mirror of
https://git.proxmox.com/git/mirror_frr
synced 2025-08-02 15:13:20 +00:00
doc: use frr syntax highlighting
* Use highlighter added in previous commit * Correct indentation where I came across it Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This commit is contained in:
parent
d5403d4f40
commit
9eb95b3b0a
@ -42,7 +42,7 @@ Config files are generally found in |INSTALL_PREFIX_ETC|.
|
||||
Each of the daemons has its own config file. The daemon name plus ``.conf`` is
|
||||
the default config file name. For example, zebra's default config file name is
|
||||
:file:`zebra.conf`. You can specify a config file using the :option:`-f` or
|
||||
:option:`--config-file` options when starting the daemon.
|
||||
:option:`--config_file` options when starting the daemon.
|
||||
|
||||
.. _basic-config-commands:
|
||||
|
||||
@ -261,27 +261,27 @@ Sample Config File
|
||||
|
||||
Below is a sample configuration file for the zebra daemon.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
! Zebra configuration file
|
||||
!
|
||||
hostname Router
|
||||
password zebra
|
||||
enable password zebra
|
||||
!
|
||||
log stdout
|
||||
!
|
||||
!
|
||||
!
|
||||
! Zebra configuration file
|
||||
!
|
||||
hostname Router
|
||||
password zebra
|
||||
enable password zebra
|
||||
!
|
||||
log stdout
|
||||
!
|
||||
!
|
||||
|
||||
|
||||
'!' and '#' are comment characters. If the first character of the word
|
||||
is one of the comment characters then from the rest of the line forward
|
||||
will be ignored as a comment.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
password zebra!password
|
||||
password zebra!password
|
||||
|
||||
If a comment character is not the first character of the word, it's a
|
||||
normal character. So in the above example '!' will not be regarded as a
|
||||
@ -466,32 +466,32 @@ is no VTY password, one cannot connect to the VTY interface at all.
|
||||
|
||||
::
|
||||
|
||||
% telnet localhost 2601
|
||||
Trying 127.0.0.1...
|
||||
Connected to localhost.
|
||||
Escape character is '^]'.
|
||||
% telnet localhost 2601
|
||||
Trying 127.0.0.1...
|
||||
Connected to localhost.
|
||||
Escape character is '^]'.
|
||||
|
||||
Hello, this is |PACKAGE_NAME| (version |PACKAGE_VERSION|)
|
||||
|COPYRIGHT_STR|
|
||||
Hello, this is |PACKAGE_NAME| (version |PACKAGE_VERSION|)
|
||||
|COPYRIGHT_STR|
|
||||
|
||||
User Access Verification
|
||||
User Access Verification
|
||||
|
||||
Password: XXXXX
|
||||
Router> ?
|
||||
enable . . . Turn on privileged commands
|
||||
exit . . . Exit current mode and down to previous mode
|
||||
help . . . Description of the interactive help system
|
||||
list . . . Print command list
|
||||
show . . . Show system inform
|
||||
Password: XXXXX
|
||||
Router> ?
|
||||
enable . . . Turn on privileged commands
|
||||
exit . . . Exit current mode and down to previous mode
|
||||
help . . . Description of the interactive help system
|
||||
list . . . Print command list
|
||||
show . . . Show system inform
|
||||
|
||||
wh. . . Display who is on a vty
|
||||
Router> enable
|
||||
Password: XXXXX
|
||||
Router# configure terminal
|
||||
Router(config)# interface eth0
|
||||
Router(config-if)# ip address 10.0.0.1/8
|
||||
Router(config-if)# ^Z
|
||||
Router#
|
||||
wh. . . Display who is on a vty
|
||||
Router> enable
|
||||
Password: XXXXX
|
||||
Router# configure terminal
|
||||
Router(config)# interface eth0
|
||||
Router(config-if)# ip address 10.0.0.1/8
|
||||
Router(config-if)# ^Z
|
||||
Router#
|
||||
|
||||
|
||||
:kbd:`?` and the ``find`` command are very useful for looking up commands.
|
||||
@ -545,22 +545,22 @@ These commands are used for moving the CLI cursor. The :kbd:`C` character
|
||||
means press the Control Key.
|
||||
|
||||
:kbd:`C-f` / :kbd:`LEFT`
|
||||
Move forward one character.
|
||||
Move forward one character.
|
||||
|
||||
:kbd:`C-b` / :kbd:`RIGHT`
|
||||
Move backward one character.
|
||||
Move backward one character.
|
||||
|
||||
:kbd:`M-f`
|
||||
Move forward one word.
|
||||
Move forward one word.
|
||||
|
||||
:kbd:`M-b`
|
||||
Move backward one word.
|
||||
Move backward one word.
|
||||
|
||||
:kbd:`C-a`
|
||||
Move to the beginning of the line.
|
||||
Move to the beginning of the line.
|
||||
|
||||
:kbd:`C-e`
|
||||
Move to the end of the line.
|
||||
Move to the end of the line.
|
||||
|
||||
|
||||
.. _cli-editing-commands:
|
||||
@ -573,31 +573,31 @@ character means press the Control Key.
|
||||
|
||||
|
||||
:kbd:`C-h` / :kbd:`DEL`
|
||||
Delete the character before point.
|
||||
Delete the character before point.
|
||||
|
||||
|
||||
:kbd:`C-d`
|
||||
Delete the character after point.
|
||||
Delete the character after point.
|
||||
|
||||
|
||||
:kbd:`M-d`
|
||||
Forward kill word.
|
||||
Forward kill word.
|
||||
|
||||
|
||||
:kbd:`C-w`
|
||||
Backward kill word.
|
||||
Backward kill word.
|
||||
|
||||
|
||||
:kbd:`C-k`
|
||||
Kill to the end of the line.
|
||||
Kill to the end of the line.
|
||||
|
||||
|
||||
:kbd:`C-u`
|
||||
Kill line from the beginning, erasing input.
|
||||
Kill line from the beginning, erasing input.
|
||||
|
||||
|
||||
:kbd:`C-t`
|
||||
Transpose character.
|
||||
Transpose character.
|
||||
|
||||
|
||||
CLI Advanced Commands
|
||||
@ -608,27 +608,27 @@ insta-help, and VTY session management.
|
||||
|
||||
|
||||
:kbd:`C-c`
|
||||
Interrupt current input and moves to the next line.
|
||||
Interrupt current input and moves to the next line.
|
||||
|
||||
|
||||
:kbd:`C-z`
|
||||
End current configuration session and move to top node.
|
||||
End current configuration session and move to top node.
|
||||
|
||||
|
||||
:kbd:`C-n` / :kbd:`DOWN`
|
||||
Move down to next line in the history buffer.
|
||||
Move down to next line in the history buffer.
|
||||
|
||||
|
||||
:kbd:`C-p` / :kbd:`UP`
|
||||
Move up to previous line in the history buffer.
|
||||
Move up to previous line in the history buffer.
|
||||
|
||||
|
||||
:kbd:`TAB`
|
||||
Use command line completion by typing :kbd:`TAB`.
|
||||
Use command line completion by typing :kbd:`TAB`.
|
||||
|
||||
|
||||
:kbd:`?`
|
||||
You can use command line help by typing `help` at the beginning of
|
||||
the line. Typing :kbd:`?` at any point in the line will show possible
|
||||
completions.
|
||||
You can use command line help by typing ``help`` at the beginning of the
|
||||
line. Typing :kbd:`?` at any point in the line will show possible
|
||||
completions.
|
||||
|
||||
|
@ -470,12 +470,14 @@ BGP route
|
||||
.. index:: network A.B.C.D/M
|
||||
.. clicmd:: network A.B.C.D/M
|
||||
|
||||
This command adds the announcement network.::
|
||||
This command adds the announcement network.
|
||||
|
||||
router bgp 1
|
||||
address-family ipv4 unicast
|
||||
network 10.0.0.0/8
|
||||
exit-address-family
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 1
|
||||
address-family ipv4 unicast
|
||||
network 10.0.0.0/8
|
||||
exit-address-family
|
||||
|
||||
This configuration example says that network 10.0.0.0/8 will be
|
||||
announced to all neighbors. Some vendors' routers don't advertise
|
||||
@ -603,15 +605,17 @@ Defining Peer
|
||||
.. clicmd:: neighbor PEER remote-as ASN
|
||||
|
||||
Creates a new neighbor whose remote-as is ASN. PEER can be an IPv4 address
|
||||
or an IPv6 address or an interface to use for the connection.::
|
||||
or an IPv6 address or an interface to use for the connection.
|
||||
|
||||
router bgp 1
|
||||
neighbor 10.0.0.1 remote-as 2
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 1
|
||||
neighbor 10.0.0.1 remote-as 2
|
||||
|
||||
In this case my router, in AS-1, is trying to peer with AS-2 at 10.0.0.1.
|
||||
|
||||
This command must be the first command used when configuring a neighbor. If
|
||||
the remote-as is not specified, *bgpd* will complain like this:::
|
||||
the remote-as is not specified, *bgpd* will complain like this: ::
|
||||
|
||||
can't find neighbor 10.0.0.1
|
||||
|
||||
@ -711,7 +715,9 @@ required.
|
||||
Specify the IPv4 source address to use for the :abbr:`BGP` session to this
|
||||
neighbour, may be specified as either an IPv4 address directly or as an
|
||||
interface name (in which case the *zebra* daemon MUST be running in order
|
||||
for *bgpd* to be able to retrieve interface state).::
|
||||
for *bgpd* to be able to retrieve interface state).
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64555
|
||||
neighbor foo update-source 192.168.0.1
|
||||
@ -1187,7 +1193,10 @@ Following configuration is the most typical usage of BGP communities
|
||||
attribute. AS 7675 provides upstream Internet connection to AS 100.
|
||||
When following configuration exists in AS 7675, AS 100 networks
|
||||
operator can set local preference in AS 7675 network by setting BGP
|
||||
communities attribute to the updates.::
|
||||
communities attribute to the updates.
|
||||
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 7675
|
||||
neighbor 192.168.0.1 remote-as 100
|
||||
@ -1218,7 +1227,9 @@ communities attribute to the updates.::
|
||||
Following configuration announce 10.0.0.0/8 from AS 100 to AS 7675.
|
||||
The route has communities value 7675:80 so when above configuration
|
||||
exists in AS 7675, announced route's local preference will be set to
|
||||
value 80.::
|
||||
value 80.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 100
|
||||
network 10.0.0.0/8
|
||||
@ -1238,7 +1249,9 @@ Following configuration is an example of BGP route filtering using
|
||||
communities attribute. This configuration only permit BGP routes
|
||||
which has BGP communities value 0:80 or 0:90. Network operator can
|
||||
put special internal communities value at BGP border router, then
|
||||
limit the BGP routes announcement into the internal network.::
|
||||
limit the BGP routes announcement into the internal network.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 7675
|
||||
neighbor 192.168.0.1 remote-as 100
|
||||
@ -1254,7 +1267,9 @@ limit the BGP routes announcement into the internal network.::
|
||||
|
||||
Following exmaple filter BGP routes which has communities value 1:1.
|
||||
When there is no match community-list returns deny. To avoid
|
||||
filtering all of routes, we need to define permit any at last.::
|
||||
filtering all of routes, we need to define permit any at last.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 7675
|
||||
neighbor 192.168.0.1 remote-as 100
|
||||
@ -1273,7 +1288,9 @@ Communities value keyword `internet` has special meanings in
|
||||
standard community lists. In below example `internet` act as
|
||||
match any. It matches all of BGP routes even if the route does not
|
||||
have communities attribute at all. So community list ``INTERNET``
|
||||
is same as above example's ``FILTER``.::
|
||||
is same as above example's ``FILTER``.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
ip community-list standard INTERNET deny 1:1
|
||||
ip community-list standard INTERNET permit internet
|
||||
@ -1282,7 +1299,9 @@ is same as above example's ``FILTER``.::
|
||||
Following configuration is an example of communities value deletion.
|
||||
With this configuration communities value 100:1 and 100:2 is removed
|
||||
from BGP updates. For communities value deletion, only `permit`
|
||||
community-list is used. `deny` community-list is ignored.::
|
||||
community-list is used. `deny` community-list is ignored.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 7675
|
||||
neighbor 192.168.0.1 remote-as 100
|
||||
@ -1379,11 +1398,9 @@ Lists.
|
||||
.. clicmd:: show ip extcommunity-list NAME
|
||||
|
||||
This command displays current extcommunity-list information. When `name` is
|
||||
specified the community list's information is shown.
|
||||
specified the community list's information is shown.::
|
||||
|
||||
::
|
||||
|
||||
# show ip extcommunity-list
|
||||
# show ip extcommunity-list
|
||||
|
||||
|
||||
.. _bgp-extended-communities-in-route-map:
|
||||
@ -1930,7 +1947,9 @@ neighbor. If a user manually disables the feature, the community attribute is
|
||||
not sent to the neighbor. When ``bgp config-type cisco`` is specified, the
|
||||
community attribute is not sent to the neighbor by default. To send the
|
||||
community attribute user has to specify *neighbor A.B.C.D send-community*
|
||||
command.::
|
||||
command.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
router bgp 1
|
||||
@ -1966,17 +1985,17 @@ multiple instance feature is enabled.
|
||||
|
||||
Make a new BGP instance. You can use an arbitrary word for the `name`.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
bgp multiple-instance
|
||||
!
|
||||
router bgp 1
|
||||
neighbor 10.0.0.1 remote-as 2
|
||||
neighbor 10.0.0.2 remote-as 3
|
||||
!
|
||||
router bgp 2
|
||||
neighbor 10.0.0.3 remote-as 4
|
||||
neighbor 10.0.0.4 remote-as 5
|
||||
bgp multiple-instance
|
||||
!
|
||||
router bgp 1
|
||||
neighbor 10.0.0.1 remote-as 2
|
||||
neighbor 10.0.0.2 remote-as 3
|
||||
!
|
||||
router bgp 2
|
||||
neighbor 10.0.0.3 remote-as 4
|
||||
neighbor 10.0.0.4 remote-as 5
|
||||
|
||||
|
||||
BGP view is almost same as normal BGP process. The result of route selection
|
||||
@ -1991,7 +2010,7 @@ routing information.
|
||||
|
||||
With this command, you can setup Route Server like below.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
bgp multiple-instance
|
||||
!
|
||||
@ -2010,7 +2029,9 @@ Routing policy
|
||||
--------------
|
||||
|
||||
You can set different routing policy for a peer. For example, you can set
|
||||
different filter for a peer.::
|
||||
different filter for a peer.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
bgp multiple-instance
|
||||
!
|
||||
@ -2084,10 +2105,10 @@ _
|
||||
How to set up a 6-Bone connection
|
||||
=================================
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
bgpd configuration
|
||||
==================
|
||||
! bgpd configuration
|
||||
! ==================
|
||||
!
|
||||
! MP-BGP configuration
|
||||
!
|
||||
@ -2171,7 +2192,9 @@ Dump BGP packets and table
|
||||
BGP Configuration Examples
|
||||
==========================
|
||||
|
||||
Example of a session to an upstream, advertising only one prefix to it.::
|
||||
Example of a session to an upstream, advertising only one prefix to it.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
bgp router-id 10.236.87.1
|
||||
@ -2196,7 +2219,7 @@ feature to support selective advertising of prefixes. This example is intended
|
||||
as guidance only, it has NOT been tested and almost certainly containts silly
|
||||
mistakes, if not serious flaws.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
bgp router-id 10.236.87.1
|
||||
|
@ -99,7 +99,7 @@ EIGRP Configuration
|
||||
Below is very simple EIGRP configuration. Interface `eth0` and
|
||||
interface which address match to `10.0.0.0/8` are EIGRP enabled.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
router eigrp 1
|
||||
|
@ -18,7 +18,7 @@ IP Access List
|
||||
Basic filtering is done by `access-list` as shown in the
|
||||
following example.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
access-list filter deny 10.0.0.0/9
|
||||
access-list filter permit 10.0.0.0/8
|
||||
|
@ -559,7 +559,9 @@ Debugging ISIS
|
||||
ISIS Configuration Examples
|
||||
===========================
|
||||
|
||||
A simple example, with MD5 authentication enabled:::
|
||||
A simple example, with MD5 authentication enabled:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
interface eth0
|
||||
@ -575,7 +577,9 @@ A simple example, with MD5 authentication enabled:::
|
||||
|
||||
A Traffic Engineering configuration, with Inter-ASv2 support.
|
||||
|
||||
First, the 'zebra.conf' part:::
|
||||
First, the :file:`zebra.conf` part:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
hostname HOSTNAME
|
||||
password PASSWORD
|
||||
@ -614,7 +618,9 @@ First, the 'zebra.conf' part:::
|
||||
neighbor 10.1.1.2 as 65000
|
||||
|
||||
|
||||
Then the 'isisd.conf' itself:::
|
||||
Then the :file:`isisd.conf` itself:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
hostname HOSTNAME
|
||||
password PASSWORD
|
||||
|
@ -52,7 +52,9 @@ hub nodes, these routes should be internally redistributed using some
|
||||
routing protocol (e.g. iBGP) to allow hubs to be able to relay all traffic.
|
||||
|
||||
This can be achieved in hubs with the following bgp configuration (network
|
||||
command defines the GRE subnet):::
|
||||
command defines the GRE subnet):
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 65555
|
||||
address-family ipv4 unicast
|
||||
@ -82,12 +84,12 @@ using NFLOG. Typically you want to send Traffic Indications for network
|
||||
traffic that is routed from gre1 back to gre1 in rate limited manner.
|
||||
This can be achieved with the following iptables rule.
|
||||
|
||||
::
|
||||
.. code-block:: shell
|
||||
|
||||
iptables -A FORWARD -i gre1 -o gre1 \\
|
||||
-m hashlimit --hashlimit-upto 4/minute --hashlimit-burst 1 \\
|
||||
--hashlimit-mode srcip,dstip --hashlimit-srcmask 24 --hashlimit-dstmask 24 \\
|
||||
--hashlimit-name loglimit-0 -j NFLOG --nflog-group 1 --nflog-range 128
|
||||
iptables -A FORWARD -i gre1 -o gre1 \\
|
||||
-m hashlimit --hashlimit-upto 4/minute --hashlimit-burst 1 \\
|
||||
--hashlimit-mode srcip,dstip --hashlimit-srcmask 24 --hashlimit-dstmask 24 \\
|
||||
--hashlimit-name loglimit-0 -j NFLOG --nflog-group 1 --nflog-range 128
|
||||
|
||||
|
||||
You can fine tune the src/dstmask according to the prefix lengths you
|
||||
@ -95,15 +97,20 @@ announce internal, add additional IP range matches, or rate limitation
|
||||
if needed. However, the above should be good in most cases.
|
||||
|
||||
This kernel NFLOG target's nflog-group is configured in global nhrp config
|
||||
with:::
|
||||
with:
|
||||
|
||||
nhrp nflog-group 1
|
||||
.. code-block:: frr
|
||||
|
||||
nhrp nflog-group 1
|
||||
|
||||
To start sending these traffic notices out from hubs, use the nhrp
|
||||
per-interface directive:::
|
||||
per-interface directive:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
interface gre1
|
||||
ip nhrp redirect
|
||||
|
||||
interface gre1
|
||||
ip nhrp redirect
|
||||
|
||||
.. _integration-with-ike:
|
||||
|
||||
|
@ -49,7 +49,9 @@ OSPF6 router
|
||||
will cause the holdtime to be increased by `initial-holdtime`, bounded
|
||||
by the `maximum-holdtime` configured with this command. If the adaptive
|
||||
hold-time elapses without any SPF-triggering event occuring then
|
||||
the current holdtime is reset to the `initial-holdtime`.::
|
||||
the current holdtime is reset to the `initial-holdtime`.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router ospf6
|
||||
timers throttle spf 200 400 10000
|
||||
@ -187,7 +189,7 @@ OSPF6 Configuration Examples
|
||||
|
||||
Example of ospf6d configured on one interface and area:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
interface eth0
|
||||
ipv6 ospf6 instance-id 0
|
||||
|
@ -336,61 +336,61 @@ are fully adjacent with 192.168.0.49.
|
||||
|
||||
::
|
||||
|
||||
# show ip ospf database router 192.168.0.49
|
||||
# show ip ospf database router 192.168.0.49
|
||||
|
||||
OSPF Router with ID (192.168.0.53)
|
||||
OSPF Router with ID (192.168.0.53)
|
||||
|
||||
Router Link States (Area 0.0.0.0)
|
||||
Router Link States (Area 0.0.0.0)
|
||||
|
||||
LS age: 38
|
||||
Options: 0x2 : *|-|-|-|-|-|E|*
|
||||
LS Flags: 0x6
|
||||
Flags: 0x2 : ASBR
|
||||
LS Type: router-LSA
|
||||
Link State ID: 192.168.0.49
|
||||
Advertising Router: 192.168.0.49
|
||||
LS Seq Number: 80000f90
|
||||
Checksum: 0x518b
|
||||
Length: 60
|
||||
Number of Links: 3
|
||||
LS age: 38
|
||||
Options: 0x2 : *|-|-|-|-|-|E|*
|
||||
LS Flags: 0x6
|
||||
Flags: 0x2 : ASBR
|
||||
LS Type: router-LSA
|
||||
Link State ID: 192.168.0.49
|
||||
Advertising Router: 192.168.0.49
|
||||
LS Seq Number: 80000f90
|
||||
Checksum: 0x518b
|
||||
Length: 60
|
||||
Number of Links: 3
|
||||
|
||||
Link connected to: a Transit Network
|
||||
(Link ID) Designated Router address: 192.168.1.3
|
||||
(Link Data) Router Interface address: 192.168.1.3
|
||||
Number of TOS metrics: 0
|
||||
TOS 0 Metric: 10
|
||||
Link connected to: a Transit Network
|
||||
(Link ID) Designated Router address: 192.168.1.3
|
||||
(Link Data) Router Interface address: 192.168.1.3
|
||||
Number of TOS metrics: 0
|
||||
TOS 0 Metric: 10
|
||||
|
||||
Link connected to: a Transit Network
|
||||
(Link ID) Designated Router address: 192.168.0.49
|
||||
(Link Data) Router Interface address: 192.168.0.49
|
||||
Number of TOS metrics: 0
|
||||
TOS 0 Metric: 10
|
||||
Link connected to: a Transit Network
|
||||
(Link ID) Designated Router address: 192.168.0.49
|
||||
(Link Data) Router Interface address: 192.168.0.49
|
||||
Number of TOS metrics: 0
|
||||
TOS 0 Metric: 10
|
||||
|
||||
Link connected to: Stub Network
|
||||
(Link ID) Net: 192.168.3.190
|
||||
(Link Data) Network Mask: 255.255.255.255
|
||||
Number of TOS metrics: 0
|
||||
TOS 0 Metric: 39063
|
||||
# show ip ospf database network 192.168.0.49
|
||||
Link connected to: Stub Network
|
||||
(Link ID) Net: 192.168.3.190
|
||||
(Link Data) Network Mask: 255.255.255.255
|
||||
Number of TOS metrics: 0
|
||||
TOS 0 Metric: 39063
|
||||
# show ip ospf database network 192.168.0.49
|
||||
|
||||
OSPF Router with ID (192.168.0.53)
|
||||
OSPF Router with ID (192.168.0.53)
|
||||
|
||||
Net Link States (Area 0.0.0.0)
|
||||
Net Link States (Area 0.0.0.0)
|
||||
|
||||
LS age: 285
|
||||
Options: 0x2 : *|-|-|-|-|-|E|*
|
||||
LS Flags: 0x6
|
||||
LS Type: network-LSA
|
||||
Link State ID: 192.168.0.49 (address of Designated Router)
|
||||
Advertising Router: 192.168.0.49
|
||||
LS Seq Number: 80000074
|
||||
Checksum: 0x0103
|
||||
Length: 40
|
||||
Network Mask: /29
|
||||
Attached Router: 192.168.0.49
|
||||
Attached Router: 192.168.0.52
|
||||
Attached Router: 192.168.0.53
|
||||
Attached Router: 192.168.0.54
|
||||
LS age: 285
|
||||
Options: 0x2 : *|-|-|-|-|-|E|*
|
||||
LS Flags: 0x6
|
||||
LS Type: network-LSA
|
||||
Link State ID: 192.168.0.49 (address of Designated Router)
|
||||
Advertising Router: 192.168.0.49
|
||||
LS Seq Number: 80000074
|
||||
Checksum: 0x0103
|
||||
Length: 40
|
||||
Network Mask: /29
|
||||
Attached Router: 192.168.0.49
|
||||
Attached Router: 192.168.0.52
|
||||
Attached Router: 192.168.0.53
|
||||
Attached Router: 192.168.0.54
|
||||
|
||||
|
||||
Note that from one LSA, you can find the other. E.g. Given the
|
||||
@ -412,26 +412,26 @@ following partial topology:
|
||||
|
||||
::
|
||||
|
||||
------------------------ Network: ......
|
||||
| Designated Router IP: 192.168.1.3
|
||||
|
|
||||
IP: 192.168.1.3
|
||||
(transit link)
|
||||
(cost: 10)
|
||||
Router ID: 192.168.0.49(stub)---------- IP: 192.168.3.190/32
|
||||
(cost: 10) (cost: 39063)
|
||||
(transit link)
|
||||
IP: 192.168.0.49
|
||||
|
|
||||
|
|
||||
------------------------------ Network: 192.168.0.48/29
|
||||
| | | Designated Router IP: 192.168.0.49
|
||||
| | |
|
||||
| | Router ID: 192.168.0.54
|
||||
| |
|
||||
| Router ID: 192.168.0.53
|
||||
|
|
||||
Router ID: 192.168.0.52
|
||||
------------------------ Network: ......
|
||||
| Designated Router IP: 192.168.1.3
|
||||
|
|
||||
IP: 192.168.1.3
|
||||
(transit link)
|
||||
(cost: 10)
|
||||
Router ID: 192.168.0.49(stub)---------- IP: 192.168.3.190/32
|
||||
(cost: 10) (cost: 39063)
|
||||
(transit link)
|
||||
IP: 192.168.0.49
|
||||
|
|
||||
|
|
||||
------------------------------ Network: 192.168.0.48/29
|
||||
| | | Designated Router IP: 192.168.0.49
|
||||
| | |
|
||||
| | Router ID: 192.168.0.54
|
||||
| |
|
||||
| Router ID: 192.168.0.53
|
||||
|
|
||||
Router ID: 192.168.0.52
|
||||
|
||||
|
||||
Note the Router IDs, though they look like IP addresses and often are
|
||||
@ -495,22 +495,22 @@ should forward to the originating ASBR if selected.
|
||||
|
||||
::
|
||||
|
||||
# show ip ospf database external 192.168.165.0
|
||||
LS age: 995
|
||||
Options: 0x2 : *|-|-|-|-|-|E|*
|
||||
LS Flags: 0x9
|
||||
LS Type: AS-external-LSA
|
||||
Link State ID: 192.168.165.0 (External Network Number)
|
||||
Advertising Router: 192.168.0.49
|
||||
LS Seq Number: 800001d8
|
||||
Checksum: 0xea27
|
||||
Length: 36
|
||||
Network Mask: /24
|
||||
Metric Type: 2 (Larger than any link state path)
|
||||
TOS: 0
|
||||
Metric: 20
|
||||
Forward Address: 0.0.0.0
|
||||
External Route Tag: 0
|
||||
# show ip ospf database external 192.168.165.0
|
||||
LS age: 995
|
||||
Options: 0x2 : *|-|-|-|-|-|E|*
|
||||
LS Flags: 0x9
|
||||
LS Type: AS-external-LSA
|
||||
Link State ID: 192.168.165.0 (External Network Number)
|
||||
Advertising Router: 192.168.0.49
|
||||
LS Seq Number: 800001d8
|
||||
Checksum: 0xea27
|
||||
Length: 36
|
||||
Network Mask: /24
|
||||
Metric Type: 2 (Larger than any link state path)
|
||||
TOS: 0
|
||||
Metric: 20
|
||||
Forward Address: 0.0.0.0
|
||||
External Route Tag: 0
|
||||
|
||||
|
||||
We can add this to our partial topology from above, which now looks
|
||||
|
@ -163,7 +163,7 @@ writing, *ospfd* does not support multiple OSPF processes.
|
||||
holdtime can be viewed with :clicmd:`show ip ospf`, where it is expressed as
|
||||
a multiplier of the `initial-holdtime`.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
router ospf
|
||||
timers throttle spf 200 400 10000
|
||||
@ -249,11 +249,10 @@ writing, *ospfd* does not support multiple OSPF processes.
|
||||
on this interface so router can provide network information to the other
|
||||
ospf routers via this interface.
|
||||
|
||||
::
|
||||
|
||||
router ospf
|
||||
network 192.168.1.0/24 area 0.0.0.0
|
||||
.. code-block:: frr
|
||||
|
||||
router ospf
|
||||
network 192.168.1.0/24 area 0.0.0.0
|
||||
|
||||
Prefix length in interface must be equal or bigger (ie. smaller network) than
|
||||
prefix length in network statement. For example statement above doesn't enable
|
||||
@ -288,23 +287,23 @@ OSPF area
|
||||
.. index:: no area (0-4294967295) range A.B.C.D/M
|
||||
.. clicmd:: no area (0-4294967295) range A.B.C.D/M
|
||||
|
||||
Summarize intra area paths from specified area into one Type-3 summary-LSA
|
||||
announced to other areas. This command can be used only in ABR and ONLY
|
||||
router-LSAs (Type-1) and network-LSAs (Type-2) (ie. LSAs with scope area) can
|
||||
be summarized. Type-5 AS-external-LSAs can't be summarized - their scope is AS.
|
||||
Summarizing Type-7 AS-external-LSAs isn't supported yet by FRR.
|
||||
Summarize intra area paths from specified area into one Type-3 summary-LSA
|
||||
announced to other areas. This command can be used only in ABR and ONLY
|
||||
router-LSAs (Type-1) and network-LSAs (Type-2) (ie. LSAs with scope area) can
|
||||
be summarized. Type-5 AS-external-LSAs can't be summarized - their scope is AS.
|
||||
Summarizing Type-7 AS-external-LSAs isn't supported yet by FRR.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
router ospf
|
||||
network 192.168.1.0/24 area 0.0.0.0
|
||||
network 10.0.0.0/8 area 0.0.0.10
|
||||
area 0.0.0.10 range 10.0.0.0/8
|
||||
router ospf
|
||||
network 192.168.1.0/24 area 0.0.0.0
|
||||
network 10.0.0.0/8 area 0.0.0.10
|
||||
area 0.0.0.10 range 10.0.0.0/8
|
||||
|
||||
|
||||
With configuration above one Type-3 Summary-LSA with routing info 10.0.0.0/8 is
|
||||
announced into backbone area if area 0.0.0.10 contains at least one intra-area
|
||||
network (ie. described with router or network LSA) from this range.
|
||||
With configuration above one Type-3 Summary-LSA with routing info 10.0.0.0/8 is
|
||||
announced into backbone area if area 0.0.0.10 contains at least one intra-area
|
||||
network (ie. described with router or network LSA) from this range.
|
||||
|
||||
.. index:: area A.B.C.D range IPV4_PREFIX not-advertise
|
||||
.. clicmd:: area A.B.C.D range IPV4_PREFIX not-advertise
|
||||
@ -324,12 +323,12 @@ OSPF area
|
||||
|
||||
Substitute summarized prefix with another prefix.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
router ospf
|
||||
network 192.168.1.0/24 area 0.0.0.0
|
||||
network 10.0.0.0/8 area 0.0.0.10
|
||||
area 0.0.0.10 range 10.0.0.0/8 substitute 11.0.0.0/8
|
||||
router ospf
|
||||
network 192.168.1.0/24 area 0.0.0.0
|
||||
network 10.0.0.0/8 area 0.0.0.10
|
||||
area 0.0.0.10 range 10.0.0.0/8 substitute 11.0.0.0/8
|
||||
|
||||
|
||||
One Type-3 summary-LSA with routing info 11.0.0.0/8 is announced into backbone area if
|
||||
@ -421,16 +420,15 @@ OSPF area
|
||||
Filter Type-3 summary-LSAs announced to other areas originated from intra-
|
||||
area paths from specified area.
|
||||
|
||||
::
|
||||
|
||||
router ospf
|
||||
network 192.168.1.0/24 area 0.0.0.0
|
||||
network 10.0.0.0/8 area 0.0.0.10
|
||||
area 0.0.0.10 export-list foo
|
||||
!
|
||||
access-list foo permit 10.10.0.0/16
|
||||
access-list foo deny any
|
||||
.. code-block:: frr
|
||||
|
||||
router ospf
|
||||
network 192.168.1.0/24 area 0.0.0.0
|
||||
network 10.0.0.0/8 area 0.0.0.10
|
||||
area 0.0.0.10 export-list foo
|
||||
!
|
||||
access-list foo permit 10.10.0.0/16
|
||||
access-list foo deny any
|
||||
|
||||
With example above any intra-area paths from area 0.0.0.10 and from range
|
||||
10.10.0.0/16 (for example 10.10.1.0/24 and 10.10.2.128/30) are announced into
|
||||
@ -452,8 +450,8 @@ OSPF area
|
||||
.. index:: no area (0-4294967295) import-list NAME
|
||||
.. clicmd:: no area (0-4294967295) import-list NAME
|
||||
|
||||
Same as export-list, but it applies to paths announced into specified area as
|
||||
Type-3 summary-LSAs.
|
||||
Same as export-list, but it applies to paths announced into specified area
|
||||
as Type-3 summary-LSAs.
|
||||
|
||||
.. index:: area A.B.C.D filter-list prefix NAME in
|
||||
.. clicmd:: area A.B.C.D filter-list prefix NAME in
|
||||
@ -479,8 +477,8 @@ OSPF area
|
||||
.. index:: no area (0-4294967295) filter-list prefix NAME out
|
||||
.. clicmd:: no area (0-4294967295) filter-list prefix NAME out
|
||||
|
||||
Filtering Type-3 summary-LSAs to/from area using prefix lists. This command
|
||||
makes sense in ABR only.
|
||||
Filtering Type-3 summary-LSAs to/from area using prefix lists. This command
|
||||
makes sense in ABR only.
|
||||
|
||||
.. index:: area A.B.C.D authentication
|
||||
.. clicmd:: area A.B.C.D authentication
|
||||
@ -494,8 +492,8 @@ OSPF area
|
||||
.. index:: no area (0-4294967295) authentication
|
||||
.. clicmd:: no area (0-4294967295) authentication
|
||||
|
||||
Specify that simple password authentication should be used for the given
|
||||
area.
|
||||
Specify that simple password authentication should be used for the given
|
||||
area.
|
||||
|
||||
.. index:: area A.B.C.D authentication message-digest
|
||||
.. clicmd:: area A.B.C.D authentication message-digest
|
||||
@ -568,12 +566,11 @@ OSPF interface
|
||||
Set OSPF authentication key to a cryptographic password. The cryptographic
|
||||
algorithm is MD5.
|
||||
|
||||
KEYID identifies secret key used to create the message digest. This ID
|
||||
is part of the protocol and must be consistent across routers on a
|
||||
link.
|
||||
KEYID identifies secret key used to create the message digest. This ID is
|
||||
part of the protocol and must be consistent across routers on a link.
|
||||
|
||||
KEY is the actual message digest key, of up to 16 chars (larger strings
|
||||
will be truncated), and is associated with the given KEYID.
|
||||
KEY is the actual message digest key, of up to 16 chars (larger strings will
|
||||
be truncated), and is associated with the given KEYID.
|
||||
|
||||
.. index:: ip ospf cost (1-65535)
|
||||
.. clicmd:: ip ospf cost (1-65535)
|
||||
@ -581,8 +578,8 @@ OSPF interface
|
||||
.. index:: no ip ospf cost
|
||||
.. clicmd:: no ip ospf cost
|
||||
|
||||
Set link cost for the specified interface. The cost value is set to router-LSA's
|
||||
metric field and used for SPF calculation.
|
||||
Set link cost for the specified interface. The cost value is set to
|
||||
router-LSA's metric field and used for SPF calculation.
|
||||
|
||||
.. index:: ip ospf dead-interval (1-65535)
|
||||
.. clicmd:: ip ospf dead-interval (1-65535)
|
||||
@ -635,10 +632,9 @@ OSPF interface
|
||||
.. index:: no ip ospf priority
|
||||
.. clicmd:: no ip ospf priority
|
||||
|
||||
Set RouterPriority integer value. The router with the highest priority
|
||||
will be more eligible to become Designated Router. Setting the value
|
||||
to 0, makes the router ineligible to become Designated Router. The
|
||||
default value is 1.
|
||||
Set RouterPriority integer value. The router with the highest priority will
|
||||
be more eligible to become Designated Router. Setting the value to 0, makes
|
||||
the router ineligible to become Designated Router. The default value is 1.
|
||||
|
||||
.. index:: ip ospf retransmit-interval (1-65535)
|
||||
.. clicmd:: ip ospf retransmit-interval (1-65535)
|
||||
@ -646,9 +642,9 @@ OSPF interface
|
||||
.. index:: no ip ospf retransmit interval
|
||||
.. clicmd:: no ip ospf retransmit interval
|
||||
|
||||
Set number of seconds for RxmtInterval timer value. This value is used
|
||||
when retransmitting Database Description and Link State Request packets.
|
||||
The default value is 5 seconds.
|
||||
Set number of seconds for RxmtInterval timer value. This value is used when
|
||||
retransmitting Database Description and Link State Request packets. The
|
||||
default value is 5 seconds.
|
||||
|
||||
.. index:: ip ospf transmit-delay
|
||||
.. clicmd:: ip ospf transmit-delay
|
||||
@ -657,8 +653,7 @@ OSPF interface
|
||||
.. clicmd:: no ip ospf transmit-delay
|
||||
|
||||
Set number of seconds for InfTransDelay value. LSAs' age should be
|
||||
incremented by this value when transmitting.
|
||||
The default value is 1 seconds.
|
||||
incremented by this value when transmitting. The default value is 1 second.
|
||||
|
||||
.. index:: ip ospf area (A.B.C.D|(0-4294967295))
|
||||
.. clicmd:: ip ospf area (A.B.C.D|(0-4294967295))
|
||||
@ -666,7 +661,7 @@ OSPF interface
|
||||
.. index:: no ip ospf area
|
||||
.. clicmd:: no ip ospf area
|
||||
|
||||
Enable ospf on an interface and set associated area.
|
||||
Enable ospf on an interface and set associated area.
|
||||
|
||||
.. _redistribute-routes-to-ospf:
|
||||
|
||||
@ -702,16 +697,16 @@ Redistribute routes to OSPF
|
||||
|
||||
.. _ospf-redistribute:
|
||||
|
||||
Redistribute routes of the specified protocol
|
||||
or kind into OSPF, with the metric type and metric set if specified,
|
||||
filtering the routes using the given route-map if specified.
|
||||
Redistributed routes may also be filtered with distribute-lists, see
|
||||
Redistribute routes of the specified protocol or kind into OSPF, with the
|
||||
metric type and metric set if specified, filtering the routes using the
|
||||
given route-map if specified. Redistributed routes may also be filtered
|
||||
with distribute-lists, see
|
||||
:ref:`ospf distribute-list configuration <ospf-distribute-list>`.
|
||||
|
||||
Redistributed routes are distributed as into OSPF as Type-5 External
|
||||
LSAs into links to areas that accept external routes, Type-7 External LSAs
|
||||
for NSSA areas and are not redistributed at all into Stub areas, where
|
||||
external routes are not permitted.
|
||||
Redistributed routes are distributed as into OSPF as Type-5 External LSAs
|
||||
into links to areas that accept external routes, Type-7 External LSAs for
|
||||
NSSA areas and are not redistributed at all into Stub areas, where external
|
||||
routes are not permitted.
|
||||
|
||||
Note that for connected routes, one may instead use the `passive-interface`
|
||||
configuration.
|
||||
@ -747,10 +742,10 @@ Redistribute routes to OSPF
|
||||
.. index:: no default-information originate
|
||||
.. clicmd:: no default-information originate
|
||||
|
||||
Originate an AS-External (type-5) LSA describing a default route into
|
||||
all external-routing capable areas, of the specified metric and metric
|
||||
type. If the 'always' keyword is given then the default is always
|
||||
advertised, even when there is no default present in the routing table.
|
||||
Originate an AS-External (type-5) LSA describing a default route into all
|
||||
external-routing capable areas, of the specified metric and metric type. If
|
||||
the 'always' keyword is given then the default is always advertised, even
|
||||
when there is no default present in the routing table.
|
||||
|
||||
.. index:: distribute-list NAME out (kernel|connected|static|rip|ospf
|
||||
.. clicmd:: distribute-list NAME out (kernel|connected|static|rip|ospf
|
||||
@ -760,9 +755,9 @@ Redistribute routes to OSPF
|
||||
|
||||
.. _ospf-distribute-list:
|
||||
|
||||
Apply the access-list filter, NAME, to
|
||||
redistributed routes of the given type before allowing the routes to
|
||||
redistributed into OSPF (:ref:`ospf redistribution <ospf-redistribute>`).
|
||||
Apply the access-list filter, NAME, to redistributed routes of the given
|
||||
type before allowing the routes to redistributed into OSPF
|
||||
(:ref:`ospf redistribution <ospf-redistribute>`).
|
||||
|
||||
.. index:: default-metric (0-16777214)
|
||||
.. clicmd:: default-metric (0-16777214)
|
||||
@ -850,7 +845,8 @@ Showing OSPF information
|
||||
.. index:: show ip ospf route
|
||||
.. clicmd:: show ip ospf route
|
||||
|
||||
Show the OSPF routing table, as determined by the most recent SPF calculation.
|
||||
Show the OSPF routing table, as determined by the most recent SPF
|
||||
calculation.
|
||||
|
||||
.. _opaque-lsa:
|
||||
|
||||
@ -869,9 +865,9 @@ Opaque LSA
|
||||
.. index:: no capability opaque
|
||||
.. clicmd:: no capability opaque
|
||||
|
||||
*ospfd* support Opaque LSA (RFC2370) as fondment for MPLS Traffic Engineering
|
||||
LSA. Prior to used MPLS TE, opaque-lsa must be enable in the configuration
|
||||
file. Alternate command could be "mpls-te on"
|
||||
*ospfd* support Opaque LSA (:rfc:`2370`) as fondment for MPLS Traffic
|
||||
Engineering LSA. Prior to used MPLS TE, opaque-lsa must be enable in the
|
||||
configuration file. Alternate command could be "mpls-te on"
|
||||
(:ref:`ospf-traffic-engineering`).
|
||||
|
||||
.. index:: show ip ospf database (opaque-link|opaque-area|opaque-external)
|
||||
@ -981,18 +977,19 @@ Router Information
|
||||
.. index:: no pce scope
|
||||
.. clicmd:: no pce scope
|
||||
|
||||
The commands are conform to :rfc:`5088` and allow OSPF router announce Path
|
||||
Compuatation Elemenent (PCE) capabilities through the Router Information (RI)
|
||||
LSA. Router Information must be enable prior to this. The command set/unset
|
||||
respectively the PCE IP adress, Autonomous System (AS) numbers of controlled
|
||||
domains, neighbor ASs, flag and scope. For flag and scope, please refer to
|
||||
:rfc`5088` for the BITPATTERN recognition. Multiple 'pce neighbor' command
|
||||
could be specified in order to specify all PCE neighbours.
|
||||
The commands are conform to :rfc:`5088` and allow OSPF router announce Path
|
||||
Compuatation Elemenent (PCE) capabilities through the Router Information
|
||||
(RI) LSA. Router Information must be enable prior to this. The command
|
||||
set/unset respectively the PCE IP adress, Autonomous System (AS) numbers of
|
||||
controlled domains, neighbor ASs, flag and scope. For flag and scope, please
|
||||
refer to :rfc`5088` for the BITPATTERN recognition. Multiple 'pce neighbor'
|
||||
command could be specified in order to specify all PCE neighbours.
|
||||
|
||||
.. index:: show ip ospf router-info
|
||||
.. clicmd:: show ip ospf router-info
|
||||
|
||||
Show Router Capabilities flag.
|
||||
|
||||
.. index:: show ip ospf router-info pce
|
||||
.. clicmd:: show ip ospf router-info pce
|
||||
|
||||
@ -1028,10 +1025,10 @@ This is an EXPERIMENTAL support of Segment Routing as per draft
|
||||
.. index:: [no] segment-routing prefix A.B.C.D/M index (0-65535) [no-php-flag]
|
||||
.. clicmd:: [no] segment-routing prefix A.B.C.D/M index (0-65535) [no-php-flag]
|
||||
|
||||
Set the Segment Rounting index for the specifyed prefix. Note
|
||||
that, only prefix with /32 corresponding to a loopback interface are
|
||||
currently supported. The 'no-php-flag' means NO Penultimate Hop Popping that
|
||||
allows SR node to request to its neighbor to not pop the label.
|
||||
Set the Segment Rounting index for the specifyed prefix. Note that, only
|
||||
prefix with /32 corresponding to a loopback interface are currently
|
||||
supported. The 'no-php-flag' means NO Penultimate Hop Popping that allows SR
|
||||
node to request to its neighbor to not pop the label.
|
||||
|
||||
.. index:: show ip ospf database segment-routing <adv-router ADVROUTER|self-originate> [json]
|
||||
.. clicmd:: show ip ospf database segment-routing <adv-router ADVROUTER|self-originate> [json]
|
||||
@ -1140,7 +1137,7 @@ OSPF Configuration Examples
|
||||
|
||||
A simple example, with MD5 authentication enabled:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
interface bge0
|
||||
@ -1155,7 +1152,7 @@ A simple example, with MD5 authentication enabled:
|
||||
An :abbr:`ABR` router, with MD5 authentication and performing summarisation
|
||||
of networks between the areas:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
password ABCDEF
|
||||
@ -1189,7 +1186,9 @@ of networks between the areas:
|
||||
|
||||
A Traffic Engineering configuration, with Inter-ASv2 support.
|
||||
|
||||
First, the 'zebra.conf' part:::
|
||||
First, the :file:`zebra.conf` part:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
interface eth0
|
||||
ip address 198.168.1.1/24
|
||||
@ -1262,7 +1261,9 @@ First, the 'zebra.conf' part:::
|
||||
unrsv-bw 7 1.25e+06
|
||||
neighbor 192.168.2.2 as 65000
|
||||
|
||||
Then the 'ospfd.conf' itself:::
|
||||
Then the :file:`ospfd.conf` itself:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
hostname HOSTNAME
|
||||
password PASSWORD
|
||||
@ -1288,8 +1289,9 @@ Then the 'ospfd.conf' itself:::
|
||||
!
|
||||
line vty
|
||||
|
||||
A router information example with PCE advsertisement:
|
||||
|
||||
A router information example with PCE advsertisement:::
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
router ospf
|
||||
|
@ -95,17 +95,17 @@ architecture creates new possibilities for the routing system.
|
||||
|
||||
::
|
||||
|
||||
+----+ +----+ +-----+ +-----+
|
||||
|bgpd| |ripd| |ospfd| |zebra|
|
||||
+----+ +----+ +-----+ +-----+
|
||||
|
|
||||
+---------------------------|--+
|
||||
| v |
|
||||
| UNIX Kernel routing table |
|
||||
| |
|
||||
+------------------------------+
|
||||
+----+ +----+ +-----+ +-----+
|
||||
|bgpd| |ripd| |ospfd| |zebra|
|
||||
+----+ +----+ +-----+ +-----+
|
||||
|
|
||||
+---------------------------|--+
|
||||
| v |
|
||||
| UNIX Kernel routing table |
|
||||
| |
|
||||
+------------------------------+
|
||||
|
||||
FRR System Architecture
|
||||
FRR System Architecture
|
||||
|
||||
|
||||
Multi-process architecture brings extensibility, modularity and
|
||||
|
@ -214,8 +214,8 @@ is in a vrf, enter the interface command with the vrf keyword at the end.
|
||||
|
||||
.. _pim-multicast-rib-insertion:
|
||||
|
||||
PIM Multicast RIB insertion::
|
||||
=============================
|
||||
PIM Multicast RIB insertion:
|
||||
============================
|
||||
|
||||
In order to influence Multicast RPF lookup, it is possible to insert
|
||||
into zebra routes for the Multicast RIB. These routes are only
|
||||
|
@ -146,7 +146,7 @@ RIP Configuration
|
||||
Below is very simple RIP configuration. Interface `eth0` and interface which
|
||||
address match to `10.0.0.0/8` are RIP enabled.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
router rip
|
||||
@ -354,7 +354,7 @@ RIP routes can be filtered by a distribute-list.
|
||||
the distribute-list command. For example, in the following configuration
|
||||
``eth0`` will permit only the paths that match the route 10.0.0.0/8
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
router rip
|
||||
@ -446,11 +446,11 @@ Usage of *ripd*'s route-map support.
|
||||
Optional argument route-map MAP_NAME can be added to each `redistribute`
|
||||
statement.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
redistribute static [route-map MAP_NAME]
|
||||
redistribute connected [route-map MAP_NAME]
|
||||
.....
|
||||
redistribute static [route-map MAP_NAME]
|
||||
redistribute connected [route-map MAP_NAME]
|
||||
.....
|
||||
|
||||
|
||||
Cisco applies route-map _before_ routes will exported to rip route table. In
|
||||
@ -572,17 +572,17 @@ To prevent such unauthenticated querying of routes disable RIPv1,
|
||||
|
||||
Specifiy Keyed MD5 chain.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
!
|
||||
key chain test
|
||||
key 1
|
||||
key-string test
|
||||
!
|
||||
interface eth1
|
||||
ip rip authentication mode md5
|
||||
ip rip authentication key-chain test
|
||||
!
|
||||
!
|
||||
key chain test
|
||||
key 1
|
||||
key-string test
|
||||
!
|
||||
interface eth1
|
||||
ip rip authentication mode md5
|
||||
ip rip authentication key-chain test
|
||||
!
|
||||
|
||||
|
||||
.. _rip-timers:
|
||||
|
@ -302,11 +302,11 @@ Route Map Examples
|
||||
|
||||
A simple example of a route-map:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
route-map test permit 10
|
||||
match ip address 10
|
||||
set local-preference 200
|
||||
route-map test permit 10
|
||||
match ip address 10
|
||||
set local-preference 200
|
||||
|
||||
|
||||
This means that if a route matches ip access-list number 10 it's
|
||||
|
@ -246,7 +246,7 @@ against the other two routers. These peerings have In and Out route-maps
|
||||
configured, named like 'PEER-X-IN' or 'PEER-X-OUT'. For example the
|
||||
configuration file for router RA could be the following:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
#Configuration for router 'RA'
|
||||
!
|
||||
@ -319,29 +319,29 @@ modify the configuration of routers RA, RB and RC. Now they must not peer
|
||||
between them, but only with the route server. For example, RA's
|
||||
configuration would turn into:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
# Configuration for router 'RA'
|
||||
!
|
||||
hostname RA
|
||||
password ****
|
||||
!
|
||||
router bgp 65001
|
||||
no bgp default ipv4-unicast
|
||||
neighbor 2001:0DB8::FFFF remote-as 65000
|
||||
!
|
||||
address-family ipv6
|
||||
network 2001:0DB8:AAAA:1::/64
|
||||
network 2001:0DB8:AAAA:2::/64
|
||||
network 2001:0DB8:0000:1::/64
|
||||
network 2001:0DB8:0000:2::/64
|
||||
# Configuration for router 'RA'
|
||||
!
|
||||
hostname RA
|
||||
password ****
|
||||
!
|
||||
router bgp 65001
|
||||
no bgp default ipv4-unicast
|
||||
neighbor 2001:0DB8::FFFF remote-as 65000
|
||||
!
|
||||
address-family ipv6
|
||||
network 2001:0DB8:AAAA:1::/64
|
||||
network 2001:0DB8:AAAA:2::/64
|
||||
network 2001:0DB8:0000:1::/64
|
||||
network 2001:0DB8:0000:2::/64
|
||||
|
||||
neighbor 2001:0DB8::FFFF activate
|
||||
neighbor 2001:0DB8::FFFF soft-reconfiguration inbound
|
||||
exit-address-family
|
||||
!
|
||||
line vty
|
||||
!
|
||||
neighbor 2001:0DB8::FFFF activate
|
||||
neighbor 2001:0DB8::FFFF soft-reconfiguration inbound
|
||||
exit-address-family
|
||||
!
|
||||
line vty
|
||||
!
|
||||
|
||||
|
||||
Which is logically much simpler than its initial configuration, as it now
|
||||
@ -362,84 +362,84 @@ server.
|
||||
This is a fragment of the route server configuration (we only show
|
||||
the policies for client RA):
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
# Configuration for Route Server ('RS')
|
||||
!
|
||||
hostname RS
|
||||
password ix
|
||||
!
|
||||
bgp multiple-instance
|
||||
!
|
||||
router bgp 65000 view RS
|
||||
no bgp default ipv4-unicast
|
||||
neighbor 2001:0DB8::A remote-as 65001
|
||||
neighbor 2001:0DB8::B remote-as 65002
|
||||
neighbor 2001:0DB8::C remote-as 65003
|
||||
!
|
||||
address-family ipv6
|
||||
neighbor 2001:0DB8::A activate
|
||||
neighbor 2001:0DB8::A route-server-client
|
||||
neighbor 2001:0DB8::A route-map RSCLIENT-A-IMPORT import
|
||||
neighbor 2001:0DB8::A route-map RSCLIENT-A-EXPORT export
|
||||
neighbor 2001:0DB8::A soft-reconfiguration inbound
|
||||
# Configuration for Route Server ('RS')
|
||||
!
|
||||
hostname RS
|
||||
password ix
|
||||
!
|
||||
bgp multiple-instance
|
||||
!
|
||||
router bgp 65000 view RS
|
||||
no bgp default ipv4-unicast
|
||||
neighbor 2001:0DB8::A remote-as 65001
|
||||
neighbor 2001:0DB8::B remote-as 65002
|
||||
neighbor 2001:0DB8::C remote-as 65003
|
||||
!
|
||||
address-family ipv6
|
||||
neighbor 2001:0DB8::A activate
|
||||
neighbor 2001:0DB8::A route-server-client
|
||||
neighbor 2001:0DB8::A route-map RSCLIENT-A-IMPORT import
|
||||
neighbor 2001:0DB8::A route-map RSCLIENT-A-EXPORT export
|
||||
neighbor 2001:0DB8::A soft-reconfiguration inbound
|
||||
|
||||
neighbor 2001:0DB8::B activate
|
||||
neighbor 2001:0DB8::B route-server-client
|
||||
neighbor 2001:0DB8::B route-map RSCLIENT-B-IMPORT import
|
||||
neighbor 2001:0DB8::B route-map RSCLIENT-B-EXPORT export
|
||||
neighbor 2001:0DB8::B soft-reconfiguration inbound
|
||||
neighbor 2001:0DB8::B activate
|
||||
neighbor 2001:0DB8::B route-server-client
|
||||
neighbor 2001:0DB8::B route-map RSCLIENT-B-IMPORT import
|
||||
neighbor 2001:0DB8::B route-map RSCLIENT-B-EXPORT export
|
||||
neighbor 2001:0DB8::B soft-reconfiguration inbound
|
||||
|
||||
neighbor 2001:0DB8::C activate
|
||||
neighbor 2001:0DB8::C route-server-client
|
||||
neighbor 2001:0DB8::C route-map RSCLIENT-C-IMPORT import
|
||||
neighbor 2001:0DB8::C route-map RSCLIENT-C-EXPORT export
|
||||
neighbor 2001:0DB8::C soft-reconfiguration inbound
|
||||
exit-address-family
|
||||
!
|
||||
ipv6 prefix-list COMMON-PREFIXES seq 5 permit 2001:0DB8:0000::/48 ge 64 le 64
|
||||
ipv6 prefix-list COMMON-PREFIXES seq 10 deny any
|
||||
!
|
||||
ipv6 prefix-list PEER-A-PREFIXES seq 5 permit 2001:0DB8:AAAA::/48 ge 64 le 64
|
||||
ipv6 prefix-list PEER-A-PREFIXES seq 10 deny any
|
||||
!
|
||||
ipv6 prefix-list PEER-B-PREFIXES seq 5 permit 2001:0DB8:BBBB::/48 ge 64 le 64
|
||||
ipv6 prefix-list PEER-B-PREFIXES seq 10 deny any
|
||||
!
|
||||
ipv6 prefix-list PEER-C-PREFIXES seq 5 permit 2001:0DB8:CCCC::/48 ge 64 le 64
|
||||
ipv6 prefix-list PEER-C-PREFIXES seq 10 deny any
|
||||
!
|
||||
route-map RSCLIENT-A-IMPORT permit 10
|
||||
match peer 2001:0DB8::B
|
||||
call A-IMPORT-FROM-B
|
||||
route-map RSCLIENT-A-IMPORT permit 20
|
||||
match peer 2001:0DB8::C
|
||||
call A-IMPORT-FROM-C
|
||||
!
|
||||
route-map A-IMPORT-FROM-B permit 10
|
||||
match ipv6 address prefix-list COMMON-PREFIXES
|
||||
set metric 100
|
||||
route-map A-IMPORT-FROM-B permit 20
|
||||
match ipv6 address prefix-list PEER-B-PREFIXES
|
||||
set community 65001:11111
|
||||
!
|
||||
route-map A-IMPORT-FROM-C permit 10
|
||||
match ipv6 address prefix-list COMMON-PREFIXES
|
||||
set metric 200
|
||||
route-map A-IMPORT-FROM-C permit 20
|
||||
match ipv6 address prefix-list PEER-C-PREFIXES
|
||||
set community 65001:22222
|
||||
!
|
||||
route-map RSCLIENT-A-EXPORT permit 10
|
||||
match peer 2001:0DB8::B
|
||||
match ipv6 address prefix-list PEER-A-PREFIXES
|
||||
route-map RSCLIENT-A-EXPORT permit 20
|
||||
match peer 2001:0DB8::C
|
||||
match ipv6 address prefix-list PEER-A-PREFIXES
|
||||
!
|
||||
...
|
||||
...
|
||||
...
|
||||
neighbor 2001:0DB8::C activate
|
||||
neighbor 2001:0DB8::C route-server-client
|
||||
neighbor 2001:0DB8::C route-map RSCLIENT-C-IMPORT import
|
||||
neighbor 2001:0DB8::C route-map RSCLIENT-C-EXPORT export
|
||||
neighbor 2001:0DB8::C soft-reconfiguration inbound
|
||||
exit-address-family
|
||||
!
|
||||
ipv6 prefix-list COMMON-PREFIXES seq 5 permit 2001:0DB8:0000::/48 ge 64 le 64
|
||||
ipv6 prefix-list COMMON-PREFIXES seq 10 deny any
|
||||
!
|
||||
ipv6 prefix-list PEER-A-PREFIXES seq 5 permit 2001:0DB8:AAAA::/48 ge 64 le 64
|
||||
ipv6 prefix-list PEER-A-PREFIXES seq 10 deny any
|
||||
!
|
||||
ipv6 prefix-list PEER-B-PREFIXES seq 5 permit 2001:0DB8:BBBB::/48 ge 64 le 64
|
||||
ipv6 prefix-list PEER-B-PREFIXES seq 10 deny any
|
||||
!
|
||||
ipv6 prefix-list PEER-C-PREFIXES seq 5 permit 2001:0DB8:CCCC::/48 ge 64 le 64
|
||||
ipv6 prefix-list PEER-C-PREFIXES seq 10 deny any
|
||||
!
|
||||
route-map RSCLIENT-A-IMPORT permit 10
|
||||
match peer 2001:0DB8::B
|
||||
call A-IMPORT-FROM-B
|
||||
route-map RSCLIENT-A-IMPORT permit 20
|
||||
match peer 2001:0DB8::C
|
||||
call A-IMPORT-FROM-C
|
||||
!
|
||||
route-map A-IMPORT-FROM-B permit 10
|
||||
match ipv6 address prefix-list COMMON-PREFIXES
|
||||
set metric 100
|
||||
route-map A-IMPORT-FROM-B permit 20
|
||||
match ipv6 address prefix-list PEER-B-PREFIXES
|
||||
set community 65001:11111
|
||||
!
|
||||
route-map A-IMPORT-FROM-C permit 10
|
||||
match ipv6 address prefix-list COMMON-PREFIXES
|
||||
set metric 200
|
||||
route-map A-IMPORT-FROM-C permit 20
|
||||
match ipv6 address prefix-list PEER-C-PREFIXES
|
||||
set community 65001:22222
|
||||
!
|
||||
route-map RSCLIENT-A-EXPORT permit 10
|
||||
match peer 2001:0DB8::B
|
||||
match ipv6 address prefix-list PEER-A-PREFIXES
|
||||
route-map RSCLIENT-A-EXPORT permit 20
|
||||
match peer 2001:0DB8::C
|
||||
match ipv6 address prefix-list PEER-A-PREFIXES
|
||||
!
|
||||
...
|
||||
...
|
||||
...
|
||||
|
||||
|
||||
If you compare the initial configuration of RA with the route server
|
||||
@ -487,7 +487,7 @@ any limitation, as all kinds of filters can be included in import/export
|
||||
route-maps. For example suppose that in the non-route-server scenario peer
|
||||
RA had the following filters configured for input from peer B:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
neighbor 2001:0DB8::B prefix-list LIST-1 in
|
||||
neighbor 2001:0DB8::B filter-list LIST-2 in
|
||||
@ -507,7 +507,7 @@ the three filters (the community-list, the prefix-list and the
|
||||
route-map). That route-map can then be used inside the Import
|
||||
policy in the route server. Lets see how to do it:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
neighbor 2001:0DB8::A route-map RSCLIENT-A-IMPORT import
|
||||
...
|
||||
|
@ -164,7 +164,7 @@ Validating BGP Updates
|
||||
In the following example, the router prefers valid routes over invalid
|
||||
prefixes because invalid routes have a lower local preference.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
! Allow for invalid routes in route selection process
|
||||
route bgp 60001
|
||||
@ -213,7 +213,7 @@ Displaying RPKI
|
||||
RPKI Configuration Example
|
||||
--------------------------
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
hostname bgpd1
|
||||
password zebra
|
||||
|
@ -42,22 +42,23 @@ master SNMP agent (snmpd) and each of the FRR daemons must be configured. In
|
||||
:file:`/etc/snmp/snmpd.conf`, the ``master agentx`` directive should be added.
|
||||
In each of the FRR daemons, ``agentx`` command will enable AgentX support.
|
||||
|
||||
::
|
||||
:file:`/etc/snmp/snmpd.conf`:
|
||||
#
|
||||
# example access restrictions setup
|
||||
#
|
||||
com2sec readonly default public
|
||||
group MyROGroup v1 readonly
|
||||
view all included .1 80
|
||||
access MyROGroup "" any noauth exact all none none
|
||||
#
|
||||
# enable master agent for AgentX subagents
|
||||
#
|
||||
master agentx
|
||||
|
||||
/etc/snmp/snmpd.conf:
|
||||
#
|
||||
# example access restrictions setup
|
||||
#
|
||||
com2sec readonly default public
|
||||
group MyROGroup v1 readonly
|
||||
view all included .1 80
|
||||
access MyROGroup "" any noauth exact all none none
|
||||
#
|
||||
# enable master agent for AgentX subagents
|
||||
#
|
||||
master agentx
|
||||
:file:`/etc/frr/ospfd.conf:`
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
/etc/frr/ospfd.conf:
|
||||
! ... the rest of ospfd.conf has been omitted for clarity ...
|
||||
!
|
||||
agentx
|
||||
@ -69,16 +70,16 @@ each FRR daemons:
|
||||
|
||||
::
|
||||
|
||||
2012/05/25 11:39:08 ZEBRA: snmp[info]: NET-SNMP version 5.4.3 AgentX subagent connected
|
||||
2012/05/25 11:39:08 ZEBRA: snmp[info]: NET-SNMP version 5.4.3 AgentX subagent connected
|
||||
|
||||
|
||||
Then, you can use the following command to check everything works as expected:
|
||||
|
||||
::
|
||||
|
||||
# snmpwalk -c public -v1 localhost .1.3.6.1.2.1.14.1.1
|
||||
OSPF-MIB::ospfRouterId.0 = IpAddress: 192.168.42.109
|
||||
[...]
|
||||
# snmpwalk -c public -v1 localhost .1.3.6.1.2.1.14.1.1
|
||||
OSPF-MIB::ospfRouterId.0 = IpAddress: 192.168.42.109
|
||||
[...]
|
||||
|
||||
|
||||
The AgentX protocol can be transported over a Unix socket or using TCP or UDP.
|
||||
@ -88,10 +89,9 @@ need to configure FRR to use another transport, you can configure it through
|
||||
|
||||
::
|
||||
|
||||
/etc/snmp/frr.conf:
|
||||
[snmpd]
|
||||
# Use a remote master agent
|
||||
agentXSocket tcp:192.168.15.12:705
|
||||
[snmpd]
|
||||
# Use a remote master agent
|
||||
agentXSocket tcp:192.168.15.12:705
|
||||
|
||||
|
||||
.. _smux-configuration:
|
||||
@ -112,26 +112,24 @@ In the following example the ospfd daemon will be connected to the snmpd daemon
|
||||
using the password "frr_ospfd". For testing it is recommending to take exactly
|
||||
the below snmpd.conf as wrong access restrictions can be hard to debug.
|
||||
|
||||
::
|
||||
:file:`/etc/snmp/snmpd.conf`:
|
||||
#
|
||||
# example access restrictions setup
|
||||
#
|
||||
com2sec readonly default public
|
||||
group MyROGroup v1 readonly
|
||||
view all included .1 80
|
||||
access MyROGroup "" any noauth exact all none none
|
||||
#
|
||||
# the following line is relevant for FRR
|
||||
#
|
||||
smuxpeer .1.3.6.1.4.1.3317.1.2.5 frr_ospfd
|
||||
|
||||
/etc/snmp/snmpd.conf:
|
||||
#
|
||||
# example access restrictions setup
|
||||
#
|
||||
com2sec readonly default public
|
||||
group MyROGroup v1 readonly
|
||||
view all included .1 80
|
||||
access MyROGroup "" any noauth exact all none none
|
||||
#
|
||||
# the following line is relevant for FRR
|
||||
#
|
||||
smuxpeer .1.3.6.1.4.1.3317.1.2.5 frr_ospfd
|
||||
|
||||
/etc/frr/ospf:
|
||||
! ... the rest of ospfd.conf has been omitted for clarity ...
|
||||
!
|
||||
smux peer .1.3.6.1.4.1.3317.1.2.5 frr_ospfd
|
||||
!
|
||||
:file:`/etc/frr/ospf`:
|
||||
! ... the rest of ospfd.conf has been omitted for clarity ...
|
||||
!
|
||||
smux peer .1.3.6.1.4.1.3317.1.2.5 frr_ospfd
|
||||
!
|
||||
|
||||
|
||||
After restarting snmpd and frr, a successful connection can be verified in the
|
||||
|
@ -42,7 +42,7 @@ The snmptrap_handle.sh script I personally use for handling BGP4 traps is
|
||||
below. You can of course do all sorts of things when handling traps, like sound
|
||||
a siren, have your display flash, etc., be creative ;).
|
||||
|
||||
::
|
||||
.. code-block:: shell
|
||||
|
||||
#!/bin/bash
|
||||
|
||||
|
120
doc/user/vnc.rst
120
doc/user/vnc.rst
@ -90,7 +90,7 @@ Default values are overridden by :ref:`vnc-nve-group-configuration`.
|
||||
Enter VNC configuration mode for specifying VNC default behaviors. Use
|
||||
`exit-vnc` to leave VNC configuration mode. `vnc defaults` is optional.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
vnc defaults
|
||||
... various VNC defaults
|
||||
@ -142,7 +142,7 @@ Defaults section.
|
||||
Enter VNC configuration mode for defining the NVE group `name`.
|
||||
Use `exit` or `exit-vnc` to exit group configuration mode.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
vnc nve-group group1
|
||||
... configuration commands
|
||||
@ -315,7 +315,7 @@ L2 Group Configuration.
|
||||
Enter VNC configuration mode for defining the L2 group `name`.
|
||||
Use `exit` or `exit-vnc` to exit group configuration mode.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
vnc l2-group group1
|
||||
... configuration commands
|
||||
@ -851,7 +851,9 @@ Tunnel Encapsulation Attribute.
|
||||
|
||||
A three-way full mesh with three NVEs per NVA.
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 1`` (192.168.1.100):::
|
||||
:file:`bgpd.conf` for ``NVA 1`` (192.168.1.100):
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -883,7 +885,9 @@ Tunnel Encapsulation Attribute.
|
||||
|
||||
exit
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 2`` (192.168.1.101):::
|
||||
:file:`bgpd.conf` for ``NVA 2`` (192.168.1.101):
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -905,7 +909,9 @@ Tunnel Encapsulation Attribute.
|
||||
exit-vnc
|
||||
exit
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 3`` (192.168.1.102):::
|
||||
:file:`bgpd.conf` for ``NVA 3`` (192.168.1.102):
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -959,7 +965,9 @@ registrations exported this way have a next-hop address of the CE behind the
|
||||
connected (registering) NVE. Exporting VNC routes as IPv4 unicast is enabled
|
||||
with the ``vnc export`` command below.
|
||||
|
||||
The configuration for ``VNC-GW 1`` is shown below.::
|
||||
The configuration for ``VNC-GW 1`` is shown below.
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
bgp router-id 192.168.1.101
|
||||
@ -994,7 +1002,9 @@ have a statement disabling the IPv4 unicast address family. IPv4 unicast is on
|
||||
by default and this prevents the other VNC-GW and NVAs from learning unicast
|
||||
routes advertised by the route-reflector clients.
|
||||
|
||||
Configuration for ``NVA 2``:::
|
||||
Configuration for ``NVA 2``:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
bgp router-id 192.168.1.104
|
||||
@ -1077,7 +1087,9 @@ As in the example of :ref:`vnc-mesh-nva-config`, there are two NVE groups. The
|
||||
7``, and ``NVE 8`` are members of the NVE group ``group1``. The NVEs ``NVE
|
||||
5``, ``NVE 6``, and ``NVE 9`` are members of the NVE group ``group2``.
|
||||
|
||||
:file:`bgpd.conf` for ``BGP Route Reflector 1`` on 192.168.1.100:::
|
||||
:file:`bgpd.conf` for ``BGP Route Reflector 1`` on 192.168.1.100:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -1106,7 +1118,9 @@ As in the example of :ref:`vnc-mesh-nva-config`, there are two NVE groups. The
|
||||
|
||||
exit
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 2`` on 192.168.1.101:::
|
||||
:file:`bgpd.conf` for ``NVA 2`` on 192.168.1.101:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -1126,28 +1140,30 @@ As in the example of :ref:`vnc-mesh-nva-config`, there are two NVE groups. The
|
||||
exit-vnc
|
||||
exit
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 2`` on 192.168.1.102:::
|
||||
:file:`bgpd.conf` for ``NVA 2`` on 192.168.1.102:
|
||||
|
||||
router bgp 64512
|
||||
.. code-block:: frr
|
||||
|
||||
bgp router-id 192.168.1.102
|
||||
router bgp 64512
|
||||
|
||||
neighbor 192.168.1.100 remote-as 64512
|
||||
bgp router-id 192.168.1.102
|
||||
|
||||
address-family ipv4 vpn
|
||||
neighbor 192.168.1.100 activate
|
||||
exit-address-family
|
||||
neighbor 192.168.1.100 remote-as 64512
|
||||
|
||||
vnc defaults
|
||||
rd 64512:1
|
||||
response-lifetime 200
|
||||
rt both 1000:1 1000:2
|
||||
exit-vnc
|
||||
address-family ipv4 vpn
|
||||
neighbor 192.168.1.100 activate
|
||||
exit-address-family
|
||||
|
||||
vnc nve-group group1
|
||||
prefix vn 172.16.128.0/17
|
||||
exit-vnc
|
||||
exit
|
||||
vnc defaults
|
||||
rd 64512:1
|
||||
response-lifetime 200
|
||||
rt both 1000:1 1000:2
|
||||
exit-vnc
|
||||
|
||||
vnc nve-group group1
|
||||
prefix vn 172.16.128.0/17
|
||||
exit-vnc
|
||||
exit
|
||||
|
||||
While not shown, an NVA can also be configured as a route reflector.
|
||||
|
||||
@ -1218,7 +1234,9 @@ VNC-relevant configuration is provided.
|
||||
}
|
||||
}
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 2`` on 192.168.1.101:::
|
||||
:file:`bgpd.conf` for ``NVA 2`` on 192.168.1.101:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -1238,7 +1256,9 @@ VNC-relevant configuration is provided.
|
||||
exit-vnc
|
||||
exit
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 3`` on 192.168.1.102:::
|
||||
:file:`bgpd.conf` for ``NVA 3`` on 192.168.1.102:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -1277,7 +1297,9 @@ reflector configuration. BGP route reflectors ``BGP Route Reflector 1`` and
|
||||
|
||||
FRR-based NVA with redundant route reflectors
|
||||
|
||||
:file:`bgpd.conf` for ``Bgpd Route Reflector 1`` on 192.168.1.100:::
|
||||
:file:`bgpd.conf` for ``Bgpd Route Reflector 1`` on 192.168.1.100:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -1304,29 +1326,33 @@ reflector configuration. BGP route reflectors ``BGP Route Reflector 1`` and
|
||||
exit-address-family
|
||||
exit
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 2`` on 192.168.1.101:::
|
||||
:file:`bgpd.conf` for ``NVA 2`` on 192.168.1.101:
|
||||
|
||||
router bgp 64512
|
||||
.. code-block:: frr
|
||||
|
||||
bgp router-id 192.168.1.101
|
||||
router bgp 64512
|
||||
|
||||
neighbor 192.168.1.100 remote-as 64512
|
||||
neighbor 192.168.1.104 remote-as 64512
|
||||
bgp router-id 192.168.1.101
|
||||
|
||||
address-family ipv4 vpn
|
||||
neighbor 192.168.1.100 activate
|
||||
neighbor 192.168.1.104 activate
|
||||
exit-address-family
|
||||
neighbor 192.168.1.100 remote-as 64512
|
||||
neighbor 192.168.1.104 remote-as 64512
|
||||
|
||||
vnc nve-group group1
|
||||
prefix vn 172.16.0.0/17
|
||||
rd 64512:1
|
||||
response-lifetime 200
|
||||
rt both 1000:1 1000:2
|
||||
exit-vnc
|
||||
exit
|
||||
address-family ipv4 vpn
|
||||
neighbor 192.168.1.100 activate
|
||||
neighbor 192.168.1.104 activate
|
||||
exit-address-family
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 3`` on 192.168.1.102:::
|
||||
vnc nve-group group1
|
||||
prefix vn 172.16.0.0/17
|
||||
rd 64512:1
|
||||
response-lifetime 200
|
||||
rt both 1000:1 1000:2
|
||||
exit-vnc
|
||||
exit
|
||||
|
||||
:file:`bgpd.conf` for ``NVA 3`` on 192.168.1.102:
|
||||
|
||||
.. code-block:: frr
|
||||
|
||||
router bgp 64512
|
||||
|
||||
@ -1417,7 +1443,7 @@ reflector configuration. BGP route reflectors ``BGP Route Reflector 1`` and
|
||||
}
|
||||
}
|
||||
|
||||
.. [#] The nve-id is carriedin the route distinguisher. It is the second octet
|
||||
.. [#] The nve-id is carried in the route distinguisher. It is the second octet
|
||||
of the eight-octet route distinguisher generated for Ethernet / L2
|
||||
advertisements. The first octet is a constant 0xFF, and the third
|
||||
through eighth octets are set to the L2
|
||||
|
@ -240,7 +240,8 @@ defines static prefix and gateway.
|
||||
|
||||
Some example configuration:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
ip route 10.0.0.0/8 10.0.0.2
|
||||
ip route 10.0.0.0/8 ppp0
|
||||
ip route 10.0.0.0/8 null0
|
||||
@ -256,7 +257,7 @@ defines static prefix and gateway.
|
||||
A.B.C.D format, user must define NETMASK value with A.B.C.D
|
||||
format. GATEWAY is same option as above command.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
ip route 10.0.0.0 255.255.255.0 10.0.0.2
|
||||
ip route 10.0.0.0 255.255.255.0 ppp0
|
||||
@ -270,9 +271,9 @@ defines static prefix and gateway.
|
||||
|
||||
Installs the route with the specified distance.
|
||||
|
||||
Multiple nexthop static route
|
||||
Multiple nexthop static route:
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
ip route 10.0.0.1/32 10.0.0.2
|
||||
ip route 10.0.0.1/32 10.0.0.3
|
||||
@ -294,7 +295,7 @@ nexthops, if the platform supports this.
|
||||
* is directly connected, eth0
|
||||
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
ip route 10.0.0.0/8 10.0.0.2
|
||||
ip route 10.0.0.0/8 10.0.0.3
|
||||
@ -373,30 +374,30 @@ unicast topology!
|
||||
|
||||
MODE sets the method used to perform RPF lookups. Supported modes:
|
||||
|
||||
urib-only
|
||||
Performs the lookup on the Unicast RIB. The Multicast RIB is never used.
|
||||
urib-only
|
||||
Performs the lookup on the Unicast RIB. The Multicast RIB is never used.
|
||||
|
||||
mrib-only
|
||||
Performs the lookup on the Multicast RIB. The Unicast RIB is never used.
|
||||
mrib-only
|
||||
Performs the lookup on the Multicast RIB. The Unicast RIB is never used.
|
||||
|
||||
mrib-then-urib
|
||||
Tries to perform the lookup on the Multicast RIB. If any route is found,
|
||||
that route is used. Otherwise, the Unicast RIB is tried.
|
||||
mrib-then-urib
|
||||
Tries to perform the lookup on the Multicast RIB. If any route is found,
|
||||
that route is used. Otherwise, the Unicast RIB is tried.
|
||||
|
||||
lower-distance
|
||||
Performs a lookup on the Multicast RIB and Unicast RIB each. The result
|
||||
with the lower administrative distance is used; if they're equal, the
|
||||
Multicast RIB takes precedence.
|
||||
lower-distance
|
||||
Performs a lookup on the Multicast RIB and Unicast RIB each. The result
|
||||
with the lower administrative distance is used; if they're equal, the
|
||||
Multicast RIB takes precedence.
|
||||
|
||||
longer-prefix
|
||||
Performs a lookup on the Multicast RIB and Unicast RIB each. The result
|
||||
with the longer prefix length is used; if they're equal, the
|
||||
Multicast RIB takes precedence.
|
||||
longer-prefix
|
||||
Performs a lookup on the Multicast RIB and Unicast RIB each. The result
|
||||
with the longer prefix length is used; if they're equal, the
|
||||
Multicast RIB takes precedence.
|
||||
|
||||
The `mrib-then-urib` setting is the default behavior if nothing is
|
||||
configured. If this is the desired behavior, it should be explicitly
|
||||
configured to make the configuration immune against possible changes in
|
||||
what the default behavior is.
|
||||
The `mrib-then-urib` setting is the default behavior if nothing is
|
||||
configured. If this is the desired behavior, it should be explicitly
|
||||
configured to make the configuration immune against possible changes in
|
||||
what the default behavior is.
|
||||
|
||||
.. warning::
|
||||
Unreachable routes do not receive special treatment and do not cause
|
||||
@ -477,7 +478,7 @@ The following creates a prefix-list that matches all addresses, a route-map
|
||||
that sets the preferred source address, and applies the route-map to all
|
||||
*rip* routes.
|
||||
|
||||
::
|
||||
.. code-block:: frr
|
||||
|
||||
ip prefix-list ANY permit 0.0.0.0/0 le 32
|
||||
route-map RM1 permit 10
|
||||
|
Loading…
Reference in New Issue
Block a user