01-08 Typical Routing Configuration

S600-E Series Switches
Typical Configuration Examples 8 Typical Routing Configuration
8 Typical Routing Configuration
8.1 Typical Static Route Configuration

8.2 Typical OSPF Configuration
8.3 Typical PBR Configuration
8.1 Typical Static Route Configuration
8.1.1 Example for Configuring Static Routes for Interworking

Between Different Network Segments
Static Route Overview

Static routes use less bandwidth than dynamic routes and do not use CPU
resources for route calculation and update analysis. They are manually configured
by administrators. If a network fault occurs or the topology changes, static routes
must be manually reconfigured as they cannot be automatically updated. Static
routes have five parameters: destination IP address, mask, outbound interface,
next hop, and priority.
Static routes are generally suitable for simple networks. However, they can be
used on complex networks to improve network performance and ensure
bandwidth for important applications.
Configuration Notes
● Communication between two devices is bidirectional, so reachable routes
must be available in both directions. To enable two devices to communicate
through static routes, configure a static route on the local device and then
configure a return route on the peer device.
● If an enterprise network has two egresses, two equal-cost static routes can be
configured for load balancing. In this case, two non-equal-cost static routes
can be configured for active/standby backup. When the active link is faulty,
traffic is switched from the active link to the standby link.
Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 335

● This example applies to all versions of the S600-E.
Networking Requirements
As shown in Figure 8-1, hosts on different network segments are connected using
several switches. Every two hosts on different network segments can communicate
with each other without using dynamic routing protocols.
Figure 8-1 Networking diagram of configuring static routes for interworking

between different network segments
Configuration Roadmap
The configuration roadmap is as follows:
1. Create VLANs, add interfaces to the VLANs, and assign IPv4 addresses to
VLANIF interfaces so that neighboring devices can communicate with each
other.
2. Configure the IPv4 default gateway on each host, and configure IPv4 static
routes or default static routes on each Switch so that hosts on different
network segments can communicate with each other.
Procedure
Step 1 Create VLANs and add interfaces to the VLANs.
# Configure SwitchA. The configurations of SwitchB and SwitchC are similar.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 10 30
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA-GigabitEthernet0/0/2] port link-type access

[SwitchA-GigabitEthernet0/0/2] port default vlan 30

Step 2 Assign IPv4 addresses to the VLANIF interfaces.

[SwitchA] interface vlanif 10
[SwitchA-Vlanif10] ip address 10.1.4.1 30
[SwitchA-Vlanif10] quit
Step 3 Configure hosts.

Set the default gateway addresses of PC1, PC2, and PC3 to 10.1.1.1, 10.1.2.1, and
10.1.3.1 respectively.
Step 4 Configure static routes.
# Configure a default IPv4 route on SwitchA.
[SwitchA] ip route-static 0.0.0.0 0.0.0.0 10.1.4.2
# Configure two IPv4 static routes on SwitchB.

[SwitchB] ip route-static 10.1.1.0 255.255.255.0 10.1.4.1
[SwitchB] ip route-static 10.1.3.0 255.255.255.0 10.1.4.6
# Configure a default IPv4 route on SwitchC.

[SwitchC] ip route-static 0.0.0.0 0.0.0.0 10.1.4.5
Step 5 Verify the configuration.

# Check the IP routing table on SwitchA.
[SwitchA] display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 7 Routes : 7
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 Static 60 0 RD 10.1.4.2 Vlanif10

10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif30
10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif30
10.1.4.0/30 Direct 0 0 D 10.1.4.1 Vlanif10
10.1.4.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
# Run the ping command to verify the connectivity.

[SwitchA] ping 10.1.3.1
PING 10.1.3.1: 56 data bytes, press CTRL_C to break
Reply from 10.1.3.1: bytes=56 Sequence=1 ttl=253 time=62 ms
--- 10.1.3.1 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 62/62/63 ms

# Run the tracert command to verify the connectivity.

[SwitchA] tracert 10.1.3.1
traceroute to 10.1.3.1(10.1.3.1), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.1.4.2 31 ms 32 ms 31 ms
2 10.1.3.1 62 ms 63 ms 62 ms
----End
Configuration Files
● SwitchA configuration file
#
sysname SwitchA
#
vlan batch 10 30
#
interface Vlanif10
ip address 10.1.4.1 255.255.255.252
#
interface Vlanif30
ip address 10.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
port link-type access
port default vlan 30
#
ip route-static 0.0.0.0 0.0.0.0 10.1.4.2
#
return
● SwitchB configuration file

#
sysname SwitchB
#
vlan batch 10 20 40
#
interface Vlanif10
ip address 10.1.4.2 255.255.255.252
#
interface Vlanif20
ip address 10.1.4.5 255.255.255.252
#
interface Vlanif40
ip address 10.1.2.1 255.255.255.0
#
#
#
#
ip route-static 10.1.1.0 255.255.255.0 10.1.4.1
ip route-static 10.1.3.0 255.255.255.0 10.1.4.6
#
return
● SwitchC configuration file

#
sysname SwitchC
#
vlan batch 20 50
#
interface Vlanif20
ip address 10.1.4.6 255.255.255.252
#
interface Vlanif50
ip address 10.1.3.1 255.255.255.0
#
#
#
ip route-static 0.0.0.0 0.0.0.0 10.1.4.5
#
return
8.1.2 Example for Configuring Static Routes for Load

Balancing
Configuration Notes
NOTE
To view detailed information about software mappings, visit Info-Finder, select a product
series or product model, and click Hardware Center.
On the network shown in Figure 8-2, PC1 and PC2 are connected through four
switches. Data traffic can be transmitted from PC1 to PC2 through two links: PC1-

>SwitchA->SwitchB->SwitchC->PC2 and PC1->SwitchA->SwitchD->SwitchC->PC2.

To improve link efficiency, users want to implement load balancing between the
two links. That is, traffic from PC1 to PC2 is evenly balanced between the two
links. When faults occur on one of the two links, traffic is automatically switched
to the other link.
NOTE
In this scenario, ensure that all connected interfaces have STP disabled. If STP is enabled
and VLANIF interfaces of switches are used to construct a Layer 3 ring network, an
interface on the network will be blocked. As a result, Layer 3 services on the network
cannot run normally.
Figure 8-2 Configuring static routes for load balancing
1. Create VLANs, add interfaces to the VLANs, and assign IP addresses to VLANIF
interfaces.
2. Configure static routes in two directions of data traffic.
3. Configure IP address and default gateways for hosts.
Procedure
Step 1 Specify the VLANs to which interfaces belong.
# Configure SwitchA. The configurations of SwitchB, SwitchC, and SwitchD are
similar.
[SwitchA] vlan batch 10 100 400


Step 2 Configure an IP address for each VLANIF interface.

similar.
Step 3 Configure static routes from PC1 to PC2.
# On SwitchA, configure two equal-cost static routes. The next hop of one route
points to SwitchB, and that of the other route points to SwitchD. This
configuration can implement load balancing for traffic from PC1 to PC2.
[SwitchA] ip route-static 10.1.2.0 24 192.168.12.2
# Configure SwitchB.
[SwitchB] ip route-static 10.1.2.0 24 192.168.23.2
# Configure SwitchD.
[SwitchD] ip route-static 10.1.2.0 24 192.168.34.1
# On SwitchC, configure two equal-cost static routes. The next hop of one route
points to SwitchB, and that of the other route points to SwitchD. This
configuration can implement load balancing for traffic from PC2 to PC1.
[SwitchC] ip route-static 10.1.1.0 24 192.168.23.1
Assign IP address 10.1.1.2/24 and default gateway IP address 10.1.1.1 to PC1;

assign IP address 10.1.2.2/24 and default gateway IP address 10.1.2.1 to PC2.


------------------------------------------------------------------------------
10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif10

10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
10.1.2.0/24 Static 60 0 RD 192.168.12.2 Vlanif100
Static 60 0 RD 192.168.14.2 Vlanif400
192.168.12.0/24 Direct 0 0 D 192.168.12.1 Vlanif100
192.168.12.1/32 Direct 0 0 D 127.0.0.1 Vlanif100
192.168.14.0/24 Direct 0 0 D 192.168.14.1 Vlanif400
192.168.14.1/32 Direct 0 0 D 127.0.0.1 Vlanif400
The IP routing table on SwitchA contains two equal-cost routes to network

segment 10.1.2.0/24. In this situation, data traffic is evenly balanced between two
different links, achieving load balancing.
----End
Configuration Files
#
sysname SwitchA
#
vlan batch 10 100 400
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
#
interface Vlanif100
ip address 192.168.12.1 255.255.255.0
#
interface Vlanif400
ip address 192.168.14.1 255.255.255.0
#
#
#
#
ip route-static 10.1.2.0 255.255.255.0 192.168.12.2
ip route-static 10.1.2.0 255.255.255.0 192.168.14.2
#
return

#
sysname SwitchB
#

vlan batch 100 200

#
interface Vlanif100
ip address 192.168.12.2 255.255.255.0
#
interface Vlanif200
ip address 192.168.23.1 255.255.255.0
#
#
#
ip route-static 10.1.1.0 255.255.255.0 192.168.12.1
ip route-static 10.1.2.0 255.255.255.0 192.168.23.2
#
return
#
sysname SwitchC
#
#
interface Vlanif20
ip address 10.1.2.1 255.255.255.0
#
interface Vlanif200
ip address 192.168.23.2 255.255.255.0
#
interface Vlanif300
ip address 192.168.34.1 255.255.255.0
#
#
#
#
ip route-static 10.1.1.0 255.255.255.0 192.168.23.1
ip route-static 10.1.1.0 255.255.255.0 192.168.34.2
#
return
● SwitchD configuration file
#
sysname SwitchD
#
vlan batch 300 400
#
interface Vlanif300
ip address 192.168.34.2 255.255.255.0
#
interface Vlanif400
ip address 192.168.14.2 255.255.255.0
#
#


#
ip route-static 10.1.1.0 255.255.255.0 192.168.14.1
ip route-static 10.1.2.0 255.255.255.0 192.168.34.1
#
return
8.1.3 Example for Configuring Static Routes for Link Backup

Configuration Notes
On the network shown in Figure 8-3, PC1 and PC2 are connected through four
switches. Data traffic of PC1 can reach PC2 through two links: PC1->SwitchA-
>SwitchB->SwitchC->PC2 and PC1->SwitchA->SwitchD->SwitchC->PC2. To improve
reliability, users want to implement backup between the two links. That is, traffic
from PC1 to PC2 is first transmitted through the link that passes through SwitchB.
When faults occur on this link, traffic is automatically switched to the link that
passes through SwitchD.
NOTE

Figure 8-3 Configuring static routes for link backup
1. Create VLANs, add interfaces to the VLANs, and assign IP addresses to VLANIF
interfaces.
2. Configure static routes in two directions of data traffic.
3. Configure IP address and default gateways for hosts.
Procedure

similar.


similar.

# On SwitchA, configure two static routes with different priorities. The next hop of
one route points to SwitchB, and that of the other route points to SwitchD.
Subsequently, data traffic is first forwarded to SwitchB. When faults occur on the
link that passes through SwitchB, the traffic is automatically switched to SwitchD.
[SwitchA] ip route-static 10.1.2.0 24 192.168.14.2 preference 70
Step 4 Configure static routes from PC2 to PC1 and ensure that the active and standby
links in two directions are the same.
# On SwitchC, configure two static routes with different priorities. The next hop of
one route points to SwitchB, and that of the other route points to SwitchD.
Subsequently, data traffic is first forwarded to SwitchB. When faults occur on the
link that passes through SwitchB, traffic is automatically switched to SwitchD.
[SwitchC] ip route-static 10.1.1.0 24 192.168.34.2 preference 70

Assign IP address 10.1.1.2/24 and default gateway IP address 10.1.1.1 to PC1;
assign IP address 10.1.2.2/24 and default gateway IP address 10.1.2.1 to PC2.
------------------------------------------------------------------------------

10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif10

10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
10.1.2.0/24 Static 60 0 RD 192.168.12.2 Vlanif100
192.168.12.0/24 Direct 0 0 D 192.168.12.1 Vlanif100
192.168.12.1/32 Direct 0 0 D 127.0.0.1 Vlanif100
192.168.14.0/24 Direct 0 0 D 192.168.14.1 Vlanif400
192.168.14.1/32 Direct 0 0 D 127.0.0.1 Vlanif400
# Check detailed information about the IP routing table on SwitchA.

[SwitchA] display ip routing-table 10.1.2.0 24 verbose
------------------------------------------------------------------------------
Routing Table : Public
Summary Count : 2
Destination: 10.1.2.0/24
Protocol: Static Process ID: 0
Preference: 60 Cost: 0
NextHop: 192.168.12.2 Neighbour: 0.0.0.0
State: Active Adv Relied Age: 00h13m13s
Tag: 0 Priority: medium
Label: NULL QoSInfo: 0x0
IndirectID: 0x80000001
RelayNextHop: 0.0.0.0 Interface: Vlanif100
TunnelID: 0x0 Flags: RD
Destination: 10.1.2.0/24
Protocol: Static Process ID: 0
Preference: 70 Cost: 0
NextHop: 192.168.14.2 Neighbour: 0.0.0.0
State: Inactive Adv Relied Age: 00h00m45s
Tag: 0 Priority: medium
Label: NULL QoSInfo: 0x0
IndirectID: 0x80000002
RelayNextHop: 0.0.0.0 Interface: Vlanif400
TunnelID: 0x0 Flags: R
The IP routing table on SwitchA contains only one active route to network
segment 10.1.2.0/24. Normally, data traffic from PC1 to PC2 is transmitted
through the link that passes through SwitchB. Detailed information about the IP
routing table on SwitchA shows two routes to network segment 10.1.2.0/24: one
Active route that passes through SwitchB and the other Inactive route that passes
through SwitchD. When faults occur on the active link, the Inactive route will
become active to take over the traffic. This implements link backup.
----End
Configuration Files
#
sysname SwitchA
#
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
#
interface Vlanif100
ip address 192.168.12.1 255.255.255.0
#
interface Vlanif400

ip address 192.168.14.1 255.255.255.0

#
#
#
#
ip route-static 10.1.2.0 255.255.255.0 192.168.12.2
ip route-static 10.1.2.0 255.255.255.0 192.168.14.2 preference 70
#
return
#
sysname SwitchB
#
vlan batch 100 200
#
interface Vlanif100
ip address 192.168.12.2 255.255.255.0
#
interface Vlanif200
ip address 192.168.23.1 255.255.255.0
#
#
#
ip route-static 10.1.1.0 255.255.255.0 192.168.12.1
ip route-static 10.1.2.0 255.255.255.0 192.168.23.2
#
return
#
sysname SwitchC
#
#
interface Vlanif20
ip address 10.1.2.1 255.255.255.0
#
interface Vlanif200
ip address 192.168.23.2 255.255.255.0
#
interface Vlanif300
ip address 192.168.34.1 255.255.255.0
#
#
#

#
ip route-static 10.1.1.0 255.255.255.0 192.168.23.1
ip route-static 10.1.1.0 255.255.255.0 192.168.34.2 preference 70
#
return
● SwitchD configuration file
#
sysname SwitchD
#
vlan batch 300 400
#
interface Vlanif300
ip address 192.168.34.2 255.255.255.0
#
interface Vlanif400
ip address 192.168.14.2 255.255.255.0
#
#
#
ip route-static 10.1.1.0 255.255.255.0 192.168.14.1
ip route-static 10.1.2.0 255.255.255.0 192.168.34.1
#
return
8.1.4 Example for Configuring NQA for IPv4 Static Routes

Overview of NQA for IPv4 Static Routes
The network quality analysis (NQA) technology measures network performance
and collects statistics on the delay, jitter, and packet loss ratio. NQA can measure
real-time network QoS, and perform effective network fault diagnosis and
location.
On a simple network or on a network where the route to the destination cannot
be established using dynamic routing protocols, static routes can be configured.
Unlike dynamic routing protocols, static routes do not have a dedicated detection
mechanism. If a fault occurs, static routes cannot detect the fault, and the
network administrator must delete the corresponding static route. This delays the
link switchover and may cause lengthy service interruptions.
BFD for IPv4 static routes is adaptable to link changes but both ends of the link
must support BFD. If either end of a link does not support BFD, NQA for IPv4
static routes can be configured. When an NQA test instance detects a link fault, it
instructs the routing management module to delete the associated static route
from the IP routing table. Then service traffic switches to a route without any link
fault to prevent lengthy service interruptions.
Configuration Notes
As shown in Figure 8-4, SwitchA on a company network is connected to two
egress routers (RouterA and RouterB) through two default static routes to

implement load balancing. The company wants to deploy a link failure detection
mechanism for the default static routes, so that traffic can be switched from a
faulty link to the other functioning link promptly to prevent services from being
interrupted.
NOTE
Figure 8-4 Configuring NQA for IPv4 static routes
1. Create VLANs, add interfaces to the VLANs, and configure IP addresses for
VLANIF interfaces, so that neighboring devices can communicate with each
other.
2. Create ICMP NQA test instances to monitor the status of links.
ICMP NQA test instances need to be created on the NQA client SwitchA to
detect the status of links between SwitchA and RouterA and between SwitchA
and RouterB.
3. Configure default static routes and bind them to the NQA test instances.
Default static routes destined for RouterA and RouterB need to be configured
on SwitchA and bound to NQA test instances. In this way, if an NQA test
instance detects a link failure, traffic is switched to the other link.

Procedure
Step 1 On SwitchA, create VLANs and add interfaces to them.
Step 2 On SwitchA, configure an IP address for each VLANIF interface.

Step 3 On SwitchA, configure NQA test instances.

[SwitchA] nqa test-instance user test1
[SwitchA-nqa-user-test1] test-type icmp
[SwitchA-nqa-user-test1] destination-address ipv4 10.1.10.1
[SwitchA-nqa-user-test1] frequency 11
[SwitchA-nqa-user-test1] probe-count 2
[SwitchA-nqa-user-test1] interval seconds 5
[SwitchA-nqa-user-test1] timeout 4
[SwitchA-nqa-user-test1] start now
[SwitchA-nqa-user-test1] quit
[SwitchA] nqa test-instance user test2
[SwitchA-nqa-user-test2] test-type icmp
[SwitchA-nqa-user-test2] destination-address ipv4 10.1.20.1
[SwitchA-nqa-user-test2] frequency 11
[SwitchA-nqa-user-test2] probe-count 2
[SwitchA-nqa-user-test2] interval seconds 5
[SwitchA-nqa-user-test2] timeout 4
[SwitchA-nqa-user-test2] start now
[SwitchA-nqa-user-test2] quit
Step 4 Configure default static routes and bind them to the NQA test instances.
[SwitchA] ip route-static 0.0.0.0 0.0.0.0 10.1.10.1 track nqa user test1
[SwitchA] ip route-static 0.0.0.0 0.0.0.0 10.1.20.1 track nqa user test2
# Check the configuration of NQA for default static routes. The command output
shows that the default static routes have been bound to NQA test instances.
[SwitchA] display current-configuration | include nqa
ip route-static 0.0.0.0 0.0.0.0 10.1.10.1 track nqa user test1
nqa test-instance user test1
# Check NQA test results.

[SwitchA] display nqa results test-instance user test1
NQA entry(user, test1) :testflag is active ,testtype is icmp

1 . Test 10 result The test is finished
Send operation times: 2 Receive response times: 2
Completion:success RTD OverThresholds number: 0
Attempts number:1 Drop operation number:0
Disconnect operation number:0 Operation timeout number:0
System busy operation number:0 Connection fail number:0
Operation sequence errors number:0 RTT Status errors number:0
Destination ip address:10.1.10.1
Min/Max/Average Completion Time: 30/30/30
Sum/Square-Sum Completion Time: 7/25
Last Good Probe Time: 2014-09-09 09:55:38.2
Lost packet ratio: 0 %

Completion:success and Lost packet ratio: 0 % in the command output show

that the links between SwitchA and RouterA and between SwitchA and RouterB
are normal.
# Check the routing table. The command output shows that there are two default
static routes destined for RouterA and RouterB, respectively.
------------------------------------------------------------------------------
0.0.0.0/0 Static 60 0 RD 10.1.10.1 Vlanif100

Static 60 0 RD 10.1.20.1 Vlanif200
10.1.10.0/24 Direct 0 0 D 10.1.10.2 Vlanif100
10.1.10.2/32 Direct 0 0 D 127.0.0.1 Vlanif100
10.1.20.0/24 Direct 0 0 D 10.1.20.2 Vlanif200
10.1.20.2/32 Direct 0 0 D 127.0.0.1 Vlanif200
10.1.30.0/24 Direct 0 0 D 10.1.30.2 Vlanif300
10.1.30.2/32 Direct 0 0 D 127.0.0.1 Vlanif300
# Shut down GigabitEthernet0/0/2 on SwitchA to simulate a link fault.

[SwitchA-GigabitEthernet0/0/2] shutdown
# Check NQA test results.





Completion:failed RTD OverThresholds number: 0
Completion:failed and Lost packet ratio: 100 % in the command output show
that the link between SwitchA and RouterB is faulty.
# Check the routing table. Only the default static route to RouterA is available.
------------------------------------------------------------------------------
0.0.0.0/0 Static 60 0 RD 10.1.10.1 Vlanif100

10.1.10.0/24 Direct 0 0 D 10.1.10.2 Vlanif100
10.1.10.2/32 Direct 0 0 D 127.0.0.1 Vlanif100
10.1.30.0/24 Direct 0 0 D 10.1.30.2 Vlanif300
10.1.30.2/32 Direct 0 0 D 127.0.0.1 Vlanif300
----End
Configuration Files
SwitchA configuration file
#
sysname SwitchA
#
#
interface Vlanif100
ip address 10.1.10.2 255.255.255.0
#
interface Vlanif200
ip address 10.1.20.2 255.255.255.0
#
interface Vlanif300
ip address 10.1.30.2 255.255.255.0
#


#
#
#
#
test-type icmp
destination-address ipv4 10.1.10.1
frequency 11
interval seconds 5
timeout 4
probe-count 2
start now
#
test-type icmp
destination-address ipv4 10.1.20.1
frequency 11
interval seconds 5
timeout 4
probe-count 2
start now
#
return
8.1.5 Example for Configuring EFM for IPv4 Static Routes

Overview of EFM for IPv4 Static Routes
Ethernet in the first mile (EFM) defines the specifications of the Ethernet physical
layer for user access and implements Ethernet management and maintenance.
EFM provides link-level operation and management (OAM), for example, link
connectivity detection, link fault monitoring, remote fault notification, and remote
loopback functions on a link between two directly-connected devices.
Static routes are easy to configure and therefore widely used on networks with
simple structures. Unlike dynamic routing protocols, static routes do not have a
dedicated detection mechanism. If a fault occurs, static routes cannot detect the
fault, and the network administrator must delete the corresponding static route.
This delays the link switchover and may cause lengthy service interruptions. IP
networks are being used more often to carry multiple services such as voice and
video services. These services pose high requirements on network reliability, and
fast fault detection and processing. EFM for IPv4 static routes can be configured to
provide the detection mechanism for static routes so that they can detect the link
quality changes in real time and switch services immediately.
Configuration Notes
● By default, EFM is disabled globally and on interfaces.
● After EFM OAM is enabled on an interface, the interface starts to send OAM
PDUs to perform the point-to-point EFM link detection. EFM link detection
can be implemented between two interfaces only after EFM OAM is enabled
on the peer interface.

As shown in Figure 8-5, SwitchA connects to the NMS across a network segment
through SwitchB. SwitchA and SwitchB need to detect the link quality in real time.
When the link between them becomes faulty, the corresponding static route is
deleted from the IP routing table. Then traffic switches from the faulty link to a
normal route to improve network reliability.
Figure 8-5 Networking for configuring EFM for a static IPv4 route
1. Enable EFM OAM globally and on interfaces of SwitchA and SwitchB to
implement real-time link quality detection.
2. Configure a static route from SwitchA to the NMS and bind it to the EFM
state to associate the static route with EFM. When a link where the static
route resides becomes faulty, traffic switches to a route without link faults.
Procedure
Step 1 Specify the VLAN to which the interfaces belong.
# Configure SwitchA. The configuration of SwitchB is similar.
[SwitchA] vlan 10
[SwitchA-vlan10] quit

# Configure SwitchA. The configuration of SwitchB is similar.
Step 3 Configure an EFM session between SwitchA and SwitchB.

# Enable EFM OAM on SwitchA.
[SwitchA] efm enable //Enable EFM globally.

[SwitchA-GigabitEthernet0/0/1] efm enable //Enable EFM on an interface.

# Enable EFM OAM on SwitchB.

[SwitchB] efm enable //Enable EFM globally.
[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] efm enable //Enable EFM on an interface.
[SwitchB-GigabitEthernet0/0/1] quit
Step 4 Configure a static route and bind it to the EFM state.
# Configure a static route from SwitchA to the external network and bind it to the
EFM state of GigabitEthernet0/0/1.
[SwitchA] ip route-static 192.168.2.0 24 192.168.1.2 track efm-state gigabitethernet0/0/1
# After the configuration is complete, run the display efm session all command
on SwitchA and SwitchB. The command output shows that an EFM session has
been set up and in detect mode. That is, the interface is in handshake state. The
following uses the display on SwitchA as an example.
[SwitchA] display efm session all
Interface EFM State Loopback Timeout
----------------------------------------------------------------------
GigabitEthernet0/0/1 detect --
# Check the IP routing table on SwitchA. The IP routing table contains the static
route.
------------------------------------------------------------------------------

192.168.1.0/24 Direct 0 0 D 192.168.1.1 Vlanif10
192.168.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
192.168.2.0/24 Static 60 0 RD 192.168.1.2 Vlanif10
# Run the undo efm enable command in the view of GigabitEthernet0/0/1 on

SwitchB to simulate a link fault.
[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] undo efm enable
# Run the display efm session all command on SwitchA. The command output
shows that the EFM OAM protocol state is discovery, indicating that the interface
is in OAM discovery state.
----------------------------------------------------------------------
GigabitEthernet0/0/1 discovery --
# Check the IP routing table on SwitchA. The IP routing table does not contain the
static route 192.168.2.0/24. This is because the static route is bound to the EFM
state. After EFM OAM detects a link fault, it rapidly notifies SwitchA that the static
route is unavailable.


------------------------------------------------------------------------------

192.168.1.0/24 Direct 0 0 D 192.168.1.1 Vlanif10
192.168.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
# Run the efm enable command in the view of GigabitEthernet0/0/1 on SwitchB

to simulate link recovery.
[SwitchB-GigabitEthernet0/0/1]efm enable
# Run the display efm session all command on SwitchA. The command output
shows that the EFM OAM protocol state is detect, indicating that the interface is
in handshake state again.
----------------------------------------------------------------------
GigabitEthernet0/0/1 detect --
# Check the IP routing table on SwitchA. The IP routing table contains the static
route 192.168.2.0/24 again. After EFM OAM detects that the link recovers from a
fault, it rapidly notifies that the bound static route is valid again.
------------------------------------------------------------------------------

192.168.1.0/24 Direct 0 0 D 192.168.1.1 Vlanif10
192.168.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
192.168.2.0/24 Static 60 0 RD 192.168.1.2 Vlanif10
----End
Configuration Files
#
sysname SwitchA
#
vlan batch 10
#
efm enable
#
interface Vlanif10
ip address 192.168.1.1 255.255.255.0
#
efm enable
#
ip route-static 192.168.2.0 255.255.255.0 192.168.1.2 track efm-state GigabitEthernet0/0/1

#
return

#
sysname SwitchB
#
vlan batch 10 20
#
efm enable
#
interface Vlanif10
ip address 192.168.1.2 255.255.255.0
#
interface Vlanif20
ip address 192.168.2.2 255.255.255.0
#
efm enable
#
#
return
8.2 Typical OSPF Configuration
8.2.1 Example for Configuring Basic OSPF Functions
OSPF Overview
The Open Shortest Path First (OSPF) protocol is a link-state Interior Gateway
Protocol (IGP) developed by the Internet Engineering Task Force (IETF). OSPF
Version 2 defined in RFC 2328 is used in IPv4.
OSPF is loop-free, provides fast route convergence, and supports area partitioning,
equal-cost routes, authentication, and multicast transmission. Therefore, OSPF is
widely used as the mainstream IGP in various industries, including the enterprise,
carrier, government, finance, education, and health care industries.
OSPF uses the hierarchical design, provides various routing policies, and applies to
networks of different sizes and topologies. OSPF is often the first choice for
deploying an IGP.
Configuration Notes
● Each router ID in an OSPF process must be unique on an OSPF network.
Otherwise, the OSPF neighbor relationship cannot be established and routing
information is incorrect. You are advised to configure a unique router ID for
each OSPF process on an OSPF device.
● OSPF partitions an AS into different areas, in which Area 0 is the backbone
area. OSPF requires that all non-backbone areas maintain the connectivity
with the backbone area and devices in the backbone area maintain the
connectivity with each other.

● Network types of interfaces on both ends of a link must be the same;

otherwise, the two interfaces cannot establish an OSPF neighbor relationship.
On a link, if the network type of one OSPF interface is broadcast and the
other is P2P, the two OSPF interfaces can still establish an OSPF neighbor
relationship but cannot learn routing information from each other.
● The IP address masks of OSPF interfaces on both ends of a link must be the
same; otherwise, the two OSPF interfaces cannot establish an OSPF neighbor
relationship. On a P2MP network, however, you can run the ospf p2mp-
mask-ignore command to disable a device from checking the network mask
so that an OSPF neighbor relationship can be established.
● On a broadcast or NBMA network, there must be at least one OSPF interface
of which the DR priority is not 0 to ensure that the DR can be elected.
Otherwise, the neighbor status of devices on both ends can only be 2-Way.
NOTE
As shown in Figure 8-6, SwitchA, SwitchB, and SwitchC reside on the OSPF
network. The three switches need to communicate with each other, and SwitchA
and SwitchB function as core switches to support network expansion.
Figure 8-6 Networking diagram for configuring basic OSPF functions
1. Configure an IP address for each VLANIF interface on each switch and specify
the VLAN to which the interfaces belong to implement interworking.
2. Configure basic OSPF functions on each switch and partition the OSPF
network into Area 0 and Area 1 with SwitchA as the area border router (ABR).
Consequently, the area where SwitchA and SwitchB reside becomes the
backbone area and can be used to expand the OSPF network.
Procedure



Step 3 Configure basic OSPF functions.

# Configure SwitchA.
[SwitchA] ospf 1 router-id 10.1.1.1 //Create an OSPF process 1 with the router ID 10.1.1.1.
[SwitchA-ospf-1] area 0 //Create Area 0 and enter the Area 0 view.
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255 //Configure a network segment in Area 0.
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] area 1 //Create Area 1 and enter the Area 1 view.
[SwitchA-ospf-1-area-0.0.0.1] network 192.168.1.0 0.0.0.255 //Configure a network segment in Area 1.
[SwitchA-ospf-1-area-0.0.0.1] return
[SwitchB] ospf 1 router-id 10.2.2.2
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] return
# Configure SwitchC.
[SwitchC] ospf 1 router-id 10.3.3.3
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] network 192.168.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.1] return

# Check information about OSPF neighbors of SwitchA.
<SwitchA> display ospf peer
OSPF Process 1 with Router ID 10.1.1.1

Neighbors
Area 0.0.0.0 interface 192.168.0.1(Vlanif10)'s neighbors

Router ID: 10.2.2.2 Address: 192.168.0.2
State: Full Mode:Nbr is Master Priority: 1
DR: 192.168.0.2 BDR: 192.168.0.1 MTU: 0
Dead timer due in 36 sec
Retrans timer interval: 5
Neighbor is up for 00:15:04
Authentication Sequence: [ 0 ]
Neighbors

Area 0.0.0.1 interface 192.168.1.1(Vlanif20)'s neighbors

Router ID: 10.3.3.3 Address: 192.168.1.2
State: Full Mode:Nbr is Master Priority: 1
DR: 192.168.1.2 BDR: 192.168.1.1 MTU: 0
Dead timer due in 39 sec
Retrans timer interval: 5
Neighbor is up for 00:07:32
Authentication Sequence: [ 0 ]
# Check OSPF routing information on SwitchC.

<SwitchC> display ospf routing

Routing Tables
Routing for Network

Destination Cost Type NextHop AdvRouter Area
192.168.1.0/24 1 Transit 192.168.1.2 10.3.3.3 0.0.0.1
192.168.0.0/24 2 Inter-area 192.168.1.1 10.1.1.1 0.0.0.1
Total Nets: 2
Intra Area: 1 Inter Area: 1 ASE: 0 NSSA: 0
The preceding command output shows that SwitchC has a route to 192.168.0.0/24
and the route is an inter-area route.
# Check the routing table on SwitchB and perform the ping operation to test the
connectivity between SwitchB and SwitchC.
<SwitchB> display ospf routing

Routing Tables
Routing for Network

192.168.0.0/24 1 Transit 192.168.0.2 10.2.2.2 0.0.0.0
192.168.1.0/24 2 Inter-area 192.168.0.1 10.1.1.1 0.0.0.0
Total Nets: 2
The preceding command output shows that SwitchB has a route to 192.168.1.0/24
and the route is an inter-area route.
# On SwitchB, perform a ping operation to test the connectivity between SwitchB

and SwitchC.
<SwitchB> ping 192.168.1.2
PING 192.168.1.2: 56 data bytes, press CTRL_C to break
--- 192.168.1.2 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 16/59/94 ms
----End

Configuration Files
#
sysname SwitchA
#
vlan batch 10 20
#
interface Vlanif10
ip address 192.168.0.1 255.255.255.0
#
interface Vlanif20
ip address 192.168.1.1 255.255.255.0
#
#
#
ospf 1 router-id 10.1.1.1
area 0.0.0.0
network 192.168.0.0 0.0.0.255
area 0.0.0.1
network 192.168.1.0 0.0.0.255
#
return

#
sysname SwitchB
#
vlan batch 10
#
interface Vlanif10
ip address 192.168.0.2 255.255.255.0
#
#
area 0.0.0.0
network 192.168.0.0 0.0.0.255
#
return

#
sysname SwitchC
#
vlan batch 20
#
interface Vlanif20
ip address 192.168.1.2 255.255.255.0
#
#
area 0.0.0.1
network 192.168.1.0 0.0.0.255
#
return

8.2.2 Example for Configuring an OSPF Stub Area
Stub Area Overview

A stub area is an area that does not allow an ABR to advertise received AS
external routes. In a stub area, the routing table size and transmitted routing
information volume of routers are greatly reduced. A stub area is often placed at
the edge of an AS. To ensure the reachability of a destination outside the AS, the
ABR in the stub area generates a default route and advertises it to the non-ABR
routers in the stub area.
Assume that a device of Company H connects to the backbone area through a

single link. The device has low performance and a small routing table. The area
where the device resides needs to access other areas or network segments outside
the OSPF area, and the next-hop address of routes of the device is the IP address
of the next-hop core device of the link. Therefore, the area where the device
resides does not need to learn a large number of OSPF external routes and can be
configured as a stub area. This configuration can reduce the routing table size of
the area and resource consumption of the device.
Configuration Notes
● The backbone area cannot be configured as a stub area.
● An ASBR cannot exist in a stub area. That is, external routes are not
advertised in a stub area.
● A virtual link cannot pass through a stub area.
● To configure an area as a stub area, configure stub area attributes on all the
routers in this area using the stub command.
● To configure an area as a totally stub area, run the stub command on all the
routers in this area, and run the stub no-summary command on the ABR in
this area.
● The stub no-summary command can only be configured on an ABR to
prevent the ABR from advertising Type 3 LSAs within a stub area. After this
command is configured on the ABR, the area becomes a totally stub area, the
number of routing entries on routers in the area is reduced, and there are
only intra-area routes and a default route advertised by the ABR.
NOTE
As shown in Figure 8-7, SwitchA, SwitchB, and SwitchC run OSPF, and the OSPF
network is divided into Area 0 and Area 1. SwitchB functions as an ASBR to
communicate with external networks. The OSPF routing table size on SwitchC
needs to be reduced without affecting communication.

Figure 8-7 Networking diagram for OSPF stub area configuration
1. Configure basic OSPF functions on each switch to implement interworking in
the OSPF network.
2. Configure a static route on SwitchB and import the route to the OSPF routing
table to ensure that there is a reachable route from the OSPF network to
external networks.
3. Configure Area 1 as a stub area to reduce the OSPF routing table size on
SwitchC.
4. Prohibit the ABR (SwitchA) in Area 1 from advertising Type 3 LSAs within the
stub area to configure Area 1 as a totally stub area. This configuration
minimizes the OSPF routing table size on SwitchC.
Procedure

# Configure SwitchA. The configurations of Switch B and SwitchC are similar.

[SwitchA] ospf 1 router-id 10.1.1.1
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[SwitchA-ospf-1] quit
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] quit
Step 4 Configure SwitchB to import a static route.

[SwitchB] ip route-static 10.0.0.0 8 null 0
[SwitchB] ospf 1
[SwitchB-ospf-1] import-route static type 1 //SwitchB functions as an ASBR and imports external routes.
# Check the OSPF routing table on SwitchC. The command output shows that the
OSPF routing table contains an AS external route.
[SwitchC] display ospf routing

Routing Tables
Routing for Network

192.168.1.0/24 1 Transit 192.168.1.2 10.3.3.3 0.0.0.1
192.168.0.0/24 2 Inter-area 192.168.1.1 10.1.1.1 0.0.0.1
Routing for ASEs

Destination Cost Type Tag NextHop AdvRouter
10.0.0.0/8 3 Type1 1 192.168.1.1 10.2.2.2
Total Nets: 3
Step 5 Configure Area 1 as a stub area.

[SwitchA] ospf 1
[SwitchA-ospf-1-area-0.0.0.1] stub //Configure Area 1 as a stub area. All the routers in Area 1 must have
the stub command configured.
[SwitchC] ospf 1
[SwitchC-ospf-1-area-0.0.0.1] stub //Configure Area 1 as a stub area. All the routers in Area 1 must have

the stub command configured.

OSPF routing table does not contain the AS external route 10.0.0.0/8 but contains
a default route to external networks.

Routing Tables
Routing for Network

192.168.1.0/24 1 Transit 192.168.1.2 10.3.3.3 0.0.0.1
0.0.0.0/0 2 Inter-area 192.168.1.1 10.1.1.1 0.0.0.1
192.168.0.0/24 2 Inter-area 192.168.1.1 10.1.1.1 0.0.0.1
Total Nets: 3
Step 6 Configure Area 1 as a totally stub area.

[SwitchA] ospf 1
[SwitchA-ospf-1-area-0.0.0.1] stub no-summary //Configure Area 1 as a totally stub area. An ABR in Area
1 must have the stub no-summary command configured, while other routers in Area 1 must have the stub
command configured.

OSPF routing table contains only an intra-area OSPF route and a default route to
external networks but does not contain the Inter-Area route 192.168.0.0/24.

Routing Tables
Routing for Network

192.168.1.0/24 1 Transit 192.168.1.2 10.3.3.3 0.0.0.1
0.0.0.0/0 2 Inter-area 192.168.1.1 10.1.1.1 0.0.0.1
Total Nets: 2
----End
Configuration Files
#
sysname SwitchA
#
vlan batch 10 20
#
interface Vlanif10
ip address 192.168.0.1 255.255.255.0
#
interface Vlanif20
ip address 192.168.1.1 255.255.255.0
#


#
#
area 0.0.0.0
network 192.168.0.0 0.0.0.255
area 0.0.0.1
network 192.168.1.0 0.0.0.255
stub no-summary
#
return

#
sysname SwitchB
#
vlan batch 10
#
interface Vlanif10
ip address 192.168.0.2 255.255.255.0
#
#
import-route static type 1
area 0.0.0.0
network 192.168.0.0 0.0.0.255
#
ip route-static 10.0.0.0 255.0.0.0 NULL0
#
return

#
sysname SwitchC
#
vlan batch 20
#
interface Vlanif20
ip address 192.168.1.2 255.255.255.0
#
#
area 0.0.0.1
network 192.168.1.0 0.0.0.255
stub
#
return
8.2.3 Example for Configuring an OSPF NSSA
NSSA Overview
An NSSA is a special type of OSPF area. It is similar to a stub area in that neither
of them transmits routes learned from other areas in the AS they reside. The
difference is that an NSSA allows AS external routes to be imported and
advertised in the entire AS whereas a stub area does not. To ensure the

reachability of AS external routes, the ABR in an NSSA generates a default route

and advertises the route to the other routers in the NSSA.
An NSSA allows Type 7 LSAs (NSSA External LSAs) to be advertised. Type 7 LSAs
are generated by the ASBR of the NSSA. When reaching the ABR of the NSSA,
these LSAs can be translated into Type 5 LSAs (AS External LSAs) and advertised
to other areas.
Assume that a device of Company H connects to the backbone area through a
single link. The device has low performance and a small routing table. The
company wants to configure the area where the device resides as a stub area to
reduce the routing table size and system resource consumption of the device. In
addition, AS external routes need to be imported and advertised to the entire AS.
However, a stub area cannot meet this requirement because it does not allow
received AS external routes to be advertised. Therefore, the area needs to be
configured as an NSSA.
Configuration Notes
● The backbone area cannot be configured as an NSSA.
● To configure an area as an NSSA, configure NSSA attributes on all the routers
in this area.
● A virtual link cannot pass through an NSSA.
● To reduce the number of LSAs that are transmitted to the NSSA, configure
no-summary on an ABR. This prevents the ABR from transmitting Type 3
LSAs to the NSSA, making the area a totally NSSA.
NOTE
As shown in Figure 8-8, SwitchA, SwitchB, SwitchC, and SwitchD run OSPF, and
the OSPF network is divided into Area 0 and Area 1. Devices in Area 1 need to be
prohibited from receiving external routes imported from other areas and to
communicate with external networks using the external routes imported by the
ASBR in Area 1. SwitchB transmits many services, so SwitchA needs to translate
Type 7 LSAs into Type 5 LSAs and send the LSAs to other OSPF areas.
NOTE

Figure 8-8 Networking diagram for OSPF NSSA configuration
1. Configure basic OSPF functions on each switch to implement interworking in
the OSPF network.
2. Configure Area 1 as an NSSA, configure a static route on SwitchD, and
configure SwitchD to import the static route into the OSPF routing table so
that switches in Area 1 can communicate with external networks only through
SwitchD.
3. Configure SwitchA as an LSA translator to translate Type 7 LSAs into Type 5
LSAs and send the LSAs to other OSPF areas.
Procedure
similar.

similar.


[SwitchA] ospf 1 router-id 10.1.1.1
[SwitchD] ospf 1 router-id 10.4.4.4
[SwitchD-ospf-1] area 1
[SwitchD-ospf-1-area-0.0.0.1] network 192.168.3.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.1] network 192.168.4.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.1] quit
[SwitchD-ospf-1] quit
Step 4 Configure Area 1 as an NSSA.

[SwitchA] ospf 1
[SwitchA-ospf-1-area-0.0.0.1] nssa //Configure Area 1 as an NSSA. All the devices in Area 1 must have the
nssa command configured.
[SwitchB] ospf 1
[SwitchB-ospf-1-area-0.0.0.1] nssa //Configure Area 1 as an NSSA. All the devices in Area 1 must have the
[SwitchD] ospf 1
[SwitchD-ospf-1] area 1
[SwitchD-ospf-1-area-0.0.0.1] nssa //Configure Area 1 as an NSSA. All the devices in Area 1 must have the
[SwitchD-ospf-1-area-0.0.0.1] quit

Step 5 Configure SwitchD to import a static route.

[SwitchD] ip route-static 172.16.0.0 16 null 0
[SwitchD] ospf 1
[SwitchD-ospf-1] import-route static //Configure SwitchD to function as an ASBR of the NSSA to import
external routes.
# Check the OSPF routing table on SwitchC.


Routing Tables
Routing for Network

192.168.1.0/24 1 Transit 192.168.1.2 10.3.3.3 0.0.0.0
192.168.2.0/24 1 Transit 192.168.2.2 10.3.3.3 0.0.0.0
192.168.3.0/24 2 Inter-area 192.168.1.1 10.1.1.1 0.0.0.0
192.168.4.0/24 2 Inter-area 192.168.2.1 10.2.2.2 0.0.0.0
Routing for ASEs
172.16.0.0/16 1 Type2 1 192.168.1.1 10.2.2.2
Total Nets: 5
The command output shows that the AS external routes imported into the NSSA
are advertised by SwitchB to other areas. That is, SwitchB translates Type 7 LSAs
into Type 5 LSAs. This is because OSPF selects the ABR with a larger router ID as
an LSA translator.
Step 6 Configure SwitchA as an LSA translator.

[SwitchA] ospf 1
[SwitchA-ospf-1-area-0.0.0.1] nssa translator-always
# Wait for 40 seconds and then check the OSPF routing table on SwitchC.

Routing Tables
Routing for Network

192.168.1.0/24 1 Transit 192.168.1.2 10.3.3.3 0.0.0.0
192.168.2.0/24 1 Transit 192.168.2.2 10.3.3.3 0.0.0.0
192.168.3.0/24 2 Inter-area 192.168.1.1 10.1.1.1 0.0.0.0
192.168.4.0/24 2 Inter-area 192.168.2.1 10.2.2.2 0.0.0.0
Routing for ASEs
172.16.0.0/16 1 Type2 1 192.168.1.1 10.1.1.1
Total Nets: 5
The command output shows that the AS external routes imported into the NSSA
are advertised by SwitchA to other areas. That is, SwitchA translates Type 7 LSAs
into Type 5 LSAs.

NOTE
By default, the new LSA translator works with the previous LSA translator to translate LSAs
for 40 seconds. After 40 seconds, only the new LSA translator translates LSAs.
----End
Configuration Files
#
sysname SwitchA
#
vlan batch 10 30
#
interface Vlanif10
ip address 192.168.1.1 255.255.255.0
#
interface Vlanif30
ip address 192.168.3.1 255.255.255.0
#
#
#
area 0.0.0.0
network 192.168.1.0 0.0.0.255
area 0.0.0.1
network 192.168.3.0 0.0.0.255
nssa translator-always
#
return

#
sysname SwitchB
#
vlan batch 20 40
#
interface Vlanif20
ip address 192.168.2.1 255.255.255.0
#
interface Vlanif40
ip address 192.168.4.2 255.255.255.0
#
#
#
area 0.0.0.0
network 192.168.2.0 0.0.0.255
area 0.0.0.1
network 192.168.4.0 0.0.0.255
nssa
#
return


#
sysname SwitchC
#
vlan batch 10 20
#
interface Vlanif10
ip address 192.168.1.2 255.255.255.0
#
interface Vlanif20
ip address 192.168.2.2 255.255.255.0
#
#
#
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
#
return
● Configuration file of SwitchD

#
sysname SwitchD
#
vlan batch 30 40
#
interface Vlanif30
ip address 192.168.3.2 255.255.255.0
#
interface Vlanif40
ip address 192.168.4.1 255.255.255.0
#
#
#
import-route static
area 0.0.0.1
network 192.168.3.0 0.0.0.255
network 192.168.4.0 0.0.0.255
nssa
#
ip route-static 172.16.0.0 255.255.0.0 NULL0
#
return
8.3 Typical PBR Configuration

8.3.1 Example for Configuring Traffic Policies to Implement

Policy-based Routing (Redirection to Different Next Hops)
Policy-based Routing Overview
Traditionally, a device searches its routing table for routes based on destination
addresses of received packets and then forwards the packets according to the
routes. Currently, more users require packet routing based on user-defined policies.
Policy-based routing (PBR) is a data forwarding mechanism implemented based
on user-defined policies.
On S series switches, PBR is implemented by redirecting incoming Layer 3 packets
that match traffic classification rules on an interface to a specified next-hop IP
address.
When a specific data flow needs to be transmitted to a specified next hop, PBR
can be configured to meet this requirement. For example, different data flows can
be transmitted on different links to improve link efficiency. Data flows can be
directed to security devices such as firewalls for security filtering. Service data can
be transmitted on a low-cost link to reduce enterprises' data service costs without
compromising service quality.
Configuration Notes
● If a device does not have the ARP entry that matches the specified next-hop
IP address, the device triggers ARP learning. If the device cannot learn the
ARP entry, packets are forwarded along the previous forwarding path without
being redirected.
● If multiple next-hop IP addresses are configured using the redirect ip-
nexthop or redirect ipv6-nexthop command, the device redirects packets in
active/standby link mode. That is, the device determines active and standby
links according to the sequence in which next-hop IP addresses were
configured. The first configured next-hop IP address has the highest priority
and its link functions as the active link, while links of other next-hop IP
addresses function as standby links. When the active link is Down, the
standby link of the second-highest-priority next-hop IP address is selected as
the new active link.
NOTE
As shown in Figure 8-9, an enterprise network is dual-homed to two external
network devices through the Switch. One uplink is a high-speed link with the
gateway at 10.1.20.1/24, and the other is a low-speed link with the gateway at
10.1.30.1/24.
The enterprise intranet has two network segments: 192.168.1.0/24 and
192.168.2.0/24. Network segment 192.168.1.0/24 belongs to the server zone and
requires high link bandwidth. Therefore, traffic of this network segment needs to

be transmitted on the high-speed link. Network segment 192.168.2.0/24 is used

for Internet access and traffic of this network segment is transmitted on the low-
speed link.
Figure 8-9 PBR networking
1. Create VLANs, configure interfaces, and configure routes to connect enterprise
users to the external network.
2. Configure ACLs to match data flows of network segments 192.168.1.0 and
192.168.2.0.
3. Create traffic classifiers and reference the ACLs to differentiate packets.
4. Configure traffic behaviors to transmit data traffic matching different ACLs on
different links and allow traffic transmitted between the intranet users to pass
through first.
5. Configure a traffic policy, bind the traffic classifiers and traffic behaviors to it,
and apply it to the inbound direction of GE0/0/3 on the Switch to implement
PBR.
Procedure
Step 1 Create VLANs, configure interfaces, and configure routes for interworking.
# Create VLANs 10 and 20 on SwitchA.
# On Switch, set the link types of the interfaces connected to PCs to access and
interface connected to the Switch to trunk, and add the interfaces to VLANs.

[SwitchA-GigabitEthernet0/0/3] port trunk allow-pass vlan 10 20

# Create VLANs 10, 20, 100, and 200 on the Switch.

[HUAWEI] sysname Switch
[Switch] vlan batch 10 20 100 200
# On the Switch, set the link types of the interfaces connected to SwitchA to trunk
and interface connected to the external network to access, and add the interfaces
to VLANs.
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type access
[Switch-GigabitEthernet0/0/1] port default vlan 100
[Switch-GigabitEthernet0/0/1] quit
[Switch-GigabitEthernet0/0/2] port link-type access
[Switch-GigabitEthernet0/0/2] port default vlan 200
[Switch-GigabitEthernet0/0/3] port link-type trunk
[Switch-GigabitEthernet0/0/3] port trunk allow-pass vlan 10 20
# On the Switch, configure VLANIF10 and VLANIF20 as user gateways and assign
IP addresses 192.168.1.1/24 and 192.168.2.1/24 to them.
[Switch] interface vlanif 10
[Switch-Vlanif10] ip address 192.168.1.1 24
[Switch-Vlanif10] quit
# On the Switch, configure VLANIF 100 and VLANIF 200 to connect to external
network devices and assign IP addresses to 10.1.20.2/24 and 10.1.30.2/24 to them,
respectively.
# On the Switch, configure two default routes and set their next-hop IP addresses
to IP addresses of the two external network devices.
[Switch] ip route-static 0.0.0.0 0 10.1.20.1
[Switch] ip route-static 0.0.0.0 0 10.1.30.1
After the preceding configuration is complete, intranet users can access the
external network. To ensure that data flows of network segments 192.168.1.0/24
and 192.168.2.0/24 are transmitted on the high-speed link and low-speed link
respectively, perform the following configurations.
Step 2 Configure ACLs.
# On the Switch, create advanced ACLs 3000, 3001, and 3002.
[Switch] acl 3000 //This ACL is used to match data traffic between two network segments of the intranet.
The data traffic does not need to be redirected. If this configuration is not performed, traffic between the
network segments will be redirected. As a result, communication between the network segments will fail.

[Switch-acl-adv-3000] rule permit ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255

[Switch-acl-adv-3000] rule permit ip source 192.168.2.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
Switch-acl-adv-3000] quit
[Switch] acl 3001 //Match data traffic of the intranet network segment 192.168.1.0/24.
[Switch-acl-adv-3001] rule permit ip source 192.168.1.0 0.0.0.255
[Switch-acl-adv-3001] quit
[Switch] acl 3002 //Match data traffic of the intranet network segment 192.168.2.0/24.
[Switch-acl-adv-3002] rule permit ip source 192.168.2.0 0.0.0.255
[Switch-acl-adv-3002] quit
Step 3 Configure traffic classifiers.

On the Switch, create traffic classifiers c0, c1, and c2, and bind c0 to ACL 3000, c1
to ACL 3001, and c2 to ACL 3002.
[Switch] traffic classifier c0 operator or
[Switch-classifier-c0] if-match acl 3000
[Switch-classifier-c0] quit
Step 4 Configure traffic behaviors.

# On the Switch, create traffic behaviors b0, b1, and b2, configure the permit
action in b0, and configure actions that redirect packets to IP addresses 10.1.20.1
and 10.1.30.1 in b1 and b2 respectively.
[Switch] traffic behavior b0
[Switch-behavior-b0] permit
[Switch-behavior-b0] quit
[Switch-behavior-b1] redirect ip-nexthop 10.1.20.1
[Switch-behavior-b2] redirect ip-nexthop 10.1.30.1
Step 5 Configure a traffic policy and apply the traffic policy to an interface.
# On the Switch, create a traffic policy p1 and bind the traffic classifiers and
traffic behaviors to this traffic policy.
[Switch] traffic policy p1
[Switch-trafficpolicy-p1] classifier c0 behavior b0
[Switch-trafficpolicy-p1] quit
# Apply the traffic policy p1 to the inbound direction of GE0/0/3 on the Switch.
[Switch-GigabitEthernet0/0/3] traffic-policy p1 inbound
[Switch-GigabitEthernet0/0/3] return

# Check the ACL configuration.
<Switch> display acl 3000
Advanced ACL 3000, 2 rules
Acl's step is 5
rule 5 permit ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255
Advanced ACL 3001, 1 rule

Acl's step is 5
rule 5 permit ip source 192.168.1.0 0.0.0.255
Advanced ACL 3002, 1 rule
Acl's step is 5
# Check the traffic classifier configuration.

<Switch> display traffic classifier user-defined
User Defined Classifier Information:
Classifier: c2
Operator: OR
Rule(s) : if-match acl 3002
Classifier: c0
Operator: OR
Classifier: c1
Operator: OR
Total classifier number is 3
# Check the traffic policy configuration.

<Switch> display traffic policy user-defined p1
User Defined Traffic Policy Information:
Policy: p1
Classifier: c0
Operator: OR
Behavior: b0
Permit
Classifier: c1
Operator: OR
Behavior: b1
Permit
Redirect: no forced
Redirect ip-nexthop
10.1.20.1
Classifier: c2
Operator: OR
Behavior: b2
Permit
Redirect: no forced
Redirect ip-nexthop
10.1.30.1
----End
Configuration Files
#
sysname SwitchA
#
vlan batch 10 20
#
#
#


port trunk allow-pass vlan 10 20
#
return
● Switch configuration file

#
sysname Switch
#
vlan batch 10 20 100 200
#
acl number 3000
acl number 3001
acl number 3002
#
traffic classifier c0 operator or
if-match acl 3000
if-match acl 3001
if-match acl 3002
#
traffic behavior b0
permit
traffic behavior b1
redirect ip-nexthop 10.1.20.1
traffic behavior b2
redirect ip-nexthop 10.1.30.1
#
traffic policy p1
classifier c0 behavior b0
#
interface Vlanif10
ip address 192.168.1.1 255.255.255.0
#
interface Vlanif20
ip address 192.168.2.1 255.255.255.0
#
interface Vlanif100
ip address 10.1.20.2 255.255.255.0
#
interface Vlanif200
ip address 10.1.30.2 255.255.255.0
#
#
#
port trunk allow-pass vlan 10 20
traffic-policy p1 inbound
#
ip route-static 0.0.0.0 0.0.0.0 10.1.20.1
ip route-static 0.0.0.0 0.0.0.0 10.1.30.1
#
return

01-08 Typical Routing Configuration

Uploaded by

Copyright:

Available Formats

01-08 Typical Routing Configuration

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

01-08 Typical Routing Configuration

Uploaded by

Copyright:

Available Formats

S600-E Series Switches

Typical Configuration Examples 8 Typical Routing Configuration

8 Typical Routing Configuration

8.1 Typical Static Route Configuration

8.1 Typical Static Route Configuration

8.1.1 Example for Configuring Static Routes for Interworking

Static Route Overview

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 335

● This example applies to all versions of the S600-E.

Figure 8-1 Networking diagram of configuring static routes for interworking

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 336

[SwitchA-GigabitEthernet0/0/2] port default vlan 30

Step 2 Assign IPv4 addresses to the VLANIF interfaces.

Step 3 Configure hosts.

# Configure two IPv4 static routes on SwitchB.

# Configure a default IPv4 route on SwitchC.

Step 5 Verify the configuration.

Destination/Mask Proto Pre Cost Flags NextHop Interface

0.0.0.0/0 Static 60 0 RD 10.1.4.2 Vlanif10

# Run the ping command to verify the connectivity.

--- 10.1.3.1 ping statistics ---

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 337

# Run the tracert command to verify the connectivity.

● SwitchB configuration file

● SwitchC configuration file

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 338

8.1.2 Example for Configuring Static Routes for Load

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 339

>SwitchA->SwitchB->SwitchC->PC2 and PC1->SwitchA->SwitchD->SwitchC->PC2.

Figure 8-2 Configuring static routes for load balancing

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 340

[SwitchA] interface gigabitethernet 0/0/1

Step 2 Configure an IP address for each VLANIF interface.

# Configure SwitchA. The configurations of SwitchB, SwitchC, and SwitchD are

Step 3 Configure static routes from PC1 to PC2.

Step 4 Configure static routes from PC2 to PC1.

Step 5 Configure hosts.

Assign IP address 10.1.1.2/24 and default gateway IP address 10.1.1.1 to PC1;

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 341

Step 6 Verify the configuration.

Destination/Mask Proto Pre Cost Flags NextHop Interface

10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif10

The IP routing table on SwitchA contains two equal-cost routes to network

● SwitchB configuration file

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 342

vlan batch 100 200

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 343

port link-type trunk

8.1.3 Example for Configuring Static Routes for Link Backup

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 344

Figure 8-3 Configuring static routes for link backup

# Configure SwitchA. The configurations of SwitchB, SwitchC, and SwitchD are

Step 2 Configure an IP address for each VLANIF interface.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 345

# Configure SwitchA. The configurations of SwitchB, SwitchC, and SwitchD are

Step 3 Configure static routes from PC1 to PC2.

Step 5 Configure hosts.

Destination/Mask Proto Pre Cost Flags NextHop Interface

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 346

10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif10