP addresses in SuperVLAN subnet flexibly and use SuperVLAN default gateway. Every subvlan is an independent broadcast domain, ensuring isolation between different users; communication between subvlans is routed via SuperVLAN.
SuperVLAN configuration of ZXR10 T160G/T64G covers:
Create SuperVLAN
Command format Command Mode Command function
interface supervlan <supervlan-id> Global Create SuperVLAN and access SuperVLAN configuration mode
Add sub-VLAN
One SuperVLAN can be bound with up to 8 VLANs. The sub-VLAN cannot be bound if it is configured to be Layer 3 interface.
Command format Command Mode Command function
supervlan <supervlan-id> VLAN Bind VLAN with specified SuperVLAN
Open/close inter-subvlan routing function
Inter-sub-VLANs routing function is enabled by default. After using the command, the inter-subVLANs communication is disabled, but sub-VLAN remains communication with outside of SuperVLAN.
Command format Command Mode Command function
inter-subvlan-routing SuperVLAN Open/close inter-sub-VLANs
Chapter 7 VLAN Configuration
Confidential and Proprietary Information of ZTE CORPORATION 79
{enable|disable} routing function
View SuperVLAN configuration information
Command format Command Mode Command function
show supervlan [<supervlan-id>]
All modes except user mode
Show SuperVLAN configuration information
As shown in Figure 35, configure SuperVLAN in switch A, assigning subnet 10.1.1.0/24, gateway is 10.1.1.1. Configure two sub-VLANs in switch B, including VLAN 2 and VLAN 3, belonging to SuperVLAN. Switch A is connected to switch B via Trunk port.
F I G U R E 35 E X AM P L E O F S U P E R VLAN C O N F I G U R AT I O N
Switch A
…
VLAN 2
…
VLAN 3SubVLAN
SuperVLAN10.1.1.0/24
gei_3/1gei_3/10gei_5/1
gei_5/10
gei_7/10
gei_8/10Switch B
Switch A configuration:
*Create superVLAN , assign subnet and specify gateway */
ZXR10_A(config)#interface supervlan 10
ZXR10_A(config-int)#ip address 10.1.1.1 255.255.255.0
/*Add SubVLAN to SuperVLAN*/
ZXR10_A(config)#vlan 2
ZXR10_A(config-vlan)#supervlan 10
ZXR10_A(config)#vlan 3
ZXR10_A(config-vlan)#supervlan 10
/*Set vlan trunk port*/
ZXR10_A(config)#interface gei_7/10
ZXR10_A(config-int)#switch mode trunk
ZXR10_A(config-int)#switch trunk vlan 2-3
Switch B configuration:
ZXR10_B(config)#interface gei_3/1
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
80 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_B(config-int)#switch access vlan 2
ZXR10_B(config)#interface gei_3/10
ZXR10_B(config-int)#switch access vlan 2
ZXR10_B(config)#interface gei_5/1
ZXR10_B(config-int)#switch access vlan 3
ZXR10_B(config)#interface gei_5/10
ZXR10_B(config-int)#switch access vlan 3
ZXR10_B(config)#interface gei_8/10
ZXR10_B(config-int)#switch mode trunk
ZXR10_B(config-int)#switch trunk vlan 2-3
VLAN Maintenance and Diagnosis ZXR10 T160G/T64G provides related show commands for easier VLAN maintenance and diagnosis.
Command format Command Mode Command function
show vlan [brief|access|trunk|hybrid|id <vlan-id> [ifindex]|name <vlan-name> [ifindex]]
All modes except user mode
View VLAN configuration
Taking advantage of the command, you can view the information of all VLANs, VLAN with specified ID, and VLAN with specified name; you can also view the information of the VLAN with port mode of Access, Trunk and Hybrid. Two examples are presented:
View configuration information of all VLANs
ZXR10(config)#show vlan
VLAN Name Status Said MTU IfIndex PvidPorts UntagPorts TagPorts
------------------------------------------------------------------
1 VLAN0001 active 100001 1500 0 gei_7/5-12
10 VLAN0010 active 100010 1500 0 gei_7/1-3
100 VLAN0100 active 100100 1500 0 gei_7/3-4
130 VLAN0130 active 100130 1500 0 gei_7/4 gei_7/4
136 VLAN0136 active 100136 1500 0 gei_7/4
200 VLAN0200 active 100200 1500 0 gei_7/3
ZXR10(config)#
View information of all VLANs whose port mode is Trunk
ZXR10(config)#show vlan trunk
VLAN Name Status Said MTU IfIndex PvidPorts UntagPorts TagPorts
------------------------------------------------------------------
Chapter 7 VLAN Configuration
Confidential and Proprietary Information of ZTE CORPORATION 81
1 VLAN0001 active 100001 1500 0
10 VLAN0010 active 100010 1500 0 gei_7/3
100 VLAN0100 active 100100 1500 0 gei_7/3
130 VLAN0130 active 100130 1500 0
136 VLAN0136 active 100136 1500 0
200 VLAN0200 active 100200 1500 0 gei_7/3
ZXR10(config)#
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
82 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 83
C h a p t e r 8
MAC Table Operation
This chapter describes the content and related knowledge of MAC address table and related configuration of MAC address table in ZXR10 T160G/T64G. It covers:
MAC address table overview
MAC Address table Configuration
Examples of MAC address table configuration
MAC Address Table Overview Media Access Control (MAC) address is the hardware identifier of network device, based on which, the switch forwards message. MAC address is unique, ensuring proper forwarding of message.
Every switch maintains one MAC address table. In this table, MAC address and switch port have one-to-one correspondence. When the switch receives data frame, it determines filtering or forwarding it to correspondent switch port. MAC address table is the basis and prerequisite of fast forwarding for the switch.
The Composition and Meaning of MAC Address Table The entry of MAC address table is uniquely identified by MAC address and VLAN ID; the entries with identical MAC address and VLAN ID are considered to be the same entry. Entries of MAC address table in ZXR10 T160G/T64G cover:
MAC address: e.g. 00D0.8756.95CA.
VLAN ID: If a port is set to belong to multiple VLANs, the same MAC address will correspond to multiple VLAN ID.
Port Number: Such as gei_2/3, smartgroup1.
Other related flags: indicating status and operation of MAC address
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
84 Confidential and Proprietary Information of ZTE CORPORATION
Related flags of MAC address entries in ZXR10 T160G/T64G include the following five categories:
Static: indicating whether MAC address is static
Permanent: Indicating permanent MAC address
to-static: Indicating whether MAC address is burnt in
src_filter: Indicating whether filtering the frame of source MAC address
dst_filter: Indicating whether filtering the frame of target MAC address
When the switch is performing layer2 forwarding, it searches MAC address table and VLAN table according to target MAC address of data frame with the purpose of knowing the destination port of the data frame forwarding.
When the switch is performing Layer 3 fast forwarding, after it gets MAC address corresponding to next-hop IP address, it also needs to know the destination port of the packet forwarding by searching MAC address table.
MAC Address Categories MAC address in MAC address table in ZXR10 T160G/T64G can be classified into the following three categories:
Dynamic MAC address
The switch learns the dynamic MAC address via data frame in the network, and the dynamic address will be deleted when aging time is approaching. When the switch port connected with the device changes, the correspondence between MAC address in the MAC address table and port will also change correspondingly. Dynamic MAC address will disappear when the switch is powered off and restarted; it has to be re-learnt.
Static MAC address
Static MAC address is generated via configuration, so it will not be aged. No matter how the switch port connected with the device changes, the correspondence between MAC address in the MAC address table and port will never change. Static MAC address will also disappear when the switch is powered off and restarted; it has to be reconfigured.
Permanent MAC address
Permanent MAC address is also generated via configuration, so it will not be aged. No matter how the switch port connected with the device changes, the correspondence between MAC address in the MAC address table and port will never change. Saved permanent MAC address will not disappear after the switch is powered off and restarted.
MAC Address Table Creation and Deletion Initially, the MAC address table of the switch is blank. MAC address table must be created for fast forwarding. Meanwhile, the switch has to delete old
Chapter 8 MAC Table Operation
Confidential and Proprietary Information of ZTE CORPORATION 85
MAC address table entries and upgrade changed entries owing to limited MAC address table capacity and frequent replacement of network devices.
Dynamic Learning The switch learns dynamic MAC address in MAC address table. The process that the switch learns MAC address is as follows:
The switch will analyze the source MAC address and VLAN ID (Assuming MAC1+VID1) when a port receives a data frame. If the MAC address is legal and can be learnt, search MAC address table with MAC1+VID1 as key value. If the address is unavailable in the MAC address table, add it to the table; if the address is available in the MAC address, update the entries.
Note: MAC address learning is to learn source MAC address of data frame rather than
destination MAC address.
MAC address learning learns unicast address only, for broadcast and multicast addresses, it doesn’t learn.
MAC Address Aging The capacity of MAC address table is limited. In order to utilize MAC address table resources effectively, the switch provides MAC address aging function.
If the switch doesn’t receive data frame transmitted by a certain device in a period of time (the set aging time), namely, it doesn’t receive the data frame whose source MAC address is this device’s MAC address, the switch will think that the device has left the network or no network communication is being performed. Here, the switch will delete MAC address of the device from the MAC address table, by which, the switch MAC address table can be updated in time.
MAC address aging can be applicable to dynamic MAC address only.
Adding and Deleting Manually If the network is relatively stable, and the switch port connected with a device is always fixed, directly add MAC address entries to switch MAC address table via configuration command MAC address can be configured to be one of the three categories: dynamic, static, and permanent. Adding static or permanent MAC address can prevent MAC-cheat network attack..
The added MAC addresses can be deleted via MAC address deletion command. Use deletion command in ZXR10 T160G/T64G to forcibly delete MAC address learnt dynamically, to let it relearn.
MAC Address Table Configuration The switch MAC address table can run normally using default setup. Appropriate configuration to MAC address table can enhance network stability.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
86 Confidential and Proprietary Information of ZTE CORPORATION
The configuration of MAC address table covers:
Setting MAC Address Aging Time The setup of MAC address aging time will affect the switch performance.
If the set MAC address aging time is too short, the switch may delete many valid MAC address table entries, causing that the switch broadcast cannot find the destination MAC address message, occupying the bandwidth of the switch.
If the set MAC address aging time is too long, the switch may save a lot of outdated MAC address table entries thus exhaust MAC address table resources, which may cause that new MAC address cannot be added to MAC address table. Consequently, forwarding will also be affected.
Use the following command to configure MAC address aging time.
Command format Command Mode Command function
mac aging-time <time> Global Setting dynamic MAC address aging time
The default aging time of MAC address in ZXR10 T160G/T64G is 300s; the configurable range is 10s~630s.
Burning MAC Address If the network is stable after a period of running, the position of device connected with switch port is fixed, namely, port corresponding to MAC address in switch MAC address table is fixed. MAC address can be burnt.
Burning MAC address is to convert all dynamic MAC addresses in the MAC address table into static; the converted address will not take part in aging. At the same time, if the data frame whose source MAC address is converted MAC address appears in other ports, the switch will not relearn.
The configuration command of burning MAC address is as follows:
Command format Command Mode Command function
mac to-static [interface <interface-name>|smartgroup <smartgroup-id> {disable|enable}
Global Continue/cancel burning MAC address
Note: These MAC addresses will not be saved permanently after burning MAC address; it will disappear when the switch is powered off and restarted.
Chapter 8 MAC Table Operation
Confidential and Proprietary Information of ZTE CORPORATION 87
Binding MAC Address to Port In ZXR10 T160G/T64G, add static or permanent MAC address to MAC address table via configuration to implement MAC address binding in the port. After binding MAC address, the correspondence between MAC address and port is fixed, and the address will not be learnt. The binding relationship will not be terminated until the address is deleted manually.
The configuration command of binding port MAC address is as follows:
Command format Command Mode Command function
mac add {static|permanent} <mac-address> {ethernet <port-name>|smartgroup <smartgroup-id>} [vlan <vlan-id>]
Global Add MAC address.
mac delete {<mac-address>|ethernet <port-name>|smartgroup <smartgroup-id>} [<vlan-id>]
Global Delete MAC address
Note: If specified VLAN ID is unavailable when adding MAC address, add according to
PVID or the port.
When deleting MAC address, if specified port and VLAN ID are unavailable, delete all MAC address items matching with MAC-address parameters.
Enable Port MAC Address Learning By default, the MAC address learning function of switch port is enabled; the port can freely learn MAC address dynamically. If the devices connected with switch ports are all fixed, MAC address binding can be performed. Configure manually all possible MAC addresses in the port, and then disable port MAC address learning.
The configuration command of port MAC address learning is as follows:
Command format Command Mode Command function
mac learning ethernet <port-name> {disable|enable} Global Set port mac address learning
Limit Number of Port MAC Address The capacity of switch MAC address table is limited, when the number of users is large, reaching the maximum capacity, we can limit the number of MAC addresses that the low-priority-user-resident port can learn.
By limiting number of port MAC addresses, network attacks that attempts to flood or overflow the MAC address table can be prevented.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
88 Confidential and Proprietary Information of ZTE CORPORATION
The configuration command of limiting number of MAC addresses is as follows:
Command format Command Mode Command function
mac limit-num [ethernet <port-name>] <max-number> Global Limit number of port mac
address
By default, the switch imposes no restriction on number of port MAC addresses. Configured number of port MAC address restriction can be cancelled by setting the number of restricted MAC address to be zero.
Port MAC Address Learning Protection ZXR10 T160G/T64G provides the function of port MAC address learning protection. When detecting MAC address learning anomaly, the switch will protect the MAC address learning of this port for a period of time. Once the port enters protection status, it will not learn new address; when the protection time is up, the port enters MAC learning status again.
Setting port MAC address learning protection in ZXR10 T160G/T64G requires the following procedures:
Set number restriction of port MAC address learning
Open the enable switch of port MAC address learning protection.
Set the protection time of protected port.
The detailed configuration command is as follows:
Command format Command Mode Command function
mac protect [ethernet <port-name>] {disable|enable} Global Set port MAC address learning
protection
mac protect time <time> Global Set port MAC address learning protection time
By default, the switch port MAC address learning function is disabled. Please reserve sufficient margin when configuring number restriction of port MAC address in order to use port MAC address learning protection function.
MAC Address Filtering To prevent invasion of illegal users, ZXR10 T160G/T64G supports data frame filtering according to MAC address, which covers the following three categories:
Match only source MAC address of data frame, namely, if the source MAC address of data frame is the set MAC address, the filtration will be performed.
Match only destination MAC address of data frame, namely, if the destination MAC address of data frame is the set MAC address, the filtration will be performed.
Chapter 8 MAC Table Operation
Confidential and Proprietary Information of ZTE CORPORATION 89
Match source or destination MAC address of data frame, namely, if the source or destination MAC address of data frame is the set MAC address, the filtration will be performed.
The configuration command of MAC address filtering is as follows:
Command format Command Mode Command function
mac filter {source|both|destination} <mac-address> <vlan-id>
Global Set filtration according to MAC address
Inputting port name is not needed when configuring MAC address filtration, for the switch will filter data frame from any port. Deleting the MAC address will cancel the configured MAC address filtration.
View MAC Address Table View MAC address table entries via the following command, the displayed MAC addresses include dynamically learnt address and manually added address.
Command format Command Mode Command function
show mac [dynamic|static|permanent|to-static | src-filter|dst-filter|<mac-address>|interface <interface-name>|vlan <vlan-id>]
All modes Show MAC address entries
Example: Show all MAC address table entries.
ZXR10(config)#show mac
Total mac address : 6
MAC_Address port vid static locked src_filter dst_filter
------------------------------------------------------------------
0000.0000.0018 fei_8/6 200 0 0 0 0
0000.0000.2222 1 1 1 1 0
0000.0000.0022 fei_8/14 888 0 0 0 0
0000.0000.1111 gei_3/3 888 1 0 0 0
0000.0000.3333 gei_3/3 888 1 1 0 0
0000.0000.0021 fei_8/12 888 0 0 0 0
------------------------------------------------------------------
ZXR10(config)#
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
90 Confidential and Proprietary Information of ZTE CORPORATION
Examples of MAC Address Table Configuration As shown in Figure 36, switch A and switch B are connected via convergence link smartgroup1, switch B is connected with three PCs and one ZXR10 2826E, the detailed data is as follows:
Device MAC Address Switch Port VLAN
PC1 0X00D0.8765.95CA fei_2/1 1
PC2 0X00D0.8765.95CB fei_2/3 2
PC3 0X00D0.8765.95CC fei_2/5 3
ZXR10 2826E ---------- fei_2/7 4
PC1, PC2 and PC3 serve as servers; MAC address should be bound with port of switch B. Owing to the large number of users connected to ZXR10 2826E, port MAC address learning protection should be set in the corresponding ports of switch B. The protected number is 1000, protection time is 120s. The MAC address aging time of switch B should be set to be 180s.
F I G U R E 36 E X AM P L E O F MAC AD D R E S S TAB L E C O N F I G U R AT I O N
PC 1ZXR10 2826E
Smartgroup1
Switch A
Switch B
PC 2 PC 3
Switch B configuration:
/*Configure port MAC address binding*/
ZXR10_B(config)#mac add permanent 00D0.8765.95CA ethernet fei_2/1 vlan 1
ZXR10_B(config)#mac add permanent 00D0.8765.95CB ethernet fei_2/3 vlan 2
ZXR10_B(config)#mac add permanence 00D0.8765.95CC ehernet fei_2/5 vlan 3
/*Configure port MAC address learning protection*/
ZXR10_B(config)#mac limit-num ethernet fei_2/7 1000
Chapter 8 MAC Table Operation
Confidential and Proprietary Information of ZTE CORPORATION 91
ZXR10_B(config)#mac protect ethernet fei_2/7 enable
ZXR10_B(config)#mac protect time 120
/*Configure MAC address aging time*/
ZXR10_B(config)#mac aging-time 180
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
92 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 93
C h a p t e r 9
STP Configuration
This chapter describes the content and related knowledge of STP protocol and related configuration in ZXR10 T160G/T64G. It covers:
STP Overview
Configuring STP
Examples of configuring STP
STP maintenance and diagnosis
STP Overview Spanning Tree Protocol (STP) is applicable to loop network. It can block some redundant paths via specific algorithm, prune loop network into loop-free tree topology, to prevent the message proliferation and endless cycling in the loop network.
STP protocol is implemented via participating in exchanging BPDU (Bridge Protocol Data Unit) of all STP switches in a extended LAN. The following operations can be implemented via exchanging BPDU messages:
1. Select a root bridge in a stable SPT topology.
2. Select a specified switch in every switching network.
3. Set the redundant switch port to be Discard to avoid loop in topology network.
STP module of ZXR10 T160G/T64G supports three modes including SSTP, RSTP and MSTP, which respectively comply with IEEE802.1d, IEEE802.1w and IEEE802.1s.
SSTP Mode SSTP (Single Spanning Tree Protocol) fully complies with IEEE802.1d in functionality. Bridge running STTP mode can interconnect with RSTP and MSTP bridge.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
94 Confidential and Proprietary Information of ZTE CORPORATION
RSTP Mode RSTP (Rapid Spanning Tree Protocol) provides higher convergence speed than STP (i.e. SSTP mode), namely when the network topology is changing, the status of old redundant switch port can be transferred (From Discard to Forward) quickly in the case of point-to-point connection.
MSTP Mode The concept of instance and VLAN mirroring are added in MSTP (Multiple Spanning Tree Protocol); SSTP mode and RSTP mode can both be considered to be instances of MSTP mode, namely, the case that only one instance 0 exists. MSTP mode also provides fast convergence and load balance in VLAN environment.
In SSTP and RSTP modes, there is no concept of VLAN. There is only one status for each port that is forwarding statuses of ports in different VLANs is consistent. While in MSTP mode, there are multiple spanning tree instances, forwarding statuses of ports are different in different VLANs. Multiple independent subtree instances can be formed inside MST region to achieve load balance.
Some basic concepts of MSTP are presented in detail as follows:
MST Config ID MST Config ID refers to the forwarding plan with different VID frames, that is, all bridges in MST region forward to specific spanning tree (CIST or an MST instance) according to VID in frames.
MST Config ID consists of the following parts:
Configuration name: the 32-byte-long character string.
Version level: 2-byte-long non-negative integer
Configuration abstract: the signature generated according to MST Config Table and processed by MD5, with the length of 16 bytes.
MST Config Table consists of 4096 consecutive two bytes, the first and the last two bytes are zero, and other two bytes can represent a binary number. The second two bytes indicate the MSTID value corresponding to VID 1; the third two bytes indicate MSTID value corresponding to VID 2; and the rest may be deduced by analogy, the last but one two bytes indicate the MSTID value corresponding to VID 4094. Configuration abstract is obtained by processing MST Config Table and fixed key value via HMAC-MD5 algorithm. It can learn that a VID belongs to which MST instance or CIST via resolution.
MST Region Every MST region is composed of one or multiple connected bridges with the same MST Config ID; they enable multiple same instances. This region also contains the LAN whose designated bridge is one of these bridges in CIST instances.
Chapter 9 STP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 95
Note:
The MST Config ID of bridge in a MST region must be the same; but bridges with same MST Config ID are not necessarily in the same MST region. For example: If two bridges with same MST Config ID are connected via LAN belonging to another MST region, the two bridges belong to different MST region.
In MST region, there exist different spanning tree topologies: IST (Internal Spanning Tree), MST1, MST2…and MSTn. Every MSTi can be called MSTI (MST Instance), bridges forward specific VID frame according to paths (MSTI spanning tree topology) corresponding to VID. The correspondence between VID and MSTI is reflected in MST Config ID, while MSTI spanning tree topology is determined by parameters of system configuration priority.
MST Instances MST bridge must support implementation of two kinds of instances: one IST and multiple MST instances. IST is running in a region by default; all VLANs are configured to IST by default; IST is connected with all switches in the region, responsible for communication with other MST regions and SST regions outside. MST instance does not transmit BPDU message alone. Spanning tree information is contained in M-record, and transmitted as part of IST BPDU in the region.
CIST (Common and Internal Spanning Tree) Each IST inside MST area and CST outside comprise CIST, that is, inside MST area, CIST is the same with IST; outside of MST area, it is the same with CST.
IST Region Root Every MST region has one IST Region Root switch, which is the switch within the region with the lowest path cost to the CST root. If CIST Root is in an MST region, CIST Root is the IST Region Root of that MST region. After selecting IST Region Root, other ports directing to CIST Root in this region will be blocked.
MST BPDU MSTI in MST region does not communicate with outside; only IST exchanges BPDU message with outside. In the region, MSTI does not transmit BPDU message alone; MST BPDU message transmitted by IST contains MSTI information. MSTI indicates that it needs to transmit MST BPDU message via a flag, and the detailed message is transmitted by IST. Every MSTI needing to transmit BPDU saves its information in the M-record structure, which will be transmitted as part of IST BPDU.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
96 Confidential and Proprietary Information of ZTE CORPORATION
Configuring STP Enable/Disable STP Use the following command to enable or disable STP protocol.
Command format Command Mode Command function
spanning-tree {enable|disable} Global Enable/Disable STP
Note: After disabling STP protocol in ZXR10 T160/T64G, every port with the physical status of up should be set to be the status of forwarding.
Configuring STP Mode Use the following command to configure STP protocol mode.
Command format Command Mode Command function
spanning-tree mode {sstp|rstp|mstp} Global Setting STP Mode
The default mode of ZXR10 T160G/T64G is MSTP. Whichever mode configured can be compatible and interconnected with other two modes.
Configuring STP Protocol Parameters STP protocol parameters cover:
Max-age
In CST network spanning tree topology, the latest BPDU packet is transmitted to leaf node switch along CST spanning tree topology from Root switch. In the BPDU packets transmitted from Root switch, message-age value is 0; message-age value increases by 1 and max-age value remains unchanged when passing a middle node switch. When message-age value is greater than max-age value in the BPDU packet, the BPDU packet will be invalid.
Hello-time
Hello-time parameters are used to control the interval of transmitting BPDU packet.
Forward-delay
In the condition of non-rapid-state-migration, the parameter determines the delay interval (2×forward-delay) from state Blocking to Forwarding.
Max-hops
Chapter 9 STP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 97
Max-hops value is determined by region root node of instance in MST region; the value decreases by 1 when passing one switching node. When the parameter value is decreased to 0, the BPDU packet becomes invalid. Message-age and max-age of BPDU message in MST region remain unchanged in the process of region transmission.
Use the following command to configure STP protocol parameters.
Command format Command Mode Command function
spanning-tree hello-time <time> Global Set STP hello time interval
spanning-tree forward-delay <time> Global Set STP forward delay
spanning-tree max-age <time> Global Set max age of BPDU packet
spanning-tree mst max-hops <1-40> Global Set max hops of BPDU packet
Note: In CST network spanning tree topology, all switch hello-time parameter values are determined by Root switch. Max-hops parameter value is valid only when serving as region root node of an instance in the MST region.
Creating Instances In MSTP mode, users can build a MST region by creating or deleting switches connected with instances, to implement rapid convergence and load balance.
Use the following command to access MSTP configuration mode.
Command format Command Mode Command function
spanning-tree mst configuration Global Access MSTP configuration mode
Use the following command to create instance:
Command format Command Mode Command function
instance <instance> vlans <vlan-id> MSTP Create MSTP instance
Note: ZXR10 T160G/T64G has and has only one instance 0 in SSTP and RSTP modes. In MSTP mode, instance 0 exists by default, so it cannot be deleted arbitrarily.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
98 Confidential and Proprietary Information of ZTE CORPORATION
Update MST Configuration Name and Configuration Version To judge whether interconnected switches are in the same MST region, we need to check whether MST configuration name and configuration version are same.
Use the following command to set MST configuration name and configuration version.
Command format Command Mode Command function
name <string> MSTP Set MST configuration name
revision <version> MSTP Set MST configuration version
Note: The following four prerequisites are indispensable for a switch belonging to the same MST region: same MST configuration name, same MST configuration version, same INS-VLAN mapping table, and interconnected switches.
Configuring Switch Priority and Port Priority In the whole spanning tree topology region, the switch’s location in the whole CST spanning tree topology (whether can be selected as the root of the whole spanning tree) or the location in the instance spanning tree topology in MST region (whether can be selected as the region root of the instance) is determined by setting bridge priority of an instance.
Designate a bridge to be spanning tree root by setting bridge with low priority.
Designate specific port to be contained in spanning tree by setting port priority. Generally, the smaller the set value is, the higher the port priority is, and the probability that the port is contained in the spanning tree increases. If same priority is set to all ports in the bridge, the port priority will be determined by the index number of the port.
Use the following command to configure switch priority and port priority.
Command format Command Mode Command function
spanning-tree mst instance <instance> priority <priority> Global Set bridge priority of an instance
spanning-tree mst instance <instance> priority <priority> Port Set port priority of an instance
Chapter 9 STP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 99
Note: The bridge priority and port priority of ZXR10 T160G/T64G can be configured only when the instance has been created.
Configuring Whether a Port in STP Protocol Participates in Spanning Tree Calculation In some specific environments, the participation of port in the spanning tree calculation is not required, such as the uplink port of switch or port connecting PC.
Use the following command to configure whether the port participates in spanning tree calculation.
Command format Command Mode Command function
spanning-tree {enable|disable} Port Set whether ports participate in spanning tree calculation
Instances of Configuring STP MSTP supports multiple MST regions, but it is recommended configuring one MST region. Usually run MST region in backbone network, serving as root of the whole CST, which can better implement network rapid convergence and load balance.
Instance 1 As shown in Figure 37, run MSTP in backbone network; MST region serves as root of CST, that is, CIST Root Bridge is inside the MST region. Switches A, B and C are configured in the same region; their initialization priority is 32768; determine CIST root and IST root according to MAC address. The respective address of the three switches is as follows:
Switch A: 000d.0df0.0101
Switch B: 000d.0df0.0102
Switch C: 000d.0df0.0103
Create two MST instances, to which the VLAN in this region should be mapped.
Run CST mode in switch D with the MAC address of: 000d.0df0.0104, and priority: 32768.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
100 Confidential and Proprietary Information of ZTE CORPORATION
The purpose of this instance is to implement rapid convergence of the whole network and load balance of two links in switch A.
F I G U R E 37 MSTP C O N F I G U R AT I O N E X AM P L E N E T W O R K I N G D I AG R AM 1
Switch D
Switch B
Switch C root node ofinstance 1
The port isblocked in ins 2
The port isblocked in ins 1
Root node ofInstance 2
A, B and C belong to the same MST area, and the identityof this area in the network topology is CIST root.
Switch A
Switch A configuration:
/*Configure MST region*/
ZXR10_A(config)#spanning-tree mode mstp
ZXR10_A(config)#spanning-tree mst configuration
ZXR10_A(config-mstp)#name zte
ZXR10_A(config-mstp)#revision 2
/*Map VLAN 1~10 to instance 1, VLAN 11~20 to instance 2*/
ZXR10_A(config-mstp)#instance 1 vlan 1-10
ZXR10_A(config-mstp)#instance 2 vlan 11-20
Switch B configuration:
/*Configure MST region*/
ZXR10_B(config)#spanning-tree mode mstp
ZXR10_B(config)#spanning-tree mst configuration
ZXR10_B(config-mstp)#name zte
ZXR10_B(config-mstp)#revision 2
/*Map VLAN 1~10 to instance 1, VLAN 11~20 to instance 2*/
ZXR10_B(config-mstp)#instance 1 vlan 1-10
ZXR10_B(config-mstp)#instance 2 vlan 11-20
/*Change the priority of switch B in instance 2, to make it become the Root of instance 2*/
ZXR10_B(config-mstp)#spanning-tree mst instance 2 priority 4096
Switch C configuration:
/*Configure MST region*/
Chapter 9 STP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 101
ZXR10_C(config)#spanning-tree mode mstp
ZXR10_C(config)#spanning-tree mst configuration
ZXR10_C(config-mstp)#name zte
ZXR10_C(config-mstp)#revision 2
/*Map VLAN 1~10 to instance 1, VLAN 11~20 to instance 2*/
ZXR10_C(config-mstp)#instance 1 vlan 1-10
ZXR10_C(config-mstp)#instance 2 vlan 11-20
/*Change the priority of switch C in instance 1, to make it become the Root of instance 1*/
ZXR10_C(config-mstp)#spanning-tree mst instance 1 priority 4096
Switch D reserves the default configuration.
Instance 2 As shown in Figure 38, switch B and C run in the same region, CIST root bridge C is outside of the region; one boundary port of switch B and C will be blocked
F I G U R E 38 MSTP C O N F I G U R AT I O N E X AM P L E N E T W O R K I N G D I AG R AM 2
Switch B Switch C
Switch ACIST Root
The difference between instance 2 and instance 1 lies in:
The boundary port blocks or forwards all VLANs for there exists only one instance that can communicate with outside in a region, there is no probability of load balance, and it cannot exert the advantages of MSTP mode. In the following figure, the link from switch A to switch C will block all VLANs, while the link from switch B to switch A will forward all VLANs.
STP Maintenance and Diagnosis ZXR10 T160G/T64G provides command show to view STP-related information and implements fault diagnosis.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
102 Confidential and Proprietary Information of ZTE CORPORATION
1. Display detailed instance-based spanning tree information
Command format
Command Mode Command function
show spanning-tree instance <instance> All modes Display detailed instance-based
spanning tree information
2. Display spanning tree information of designated port
Command format Command Mode Command function
show spanning-tree interface <port-name> All modes Display spanning tree
information of designated port
3. Display statistical information of transmitting and receiving BPDU packets in designated port.
Command format Command Mode Command function
show spanning-tree statistics <port-name> All modes
Display statistical information of transmitting and receiving BPDU packets in designated port.
In the following three cases, even if switch STP function is enabled, the appearance of loop cannot be avoided, please take care when configuring.
Two switches are connected with multiple parallel links, one of the two switches configures link aggregations for these ports, and the other does not.
One switch configures aggregations for multiple ports, but one port in the aggregation port group connects with other ports of the device by self-loop.
Two switches connect two parallel links; either of the two parties cannot receive the BPDU packet transmitted by the opposite party for unknown reason.
Confidential and Proprietary Information of ZTE CORPORATION 103
C h a p t e r 10
Link Aggregation Configuration
This chapter introduces the principles and configuration of ZXR10 T160G/T64G Ethernet port link aggregation. It covers:
Overview of link aggregation
Configuring link aggregation
Instances of configuring link aggregation
Link aggregation maintenance and diagnosis
Overview of Link Aggregation Link Aggregation is also called Trunk; it refers to bundling multiple physical ports to be a logical port, to implement load balance of in/out flow in each member port. The switch determines from which member port to transmit message to the peer end switch according to port load sharing policy that the users configured. When the switch detects that one member port link is broken, it does not transmit messages in this port until this port link becomes normal. Link aggregation is a very important technology in adding link bandwidth, implementing link transmission flexibility and redundancy.
ZXR10 T160G/T64G supports static Trunk and LACP link aggregation modes.
Static Trunk adds multiple physical ports to trunk group, to form a logical port.This mode goes against observing status of link aggregation port.
LACP (Link Aggregation Control Protocol) complies with IEEE 802.3ad. LACP aggregates multiple physical ports to trunk group dynamically via protocol to form a logical port. LACP generates aggregation automatically to obtain the maximum bandwidth.
Configure link aggregation function in ZXR10 T160G/T64G in compliance with the following principles:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
104 Confidential and Proprietary Information of ZTE CORPORATION
Thirty-two trunk groups totally can be configured, each trunk group contains up to eight member ports.
Support cross-interface-board aggregation, the member ports can be located at any interface board, but the selected port must work in full-duplex mode and the working rate must be consistent.
The modes of member ports could be access, trunk or hybrid, but they must be consistent.
In ZXR10 T160G/T64G, the logical ports formed by link aggregation are called SmartGroup, which can be used as ordinary port.
Configuring Link Aggregation Link aggregation configuration covers:
1. Creating trunk group
Command format Command Mode Command function
interface <smartgroup-name> Global Creating trunk group
2. Bundling port to trunk group, setting port aggregation mode
Command format Command Mode Command function
smartgroup <smartgroup-id> mode {passive|active|on} Port Bundling port to trunk group,
setting port aggregation mode
When the aggregation mode is set to be On, the port runs static trunk, two ends participating in aggregation should be set to be On mode.
When aggregation mode is active or passive, the port runs LACP. Active means that the port is in active negotiation mode. Passive means that the port is in passive negotiation mode. When configuring dynamic link aggregation, set the aggregation mode of one end of port to be active and the other end to be passive or set both ends as active.
Note:
The configuration of VLAN link type in member port must be consistent with that of smartgroup, otherwise it cannot be added into this trunk group.
3. Setting port link aggregation load sharing mode
ZXR10 T160G/T64G port link aggregation supports 6 types of load sharing modes which respectively based on source IP, destination IP, source and destination IP, source MAC, destination MAC, and source and destination. By default, MAC is based on source and destination MAC.
Command format Command Mode Command function
smartgroup load-balance <mode> Port Setting port link aggregation load sharing mode
Chapter 10 Link Aggregation Configuration
Confidential and Proprietary Information of ZTE CORPORATION 105
Instances of Configuring Link Aggregation As shown in Figure 39, switch A connects switch B via smartgroup port, which are composed of four physical ports by aggregation. The port mode of SmartGroup is trunk, bearing VLAN10 and VLAN20.
F I G U R E 39 E X AM P L E O F L I N K AG G R E G AT I O N C O N F I G U R AT I O N
Smartgroup10gei_5/1-4
Smartgroup11gei_3/5-8
Switch B
Switch A
trunk VLAN 10,20
Switch A configuration:
/*Create trunk group*/
ZXR10_A(config)#interface smartgroup10
/*Bundle port to trunk group*/
ZXR10_A(config)#interface gei_5/1
ZXR10_A(config-if)#smartgroup 10 mode active
ZXR10_A(config)#interface gei_5/2
ZXR10_A(config-if)#smartgroup 10 mode active
ZXR10_A(config)#interface gei_5/3
ZXR10_A(config-if)#smartgroup 10 mode active
ZXR10_A(config)#interface gei_5/4
ZXR10_A(config-if)#smartgroup 10 mode active
/*Modify VLAN link types of the smartgroup port*/
ZXR10_A(config)#interface smartgroup10
ZXR10_A(config-if)#switchport mode trunk
ZXR10_A(config-if)#switchport trunk vlan 10
ZXR10_A(config-if)#switchport trunk vlan 20
ZXR10_A(config-if)#switchport trunk native vlan 10
Switch B configuration:
ZXR10_B(config)#interface smartgroup11
ZXR10_B(config)#interface gei_3/5
ZXR10_B(config-if)#smartgroup 11 mode passive
ZXR10_B(config)#interface gei_3/6
ZXR10_B(config-if)#smartgroup 11 mode passive
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
106 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_B(config)#interface gei_3/7
ZXR10_B(config-if)#smartgroup 11 mode passive
ZXR10_B(config)#interface gei_3/8
ZXR10_B(config-if)#smartgroup 11 mode passive
ZXR10_B(config)#interface smartgroup11
ZXR10_B(config-if)#switchport mode trunk
ZXR10_B(config-if)#switchport trunk vlan 10
ZXR10_B(config-if)#switchport trunk vlan 20
ZXR10_B(config-if)#switchport trunk native vlan 10
Link Aggregation Maintenance and Diagnosis ZXR10 T160G/T64G provides related show commands for easier link aggregation maintenance and diagnosis.
1. Display the aggregation status of member port
Command format Command Mode Command function
show lacp [<smartgroup-id>] internal
All modes except user mode
View the aggregation status of trunk group member port
Instance: view aggregation status of trunk group 2 member ports.
ZXR10(config)#show lacp 2 internal
Smartgroup:2
Actor Agg LACPDUs Port Oper Port RX Mux
Port State Interval Priority Key State Machine Machine
------------------------------------------------------------------
fei_3/17 selected 30 32768 0x202 0x3d current
collecting-distributing
fei_3/18 selected 30 32768 0x202 0x3d current
collecting-distributing
ZXR10(config)#
When Agg State is selected, and Port state is 0x3d, it means that the port aggregation is successful. If aggregation failed, the Agg state indicates unselected
2. View protocol packet counter of member ports
Chapter 10 Link Aggregation Configuration
Confidential and Proprietary Information of ZTE CORPORATION 107
Command format Command Mode Command function
show lacp [<smartgroup-id>] counter
All modes except user mode
View protocol packet counter of trunk group member ports
Instance: view protocol packet counter of trunk group 2 member ports.
ZXR10(config)#show lacp 2 counter
Smartgroup:2
Actor LACPDUs Marker LACPDUs Marker
Port Tx Rx Tx Rx Err Err
-------------------------------------------------------------------
fei_3/17 11 5 0 0 0 0
fei_3/18 10 6 0 0 0 0
ZXR10(config)#
Only when counter of protocol transmitting packets Tx and protocol receiving packets Rx of every member port is available, can the aggregation succeed.
3. View member ports of the peer end.
Command format Command Mode
Command function
show lacp [<smartgroup-id>] neighbors
All modes except user mode
View member ports of the peer end.
Instance: view the member port of the peer end of trunk group 2.
ZXR10(config)#show lacp 2 neighbors
Smartgroup 2 neighbors
Actor Partner Partner Port Oper Port
Port System ID Port No. Priority Key State
---------------------------------------------------------------
fei_3/18 8000,00d0.d0c0.0f60 513 0x8000 0x202 0x3d
fei_3/17 8000,00d0.d0c0.0f60 514 0x8000 0x202 0x3d
ZXR10(config)#
Where Partner Port No stands for port number of neighbors, when Port State is 0x3d, it means the aggregation of the two ends is successful.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
108 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 109
C h a p t e r 11
IGMP Snooping Configuration
This chapter introduces principle and configuration of IGMP Snooping in ZXR10 T160G/T64G. It covers:
Overview of IGMP Snooping
Configuring IGMP Snooping
Instances of IGMP Snooping configuration
IGMP Snooping maintenance and diagnosis
Overview of IGMP Snooping IGMP Snooping is a feature of layer2 switch, it could restrict the forwarding of IP multicast traffic.
As shown in Figure 40, IGMP (Internet Group Management Protocol) runs between host and multicast router. IGMP Snooping monitors IGMP communication between host and router, ensuring that the switch could learn the ports belonging to multicast member before forwarding multicast packets, and get the multicast forwarding table. Here, multicast packet will be transmitted to ports in multicast forwarding table rather than all ports; as a result, it restricts the spread of multicast packet in the switch and boosts the utilization rate by avoiding unnecessary bandwidth waste.
F I G U R E 40 IGMP S N O O P I N G AP P L I C AT I O N
PC
Router
Switch
Run IGMP
Run IGMP Snooping
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
110 Confidential and Proprietary Information of ZTE CORPORATION
Join a Multicast Group The host joins corresponding multicast group by transmitting IGMP joining message. When the switch monitors the IGMP message transmitted by the host, the forwarding module creates a layer2 forwarding entry for the VLAN that the message-receiving port resides on. When other hosts in the same VLAN are interested in the multicast traffic and send a request of joining the group, the switch adds them to the existed forwarding entries.
The switch creates only one forwarding entry for each multicast group in the same VLAN, forwards the multicast traffic of the multicast group in all ports receiving a multicast group request message.
Leave a Multicast Group The hosts that joined multicast group must respond to IGMP query message transmitted by router periodically. As long as one host responds to IGMP query in a VLAN, the router must continue forwarding traffic of the multicast group that the host resides on to VLAN.
When a host wants to a multicast group, it could ignore the IGMP query message transmitted by router periodically (called “static leave”), or transmit IGMPv2 leave message of specified group.
When IGMP Snooping hears IGMPv2 leave message of specified group, the switch sends specified group query message to the port receiving the message, to query whether other hosts belonging to the multicast group are available in this port. If IGMP Snooping cannot receive any response message after several queries, it indicates that there are no hosts belonging to the multicast group in this port, and IGMP Snooping will delete corresponding ports in the layer2 forwarding entries; if receiving response message, it is not necessary to modify forwarding table.
Fast Leave The fast leave function of IGMP Snooping means that: When hearing IGMPv2 leave message of specified group, the switch does not transmit query message, instead, it deletes corresponding ports in the layer2 forwarding entries directly.
Please take care when enabling fast leave function in a VLAN, if one of the multiple hosts in a port leaves multicast group, other hosts of the same multicast group in the port cannot receive multicast traffic of the multicast group.
Configuring IGMP Snooping Basic Configuration Basic configuration of IGMP Snooping contains:
Chapter 11 IGMP Snooping Configuration
Confidential and Proprietary Information of ZTE CORPORATION 111
1. Global enable IGMP Snooping
Command format Command Mode
Command function
ip igmp snooping Global Global enable IGMP Snooping
2. Enable IGMP Snooping in VLAN
Command format Command Mode
Command function
igmp snooping VLAN Enable IGMP Snooping in VLAN
3. Configure whether to broadcast multicast data when IGMP Snooping is enabled but there is no user.
Command format Command Mode
Command function
Igmp snooping drop <ip-address> [num< num>] vlan
Configure whether to broadcast multicast data when IGMP Snooping is enabled but there is no user.
4. Configure fast leave
Command format Command Mode
Command function
igmp snooping fast-leave VLAN Configure group fast leave in VLAN
Configure Proxy Querier Usually, there is at least one multicast router in multicast network, transmitting IGMP query message periodically. If there is no multicast router in the network, you can configure proxy querier for transmitting IGMP query message.
1. Configure IGMP Snooping proxy querier function
Command format Command Mode
Command function
ip igmp snooping querier Global Configure IGMP Snooping proxy querier function
2. Configure query-interval of proxy querier
Command format Command Mode
Command function
ip igmp snooping query-interval <interval> Global Configure query-interval of proxy
querier
3. Configure maximum query-response-interval
Command format Command Mode
Command function
ip igmp snooping query-response-interval <interval> Global Configure maximum
query-response-interval
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
112 Confidential and Proprietary Information of ZTE CORPORATION
Limit Multicast Group Impose some restrictions on multicast group in ZXR10 T160G/T64G.
1. ACL filter the group
Command format Command Mode
Command function
igmp snooping acl <acl-number> VLAN ACL filter the group
2. Limit the maximum-group-number
Command format Command Mode
Command function
igmp snooping max-group-num <number> VLAN Configure the permitted
max-group-number in VLAN
Static Configuration Static configuration will not age and can only be deleted statically.
1. Configure static users in VLAN
Command format Command Mode
Command function
igmp snooping static <ip-address> interface <port-name> VLAN Configure static users in VLAN
When a user needs to join a multicast group, but IGMP and IGMP Snooping are not in operation, so it cannot be monitored, here static configuration can be performed.
2. Configure multicast router interface in VLAN
Command format Command
Mode Command function
igmp snooping mrouter interface <port-name> VLAN Configure multicast router
interface in VLAN
It is applied when PIM-Snooping is not configured or connecting to multicast router that does not transmit query message.
Modify Default Time 1. Modify user’s aging time
Command format Command Mode
Command function
igmp snooping host-time-out <time> VLAN Modify user’s aging time
2. Modify last-member-query-interval
Command format Command Command function
Chapter 11 IGMP Snooping Configuration
Confidential and Proprietary Information of ZTE CORPORATION 113
Mode
igmp snooping last-member-query-interval <interval>
VLAN Modify last-member-query-interval
3. Modify aging time of routing port
Command format Command Mode
Command function
igmp snooping mrouter-time-out <time> VLAN Modify aging time of routing port
Instances of IGMP Snooping Configuration As shown in Figure 41, ports fei_1/1, fei_1/3, and fei_1/5 connect host, port fei_3/1 connects multicast router, and all the ports belong to VLAN10. Enable IGMP Snooping function in the switch.
F I G U R E 41 E X AM P L E O F IGMP S N O O P I N G C O N F I G U R AT I O N
IGMP Router
fei_3/1
fei_1/1Switch
fei_1/3fei_1/5
Switch configuration:
ZXR10(config)#ip igmp snooping
ZXR10(config)#vlan 10
ZXR10(config-vlan)#igmp snooping
IGMP Snooping Maintenance and Diagnosis ZXR10 T160G/T64G provides show command to view information related to IGMP Snooping, helping with maintenance and diagnosis.
1. Display IGMP Snooping configuration information of specified VLAN
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
114 Confidential and Proprietary Information of ZTE CORPORATION
Command format Command Mode
Command function
show ip igmp snooping vlan <vlan-id>
All modes except user mode
Display IGMP Snooping configuration information of specified VLAN
2. Display port information related to IGMP Snooping
Command format Command Mode
Command function
show ip igmp snooping port-info vlan <vlan-id>
All modes except user mode
Display port information related to IGMP Snooping
3. Display statistical information of IGMP message
Command format Command Mode
Command function
show ip igmp snooping statistic [clear | interface <port-name>]
All modes except user mode
View IGMP message statistical information of all or specified ports
ZXR10 T160G/T64G also provides debug command to debug IGMP Snooping, tracing related information.
Command format Command Mode
Command function
debug ip igmp-snooping Privileged Turn on the debugging switch of IGMP Snooping
Instance: Tracing the process of transmitting and receiving packets of IGMP Snooping.
ZXR10#debug ip igmp-snooping
ZXR10#
IGMP SNOOPING Rcv 224.1.1.1 Group Report Msg: From Vlan 1, Port fei_4/10
IGMP SNOOPING Rcv 224.1.1.1 Group Report Msg: From Vlan 1, Port fei_4/11
...
Confidential and Proprietary Information of ZTE CORPORATION 115
C h a p t e r 12
Network Protocol Configuration
This chapter introduces IP address and ARP protocol, it also describes related configuration of ZXR10 T160G/T64G. It covers:
IP address
ARP configuration
IP Address Introduction to IP Address Network layer address in the IP protocol stack refers to IP address. An IP address is composed of two parts, the network ID part and the host ID part. The network ID is used to reference a specific network. The host ID is used to identify a specific device on that network
IP addresses fall into 5 classes including A, B, C, D, and E, classes A, B, and C are popular, class D address is network multicast address, and class E address is reserved. Table 23 presents the range of each class of address.
T AB L E 23 R A N G E O F IP AD D R E S S E S
Category Header characteristic bit
Network bit
Host bit Range
Class A 0 8 24 0.0.0.0~127.255.255.255
Class B 10 16 16 128.0.0.0~191.255.255.255
Class C 110 24 8 192.0.0.0~223.255.255.255
Class D 1110 Multicast Address 224.0.0.0~239.255.255.255
Class E 1111 Reserved 240.0.0.0~255.255.255.255
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
116 Confidential and Proprietary Information of ZTE CORPORATION
In class A, B, and C addresses, some are reserved for private network, it is recommended using private network address when constructing internal network. These addresses are:
Class A: 10.0.0.0~10.255.255.255
Class B: 172.16.0.0~172.31.255.255
Class C: 192.168.0.0~192.168.255.255
The original intension of dividing addresses like this is to facilitate routing protocol design, judging network type from the header characteristic bit of the IP address. However, this method cannot make maximal use of addresses, as a result, the shortage of addresses is becoming increasingly serious with the development of Internet.
To make maximal use of IP addresses, we can divide one network into multiple subnets. By means of borrowing, borrow from the maximum of the host ID to serve as subnet ID, and the remainder of the host ID is still host ID. Here, IP address is composed of three parts: network ID, subnet ID and Host ID. Network ID and subnet ID identify a network uniquely. Use subnet mask to determine the network ID, subnet ID, and host ID parts in the IP address. The part with the subnet mask of 1 corresponds to network ID and subnet ID in IP address, the part with the subnet mask of 0 corresponds to host ID.
The division of subnet boosts utilization rate of IP address significantly, which, to some extent, relieves the problem of IP address shortage.
Regulations regarding IP address:
0.0.0.0 will be employed when the host without IP addresses boots; it obtains address via RARP, BOOTP, and DHCP, in routing table, the address is also used as default route.
255.255.255.255 is for broadcast destination address and it cannot be used as source address.
127.X.X.X is called loop-back address, which can be used to represent “this computer” even if the real IP address of the host is unknown.
The address with the host ID of all zeroes represents the network itself; the address with the host ID of all “1” is used for the network broadcast address.
For legal host IP address, the network part or the host part cannot be all “0” or all “1”.
Basic Configuration of IP Address The IP address configuration is performed in interface configuration mode, the procedures of which are as follows:
1. Access interface configuration mode
Command format Command Mode
Command function
interface <interface-name> Global Access interface configuration
Chapter 12 Network Protocol Configuration
Confidential and Proprietary Information of ZTE CORPORATION 117
mode If the interface does not exist, create it and access interface configuration mode
2. Set interface IP address
Command format Command Mode
Command function
ip address <ip-address> <net-mask> [<broadcast-address>] [secondary]
VLAN interface Set interface IP address
Instances of IP Address Configuration Assuming that layer3 interface VLAN1 is created in ZXR10 T160G/T64G, configure the IP address of the interface to 192.168.3.1, and mask to be 255.255.255.0. The detailed configuration is as follows:
ZXR10(config)#interface vlan 1
ZXR10(config-if)#ip address 192.168.3.1 255.255.255.0
Use show ip interface command to view interface IP address.
ARP Configuration Overview of ARP A network device should know the IP address of the destination device and its physical address (MAC address) when transmitting data to another network device. The function of ARP (Address Resolution Protocol) is mapping IP address to physical address to ensure successful communication.
First, the source device broadcast carries the ARP request of destination device IP address, so all devices in the network will receive this ARP request. If a device finds that the IP address in the request and its own IP address match, it will transmit a response containing MAC address to source device. The source device obtains the MAC address of the current device via this response.
The mapping relationship between IP address and MAC address is cached in the local ARP table with the purpose of reducing ARP packets in the network to transmit data more rapid. When the device needs transmitting data, it will search ARP table according to IP address, if MAC address of destination device is found in the ARP table, transmitting ARP request is not needed. Dynamic entries in the ARP table will be deleted automatically after a period of time, which is called ARP aging time.
Basic Configuration of ARP The configuration of ARP covers:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
118 Confidential and Proprietary Information of ZTE CORPORATION
1. Configure aging time of ARP entries in ARP buffer
Command format Command Mode
Command function
arp timeout <timeout> VLAN interface
Configure aging time of ARP entries in ARP buffer
2. Clear all dynamic ARP entries in the ARP buffer of specified interface
Command format Command Mode
Command function
clear arp-cache [<interface-name>] Privileged Clear all dynamic ARP entries in the interface ARP buffer
Instances of configuring ARP One configuration instance of ARP is as follows:
ZXR10(config)#interface vlan 1
ZXR10(config-if)#arp timeout 1200
Use the following command to view ARP entries of specified interface.
Command format Command Mode
Command function
show arp [<interface-name>] All modes Display ARP entries of interface
View ARP table of layer3 interface VLAN1:
ZXR10#show arp vlan1
Address Age(min) Hardware Addr Interface
10.1.1.1 - 000a.010c.e2c6 vlan1
10.1.100.100 18 00b0.d08f.820a vlan1
ZXR10#
Confidential and Proprietary Information of ZTE CORPORATION 119
C h a p t e r 13
Static Route Configuration
This chapter describes static route and its configuration, including special summary static route or default route.
Basic configuration of static route
Instance of static route configuration
Maintenance and diagnosis of static route
Basic Configuration of Static Route Static Route is that the network administrator specifies routing information to routing table via configuration command, unlike dynamic route creating routing table according to routing algorithm. When configuring dynamic route, sometimes we need to transmit the routing information of the whole Internet to a router, which exceeds the load of the router, in such situation, static route can be employed to solve the problem. Application of static route, which requires relatively fewer configurations, can avoid the usage of dynamic route. But the configuration of static route will become complicated when in the environment with multiple routers and multiple paths.
The configuration of static route uses ip route command.
Command format Command Mode
Command function
ip route [vrf <vrf-name>] <prefix> <net-mask> {<forwarding-router's-address>| <interface-name>} [<distance-metric>] [tag <tag>]
Global Create static route
Tag value is the identifier of route; two static routes (with different next-hop) to the same destination network cannot have the same tag value.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
120 Confidential and Proprietary Information of ZTE CORPORATION
Instance of Static Route Configuration Configuring Static Route A simple network with three routers connected is shown in Figure 42.
F I G U R E 42 C O N F I G U R I N G S T AT I C R O U T E
R1 R2 R3
192.168.3.1/24
192.168.4.1/24
192.168.4.2/24
192.168.5.1/24
192.168.5.2/24
192.168.6.1/24
If R1 needs to access network in R3, the static route configuration is as follows:
ZXR10_R1(config)#ip route 192.168.5.0 255.255.255.0 192.168.4.2
ZXR10_R1(config)#ip route 192.168.6.0 255.255.255.0 192.168.4.2
We can see that from the above configuration information, static route is configured in global configuration mode; only one static route can be configured once. Behind the command ip route, is remote network, subnet mask and next-hop IP address reaching remote network. In other words, if R1 wants to transmit message to network 192.168.5.0/24, it must deliver the message to R2 with the IP address of 192.168.4.2; moreover, R1 and R2 are connected directly.
Another way to configure static route is as follows:
ZXR10_R1(config)#ip route 192.168.5.0 255.255.255.0 vlan2
ZXR10_R1(config)#ip route 192.168.6.0 255.255.255.0 vlan2
This configuration is similar to the method mentioned above. The only difference is that in the above method, next-hop IP address is applied while in this method, local interface is applied, that is to say, it transmits all messages towards network 192.168.5.0/24 and 192.168.6.0/24 from VLAN2 instead of routing to next-hop logical address.
If multiple paths to the same destination are available, configure the router with multiple static routes with different administrative distance values, but the routing table will only show the routing information with the minimum distance value. Because when the router is notified that there are multiple competitive sources to a network, the route with the minimum administrative distance value has a higher priority. Parameter distance-metric in static route configuration command ip route can be used to change the administrative distance value of a static route. Assume that there are two different routes from R1 to 192.168.6.0/24 network segment, and the configuration is as follows:
Chapter 13 Static Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 121
ZXR10_R1(config)#ip route 192.168.6.0 255.255.255.0 192.168.4.2
ZXR10_R1(config)#ip route 192.168.6.0 255.255.255.0 192.168.3.2 25 tag 10
The above two commands configure two different static routes to the same network, the first command does not configure administrative distance value, so default value 1 is applied; the second command configures the administrative distance value to be 25. The administrative distance value of the first route is smaller than that of the second one, so only the information of the first route is available in the routing table, that is to say, the router reaches the destination network 192.168.6.0/24 via next-hop 192.168.4.2. The second route will be available in the routing table only when the first route becomes invalid and disappears from the routing table.
Summarizing Static Routes Summary static route is a special static route, which can summarize expressions of two or multiple specific routing tables into one, to reduce entries of routing table on the basis of remaining all old connections.
F I G U R E 43 S T AT I C R O U T E S S U M M AR I Z AT I O N
R1 R2 R3
192.168.3.1/24
192.168.4.1/24
192.168.4.2/24
192.168.5.1/24
192.168.5.2/24
10.2.0.0/16
10.1.0.0/1610.1.0.1/16
10.2.0.1/16
As shown in Figure 43, R3 has two networks including 10.1.0.0/16 and 10.2.0.0/16. Usually, the following two static routes should be configured in R1 to reach these networks.
ZXR10_R1(config)#ip route 10.1.0.0 255.255.0.0 192.168.4.2
ZXR10_R1(config)#ip route 10.2.0.0 255.255.0.0 192.168.4.2
The IP connection can be implemented via the above configuration assuming R3 is properly configured. But we can use summary static route to optimize R1 routing table; the following command can substitute two above commands.
ZXR10_R1(config)#ip route 10.0.0.0 255.0.0.0 192.168.4.2
This command indicates that all messages with the destination of network 10.0.0.0/8 pass 192.168.4.2, that is to say, all messages of subnets (here refer to subnet 10.1.0.0/16 and 10.2.0.0/16) with the destination of 10.0.0.0/8 transmits to 192.168.4.2. We summarize all subnets of main network 10.0.0.0/8 by this means.
Default Route Configuration Default route is a type of special static route. Default route will be applied when all other routes in the routing table failed, which provides a last destination for the routing table, thus relieve the processing load of the router.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
122 Confidential and Proprietary Information of ZTE CORPORATION
If a router cannot route for a message, the message has to be discarded to an “unknown” destination, which is beyond our expectation. To make the router fully connected, one router must be connected to a network. The default route can be applied when the router wants to be fully connected and requires no record of individual route. We can specify an individual route to represent all other routes via default route.
The function and usage of static route are illustrated in the following instance:
F I G U R E 44 C O N F I G U R E D E F AU L T R O U T E
R1 R2 R3
192.168.3.1/24
192.168.4.1/24
192.168.4.2/24
211.211.211.1/24
211.211.211.2/24 Internet
As shown in Figure 44, R2 and router R3 in the Internet network are connected. R2 did not record all network addresses in the Internet, it uses default route to directly transmit unknown messages to R3. The configuration of default route in R2 is as follows:
ZXR10_R2(config)#ip route 0.0.0.0 0.0.0.0 211.211.211.2
The configuration procedure of default route is identical with that of static route, which is a little bit different is that both the network part and subnet mask part are 0.0.0.0. We can view routing table of R2:
ZXR10_R2#show ip route
IPv4 Routing Table:
Dest Mask Gw Net Owner
211.211.211.0 255.255.255.0 direct
192.168.4.0 255.255.255.0 direct
0.0.0.0 0.0.0.0 211.211.211.2 static
ZXR10_R2#
We can see from the routing table that, the default route with next-hop of 211.211.211.2 is added to the routing table as the last route.
When using default route in routing protocol configuration, it differs when routing protocol varies.
If default route is configured in a router running RIP protocol, RIP will notify the default route 0.0.0.0/0 to its neighbor, even needn’t reallocating routes in the RIP domain.
For OSPF protocol, the router running OSPF will not notify default route automatically to its neighbor. Command default-information originate must be used to enable OSPF to transmit default route to OSPF domain. If reallocating default routes in the OSPF domain, this kind of notification is usually implemented via ASBR (autonomous system border router).
Chapter 13 Static Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 123
Maintenance and Diagnosis of Static Route Use the following command to display global routing table of router and to view whether static route is configured in routing table.
Command format Command
Mode Command function
show ip route [<ip-address> [<net-mask>]|<protocol>] All modes Display global routing table
This command is frequently applied in routing protocol diagnosis.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
124 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 125
C h a p t e r 14
RIP Configuration
The Routing Information Protocol (RIP) is a vector distance routing protocol with the latest version of RIPv2, which is usually applied in small-sized network. In this chapter, you will learn about:
Overview of RIP
Configuring RIP
Instances of configuring RIP
RIP maintenance and diagnosis
Overview of RIP RIP Fundamentals Routing Information Protocol (RIP) is the first routing protocol identifying the best path dynamically, which is implemented based on vector distance algorithm of local network. RIPv1 is defined in RFC1058 and RIPv2 is defined in RFC1723. ZXR10 T160G/T64G supports both RIPv1 and RIPv2, RIPv2 is applied by default. RIPv2 has the following advantages compared to RIPv1:
Subnet mask is available in route refresh
Authentication of route refresh
Multicasting route refresh
In the following instruction, RIP refers to RIPv2 if not specially designated.
Metric and Administrative Distance RIP uses UDP packet (Port number 520) to exchange RIP routing information. The routing information in RIP message includes the number of routes passed, i.e. hop count, according to which, the router determines the route to the destination network. RFC stipulates that the maximum hop count should be less than 16, so RIP is only applicable to small-sized network. Hop count 16 indicates infinite distance, representing unreachable route, which is one way for RIP to identify and prevent the routing loop.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
126 Confidential and Proprietary Information of ZTE CORPORATION
Only hop count is taken as the metric for RIP routing; bandwidth, delay and other variable factors are not considered. The RIP always takes paths with the least hop count as the optimized path, which may results that the selected path is not the best one.
The default administrative distance value of RIP is 120. As far as AD is concerned, the lower is the value; the higher is the routing source reliability. The RIP is not quite reliable, compared to other routing protocol.
Timer Router running RIP transmits update message of routing information at a certain interval (30s by default), which reflects all the routing information of the router. This process is called routing information notification. If a router failed to receive update information from another router in a certain time period (180s by default), it will mark the routes provided by the router to be “unavailable” and if it is not updated in the succeeding period of time (240s by default), the router will clear the route completely from the routing table.
The RIP provides the following four types of timers:
Update timer
Invalid timer
Hold-down timer
Flush Timer
Route Update The RIP protocol employs trigger update to speed up the spread of routing changes in the RIP routing domain. When a RIP router detects that an interface is working or has stopped working, an adjacent node is down or a new subnet or neighbor node joining in, it will transmit a trigger update. The trigger update message only contains changed route.
The RIP protocol uses poison reverse to speed up protocol convergence. The poison reverse sets the metrics of the infinite network prefix to be 16 (meaning infinite), after receiving routing update of the metric, the router will discard the route instead of waiting for the aging time.
The RIP uses split horizon to prevent routing loop and reduce the size of routing update. Split horizon means that in the interface that receives a routing update, these update information will not be transmitted repeatedly.
Configuring RIP The RIP configuration covers: basic configuration, enhanced configuration and version configuration.
Chapter 14 RIP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 127
Basic Configuration 1. Start RIP
Command format Command Mode
Command function
router rip Global Start RIP routing process
2. Define interface
Command format Command Mode
Command function
network <ip-address> <net-mask> Route RIP Select route and specify network table for RIP
Enhanced Configuration 1. Adjust the timer
Command format Command Mode
Command function
timers basic <update> <invalid> <holddown> <flush> Route RIP Adjust RIP network timer
Many RIP characteristics can be self-defined to adapt to any network environment. Although in most cases, it is not necessary to modify the default value of the timer, sometimes, adjusting timer can improve the protocol performance.
2. Change inter-message-group delay transmitted by RIP update
Command format Command Mode
Command function
output-delay <packets> <delay> Route RIP Change inter-message-group delay transmitted by RIP update
3. Define the adjacent router exchanging routing information with this router
Command format Command Mode
Command function
neighbor <ip-address> Route RIPDefine the adjacent router exchanging routing information with this router
4. Configure authentication
In order to strengthen the security of routing process, configure RIP authentication in the router. Set interface password; the network neighborhood must use the same password in the network. RIPv1does not support authentication.
Command format Command Mode
Command function
ip rip authentication key <key> VLAN interface
Specify the password value for interface simple text authentication
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
128 Confidential and Proprietary Information of ZTE CORPORATION
ip rip authentication mode {text|md5}
VLAN interface
Specify the authentication type for RIP message packet
5. Enable split horizon mechanism
Command format Command Mode
Command function
ip split-horizon VLAN interface
Make split-horizon mechanism valid
6. Enable poison reverse mechanism
Command format Command Mode
Command function
ip poison-reverse VLAN interface
Make poison reverse mechanism valid
7. Redistribute route from a route domain to RIP route domain
Command format Command Mode
Command function
redistribute <protocol> [metric <metric-value>] [route-map <map-tag>]
Route RIP Redistribute route from a route domain to RIP route domain
8. Set the default metric, which is adopted when redistributing routes generated by other protocols to be RIP routes
Command format Command Mode
Command function
default-metric <metric-value> Route RIP
Set the default metric, which is adopted when redistributing routes generated by other protocols to be RIP routes
Version: ZXR10 T160G/T64G supports both RIPv1 and RIPv2; RIPv2 is applied by default. The following commands can be applied to designate RIP versions received or transmitted by router.
Command format Command Mode
Command function
version {1|2} Route RIP Specify RIP version for router global use
ip rip receive version {1|2} [1|2] VLAN interface
Specify the RIP version received in the interface
ip rip send version {1|2 {broadcast|multicast}}
VLAN interface
Specify the RIP version transmitted in the interface
Instances of configuring RIP As shown in Figure 45, run RIP in R1 and R2.
Chapter 14 RIP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 129
F I G U R E 45 B AS I C R IP C O N F I G U R AT I O N
R1 R2192.168.1.1/24
192.168.1.2/2410.1.0.1/16
10.2.0.1/16
R1 configuration:
ZXR10_R1(config)#router rip
ZXR10_R1(config-router)#network 10.1.0.0 0.0.255.255
ZXR10_R1(config-router)#network 192.168.1.0 0.0.0.255
R2 configuration:
ZXR10_R2(config)#router rip
ZXR10_R2(config-router)#network 10.2.0.0 0.0.255.255
ZXR10_R2(config-router)#network 192.168.1.0 0.0.0.255
RIP Maintenance and Diagnosis ZXR10 T160G/T64G provides show command to implement maintenance and diagnosis. The frequently used commands in RIP maintenance and diagnosis are presented as follows:
1. Show protocol information
Command format Command Mode
Command function
show ip rip [vrf <vrf-name>] All modes Show basic information of running RIP
2. Examine RIP interface
Command format Command Mode
Command function
show ip rip interface [vrf <vrf-name>]<interface-name> All modes Show current configuration and
status of RIP interface
3. Show RIP neighbor
Command format Command Mode
Command function
show ip rip neighbors All modes Show information of all configured neighbors
4. Show routing entry database
Command format Command Mode
Command function
show ip rip database[vrf <vrf-name>] [network <ip-address>
All modes Show routing entries generated by RIP protocol
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
130 Confidential and Proprietary Information of ZTE CORPORATION
[mask <net-mask>]]
5. Show all RIP interface information configured by user command
Command format Command Mode
Command function
show ip rip networks[vrf <vrf-name>] All modes
Show all RIP interface information configured by user command
ZXR10 T160G/T64G also provides debug command to debug RIP protocol, tracing related information. For example:
Command format Command Mode
Command function
debug ip rip Privileged Trace RIP basic process of transmitting and receiving packet
debug ip rip database Privileged Trace the change process of RIP routing table
The debugging output example of debug ip rip command
ZXR10#debug ip rip
RIP protocol debugging is on
ZXR10#
11:01:28: RIP: building update entries
130.1.0.0/16 via 0.0.0.0, metric 1, tag 0
130.1.1.0/24 via 0.0.0.0, metric 1, tag 0
177.0.0.0/9 via 0.0.0.0, metric 1, tag 0
193.1.168.0/24 via 0.0.0.0, metric 1, tag 0
197.1.0.0/16 via 0.0.0.0, metric 1, tag 0
199.2.0.0/16 via 0.0.0.0, metric 1, tag 0
202.119.8.0/24 via 0.0.0.0, metric 1, tag 0
11:01:28: RIP: sending v2 periodic update to 224.0.0.9 via vlan10 (193.1.1.111)
130.1.0.0/16 via 0.0.0.0, metric 1, tag 0
130.1.1.0/24 via 0.0.0.0, metric 1, tag 0
177.0.0.0/9 via 0.0.0.0, metric 1, tag 0
193.1.1.0/24 via 0.0.0.0, metric 1, tag 0
11:01:28: RIP: sending v2 periodic update to 193.1.168.95 via vlan20 (193.1.168.111)
11:01:28: RIP: sending v2 periodic update to 193.1.168.86 via vlan20 (193.1.168.111)
11:01:28: RIP: sending v2 periodic update to 193.1.168.77 via vlan20 (193.1.168.111)
11:01:28: RIP: sending v2 periodic update to 193.1.168.68 via vlan20 (193.1.168.111)
Confidential and Proprietary Information of ZTE CORPORATION 131
C h a p t e r 15
OSPF Configuration
OSPF is the abbreviation of Open Shortest Path First. OSPF protocol is a link status routing protocol, which satisfies the demands of large-scaled and extensible network that cannot be solved by distance vector routing protocol like RIP. In this chapter, you will learn about:
OSPF overview
Configuring OSPF
Instances of configuring OSPF
OSPF Maintenance and Diagnosis
OSPF overview OSPF Fundamental OSPF (Open Shortest Path First) is one of the most popular and widely-used protocols presently. OSPF is a link-state protocol, which overcomes the disadvantages of RIP and other distance-vector protocols. OSPF is an open standard, which makes devices of different vendors interconnect with each other via protocol.
OSPF version 1 is defined in RFC1131. Currently used OSPF version 2 , is defined in RFC2328. ZXR10 T160G/T64G completely supports OSPF version 2.
OSPF has the following characteristics:
Fast convergence, ensure database synchronization via fast diffusing link state update, and calculates routing table synchronously.
Loop-free, ensure that no loop generated via SPF algorithm.
Aggregation, reduce size of routing table.
Totally classless, supports Variable Length Subnet Mask (VLSM) and Classless Inter-Domain Routing (CIDR)
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
132 Confidential and Proprietary Information of ZTE CORPORATION
Reduce the required network bandwidth; for trigger update mechanism is adopted, only when the network changes, the update information will be transmitted.
Supports interface packet authentication, ensuring security of routing calculation
Transmit update via multicast mode, which reduces interference against irrelated network devices while broadcasting.
OSPF Algorithm OSPF is a link-state protocol, so OSPF router generates routing table via creating link-state database, which contains information of all networks and routers. Routers use the information to create routing table; all routers must have an identical link-state database to ensure reliability. Link-state database is built according to link state advertisement (LSA), and LSA is generated by each router and spreads in the whole OSPF network. LSA has a lot of categories; integrated LSA aggregation will present the precise distribution diagram of the whole network for routers
OSPF uses cost as its metric. The cost is distributed to each interface of the router; by default, the cost of an interface is calculated automatically with the reference of 100M. The path cost to a specific destination is the sum of all link costs from the router to destination.
In order to generate routing table from LSA database, the router runs Dijkstra SPF algorithm to construct a cost routing tree, the router itself serves as the root of the routing tree. Dijkstra algorithm makes the router calculate the lowest-cost-path to each node in the network, and the router saves the routes of these paths to routing table.
Unlike RIP, OSPF doesn’t simply broadcast all routing information periodically. OSPF router uses calling message to let neighbors know that it is alive. If a router doesn’t receive hello packets from neighbors in a specific period, it indicates that the neighbor may not be functional. OSPF routing-update is increasing; usually the router sends update information only when the topology is changing. When the age of LSA reaches 1800 seconds, retransmit a new version of the LSA.
OSPF Network Types The type of the network connected to an interface is for judging the OSPF default activities in the interface. The network type will affect the formation of adjacency and the method that the router distributes timer to the interface.
The following five network types are available in OSPF:
Broadcast
Non-broadcast Multi-access, NBMA
Point-to-Point
Point-to-Multipoint
Chapter 15 OSPF Configuration
Confidential and Proprietary Information of ZTE CORPORATION 133
Virtual Links
Hello Packet and Timer OSPF router exchanges Hello packet at a certain interval, whose function is to keep alive among neighbors. Hello packet can detect OSPF neighbor, create association and adjacency among neighbors, and select designated router. In broadcast, point-to-point, point-to-multipoint network types, Hello packets are multicast packets; in NBMA network and virtual links, Hello packets unicast to neighbor router.
OSPF uses three kinds of hello-packet-related timers:
Calling Interval
Calling interval is a property of interface, which defines the interval of sending hello packets by the router from each interface. The default calling interval is determined by the network type. In the broadcast and point-to-point network, the default calling interval is 10 seconds; while in NBMA and point-to-multipoint network, the default calling interval is 30 seconds. The adjacent routers must accept the length of calling interval so as to become neighbors.
Router dead-interval
The router dead-interval refers to the waiting time from the router receiving the last hello packet from neighbor to the router detecting that the neighbor is offline. The default router dead-interval is four times of calling interval, which is applicable to all network types.
Poll Interval
Poll interval is only applied in NBMA network.
OSPF Neighbor OSPF neighbor is a group of routers in the same network; these routers stipulated some configuration parameters. The routers must be neighbors then they can become adjacent with neighbor.
Analyze hello packets mutually when the routers form neighbor relationship, to make sure that the required parameters are stipulated. The parameters cover: Area ID, area flag, authentication information, calling interval, and router dead interval.
Adjacency and Designated Router When two routers become adjacent, they can exchange routing information. The network type connecting routers determines whether two routers become adjacent.
Point-to-point network and virtual link have only two routers, so the routers become adjacent automatically. Point-to-multipoint network can be considered to be the aggregation of point-to-point network, every pair of routers become adjacent.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
134 Confidential and Proprietary Information of ZTE CORPORATION
In the broadcast and NBMA network, neighbors not necessarily become adjacent. If all the n routers in a network formed adjacency, every router has (n-1) adjacencies, and there will be n (n-1)/2 adjacencies in the network. In a big multi-access network, if every router has to trace so many adjacencies, the burden of the router will be quite heavy, at the same time, routing information in each pair of adjacent routers will waste plenty of network bandwidth.
Therefore, OSPF defines a designated router (DR) and a backup designated router (BDR). DR and BDR must establish adjacency with every OSPF router, and every OSPF router only forms adjacency with DR and BDR. If DR stop working, BDR will become DR.
Router Priority and DR Election Every router has a priority, which will affect the router’s capability of becoming DR or BDR in the connected network. The router priority is indicated by octet unsigned integer, with the range of 0~255, defaults to 1.
In DR election, the router with the highest priority will become the DR. When the priorities are the same, the router with the highest election IP address is the DR. The router with the priority of 0 cannot become DR or BDR.
OSPF Area OSPF divides the network into several minor parts to reduce the information size each router saved and maintained. Every router must have the integrated information of the area it resides in. Each area shares information; routing information can be filtrated, which can reduce the size of routing information saved in the router.
One area is identified with 32-bit unsigned number. Area 0 is reserved to identify backbone network, all other areas must be connected with area 0. An OSPF network must have a backbone area. Routers can be one or multiple of the following types according to its tasks in the area, as shown in Figure 46.
F I G U R E 46 OSPF R O U T E R TY P E S
Area1
Area 0
Area2Internal Router
Backbone Router
Backbone Router
Backbone Router
ABR
RIP
ASBR
Internal router: A router that has all of its interfaces within the same area
Chapter 15 OSPF Configuration
Confidential and Proprietary Information of ZTE CORPORATION 135
Backbone router: A router that has at least one interface in area zero.
Area Border Router (ABR): A router has at least one interface in area 0 and at least one interface in other area.
Autonomous System Border Routers (ASBR): The router connects an AS running OSPF to another AS running other protocols (such as RIP or IGRP).
LSA Types and Diffusion LSA is the way of exchanging information for link state database between OSPF routers, the router uses LSA to construct a precise and complete network view, and generates routes used in the routing table. ZXR10 T160G/T64G supports 6 types of LSA. They are respectively:
Type 1: Router LSA
Type 2: Network LSA
Type 3: Network summary LSA
Type 4: ASBR summary LSA
Type 5: AS external LSA
Type 7: NSSA external LSA
The OSPF operation is determined by all the routers in an area sharing a public link state database, hence, all LSA need to be diffused via this area, at the same time, processing must be reliable. Every router receiving LSA of specific area will diffuse it to other interfaces belonging to this area. LSA has no its own message, which are contained in the Link State Update (LSU) messages, several LSA can be contained in one LSU. When the router receives a LSU, it separates the messages from LSA and input them into its own database rather than simply transmitting the message. Meanwhile, the router constructs its own LSU and transmits the updated LSU to its adjacent neighbors.
The OSPF uses Link State Acknowledgements (LSAck) to confirm that whether each LSA is received by the neighbor successfully. An LSAck has identified LSA header, which provides efficient information to identify an LSA uniquely. When a router sends an LSA to an interface, the LSA will be recorded in the retransmission queue of the interface. The router will wait for the maximum interval to receive the LSAck of the LSA. If it failed to receive LSAck in the stipulated time, the router will retransmit the LSA. The router can adopt unicast or multicast to transmit old LSU, but the retransmitted LSU is unicast.
Stub Area and Totally Stubby Area When ASBR is not available in a non-backbone, the router has only one path to AS external network, namely, via ABR. Therefore, routers in these areas will transmit the LSA which are transmitted toward AS external unknown hosts to ABR. As a result, type 5 LSA is not required to be diffused to the area, and in this area, there is no LSA of type 4. This kind of area type is called Stub Area.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
136 Confidential and Proprietary Information of ZTE CORPORATION
In a stub area, all routers must be configured to be stub routers. Hello packet contains a “stub area ” flag bit, which must be consistent in the neighbors.
The ABR in the stub area can filter type 5 LSA to prevent them from releasing in the stub area. At the same time, ABR will generate a type 3 LSA, notifying a default route reached AS external destination address.
If the ABR also filters type 3 LSA, and notifies a default route reached area external destination address. This kind of area is called Totally Stubby Area.
Not-So-Stubby Area Routers in stub area don’t permit type 5 LSA, so ASBR is not a part of stub area. However, we may expect a stub area with ASBR, in which, the router receives AS external routes from the ASBR in this area, but external routing information from other areas will be blocked.
So, OSPF defines Not-So-Stubby Area (NSSA). In an NSSA, ASBR generates type 7 LSA instead of type 5 LSA. The ABR cannot transmit type 7 LSA to other OSPF area. On the one hand, it blocks the external routers from reaching the NSSA area, on the other hand, convert type 7 LSA into type 5 LSA.
OSPF Authentication Authentication can be applied in packet switching between two OSPF neighbors. The neighbors must agree on authentication type, which is contained in all packets.
Authentication 0 indicates no authentication, 1 indicates simple password authentication and 2 indicates MD5 password authentication.
When configuring simple password authentication, one interface allows only one password, the password of each interface can be different, but in a specific network, every interface must have identical password. Simple password is transmitted by OSPF packets via clear text.
Configuring OSPF The OSPF configuration can be either simple or complicated. ZXR10 T160G/T64G supports many OSPF complicated options, to satisfy the requirements of various networks.
Basic Configuration Enable OSPF
Command format Command Mode
Command function
Chapter 15 OSPF Configuration
Confidential and Proprietary Information of ZTE CORPORATION 137
router ospf <process-id> Global Enable OSPF routing process
Define interface
Command format Command Mode
Command function
network <ip-address> <wildcard-mask> area <area-id>
Router OSPF
Define the interface running OSPF protocol and the area ID of the interface, if the area does not exit, it will be created automatically
The network command will traverse all interfaces, if the interface belongs to the specified range of <address> and <wildcard-mask>, add it to the specified OSPF area in the command.
Configure Basic Attributes of Interface 1. Configure interface timer
Command format Command Mode
Command function
ip ospf hello-interval <seconds> VLAN interface
Specify the interval of interface’s transmitting Hello message
ip ospf retransmit-interval <seconds>
VLAN interface
Specify the interval of interface’s retransmitting LSA
ip ospf transmit-delay <seconds> VLAN interface
Specify the delay of interface’s transmitting a link state update packet
ip ospf dead-interval <seconds> VLAN interface
Specify the neighbor’s dead time in the interface
Many OSPF characteristics can be self-defined to adapt to any network environment. Although in most cases, it is not necessary to modify the default value of the timer, sometimes, adjusting timer can improve the protocol performance.
2. Configure interface cost
Command format Command Mode
Command function
ip ospf cost <cost> VLAN interface Show configured interface cost
Note:
When using network devices of multiple vendors, make sure that all OSPF can work together. For example, all routers must use the same method to calculate interface cost.
3. Configure interface priority
Command format Command Mode
Command function
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
138 Confidential and Proprietary Information of ZTE CORPORATION
ip ospf priority <priority> VLAN interface Configure interface priority
Configure Neighbor Router The neighbor routers in the non-broadcast network must be set manually. It is necessary to traverse all interfaces, when the neighbor IP address and interface IP address are in the same network segment, mount the neighbor to the interface.
Command format Command Mode
Command function
neighbor <ip-address> [cost <cost>] [priority <priority>] [poll-interval <seconds>]
Route OSPF
Configure neighbor router in the non-broadcast network
Set OSPF Area OSPF uses area to implement hierarchical router. OSPF area covers stub area, totally stubby area, and not-so-stubby area. The backbone area belongs to conversion area.
Command format Command Mode Command function
area <area-id> stub [default-cost <cost>]
Route OSPF Define an area to be stub area
area <area-id> stub no-summary [default-cost <cost>]
Route OSPF
Define an area to be totally stubby area
area <area-id> nssa [no-redistribution] [default-information-originate [metric <metric-value>] [metric-type <type>]] [no-summary]
Route OSPF
Define an area to not-so-stubby area
Configure Inter-area Route Convergence One of the reasons of OSPF’s prevalence is route convergence. The router convergence can occur between areas or between autonomous systems. The inter-area route convergence occurs in ABR, while inter-autonomous-systems route convergence occurs in ASBR.
Configuring stub area can save route resources in the stub area, but for backbone network, it is helpless. When network address distribution in an area is consecutive, configure ABR to advertise a converged route to replace these consecutive single routes. The route convergence can save backbone resources, which can be implemented via advertising a group of network addresses to be a convergence address.
Command format Command Mode
Command function
area <area-id> range <ip-address> <net-mask> [advertise|not-advertise]
Route OSPF
Configure the summary address range in the area
Chapter 15 OSPF Configuration
Confidential and Proprietary Information of ZTE CORPORATION 139
Generate Default Route Configure an ASBR to advertise a default route to the entire OSPF area. A router becomes an ASBR after using redistribution route. By default, the ASBR does not advertise default route to the entire OSPF area automatically. Configure router to notify default route via command, then the router will become ASBR automatically.
Command format Command Mode
Command function
notify default route [always] [metric <metric-value>] [metric-type <type>] [route-map <map-tag>]
Route OSPF
Configure ASBR to notify default route to OSPF area
Configure Virtual Link All areas in the OSPF network must be connected to backbone area directly. It will restrict the area layout, especially when the network is vast. To solve this problem, connect a remote area via other area to backbone area by the means of virtual link. The area that the virtual link crossed must have complete routing information; hence, the area cannot be a stub area.
Command format Command
Mode Command function
area <area-id> virtual-link <router-id> [hello-interval <seconds>] [retransmit-interval <seconds>] [transmit-delay <seconds>] [dead-interval <seconds>] [authentication-key <key>] [message-digest-key <keyid> md5 <cryptkey> [delay <time>]] [authentication [null|message-digest]]
Route OSPF
Define OSPF virtual link, if the specified area does not exist, it will be created automatically
Redistribute Other Routing Protocols Different dynamic routing protocols can share routing information via route redistribution. In the OSPF, the routing information of other routing protocol is external routing information of autonomous system. The external routing information of autonomous system can be diffused to the entire OSPF network via OSPF LSA only when it is redistributed to OSPF protocol.
Use redistribute command to control that route of other routing protocols redistributes into OSPF autonomous system; the router becomes an ASBR after using the command.
Command format Command Mode
Command function
redistribute <protocol> [as <as-number>] [peer <peer-address>] [tag <tag-value>]
Route OSPF
Control importing matched routes of other protocols into OSPF autonomous system; the
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
140 Confidential and Proprietary Information of ZTE CORPORATION
[metric <metric-value>] [metric-type <type>] [route-map <map-tag>]
router becomes an ASBR after using the command
Configure Route Convergence of Route Redistribution Every individual route is advertised as an external LSA when routes of other protocols are redistributed to OSPF. Take the external routes as a single route to advertise via convergence, which will significantly reduce the size of OSPF link state database.
Command format Command Mode
Command function
summary-address <ip-address> <net-mask>
Route OSPF
Construct convergence address for OSPF; Summarize other routing protocol paths that are being redistributed to OSPF.
Configure OSPF Authentication In order to enhance the security of routing process in the network, configure OSPF authentication in the router. Set interface password; the network neighborhood must use the same password in the network.
Command format Command Mode
Command function
area <area-id> authentication [message-digest]
Route OSPF
Enable authentication in the OSPF area
ip ospf authentication [null|message-digest]
VLAN interface
Set the type of authentication for the interface
ip ospf authentication-key <password>
VLAN interface
Set password for the interface with the type of simple password authentication
Configure Routes Supporting Opaque LSA In the process of link state database switching, the opaque LSA is contained in database abstract list and transmitted to the adjacent routers that do not support opaque LSA either.
When a router floods opaque LSA to adjacent router, it first checks whether the adjacent router supports opaque LSA. The opaque LSA is transmitted to the adjacent routers that support this function; they are added to the link state retransmission list of the adjacent router. When the link state update report is multicast, the adjacent routers that do not support this function will receive this advertisement passively and then simply discard.
Command format Command
Mode Command function
capability opaque Route Make the route support opaque
Chapter 15 OSPF Configuration
Confidential and Proprietary Information of ZTE CORPORATION 141
OSPF LSA
Modify OSPF Administrative Distance The administrative distance represents the reliability of information source. Usually the administrative distance is an integer in the range of 0~255, the higher is the value, the lower the reliability is. If the administrative distance is 255, it means that the routing information source is unreliable.
ZXR10 T160G/T64G can define the administrative distance of three types of OSPF routes: Internal route, type 1 external route and type 2 external route. By default, the administrative distances of the three types of routes are 110.
Command format Command Mode
Command function
distance ospf {[internal <distance>] [ext1 <distance>] [ext2 <distance>]}
Route OSPF
Define route-type-based OSPF route administrative distance
Instances of Configuring OSPF Basic OSPF Configuration As shown in Figure 47, run OSPF in routers R1 and R2, divide the network into three areas.
F I G U R E 47 B AS I C OSPF C O N F I G U R AT I O N
R1 R2192.168.1.1/24
192.168.1.2/24
192.168.3.1/24
192.168.2.1/24
Area 0Area 23 Area 24
R1 configuration:
ZXR10_R1(config)#router ospf 1
ZXR10_R1(config-router)#network 192.168.2.0 0.0.0.255 area 23
ZXR10_R1(config-router)#network 192.168.1.0 0.0.0.255 area 0
R2 configuration:
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 192.168.3.0 0.0.0.255 area 24
ZXR10_R2(config-router)#network 192.168.1.0 0.0.0.255 area 0
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
142 Confidential and Proprietary Information of ZTE CORPORATION
Configure Multiple-area OSPF When a single area network is expanded to a specific scale, design the network to be multiple OSPF areas. An instance of configuring multiple-area OSPF is shown in Figure 48.
F I G U R E 48 E X AM P L E O F M U L T I -AR E A OSPF C O N F I G U R AT I O N
R1 R2
R3
R4 R5
Area 0
Area 1 Area 2
10.0.0.1/24
10.0.0.2/24
10.0.0.3/24
10.0.1.1/30
10.0.1.2/30
10.0.2.1/30
10.0.2.2/30
192.168.1.1/24
RIP
BGP192.168.0.1/24
The following illustrates the detailed configuration of each router.
Area 1 is an NSSA area; R1 is an ABR working between NSSA area 1 and backbone area. R1 advertises a default route to this area.
R1 configuration:
ZXR10_R1(config)#interface vlan1
ZXR10_R1(config-if)#ip address 10.0.1.1 255.255.255.252
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#interface vlan2
ZXR10_R1(config-if)#ip address 10.0.0.1 255.255.255.0
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#router ospf 1
ZXR10_R1(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
ZXR10_R1(config-router)#network 10.0.1.0 0.0.0.3 area 0.0.0.1
ZXR10_R1(config-router)#area 0.0.0.1 nssa default-information-originate
Area 2 is a stub area; R2 is an ABR working between area 2 and backbone area. In the stub area, ABR will advertise a default route to stub area automatically.
R2 configuration:
ZXR10_R2(config)#interface vlan1
ZXR10_R2(config-if)#ip address 10.0.2.1 255.255.255.252
Chapter 15 OSPF Configuration
Confidential and Proprietary Information of ZTE CORPORATION 143
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#interface vlan2
ZXR10_R2(config-if)#ip address 10.0.0.2 255.255.255.0
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
ZXR10_R2(config-router)#network 10.0.2.0 0.0.0.3 area 0.0.0.2
ZXR10_R2(config-router)#area 0.0.0.2 stub
R3 is a router working in backbone area 0; externally it connects other autonomous system via BGP. As the exit router of the entire autonomous system, R3 advertises a default route to the entire OSPF area via manual configuration.
R3 configuration:
ZXR10_R3(config)#interface vlan1
ZXR10_R3(config-if)#ip address 10.0.0.3 255.255.255.0
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#interface vlan2
ZXR10_R3(config-if)#ip address 192.168.0.1 255.255.255.0
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#router ospf 1
ZXR10_R3(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
ZXR10_R3(config-router)#notify default route always
R4 is an ASBR in NSSA area 1; it also runs RIP protocol other than OSPF; RIP protocol can be injected into OSPF via route redistribution.
R4 configuration:
ZXR10_R4(config)#interface vlan1
ZXR10_R4(config-if)#ip address 192.168.1.1 255.255.255.0
ZXR10_R4(config-if)#exit
ZXR10_R4(config)#interface vlan2
ZXR10_R4(config-if)#ip address 10.0.1.2 255.255.255.252
ZXR10_R4(config-if)#exit
ZXR10_R4(config)#router ospf 1
ZXR10_R4(config-router)#network 10.0.1.0 0.0.0.3 area 0.0.0.1
ZXR10_R4(config-router)#area 0.0.0.1 nssa
ZXR10_R4(config-router)#redistribute rip metric 10
R5 is a router working in stub area 2.
R5 configuration:
ZXR10_R5(config)#interface vlan1
ZXR10_R5(config-if)#ip address 10.0.2.2 255.255.255.252
ZXR10_R5(config-if)#exit
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
144 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R5(config)#router ospf 1
ZXR10_R5(config-router)#network 10.0.2.0 0.0.0.3 area 0.0.0.2
ZXR10_R5(config-router)#area 0.0.0.2 stub
Configure OSPF Virtual Link Figure 49 presents an instance of configuring OSPF virtual link.
F I G U R E 49 E X AM P L E O F OSPF V I R T U AL L I N K C O N F I G U R AT I O N
R1
R2
R3
Area 0
Area 1
Area 2
10.0.0.1/24
10.0.0.2/24
10.0.1.1/30
10.0.1.2/30
10.0.2.1/24
Virtual link
The following illustrates the detailed configuration of each router.
R1 configuration:
ZXR10_R1(config)#interface vlan1
ZXR10_R1(config-if)#ip address 10.0.0.1 255.255.255.0
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#router ospf 1
ZXR10_R1(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
R2 configuration:
ZXR10_R2(config)#interface vlan1
ZXR10_R2(config-if)#ip address 10.0.0.2 255.255.255.0
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#interface vlan2
ZXR10_R2(config-if)#ip address 10.0.1.1 255.255.255.252
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
ZXR10_R2(config-router)#network 10.0.1.0 0.0.0.3 area 0.0.0.1
ZXR10_R2(config-router)#area 1 virtual-link 10.0.1.2
Chapter 15 OSPF Configuration
Confidential and Proprietary Information of ZTE CORPORATION 145
R3 configuration:
ZXR10_R3(config)#interface vlan1
ZXR10_R3(config-if)#ip address 10.0.1.2 255.255.255.252
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#interface vlan2
ZXR10_R3(config-if)#ip address 10.0.2.1 255.255.255.0
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#router ospf 1
ZXR10_R3(config-router)#network 10.0.1.0 0.0.0.3 area 0.0.0.1
ZXR10_R3(config-router)#network 10.0.2.0 0.0.0.255 area 0.0.0.2
ZXR10_R3(config-router)#area 1 virtual-link 10.0.0.2
Configure OSPF Authentication Figure 50 presents an instance of configuring OSPF authentication. Area 0 adopts clear text authentication mode; area 1 adopts MD5 encryption authentication mode
F I G U R E 50 E X AM P L E O F OSPF AU T H E N T I C AT I O N C O N F I G U R AT I O N
R1
R2
R3
Area 0
Area 1
10.0.0.1/24
10.0.0.2/24
10.0.1.1/30
10.0.1.2/30
Clear TextAuthentication
MD5 Authentication
The following illustrates the static configuration of each router.
R1 configuration:
ZXR10_R1(config)#interface vlan1
ZXR10_R1(config-if)#ip address 10.0.0.1 255.255.255.0
ZXR10_R1(config-if)#ip ospf authentication-key ZXR10
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#router ospf 1
ZXR10_R1(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
ZXR10_R1(config-router)#area 0 authentication
R2 configuration:
ZXR10_R2(config)#interface vlan1
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
146 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R2(config-if)#ip address 10.0.0.2 255.255.255.0
ZXR10_R2(config-if)#ip ospf authentication-key ZXR10
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#interface vlan2
ZXR10_R2(config-if)#ip address 10.0.1.1 255.255.255.252
ZXR10_R2(config-if)#ip ospf message-digest-key 1 md5 ZXR10
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
ZXR10_R2(config-router)#network 10.0.1.0 0.0.0.3 area 0.0.0.1
ZXR10_R2(config-router)#area 0 authentication
ZXR10_R2(config-router)#area 1 authentication message-digest
R3 configuration:
ZXR10_R3(config)#interface vlan1
ZXR10_R3(config-if)#ip address 10.0.1.2 255.255.255.252
ZXR10_R3(config-if)#ip ospf message-digest-key 1 md5 ZXR10
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#interface vlan2
ZXR10_R3(config-if)#ip address 10.0.2.1 255.255.255.0
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#router ospf 1
ZXR10_R3(config-router)#network 10.0.1.0 0.0.0.3 area 0.0.0.1
ZXR10_R3(config-router)#network 10.0.2.0 0.0.0.255 area 0.0.0.2
ZXR10_R3(config-router)#area 1 authentication message-digest
OSPF Maintenance and Diagnosis Compared to RIP, OSPF is much more complicated, the troubleshooting of OSPF protocol will be rather difficult, for the same symptom may be caused by various reasons. The frequently used commands in OSPF maintenance and diagnosis are presented as follows:
1. Show protocol information
Command format Command Mode
Command function
show ip ospf All modes Show the detailed information of OSPF process
2. Examine OSPF interface
Command format Command Mode
Command function
Chapter 15 OSPF Configuration
Confidential and Proprietary Information of ZTE CORPORATION 147
show ip ospf interface [<interface-name>] [process <process-id>]
All modes Show current configuration and status of OSPF interface
3. Show OSPF neighbor
Command format Command Mode
Command function
show ip ospf neighbor [interface <interface-name>] [neighbor-id <neighbor>] [process <process-id>]
All modes Show information of OSPF neighbor
The routing information between two routers cannot communicate because the adjacency is not formed. Check whether the neighbor relationship state between two OSPF routers is Full, which is the flag of normal running OSPF protocol.
4. Show link state database
Command format Command Mode
Command function
show ip ospf database All modes Show all or part information of a link state database
Link state database is the source of all OSPF routes in the IP routing table. Many route problems may be caused by the incorrect information or information losing in the link state database.
ZXR10 T160G/T64G provides debug command to debug OSPF protocol, tracing related information. For example:
Command format Command Mode
Command function
debug ip ospf adj PrivilegedTurn on the switch of looping back OSPF adjacent events debugging information
debug ip ospf packet Privileged
Turn on the switch of looping back OSPF receiving and transmitting packets events debugging information, monitor receiving and transmitting all OSPF packets
debug ip ospf lsa-generation Privileged
Turn on the switch of looping back OSPF generation link state address events debugging information
debug ip ospf events PrivilegedTurn on the switch of looping back OSPF important events debugging information
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
148 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 149
C h a p t e r 16
IS-IS Configuration
IS-IS protocol is a routing protocol for connectionless network service (CLNS) developed by International Standardization Organization (ISO). It is a link-state protocol also based on Dijkstra shortest path first (SPF) algorithm. IS-IS is similar to OSPF in many aspects. In this chapter, you will learn about:
IS-IS overview
Configuring IS-IS
Instances of configuring IS-IS
IS-IS Maintenance and Diagnosis
IS-IS Overview Intermediate System-to-Intermediate System (IS-IS) is a routing protocol for Connectionless Network Service developed by ISO. IS-IS is a network layer protocol in OSI protocol. By expanding IS-IS protocol, added the supporting for IP route, formed integrated IS-IS protocol. The IS-IS protocols mentioned presently refer to integrated IS-IS protocol.
IS-IS Fundamental IS-IS protocol is widely used in network as an IGP. The working mechanism of IS-IS is similar to that of OSPF: Partition the network into areas, in which the router only manages the routing information in the area, thus save the router cost. This feature enables it to adapt to the requirements of large-scaled network.
IS-IS protocol is based on CLNS instead of IP, so when the routers are communicating, IS-IS uses Protocol Data Unit (PDU) defined by ISO. The PDU types used in IS-IS include:
Hello PDU
Link state PDU (LSP)
Sequence number PDU (SNP)
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
150 Confidential and Proprietary Information of ZTE CORPORATION
The Hello PDU is similar to Hello message in OSPF protocol, responsible for forming adjacency between routers, finding new neighbor and detecting whether any neighbor exits.
IS-IS routers exchange routing information via link state PDU, create and maintain link state database. One LSP indicates important information related to a router, including area and connected network. Meanwhile, ensure reliability transmission by using SNP. The SNP contains the summary information of every LSP in the network. When the router receives an SNP, it will compare the SNP with the link state database. If the router loses an LSP existed in SNP, it will launch a multicast SNP, requesting the needed LSP to other routers in the network. The coordination of LSP and SNP enables the reliable routing interaction of IS-IS protocol in the large-scaled network.
IS-IS protocol also uses Dijkstra SPF to calculate route. The IS-IS uses SPF obtain the optimized route using SPF algorithm according to link state database, and then adds the route IP routing table.
IS-IS Area The concept of area is introduced in IS-IS for easier link state database management. The router in an area is only responsible for the maintenance of link state database in this area, as a result, the burden of the router is relieved, which is particularly important in large-scaled network.
The areas in the IS-IS can be classified into backbone area and non-backbone area:
The router in the backbone area possesses the database information of the entire network.
The router in the non-backbone area possesses only the information of this area.
In response to the area partition, IS-IS defines three types of routers:
L1 router: Exists in non-backbone area, interacts routing information with L1 router and L1/L2 router in this area
L2 router: Exists in backbone area, interacts routing information with other L2 router and L1/L2 router.
L1/L2 router: Exists in non-backbone area, responsible for interacting routing information between this area and backbone area.
IS-IS area partition and router types are shown in Figure 51.
Chapter 16 IS-IS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 151
F I G U R E 51 IS - IS AR E A D I AG R AM
Area10
Area20 Area30
L2
L2 L2
L1/L2
L1
L1
L1/L2
L1
L1
A
Router
B
C
D E F
G
H
IS-IS Network Types There are only two types of network types in IS-IS: Broadcast network and Point-to-point network, which makes IS-IS configuration and implementation easier.
DIS and Router Priority In the broadcast network, similar to OSPF protocol, IS-IS also uses designated router (DIS). The DIS is responsible for advertising network information to all routers in the broadcast network, meanwhile, only one of other routers will be advertised to DIS adjacency.
Configure router priority parameter for DIS election, or configure different priorities for L1 and L2. When performing DIS election, the router with high priority will be selected as DIS; when the priorities are the same, for frame relay interface, the router with higher system ID value will be selected as DIS; for Ethernet interface, the router with higher interface MAC value will be selected as DIS.
Configuring IS-IS IS-IS configuration mentioned here refers to the configuration based on IP route.
Configuring Basic IS-IS 1. Enable IS-IS
Command format Command Mode
Command function
router isis Global Enable IS-IS routing process
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
152 Confidential and Proprietary Information of ZTE CORPORATION
2. Specify the IS-IS area and system IS
In the IS-IS routing configuration mode, it is required to define an area, specify the router to belong to the area. At the same time, it is required to define a system ID to identify the router in the area, usually, which are indicated with the interface MAC address of the router. By default, the router running IS-IS protocol is identified as LEVEL-1-2, in order to optimize network, it can be modified via command.
Command format Command Mode
Command function
area <area-address> Route IS-IS Set IS-IS area address
system-id <system-id> [range <range-number>]
Route IS-IS Set IS-IS system-id
3. Specify the interface to run IS-IS
When configuring IS-IS, specify the interface to run IS-IS protocol in the router. After accessing interface mode, specify the interface to run IS-IS.
Command format Command Mode
Command function
ip router isis VLAN interface
Configure IS-IS protocol to run in the interface
Set IS-IS Global Parameters If what are running in the network are all ZXR10 series switches or routers, when configuring IS-IS, using default parameters will be ok. But when connecting with equipment of other vendors, the related interface parameters and timer may have to be adjusted to make IS-IS protocol run more efficiently in the network.
The parameter configuration in IS-IS involves global parameter setup and interface parameter setup. The IS-IS global parameter must be configured in IS-IS route mode, the following describes a few common used global parameter setups.
1. Set IS-IS operation types
It is a basic parameter setup in the IS-IS configuration. The purpose is to define the operation type of the router according to actual networking conditions.
Command format Command Mode
Command function
is-type {level-1|level-1-2|level-2-only}
Route IS-IS Set the IS-IS-permitted level
2. Set the PSNP interval
The PSNP is usually applied in point-to-point network. The parameter is used to set the transmission interval between two PSNPs, with the default value of 3.
Chapter 16 IS-IS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 153
Command format Command Mode
Command function
isis psnp-interval <interval> [level-1|level-2]
VLAN interface
Set the transmission interval of PSNP packet
3. Advertise resources insufficient
Set the OL flag bit of IS-IS, which is used to advertise other routers running IS-IS when the processing capability of the router is insufficient.
Command format Command Mode
Command function
set-overload-bit Route IS-IS Set the OL flag bit of IS-IS
4. Generate a Default Route
When configuring redistribution of routes, the router needs the following commands to redistribute the default route in the routing entries to IS-IS domain.
Command format Command Mode
Command function
default-information originate [always] [metric <metric-value>] [metric-type <type>] [level-1|level-1-2|level-2]
Route IS-IS
Configure the advertisement policy of default routes
5. Route convergence
The IS-IS can generate a convergent route to advertise outward after converging part entries of the routing table, rather than advertise detailed route entries. The minimum metric in the converged route entries will be selected as the metric of convergent route
Command format Command Mode
Command function
summary-address <ip-address> <net-mask> <metric-value> [level-1|level-1-2|level-2]
Route IS-IS Set IS-IS summary address
Set IS-IS Interface Parameters The IS-IS parameter setup in the interface must be performed in the interface mode running IS-IS protocol. The follows describe a few kinds of typical interface parameter setups.
1. Set interface operation types
It is a basic parameter setup in the IS-IS configuration, which is used for specifying interface operation type. The value should match the IS-IS global operation type.
Command format Command Mode
Command function
isis circuit-type {level-1|level-1-2|level-2-only}
VLAN interface
Configure the types of adjacency that the port can construct
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
154 Confidential and Proprietary Information of ZTE CORPORATION
2. Set Hello interval
Command format Command Mode
Command function
isis hello-interval <interval> [level-1|level-2]
VLAN interface
Configure the interval of the port’s transmitting Hello
3. Set Hello Multiplier
Command format Command Mode
Command function
isis hello-multiplier <multiplier> [level-1|level-2]
VLAN interface
Configure the multiple of interface keeping time and hello interval
4. Set the LSP interval
Command format Command Mode
Command function
isis lsp-interval <interval> [level-1|level-2]
VLAN interface
Set the transmission interval of LSP packet
5. Set the Retransmit interval
Command format Command Mode
Command function
isis retrasmit-interval <interval> [level-1|level-2]
VLAN interface
Set the retransmission interval of LSP packet
6. Set the priority
Command format Command Mode
Command function
isis priority <priority> [level-1|level-2]
VLAN interface
Configure the DIS election priority of the interface
7. Set IS-IS Interface metrics
It is applied to set the metric when the interface participates IS-IS SPF calculation, different metrics can be set for L1 and L2 in the same interface. The default value is 10.
Command format Command Mode
Command function
isis metric <metric-value> [level-1|level-2]
VLAN interface Configure the interface metric
8. Set the CSNP interval
It is applied to set CSNP packet interval. In the broadcast network, the default value is 10; in the point-to-point network, the default value is 3600.
Command format Command Mode
Command function
isis csnp-interval <interval> [level-1|level-2]
VLAN interface
Set the transmission interval of CSNP packet
Chapter 16 IS-IS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 155
Configuring IS-IS Authentication ZXR10 T160G/T64G supports clear text authentication and MD5 encryption authentication. Use the following commands to select authentication mode.
Command format Command Mode
Command function
isis authentication-type {text|md5} [level-1|level-2]
VLAN interface
Set the interface authentication mode
authentication-type {text|md5} [level-1|level-2] Route IS-IS Set the LSP message
authentication mode
For each authentication mode, ZXR10 T160G/T64G supports the following three types of IS-IS authentication:
Interface authentication
LSP authentication
SNP authentication
1. Interface authentication
Command format Command Mode
Command function
isis authentication <key> [level-1|level-2]
VLAN interface Set ADJ authentication
2. LSP authentication
Command format Command Mode
Command function
authentication <key> [level-1|level-2]
Route IS-IS Set LSP authentication of IS-IS
3. SNP authentication
Command format Command Mode
Command function
set-snp-authentication Route IS-IS Set SNP PDU authentication
Example: Configure SNP authentication, whose authentication string is welcome
ZXR10(config)#router isis
ZXR10(config-router)#authentication welcome
ZXR10(config-router)#set-snp-authentication
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
156 Confidential and Proprietary Information of ZTE CORPORATION
Instances of Configuring IS-IS Single-Area IS-IS Configuration Analyze the entire network before configuring IS-IS, and then determine the network topology according to the network size, whether dividing multiple areas is needed, whether multiple routing protocols are running in the network. The following illustrates the basic configuration of IS-IS protocol taking sing-area network as an example, as shown in Figure 52.
F I G U R E 52 IS - IS C O N F I G U R AT I O N I N S I N G L E AR E A
192.168.1.1/24 192.168.6.1/24
192.168.2.2/24192.168.2.1/24
Area 1R1 R2
In the above figure, R1 and R2 comprise area 1, running IS-IS protocol. The detailed configuration is as follows:
R1 configuration:
ZXR10_R1(config)#router isis
ZXR10_R1(config-router)#area 01
ZXR10_R1(config-router)#system-id 00D0.D0C7.53E0
ZXR10_R1(config-router)#exit
ZXR10_R1(config)#interface vlan4
ZXR10_R1(config-if)#ip address 192.168.2.1 255.255.255.0
ZXR10_R1(config-if)#ip router isis
ZXR10_R1(config)#interface vlan6
ZXR10_R1(config-if)#ip address 192.168.1.1 255.255.255.0
ZXR10_R1(config-if)#ip router isis
R2 configuration:
ZXR10_R2(config)#router isis
ZXR10_R2(config-router)#area 01
ZXR10_R2(config-router)#system-id 00D0.D0C7.5460
ZXR10_R2(config-router)#exit
ZXR10_R2(config)#interface vlan4
ZXR10_R2(config-if)#ip address 192.168.2.2 255.255.255.0
ZXR10_R2(config-if)#ip router isis
ZXR10_R2(config)#interface vlan3
Chapter 16 IS-IS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 157
ZXR10_R2(config-if)#ip address 192.168.6.1 255.255.255.0
ZXR10_R2(config-if)#ip router isis
Multiple-Area IS-IS Configuration When the network is vast, we should consider using multiple areas in the IS-IS. Divide the similar routers into the same area according to the zone and functionality; the partition of area is helpful in reducing memory requirement. It makes the router in this area maintain relatively smaller link state database. Figure 53 is an instance of configuring multiple-area IS-IS.
F I G U R E 53 IS - IS C O N F I G U R AT I O N I N M U L T I AR E A
Area 1
Area 0
Area 2
192.168.100.1/24
192.168.101.1/24 192.168.102.1/24
192.168.10.0/24
192.168.14.1/24
192.168.13.0/24
R2
R3 R4
R1 R5 R6
192.168.11.0/24
192.168.15.0/24
192.168.12.0/24
192.168.16.0/24
Where, R1 belongs to area 1; R2, R3 and R4 belong to area 0; R5 and R6 belong to area 2. In R1, perform route convergence to network segment in area 1. In R6, redistribute the default route to IS-IS.
The following illustrates the detailed configuration of each router in the figure.
R1 configuration:
ZXR10_R1(config)#router isis
ZXR10_R1(config-router)#area 01
ZXR10_R1(config-router)#system-id 00D0.D0C7.53E0
ZXR10_R1(config-router)#is-type LEVEL-1-2
ZXR10_R1(config-router)#exit
ZXR10_R1(config)#interface vlan4
ZXR10_R1(config-if)#ip address 192.168.15.1 255.255.255.0
ZXR10_R1(config-if)#ip router isis
ZXR10_R1(config-if)#isis circuit-type LEVEL-2
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
158 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R1(config-router)#exit
ZXR10_R1(config)#interface vlan6
ZXR10_R1(config-if)#ip address 192.168.100.1 255.255.255.0
ZXR10_R1(config-if)#ip router isis
ZXR10_R1(config-if)#isis circuit-type LEVEL-1
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#interface vlan7
ZXR10_R1(config-if)#ip address 192.168.101.1 255.255.255.0
ZXR10_R1(config-if)#ip router isis
ZXR10_R1(config-if)#isis circuit-type LEVEL-1
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#interface vlan8
ZXR10_R1(config-if)#ip address 192.168.102.1 255.255.255.0
ZXR10_R1(config-if)#ip router isis
ZXR10_R1(config-if)#isis circuit-type LEVEL-1
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#router isis
ZXR10_R1(config-router)#summary-address 192.168.100.0 255.255.252.0 10
R2 configuration:
ZXR10_R2(config)#router isis
ZXR10_R2(config-router)#area 00
ZXR10_R2(config-router)#system-id 00D0.E0D7.53E0
ZXR10_R2(config-router)#is-type LEVEL-2
ZXR10_R2(config-router)#exit
ZXR10_R2(config)#interface vlan4
ZXR10_R2(config-if)#ip address 192.168.10.2 255.255.255.0
ZXR10_R2(config-if)#ip router isis
ZXR10_R2(config-if)#isis circuit-type LEVEL-2
ZXR10_R2(config-router)#exit
ZXR10_R2(config)#interface vlan6
ZXR10_R2(config-if)#ip address 192.168.12.2 255.255.255.0
ZXR10_R2(config-if)#ip router isis
ZXR10_R2(config-if)#isis circuit-type LEVEL-2
ZXR10_R2(config-if)#exit
R3 configuration:
ZXR10_R3(config)#router isis
ZXR10_R3(config-router)#area 00
ZXR10_R3(config-router)#system-id 00D0.E0C7.53E0
ZXR10_R3(config-router)#is-type LEVEL-2
ZXR10_R3(config-router)#exit
ZXR10_R3(config)#interface vlan4
ZXR10_R3(config-if)#ip address 192.168.15.3 255.255.255.0
Chapter 16 IS-IS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 159
ZXR10_R3(config-if)#ip router isis
ZXR10_R3(config-if)#isis circuit-type LEVEL-2
ZXR10_R3(config-router)#exit
ZXR10_R3(config)#interface vlan6
ZXR10_R3(config-if)#ip address 192.168.10.3 255.255.255.0
ZXR10_R3(config-if)#ip router isis
ZXR10_R3(config-if)#isis circuit-type LEVEL-2
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#interface vlan7
ZXR10_R3(config-if)#ip address 192.168.11.3 255.255.255.0
ZXR10_R3(config-if)#ip router isis
ZXR10_R3(config-if)#isis circuit-type LEVEL-2
ZXR10_R3(config-if)#exit
R4 configuration:
ZXR10_R4(config)#router isis
ZXR10_R4(config-router)#area 00
ZXR10_R4(config-router)#system-id 00D0.E0E7.53E0
ZXR10_R4(config-router)#is-type LEVEL-2
ZXR10_R4(config-router)#exit
ZXR10_R4(config)#interface vlan4
ZXR10_R4(config-if)#ip address 192.168.12.4 255.255.255.0
ZXR10_R4(config-if)#ip router isis
ZXR10_R4(config-if)#isis circuit-type LEVEL-2
ZXR10_R4(config-router)#exit
ZXR10_R4(config)#interface vlan6
ZXR10_R4(config-if)#ip address 192.168.11.4 255.255.255.0
ZXR10_R4(config-if)#ip router isis
ZXR10_R4(config-if)#isis circuit-type LEVEL-2
ZXR10_R4(config-if)#exit
ZXR10_R4(config)#interface vlan7
ZXR10_R4(config-if)#ip address 192.168.16.4 255.255.255.0
ZXR10_R4(config-if)#ip router isis
ZXR10_R4(config-if)#isis circuit-type LEVEL-2
ZXR10_R4(config-if)#exit
R5 configuration:
ZXR10_R5(config)#router isis
ZXR10_R5(config-router)#area 02
ZXR10_R5(config-router)#system-id 00D0.D0CF.53E0
ZXR10_R5(config-router)#is-type LEVEL-1-2
ZXR10_R5(config-router)#exit
ZXR10_R5(config)#interface vlan4
ZXR10_R5(config-if)#ip address 192.168.16.5 255.255.255.0
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
160 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R5(config-if)#ip router isis
ZXR10_R5(config-if)#isis circuit-type LEVEL-2
ZXR10_R5(config-router)#exit
ZXR10_R5(config)#interface vlan6
ZXR10_R5(config-if)#ip address 192.168.13.5 255.255.255.0
ZXR10_R5(config-if)#ip router isis
ZXR10_R5(config-if)#isis circuit-type LEVEL-1
ZXR10_R5(config-if)#exit
R6 configuration:
ZXR10_R6(config)#router isis
ZXR10_R6(config-router)#area 02
ZXR10_R6(config-router)#system-id 00D0.0ECD.53E0
ZXR10_R6(config-router)#is-type LEVEL-1
ZXR10_R6(config-router)#exit
ZXR10_R6(config)#interface vlan4
ZXR10_R6(config-if)#ip address 192.168.13.6 255.255.255.0
ZXR10_R6(config-if)#ip router isis
ZXR10_R6(config-if)#isis circuit-type LEVEL-1
ZXR10_R6(config-router)#exit
ZXR10_R6(config)#interface vlan8
ZXR10_R6(config-if)#ip address 192.168.14.1 255.255.255.0
ZXR10_R6(config-if)#exit
ZXR10_R6(config)#ip route 0.0.0.0 0.0.0.0 192.168.14.10
ZXR10_R6(config)#router isis
ZXR10_R6(config-router)#default-information originate
ZXR10_R6(config-router)#redistribute protocol static metric 10
ZXR10_R6(config-router)#end
ZXR10_R6#
IS-IS Maintenance and Diagnosis ZXR10 T160G/T64G provides show command to help diagnose IS-IS fault. The frequently used commands in IS-IS maintenance and diagnosis are presented as follows:
1. Show adjacency, display current neighbor state
Command format Command Mode
Command function
show isis adjacency [level-1|level-2] All modes Show the current neighbors
2. Show the current IS-IS interface information
Chapter 16 IS-IS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 161
Command format Command Mode
Command function
show isis circuits [detail] All modes Show the current IS-IS interface
3. Show the current IS-IS database information
Command format Command Mode
Command function
show isis database [level-1|level-2] [detail] All modes Show the current IS-IS database
4. Show the current IS-IS topology
Command format Command Mode
Command function
show isis topology [level-1|level-2] All modes Show the current IS-IS topology
ZXR10 T160G/T64G provides some debug commands other than show commands mentioned above, for practical application. For example:
Command format Command Mode
Command function
debug isis adj-packets PrivilegedTrace and show the hello message IS-IS received and transmitted
debug isis snp-packets Privileged
Trace and show SNP message that IS-IS received and transmitted and related processing events
debug isis spf-events PrivilegedTrace and show IS-IS routing calculation event debugging information
debug isis update-packets PrivilegedTrace and show IS-IS LSP packet processing event debugging information
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
162 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 163
C h a p t e r 17
BGP Configuration
Border Gateway Protocol (BGP) is an inter-domain routing protocol. BGP-4 is widely used on the Internet to communicate network information about available paths and networks.
In this chapter, you will learn about:
BGP Overview
Configuring BGP
Example of Configuring BGP
BGP Maintenance and Diagnosis
BGP Overview BGP is an inter-domain routing protocol between AS. The primary function of a BGP speaking system is to exchange network reachability information with other BGP systems. This network reachability information includes information on the list of Autonomous Systems (AS) that reachability information traverses. This information is sufficient to construct a graph of AS connectivity from which routing loops may be pruned and some policy decisions at the AS level may be enforced.
BGP-4 is defined in RFC1771. It supports the implementation of CIDR, supernet and subnet and the route aggregation and filtering. BGP-4 is widely used on the Internet.
Sessions established by BGP routers in different ASs are called EBGP sessions. Sessions established by the internal BGP routers in the same AS are called IBGP sessions. The administration area that allows independent routing policies is called Autonomous System (AS). A primary feature of AS is that an AS has a unified internal route differing from other ASs, and presents the same topology to the reachable destinations through which it passes. The indicator of an AS is a 16-bit value ranging from 1~65535, in which 1~32767 are allocatable, 32768~64511 are reserved temporarily, and 64512~65534 are used for private ASs (similar to the private IP addresses).
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
164 Confidential and Proprietary Information of ZTE CORPORATION
BGP runs over reliable transmission protocols with TCP as its lower layer protocol on port 179. A TCP connection should be established first between the routers running BGP. All the routing table information is exchanged via message authentication. When the routing table is changed later, route update information will be sent to all the BGP neighbors, by which the routing information will be extended until the routing information is available in the entire network.
The destination network related BGP update information sent by the router to its peers include the BGP metric related information, which is called path attribute. Path attribute is classified into four categories:
1. Well-known mandatory: These attributes should be included in the router description.
AS-path
Next-hop
Origin
2. Well-known discretionary: These attributes are not necessary in the router description.
Local preference
Atomic aggregate
3. Optional transitive: These attributes are not required to be supported by all the BGP implementations. If supported, they will be transmitted to BGP neighbors. Those not supported by the local router should be transmitted continuously to other BGP routers.
Aggregator
Community
4. Optional non-transitive: This attribute indicates it should be deleted from the routers that do not support it.
Multi-exit-discriminator (MED)
In addition to these attributes, weight attribute (Cisco defined) is also a common attribute.
Configuring BGP Basic BGP Configuration
To enable the BGP protocol on a router, follow the three steps:
1. Enable BGP process
Command format Command mode Command function
router bgp <as-number> Global Enables BGP routing process
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 165
2. Configure BGP neighbor
Command format Command mode Command function
neighbor <ip-address> remote-as <number> Routing BGP Configures a BGP neighbor
3. Advertise a network using BGP
Command format Command mode Command function
network <ip-address> <net-mask> Routing BGP Specifies a network table for the BGP routing process
Figure 54 shows an example of BGP configuration, where R1 resides in AS 100 and R2 resides in AS 200.
F I G U R E 54 B AS I C BGP C O N F I G U R AT I O N
AS100 AS200
10.1.1.2/30
10.1.1.1/30
182.16.0.0/16 182.17.0.0/16
R1 R2
Configuration of R1
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#neighbor 10.1.1.1 remote-as 200
ZXR10_R1(config-router)#network 182.16.0.0 255.255.0.0
Configuration of R2
ZXR10_R2(config)#router bgp 200
ZXR10_R2(config-router)#neighbor 10.1.1.2 remote-as 100
ZXR10_R3(config-router)#network 182.17.0.0 255.255.0.0
In the configurations above, R1 and R2 define the other party as a BGP neighbor each other. Since R1 and R2 reside in different ASs, an EBGP session will be established. R1 will advertise network 182.16.0.0/16. R2 will advertise network 182.17.0.0/16.
Advertising BGP Routes In the above description, the network command is used to advertise BGP routers. Generally, BGP routers can be advertised in three ways after a BGP neighbor is established:
1. Use the network command to advertise a router
In BGP, the network command can be used to advertise the networks known by the local router. Known networks include the networks that can
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
166 Confidential and Proprietary Information of ZTE CORPORATION
be learnt via direct connections, static routes and dynamic routes. The use of the network command in BGP is different from the use in IGP.
2. Use the redistribute command to re-distribute the routes learnt by other routing protocols to BGP.
Command format Command mode Command function
redistribute <protocol> [metric <metric-value>] [route-map <map-tag>] Routing BGP
Re-distributes the routes obtained by other routing protocols into the BGP routing table
The redistribute command can be used to re-distribute the routes learnt by the IGP protocols (RIP, OSPF, IS-IS) into BGP. When using the redistribute command, make sure to prevent the routes learnt by IGP from BGP from being re-distributed into BGP. Use the filtering command to prevent the loop from occurring if necessary.
3. Distribute static routes into BGP
The route source of the static routes re-distributed into BGP is shown as “incomplete” in the routing table.
The following example advertises routes in BGP via route re-distribution. See Figure 55 for the network topology.
F I G U R E 55 AD V E R T I S I N G BGP R O U T E S
AS100
AS200
AS300
129.213.198.0/24 175.220.0.0/24
1.1.1.1/24
R1 R2 R3
R4
Configuration of R3
ZXR10_R3(config)#router ospf 1
ZXR10_R3(config-router)#network 175.220.0.0 0.0.0.255 area 0
ZXR10_R3(config)#router bgp 200
ZXR10_R3(config-router)#neighbor 1.1.1.1 remote-as 300
ZXR10_R3(config-router)#redistribute ospf
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 167
Advertising BGP Aggregation BGP can aggregate several pieces of learnt routing information into one piece of information and advertise it to the outside, greatly reducing the number of route entries in the routing table.
The following is an example of route aggregation. R1 and R2 advertise route 170.20.0.0/16 and 170.10.0.0/16 respectively, as shown in Figure 56. R3 aggregates the two pieces of routing information into 170.0.0.0/8 and advertises it to R4. After configuring aggregation, the R4 routing table can only learn the aggregated route 170.0.0.0/8.
F I G U R E 56 AD V E R T I S iN G BGP AG G R E G A T I O N
170.20.0.0/16 170.10.0.0/16
3.3.3.0/24
4.4.4.0/24
2.2.2.0/24
AS100 AS200AS300
AS400
R1 R2
R4
R3
Configuration of R1
ZXR10_R1(config)#interface vlan1
ZXR10_R1(config-if)#ip address 2.2.2.2 255.0.0.0
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#network 170.20.0.0 255.255.0.0
ZXR10_R1(config-router)#neighbor 2.2.2.1 remote-as 300
Configuration of R2
ZXR10_R2(config)#interface vlan1
ZXR10_R2(config-if)#ip address 3.3.3.3 255.0.0.0
ZXR10_R2(config)#router bgp 200
ZXR10_R2(config-router)#network 170.10.0.0 255.255.0.0
ZXR10_R2(config-router)#neighbor 3.3.3.1 remote-as 300
Configuration of R3
ZXR10_R3(config)#interface vlan1
Command format Command mode Command function
aggregate-address <ip-address> <net-mask> [count <count>] [as-set] [summary-only] [strict]
Routing BGP Creates an aggregation policy in the BGP routing table
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
168 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R3(config-if)#ip address 2.2.2.1 255.0.0.0
ZXR10_R3(config)#interface vlan2
ZXR10_R3(config-if)#ip address 3.3.3.1 255.0.0.0
ZXR10_R3(config)#interface vlan3
ZXR10_R3(config-if)#ip address 4.4.4.1 255.0.0.0
ZXR10_R3(config)#router bgp 300
ZXR10_R3(config-router)#neighbor 2.2.2.2 remote-as 100
ZXR10_R3(config-router)#neighbor 3.3.3.3 remote-as 200
ZXR10_R3(config-router)#neighbor 4.4.4.4 remote-as 400
ZXR10_R3(config-router)#aggregate-address 170.0.0.0 255.0.0.0
summary-only
R3 has learnt routes 170.20.0.0 and 170.10.0.0, but it advertises aggregate route 170.0.0.0/8 only. Note the summary-only parameter in the aggregate advertisement commands. If the parameter is not included, R3 will advertise the specific routes in addition to the aggregate route.
Configuration of R4
ZXR10_R4(config)#interface vlan1
ZXR10_R4(config-if)#ip address 4.4.4.4 255.0.0.0
ZXR10_R4(config)#router bgp 400
ZXR10_R4(config-router)#neighbor 4.4.4.1 remote-as 300
Configuring EBGP Multihop Generally, EBGP neighbors should be established on the straight-through interfaces of two routers. To establish EBGP neighbors on the interfaces that are not directly connected, use the multihop command to configure EBGP multihop. In addition, appropriate IGP or static route configuration is required to enable the interworking of these neighbors.
Command format Command mode
Command function
neighbor <ip-address> ebgp-multihop [ttl <value>] Routing BGP Configures EBGP multihop
R1 needs to establish the neighbor relation with the interface with the IP address 180.225.11.1 on R2, to which it is not connected directly, as shown in Figure 57. To do this, use the multihop command.
F I G U R E 57 C O N F I G U R I N G BGP M U L T I H O P
AS100 AS300
129.213.1.2/24
129.213.1.3/24
180.225.11.1/24R1 R2
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 169
Configuration of R1
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#neighbor 180.225.11.1 remote-as 300
ZXR10_R1(config-router)#neighbor 180.225.11.1 ebgp-multihop
Configuration of R2
ZXR10_R2(config)#router bgp 300
ZXR10_R2(config-router)#neighbor 129.213.1.2 remote-as 100
Filtering Routes via the Route Map Route filtering and attribute setting are the basis of BGP route selection. Input or output route attributes can be controlled as required via route filtering.
Route map is used to control routing information and re-distribute routes between route domains based on defined conditions. Route map usually determines route selections with the use of route attributes. A route map is usually used in two steps:
1. Define a route map
Command format Command mode Command function
route-map <map-tag> [permit|deny] [<sequence-number>] Global Defines a route map
2. Configure the filtration of routes advertised by or to the neighbors
Command format Command mode Command function
neighbor <ip-address> route-map <map-tag> {in|out} Routing BGP
Configures the filtration of routes advertised by or to the neighbors
The following example configures filtering using a route map.
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#neighbor 182.17.20.1 remote-as 200
ZXR10_R1(config-router)#neighbor 182.17.20.1 route-map MAP1 out
ZXR10_R1(config-router)#neighbor 182.17.20.1 send-med
ZXR10_R1(config)#route-map MAP1 permit 10
ZXR10_R1(config-route-map)#match ip address 1
ZXR10_R1(config-route-map)#set metric 5
ZXR10_R1(config)#acl basic number 1
ZXR10_R1(config-basic-acl)#rule 1 permit 172.3.0.0 0.0.255.255
The above example defines route map MAP1, which allows network 172.3.0.0 to be advertised to autonomous system 200 and sets the MED value to 5. When filtering routes using a route map, match and set commands are both usually used. The match command defines matching
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
170 Confidential and Proprietary Information of ZTE CORPORATION
criteria. The set command defines actions to be executed when the match conditions are satisfied.
Filtering Routes via NLRI To control the routing information obtained or advertised by the router, routes to or from a specific adjacent device can be filtered from updates. The filter includes an update list used to be sent to or coming from an adjacent peer.
As shown in Figure 58, R1 and R2 are IBGP peers of each other; R1 and R3 are EBGP peers of each other; and R2 and R4 are EBGP peers of each other.
F I G U R E 58 F I L T E R I N G R O U T E S V I A NLRI
AS100
AS200 AS300
182.17.20.1/30192.18.10.0/24
182.17.1.2/30
182.17.20.2/30
R3 R4
182.17.1.1/30
R1
R2
To prevent AS100 from being a transit AS, network 192.18.10.0/24 coming from AS300 is advertised to AS200. R1 is configured with the filtering function as follow:
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#no synchronization
ZXR10_R1(config-router)#neighbor 182.17.1.2 remote-as 100
ZXR10_R1(config-router)#neighbor 182.17.20.1 remote-as 200
ZXR10_R1(config-router)#neighbor 182.17.20.1 route-map MAP1 out
ZXR10_R1(config)#route-map MAP1 permit 10
ZXR10_R1(config-route-map)#match ip address 1
ZXR10_R1(config)#acl basic number 1
ZXR10_R1(config-basic-acl)#rule 1 deny 192.18.10.0 0.0.0.255
ZXR10_R1(config-basic-acl)#rule 2 permit any
In this example, the route-map command and access control list (ACL) is used to prevent R1 from spreading prefix 192.18.10.0/24 to AS200.
Filtering Routes via AS_PATH If all the routes in one or more ASs should be filtered, the routes are filtered based on the AS path information usually. This prevents it from being complex due to prefix-based filtering.
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 171
An ACL can be specified for the input and output update based on the AS path attribute values.
Command format Command mode Command function
ip as-path access-list <acl-number> {permit|deny} <as-regular-expression>
Global Defines a BGP access list
In the case as shown in Figure 58, routes can also be filtered based on AS path, which prevents R1 from advertising network 192.18.10.0/24 (coming from AS300) to AS200. Configuration
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#no synchronization
ZXR10_R1(config-router)#neighbor 182.17.1.2 remote-as 100
ZXR10_R1(config-router)#neighbor 182.17.20.1 remote-as 200
ZXR10_R1(config-router)#neighbor 182.17.20.1 route-map MAP1 out
ZXR10_R1(config)#route-map MAP1 permit 10
ZXR10_R1(config-route-map)#match as-path 1
ZXR10_R1(config)#ip as-path access-list 1 permit ^$
In the above configuration, the AS ACL allows R1 to advertise the networks initiated from AS100 only to AS200, thus filtering network 192.18.10.0/24.
LOCAL_PREF Attribute The local preference attribute is used to determine the route selection between IBGP peers within an AS.
When the two IBGP routers in an AS have learnt a route with the same destination from the outside, the local preference attribute will be compared. The route with the higher value is preferred. The default value of local preference is 100.
Command format Command mode Command function
bgp default local-preference <value>
Routing BGP
Configures the local preference value of the router that BGP advertises to the outside
In the case as shown in Figure 59, R3 and R4 has learnt route 170.10.0.0 at the same time. Since the local preference value set for R4 is greater than that for R3, the R4 egress is preferred for the route to the destination within AS256.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
172 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 59 C O N F I G U R I N G T H E LO C AL P R E F E R E N C E AT T R I B U T E
AS100
AS256
AS300
1.1.1.2/30
3.3.3.2/30
R3 R4
1.1.1.1/30R1 R2
R5
170.10.0.0/24
128.213.11.1/30128.213.11.2/303.3.3.1/30
IBGP R6
AS34
LOC=150 LOC=200
The LOCAL_PREF attribute can be configured in two methods.
Use the bgp default local-preference command
Configuration of R3
ZXR10_R3(config)#router bgp 256
ZXR10_R3(config-router)#neighbor 1.1.1.1 remote-as 100
ZXR10_R3(config-router)#neighbor 128.213.11.2 remote-as 256
ZXR10_R3(config-router)#bgp default local-preference 150
Configuration of R4
ZXR10_R4(config)#router bgp 256
ZXR10_R4(config-router)#neighbor 3.3.3.2 remote-as 300
ZXR10_R4(config-router)#neighbor 128.213.11.1 remote-as 256
ZXR10_R4(config-router)#bgp default local-preference 200
Use the route-map command
Configuration of R4
ZXR10_R4(config)#router bgp 256
ZXR10_R4(config-router)#neighbor 3.3.3.2 remote-as 300
ZXR10_R4(config-router)#neighbor 3.3.3.2 route-map setlocalin in
ZXR10_R4(config-router)#neighbor 128.213.11.1 remote-as 256
....
ZXR10_R4(config)#ip as-path access-list 7 permit ^300$
...
ZXR10_R4(config)#route-map setlocalin permit 10
ZXR10_R4(config-route-map)#match as-path 7
ZXR10_R4(config-route-map)#set local-preference 200
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 173
ZXR10_R4(config)#route-map setlocalin permit 20
ZXR10_R4(config-route-map)#set local-preference 150
MED Attribute The metric attribute is also called Multi Exit Discrimination (MED), which is used for the interaction among ASs for route selection.
By default, the router only compares the metric values of the BGP neighbors in the same AS. To compare the values of the neighbors in different ASs, use the bgp always-compare-med command for a mandatory comparison.
Command format Command mode Command function
bgp always-compare-med Routing BGP Allows the comparison of the MEDs for paths from neighbors in different ASs
The default value of medic is 0. The path with a lower metric is preferred over a path with a higher metric. The metric value is not transferred to third-party ASs. That is, when an update with a metric value is received and it should be transmitted to a third-party AS, the default metric value will be transmitted.
R1 receives the update of 180.10.0.0 from R2, R3 and R4 at the same time, as shown in Figure 60. By default, only the metric values of neighbor R3 and R4 in the same AS are compared. The metric value of R3 is lower than that of R4, so R1 takes the update from R3.
F I G U R E 60 C O N F I G U R I N G T H E MED AT T R I B U T E
AS100
AS300
AS400
2.2.2.1/30
180.10.0.0/24
R3 R4
2.2.2.2/30
R1
R2
1.1.1.1/30 1.1.1.2/30
4.4.4.1/304.4.4.2/30
3.3.3.1/30
3.3.3.2/30
170.10.0.0/24
med 120
med 50
med 200
In the following example, the route-map command is used to set the MED value.
Configuration of R1
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
174 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#neighbor 2.2.2.1 remote-as 300
ZXR10_R1(config-router)#neighbor 3.3.3.2 remote-as 300
ZXR10_R1(config-router)#neighbor 4.4.4.1 remote-as 400
....
Configuration of R3
ZXR10_R3(config)#router bgp 300
ZXR10_R3(config-router)#neighbor 2.2.2.2 remote-as 100
ZXR10_R3(config-router)#neighbor 2.2.2.2 route-map setmetricout out
ZXR10_R3(config-router)#neighbor 1.1.1.2 remote-as 300
ZXR10_R3(config)#route-map setmetricout permit 10
ZXR10_R3(config-route-map)#set metric 120
Configuration of R4
ZXR10_R4(config)#router bgp 300
ZXR10_R4(config-router)#neighbor 3.3.3.1 remote-as 100
ZXR10_R4(config-router)#neighbor 3.3.3.1 route-map setmetricout out
ZXR10_R4(config-router)#neighbor 1.1.1.1 remote-as 300
ZXR10_R4(config)#route-map setmetricout permit 10
ZXR10_R4(config-route-map)#set metric 200
Configuration of R2
ZXR10_R2(config)#router bgp 400
ZXR10_R2(config-router)#neighbor 4.4.4.2 remote-as 100
ZXR10_R2(config-router)#neighbor 4.4.4.2 route-map setmetricout out
ZXR10_R2(config)#route-map setmetricout permit 10
ZXR10_R2(config-route-map)#set metric 50
In the following example, the bgp always-compare-med command is used to allow a mandatory comparison of R1 metric value and R2 metric value. The metric value of R2 is lower than that of R3, so R1 will select R2 instead of R3 for the update of 180.10.0.0.
Configuration of R1
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#neighbor 2.2.2.1 remote-as 300
ZXR10_R1(config-router)#neighbor 3.3.3.2 remote-as 300
ZXR10_R1(config-router)#neighbor 4.4.4.1 remote-as 400
ZXR10_R1(config-router)#bgp always-compare-med
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 175
Community String Attribute Community string is an optional transit attribute ranging from 0~4,294,967,200. A selection can be made from a group of routes according to the community string attribute.
The following are the definitions of the well-known community attributes:
no-export: Do not advertise this route to an EBGP neighbor
no-advertise: Do not advertise this route to any BGP neighbor
no-export-subconfed: Do not advertise the routes with this attribute to peers outside the confederation.
The route-map command is generally used to define the community attribute. This attribute will not be sent to neighbors by default and the following command should be used also.
Command format Command mode Command function
neighbor <ip-address> send-community Routing BGP
Sends the community attribute when advertising routes to the neighbors
In the following example, R1 notifies its neighbors that route 192.166.1.0/24 should not be advertised to other EBGP neighbors.
Configuration of R1
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#neighbor 3.3.3.3 remote-as 300
ZXR10_R1(config-router)#neighbor 3.3.3.3 send-community
ZXR10_R1(config-router)#neighbor 3.3.3.3 route-map setcommunity out
ZXR10_R1(config)#route-map setcommunity permit 10
ZXR10_R1(config-route-map)#match ip address 1
ZXR10_R1(config-route-map)#set community no-export
ZXR10_R1(config)#route-map setcommunity permit 20
ZXR10_R1(config)#acl basic number 1
ZXR10_R1(config-basic-acl)#rule 1 permit 192.166.1.0 0.0.0.255
BGP Synchronization In AS100 as shown in Figure 61, R1 and R2 runs IBGP. R5 does not run BGP.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
176 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 61 C O N F I G U R I N G BGP S Y N C H R O N I Z AT I O N
AS100
AS300 AS400
2.2.2.1/30
150.10.0.0/24
2.2.2.2/30
R3 R4
3.3.3.1/30R1 R2
R5
170.10.0.0/24
170.10.0.0/24 170.10.0.0/24
1.1.1.2/30
1.1.1.1/30
R2 has learnt route 170.10.0.0 via IBGP. The next hop is 2.2.2.1. It can be known from the diagram that the next hop for R2 to reach 170.10.0.0 is R5, but R5 hasn’t got route 170.10.0.0 and will discard the packet. If R2 tells R4 that it has route 170.10.0.0, it will also be discarded in R5.
To allow the packet with the destination address 170.10.0.0 to reach R3 successfully through R5, the route to 170.10.0.0 should be available in R5. Therefore, routes should be redistributed so that R5 can learn this route via IGP. Before advertising the BGP routes to EBGP neighbors, it should be waited until R2 has learnt this route (via R5) via IGP, which is called route synchronization.
Command format Command mode Command function
synchronization Routing BGP Enables the synchronization between BGP and IGP
The synchronization function of ZXR10 T160G/T64G is enabled by default.
To transit AS, the routes learnt from other ASs should be advertised to the third-party ASs. If non-BGP router exists in AS then Route synchronization is required. In this case, R2 uses route synchronization.
In the case that BGP routes have no need to be advertised to third-party ASs or all the routers within the AS run BGP, route synchronization is not required.
The following configuration disables route synchronization on R2.
ZXR10_R2(config)#router bgp 100
ZXR10_R2(config-router)#network 150.10.0.0
ZXR10_R2(config-router)#neighbor 1.1.1.2 remote-as 400
ZXR10_R2(config-router)#neighbor 3.3.3.1 remote-as 100
ZXR10_R2(config-router)#no synchronization
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 177
BGP Route Reflector For the BGP routers within the same AS, the neighbor relation should be established between every two routers to enable an overall interconnection. In this way, the number of neighbors will increase at a rate of n (n-1) /2 (“n” is the number of IBGP routers) when the number of IBPGs increases. Route reflector and confederation are used to reduce the workload of maintenance and configuration.
For the IBGP speaking routers within an AS, one of them is selected to be the route reflector (RR). All the other IBGP routers act as clients and establish the neighbor relation only with the RR. All the clients reflect routes via RR, thus reducing the number of neighbors to n-1.
Command format Command mode Command function
neighbor <ip-address> router-reflector-client Routing BGP Set a neighbor as a
route-reflector client peer
There are two route reflectors within AS100, i.e. R3 and R4, as shown in Figure 62. The clients of R4 are R5 and R6. The clients of R3 are R1 and R2.
F I G U R E 62 C O N F I G U R I N G BGP R O U T E R E F L E C T O R S
R3
R1 R2
R4
R5 R6
R7
R9
R8
AS100
AS200
AS300
Lo: 1.1.1.1 Lo: 2.2.2.2
Lo: 3.3.3.3 Lo: 4.4.4.4
Lo: 5.5.5.5 Lo: 6.6.6.6
Lo: 7.7.7.7
Lo: 8.8.8.8
Lo: 9.9.9.9
Configuration of R3
ZXR10_R3(config)#router bgp 100
ZXR10_R3(config-router)#neighbor 2.2.2.2 remote-as 100
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
178 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R3(config-router)#neighbor 2.2.2.2 route-reflector-client
ZXR10_R3(config-router)#neighbor 1.1.1.1 remote-as 100
ZXR10_R3(config-router)#neighbor 1.1.1.1 route-reflector-client
ZXR10_R3(config-router)#neighbor 7.7.7.7 remote-as 100
ZXR10_R3(config-router)#neighbor 4.4.4.4 remote-as 100
Configuration of R2
ZXR10_R2(config)#router bgp 100
ZXR10_R2(config-router)#neighbor 3.3.3.3 remote-as 100
When a route is received by the RR, it will be reflected depending on the type of peer.
A route from a Non-Client peer will be reflected to all the Client peers
A route from a Client peer will be reflected to all the Non-Client peers and Client peers.
A route from an EBGP peer will be reflected to all the Non-Client peers and Client peers.
If there are multiple RRs within an AS, these RRs can be grouped into a cluster. An AS can include multiple clusters. A cluster includes more than one RR at least.
BGP Confederation Route confederation has the similar function as the route reflector, which is to reduce the number of IBGP neighbor connections established within an AS. Route confederation allows an AS to be divided into multiple sub-ASs. The IBGP routers within the AS belong to the sub-ASs respectively. IBGP is established within the sub-ASs. EBGP is established between the sub-ASs. The sub-AS ID is called confederation ID. The sub-ASs are invisible to the outside world of the AS.
Command format Command mode Command function
bgp confederation identifier <value> Routing BGP Set a confederation ID
bgp confederation peers <value> […<value>] Routing BGP Sets the AS ID of a
confederation peer
The following examples illustrate the applications of route confederation.
There are 5 BGP routers in AS200, as shown in Figure 63. It is divided into two sub-ASs. One is defined as AS65010, which includes R3, R5 and R6, and the other is defined as AS65020, which includes R4 and R7.
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 179
F I G U R E 63 C O N F I G U R I N G BGP C O N F E D E R AT I O N
R3
R5 R6
R4
R7
R1 R2
AS200
Lo: 210.61.10.1 Lo: 210.61.20.1
2.2.2.1/30Lo: 210.61.30.1
Lo: 210.61.40.1
AS100 AS300
AS65010AS65020
2.2.2.2/30
210.61.19.1/30 210.61.19.2/30
Configuration of R3
ZXR10_R3(config)#router bgp 65010
ZXR10_R3(config-router)#bgp confederation identifier 200
ZXR10_R3(config-router)#bgp confederation peers 65020
ZXR10_R3(config-router)#neighbor 210.61.10.1 remote-as 65010
ZXR10_R3(config-router)#neighbor 210.61.20.1 remote-as 65010
ZXR10_R3(config-router)#neighbor 210.61.19.2 remote-as 65020
ZXR10_R3(config-router)#neighbor 2.2.2.2 remote-as 100
Configuration of R5
ZXR10_R5(config)#router bgp 65010
ZXR10_R5(config-router)#bgp confederation identifier 200
ZXR10_R5(config-router)#neighbor 210.61.30.1 remote-as 65010
ZXR10_R5(config-router)#neighbor 210.61.20.1 remote-as 65010
When establishing the neighbor relation, the EBGP neighbor relation is established between R3 and the confederation peers. The IBGP neighbor relation is established with the confederation, and the EBGP neighbor relation is also established with AS100. The confederation is non-existent to AS100, so AS100 still establishes the neighbor relation with R3 as AS200.
Configuration of R1
ZXR10_R1(config)#router bgp 100
ZXR10_R1(config-router)#neighbor 2.2.2.1 remote-as 200
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
180 Confidential and Proprietary Information of ZTE CORPORATION
BGP Route Dampening BGP provides a route dampening mechanism to minimize the instability due to route flapping.
A route is assigned a penalty of 1000 per flap. When the penalty reaches a suppress-limit, the router stops advertising the route. The penalty decreases geometrically after every half-life-time. As the penalty decreases and falls below the reuse limit, the route is unsuppressed.
Command format Command mode Command function
bgp dampening [<half-life> <reuse> <suppress> <max-suppress-time>| route-map <map-tag>]
Routing BGP Enables BGP route damping or modifies various damping factors
Half-life-time: 1~45 min, 15 min by default
Reuse-value: 1~20000, 750 by default
Suppress-value: 1~20000, 2000 by default
Max-suppress-time: 1~255, 4 times of half-life-time by default
To enable dampening on the router:
ZXR10(config)#router bgp 100
ZXR10(config-router)#bgp dampening
ZXR10(config-router)#network 203.250.15.0 255.255.255.0
ZXR10(config-router)#neighbor 192.208.10.5 remote-as 300
Example of Configuring BGP The following is a comprehensive BGP example, which involves the practical applications of BGP functions including route aggregation and static route redistribution.
As shown in Figure 64, EBGP is established between R4 and R1. IBGP is established between R1 and R2. Multihop EBGP is established between R2 and R5. Suppose 4 static routes, as shown in the upper right corner of the figure, exist in R4. In the configuration of R4, only 192.16.0.0/16 is aggregated and advertised. 170.16.10.0/24 is not allowed to be advertised through BGP to the outside world via the route map. The multihop relation is established between R2 and R5 via R3. Make sure the neighbor addresses of the two routers are interconnected before configuring BGP.
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 181
F I G U R E 64 E X AM P L E O F C O N F I G U R I N G BGP
155.16.10.0/24
172.16.1.2/16
172.16.1.1/16173.16.20.2/16172.16.20.2/16
172.16.20.1/16
183.16.20.2/16 AS3AS2
AS1Static route:192.16.20.0/24192.16.21.0/24192.16.22.0/24170.16.10.0/24
R1 R2
R4 R3 R5
Configuration of R4
ZXR10_R4(config)#route bgp 2
ZXR10_R4(config-router)#redistribute static
ZXR10_R4(config-router)#neighbor 172.16.20.2 remote-as 1
ZXR10_R4(config-router)#aggregate-address 192.16.0.0 255.255.0.0
count 0 as-set summary-only
ZXR10_R4(config-router)#neighbor 172.16.20.2 route-map torouter1 out
ZXR10_R4(config)#acl basic number 1
ZXR10_R4(config-basic-acl)#rule 1 permit 172.16.10.0 0.0.0.255
ZXR10_R4(config)#route-map torouter1 deny 10
ZXR10_R4(config-route-map)#match ip address 1
ZXR10_R4(config)#route-map torouter1 permit 20
Configuration of R1
ZXR10_R1(config)#route bgp 1
ZXR10_R1(config-router)#no synchronization
ZXR10_R1(config-router)#neighbor 172.16.1.2 remote-as 1
ZXR10_R1(config-router)#neighbor 172.16.1.2 next-hop-self
ZXR10_R1(config-router)#neighbor 172.16.20.1 remote-as 2
Configuration of R2
ZXR10_R2(config)#ip route 183.16.0.0 255.255.0.0 vlan4
ZXR10_R2(config)#route bgp 1
ZXR10_R2(config-router)#neighbor 172.16.1.1 remote-as 1
ZXR10_R2(config-router)#neighbor 172.16.1.1 next-hop-self
ZXR10_R2(config-router)#neighbor 183.16.20.2 remote-as 3
ZXR10_R2(config-router)#neighbor 183.16.20.2 ebgp-multihop 2
ZXR10_R2(config-router)#neighbor 183.16.20.2 route-map torouter5 in
ZXR10_R2(config)#acl basic number 1
ZXR10_R2(config-basic-acl)#rule 1 permit 155.16.10.0 0.0.0.255
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
182 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R2(config)#route-map torouter5 deny 10
ZXR10_R2(config-route-map)#match ip address 1
ZXR10_R2(config)#route-map torouter5 permit 20
Configuration of R5
ZXR10_R5(config)#ip route 173.16.0.0 255.255.0.0 gei_1/1
ZXR10_R5(config)#route bgp 3
ZXR10_R5(config-router)#neighbor 173.16.20.2 remote-as 1
ZXR10_R5(config-router)#neighbor 173.16.20.2 ebgp-multihop 2
BGP Maintenance and Diagnosis When encountering BGP routing problems, relevant debugging commands can be used for troubleshooting. The most commonly used command is show, which allows you to view the current statuses of BGP neighbors and the BGP routing information the router has learnt.
Show the configuration information of the BGP module
Command format Command mode Command function
show ip bgp protocol All modes Shows the configuration information of the BGP module
View the BGP neighbor relation and show the current neighbor statuses
Command format Command mode Command function
show ip bgp neighbor [in|out] <ip-address>
All modes Shows related information of BGP neighbors
Show the entries in the BGP routing table
Command format Command mode Command function
show ip bgp route [network <ip-address> [mask <net-mask>]] All modes Shows the entries in the BGP
routing table
show ip bgp route detail <ip-address> <net-mask> All modes Shows the entries in the BGP
routing table
Show the statuses of all the BGP neighbor connections
Command format Command mode Command function
show ip bgp summary All modes Shows the statuses of all the BGP neighbor connections
Besides the show command, the debug command can be used to observe the BGP neighbor relation establishment and route update process.
Command format Command mode Command function
debug ip bgp in Privileged Tracks and shows the notification messages sent by BGP and lists error codes and sub-error codes
Chapter 17 BGP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 183
debug ip bgp out Privileged Tracks and shows the notification messages sent by BGP and lists error codes and sub-error codes
debug ip bgp events Privileged Tracks and shows the BGP connecting statuses and migration
Use the debug ip bgp events command to track the process of BGP status migration.
ZXR10#debug ip bgp events
BGP events debugging is on
ZXR10#
04:10:07: BGP: 192.168.1.2 reset due to Erroneous BGP Open received
04:10:07: BGP: 192.168.1.2 went from Connect to Idle
04:10:08: BGP: 192.168.1.2 went from Idle to Connect
04:10:13: BGP: 192.168.1.2 went from Connect to OpenSent
04:10:13: BGP: 192.168.1.2 went from OpenSent to OpenConfirm
04:10:13: BGP: 192.168.1.2 went from OpenConfirm to Established
ZXR10#
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
184 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 185
C h a p t e r 18
Multicasting Route Configuration
This chapter describes the basic principle and configurations of multicasting routes. This chapter includes:
Multicast Overview
Configuring Public Multicast
Configuring IGMP
Configuring PIM-SM
Configuring MSDP
Example of Configuring Multicasting
Multicasting Maintenance and Diagnosis
Multicast Overview Multicasting is a point-to-point or multipoint-to-multipoint communication, that is, multiple receivers receive the same information from one source at the same time. Applications on the basis of multicasting include videoconferencing, teleeducation and software distribution.
Multicasting protocols include Internet Group Management Protocol (IGMP) and Multicast Route Protocols (MRP). IGMP is used to manage the participation and leaving of multicast group members. MRPs are used to exchange information and establish the multicast tree among routers. MRPs include Protocol Independent Multicast Sparse Mode (PIM-SM) and Multicast Source Discovery Protocol (MSDP).
ZXR10 T160G/T64G supports the following protocols:
Internet Group Management Protocol (IGMP)
Protocol Independent Multicast Sparse Mode (PIM-SM)
Multicast Source Discovery Protocol (MSDP)
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
186 Confidential and Proprietary Information of ZTE CORPORATION
Multicast Address In a multicast network, the originator sends a packet to multiple receivers via multicasting. The originator is called multicast source. The multiple receivers of the same packet can be identified using a single ID, which is called multicast source address. In the IP address allocation scenario, addresses Class-D, i.e. 224.0.0.0~239.255.255.255, are multicast source addresses. 224.0.0.0~224.0.0.255 and 239.0.0.0~239.255.255.255 are used for research and management.
IGMP IGMP allows the multicast router to learn about the information of multicast group members and runs between host and multicast router.
A multicast router sends group member query messages to all the hosts periodically to learn about which group members exist in the connected networks. The hosts return group member report messages containing the information of the multicast groups to which they belong. When a host wants to be added in a new group, it sends a group member report message instead of waiting for a query.
When the host begins to receive information as a group member, the multicast router will query the group periodically to learn about whether this member is still in the group. If members of the group still exist on an interface, the multicast router will continue to forward data from the group to the interface. When the host leaves the group, it will send a leave message to the multicast router. The multicast router will query immediately whether the group still contains active members or not. If yes, the multicast router continues to forward data; if no, it stops forwarding data.
There are two versions, IGMP V1 and IGMP V2, in the practical applications. IGMP V2 has more enhanced features than IGMP V1. It uses 4 types of messages to accomplish the information interaction between the hosts and the router.
Group member query
V2 member report
Leave report
V1 member report
Where, the V1 member report is used to be compatible with IGMP V1.
Multicast Tree To enable multicast communication in the networks, the multicast source, receivers and the paths of multicast packets should be available. The most commonly used routing method is to establish tree routes, which provides the following two advantages:
Packets are sent to different receivers along the tree branches in parallel.
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 187
Packets are copied only on crotches, which minimizes the number of packets transmitted in the networks.
A multicast tree is a set of a series of router incoming interfaces and outgoing interfaces. It determines a unique forwarding path between the subnet to which the multicast source belongs and all the subnets that contain the group members.
There are two ways to construct a multicast tree: per-source multicast tree and shared multicast tree.
Per-Source Multicast Tree Per-source multicast tree is also called source shortest path tree. It establishes a spanning tree to all the receivers for each source. This spanning tree takes the subnet to which the source belongs as the root node and reaches the subnets to which the receivers belong. A multicast group may include multiple multicast sources. Each source or pair (S, G) has a corresponding multicasting tree.
The method to construct a per-source multicast tree is reverse path forwarding (RPF). Each router can find the shortest path to the source and the corresponding outgoing interface according to the unicast route. When a router receives a multicast packet, it verifies whether the incoming interface that the packet reaches is the outgoing interface with the shortest unicast path from the packet to the source. If yes, the route copies the packet and forwards it to other interfaces; otherwise, it discards the multicast packet.
The incoming interface from which the router receives multicast packets is called parent link. The outgoing interface that sends multicast packets is called child link.
Shared Multicast Tree Shared multicast tree establishes a multicast route tree for each multicast group, which is shared by all the group members, that is, the tree is shared by the group (*, C) instead of every pair (S, G). Every device to receive the multicast packets from the group should be added to the shared tree explicitly.
A shared multicast tree uses one or a group of routers as the center of the tree. Multicast packets from all the sources in this group to the receivers are sent as unicast packets to the center, from which the packets will then be forwarded as multicast packets along the tree.
PIM-SM PIM-SM transmits multicast packets using a shared tree. A shared tree has a central point, which is responsible for sending packets for all the sources in a multicast group. Each source sends packets to the central point along the shortest-path route and then takes the central point as the root node to distribute the packets to all the receivers in the group. The central point of a PIM-SM group is called Rendezvous Point (RP). A network can have multiple RPs, but a multicast group can only have one RP.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
188 Confidential and Proprietary Information of ZTE CORPORATION
A router can learn about the positions of RPs in three ways. The first way is to configure static RP manually on each router that runs PIM-SM. The other two ways are dynamic, depending on the version of PIM-SM used in the network. PIM-SM V1 uses Auto-RP. PIM-SM V2 uses candidate-RP.
PIM-SM V2 allows the manually configured routers that run PIM-SM to be used as candidate bootstrap routers (BSRs) and elects the candidate BSR with the highest priority as the formal BSR. BSR is responsible for collecting the candidate RP messages from all the multicast router, trying to find the candidate RPs existing in the multicast domain and advertising them to all the PIM routers in the PIM domain. Each PIM router selects the optimum RP for each group in the RP set according to the unified RP election rule. RP candidates are configured manually.
Routers running PIM-SM attempt to find each other and maintain the neighbor relation by exchanging hello messages. On the multi-access network, a hello message also includes router priority information, which can be used to elect the designated router (DR).
The multicast source or the first-hop router (DR directly connected to the source) encapsulates the packet into a Register message and sends it to the RP via a unicast route. When receiving the Register message, the RP decapsulates the packet and sends it along the shared tree downward to the receivers in this group.
Each host acting as a receiver will join the multicast group via an IGMP member report message. The last-hot router (or DR on the multi-access network) sends the received Join message by level to the RP for registration. The media router checks if a route for this group is available after receiving the Join message. If yes, it adds the downstream requesting router into the shared tree as a branch. Otherwise, the Join message will proceed to the RP.
If the RP or multicast router is directly connected to any receiver, it can be switched over from the shared tree to the per-source, shortest-path tree. When receiving a Register message from a new multicast source, the RP returns a Join message to the DR directly connected to the multicast source, thus establishing the tree with the shortest-path from the source to the RP.
When a DR or a router with multicast members connected directly receives the first multicast packet from the multicast group, or when the received packets reach a threshold, it can be switched over from the shared tree to the per-source, shortest-path tree. Once the switchover occurs, the route will send a Prune message to the upstream neighbors, requesting to be separated from the shared tree.
MSDP MSDP is a mechanism that allows the RPs in each PIM-SM domain to share information about active sources. Each RP knows the receivers within the local domain. When the RPs have learnt about the information about the active sources in the remote domains, they can transfer the information to the receivers in the local domain. Thus, multicast packets can be forwarded among domains.
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 189
The MSDP speaker in a PIM-SM domain establishes the MSDP session relation with the MSDP neighbors in other domains via TCP connection. When the MSDP speaker has learnt about a new multicast source (through the PIM register mechanism) in the local domain, it will create a Source-Active message and send it to all the MSDP neighbors. Each receiving neighbor uses a neighbor RPF check to check the SA message. Only the SA message received on the correct interface is forwarded. Other SA messages will be discarded. If the MSDP neighbor receiving this SA message is the RP in the local domain, and the outgoing interface corresponding to the (*, G) entry for the multicast group G in the SA is non-null, which means there are receivers in this domain. The RP will then create a (S, G) status for the multicast source and add it to the shortest-path tree of the source.
In addition, each MSDP neighbor will save the received SA messages in a cache, thus establishing a SA cache table. If the RP in a PIM-SM domain receives a message for joining a new multicast group G, the RP will search its own SA cache table to get all the active multicast sources immediately, thus generating the corresponding (S, G) Join message.
Configuring Public Multicast Enable IP multicast routing
Command format Command mode Command function
ip multicast-routing Global Enables IP multicast routing
When the IP multicast routing function is enabled, the router will forward multicast packets.
Delete IP multicast routing table
Command format Command mode Command function
clear ip mroute [group-address <group-address>] [source-address <source-address>]
Privileged Deletes IP multicast routing table
If the command does not contain any option, all the multicast route entries will be deleted.
Configuring IGMP The IGMP function of ZXR10 T160G/T64G is based on the PIM interface. The IGMP function will be enabled automatically on all the PIM-enabled interfaces.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
190 Confidential and Proprietary Information of ZTE CORPORATION
Configuring IGMP Versions IGMP versions include V1 and V2. The default is V2, which can be changed as required. In view of security requirements, the routes require all the network elements in the same network to use IGMP V1 or IGMP V2.
The configuration of IGMP version is based on interface. Different interfaces can be configured with different versions.
Command format Command mode Command function
ip igmp version <version> VLAN interface Configures the IGMP version on an interface
Configuring IGMP Groups on Interfaces Configure the range of groups to which IGMP is allowed to be added
When IGMP is running on an interface, all the multicast groups are received by default. You can set the range of receiving groups. If the Join request from a host does not belong to the range, it will be discarded.
Example:
Only group 239.10.10.10 is received on interface vlan1.
ZXR10(config)#acl basic number 10
ZXR10(config-basic-acl)#rule 1 permit 239.10.10.10 0.0.0.0
ZXR10(config)#interface vlan 1
ZXR10(config-if)#ip igmp access-group 10
Configure the range of groups from which IGMP is allowed to leave immediately
After receiving an IGMP Leave message, or no report message is received after (last member query interval×2+1) seconds, the group members will leave.
Command format Command mode Command function
ip igmp immediate-leave [group-list <acl-number>] VLAN interface
Configure the range of groups from which IGMP can leave immediately
Example:
Allow group 239.10.10.10 to leave immediately from interface vlan1
ZXR10(config)#acl basic number 10
ZXR10(config-basic-acl)#rule 1 permit 239.10.10.10 0.0.0.0
ZXR10(config)#interface vlan 1
Command format Command mode Command function
ip igmp access-group <acl-number>
VLAN interface Configures the range of groups to which IGMP can be added
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 191
ZXR10(config-if)#ip igmp immediate-leave group-list 10
Configure static group members on an IGMP interface
You can bind a static group address on an interface, suppose there always be group members on this interface.
Command format Command mode Command function
ip igmp static-group <group-address>
VLAN interface Configure static group members on an IGMP interface
Example:
Configure static group 239.10.10.10 on interface vlan1.
ZXR10(config)#interface vlan 1
ZXR10(config-if)#ip igmp static-group 239.10.10.10
Configuring IGMP Timers After enabling IGMP on the multicast router interfaces connected to the shared network, the optimum router is elected as the querier on this network, responsible for obtaining group member information by sending query messages.
After sending a query message, the querier will wait for receiving Host Membership Reports in a period of time. The duration is the value of max response time contained in the query message sent, 10 seconds by default. After receiving the query message, the host members on the network take the result of the max response time minus a random offset value as their own response time. If other Host Member Reports are received in this period, it will be cancelled, otherwise, host reports will be sent at the response time. Therefore, increasing the max response time will extend the waiting time of the group members on the network, thus lowering the occurrence of multiple host reports on the network.
Parameters of the timers related to the querier can be changed according to the network conditions.
Configure the IGMP query interval
Command format Command mode Command function
ip igmp query-interval <seconds> VLAN interface Configures the IGMP query interval
Configure the IGMP querier timeout
Command format Command mode Command function
ip igmp querier-timeout <seconds>
VLAN interface Configures the IGMP querier timeout
Configure the max response time contained in the query message sent by IGMP
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
192 Confidential and Proprietary Information of ZTE CORPORATION
Command format Command mode Command function
ip igmp query-max-response-time <seconds>
VLAN interface
Configures the value of max response time contained in the query message sent by IGMP
Configure the IGMP specific group query interval
Command format Command mode Command function
ip igmp last-member-query-interval <seconds>
VLAN interface Configures the IGMP specific group query interval
Configuring PIM-SM The details of the PIM-SM configuration are described in the following sections.
PIM-SM Basic Configurations Enabling PIM-SM
Enable PIM-SM
Command format Command mode Command function
router pimsm Global Enables IP multicast protocol PIM-SM
Add an interface that run PIM-SM
Command format Command mode Command function
ip pim sm VLAN interface Enables PIM-SM on the interface
Configuring Static RPs A static RPs can be configured for one or more specific groups, and the same static RP should be configured for the group on all the PIM-SM multicast routers in the multicast domain. RP addresses should be reachable from other routers. Generally, loopback interface addresses are used to reduce the network oscillations due to physical interface up/down. When a static RP is configured, the candidate RP will not be needed for the group.
Command format Command mode Command function
static-rp <ip-address> [group-list <acl-number>] [priority <priority>] Routing PIM-SM Configures a static RP
Example:
Configure static RP 10.1.1.1 for all the groups.
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 193
ZXR10(config-router)#static-rp 10.1.1.1
Example: Configure static RP 10.1.1.1 for group 239.132.10.100.
ZXR10(config-router)#static-rp 10.1.1.1 group-list 10
ZXR10(config)#acl basic number 10
ZXR10(config-basic-acl)#rule 1 permit 239.132.10.100 0.0.0.0
Configuring Candidate BSRs If the static RP mechanism is not used, candidate BSRs should be configured on more than one multicast routers in every multicast domain. The BSR sends bootstrap (BSR) messages periodically to advertise the RP conditions. Routers running PIM-SM update the RP statuses according to the latest advertisement messages. The bootstrap messages sent by the BSR are also used to elect the formal BSR from the candidate BSRs.
Command format Command mode Command function
bsr-candidate <interface-name> [<hash-mask-length>] [<priority>] Routing PIM-SM Configures a candidate BSR
The default priority of a candidate BSR is 0. The candidate BSR with the highest priority will become the formal BSR. If multiple routers have the same BSR priority, the IP addresses will be compared. The candidate BSR with the largest address will become the formal BSR.
Configuring Candidate RPs In PIM-SM, RP is the root of a shared multicast tree. It is responsible for sending multicast packets to the downstream receiving group members along the shared tree. A multicast group can only have one formal RP.
Command format Command mode Command function
rp-candidate <interface-name> [group-list <acl-number>] [priority <priority>]
Routing PIM-SM Configures a candidate RP
The default priority of a candidate RP is 192. The candidate RP with a smaller priority is preferred.
Enhanced PIM-SM Configurations Source Shortest Path Tree Switchover Only the last-hop DR and RP can switch over to the source shortest path tree. By default, the switchover begins when the RP has received the first Register message. For the last-hop DR, the switchover threshold policy can be configured with single unicast group as the granularity of control. If the shortest path tree threshold is configured as infinite, no switchover will occur. By default, a switchover will occur if only there is flow.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
194 Confidential and Proprietary Information of ZTE CORPORATION
Command format Command mode Command function
spt-threshold infinity [group-list <acl-number>] Routing PIM-SM
Configures the router to which receivers are connected directly to the switchover from shortest path tree back to the shared tree (RP tree)
Configuring an Interface as the PIM Domain Border Use the following command to configure an interface as the PIM domain border.
Command format Command mode Command function
ip pim bsr-border Vlan Interface Configures an interface as the PIM domain border
When the command is configured on an interface, bootstrap data messages will not be able to pass through the border in any direction. This command allows a network to be divided into areas using different BSRs. However, other PIM messages can pass through the domain border.
Setting the RP to Filtering the Received Register Messages Source addresses in multicast data messages encapsulated in the Register messages are filtered according to the rules defined in the ACL.
Command format Command mode Command function
accept-register <acl-number> Routing PIM-SM Filters the received Register messages
Limiting the Candidate RPs Advertised by a BSR Message Use the following command to filter the addresses of the candidate RPs advertised by a BRS message.
Command format Command mode Command function
accept-rp <acl-number> Routing PIM-SM Filters the candidate RP messages received on E-BSR
Setting DR Priorities A DR should be elected from a shared (or multi-access) network. The router with the highest priority will be elected. If the routers have the same priority, the one with the largest IP address will be selected.
On the shared network connected to the multicast data source, only the DR can send Register messages to the RP. On the shared network connected to the receivers, only the DR can respond to the IGMP Join/Leave messages and send PIM Join/Prune messages to the upstream routers.
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 195
Command format Command mode Command function
ip pim dr-priority <priority> Interface Sets a DR priority
The priority of a route is contained in a Hello message exchanged with neighbors. The default is 1.
Setting Hello Message Intervals The interval of hello messages sent by PIM-SM neighbors can be adjusted according to the network conditions. The default is 30 seconds.
Command format Command mode Command function
ip pim query-interval <seconds> Interface Configures a Hello message interval
Limiting PIM-SM Neighbors In view of security requirements, PIM-SM will not allow some of the routers to be neighbors on an interface.
Command format Command mode Command function
ip pim neighbor-filter <acl-number>
Interface Does not allow some of the routers to be PIM neighbors
Example:
Router 10.1.1.1 is not allowed to be a PIM neighbor on interface vlan1.
ZXR10(config)#acl basic number 10
ZXR10(config-basic-acl)#rule 1 deny 10.1.1.1 0.0.0.0
ZXR10(config-basic-acl)#rule 2 permit any
ZXR10(config)#interface vlan 1
ZXR10(config-if)#ip pim neighbor-filter 10
Configuring MSDP The details of the MSDP configuration are described in the following sections.
Basic MSDP Configuration Configure an MSDP peer to enable MSDP.
Command format Command mode Command function
ip msdp peer <peer-address> connect-source <interface-name> Global Configures an MSDP peer to
enable MSDP
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
196 Confidential and Proprietary Information of ZTE CORPORATION
Enhanced MSDP Configurations Configure the default MSDP peer
Command format Command mode Command function
ip msdp default-peer <peer-address> [list <acl-number>]
Global Defines the default MSDP peer
When the default MSDP peer is configured, the local router will accept the SA messages from the peer’s RP under the control of the list. If no list parameter is configured, all the SA messages from this peer will be accepted. When multiple default peers are configured on a route, if one of them requires a list parameter, all the peers should be configured with list parameters.
Configure an originating RP
This configuration is used to generate the MSDP speaker of SA messages and use the address of the specified interface as the RP address in a SA.
Command format Command mode Command function
ip msdp originator-id <interface-name>
Global Uses the address of the specified interface as the RP address in a SA
Configure the MSDP peer as a mesh group member
A "mesh group" appears to be a group of MSDP speakers which have fully meshed connectivity.
Command format Command mode Command function
ip msdp mesh-group <peer-address> <mesh-name>
Global Configures the MSDP peer as a mesh group member
Configure the maximum number of SA messages allowed in the SA cache
Command format Command mode Command function
ip msdp sa-limit <peer-address> <sa-limit>
Global Limit the number of SA messages from the specified MSDP peer in the SA cache
Shut down the configured MSDP peer
Command format Command mode Command function
ip msdp shutdown <peer-address>
Global Shuts down the configured MSDP peer
Clear the TCP connection established with the MSDP peer
This command shuts down the TCP connection to the MSDP peer and reset all the statistics of the MSDP peer.
Command format Command mode Command function
clear ip msdp peer [<peer-address>] Privileged
Clear the TCP connection(s) established with one or all of the MSDP peers
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 197
Clear the entries in the MSDP SA cache
Command format Command mode Command function
clear ip msdp sa-cache [<group-address>]
Privileged Clears the entries in the MSDP SA cache
Clear the statistical counter for the MSDP peer
This configuration clears the statistical counter for the MSDP peer but does not reset the MSDP sessions.
Command format Command mode Command function
clear ip msdp statistics [<peer-address>]
Privileged Clear the statistical counter for the MSDP peer
Example of Configuring Multicasting The following is an example of PIM-SM configuration. Figure 65 shows the network topology.
F I G U R E 65 E X AM P L E O F C O N F I G U R I N G MU L T I C AS T I N G
R1 R2
R3
Multicast Source Receiver
Lo:10.1.1.3/32
Lo:10.1.1.1/32 Lo:10.1.1.2/32
10.10.10.1/24
10.10.10.2/24
10.10.20.1/24 10.10.20.2/24
10.10.30.2/24
10.10.30.1/24
10.10.40.2/24
10.10.40.1/24
10.10.50.1/24
10.10.50.2/24
Configuration of R1
ZXR10_R1(config)#interface loopback1
ZXR10_R1(config-if)#ip address 10.1.1.1 255.255.255.255
ZXR10_R1(config)#ip multicast-routing
ZXR10_R1(config)#router pimsm
ZXR10_R1(config-router)#rp-candidate loopback1 priority 10
ZXR10_R1(config-router)#bsr-candidate loopback1 10 10
ZXR10_R1(config)#interface vlan1
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
198 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R1(config-if)#ip address 10.10.10.1 255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config)#interface vlan2
ZXR10_R1(config-if)#ip address 10.10.20.1 255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config)#interface vlan3
ZXR10_R1(config-if)#ip address 10.10.30.1 255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config)#router ospf 1
ZXR10_R1(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
Configuration of R2
ZXR10_R2(config)#interface loopback1
ZXR10_R2(config-if)#ip address 10.1.1.2 255.255.255.255
ZXR10_R2(config)#ip multicast-routing
ZXR10_R2(config)#router pimsm
ZXR10_R2(config-router)#rp-candidate loopback1 priority 20
ZXR10_R2(config-router)#bsr-candidate loopback1 10 20
ZXR10_R2(config)#interface vlan1
ZXR10_R2(config-if)#ip address 10.10.20.2 255.255.255.0
ZXR10_R2(config-if)#ip pim sm
ZXR10_R2(config)#interface vlan2
ZXR10_R2(config-if)#ip address 10.10.40.1 255.255.255.0
ZXR10_R2(config-if)#ip pim sm
ZXR10_R2(config)#interface vlan3
ZXR10_R2(config-if)#ip address 10.10.50.1 255.255.255.0
ZXR10_R2(config-if)#ip igmp access-group 10
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
ZXR10_R2(config)#access-list 10 permit any
Configuration of R3
ZXR10_R3(config)#interface loopback1
ZXR10_R3(config-if)#ip address 10.1.1.3 255.255.255.255
ZXR10_R3(config)#ip multicast-routing
ZXR10_R3(config)#router pimsm
ZXR10_R3(config-router)#rp-candidate loopback1 priority 30
ZXR10_R3(config-router)#bsr-candidate loopback1 10 30
ZXR10_R3(config)#interface vlan1
ZXR10_R3(config-if)#ip address 10.10.30.2 255.255.255.0
ZXR10_R3(config-if)#ip pim sm
ZXR10_R3(config)#interface vlan2
ZXR10_R3(config-if)#ip address 10.10.40.2 255.255.255.0
ZXR10_R3(config-if)#ip pim sm
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 199
ZXR10_R3(config)#router ospf 1
ZXR10_R3(config-router)#network 10.0.0.0 0.0.0.255 area 0.0.0.0
Note the sequence of configuration. The ip multicast-routing should be configured prior to router pimsm. Next, enable ip pim sm on the interface. The configuration will not be successful if the sequence is not followed.
To allow multicast data to be sent from the source to the receivers when using the ZXR10 T160G, the rpf incoming interface should be configured for all the routers on the entire path from the source to the receivers (command: ip pimsm source A.B.C.D group A.B.C.D receive-port <interface>). In a ring network, if the next-hop of the unicast route changes due to a link status change, the rpf incoming interface should be re-configured.
Multicasting Maintenance and Diagnosis For the ease of multicast maintenance and diagnosis, ZXR10 T160G/T64G provides many show commands for every multicast protocol supported.
Common Show Commands View the IP multicast routing table
Command format Command mode Command function
show ip mroute [group <group-address>] [source <source-address>] [summary]
All modes Displays IP multicast routing table
Example:
Display the contents of the current IP multicast routing table
ZXR10#show ip mroute
IP Multicast Routing Table
Flags:D -Dense,S -Sparse,C -Connected,L -Local,P -Pruned
R -RP-bit set,F -Register flag,T -SPT-bit set,J -Join SPT,
M - MSDP created entry,N -No Used,U -Up Send,
A - Advertised via MSDP,X -Proxy Join Timer Running,
* -Assert flag
Statistic: Receive packet count/Send packet count
Timers:Uptime/Expires
Interface state:Interface,Next-Hop or VCD,State/Mode
(*, 229.3.3.16), 00:00:01/00:03:34, RP 5.5.5.6 , 0/0, flags: SP
Incoming interface: vlan5, RPF nbr 5.5.5.6
Outgoing interface list: NULL
(100.1.1.100, 229.3.3.16), 00:00:01/00:03:34 , 0/0, flags: UN
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
200 Confidential and Proprietary Information of ZTE CORPORATION
Incoming interface: vlan4, RPF nbr 4.4.4.5
Outgoing interface list:
vlan6, Forward/Sparse, 00:00:01/00:03:29
Display the multicast forwarding route entries
If the command does not contain any source address option, it displays the (*, G) and (S, G) multicast forwarding entries. If it contains a source address option, it displays the (S, G) multicast forwarding entries.
Command format Command mode Command function
show ip mforwarding module <module-number> {summary|group-address <group-address> [source-address <source-address>]}
All modes Displays the multicast forwarding route entries
Example:
Display the multicast forwarding route entries.
ZXR10#show ip forwarding mroute module 7 group-address 229.3.3.16
IP Forwarding Multicast Routing Table
Flags: N -No Used,U -Up Send,L -Limit upSend,A - Assert send
(*, 229.3.3.16), Flags:, HitFlag:0, Incoming interface: Null,
LastSrcIp: 0.0.0.0
Outgoing vlan interface list: NULL
L2bitmap:0x0000000000000000 L3bitmap:0x0000000000000000
(100.1.1.100, 229.3.3.16), Flags:, HitFlag:0, Incoming interface:
vlan4 19/3, LastSrcIp: 0.0.0.0
Outgoing vlan interface list: NULL
L2bitmap:0x4000000000000008 L3bitmap:0x0000000000000000
Display the information of multicast RPF.
Command format Command mode Command function
show ip rpf <source-address> All modes Display the multicast RPF information
IGMP Use the following command to display the IGMP related information.
View the IGMP configurations on an interface
Displayed information includes the current IGMP version, querier ID, query time interval and max response time.
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 201
Command format Command mode Command function
show ip igmp interface [<interface-name>]
All modes except user mode
Displays the IGMP configurations on an interface
Example:
Display the IGMP configurations on interface vlan4.
ZXR10#show ip igmp interface vlan4
vlan4
Internet address is 4.4.4.4, subnet mask is 255.255.255.0
IGMP is enabled on interface
Current IGMP version is 2
IGMP query interval is 125 seconds
IGMP last member query interval is 1 seconds
IGMP query max response time is 10 seconds
IGMP querier timeout period is 251 seconds
IGMP querier is 4.4.4.4, never expire
Inbound IGMP access group is not set
IGMP immediate leave control is not set
View the IGMP group joining condition on an interface
Command format Command mode Command function
show ip igmp groups [<interface-name>]
All modes except user mode
Views the IGMP group joining condition on an interface
Example:
Display the group member information on interface vlan1.
ZXR10#show ip igmp groups
IGMP Connected Group Membership
Group addr Interface Present Expire Last Reporter
224.1.1.1 vlan4 00:00:48 never 4.4.4.4
PIM-SM Use the following command to display the PIM-SM related information.
Display the BSR information
Command format Command mode Command function
show ip pim bsr All modes Displays the BSR information
Example:
Display the BSR information
ZXR10#show ip pim bsr
Uptime: 00:00:11, BSR Priority :0, Hash mask length:30
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
202 Confidential and Proprietary Information of ZTE CORPORATION
Expires:00:00:49
This system is a candidate BSR
candidate BSR address: 6.6.6.6, priority: 0, hash mask length: 30
This System is Candidate_RP:
candidate RP address: 6.6.6.6(vlan6),priority:192
Display the information of the RP set advertised by a BSR
Command format Command mode Command function
show ip pim rp mapping All modes Displays the information of the RP set advertised by a BSR
Example:
Display the information of the RP set advertised by a BSR
ZXR10#show ip pim rp mapping
Group(s) 224.0.0.0/4
RP 5.5.5.6 static, Priority :192
RP 6.6.6.6 <?>, :v2, Priority :192
BSR: 6.6.6.6 <?>, via bootstrap
Uptime: 00:00:14, expires: 00:02:16
Display the RP information selected by a specific multicast group
Command format Command mode Command function
show ip pim rp hash <group-address>
All modes Displays the RP information selected by a specific multicast group
Example:
Display the RP information selected by group 224.1.1.1
ZXR10#show ip pim rp ha 224.1.1.1
rp address:5.5.5.6 static
View the information of the configured PIM-SM interface
Command format Command mode Command function
show ip pimsm interface[<interface-name>] All modes
Displays the information of the configured PIM-SM interface
Example:
View the information of the configured PIM-SM interface
ZXR10#show ip pimsm interface
Address Interface State Nbr Query DR DR
Count Intvl Priority
4.4.4.4 vlan4 Up 0 30 4.4.4.4 1
5.5.5.5 vlan5 Up 0 30 5.5.5.5 1
6.6.6.6 vlan6 Up 0 30 6.6.6.6 1
Chapter 18 Multicasting Route Configuration
Confidential and Proprietary Information of ZTE CORPORATION 203
0.0.0.0 vlan100 Down 0 30 0.0.0.0 1
View the information of the PIM-SM interface peer
Command format Command mode Command function
show ip pimsm neighbor [<interface-name>] All modes Displays the information of
the PIM-SM interface peer
Example:
View the information of the PIM-SM interface peer.
ZXR10#show ip pimsm neighbor
Neighbor Address Interface DR Prio Uptime Expires
131.1.1.91 vlan4 30000 00:19:34 00:01:29
22.22.22.43 vlan5 1 03:21:25 00:01:16
MSDP Use the following command to display the MSDP related information.
Display the statistics of SA messages
Display the number of SA messages from every MSDP peer in the SA cache
Command format Command mode Command function
show ip msdp count All modes Displays the statistics of SA messages
Example:
Display the statistics of SA messages
ZXR10#show ip msdp count
SA State per Peer Counters, <Peer>: <# SA learned>
101.1.1.1: 2
102.2.2.2: 20
103.3.3.3: 10
Total entries: 32
Display detailed information of MSDP peers
Command format Command mode Command function
show ip msdp peer [<peer-address>]
All modes Displays detailed information of MSDP peers
Example:
Display detailed information of MSDP peers
ZXR10(config)#show ip msdp peer
MSDP Peer 11.1.1.1
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
204 Confidential and Proprietary Information of ZTE CORPORATION
Description:
Connection status:
State: Down, Resets: 0, Connection source: vlan4 (4.4.4.4)
Uptime(Downtime): 00:00:04, Messages sent/received: 0/0
Connection and counters cleared 00:00:04 ago
SA Filtering:
Input (S,G) filter: none
Output (S,G) filter: none
Peer ttl threshold: 0
SAs learned from this peer: 0
Display the (S, G) status from every MSDP peer
Command format Command mode Command function
show ip msdp sa-cache [<group-address> [<source-address>]]
All modes Display the (S, G) status from every MSDP peer
Example:
Display the (S, G) status from every MSDP peer
ZXR10#show ip msdp sa-cache
MSDP Source-Active Cache - 4 entries
(101.101.101.101, 224.1.1.1), RP 49.4.4.4, 00:21:45/ 00:05:57
(101.101.101.101, 224.1.1.2), RP 49.4.4.4, 00:21:45/ 00:05:57
(101.101.101.101, 226.1.1.1), RP 50.4.4.4, 00:09:04/ 00:04:57
(101.101.101.101, 226.1.1.2), RP 50.4.4.4, 00:09:04/ 00:04:57
Display the statuses of MSDP peers
Command format Command mode Command function
show ip msdp summary All modes Display the statuses of MSDP peers
Example:
Display the statuses of MSDP peers
ZXR10#show ip msdp summary
MSDP Peer Status Summary
Peer Address State Uptime/ Reset SA
Downtime Count Count
101.1.1.1 Up 1d10h 9 2
*102.2.2.2 Up 14:24:00 5 20
103.3.3.3 Up 12:36:17 5 10
Confidential and Proprietary Information of ZTE CORPORATION 205
C h a p t e r 19
ACL Configuration
This chapter describes access control list (ACL). ACL is applied to port or policy for filtering and control of data flow. This chapter includes:
ACL Overview
Configuring ACL
Examples of Configuring ACL
ACL Maintenance and Diagnosis
ACL Overview To filter data, a network device should be configured with a series of matching rules to identify the objects to be filtered. After identifying the specific objects, corresponding packets will be allowed or denied according to the preset policy. ACL is used to implement these functions.
Generally, ACL is used to implement data message filtering, policy routing and special flow control. An ACL may contain one or more rules defined for special types of packets. These rules tell the switch to allow or deny the access of packets that match the criteria specified in the rules. Packet matching rules defined in ACL can also used in the cases where flow should be identified, for example, defining flow classification rules in QoS.
ZXR10 T160G/T64G provides four types of ACLs:
Basic ACL: Only source IP addresses are matched against the ACL.
Extended ACL: Source/destination IP address, IP protocol type, TCP source/destination port number, UDP source/destination port number, ICMP type, ICMP code, DiffServ Code Point (DSCP), ToS and precedence are matched against the ACL.
Layer 2 ACL: Source/destination MAC address, source VLAN ID, Layer 2 Ethernet protocol type and 802.1p priority value are matched against the ACL.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
206 Confidential and Proprietary Information of ZTE CORPORATION
Mixed ACL: Source/destination MAC address, source VLAN ID, source/destination IP address, TCP source/destination port number, UDP source/destination port number are matched against the ACL.
Each ACL has an ACL code for identification, which is a digit. The code ranges of different types of ACLs are as follows:
Basic ACL: 1~99
Extended ACL: 100~199
Layer 2 ACL: 200~299
Mixed ACL: 300~349
Each ACL supports up to 100 rules with the codes ranging from 1 to 100.
Configuring ACLs To configure ACL, follow the three steps in order:
Configure a time range
Define an ACL
Apply the ACL to physical ports
Configure a Time Range The configuration of time range includes the following cases:
Configure the time range in every day: Specify the start and end time in every day. If not configured, it indicates all the time in a day.
Configure period range: Specify a day of week
Configure range of dates: Specify the start and end dates If not configured, it indicates the time from the date when the configuration takes effect to the maximum system time.
Use the following command to configure a time range.
Command format Command mode Command function
time-range <timerange-name> {<hh:mm:ss> to <hh:mm:ss> <days-of-the-week>|from <hh:mm:ss> <mm-dd-yyyy> [to <hh:mm:ss> <mm-dd-yyyy>]}
Global Defines a time range
Defining ACLs To configure an ACL, enter the ACL configuration mode first, and then define the ACL rules.
Note the following issues when you define ACL rules:
Chapter 19 ACL Configuration
Confidential and Proprietary Information of ZTE CORPORATION 207
If a packet meets multiple rules, the first rule will be matched. So the rule sequence is very important. Generally, rules in a small range are put in the front and rules in a large range are put in the back.
Considering the network security, the system will add an implicit deny rule to the end of each ACL automatically for denying all the packets. A permit rule for allowing all the packets should be defined at the end of each ACL.
Configuring Basic ACLs Use the following command to define a basic ACL.
Enter the basic ACL configuration mode
Command format Command mode Command function
acl basic {number <acl-number>|name <acl-name>}
Global Enters the basic ACL configuration mode
Configure rules in an ACL
Command format Command mode Command function
rule <rule-no> {permit|deny} {<source> [<source-wildcard>]|any} [time-range <timerange-name>]
Basic ACL Defines rules
Move a rule to the back of another one
Command format Command mode Command function
move <rule-no> after <rule-no> Basic ACL Moves a rule to the back of anther one.
Example:
Define a basic ACL to allow the access of messages from network 192.168.1.0/24 but deny the messages from source IP address 192.168.1.100.
ZXR10(config)#acl basic number 10
ZXR10(config-basic-acl)#rule 1 deny 192.168.1.100 0.0.0.0
ZXR10(config-basic-acl)#rule 2 permit 192.168.1.0 0.0.0.255
Configuring Extended ACLs Use the following command to define an extended ACL.
Enter the extended ACL configuration mode
Command format Command mode Command function
acl extend {number <acl-number>|name <acl-name>}
Global Enters the extended ACL configuration mode
Configure rules in an ACL
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
208 Confidential and Proprietary Information of ZTE CORPORATION
Command format Command mode
Command function
rule <rule-no> {permit|deny} icmp {<source> <source-wildcard>|any} {<dest> <dest-wildcard>|any} [<icmp-type> [icmp-code <icmp-code>]] [{[precedence <pre-value>] [tos <tos-value>]}|dscp <dscp-value>] [time-range <timerange-name>]
Extended ACL Defines ICMP-based rules
rule <rule-no> {permit|deny} {<ip-number>|ip} {<source> <source-wildcard>|any} {<dest> <dest-wildcard>|any} [{[precedence <pre-value>] [tos <tos-value>]}|dscp <dscp-value>] [time-range <timerange-name>]
Extended ACL Defines rules on the basis of IP or IP protocol code
rule <rule-no> {permit|deny} tcp {<source> <source-wildcard>|any} [<rule> <port>] {<dest> <dest-wildcard>|any} [<rule> <port>] [established] [{[precedence <pre-value>] [tos <tos-value>]}|dscp <dscp-value>] [time-range <timerange-name>]
Extended ACL Defines TCP-based rules
rule <rule-no> {permit|deny} udp {<source> <source-wildcard>|any} [<rule> <port>] {<dest> <dest-wildcard>|any} [<rule> <port>] [{[precedence <pre-value>] [tos <tos-value>]}|dscp <dscp-value>] [time-range <timerange-name>]
Extended ACL Defines UDP-based rules
Move a rule to the back of another one
Command format Command mode Command function
move <rule-no> after <rule-no> Extended ACL Moves a rule to the back of another one
Example:
Define an extended ACL to implement the following functions.
Allows the access of UDP messages from network 210.168.1.0/24, destination IP address 210.168.2.10, source port 100 and destination port 200.
Denies the BGP messages from network 192.168.2.0/24.
Denies all the ICMP messages.
Denies all the messages with IP protocol code 8.
ZXR10(config)#acl extend number 150
ZXR10(config-ext-acl)#rule 1 permit udp 210.168.1.0 0.0.0.255 Eq 100
210.168.2.10 0.0.0.0 eq 200
ZXR10(config-ext-acl)#rule 2 deny tcp 192.168.2.0 0.0.0.255 Eq BGP any
ZXR10(config-ext-acl)#rule 3 deny icmp any any
ZXR10(config-ext-acl)#rule 4 deny 8 any any
Chapter 19 ACL Configuration
Confidential and Proprietary Information of ZTE CORPORATION 209
Configuring Layer 2 ACLs Use the following command to define a Layer 2 ACL.
Enter the Layer 2 ACL configuration mode
Command format Command mode Command function
acl link {number <acl-number>|name <acl-name>}
Global Enters the Layer 2 ACL configuration mode
Configure rules in an ACL
Command format Command mode Command function
rule <rule-no> {permit|deny} <prot-number> [cos <cos-vlaue>] [ingress {[<source-vlanid>] [<source-mac> <source-mac-wildcard>|any]}] [egress {<dest-mac> <dest-mac-wildcard>|any}] [time-range <timerange-name>]
Layer 2 ACL Defines rules
Move a rule to the back of another one
Command format Command mode Command function
move <rule-no> after <rule-no> Layer 2 ACL Moves a rule to the back of another one
Example:
Define a Layer 2 ACL to allow the access of IP packets with source MAC address 00d0.d0c0.5741 and 802.1p code 5.
ZXR10(config)#acl link number 200
ZXR10(config-link-acl)#rule 1 permit ip cos 5 ingress 10
00d0.d0c0.5741 0000.0000.0000
ZXR10(config-link-acl)#rule 2 deny 8847
Configuring Mixed ACLs Use the following command to define a mixed ACL.
Enter the mixed ACL configuration mode
Command format Command mode Command function
acl hybrid {number <acl-number>|name <acl-name>}
Global Enters the mixed ACL configuration mode
Configure rules in an ACL
Command format Command mode Command function
rule <rule-no> {permit|deny} <prot-number> {<source> <source-wildcard>|any} {<dest> <dest-wildcard>|any} [<source-vlanid>] [ingress
Mixed ACL Defines rules on the basis of source/destination IP address or MAC address
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
210 Confidential and Proprietary Information of ZTE CORPORATION
{<source-mac> <source-mac-wildcard>|any}] [egress {<dest-mac> <dest-mac-wildcard>|any}] [time-range <timerange-name>]
rule <rule-no> {permit|deny} tcp {<source> <source-wildcard>|any} [<rule> <port>] {<dest> <dest-wildcard>|any} [<rule> <port>] [<source-vlanid>] [ingress {<source-mac> <source-mac-wildcard>|any}] [egress {<dest-mac> <dest-mac-wildcard>|any}] [time-range <timerange-name>]
Mixed ACL Defines TCP-based rules
rule <rule-no> {permit|deny} udp {<source> <source-wildcard>|any} [<rule><port>] {<dest> <dest-wildcard>|any } [<rule> <port>] [<vlanid>] [ingress {<source-mac> <source-mac-wildcard>|any}] [egress {<dest-mac> <dest-mac-wildcard>|any}] [time-range <timerange-name>]
Mixed ACL Defines UDP-based rules
Move a rule to the back of another one
Command format Command mode Command function
move <rule-no> after <rule-no> Mixed ACL Moves a rule to the back of another one
Example:
Define a mixed ACL to implement the following functions.
Allows the access of UDP messages from network 210.168.1.0/24, destination IP address 210.168.2.10, destination MAC address 00d0.d0c0.5741, source port 100 and destination port 200.
Denies the BGP messages from network 192.168.3.0/24.
Denies the messages from MAC address 0100.2563.1425.
ZXR10(config)#acl hybrid number 300
ZXR10(config-hybd-acl)#rule 1 permit udp 210.168.1.0 0.0.0.255 Eq 100
210.168.2.10 0.0.0.0 eq 200 Egress 00d0.d0c0.5741 0000.0000.0000
ZXR10(config-hybd-acl)#rule 2 deny tcp 192.168.3.0 0.0.0.255 Eq BGP any
ZXR10(config-hybd-acl)#rule deny any any ingress 0100.2563.1425
0000.0000.0000
Chapter 19 ACL Configuration
Confidential and Proprietary Information of ZTE CORPORATION 211
Applying ACLs to Physical Ports Defined ACLs will not take effect until they are applied to physical ports. Use the following command to apply the ACLs to the corresponding physical ports.
Enter port configuration mode
Command format Command mode Command function
interface <port-name> Global Allows you to enter port configuration mode
Apply the ACL to physical ports
Command format Command mode Command function
ip access-group <acl-number> in Port Binds ACLs to Physical Ports
Tip: A physical port can only apply one ACL. The new configuration overwrites the old one. For example, in the gei_4/1 port configuration mode, the following two commands are configured in order:
ip access-group 10 in
ip access-group 100 in
Only ACL 100 takes effect.
Examples of Configuring ACL As shown in Figure 66, a company has an Ethernet switch, to which the server and users of Dept. A and B are connected. An administrative regulation is as follows:
Users of Dept. A and B are not allowed to access the FTP server and VOD server during working time (9:00~10:00), but access to the mail server is allowed at any time.
Internal users can access the Internet via proxy 192.168.3.100, but users of Dept. A are not allowed to access the Internet during working time.
The general managers of Dept. A and B (with IP address 192.168.1.100 and 192.168.2.100, respectively) are allowed to access the Internet and all the servers at any time.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
212 Confidential and Proprietary Information of ZTE CORPORATION
F I G U R E 66 E X AM P L E O F C O N F I G U R I N G ACL
MailServer
FTPServer
VODServer
Dept. A192.168.1.0/24
Dept. B192.168.2.0/24gei_2/1
VLAN1
gei_2/2VLAN2
gei_2/4VLAN4
Internet
Switch
The server IP addresses are allocated as follows:
Mail server: 192.168.4.50
FTP server: 192.168.4.60
VOD server: 192.168.4.70
Switch configuration
/* Configure a time range */ ZXR10(config)#time-range working-time 9:00:00 to 17:00:00
/* Define an extended ACL to limit the users of Dept. A */ ZXR10(config)#acl extend number 100
ZXR10(config-ext-acl)#rule 1 permit ip 192.168.1.100 0.0.0.0 any
ZXR10(config-ext-acl)#rule 2 deny ip 192.168.1.0 0.0.0.255
192.168.4.60 0.0.0.0 time-range working-time
ZXR10(config-ext-acl)#rule 3 deny tcp any eq 8888 192.168.4.70 0.0.0.0
time-range working-time
ZXR10(config-ext-acl)#rule 4 deny ip any 192.168.3.100 0.0.0.0
time-range working-time
ZXR10(config-ext-acl)#rule 5 permit ip any any
/* Define an extended ACL to limit the users of Dept. B */ ZXR10(config)#acl extend number 101
ZXR10(config-ext-acl)#rule 1 permit ip 192.168.2.100 0.0.0.0 any
Chapter 19 ACL Configuration
Confidential and Proprietary Information of ZTE CORPORATION 213
ZXR10(config-ext-acl)#rule 2 deny ip 192.168.2.0 0.0.0.255
192.168.4.60 0.0.0.0 time-range working-time
ZXR10(config-ext-acl)#rule 3 deny tcp any eq 8888 192.168.4.70 0.0.0.0
time-range working-time
ZXR10(config-ext-acl)#rule 4 permit ip any any
/* Apply ACLs to the corresponding physical ports */ ZXR10(config)#interface fei_2/1
ZXR10(config-if)#ip access-group 100 in
ZXR10(config-if)#exit
ZXR10(config)#interface fei_2/2
ZXR10(config-if)#ip access-group 101 in
ZXR10(config-if)#exit
ACL Maintenance and Diagnosis ZXR10 T160G/T64G provides related show commands for the ease of ACL maintenance and diagnosis.
Display the contents of all the ACLs or of the ACL with the specified list number
Command format Command mode Command function
show acl [<acl-number>|name <acl-name>] All modes
Displays the contents of all the ACLs or of the ACL with the specified list number
View if a physical port applies an ACL
Command format Command mode Command function
show running-config interface <port-name>
All modes except user mode
Displays the configuration information of an Ethernet port
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
214 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 215
C h a p t e r 20
QoS Configuration
Quality of Service (QoS) refers to the capability to provide better service to the selected network communication by using various technologies.
In this chapter, you will learn about:
QoS Overview
Configuring QoS
Example of Configuring QoS
QoS Maintenance and Diagnosis
QoS Overview Traditional networks provide best-effort services in which all messages are treated equally. The network devices do their best effort to send messages to the destination following the First Come, First Served principle. However, they do not provide any guarantee of message transmission reliability or relay.
As new applications continually appear, new requirements of network QoS are addressed. The best-effort services of traditional networks no long meet the requirements for the applications. For example, in VoIP services and real-time video transmission, if the message transmission relay is too large, the users will not be able to use the services normally. A feasible way to solve these problems is to provide the networks with the support for the QoS capability.
QoS is designed to provide different service quality for various applications depending on the requirements, e.g. providing dedicated bandwidth, reducing message loss rate, lowering message transmission relay and relay jitter. QoS provides the following functions to achieve these goals:
Traffic classification
Traffic monitoring and control
Traffic shaping
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
216 Confidential and Proprietary Information of ZTE CORPORATION
Queue scheduling and default 802.1p priority
Redirection and policy routing
Priority tagging
Traffic mapping
Traffic statistics
Traffic Classification Traffic refers to the messages passing through the switches. Traffic classification allows the messages transmitted across the switches to be classified, and defines or describes the messages with specific characteristics.
QoS traffic classification is based on ACL and the rule of ACL must be “permit”. The customer can classify the messages based on the filtering options of an ACL, e.g. source/destination IP address of the message, source/destination MAC address, IP protocol type, TCP source/destination port number, UDP source/destination port number, ICMP type, ICMP code, DSCP, ToS, precedence, source VLAN ID, Layer 2 Ethernet protocol type and 802.1p priority.
Traffic Monitoring and Control Traffic monitoring and control is designed to restrict the bandwidth for a service and prevent it from exceeding the specified bandwidth and affecting other services. Traffic exceeding the bandwidth can be processed as follows:
Discard or forward
Change its DSCP value
Change its discard priority (the message with a higher priority is preferred to be discard in the case of queue congestion).
Traffic monitoring and control does not cause extra relay.
Traffic Shaping Traffic shaping allows the control of message output rate, which allows the messages to be sent at an equal rate. Traffic shaping is usually used to match the message rate with the downstream devices to avoid congestion and prevent the messages from being discarded.
The primary difference between traffic shaping and traffic monitoring and control is that the shaping caches the messages exceeding the rate limit so that the messages can be sent at an equal rate, whereas traffic monitoring and control discards the messages exceeding the rate limit. Traffic shaping increases delay, but traffic monitoring and control does not.
Traffic shaping includes:
Bandwidth traffic shaping on ingress interfaces
Bandwidth traffic shaping on egress interfaces
Chapter 20 QoS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 217
Queue Scheduling and Default 802.1p Priority Each physical port of the ZXR10 T160G/T64G supports 8 output queues (Queue 0~7), which are called CoS queues. The switch performs input queue operations according to the CoS queues corresponding to the 802.1p of the messages. When the network is congested, many messages would compete for resources. This problem is generally solved via queue scheduling.
ZXR10 T160G/T64G supports two types of queue scheduling: strict priority (SP) and weighted round robin (WRR). The 8 output queues on a port can be scheduled in different ways.
SP scheduling
SP scheduling allows the data of each queue to be scheduled according to the queue priority strictly. Messages in the queue with the highest priority are dequeued and sent first until all the messages in this queue are sent. Messages in the queue with the second highest priority will then be sent. Similarly, messages in the queue with the next priority will be sent after all the messages in the queue with the higher priority are sent.
SP scheduling allows the messages of key services to be processed at a higher priority. However, queues with lower priorities may never be processed and will be “starved to death”.
WRR
WRR allows every queue to be scheduled. However, queues are scheduled at different time, that is, each queue has a different weight (which indicates the proportion of resource a queue gets). Messages in the queues with higher priorities have larger scheduling opportunities than those in the queues with lower priorities.
An 802.1Q label contains a data priority. If the data entering a port has no 802.1Q label, the switch will allocate it a default 802.1p value.
Redirection and Policy Routing Redirection refers to the re-determination of forwarding data messages with a specific characteristic based on the traffic classification to change the output direction of the messages and output them to the specified port, CPU or the next-hop IP address.
Messages will be redirected to the next-hop IP address to implement policy routing.
As for message forwarding control, policy-based routing is stronger than the traditional routing and can select the forwarding path according to the matched segments in an ACL. Policy routing enables the implementation of traffic engineering to a certain extent, allowing the traffic with different QoS or the data of different services (e.g. voice and FTP) to be transmitted via different paths. As the users have higher requirements for network performance, it is necessary to select different packet forwarding paths depending on services or user types.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
218 Confidential and Proprietary Information of ZTE CORPORATION
Priority Tagging Priority tagging re-allocates a set of service parameters for the specific traffic described in an ACL. The following operations are allowed:
Change the CoS queue of data messages as well as the 802.1p value.
Change the CoS queue of data messages, but the 802.1p value is not changed.
Change the DSCP value of data messages.
Change the discard priority of data messages.
Traffic Mapping Traffic mapping enables the service traffic that matches ACL rules to be copied to the CPU or the specified port for message analysis and monitoring, which is generally used for network failure diagnosis.
Traffic Statistics Traffic statistics provides statistics of packets of the specified service traffic so that you can learn about the actual network conditions and allocate network resources as required. Traffic statistics mainly provides the number of packets received on a port in the incoming direction.
Configuring QoS The details of the QoS configuration are described in the following sections.
Traffic Monitoring and Control Use the following commands to configure traffic monitoring and control:
Command format Command mode Command function
traffic-limit in <acl-number> rule-id <rule-no> rate-limit <limit-value> bucket-size <size>
traffic-limit in <acl-number> rule-id <rule-no> rate-limit <limit-value> bucket-size <size> exceed forward [remark-dscp <dscp-value>]
traffic-limit in <acl-number> rule-id <rule-no> rate-limit <limit-value> bucket-size <size> exceed drop
Global Monitors and controls the traffic of data messages
Chapter 20 QoS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 219
traffic-limit in <acl-number> rule-id <rule-no> rate-limit <limit-value> bucket-size <size> exceed remark-dscp <dscp-value> [forward|drop-precedence <drop-value>]
traffic-limit in <acl-number> rule-id <rule-no> rate-limit <limit-value> bucket-size <size> drop-precedence <drop-value> [remark-dscp <dscp-value>]
Global Monitors and controls the traffic of data messages
Example:
Monitor and control the traffic of packets with destination IP address 168.2.5.5 on port gei_5/1. Set the bandwidth to 10 M, burst transmission rate to no greater than 1 M and change the DSCP value to 23 for the part that exceeds the limit and set the discard priority to high (this part of packets will be discarded at a higher priority in queue congestion).
ZXR10(config)#acl extend number 100
ZXR10(config-ext-acl)#rule 1 permit any 168.2.5.5
ZXR10(config-ext-acl)#exit
ZXR10(config)#traffic-limit in 100 rule-id 1 rate-limit 10000
bucketsize 1000 exceed remark-dscp 23 drop-precedence high
ZXR10(config)#interface gei_5/1
ZXR10(config-if)#ip access-group 100 in
Traffic Shaping Use the following commands to configure port traffic shaping:
Command format Command mode Command function
traffic-limit rate-limit <limit-value> bucket-size <size> {in|out}
Port Enables the shaping of traffic on a port
Example:
Enable traffic shaping on port gei_5/1. Set the ingress rate to 200 M and egress rate to 40 M.
ZXR10(config)#interface gei_5/1
ZXR10(config-if)#traffic-limit rate-limit 200000 bucket-size 2000
in
ZXR10(config-if)#traffic-limit rate-limit 40000 bucket-size 2000 Out
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
220 Confidential and Proprietary Information of ZTE CORPORATION
Queue Scheduling and Default 802.1p Priority ZXR10 T160G/T64G supports two types of queue scheduling: strict priority (SP) and weighted round robin (WRR). When both types are used, SP is more preferred than WRR.
Use the following commands to configure queue scheduling and the default 802.1p priority.
Command format Command mode Command function
queue-mode {strict-priority|wrr <queue-number> <weight> [...<queue-number> <weight>]}
Port Schedules the queues on a port. SP by default.
priority <value> Port Configures the default 802.1p for a port
Example:
Enable strict scheduling based on priority on port gei_5/1. Enable WRR scheduling on port gei_5/2. The weights of Queue 0~7 are 10, 5, 8, 10, 5, 8, 9, 10. Set the default 802.1p of port gei_5/2 to 5.
ZXR10(config)#interface gei_5/1
ZXR10(config-if)#queue-mode strict-priority
ZXR10(config-if)#exit
ZXR10(config)#interface gei_5/2
ZXR10(config-if)#queue-mode wrr queue-0 10 queue-1 5 queue-2 8 queue-3
10 queue-4 5 queue-5 8 queue-6 9 queue-7 10
ZXR10(config-if)#priority 5
Redirection and Policy Routing Use the following commands to configure redirection:
Command format Command mode Command function
redirect in <acl-number> rule-id <rule-no> {cpu|interface <port-name>|next-hop <ip-address>}
Global Configures redirection or policy routing
Example:
Redirect the packets with the source IP address 168.2.5.5 on port gei_4/4 to port gei_6/3. Enable policy routing for the packets with the destination IP address 66.100.5.6. Set the next-hop IP address to 166.88.96.56.
ZXR10(config)#acl extend number 100
ZXR10(config-ext-acl)#rule 1 permit ip 168.2.5.5 any
ZXR10(config-ext-acl)#rule 2 permit ip any 66.100.5.6
Chapter 20 QoS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 221
ZXR10(config-ext-acl)#exit
ZXR10(config)#redirect in 100 rule-id 1 interface gei_6/3
ZXR10(config)#redirect in 100 rule-id 2 next-hope 166.88.96.56 0.0.0.0
ZXR10(config)#interface gei_4/4
ZXR10(config-if)#ip access-group 100 in
Priority Tagging Use the following commands to configure priority tagging.
Command format Command mode Command function
priority-mark in <acl-number> rule-id <rule-no> {[dscp <dscp-value>] [drop-precedence <drop-value>] [cos <cos-value>|local-precedence <local-value>]}
Global Enables message priority tagging
Example:
Change the DSCP value of the packets with the source IP address 168.2.5.5 on port gei_5/1 to 34, and select 4 for output queues.
ZXR10(config)#acl basic number 10
ZXR10(config-basic-acl)#rule 1 permit 168.2.5.5
ZXR10(config-basic-acl)#exit
ZXR10(config)#priority-mark in 10 rule-id 1 dscp 34 cos 4
ZXR10(config)#interface gei_5/1
ZXR10(config-if)#ip access-group 10 in
Traffic Mapping Use the following commands to configure traffic mapping:
Command format Command mode Command function
traffic-mirror in <acl-number> rule-id <rule-no> {cpu|interface <port-name>}
Global Enables the mapping of the specified traffic
Example:
Map the data traffic with the source IP address 168.2.5.6 on port gei_4/8 to port gei_4/4.
ZXR10(config)#acl basic number 10
ZXR10(config-basic-acl)#rule 1 permit 168.2.5.5
ZXR10(config-basic-acl)#rule 2 permit 168.2.5.6
ZXR10(config-basic-acl)#exit
ZXR10(config)#traffic-mirror in 10 rule-id 2 interface
ZXR10(config)#interface gei_4/8
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
222 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10(config-if)#ip access-group 10 in
ZXR10(config-if)#exit
ZXR10(config)#interface gei_4/4
ZXR10(config-if)#monitor session 1 destination
Tip: If cross-card traffic mapping is configured, only one session can be configured for port mapping.
Traffic Statistics Use the following commands to configure traffic statistics:
Command format Command mode Command function
traffic-statistics in <acl-number> rule-id <rule-no>
Global Collects the statistics on the specified traffic
Example:
Collect the traffic statistics on the data in the network with the destination IP address 67.100.88.0/24 on port gei_4/8.
ZXR10(config)#acl extend number 100
ZXR10(config-ext-acl)#rule 1 permit ip 168.2.5.5 0.0.0.0 any
ZXR10(config-ext-acl)#rule 2 permit ip any 67.100.88.0 0.0.0.255
ZXR10(config-ext-acl)#exit
ZXR10(config)#traffic-statistics in 100 rule-id 2
ZXR10(config)#interface gei_4/8
ZXR10(config-if)#ip access-group 100 in
Example of Configuring QoS Example of a Typical QoS Configuration Network A, Network B and the internal servers are connected to an Ethernet switch, as shown in Figure 67. The internal servers include a VOD server with the IP address 192.168.4.70. To ensure the QoS of VOD, it should be configured with a higher priority. Internal users can access the Internet via proxy 192.168.3.100. However, the bandwidth of Network A and B should be limited and traffic statistics is required.
Chapter 20 QoS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 223
F I G U R E 67 E X AM P L E O F A T Y P I C AL QO S C O N F I G U R AT I O N
VODServer
Network A192.168.1.0/24
Network B192.168.2.0/24gei_2/1
VLAN1
gei_2/2VLAN2
gei_2/4VLAN4
Internet
Switch
Switch configuration
ZXR10(config)#acl extend number 100
ZXR10(config-ext-acl)#rule 1 permit tcp any eq 8888 192.168.4.70
0.0.0.0
ZXR10(config-ext-acl)#rule 2 permit ip any 192.168.3.100 0.0.0.0
ZXR10(config-ext-acl)#rule 3 permit ip any any
ZXR10(config-ext-acl)#exit
/* To ensure the QoS of VOD, change the 802.1p value to 7 */ ZXR10(config)#priority-mark in 100 rule-id 1 cos 7
/* Limit the bandwidth of the access from Network A to the Internet */ ZXR10(config)#traffic-limit in 100 rule-id 2 rate-limit 50000
bucketsize 1000 exceed drop-precedence high
/*Collect the statistics on the traffic of Network A */ ZXR10(config)#traffic-statistics in 100 rule-id 3
ZXR10(config)#acl extend number 101
ZXR10(config-ext-acl)#rule 1 permit tcp 192.168.2.0 0.0.0.255 eq 8888
192.168.4.70 0.0.0.0
ZXR10(config-ext-acl)#rule 2 permit ip any 192.168.3.100 0.0.0.0
ZXR10(config-ext-acl)#rule 3 permit ip any any
ZXR10(config-ext-acl)#exit
/* To ensure the QoS of VOD, change the 802.1p value to 7 */ ZXR10(config)#priority-mark in 101 rule-id 1 cos 7
/* Limit the bandwidth of the access from Network B to the Internet */ ZXR10(config)#traffic-limit in 101 rule-id 2 rate-limit 100000
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
224 Confidential and Proprietary Information of ZTE CORPORATION
bucketsize 10000 exceed drop-precedence low
/*Collect the statistics on the traffic of Network B */ ZXR10(config)#traffic-statistics in 101 rule-id 3
ZXR10(config)#interface fei_2/1
ZXR10(config-if)#ip access-group 100 in
ZXR10(config-if)#exit
ZXR10(config)#interface fei_2/2
ZXR10(config-if)#ip access-group 101 in
Example of Configuring Policy Routing When multiple Internet service provider (ISP) egresses exist in a network, different ISP egresses can be selected for different groups of users via policy routing.
Users in two subnetworks are connected to the switch as shown in Figure 68, in which two ISP egresses are available. It is required to select different egresses according to the users’ IP addresses. Users in subnetwork 10.10.0.0/24 use the ISP1 egress. Users in subnetwork 11.11.0.0/24 use the ISP2 egress.
F I G U R E 68 E X AM P L E O F C O N F I G U R I N G P O L I C Y R O U T I N G
Switch
ISP1100.1.1.1
ISP2200.1.1.1
10.10.0.0/24
11.11.0.0/24
gei_1/1VLAN1
gei_1/2VLAN2
Switch configuration
/* Define an ACL. Describe the users in networks 10.10.0.0/24 and 11.11.0.0/24 */ ZXR10(config)#acl basic number 10
ZXR10(config-basic-acl)#rule 1 permit 10.10.0.0 0.0.0.255
ZXR10(config-basic-acl)#rule 2 permit 11.11.0.0 0.0.0.255
ZXR10(config-basic-acl)#exit
/* Configure QoS policy routing */ ZXR10(config)#redirect in 10 rule-id 1 next-hope 100.1.1.1 0.0.0.0
ZXR10(config)#redirect in 10 rule-id 2 next-hope 200.1.1.1 0.0.0.0
/* Apply it to the corresponding ports */ ZXR10(config)#interface gei_1/1
Chapter 20 QoS Configuration
Confidential and Proprietary Information of ZTE CORPORATION 225
ZXR10(config-if)#ip access-group 10 in
ZXR10(config-if)#exit
ZXR10(config)#interface gei_1/2
ZXR10(config-if)#ip access-group 10 in
QoS Maintenance and Diagnosis ZXR10 T160G/T64G provides related show commands for easier QoS maintenance and diagnosis.
Command format Command mode Command function
show qos [number <acl-number> [rule-id <rule-no>]] Privileged Displays QoS configuration
information
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
226 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 227
C h a p t e r 21
DHCP Configuration
This chapter introduces the dynamic host configuration protocol (DHCP). DHCP is a widely used protocol providing the capability of obtaining dynamic addresses for the hosts in a network. ZXR10 T160G/T64G can be configured as a DHCP server or DHCP relay according to the actual networking requirement.
In this chapter, you will learn about:
DHCP Overview
Configuring DHCP
Examples of Configuring DHCP
DHCP Maintenance and Diagnosis
DHCP Overview DHCP allows a host on a network to obtain an IP address for normal communications and related configuration information from a DHCP server. Details of DHCP are described in RFC 2131.
DHCP uses UDP as the transmission protocol. The host sends messages to port 67 of the DHCP server, who will return messages to port 68 of the host. A DHCP works in the following steps:
1. A host sends a DHCPDiscover broadcast message requesting an IP address and other configuration parameters.
2. A DHCP server returns a DHCPOffer unicast message containing a valid IP address.
3. The host selects the server at which the DHCPOffer arrives first, and sends a DHCPRequest unicast message to the server, which indicates it accepts the related configurations.
4. The selected DHCP server returns a DHCPAck unicast message for acknowledgement.
Thus, the host can communicate with other network devices using the IP address and related configurations obtained from the DHCP server.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
228 Confidential and Proprietary Information of ZTE CORPORATION
The IP addresses allocated by the DHCP server for the host include 3 types:
Administrator allocates an IP address to a specific host
An address is allocated to a host permanently at random.
An address is allocated to a host at random for a period of time.
The third type of address is generally used. The validity time of an address is called “lease period”. Before the lease period expires, the host must request continue lease from the server. The address can no longer be used unless the server accepts the request otherwise the address will be abandoned unconditionally.
The routers do not send the received broadcast packets from one subnetwork to anther by default. When the DHCP server and the client host do not exist in the same subnetwork, the router acting as the default gateway of the client host must send the broadcast packets to the subnetwork where the DHCP server resides, which is called DHCP relay.
ZXR10 T160G/T64 can be used either as a DHCP server or the DHCP relay for forwarding DHCP information, but the two functions cannot be enabled at a time.
Configuring DHCP The DHCP server configurations include the following contents:
Configure an IP address pool. DHCP server allocates the addresses in the pool to client hosts.
Command format Command mode Command function
ip local pool <pool-name> <low-ip-address> <high-ip-address> <net-mask>
Global Configures an IP address for a DHCP server
Configure other parameters related to the DHCP server
Command format Command mode
Command function
ip dhcp server leasetime <time> Global Sets the lease time of the IP address
leased by a DHCP server to a client host
ip dhcp server dns <mdns-address> [<sdns-address>]
Global Sets the DNS address returned by a DHCP server to a user
ip dhcp server update arp Global Sets the binding of the IP address allocated by a DHCP server with ARP
Enable the DHCP attribute on the interface connected to the subnetwork where clients reside
Chapter 21 DHCP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 229
Command format Command mode Command function
user-interface VLAN interface Configures a user-side interface flag
Configure the default user gateway address on the interface connected to the subnetwork where clients reside
Command format Command mode Command function
ip dhcp server gateway <ip-address>
VLAN interface Configures the DHCP gateway address for an interface
Enable the built-in DHCP server process
Command format Command mode Command function
ip dhcp server enable Global Enables the built-in DHCP server process
The DHCP relay configurations include the following contents:
Enable the DHCP attribute on the interface connected to the subnetwork where clients reside
Command format Command mode Command function
user-interface VLAN interface Configures a user-side interface flag
Configure the default user gateway address on the interface connected to the subnetwork where clients reside
Command format Command mode Command function
ip dhcp relay agent <ip-address> VLAN interface Configures the DHCP proxy address for an interface
Configure the IP address for the external DHCP server on the interface connected to the subnetwork where clients resides
Command format Command mode Command function
ip dhcp relay server <ip-address> VLAN interface Configures the IP address for the external DHCP server for an interface
Bind the IP address allocated by a DHCP server with ARP
Command format Command mode Command function
ip dhcp relay update arp Global Sets the binding of the IP address allocated by a DHCP server with ARP
Enable the built-in DHCP relay process
Command format Command mode Command function
ip dhcp relay enable Global Enables the built-in DHCP relay process
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
230 Confidential and Proprietary Information of ZTE CORPORATION
Examples of Configuring DHCP Example of Configuring a DHCP Server R1 is used as a DHCP server and acts as the default gateway additionally, as shown in Figure 69. The host obtains an IP address dynamically via DHCP.
F I G U R E 69 C O N F I G U R I N G A DHCP S E R V E R
10.10.1.1/24
10.10.1.2/24
R1
PCFTP Server
10.10.2.2/24DNS Server
Configuration of R1
ZXR10(config)#ip dhcp server dns 10.10.2.2
ZXR10(config)#ip dhcp server leasetime 90
ZXR10(config)#ip local pool dhcp 10.10.1.3 10.10.1.254 255.255.255.0
ZXR10(config)#interface vlan10
ZXR10(config-if)#user-interface
ZXR10(config-if)#ip address 10.10.1.1 255.255.255.0
ZXR10(config-if)#ip dhcp server gateway 10.10.1.1 255.255.255.0
ZXR10(config-if)#peer default ip pool dhcp
ZXR10(config-if)#exit
ZXR10(config)#ip dhcp server enable
Example of Configuring DHCP Relay When DHCP clients and the server do not reside in one network, the router directly connected to the user ends should act as the DHCP relay.
Chapter 21 DHCP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 231
As shown in Figure 70, the DHCP relay function is enabled on R1. The separate server 10.10.2.2 provides the DHCP server functions. This method is usually used in the case where there are many hosts that require the DHCP service.
F I G U R E 70 C O N F I G U R I N G A DHCP R E L AY
10.10.1.1/24
10.10.1.2/24
R1
PCFTP Server
10.10.2.2/24DHCP Server
Configuration of R1
ZXR10(config)#interface vlan10
ZXR10(config-if)#user-interface
ZXR10(config-if)#ip address 10.10.1.1 255.255.255.0
ZXR10(config-if)#ip dhcp relay agent 10.10.1.1
ZXR10(config-if)#ip dhcp relay server 10.10.2.2
ZXR10(config-if)#exit
ZXR10(config)#ip dhcp relay enable
DHCP Maintenance and Diagnosis When a failure occurs in the IP address allocation for the DHCP users, relevant debugging commands can be used for troubleshooting. The commands to be used include show commands and debug commands.
The show commands allow you to view the current DHCP configuration information.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
232 Confidential and Proprietary Information of ZTE CORPORATION
Display the configuration information of the DHCP server process module
Command format Command mode Command function
show ip dhcp server All modes except user mode
Displays the configuration information of the DHCP server process module
Display the list of current online users on the DHCP server process module
Command format Command mode Command function
show ip dhcp server user All modes except user mode
Displays the list of current online users on the DHCP server process module
Display the configuration information of the DHCP relay process module
Command format Command mode Command function
show ip dhcp relay All modes except user mode
Displays the configuration information of the DHCP relay process module
Display the information of the local address pool configured
Command format Command mode Command function
show ip local pool [<pool-name>] All modes except user mode
Displays the information of the local address pool configured
Display the configuration information of the DHCP server/relay related to an interface
Command format Command mode Command function
show ip interface All modes
Displays the configuration information of the DHCP server/relay related to an interface
The debug commands allow you to track the packet sending/receiving and processing of the DHCP server/relay process
Command format Command mode Command function
debug ip dhcp Privileged
Tracks the packet sending/receiving and processing on the DHCP server/relay
Confidential and Proprietary Information of ZTE CORPORATION 233
C h a p t e r 22
VRRP Configuration
This chapter introduces the Virtual Router Redundancy Protocol (VRRP). In the case where there are many egress routers, this protocol can be used to provide the redundancy of multiple egress gateways for a host.
In this chapter, you will learn about:
VRRP Overview
Configuring VRRP
Examples of Configuring VRRP
VRRP Maintenance and Diagnosis
VRRP Overview In a broadcast domain, a default gateway is generally set as the next-hop of the routing packets for the hosts. When the default gateway does not work normally, the hosts in this broadcast domain will be unable to communicate with the hosts in other networks. To prevent the single point failure due to the default gateway, you can configure multiple router interfaces in a broadcast domain and enable VRRP on these routers.
VRRP puts multiple router interfaces in a broadcast domain into one group to form a virtual router, and allocates it an IP address as the interface address. The interface address of the virtual router can be either the address of one of the routers, or a third-party address. If the interface address of a router is used, the router having this IP address is used as the master router, while others are used as the backup routers. If a third-party address is used, the router with a higher priority is used as the master router. If two routers have the same priority, the one who sends a VRRP message first is the master router.
On the hosts in this broadcast domain, set the IP address of the virtual router as the gateway. When the master router fails, the router with the highest priority will be selected from the backup routers to replace it, which has no impact on the hosts in this domain. The hosts in this domain can communicate with the outside world unless no routers in this VRRP GROUP work properly.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
234 Confidential and Proprietary Information of ZTE CORPORATION
These routers can also be put into multiple groups and act as standby routers for each other. The host in the domain use different IP addresses as the gateways, thus achieving data load-balance.
Configuring VRRP To configure VRRP:
Run VRRP on an interface
Command format Command mode Command function
vrrp <group> ip <ip-address> [secondary] VLAN interface
Sets a VRRP virtual IP address and runs VRRP on an interface
A VRRP group can be configured with multiple virtual addresses. The hosts connected to it can use any one of them as the gateway for communications.
Configure the VRRP priority on an interface
Command format Command mode Command function
vrrp <group> priority <priority> VLAN interface Configures a VRRP priority, 100 by default
Configure preemption on an interface
Command format Command mode Command function
vrrp <group> preempt [delay <seconds>] VLAN interface
Configures if preemption is allowed when the virtual router is in the standby state. Preemption is allowed by default with a delay of 0 in unit of millisecond.
Configure the time interval for sending VRRP advertisements
Command format Command mode Command function
vrrp <group> advertise [msec] <interval> VLAN interface
Configures the interval for sending VRRP advertisements. 1s by default
On an interface, configure how to know the interval for sending VRRP messages
Command format Command mode Command function
vrrp <group> learn VLAN interface Configures the interval of
Chapter 22 VRRP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 235
messages sending from the master to be learnt from a VRRP message Non-learn by default. The local configuration is used
Configure the authentication character string on an interface
Command format Command mode Command function
vrrp <group> authentication <string> VLAN interface
Configures an authentication character string with a length no greater than 8 No authentication and the character string is null by default
Examples of Configuring VRRP Basic VRRP Configuration VRRP runs between R1 and R2, as shown in Figure 71. The interface address 10.0.0.1 of R1 is used as the VRRP virtual address. R1 acts as the master router.
F I G U R E 71 B AS I C VRRP C O N F I G U R AT I O N
R1 R2
PC1 PC2 PC3 PC4
10.0.0.1/16 10.0.0.2/16
Gateway: 10.0.0.1/16
Master Backup
Configuration of R1
ZXR10_R1(config)#interface vlan 1
ZXR10_R1(config-if)#ip address 10.0.0.1 255.255.0.0
ZXR10_R1(config-if)#vrrp 1 ip 10.0.0.1
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
236 Confidential and Proprietary Information of ZTE CORPORATION
Configuration of R2
ZXR10_R2(config)#interface vlan 1
ZXR10_R2(config-if)#ip address 10.0.0.2 255.255.0.0
ZXR10_R2(config-if)#vrrp 1 ip 10.0.0.1
Symmetric VRRP Configuration Figure 72 illustrates an example in which two VRRP groups are used. PC1 and PC2 use the virtual router of Group 1 as the default gateway with the address 10.0.0.1. PC3 and PC4 use the virtual router of Group 2 as the default gateway with the address 10.0.0.2. R2 and R2 act as the standby routers for each other. The four hosts can communicate with the outside world unless both of the routers fail.
F I G U R E 72 S Y M M E T R I C VRRP C O N F I G U R AT I O N
Interface:10.0.0.1/16group-id=1,addr=10.0.0.1/16group-id=2,addr=10.0.0.2/16
Interface:10.0.0.2/16group-id=1,addr=10.0.0.1/16group-id=2,addr=10.0.0.2/16
R1 R2
PC1 PC2 PC3 PC4
Gateway: 10.0.0.1/16
Master Backup
Gateway: 10.0.0.2/16
Configuration of R1
ZXR10_R1(config)#interface vlan 1
ZXR10_R1(config-if)#ip address 10.0.0.1 255.255.0.0
ZXR10_R1(config-if)#vrrp 1 ip 10.0.0.1
ZXR10_R1(config-if)#vrrp 2 ip 10.0.0.2
Configuration of R2
ZXR10_R2(config)#interface vlan 1
ZXR10_R2(config-if)#ip address 10.0.0.2 255.255.0.0
ZXR10_R2(config-if)#vrrp 1 ip 10.0.0.1
ZXR10_R2(config-if)#vrrp 2 ip 10.0.0.2
Chapter 22 VRRP Configuration
Confidential and Proprietary Information of ZTE CORPORATION 237
VRRP Maintenance and Diagnosis ZXR10 T160G/T64G provides related show commands for easier VRRP maintenance and diagnosis.
Command format Command mode Command function
show vrrp [<group>|brief|interface <interface-name>]
All modes except user mode
Displays the configuration information of all the VRRP groups
ZXR10 T160G/T64G also provides VRRP debugging commands.
Command format Command mode Command function
debug vrrp {state|packet|event|error|all} Privileged Enables the display of VRRP
debug information
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
238 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 239
C h a p t e r 23
Load Balance Configuration
Load balance allows data traffic to be forwarded via multiple links among devices, maximizing the utilization of the bandwidths of these links.
In this chapter, you will learn about:
Load Balance Overview
Configuring Load Balance
Examples of Configuring Load Balance
Load Balance Maintenance and Diagnosis
Load Balance Overview Load balance allows data traffic to be forwarded via multiple activated links among devices, maximizing the bandwidths of the multiple links. Load balance does not mean the data traffic volume on each link is equal.
Data traffic includes the traffic from two directions, one is incoming and the other is outgoing. The traffic of load-balance in the incoming and outgoing directions are closely related to the routes advertised and learnt by the devices. The traffic load balance in the incoming direction shares the impact of the internal routes advertised to the outside by the devices. The traffic load balance in the outgoing direction shares the impact of external routes advertised to the inside by the devices. They have a direct impact on whether multiple routing entries to the destination are installed in the forwarding tables on the devices, as well as the control of multiple routes.
ZXR10 T160G/T64G supports route-based load balance. By configuring static routes, routing protocols and the number of routing entries, multiple reachable route entries to one destination can be installed in the forwarding table, thus providing a basis for load balance.
ZXR10 T160G/T64G supports the per-destination load balance policy, which considers both the source and destination addresses of packets, allowing the packets with the same source-destination address pair to be routed along the same path (even if there are multiple available paths). Packets with different source-destination address pairs can be routed along different
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
240 Confidential and Proprietary Information of ZTE CORPORATION
paths. This policy ensures that the packets with the same source-destination address pair arrive in order. In the case where there are a lot of source-destination address pairs in the traffic, load balance will be more effective.
ZXR10 T160G/T64G supports up to 8 different paths to the same destination. After configuring load balance, the traffic on the interfaces will be balanced after a period of time.
Configuring Load Balance The load balance configuration includes the following contents:
Configure the maximum number of paths in routing configuration mode
Command format Command mode Command function
maximum-paths <number> Routing Configures the maximum number of paths allowed in load balance
The maximum number of paths can be configured in RIP, OSPF, IS-IS and BGP routing configuration modes. The default number of paths is 1. Up to 8 paths are supported.
Configure load balance for static routes
Command format Command mode Command function
ip route [vrf <vrf-name>] <prefix> <net-mask> {<forwarding-router's-address>|<interface-name>} [<distance-metric>] [tag <tag>]
Global Establishes a static route
Configure multiple static routes to one destination. Up to 8 routes are supported, but they should have different tags. The default value of tag is 3.
Examples of Configuring Load Balance Seven links are connected between R1 and R2 as shown in Figure 73.
Chapter 23 Load Balance Configuration
Confidential and Proprietary Information of ZTE CORPORATION 241
F I G U R E 73 E X AM P L E O F C O N F I G U R I N G LO A D B AL AN C E
R1 R2PC1 PC2
...
vlan810.1.1.1/24
vlan820.1.1.1/24
10.1.1.2/24 20.1.1.2/24
vlan7: 107.1.1.1/30vlan6: 106.1.1.1/30vlan5: 105.1.1.1/30vlan4: 104.1.1.1/30vlan3: 103.1.1.1/30vlan2: 102.1.1.1/30vlan1: 101.1.1.1/30
vlan7: 107.1.1.2/30vlan6: 106.1.1.2/30vlan5: 105.1.1.2/30vlan4: 104.1.1.2/30vlan3: 103.1.1.2/30vlan2: 102.1.1.2/30vlan1: 101.1.1.2/30
The following sections describe the configurations of load balance in examples of static route and dynamic route protocol OSPF.
Static Route Configuration of R1
ZXR10_R1(config)#interface vlan1
ZXR10_R1(config-if)#ip address 101.1.1.1 255.255.255.252
ZXR10_R1(config)#interface vlan2
ZXR10_R1(config-if)#ip address 102.1.1.1 255.255.255.252
ZXR10_R1(config)#interface vlan3
ZXR10_R1(config-if)#ip address 103.1.1.1 255.255.255.252
ZXR10_R1(config)#interface vlan4
ZXR10_R1(config-if)#ip address 104.1.1.1 255.255.255.252
ZXR10_R1(config)#interface vlan5
ZXR10_R1(config-if)#ip address 105.1.1.1 255.255.255.252
ZXR10_R1(config)#interface vlan6
ZXR10_R1(config-if)#ip address 106.1.1.1 255.255.255.252
ZXR10_R1(config)#interface vlan7
ZXR10_R1(config-if)#ip address 107.1.1.1 255.255.255.252
ZXR10_R1(config)#interface vlan8
ZXR10_R1(config-if)#ip address 10.1.1.1 255.255.255.0
ZXR10_R1(config)#ip route 20.1.1.0 255.255.255.0 107.1.1.2 1 tag 157
ZXR10_R1(config)#ip route 20.1.1.0 255.255.255.0 106.1.1.2 1 tag 156
ZXR10_R1(config)#ip route 20.1.1.0 255.255.255.0 105.1.1.2 1 tag 155
ZXR10_R1(config)#ip route 20.1.1.0 255.255.255.0 104.1.1.2 1 tag 154
ZXR10_R1(config)#ip route 20.1.1.0 255.255.255.0 103.1.1.2 1 tag 153
ZXR10_R1(config)#ip route 20.1.1.0 255.255.255.0 102.1.1.2 1 tag 152
ZXR10_R1(config)#ip route 20.1.1.0 255.255.255.0 101.1.1.2 1 tag 151
Configuration of R2
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
242 Confidential and Proprietary Information of ZTE CORPORATION
ZXR10_R2(config)#interface vlan1
ZXR10_R2(config-if)#ip address 101.1.1.2 255.255.255.252
ZXR10_R2(config)#interface vlan2
ZXR10_R2(config-if)#ip address 102.1.1.2 255.255.255.252
ZXR10_R2(config)#interface vlan3
ZXR10_R2(config-if)#ip address 103.1.1.2 255.255.255.252
ZXR10_R2(config)#interface vlan4
ZXR10_R2(config-if)#ip address 104.1.1.2 255.255.255.252
ZXR10_R2(config)#interface vlan5
ZXR10_R2(config-if)#ip address 105.1.1.2 255.255.255.252
ZXR10_R2(config)#interface vlan6
ZXR10_R2(config-if)#ip address 106.1.1.2 255.255.255.252
ZXR10_R2(config)#interface vlan7
ZXR10_R2(config-if)#ip address 107.1.1.3 255.255.255.252
ZXR10_R2(config)#interface vlan8
ZXR10_R2(config-if)#ip address 20.1.1.1 255.255.255.0
ZXR10_R2(config)#ip route 10.1.1.0 255.255.255.0 107.1.1.1 1 tag 157
ZXR10_R2(config)#ip route 10.1.1.0 255.255.255.0 106.1.1.1 1 tag 156
ZXR10_R2(config)#ip route 10.1.1.0 255.255.255.0 105.1.1.1 1 tag 155
ZXR10_R2(config)#ip route 10.1.1.0 255.255.255.0 104.1.1.1 1 tag 154
ZXR10_R2(config)#ip route 10.1.1.0 255.255.255.0 103.1.1.1 1 tag 153
ZXR10_R2(config)#ip route 10.1.1.0 255.255.255.0 102.1.1.1 1 tag 152
ZXR10_R2(config)#ip route 10.1.1.0 255.255.255.0 101.1.1.1 1 tag 151
The 7 links between R1 and R2 achieve load balance. Users PC1 and PC2 can access each other via the 7 links.
OSPF Configuration of R1
ZXR10_R1(config)#router ospf 100
ZXR10_R1(config-router)#network 101.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R1(config-router)#network 102.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R1(config-router)#network 103.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R1(config-router)#network 104.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R1(config-router)#network 105.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R1(config-router)#network 106.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R1(config-router)#network 107.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R1(config-router)#network 10.1.1.0 0.0.0.255 area 0.0.0.0
ZXR10_R1(config-router)#maximum-paths 7
Configuration of R2
Chapter 23 Load Balance Configuration
Confidential and Proprietary Information of ZTE CORPORATION 243
ZXR10_R2(config)#router ospf 100
ZXR10_R2(config-router)#network 101.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R2(config-router)#network 102.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R2(config-router)#network 103.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R2(config-router)#network 104.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R2(config-router)#network 105.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R2(config-router)#network 106.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R2(config-router)#network 107.1.1.0 0.0.0.3 area 0.0.0.0
ZXR10_R2(config-router)#network 20.1.1.0 0.0.0.255 area 0.0.0.0
ZXR10_R2(config-router)#maximum-paths 7
The 7 links between R1 and R2 achieve load balance. Users PC1 and PC2 can access each other via the 7 links.
Load Balance Maintenance and Diagnosis Use the following commands to display relevant configurations and running information of load balance.
Command format Command mode Command function
show ip route [<ip-address> [<net-mask>]|<protocol>] All modes Display the global routing
table
In the load balance of static routes, 7 paths to the destination network 20.1.1.0/24 can be seen from R1.
ZXR10_R1#show ip route 20.1.1.0
IPv4 Routing Table:
Dest Mask Gw Interface Owner pri metr
20.1.1.0 255.255.255.0 107.1.1.1 vlan7 static 1 0
20.1.1.0 255.255.255.0 106.1.1.1 vlan6 static 1 0
20.1.1.0 255.255.255.0 105.1.1.1 vlan5 static 1 0
20.1.1.0 255.255.255.0 104.1.1.1 vlan4 static 1 0
20.1.1.0 255.255.255.0 103.1.1.1 vlan3 static 1 0
20.1.1.0 255.255.255.0 102.1.1.1 vlan2 static 1 0
20.1.1.0 255.255.255.0 101.1.1.1 vlan1 static 1 0
ZXR10_R1#
In the load balance of dynamic routes, 7 paths to the destination network 20.1.1.0/24 can be seen from R1.
ZXR10_R1#show ip route 20.1.1.0
IPv4 Routing Table:
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
244 Confidential and Proprietary Information of ZTE CORPORATION
Dest Mask Gw Interface Owner pri metr
20.1.1.0 255.255.255.0 107.1.1.1 vlan7 ospf 110 2
20.1.1.0 255.255.255.0 106.1.1.1 vlan6 ospf 110 2
20.1.1.0 255.255.255.0 105.1.1.1 vlan5 ospf 110 2
20.1.1.0 255.255.255.0 104.1.1.1 vlan4 ospf 110 2
20.1.1.0 255.255.255.0 103.1.1.1 vlan3 ospf 110 2
20.1.1.0 255.255.255.0 102.1.1.1 vlan2 ospf 110 2
20.1.1.0 255.255.255.0 101.1.1.1 vlan1 ospf 110 2
ZXR10_R1#
Confidential and Proprietary Information of ZTE CORPORATION 245
C h a p t e r 24
Network Management Configuration
This chapter describes the functions commonly used in network management, including Network Time Protocol (NTP), RADIUS Authentication, Simple Management Network Protocol (SNMP), Remote Monitoring (RMON) and System Log (SysLog).
In this chapter, you will learn about:
NTP
RADIUS Authentication
SNMP
Remote Monitoring
System Log
NTP NTP Overview NTP is applied to different network elements for time synchronization. The transmission of NTP itself is based on UDP. Devices enabling NTP adjust their system clocks by exchanging NTP messages and keep their clock in synchronization. ZXR10 T160G/T64G can be used as an NTP client in practical applications.
Configuring NTP The configuration of NTP includes:
Define a time server
Command format Command mode Command function
ntp server <ip-address> [version Global Defines a time server
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
246 Confidential and Proprietary Information of ZTE CORPORATION
<number>]
Enable NTP
Command format Command mode Command function
ntp enable Global Enables NTP
Configure the source address used for sending a Synchronize Time request via NTP
Command format Command mode Command function
ntp source <ip-address> Global
Configures the source address used for sending a Synchronize Time request via NTP
Check the NTP running status
Command format Command mode Command function
show ntp status All modes except user mode
Displays the NTP running status
Examples of Configuring NTP As shown in Figure 74, the routing switch is used as an NTP client. Suppose the NTP is version 2.
F I G U R E 74 E X AM P L E O F C O N F I G U R I N G NTP
NTP Server
vlan24192.168.2.2/24
192.168.2.1/24
ZXR10
Configuration of ZXR10
ZXR10(config)#interface vlan2
ZXR10(config-if)#ip address 192.168.2.2 255.255.255.0
ZXR10(config-if)#exit
ZXR10(config)#ntp enable
ZXR10(config)#ntp server 192.168.2.1 version 2
Chapter 24 Network Management Configuration
Confidential and Proprietary Information of ZTE CORPORATION 247
RADIUS Authentication RADIUS Overview Remote Authentication Dial-In User Service (RADIUS) is a standard authorization, authentication and accounting (AAA) protocol. To the routing switch, AAA allows the users accessing the switch to be authenticated to prevent illegal users and improve the device security.
ZXR10 T160G/T64G supports the RADIUS authentication function for authenticating Telnet users accessing the routing switch.
ZXR10 T160G/T64G supports multiple RADIUS server groups. Each RADIUS group can be configured with 3 authentication servers. A server timeout parameter and the number of timeout retransmissions can be set for each group. The administrators can select specific RADIUS servers by configuring different RADIUS groups.
Configuring RADIUS The configuration of RADIUS includes:
Configure RADIUS servers
Command format Command mode Command function
radius server <group-number> authen {master|slave|third} <ip-address> <port> <key>
Global Sets a configuration group for the RADIUS server authentication
Configure Radius server parameters
Command format Command mode Command function
radius server timeout <group-number> <timeout>
Global Sets the timeout of the authentication request for RADIUS servers
radius server retry-time <group-number> <times>
Global
Sets the number of retries when the authentication request of a RADIUS server times out
User configuration
Command format Command mode Command function
user-authentication-type {local|radius <group>}
Global Specifies the type of user authentication for Telnet login
Example of Configuring RADIUS Configure a RADIUS group with the timeout set to 3 seconds and the number of retries set to 3. The network between the RADIUS servers and the routing switch is reachable.
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
248 Confidential and Proprietary Information of ZTE CORPORATION
See the configuration below:
ZXR10(config)#radius server 1 authentication master 192.168.4.45 1812
demoradius
ZXR10(config)#radius server 1 authentication slave 192.168.4.46 1812
demoradius2
ZXR10(config)#radius server timeout 1 3
ZXR10(config)#radius server retry-time 1 3
ZXR10(config)#user-authentication-type radius 1
SNMP SNMP Overview SNMP is one of the most popular network management protocols. This protocol enables a network management server to manage all the devices in a network.
SNMP allows the management based on server and client. The background network management server acts as the SNMP server. The foreground network equipment acts as the SNMP client. The foreground and background systems share the same MIB management database and communicate with each other via SNMP. The routing switch acts as an SNMP agent. A specified SNMP server should be configured. Contents allowed to be collected by network administrators and the collection rights should also be defined. ZXR10 T160G/T64G supports multiple versions of SNMP.
Configuring SNMP The SNMP configuration on ZXR10 T160G/T64G includes:
Set the community name in an SNMP message
Command format Command mode Command function
snmp-server community <community-name> [view <view-name>] [ro|rw]
Global Sets the community name in an SNMP message
The SNMPv1/v2c authentication is based on community. An SNMP community is named using a character string. Different communities can be assigned read-only or read-write privileges. Communities with the read-only privilege can only query device information. Those with the read-write privilege can configure the devices.
However, the privileges of both read-only and read-write are limited by view. Operations are allowed within the scope of view only. If the view parameter is omitted, the default view in the system is used. If the ro/rw parameter is omitted, ro (read-only) is used.
Chapter 24 Network Management Configuration
Confidential and Proprietary Information of ZTE CORPORATION 249
Define an SNMPv2 view
Command format Command mode Command function
snmp-server view <view-name> <subtree-id> {included|excluded} Global Defines an SNMPv2 view
The included or excluded parameter of this command adds or removes <subtree-ID> from the specified view. Configurations are allowed for many times for the same <view-name>, which results in a set of cooperating commands.
Set the system contact (sysContact) for the MIB objects
Command format Command mode Command function
snmp-server contact <mib-syscontact-text>
Global Sets the system contact for an MIB object
sysContact is a management variable in the system group in MIB II. It contains the ID and contact of the person relevant to a managed device.
Set the location (sysLocation) of the system of an MIB object
Command format Command mode Command function
snmp-server location <mib-syslocation-text>
Global Sets the location of the system of an MIB object
sysLocation is a management variable in the system group in MIB II. It is used to indicate the locations of managed devices.
Set the type of TRAP allowed to be sent
Command format Command mode Command function
snmp-server enable trap [<notification-type>] Global Sets the type of trap allowed
to be sent by a proxy
Trap is the information a managed device sends to the Network Management System (NMS) without request. It is used to report emergent and important events.
Set a trap destination host
Command format Command mode Command function
snmp-server host [mng|vrf <vrf-name>] <ip-address> [trap|inform] [version {1|2c|3 {auth|noauth|priv}}] <community-name> [udp-port <udp-port>] […<trap-type>]
Global
Configures the sending address, port, version and type of the trap or inform for the host
ZXR10 T160G/T64G supports 5 types of conventional traps: snmp, bgp, ospf, rmon and stalarm.
View relevant information of SNMP
Command format Command mode Command function
show snmp All modes except user mode
Displays the statistics on SNMP messages
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
250 Confidential and Proprietary Information of ZTE CORPORATION
View the configuration information of SNMP
Command format Command mode Command function
show snmp config All modes except user mode
Displays the configuration information of the SNMP module
Example of Configuring SNMP The following is an example of SNMP configuration.
ZXR10(config)#snmp-server view myViewName 1.3.6.1.2.1 included
ZXR10(config)#snmp-server community myCommunity view myview rw
ZXR10(config)#snmp host 168.1.1.1 ver 1 community-name ospf
ZXR10(config)#snmp-server location this is ZXR10 in china
ZXR10(config)#snmp-server contant this is ZXR10, tel: (025)2872006
Remote Monitoring Remote Monitoring Overview The Remote Monitoring (RMON) system is used to monitor the services on remote-ends. With RMON, a remote probe is used to collect and process data, i.e. the routing switch system. The routing switch also includes RMON agent software communicating with the NMS via SNMP. Information is transferred from the routing switch to the NMS only when it is required.
Configuring RMON The RMON configuration on ZXR10 T160G/T64G includes:
Enable statistics on an interface (only for Ethernet)
Command format Command mode Command function
rmon collection statistics <index> [owner <string>] Port Enables statistics on a port
Set alarms and MIB objects
Command format Command mode Command function
rmon alarm <index> <variable> <interval> {delta|absolute} rising-thershold <value> [<event-index>] falling-threshold <value> [<event-index>] [owner <string>]
Global Sets alarms and MIB objects
Enable history collection on an interface
Chapter 24 Network Management Configuration
Confidential and Proprietary Information of ZTE CORPORATION 251
Command format Command mode Command function
rmon collection history <index> [owner <string>] [buckets <bucket-number>] [interval <seconds>]
Port Enables history collection on an interface
Configure an event
Command format Command mode Command function
rmon event <index> [log] [trap <community>] [description <string>] [owner <string>]
Global Configures an event
Display the RMON configuration and related information
Command format Command mode Command function
show rmon [alarms] [events] [history] [statistics]
All modes except user mode
Displays the RMON configuration and related information
Examples of Configuring RMON The following are examples of SNMP configurations.
Configure and enable the RMON statistics control entry
ZXR10(config)#interface fei_1/1
ZXR10(config-if)#rmon collection statistics 1 owner rmontest
ZXR10(config-if)#
Suppose n computers are connected to port fei_1/1. When these computers communicate on a subnetwork, traffic statistics can be viewed via the network management software or using a show command.
ZXR10#show rmon statistics
EtherStatsEntry 1 is active, and owned by rmontest
Monitors ifEntry.1.1 which has
Received 60739740 octets, 201157 packets,
1721 broadcast and 9185 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 32 collisions.
# of dropped packet events (due to lack of resources): 511
# of packets received of length (in octets):
64: 92955, 65-127: 14204, 128-255: 1116,
256-511: 4479, 512-1023: 85856, 1024-1518:2547
ZXR10#
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
252 Confidential and Proprietary Information of ZTE CORPORATION
Configure and enable the RMON history control entry
ZXR10(config)#interface fei_1/1
ZXR10(config-if)#rmon collection history 1 bucket 10 interval 10 owner
rmontest
ZXR10(config-if)#
Use a show command to view the RMON history information
ZXR10#show rmon history
Entry 1 is active, and owned by rmontest
Monitors ifEntry.1.1 every 10 seconds
Requested # of time intervals, ie buckets, is 10
Granted # of time intervals, ie buckets, is 10
Sample # 1 began measuring at 00:11:00
Received 38346 octets, 216 packets,
0 broadcast and 80 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 0 collisions.
# of dropped packet events is 0
Network utilization is estimated at 1
Configure and enable the RMON alarm control entry
ZXR10(config)#rmon alarm 1 system.3.0 10 absolute rising-threshold
1000 1 Falling-threshold 10 0 owner rmontest
ZXR10(config)#
Use a show command to view the RMON alarm information
ZXR10#show rmon alarm
Alarm 1 is active, owned by rmontest
Monitors system.3.0 every 10 seconds
Taking absolute samples, last value was 54000
Rising threshold is 1000, assigned to event 1
Falling threshold is 10, assigned to event 0
On startup enable rising or falling alarm
ZXR10#
Configure and enable event
ZXR10(config)#rmon event 1 log trap rmontrap description test owner
rmontest
ZXR10(config)#
Configure an alarm control entry and wait for 10s. Use a show command to view the contents of the RMON event.
ZXR10#show rmon event
Event 1 is active, owned by rmontest
Chapter 24 Network Management Configuration
Confidential and Proprietary Information of ZTE CORPORATION 253
Description is test
Event firing causes log and trap to community rmontrap, last fired
05:40:20
Current log entries:
index time description
1 05:40:14 test
ZXR10#
System Log SysLog Overview ZXR10 T160G/T64G allows the user to set and query logs. Log information makes it easy for maintaining the routing switch regularly. Log information allows you to view the alarm information and port status changes on the routing switch. Logs can be displayed on the configured terminals in real time, or saved on the routing switch or a background log server in files. You can enable the SysLog protocol on ZXR10 T160G/T64G to transmit the logs by communicating with the background syslog server via the protocol.
Configuring SysLog The configuration of SysLog includes:
Enable log
Command format Command mode Command function
logging on Global Enables log
Set the size of log buffer
Command format Command mode Command function
logging buffer <buffer-size> Global Sets the size of log buffer
Set a log cleanup mode
Command format Command mode Command function
logging mode <mode> [<interval>] Global Sets a log cleanup mode
Set the level of logs to be displayed on a console interface or telnet interface
Command format Command mode Command function
logging console <level> Global Sets the level of logs to be displayed on a console interface or telnet interface
Set the level of logs to be saved in the log cache
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
254 Confidential and Proprietary Information of ZTE CORPORATION
Command format Command mode Command function
logging level <level> Global Sets the level of logs to be saved in the log cache
Set the parameters of the FTP log server
Command format Command mode Command function
logging ftp <level> [vrf <vrf-name>|mng] <ftp-server> <username> <password> [<filename>]
Global Sets the parameters of the FTP log server
Set the parameters of the background SysLog server
Command format Command mode Command function
syslog on Global Enables SysLog protocol processing
syslog level <level> Global Sets a log level for SysLog protocol processing
syslog server [vrf <vrf-name>|mng] <ip-address> [fport <fport>] [lport <lport>]
Global Sets the parameters of the background SysLog server
View log information
Command format Command mode Command function
show logging alarm {[typeid <type>] [start-date <date>] [end-date <date>] [level <level>]}
All modes except user mode Displays log information
The types of supported alarmed information include environment, board, port, ROS, database, OAM, security, OSPF, RIP, BGP, DRP, TCP-UDP, IP, IGMP, Telnet, ARP, ISIS, ICMP, SNMP and RMON.
Example of Configuring SysLog The following is an example of setting SysLog. Before configuring SysLog, enable the log function using the logging on command.
ZXR10(config)#logging on
ZXR10(config)#logging buffer 100
ZXR10(config)#logging mode FULLCLEAR
ZXR10(config)#logging console warnings
ZXR10(config)#logging level errors
ZXR10(config)#logging ftp notificational 168.1.70.100 target target
zxralarm.log
Confidential and Proprietary Information of ZTE CORPORATION 255
Acronyms and Abbreviations
Abbreviation Full Name
ABR Area Border Router
ACL Access Control List
AD Administrative Distance
ARP Address Resolution Protocol
AS Autonomous System
ASBR Autonomous System Border Router
ATM Asynchronous Transfer Mode
BGP Border Gateway Protocol
BOOTP BOOTstrap Protocol
BRD Backup Designate Router
CHAP Challenge Handshake Authentication Protocol
CIDR Classless Inter-Domain Routing
CLNP ConnectionLess Network Protocol
CLNS ConnectionLess Network Service
CoS Class of Service
CRC Cyclic Redundancy Check
CRLDP Constraint based Routing Label Distribution Protocol
CSN Cryptographic Sequence Number
DHCP Dynamic Host Configuration Protocol
DIS Designate IS
DNS Domain Name System
DR Designate Router
EBGP External Border Gateway Protocol
EGP External Gateway Protocol
ES End System
FEC Forwarding Equivalence Class
FIFO First In and First Out
FPGA Field Programmable Gate Array
FSM Finite State Machine
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
256 Confidential and Proprietary Information of ZTE CORPORATION
Abbreviation Full Name
FTP File Transfer Protocol
GBIC Gigabit Interface Converter
GRE General Routing Encapsulation
ICMP Internet Control Message Protocol
IETF Internet Engineering Task Force
IGMP Internet Group Management Protocol
IGP Interior Gateway Protocol
IP Internet Protocol
ISO International Organization for Standardization
ISP Internet Service Provider
LACP Link Aggregation Control Protocol
LAN Local Area Network
LAPB Link Access Procedure Balanced
LCP Link Control Protocol
LDP Label Distribution Protocol
LSA Link State Advertisement
LSP Link State PDU
LSR Label Switch Router
MAC Media Access Control
MD5 Message Digest 5
MED MULTI_EXIT_DISC
MIB Management Information Base
MPLS Multi-Protocol Label Switching
MSTP Multiple Spanning Tree Protocol
MTU Maximum Transmission Unit
NAT Network Address Translation
NBMA Non-Broadcast Multiple Access
NCP Network Control Protocol
NIC Network Information Center
NLRI Network Layer Reachable Information
NMS Network Management System
NSAP Network Service Access Point
NSP Network Service Provider
NTP Network Time Protocol
NVT Network Virtual Terminal
OAM Operation And Management
Acronyms and Abbreviations
Confidential and Proprietary Information of ZTE CORPORATION 257
Abbreviation Full Name
OSI Open Systems Interconnection
OSPF Open Shortest Path First
PAP Password Authentication Protocol
PAT Port Address Translation
PCM Pulse Code Modulation
PDU Protocol Data Unit
POS Packet over SDH
PPP Point-to-Point Protocol
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
258 Confidential and Proprietary Information of ZTE CORPORATION
This page is intentionally blank.
Confidential and Proprietary Information of ZTE CORPORATION 259
Figures
Figure 1 ZXR10 T160G/T64G sketch map of system principle ...........................10 Figure 2 Abridged General View of ZXR10 T160G components position...............11 Figure 3 ZXR10 T160G Front Panel ...............................................................12 Figure 4 Abridged General View of ZXR10 T64G components position ................13 Figure 5 ZXR10 T64G Front Panel .................................................................13 Figure 6 The front panel of ZXR10 T160G MCS ...............................................14 Figure 7 The front panel of ZXR10 T64G MCS.................................................14 Figure 8 Front panel of 44+4 fast Ethernet electrical interface board .................17 Figure 9 Front panel view of twelve-port gigabit Ethernet optical interface..........18 Figure 10 Front panel view of twenty-four-port gigabit Ethernet optical interface
board................................................................................................19 Figure 11 Front panel view of twelve-port gigabit Ethernet electrical interface board
........................................................................................................20 Figure 12 Front panel view of twenty-four-port gigabit Ethernet electrical interface
board................................................................................................22 Figure 13 Front panel view of one-port 10-gigabit Ethernet optical interface board
........................................................................................................23 Figure 14 Front panel view of two-port 10-gigabit Ethernet optical interface board
........................................................................................................24 Figure 15 Front panel view of power supply module ........................................26 Figure 16 Rear panel view of DC power supply board.......................................26 Figure 17 Rear panel view of AC power supply board.......................................26 Figure 18 Front Panel View of Fan Plug-in Box ................................................28 Figure 19 ZXR10 T160G/T64G Configuration Mode..........................................30 Figure 20 Hyperterminal Configuration 1 .......................................................31 Figure 21 Hyperterminal Configuration 2 .......................................................31 Figure 22 Hyperterminal Configuration 3 .......................................................32 Figure 23 Running Telnet ............................................................................33 Figure 24 Telnet login schematic diagram ......................................................34 Figure 25 Setting the IP address and port No of SSH server .............................36 Figure 26 Setting SSH version......................................................................37 Figure 27 WFTPD Window............................................................................38 Figure 28 User/Rights Security Dialog Box .....................................................38 Figure 29 TFTPD Window.............................................................................39 Figure 30 Configuration Dialog Box...............................................................40 Figure 31 Example of Port Mirroring..............................................................66 Figure 32 The Format of VLAN Tag ...............................................................70 Figure 33 Typical Networking of VLAN ...........................................................74 Figure 34 Typical QinQ Networking ...............................................................76 Figure 35 Example of SuperVLAN Configuration ............................................79 Figure 36 Example of MAC Address Table Configuration ...................................90 Figure 37 MSTP Configuration Example Networking Diagram 1........................100 Figure 38 MSTP Configuration Example Networking Diagram 2........................101 Figure 39 Example of Link Aggregation Configuration ....................................105 Figure 40 IGMP Snooping Application ..........................................................109 Figure 41 Example of IGMP Snooping Configuration ......................................113 Figure 42 Configuring Static Route .............................................................120 Figure 43 Static Routes Summarization .......................................................121 Figure 44 Configure Default Route ..............................................................122
ZXR10 T160G/T64G (V2.6) 10-Gigabit Routing Switch User Manual
260 Confidential and Proprietary Information of ZTE CORPORATION
Figure 45 Basic RIP Configuration...............................................................129 Figure 46 OSPF Router Types.....................................................................134 Figure 47 Basic OSPF Configuration ............................................................141 Figure 48 Example of Multi-Area OSPF Configuration .....................................142 Figure 49 Example of OSPF Virtual Link Configuration....................................144 Figure 50 Example of OSPF Authentication Configuration ...............................145 Figure 51 IS-IS Area Diagram....................................................................151 Figure 52 IS-IS Configuration in Single Area ................................................156 Figure 53 IS-IS Configuration in Multi Area ..................................................157 Figure 54 Basic BGP Configuration ..............................................................165 Figure 55 Advertising BGP Routes...............................................................166 Figure 56 Advertising BGP Aggregation .......................................................167 Figure 57 Configuring BGP Multihop ............................................................168 Figure 58 Filtering Routes via NLRI .............................................................170 Figure 59 Configuring the Local Preference Attribute .....................................172 Figure 60 Configuring the MED Attribute......................................................173 Figure 61 Configuring BGP Synchronization..................................................176 Figure 62 Configuring BGP Route Reflectors .................................................177 Figure 63 Configuring BGP Confederation ....................................................179 Figure 64 Example of Configuring BGP ........................................................181 Figure 65 Example of Configuring Multicasting..............................................197 Figure 66 Example of Configuring ACL.........................................................212 Figure 67 Example of a Typical QoS Configuration.........................................223 Figure 68 Example of Configuring Policy Routing...........................................224 Figure 69 Configuring a DHCP Server ..........................................................230 Figure 70 Configuring a DHCP Relay ...........................................................231 Figure 71 Basic VRRP Configuration ............................................................235 Figure 72 Symmetric VRRP Configuration.....................................................236 Figure 73 Example of Configuring Load Balance............................................241 Figure 74 Example of Configuring NTP.........................................................246
Confidential and Proprietary Information of ZTE CORPORATION 261
Tables
Table 1 Typographical Conventions................................................................iii Table 2 Mouse Operation Conventions............................................................iv Table 3 Safety Signs....................................................................................iv Table 4 ZXR10 T160G/T64G Technical Features and Parameters ...................... 6 Table 5 Features of Fast Ethernet Management Interface ................................ 15 Table 6 Functional description of front panel LEDs in the control switching board 15 Table 7 Functional description of buttons in the control switching board ............ 16 Table 8 Characteristics of 44+4 Fast Ethernet Electrical Interface Board............ 17 Table 9 Functional description of front panel LEDs in 44+4 fast Ethernet interface
board............................................................................................... 17 Table 10 Characteristics of twelve-port gigabit Ethernet optical interface board .. 18 Table 11 Functional description of front panel LEDs in 12-port gigabit Ethernet optical
interface board.................................................................................. 18 Table 12 Characteristics of twenty-four-port gigabit Ethernet optical interface board
....................................................................................................... 19 Table 13 Functional description of front panel LEDs in 24-port gigabit Ethernet optical
interface board.................................................................................. 20 Table 14 Characteristics of twelve-port gigabit Ethernet electrical interface board21 Table 15 Functional description of front panel LEDs in 12-port gigabit Ethernet
electrical interface board..................................................................... 21 Table 16 Characteristics of twenty-four-port gigabit Ethernet electrical interface
board............................................................................................... 22 Table 17 Functional description of front panel LEDs in 24-port gigabit Ethernet
electrical interface board..................................................................... 23 Table 18 Characteristics of one-port 10-gigabit Ethernet optical interface board . 24 Table 19 Functional description of front panel LEDs in one-port 10-gigabit Ethernet
optical interface board........................................................................ 24 Table 20 Characteristics of two-port 10-gigabit Ethernet optical interface board . 25 Table 21 Functional description of front panel LEDs in two-port 10-gigabit Ethernet
optical interface board........................................................................ 25 Table 22 Command Mode ........................................................................... 41 Table 23 Range of IP Addresses .................................................................115
Recommended