Cisco IOS-XR Routing Configuration Guide

Transcription

1 Cisco IOS-XR Software Release 2.0 Cpate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA USA Tel: NETS (6387) Fax: Text Part Number: OL

2 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of Califnia, Berkeley (UCB) as part of UCB s public domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of Califnia. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Changing the Way We Wk, Live, Play, and Learn, and iquick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwk Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scecard, LightStream, Linksys, MeetingPlace, MGX, the Netwkers logo, Netwking Academy, Netwk Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/ its affiliates in the United States and certain other countries. All other trademarks mentioned in this document Website are the property of their respective owners. The use of the wd partner does not imply a partnership relationship between Cisco and any other company. (0403R) Copyright 2004 Cisco Systems, Inc. All rights reserved.

3 CONTENTS Implementing BGP on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software RC-5 RC-27 RC-69 Implementing and Moniting RIB on Cisco IOS-XR Software RC-129 Implementing Routing Policy on Cisco IOS-XR Software Implementing Static Routes on Cisco IOS-XR Software RC-141 RC-181 iii

4 Contents iv

5 Implementing BGP on Cisco IOS-XR Software The Bder Gateway Protocol (BGP) is an Exteri Gateway Protocol (EGP) that allows you to create loop-free interdomain routing between autonomous systems. An autonomous system is a set of routers under a single technical administration. Routers in an autonomous system can use multiple Interi Gateway Protocols (IGP) to exchange routing infmation inside the autonomous system and an EGP to route packets outside the autonomous system. This module describes infmation that is unique to BGP f IPv4 and IPv6 implementation in Cisco IOS-XR Software. Feature Histy f the Implementing BGP on Cisco IOS-XR Configuration Module Release Release 2.0 Modification This feature was introduced. Note F a complete description of the BGP commands listed in this module, refer to the BGP Commands on Cisco IOS-XR Software module of the Cisco IOS-XR Routing Command Reference publication. To locate documentation f other commands that appear in this module, search online in the individual index documents associated with the appropriate software product, such as the IP Security Software Product. Contents Infmation About Implementing BGP on Cisco IOS-XR Software, page RC-6 How to Implement BGP on Cisco IOS-XR Software, page RC-23 Configuration Examples f Implementing BGP on Cisco IOS-XR Software, page RC-24 Where to Go Next, page RC-25 Additional References, page RC-25 Cpate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA USA Copyright 2004 Cisco Systems, Inc. All rights reserved.

6 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software To implement BGP you need to understand the following concepts: BGP Functional Overview, page RC-6 Comparison of Cisco IOS BGP and Cisco IOS-XR BGP, page RC-6 Routing Policy in Cisco IOX-XR BGP, page RC-7 Routing Policy Enfcement, page RC-9 BGP Router Identifier, page RC-10 BGP Default Limits, page RC-10 Configuration Grouping, page RC-11 Update Groups, page RC-22 BGP Functional Overview BGP uses TCP as its transpt protocol. Two BGP routers fm a TCP connection between one another (peer routers) and exchange messages to open and confirm the connection parameters. BGP routers exchange netwk reachability infmation. This infmation is mainly an indication of the full paths (BGP Autonomous System numbers) that a route should take in der to reach the destination netwk. This infmation helps in construction of a graph that shows which Autonomous Systems that are loop-free and where routing policies can be applied to enfce restrictions on routing behavi. Any two routers fming a TCP connection to exchange BGP routing infmation are called peers neighbs. BGP peers initially exchange their full BGP routing tables. After this exchange, incremental updates are sent as the routing table changes. BGP keeps a version number of the BGP table, which is the same f all of its BGP peers. The version number changes whenever BGP updates the table due to routing infmation changes. Keepalive packets are sent to ensure that the connection is alive between the BGP peers and notification packets are sent in response to err special conditions. Comparison of Cisco IOS BGP and Cisco IOS-XR BGP Many legacy features found in Cisco IOS BGP are not found in Cisco IOS-XR BGP. F example, BGP synchronization and BGP autosummary are not found in Cisco IOS-XR BGP IPv4 IPv6. Also, Cisco IOS-XR BGP suppts update groups and configuration grouping, but does not suppt peer groups (n their configuration grouping analog, peer templates). One imptant difference between Cisco IOS BGP and Cisco IOS-XR BGP is that the latter has a neighb-based Command Line Interface (CLI), which is discussed below in the context of configuration grouping. F me infmation, refer to Configuration Grouping section on page 11. Outbound router filter (ORF) is suppted in Cisco IOS Release 12.2(4)T and is suppted in Cisco IOS-XR software. ORF-capable routers can use ORFs to prevent their peers from sending them routes that they will drop after applying an inbound prefix list. The ORF router sends its inbound prefix list to a neighb (which must also be ORF-capable), and the neighb executes the prefix-list befe sending routes back. Thus, any routes that do not pass the prefix list are not sent. Use of this feature saves bandwidth because less infmation is sent between the routers. RC-6

7 Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software Graceful restart is suppted in recent versions of Cisco IOS software (12.0S) and is suppted in Cisco IOS-XR software. Graceful restart is the mechanism by which BGP routing peers avoid changes to their fwarding paths following a switchover. If the BGP peer has received this capability, it is aware that the device sending the message is nonstop fwarding (NSF)-capable. Both the NSF-capable router and its BGP peers (NSF-aware peers) need to exchange the graceful restart capability in their OPEN messages, at the time of session establishment. If both peers do not exchange the graceful restart capability, the session will not be graceful restart-capable. If the BGP session is lost during a Route Process (RP) switchover BGP process restart, the NSF-aware BGP peer marks all the routes associated with the NSF-capable router as stale; however, it continues to use these routes to make fwarding decisions f a set period of time. This functionality means that no packets are lost while the newly active RP is waiting f convergence of the routing infmation with its BGP peers. After a failover event occurs, the NSF-capable router reestablishes the session with the BGP peer. In establishing the new session, it sends a new graceful restart message that identifies the NSF-capable router as having restarted. At this point, the routing infmation is exchanged between the two BGP peers. Once this exchange is complete, the NSF-capable device uses the newly received routing infmation to update the RIB and the Fwarding Infmation Base (FIB) with the new fwarding infmation. The NSF-aware device uses the netwk infmation to remove stale routes from its BGP table. The BGP protocol is then fully converged. If a BGP peer does not suppt the graceful restart capability, it will igne the graceful restart capability in an OPEN message but will establish a BGP session with the NSF-capable device. This functionality will allow interoperability with non-nsf-aware BGP peers (and without NSF functionality), but the BGP session with non-nsf-aware BGP peers will not be graceful restart-capable. Routing Policy in Cisco IOX-XR BGP An imptant difference between Cisco IOS software and Cisco IOS-XR software is in the application of routing policy f BGP. In Cisco IOS software, route maps, prefix lists, and AS-path filter lists are used to filter and modify BGP routes. These tools are used in various configuration and show commands in BGP. F example, they can be used to set inbound and outbound policy on a BGP neighb, to set policy when routes are installed in the RIB, when routes are redistributed into BGP, when aggregates are fmed. In Cisco IOS-XR software, most route map usage is replaced by the routing policy language (RPL). Me details about RPL can be found in Implementing Routing Policy Language in Cisco IOS-XR Software. Table 1, Table 2, and Table 3 map route map commands once used with BGP to the RPL commands now used in their place. F full details of each command, please refer to the BGP Commands on Cisco IOS-XR Software module of the Cisco IOS-XR Routing Command Reference publication. Table 1 Mapping Route Map Commands in Neighb Address-Family Configuration Submode to Routing Policy Commands Route Map Command advertise-map map [non-]exist-map map default-iginate route-map name filter-list number [in out] prefix-list name in Replaced by Routing Policy Command Retained no replacement default-iginate policy name policy name [in out] Retained no replacement RC-7

8 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software Route Map Command prefix-list name out route-map name {in out} unsuppress-map name Replaced by Routing Policy Command policy name out policy name {in out} Retained no replacement Table 2 Mapping Route Map Commands in Global Address-Family Configuration Submode to Routing Policy Commands Route Map Command bgp dampening route-map name aggregate-address prefix advertise-map name aggregate-address prefix attribute-map name aggregate-address prefix suppress-map name netwk prefix route-map name redistribute protocol route-map name table-policy name Replaced by Routing Policy Command bgp dampening policy name aggregate-address prefix policy name aggregate-address prefix policy name aggregate-address prefix policy name netwk prefix policy name redistribute protocol policy name New command Table 3 Mapping Route Map Show Commands to Routing Policy Show Commands Route Map Command show bgp community-list number show bgp filter-list number show bgp flap-statistics filter-list number show bgp route-map name show bgp prefix-list name show bgp policy filter-list num show bgp policy prefix-list name show bgp policy route-map name show bgp policy unsuppress-map name Replaced by Routing Policy Command show bgp route-policy name show bgp route-policy name Retained no replacement show bgp route-policy name show bgp route-policy name show bgp policy route-policy name show bgp policy route-policy name show bgp policy route-policy name Retained no replacement One clear command clear bgp flap-statistics filter-list number is retained. No replacement is found in the RPL commands. F the most part, using RPL is similar to using route maps. One imptant difference is that me verification is done with RPL to ensure that the policy is appropriate f the place in which it is being used. F instance, you cannot use an RPL policy in BGP if it has not been defined (using the route-policy command). Similarly, if a route policy tries to set the OSPF tag parameter, you cannot use it in BGP. Also, if a route policy sets the traffic-index parameter, you cannot use it as an inbound neighb policy (because the traffic-index parameter applies only to routes being installed into the RIB). F full details, refer to Implementing Routing Policy Language in Cisco IOS-XR Software. RC-8

9 Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software Routing Policy Enfcement External BGP (ebgp) neighbs must have an inbound and an outbound policy configured. If no policy is configured, no routes will be accepted from the neighb, n will any routes be advertised to it. This added security measure ensures that routes cannot accidentally be accepted advertised in the case where a configuration err results in the intended policy being rejected. Note This enfcement affects only ebgp neighbs (neighbs in a different autonomous system than this netwking device). F internal BGP (ibgp) neighbs (neighbs in the same autonomous system), all routes will be accepted advertised if there is no policy. In the following example, f an ebgp neighb, if all routes should be accepted and advertised with no modifications, configure a simple pass-all policy: RP/0/0/CPU0:router# configuration RP/0/0/CPU0:router(config)# route-policy pass-all RP/0/0/CPU0:router(config-rpl)# pass RP/0/0/CPU0:router(config-rpl)# end-policy RP/0/0/CPU0:router(config)# commit Use the policy command in the neighb address-family configuration mode to apply the pass-all policy to a neighb. The following example allows all IPv4 unicast routes to be received from neighb , and advertises all IPv4 unicast routes back to it: RP/0/0/CPU0:router(config)# router bgp 1 RP/0/0/CPU0:router(config-bgp)# neighb RP/0/0/CPU0:router(config-bgp-nbr)# remote-as 2 RP/0/0/CPU0:router(config-bgp-nbr)# address-family ipv4 unicast RP/0/0/CPU0:router(config-bgp-nbr-af)# policy pass-all in RP/0/0/CPU0:router(config-bgp-nbr-af)# policy pass-all out RP/0/0/CPU0:router(config-bgp-nbr-af)# commit Use the show bgp summary command to display ebgp neighbs that do not have both an inbound and outbound policy f every active address family. In the following example, such ebgp neighbs are indicated in the output with an exclamation () mark: RP/0/0/CPU0:router# show bgp summary BGP router identifier , local AS number 1 BGP generic scan interval 60 secs BGP main routing table version 1 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RecvTblVer brib/rib SendTblVer Speaker Some configured ebgp neighbs do not have any policy configured (f some address family, either inbound outbound). Such neighbs will default to sending and/ receiving no routes. These neighbs are marked with '' in the output below. Use 'show bgp neighb <neighb>' f full details Neighb Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd :00:00 Idle :00:00 Idle RC-9

10 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software BGP Router Identifier In der f neighb sessions to be established, BGP must be assigned a router ID. The router ID is sent to BGP peers in the OPEN message when a BGP session is established. BGP attempts to obtain a router ID in the following ways (in der of preference): By means of the address configured using the bgp router-id command in the BGP router configuration mode. By assigning a primary IPv4 address to the interface specified using the bgp router-id command in the router configuration mode. Note If the specified interface does not have an IPv4 address, is not up, BGP will fail to obtain a router ID. By using the address specified with the router-id command in global configuration mode. By using the primary IPv4 address to the interface specified with the router-id command in global configuration mode. By using the highest IPv4 address on a loopback interface in the system. If none of these methods f obtaining a router ID succeeds, BGP cannot obtain a router ID and cannot establish any peering sessions with BGP neighbs. In such instances, an err message is entered in the system log, and the show bgp summary command will display a router ID of After BGP has obtained a router ID, it continues to use it even if a better router ID becomes available. This avoids unnecessarily flapping f all the BGP sessions. However, if the router ID currently in use becomes invalid (because the interface goes down its configuration is changed), BGP selects a new router ID (using the rules described) and all established peering sessions are reset. It is strongly recommended that the bgp router-id command is configured to prevent unnecessary changes to the router ID (and consequent flapping of BGP sessions). BGP Default Limits Cisco IOS-XR BGP imposes maximum limits on the number of neighbs that can be configured on the router and on the maximum number of prefixes that will be accepted from a peer f a given address family. This limitation safeguards the router from resource depletion caused by misconfiguration, either locally on the remote neighb. The following limits apply to BGP configurations: The maximum number of peers that can be configured is This number cannot be changed through configuration. Any attempt to configure additional peers beyond the limit will fail. In der to prevent a peer from flooding BGP with advertisements, a limit is placed on the number of prefixes that will be accepted from a peer f each suppted address-family. The default limits can be overridden through configuration of the maximum-prefix limit command f the peer f the appropriate address family. The following default limits are used if the user does not configure the maximum number of prefixes f the address family. 512K (524,288) prefixes f IPv4 unicast. 128K (131,072) prefixes f IPv4 multicast. 128K (131,072) prefixes f IPv6 unicast. RC-10

11 Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software A cease notification message will be sent to the neighb and the peering with the neighb will be terminated when the number of prefixes received from the peer f a given address family exceeds the maximum limit (either set by default configured by the user) f that address family. It is possible that the maximum number of prefixes f a neighb f a given address family has been configured after the peering with the neighb has been established and a certain number of prefixes have already been received from the neighb f that address family. A cease notification message will be sent to the neighb and peering with the neighb will be terminated immediately after the configuration if the configured maximum prefix is less than the number of prefixes that have already been received from the neighb f the address family. BGP Validation of Local Next-hop Addresses When Cisco IOS-XR BGP receives a route advertisement from a neighb, it validates the next-hop address contained in the route by verifying that the next-hop address is not the same as an IP address assigned to an interface on this router (f example, a local address). If the received next-hop address is a local address, the update is dropped. However, if the next-hop address is set to a local address by the configured inbound policy, the update is not dropped, treated as a valid next-hop address, and processed nmally in Cisco IOS-XR BGP. This means that the router will advertise to its neighbs that it has a route to the prefix, but any traffic received f that prefix will be dropped. This blackholing effect is often used to automatically protect against DOS attacks on customers hosts. An inbound policy is configured which sets the next-hop to a local address (f example, the address of a loopback interface) when a route with a particular community is received. When a customer finds that a host is under a DOS attack, they send a BGP advertisement f the attacked host s address with the special community attached. This causes the Internet Service Provider (ISP) router to install a route with a local next-hop f that address that drops all traffic destined f it. Configuration Grouping Cisco IOS-XR BGP configuration grouping has the following significant CLI changes from the BGP Cisco IOS software Release 12.2 configuration grouping: Cisco IOS-XR software has a new submode available f neighbs. It is not necessary f every command to have a neighb x.x.x.x prefix. In Cisco IOS-XR software, the configuration is as follows: Router(config-bgp-af)# neighb Router(config-bgp-nbr)# remote-as 2002 Router(config-bgp-nbr)# address-family ipv4 multicast A new address family configuration submode inside the neighb configuration submode is available f entering address family-specific neighb configurations. This new submode replaces the ability in Cisco IOS Release 12.2 to enter neighb address family configuration mode in the global address-family submode. In Cisco IOS-XR, the configuration is as follows: Router(config-bgp-af)# neighb 2002::2 Router(config-bgp-nbr)# remote-as 2002 Router(config-bgp-nbr)# address-family ipv6 unicast Router(config-bgp-nbr-af)# next-hop-self Router(config-bgp-nbr-af)# policy one in RC-11

12 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software Configuration Modes You must enter neighb-specific IPv4 unicast commands in neighb address family configuration submode. This submode replaces the ability in Cisco IOS Release 12.2 to enter IPv4 unicast commands directly in neighb configuration submode. In Cisco IOS-XR software, the configuration is as follows: Router(config-bgp)# router bgp 109 Router(config-bgp)# neighb Router(config-bgp-nbr)# remote-as 1 Router(config-bgp-nbr)# address-family ipv4 unicast Router(config-bgp-nbr-af)# maximum-prefix 1000 Commands relating to a peer group found in Cisco IOS Release 12.2 have been removed from Cisco IOS-XR software. Instead, the af-group, session-group, and neighb-group configuration commands are added to suppt the neighb in Cisco IOS-XR software: The af-group command is used to group address family-specific neighb commands within an IPv4 IPv6 address family. Neighbs that have the same address family configuration are able to use the address family group name f their address family-specific configuration. A neighb inherits the configuration from an address family group by way of the use command. If a neighb is configured to use an address family group, the neighb will (by default) inherit the entire configuration from the address family group. However, a neighb will not inherit all of the configuration from the address family group if items are explicitly configured f the neighb. The session-group command allows you to create a session group from which neighbs can inherit address family-independent configuration. A neighb inherits the configuration from a session group by way of the use command. If a neighb is configured to use a session group, the neighb (by default) inherits the session group s entire configuration. A neighb does not inherit all the configuration from a session group if a configuration is done directly on that neighb. The neighb-group command helps you apply the same configuration to one me neighbs. Neighb groups can include session groups and address family groups. This additional flexibility can create a complete configuration f a neighb. Once a neighb group is configured, each neighb can inherit the configuration through the use command. If a neighb is configured to use a neighb group, the neighb (by default) inherits the neighb group s entire BGP configuration. However, a neighb will not inherit all of the configuration from the nieghb group if items are explicitly configured f the neighb. In addition, some part of the neighb group s configuration could be hidden if a session group address family group was also being used. Configuration grouping has the following effects in Cisco IOS-XR software: Commands entered at the session group level define address family-independent commands (the same commands as in the neighb submode). Commands entered at the address family-group level define address family-dependent commands f a specified address family (the same commands as in the neighb address family configuration submode). Commands entered at the neighb group level define address family-independent commands and address family-dependent commands f each address family (the same as all available neighb commands), and the use command f the address family group and session group commands. The following sections show you how to enter each of the configuration modes. From there, you can enter the? command to display the commands available in that mode. RC-12

13 Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software Router Configuration Mode The following example shows you how to enter router configuration mode: RP/0/RP0/CPU0:router# configuration RP/0/RP0/CPU0:router(config)# router bgp 140 RP/0/RP0/CPU0:router(config-bgp)# Global Address Family Configuration Mode The following example shows you how to enter global address family configuration mode: RP/0/RP0/CPU0:router(config)# router bgp 140 RP/0/RP0/CPU0:router(config-bgp)# address-family ipv4 multicast RP/0/RP0/CPU0:router(config-bgp-af)# Neighb Configuration Mode The following example shows you how to enter neighb configuration mode: RP/0/RP0/CPU0:router(config)# router bgp 140 RP/0/RP0/CPU0:router(config-bgp)# neighb RP/0/RP0/CPU0:router(config-bgp-nbr)# Neighb Address Family Configuration Mode The following example shows you how to enter neighb address family configuration mode: RP/0/RP0/CPU0:router(config)# router bgp 140 RP/0/RP0/CPU0:router(config-bgp)# neighb RP/0/RP0/CPU0:router(config-bgp-nbr)# address-family ipv4 unicast RP/0/RP0/CPU0:router(config-bgp-nbr-af)# Address Family Group Configuration Mode The following example shows you how to enter address family group configuration mode. RP/0/RP0/CPU0:router(config)# router bgp 140 RP/0/RP0/CPU0:router(config-bgp)# af-group afmcast1 address-family ipv4 multicast RP/0/RP0/CPU0:router(config-bgp-afgrp)# Session Group Configuration Mode The following example shows you how to enter session group configuration mode: RP/0/RP0/CPU0:router(config)# router bgp 140 RP/0/RP0/CPU0:router(config-bgp)# session-group session1 RP/0/RP0/CPU0:router(config-bgp-sngrp)# Neighb Group Configuration Mode The following example shows you how to enter neighb group configuration mode: RP/0/RP0/CPU0:router(config)# router bgp 140 RP/0/RP0/CPU0:router(config-bgp)# neighb-group nbrgroup1 RP/0/RP0/CPU0:router(config-bgp-nbrgrp)# Neighb Group Address Family Configuration Mode The following example shows you how to enter neighb group address family configuration mode: RP/0/RP0/CPU0:router(config)# router bgp 140 RC-13

14 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software RP/0/RP0/CPU0:router(config-bgp)# neighb-group nbrgroup1 RP/0/RP0/CPU0:router(config-bgp-nbrgrp)# address-family ipv4 unicast RP/0/RP0/CPU0:router(config-bgp-nbrgrp-af)# Inheritance Rules Certain inheritance rules differ than from those in Cisco IOS Release 12.2 in the manner that neighbs groups inherit configuration from other neighbs groups. F address family-independent configurations: Neighbs can inherit from session groups and neighb groups. Neighb groups can inherit from session groups and other neighb groups. Session groups can inherit from other session groups. F address family-specific configurations: Address family groups can inherit from other address family groups. Neighb groups can inherit from address family groups and other neighb groups. Neighbs can inherit from address family groups and neighb groups. Configuration rules are numbered as follows: 1. If the item is configured directly on the neighb, that value is used. In the example that follows, the advertisement interval is configured both on the neighb group and neighb configuration and the advertisement interval being used is from the neighb configuration: router bgp 140 neighb-group AS_1 advertisement-interval 15 neighb remote-as 1 use neighb-group AS_1 advertisement-interval 20 The following output from the show bgp neighbs command shows that the advertisement interval used is 20: RP/0/RP0/CPU0:router# show bgp neighbs BGP neighb is , remote AS 1, local AS 140, external link Remote router ID BGP state = Idle Last read 00:00:00, hold time is 180, keepalive interval is 60 seconds Received 0 messages, 0 notifications, 0 in queue Sent 0 messages, 0 notifications, 0 in queue Minimum time between advertisement runs is 20 seconds F Address Family: IPv4 Unicast BGP neighb version 0 Update group: 0.1 ebgp neighb with no inbound outbound policy; defaults to 'drop' Route refresh request: received 0, sent 0 0 accepted prefixes Prefix advertised 0, suppressed 0, withdrawn 0, maximum limit Threshold f warning message 75% Connections established 0; dropped 0 RC-14

15 Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software Last reset 00:00:14, due to BGP neighb initialized External BGP neighb not directly connected. 2. Otherwise, if the neighb belongs to a session group address family group, the configuration value is obtained from the session group address family group. In the example that follows, the advertisement interval is configured on a neighb group and a session group and the advertisement interval value being used is from the session group: router bgp 140 session-group AS_2 advertisement-interval 15 neighb-group AS_1 advertisement-interval 20 neighb remote-as 1 use session-group AS_2 use neighb-group AS_1 RP/0/RP0/CPU0:router# show bgp neighbs BGP neighb is , remote AS 1, local AS 140, external link Remote router ID BGP state = Idle Last read 00:00:00, hold time is 180, keepalive interval is 60 seconds Received 0 messages, 0 notifications, 0 in queue Sent 0 messages, 0 notifications, 0 in queue Minimum time between advertisement runs is 15 seconds F Address Family: IPv4 Unicast BGP neighb version 0 Update group: 0.1 ebgp neighb with no inbound outbound policy; defaults to 'drop' Route refresh request: received 0, sent 0 0 accepted prefixes Prefix advertised 0, suppressed 0, withdrawn 0, maximum limit Threshold f warning message 75% Connections established 0; dropped 0 Last reset 00:03:23, due to BGP neighb initialized External BGP neighb not directly connected. 3. Otherwise, if the neighb uses a neighb group, and does not use a session group af-group, the configuration value is obtained from the neighb group. In the example that follows, the advertisement interval from the neighb group is being used because it is not configured directly on the neighb and no session group is used: router bgp 150 session-group AS_2 advertisement-interval 20 neighb-group AS_1 advertisement-interval 15 neighb remote-as 1 use neighb-group AS_1 RP/0/RP0/CPU0:router# show bgp neighbs RC-15

16 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software BGP neighb is , remote AS 1, local AS 140, external link Remote router ID BGP state = Idle Last read 00:00:00, hold time is 180, keepalive interval is 60 seconds Received 0 messages, 0 notifications, 0 in queue Sent 0 messages, 0 notifications, 0 in queue Minimum time between advertisement runs is 15 seconds F Address Family: IPv4 Unicast BGP neighb version 0 Update group: 0.1 ebgp neighb with no outbound policy; defaults to 'drop' Route refresh request: received 0, sent 0 Inbound path policy configured Policy f incoming advertisements is POLICY_1 0 accepted prefixes Prefix advertised 0, suppressed 0, withdrawn 0, maximum limit Threshold f warning message 75% Connections established 0; dropped 0 Last reset 00:01:14, due to BGP neighb initialized External BGP neighb not directly connected. To illustrate the same rule, the following example sets the advertisement interval to 15 (from the session group). The timers are set to the default (60/180) because the neighb uses a session group, thus hiding the timers command in the neighb group. The inbound policy is set to POLICY_1 from the neighb group. router bgp 140 session-group ADV advertisement-interval 15 neighb-group TIMER timers address-family ipv4 unicast policy POLICY_1 in neighb remote-as 1 use session-group ADV use neighb-group TIMER RP/0/RP0/CPU0:router# show bgp neighbs BGP neighb is , remote AS 1, local AS 140, external link Remote router ID BGP state = Idle Last read 00:00:00, hold time is 180, keepalive interval is 60 seconds Received 0 messages, 0 notifications, 0 in queue Sent 0 messages, 0 notifications, 0 in queue Minimum time between advertisement runs is 15 seconds F Address Family: IPv4 Unicast BGP neighb version 0 Update group: 0.1 ebgp neighb with no inbound outbound policy; defaults to 'drop' Route refresh request: received 0, sent 0 0 accepted prefixes Prefix advertised 0, suppressed 0, withdrawn 0, maximum limit RC-16

17 Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software Threshold f warning message 75% Connections established 0; dropped 0 Last reset 00:02:03, due to BGP neighb initialized External BGP neighb not directly connected. 4. Otherwise, the default value is used. In the example that follows, neighb has the minimum time between advertisement runs set to 30 seconds (default) because the neighb is not configured to use the neighb configuration the neighb group configuration: router bgp 140 neighb-group AS_1 remote-as 1 neighb-group adv_15 remote-as 10 advertisement-interval 15 neighb use neighb-group AS_1 neighb use neighb-group adv_15 RP/0/0/CPU0:router# show bgp neighbs BGP neighb is , remote AS 1, local AS 140, external link Remote router ID BGP state = Idle Last read 00:00:00, hold time is 180, keepalive interval is 60 seconds Received 0 messages, 0 notifications, 0 in queue Sent 0 messages, 0 notifications, 0 in queue Minimum time between advertisement runs is 30 seconds F Address Family: IPv4 Unicast BGP neighb version 0 Update group: 0.2 ebgp neighb with no inbound outbound policy; defaults to 'drop' Route refresh request: received 0, sent 0 0 accepted prefixes Prefix advertised 0, suppressed 0, withdrawn 0, maximum limit Threshold f warning message 75% Connections established 0; dropped 0 Last reset 00:00:25, due to BGP neighb initialized External BGP neighb not directly connected. The inheritance rules used when groups are inheriting configuration from other groups are the same as the rules given f neighbs inheriting from groups. Inheritance Show Commands You can use the following commands to monit BGP inheritance infmation: show bgp neighbs section on page 18 show bgp af-group section on page 19 show bgp session-group section on page 20 show bgp neighb-group section on page 21 RC-17

18 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software show bgp neighbs Use the show bgp neighbs command to display infmation about the BGP configuration f neighbs. Use the configuration option to display the effective configuration f the neighb, including any settings that have been inherited from session groups, neighb groups, af-groups used by this neighb. Use the inheritance option to display the session groups, neighb groups, and af-groups from which this neighb inherits configuration settings. The show bgp neighbs command examples that follow are based on the this sample configuration: af-group GROUP_3 address-family ipv4 unicast next-hop-self policy POLICY_1 in session-group GROUP_2 advertisement-interval 15 neighb-group GROUP_1 use session-group GROUP_2 ebgp-multihop 3 address-family ipv4 unicast weight 100 send-community-ebgp address-family ipv4 multicast default-iginate neighb remote-as 2 use neighb-group GROUP_1 address-family ipv4 unicast use af-group GROUP_3 weight 200 The following example displays sample output from the show bgp neighbs command using the inheritance keywd. The example shows that the neighb inherits session paramaters from neighb group GROUP_1, which in turn inherits from session group GROUP_2. The neighb inherits IPv4 unicast parameters from address family group GROUP_3 and IPv4 multicast parameters from neighb group GROUP_1: RP/0/0/CPU0:router# show bgp neighbs inheritance Session: n:group_1 s:group_2 IPv4 Unicast: a:group_3 IPv4 Multicast: n:group_1 The following example displays sample output from the show bgp neighbs command using the configuration keywd. The example shows where each item of configuration was inherited from, if it was configured directly on the neighb (indicated by [ ]). F example, the command ebgp-multihop 3 was inherited from neighb group GROUP_1. and the next-hop-self command was inherited from the address family group GROUP_3: RP/0/0/CPU0:router# show bgp neighbs configuration neighb remote-as 2 [] RC-18

19 Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software advertisement-interval 15 [n:group_1 s:group_2] ebgp-multihop 3 [n:group_1] address-family ipv4 unicast [] next-hop-self [a:group_3] policy POLICY_1 in [a:group_3] weight 200 [] address-family ipv4 multicast [n:group_1] default-iginate [n:group_1] show bgp af-group Use the show bgp af-group command to display address family groups: Use the configuration option to display the effective configuration f the af-group, including any settings that have been inherited from af-groups used by this af-group. Use the inheritance option to display the af-groups from which this af-group inherits configuration settings. Use the users option to display the neighbs, neighb groups and af-groups that inherit configuration from this af-group. The show bgp af-group command examples that follow are based on the this sample configuration: af-group GROUP_3 address-family ipv4 unicast remove-private-as policy POLICY_1 in af-group GROUP_1 address-family ipv4 unicast use af-group GROUP_2 maximum-prefix warning-only default-iginate af-group GROUP_2 address-family ipv4 unicast use af-group GROUP_3 send-community-ebgp send-extended-community-ebgp capability f prefix-list both The following example displays sample output from the show bgp af-group command using the configuration keywd. This example shows where each configuration item was inherited from. The default-iginate command was configured directly on this address family group (indicated by [ ]). The remove-private-as command was inherited from address family group GROUP_2, which in turn inherited from address family group GROUP_3: RP/0/0/CPU0:router# show bgp af-group GROUP_1 configuration af-group tasman address-family ipv4 unicast capability f prefix-list both [a:group_2] default-iginate [] maximum-prefix warning-only [] policy POLICY_1 in [a:group_2 a:group_3] remove-private-as [a:group_2 a:group_3] send-community [a:group_2] send-extended-community [a:group_2] The following example displays sample output from the show bgp af-group command using the users keywd: RP/0/RP0/CPU0:router# show bgp af-group GROUP_2 users IPv4 Unicast: a:group_1 RC-19

20 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software The following example displays sample output from the show bgp af-group command using the inheritance keywd. This shows that the specified address family group GROUP_1 directly uses the GROUP_2 address family group, which in turn uses the GROUP_3 address family group: RP/0/RP0/CPU0:router# show bgp af-group GROUP_1 inheritance IPv4 Unicast: a:group_2 a:group_3 show bgp session-group Use the show bgp session-group command to display session groups: Use the configuration option to display the effective configuration f the session group, including any settings that have been inherited from session groups used by this session group. Use the inheritance option to display the session groups from which this session group inherits configuration settings. Use the users option to display the session groups, neighb groups, and neighbs that inherit configuration from this session group. The following is sample output from the show bgp session-group command with the configuration option in EXEC mode. The examples are based on the following session group configuration: session-group GROUP_1 use session-group GROUP_2 update-source Loopback 0 session-group GROUP_2 use session-group GROUP_3 ebgp-multihop 2 session-group GROUP_3 dmzlink-bw The following is sample output from the show bgp session-group command with the configuration keywd in EXEC mode: RP/0/RP0/CPU0:router# show bgp session-group GROUP_1 configuration session-group GROUP_1 ebgp-multihop 2 [s:group_2] update-source Loopback0 [] dmzlink-bw [s:group_2 s:group_3] The following is sample output from the show bgp session-group command with the inheritance keywd showing that the GROUP_1 session group inherits session parameters from the GROUP_3 and GROUP_2 session groups: RP/0/RP0/CPU0:router# show bgp session-group GROUP_1 inheritance Session: s:group_2 s:group_3 The following is sample output from the show bgp session-group command with the users keywd showing that both the GROUP_1 and GROUP_2 session groups inherit session parameters from the GROUP_3 session group: RP/0/RP0/CPU0:router# show bgp session-group GROUP_3 users Session: s:group_1 s:group_2 RC-20

21 Implementing BGP on Cisco IOS-XR Software Infmation About Implementing BGP on Cisco IOS-XR Software show bgp neighb-group Use the show bgp neighb-group command to display neighb groups: Use the configuration option to display the effective configuration f the neighb group, including any settings that have been inherited from neighb groups used by this neighb group. Use the inheritance option to display the af-groups, session groups, and neighb groups from which this neighb group inherits configuration settings. Use the users option to display the neighbs and neighb groups that inherit configuration from this neighb group. The examples are based on the following group configuration: af-group GROUP_3 address-family ipv4 unicast remove-private-as soft-reconfiguration inbound af-group GROUP_2 address-family ipv4 unicast use af-group GROUP_3 send-community-ebgp send-extended-community-ebgp capability f prefix-list both session-group GROUP_3 timers neighb-group GROUP_1 remote-as 1982 use neighb-group GROUP_2 address-family ipv4 unicast neighb-group GROUP_2 use session-group GROUP_3 address-family ipv4 unicast use af-group GROUP_2 weight 100 The following is sample output from the show bgp neighb-group command with the configuration keywd. The configuration setting source is shown to the right of each configuration command. In the output shown previously, the remote autonomous systems is configured directly on neighb group GROUP_1, and the send community setting is inherited from neighb group GROUP_2, which in turn inherits the setting from af-group sanjose: RP/0/RP0/CPU0# show bgp neighb-group GROUP_1 configuration neighb-group GROUP_1 remote-as 1982 [] timers [n:group_2 s:group_3] address-family ipv4 unicast [] capability f prefix-list both [n:group_2 a:group_2] remove-private-as [n:group_2 a:group_2 a:group_3] send-community [n:group_2 a:group_2] send-extended-community [n:group_2 a:group_2] soft-reconfiguration inbound [n:group_2 a:group_2 a:group_3] weight 100 [n:group_2] RC-21

22 Infmation About Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software The following is sample output from the show bgp neighb-group command with the inheritance keywd. This output shows that the specified neighb group GROUP_1 inherits session (address-family independent) configuration parameters from neighb group GROUP_2. Neighb group GROUP_2 inherits its session parameters from session group GROUP_3. It also shows that the GROUP_1 neighb group inherits IPv4 unicast configuration parameters from the GROUP_2 neighb group, which in turn inherits them from the GROUP_2 address family group, which itself inherits them from the GROUP_3 address family group: RP/0/RP0/CPU0:router# show bgp neighb-group GROUP_1 inheritance Session: n:group-2 s:group_3 IPv4 Unicast: n:group_2 a:group_2 a:group_3 The following is sample output from the show bgp neighb-group command with the users option. This output shows that the GROUP_1 neighb-group inherits session (address family-independent configuration parameters) from the GROUP_2 neighb-group. The GROUP_2 neighb group also inherits IPv4 unicast configuration parameters from the GROUP_2 neighb group: RP/0/RP0/CPU0:router# show bgp neighb-group GROUP_2 users Session: n:group_1 IPv4 Unicast: n:group_1 Update Groups The BGP Update Groups feature introduces a new algithm that dynamically calculates and optimizes update groups of neighbs that share outbound policies and can share the same update messages. Until recently in Cisco IOS software, BGP update messages were grouped based on peer group configurations. This method of grouping updates limited outbound policies and specific-session configurations. The BGP Update Groups feature separates update group replication from peer group configuration, improving convergence time and flexibility of neighb configuration. To use this feature, you must understand the following concepts: BGP Update Generation and Update Groups, page RC-22 BGP Update Group Configuration, page RC-23 BGP Update Generation and Update Groups BGP update messages in Cisco IOS software were grouped based on peer-group configurations. This method of grouping neighbs f BGP update message generation reduced the amount of system processing resources needed to scan the routing table. This method, however, had the following limitations: All neighbs that shared the peer group configuration also had to share the outbound routing policies. All neighbs that could share the update messages had to belong to the peer group and address family. Neighbs configured in different peer groups could not share the same update messages. These limitations existed to balance optimal update generation and replication against peer group configuration. These limitations also caused the netwk operat to configure smaller peer groups, which reduced the efficiency of update message generation. RC-22

23 Implementing BGP on Cisco IOS-XR Software How to Implement BGP on Cisco IOS-XR Software The BGP Update Groups feature separates BGP update generation from peer configuration. The BGP Update Groups feature introduces an algithm that dynamically calculates BGP update-group membership based on outbound routing policies. This feature does not require any configuration by the netwk operat. Optimal BGP update message generation occurs automatically and independently. BGP neighb configuration is no longer restricted by outbound routing policies. BGP Update Group Configuration The BGP Update Group feature requires no configuration and occurs automatically. When a change to the configuration occurs, the router automatically recalculates update group memberships and applies the changes. F the best optimization of BGP update group generation, we recommend that the netwk operat keeps outbound routing policy the same f neighbs that have similar outbound policies. This feature introduces new commands f moniting BGP update groups. F me infmation about the new commands, see the Moniting BGP Update Groups section. How to Implement BGP on Cisco IOS-XR Software Basic BGP configuration in Cisco IOS-XR is the same as basic BGP configuration in Cisco IOS Release The following BGP configuration task is significantly different: Moniting BGP Update Groups, page RC-23 Moniting BGP Update Groups SUMMARY STEPS This task displays infmation related to the processing of BGP update groups. 1. show bgp update-group [{ipv4 ipv6 all}{unicast multicast all]} update-group [neighb ip-address process id.index [summary perfmance-statistics]] RC-23

24 Configuration Examples f Implementing BGP on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software DETAILED STEPS Command Action Step 1 show bgp [{ipv4 ipv6 all}{unicast multicast all]} update-group [neighb ip-address process id.index [summary perfmance-statistics]] RP/0/RP0/CPU0:router# show bgp update-group Purpose Displays infmation about BGP update groups. The process-id.index argument is used to select a particular update group to display and is specified as follows: process id (dot) index. Process ID range is from 0 to 254. Index range is from 0 to The ip-address argument is used to display the update groups to which that neighb belongs. The summary keywd is used to display summary infmation f neighbs in a particular update-group. If no argument is specified, this command will display infmation f all update groups (f the specified address family). The perfmance-statistics keywd is used to display perfmance statistics f an update group. Configuration Examples f Implementing BGP on Cisco IOS-XR Software This section provides the following configuration example: BGP Update Groups: Example, page RC-24 BGP Update Groups: Example The following is sample output from the show bgp update-group command executed in EXEC mode: RP/0/RP0/CPU0:router# show bgp update-group Update group f IPv4 Unicast, index 0.1: Attributes: Outbound Route map:rm Minimum advertisement interval:30 Messages fmatted:2, replicated:2 Neighbs in this update group: Update group f IPv4 Unicast, index 0.2: Attributes: Minimum advertisement interval:30 Messages fmatted:2, replicated:2 Neighbs in this update group: RC-24

25 Implementing BGP on Cisco IOS-XR Software Where to Go Next Where to Go Next F detailed infmation about BGP commands, refer to the Cisco IOS-XR Routing Command Reference document. Additional References The following sections provide references related to implementing BGP f Cisco IOS-XR software. Related Documents Related Topic BGP commands BGP deployment BGP RFCs and internet drafts Cisco CRS-1 Series Carrier Routing System Router Interface Cisco CRS-1 Series Carrier Routing System Craft Web Interface (CWI) Document Title Cisco IOS-XR Routing Command Reference BGP Case Studies Locate under the BGP IETF wking group NB: IDR at Cisco CRS-1 Series Carrier Routing System Router Interface Configuration Guide Cisco CRS-1 Series Carrier Routing System Craft Web Interface (CWI) Configuration Standards Standards No new modified standards are suppted by the features in this document, and suppt f existing standards has not been modified by the features in this document. Title RC-25

26 Additional References Implementing BGP on Cisco IOS-XR Software RFCs RFCs RFC 1657 Title Definitions of Managed Objects f the Fourth Version of the Bder Gateway Protocol (BGP-4) using SMIv2 RFC 1771 A Bder Gateway Protocol 4 RFC 1997 BGP Communities Attribute RFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option RFC 2439 BGP Route Flap Damping RFC 2545 Use of BGP-4 Multiprotocol Extensions f IPv6 Inter-Domain Routing RFC 2796 BGP Route Reflection - An Alternative to Full Mesh IBGP RFC 2858 Multiprotocol Extensions f BGP-4 RFC 2918 Route Refresh Capability f BGP-4 RFC 3065 Autonomous System Confederations f BGP RFC 3392 Capabilities Advertisement with BGP-4 Technical Assistance Description Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even me content. Link CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Netwk mark, Cisco Unity, Follow Me Browsing, FmShare, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Wk, Live, Play, and Learn, and iquick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwk Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scecard, LightStream, Linksys, MeetingPlace, MGX, the Netwkers logo, Netwking Academy, Netwk Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/ its affiliates in the United States and certain other countries. All other trademarks mentioned in this document Website are the property of their respective owners. The use of the wd partner does not imply a partnership relationship between Cisco and any other company. (0403R) Copyright 2004 Cisco Systems, Inc. All rights reserved. RC-26

27 Implementing IS-IS on Cisco IOS-XR Software Integrated Intermediate System-to-Intermediate System (IS-IS), Internet Protocol Version 4 (IPv4), is a standards-based Interi Gateway Protocol (IGP). Cisco IOS-XR implements the IP routing capabilities described in International Organization f Standardization (ISO)/International Engineering Constium (IEC) and RFC 1995, and adds the standard extensions f single topology and multitopology IS-IS f IP Version 6 (IPv6). This module describes the new and revised tasks you need to implement IS-IS (IPv4 and IPv6) on your Cisco IOS-XR netwk. Note F a complete description of the IS-IS commands listed in this chapter, refer to the IS-IS Commands on Cisco IOS-XR Software module of the Routing Software Product Commands publication. To locate documentation f other commands that might appear in this chapter, search online in the individual index documents associated with the appropriate software product, such as the IP Security Software Product. Feature Histy f Implementing IS-IS on Cisco IOS-XR Software Release Release 2.0 Modification This feature was introduced. Contents Prerequisites f Implementing IS-IS on Cisco IOS-XR Software, page RC-28 Restrictions f Implementing IS-IS on Cisco IOS-XR Software, page RC-28 Infmation About Implementing IS-IS on Cisco IOS-XR Software, page RC-28 How to Implement IS-IS on Cisco IOS-XR Software, page RC-35 Configuration Examples f Implementing IS-IS on Cisco IOS-XR Software, page RC-64 Where to Go Next, page RC-65 Additional References, page RC-66 Cpate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA USA Copyright 2004 Cisco Systems, Inc. All rights reserved.

28 Prerequisites f Implementing IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Prerequisites f Implementing IS-IS on Cisco IOS-XR Software This module assumes that you are familiar with IS-IS IPv4 on Cisco IOS software. Refer to the publications in the Related Documents section f additional IS-IS configuration and command reference infmation. This module assumes that you are familiar with IPv6 addressing and basic configuration. Refer to the Implementing Basic Connectivity f IPv6 module f me infmation. Restrictions f Implementing IS-IS on Cisco IOS-XR Software To access the IS-IS CLI configuration, you must belong to a task group associated with the isis task ID. Please contact your system administrat f access permission. When multiple instances of IS-IS are being run, an interface can be associated with only one instance (process). Instances may not share an interface. Additionally, if Multiprotocol Label Switching traffic engineering (MPLS TE) is being employed, then MPLS must be enabled f only one instance. The MPLS process is not multi-instance aware. Infmation About Implementing IS-IS on Cisco IOS-XR Software To implement IS-IS you need to understand the following concepts: IS-IS Functional Overview, page RC-29 Key Features Suppted in the Cisco IOS-XR IS-IS Implementation, page RC-29 Comparison of Cisco IOS IS-IS and Cisco IOS-XR IS-IS, page RC-29 IPv6 Routing and Configuring IPv6 Addressing, page RC-31 Limit LSP Flooding, page RC-32 Maximum LSP Lifetime and Refresh Interval, page RC-32 Overload Bit Configuration During Multitopology Operation, page RC-33 Single-Topology IPv6 Suppt, page RC-33 Multitopology IPv6 Suppt, page RC-33 Nonstop Fwarding, page RC-33 Multiprotocol Label Switching Traffic Engineering, page RC-34 Overload Bit on Router, page RC-35 Default Routes, page RC-35 Attached Bit on an IS-IS Instance, page RC-35 RC-28

29 Implementing IS-IS on Cisco IOS-XR Software Infmation About Implementing IS-IS on Cisco IOS-XR Software IS-IS Functional Overview Small IS-IS netwks are typically built as a single area that includes all the routers in the netwk. As the netwk grows larger, it may be reganized into a backbone area made up of the connected set of all Level 2 routers from all areas, which is in turn connected to local areas. Within a local area, routers know how to reach all system IDs. Between areas, routers know how to reach the backbone, and the backbone routers know how to reach other areas. The IS-IS routing protocol suppts the configuration of backbone Level 2 and Level 1 areas and the necessary suppt f moving routing infmation between the areas. Routers establish Level 1 adjacencies to perfm routing within a local area (intra-area routing). Routers establish Level 2 adjacencies to perfm routing between Level 1 areas (interarea routing). F Cisco IOS-XR software, each IS-IS instance can suppt either a single Level 1 Level 2 area, one of each not multiple areas as in Cisco IOS software. By default, all IS-IS instances automatically suppt Level 1 and Level 2 routing. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. Key Features Suppted in the Cisco IOS-XR IS-IS Implementation The Cisco IOS-XR implementation of IS-IS confms to the IS-IS Version 2 specifications detailed in RFC 1195 and the IPv6 IS-IS functionality based on the Internet Engineering Task Fce (IETF) IS-IS Wking Group draft-ietf-isis-ipv6.txt document. The list that follows outlines key features suppted in the Cisco IOS-XR implementation. Some of these features are significantly different from Cisco IOS software, and others are very similar. Improved configuration syntax and enhanced show commands Single topology IPv6 Multitopology Nonstop fwarding (NSF), both Cisco Proprietary and IETF Three-way handshake Mesh groups Multiple IS-IS instances Advanced debugging with filtering Comparison of Cisco IOS IS-IS and Cisco IOS-XR IS-IS A comparison of Cicso IOS IS-IS and Cisco IOS-XR IS-IS reveals a significantly improved configuration syntax. The configuration syntax has been improved in the following ways: The interface configuration related to IS-IS has been moved into the IS-IS router stanza. Changes have been made to keywds in the configuration to increase the consistency of the configuration syntax. Many differences between Open Shtest Path First (OSPF) and IS-IS configuration have been eliminated in an efft to ease the burden of making the transition from one IGP to another. The configuration of single-topology and multitopology IS-IS has been made me unifm. Also, multitopology is automatically enabled when me than one topology is configured. RC-29

30 Infmation About Implementing IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software IS-IS Configuration Grouped Configuration Syntax Changes Cisco IOS-XR groups all of the IS-IS configuration in router configuration mode, including the ption of the interface configurations associated with IS-IS. The grouping makes the configuration process me clear, and eliminates some of the clutter in the global interface stanza. To display the IS-IS configuration in its entirety, use the show running router isis command. The command output displays the running configuration f all configured IS-IS instances, including the interface assignments and interface attributes. In general, there are some consistency changes with the IS-IS implementation from Cisco IOS software to Cisco IOS-XR software that make IS-IS easier to implement in Cisco IOS-XR software. Some of the commands, keywds, and arguments have been changed. However, most have the same name, but may be found in different locations in the configuration hierarchy. An example of a command name change is the lsp-passwd command (IS-IS may insert a passwd into an link-state packet (LSP) in either Level 1 Level 2, both). The Cisco IOS command names of area-passwd and domain-passwd commands are replaced with the me general lsp-passwd command. The lsp-passwd command applies to both Level 1 and Level 2 by default, but may be associated with Level 1 (to set the area-passwd) Level 2 (to set the domain-passwd) by using the appropriate modifier. An example of a configuration parameter that has moved is the distance command. This command applied to IPv4 by default in Cisco IOS software and was configurable in the router submode. In Cisco IOS-XR software, the parameter is configurable in the address-family configuration submode in the router stanza, because it applies to a topology. Different administrative distances may be specified f each topology. The following are guidelines f configuration parameters and where they are located in the Cisco IOS-XR software: If a configuration parameter applies to the entire IS-IS process, it is generally located in the router mode. If a configuration parameter applies to a particular topology in the instance, it can be located in the address-family submode of the router stanza. If a configuration parameter applies to a particular interface but is independent of topology, it can be located in the interface submode. If a configuration parameter applies to a particular interface and topology, it can be located in the address-family submode of the interface. One of the me noticeable consistency changes is the mechanism f associating a parameter with either IS-IS Level 1, Level 2, both. Generally, most parameters by default apply to both levels. In these cases, there is only a need to explicitly associate a specific attribute with a single level because the absence of the association implies that the parameter applies to both. F example: hello-interval 10 level 1 lsp-passwd 0 secret-passwd level 2 RC-30

31 Implementing IS-IS on Cisco IOS-XR Software Infmation About Implementing IS-IS on Cisco IOS-XR Software This syntax replaces the level-1, level-2, and level-1-2 keywds, which are commonly employed in Cisco IOS software. In the examples, the default hello interval still applies to Level 2, and no lsp-passwd value is set f Level 1. In cases where a command is configured with a level keywd value (instead of associating a value with a level), the level-number token is used. F example: is-type level-1-2 circuit-type level-2 In the rare cases where a parameter configuration is associated with only one level by default, then the level-number keywd is used to modify the association. This practice permits the explicit association with Level 1 Level 2 both. F example: redistribute static level-1-2 metric 7 Redistribution by default occurs into Level-2 only, so the level-level-number token is used, because it enables you to explicitly configure redistribution f both Level 1 and Level 2, a task that would not be possible using the level keywd. Multitopology Configuration Unlike Cisco IOS software, Cisco IOS-XR software suppts multitopology as the default behavi once two topologies are enabled. To fce IPv4 and IPv6 to use a single topology, the single-topology mode must be explicitly configured. As expected, if only a single topology is enabled on IS-IS interfaces, then the usual, single-topology operation ensues. Note IS-IS suppts IP routing and not Open Systems Interconnection (OSI) Connectionless Netwk Service (CLNS) routing. IPv6 Routing and Configuring IPv6 Addressing By default, IPv6 routing is disabled in the Cisco IOS-XR software. To enable IPv6 routing, you must assign IPv6 addresses to individual interfaces in the router. To learn me about IPv6 routing and addressing, refer to the following links: Cisco IOS Release 12.3: Implementing Basic Connectivity f IPv6 module f Cisco IOS Release 12.3: The Cisco IOS IPv6 website on Cisco.com f infmation on the Cisco implementation of and training f IPv6: RC-31

32 Infmation About Implementing IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Limit LSP Flooding Limiting link-state packets (LSP) may be desirable in certain meshy netwk topologies. An example of such a netwk might be a highly redundant one such as a fully meshed set of point-to-point links over a nonbroadcast multiaccess (NBMA) transpt. In such netwks, full LSP flooding can limit netwk scalability. One way to restrict the size of the flooding domain is to introduce hierarchy by using multiple Level 1 areas and a Level 2 area. However, two other techniques are also available that can be used instead of, in conjunction with, hierarchy: block flooding on specific interfaces and configure mesh groups. Both techniques operate by restricting the flooding of LSPs in some fashion. A direct consequence is that although scalability of the netwk is improved, the reliability of the netwk (in the face of failures) is reduced because a series of failures may prevent LSPs from being flooded throughout the netwk, even though links exist that would allow flooding if blocking mesh groups had not restricted their use. In such a case, the link-state databases of different routers in the netwk may no longer be synchronized. Consequences such as persistent fwarding loops can ensue. F this reason, it is recommended that blocking mesh groups be used only if specifically required, and then only after careful netwk design. Flood Blocking on Specific Interfaces Mesh Group Configuration With this technique, certain interfaces are blocked from being used f flooding LSPs, but the remaining interfaces operate nmally f flooding. This technique is simple to understand and configure, but may be me difficult to maintain and me err-prone than mesh groups in the long run. The flooding topology that IS-IS uses is fine-tuned rather than restricted. Restricting the topology too much (blocking too many interfaces) makes the netwk unreliable in the face of failures. Restricting the topology too little (blocking too few interfaces) may fail to achieve the desired scalability. To improve the robustness of the netwk in the event that all nonblocked interfaces drop, use the csnp-interval interface configuration command to fce periodic complete sequence number PDUs (CSNPs) packets to be used on blocked point-to-point links. The use of periodic CSNPs enables the netwk to become synchronized. Configuring mesh groups (a set of interfaces on a router) can help to limit flooding. All routers reachable over the interfaces in a particular mesh group are assumed to be densely connected with each router having at least one link to every other router. Many links can fail without isolating one me routers from the netwk. In nmal flooding, a new LSP is received on an interface and is flooded out over all other interfaces on the router. With mesh groups, when a new LSP is received over an interface that is part of a mesh group, the new LSP will not be flooded out over the other interfaces that are part of that mesh group. Maximum LSP Lifetime and Refresh Interval By default, the router sends a periodic LSP refresh every 15 minutes. LSPs remain in a database f 20 minutes by default. If they are not refreshed by that time, they are deleted. You can change the LSP refresh interval the maximum LSP lifetime. The LSP interval should be less than the LSP lifetime else LSPs will time out befe they are refreshed. In the absence of a configured refresh interval, the software will adjust the LSP refresh interval if necessary to prevent the LSPs from timing out. RC-32

33 Implementing IS-IS on Cisco IOS-XR Software Infmation About Implementing IS-IS on Cisco IOS-XR Software Overload Bit Configuration During Multitopology Operation Because the overload bit applies to fwarding f a single topology, it may be configured and cleared independently f IPv4 and IPv6 during multitopology operation. F this reason, the overload is set from the address family configuration mode of the router. If the IPv4 overload bit is set, all routers in the area will not use the router f IPv4 transit traffic. However, they can still use the router f IPv6 transit traffic. Single-Topology IPv6 Suppt Single-topology IPv6 suppt on Cisco IOS-XR software allows IS-IS f IPv6 to be configured on interfaces along with an IPv4 netwk protocol. All interfaces must be configured with the identical set of netwk protocols and all routers in the IS-IS area (f Level 1 routing) the domain (f Level 2 routing) must suppt the identical set of netwk layer protocols on all interfaces. When single-topology suppt f IPv6 is used, only narrow link metrics, also known as old-style type, length, and value arguments (TLVs), may be employed. During single-topology operation, one shtest path first (SPF) computation per level is used to compute both IPv4 and IPv6 routes. Using a single SPF is possible because both IPv4 IS-IS and IPv6 IS-IS routing protocols share a common link topology. Because multitopology is the default behavi in the software, you must explicitly configure IPv6 to use the same topology as IPv4 in der to enable single-topology IPv6. Configure the single-topology command in ipv6 address-family configuration submode of the IS-IS router stanza. Multitopology IPv6 Suppt Multitopology IPv6 suppt on Cisco IOS-XR software differs from Cisco IOS software in that IS-IS assumes that multi-topology suppt is required as soon as it detects interfaces configured f both IPv6 and IPv4 within the IS-IS stanza. You must use the metric-style wide command to configure IS-IS to wide link metrics as multitopology link advertisements. Nonstop Fwarding On Cisco IOS-XR software, NSF minimizes the amount of time a netwk is unavailable to its users following a RP failover. The main objective of NSF is to continue fwarding IP packets and perfm a graceful restart following an RP failover. When a netwking device restarts, all routing peers of that device usually detect that the device went down and then came back up. This transition results in what is called a routing flap, which could spread across multiple routing domains. Routing flaps caused by routing restarts create routing instabilities, which are detrimental to the overall netwk perfmance. NSF helps to suppress routing flaps in NSF-aware devices, thus reducing netwk instability. NSF allows f the fwarding of data packets to continue along known routes while the routing protocol infmation is being rested following an RP failover. When the NSF feature is configured, peer netwking devices do not experience routing flaps. Data traffic is fwarded through intelligent line cards dual fwarding processs (FPs) while the standby RP assumes control from the failed active RP during a failover. The ability of line cards and FPs to remain up through a failover and to be kept current with the Fwarding Infmation Base (FIB) on the active RP is key to NSF operation. RC-33

34 Infmation About Implementing IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software When the Cisco IOS-XR router running IS-IS routing perfms an RP failover, the router must perfm two tasks in der to resynchronize its link-state database with its IS-IS neighbs. First, it must relearn the available IS-IS neighbs on the netwk without causing a reset of the neighb relationship. Second, it must reacquire the contents of the link-state database f the netwk. The IS-IS NSF feature offers two options when configuring NSF: IETF NSF Cisco NSF If neighb routers on a netwk segment are NSF-aware, meaning that neighb routers are running a software version that suppts the IETF Internet draft f router restartability, they will assist an IETF NSF router that is restarting. With IETF NSF, neighb routers provide adjacency and link-state infmation to help rebuild the routing infmation following a failover. In Cisco IOS-XR software, Cisco NSF checkpoints (stes persistently) all of the state necessary to recover from a restart without requiring any special cooperation from neighbing routers. The state is recovered from the neighbing routers, but only using the standard features of the IS-IS routing protocol. This capability makes Cisco NSF suitable f use in netwks where other routers have not used the IETF standard implementation of NSF. Note If you configure IETF NSF on the Cisco IOS-XR router, but neighb routers are not IETF-compatible, NSF will abt following a failove/restart, and the IS-IS process will start nmally from a cold start. Multi-Instance IS-IS You may configure as many IS-IS instances as system resources (memy and interfaces) allow. Each interface may be associated with only a single IS-IS instance, and MPLS may be enabled f only a single IS-IS instance. Cisco IOS-XR software prevents the double-booking of an interface by two instances at configuration time two instances of MPLS configuration will cause an err. Because the Routing Infmation Base (RIB) treats each of the IS-IS instancse as equal routing clients, you must be careful when redistributing routes between IS-IS instances. The RIB does not know to prefer Level 1 routes over Level 2 routes. F this reason, if you are running Level 1 and Level 2 instances, you must enfce the preference by configuring different administrative distances f the two instances. Multiprotocol Label Switching Traffic Engineering The MPLS TE feature enables an MPLS backbone to replicate and expand upon the traffic engineering capabilities of Layer 2 ATM and Frame Relay netwks. MPLS is an integration of Layer 2 and Layer 3 technologies. F IS-IS, MPLS TE automatically establishes and maintains MPLS TE label-switched paths across the backbone by using Resource Reservation Protocol (RSVP). The route that a label-switched path uses is determined by the label switched paths resource requirements and netwk resources, such as bandwidth. Available resources are flooded by using special IS-IS TLV extensions in the IS-IS. The label-switched paths are explicit routes and referred to as traffic engineering tunnels (TE tunnels). Refer to the MPLS Traffic Engineering and Enhancements module f me infmation: RC-34

35 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Overload Bit on Router The overload bit is a special bit of state infmation that is included in an LSP of the router. If the bit is set on the router, it notifies routers in the area that the router is not available f transit traffic. This capability is useful in four situations: 1. During a serious, but nonfatal err, such as limited memy. 2. During the startup and restart of the process. The overload bit can be set until the routing protocol has converged. However, it is not employed during a nmal NSF restart failover because doing so causes a routing flap. 3. During a trial deployment of a new router. The overload bit can be set until deployment is verified, then cleared. 4. During the shutdown of a router. The overload bit can be set to remove the router from the topology befe the router is removed from service. Default Routes You can fce a default route into an IS-IS routing domain. Whenever you specifically configure redistribution of routes into an IS-IS routing domain, the Cisco IOS-XR software does not, by default, redistribute the default route into the IS-IS routing domain. The default-infmation iginate command generates a default route into IS-IS, which can be controlled by a route map. You can use the route map to identify the level into which the default route is to be announced, and you can specify other filtering options configurable under a route map. You can use a route map to conditionally advertise the default route, depending on the existence of another route in the routing table of the router. Attached Bit on an IS-IS Instance The attached bit is set in a router that is configured with the is-type command and the level-1-2 keywd. The attached bit indicates that the router is connected to other areas (typically through the backbone). This functionality means that the router can be used by Level 1 routers in the area as the default route to the backbone. The attached bit is usually set automatically as the router discovers other areas while computing its Level 2 SPF route. The bit is automatically cleared when the router becomes detached from the backbone. To simulate this behavi when using multiple processes to represent the level-1-2 functionality, you would manually configure the attached bit on the Level 1 process. Caution If the connectivity f the Level 2 instance is lost, the attached bit in the Level 1 instance LSP would continue sending traffic to the Level 2 instance and cause the traffic to be dropped. How to Implement IS-IS on Cisco IOS-XR Software This section contains the following procedures: Enabling IS-IS and Configuring Level 1 Level 2 Routing, page RC-36 (required) Configuring Single Topology f IS-IS, page RC-38 (required) Configuring Multitopology f IS-IS, page RC-42 (optional) Controlling LSP Flooding f IS-IS, page RC-46 (optional) RC-35

36 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Configuring Nonstop Fwarding f IS-IS, page RC-49 (optional) Configuring Authentication f IS-IS, page RC-51 (optional) Configuring MPLS Traffic Engineering f IS-IS, page RC-53 (optional) Tuning Adjacencies f IS-IS on Point-to-Point Interfaces, page RC-56 (optional) Setting SPF Interval f a Single-topology IPv4 and IPv6 Configuration, page RC-58 (optional) Customizing Routes f IS-IS, page RC-61 (optional) Note To save configuration changes, you must commit changes when the system prompts you. Enabling IS-IS and Configuring Level 1 Level 2 Routing This task explains how to enable IS-IS and configure the routing level f an area. Note Configuring the routing level in Step 4 is optional but is highly recommended to establish the proper level of adjacencies. Prerequisites Although you can configure IS-IS befe you configure an IP address, no IS-IS routing will occur until at least one IP address is configured. SUMMARY STEPS 1. configure 2. router isis instance-id 3. net netwk-entity-title 4. is-type {level-1 level-1-2 level-2-only} 5. end commit 6. show isis [instance instance-id] protocol RC-36

37 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 RP/0/RP0/CPU0:router# configure router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp net netwk-entity-title RP/0/RP0/CPU0:router(config-isis)# net d c is-type {level-1 level-1-2 level-2-only} RP/0/RP0/CPU0:router(config-isis)# is-type level-2-only Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. By default, all IS-IS instances are automatically Level 1 and Level 2. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. Configures netwk entity titles (NETs) f the routing instance. Specify a NET f each routing instance if you are configuring multi-instance IS-IS. You can specify a name f a NET and f an address. This example configures a router with area ID d.0001 and system ID c To specify me than one area address, specify additional NETs. Although the area address ption of the NET will differ, the system-id ption of the NET must match exactly f all of the configured items. (Optional) Configures the system type (area backbone router). By default, every IS-IS instance acts as a level-1-2 router. The level-1 keywd configures the software to perfm Level 1 (intra-area) routing only. Only Level 1 adjacencies are established. The software learns about destinations inside its area only. Any packets containing destinations outside the area are sent to the nearest level-1-2 router in the area. The level-2-only keywd configures the software to perfm Level 2 (backbone) routing only and the router establishes only Level 2 adjacencies, either with other Level 2-only routers with level-1-2 routers. The level-1-2 keywd configures the software to perfm both Level 1 and Level 2 routing. Both Level 1 and Level 2 adjacencies are established. The router acts as a bder router between the Level 2 backbone and its Level 1 area. RC-37

38 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Step 5 Step 6 Command Action end commit RP/0/RP1/CPU0:router(config-isis)# end RP/0/RP1/CPU0:router(config-isis)# commit show isis [instance instance-id] protocol RP/0/RP1/CPU0:router# show isis protocol Purpose Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays summary infmation about the IS-IS instance. Configuring Single Topology f IS-IS Once an IS-IS instance is enabled, it must be configured to compute routes f a specific netwk topology. This task explains how to configure the operation of the IS-IS protocol on an interface f an IPv4 IPv6 topology. Restrictions To enable the router to run in single-topology mode, configure all of the IS-IS interfaces with the all address families keywd enabled in the IS-IS router stanza. You can use either the IPv6 address family both IPv4 and IPv6 address families, but your configuration must represent the set of all active address families on the router. Additionally, explicitly enable single-topology operation by configuring it in the IPv6 address-family submode. There are two exceptions to these instructions: 1. If the address-family stanza in the IS-IS process contains the adjacency-check-disable configuration command, then an interface is not required to have the address family enabled. 2. If the interface is configured to Level 2 only. This particular exception permits the running of IPv4 and IPv6 areas. 3. The command single-topology is not valid in the ipv4 address-family submode. The default metric style f single topology is narrow metrics. However, you can use either wide metrics narrow metrics. How to configure them depends upon how single-topology is configured. If both IPv4 and IPv6 are enabled and single-topology is configured, the metric style is configured in the address-family ipv4 stanza. You may configure the metric style in the address-family ipv6 stanza, but it will be igned in this case. If IPv6 only is enabled and single topology is configured, then the metric style is configured in the address-family ipv6 stanza. RC-38

39 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software SUMMARY STEPS 1. configure 2. interface type number 3. ipv4 address address mask ipv6 address ipv6-prefix/prefix-length [eui-64] ipv6 address ipv6-address {/prefix-length link-local} ipv6 enable 4. exit 5. router isis instance-id 6. net netwk-entity-title 7. address-family ipv6 [unicast] 8. single-topology 9. exit 10. interface type number 11. circuit-type {level-1 level-2-only level-1-2} 12. address-family {ipv4 ipv6} [unicast] 13. end commit 14. show isis [instance instance-id] interface [type number] [detail] [level {1 2}] 15. show isis [instance instance-id] topology [systemid system-id] [level {1 2}] [summary] [ipv4 ipv6] [unicast] DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 RP/0/RP0/CPU0:router# configure interface type number Enters interface configuration mode. RP/0/RP0/CPU0:router(config)# interface POS 0/1/0/3 RC-39

40 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Step 3 Step 4 Step 5 Command Action ipv4 address address mask ipv6 address ipv6-prefix/prefix-length [eui-64] ipv6 address ipv6-address {/prefix-length link-local} ipv6 enable RP/0/RP0/CPU0:router(config-if)# ipv4 address RP/0/RP0/CPU0:router(config-if)# ipv6 address 3ffe:1234:c18:1::/64 eui-64 RP/0/RP0/CPU0:router(config-if)# ipv6 address FE80::260:3EFF:FE11:6770 link-local RP/0/RP0/CPU0:router(config-if)# ipv6 enable exit RP/0/RP0/CPU0:router(config-if)# exit router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp Purpose Defines the IPv4 address f the interface. An IP address is required on all interfaces in an area enabled f IS-IS if any one interface is configured f IS-IS routing. Specifies an IPv6 netwk assigned to the interface and enables IPv6 processing on the interface with the eui-64 keywd. Specifies an IPv6 address assigned to the interface and enables IPv6 processing on the interface with the link-local keywd. Automatically configures an IPv6 link-local address on the interface while also enabling the interface f IPv6 processing. The link-local address can be used only to communicate with nodes on the same link. Specifying the ipv6 address ipv6-prefix/prefix-length interface configuration command without the eui-64 keywd configures site-local and global IPv6 addresses. Specifying the ipv6 address ipv6-prefix/prefix-length command with the eui-64 keywd configures site-local and global IPv6 addresses with an interface ID in the low-der 64 bits of the IPv6 address. Only the 64-bit netwk prefix f the address needs to be specified; the last 64 bits are automatically computed from the interface ID. Specifying the ipv6 address command with the link-local keywd configures a link-local address on the interface that is used instead of the link-local address that is automatically configured when IPv6 is enabled on the interface. Exists interface configuration mode, and returns the router to global configuration mode. Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. By default, all IS-IS instances are Level 1 and Level 2. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. RC-40

41 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Step 6 Step 7 Step 8 Step 9 Step 10 Command Action net netwk-entity-title RP/0/RP0/CPU0:router(config-isis)# net d c address-family ipv6 [unicast] RP/0/RP0/CPU0:router(config-isis)# address-family ipv6 unicast single-topology RP0/0/01:router(config-isis-af)# single-topology exit RP/0/RP0/CPU0:router(config-isis-af)# exit interface type number Purpose Configures NETs f the routing instance. Specify a NET f each routing instance if you are configuring multi-instance IS-IS. You can specify a name f a NET and f an address. This example configures a router with area ID d.0001 and system ID c To specify me than one area address, specify additional NETs. Although the area address ption of the NET will differ, the system-id ption of the NET must match exactly f all of the configured items. Specifies the IPv6 address family and enters address family configuration mode. This example specifies the unicast IPv6 address family. (Optional) Configures the link topology f IPv4 when IPv6 is configured. The single-topology command is valid only in IPv6 submode. The command instructs IPv6 to use the single topology rather than using the default configuration of a separate topology in the multitopology mode. Refer to the Single-Topology IPv6 Suppt section f me infmation. Exits address family configuration mode, and returns the router to global configuration mode. Enters interface configuration mode. RP/0/RP0/CPU0:router(config-isis)# interface POS 0/1/0/3 Step 11 circuit-type {level-1 level-2-only level-1-2} Step 12 RP/0/RP0/CPU0:router(config-isis-if)# circuit-type level-1-2 address-family {ipv4 ipv6 } [unicast] RP/0/RP0/CPU0:router(config-isis-if)# address-family ipv6 unicast (Optional) Configures the type of adjacency. The default circuit type is the configured system type (configured through the is-type command). Typically, circuit type needs to be configured when the router is configured only level-1-2 and you want to constrain an interface to fm only level-1 level-2-only adjacencies. Specifies the IPv4 IPv6 address family, and enters address family configuration mode. This example specifies the unicast IPv6 address family on the interface. RC-41

42 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Step 13 Step 14 Command Action end commit RP/0/RP0/CPU0:router(config-isis-af)# end RP/0/RP0/CPU0:router(config-isis-af)# commit show isis [instance instance-id] interface [type number] [detail] [level {1 2}] Purpose Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays infmation about the IS-IS interface. Step 15 RP/0/RP0/CPU0:router# show isis interface POS0/1/0/1 brief show isis [instance instance-id] topology [systemid system-id] [level {1 2}] [summary] [ipv4 ipv6] [unicast] (Optional) Displays a list of connected routers in all areas. RP/0/RP0/CPU0:router# show isis topology Configuring Multitopology f IS-IS This task explains how to configure multitopology IS-IS. This task is optional. Multitopology is configured in much the same way as the single topology f IPv4 and IPv6 address families. The singletopology configuration command is omitted, invoking the default multitopology behavi. SUMMARY STEPS 1. configure 2. interface type number 3. ipv4 address address mask ipv6 address ipv6-prefix/prefix-length [eui-64] ipv6 address ipv6-address {/prefix-length link-local} ipv6 enable 4. exit 5. router isis instance-id 6. net netwk-entity-title RC-42

43 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software 7. interface type number 8. address-family ipv4 [unicast] 9. address-family ipv6 [unicast] 10. end commit 11. show isis [instance instance-id] interface [type number] [brief detail] [level {1 2}] 12. show isis [instance instance-id] topology [systemid system-id] [level {1 2}] [ipv4 ipv6] [summary] [unicast] 13. show isis [instance instance-id] adjacency [level {1 2}] [interface-type interface-number] [detail] [systemid system-id] 14. show isis adjacency-log [level {1 2}] DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 RP/0/RP0/CPU0:router# configure interface type number Enters interface configuration mode. RP/0/RP0/CPU0:router(config-isis)# interface POS 0/1/0/3 RC-43

44 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Step 3 Step 4 Step 5 Command Action ipv4 address address mask ipv6 address ipv6-prefix/prefix-length [eui-64] ipv6 address ipv6-address {/prefix-length link-local} ipv6 enable RP/0/RP0/CPU0:router(config-isis-if)# ipv4 address RP/0/RP0/CPU0:router(config-isis-if)# ipv6 address 3ffe:1234:c18:1::/64 eui-64 RP/0/RP0/CPU0:router(config-isis-if)# ipv6 address FE80::260:3EFF:FE11:6770 link-local RP/0/RP0/CPU0:router(config-isis-if)# ipv6 enable exit RP/0/RP0/CPU0:router(config-if)# exit router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp Purpose Defines the IPv4 address f the interface. An IP address is required on all interfaces in an area enabled f IS-IS if any one interface is configured f IS-IS routing. Specifies an IPv6 netwk assigned to the interface and enables IPv6 processing on the interface. Specifies an IPv6 address assigned to the interface and enables IPv6 processing on the interface. Automatically configures an IPv6 link-local address on the interface while also enabling the interface f IPv6 processing. The link-local address can be used only to communicate with nodes on the same link. Specifying the ipv6 address ipv6-prefix/prefix-length interface configuration command without the eui-64 keywd configures site-local and global IPv6 addresses. Specifying the ipv6 address ipv6-prefix/prefix-length command with the eui-64 keywd configures site-local and global IPv6 addresses with an interface ID in the low-der 64 bits of the IPv6 address. Only the 64-bit netwk prefix f the address needs to be specified; the last 64 bits are automatically computed from the interface ID. Specifying the ipv6 address command with the link-local keywd configures a link-local address on the interface that is used instead of the link-local address that is automatically configured when IPv6 is enabled on the interface. Exists interface configuration mode, and returns the router to global configuration mode. Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. RC-44

45 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Step 6 Step 7 Command Action net netwk-entity-title RP/0/RP0/CPU0:router(config-isis)# net d c interface type number Purpose Configures NETs f the routing instance. Specify a NET f each routing instance if you are configuring multi-instance IS-IS. You can specify a name f a NET and f an address. This example configures a router with area ID d.0001 and system ID c To specify me than one area address, specify additional NETs. Although the area address ption of the NET will differ, the system-id ption of the NET must match exactly f all of the configured items. Enters interface configuration mode. Step 8 Step 9 Step 10 Step 11 RP/0/RP0/CPU0:router(config-isis)# interface POS 0/1/0/4 address-family ipv4 unicast RP/0/RP0/CPU0:router(config-isis)# address-family ipv4 unicast address-family ipv6 unicast RP/0/RP0/CPU0:router(config-isis)# address-family ipv6 unicast end commit RP/0/RP0/CPU0:router(config-isis-af)# end RP/0/RP0/CPU0:router(config-isis-af)# commit show isis [instance instance-id] interface [type number] [brief detail] [level {1 2}] Specifies the IPv4 address family and enters address family configuration mode. This example specifies the unicast IPv4 address family. Specifies the IPv6 address family and enters address family configuration mode. This example specifies the unicast IPv6 address family. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays infmation about the IS-IS interface. RP/0/RP0/CPU0:router# show isis interface POS 0/1/0/1 brief RC-45

46 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Step 12 Command Action show isis [instance instance-id] topology [systemid system-id] [level {1 2}] [summary] [ipv4 ipv6] [unicast] Purpose (Optional) Displays a list of connected routers in all areas. Step 13 RP/0/RP0/CPU0:router# show isis topology show isis [instance instance-id] adjacency [level {1 2}] [interface-type interface-number] [detail] [systemid system-id] (Optional) Displays state infmation about established adjacencies. : RP/0/RP0/CPU1:router# show isis adjacency Step 14 show isis adjacency-log [level {1 2}] RP/0/RP0/CPU1:router# show isis adjacency-log level 1 (Optional) Displays the histy of recent adjacency state transitions. Controlling LSP Flooding f IS-IS SUMMARY STEPS Flooding of LSPs can limit netwk scalability. You can control LSP flooding by tuning your LSP database parameters on the router globally on the interface. This task is optional. Many of the commands to control LSP flooding contain an option to specify the level to which they apply. Without the option, the command applies to both levels. If an option is configured f one level, the other level continues to use the default value. To configure options f both levels, use the command twice. F example: lsp-refresh-interval 1200 level 2 lsp-refresh-interval 1100 level 1 1. configure 2. router isis instance-id 3. lsp-refresh-interval seconds [level {1 2}] 4. lsp-check-interval seconds [level {1 2}] 5. lsp-gen-interval seconds [level {1 2}] 6. lsp-mtu bytes [level {1 2}] 7. max-lsp-lifetime seconds [level {1 2}] 8. igne-lsp-errs [enable disable] 9. interface type number 10. lsp-interval milliseconds [level {1 2}] 11. csnp-interval seconds [level {1 2}] 12. retransmit-interval seconds 13. retransmit-throttle-interval milliseconds RC-46

47 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software 14. mesh-group [number blocked] 15. end commit 16. show isis [instance instance-id] interface [type number] [brief detail] [level {1 2}] 17. show isis [instance instance-id] database [level {1 2}] [detail summary verbose] [* lsp-id] 18. show isis [instance instance-id] lsp-log [level {1 2}] 19. show isis database-log [level {1 2}] DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 RP/0/RP0/CPU0:router# configure router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp Step 3 lsp-refresh-interval seconds [level {1 2}] RP/0/RP0/CPU0:router(config-isis)# lsp-refresh-interval Step 4 lsp-check-interval seconds [level {1 2}] RP/0/RP0/CPU0:router(config-isis)# log-check-interval 240 Step 5 lsp-gen-interval seconds [level {1 2}] RP/0/RP0/CPU0:router(config-isis)# lsp-gen-interval 100 Step 6 lsp-mtu bytes [level {1 2}] RP/0/RP0/CPU0:router(config-isis)# lsp-mtu 1300 Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. (Optional) Sets the time between regeneration of LSPs that contain different sequence numbers The refresh interval should always be set lower than the max-lsp-lifetime command. (Optional) Configures the time between periodic checks of the entire database to validate the checksums of the LSPs in the database. This operation is costly in terms of CPU and so should be configured to occur infrequently. (Optional) Configures a limit on the minimum amount of time that must elapse befe a new LSP is issued in response to a change. This operation suppresses the generated LSP from changing too quickly. (Optional) Sets the maximum transmission unit (MTU) size of LSPs. RC-47

48 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Step 7 max-lsp-lifetime seconds [level {1 2}] Step 8 Step 9 Command Action RP/0/RP0/CPU0:router(config-isis)# max-lsp-lifetime igne-lsp-errs [enable disable] RP/0/RP0/CPU0:router(config-isis)# igne-lsp-errs interface type number Purpose (Optional) Sets the initial lifetime given to an LSP iginated by the router. This is the amount of time that the LSP will persist in the database of a neighb unless the LSP is regenerated refreshed. (Optional) Allows the netwking device to igne LSPs that are received with internal checksum errs rather than to purge the LSPs. Enters interface configuration mode. RP/0/RP0/CPU0:router(config-isis)# interface POS 0/1/0/3 Step 10 lsp-interval milliseconds [level {1 2}] RP/0/RP0/CPU0:router(config-isis-if)# lsp-interval 100 Step 11 csnp-interval seconds [level {1 2}] Step 12 Step 13 Step 14 RP/0/RP0/CPU0:router(config-isis-if)# csnp-interval 30 level 1 retransmit-interval seconds RP/0/RP0/CPU0:router(config-isis-if)# retransmit-interval 60 retransmit-throttle-interval milliseconds RP/0/RP0/CPU0:router(config-isis-if)# retransmit-throttle-interval 1000 mesh-group [number blocked] RP/0/RP0/CPU0:router(config-isis-if)# mesh-group blocked (Optional) Configures the amount of time between each LSP sent on an interface. (Optional) Configures the interval at which periodic CSNPs packets are sent on broadcast interfaces. Sending me frequent CSNPs means that adjacent routers must wk harder to receive them. Sending less frequent CSNPs means that differences in the adjacent routers may persist longer. (Optional) Configures the amount of time that the sending router waits f an acknowledgment befe it considers that the LSP was not received, and subsequently resends. (Optional) Configures the amount of time between retransmissions on each LSP on a point-to-point interface. This time is usually greater than equal to the lsp-interval command time because the reason f lost LSPs may be due to a neighbing router that is busy. A longer interval gives the neighb me time to receive transmissions. (Optional) Optimizes LSP flooding in NBMA netwks with highly meshed, point-to-point topologies. This command is appropriate only f an NBMA netwk with highly meshed, point-to-point topologies. RC-48

49 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Step 15 Step 16 Command Action end commit RP/0/RP0/CPU0:router(config-isis-if)# end RP/0/RP0/CPU0:router(config-isis-if)# commit show isis [instance instance-id] interface [type number] [brief detail] [level {1 2}] Purpose Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays infmation about the IS-IS interface. Step 17 RP/0/RP0/CPU0:router# show isis interface POS0/1/0/1 brief show isis [instance instance-id] database [level {1 2}] [detail summary verbose] [* lsp-id] (Optional) Displays the IS-IS LSP database. Step 18 RP/0/RP0/CPU0:router# show isis database level 1 show isis [instance instance-id] lsp-log [level {1 2}] (Optional) Displays LSP log infmation. RP/0/RP0/CPU0:router# show isis lsp-log Step 19 show isis database-log [level {1 2}] (Optional) Display IS-IS database log infmation. RP/0/RP0/CPU0:router# show isis database-log level 1 Configuring Nonstop Fwarding f IS-IS This task explains how to configure your router with NSF that allows the Cisco IOS-XR software to resynchronize the IS-IS link-state database with its IS-IS neighbs after a process restart. The process restart could be due to an: RP failover (where it is a warm restart) Simple process restart (due to an IS-IS reload other administrative request to restart the process) IS-IS software upgrade RC-49

50 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software In all cases, NSF mitigates link flaps and loss of user sessions. This task is optional. SUMMARY STEPS 1. configure 2. router isis instance-id 3. nsf {cisco ietf} 4. nsf interface-expires number 5. nsf interface-timer seconds 6. nsf lifetime seconds 7. end commit 8. show running-config [command] DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 Step 5 RP/0/RP0/CPU0:router# configure router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp nsf {cisco ietf} RP/0/RP1/CPU0:router(config-isis)# nsf ietf nsf interface-expires number RP/0/RP1/CPU0:router(config-isis)# nsf interface-expires 1 nsf interface-timer seconds RP/0/RP1/CPU0:router(config-isis) nsf interface-timer 15 Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. Enables NSF on the next restart. Enter the cisco keywd to run IS-IS in heterogeneous netwks that might not have adjacent NSF-aware netwking devices. Enter the ietf keywd to enable IS-IS in homogeneous netwks where all adjacent netwking devices suppt IETF draft-based restartability. Configures the number of resends of an acknowledged NSF-restart acknowledgment. If the resend limit is reached during the NSF restart, the restart falls back to a cold restart. Configures the number of seconds to wait f each restart acknowledgement. RC-50

51 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Step 6 Step 7 Step 8 Command Action nsf lifetime seconds RP/0/RP0/CPU0:router(config-isis)# nsf lifetime 20 end commit RP/0/RP0/CPU0:router(config-isis)# end RP/0/RP0/CPU0:router(config-isis)# commit show running-config [command] RP/0/RP0/CPU0:router# show running-config router isis isp Purpose Configures the maximum route lifetime following an NSF restart. This command should be configured to the length of time required to perfm a full NSF restart because it will be the amount of time that the Routing Infmation Base (RIB) retains the routes during the restart. Setting this value too high results in stale routes. Setting this value too low could result in routes purged too soon. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays the entire contents of the currently running configuration file a subset of that file. Verify that nsf appears in the IS-IS configuration of the NSF-aware device. This example shows the contents of the configuration file f the isp instance only. Configuring Authentication f IS-IS This task explains how to configure authentication f IS-IS. This task is optional. Authentication is available to limit the establishment of adjacencies via the hello-passwd configuration, and to limit the exchange of LSPs via the LSP passwd. IS-IS suppts plain-text authentication, which does not provide security against hackers other unauthized users. Plain-text authentication allows you to configure a passwd to prevent unauthized netwking devices from fming adjacencies with this netwking device. The passwd is exchanged as plain text and is potentially visible to an agent able to view the IS-IS packets. IS-IS stes a configured passwd using simple encryption. However, the plain-text fm of the passwd is used in LSPs, sequence number protocols (SNPs), and hello packets, which would be visible to a process that can view IS-IS packets. The passwds can be entered in plain text (preceded by a 0), in encrypted (preceded by a 7) fm. To set the domain passwd, configure the lsp-passwd f Level 2; to set the area passwd configure the lsp-passwd f Level 1. RC-51

52 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software SUMMARY STEPS 1. configure 2. router isis instance-id 3. lsp-passwd [0 7] passwd [level {1 2}] [snp {send-only validate}] 4. interface type number 5. hello-passwd [0 7] passwd [level {1 2}] 6. end commit DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 RP/0/RP0/CPU0:router# configure router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp Step 3 lsp-passwd [0 7] passwd [level {1 2}] [snp {send-only validate}] RP/0/RP0/CPU0:router(config-isis)# lsp-passwd passwd1 level 1 Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. Configures the LSP authentication passwd. The configured passwd argument is exchanged as plain text and thus this command provides only limited security. Zero specifies that an unencrypted passwd will follow and 7 specifies that an encrypted passwd will follow. If a value is omitted, an unencrypted passwd is assumed. The level 1 keywds sets a passwd f authentication in the area (in Level 1 LSPs and Level SNPs). The level 2 keywds sets a passwd f authentication in the backbone (the Level 2 area). The snp send-only option provides a transition mode f turning on off authentication without disruption. The snp validate option specifies that passwds are both sent and validated f SNPs. The recommended passwd configuration is that both incoming and outgoing SNPs be authenticated using the snp validate option. RC-52

53 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Step 4 Command Action interface type number Purpose Enters interface configuration mode. RP/0/RP0/CPU0:router(config-isis)# interface POS 0/1/0/3 Step 5 hello-passwd [0 7] passwd [level {1 2}] Configures the authentication passwd f an IS-IS interface. Step 6 RP/0/RP0/CPU1:router(config-isis-if)# hello-passwd mypasswd end commit RP/0/RP0/CPU0:router(config-isis)# end RP/0/RP0/CPU0:router(config-isis)# commit Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Configuring MPLS Traffic Engineering f IS-IS This task explains how to configure IS-IS f MPLS TE. This task is optional. F a description of the MPLS TE tasks and commands that allow you to configure the router to suppt tunnels, configure an MPLS tunnel that IS-IS can use and troubleshoot MPLS TE, refer to the Implementing MPLS Traffic Engineering on Cisco IOS-XR Software. Prerequisite Your netwk must suppt the following Cisco IOS-XR features befe you enable MPLS TE f IS-IS on your router: MPLS IP Cisco Express Fwarding (CEF) Note You must enter the commands in the following task list on every IS-IS router in the traffic-engineered ption of your netwk. RC-53

54 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Restrictions MPLS traffic engineering currently suppts only a single IS-IS level and does not suppt routing and signaling of LSPs over unnumbered IP links. Therefe, do not configure the feature over those links. SUMMARY STEPS 1. configure 2. router isis instance-id 3. address-family {ipv4 ipv6} [unicast] 4. mpls traffic-eng [level {1 2}] 5. mpls traffic-eng router-id {ip-address interface-name} 6. metric-style wide [level {1 2}] 7. end commit 8. show isis [instance instance-id] mpls traffic-eng tunnel 9. show isis [instance instance-id] mpls traffic-eng adjacency-log 10. show isis [instance instance-id] mpls traffic-eng advertisements DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 RP/0/RP0/CPU0:router# configure router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp address-family {ipv4 ipv6} [unicast] RP/0/RP0/CPU0:router(config-isis)# address-family ipv6 unicast Step 4 mpls traffic-eng [level {1 2}] RP/0/RP0/CPU0:router(config-isis-af)# mpls traffic-eng level 1 Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. Specifies the IPv4 IPv6 address family, and enters address family configuration mode. This example specifies the unicast IPv6 address family. Configures a router running IS-IS to flood MPLS TE link infmation into the indicated IS-IS level. RC-54

55 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Command Action Step 5 mpls traffic-eng router-id {ip-address interface-name} Purpose Specifies that the MPLS TE router identifier f the node is the IP address associated with a given interface. RP/0/RP0/CPU0:router(config-isis-af)# mpls traffic-eng router-id loopback0 Step 6 metric-style wide [level {1 2}] Configures a router to generate and accept only wide link metrics in the Level 1 area. Step 7 Step 8 RP/0/RP0/CPU0:router(config-isis-af)# metric-style wide level 1 end commit RP/0/RP0/CPU0:router(config-isis-af)# end RP/0/RP0/CPU0:router(config-isis-af)# commit show isis [instance instance-id] mpls traffic-eng tunnel Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays MPLS TE tunnel infmation. Step 9 RP/0/RP0/CPU0:router# show isis instance isp mpls traffic-eng tunnel show isis [instance instance-id] mpls traffic-eng adjacency-log (Optional) Displays a log of MPLS TE IS-IS adjacency changes. Step 10 RP/0/RP0/CPU0:router# show isis instance isp mpls traffic-eng adjacency-log show isis [instance instance-id] mpls traffic-eng advertisements (Optional) Displays the latest flooded recd from MPLS TE. RP/0/RP0/CPU0:router# show isis instance isp mpls traffic-eng advertisements RC-55

56 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Tuning Adjacencies f IS-IS on Point-to-Point Interfaces This task explains how to enable logging of adjacency state changes, alter the timers f IS-IS adjacency packets, and display various aspects of adjacency state. Tuning your IS-IS adjacencies increases netwk stability when links are congested. This task is optional. F point-to-point links, IS-IS sends only a single hello f Level 1 and Level 2, which means that the level modifiers are meaningless on point-to-point links. To modify hello parameters f a point-to-point interface, omit the specification of the level options. The options configurable in the interface submode apply only to that interface. By default the values are applied to both Level 1 and Level 2 The hello-passwd command can be used to prevent adjacency fmation with unauthized undesired routers. This ability is particularly useful on a LAN, where connections to routers with which you have no desire to establish adjacencies are commonly found. SUMMARY STEPS: POINT-TO-POINT INTERFACE 1. configure 2. router isis instance-id 3. log adjacency changes 4. interface type number 5. hello-padding [disable sometimes] 6. hello-interval seconds 7. hello-multiplier multiplier 8. hello-passwd [0 7] passwd 9. end commit 10. show isis [instance instance-id] adjacency [interface-type interface-number] [detail] [systemid system-id] 11. show isis adjacency-log 12. show isis [instance instance-id] interface [type number] [brief detail] [level {1 2}] 13. show isis [instance instance-id] neighbs [interface-type interface-number] [summary] [detail] [systemid system-id] RC-56

57 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 RP/0/RP0/CPU0:router# configure router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp log adjacency changes RP/0/RP0/CPU0:router(config-isis)# log adjacency changes interface type number Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. Generates a log message when an IS-IS adjacency changes state (up down). Enters interface configuration mode. Step 5 Step 6 Step 7 Step 8 RP/0/RP0/CPU0:router(config-isis)# interface POS 0/1/0/3 hello-padding [disable sometimes] RP/0/RP0/CPU0:router(config-isis-if)# hello-padding hello-interval seconds RP/0/RP0/CPU0:router(config-isis-if)# hello-interval 6 hello-multiplier multiplier RP/0/RP0/CPU0:router(config-isis-if)# hello-multiplier 10 hello-passwd [0 7] passwd RP/0/RP0/CPU1:router(config-isis-if)# hello-passw d mypasswd Configures padding on IS-IS hello PDUs f all IS-IS interfaces on the netwking device. Hello padding applies to only this interface and not to all interfaces. Specifies the length of time between hello packets that the software sends. Specifies the number of IS-IS hello packets a neighb must miss befe the netwking device should declare the adjacency as down. A higher value increases the netwks tolerance f dropped packets, but also may increase the amount of time required to detect the failure of an adjacent router. Conversely, not detecting the failure of an adjacent router can result in greater packet loss. Specifies that this system include authentication in the hello packets, and requires a matching passwd in the hello packet in der to establish an adjacency. RC-57

58 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Step 9 Step 10 Command Action end commit RP/0/RP0/CPU0:router(config-isis-if)# end RP/0/RP0/CPU0:router(config-isis-if)# commit show isis [instance instance-id] adjacency [interface-type interface-number] [detail] [systemid system-id] Purpose Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays IS-IS adjacencies. Step 11 Step 12 RP/0/RP0/CPU0:router# show isis instance isp adjacency ipv4 show isis adjacency-log RP/0/RP0/CPU1:router# show isis adjacency-log show isis [instance instance-id] interface [type number] [brief detail] [level {1 2}] (Optional) Displays a log of the most recent adjacency state transitions. (Optional) Displays infmation about the IS-IS interface. Step 13 RP/0/RP0/CPU0:router# show isis interface POS 0/1/0/1 brief show isis [instance instance-id] neighbs [interface-type interface-number] [summary] [detail] [systemid system-id] (Optional) Displays infmation about IS-IS neighbs. RP/0/RP0/CPU0:router# show isis neighbs summary Setting SPF Interval f a Single-topology IPv4 and IPv6 Configuration This task explains how to make adjustments to the SPF calculation to tune router perfmance. This task is optional. Because the SPF calculation computes routes f a particular topology, the tuning attributes are located in the address family configuration submode. SPF calculation computes routes f Level 1 and Level 2 separately. RC-58

59 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software When IPv4 and IPv6 address families are used in a single topology mode, there is only a single SPF f the IPv4 topology. The IPv6 topology brows the IPv4 topology; therefe, no SPF calculation is required f IPv6. In der to tune the SPF calculation parameters f single-topology mode, configure the address-family ipv4 unicast command. The incremental SPF algithm can be enabled separately. When enabled, the incremental shtest path first (ispf) is not employed immediately. Instead, the full SPF algithm is used to seed the state infmation required f the ispf to run. The startup delay prevents the ispf from running f a specified interval after an IS-IS restart (to permit the database to stabilize). After the startup delay elapses, the ispf is principally responsible f perfming all of the SPF calculations. The reseed interval enables a periodic running of the full-spf to ensure that the isfp state remains synchronized. SUMMARY STEPS 1. configure 2. router isis instance-id 3. address-family {ipv4 ipv6} [unicast] 4. spf-interval seconds [level {1 2}] 5. ispf {enable disable} [level {1 2}] 6. ispf startup-delay seconds [level {1 2}] 7. ispf reseed-interval seconds [level {1 2}] 8. end commit 9. show isis [instance instance-id] spf-log [level {1 2}] [ipv4 ipv6] [unicast] 10. show isis [instance instance-id] ispf-log [level {1 2}] [ipv4 ipv6] [unicast] DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 RP/0/RP0/CPU0:router# configure router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp address-family {ipv4 ipv6} [unicast] RP/0/RP0/CPU0:router(config-isis)# address-family ipv6 unicast Enables IS-IS routing f the specified routing instance, and places the router in router configuration mode. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. Specifies the IPv4 IPv6 address family, and enters address family configuration mode. This example specifies the unicast IPv6 address family. RC-59

60 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Command Action Step 4 spf-interval seconds [level {1 2}] RP/0/RP0/CPU0:router(config-isis-af)# spf-interval 30 Purpose (Optional) Controls the minimum time between successive SPF calculations. This value imposes a delay in the SPF computation after an event trigger and enfces a minimum elapsed time between SPF runs. If this value is configured too low, the router can lose too many CPU resources when the netwk is unstable. Configuring the value too high delays changes in the netwk topology that result in lost packets. The SPF interval does not apply to the running of the ispf, because that algithm runs immediately upon receiving a changed LSP. Step 5 ispf {enable disable} [level {1 2}] (Optional) Configures incremental IS-IS ispf to calculate netwk topology. RP/0/RP0/CPU0:router(config-isis-af)# ispf disable Step 6 ispf startup-delay seconds [level {1 2}] (Optional) Configures the time delay between the starting of the IS-IS instance and the activation of ispf. RP/0/RP0/CPU0:router(config-isis-af)# ispf startup-delay 600 Step 7 ispf reseed-interval seconds [level {1 2}] (Optional) Configures the interval at which a periodic full SPF calculation is run when ispf is active. Step 8 RP/0/RP0/CPU0:router(config-isis-af)# ispf reseed-interval 900 end commit RP/0/RP0/CPU0:router(config-isis-af)# end RP/0/RP0/CPU0:router(config-isis-af)# commit Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. RC-60

61 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Step 9 Command Action show isis [instance instance-id] spf-log [level {1 2}] [{ipv4 ipv6} unicast] Purpose (Optional) Displays how often and why the router has run a full SPF calculation. Step 10 RP/0/RP0/CPU0:router# show isis instance 1 spf-log ipv4 show isis [instance instance-id] ispf-log [level {1 2}] [ipv4 ipv6] [unicast] (Optional) Displays infmation about the incremental ispf algithm histy. RP/0/RP0/CPU1:router# show isis ispf-log ipv4 unicast Customizing Routes f IS-IS SUMMARY STEPS This task explains how to perfm route functions that include injecting default routes into your IS-IS routing domain and redistributing routes learned at one IS-IS level into a different level. This task is optional. 1. configure 2. router isis instance-id 3. set-overload-bit [on-startup {delay wait-f-bgp}] 4. address-family {ipv4 ipv6} [unicast] 5. default-infmation iginate [route-map map-name] 6. redistribute isis instance [level-1 level-2 level-1-2] [metric metric] [metric-type {internal external}] policy policy-name] 7. summary-prefix [address/prefix-length] [level {1 2}] summary-prefix [ipv6-prefix/prefix-length] [level {1 2}] 8. maximum-paths route-number 9. distance weight [ip-address mask [access-list-name]] 10. set-attached-bit 11. end commit RC-61

62 How to Implement IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 RP/0/RP0/CPU0:router# configure router isis instance-id RP/0/RP0/CPU0:router(config)# router isis isp Step 3 set-overload-bit [on-startup {delay wait-f-bgp}] Step 4 Step 5 RP/0/RP0/CPU0:router(config-isis)# set-overload-bit address-family {ipv4 ipv6 } [unicast] RP/0/RP0/CPU0:router(config-isis)# address-family ipv6 unicast default-infmation iginate [route-map map-name] RP/0/RP0/CPU0:router(config-isis-af)# default-infmation iginate Step 6 redistribute isis instance [level-1 level-2 level-1-2] [metric metric] [metric-type {internal external}] [policy policy-name] RP/0/RP0/CPU0:router(config-isis-af)# redistribute isis 2 level-1 Enables IS-IS routing f the specified routing process, and places the router in router configuration mode. By default, all IS-IS instances are automatically Level 1 and Level 2. You can change the level of routing to be perfmed by a particular routing instance using the is-type router configuration command. (Optional) Sets the overload bit. Note The configured overload bit behavi does not apply to NSF restarts, because the NSF restart does not set the overload bit during restart. Specifies the IPv4 IPv6 address family, and enters address family configuration mode. This example specifies the unicast IPv6 address family. (Optional) Injects a default IPv4 IPv6 route into an IS-IS routing domain. The route-map keywd and map-name argument specify the conditions under which the IPv4 IPv6 default route is advertised. If the route-map keywd is omitted, then the IPv4 IPv6 default route will be unconditionally advertised at Level 2. (Optional) Redistributes routes from one IS-IS instance into another instance. In this example, an IS-IS instance redistributes IS-IS instance 2 routes into its Level 1 area. RC-62

63 Implementing IS-IS on Cisco IOS-XR Software How to Implement IS-IS on Cisco IOS-XR Software Step 7 Step 8 Step 9 Step 10 Step 11 Command Action summary-prefix [address/prefix-length] [level {1 2}] summary-prefix [ipv6-prefix/prefix-length] [level {1 2}] RP/0/RP0/CPU0:router(config-isis-af)# summary-address /16 level 1 RP/0/RP0/CPU0:router(config-isis-af)# summary-prefix 3003:xxxx::/24 level 1 maximum-paths route-number RP/0/RP0/CPU0:router(config-isis-af)# maximum-paths 16 distance weight [address/prefix-length [route-list-name]] RP/0/RP0/CPU0:router(config-isis-af)# distance 90 set-attached-bit RP/0/RP0/CPU0:router(config-isis-af)# set-attached-bit end commit RP/0/RP0/CPU0:router(config-isis-af)# end RP/0/RP0/CPU0:router(config-isis-af)# commit Purpose (Optional) Allows a Level 1-2 router to summarize Level 1 IPv4 and IPv6 prefixes at Level 2, instead of advertising the Level 1 prefixes directly when the router advertises the summary. This example specifies an IPv4 address and mask. This example specifies an IPv6 prefix and the command must be in the fm documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. Note that IPv6 prefixes must be configuredonly in the ipv6 address-family configuration submode, and IPv4 prefixes in the ipv4 address-family configuration submode. (Optional) Configures the maximum number of parallel paths allowed in a routing table. (Optional) Defines the administrative distance assigned to routes discovered by the IS-IS protocol. A different administrative distance may be applied f IPv4 and IPv6. (Optional) Configures an IS-IS instance with an attached bit in the Level 1 LSP. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. RC-63

64 Configuration Examples f Implementing IS-IS on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Configuration Examples f Implementing IS-IS on Cisco IOS-XR Software This section provides the following configuration examples: Configuring Single-Topology IS-IS f IPv6: Example, page RC-64 Configuring Multitopology IS-IS f IPv6: Example, page RC-64 Redistributing IS-IS Routes Between Multiple Instances: Example, page RC-65 Configuring Single-Topology IS-IS f IPv6: Example The following example enables single-topology mode, creates an IS-IS instance, defines the NET, configures IPv6 along with IPv4 on an interface, and uses IPv4 link topology f IPv6. This configuration allows POS interface 0/3/0/0 to fm adjacencies f both IPv4 and IPv6 addresses. router isis isp net address-family ipv6 unicast single-topology interface POS0/3/0/0 address-family ipv4 unicast address-family ipv6 unicast exit interface POS0/3/0/0 ipv4 address ipv6 address 2001::1/64 Configuring Multitopology IS-IS f IPv6: Example The following example configures multitopology IS-IS in IPv6. You need not enable IS-IS f IPv6 globally on the router. router isis isp net interface POS0/3/0/0 address-family ipv6 unicast metric-style wide level 1 exit interface POS0/3/0/0 ipv6 address 2001::1/64 RC-64

65 Implementing IS-IS on Cisco IOS-XR Software Where to Go Next Redistributing IS-IS Routes Between Multiple Instances: Example The following example sets the attached bit f a Level 1 instance. This infms the other Level 1 routers in the area that this router is a suitable candidate to get from the area to the backbone. Also, the Level 1 instance is propagating routes to the Level 2 instance via redistribution. Note that the admin distance is explicitly configured higher on the Level 2 instance to ensure that Level 1 routes are preferred. router isis 1 is-type level-2-only net address-family ipv4 unicast distance 116 redistribute isis 2 level 2 interface POS0/3/0/0 address-family ipv4 unicast router isis 2 is-type level-1 net address-family ipv4 unicast set-attached-bit interface POS0/1/0/0 address-family ipv4 unicast Where to Go Next To implement me IP routing protocols, refer to the following document modules: Implementing OSPF on Cisco IOS-XR Software Implementing BGP on Cisco IOS-XR Software RC-65

66 Additional References Implementing IS-IS on Cisco IOS-XR Software Additional References The following sections provide references related to implementing IS-IS on Cisco IOS-XR software. Related Documents Related Topic IS-IS commands Cisco IOS IS-IS commands Cisco IOS IS-IS configuration tasks IPv6 basic connectivity MPLS TE feature infmation Document Title Cisco IOS-XR Routing Software Product Commands Cisco IOS IP Command Reference, Volume 2 of 4: Routing Protocols, Release cgcr/iprrp_r/index.htm Cisco IOS IP Configuration Guide 123cgcr/ip_vcg.htm Implementing Basic Connectivity f IPv6 module f Cisco IOS Release cgcr/ipv6_c/sa_bconn.htm Implementing MPLS Traffic Engineering Configuration Guide 121newft/121t/121t3/traffeng.htm Standards Standards Draft-ietf-isis-ipv6-05.txt Draft-ietf-isis-wg-multi-topology-06.txt Draft-ietf-isis-traffic-05.txt Draft-ietf-isis-restart-04.txt Title Routing IPv6 with IS-IS, by Christian E. Hopps M-ISIS: Multi Topology (MT) Routing in IS-IS, by Tony Przygienda, Naiming Shen, and Nischal Sheth y-06.txt IS-IS Extensions f Traffic Engineering, by Henk Smit and Toni Li. Restart Signaling f IS-IS, by M. Shand and Les Ginsberg. RC-66

67 Implementing IS-IS on Cisco IOS-XR Software Additional References RFCs RFCs RFC 1142 RFC 1195 RFC 2763 RFC 2966 RFC 2973 RFC 3277 RFC 3373 Title OSI IS-IS Intra-domain Routing Protocol Use of OSI IS-IS f Routing in TCP/IP and Dual Environments Dynamic Hostname Exchange Mechanism f IS-IS Domain-wide Prefix Distribution with Two-Level IS-IS IS-IS Mesh Groups IS-IS Transient Blackhole Avoidance Three-Way Handshake f IS-IS Point-to-Point Adjacencies Technical Assistance Description Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even me content. Link RC-67

68 Glossary Implementing IS-IS on Cisco IOS-XR Software Glossary CSNPs complete sequence number PDUs packets. Packets to be used on blocked point-to-point links. FIB Fwarding Infmation Base. LSP link-state packet. A routing infmation packet data unit. MPLS TE Multiprotocol Label Switching traffic engineering. A feature that enables an MPLS backbone to replicate and expand upon the traffic engineering capabilities of Layer 2 ATM and Frame Relay netwks. NSF nonstop fwarding. A feature that minimizes the amount of time a netwk is unavailable to its users following a Route Process failover. ispf incremental Shtest Path First. Incremental SPF optimization improves the way that routing tables are rebuilt in case of routing faults, because only the affected ption of the routing table is rebuilt, regardless of the router s location. As a result, every router must rebuild the complete routing table, even if the faulty router is geographically remote and affects only a small ption of the individual routing table. SPF Shtest Path First. The E. W. Dijkstra algithm that computes the shtest path between one source node and the other nodes in the netwk. SNP sequence number protocol. SRP Spatial Reuse Protocol. A Cisco-developed MAC layer protocol to allow multiple access to a SONET ring. It uses destination stripping of unicast packets to enable spatial reuse. TLVs type, length, values objects. Extensions in the IS-IS link-state packets. Note Refer to Internetwking Terms and Acronyms f terms not included in this glossary. g y g Cisco Systems, Inc.; Changing the Way We Wk, Live, Play, and Learn, and iquick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwk Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scecard, LightStream, Linksys, MeetingPlace, MGX, the Netwkers logo, Netwking Academy, Netwk Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/ its affiliates in the United States and certain other countries. All other trademarks mentioned in this document Website are the property of their respective owners. The use of the wd partner does not imply a partnership relationship between Cisco and any other company. (0403R) RC-68

69 Implementing OSPF on Cisco IOS-XR Software Open Shtest Path First (OSPF) is an Interi Gateway Protocol (IGP) developed by the OSPF wking group of the Internet Engineering Task Fce (IETF). Designed expressly f IP netwks, OSPF suppts IP subnetting and tagging of externally derived routing infmation. OSPF also allows packet authentication and uses IP multicast when sending and receiving packets. Implementing OSPF version 3 (OSPFv3) expands on OSPF Version 2, to provide suppt f IPv6 routing prefixes. This module describes the concepts and tasks you need to implement both versions of OSPF on your Cisco IOS-XR router. The term OSPF will imply both versions of the routing protocol, unless otherwise noted. Note F a complete description of the OSPF commands listed in this chapter, refer to the OSPF Commands on Cisco IOS-XR Software and OSPFv3 Commands on Cisco IOS-XR Software in the Cisco IOS-XR Routing Command Reference publication. To locate documentation f other commands that might appear in this chapter, search in the individual index documents associated with the appropriate software product, such as the IP Security Software Product. Feature Histy f Implementing OSPF on Cisco IOS-XR Software Release Initial Modification This feature was introduced. Contents Prerequisites f Implementing OSPF on Cisco IOS-XR Software, page RC-70 Restrictions f Implementing OSPF on Cisco IOS-XR Software, page RC-70 Infmation About Implementing OSPF on Cisco IOS-XR Software, page RC-70 How to Implement OSPF on Cisco IOS-XR Software, page RC-85 Configuration Examples f Implementing OSPF on Cisco IOS-XR Software, page RC-119 Cpate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA USA Copyright 2004 Cisco Systems, Inc. All rights reserved.

70 Prerequisites f Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Where to Go Next, page RC-125 Additional References, page RC-126 Glossary, page RC-128 Prerequisites f Implementing OSPF on Cisco IOS-XR Software This document assumes that you are familiar with OSPF on Cisco IOS software. Refer to the publications listed in the Related Documents section f additional OSPF configuration and command reference infmation. Configuration tasks f OSPFv3 assumes that you are familiar with IPv6 addressing and basic configuration. Refer to the Implementing Basic Connectivity f IPv6 module f me infmation. Befe you enable OSPFv3 on an interface, you must perfm the following tasks: Complete the OSPF netwk strategy and planning f your IPv6 netwk. F example, you must decide whether multiple areas are required. Enable IPv6 on the interface. Configuring authentication (IP Security) is an optional task. If you choose to configure authentication, you must first decide whether to configure plain text Message Digest 5 (MD5) authentication, and whether the authentication applies to an entire area specific interfaces. Note Authentication (IP Security) f OSPFv3 is not suppted in this software release. Restrictions f Implementing OSPF on Cisco IOS-XR Software To access the OSPF and OSPFv3 command-line interface (CLI) configuration, you must belong to a task group associated with the ospf task ID. Please contact your system administrat f access permission. Infmation About Implementing OSPF on Cisco IOS-XR Software To implement OSPF you need to understand the following concepts: OSPF Functional Overview, page RC-71 Key Features Suppted in the Cisco IOS-XR OSPF Implementation, page RC-72 Comparison of Cisco IOS OSPF and Cisco IOS-XR OSPF Version 2, page RC-72 Comparison of Cisco IOS-XR OSPFv3 and OSPFv2, page RC-73 Comparison of Cisco IOS-XR OSPFv3 and Cisco IOS OSPF f IPv6, page RC-74 References f Infmation on IPv6 Routing and IPv6 Addressing, page RC-74 Impting Addresses into OSPFv3, page RC-74 OSPF Hierarchical CLI and CLI Inheritance, page RC-75 OSPF Routing Components, page RC-75 RC-70

71 Implementing OSPF on Cisco IOS-XR Software Infmation About Implementing OSPF on Cisco IOS-XR Software OSPF Instance and Router ID, page RC-78 Suppted OSPF Netwk Types, page RC-78 Route Authentication Methods f OSPF Version 2, page RC-79 Neighbs and Adjacency f OSPF, page RC-80 Designated Router f OSPF, page RC-80 Default Route f OSPF, page RC-80 Link-State Advertisement Types f OSPF Version 2, page RC-81 Link-State Advertisement Types f OSPFv3, page RC-81 Virtual Link and Transit Area f OSPF, page RC-82 Route Redistribution f OSPF, page RC-83 OSPF Shtest Path First Throttling, page RC-83 Nonstop Fwarding f OSPF Version 2, page RC-84 Load Balancing in OSPFv3, page RC-85 OSPF Functional Overview OSPF is a routing protocol f IP. It is a link-state protocol, as opposed to a distance-vect protocol. A link-state protocol makes its routing decisions based on the states of the links that connect source and destination machines. The state of the link is a description of that interface and its relationship to its neighbing netwking devices. The interface infmation includes the IP address of the interface, the netwk mask, the type of netwk it is connected to, the routers connected to that netwk, and so on. This infmation is propagated in various type of link-state advertisements (LSAs). A router s collection of LSA data is sted in a link-state database. The contents of the database, when subjected to the Dijkstra algithm, extracts data to create an OSPF routing table. The difference between the database and the routing table is that the database contains a complete collection of raw data; the routing table contains a list of shtest paths to known destinations via specific router interface pts. OSPF is the most popular IGP because it scales to large netwks and it uses areas to implement hierarchy in the netwk. A netwking device belongs to one me areas in a netwk. All of the netwking devices in an area maintain the same complete database infmation about the link states in their area only. They do not know about all the link states in the netwk. The agreement of the database infmation among the routers in the area is called convergence. At the intradomain level, OSPF can impt routes learned via Interi Gateway Routing Protocol (IGRP) and Intermediate System-to-Intermediate System (IS-IS). OSPF routes can also be expted into IS-IS. At the interdomain level, OSPF can impt routes learned via Bder Gateway Protocol (BGP). OSPF routes can be expted into BGP. Unlike Routing Infmation Protocol (RIP), OSPF does not provide periodic routing updates. Upon becoming neighbs, OSPF routers establish an adjacency by exchanging and synchronizing their databases. After that, only routing changes are propagated. Every netwking device in an area advertises the costs and states of its links, sending this infmation in an LSA. This state infmation is sent to the router one hop away. This router sends the state infmation unchanged to the next hop. This flooding process continues until all the devices in the area have the same link-state database. To determine the best route to a destination, the software sums all of the costs of the links in a route to a destination. After each netwking device has received routing infmation from the other netwking devices, each netwking device runs the shtest path first (SPF) algithm to calculate the best path to each destination netwk in the database. RC-71

72 Infmation About Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software The netwking devices running OSPF detect topological changes in the netwk, flood link-state updates to neighbs, and quickly converge on a new view of the topology. Each OSPF netwking device in the netwk soon has the same topology view again. OSPF allows multiple equal-cost paths to the same destination. On broadcast and nonbroadcast multiaccess (NBMA) netwks, the designated router (DR) backup DR perfms the LSA flooding. On point-to-point netwks, flooding simply goes out an interface directly to a neighb. OSPF runs directly on top of IP; it does not use TCP User Datagram Protocol (UDP). OSPF perfms its own err crection by means of checksums in its packet header and in its LSAs. However, you must still configure at least one IP address, which enables IP. In OSPFv3, the fundamental concepts are the same as OSPF Version 2, except that suppt is added f the increased address size of IPv6. New LSA types are created to carry IPv6 addresses and prefixes, and the protocol runs on a per-link basis rather than on a per-ip-subnet basis. OSPF typically requires codination among many internal routers: Area Bder Routers (ABRs), which are routers connected to multiple areas, and Autonomous System Bder Routers (ASBRs). At a minimum, OSPF-based routers access servers can be configured with all default parameter values, no authentication, and interfaces assigned to areas. If you intend to customize your environment, you must ensure codinated configurations of all routers. Key Features Suppted in the Cisco IOS-XR OSPF Implementation The Cisco IOS-XR implementation of OSPF confms to the OSPF Version 2 and OSPF Version 3 specifications detailed in the Internet RFC 2328 and RFC 2740, respectively. The following key features are suppted in the Cisco IOS-XR implementation: Hierarchy CLI hierarchy is suppted. Inheritance CLI inheritance is suppted. Stub areas Definition of stub areas is suppted. NSF Nonstop fwarding is suppted. SPF throttling Shtest path first throttling feature is suppted. Route redistribution Routes learned via any IP routing protocol can be redistributed into any other IP routing protocol. Authentication Plain text and MD5 authentication among neighbing routers within an area is suppted. (MD5 is not suppted f the OSPFv3 protocol.) Routing interface parameters Configurable parameters suppted include interface output cost, retransmission interval, interface transmit delay, router priity, router dead and hello intervals, and authentication key. Virtual links Virtual links are suppted. Not-so-stubby area (NSSA) RFC 1587 is suppted. OSPF over demand circuit RFC 1793 is suppted. Comparison of Cisco IOS OSPF and Cisco IOS-XR OSPF Version 2 The key differences between the Cisco IOS OSPF feature and OSPF on Cisco IOS-XR software are as follows: RC-72

73 Implementing OSPF on Cisco IOS-XR Software Infmation About Implementing OSPF on Cisco IOS-XR Software Flat, nonhierarchical CLI in Cisco IOS OSPF is replaced with a CLI that is hierarchically structured, providing f ease of configuration, debugging, and netwk management tasks. CLI inheritance is suppted in Cisco IOS-XR OSPF that simplifies configuration management tasks f users. The area command is a submode of router configuration mode and the interface command is a submode of the area submode: router ospf 1 area 0 interface POS 0/1/0/1 Areas must be explicitly configured. The area command is used to enter area configuration mode and to configure OSPF areas and parameters. In Cisco IOS software, interfaces are configured with the netwk area command f a single OSPF area. In Cisco IOS-XR Software, the interface command perfms this functionality. Interface-specific parameters are now configured explicitly and are considered to be bound to an area. The interface command is configured only by interface type and number. The neighb command is used to configure neighbs as in Cisco IOS software; however, the neighb command becomes a configuration command under the interface configuration mode. All area commands no longer have an area command prefix. F example, the area authentication command is now the authentication command. All interface configuration commands no longer have an ip ospf command prefix. F example, the ip ospf cost command is now the cost command. Cisco IOS-XR software suppts SONET (POS) (point-to-point) only. POS can also be configured as nonbroadcast. Point-to-multipoint, broadcast netwks (ATM and Frame Relay) are not suppted. The timers spf command is similar to the Cisco IOS timers throttle spf command. Comparison of Cisco IOS-XR OSPFv3 and OSPFv2 Much of the OSPFv3 protocol is the same as in OSPFv2. OSPFv3 is described in RFC The key differences between the Cisco IOS-XR OSPFv3 protocol and the OSPFv2 are as follows: OSPFv3 expands on OSPFv2 to provide suppt f IPv6 routing prefixes and the larger size of IPv6 addresses. When using an NBMA interface in OSPFv3, users must manually configure the router with the list of neighbs. Neighbing routers are identified by the link local address of the attached interface of the neighb. Unlike in OSPFv2, multiple instances of OSPFv3 can be run on a link. LSAs in OSPFv3 are expressed as prefix and prefix length instead of address and mask. The router ID is a 32-bit number with no relationship to an IPv6 address. OSPFv3 does not suppt route maps, but routing policy language (RPL) will be suppted in a future release of Cisco IOS-XR software. RC-73

74 Infmation About Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Comparison of Cisco IOS-XR OSPFv3 and Cisco IOS OSPF f IPv6 The key differences between the Cisco IOS-XR OSPFv3 feature and Cisco IOS OSPF f IPv6 are as follows: Cisco IOS-XR uses hierarchical CLI that groups related netwk component infmation at defined levels such as at the router, area, and interface levels. Hierarchical CLI allows f easier maintenance and troubleshooting of OSPFv3 configurations. In Cisco IOS-XR software, the term OSPFv3 is used to indicate OSPF f IPv6 in the CLI and configuration tasks. Cisco IOS software uses the OSPF f IPv6 term in documents and the ipv6 keywd is prepended to commands. The following OSPFv3 features are not suppted in this initial Cisco IOS-XR software release: Authentication (IP Security) Simple Netwk Management Protocol (SNMP) OSPFv3 MIB NSF MPLS traffic engineering (MPLS TE) MPLS Virtual Private Netwk (VPN) XML configuration RPL Placement of OSPFv3 on arbitrary nodes all OSPFv3 instances must be on the same node Graceful shutdown Interarea-prefix LSAs f ABRs (Type 3) Incremental SPF References f Infmation on IPv6 Routing and IPv6 Addressing By default, IPv6 routing is disabled in the Cisco IOS-XR software. To enable IPv6 routing, you must assign IPv6 addresses to individual interfaces in the router. To learn me about IPv6 routing and addressing, refer to the following documents: Cisco IOS Release 12.3 documentation: Implementing Basic Connectivity f IPv6 module f Cisco IOS Release 12.3: ipv6imp/sa_bconn.htm The website on Cisco.com f infmation on the Cisco implementation of and training f IPv6: Impting Addresses into OSPFv3 When impting the set of addresses specified on an interface on which OSPFv3 is running into OSPFv3, users cannot select specific addresses to be impted. Either all addresses are impted, no addresses are impted. RC-74

75 Implementing OSPF on Cisco IOS-XR Software Infmation About Implementing OSPF on Cisco IOS-XR Software OSPF Hierarchical CLI and CLI Inheritance Cisco IOS-XR software introduces new OSPF configuration fundamentals consisting of hierarchical CLI and CLI inheritance. Hierarchical CLI is the grouping of related netwk component infmation at defined hierarchical levels such as at the router, area, and interface levels. Hierarchical CLI allows f easier maintenance and troubleshooting of OSPF configurations. When configuration commands are displayed together in their hierarchical context, visual inspections are simplified. Hierarchical CLI is intrinsic f CLI inheritance to be suppted. With CLI inheritance suppt, you need not explicitly configure a parameter f an area interface. In Cisco IOS-XR, the parameters of interfaces in the same area can be exclusively configured with a single command, parameter values can be inherited from a higher hierarchical level such as from the area configuration level the router ospf configuration levels. F example, the hello interval value f an interface is determined by this precedence IF statement: If the hello interval command is configured at the interface configuration level, then use the interface configured value, else If the hello interval command is configured at the area configuration level, then use the area configured value, else If the hello interval command is configured at the router ospf configuration level, then use the router ospf configured value, else Use the default value of the command. Tip Understanding hierarchical CLI and CLI inheritance will save you considerable configuration time. See the Configuring Authentication at Different Hierarchical Levels f OSPF Version 2 task to understand how to implement these fundamentals. In addition, Cisco IOS versus Cisco IOS-XR examples are provided in the Configuration Examples f Implementing OSPF on Cisco IOS-XR Software section. OSPF Routing Components Befe implementing OSPF, you must know what the routing components are and what purpose they serve. They consist of the autonomous system, area types, the ABR, and the ASBR. RC-75

76 Infmation About Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Figure 1 illustrates the routing components in an OSPF netwk topology. Figure 1 OSPF Routing Components Autonomous System A Area 0 backbone Area 2 stub area R3 Area 1 ABR 2 R2 ABR 1 R1 ASBR 1 Autonomous System B Area 3 ASBR Autonomous Systems The autonomous system is a collection of netwks, under the same administrative control, that share routing infmation with each other. An autonomous system is also referred to as a routing domain. Figure 1 shows two autonomous systems: A and B. An autonomous system can consist of one me OSPF areas. Areas Areas allow the subdivision of an autonomous system into smaller, me manageable netwks sets of adjacent netwks. As shown in Figure 1, autonomous system A consists of three areas: Area 0, Area 1, and Area 2. OSPF hides the topology of an area from the rest of the autonomous system. An area's netwk topology is visible only to routers inside that area. When OSPF routing is within an area, it is called intra-area routing. This routing limits the amount of link-state infmation flooding onto the netwk, reducing routing traffic. It also reduces the size of the topology infmation in each router, conserving processing and memy requirements in each router. Conversely, the routers within an area cannot see detailed netwk structures outside the area. Because of this restriction of topological infmation, you can control traffic flow between areas and reduce routing traffic when the entire autonomous system is a single routing domain. RC-76

77 Implementing OSPF on Cisco IOS-XR Software Infmation About Implementing OSPF on Cisco IOS-XR Software Backbone Area A backbone area is responsible f distributing routing infmation between multiple areas of an autonomous system. OSPF routing occurring outside of an area is called interarea routing. The backbone itself has all the properties of an area. It consists of ABRs, and routers and netwks only on the backbone. As shown in Figure 1, Area 0 is an OSPF backbone area. Any OSPF backbone area has a reserved area ID of Stub Area A stub area is an area that does not accept distribute detailed netwk infmation external to the area. A stub area has only one router that interfaces the area to the rest of the autonomous system. The stub ABR router advertises a single default route to external destinations into the area. Routers within a stub area use this route f destinations outside the autonomous system, and f interarea routes. This relationship conserves LSA database space that would otherwise be used to ste external LSAs flooded into the area. In Figure 1, Area 2 is a stub area that is reached only through ABR 2. Area 0 cannot be a stub area. Not-so-Stubby Area An NSSA is similar to the stub area. NSSA does not flood Type 5 external LSAs from the ce into the area, but can impt autonomous system external routes in a limited fashion within the area. NSSA allows impting of Type 7 autonomous system external routes within NSSA area by redistribution. These Type 7 LSAs are translated into Type 5 LSAs by NSSA ABRs, which are flooded throughout the whole routing domain. Summarization and filtering are suppted during the translation. Use NSSA to simplify administration if you are a netwk administrat that must connect a central site using OSPF to a remote site that is using a different routing protocol. Pri to NSSA, the connection between the cpate site bder router and the remote router could not be run as an OSPF stub area because routes f the remote site could not be redistributed into a stub area, and two routing protocols needed to be maintained. A simple protocol like RIP was usually run and handled the redistribution. With NSSA, you can extend OSPF to cover the remote connection by defining the area between the cpate router and the remote router as an NSSA. Area 0 cannot be an NSSA. Routers The OSPF netwk is composed of ABRs, ASBRs, and interi routers. Area Bder Routers ABRs are routers with multiple interfaces that connect directly to netwks in two me areas. An ABR runs a separate copy of the OSPF algithm and maintains separate routing data f each area that is connected to it, including the backbone area. ABRs also send configuration summaries f their attached areas to the backbone area, which then distributes this infmation to other OSPF areas in the autonomous system. In Figure 1, there are two ABRs. ABR 1 interfaces Area 1 to the backbone area. ABR 2 interfaces the backbone Area 0 to Area 2, a stub area. Autonomous System Boundary Routers ASBRs provide connectivity from one autonomous system to another system. ASBRs exchange their autonomous system routing infmation with boundary routers in other autonomous systems. Every router inside an autonomous system knows how to reach the boundary routers f its autonomous system. RC-77

78 Infmation About Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software ASBRs can impt external routing infmation from other protocols like BGP and redistribute them as AS-external (ASE) Type 5 LSAs to the OSPF netwk. If the Cisco IOS-XR router is an ASBR, you can configure it to advertise VIP addresses f content as autonomous system external routes. In this way, ASBRs flood infmation about external netwks to routers within the OSPF netwk. ASBR routes can be advertised as a Type 1 Type 2ASE. The difference between Type 1 and Type 2 is how the cost is calculated. F a Type 2 ASE, only the external cost (metric) is considered when multiple paths to the same destination are compared. F a Type 1 ASE, the combination of the external cost and the cost to reach the ASBR is used. Type 2 external cost is the default and is always me costly than an OSPF route and is used only if no OSPF route exists. Interi Routers The interi routers (such as R1 in Figure 1) do not redistribute routes on all interfaces under a single area. OSPF Instance and Router ID An OSPF instance (also known as an OSPF process) can be considered a logical routing entity running OSPF in a physical router. This logical routing entity should not be confused with the logical routing feature that allows a system administrat (known as the Cisco IOS-XR Owner) to partition the physical box into separate routers. A physical router can run multiple instances of OSPF, although the only reason to do so would be to connect two me OSPF domains. Each instance has its own link-state database. The routes in the routing table are calculated from the link-state database. One instance of OSPF does not share routes with another instance of OSPF unless the routes are redistributed. Each OSPF instance is identified by a router ID. OSPFv2 will obtain a router ID from the following sources, in der of decreasing preference: 1. The 32-bit numeric value specified by the OSPF router-id command in router configuration mode. (This value can be any 32-bit value. It is not restricted to the IPv4 addresses assigned to interfaces on this router, and need not be a routable IPv4 address.) 2. The primary IPv4 address of the interface specified by the OSPF router-id command. 3. The 32-bit numeric value specified by the router-id command in global configuration mode. (This value must be an IPv4 address assigned to an interface on this router.) 4. The primary IPv4 address of the interface specified by the router-id command in global configuration mode. 5. The highest IPv4 address assigned to any loopback interface. 6. The primary IPv4 address of an interface over which this instance of OSPF is running. We recommend that the router ID be set by the router-id command. Separate instances of OSPF could share the same router ID, but they must be specified in separate routing domains. Suppted OSPF Netwk Types OSPF classifies different media into the following three types of netwks by default: NBMA netwks (POS) Point-to-point netwks (POS) You can configure your Cisco IOS-XR netwk as either a broadcast an NBMA netwk. RC-78

79 Implementing OSPF on Cisco IOS-XR Software Infmation About Implementing OSPF on Cisco IOS-XR Software You can configure your OSPF netwk type as either broadcast NBMA, regardless of the default media type. Using this feature, you can configure broadcast netwks as NBMA netwks when, f example, you have routers in your netwk that do not suppt multicast addressing. You also can configure NBMA netwks as broadcast netwks. Configuring NBMA, multiaccess netwks as either broadcast nonbroadcast assumes that there are virtual circuits (VCs) from every router to every router fully meshed netwk. This scenario is not true f some cases, f example, because of cost constraints, when you have only a partially meshed netwk. Route Authentication Methods f OSPF Version 2 OSPF Version 2 suppts two types of route authentication: plain text authentication and MD5 authentication. By default, no authentication is enabled (referred to as Null authentication in RFC 2178). Note The authentication feature is not suppted f OSPFv3 in this initial Cisco IOS-XR software release. Both plain text and MD5 authentication are perfmed on routing updates that arrive on an interface. The sender and receiver must know the authentication passwd key. F both types of authentication, a router sends a routing update packet with a key and cresponding key number. The receiving router checks the key number and key against its own sted key number and key. If the key numbers and keys match, the router accepts the routing update packet. If they do not match, the routing update is discarded. Plain Text Authentication Plain text authentication (also known as Type 1 authentication) uses a passwd that travels on the physical medium and is easily visible to someone that does not have access permission and who could use the passwd to infiltrate a netwk. Therefe, plain text authentication does not provide security. It might protect against a faulty implementation of OSPF a misconfigured OSPF interface trying to send erroneous OSPF packets. MD5 Authentication MD5 authentication provides a means of security. No passwd travels on the physical medium. Instead, the netwking device uses MD5 to produce a message digest of the OSPF packet plus the key, which is sent on the physical medium. Using MD5 authentication prevents a router from accepting unauthized deliberately malicious routing updates, which could compromise your netwk security by diverting your traffic. MD5 authentication suppts multiple keys, requiring that a key number be associated with a key. Authentication Strategies Authentication can be specified f an entire instance area, on an interface a virtual link. An interface virtual link can be configured f only one type of authentication, not both. Authentication configured f an interface virtual link overrides authentication configured f the area instance. If you intend f all interfaces in an area to use the same type of authentication, you can configure fewer commands if you use the area authentication command (and specify the message-digest keywd if you want the entire area to use MD5 authentication). This strategy requires fewer commands than specifying authentication f each interface. RC-79

80 Infmation About Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Key Rollover In case you want to configure a new plain text key MD5 key, there must be a way to do a key rollover to switch from the old key to the new key without disrupting communication. As a netwk administrat configures the new key into the multiple netwking devices that communicate, a time period exists when different devices are using both a new key and an old key. If an interface is configured with a new key, the software sends two copies of the same packet, each authenticated by the old key and the new key. The software tracks which devices start using the new key, and the software stops sending duplicate packets once it detects that all of its neighbs are using the new key. The software then discards the old key. The netwk administrat must then remove the old key from each router s configuration file. Neighbs and Adjacency f OSPF Routers that share a segment (Layer 2 link between two interfaces) become neighbs on that segment. OSPF uses the hello protocol, periodically sending hello packets out each interface. Routers become neighbs when they see themselves listed in the neighb s hello packet. After two routers are neighbs, they may proceed to exchange and synchronize their databases, which creates an adjacency. Not all neighbing routers have an adjacency. Designated Router f OSPF On point-to-point and point-to-multipoint netwks, the Cisco IOS-XR software floods routing updates to immediate neighbs. There is no DR backup DR (BDR); all routing infmation is flooded to each netwking device. On broadcast NBMA segments only, OSPF minimizes the amount of infmation being exchanged on a segment by choosing one router to be a DR and one router to be a BDR. Thus, the routers on the segment have a central point of contact f infmation exchange. Instead of each router changing routing updates with every other router on the segment, each router exchanges infmation with the DR and BDR. The DR and BDR relay the infmation to the other routers. The software looks at the priity of the routers on the segment to determine which routers will be the DR and BDR. The router with the higher priity is elected the DR. If there is a tie, then the router with the higher router ID takes precedence. After the DR is elected, the BDR is elected the same way. A router with a router priity set to zero is ineligible to become the DR BDR. Note Point-to-multipoint netwks are not suppted f this Cisco IOS-XR software release. Default Route f OSPF In a regular area, a router generates Type 5 LSAs, which go through Area 0 to other regular areas. Unlike in a regular area, routing between a stub area and Area 0 is based on a default route. In a stub area, a router generates a default route of 0/0 to the ABR. Likewise, from Area 0 to the ABR a default route of 0/0 is sent to the routers in the stub area. The cost of the default route is 1 (default) is determined by the value specified in the default-cost command. RC-80

81 Implementing OSPF on Cisco IOS-XR Software Infmation About Implementing OSPF on Cisco IOS-XR Software Link-State Advertisement Types f OSPF Version 2 Each of the following LSA types has a different purpose: Router LSA (Type 1) Describes the link state and costs of a router s links to the area. These LSAs are flooded within an area only. The LSA indicates if the router can compute paths based on quality of service (QoS), if it is an ABR ASBR, and if it is one end of a virtual link. Type 1 LSAs are also used to advertise stub netwks. Netwk LSA (Type 2) Describes the link state and cost infmation f all routers attached to the netwk. This LSA is an aggregation of all the link state and cost infmation in the netwk. Only a designated router tracks this infmation and can generate a netwk LSA. Summary LSA f ABRs (Type 3) Advertises internal netwks to routers in other areas (interarea routes). Type 3 LSAs may represent a single netwk a set of netwks summarized into one advertisement. Only ABRs generate summary LSAs. Summary LSA f ASBRs (Type 4) Advertises the location of an ASBR. Routers that are trying to reach an external netwk use these advertisements to determine the best path to the next hop. ASBRs generate Type 4 LSAs. Autonomous system external LSA (Type 5) Redistributes routes from another autonomous system, usually from a different routing protocol into OSPF. Link-State Advertisement Types f OSPFv3 Each of the following LSA types has a different purpose: Router LSA (Type 1) Describes the link state and costs of a router s links to the area. These LSAs are flooded within an area only. The LSA indicates if the router is an ABR ASBR, and if it is one end of a virtual link. Type 1 LSAs are also used to advertise stub netwks. In OSPFv3, these LSAs have no address infmation and are netwk-protocol-independent. In OSPFv3, router interface infmation may be spread across multiple router LSAs. Receivers must concatenate all router LSAs iginated by a given router when the receiver is running the SPF calculation. Netwk LSA (Type 2) Describes the link state and cost infmation f all routers attached to the netwk. This LSA is an aggregation of all the link state and cost infmation in the netwk. Only a designated router tracks this infmation and can generate a netwk LSA. In OSPFv3, netwk LSAs have no address infmation and are netwk-protocol-independent. Interarea-prefix LSA f ABRs (Type 3) Advertises internal netwks to routers in other areas (interarea routes). Type 3 LSAs may represent a single netwk a set of netwks summarized into one advertisement. Only ABRs generate Type 3 LSAs. In OSPFv3, addresses f these LSAs are expressed prefix and prefix length instead of address and mask. The default route is expressed as a prefix with length 0. Interarea-router LSA f ASBRs (Type 4) Advertises the location of an ASBR. Routers that are trying to reach an external netwk use these advertisements to determine the best path to the next hop. ASBRs generate Type 4 LSAs. Autonomous system external LSA (Type 5) Redistributes routes from another autonomous system, usually from a different routing protocol into OSPF. In OSPFv3, addresses f these LSAs are expressed as prefix and prefix length instead of address and mask. The default route is expressed as a prefix with length 0. RC-81

82 Infmation About Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Link LSA (Type 8) Has local-link flooding scope and is never flooded beyond the link with which it is associated. Link LSAs provide the link-local address of the router to all other routers attached to the link, infm other routers attached to the link of a list of IPv6 prefixes to associate with the link, and allow the router to assert a collection of Options bits to associate with the netwk LSA that will be iginated f the link. Intra-area-prefix LSAs (Type 9) A router can iginate multiple intra-area-prefix LSAs f each router transit netwk, each with a unique link-state ID. The link-state ID f each intra-area-prefix LSA describes its association to either the router LSA the netwk LSA and contains prefixes f stub and transit netwks. An address prefix occurs in almost all newly defined LSAs. The prefix is represented by three fields: Prefix Length, Prefix Options, and Address Prefix. In OSPFv3, addresses f these LSAs are expressed as prefix and prefix length instead of address and mask. The default route is expressed as a prefix with length 0. Inter-area-prefix and intra-area-prefix LSAs carry all IPv6 prefix infmation that, in IPv4, is included in router LSAs and netwk LSAs. The Options field in certain LSAs (router LSAs, netwk LSAs, interarea-router LSAs, and link LSAs) has been expanded to 24 bits to provide suppt f OSPF in IPv6. In OSPFv3, the sole function of link-state ID in interarea-prefix LSAs, interarea-router LSAs, and autonomous system external LSAs is to identify individual pieces of the link-state database. All addresses router IDs that are expressed by the link-state ID in OSPF Version 2 are carried in the body of the LSA in OSPFv3. Virtual Link and Transit Area f OSPF In OSPF, all areas must be connected to the backbone area, known as Area 0. There might be occasions when an area must be defined, but it cannot be connected to Area 0. Examples of such an occasion might be if your company makes a new acquisition that includes an OSPF area, if Area 0 itself is partitioned. In the case where an area cannot be connected to Area 0, you must configure a virtual link between that area and Area 0. The two endpoints of a virtual link are ABRs, and the virtual link must be configured in both routers. The nonbackbone area that the two routers belong to is called a transit area. A virtual link specifies the transit area and the router ID of the other virtual endpoint (the other ABR). A virtual link cannot be configured through a stub area NSSA. Figure 2 illustrates a virtual link from Area 3 to Area 0. RC-82

83 Implementing OSPF on Cisco IOS-XR Software Infmation About Implementing OSPF on Cisco IOS-XR Software Figure 2 Virtual Link to Area 0 AS A Area 0 Backbone Area 1 Area 3 ABR 2 ABR 1 ABR 3 Transit Area ASBR 1 Router ID Router ID ASBR Route Redistribution f OSPF Redistribution allows different routing protocols to exchange routing infmation. This technique can be used to allow connectivity to span multiple routing protocols. It is imptant to remember that the redistribute command controls redistribution into an instance of OSPF and not out of OSPF. See the Configuration Examples f Implementing OSPF on Cisco IOS-XR Software section f an example of route redistribution f OSPF. OSPF Shtest Path First Throttling OSPF SPF throttling makes it possible to configure SPF scheduling in millisecond intervals and to potentially delay SPF calculations during netwk instability. SPF is scheduled to calculate the Shtest Path Tree (SPT) when there is a change in topology. One SPF run may include multiple topology change events. The interval at which the SPF calculations occur is chosen dynamically and is based on the frequency of topology changes in the netwk. The chosen interval is within the boundary of the user-specified value ranges. If netwk topology is unstable, SPF throttling calculates SPF scheduling intervals to be longer until topology becomes stable. SPF calculations occur at the interval set by the timers throttle spf command. The wait interval indicates the amount of time to wait until the next SPF calculation occurs. Each wait interval after that calculation is twice as long as the previous until the wait interval reaches the maximum wait time specified. The SPF timing can be better explained using an example. In this example the start interval is set at 5 milliseconds (ms), the initial wait interval at 1000 ms, and the maximum wait time at 90,000 ms. timers spf RC-83

84 Infmation About Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Figure 3 shows the intervals at which the SPF calculations occur so long as at least one topology change event is received in a given wait interval. Figure 3 SPF Calculation Intervals Set by the timers spf Command 5 ms 2,000 ms 1,000 ms 4,000 ms 8,000 ms 32,000 ms 16,000 ms 64,000 ms 90,000 ms 90,000 ms Notice that the wait interval between SPF calculations doubles when at least one topology change event is received during the previous wait interval. Once the maximum wait time is reached, the wait interval remains the same until the topology stabilizes and no event is received in that interval. If the first topology change event is received after the current wait interval, the SPF calculation is delayed by the amount of time specified as the start interval. The subsequent wait intervals continue to follow the dynamic pattern. If the first topology change event occurs after the maximum wait interval begins, the SPF calculation is again scheduled at the start interval and subsequent wait intervals are reset accding the parameters specified in the timers throttle spf command. Notice in Figure 4 that a topology change event was received after the start of the maximum wait time interval and that the SPF intervals have been reset. Figure 4 Timer Intervals Reset After Topology Change Event Topology change event 64,000 ms 90,000 ms 1,000 ms 90,000 ms 5 ms 2,000 ms 4,000 ms 8,000 ms 16,000 ms ,000 ms SPF scheduled at start interval Nonstop Fwarding f OSPF Version 2 Cisco IOS-XR NSF f OSPF Version 2 allows f the fwarding of data packets to continue along known routes while the routing protocol infmation is being rested following a failover. With NSF, peer netwking devices do not experience routing flaps. During failover, data traffic is fwarded through intelligent line cards while the standby Route Process (RP) assumes control from the failed RP. The ability of line cards to remain up through a failover and to be kept current with the Fwarding Infmation Base (FIB) on the active RP is key to Cisco IOS-XR NSF operation. The routing protocols, such as OSPF, run only on the active RP DRP and receive routing updates from their neighb routers. When an OSPF NSF-capable router perfms an RP failover, it must perfm two tasks in der to resynchronize its link-state database with its OSPF neighbs. First, it must relearn the available OSPF neighbs on the netwk without causing a reset of the neighb relationship. Second, it must reacquire the contents of the link-state database f the netwk. RC-84

85 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software As quickly as possible after an RP failover, the NSF-capable router sends an OSPF NSF signal to neighbing NSF-aware devices. Neighb netwking devices recognize this signal as a cue that the neighb relationship with this router should not be reset. As the NSF-capable router receives signals from other routers on the netwk, it can begin to rebuild its neighb list. Once neighb relationships are reestablished, the NSF-capable router begins to resynchronize its database with all of its NSF-aware neighbs. At this point, the routing infmation is exchanged between the OSPF neighbs. Once this exchange is complete, the NSF-capable device uses the routing infmation to remove stale routes, update the RIB, and update the FIB with the new fwarding infmation. The OSPF protocols are then fully converged. Load Balancing in OSPFv3 When a router learns multiple routes to a specific netwk by using multiple routing processes ( routing protocols), it installs the route with the lowest administrative distance in the routing table. Sometimes the router must select a route from among many learned by using the same routing process with the same administrative distance. In this case, the router chooses the path with the lowest cost ( metric) to the destination. Each routing process calculates its cost differently; the costs may need to be manipulated in der to achieve load balancing. OSPFv3 perfms load balancing automatically. If OSPFv3 finds that it can reach a destination through me than one interface and each path has the same cost, it installs each path in the routing table. The only restriction on the number of paths to the same destination is controlled by the maximum-paths command. The default number of maximum paths is 32, and the range is from 1 to 32. How to Implement OSPF on Cisco IOS-XR Software This section contains the following procedures: Enabling OSPF, page RC-86 (required) Configuring Stub and Not-so-Stubby Area Types, page RC-88 (optional) Configuring Neighbs f Nonbroadcast Netwks, page RC-90 (optional) Configuring Authentication at Different Hierarchical Levels f OSPF Version 2, page RC-94) (optional) Controlling the Frequency that the Same LSA Is Originated Accepted f OSPF, page RC-97 (optional) Creating a Virtual Link with MD5 Authentication to Area 0 f OSPF, page RC-99 (optional) Summarizing Subnetwk LSAs on an OSPF ABR, page RC-103 (optional) Redistributing Routes from One IGP into OSPF, page RC-105 (optional) Configuring OSPF Shtest Path First Throttling, page RC-109 (optional) Configuring Nonstop Fwarding f OSPF Version 2, page RC-111 (optional) Configuring OSPF Version 2 f MPLS Traffic Engineering, page RC-113 (optional) Verifying OSPF Configuration and Operation, page RC-117 (optional) RC-85

86 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Enabling OSPF This task explains how to perfm the minimum OSPF configuration on your router that is to enable an OSPF process with a router ID, configure a backbone nonbackbone area, and then assign one me interfaces on which OSPF will run. Prerequisites SUMMARY STEPS DETAILED STEPS Although you can configure OSPF befe you configure an IP address, no OSPF routing will occur until at least one IP address is configured. 1. configure 2. router ospf instance-name router ospfv3 instance-name 3. router-id {ipv4-address interface-type interface-number} 4. area area-id 5. interface type number 6. Repeat Step 5 f each interface that will use OSPF. 7. log adjacency changes [detail] [enable disable] 8. end commit Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 RP/0/RP0/CPU0:router# configure router ospf instance-name router ospfv3 instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 RP/0/RP0/CPU0:router(config)# router ospfv3 1 Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Enables OSPFv3 routing f the specified routing instance, and places the router in router ospfv3 configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. RC-86

87 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Step 3 Step 4 Step 5 Command Action router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id area area-id RP/0/RP0/CPU0:router(config-router)# area 0 interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface POS 0/1/0/3 Purpose Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. Enters area configuration mode and configures an area f the OSPF process. Backbone areas have an area ID of 0. Nonbackbone areas have a nonzero area ID. The area-id argument can be entered in dotted-decimal IPv4 address notation, such as area 1000 area However, you must choose one fm the other f an area. Enters interface configuration mode and associates one me interfaces f the area configured in Step 4. Step 6 Repeat Step 5 f each interface that will use OSPF. Step 7 log adjacency changes [detail] [enable disable] (Optional) Requests notification of neighb changes. By default, this feature is enabled. Step 8 RP/0/RP0/CPU0:router(config-ospf-ar-if)# log adjacency changes detail end commit RP/0/RP0/CPU0:router(config-ospf-ar-if)# end RP/0/RP0/CPU0:router(config-ospf-ar-if)# commit The messages generated by neighb changes are considered notifications, which are categized as severity Level 5 in the logging console command. The logging console command controls which severity level of messages are sent to the console. By default, all severity level messages are sent. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. RC-87

88 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Configuring Stub and Not-so-Stubby Area Types SUMMARY STEPS DETAILED STEPS This task explains how to configure the stub area and the NSSA f OSPF. 1. configure 2. router ospf instance-name router ospfv3 instance-name 3. router-id {ipv4-address interface-type interface-number} 4. area area-id 5. stub [no-summary] nssa [no-redistribution] [default-infmation-iginate] [no-summary] 6. stub nssa 7. default-cost cost 8. end commit 9. Repeat this task on all other routers in the stub area NSSA. Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 RP/0/RP0/CPU0:router# configure router ospf instance-name router ospfv3 instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 RP/0/RP0/CPU0:router(config)# router ospfv3 1 router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Enables OSPFv3 routing f the specified routing instance, and places the router in router ospfv3 configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. RC-88

89 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Step 4 Step 5 Step 6 Step 7 Command Action area area-id RP/0/RP0/CPU0:router(config-router)# area 1 stub [no-summary] nssa [no-redistribution] [default-infmation-iginate] [no-summary] RP/0/RP0/CPU0:router(config-ospf-ar)# stub no summary RP/0/RP0/CPU0:router(config-ospf-ar)# nssa no-redistribution stub nssa RP/0/RP0/CPU0:router(config-ospf-ar)# stub RP/0/RP0/CPU0:router(config-ospf-ar)# nssa default-cost cost RP/0/RP0/CPU0:router(config-ospf-ar)# default-cost 15 Purpose Enters area configuration mode and configures a nonbackbone area f the OSPF process. The area-id argument can be entered in dotted-decimal IPv4 address notation, such as area 1000 area However, you must choose one fm the other f an area. Defines the nonbackbone area as a stub area. See the Configuring Stub and Not-so-Stubby Area Types section. Specify the no-summary keywd to further reduce the number of LSAs sent into a stub area. This keywd prevents the ABR from sending summary link-state advertisements (Type 3) in the stub area. Defines an area as an NSSA. See the Configuring Stub and Not-so-Stubby Area Types section. (Optional) Turns off the options configured f stub and NSSA areas. If you configured the stub and NSSA areas using the optional keywds (no-summary, no-redistribution, default-infmation-iginate, and no-summary) in Step 5, you must now reissue the stub and nssa commands without the keywds rather than using the no fm of the command. F example, the no nssa default-infmation-iginate fm of the command changes the NSSA area into a nmal area that inadvertently tears down the existing adjacencies in that area. (Optional) Specifies a cost f the default summary route sent into a stub area NSSA. Use this command only on ABRs attached to the NSSA. Do not use it on any other routers in the area. The default cost is 1. RC-89

90 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Step 8 Step 9 Command Action end commit RP/0/RP0/CPU0:router(config-ospf-ar)# end RP/0/RP0/CPU0:router(config-ospf-ar)# commit Repeat this task on all other routers in the stub area NSSA. Purpose Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Configuring Neighbs f Nonbroadcast Netwks This task explains how to configure neighbs f a nonbroadcast netwk. This task is optional. Prerequisites Configuring NBMA netwks as either broadcast nonbroadcast assumes that there are virtual circuits from every router to every router fully meshed netwk. SUMMARY STEPS 1. configure 2. router ospf instance-name router ospfv3 instance-name 3. router-id {ipv4-address interface-type interface-number} 4. area area-id 5. netwk {broadcast non-broadcast {point-to-multipoint [non-broadcast] point-to-point}} 6. dead-interval seconds 7. hello-interval seconds 8. interface type number 9. neighb ip-address [priity number] [poll-interval seconds] [cost number] neighb ipv6-link-local-address [priity number] [poll-interval seconds] [cost number] [database-filter [all]] 10. Repeat Step 9 f all neighbs on the interface. 11. exit RC-90

91 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software 12. interface type number 13. neighb ip-address [priity number] [poll-interval seconds] [cost number] neighb ipv6-link-local-address [priity number] [poll-interval seconds] [cost number] [database-filter [all]] 14. Repeat Step 13 f all neighbs on the interface. 15. end commit DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 RP/0/RP0/CPU0:router# configure router ospf instance-name router ospfv3 instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 RP/0/RP0/CPU0:router(config)# router ospfv3 1 router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id area area-id RP/0/RP0/CPU0:router(config-router)# area 0 Step 5 netwk {broadcast non-broadcast {point-to-multipoint [non-broadcast] point-to-point}} Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Enables OSPFv3 routing f the specified routing instance, and places the router in router ospfv3 configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. Enters area configuration mode and configures an area f the OSPF process. The example configures a backbone area. The area-id argument can be entered in dotted-decimal IPv4 address notation, such as area 1000 area However, you must choose one fm the other f an area. Configures the OSPF netwk type to a type other than the default f a given medium. The example sets the netwk type to NBMA. RP/0/RP0/CPU0:router(config-ospf-ar)# netwk non-broadcast RC-91

92 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Step 6 Step 7 Step 8 Step 9 Command Action dead-interval seconds RP/0/RP0/CPU0:router(config-ospf-ar)# dead-interval 40 hello-interval seconds RP/0/RP0/CPU0:router(config-ospf-ar)# hello-interval 10 interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface POS 0/2/0/0 neighb ip-address [priity number] [poll-interval seconds][cost number] neighb ipv6-link-local-address [priity number] [poll-interval seconds][cost number] [database-filter [all]] RP/0/RP0/CPU0:router(config-ospf-ar-if)# neighb priity 3 poll-interval 15 RP/0/RP0/CPU0:router(config-ospf-ar-if)# neighb fe80::3203:a0ff:fe9d:f3fe Purpose (Optional) Sets the interval at which hello packets must not be seen befe neighbs declare the router down. (Optional) Specifies the interval between hello packets that the software sends on the interface. Enters interface configuration mode and associates one me interfaces f the area configured in Step 4. In this example, the interface inherits the nonbroadcast netwk type and the hello and dead intervals from the areas because the values are not set at the interface level. Configures the IPv4 address of OSPF neighbs interconnecting to nonbroadcast netwks. Configures the link-local IPv6 address of OSPFv3 neighbs. The ipv6-link-local-address argument must be in the fm documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. The priity keywd notifies the router that this neighb is eligible to become a DR BDR. The priity value should match the actual priity setting on the neighb router. The neighb priity default value is zero. This keywd does not apply to point-to-multipoint interfaces. RFC 1247 recommends that this value be much larger than the hello interval. The default is 120 seconds (2 minutes). The poll-interval keywd does not apply to point-to-multipoint interfaces. Neighbs with no specific cost configured will assume the cost of the interface, based on the cost command. On point-to-multipoint interfaces, cost number is the only keywd and argument combination that wks. The cost keywd does not apply to NBMA netwks. The database-filter keywd filters outgoing LSAs to an OSPF neighb. If you specify the all keywd, incoming and outgoing LSAs are filtered. Step 10 Repeat Step 9 f all neighbs on the interface. RC-92

93 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Step 11 Command Action exit Purpose Enters area configuration mode. Step 12 Step 13 RP/0/RP0/CPU0:router(config-ospf-ar-if)# exit interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface POS 0/3/0/1 neighb ip-address [priity number] [poll-interval seconds][cost number] [database-filter [all]] neighb ipv6-link-local-address [priity number] [poll-interval seconds][cost number] [database-filter [all]] RP/0/RP0/CPU0:router(config-ospf-ar)# neighb RP/0/RP0/CPU0:router(config-ospf-ar)# neighb fe80::3203:a0ff:fe9d:f3f Enters interface configuration mode and associates one me interfaces f the area configured in Step 4. In this example, the interface inherits the nonbroadcast netwk type and the hello and dead intervals from the areas because the values are not set at the interface level. Configures the IPv4 address of OSPF neighbs interconnecting to nonbroadcast netwks. Configures the link-local IPv6 address of OSPFv3 neighbs. The ipv6-link-local-address argument must be in the fm documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. The priity keywd notifies the router that this neighb is eligible to become a DR BDR. The priity value should match the actual priity setting on the neighb router. The neighb priity default value is zero. This keywd does not apply to point-to-multipoint interfaces. RFC 1247 recommends that this value be much larger than the hello interval. The default is 120 seconds (2 minutes). The poll-interval keywd does not apply to point-to-multipoint interfaces. Neighbs with no specific cost configured will assume the cost of the interface, based on the cost command. On point-to-multipoint interfaces, cost number is the only keywd and argument combination that wks. The cost keywd does not apply to NBMA netwks. The database-filter keywd filters outgoing LSAs to an OSPF neighb. If you specify the all keywd, incoming and outgoing LSAs are filtered. RC-93

94 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Command Action Step 14 Repeat Step 13 f all neighbs on the interface. Purpose Step 15 end commit RP/0/RP0/CPU0:router(config-ospf-ar)# end RP/0/RP0/CPU0:router(config-ospf-ar)# commit Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Configuring Authentication at Different Hierarchical Levels f OSPF Version 2 This task explains how to configure MD5 (secure) authentication on the OSPF router process, configure one area with plain text authentication, and then apply one interface with clear text (null) authentication. Note The authentication feature is not suppted f OSPFv3 in this software release; however, the hierarchical and inheritance model applies f any OSPFv3 feature. Note Authentication configured at the interface level overrides authentication configured at the area level and the router process level. If an interface does not have authentication specifically configured, the interface inherits the authentication parameter value from a higher hierarchical level. See the OSPF Hierarchical CLI and CLI Inheritance section f me infmation about hierarchy and inheritance. Prerequisites If you choose to configure authentication, you must first decide whether to configure plain text MD5 authentication, and whether the authentication applies to all interfaces in an instance, an entire area, specific interfaces. See the Route Authentication Methods f OSPF Version 2 section f infmation about each type of authentication and when you should use a specific method f your netwk. SUMMARY STEPS 1. configure 2. router ospf instance-name 3. router-id {ipv4-address interface-type interface-number} 4. authentication [message-digest null] 5. message-digest-key key-id md5 [encryption-type] key RC-94

95 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software 6. area area-id 7. interface type number 8. Repeat Step 7 f each interface that must communicate, using the same authentication. 9. area area-id 10. authentication [message-digest null] 11. interface type number 12. Repeat Step 7 f each interface that must communicate, using the same authentication. 13. interface type number 14. authentication [message-digest null] 15. end commit DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 RP/0/RP0/CPU0:router# configure router ospf instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 router-id {ipv4-address interface-type interface-number} Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Step 4 Step 5 RP/0/RP0/CPU0:router(config-router)# router-id authentication [message-digest null] RP/0/RP0/CPU0:router(config-router)# authentication message-digest message-digest-key key-id md5 [encryption-type] key RP/0/RP0/CPU0:router(config-router)# message-digest-key 4 md5 0 yourkey Enables MD5 authentication f the OSPF process. This authentication type will apply to the entire router process unless overridden by a lower hierarchical level such as the area interface. Specifies the MD5 authentication key f the OSPF process. Your neighb router must have the same key identifier. RC-95

96 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Step 6 Step 7 Step 8 Step 9 Step 10 Step 11 Step 12 Step 13 Command Action area area-id RP/0/RP0/CPU0:router(config-router)# area 0 interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface POS 0/1/0/3 Repeat Step 7 f each interface that must communicate, using the same authentication. area area-id RP/0/RP0/CPU0:router(config-router)# area 1 authentication [message-digest null] RP/0/RP0/CPU0:router(config-ospf-ar)# authentication interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface POS 0/1/0/0 Repeat Step 7 f each interface that must communicate, using the same authentication. interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface POS 0/3/0/0 Purpose Enters area configuration mode and configures a backbone area f the OSPF process. Enters interface configuration mode and associates one me interfaces to the backbone area. All interfaces will inherit the authentication parameter values specified f the OSPF process (Step 4, Step 5, and Step 6). Enters area configuration mode and configures a nonbackbone area 1 f the OSPF process. The area-id argument can be entered in dotted-decimal IPv4 address notation, such as area 1000 area However, you must choose one fm the other f an area. Enables Type 1 (plain text) authentication that provides no security. The example specifies plain text authentication (by not specifying a keywd). Use the authentication-key interface command to specify the plain text passwd. Enters interface configuration mode and associates one me interfaces to the nonbackbone area 1 specified in Step 9. All interfaces configured will inherit the authentication parameter values configured f area 1. Enters interface configuration mode and associates one me interfaces to a different authentication type. RC-96

97 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Step 14 Step 15 Command Action authentication [message-digest null] RP/0/RP0/CPU0:router(config-ospf-ar-if)# authentication null end commit RP/0/RP0/CPU0:router(config-ospf-ar-if)# end RP/0/RP0/CPU0:router(config-ospf-ar-if)# commit Purpose Specifies no authentication on POS interface 0/3/0/0, overriding the plain text authentication specified f area 1. By default, all of the interfaces configured in the same area will inherit the same authentication parameter values of the area. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Controlling the Frequency that the Same LSA Is Originated Accepted f OSPF This task explains how to tune the convergence time of OSPF routes in the routing table when many LSAs occur in the same time frame. SUMMARY STEPS 1. configure 2. router ospf instance-name router ospfv3 instance-name 3. router-id {ipv4-address interface-type interface-number} 4. Perfm Step 5 Step 6 both to control the frequency that the same LSA is iginated accepted. 5. timers lsa gen-interval seconds 6. timers lsa min-arrival seconds 7. timers lsa group-pacing seconds 8. end commit RC-97

98 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 Step 5 Step 6 RP/0/RP0/CPU0:router# configure router ospf instance-name router ospfv3 instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 RP/0/RP0/CPU0:router(config)# router ospfv3 1 router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id Perfm Step 5 Step 6 both to control the frequency that the same LSA is iginated accepted. timers lsa gen-interval seconds RP/0/RP0/CPU0:router(config-router)# timers lsa gen-interval 10 timers lsa min-arrival seconds RP/0/RP0/CPU0:router(config-router)# timers lsa min-arrival 2 Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Enables OSPFv3 routing f the specified routing instance, and places the router in router ospfv3 configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. Changes the minimum interval between the same OSPF LSAs that the router iginates. The default is 5 seconds f both OSPF and OSPFv3. Limits the frequency that new instances of any particular OSPF Version 2 LSA can be accepted during flooding. The default is 1 second. RC-98

99 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Step 7 Step 8 Command Action timers lsa group-pacing seconds RP/0/RP0/CPU0:router(config-router)# timers lsa group-pacing 1000 end commit RP/0/RP0/CPU0:router(config-router)# end RP/0/RP0/CPU0:router(config-router)# commit Purpose Changes the interval at which OSPFv3 link-state LSAs are collected into a group. The default is 240 seconds. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Creating a Virtual Link with MD5 Authentication to Area 0 f OSPF This task explains how to create a virtual link to your backbone (area 0) and apply MD5 authentication. You must perfm the steps described on both ABRs, one at each end of the virtual link. To understand virtual links, see the Virtual Link and Transit Area f OSPF section. Note The MD5 authentication feature is not suppted f OSPFv3 in this software release; however, the virtual link configuration steps are suppted. Note Once you explicitly configure area parameter values, they will be inherited by all the interfaces bound to that area unless you override the values and configure them explicitly f the interface. An example is provided in the Virtual Link Configured with MD5 Authentication f OSPF Version 2: Example section. Prerequisites You must have the router ID of the neighb router at the opposite end of the link in der to configure the local router. You can execute the show ospf show ospfv3 command on the remote router to get its router ID. In der f a virtual link to be successful, you need a stable router ID at each end of the virtual link. You do not want them to be subject to change, which could happen if they are assigned by default (See the OSPF Instance and Router ID section f an explanation of how the router ID is determined.) Therefe, we recommend that you perfm one of the following tasks befe configuring a virtual link: Use the router-id command to set the router ID. This strategy is preferable. RC-99

100 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Configure a loopback interface so that the router will have a fixed router ID. Befe configuring your virtual link f OSPF Version 2, you must decide whether to configure plain text authentication, MD5 authentication, no authentication (which is the default). Your decision determines whether you need to perfm additional tasks related to authentication. Note If you decide to configure plain text authentication no authentication, refer to the authentication command provided in the Routing Software Product Commands document. SUMMARY STEPS 1. show ospf [instance-name] show ospfv3 [instance-name] 2. configure 3. router ospf instance-name router ospfv3 instance-name 4. router-id {ipv4-address interface-type interface-number} 5. area area-id 6. virtual link router-id 7. authentication message-digest 8. message-digest-key key-id md5 [0 7] key 9. Repeat all of the steps in this task on the ABR that is at the other end of the virtual link. Specify the same key ID and key that you specified f the virtual link on this router. 10. end commit 11. show ospf [instance-name] [area-id] virtual-links show ospfv3 [instance-name] virtual-links RC-100

101 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software DETAILED STEPS Step 1 Step 2 Command Action show ospf [instance-name] show ospfv3 [instance-name] RP/0/RP0/CPU0:router# show ospf RP/0/RP0/CPU0:router# show ospfv3 configure Purpose (Optional) Displays general infmation about OSPF routing processes. The output displays the router ID of the local router. You need this router ID to configure the other end of the link. Enters global configuration mode. Step 3 Step 4 Step 5 Step 6 Step 7 RP/0/RP0/CPU0:router# configure router ospf instance-name router ospfv3 instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 RP/0/RP0/CPU0:router(config)# router ospfv3 1 router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id area area-id RP/0/RP0/CPU0:router(config-router)# area 1 virtual-link router-id RP/0/RP0/CPU0:router(config-ospf-ar)# virtual link authentication message-digest RP/0/RP0/CPU0:router(config-ospf-ar)# authentication message-digest Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Enables OSPFv3 routing f the specified routing instance, and places the router in router ospfv3 configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. Enters area configuration mode and configures a nonbackbone area f the OSPF process. The area-id argument can be entered in dotted-decimal IPv4 address notation, such as area 1000 area However, you must choose one fm the other f an area. Defines an OSPF virtual link. See the Virtual Link and Transit Area f OSPF section. Selects MD5 authentication f this virtual link. Note This command is not suppted f OSPFv3. OSPFv3 does not suppt MD5 authentication. RC-101

102 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Step 8 Step 9 Step 10 Step 11 Command Action message-digest-key key-id md5 [0 7] key RP/0/RP0/CPU0:router(config-ospf-ar)# message-digest-key 4 md5 0 yourkey Repeat all of the steps in this task on the ABR that is at the other end of the virtual link. Specify the same key ID and key that you specified f the virtual link on this router. end commit RP/0/RP0/CPU0:router(config-ospf-ar)# end RP/0/RP0/CPU0:router(config-ospf-ar)# commit show ospf [instance-name] [area-id] virtual-links show ospfv3 [instance-name] virtual-links Purpose Defines an OSPF virtual link. See the Virtual Link and Transit Area f OSPF section to understand a virtual link. The key-id argument is a number in the range from 1 to 255. The key argument is an alphanumeric string of up to 16 characters. The routers at both ends of the virtual link must have the same key identifier and key to be able to route OSPF traffic. When the encryption type identifier 7 is specified, the key is encrypted and sted on the router; otherwise, the key is unencrypted The authentication-key key option is not suppted f OSPFv3. Once the key is encrypted it must remain encrypted. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays the parameters and the current state of OSPF virtual links. RP/0/RP0/CPU0:router# show ospf 1 2 virtual-links RP/0/RP0/CPU0:router# show ospf 1 virtual-links Examples In the following example, the show ospfv3 virtual links EXEC command verifies that the OSPF_VL0 virtual link to the OSPFv3 neighb is up, the ID of the virtual link interface is 2, and the IPv6 address of the virtual link endpoint is 2003:3000::1: RC-102

103 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software RP/0/RP0/CPU0:router# show ospfv3 virtual-links Virtual Links f OSPFv3 1 Virtual Link OSPF_VL0 to router is up Interface ID 2, IPv6 address 2003:3000::1 Run as demand circuit DoNotAge LSA allowed. Transit area , via interface POS 0/1/0/1, Cost of using 2 Transmit Delay is 5 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:02 Adjacency State FULL (Hello suppressed) Index 0/2/3, retransmission queue length 0, number of retransmission 1 First 0(0)/0(0)/0(0) Next 0(0)/0(0)/0(0) Last retransmission scan length is 1, maximum is 1 Last retransmission scan time is 0 msec, maximum is 0 msec Check f lines: Virtual Link OSPF_VL0 to router is up Adjacency State FULL (Hello suppressed) State is up and Adjacency State is FULL Summarizing Subnetwk LSAs on an OSPF ABR SUMMARY STEPS If you configured two me subnetwks when you assigned your IP addresses to your interfaces, you might want the software to summarize into a single LSA all of the subnetwks that the local area advertises to another area. Such summarization would reduce the number of LSAs and thereby conserve netwk resources. This summarization is known as interarea route summarization. It applies to routes from within the autonomous system. It does not apply to external routes injected into OSPF by way of redistribution. This task configures the software to summarize subnetwks into one LSA, by specifying that all subnetwks that fall into a range are advertised together. This task is perfmed on an ABR only. 1. configure 2. router ospf instance-name router ospfv3 instance-name 3. router-id {ipv4-address interface-type interface-number} 4. area area-id 5. range ip-address mask [advertise not-advertise] range ipv6-prefix/prefix-length [advertise not-advertise] 6. interface type number 7. end commit RC-103

104 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 RP/0/RP0/CPU0:router# configure router ospf instance-name router ospfv3 instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 RP/0/RP0/CPU0:router(config)# router ospfv3 1 router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id area area-id RP/0/RP0/CPU0:router(config-router)# area 0 Step 5 range ip-address mask [advertise not-advertise] range ipv6-prefix/prefix-length [advertise not-advertise] RP/0/RP0/CPU0:router(config-ospf-ar)# range advertise RP/0/RP0/CPU0:router(config-ospf-ar)# range 4004:f000::/32 advertise Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Enables OSPFv3 routing f the specified routing instance, and places the router in router ospfv3 configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. Enters area configuration mode and configures a backbone area f the OSPF process. The area-id argument can be entered in dotted-decimal IPv4 address notation, such as area 1000 area However, you must choose one fm the other f an area. Consolidates and summarizes OSPF routes at an area boundary. The advertise keywd causes the software to advertise the address range of subnetwks in a Type 3 summary LSA. The not-advertise keywd causes the software to suppress the Type 3 summary LSA, and the subnetwks in the range remain hidden from other areas. In the first example, all subnetwks f netwk are summarized and advertised by the ABR into areas outside the backbone. In the second example, two me IPv4 interfaces are covered by a 192.x.x netwk. RC-104

105 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Step 6 Step 7 Command Action interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface POS 0/2/0/3 end commit RP/0/RP0/CPU0:router(config-ospf-ar)# end RP/0/RP0/CPU0:router(config-ospf-ar)# commit Purpose Enters interface configuration mode and associates one me interfaces to the area. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Redistributing Routes from One IGP into OSPF This task redistributes from one protocol (could be OSPF) into OSPF. Prerequisites F infmation about configuring routing policy, refer to the Implementing Routing Policy on Cisco IOS-XR Software module. SUMMARY STEPS 1. configure 2. router ospf instance-name router ospfv3 instance-name 3. router-id {ipv4-address interface-type interface-number} 4. redistribute protocol [process-id] {level-1 level-1-2 level-2} [metric metric-value] [metric-type type-value] [match {internal external 1 external 2}] [tag tag-value] [route-map map-tag policy policy-tag] redistribute protocol [process-id] {level-1 level-1-2 level-2} [metric metric-value] [metric-type type-value] [match {internal external 1 external 2 NSSA-external 1 NSSA-external 2}] [tag tag-value] 5. summary-prefix address mask [not-advertise] [tag tag] summary-prefix ipv6-prefix/prefix-length [not-advertise] [tag tag] RC-105

106 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software 6. end commit DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 RP/0/RP0/CPU0:router# configure router ospf instance-name router ospfv3 instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 RP/0/RP0/CPU0:router(config)# router ospfv3 1 router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Enables OSPFv3 routing f the specified routing instance, and places the router in router ospfv3 configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. RC-106

107 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Command Action Step 4 redistribute protocol [process-id] {level-1 level-1-2 level-2} [metric metric-value] [metric-type type-value] [match {internal external 1 external 2}] [tag tag-value] [route-map map-tag policy policy-tag] redistribute protocol [process-id] {level-1 level-1-2 level-2} [metric metric-value] [metric-type type-value] [match {internal external 1 external 2 NSSA-external 1 NSSA-external 2}] [tag tag-value] RP/0/RP0/CPU0:router(config-router)# redistribute bgp 1 level-1 RP/0/RP0/CPU0:router(config-router)# redistribute bgp 1 level-1-2 metric-type 1 Purpose Redistributes OSPF version 1 routes from one routing domain to another routing domain. Redistributes OSPFv3 routes from one routing domain to another routing domain. This command causes the router to become an ASBR by definition. OSPF tags all routes learned through redistribution as external. The protocol and its process ID, if it has one, indicate the protocol being redistributed into OSPF. The metric is the cost you assign to the external route. The default is 20 f all protocols except BGP, whose default metric is 1. The OSPF version 1 example redistributes BGP autonomous system 1, Level 1 routes into OSPF as Type 2 external routes. The OSPFv3 example redistributes BGP autonomous system 1, Level 1 and 2 routes into OSPF. The external link type associated with the default route advertised into the OSPFv3 routing domain is the Type 1 external route. Note RPL is not suppted f OSPFv3. RC-107

108 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Step 5 Step 6 Command Action summary-prefix address mask [not-advertise] [tag tag] summary-prefix ipv6-prefix/prefix-length [not-advertise] [tag tag] RP/0/RP0/CPU0:router(config-router)# summary-prefix RP/0/RP0/CPU0:router(config-router)# summary-prefix 2010:11:22::/32 end commit RP/0/RP0/CPU0:router(config-router)# end RP/0/RP0/CPU0:router(config-router)# commit Purpose (Optional) Creates aggregate addresses f OSPF. (Optional) Creates aggregate addresses f OSPFv3. This command provides external route summarization of the non-ospf routes. External ranges that are being summarized should be contiguous. Summarization of overlapping ranges from two different routers could cause packets to be sent to the wrong destination. This command is optional. If you do not specify it, each route is included in the link-state database and advertised in LSAs. In the OSPFv2 example, the summary address includes address , , , and so on. Only the address is advertised in an external LSA. In the OSPFv3 example, the summary address 2010:11:22::/32 includeds addresses such as 2010:11:22:0:1000::1, 2010:11:22:0:2000:679:1, and so on. Only the address 2010:11:22::/32 is advertised in the external LSA. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. RC-108

109 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Configuring OSPF Shtest Path First Throttling This task explains how to configure SPF scheduling in millisecond intervals and to potentially delay SPF calculations during times of netwk instability. This task is optional. Prerequisites SUMMARY STEPS DETAILED STEPS See the OSPF Shtest Path First Throttling section f infmation about OSPF SPF throttling. 1. configure 2. router ospf instance-name router ospfv3 instance-name 3. router-id {ipv4-address interface-type interface-number} 4. timers throttle spf spf-start spf-hold spf-max-wait 5. area area-id 6. interface type number 7. end commit 8. show ospf [instance-name] show ospfv3 [instance-name] Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 RP/0/RP0/CPU0:router# configure router ospf instance-name router ospfv3 instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 RP/0/RP0/CPU0:router(config)# router ospfv3 1 Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Enables OSPFv3 routing f the specified routing instance, and places the router in router ospfv3 configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. RC-109

110 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Step 3 Step 4 Command Action router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id timers throttle spf spf-start spf-hold spf-max-wait Purpose Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. Sets SPF throttling timers. Step 5 Step 6 Step 7 Step 8 RP/0/RP0/CPU0:router(config-router)# timers throttle spf area area-id RP/0/RP0/CPU0:router(config-router)# area 0 interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface POS 0/1/0/3 end commit RP/0/RP0/CPU0:router(config-ospf-ar-if)# end RP/0/RP0/CPU0:router(config-ospf-ar-if)# commit show ospf [instance-name] show ospfv3 [instance-name] Enters area configuration mode and configures a backbone area. The area-id argument can be entered in dotted-decimal IPv4 address notation, such as area 1000 area However, you must choose one fm the other f an area. Enters interface configuration mode and associates one me interfaces to the area. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays SPF throttling timers. RP/0/RP0/CPU0:router# show ospf 1 RP/0/RP0/CPU0:router# show ospfv3 2 RC-110

111 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Examples In the following example, the show ospf EXEC command is used to verify that the initial SPF schedule delay time, the minimum hold time, and the maximum wait time are configured crectly. Additional details are also displayed about the OSPF instance, such as router type and redistribution of routes. RP/0/RP0/CPU0:router# show ospf 1 Routing Process "ospf 1" with ID Suppts only single TOS(TOS0) routes Suppts opaque LSA It is an autonomous system boundary router Redistributing External Routes from, ospf 2 Initial SPF schedule delay 5 msecs Minimum hold time between two consecutive SPFs 100 msecs Maximum wait time between two consecutive SPFs 1000 msecs Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs Number of external LSA 0. Checksum Sum Number of opaque AS LSA 0. Checksum Sum Number of DCbitless external and opaque AS LSA 0 Number of DoNotAge external and opaque AS LSA 0 Number of areas in this router is 1. 1 nmal 0 stub 0 nssa External flood list length 0 Non-Stop Fwarding enabled Note F a description of each output display field, refer to the show ospf command in the Routing Software Product Commands document. Configuring Nonstop Fwarding f OSPF Version 2 This task explains how to configure OSPF NSF on your NSF-capable router. This task is optional. Note The NSF feature is not suppted f OSPFv3 in this software release. Prerequisites OSPF NSF requires that all neighb netwking devices be NSF-aware, which happens automatically once you install the Cisco IOS-XR image on the router. If an NSF-capable router discovers that it has non-nsf-aware neighbs on a particular netwk segment, it will disable NSF capabilities f that segment. Other netwk segments composed entirely of NSF-capable NSF-aware routers will continue to provide NSF capabilities. See the Nonstop Fwarding f OSPF Version 2 section f conceptual infmation. Restrictions OSPF NSF f virtual links is not suppted. Neighbs must be NSF-aware. RC-111

112 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software SUMMARY STEPS 1. configure 2. router ospf instance-name 3. router-id {ipv4-address interface-type interface-number} 4. nsf nsf enfce global 5. nsf interval seconds 6. end commit DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 RP/0/RP0/CPU0:router# configure router ospf instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id nsf nsf enfce global RP/0/RP0/CPU0:router(config-router)# nsf RP/0/RP0/CPU0:router(config-router)# nsf enfce global Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. Enables OSPF NSF operations. Use the nsf command without the optional enfce and global keywds to abt the NSF restart mechanism on the interfaces of detected non-nsf neighbs and allow NSF neighbs to function properly. Use the nsf command with the optional enfce and global keywds if the router is expected to perfm NSF during restart. However, if non-nsf neighbs are detected, NSF restart will be canceled f the entire OSPF process. RC-112

113 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Step 5 Step 6 Command Action nsf interval seconds RP/0/RP0/CPU0:router(config-router)# nsf interval 120 end commit RP/0/RP0/CPU0:router(config-router)# end RP/0/RP0/CPU0:router(config-router)# commit Purpose Sets the minimum time between NSF restart attempts. Note When you use this command, the OSPF process must be up f at least 90 seconds befe OSPF attempts to perfm an NSF restart. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Configuring OSPF Version 2 f MPLS Traffic Engineering This task explains how to configure OSPF f MPLS TE. This task is optional. F a description of the MPLS TE tasks and commands that allow you to configure the router to suppt tunnels, configure an MPLS tunnel that OSPF can use, and to troubleshoot MPLS TE, refer to the Implementing MPLS Traffic Engineering Configuration Guide. Note The MPLS TE feature is not suppted f OSPFv3 in this initial Cisco IOS-XR software release. Prerequisites Your netwk must suppt the following Cisco IOS-XR features befe you enable MPLS TE f OSPF on your router: MPLS IP Cisco Express Fwarding (CEF) Note You must enter the commands in the following task on every OSPF router in the traffic-engineered ption of your netwk. RC-113

114 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Restrictions MPLS traffic engineering currently suppts only a single OSPF area. SUMMARY STEPS 1. configure 2. router ospf instance-name 3. router-id {ipv4-address interface-type interface-number} 4. mpls traffic-eng area area-id 5. mpls traffic-eng router-id {ip-address interface-type interface-number} 6. area area-id 7. interface type number 8. end commit 9. show ospf [instance-name] [area-id] mpls traffic-eng {link fragment} DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 RP/0/RP0/CPU0:router# configure router ospf instance-name RP/0/RP0/CPU0:router(config)# router ospf 1 router-id {ipv4-address interface-type interface-number} RP/0/RP0/CPU0:router(config-router)# router-id mpls traffic-eng area area-id Enables OSPF routing f the specified routing instance, and places the router in router configuration mode. Note The instance-name argument is any alphanumeric string no longer than 40 characters. Configures a router ID f the OSPF process. Note This identifier of the router acts as a stable IP address and is recommended rather than using the default IP address. Configures the OSPF area f MPLS TE. RP/0/RP0/CPU0:router(config-router)# mpls traffic-eng area 0 RC-114

115 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software Step 5 mpls traffic-eng router-id {ip-address interface-type interface-number} Step 6 Command Action RP/0/RP0/CPU0:router(config-router)# mpls traffic-eng router-id loopback 0 area area-id Purpose (Optional) Specifies that the traffic engineering router identifier f the node is the IP address associated with a given interface. This IP address is flooded to all nodes. F all traffic engineering tunnels iginating at other nodes and ending at this node, you must set the tunnel destination to the traffic engineering router identifier of the destination node, because that is the address that the traffic engineering topology database at the tunnel head uses f its path calculation. We recommend that loopback interfaces be used f MPLS TE because they are me stable than physical interfaces. Enters area configuration mode and configures an area f the OSPF process. Step 7 Step 8 Step 9 RP/0/RP0/CPU0:router(config-router)# area 0 interface type number RP/0/RP0/CPU0:router(config-ospf-ar)# interface interface loopback0 end commit RP/0/RP0/CPU0:router(config-ospf-ar-if)# end RP/0/RP0/CPU0:router(config-ospf-ar-if)# commit show ospf [instance-name] [area-id] mpls traffic-eng {link fragment} The area-id argument can be entered in dotted-decimal IPv4 address notation, such as area 1000 area However, you must choose one fm the other f an area. Enters interface configuration mode and associates one me interfaces to the area. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. (Optional) Displays infmation about the links and fragments available on the local router f MPLS TE. RP/0/RP0/CPU0:router# show ospf 1 0 mpls traffic-eng link RC-115

116 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Examples This section provides the following output examples: Sample Output f the show ospf Command Befe Configuring MPLS TE, page RC-116 Sample Output f the show ospf mpls traffic-eng Command, page RC-116 Sample Output f the show ospf Command After Configuring MPLS TE, page RC-117 Sample Output f the show ospf Command Befe Configuring MPLS TE In the following example, the show route ospf EXEC command verifies that the POS interface 0/3/0/0 exists and MPLS TE is not configured: RP/0/RP0/CPU0:router# show route ospf 1 0 O E /24 [110/20] via , 00:02:50, POS 0/3/0/0 [110/20] via , 00:02:50, POS 0/3/0/1 O E /24 [110/20] via , 00:02:50, POS 0/3/0/0 [110/20] via , 00:02:50, POS 0/3/0/1 O E /24 [110/20] via , 00:02:50, POS 0/3/0/0 [110/20] via , 00:02:50, POS 0/3/0/1 O /24 [110/2] via , 00:02:50, POS 0/3/0/0 [110/2] via , 00:02:50, POS 0/3/0/1 Sample Output f the show ospf mpls traffic-eng Command In the following example, the show ospf mpls traffic-eng EXEC command is used to verify that the MPLS TE fragments are configured crectly: RP/0/RP0/CPU0:router# show ospf 1 mpls traffic-eng fragment OSPF Router with ID ( ) (Process ID 1) Area 0 has 1 MPLS TE fragment. Area instance is 3. MPLS router address is Next fragment ID is 1 Fragment 0 has 1 link. Fragment instance is 3. Fragment has 0 link the same as last update. Fragment advertise MPLS router address Link is associated with fragment 0. Link instance is 3 Link connected to Point-to-Point netwk Link ID : Interface Address : Neighb Address : Admin Metric :0 Maximum bandwidth : Maximum global pool reservable bandwidth : Maximum sub pool reservable bandwidth : Number of Priity :8 Global pool unreserved BW Priity 0 : Priity 1 : Priity 2 : Priity 3 : Priity 4 : Priity 5 : Priity 6 : Priity 7 : Sub pool unreserved BW Priity 0 : Priity 1 : Priity 2 : Priity 3 : Priity 4 : Priity 5 : Priity 6 : Priity 7 : Affinity Bit :0 RC-116

117 Implementing OSPF on Cisco IOS-XR Software How to Implement OSPF on Cisco IOS-XR Software In the following example, the show ospf mpls traffic-eng EXEC command is used to verify that the MPLS TE links on area instance 3 are configured crectly: RP/0/RP0/CPU0:router# show ospf mpls traffic-eng link OSPF Router with ID ( ) (Process ID 1) Area 0 has 1 MPLS TE links. Area instance is 3. Links in hash bucket 53. Link is associated with fragment 0. Link instance is 3 Link connected to Point-to-Point netwk Link ID : Interface Address : Neighb Address : Admin Metric :0 Maximum bandwidth : Maximum global pool reservable bandwidth : Maximum sub pool reservable bandwidth : Number of Priity :8 Global pool unreserved BW Priity 0 : Priity 1 : Priity 2 : Priity 3 : Priity 4 : Priity 5 : Priity 6 : Priity 7 : Sub pool unreserved BW Priity 0 : Priity 1 : Priity 2 : Priity 3 : Priity 4 : Priity 5 : Priity 6 : Priity 7 : Affinity Bit :0 Sample Output f the show ospf Command After Configuring MPLS TE In the following example, the show route ospf EXEC command is used to verify that the MPLS TE tunnels replaced POS interface 0/3/0/0 and that configuration was perfmed crectly: RP/0/RP0/CPU0:router# show route ospf 1 0 O E /24 [110/20] via , 00:00:15, tunnel2 O E /24 [110/20] via , 00:00:15, tunnel2 O E /24 [110/20] via , 00:00:15, tunnel2 O /24 [110/2] via , 00:00:15, tunnel2 Verifying OSPF Configuration and Operation This task explains how to verify the configuration and operation of OSPF. Note To execute OSPFv3 commands f this task, replace ospf with ospfv3 in Steps 1 through 7. SUMMARY STEPS 1. show ospf [instance-name] 2. show ospf [instance-name] bder-routers 3. show ospf [instance-name] database 4. show ospf [instance-name] [area-id] flood-list interface type number RC-117

118 How to Implement OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software 5. show ospf [instance-name] [area-id] neighb [interface-type interface-number] [neighb-id] [detail] 6. clear ospf [instance-name] process 7. clear ospf [instance-name] statistics [neighb [interface-type interface-number] [ip-address]] DETAILED STEPS Step 1 Step 2 Step 3 Step 4 Command Action show ospf [instance-name] RP/0/RP0/CPU0:router# show ospf group1 show ospf [instance-name] bder-routers RP/0/RP0/CPU0:router# show ospf group1 bder-routers show ospf [instance-name] database RP/0/RP0/CPU0:router# show ospf group2 database show ospf [instance-name] [area-id] flood-list interface type number Purpose (Optional) Displays general infmation about OSPF routing processes. (Optional) Displays the internal OSPF routing table entries to an ABR and ASBR. (Optional) Displays the lists of infmation related to the OSPF database f a specific router. The various fms of this command deliver infmation about different OSPF LSAs. Refer to the Routing Software Product Commands. (Optional) Displays a list of OSPF LSAs waiting to be flooded over an interface. Step 5 RP/0/RP0/CPU0:router# show ospf 100 flood-list interface pos 0/3/0/0 show ospf [instance-name] [area-id] neighb [interface-type interface-number] [neighb-id] [detail] (Optional) Displays OSPF neighb infmation on a per-interface basis. Step 6 Step 7 RP/0/RP0/CPU0:router# show ospf 100 neighb clear ospf [instance-name] process RP/0/RP0/CPU0:router# clear ospf 100 process clear ospf [instance-name] statistics [neighb [interface-type interface-number] [ip-address]] (Optional) Resets an OSPF router process without stopping and restarting it. (Optional) Clears the OSPF statistics of neighb state transitions. RP/0/RP0/CPU0:router# clear ospf 100 statistics RC-118

119 Implementing OSPF on Cisco IOS-XR Software Configuration Examples f Implementing OSPF on Cisco IOS-XR Software Configuration Examples f Implementing OSPF on Cisco IOS-XR Software This section provides the following configuration examples: Comparison of Cisco IOS and Cisco IOS-XR f OSPF Version 2: Example, page RC-119 CLI Inheritance and Precedence f OSPF Version 2: Example, page RC-121 MPLS TE f OSPF Version 2: Example, page RC-122 ABR with Summarization f OSPFv3: Example, page RC-122 ABR Stub Area f OSPFv3: Example, page RC-123 ABR Totally Stub Area f OSPFv3: Example, page RC-123 Route Redistribution f OSPFv3: Example, page RC-123 Virtual Link Configured Through Area 1 f OSPFv3: Example, page RC-123 Comparison of Cisco IOS and Cisco IOS-XR f OSPF Version 2: Example The following example compares how an OSPF interface is configured f an area in Cisco IOS software and then in Cisco IOS-XR software. In Cisco IOS software, OSPF interfaces and areas are configured through the netwk command. In Cisco IOS-XR software, area 0 must be explicitly configured with the area command and all interfaces that are in the range from to are bound to area 0. Interfaces are configured with the interface command (while the router is in area configuration mode) and the area keywd is not included in the interface statement. Cisco IOS Software Configuration interface POS 0/3/0/0 ip address negotiation auto router ospf 1 router-id netwk area 0 Cisco IOS-XR Software Configuration interface POS 0/3/0/0 ip address negotiation auto router ospf 1 router-id area 0 interface POS 0/3/0/0 The following example compares how OSPF interface parameters are configured f an area in Cisco IOS software and then in Cisco IOS-XR software. RC-119

120 Configuration Examples f Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software In Cisco IOS software, OSPF interface-specific parameters are configured in interface configuration mode. In Cisco IOS-XR software, OSPF interface-specific parameters are configured in interface configuration mode and explicitly defined f area 0. In addition, the ip ospf keywds are no longer required. Cisco IOS Software Configuration interface POS 0/3/0/0 ip address negotiation auto ip ospf cost 77 ip ospf mtu-igne ip ospf authentication message-digest ip ospf message-digest-key 1 md5 0 test router ospf 1 router-id netwk area 0 Cisco IOS-XR Software Configuration interface POS 0/3/0/0 ip address negotiation auto router ospf 1 router-id area 0 interface POS 0/3/0/0 cost 77 mtu-igne authentication message-digest message-digest-key 1 md5 0 test The following example compares the hierarchical CLI structure of Cisco IOS-XR software to that of Cisco IOS software. In Cisco IOS software, OSPF areas are configured through the netwk command. In Cisco IOS-XR software, OSPF areas must be explicitly configured and interfaces configured under the area configuration mode are explicitly bound to that area. In this example, interface /24 is bound to area 0 and interface /24 is bound to area 1. Cisco IOS Software Configuration interface POS 0/3/0/0 ip address negotiation auto interface POS 0/3/0/0 ip address negotiation auto router ospf 1 router-id netwk area 0 netwk area 1 RC-120

121 Implementing OSPF on Cisco IOS-XR Software Configuration Examples f Implementing OSPF on Cisco IOS-XR Software Cisco IOS-XR Software Configuration interface POS 0/3/0/0 ip address negotiation auto interface POS 0/3/0/1 ip address negotiation auto router ospf 1 router-id area 0 interface /24 area 1 interface /24 CLI Inheritance and Precedence f OSPF Version 2: Example The following example configures the cost parameter at different hierarchical levels of the OSPF topology, and illustrates how the parameter is inherited and how only one setting takes precedence. Accding to the precedence rule, the most explicit configuration is used. The cost parameter is set to 5 seconds in router configuration mode f the OSPF process. Area 1 sets the cost to 15 seconds and area 6 sets the cost to 30 seconds. All the interfaces in area 0 will inherit a cost of 5 seconds from the OSPF process because the cost was not set in area 0 its interfaces. In area 1, every interface will have a cost of 15 seconds, because the cost is set in area 1 and 15 seconds overrides the value 5 seconds that was set in router configuration mode. Area 4 does not set the cost, but POS interface 01/0/2 sets the cost to 20 seconds. The remaining interfaces in area 4 will have a cost of 5 seconds that is inherited from the OSPF process. Area 6 sets the cost to 30 seconds that will be inherited by POS interfaces 0/1/0/3 and 0/2/0/3. POS interface 0/3/0/3 will use the cost of 1 second that is set in interface configuration mode. router ospf 1 router-id cost 5 area 0 interface POS 0/1/0/0 interface POS 0/2/0/0 interface POS 0/3/0/0 area 1 cost 15 interface POS 0/1/0/1 interface POS 0/2/0/1 interface POS 0/3/0/1 RC-121

122 Configuration Examples f Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software area 4 interface POS 0/1/0/2 cost 20 interface POS 0/2/0/2 interface POS 0/3/0/2 area 6 cost 30 interface POS 0/1/0/3 interface POS 0/2/0/3 interface POS 0/3/0/3 cost 1 MPLS TE f OSPF Version 2: Example The following example shows how to configure the OSPF ption of MPLS TE. However, you still need to build an MPLS TE topology and create an MPLS TE tunnel. Refer to the MPLS Configuration Guide document f infmation. In this example loopback interface 0 is associated with area 0 and area 0 is declared to be an MPLS area: interface Loopback 0 ip address interface POS 0/2/0/0 ip address router ospf 1 router-id nsf auto-cost reference-bandwidth area 0 interface POS 0/2/0/0 interface Loopback 0 mpls traffic-eng area 0 mpls traffic-eng router-id Loopback 0 ABR with Summarization f OSPFv3: Example The following example shows the prefix range 2300::/16 summarized from area 1 into the backbone: router ospfv3 1 router-id area 0 interface POS 0/2/0/1 area 1 range 2300::/16 interface POS 0/2/0/0 RC-122

123 Implementing OSPF on Cisco IOS-XR Software Configuration Examples f Implementing OSPF on Cisco IOS-XR Software ABR Stub Area f OSPFv3: Example The following example shows that area 1 is configured as a stub area: router ospfv3 1 router-id area 0 interface POS 0/2/0/1 area 1 stub interface POS 0/2/0/0 ABR Totally Stub Area f OSPFv3: Example The following example shows that area 1 is configured as a totally stub area: router ospfv3 1 router-id area 0 interface POS 0/2/0/1 area 1 stub no-summary interface POS 0/2/0/0 Route Redistribution f OSPFv3: Example The following example uses prefix lists to limit the routes redistributed from other protocols. Only routes with 9898:1000 in the upper 32 bits, and with prefix lengths from 32 to 64 will be redistributed from BGP 42. Only routes not matching this pattern will be redistributed from BGP Note In the initial release of Cisco IOS-XR software, this is the only mechanism used to control redistribution. Future releases will add suppt f RPL. ipv6 prefix-list list1 seq 10 permit 9898:1000::/32 ge 32 le 64 ipv6 prefix-list list2 seq 10 deny 9898:1000::/32 ge 32 le 64 seq 20 permit ::/0 le 128 router ospfv3 1 router-id redistribute bgp 42 redistribute bgp 1956 distribute-list prefix-list list1 out bgp 42 distribute-list prefix-list list2 out bgp 1956 area 1 interface POS 0/2/0/0 Virtual Link Configured Through Area 1 f OSPFv3: Example This example sets up a virtual link to connect the backbone through area 1 f the OSPFv3 topology that consists of areas 0 and 1, and virtual links and : RC-123

124 Configuration Examples f Implementing OSPF on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software ABR 1 Configuration router ospfv3 1 router-id area 0 interface POS 0/2/0/1 area 1 virtual-link interface POS 0/2/0/0 ABR 2 Configuration router ospfv3 1 router-id area 0 interface POS 0/3/0/1 area 1 virtual-link interface POS 0/2/0/0 Virtual Link Configured with MD5 Authentication f OSPF Version 2: Example The following examples show how to configure a virtual link to your backbone and apply MD5 authentication. You must perfm the steps described on both ABRs at each end of the virtual link. Once you explicitly configure the ABRs, the configuration will be inherited by all the interfaces bound to that area unless you override the values and configure them explicitly f the interface. To understand virtual links, see the Virtual Link and Transit Area f OSPF section. Note The MD5 authentication feature is not suppted f OSPFv3 in this software release. In this example, all interfaces on router ABR1 use MD5 authentication: router ospf ABR1 router-id authentication message-digest message-digest-key 100 md5 0 cisco area 0 interface pos 0/2/0/1 interface pos 0/3/0/0 area 1 interface pos 0/3/0/1 virtual-link In this example, only area 1 interfaces on router ABR3 use MD5 authentication: router ospf ABR2 router-id area 0 area 1 authentication message-digest message-digest-key 100 md5 0 cisco interface pos 0/9/0/1 virtual-link area 3 interface pos 0/9/0/0interface Loopback 0 RC-124

125 Implementing OSPF on Cisco IOS-XR Software Where to Go Next Where to Go Next To configure route maps through the RPL f OSPF Version 2, refer to the Implementing Routing Policy on Cisco IOS-XR Software document. To build an MPLS TE topology, create tunnels, and configure fwarding over the tunnel f OSPF Version 2; refer to the Implementing MPLS on Cisco IOS-XR Software document. RC-125

126 Additional References Implementing OSPF on Cisco IOS-XR Software Additional References The following sections provide references related to implementing OSPF on Cisco IOS-XR software. Related Documents Related Topic OSPF and OSPFv3 commands Cisco IOS OSPF commands Cisco IOS OSPF configuration tasks Document Title Cisco IOS-XR Routing Software Product Commands Cisco IOS IP Command Reference, Volume 2 of 4: Routing Protocols, Release cgcr/iprrp_r/ip2_00g.htm Cisco IOS IP Configuration Guide 122cgcr/fipr_c/ipcprt2/1cfospf.htm MPLS TE feature infmation Implementing MPLS Traffic Engineering Configuration Guide 121newft/121t/121t3/traffeng.htm IPv6 commands Cisco IOS IPv6, Release newft/122t/122t13/ipv6/ IPv6 basic connectivity Implementing Basic Connectivity f IPv6 module f Cisco IOS Release newft/122t/122t13/ipv6/ipv6imp/sa_bconn.htm Cisco CRS-1 Series Carrier Routing System Router Interface Cisco CRS-1 Series Carrier Routing System Craft Web Interface (CWI) Cisco CRS-1 Series Carrier Routing System Router Interface Configuration Guide Cisco CRS-1 Series Carrier Routing System Craft Web Interface (CWI) Configuration Standards Standards No new modified standards are suppted by the features in this document, and suppt f existing standards had not been modified by the features in this document. Title RC-126

127 Implementing OSPF on Cisco IOS-XR Software Additional References RFCs RFCs Title RFC 1587 Not so Stubby Area (NSSA) RFC 1793 OSPF over demand circuit RFC 2328 OSPF Version 2 RFC 2740 OSPFv3 Technical Assistance Description Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even me content. Link RC-127

128 Glossary Implementing OSPF on Cisco IOS-XR Software Glossary ABR Area Bder Router. Router located on the bder of one me OSPF areas that connects those areas to the backbone netwk. ABRs are considered members of both the OSPF backbone and the attached areas. They therefe maintain routing tables describing both the backbone topology and the topology of the other areas. ASBR Autonomous System Bder Router. ABR located between an OSPF autonomous system and a non-ospf netwk. ASBRs run both OSPF and another router protocol such as BGP. ASBRs must reside in a nonstub OSPF area. ASE AS-external. BGP Bder Gateway Protocol. Interdomain routing protocol that replaces EGP. BGP exchanges reachability infmation with other BGP systems. It is defined by RFC LSA link-state advertisement. Broadcast packet used by link-state protocols that contains infmation about neighbs and path costs. LSAs are used by the receiving routers to maintain their routing tables. Sometimes called an LSP. NBMA nonbroadcast multiaccess. Term describing a multiaccess netwk that either does not suppt broadcasting (such as X.25) in which broadcasting is not feasible (f example, an SMDS broadcast group an extended Ethernet that is too large). NSF nonstop fwarding. NSF allows f the fwarding of data packets to continue along known routes while the routing protocol infmation is being rested following a failover. NSSA not-so-stubby area. NSSA allows impting of Type 7 autonomous system external routes within an NSSA area by redistribution. RP Route Process. Process module that contains the CPU, system software, and most of the memy components that are used in the router. RPL routing policy language. RPL suppts large scale routing configurations and reduces some of the redundancy that is inherent in route map configuration. Note Refer to Internetwking Terms and Acronyms f terms not included in this glossary. g y g Cisco Systems, Inc.; Changing the Way We Wk, Live, Play, and Learn, and iquick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwk Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scecard, LightStream, Linksys, MeetingPlace, MGX, the Netwkers logo, Netwking Academy, Netwk Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/ its affiliates in the United States and certain other countries. All other trademarks mentioned in this document Website are the property of their respective owners. The use of the wd partner does not imply a partnership relationship between Cisco and any other company. (0403R) RC-128

129 Implementing and Moniting RIB on Cisco IOS-XR Software The Routing Infmation Base (RIB) is a distributed collection of infmation about a netwk s routing connectivity between all of its nodes. Each router maintains a RIB containing the routing infmation f that router. RIB stes the best routes from all the routing protocols that are running on the system. Feature Specifications f Implementing and Moniting RIB on Cisco IOS-XR Software Feature Histy Release Release 2.0 Modification This feature was introduced. Contents Prerequisites f RIB, page RC-129 Infmation About RIB Configuration, page RC-130 How to Deploy and Monit RIB, page RC-132 Verification Examples f RIB Moniting, page RC-135 Where to Go Next, page RC-137 Additional References, page RC-137 Glossary, page RC-139 Prerequisites f RIB RIB is distributed with the base Cisco IOS-XR software; as such it does not have any special requirements f installation. The following are the requirements f base software installation: Router Cpate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA USA Copyright 2004 Cisco Systems, Inc. All rights reserved.

130 Infmation About RIB Configuration Implementing and Moniting RIB on Cisco IOS-XR Software Cisco IOS-XR software Base package Infmation About RIB Configuration To implement the Cisco RIB feature you must understand the following concepts: Overview of RIB, page RC-130 RIB Administrative Distance, page RC-131 RIB Suppt f IPv4 and IPv6, page RC-131 Overview of RIB Each routing protocol selects its own set of best routes, and installs those routes and their attributes in the RIB. The RIB stes these routes and selects the best ones from among all the routing protocols. Those routes are downloaded to the line cards f use in fwarding packets. The acronym RIB is used both to refer to the RIB processes, and to the collection of route data contained within the RIB. Within a protocol, routes are selected based on the metrics in use by that protocol. A protocol will download its best routes (lowest tied metric) to the RIB. The RIB will select the best overall route by comparing the administrative distance of the associated protocol. Comparison of Cisco IOS RIB and Cisco Cisco IOS-XR RIB The key differences in the function of the RIB feature in Cisco IOS software and Cisco IOS-XR software are: RIB is its own process on the Cisco IOS-XR system. RIB can be placed on any desired Route Process node on the netwk running any routing protocol. RIB Data Structures in BGP and Other Protocols RIB is not used in Bder Gateway Protocol (BGP) other protocols, such as Protocol Independent Multicast (PIM) Multicast Source Discovery Protocol (MSDP). However, these protocols use data structures similar to what RIB uses, and may internally refer to the data structures as a RIB. F example, BGP routes are sted in the BGP RIB (BRIB), and multicast routes, computed by multicast routing protocols such as PIM and MSDP, are sted in the Multicast RIB (MRIB). The RIB processes are not responsible f the BRIB and MRIB, which are handled by BGP and multicast processes respectively. The table used by the line cards and the RP to fward packets is called the Fwarding Infmation Base (FIB). The RIB processes do not build the FIBs. Instead, the RIB downloads the set of selected best routes to the FIB processes, by means of the Bulk Content Downloader (BCDL) process, onto each line card. The FIBs are then constructed. RC-130

131 Implementing and Moniting RIB on Cisco IOS-XR Software Infmation About RIB Configuration RIB Administrative Distance Fwarding is done based on the longest match. If you are fwarding a packet destined to , you will prefer /24 over /16 because a /24 is longer (and me specific) than a /16. Routes from different protocols that have the same prefix and length are chosen based on administrative distance. F instance, the Open Shtest Path First (OSPF) protocol has an administrative distance of 110, and the Intermediate System-to-Intermediate System (IS-IS) protocol has an administrative distance of 115. If IS-IS and OSPF both downloaded /24 to the RIB, the RIB would prefer the OSPF route, because OSPF has a lower administrative distance. Administrative distance is used only to choose between multiple routes of the same length. The default administrative distances f the common protocols are shown in Table 4: Table 4 Default Administrative Distances Protocol Administrative Distance Default Connected local routes 0 Static routes 1 External BGP routes 20 OSPF routes 110 IS-IS routes 115 Internal BGP routes 200 The administrative distance f some routing protocols (f instance IS-IS, OSPF, and BGP) can be changed. Please refer to the protocol specific documentation f the proper method to change the administrative distance of that protocol. Note Changing the administrative distance of a protocol on some but not all routers can lead to routing loops and other undesirable behavi. Doing so is not recommended. RIB Suppt f IPv4 and IPv6 In Cisco IOS-XR software, the RIB tables suppt multicast and unicast routing. The default routing table f Cisco IOS-XR RIB are the unicast and the multicast-unicast RIB tables f IPv4 and IPv6 routing, respectively. F multicast routing, routing protocols insert unicast routes into the multicast-unicast RIB table. Multicast protocols then use the infmation to build multicast routes (which in turn are sted in the MRIB). Please refer to the multicast documentation f me infmation on using and configuring multicast. The RIB processes ipv4_rib and ipv6_rib run on the RP card. If process placement functionality is available and suppted by multiple RPs in the router, the RIB processes can be placed on any available node. In the Release 2.0 of Cisco IOS-XR software, multiple RPs are not suppted. RC-131

132 How to Deploy and Monit RIB Implementing and Moniting RIB on Cisco IOS-XR Software How to Deploy and Monit RIB To deploy and monit RIB you must understand the following concepts: Verifying RIB configuration using the Routing Table, page RC-132 (required) Resolving Netwking and Routing Problems, page RC-132 (required) Verifying RIB configuration using the Routing Table SUMMARY STEPS DETAILED STEPS Verify the RIB configuration to ensure that RIB is running on the RP and functioning properly by checking the routing table summary and details. 1. show processes placement [ipv4_rib ipv6_rib] 2. show route [ipv4 ipv6] [unicast multicast] summary 3. show route [list list-name] [protocol [process-id]] [ipv4 ipv6] [unicast multicast] [ip-address [mask]] Step 1 Step 2 Step 3 Command Action show processes placement [ipv4_rib ipv6_rib] RP/0/RP1/CPU0:router# show processes placement ipv4_rib show route [ipv4 ipv6] [unicast multicast] summary RP/0/RP1/CPU0:router# show route summary show route [list list-name] [protocol [process-id]] [ipv4 ipv6] [unicast multicast] [ip-address [mask]] RP/0/RP1/CPU0:router# show route ipv4 unicast Purpose Displays and confirms the placement of the IPv4 RIB process the IPv6 RIB process on the node. Displays route summary infmation on the specified routing table. The default table summarized is the IPv4 unicast routing table. Displays me detailed route infmation on the specified routing table. This command is usually issued with an IP address other optional filters to limit its display. Otherwise, it will display all routes from the default IPv4 unicast routing table which can result in a very extensive list, depending on the configuration of the netwk. Resolving Netwking and Routing Problems This task verifies the operation of the routes between nodes. RC-132

133 Implementing and Moniting RIB on Cisco IOS-XR Software How to Deploy and Monit RIB SUMMARY STEPS 1. show route [list list-name] [protocol [instance]] [ipv4 ipv6] [unicast multicast] [ip-address [mask]] 2. show route [ipv4 ipv6] [unicast multicast] backup [ip-address] 3. show route [ipv4 ipv6] [unicast multicast] best-local ip-address 4. show route [ipv4 ipv6] [unicast multicast] connected 5. show route [ipv4 ipv6] [unicast multicast] local [interface] 6. show route [ipv4 ipv6] [unicast multicast] ip-address mask longer-prefixes 7. show route [ipv4 ipv6] [unicast multicast] next-hop ip-address DETAILED STEPS Step 1 Command Action show route [list list-name] [protocol [instance]] [ipv4 ipv6] [unicast multicast] [ip-address [mask]] Purpose Displays the current routes in the RIB. Step 2 RP/0/RP1/CPU0:router# show route list list1 bgp aspo ipv4 unicast /8 show route [ipv4 ipv6] [unicast multicast] backup [ip-address] Displays backup routes in the RIB. Step 3 RP/0/RP1/CPU0:router# show route ipv4 unicast backup /8 show route [ipv4 ipv6] [unicast multicast] best-local ip-address Displays the best-local address to use f return packets from the given destination. Step 4 RP/0/RP1/CPU0:router# show route ipv4 unicast best-local /8 show route [ipv4 ipv6] [unicast multicast] connected Displays the current connected routes of the routing table. Step 5 RP/0/RP1/CPU0:router# show route ipv4 unicast connected show route [ipv4 ipv6] [unicast multicast] local [interface] Displays local routes receiving routing updates from the RIB. RP/0/RP1/CPU0:router# show route ipv4 unicast local RC-133

134 How to Deploy and Monit RIB Implementing and Moniting RIB on Cisco IOS-XR Software Step 6 Command Action show route [ipv4 ipv6] [unicast multicast] ip-address mask longer-prefixes Purpose Displays the current routes in the RIB that share a given number of bits with a given netwk. Step 7 RP/0/RP1/CPU0:router# show route ipv4 unicast /8 longer-prefixes show route [ipv4 ipv6] [unicast multicast] next-hop ip-address Displays the next hop gateway host to a destination address. RP/0/RP1/CPU0:router# show route ipv4 unicast next-hop RC-134

135 Implementing and Moniting RIB on Cisco IOS-XR Software Verification Examples f RIB Moniting Verification Examples f RIB Moniting RIB is not configured separately f the Cisco IOS-XR system. The RIB computes connectivity of the router with other nodes in the netwk based on input from the routing protocols. It may be used to monit and troubleshoot the connections between the RIB and its clients. It is essentially used to monit routing connectivity between the nodes in a netwk. This section contains displays from the show commands used to monit that activity. The following examples are provided: show route: Example, page RC-135 show route backup: Example, page RC-135 show route best-local: Example, page RC-136 show route connected: Example, page RC-136 show route local: Example, page RC-136 show route longer-prefixes: Example, page RC-136 show route next-hop: Example, page RC-137 show route: Example The following is sample output from the show route command when entered without an address: RP/0/RP1/CPU0:router# show route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1 N2 - OSPF NSSA external type 2, E1 - OSPF external type 1 E2 - OSPF external type 2, E - EGP, i - ISIS, L1 - IS-IS level-1 L2 - IS-IS level-2, ia - IS-IS inter area su - IS-IS summary null, * - candidate default U - per-user static route, o - ODR, L - local Gateway of last rest is to netwk C L C L C L S /24 is directly connected, 1d21h, Ethernet0/1/0/ /32 is directly connected, 1d21h, Ethernet0/1/1/ /24 is directly connected, 1d21h, ATM4/ /32 is directly connected, 1d21h, ATM4/ /24 is directly connected, 1d21h, Loopback /32 is directly connected, 1d21h, Loopback /24 [1/0] via , 1d21h show route backup: Example The following is sample output from the show route backup command: RP/0/RP1/CPU0:router# show route backup Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1 N2 - OSPF NSSA external type 2, E1 - OSPF external type 1 E2 - OSPF external type 2, E - EGP, i - ISIS, L1 - IS-IS level-1 L2 - IS-IS level-2, ia - IS-IS inter area su - IS-IS summary null, * - candidate default U - per-user static route, o - ODR, L - local RC-135

136 Verification Examples f RIB Moniting Implementing and Moniting RIB on Cisco IOS-XR Software S /24 is directly connected, 2d20h, GigabitEthernet2/2 Backup O E2 [110/1] via , POS3/0 show route best-local: Example The following is sample output from the show route best-local command: RP/0/RP1/CPU0:router# show route best-local Routing entry f /32 Known via "local", distance 0, metric 0 (connected) Routing Descript Blocks directly connected, via POS3/0 Route metric is 0 show route connected: Example The following is sample output from the show route connected command: RP/0/RP1/CPU0:router# show route connected Gateway of last rest is to netwk C C C /24 is directly connected, 1d21h, Ethernet /24 is directly connected, 1d21h, ATM4/ /24 is directly connected, 1d21h, Loopback1 show route local: Example The following is sample output from the show route local command: RP/0/RP1/CPU0:router# show route local L L L L L /32 is directly connected, 00:14:36, Loopback /32 is directly connected, 00:14:32, Ethernet0/ /32 is directly connected, 00:13:35, POS3/ /32 is directly connected, 00:13:27, GigabitEthernet2/ /32 is directly connected, 00:13:26, GigabitEthernet2/2 show route longer-prefixes: Example The following is sample output from the show route longer-prefixes command: RP/0/RP1/CPU0:router# show route ipv /8 longer-prefixes Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1 N2 - OSPF NSSA external type 2, E1 - OSPF external type 1 E2 - OSPF external type 2, E - EGP, i - ISIS, L1 - IS-IS level-1 L2 - IS-IS level-2, ia - IS-IS inter area su - IS-IS summary null, * - candidate default RC-136

137 Implementing and Moniting RIB on Cisco IOS-XR Software Where to Go Next U - per-user static route, o - ODR, L - local Gateway of last rest is to netwk S /32 is directly connected, 00:00:24, Loopback0 S /32 is directly connected, 00:00:24, Loopback0 S /32 is directly connected, 00:00:24, Loopback0 S /32 is directly connected, 00:00:24, Loopback0 S /32 is directly connected, 00:00:24, Loopback0 S /32 is directly connected, 00:00:24, Loopback0 S /32 is directly connected, 00:00:24, Loopback0 S /32 is directly connected, 00:00:24, Loopback0 show route next-hop: Example The following is sample output from the show route next-hop command: RP/0/RP1/CPU0:router# show route next-hop Routing entry f /24 Known via "connected", distance 0, metric 0 (connected) Routing Descript Blocks directly connected, via GigabitEthernet6/0 Route metric is 0 Where to Go Next F additional infmation on the Protocols that interact with RIB, you may want to consult the following publications: Implementing BGP on Cisco IOS-XR Software Implementing IS-IS on Cisco IOS-XR Software Implementing OSPF on Cisco IOS-XR Software Implementing OSPFv3 on Cisco IOS-XR Software RIB Commands on Cisco IOS-XR Software Additional References The following sections provide references related to implementing RIB on Cisco IOS-XR software: Related Documents Related Topic Routing Infmation Base commands BGP commands IS-IS commands OSPF commands Document Title RIB Commands on Cisco IOS-XR Software BGP Commands on Cisco IOS-XR Software IS-IS Commands on Cisco IOS-XR Software OSPF Commands on Cisco IOS-XR Software RC-137

138 Additional References Implementing and Moniting RIB on Cisco IOS-XR Software Related Topic OSPFv3 commands Cisco CRS-1 Series Carrier Routing System router interface software Multicast commands Multicast configuration Cisco CRS-1 Series Carrier Routing System Craft Web Interface (CWI) Document Title OSPFv3 Commands on Cisco IOS-XR Software Cisco CRS-1 Series Carrier Routing System Router Interface Configuration Guide Multicast Commands on Cisco IOS-XR Software Cisco IOS-XR Multicast Configuration Guide Cisco CRS-1 Series Carrier Routing System Craft Wks Interface (CWI) Configuration Standards Standards No new modified standards are suppted by the features in this document, and suppt f existing standards had not been modified by the features in this document. Title MIBs MIBs No new modified MIBs are suppted by this feature, and suppt f existing MIBs has not been modified by this feature. MIBs Link To locate and download MIBs f selected platfms, Cisco IOS releases, and feature sets, use Cisco MIB Locat found at the following URL: RFCs RFCs No new modified RFCs are suppted by this feature, and suppt f existing RFCs has not been modified by this feature. Title RC-138

139 Implementing and Moniting RIB on Cisco IOS-XR Software Glossary Glossary BRIB Bder Gateway Protocol Routing Infmation Base. A BRIB contains BGP routes, collected by BGP processes instead of RIB processes. FIB Fwarding Infmation Base. The FIB table is used by the line cards and the RP to fward packets. The RIB processes do not build the FIBs. Instead, the RIB downloads the set of selected best routes to the FIB processes onto each line card. The FIBs are then constructed. MRIB Multicast Routing Infmation Base. An MRIB contains multicast routes, collected by multicast protocols, such as PIM and MSDP. MSDP Multicast Source Discovery Protocol. MSDP is used to connect multiple IP Version 4 Protocol Independent Multicast sparse mode (PIM-SM) domains. Each PIM-SM domain uses its own independent Rendezvous Point (RP) and does not have to depend on RPs in other domains. PIM Protocol Independent Multicast. Multicast routing architecture that allows the addition of IP multicast routing on existing IP netwks. PIM is unicast routing protocol-independent and can be operated in two modes: dense and sparse. RIB Routing Infmation Base. A RIB is a distributed collection of infmation about a netwk s routing connectivity between all of its nodes. Each router maintains a RIB containing the routing infmation f that router. RIB stes the best routes from all the routing protocols that are running on the system. RP Route Process. Process module that contains the CPU, system software, and most of the memy components that are used in the router. Note Refer to Internetwking Terms and Acronyms f terms not included in this glossary. g y g Cisco Systems, Inc.; Changing the Way We Wk, Live, Play, and Learn, and iquick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwk Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scecard, LightStream, Linksys, MeetingPlace, MGX, the Netwkers logo, Netwking Academy, Netwk Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/ its affiliates in the United States and certain other countries. All other trademarks mentioned in this document Website are the property of their respective owners. The use of the wd partner does not imply a partnership relationship between Cisco and any other company. (0403R) RC-139

140 Glossary Implementing and Moniting RIB on Cisco IOS-XR Software RC-140

141 Implementing Routing Policy on Cisco IOS-XR Software A routing policy instructs the router to inspect routes, filter them, and potentially modify their attributes as they are accepted from a peer, advertised to a peer, redistributed from one routing protocol to another. Routing protocols make decisions to advertise, aggregate, discard, distribute, expt, hold, impt, redistribute and otherwise modify routes based on configured routing policy. The routing policy language (RPL) has been designed to provide a single, straightfward language in which all routing policy needs can be expressed. RPL was designed to suppt large-scale routing configurations. It greatly reduces the redundancy inherent in previous routing policy configuration methods. RPL has been designed to streamline routing policy configuration, to reduce system resources required to ste and process these configurations, and to simplify troubleshooting. Note F a complete description of the RPL commands used in this chapter, refer to the Routing Policy Language Commands on Cisco IOS-XR Software module of the Cisco IOS-XR Routing Command Reference publication. To locate documentation of other commands that appear in this chapter, use the command reference master index, search online. Feature Histy f Implementing Routing Policy on Cisco IOS-XR Software Release Release 2.0 Modification This feature was introduced. Contents Prerequisites f Implementing Routing Policy, page RC-142 Restrictions f Implementing Routing Policy, page RC-142 Infmation About Implementing Routing Policy, page RC-142 How to Implement Routing Policy, page RC-165 Configuration Examples f Implementing Routing Policy, page RC-169 Additional References, page RC-179 RC-141

142 Prerequisites f Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software Prerequisites f Implementing Routing Policy Bder Gateway Protocol (BGP), integrated Intermediate System-to-Intermediate System (IS-IS), Open Shtest Path First (OSPF) must be configured in your netwk. Restrictions f Implementing Routing Policy To access the RPL command-line interface (CLI) configuration commands, you must belong to a task group associated with the route-policy task ID. Contact your system administrat f access permission. IPv6 addresses and prefixes are suppted only f the BGP protocol. Prefix sets may contain prefix specifications f both IPv4 and IPv6 using dotted-decimal and colon-separated hexadecimal fmats, respectively. However, IPv6 matching on destination, source, and next hop and setting of IPv6 next hops is only suppted at BGP attach points. Infmation About Implementing Routing Policy To implement RPL, you need to understand the following concepts: Comparison of Cisco IOS Route Maps and Cisco IOS-XR Routing Policy Language, page RC-142 Routing Policy Language, page RC-143 Routing Policy Configuration Basics, page RC-148 Policy Definitions, page RC-148 Parameterization, page RC-149 Semantics of Policy Application, page RC-150 Policy Statements, page RC-154 Attach Points, page RC-157 Attached Policy Modification, page RC-164 Nonattached Policy Modification, page RC-164 Comparison of Cisco IOS Route Maps and Cisco IOS-XR Routing Policy Language Route maps and RPL are both mechanisms to define routing policy so that routes are filtered and their attributes are potentially modified. Route maps and RPL differ in the ways that they allow routing policy to be expressed. Some of these key differences are: Traditionally, route maps consider each clause in der until a successful set of matching criteria occur. When a match happens, the cresponding set actions associated with that clause take effect. If no matches successfully occur, then the route is dropped. RC-142

143 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy In contrast, RPL has no distinct match clauses. Statements are processed in der from beginning to end. All statements are executed unless a drop statement is reached, which indicates that the route should be explicitly discarded and execution of the policy may stop. If a drop statement has not been processed by the end of the policy, and no attempt has been made to modify the route, the route is dropped. In a route policy, it is possible to selectively and conditionally set an attribute to one of several values. Thus it becomes possible, f example, to set the default local preference value at the beginning of a route policy and then later override that value under a selective set of conditions. In route maps, each clause maps to one specific set of match criteria and each clause allows only one set statement f each attribute type. Set statements in RPL can behave in an additive manner, f example, set med +5. Cisco IOS-XR software uses microemacs as an alternative edit to command line editing, which allows a user to edit an existing RPL object by name create a new one. Routing Policy Language Routing Policy Language Overview This section contains the following infmation: Routing Policy Language Overview, page RC-143 Routing Policy Language Structure, page RC-144 Routing Policy Language Components, page RC-147 RPL was devreloped in an efft to suppt large-scale routing configurations. RPL has several fundamental capabilities that differ from those present in configurations iented to traditional route maps, access lists, and prefix lists. The first of these capabilities is the ability to build policies in a modular fm. Common blocks of policy can be defined and maintained independently. These common blocks of policy can then be applied from other blocks of policy to build complete policies. This capability reduces the amount of configuration infmation that needs to be maintained. In addition, these common blocks of policy can be parameterized. This parameterization allows f policies that share the same structure but differ in the specific values that are set matched against to be maintained as independent blocks of policy. F example, three policies that are identical in every way except f the local preference value they set can be represented as one common parameterized policy that takes the varying local preference value as a parameter to the policy. The policy language introduces the notion of sets. Sets are containers of similar data that can be used in route attribute matching and setting operations. There are four set types: prefix-sets, community-sets, as-path-sets, and extcommunity-sets. These sets hold groupings of IPv4 IPv6 prefixes, community values, AS-path regular expressions, and extended community values, respectively, and are analogous to prefix lists, community lists, AS-path lists, and extended community lists from traditional Cisco IOS configuration with one significant difference: Sets do not encapsulate the notion of accept and deny, which are present in their traditional counterparts. Sets are simply containers of data. Most sets also have an inline variant. An inline set allows f small enumerations of values to be used directly in a policy rather than having to refer to a named set. Prefix lists, community lists, and AS-path lists must be maintained even when only one two items are in the list. An inline set in RPL allows the user to place small sets of values directly in the policy body without having to refer to a named list. RC-143

144 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software Decision making, such as accept and deny, is explicitly controlled by the policy definitions themselves. RPL combines matching operats, which may use set data, with the traditional boolean logic operats and,, and not into complex conditional expressions. All matching operations return either a simple true false result. The execution of these conditional expressions and their associated actions can then be controlled by using simple if then, elseif, and else structures, which allow the evaluation paths through the policy to be fully specified by the user. Routing Policy Language Structure Names Sets This section describes the basic structure of RPL. The policy language provides two kinds of persistent, namable objects: sets and policies. Definition of these objects is bracketed by beginning and ending command lines. F example, to define a policy named test, the configuration syntax would look similar to the following: route-policy test [... policy statements... ] end-policy Legal names f policy objects can be any sequence of the upper- and lowercase alphabetic characters; the numerals 0 to 9; and the punctuation characters period, hyphen, and undersce. A name must begin with a letter numeral. In this context, the term set is used in its mathematical sense to mean an undered collection of unique elements. The policy language provides sets as a container f groups of values f matching purposes. Sets are used in conditional expressions. The elements of the set are separated by commas. Null (empty) sets are not allowed. There are four kinds of sets: as-path-set, community-set, extcommunity-set, and prefix-set. You may want to perfm comparisons against a small number of elements, such as two three community values, f example. To allow f these comparisons, the user can enumerate these values directly. These enumerations as referred to as inline sets. Functionally, inline sets are equivalent to named sets, but allow f simple tests to be inline. Thus, comparisons do not require that a separate named set be maintained when only one two elements are being compared. See the set types described in the following sections f the syntax. In general, the syntax f an inline set is a comma-separated list surrounded by parentheses as follows: (<element-entry>,<element-entry>,<element-entry>,...<element-entry>), where <element-entry> is an entry of an item appropriate to the type of usage such as a prefix a community value. The following is an example using an inline community set: route-policy sample-inline if community matches-any (10:100, 20:100) then set local-preference 100 endif end-policy The following is an equivalent example using the named set test-communities: community-set test-communities 10:100, 20:100 end-set RC-144

145 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy route-policy sample if community matches-any test-communities then set local-preference 100 endif end-policy Both of these policies are functionally equivalent, but the inline fm does not require the configuration of the community set just to ste the two values. The user can choose the fm appropriate to the configuration context. In the following sections, examples of both the named set version and the inline fm are provided where appropriate. as-path-set An as-path-set comprises operations f matching an AS-path attribute. The only matching operation is a regular expression match, compatible with the as-regexp provided by Cisco IOS software in the ip as-path access-list command. Named Set Fm The named set fm uses the ios-regex keywd to indicate the type of regular expression, in this case one compatible with those provided by Cisco IOS software in the ip as-path access-list command, and requires single quotes around the regular expression. The following is a sample definition of a named as-path-set: as-path-set aset1 ios-regex _42$, ios-regex _127$ end-set This is an as-path-set composed of two elements. When used in a matching operation, this as-path-set will match any route whose AS-path ends with either the autonomous system (AS) number 42 the autonomous system number 127. To remove the named as-path-set, use the no as-path-set aset1 CLI command. Inline Set Fm The inline set fm is a parenthesized list of comma-separated expressions, as follows: (ios-regex '_42$', ios-regex '_127$') This set matches the same AS-paths as the above-named set, but does not require the extra efft of creating a named set separate from the policy that uses it. community-set A community-set holds community values f matching against the BGP community attribute. A community is a 32-bit quantity. Integer community values must be split in half, and expressed as two unsigned decimal integers in the range from 0 to 65535, separated by a colon. Single 32-bit community values are not allowed. The following is the named set fm: Named Set Fm community-set cset1 12:34, 12:56, 12:78, internet end-set RC-145

146 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software Inline Set Fm (12:34, 12:56, 12:78) ($as:34, $as:$tag1, 12:78, internet) The inline fm of a community-set also suppts parameterization. Each 16-bit ption of the community may be parameterized. See the Parameterization section f me infmation. RPL provides symbolic names f the standard well-known community values: internet is 0:0, no-expt is 65535:65281, no-advertise is 65535:65282, and local-as is 65535: RPL also provides a facility f using wildcards in community specifications. A wildcard is specified by inserting an asterisk (*) in place of one of the 16-bit ptions of the community specification; the wildcard indicates that any value f that ption of the community will match. Thus, the following policy matches all communities where the autonomous system part of the community is 123: community-set cset3 123:* end-set Every community set must contain at least one community value. Empty community sets are illegal and will be rejected. extcommunity-set An extended community-set is analogous to a community-set except that it contains extended community values instead of regular community values. It also suppts named fms and inline fms. The following are syntactic examples: Named Fm extcommunity-set extcomm-set1 RT: :666, RT:1234:666, SoO: :777, SoO :4567:777 end-set Inline Fm (RT: :666, RT:1234:6667, SoO: :777, SoO:45678:777) (RT:$ipaddr:666, RT:1234:$tag, SoO: :777, SoO:$tag2:777) As with community sets, the inline fm suppts parameterization within parameterized policies. Either ption of the extended community value can be parameterized. Note Parameterization of the extended community type, RT (route-target) and SoO (site of igin), is not suppted. Also, wildcarding of extended communities is not currently suppted. Every extended community-set must contain at least one extended community value. Empty extended community-sets are illegal and will be rejected. prefix-set A prefix-set holds IPv4 IPv6 prefix match specifications, each of which has four parts: an address, a mask length, a minimum matching length, and a maximum matching length. The address is required, but the other three parts are optional. The address is a standard dotted-quad numeric IPv4 IPv6 address. The mask length, if present, is a nonnegative decimal integer in the range from 0 to 32 (0 to 128 f IPv6) following the address and separated from it by a slash mark. The optional minimum matching length RC-146

147 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy follows the address and optional mask length and is expressed as the keywd ge (mnemonic f greater than equal to), followed by a nonnegative decimal integer in the range from 0 to 32 (0 to 128 f IPv6). The optional maximum matching length follows the rest and is expressed by the keywd le (mnemonic f less than equal to), followed by yet another nonnegative decimal integer in the range from 0 to 32 (0 to 128 f IPv6). A syntactic shtcut f specifying an exact length f prefixes to match is the eq keywd (mnemonic f equal to). If a prefix match specification has no mask length, then the default mask length is 32 f IPv4 and 128 f IPv6. The default minimum matching length is the mask length. If a minimum matching length is specified, then the default maximum matching length is 32 f IPv4 and 128 f IPv6. Otherwise, if neither minimum n maximum is specified, the default maximum is the mask length. The prefix-set itself is a comma-separated list of prefix match specifications. The following is an example: prefix-set legal-prefix-examples , /24, /24 ge 28, /24 le 28, /24 ge 26 le 30, /24 eq 28 end-set The first element of the prefix-set will match only one possible value, /32 the host address The second element will match only one possible value, /24. The third element will match a range of prefix values, from /28 to /32. The fourth element will match a range of values, from /24 to /28. The fifth element matches prefixes in the range from /26 to /30. The sixth element will match any prefix of length 28 in the range from /28 through /28. The following prefix-set consists entirely of illegal prefix match specifications: prefix-set ILLEGAL-PREFIX-EXAMPLES ge 16, le 16, /24 le 23, /24 ge 33, /25 ge 29 le 28 end-set Neither the minimum length n the maximum length is legal without a mask length. The maximum length must be at least the mask length. F IPv4, the minimum length must be less than 32, the maximum length of an IPv4 prefix. F IPv6, the minimum length must be less than 128, the maximum length of an IPv6 prefix. The maximum length must be equal to greater than the minimum length. Routing Policy Language Components Four main components in the routing policy language are involved in defining, modifying, and using policies: the configuration front end, the policy reposity, the execution engine, and the policy clients themselves. The configuration front end (CLI) is the mechanism to define and modify policies. This configuration is then sted on the router using the nmal stage means and can be displayed using the nmal configuration show commands. RC-147

148 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software The second component of the policy infrastructure, the policy reposity, has several responsibilities. First, it compiles the user-entered configuration into a fm that the execution engine can understand. Second, it carries out much of the verification of policies; it ensures that defined policies can actually be executed properly. Third, it tracks which attach points are using which policies so that when policies are modified the appropriate clients are properly updated with the new policies relevant to them. The third component is the execution engine. This component is the piece that actually runs policies as the clients request. The process can be thought of as receiving a route from one of the policy clients and then executing the actual policy against the specific route data. The fourth component is the policy clients (the routing protocols). This component calls the execution engine at the appropriate times to have a given policy be applied to a given route, and then carry out some number of actions. These actions may include deleting the route if policy indicated that it should be dropped, passing along the route to the protocol decision tree as a candidate f the best route, advertising a policy modified route to a neighb peer as appropriate. Routing Policy Configuration Basics Route policies comprise of a series of statements and expressions that are bracketed with the route-policy and end-policy keywds. Rather than a collection of individual commands (one per line), the statements within a route policy have context relative to each other. Thus, instead of each line being an individual command, each policy set is an independent configuration object that can be used, entered, and manipulated as a unit. Each line of a policy configuration is a logical subunit. At least one new line must follow the then, else, and end-policy keywds. A new line must also follow the closing parenthesis of a parameter list and the name string in a reference to an AS-path set, community set, extended community set, prefix set. At least one new line must precede the definition of a route policy, AS-path set, community set, extended community set, prefix set. One me new lines can follow an action statement. One me new lines can follow a comma separat in a named AS-path set, community set, extended community set, prefix set. A new line must appear at the end of a logical unit of policy expression, and may not appear anywhere else. Policy Definitions Policy definitions create named sequences of policy statements. A policy definition consists of the CLI route-policy keywd followed by a name, a sequence of policy statements, and the end-policy keywd. F example, the following policy will drop any route it encounters: route-policy drop-everything drop end-policy The name serves as a handle f binding the policy to protocols. To remove a policy definition, issue the no route-policy name command. Policies may also refer to other policies such that common blocks of policy can be reused. This reference to other policies is accomplished by using the apply statement, as shown in the following example: route-policy check-as-1234 if as-path passes-through 1234 then apply check-communities else pass endif end-policy RC-148

149 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy The apply statement indicates that we should execute the policy drop-everything if the route under consideration passed through autonomous system 1234 befe we received it. If a route that has autonomous system 1234 in it s as-path is received, the route will be dropped; otherwise the route will be accepted without modification. This policy is an example of a hierarchical policy. You may have as many levels of hierarchy as desired. However, many levels may be difficult to maintain and understand. Parameterization In addition to suppting reuse of policies via the apply statement, policies can be defined that allow f parameterization of some of the attributes. The following example defines a parameterized policy named param-example. In this case, the policy takes one parameter $mytag. Parameters always begin with a dollar sign, and consist otherwise of any alphanumeric characters. Parameters can be substituted into any attribute that takes a parameter. In the following example, a 16-bit community tag is used as a parameter: route-policy param-example ($mytag) set community (1234:$mytag) additive end-policy This parameterized policy can then be reused with different parameterizations as shown in the following example. In this manner, policies that share a common structure but use different values in some of their individual statements can be modularized. F details on which attributes can be parameterized, see the individual attribute sections. route-policy igin-10 if as-path iginates-from 10 then apply param-example(10) else pass endif end-policy route-policy igin-20 if as-path iginates-from 20 then apply param-example(20) else pass endif end-policy The parameterized policy param-example provides a policy definition that is expanded with the values provided as the parameters in the apply statement. Note that the policy hierarchy is always maintained, Thus, if the definition of param-example changes, then the behavi of igin_10 and igin_20 will change to match. The effect of the igin-10 policy is that it adds the community 1234:10 to all routes that pass though this policy and have an as-path indicating the route iginated from autonomous system 10. The igin-20 policy is similar except that it adds to community 1234:20 f routes iginating from autonomous system 20. RC-149

150 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software Semantics of Policy Application Boolean Operat Precedence This section discusses how routing policies are evaluated and applied. The following concepts are discussed: Boolean Operat Precedence, page RC-150 Multiple Modifications of the Same Attribute, page RC-150 When Attributes Are Modified, page RC-151 Default Drop Disposition, page RC-151 Control Flow, page RC-152 Policy Verification, page RC-152 Boolean expressions are evaluated in der of operat precedence, from left to right. The highest precedence operat is not, followed by and, and then. The following expression: med eq 10 and not destination in ( /24) community matches-any (56:78) if fully parenthesized to display the der of evaluation would look like this: (med eq 10 and (not destination in ( /24))) community matches-any (56:78) The inner not applies only to the destination test; the and combines the result of the not expression with the Multi Exit Discriminat (MED) test; and the combines that result with the community test. If the der of operations are rearranged: not med eq 10 and destination in ( /24) community matches-any (56:78) then the expression, fully parenthesized, would look like the following: ((not med eq 10) and destination in ( /24)) community matches-any (56:78) Multiple Modifications of the Same Attribute When a policy replaces the value of an attribute multiple times, the last assignment wins because all actions are executed. Because the MED attribute in BGP is one unique value, the last value it gets set to wins. Therefe, the following policy results in a route with a MED value of 12: set med 9 set med 10 set med 11 set med 12 This example is trivial, but the feature is not. It is possible to write a policy that effectively changes the value f an attribute. F example: set med 8 if community matches-any cs1 then set local-preference 122 if community matches-any cs2 then set med 12 endif endif The result is a route with a MED of 8, unless the community list of the route matches both cs1 and cs2, in which case the result is a route with a MED of 12. RC-150

151 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy In the case where the attribute being modified can contain only one value, it is easy to think of this case as the last statement wins. However, there are a few attributes that can contain multiple values and the result of multiple actions on the attribute is accumulative rather than a replacement. The first of these is the use of the additive option on community and extended community evaluation. Consider a policy of the fm: route-policy community-add set community (10:23) set community (10:24) additive set community (10:25) additive end-policy This policy sets the community string on the route to contain all three community values: 10:23, 10:24, and 10:25. The second of these cases is AS-path prepending. Consider a policy of the fm: route-policy prepend-example prepend as-path 2 3 prepend as-path end-policy This policy prepends the following to the AS-path ( ). This prepending is a result of all actions being taken and to AS-path being an attribute that contains an array of values rather than a simple scalar value. When Attributes Are Modified A policy does not modify route attribute values until all tests have completed. In other wds, comparison operats always run on the initial data in the route. Intermediate modifications of the route attributes will not have a cascading effect on the evaluation of the policy. Take the following example: if med eq 12 then set med 42 if med eq 42 then drop endif endif This policy will never execute the drop statement because the second test (med eq 42) sees the iginal, unmodified value of the MED in the route. Because the MED had to be 12 to get to the second test, the second test will always return false. Default Drop Disposition All route policies have a default action to drop the route under evaluation unless the route has been modified by a policy action explicitly passed. Applied (nested) policies implement this disposition as though the applied policy were pasted into the point where it is applied. Consider a policy to allow all the routes in the 10 net and set their local preference to 200 while dropping all other routes. You might write the policy as follows: route-policy two if destination in ( /8 ge 8 le 32) then set local-preference 200 endif end-policy route-policy one apply two RC-151

152 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software end-policy It may appear that policy one will drop all routes because it neither contains an explicit pass statement n modifies a route attribute. However, because the applied policy two does not set an attribute, its disposition is passed along by policy one. The result is that policy one will pass routes with destinations in netwk 10, and drop all others. Control Flow Policy statements are processed sequentially in the der in which they appear in the configuration. Policies that hierarchically reference other policy blocks are processed as if the referenced policy blocks had been directly substituted inline. F example, if the following policies are defined: route-policy one set weight 100 end-policy route-policy two set med 200 end-policy route-policy three apply two set community (2:666) additive end-policy route-policy four apply one apply three pass end-policy Policy four could be rewritten in an equivalent way as follows: route-policy four-equivalent set weight 100 set med 200 set community (2:666) additive pass end-policy Policy Verification Range Checking Several different types of verification occur when policies are being defined and used. As policies are being defined, some simple verifications, such as range checking of values, is done. F example, the MED that is being set is checked to verify that it is in a proper range f the MED attribute. However, this range checking cannot cover parameter specifications, because they may not have defined values yet. These parameter specifications are verified when a policy is attached to an attach point. The policy reposity also verifies that there are no recursive definitions of policy, and that parameter numbers are crect. At attach time, all policies must be well-fmed. All sets and policies that they reference must be defined and have valid values. Likewise, any parameter values must also be in the proper ranges. RC-152

153 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy Incomplete Policy and Set References Attached Policy Modification As long as a given policy is not attached at an attach point, the policy is allowed to refer to nonexistent sets and policies, which allows f freedom of wkflow. You can build configurations that reference sets policy blocks that are not yet defined, and then can later fill in those undefined policies and sets, thereby achieving much greater flexibility in policy definition. Every piece of policy you want to reference while defining a policy need not exist in the configuration. Thus, a user can define a policy sample that references the policy bar via an apply statement even if the policy bar does not exist. Similarly, a user can enter a policy statement that refers to a nonexistent set. However, the existence of all referenced policies and sets is enfced when a policy is attached. If you attempt to attach the policy sample with the reference to an undefined policy bar at an inbound BGP policy using the neighb address-family ipv4 unicast policy sample in command, the configuration attempt will be rejected because the policy bar does not exist. Likewise, you cannot remove a route policy set that is currently in use at an attach point because this removal would result in an undefined reference. An attempt to remove a route policy set that is currently in use will result in an err message to the user. There is a condition referred to as a null policy where the policy bar could exist but have no statements, actions, dispositions in it. In other wds, policy bar could exist as follows: route-policy bar end-policy This is a valid policy block. It would effectively fce all routes to be dropped, because it is a policy block that will never modify a route, n does it include the pass statement. Thus the default action of drop f the policy block will be followed. Policies that are in use will, on occasion, need to be modified. Traditionally, configuration changes were done by completely removing the relevant configuration and then reentering it. However, this allows f a window of time in which no policy is attached and the default action takes place. RPL provides a mechanism f an atomic change so that if a policy is redeclared, edited using the emacs edit, the new configuration is applied immediately, which allows f policies that are in use to be changed without having a window of time where no policy is applied at the given attach point. Verification of Attribute Comparisons and Actions The policy reposity knows which attributes, actions, and comparisons are valid at each attach point. When a policy is attached, these actions and comparisons are verified against the capabilities of that particular attach point. Take, f example, the following policy definition: route-policy bad set med 100 set level level-1-2 set cost 200 end-policy This policy attempts to perfm actions to set the BGP attribute med, the IS-IS attribute level, and the OPSF attribute cost. The system will allow you to define such a policy, but it will not allow you to attach such a policy. If you had defined the policy bad and then attempted to attach it as an inbound BGP policy using the BGP configuration statement neighb address-family ipv4 unicast policy bad in the system would reject this configuration attempt. This rejection is the result of the verification process checking the policy and realizing that while BGP could set the MED, it has no way of setting the level the cost as those are attributes of IS-IS and OSPF, respectively. Instead of silently omitting the actions that cannot be done, the system will generate an err to the user. Likewise, a valid policy in use at an RC-153

154 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software attach point cannot be modified in such a way as to introduce an attempt to modify a nonexistent attribute to compare against a nonexistent attribute. The verifiers test f nonexistent attributes and will reject such a configuration attempt. Policy Statements There are four types of policy statements: remark, disposition (drop and pass), action (set), and if (comparat). Remark A remark is text attached to policy configuration but otherwise igned by the policy language parser. Remarks can be useful f documenting parts of a policy. The syntax f a remark is text prepended with pound signs (#): # This is a simple one-line remark. # This # is a remark # comprising multiple # lines. In general, remarks are used between complete statements elements of a set. Remarks are not suppted in the middle of statements within an inline set definition. Disposition Action If a policy modifies a route, then by default the policy engine instructs the calling protocol to accept the route. The language provides a statement to fce the opposite outcome, the drop statement. If a policy matches a route and executes a drop, then the policy engine will instruct the calling protocol not to accept the route. If a policy does nothing to modify the route, the default behavi of the engine is to drop the route. To prevent this from happening, the pass statement may be used. The drop statement signifies to the engine that executes policy that the action to take is to discard the route. Once a route is dropped, no further execution of policy occurs. Thus if after executing the first two statements of a policy the drop disposition is encountered, execution will stop and the route will be discarded. It is imptant to note that all policies have a default drop action at the end of execution. If in the process of executing a policy no modifications to the route have been made, then the route will be dropped. The pass statement allows the user to signify that even though this route has not been modified, the user wants to accept this route without modification. When a policy has finished executing, any route that has been modified has received a pass disposition will be accepted and execution will be done. This is true if the modification pass disposition occurred directly in this policy indirectly in a policy that was hierarchically referenced via an apply statement. An action is a sequence of primitive operations that modify a route. Most actions, but not all, are distinguished by the set keywd. In a route policy, actions can be grouped together. F example, the following is a route policy comprising three actions: route-policy actions set med 217 RC-154

155 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy set community (12:34) additive delete community in (12:56) end-policy If In its simplest fm, an if statement uses a conditional expression to decide which actions dispositions should be taken f the given route. F example: if as-path in as-path-set-1 then drop endif The example indicates that any routes whose AS-path is in the set as-path-set-1 will be dropped. The contents of the then clause may be an arbitrary sequence of policy statements. The following example contains two action statements: if igin is igp then set med 42 prepend as-path 73 5 endif The if statement also permits an else clause, which is executed if the if-condition is false: if med eq 8 then set community (12:34) additive else set community (12:56) additive endif The policy language also provides syntax, using the elseif keywd, to string together a sequence of tests: if med eq 150 then set local-preference 10 elseif med eq 200 then set local-preference 60 elseif med eq 250 then set local-preference 110 else set local-preference 0 endif The statements within an if statement may themselves be if statements, as shown in the following example: if community matches-any (12:34, 56:78) then if med eq 150 then drop endif set local-preference 100 endif This policy example sets the value of the local preference attribute to 100 on any route that has a community value of 12:34 56:78 associated with it. However, if any of these routes has a MED value of 150, then these routes with either the community value of 12:34 56:78 and a MED of 150 are dropped. RC-155

156 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software Boolean Conditions In the previous section describing the if statement, all of the examples used simple Boolean conditions that evaluated to either true false. RPL also provides a way to build compound conditions from simple conditions by means of Boolean operats. There are three Boolean operats: negation (not), conjunction (and), and disjunction (). In the policy language, negation has the highest precedence, followed by conjunction, and then by disjunction. Parentheses may be used to group compound conditions to override precedence to improve readability. The following simple condition: med eq 42 will be true only if the value of the MED in the route is 42, otherwise it will be false. A simple condition may also be negated using the not operat: not next-hop in ( ) Any Boolean condition enclosed in parentheses is itself a Boolean condition: (destination in prefix-list-1) A compound condition takes either of two fms. It can be a simple expression followed by the and operat, itself followed by a simple condition: med eq 42 and next-hop in ( ) A compound condition may also be a simpler expression followed by the operat and then another simple condition: igin is igp igin is incomplete An entire compound condition may be enclosed in parentheses: (med eq 42 and next-hop in ( )) The parentheses may serve to make the grouping of subconditions me readable, they may fce the evaluation of a subcondition as a unit. In the following example, the highest-precedence not operat applies only to the destination test, the and combines the result of the not expression with the community test, and the combines that result with the MED test. med eq 10 not destination in ( /24) and community matches-any (56:78) With a set of parentheses to express the precedence, the result is the following: med eq 10 ((not destination in ( /24)) and community matches-any (56:78)) The following is another example of a complex expression: (igin is igp igin is incomplete not med eq 42) and next-hop in ( ) The left conjunction is a compound condition enclosed in parentheses. The first simple condition of the inner compound condition tests the value of the igin attribute; if it is Interi Gateway Protocol (IGP), then the inner compound condition is true. Otherwise, the evaluation moves on to test the value of the igin attribute again, and if it is incomplete, then the inner compound condition is true. Otherwise, the evaluation moves to check the next component condition, which is a negation of a simple condition. RC-156

157 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy apply As discussed in the sections on policy definitions and parameterization of policies, the apply command is used to execute another policy (either parameterized unparameterized) from within another policy, which allows f the reuse of common blocks of policy. When combined with the ability to parameterize common blocks of policy, the apply command becomes a powerful tool f reducing repetitive configuration. Attach Points Policies do not become useful until they are applied to routes, and f policies to be applied to routes they need to be made known to routing protocols. In BGP, f example, there are several situations where policies can be used, the most common of these is defining impt and expt policy. The policy attach point is the point where an association is fmed between a specific protocol entity, in this case a BGP neighb, and a specific named policy. It is imptant to note that a verification step happens at this point. Each time a policy is attached, the given policy, and any policies it may apply, is checked to ensure that the policy can be validly used at that attach point. F example, if a user defines a policy that sets the IS-IS level attribute and then attempts to attach this policy as an inbound BGP policy, the attempt would be rejected because BGP routes do not carry IS-IS attributes. Likewise, when policies are modified that are in use, the attempt to modify the policy is verified against all the current uses of the policy to ensure that the modification is compatible with the current uses. BGP Policy Attach Points Aggregation This section describes each of the BGP policy attach points. The aggregation attach point generates an aggregate route to be advertised based on the conditional presence of subcomponents of that aggregate. Policies attached at this attach point are also able to set any of the valid BGP attributes on the aggregated routes. F example, the policy could set a community value a MED on the aggregate that is generated. The specified aggregate will be generated if any routes evaluated by the named policy pass the policy. Me specifics of the aggregate can be filtered using the suppress-route keywd. Any actions taken to set attributes in the route will affect attributes on the aggregate. In traditional Cisco IOS route map configuration, this was controlled using three route maps: the advertise-map, the suppress-map, and the attribute-map. The advertise-map was used to select the component routes used to build various attributes of the aggregate. In the policy language this is controlled by which routes pass the policy. The suppress map was used to selectively filter suppress specific components of the aggregate when the summary-only flag is not set. In other wds, when the aggregate and me specific components are being sent, some of the me specific components can be filtered out using a suppress map. In the policy language, this is controlled by selecting the route and setting the suppress flag. The attribute-map allowed the user to set specific attributes on the aggregated route. In the policy language, setting attributes on the aggregated route is controlled by nmal action operations. In the following example, the aggregate address /8 will be generated if there are any component routes in the range /8 ge 8 le 25 except f /24. Because summary-only is not set, all components of the aggregate will be advertised. However, the specific component will be suppressed. route-policy sample RC-157

158 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software if destination in ( /8 ge 8 le 25) then set community (10:33) endif if destination in ( /24) then drop endif if destination in ( /24) then suppress-route endif end-policy router bgp 2 address-family ipv4 aggregate-address /8 policy sample... Dampening The dampening attach point controls the default route-dampening behavi within BGP. Unless overridden by a me specific policy on the associate peer, all routes in BGP will apply the associated policy to set their dampening attributes. The following policy sets dampening values f BGP IPv4 unicast routes. Those routes me specific than a /25 will take longer to recover once they have been dampened than routes that are less specific than /25. route-policy sample_damp if destination in ( /0 ge 25) then set dampening halflife 30 others default else set dampening halflife 20 others default endif end-policy router bgp 2 address-family ipv4 unicast bgp dampening policy sample_damp... Default Originate The default iginate attach point allows the default route ( /0) to be conditionally generated and advertised to a peer, based on the presence of other routes. It accomplishes this by evaluating the associated policy against routes in the Routing Infmation Base (RIB). If any routes pass the policy, the default route is generated and sent to the relevant peer. The following policy will generate and send a default-route to the BGP neighb if any routes that match /8 ge 8 le 32 are present in the RIB. route-policy sample-iginate if rib-has-route in ( /8 ge 8 le 32) then pass endif end-policy router bgp 2 neighb remote-as 3 RC-158

159 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy address-family ipv4 unicast default-iginate policy sample-iginate... Note The current implementation of default igination policy permits matching only on destination address. Neighb Expt The neighb expt attach point is used to select the BGP routes to send to a given peer group of peers. The routes are selected by running the set of possible BGP routes through the associated policy. Any routes that pass the policy are then sent as updates to the peer group of peers. The routes that are sent may have had their BGP attributes altered by the policy that has been applied. The following policy sends all BGP routes to neighb Routes that are tagged with the community 2:100 will be sent with a MED of 100 and a community of 2:666. The rest of the routes will be sent with a MED of 200 and a community of 2:200. route-policy sample-expt if community matches-any (2:100) then set med 100 set community (2:666) else set med 200 set community (2:200) endif end-policy router bgp 2 neighb remote-as 3 address-family ipv4 unicast policy sample-expt out... Neighb Impt The neighb impt attach point controls the reception of routes from a specific peer. All routes that are received by a peer are run through the attached policy. Any routes that pass the attached policy are passed to the BGP Routing Infmation Base (BRIB) as possible candidates f selection as best path routes. When a BGP impt policy is modified, it is necessary to rerun all the routes that have been received from that peer against the new policy. The modified policy may now discard routes that were previously allowed through, allow through previously discarded routes, change the way the routes have been modified. There is a new configuration option in BGP (bgp auto-policy-soft-reset) that allows this to happen automatically in cases where either soft reconfiguration is configured the BGP route-refresh capability has been negotiated. The following example receives routes from neighb Any routes received with the community 3:100 will have their local preference set to 100 and a community tag of 2:666. All other routes received from this peer will have their local preference values set to 200 and their community values set to 2:200. route-policy sample_impt if community matches-any (3:100) then set local-preference 100 set community (2:666) else RC-159

160 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software set local-preference 200 set community (2:200) endif end-policy router bgp 2 neighb remote-as 3 address-family ipv4 unicast policy sample_impt in... Netwk The netwk attach point controls the injection of routes from the RIB into BGP. A route policy attached at this point is able to set any of the valid BGP attributes on the routes that are being injected. The following is an example of a route policy attached at the netwk attach point that sets the well-known community no-expt f any routes me specific than /24: route-policy NetwkControl if destination in ( /0 ge 25) then set community (no-expt) additive endif end-policy router bgp 2 address-family ipv4 unicast netwk /27 policy NetwkControl Redistribute The redistribute attach point allows routes from other sources to be advertised by BGP. The policy attached at this point is able to set any of the valid BGP attributes on the routes that are being redistributed. Likewise, selection operats allow a user to control what route sources are being redistributed and which routes from those sources. The following example redistributes all routes from OSPF instance 12 into BGP. If OSPF was carrying a default route, it will be dropped. Routes carrying a tag of 10 will have their local preference set to 300 and the community values of 2:666 and no-advertise attached. All other routes will have their local preference set to 200 and a community value of 2:100 set. route-policy sample_redist if destination in ( /0) then drop endif if tag eq 10 then set local-preference 300 set community (2:666, no-advertise) else set local-preference 200 set community (2:100) endif end-policy router bgp 2 address-family ipv4 unicast redistribute ospf 12 policy sample_redistribute.. RC-160

161 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy Show bgp The show bgp attach point allows the user to display selected BGP routes that pass the given policy. Any routes that are not dropped by the attached policy will be displayed in a manner similar to the output of the show ip bgp command. In the following example, the show bgp route-policy command is used to display any BGP routes carrying a MED of 5. route-policy sample-display if med eq 5 then pass endif end-policy show bgp route-policy sample-display There is also a show bgp policy route-policy command, which runs all routes in the RIB past the named policy as if it were an outbound BGP policy. This command then displays what each route looked like befe it was modified and after it was modified, as shown in the following example: RP/0/0/CPU0:router# show rpl policy test2 route-policy test2 if (destination in ( /8 ge 8 le 32)) then set med 333 endif end-policy RP/0/0/CPU0:router# show bgp BGP router identifier , local AS number 2 BGP main routing table version 11 BGP scan interval 60 secs Status codes:s suppressed, d damped, h histy, * valid, > best i - internal, S stale Origin codes:i - IGP, e - EGP,? - incomplete Netwk Next Hop Metric LocPrf Weight Path *> ? *> / ? *> / ? *> / ? *> / ? *> / ? *> / ? *> / ? *> / e *> / e... RP/0/0/CPU0:router# show bgp policy route-policy test /8 is advertised to Path info: neighb: neighb router id: valid external best Attributes after inbound policy was applied: next hop: MET ORG AS igin:incomplete neighb as:3 metric:10 aspath:3 Attributes after outbound policy was applied: RC-161

162 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software next hop: MET ORG AS igin:incomplete neighb as:3 metric:333 aspath: Table Policy OSPF Policy Attach Points Default Originate The table policy attach point allows the user to configure traffic-index values on routes as they are installed into the global routing table. This attach point suppts the BGP policy accounting feature. BGP policy accounting uses the traffic indexes that are set on the BGP routes to track various counters. This way, router operats can select different sets of BGP route attributes using the matching operations and then set different traffic indexes f each different class of route they are interested in tracking. The following example sets the traffic index to 10 in IPv4 unicast routes that iginated from autonomous system 10. Likewise, any IPv4 unicast routes that iginated from autonomous system 11 will have their traffic index set to 11 when they are installed into the FIB. These traffic indexes can then be used to count traffic being fwarded on these routes in line cards by enabling the BGP policy accounting counters on the interfaces of interest. route-policy sample-table if as-path iginates-from 10 then set traffic-index 10 elseif as-path iginates-from 11 then set traffic-index 11 endif end-policy router bgp 2 address-family ipv4 unicast table-policy sample-table... This section describes each of the OSPF policy attach points. The default iginate attach point allows the user to conditionally inject the default route /0 into the OSPF link-state database, which is done by evaluating the attached policy. If any routes in the local RIB pass the policy, then the default route is inserted into the link-state database. The following example generates a default route if any of the routes that match /8 ge 8 le 25 are present in the RIB: route-policy ospf-iginate if rib-has-route in ( /8 ge 8 le 25) then pass endif end-policy router ospf 1 default-infmation iginate policy ospf-iginate... RC-162

163 Implementing Routing Policy on Cisco IOS-XR Software Infmation About Implementing Routing Policy Redistribute The redistribute attach point within OSPF injects routes from other routing protocol sources into the OSPF link-state database, which is done by selecting the route types it wants to impt from each protocol. It then sets the OSPF parameters of cost and metric type. The policy can control how the routes are injected into OSPF by using the set level command. The following example redistributes routes from IS-IS instance instance_10 into OSPF instance 1 using the policy OSPF-redist. The policy sets the metric type to type-2 f all redistributed routes. IS-IS routes with a tag of 10 will have their cost set to 100, and IS-IS routes with a tag of 20 will have their OSPF cost set to 200. Any IS-IS routes not carrying a tag of either will not be redistributed into the OSPF link-state database. route-policy OSPF-redist set metric-type type-2 if tag eq 10 then set cost 100 elseif tag eq 20 then set cost 200 else drop endif end-policy router ospf 1 redistribute isis instance_10 policy OSPF-redist... IS-IS Policy Attach Points Redistribute This section describes each of the IS-IS policy attach points. The redistribute attach point within IS-IS allows routes from other protocols to be readvertised by IS-IS. The policy is a set of control structures f selecting the types of routes that a user wants to redistribute into IS-IS. The policy can also control which IS-IS level the routes are injected into and at what metric values. The following example redistributes routes from IS-IS instance 1 into IS-IS instance instance_10 using the policy ISIS-redist. This policy sets the level to level-1-2 f all redistributed routes. OSPF routes with a tag of 10 will have their metric set to 100, and IS-IS routes with a tag of 20 will have their IS-IS metric set to 200. Any IS-IS routes not carrying a tag of either will not be redistributed into the IS-IS database. route-policy ISIS-redist set level level-1-2 if tag eq 10 then set metric 100 elseif tag eq 20 then set metric 200 else drop endif end-policy router isis instance_10 address-family ipv4 unicast RC-163

164 Infmation About Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software redistribute ospf 1 policy ISIS-redist... Attached Policy Modification Policies that are in use will, on occasion, need to be modified. In the traditional configuration model, a policy modification would be done by completely removing the policy and reentering it. However, this model allows f a window of time in which no policy is attached and default actions to be used, which is an opptunity f inconsistencies to exist. To close this window of opptunity, you can modify a policy in use at an attach point by respecifying it, which allows f policies that are in use to be changed, without having a window of time where no policy is applied at the given attach point. Note A route policy set that is in use at an attach point cannot be removed, because this removal would result in an undefined reference. An attempt to remove a route policy set that is in use at an attach point will result in an err message to the user. Nonattached Policy Modification As long as a given policy is not attached at an attach point, the policy is allowed to refer to nonexistent sets and policies. Configurations can be built that reference sets policy blocks that are not yet defined, and then later those undefined policies and sets can be filled in. This method of building configurations gives much greater flexibility in policy definition. Every piece of policy you want to reference while defining a policy need not exist in the configuration. Thus you can define a policy sample1 that references the policy sample2 via an apply statement even if the policy sample2 does not exist. Similarly, you can enter a policy statement that refers to a nonexistent set. However, the existence of all referenced policies and sets is enfced when a policy is attached. Thus, if a user attempts to attach the policy sample1 with the reference to an undefined policy sample2 at an inbound BGP policy using the statement neighb address-family ipv4 unicast policy sample1 in, the configuration attempt will be rejected because the policy sample2 does not exist. Editing Routing Policy Configuration Elements RPL is based on statements rather than on lines. That is, within the begin-end pair that brackets policy statements from the CLI, a new line is merely a separat, on a par with a space character. The CLI provides the means to enter and delete route policy statements. RPL provides a means to edit the contents of the policy between the begin-end brackets using a microemacs edit. To edit the contents of a routing policy, use the following CLI command in EXEC mode: edit {route-policy prefix-set as-path-set community-set extended-community-set} name A copy of the route policy is copied to a tempary file and the edit is launched. After editing, save the changes by using the save-buffer command, ^X^S (Control-X Control-S). To exit the edit, use the quit command, ^X^C. When you quit the edit, the policy object will be parsed. If there are no parse errs, a disposition query is displayed: Successful parse of edited config. Commit configuration? ( yes no ): RC-164

165 Implementing Routing Policy on Cisco IOS-XR Software How to Implement Routing Policy If you answer yes, the configuration is committed to the router. If you answer no, you are asked whether editing should continue: Continue editing? ( yes no ): If you answer yes, the edit continues on the text buffer from where you left off. If you answer no, the running configuration is not changed and the editing session is ended. If there is a syntax err in the policy object, the following query is displayed: parse err in edited config. Continue editing? ( yes no ): If you answer yes, the editing process is resumed. If you answer no, the candidate configuration element is abandoned. How to Implement Routing Policy This section contains the following procedures: Defining a Route Policy, page RC-166 (required) Attaching a Routing Policy to a BGP Neighb, page RC-167 (required) Modifying a Routing Policy Using the Microemacs Edit, page RC-168 (optional) RC-165

166 How to Implement Routing Policy Implementing Routing Policy on Cisco IOS-XR Software Defining a Route Policy This task explains how to define a route policy. Note If you want to modify an existing routing policy using the command-line interface (CLI), you must redefine the policy by completing this task. SUMMARY STEPS 1. configure 2. route-policy name 3. end-policy 4. end commit DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 RP/0/RP0/CPU0:router# configure route-policy name RP/0/RP0/CPU0:router(config)# route-policy sample1 end-policy RP/0/RP0/CPU0:router(config-rpl)# end-policy end commit RP/0/RP0/CPU0:router(config)# end RP/0/RP0/CPU0:router(config)# commit Configures a route policy and enters route-policy configuration mode. Once the policy has been created, a group of commands can be entered to define the policy. Ends the definition of a route policy and exits route-policy configuration mode. Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. RC-166

167 Implementing Routing Policy on Cisco IOS-XR Software How to Implement Routing Policy Attaching a Routing Policy to a BGP Neighb This task explains how to attach a routing policy to a BGP neighb. The procedure to attach a routing policy to an IS-IS OSPF neighb is the same as BGP, except that the commands and applicable arguments will vary. Prerequisites SUMMARY STEPS DETAILED STEPS A routing policy must be preconfigured and well defined pri to it being applied at an attach point. If a policy is not predefined, an err message is generated stating that the policy is not defined. 1. configure 2. router bgp as-number 3. address-family {ipv4 ipv6} {multicast unicast} 4. neighb ip-address 5. policy policy-name {in out} 6. exit 7. end commit Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 RP/0/RP0/CPU0:router# configure router bgp as-number RP/0/RP0/CPU0:router(config)# router bgp 125 address-family {ipv4 ipv6} {multicast unicast} RP/0/RP0/CPU0:router(config-router)# address-family ipv4 unicast Configures a BGP routing process and enters router configuration mode. The as-number argument identifies the autonomous system in which the router resides. Valid values are from 0 to Private autonomous system numbers that can be used in internal netwks range from to Specifies the address family, the version of IP that is in use, and either multicast unicast. Enters address family configuration mode. RC-167

168 How to Implement Routing Policy Implementing Routing Policy on Cisco IOS-XR Software Step 4 Command Action neighb ip-address Purpose Specifies a neighb IP address. Step 5 Step 6 RP/0/RP0/CPU0:router(config-router-af)# neighb policy policy-name {in out} RP/0/RP0/CPU0:router(config-router-af)# policy example1 in exit Attaches the policy, which must be well fmed and predefined. Exits address family configuration mode. Step 7 RP/0/RP0/CPU0:router(config-router-af)# exit end commit RP/0/RP0/CPU0:router(config-router)# end RP/0/RP0/CPU0:router(config-router)# commit Saves configuration changes. When you issue the end command, the system will prompt you to commit changes: Uncommitted changes found. Commit them? Entering yes will save configuration changes to the running configuration file, exit the configuration session, and return the router to EXEC mode. Entering no will exit the configuration session and return the router to EXEC mode without committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Modifying a Routing Policy Using the Microemacs Edit This task explains how to modify an existing routing policy using the microemacs edit. SUMMARY STEPS 1. edit {route-policy prefix-set as-path-set community-set extended-community-set} name 2. show rpl policy name [detail] 3. show rpl prefix-set name RC-168

169 Implementing Routing Policy on Cisco IOS-XR Software Configuration Examples f Implementing Routing Policy DETAILED STEPS Command Action Step 1 edit {route-policy prefix-set as-path-set community-set extended-community-set} name Step 2 Step 3 RP/0/RP0/CPU0:router# edit route-policy sample1 show rpl policy name [detail] RP/0/RP0/CPU0:router# show rpl policy sample2 show rpl prefix-set name RP/0/RP0/CPU0:router# show rpl prefix-set prefixset1 Purpose Identifies the route policy, prefix set, AS-path set, community set, extended community set name to be modified. A copy of the route policy, prefix set, AS-path set, community set, extended community set is copied to a tempary file and the microemacs edit is launched. When you finish editing the policy set, save the changes by using the save-buffer command, ^X^S (Control-X Control-S). Follow the prompts to commit the changes to the router. To exit the edit, use the quit command, ^X^C. (Optional) Displays the configuration of a specific named route policy. Use the detail keywd to display all policies and sets that a policy uses. (Optional) Displays the contents of a named prefix set. To display the contents of a named AS-path set, community set, extended community set, replace the prefix-set keywd with as-path-set, community-set, extcommunity-set, respectively. Configuration Examples f Implementing Routing Policy This section provides the following configuration examples: Routing Policy Definition: Example, page RC-169 Simple Inbound Policy: Example, page RC-170 Modular Inbound Policy: Example, page RC-171 Translating Cisco IOS Route Maps to Cisco IOS-XR Routing Policy Language: Example, page RC-172 Routing Policy Definition: Example In the following example, a BGP route policy named sample1 is defined using the route-policy name command. The policy compares the netwk layer reachability infmation (NLRI) to the elements in the prefix set test. If it evaluates to true, the policy perfms the operations in the then clause. If it evaluates to false, the policy perfms the operations in the else clause, that is, sets the MED value to 200 and adds the community 2:100 to the route. The final steps of the example commit the configuration to the router, exit configuration mode, and display the contents of route policy sample1. configure route-policy sample1 if destination in test then drop else RC-169

170 Configuration Examples f Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software set med 200 set community (2:100) endif end-policy end show config running route-policy sample1 Building configuration... route-policy sample1 if destination in test then drop else set metric 200 set community (2:100) endif end-policy Simple Inbound Policy: Example The following policy discards any route whose NLRI specifies a prefix longer than slash-24, and any route whose NLRI specifies a destination in the address space reserved by RFC F all remaining routes, it sets the MED and local preference, and adds a community to the list in the route. F routes whose community lists include any of the values in the range from 101:202 to 106:202 that have a 16-bit tag ption containing the value 202, the policy prepends autonomous system number 2 twice, and adds the community 2:666 to the list in the route. Of these routes, if the MED is either , then the policy sets the igin of the route to incomplete, and otherwise sets the igin to IGP. F routes whose community lists do not include any of the values in the range from 101:202 to 106:202, the policy adds the community 2:999 to the list in the route. prefix-set too-specific /0 ge 25 le 32 end-set prefix-set rfc /8 le 32, /12 le 32, /16 le 32 end-set community-set prepend2 100:202, 101:202, 102:202, 103:202, 104:202, 105:202, 106:202 end-set route-policy inbound-tx(lpref) if destination in too-specific destination in rfc1918 then drop endif set med 1000 set local-preference $lpref set community (2:1001) additive if community matches-any prepend2 then prepend as-path 2 2 set community (2:666) additive RC-170

171 Implementing Routing Policy on Cisco IOS-XR Software Configuration Examples f Implementing Routing Policy if med eq 666 med eq 225 then set igin incomplete else set igin igp endif else set community (2:999) additive endif end-policy router bgp 2 neighb address-family ipv4 unicast policy inbound-tx in Modular Inbound Policy: Example The following policy example builds two inbound policies, in-100 and in-101, f two different peers. In building the specific policies f those peers, it reuses some common blocks of policy that may be common to multiple peers. It builds a few basic building blocks, the policies common-inbound, filter-bogons, and set-lpref-prepend. The filter-bogons building block is a simple policy that will filter all undesirable routes such as those from the RFC 1918 address space. The policy set-lpref-prepend is a utility policy that can set the local preference and prepend the AS-path accding to parameterized values that are passed in. The common-inbound policy uses these building block filter-bogons to build a common block of inbound policy. The common-inbound policy is used as a building block in the construction of in-100 and in-101 along with the set-lpref-prepend building block. This is a simple example that illustrates the modular capabilities of the policy language. prefix-set bogon /8 ge 8 le 32, , /0 ge 27 le 32, /16 ge 16 le 32 end-set route-policy in-100 apply common-inbound if community matches-any (100:2) then apply set-lpref-prepend (100,100,2) set community (2:1234) additive else set local-preference 110 endif if community matches-any (100:666, 1000:999) then set med 444 set local-preference 200 set community (no-expt) additive endif end-policy route-policy in-101 apply common-inbound if community matches-any (101:2) then apply set-lpref-prepend(100,101,2) set community (2:1234) additive else set local-preference 125 endif end-policy RC-171

172 Configuration Examples f Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software route-policy filter-bogons if destination in bogon then drop else pass endif end-policy route-policy common-inbound apply filter-bogons set igin igp set community (2:333) end-policy route-policy set-lpref-prepend($lpref,$as,$prependcnt) set local-preference $lpref prepend as-path $as $prependcnt end-policy Translating Cisco IOS Route Maps to Cisco IOS-XR Routing Policy Language: Example Consider the following route maps, prefix lists, and community lists. We will show four different translations into the routing policy language, continually using me capabilities of the language to reduce the amount of configuration needed. This example steps you through using several of the features of the language to modularize the configuration. Decide what you should modularize and whether you should modularize specific ptions in the context of how that particular piece of policy will be used. You cannot use both RPL and old policy (including route maps and access control lists) at the same attach point. F example, the following configuration would be invalid: router bgp 2 neighb address-family ipv4 unicast policy rpl0 in route-map rm0 in However, this configuration would be valid: router bgp 2 neighb address-family ipv4 unicast policy rpl0 in route-map rm0 out neighb address-family ipv4 unicast policy rpl1 out In the following example, a route map is translated to the policy language while retaining the redundant operations: Original Route Map Configuration ip prefix-list permit /16 le permit /19 le permit /24 40 permit /24 50 permit /24 RC-172

173 Implementing Routing Policy on Cisco IOS-XR Software Configuration Examples f Implementing Routing Policy 60 permit /21 70 permit /21 ip prefix-list permit /16 le permit /19 le permit /24 40 permit /24 50 permit /24 60 permit /21 70 permit /21 ip community-list 1 10 permit 10:11 ip community-list 2 10 permit 10:12 ip community-list 3 10 permit 10:13 ip community-list 4 10 permit 10:14 route-map sample1-translation-1 permit 10 match ip address prefix-list 101 match community 1 set community 12:34 additive set metric 11 route-map sample1-translation-1 permit 20 match ip address prefix-list 101 match community 2 set metric 12 set community 12:34 additive route-map sample1-translation-1 permit 30 match ip address prefix-list 101 match community 3 set metric 13 set community 12:34 additive route-map sample1-translation-1 permit 40 match ip address prefix-list 101 match community 4 set metric 14 set community 12:34 additive route-map sample1-translation-1 permit 50 match ip address prefix-list 101 set metric 100 set community 12:34 additive route-map sample2-translation-1 permit 10 match ip address prefix-list 102 match community 1 set community 12:35 additive set metric 11 route-map sample2-translation-1 permit 20 match ip address prefix-list 102 match community 2 set metric 12 set community 12:35 additive route-map sample2-translation-1 permit 30 match ip address prefix-list 102 match community 3 set metric 13 RC-173

174 Configuration Examples f Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software set community 12:35 additive route-map sample2-translation-1 permit 40 match ip address prefix-list 102 match community 4 set metric 14 set community 12:35 additive route-map sample2-translation-1 permit 50 match ip address prefix-list 102 set metric 100 set community 12:35 additive A Simple Translation A simple translation of this route map configuration to the policy language would retain the redundant operations, as shown in the following example: prefix-set ps /16 le /19 le / / / / /21 end-set prefix-set ps /16 le /19 le / / / / /21 end-set community-set cs1 10:11 end-set community-set cs2 10:12 end-set community-set cs3 10:13 end-set community-set cs4 10:14 end-set route-policy sample1-translation-1a if destination in ps101 and community matches-any cs1 then set med 11 set community 12:34 additive elseif destination in ps101 and community matches-any cs2 then set med 12 set community 12:34 additive elseif destination in ps101 and community matches-any cs3 then set med 13 set community 12:34 additive elseif destination in ps101 and community matches-any cs4 then RC-174

175 Implementing Routing Policy on Cisco IOS-XR Software Configuration Examples f Implementing Routing Policy set med 14 set community 12:34 additive elseif destination in ps101 set med 100 set community 12:34 additive endif end-policy route-policy sample2-translation-1a if destination in ps102 and community matches-any cs1 then set med 11 set community (12:35) additive elseif destination in ps102 and community matches-any cs2 then set med 12 set community (12:35) additive elseif destination in ps102 and community matches-any cs3 then set med 13 set community (12:35) additive elseif destination in ps102 and community matches-any cs4 then set med 14 set community (12:35) additive elseif destination in ps102 set med 100 set community (12:35) additive endif end-policy Nest Conditionals to Reduce Repetitive Comparisons Common operations can be coalesced by nesting the conditionals, testing the destination address only once, and setting the community only once, as shown in the following example: prefix-set ps /16 le /19 le / / / / /21 end-set prefix-set ps /16 le /19 le / / / / /21 end-set community-set cs1 10:11 end-set community-set cs2 10:12 end-set community-set cs3 10:13 end-set RC-175

176 Configuration Examples f Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software community-set cs4 10:14 end-set route-policy sample1-translation-1b if destination in ps101 then set community (12:34) additive if community matches-any cs1 then set med 11 elseif community matches-any cs2 then set med 12 elseif community matches-any cs3 then set med 13 elseif community matches-any cs4 then set med 14 else set med 100 endif endif end-policy route-policy sample2-translation-1b if destination in ps102 then set community (12:35) additive if community matches-any cs1 then set med 11 elseif community matches-any cs2 then set med 12 elseif community matches-any cs3 then set med 13 elseif community matches-any cs4 then set med 14 else set med 100 endif endif end-policy Use Inline Sets to Remove Small Indirect Set References Because the community comparisons are quite simple, we can replace the named community set references with direct inline references, thus eliminating the need to define four community sets, each of which contains only one community value. These replacements leave two prefix sets and two policies, as follows: prefix-set ps /16 le /19 le / / / / /21 end-set prefix-set ps /16 le /19 le / / / / /21 end-set RC-176

177 Implementing Routing Policy on Cisco IOS-XR Software Configuration Examples f Implementing Routing Policy route-policy sample1-translation-1c if destination in ps101 then set community (12:34) additive if community matches-any (10:11) then set med 11 elseif community matches-any (10:12) then set med 12 elseif community matches-any (10:13) then set med 13 elseif community matches-any (10:14) then set med 14 else set med 100 endif endif end-policy route-policy sample2-translation-1c if destination in ps101 then set community (12:34) additive if community matches-any (10:11) then set med 11 elseif community matches-any (10:12) then set med 12 elseif community matches-any (10:13) then set med 13 elseif community matches-any (10:14) then set med 14 else set med 100 endif endif end-policy Take Advantage of Parameterization to Reuse Common Structures The following example takes advantage of the ability to parameterize common structures and create a common parameterized policy (sample-translation-common) that is reused: prefix-set ps /16 le /19 le / / / / /21 end-set prefix-set ps /16 le /19 le / / / / /21 end-set route-policy sample-translation-common(tag) set community (12:$tag) additive if community matches-any (10:11) then set med 11 RC-177

178 Configuration Examples f Implementing Routing Policy Implementing Routing Policy on Cisco IOS-XR Software elseif community matches-any (10:12) then set med 12 elseif community matches-any (10:13) then set med 13 elseif community matches-any (10:14) then set med 14 else set med 100 endif end-policy route-policy sample1-translation-1d if destination in ps101 then apply sample-translation-common (34) pass endif end-policy route-policy sample2-translation-1d if destination in ps102 then apply sample-translation-common (35) pass endif end-policy RC-178

179 Implementing Routing Policy on Cisco IOS-XR Software Additional References Additional References The following sections provide references related to implementing RPL. Related Documents Related Topic Routing policy language commands Document Title Routing Policy Language Commands on Cisco IOS-XR Software RFCs RFCs RFC 1771 Title A Bder Gateway Protocol 4 (BGP-4) This document is obsolete. Although it is the approved standard f BGP, and me recent drafts are not yet approved, the latter are me crect. Technical Assistance Description Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even me content. Link RC-179

180 Glossary Implementing Routing Policy on Cisco IOS-XR Software Glossary AS-set An undered set of autonomous systems a route in the update message has traversed. An AS-set implies that the destinations listed in the NLRI can be reached through paths that traverse at least some of the constituent autonomous systems. as-sets provide sufficient infmation to avoid routing infmation looping; however their use may prune potentially feasible paths, since such paths are no longer listed individually as in the fm of AS_SEQUENCEs. AS_SEQUENCE From RFC 1771, an dered set of autonomous systems a route in the update message has traversed. attach point Any location in the configuration that will trigger execution of a policy. Attach points create the binding between a definition of a policy and where it will be used. An example attach point would be the neighb statement in BGP configuration of the fm: neighb ipv4 unicast policy my_policy in. This statement creates a binding between the policy named my_policy and BGP. BGP will execute this policy f each ipv4 unicast route received from the BGP peer BRIB BGP Routing Infmation Base. It is the set of BGP best paths that will be fwarded to the global RIB on the router. FIB Fwarding Infmation Base. This is the set of routes that the router uses to actually fward packets with. It is a subset of the RIB. parameter A user-defined argument to a parameterized policy. parameterized policy A policy that is defined to take one me parameters as arguments. These values f these parameters are defined when the parametrized policy is applied using the apply statement. The parameters are filled in as arguments following the name of the policy to be applied. Within the parameterized policy, the values of the parameters are dereferenced by placing the $ character in front of the parameter name. This instructs the compiler to insert the value of the respective named parameter into the policy. policy block A group of policy statements beginning with the route-policy keywd and ending with the end-policy keywd. policy reposity A process that is responsible f verifying policies and then compiling an entered policy into a fm that the execution engine can understand and process. RIB Routing Infmation Base. This is the set of all candidate routes from each of the protocol sources on the router. Route selection in the RIB produces the FIB that is then passed along f use by the fwarding software and hardware. Note Refer to Internetwking Terms and Acronyms f terms not included in this glossary. g y g Cisco Systems, Inc.; Changing the Way We Wk, Live, Play, and Learn, and iquick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwk Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scecard, LightStream, Linksys, MeetingPlace, MGX, the Netwkers logo, Netwking Academy, Netwk Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/ its affiliates in the United States and certain other countries. All other trademarks mentioned in this document Website are the property of their respective owners. The use of the wd partner does not imply a partnership relationship between Cisco and any other company. (0403R) Copyright 2004 Cisco Systems, Inc. All rights reserved. RC-180

181 Implementing Static Routes on Cisco IOS-XR Software Comparison of Cisco IOS Static Routes and Cisco IOS-XR Static Routes Static routes are user-defined routes that cause packets moving between a source and a destination to take a specified path. Static routes can be imptant if the Cisco IOS-XR software cannot build a route to a particular destination. They are useful f specifying a gateway of last rest to which all unroutable packets will be sent. In Cisco IOS-XR software, you execute the route ipv4 route ipv6 command in global configuration mode to configure static routes, instead of the ip route ipv6 route command. F infmation on configuring static routes, refer to the following document: Cisco IOS IP Configuration Guide, Release 12.2, Configuring IP Routing Protocol-Independent Features chapter: 1cfindep.htm g y g Cisco Systems, Inc.; Changing the Way We Wk, Live, Play, and Learn, and iquick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwk Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scecard, LightStream, Linksys, MeetingPlace, MGX, the Netwkers logo, Netwking Academy, Netwk Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/ its affiliates in the United States and certain other countries. All other trademarks mentioned in this document Website are the property of their respective owners. The use of the wd partner does not imply a partnership relationship between Cisco and any other company. (0403R) Cpate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA USA Copyright 2004 Cisco Systems, Inc. All rights reserved.