Huawei Technologies Co., Ltd. 1

The privilege of HCNA/HCNP/HCIE:
With any Huawei Career Certification, you have the privilege on http://learning.huawei.com/en to enjoy:
 1、Comprehensive E-Learning Courses
e n
Content：All Huawei Career Certification E-Learning courses / m
o


.c
Methods to get the E-learning privilege : submit Huawei Account and email being used for Huawei Account
registration to Learning@huawei.com . e i
a w
 2、 Training Material Download u
h training material
Content: Huawei product training material and Huawei career certification g .
n

Method：Logon http://learning.huawei.com/en and enter HuaWei n iTraining/Classroom Training ,then you can
r

download training material in the specific training introduction a

le page.
3、 Priority to participate in Huawei Online Open Class(LVC) /

: /
 Content：The Huawei career certification training covering
t p all ICT technical domains like R&S, UC&C, Security,
Storage and so on, which are conducted by Huawei ht professional instructors
Method：The plan and participate methodsplease : refer to LVC Open Courses Schedule
ce

 4、Learning Tool: eNSP

u r
eNSP (Enterprise Network SimulationoPlatform) is a graphical network simulation tool which is developed by

e s
Huawei and free of charge. eNSP R mainly simulates enterprise routers, switches as close to the real hardware as
it possible, which makes the n glab practice available and easy without any real device.
n iup Huawei Technical Forum which allows candidates to discuss technical issues with

r
In addition, Huawei has built
aexam
Huawei experts , share
L e experiences with others or be acquainted with Huawei Products(
e
http://support.huawei.com/ecommunity/）
r
Mo
HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential 1

e n
m/
c o
i .
we

ua
g.h

in

r n
e a

/ l

:/

ttp
h

s :

c e
u r

s o

Re

n g
ni
a r
Le !
re
Mo
SDJH
)UV_XOMNZj.[G]KO:KINTURUMOKY)U2ZJ'RRXOMNZYXKYKX\KJ
4UVGXZULZNOYJUI[SKTZSG_HKXKVXUJ[IKJUX
ZXGTYSOZZKJOTGT_LUXSUXH_GT_SKGTY]OZNU[ZVXOUX]XOZZKT
IUTYKTZUL.[G]KO:KINTURUMOKY)U2ZJ
:XGJKSGXQYGTJ6KXSOYYOUTY
e n
m/
c o
GTJUZNKX.[G]KOZXGJKSGXQYGXKZXGJKSGXQYUL.[G]KO
i .
e
:KINTURUMOKY )U 2ZJ 'RR UZNKX ZXGJKSGXQY GTJ ZXGJK TGSKY
w
SKTZOUTKJ OT ZNOY JUI[SKTZ GXK ZNK VXUVKXZ_ UL ZNKOX
ua
XKYVKIZO\KNURJKXY
. h
4UZOIK
n g
n i
ar
:NK OTLUXSGZOUT OT ZNOY JUI[SKTZ OY Y[HPKIZ ZU INGTMK
le
]OZNU[ZTUZOIK+\KX_KLLUXZNGYHKKTSGJKOTZNKVXKVGXGZOUT
/ /
UL ZNOY JUI[SKTZ ZU KTY[XK GII[XGI_ UL ZNK IUTZKTZY H[Z GRR
:
tp
YZGZKSKTZY OTLUXSGZOUT GTJ XKIUSSKTJGZOUTY OT ZNOY
UXOSVROKJ h t
JUI[SKTZJUTUZIUTYZOZ[ZKZNK]GXXGTZ_ULGT_QOTJK^VXKYY
s :

c e
u r

s o
Re
i ng
n
ar
.[G]KO)KXZOLOIGZOUT
Le .)*6/+84/SVRKSKTZOTM+TZKXVXOYK8U[ZOTM
re
Mo 4KZ]UXQ
+JOZOUT
SDJH
Huawei Certification System
8KRG_OTM UT OZY YZXUTM ZKINTOIGR GTJ VXULKYYOUTGR ZXGOTOTM Y_YZKS

GIIUXJOTM ZU JOLLKXKTZ I[YZUSKXY GZ JOLLKXKTZ RK\KRY UL /): ZKINTURUM_
.[G]KO IKXZOLOIGZOUT OY IUSSOZZKJ ZU VXU\OJK I[YZUSY ]OZN G[ZNKTZOI
VXULKYYOUTGRIKXZOLOIGZOUT
(GYKJ UT INGXGIZKXOYZOIY UL /): ZKINTURUMOKY GTJ I[YZUSKXYȑTKKJY GZ
e n
JOLLKXKTZ RK\KRY .[G]KO IKXZOLOIGZOUT VXU\OJKY I[YZUSKXY ]OZN
m /
IKXZOLOIGZOUTY_YZKSULLU[XRK\KRY
c o
.)*' .[G]KO )KXZOLOIGZOUT *GZGIUS 'YYUIOGZK OY VXOSGX_ LUX /6 .
e i
TKZ]UXQSGOTZKTGTIKKTMOTKKXYGTJGT_UZNKXY]NU]GTZZURKGXTZNK/6
a w
u
TKZ]UXQQTU]RKJMK.)*'IKXZOLOIGZOUTIU\KXYZNK:)6/6HGYOIYXU[ZOTM
h
.
Y]OZINOTM GTJ UZNKX IUSSUT LU[TJGZOUTGR QTU]RKJMK UL /6 TKZ]UXQY
g
ZUMKZNKX ]OZN .[G]KO IUSS[TOIGZOUTY VXUJ[IZY \KXYGZORK
VRGZLUXS<86INGXGIZKXOYZOIYGTJHGYOISGOTZKTGTIK
in XU[ZOTM
r n
a
.)*6.[G]KO)KXZOLOIGZOUT*GZGIUS6XULKYYOUTGR+TZKXVXOYKOYGOSKJGZ
e TKZ]UXQ JKYOMT
KTZKXVXOYKIRGYY TKZ]UXQ SGOTZKTGTIK KTMOTKKXY
/ l
/
KTMOTKKXYGTJGT_UZNKXY]NU]GTZZUOTJKVZNMXGYVXU[ZOTMY]OZINOTM
:
p
TKZ]UXQGJP[YZSKTZGTJUVZOSO`GZOUTZKINTURUMOKY.)*6+TZKXVXOYKOY
/SVRKSKTZOTM+TZKXVXOYK 8U[ZOTM h tt
IUTYOYZUL/+94/SVRKSKTZOTM+TZKXVXOYK9]OZIN4KZ]UXQY/+84
4KZ]UXQY GTJ /+46 /SVXU\OTM
s
+TZKXVXOYK 4KZ]UXQVKXLUXSGTIK: ]NOIN OTIR[JKY GJ\GTIKJ /6\
e
XU[ZOTM GTJ Y]OZINOTMZKINTURUM_VXOTIOVRK/6ZKINTURUM_ULTKZ]UXQ
c
.[G]KOVXUJ[IZY u
r
YKI[XOZ_NOMNG\GORGHOROZ_GTJ7UYGY]KRRGYZNKOSVRKSKTZGZOUTOT
s o /TZKXTKZ]UXQ +^VKXZ OY JKYOMTKJ ZU KTJ[K

ReG \GXOKZ_ UL /6 TKZ]UXQ ZKINTURUM_ GTJ VXULOIOKTI_ OT
.)/+ .[G]KO )KXZOLOKJ
KTMOTKKXY ]OZN
n g JOGMTUYZOIY GTJ ZXU[HRKYNUUZOTM UL .[G]KO VXUJ[IZY

SGOTZKTGTIK
]NOINi
r n KW[OVY ZNK KTMOTKKXY ]OZN IUSVKZKTIK OT VRGTTOTM JKYOMT GTJ
e a
UVZOSO`GZOUTULRGXMKYIGRK/6TKZ]UXQ

L
re
Mo
Mo
re
Proposed Advanced Necessary advanced
Le
relationship relationship
ar
n
ICT Career Certification
i ng
Routing & Switching WLAN Wireless Transmission Security UC&C VC Cloud Storage ICT Convergence
Design
R e s
HCNA(HCDA)
uo
r c e s
HCNA- HCNA- HCNA- HCNA- HCNA- HCNA- HCNA- HCNA- HCNA- HCNA-
:
WLAN LTE Transmission Security UC CC VC Cloud Storage Design
Associate
h ttp
:/
HCNP-R&S
H HCNP-Carrier HCNP- HCNP- HCNP- HCNP- HCNP- HCNP- HCNP- HCNP- HCNP- HCNP-
/
(HCDP) (HCDP-Carrier) WLAN LTE Transmission Security UC CC VC Cloud Storage Design
le a
Professional
r n in g
HCIE- HCIE- HCIE-

HCIE- HCIE- HCIE- HCIE- HCIE- HCIE- HCIE- HCIE- HCIE-
.
R&S Carrier Transmissio

h
WLAN LTE Security UC CC VC Cloud Storage Design

n
Expert
ua we
i
HCAr
.c
Architect
om / e n

͑ ͑
"!
5[ZROTK
:NOYHUUQVXKYKTZYZXGOTOTMIU[XYKYLUX.)*6/+84ZGXMKZOTMG[JOKTIK
XGTMOTM LXUS RKGXTKXY VXKVGXOTM LUX ZNK .)*6/+84 K^GSOTGZOUT ZU

e n
XKGJKXY]OYNOTMTUZUTR_ZUIUSVXKNKTJVXOTIOVRKYULIUSSUTXU[ZOTM
m/
VXUZUIURY H[Z GRYU ZU [TJKXYZGTJ OSVRKSKTZGZOUTY UL ZNKYK XU[ZOTM
c o
VXUZUIURYOTZNK.[G]KO<KXYGZORK8U[ZOTM6RGZLUXS<86
i .
w e
)UTZKTZ
u a
.
:NOYHUUQOYIUSVUYKJULfiveSUJ[RKYZNGZOTZXUJ[IKZNKVXOTIOVRKY h
g
nXU[ZKX YKXOKY
i
ULIUSSUTXU[ZOTMVXUZUIURYIUTLOM[XGZOUTYULZNKYKVXUZUIURYOTZNK
r n
<86 GTJ INGXGIZKXOYZOIY GTJ GVVROIGZOUTY UL ZNK .[G]KO
e a
YZGXZOTMLXUSZNKHGYOIIUTIKVZYZU]GXJYZNKSUXKJKZGORKJUTKY
/ l Y[HTKZ JO\OYOUT GTJ

3UJ[RK OTZXUJ[IKY /6\ GJJXKYY VRGTTOTM
:/ GTJ
tp
]ORRNKRV_U[IUTYUROJGZKHGYOIQTU]RKJMK
h t
3UJ[RKYY_YZKSGZOIGRR_JKYIXOHKUVKXGZOTMVXOTIOVRKYULUTKZ_VOIGR
s : GTJ ZNK (UXJKX -GZK]G_ 6XUZUIUR

/TZKXTGR -GZK]G_ 6XUZUIUR 596,
(-6
c e
u rSUJ[RKY JKYIXOHK ZNK IUTLOM[XGZOUTY GTJ
/T GJJOZOUT ZNKYK
s o
Re
OSVRKSKTZGZOUTYULZNKYKVXUZUIURYOTZNK<86]NOIN]ORRGYYOYZ_U[OT
IUSVXKNKTYO\KR_[TJKXYZGTJOTM/6\XU[ZOTMVXUZUIURY
g
3UJ[RKn VXU\OJKY \GXOU[Y IGYK YZ[JOKY ZU ORR[YZXGZK NU] ZU LRK^OHR_
ni S[RZOVRK ZUURY ZU KTGHRK XU[ZOTM IUTZXUR GTJ YKRKIZOUT ]NOIN
r GYYOYZ _U[ OT OSVXU\OTM YQORRY OT IUSVXKNKTYO\KR_ VRGTTOTM GTJ
KSVRU_
a
LeLRK^OHR_JKVRU_OTMXU[ZOTMVXUZUIURY
]ORR
re
Mo 3UJ[RKHXOKLR_OTZXUJ[IKYHGYOIOTLUXSGZOUTGHU[ZS[RZOIGYZY[INGY
ZNK S[RZOIGYZ GJJXKYY /TZKXTKZ -XU[V 3GTGMKSKTZ 6XUZUIUR /-36
6XUZUIUR /TJKVKTJKTZ 3[RZOIGYZ*KTYK 3UJK 6/3*3 GTJ 6XUZUIUR
/TJKVKTJKTZ3[RZOIGYZ9VGXYK3UJK6/393]NOIN]ORRGYYOYZ_U[OT
[TJKXYZGTJOTMHGYOIS[RZOIGYZVXOTIOVRKYGTJGVVROIGZOUTY

! "#

͑ ͑
:NOYHUUQGOSYZUM[OJK_U[ZNXU[MNZNKVXKIKJOTMIUTIKVZYYZKVH_
YZKVYUZNGZ_U[SG_L[RR_[TJKXYZGTJZNKZKINTURUMOKY?U[IGTGRYU
INUUYKZUXKGJSUJ[RKY_U[GXKSUYZOTZKXKYZKJOTGYJKYOXKJ
e n
8KGJKXYȑ1TU]RKJMK(GIQMXU[TJ
m /
'T_ UL ZNK LURRU]OTM K^VKXOKTIK UX QTU]RKJMK ]ORR HKZZKX _U[X
c o
[TJKXYZGTJOTMof this book:
i .
we
6GXZOIOVGZOTMOTZNK.)*'ZXGOTOTM
ua
6GYYOTMZNK.)*'K^GSOTGZOUT
. h
n g
i
,GSOROGX]OZNZNK:)6/6VXUZUIURYZGIQGTJ/6GJJXKYYKY
n
a r
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
n g
ni
a r
Le
re
Mo
"$

!

JH
Icon Used in This Book
e n
IPv6 Router SOHO Router Voice Router Low-end Router High-end Router
m /
c o
i .
we
ua
Core Router Hub Convergence Switch Core Switch
. hEdge Switch
n g
n i
ar
le
/
Cascade Switch AP AP Amplifier Wireless Bridge Wireless Network Card
:/
ttp
h
Access Server Audio Gateway
s :Firewall Internet Telephony
c e
u r
s o
R e
i ng
n
ar
Le
re
Mo

SDJH
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo

HCDP-IERN Content
Table of Contents
%&#' ............................................................................................................"1
'
!!&"......................................................................................."3
e n
%&$ ......................................................................................................................"37
m /
"
&,!!........................................................................................."39
c o
i .
e
"./
0 1......................................................................................"53
w
a

& 3 ..................................................................................." 87
u
. h
!/&!." "./
50 1....................................................................."107
n g
i
& &"

!............................................................................"#27
n
ar

".............................................................................................."#70
le
7
&"................................................................................................"188
/ /
:
9 &
!....................................................................................................."$14
ttp

/&!."................................................................................................."$39
h
7!..........................................................................................................."$76
s :
e
%&4,......................................................................................................................"291
c
u r
,'
'.............................................................................................................."293
s o

3"
9&,............................................................................................."323
R e
, & ...................................................................................................."447
ng
,""
"................................................................................................"479
i
n
ar
,"& !...................................................................................................."+05
Le,&

...................................................................."+45
re ,%&.:.........................................................................................................."+76
Mo ,
/&!."...................................................................................................."-00
HC Series "#
SDJH
HCDP-IERN Content
Module 4 Route Selection & Control .....................................................................................Page 553
Route Selection Tools.....................................................................................................Page 555
Routing Policy.................................................................................................................Page 574
Policy-based Route Selection ........................................................................................Page 625
Module 5 Multicast ................................................................................................................Page 635
e n
IP Multicast Basis ...........................................................................................................Page 637
m /
IGMP Protocol Principles ..............................................................................................Page 672
c o
PIM-DM Protocol Principles ..........................................................................................Page 714
i .
we
PIM-SM Protocol Principles ..........................................................................................Page 739
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
R e
i ng
n
ar
Le
re
Mo

Page 2 HUAWEI TECHNOLOGIES
HC Series

e n
m/
c o
i .
we
#!$ ua
.h
%!&! n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
SDJH
e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo
SDJH
HCDP-IERN Module 1 Advanced IP
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo
HC Series HUAWEI TECHNOLOGIES Page3

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo
Page4 HUAWEI TECHNOLOGIES HC Series

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
With the extension of network scale, a hierarchical network
structure appears.
h t
Basically, the network can be classified into the core layer,
convergence layer and access:
s layer. The core layer implements
e
c on the core layer have large capacity,
packet switching and high-speed traffic transmission. It is
r
ou and high stability. The convergence layer
required that the devices
fast forwardingsspeed
R
separates the enetwork topology, controls the size of routing table
g The access layer connects terminal users to the
and the network convergence, and implements various service
n
i The access layer provides abundant of interfaces
features.
n
a r powerful access capability, and implements various service
network.
Le features. The hierarchical network structure requires a specific IP

and
re address plan.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
IP address planning is the most importance in network design. In
t
the large network, the IP addresses should be planned uniformly.
h the efficiency of routing
The IP address planning influences
s : performance, extensibility and
protocol calculation, the network
management. Moreover,
c ethe IP address planning influences the
u r application.
development of network
s o of the network design or the skill of a
To check the quality
Re just check the quality of IP address planning.
network engineer,
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the figure above, each area has four network
h t
segments. The routes of a network segment are aggregated on
the core layer, and the aggregated route is forwarded to other
areas.
s :
c
The number of routes one each router is 6, 4 own area routes and
u r routes.
2 other area aggregated
s o
Re
n g
n i
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Compared with the preceding network, this one does not plan the
h t
IP address properly. The routes cannot be aggregated on the
core router. All the routes of the network segment will be sent to
s :
other areas. Each router has 12 routes, which are two times of
c e
the routes on the router in the preceding network.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter2 VLSM
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
An IP address contains a network ID, which identifies a network
h t
segment uniquely or identifies the aggregation of multiple
network segments. Devices in the same network segment use
the same network ID.
s :
c e a host ID, which identifies a device
An IP address also contains
u
in the network segmentr uniquely.
s
How to distinguisho the network ID and the host ID? The Internet
R e the IP addresses into five classes according
designer classifies
gand class E.
to the size of the network, namely, class A, class B, class C,
n
inetwork ID of the IP address of class A is the first octet, and
class D,
n
a r first binary digit of the first binary octet is 0. Therefore, the
The
Le number of valid bits in class A address is 7. The first octet of

the
re class A address ranges from 1 to 126 (127 is reserved). For

Mo example 10.1.1.1 and 126.2.4.78 are class A addresses. The
host ID of the class A address is the last three octets, namely,
the last 24 bits. The IP address of class A ranges from 1.0.0.0 to
126.255.255.255. Each class A network has 224 IP addresses.
The network ID of the class B address is the first two octets. The
first binary digit of the first octet is 1 and the second digit is 0.
Therefore, the number of valid binary digits of the class B
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When deploying IP addresses, we usually use private IP
h t
addresses. Private IP addresses, reserved by the InterNIC, can
be freely used by companies. The private IP addresses cannot
s :
be used to access the Internet. The reason is that there are no
c e
routes to the private IP addresses on the public network and the
r
IP addresses may conflict. When a user needs to access the
u
o
Internet with a private IP address, the private IP address must be
s
Re
translated into a public address that can be identified by the
public network through the Network Address Translation (NAT)
ng
technique. The InterNIC reserves the following network
i
n
segments as the private IP addresses: class A: 10.0.0.0-
ar
10.255.255.255; class B: 172.16.0.0-172.31.255.255; class C:
Le By using the private IP addresses, the enterprises reduces the
192.168.0.0-192.168.255.255.
re
Mo
cost of buying the public addresses and the IP addresses are
saved. However, the private IP addresses cannot solve the
problem of IP address shortage completely. This problem
can be solved by IPv6 addresses. An IPv6 address consists of
128 binary digits and up to 2128 IP addresses can exist.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
An IP address uniquely identifies a device on the network.
h t
However, some IP addresses cannot be used to identify devices,
because they are used for some special purposes.
s :
The IP address with the all 0s host ID is called network address.
c e
The network address identifies a network segment. For example,
u r
class A address 1.0.0.0/8 and private addresses 10.0.0.0/8 and
s o
192.168.1.0/24 are network addresses.
R e with the all 1s host ID is called broadcast

The IP address
gFor example, 10.255.255.255/8 and 192.168.1.255/24
address. A broadcast address identifies all the hosts on a
n
i
network.
arenbroadcast addresses. The router can send broadcast
r on the 10.0.0.0/8 or 192.168.1.0/24 network segment. If
apackets
Le the router sends the packet to the broadcast address, all the
re nodes on the network segment can receive the packet.
Mo The IP address with the network ID being 127 is the loopback
address, for example, 127.0.0.1 is used for loopback test.
The IP address of all 0s indicates all the hosts. On the Huawei
ARG3 routers, IP address 0.0.0.0 specifies the default route.
IP address 255.255.255.255 is also a broadcast address, but it
stands for all hosts and is used to send packets to all the nodes

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
By default, the subnet is not divided. The natural mask of class A
h t
network is 255.0.0.0, the natural mask of class B network is
255.255.0.0, and the natural mask of class C network is
s :
255.255.255.0. The IP addresses can be used more
c e Multiple subnets are divided within

effectively with the subnets.
the network.
u r
s o
Re
n g
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This is a class C address. The first 24 bits stand for the network
t
ID and the last 8 bits stand for the host ID.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the figure above, the subnet can be represented in
two ways.
t
h that the first 28 bits are the
255.255.255.240 and /28 indicate
network ID. s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the figure above , the IP address and subnet mask
are already known.
h t
Then, the network address is obtained from the AND operation
between the IP address and :
s and
the subnet mask. The AND
c
operation is 1&1=1, 1&0=0,e 0&0=0.
u r of the AND operation is as follows:
o 00000001, 00000111
Therefore, the calculation
s
& 1111111. R
e
11000000, 10101000,
11111111, 11111111, 11110000
n g 10101000, 00000001, 00000000
icalculation result is the network address.
11000000,
n
a r
The
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The number of hosts is calculated through the subnet mask.
h t
First, we should know that how many 0s are there in the last
several bits. As shown in the above figure, if there are n 0s, then,
s :
the number of hosts is 2n. The number of IP addresses that
can be allocated is 2n–2e(deducting the network address
c
containing all 0s andrthe broadcast address containing all 1s).
o u
e s
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tpis 255.0.0.0, namely, the 24-
This example shows the calculation of host quantity.
t
bit host ID. The subnet mask ofhclass B address is 255.255.0.0,
The subnet mask of class A address
namely, the 16-bit host ID.sThe : subnet mask of class C address

is 255.255.255.0, namely,
c e the 8-bit host ID.
u r for example. The subnet mask has an 8-bit
Take class C address
host ID, in which s othe first 4 bits are also used as the subnet
mask. Then, R ethe maximum number of hosts is 28-4. 8 refers to
g mask. The number of host ID bits is 8-4, and the valid
the bits of host ID in the natural mask, and 4 refers to the bits of
n
i of hosts is 24-2 .
the subnet
n
a r
number
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As we known, the natural mask of class A address is 255.0.0.0,
h t
namely, the host ID has 24 bits; the natural mask of class B
address is 255.255.0.0, namely, the host ID has 16 bits; the
s :
natural mask of class C address is 255.255.255.0, namely, the
host ID has 8 bits.
c e
u r
Take class C address for example. The standard subnet mask
s o
has 8-bit 0s (host ID). Then, the number of subnets is 28-4. 8
R e
refers to the number of 0s (host ID) in the subnet mask, and 4
g
refers to the bits of the host ID. The number of subnet is
n number of class B addresses can be calculated
i
28-4. The
n
a r
similarly.
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A network can be divided into multiple subnets, and each subnet
uses a unique ID.
The numbers of hosts in the subnets
t
h may be different. If the
s
length of subnet mask is fixed : and the number of IP addresses in
the subnets is the same,elots of IP addresses are wasted.
r c length subnet masking (VLSM)
u
beoused. If the subnet has lots of nodes, the
In this case, the variable
technique can s
subnet mask R eis short. The IP address with short subnet mask
g If the subnet has a few nodes, the subnet mask is
represents less networks/subnets, but more IP addresses can be
n
n iThe IP address with long subnet mask represents more
allocated.
a r networks/subnets, but less IP addresses can be allocated.

long.
Le Such addressing scheme can save lots of IP addresses, which

logical
re can be used in other subnets.

Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the above figure, a company deploys the IP
h t
addresses with class C address 192.168.1.0/24. The company
has bought five routers. A router, which works as the gateway of
s :
the intranet, is connected to the local ISP. The other four
routers are connected toefour branch offices. Each office has 20
PCs, so each office r
c
o u needs 20 host address. How to plan the IP
addresses?
e s
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Step 1: Get to know how many subnets are needed and how
h t
many hosts are required in each subnet. Calculate the subnet
bits and host bits with the formula 2n-2>A (A refers to the
maximum number of host ).
s :
As shown in the above e
r c figure, eight subnets are required. Four
u
offices need 21 IP addresses (including a router interface). The 4
network segments
so example,
addresses. Inethis
connected with the gateway need 2 IP
R the IP addresses of the four
g between the four routers and the gateway are

offices are planned first, and then, the IP addresses of the
n
i
interfaces
n
a r
planned.
Le the number of host bits is 5 and the number of subnet bits is 3.

According to the formula 2n-2>A, if A is 20, then, n is 5. That is,
re Therefore, the number of host bits is 5 in each office.

Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Step 2: In the calculation of subnet portion, the host portion of IP
h t
address 192.168.1.0 is divided into subnet portion and new host
portion. According to the calculation result, the subnet portion
s :
contains three bits, which is represented in binary notation. The
c e
vertical lines mark the subnet space. All the combinations of
u r
the subnet portion are listed from 000.
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Step 3: As shown in the figure above, the network segment
in dotted decimal notation. h t

addresses in the right part are the calculation result represented
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Select some of the network segment addresses calculated in
h t
Step 3 as the final result. In this example, network segments
192.168.1.32/27, 192.168.1.64/27, 192.168.1.96/27 and
192.168.1.128/27 are selected.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Select network segment 192.168.1.160 to plan new subnet. The
h t
IP address is used as the subnet address between the four
offices and the gateway. Through the calculation, the subnet
s :
address is as shown in the figure above .
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The figure above shows the final subnet planning.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the above figure, RTA is connected to four network
h t
segments 172.1.12.0/24, 172.1.13.0/24, 172.1.14.0/24 and
172.1.15.0/24. Then, RTA stores the routes of the four network
s :
segments, and the routes are aggregated on RTA.
c e into a single-hop route

The routes can be aggregated
172.1.12.0/22. Then,rRTA advertises only route 172.1.12.0/22 to
o ureduce the number of routes.
s is to aggregate multiple routes into one .
RTB. It can greatly
e
R
Routing aggregation
g
Routing aggregation can greatly reduce the number of routes,
reducenthe workload of route maintenance, and improve the
n i of the network.
a r
utilization
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the figure above, routes 172.1.12.0/24,
aggregated into route 172.1.12.0/22.h t

172.1.13.0/24, 172.1.14.0/24 and 172.1.15.0/24 can be
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Classless Inter Domain Routing (CIDR), defined by RFC 1817,
h t
uses the VLSM technique to aggregate multiple routes into one.
It does not adhere to the IP address classification rule. This can
s :
minimize the size of the routing table and improve the
c
extensibility of the router. e
u r
The routing protocols supported by CIDR are RIPv2, OSPF,
s o
Integrated ISIS, and BGPv4.
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the above figure, some class C networks are
h t
allocated to the ISP, 198.168.0.0-198.168.255.0. The ISP
allocates the class C networks to the user groups. At present,
s :
three class C networks have been allocated to user groups. If
c e used, the routing table of the ISP’s

the CIDR technique is not
u r connected to the downlink network
router has three routes
soCIDR
segments, and the
Internet. Withethe
routes are advertised to the routers on the
R technique, the three routes
n g into route 198.168.0.0/16. In this case, the ISP’s

198.168.1.0/24, 198.168.2.0/24, and 198.168.3.0/24 can be
aggregated
ni advertises only route 198.168.0.0/16 to the Internet, so the
router
a r of entries in the routing table is reduced.
number
Le Notes: that the number of bits in the network addresses
re aggregated by CIDR must be the same. As shown in the above
Mo
figure, if the ISP is connected to network segment 72.178.1.0/24,
the routes of the network segments cannot be aggregated
and the CIDR technique cannot be implemented.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
What is VLSM? :
p masking technique. If
ttsubnet
h subnet mask is short. The IP
VLSM refers to the variable length
the subnet has lots of nodes, the
: represents less
address with short subnetsmask
c e IP addresses can be allocated. If the
networks/subnets, but more
u r the subnet mask is long. The IP
s
address with longosubnet mask represents more logical
subnet has a few nodes,
R e but less IP addresses can be allocated. Such

networks/subnets,
ngother subnets.
addressing scheme can save lots of IP addresses, which can be
usediin
rn are the steps of planning subnet by VLSM?
e aFour steps. Step 1: Get to know the number of subnet bits and
What
L host bits. Step 2:
re
Mo Calculate the subnet bits. Step 3: Calculate the subnet address.
Step 4: Select the subnet address and obtain the final result.
What are routing aggregation and CIDR?
Routing aggregation is to aaggregation can greatly reduce the
number of routes, reduce the workload of route maintenance,
and improve the utilization of the network.

e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
e n
m/
c o
i .
we
#!' ua
. h
()" n g
n i
r
ea l
/ /
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
SDJH
e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo
SDJH
HCDP-IERN Module 2 OSPF .
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

HCDP-IERN Module 2 OSPF
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
OSPF has the following features˖
h t
Support Classless Inter-Domain Routing˄CIDR˅˖
OSPF is the routing protocol developed for TCP/IP network
s :
environment, which support Classless Inter-Domain Routing (
c e
CIDR ) and Variable Length Subnet Mask ( VLSM )
Loop Free:
u r
s o
The route calculation is based on detailed link state information,
Re
so the routes produced by OSPF are loop free.
ng
Fast Convergence˖
ni
The route update is triggered by topology changes. Once the
ar
network topology is changed, the new link state information is
Le
flooded
Sending and receiving protocol data using multicast˖
re OSPF routers use multicast to send and receive protocol data,
Mo which take up the network resources is very small.
Support equal-cost multi-path˖
If multiple equal-cost routes to a destination exist, the traffic load
is shared equally on these paths.
Support authentication:
Each OSPF packet exchange is authenticated.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The most distinctive feature of OSPF is that it is based on Link
h t
State Algorithm, which is different from Distance Vector Algorithm
used by previous routing protocols. In this course, the basic
s :
calculation process of Link State Algorithm is first introduced to
c e
better understand OSPF principles.
u r
Each router advertises local link state information by flooding
s o
LSA, the link state information includes: available interfaces,
Re
reachable neighbors and attached networks etc.
ng
Each router collects LSAs generated by other routers and itself
i
to form a Link State Database ( LSDB ). LSDB gives the detailed
n
aAllr router’s LSDB are the same.
information about network topology of routing domain.
Le According to LSDB, each router treats itself as the root and other
re
Mo
routers as leaves to calculate the Shortest Path Tree.
The Shortest Path Tree calculated by each router gives route
table entries destined for other routers on the network.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In OSPF, there are two important concepts, one is Autonomous
other is Router ID. h t

System ( AS ), which is also called OSPF routing domain; the
s :
In OSPF, Autonomous System ( AS )is a set of routers that
c e
exchange routing information using the same routing protocol.
u r
s o
LSDB describes the topology of the whole network, including all
the routers on the network, so each router on the network should
Re
be identified uniquely.
ng
Router ID is 32 bit number that is used to uniquely identify a
i
n
router running OSPF in an AS. Each router running OSPF must
ar
have a Router ID.
Le Router ID uses the same format with that of IP address, it is
re recommended to use IP address of Loopback interface as
Mo
Router ID.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
Area is a set of networks.
p :
OSPF supports the combinationt ofta group of networks, this
h is to say, Area is a set of
group can be called an Area, that
s : the size of LSDB, thus reduce
networks. Area division reduces
c e
the network traffic The topology information within an area is not
ur Abstract routing information instead of
flooded into other areas.
detailed link stateoinformation describing topology is transmitted
e sEach area has it’s own LSDB, different areas
R LSDB.
between areas.
g
have different
n maintains a single LSDB for each area to which the
i
The router
n is attached.
r
router
aThe size of LSDB is greatly reduced because the detailed link
e
L state information is not advertised out of the area.
re
Mo
Area 0 is called Backbone Area, which is responsible for
advertising routing information summarized by ABR ( not detailed
link state information ) between non-backbone areas. In order to
avoid inter-area route loops, non-backbone areas are not allowed
to advertise inter-area routing information directly to each other.
Thus, all ABRs are required to have at least one interface
belonging to Area 0, that is to say, each non-backbone area must
be attached to the Backbone Area.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp attached networks are
Internal Router:
Internal Router ( IR ) is the routert
h Routers within the same
whose
all within the same area. The Internal
area maintain the same LSDB.s :
Area Border Router: ce
u r( ABR ) is the router that is attached to more
Area Border Router
than one areas.s
o
ABR maintainsRe one LSDB for each attached area.
n g Router:
i Router is the router that has more than one interfaces
Backbone
n
a r
Backbone
Le all interfaces are within Backbone Area are Backbone Routers.

attached to the Backbone Area. All ABRs and the routers whose
re AS Boundary Router:
Mo AS Boundary Router ( ASBR ) is the router that exchanges
routing information with routers in other AS. ASBR advertises AS
external routing information into the whole routing domain.
An ASBR can be either an IR or an ABR, it can belong to either
Backbone Area or non-backbone area.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp each router uses interface
Topology description˖
t
hRouter ID, the whole routing
There are four routers on the network,
IP address of Loopback 0 as its
domain is splitted into threes :areas.
c e
RTB and RTC are ABRs.
u r is omitted here.
o
IP address configuration
s
R e
OSPF basic configuration include:
g manually, the numerically highest IP address on

router id router-id : to specify router’s Router ID. If Router ID is
n
iof Loopback interfaces is used, if no Loopback interfaces are
not specified
n
a r
any
e configured with IP addresses, the numerically highest IP address

L on any of physical interfaces is used.
re ospf process-id: to enable OSPF. OSPF supports multiple
Mo process, if no process ID is specified, the default process ID 1 is

used.
area area-id: to enter Area view.
network ip-address wildcard: to specify which networks are
attached to the area, the masks of networks should be inverse
masks.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTB, two areas are configured, one is Backbone Area, the
other is nonbackbone area.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTC, two areas are configured, one is Backbone Area, the
other is nonbackbone area.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There is only one area configured on RTD.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There are 5 route entries learned by OSPF in IP routing table.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tpinformation within the area,
What’s the route calculation process of link state algorithm?
t
h state information advertised by
Each router advertise local link state
at the same time, collect the link
s
other routers, thus the LSDB : describing the network topology is
c
formed. According to the eLSDB, routers get a Shortest Path Tree
u r First algorithm, the tree presents the
o routers within the area.
by using Shortest Path
routes reachingsother
What’s OSPF Rearea?
An OSPF
n g area is a set of networks.
n iare steps for OSPF basic configuration?
a r
What
Le networks contained by each area.

First to enable OSPF, then create OSPF areas, finally specify
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
OSPF is a type of dynamic routing protocol, routers running
h t
OSPF need to exchange link state information and routing
information, adjacency relationship must be established before
s :
exchanging these routing information.
Neighbor:
c e
u r
s o
Two routers become neighbors if they have interfaces attached
to the same network. The neighbor relationship is maintained by
Re
Hello Protocol.
ng
Adjacency:
i
n
A relationship formed between selected neighboring routers for
ar
the purpose of exchanging routing information.
Le Not every two neighboring routers will become adjacent. The rule
re of establishing adjacency relationship varies with network types.
Mo In the figure above, RTA has three neighbors.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As we know, not every two neighboring routers will become
h t
adjacent to exchange link state information and routing
information, adjacency relationship establishment depends on
s :
network type. The network type is the layer two link type of
network running OSPF.
c e
u r
OSPF defines four network types: Point-to-point, Broadcast,
s o
NBMA and Point-to-MultiPoint.
R
Point-to-pointenetwork is a network that joins a single pair of
routers.
n gserial line is an example of a point-to-point network.
n i
A 64Kb
r
aBroadcast network is a network supporting more than two
Le routers, together with the capability to broadcast.
re An Ethernet having 4 routers is an example of broadcast
Mo
network.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
Non-broadcast network is a network supporting more than two
OSPF runs in one of two modes

t
routers, but having no broadcast capability.
h over non-broadcast networks,
s : multi-access or NBMA, the
one mode is called non-broadcast
c e
other mode is called Pointto-MultiPoint or P2MP.
u r
s o
Non-Broadcast Multi-Access ( NBMA ):
R
network, but
e
NBMA mode simulates
each
the operation of OSPF on a broadcast
neighbor must be manually configured.
n g requires that all routers on the network are fully

NBMA mode
n i E.g. the ATM using SVC.
meshed.
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp as a collection of point-
Point-to-MultiPoint:
P2MP treats the non-broadcast network
to-point links. The neighbors can
t
h be discovered by using some
lower-level protocols suchsas : Inverse ARP.
c emeshed, P2MP mode should be used.
rthat is not fully meshed.
If the network is not fully
u
o
E.g. the frame relay
s
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
The table list default network types for common data link layer
protocols.
t
h network type.
Point-to-MultiPoint is not a default
s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There is another type of network except four network types just
mentioned, that is Virtual Link.
h t
The Backbone Area must be continuous, if not, virtual links can
be used to make it logically :
s continuous.
c e
r
Virtual links can be established between any two ABRs as long
as these two ABRsuhave interfaces attached to the same non-
backbone area,stheo nonbackbone area is called Transit Area.
According to Rethe figure above, RTB is an ABR that is not
attachedgto the Backbone Area, a virtual link can be established
i n RTA and RTB to connect RTB to the Backbone Area.
r n 1 is the Transit Area of the virtual link.
between
Area
e aTheoretically speaking, virtual links can allow the Backbone Area
L to be discontinuous, but it is not recommended in practice.
re
Mo
Virtual link is a logical link belonging to the Backbone Area ( Area
0 ).

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Interface states:
Down˖
h t
:
This is the initial interface state. In this state, the lower-level
s
e
protocols have indicated that the interface is unusable. All
c
r
interface timers are disabled.
u
Loopback˖
s o
R e
In this state, the router’s interface to the network is looped back.
Interface in this state is advertised as a Stub network.
n g
i
Point-to-point˄P-to-P˅˖
In n
rthis state,
aphysical
the interface is operational, and connects either to a
Le this state, the routers attempts to form an adjacency with the

point-to-point network or to a virtual link. Upon entering
re neighboring router. Hello packets are sent to the neighbor every
Mo Hello Interval seconds.

Events causing interface state changes:
UnloopInd˖
An indication has been received that the interface is no longer
looped back. If this indication is received by interface in
Loopback state, the new interface state will be Down.

InterfaceUp˖
Lower-level protocols have indicated that the network interface is
operational.
It enables the interface to transition out of Down state to point-to-
point on P2P or Virtual links when an Interface Up event occurs.
PIP,PIMP and virtual-link have simple interface state transition
because these networks do not choose DR and BDR.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Every broadcast and NBMA networks containing more than two
Router ( BDR ). h t
routers has a Designated Router ( DR ) and Backup Designated
Functions of DR and BDR: s :

c e
r
1. Reduce the number of adjacencies, thus reduce the frequency
u
s o
of exchanging link state information and routing information to
save the bandwidth and lower the demand for routers capability.
Re
The router that is neither DR nor BDR only establish adjacency
ng
relationship with DR and BDR to exchange link state information
i
and routing information, thus the number of adjacencies is
n
aInrthe figure above, although RTA has 3 neighbors, but it has
greatly reduced on broadcast and NBMA network.
Le only 2 adjacencies.
re
Mo
2. the DR originates a network –LSA describing a broadcast or
NBMA network.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
DR and BDR are elected by the Hello Protocol. The election
Routers with a priority of 0 are h

t
result is dependent on interface’s Router Priority.
ineligible to become DR or BDR.
:
s the more preferable the router is
e
The higher the Router Priority,
c relationships stable, if a router’s
r
In order to make adjacency
u first become functional, it checks to see
o
interface to a network
es currently a DR for the network. If there is, it
whether there is
accepts thatRDR, regardless of its Router Priority.
n g DR doesn’t work, the BDR becomes the new DR

If the current
and i
n the new BDR is elected; if the current BDR doesn’t work, the
r BDR is elected while the DR is not changed.
anew
Le The election mechanism tries to make the transition to a new DR
re smoother and maintain stable adjacency relationships, thus
Mo
reduce the impact of the topology change on the adjacency
relationship.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpthe default priority on VRP
ospf dr-priority value˖set interface’s Router Priority.
Router Priority ranges from 0 to t
is 1. h 255,
s : Router Priority, then Router IDs are

e ID indicates higher priority.
If two routers have the same
c
r Priority, need to restart the ospf process
compared, the larger Router
u
o
If you modify the Router
s
Re
to re-participate the DR and BDR election.
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Interface states and events:
Waiting˖
h t
:
In this state, the router is trying to determine the identity of the
s
e
DR and BDR for the network. To do this, the router monitors the
c
r
Hello Packets it receives. The router is not allowed to elect a DR
u
s o
or a BDR until it transitions out of Waiting state. This prevents
unnecessary changes of DR and BDR.
Backup˖ R e
n g
In this state, the router itself is the BDR on the attached network.
The i
r nthe network.
router establishes adjacencies to all other routers attached
ato
Le DR˖
re In this state, this router itself is the DR on the attached network.
Mo Adjacencies are established to all other routers attached to the

network.
DROther˖
The interface is to a broadcast or NBMA network on which
another router has been selected to be the DR. In this state, the
router itself has not been selected BDR either. The router form
adjacencies to both the DR and the BDR.
BackupSeen˖
The router has detected the existence or non-existence of a BDR
for the network.
Before electing a DR and BDR for broadcast or NBMA network,
the routers will wait for RouterDeadInterval to detect whether DR
or BDR has existed for the network. If DR and BDR exists, the
selection is disabled and the routers become DROther directly.
e n
So the router with the highest Router Priority may not be DR, the
m/
router with the second highest Router Priority may not be BDR
c o
either.
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Routers connected by point-to-point networks, Point-to-MultiPoint
h t
networks and virtual links always become adjacent. On
broadcast and NBMA networks, all routers become adjacent to
s :
both the DR and BDR, the number of adjacencies are smaller
than that of neighbors.
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
Topology description: :
p by a frame relay switch.
t tother
All networks belong to Area 1. h
Three routers are connected each
s :on NBMA network, but neighbors

Inverse ARP is not needed
c e
r 10.1.1.2 and 10.1.1.3.
must be manually configured.
u
o the neighbor’s interface to the network is used
RTA has two neighbors
s
Reneighbor.
The IP address
to identify this
of
n g
n i
peer ip-address [ dr-priority dr-priority-number ]
a r
dr-priority-number˖neighbor’s Router Priority, the default priority
Le
is 1.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Configure two neighbors on RTB, 10.1.1.1 and 10.1.1.3.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Configure two neighbors on RTC, 10.1.1.1 and 10.1.1.2.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The routes destined for other routers’ Loopback interface are
learned from OSPF.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
State: interface state
p :
Type: network type of interface tt
h
:
Priority˖interface’s Router Priority, used for election DR and
s
BDR
c einterface IP address Backup Designated
Designated Router: DR
u r IP address
o
Router: BDR interface
s
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
In this example: :
p RTB and RTC are not
ttbut
h
RTA connects to other two routers,
connected.
s : relay network must be manually
e
OSPF network type on frame
c
u r
configured as Point-to-MultiPoint, because the network is not
fully meshed.
o
es be enabled on interface on frame relay
Inverse ARP should
network. R
n
All RTA’sgattached networks are configured to be within the Area
1. i
r n configure the network type of Serial 1/0 as Point-to-
e aMultiPoint ospf network-type { broadcast | nbma | p2mp | p2p }
Manually
L
re 4 network types are available.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
All RTB’s attached networks are configured to be within Area 1,
MultiPoint. h t
the network type of Serial 1/0 is configured as Point-to-
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
All RTC’s attached networks are configured to be within Area 1,
MultiPoint. h t
the network type of Serial 1/0 is configured as Point-to-
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In RTC’s routing table, the two routes destined for Loopback 0
interface is also learned from OSPF.h t

are learned from OSPF, the route destined for RTB’s physical
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The network type is Point-to-MultiPoint, the stable interface state
t
is point-to-point for Point-to-MultiPoint network type.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp to the Backbone Area,
In this example:
h
RTC is ABR, but RTC is not attachedt
:virtual link.
So configure virtual link between RTB and RTC.
s
c e
Area 1 is the Transit Area of
u r
All RTA’s attached networks are configured to be within Area 0.
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
When configuring virtual link, the Router ID of the other endpoint
must be configured.
Virtual link is configured in the h
t
area view of transit area.
vlink-peer router-id ˖the s
:
c e Router ID of the other endpoint is used
r
to identify the peer router.
u
s o
R e
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Virtual link must be configured on both ABRs.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
All RTD’s attached networks are configured to be within Area 2.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTD learned 5 routes by OSPF.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
Neighbor-id:
p :
Peer Router ID of the virtual link.tt
h
s :
c e
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttopthe same network can
What’s the difference between neighbor and adjacency?
Any two routers that are attached
become neighbors, while adjacency
t
h indicates the neighbors
s
which can exchange link state: information, only part of neighbors
can become adjacent. e
r cdoes OSPF support?
o u
What types of network
Point-to-Point, s
What are DR
e broadcast, NBMA and Point-to-MultiPoint
R and BDR?
DR is n
g
i the designated router on broadcast or NBMA network, it is
n to exchange routing information with other routers on the
a r
used
e network.
L The router with biggest router ID should be DR absolutely, is that
re right?
Mo The router with highest Router ID may not be the DR. In order to
maintain network stability, topology change does not lead to
reelection of DR and BDR.
How does an operator specify peer router when configuring
virtual link?
Use the peer’s Router ID.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp but all these packets
The OSPF protocol runs directly over IP, using IP protocol 89.
h t
OSPF has 5 types of protocol packets,
share a common
s :
protocol header.
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
All OSPF protocol packets share a common protocol header.
Version #˖
h t
:
OSPF version number, which should be 2.
s
Type˖
c e
u r
OSPF packet type, there are 5 type of packets.
Packet length˖
s o
Re
The length of the OSPF protocol packet in bytes. This length
ng
includes the standard OSPF header.
i
n
Router ID˖
r Router ID of the packet’s source.
aThe
Le Area ID˖
re A 32-bit number identifying the area that this packet belongs to.
Mo AuType˖
Identifies the authentication procedure to be used for the packet.
Authentication˖
A 64-bit field for use by the authentication scheme.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp authentication and
OSPF protocol packet authentication:
On VRP system, OSPF supportstarea
interface authentication. h
s : all routers’ authentication mode
e within the same area; interface
When using area authentication,
c
r to authenticate between neighboring
and password must match
u
routers, which s o area authentication.
authentication is used
overrides
Re there is only one area containing two routers.
In this example,
n
Interfacegencryption
authentication is configured, authentication mode is
n i
“simple”, type is “plain”, the password between RTA
a r RTB is “huawei”.
and
Le On RTA, in interface view, configure authentication mode as
re “simple”, encryption type as “plain”, password as “huawei”.
Mo
If area authentication is used, the following command is used:
Authentication mode is “simple”
authentication-mode simple { [ plain ] plain-text | cipher cipher-
text }
plain˖encryption type is “plain”.
cipher˖encryption type is “cipher”.

Authentication mode is “MD5”

authentication-mode md5 key-id { [ plain ] plain-text | cipher
cipher-text }
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTB, in interface view, configure authentication mode as
t
“simple”, encryption type as “plain”, password as “huawei”.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpmaintain neighbor
OSPF has 5 type of protocol packets.
Hello packet is used to discover t
relationship. On broadcast andhNBMA network, Hello packet can
and
also be used to elect DR s : BDR.

and
c e
r
DD packet is used to summarize database contents.
LS Request packetuis used to request the pieces of the
s o that are more up-to-date.
LS Update R
e
neighbor’s database
is used to synchronize database by flooding of LSAs.
g
LS Acknis used to make the flooding of LSAs reliable by
n i
r
acknowledging flooded LSAs.
aAll packets are sent only between adjacent routers except
e
L Hellos.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
All OSPF protocol packets carry LSA information except Hellos.
LS age˖
h t
:
The time in seconds since the LSA was originated.
s
LS type˖
c e
u r
The type of the LSA. There are 5 type of common LSAs.
Link State ID˖
s o
Re
This field identifies the portion of the internet environment that is
ng
being described
i
n
by the LSA. E.g. Router ID
r
aAdvertising Router˖
Le The Router ID of the router that originated the LSA.
re LS sequence number˖
Mo Detects old or duplicate LSAs.
LS typeˈLink State ID and Advertising Router together uniquely
identify the LSA.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Router-LSA and Network-LSA are used to calculate intra-area
information. h t
routes, these two types of LSA describe detailed link state
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Each router advertises Router-LSA to other routers in the same
area.
t
h within the area.
Only DR advertises Network-LSA
s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp information instead of
Network-Summary-LSA is used to calculate inter-area routes.
This type of LSA describes brief t
detailed link state information. h
routing
:
The default route can alsosbe advertised by Network-Summary-
c e
LSA.
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The route destined for network N1 is advertised to ABR by
h t
Router-LSA, ABR abstracts routing information from link state
information, then advertises it to other areas by Network-
Summary-LSA.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Type 4 LSA describes how to reach ASBR, type 5 LSA describes
h t
how to reach a certain destination outside the AS. These two
types of LSA can be used together to calculate the AS external
routes.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
ASBR uses type 5 LSAs to describe AS external route, these
t
LSAs are flooded within the whole AS.
h to other areas, ABR
When advertising type 5 LSA received
s : how to reach ASBR. Type 4
generates a type 4 LSA describing
LSA can only be floodedewithin the area, when type 5 LSA is
r c
o utype 4 LSA for the area.
flooded into a certain area, the ABR associated with this area
s
must create a new
e
R
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Link State ID identifies a piece of the routing domain that is being
h
State ID takes on the different values.
t
described by the LSA. Depending on the LSA’s LS type, the Link
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The combination of LS type, Link State ID and Advertising Router
h t
uniquely identifies one LSA, one LSA may have multiple
instances. LS sequence number is used to detect which instance
is more recent.
s :
LS Sequence Number ˖
c e
u r is a signed 32-bit integer. It is used to
detect old and s o LSAs.
LS Sequence Number
duplicate
The sequenceRe number 0x80000000(231) is reserved. This leaves
n g number
0x80000001 (231+1 ) as the smallest sequence number. This
n i
sequence is used by router the first time it originates any
r Afterwards,
LSA.
aeach
the LSA’s sequence number is incremented
Le the sequence number the more recent the LSA.

time the router originates a new instance of LSA. The larger
re
Mo
If the router received a self-originated LSA which is newer than
the last instance that the router actually originated, the router
must then advance the LSA’s LS sequence number one past the
received LS sequence number, and originate a new instance of
the LSA.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp LSAs are also aged
LS Age˖
This field is the age of the LSA intseconds.
as they are held in each router’s h database.
s : by InfTransDelay on every hop of
LS age must be incremented
c e
the flooding procedure.
If the LS age field u
r
s o LSRefreshTime, a new instance of the LSA is
of one of the router’s self-originated LSAs
e
reaches the value
originated. R
n
A MaxAge g LSA must be removed from the router’s LSDB.
nismaller the LS Age, the more recent the LSA.
a r
The
Le LSA instance whose LS Age is set as Max Age.

If the router is to delete the self-originated LSA, it create a new
re If the router receives MaxAge LSA, the LSA in LSDB is deleted (

Mo if the LSA exists in LSDB ).

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp and Authentication
What information are included in OSPF message header?
Check version number, Area ID, t
h AuType
: and interface authentication.

How to configure OSPF packet authentication?
s
e
supports area authentication
c
u r
When using area authentication, all routers’ authentication mode
s
and password musto mach within the same area; interface
Reoverrides
authentication
routers, which
is used to authenticate between neighboring
area authentication.
g
n LSA types of OSPF?
i
What are
n LSAs include: Router-LSAˈNetwork-LSAˈNetwork-
r
Common
aSummary-LSA,ASBR-Summary-LSA and AS-External-LSA.
e
L How to detect whether a LSA is more recent or not?
re
Mo
Using LS Sequence Number and LS age. The larger the
Sequence Number, the more recent the LSA, if the Sequence
Number is the same, LS age is compared, the smaller the LS
age, the more recent the LSA.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
Key fields˖
p :
ttassociated
Network Mask˖the network mask
h with this interface
:
HelloInterval˖the number of seconds between this router’s Hello
s
packets.
e
Options˖the optionalccapabilities supported by the router,
u ris beyond the scope of this course.
o Router Priority. Used in DR and BDR
detailed information
s
election. R
e
Rtr Pri˖this router’s
n g
i
RouterDeadInterval˖the
n Hello
number of seconds before the router’s
a r
neighbors will declare it down, when they stop hearing the
e router’s
L HelloInterval.
Packets. The common value is 4 times
re Designated Router˖the identity of the Designated Router for this

Mo network, in the view of the sending router. The Designated
Router is identified here by its IP interface address on
the network. Set to 0.0.0.0 if there is no Designated Router.
Backup Designated Router˖the identity of the Backup
Designated Router for this network, in the view of the sending
router. The Backup Designated Router is identified here by its IP

interface address on the network. Set to 0.0.0.0 if there is no

Backup Designated Router.
Neighbor˖the Router IDs of each router from whom valid Hello
packets have been seen recently on the network.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The validity of OSPF packet must be checked before checking
h t
the validity of Hello packet. When checking the validity of Hello
packet, the following requirements are considered:
s :
1.The values of the Network Mask, HelloInterval, and
c e
RouterDeadInterval fields in the received Hello packet must be
u r
checked against the values configured for the receiving interface.
s o
Any mismatch causes processing to stop and the packet to be
R e there is one exception to the above rule: on

dropped. However
g Hello Packet should be ignored.
point-to-point networks and on virtual links, the Network Mask in
n
i setting of the E-bit ( indicate whether accept AS external
the received
n
a r ) found in the Hello Packet’s Options field must match this
2.The
Le area’s ExternalRoutingCapability.
route
re
Mo
The detailed information is covered in < OSPF Special Areas>.
If the router finds that its Router ID is included in the neighbor list
of Hello Packet received, neighbor relationship is considered to
be established.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This figure shows the process of establishing neighbor
t
relationship and the transition of neighbor states.
Down˖this is the initial state ofha neighbor conversation. It
s
indicates that there has been: no recent information received from
the neighbor. On NBMAenetworks, Hello packets may still be sent
c
to “Down” neighborsrevery PollInterval seconds, generally this
o uRouterDeadInterval.
s is only valid for neighbors attached to NBMA
interval is equal to
e
Attempt˖this R state
g
networks. It indicates that no recent information has been
n from the neighbor, but that a more concerted effort
i
received
n be made to contact the neighbor. This is done by
r
should
asending the neighbor Hello packets at intervals of HelloInterval. If
e
L no Hello packet is heard from neighbor in RouterDeadInterval,
re the state will transit to Down.
Mo *On NBMA networks some configuration information may be
necessary for the operation of the Hello Protocol. Each router
that may potentially become Designated Router has a list of all
other routers attached to the network. A router, having
Designated Router potential, sends Hello Packets to all other
potential Designated Routers when its interface to the NBMA
network first becomes operational. This is an attempt to find the
Designated Router for the network. If the router itself is elected

Designated Router, it begins sending Hello Packets to all other
routers attached to the network. *
Init: in this state, a Hello packet has recently been seen from the
neighbor.
However the router itself did not appear in the neighbor’s Hello
packet indicating that bidirectional communication has not yet
e n
been established with the neighbor.
m/
Neighbor in Init state should be contained in Hello packet sent by
c o
the router itself.
i .
2-WayReceived: Bidirectional communication has been realized we
between the two neighboring routers. This is indicated by the
ua
router seeing itself in the neighbor’s Hello packet.
. h
n g
2-Way: in this state, communication between the two routers is
n i
bidirectional, but adjacency is not established. This is the most
a r
advanced state short of beginning adjacency establishment.
1-WayReceived˖a Hello packet has been l e form the
/ / This situation is
received
neighbor, in which the router is not mentioned.
p :
usually caused by restarting of neighbor.
t
ht
s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this example, DR for the network is 10.1.1.2, BDR for the
h t
network is 10.1.1.3, RTD and 1.1.1.1 are all DRothers, so RTD
can not establish adjacency with 1.1.1.1, their stable neighbor
state is 2 Way.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp which is used for
DD Sequence Number˖
Each DD packet has a sequencetnumber
acknowledgement of DD packet. h The sequence number is 2
bytes . s :
c e
Master/Slave˖
Master and Slave u
r
s o to exchange LSDB information. If Master
relationship should be established before
Re
sending DD packets
and Slave relationship is determined, Master is responsible for
sendinggDD packet, Slave can only send a DD packet whose
i n number must equal to that of DD packet sent by
rn
sequence
Master.
e aRelated neighbor states:
L ExStart ˖ this is the first step in creating an adjacency between
re
Mo
the two neighboring routers. The goal of this step is to decide
which router is the master, and to decide upon the initial DD
sequence number. Link state information is not included in DD
packet sent by neighbor in this state.
Exchange˖in this state the routers are sending DD packets
containing abstract of link state information to each other.
Loading˖in this state, LS Request packets are sent to the

neighbor asking for the more recent LSAs that have been
discovered but not yet received in the exchange state; LS
Update packets are sent to the neighbor sending LS Request
packets.
Full˖in this state, the neighboring routers’ LSDBs are fully
synchronized.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
1. When the neighbor state transiting to ExStart, RTA sends the
h t
first DD packet to RTB, in this packet the DD sequence number
is set to 552A, Initialize bit is set to indicate it’s the first DD
s :
packet, More bit is set to indicate that there are more DD packets
c e
to be sent, Master bit is set to declare itself the Master.
u r
2. When the neighbor state transiting to ExStart, RTB sends the
s o
first DD packet to RTA, in this packet the DD sequence number
Re
is set to 5528. RTB should be the Master, for RTB’s Router ID is
ng
bigger than that of RTA. After finishing comparison of Router ID,
RTA will generate the event called NegotiationDone to transit
ni
a3.rWhen the neighbor state transiting to Exchange, RTA sends
the state from ExStart to Exchange.
Le the new DD packet, this packet contains abstract of LSDB, the

re DD Sequence number is equal to that of RTB, More bit is cleared
Mo indicating this is the last DD packet, Master bit is cleared
indicating RTA declares itself the Slave. After receiving this
packet, RTB will generate the event called NegotiationDone to
transit the state to Exchange.
4. When the neighbor state transiting to Exchange, RTB sends a
new DD packet, this packet contains abstract of LSDB, the DD
Sequence number is set to 5529 ( increments the previous
Sequence number ).
5. Even RTA doesn’t need any DD packet to describe its LSDB,
but as the Slave, RTA must acknowledge every DD packet sent
by RTB.
So RTA send a new empty DD packet with Sequence number
equal to 5529. After sending the last DD packet, RTA generates
the event called ExchangeDone and transits the neighbor state
e n
to Loading. After receiving the last DD packet, RTB transiting the
m/
neighbor state to Full. ( Assuming that RTB’s LSDB is the most
c o
recent and complete, it doesn’t need to request for update from
i .
RTA )
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
1. When the neighbor state transiting to Loading, RTA start
h t
sending LS request packet to RTB, requesting for link state
information that is not contained in local LSDB but found by DD
packets.
s :
c e packet from RTA, RTB sends LS
2. After receiving LS Request
u
Update packet to RTA, r this packet contains the detailed link state
s o After receiving LS Update packet, RTA
information requested.
R e state from Loading to Full.

transits the neighbor
g LS Ack packets are used for acknowledgement of

3. RTA sends LS Ack to RTB to ensure the transmission
n
i LSA.
reliability.
n
r neighbor state becomes Full, indicating that neighboring
received
aThe
Le routers are fully adjacent.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp on the network
RouterID˖neighbor’s Router ID
Address˖neighbor’s interface IPtaddress
h
: packets, whether the neighbor is
State˖neighbor’s state, Full state indicates full adjacency
s
Mode˖when exchanging
c e DD
Master or Slave.
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Different OSPF protocol packets have different parts of LSA
information.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
When new LSA is received or generated, this LSA should be
flooded.
LSA flooding only need LS Update
t
h packet and LS Ack packet.
s : RTA sends a LS Update packet to
e in this packet.
1. If RTA is to flood new LSA,
c
rnew LSA, RTB send a LS Ack packet to
RTB, the new LSA is contained
u
o
2. After receiving the
s
Re new LSA between two fully adjacent routers, their
RTA for acknowledgement.
When flooding
neighbor
n gstates are not affected.
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
All packets are sent to the multicast address 224.0.0.5 on Point-
to-Point network.
t
h address on NBMA network,
All packets are sent to the unicast
s :munally configured neighbor.
the packet destination is the
e sent as a unicast.
Packets on virtual linkcare
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On broadcast network, DR and BDR send LS Update packet and
h t
LS Ack packet to the destination 224.0.0.5 ( AllSPFRouters ),
other routers send LS Update packet and LS Ack packet to the
s :
destination 224.0.0.6 ( AllDRouters ).
c e
On Point-to-MultiPoint network, if LS Update packet is sent for
u r
the purpose of acknowledgement of the LS Request packet, the
LS Update packet
s o is sent as a unicast, if LS Update packet is
R e
sent for flooding new LSA, the LS Update packet is sent to the
g
destination 224.0.0.5 ( AllSPFRouters ).
n
n i
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
How to check the valid Hello packet?
h t
Check Network MaskˈHelloIntervalˈRouterDeadInterval
E-bit in Options field.
and
s : state transition?
e is neighbor establishment, the second
What are stages of neighbor
c
r
Two stages: the first stage
stage is adjacencyuestablishment.
s oneighbor state if neighboring routers can not
Re relationship?
What’s the stable
establish adjacency
n g neighbor state is 2 way.
i the stable neighbor state if neighboring routers can
The stable
n
a r
What’s
Le The stable neighbor state is Full.

establish adjacency relationship?
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
LSDB describes network topology by using a directed graph. The
A stub network’s vertex has only

t
graph’s vertices are routers, transit networks and stub networks.
h incoming edges. E.g. the
s
Loopback interface is a stub : network.
e to represent routers and stub
This picture describeschow
u r
networks.
Cost indicates s
o
Reon OSPF interface, representing the interface
the cost from one vertex to another, it is
configurable
n g
output cost.
n i
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Transit networks are those capable of carrying data traffic that is
A broadcast network or NBMA h

t
neither locally originated nor locally destined.
with more than two routers is a
transit network. s :
c e
r
The cost from the router to its attached Transit network is the
u attached to this network.
o
cost of the interface
s router to its attached Transit network is 0.
e
The cost from the
R
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this example, the costs of both interfaces are configured as
20.1.1.0/24. h t
48. In the directed graph, N1 indicates 10.1.1.0/24, N2 indicates
s :
For Point-to-Point link whose two interfaces are attached to
c e
different networks, the rules for describing this type of link are:
u r
s o
Two routers are directly connected with two directed lines, one
line for each direction.
R e
Both interfaces’ networks are stub network.
n g
Each router advertises a stub link to the attached network.
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
In this example, the costs for both interfaces are 48. In the
For Point-to-Point link whose two

t
directed graph, N1 indicates 10.1.1.0/24.
h interfaces are attached to the
same network, the rules for s :describing this type of link are:
c econnected with two directed lines, one
r
Two routers are directly
u
o two interfaces is stub network.
line for each direction.
s
Readvertise a stub link to the attached network.
The network connecting
Both routers
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
By default, OSPF interface cost is associated with interface
bandwidth, the equation is :
bandwidth-reference / bandwidth h t
s :
value for FE interfacec e is 1.
The default value for bandwidth-reference is 100M, so the default
u rto change interface cost, one way is to

cost
There are two ways
s oby the command “ospf cost” in interface view,
Reis to change bandwidth reference in OSPF view,
change the cost
the other way
then thegsystem will calculate the cost automatically.
n
ospficost cost
rn
e acost˖OSPF interface cost, ranges from 1̚65535.
L bandwidth-reference value
re value˖reference value for calculating OSPF interface cost, the
Mo unit is Mbit/s, the range is 1̚2147483648

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A router-LSA is generated by each router in the area. It describes
h t
the state of the router’s interfaces to the area. A router-LSA can
describe multiple links, each link is described by Link ID, Data,
Type and Metric.
s :
c e of the router link ( not the network
1. Type˖a quick description
u r ), Router-LSA describes 4 kinds of link
types supported by OSPF
type:
s o
Re point-to-point connection to another router
Point-to-Point:
n g
TransNet˖connection to a transit network, such as broadcast or
n
NBMA i network.
a r
StubNet˖connection to a stub network ( such as Loopback
Le interface ).
re Virtual˖virtual link
Mo 2. Link ID˖identifies the object that this router link connects to.
Value depends on the link’s Type.
3. Data˖additional information describing the link, value again
depends on the link’s Type field.
4. Metric˖the cost of using this router link.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The contents of Link ID and Data depends on the link’s Type
t
field. This table shows their relationships.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
In this example:
p :
RTA’s Router ID is 1.1.1.1; RTB’stt
h Router ID is 2.2.2.2
:
Both interfaces are connected to the same network, the network
s
is within Area 1.
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
p :
This figure shows Router-LSA generated by RTA.
t tlink:
This Router-LSA describes a PPP
h
: router, the Data field should specify
1. Describe a point-to-point link, the Link ID should be set to the
s
e
Router ID of the neighboring
c
r
the IP interface address.
2. Describe a stubunetwork with Link ID set to the IP network
s o network, Link Data set to the attached
Re mask.
number of the attached
network’s address
3. Both g
i ncosts equal to the interface’s configured output cost.
r n
e a
L
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp ID is 2.2.2.2, RTC’s
In this example:
RTA’s Router ID is 1.1.1.1, RTB’stRouter
h ID is 4.4.4.4
Router ID is 3.3.3.3, RTD’s Router
s :changing interface’s Router Priority
Configure RTA to be DR by
c e to the same network, the network is
r
Four interfaces are attached
u
within Area 1.
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp and NBMA interfaces:
This is RTD’s Router-LSA.
h
For Router-LSA describing broadcast t
:
1. If the state of the interface is Waiting, or there is only one
OSPF router exists in thissnetwork, or there is no DR on the
c e description is added to the router-
rto the IP network number of the attached
network, then a stub network
u
o set to the attached network’s address mask.
LSA with Link ID set
s
Else, there R
e
network, Link Data
has been a Designated Router elected for the
attachedgnetwork. A transit network description is added to the
i n with Link ID set to the IP interface address of the
n network’s Designated Router, Link Data set to
router-LSA
r
e athe router’s own IP interface address.
attached
L
re 2. The cost is equal to interface’s configured output cost.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
In this example:
p :
RTA’s Router ID is 1.1.1.1, RTB’stt
h ID is 4.4.4.4 The network is
Router ID is 3.3.3.3, RTD’s Router
Router ID is 2.2.2.2, RTS’s
within Area 1. s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp transit broadcast or NBMA
This is Area 1’s network-LSA.
t
h all the routers that are
A network-LSA is generated for every
network. The network LSA describes
attached to the network. Ins :a network-LSA:
c e
r
Link State ID for a network-LSA is the IP interface address of the
DR Net mask for aunetwork-LSA is the network’s address mask.
s o by the Net mask yields the network’s IP
e
Link State ID masked
address. R
n g
The network-LSA also contains an attached routers’ list.
i
n is norouters.
a r
There cost for the link between transit network and
Le attached
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
In this example:
p :
All networks are within Area 1. tt
h
:
There are two Point-to-Point networks and a broadcast network
Each router’s Router IDeissrouter’s Loopback 0’s interface IP
address.
r c
o u
e s
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp describing 4 routers’
This is Area 1’s LSDB.
h t
In this LSDB, there are 4 Router-LSAs
active link, one Network-LSA describing broadcast network.
s :
c e
u r
s o
R e
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
p :
This is the directed graph described by LSDB.
ttLoopback
described as stub network. h
There are a transit network and 5 interfaces are
s :
c e
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Each router calculates the shortest-path tree using itself as the
root.
t
h tree is done here in two
The formation of the shortest path
stages. s :
In the first stage, onlyc e between routers and transit networks
are considered. ur
links
s o leaves are added to the tree by considering

the links to R
e
In the second stage,
stub networks.
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
In this example, how RTA calculates the shortest-path tree
The first step is to initialize theh

t
regarding itself as the root is described in detail.
shortest-path tree, RTA treat itself
:
s to the shortest-path tree.
as the root, this root is added
c e
u r
s o
R e
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After being added to the shortest-path tree, RTA examines
h t
Router-LSA originated by itself, each link described by Router-
LSA except stub link is added to a list of candidate vertices, the
s :
vertex ID is Link ID, the cost to the root is the metric in LSA. In
c e
this example, the vertex 4.4.4.4 and 2.2.2.2 are added to the
candidate list.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The candidate vertex with the smallest cost is added to the
h t
shortest-path tree, removed from the candidate list. In this
example, the vertex 2.2.2.2 is added to the shortest-path tree
s :
and removed from the candidate list.
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This figure shows the current shortest-path tree described by the
directed graph.
RTB is the newly added vertex.h
t
s :
c e
u r
s o
Re
n g
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
If a new vertex is added to the shortest-path tree, examine the
h t
LSA whose LS ID is the new vertex’s vertex ID. In this example,
examine the LSA whose LS ID is 2.2.2.2.
s :
If a Link ID described by the LSA already appears on the
c e
shortest-path tree, then this link is ignored. In this example, the
u r
link with Link ID 1.1.1.1 is ignored, only the vertex 10.3.1.1 is
s o
added to the candidate list.
e root is the sum of the metric of the link ( here is 1
The cost toRthe
g
) and the metric ( here is 48 ) between parent vertex ( here is
2.2.2.2n)and the root.
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The candidate vertex whose cost to the root is smallest is added
h t
to the shortest path tree, removed from the candidate list. In this
example, the vertex 10.3.1.1 is added to the shortest-path tree
s :
and removed from the candidate list.
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
directed graph.
N6 is the newly added vertex. h
t
s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Examine the LSA whose LS ID is the new vertex’s vertex ID. In
t
this example, examine the LSA whose LS ID is 10.3.1.1.
The link with Link ID is 2.2.2.2,hthe vertex 3.3.3.3 and 4.4.4.4 are
added to candidate list. s:
c e to attached router is 0.
r
The cost from transit network
If the candidate listuhas two same vertex ID with different cost to
s o with higher cost to the root is removed form
Relist.
the root, the vertex
the candidate
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The candidate vertex with the smallest cost to the root is added
added to the shortest-path tree. h t

to the shortestpath tree. In this example, the vertex 3.3.3.3 is
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This figure shows the shortest-path tree described by the
t
directed graph. RTC is the newly added vertex.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
h
vertex is added to the candidate list.
t
this example, examine the LSA whose LS ID is 3.3.3.3, no new
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The candidate vertex with the smallest cost to the root is added
added to the shortest-path tree. h t

to the shortest path tree. In this example, the vertex 4.4.4.4 is
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This figure shows the current shortest-path tree described by
t
directed graph. RTD is the newly added vertex.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
h
vertex is added to the candidate list.
t
this example, examine the LSA whose LS ID is 4.4.4.4, no new
s :
If the candidate at this step list is empty, the shortest-path tree
c e
has been completely built and this stage of the procedure
terminates.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The stub network are added to the tree in the procedure’s
h t
second stage. In this stage, the Router-LSA of every router’s
vertex is examined, then stub network link appearing in the LSA
is examined.
s :
c e
In this example, RTA’s Router-LSA is first examined, three stub
u
networks are includedr in the LSA.
s o
Re
n g
n i
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This figure shows current shortest-path tree described by the
the tree. h t
directed graph,three stub networks N1, N2 and N3 are added to
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Examine RTB’s Router-LSA, two stub networks are included in
the LSA.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This figure shows the shortest-path tree described by the
t
directed graph, two stub networks N4, N5 are added to the tree.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Examine RTC’s Router-LSA, only stub network is included in the
LSA.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
t
directed graph, stub network N7 is added to the tree.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Examine RTD’s Router-LSA, two stub networks are included in
the LSA.
t
hnetwork table show the routes
The shortest-path tree and stub
destined for all networks. s:
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This figure shows the final shortest-path tree described by the
t
directed graph, two stub network N8, N9 are added to the tree.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
p and virtual link.
What are link types described by Router-LSA?
t tstub
h
Four types: point-to-point, transit,
:
What information is contained in Network-LSA except LSA
s
header?
The network address c
e
u r mask and list of routers attached to this
network.
s oof calculating SPT?
Re
What are stages
g networks, the second stage is to calculate the links to

Two stages: the first stage is to calculate links between routers
n
inetworks.
and transit
n
a r
stub
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
There are several LSDBs on Area Border Router (ABR) , ABR
ABR gets the routing information

t
maintains a separate LSDB for each area .
h from the non-backbone area’s
s
link state information , and :advertises them into backbone area.
c e it to the other non-backbone areas.
So backbone area advertises
ABR needs to get u r
o backbone area’s link state information and
esall non-backbone areas .

calculate routes about backbone based on LSDB, then
advertises itRto
n g
In this case:
RTAigenerates the link state information about N1 , and flood it
r nRTB .
e aRTB receives the routing information about N1 , and flood it into
to
L backbone area .
re
Mo RTC receives the routing information ,and flood it to RTD .

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp Area2 and Area3 is
In this case :
allowed , inter-area loop might h

t
If sending routing information between
happen.
:
exchange the routing c es areas
In order to avoid loop between , It is strictly prohibited to
Only send routing u r information between non-backbone areas .
o information within one area or between

backbone areasand non-backbone areas is allowed .
Thus, eachR
e
ABR must connect to backbone area directly .
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
In this case:
p :
RTA ’s router id is 1.1.1.1 , RTB tist2.2.2.2 , RTC is 3.3.3.3 , RTD
is 4.4.4.4 . h
s :
All port’s cost is 1 .
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp IP address.
Network-Summary-LSA contains the information:
h t
Link State ID stands for the destination
: this ABR to destination network .

Net mask stands for the destination mask.
s
c e
Metric stands for the cost from
u r for instance , procedure of routing

Take network 10.1.1.0/24
s o areas act as follow :

advertisement between
Re of area 1 ) advertise the routing information of

First , RTB( ABR
g
this network into backbone area .
n
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Then , RTC learned the routing information of 10.1.1.0/24 from
RTB through backbone area.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
At last , according to Network-Summary-LSA which has learned
h
LSA ,and flood that into area2 .
t
from backbone area , RTC generated a new Network-Summary-
in this new LSA : s :

ce
r
Advertising Router changes to RTC 's Router ID .
u must be recalculate , change the cost into
o
The cost to destination
s RTC to destination .
e
the sum cost from
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Backbone area must be continuously , but it doesn’t need to
h t
make a physical continuous connection, virtual link can be used
to make a logical continuous connection .
s :
Virtual link can be built up between two discretional ABRs , each
c e
ABRs must have one port connected to the same non-backbone
area .
u r
s o
Virtual link belongs to backbone area ( Area 0 )
Re
In this case , between RTA and RTB a virtual link is built up ,
ng
which makes RTB connect to backbone area .
i
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Two endpoints of Virtual link have to exchange protocol packets ,
h t
but neighborhood of virtual link is identified by router id , which
can’t act as the destination address of protocol packet . How to
s :
identify the destination IP address with protocol packet ?
Each endpoint of virtualelink has to calculate two shortest-path
r cpicture , RTB which is the endpoint of
tree , as shown on the
o ucalculate shortest path tree of area1 with root
s hand, RTB has to calculate the shortest-path
virtual link , has to
itself. On the e
tree in areaR1 which regard RTD as its root ( the shortest path
other
g link neighbor ) . So as RTD .

tree ofnvirtual
n icalculating the shortest-path tree of virtual link , search how
a rreach to local router on the shortest path tree ( use router id
After
Le as
to
it’s identifier) , the IP address on virtual link neighbor which
re connected to local area router is the protocol packet destination
Mo
IP address .

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this case, there is no backbone area, its area ID is 0. How do
t
these three areas exchange their routing information each other?
h a virtual link between two
This problem is done by configuring
ABRs, RTA and RTB. s :
Virtual link is a part ofc e
u r backbone area , all the virtual links belong
to area 0 .
s o
R e
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this case :
On RTB , after configuring routet
20.1.1.1/32 and 20.1.1.2/32 can h be aggregatedrouting
aggregation, information
into 20.1.1.0/24.
s
When RTB advertises routing : information to backbone area by
Network-Summary-LSAe, only 20.1.1.0/24 which has already
been aggregated is r
c
is not advertised.o
u advertised out and detail routing information
e s
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tonpRTA , because configure
Configure these four networks of RTA into area 1 .
h
Don’t configure route aggregation t
route aggregation on RTA is meaningless , between RTA and
:
s can’tisgenerate
RTB detail link state information advertised , but not routing
c e
information , moreover RTA Network-
Summary-LSA. ur
s otwo networks of RTC into area 0 .
Re
Configure these
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Configure route aggregation in RTB’ s area view ( the area that
t
detail routing information is generated )
abr-summary ip-address maskh[ advertise | not-advertise ]
:
advertise˖Advertises thessummarized route or not.
c e the summarized route.
r
Not-advertise˖ Not advertises
u
s o
By default ,only aggregated route can be advertised .
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When advertising the area1 routing information into backbone
h t
area , RTB uses a Network-Summary-LSA to describe the
aggregated routing information 20.1.1.0/24 of area1, network
s :
20.1.1.1/32 and 20.1.1.2/32 can not be flooded by Network-
Summary-LSA .
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTC's routing table , only aggregated routing information
20.1.1.2/32 . h t
20.1.1.0/24 exists, no detail routing information, 20.1.1.1/32 and
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
p is routing information
Is it link state information that is transmitted between areas ?
t tareas
No , the one transmitted between
h
,but not detail link state information.
s :?
e
How to avoid inter-area loop
Only exchange routingcinformation between backbone and non-
u r, exchange routing information between
backbone is allowed
non-backbone s
o
How to get R
e areas is prohibited.
IP address of the other endpoint router on virtual link?
n gIP address of virtual link through shortest path tree .
iroute aggregation is configured on what type of router ?
Find the
n
a r
The
Le area border router ( ABR ).

On
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp on RTC , import that
In this case :
t
h route .
Configuring a static route to 10.4.1.0/24
static route to OSPF as an external
s :
c e
RTC will generate an AS-External-LSA to describe the imported
r
route , RTB will generate
the path to ASBR (uRTC ).
an ASBR-Summary-LSA to describe
s odescribes how to get to the external destination

e
AS-External-LSA
from ASBR.R
n g
ASBR-Summary-LSA describes how to get to the ASBR from
ABR.i
r n
e a
L
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
p :
This is an AS-External-LSA generated by RTC .
LSA header of AS-External-LSA t istshown as follow :
h
: ID .
LS ID stands for destination IP address .
s
Adv rtr stands for ASBR's
c e router
Other fields is shownras follow:
u
Net mask standsofor destination network mask .
e s
Metric can beR. configured when import an external route , by
n g
default is 1
ni route information can take a tag. Tag is used to take

External
a r
additional route information. Tag is normally used by route policy
Le , and its default value is 1 .
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This is an ASBR-Summary-LSA in area 1 which is generated by
RTB .
h t
When ABR floods an AS-External-LSA to the other areas, it will
s
generate an ASBR-Summary-LSA: at the same time , which
describes the location ofeASBR ,and floods it to the other areas .
r c:
o
In ASBR-Summary-LSAu
e s ASBR's Router ID ;
LS ID stands for
R for ABR's Router ID;
Adv rtr stands
g
Metricnstands for the OSPF cost from ABR to ASBR.
ni4 LSA only can be flooded within one area , when type 5
a r
Type
Le type 4 LSA , to describe how to reach to ASBR , thus , there are

LSA flooded to one area , interrelated ABR will generated a new
re many type 4 LSA to describe the same ASBR . But the
Mo advertising router and metric fields are different , it means the

ASBR information is from different ABR .

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
This is RTA's LSDB .
t
h routing information
In this LSDB , there is an ASBR-Summary-LSA
External-LSA In LSDB , the external
and an AS-
and the
:
s are separated .
other link state information
e
AS-External-LSA dosecnot belong to any area.
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There are two types of external route, type 1 external route ( E1 )
h t
and type 2 external route ( E2 ) Type 1 external route ( E1 ): the
cost of a Type-1 external route equals the cost for the router to
s :
reach the corresponding ASBR plus the cost for ASBR to reach
the destination.
c e
u r
Type 2 external route( E2 ): the cost of a Type-2 external route
s o
equals the cost for ASBR to reach the destination.
R
Type 1 external e route ( E1 ) is prior to Type 2 external route( E2 )
ng external route type in VRP platform is Type 2(E2).
forever.
The i
r nthis case :
default
aIn
Le RTA advertise a AS external route to N1 , with type E1 , cost is
re 100 RTB advertise a AS external route to N1 , with type E2 , cost
Mo
is 20 RTC receives type 5 LSA from RTA and RTB , RTA's
declaration is E1 , RTC considers the cost from RTA to N1 is
100+1=101 , RTB's declaration is E2 , so RTC considers the cost
from RTB to N1 is 20 (ignore the cost inside ) , due to E1 has
more priority than E2 ,so RTC chooses RTA as the next-hop to
N1 , despite the cost is larger .

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
According to the topology ,10.1.1.0/24 belongs to OSPF domain ;
RTC doesn’t run OSPF .
Configure a static route on RTB
t
h to RTC's loopback 0 , and import
s : RTA learns the external route
it to OSPF as a external route.
c e is RTB , thus this route is
through OSPF , but next-hop
u
suboptimal route, the rbest next-hop is RTC's interface E0/0.
OSPF can set s o
forwarding address to resolve that problem .
R e
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp 10.1.1.0/24 in area 0 .
In this case :
h
Run OSPF on RTA and RTB , configuret
RTC doesn’t run OSPF e .s
:
Configure RTA 's router id 1.1.1.1 , RTB is 2.2.2.2 .
r c route to RTC's loopback 0 20.1.1.0/24 ,

uOSPF .
On RTB , define a static
o
scase , using forwarding address to select the best
and import that into
e
R
Basing on this
g
route is discussed.
n
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
By default , when generate AS-External-LSA ,forwarding address
is set to 0.0.0.0 .
t
If the import route's next-hop ishin OSPF domain , the forwarding
address which describe the s :AS-External-LSA must be set as the
c e table.
next-hop of ASBR in routing
In this case , RTB u r the next-hop of the static route is
s
10.1.1.3 , in OSPFo domain , the forwarding address in RTB's AS-
defines
External-LSAReis set to 10.1.1.3 .

n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tpzero , the next-hop of the
After receiving that LSA , RTA calculates AS external route .
If forwarding address doesn’t settto
route is the forwarding Addresshnext-hop in routing table .
s : is set to 10.1.1.3 , after
eroute is 10.1.1.3 either .
In this case , forwarding address
c
r
calculation the external
u
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this case :
RTC is an ASBR.
h t
:
Configure static route on RTC and import that into OSPF , thus
s
e
network 30.1.1.1/32 and 30.1.1.2/32 are acting as external route
c
of OSPF.
u r
o
Configure route aggregation on RTC , and aggregate 30.1.1.1/32
esinto 30.1.1.0/24 . After configuration , RTC
and 30.1.1.2/32
advertises aRroute to 30.1.1.0/24, does not advertise the detail
n g
route information 30.1.1.1/32 and 30.1.1.2/32 out.
n i
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp on area 1 ,
On RTA , two networks are advertised in area 1.
h t
RTB advertises 2.2.2.2/32 and 10.1.1.0/30
10.2.1.0/30 on area 0 .
:
RTB is the ABR of area 1.sWhen RTB advertises an AS-External-
c e an ASBR-Summary-LSA at the
rto describe the ASBR information (RTC) .
LSA in area 1 , it will generate
u
o
same time , in order
s
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTC , import direct route , and then , configure external route
aggregation .
Import external routes : h t
s :
e
import-route protocol [ allow-ibgp ] [ cost value ] [ type value ] [
c
tag value ]
u r
When import e
o
[ route-policy route-policy-name ]
s routes , route cost , external route type
and tag canRbe configured manually .
external
n g
i
allow-ibgp˖when
n import-route
protocol is BGP , allow-ibgp is optional key
r
word. bgp means only EBGP routes can be
aIBGP can be imported .bgp allow-ibgp means both EBGP and
Le imported , import-route
re External routes aggregation :
Mo asbr-summary : ip-address mask [ not-advertise | tag tag-value ]

not-advertise˖not advertise routes matching the specified IP
address or mask. If it is not specified, the summarized route will
be advertised.
tag-value˖specifies the tag value that is mainly used to control
advertisement of routes through route-policy. The value ranges

from 0 to 4294967295. By default, the value is 1.

By default ,only aggregated route can be advertised .
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTC generates type 5 LSA , in this LSA only 30.1.1.0/24 exists ,
30.1.1.2/32 . h t
there is no detail,routing information about 30.1.1.1/32 and
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTB generates a type 4 LSA , describes how to reach to ASBR
t
(RTC) from RTB , and floods that information in area 1 .
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Routing table inside AS , there is no detail routing information ,
t
only aggregated route 30.1.1.0/24 exists.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tpnetwork . RTB is the ASBR
In this case :
There are two OSPF domains intthis
of the two domains . h
RTB must run two OSPF s
:
c e processes .
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTA , there is only one OSPF process , advertise all
networks in area 0 .
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
RTB runs two OSPF processes , configure different router id for
each OSPF process .
When configure each process h
t
, import the routing information
which belongs to the other :
sprocess into itself .
c e
u r
s o
R e
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTC , there is only one OSPF process , advertise all
networks in area 0 .
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
All the routing information learned by the other OSPF process is
AS external route .
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There are two LSDBs on RTB , each process maintains its own
LSDB.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Which type of router generates type 4 LSA and type 5 LSA
respectively?
Type 4 LSA is generated on ABR
t
h , each LSA is flooded within
s : on ASBR , and flooded within AS
area , type 5 LSA is generated
What’s the difference c e two types of external routes?
u r is different , type 1 external route ( E1 )
between
o
Cost calculation method
cost is the sumsof AS inside cost and AS outside cost .
Re route( E2 ) cost is the AS outside cost , AS inside
Type 2 external
n g .
cost is ignored
n ito specify the Forwarding Address field?
a r
How
Le OSPF domain , the forwarding address must specify as the next-

On ASBR , if the next-hop of imported external route is in the
re hop of the external route , if the nexthop of the imported external
Mo route is outside the OSPF domain , the forwarding address is

specified as 0.0.0.0 .

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tpinto stub area . If the inside
Special area is allowed to configure into stub area in OSPF .
t
router wants to reach outside ,hthere is a default route generated
AS-external-LSA can not be flooded
by ABR . s :
c e the requirement of the memories,
rsize of LSDB .
Using stub area can reduce
u
CPU usage and the
In this case : s
o
Re , configure area 1 into a stub area , RTB is area
RTA is an ASBR
1's ABRg.
i n
r
RTAn .floods the external route into AS inside through AS-external-
e aLSA
L RTB only advertises one default route into area 1 through
re Network-Summary-LSA , but not AS-external-LSA .
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp on RTC , which is
In this case :
t
h an ASBR .
A static route to 10.4.1.0/24 is configured
imported into OSPF , so RTC is
s : id ; RTB uses 2.2.2.2 as its router
aseits router id .
RTA uses 1.1.1.1 as its router
id ; RTC uses 3.3.3.3 c
u ra stub area .
o
Configure area 1 as
s
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
This is a Network-Summary-LSA in area 1 which generated by
RTB .
RTB describes a default route h
t
through a Network-Summary-LSA,
and floods it within area 1.s :
c e areas still need to be advertised
r 3 LSA.
Routing information between
u
o
into stub area by type
s
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
A stub area can be configured as totally stub area by configuring
ABR .
t
h stub area , only one default
If an area is configured into a totally
s
route is advertised into this:area through Network-Summary-LSA
. There isn’t any routingeinformation between areas ,or outside
c
AS . In another wordr, totally stub area can’t flood Summary-LSA
o u or AS-external-LSA .
s
(except default route)
e
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
NSSA means Not So Stubby Area.
h t
NSSA and Stub area are analogous. Both of them can’t receive
AS-external-LSA, but there is another way for NSSA to advertise
external LSA.
s :
In this case :
c e
u r
Create loopback0 on RTA, RTB and RTC , with the IP address
s o
1.1.1.1 ,2.2.2.2 ,3.3.3.3 .
Re
RTA's router id is 1.1.1.1 , RTB's router id is 2.2.2.2 , RTC's
ng
router id is 3.3.3.3 .
ni
Configure network 1.1.1.1/32, 10.1.1.0/24 in area 0 . Configure
ar
network 2.2.2.2/32, 10.2.1.0/24 in area 1.
Le
Configure static route to 10.4.1.0/24 on RTC with the next-hop is
10.3.1.2 , import the static route into OSPF , and configure area
re 1 into NSSA .
Mo RTC advertises one NSSA-LSA ( type 7 ) into area 1 , this LSA is

used to describe the external route .
Type 5 LSA can’t be flooded within NSSA area. But Type 7 LSA
can be flooded inside NSSA area, so ABR of NSSA need to
translate the NSSA-LSA into Asexternal-LSA, and flood that to
the other areas.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This is a NSSA-LSA generated by RTC (Type 7 LSA).
h t
In this case , RTC imports a static route into OSPF ,RTC
generates a NSSA-LSA and describes a routing information to
s :
10.4.1.0/24 which is outside AS , the key word is set as follow :
c e
LS ID is set as destination IP address ;
u r
Options field shows this LSA can be translated into an AS-
s
external-LSA by ABR;o
Re
Default metric is 1;
ng
E type (external route type) type 2 by default ;
ni
The rule of setting NSSA-LSA ‘s Forwarding Address is
ar
described as follow:
Le
If options field shows this LSA can be translated into type 5 LSA ,
the forwarding address can’t be set to 0.0.0.0 . If the next-hop of
re the import route is in the OSPF domain , the forwarding address
Mo
is set to the next-hop of the imported external route ; If the next-
hop of the import route isn’t in the OSPF domain , the forwarding
address is set to the stub interface address which belongs to the
ASBR inside the OSPF domain ( loopback 0 for example ). If
there are many stub networks , the largest IP address is selected
.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When RTB ( the ABR of area 1 )receives that NSSA-LSA , the
The key words is set as follow : h t

LSA is translated into an AS-external-LSA .
s :
LS ID and Network Mask are copied from the original NSSA-LSA
c e
, describe the routing information to 10.4.1.0/24 , which is outside
the AS .
u r
s o
If not recalculate the metric , or not set metric when configure ,
e
the metric is 1 by default .
R
ng
Forwarding address is copied from the original NSSA-LSA ,
without changes .
ni
ar
Thus , the router outside the NSSA area calculate next-hop , just
according to the forwarding address of AS-external-LSA .
Le In order to prevent to duplication of external routing information ,
re if there are several ABR inside the NSSA area , only one ABR
Mo
can translate the NSSA-LSA into AS-external-LSA , so this ABR
is called the translator of NSSA .
Translator is elected by router id . NSSA area ‘s ABR will identify
itself with one bit in Router-LSA , with checking the Router-LSA
within one area , every NSSA ABR can maintain a list of ABR ,
and elect the one with lager router id as the translator .

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A default route can be advertised into NSSA through configure
but not Network-Summary-LSA. h t

NSSA's ABR , this default route is described by a NSSA-LSA ,
s :
In this case , RTB generates a default route ,with LS ID is 0.0.0.0
c
, Network mask is 0.0.0.0. e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
In this case : :
p , RTC is an ASBR ,
t tRTC
Importing direct route in OSPF on
30.1.1.1/32 and 30.1.1.2/32 are himported as external routes .
s :area , so RTB can’t flood type 5 LSA
Configure area 1 as a stub
c eroute can be advertised into area 1.
r
into area 1 , only default
u
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTA , all the networks are configured into area 1 , stub area
t
must be configured on every router in the stub area .
On RTB , configures area 1 asha stub area in area view .
s :
c e
u r
s o
Re
n g
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTC , imports direct route .
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In RTA's routing table , only default route and AS internal routes
h t
which advertised by RTB can be learned by OSPF , there is no
AS external route in the routing table .
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
After configuring stub area on ABR (RTB), stub no-summary
t
command is used to configure area 1 into a totally stub area .
h totally stub area , the ABR
After configuring the first area into
s : and transmit type 3 , type 4 and
inside that area will not generate
c e routes or AS external routes can be
type 5 LSA , so no inter-area
u
advertised into a stubr area .
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTA's (totally stub area router's )routing table , only a default
h t
route and the routes within it’s own area exist in OSPF routing
table, there is no external route or inter-area route .
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
In this case : :
p Imported on RTA and
ttare
h ASBRs .
IP addresses of loopback interface
RTD , so RTA and RTD became
s : Enable RTC to advertize default
route in NSSA area, itcisenecessary to import external route on
Configure area 2 into NSSA.
r route to entire AS, but the external

RTD, and flood theuexternal
route importeds o RTA can’t be flooded into this area .
from
Re 1 as a normal area , so the both RTA and RTD's
Configure area
externalgroute can be flooded into area 1.
i n
rn
e a
L
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tanpAS-external route .
On RTA , configure 1.1.1.1/32 and 10.1.1.0/24 in area 1 .
h
Import direct route 20.1.1.1/32 ast
Configure RTB as an ABR.
s :
c e
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Configuring area 2 as a NSSA ,RTC is an ABR of NSSA (Area 2).
h t
Due to type 5 LSA can’t be advertised into this area , it is
necessary to advertise a default route for ABR of NSSA. On RTD
s :
, configure area 2 into NSSA , and import direct route 30.1.1.1/32
as external route .
c e
u r
nssa [ default-route-advertise ] [ no-import-route ] [ no-summary ]
s o
default-route-advertise˖Specifies generating default Type-7 LSA
Re
to the NSSA area. Only can be used on ABR or ASBR in NSSA ,
ng
after configuration , if it's an ABR , no matter default route exist
ni
or not in the routing table , a default route will always be
ar
advertised into area through Type-7 LSA ; if it’s an ASBR , only
Le
default route in the routing table , an default route can be
advertised into area through Type-7 LSA .
re no-import-route˖Specifies to disable import route to the NSSA

Mo area. only can be used on the router , which is an ABR of NSSA ,
also an ASBR of OSPF domain , ensure all the external route
can get into OSPF domain .
no-summary˖Specifies ABR is disabled to transmit type 3 and
type 4 LSAs to the NSSA area. After using that parameter ABR
will generate a default route into NSSA with type 3 LSA .

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Due to using default-route-advertise and no-summary parameter
and type 3 default route separately. h t

at the same time, ABR of NSSA advertises type 7 default route
s :
In this case, type 3 default route is selected. ( type 7 default
c e
route is considered as an AS external route with the precedence
150 ).
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Besides default route , there is no type 3 , type 4 and type 5 LSA
information learnt by OSPF . h t

advertised into this area , so there is no detail external routing
s :
Neither imported route to 20.1.1.1/32 on RTA nor inter-area
routes is learnt .
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpwhich advertised by RTD .
On RTC's routing table :
30.1.1.1/32 is learnt from type 7 t
h LSA
:
20.1.1.1/32 is learnt from type 5 LSA which advertised by RTA .
s
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
ABR( RTC ) of NSSA , convert type 7 LSA into type 5 LSA , so in
h t
RTB’s routing table , all the external route is learnt through type 5
LSA , including imported route to 20.1.1.1/32 on RTA and
s :
imported route to 30.1.1.1/32 on RTD .
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
p area can’t flood type 3
What’s the difference between Stub Area and Totally Stub Area?
t tstub
hroute )
Stub area can flood type 3 , totally
and type 4 LSA ( except default
s : Stub Area and NSSA Area?
e
What’s the difference between
Stub area can’t importcexternal route , NSSA area can import
external route . u
r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Failures within area are mainly caused by neighbors relationship.
h t
It is not difficult to deal with that problem. Firstly, “display OSPF
error” command is used to show errors information; Secondly,
s :
“display current-configuration” is used to show configuration of
c e
OSPF; Lastly modify wrong configurations.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
Two routers are directly connected , all the networks are
configured within one area .
After completion of configuration
t
h , check the routing table of RTB
s : of RTA's loopback address .
, there is no routing information
c e by the relationship of neighbors ,
r the error information of OSPF , check
This failure is usually caused
the main way is tou
configurations s o check
according to the error information , and correct the
R e
wrong configurations .
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
"Router id confusion"is found through "display ospf error "
command .
t
h have their own unique router
OSPF requires all the routers must
s
id, which can’t be overlapped :.
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Check the configuration of RTA and RTB , both the router id are
configured as 1.1.1.1 .
t
h ( loopback address ) , the
Change RTB's router id into 2.2.2.2
failure is s :
c e
corrected .
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
p :
"Area mismatch" is found through "display ospf error" command .
OSPF prescribes that the area istatgroup of network , all the
h one area , otherwise the
interface must be configured into
s
neighbourship can’t be built :up .
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After check the configuration of OSPF , two interfaces are
h t
configured into different areas ,after change the configuration of
RTB , all the networks are configured into area 1 , the failure is
corrected .
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
"Netmask mismatch" is found through "display ospf error "
command .
t
h must be the same in
OSPF prescribes the network mask
s
broadcast , NBMA , Pto- MP : network , otherwise the
c e up.
neighbourship can’t be built
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Checking the configuration of OSPF , the network mask length is
h t
30 on RTA E0/0 , however RTB's network mask length is 24 , if
the network mask length mismatches , the neighbouring can’t be
built up .
s :
c
Change the network mask e length into 30 bit , change the wild
u r failure is corrected .
mask into 0.0.0.3 , the
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
"Wrong authentication type" is found through "display ospf error "
command .
t
Same authentication type musthbe used with in one area ;
Configuring authentications : in area view .
type
c e
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Checking the configuration of OSPF , RTA uses MD5 as its
h t
authentication method , RTB uses clear text as its authentication
method , authentication method mismatch , the neighbourship
can’t be built up .
s :
c e method of RTA into "simple".
Change the authentication
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Changing the authentication method , routing information also
authentication key" is found . h t

can’t be learnt , check the OSPF error information . "wrong
s :
Password must be configured on the interface , OSPF prescribes
c e
the password must be same on different sides of the link .
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpon both sides , the failure is
After check the configuration , password mismatch is found .
h
Change the password into “huawei”
corrected .
t
s :
c e
u r
s o
Re
n g
n i
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
RTA and RTB are connected through frame relay switch , the
network type is NBMA .
t
After checking the routing tableh, RTA can’t learn routes through
OSPF . s :
e shows the local interface's
Analysis of the routingctable
u r interface’s information exist , which
means frame relays o and IP address are correctly configured, they
information and remote
e
can make aRcommunication.
n
Neighborsgstatic
on NBMA network can’t be auto discovered, only
n i
through manually configuring. In this case, it is necessary
a rdesignate neighbor manually.

to
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Check the configuration of NBMA static neighbor , IP address
error is found .
Use 10.1.1.2 as RTA's remote h
t
neighbor identifier ; Use 10.1.1.1
as RTB‘s remote neighbor :
sidentifier .
e
c the failure is corrected.
r
Configure a static neighbor,
u
s o
R e
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This slide makes a summary of the neighbor failures , P-to-P
h t
network don’t need to consider the network mask , manually
configured peer only exists on NBMA network , other
s :
configurations are suitable for all network types .
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp other through serial link ,
In this case :
These three routers connect withteach
h ; RTB uses 2.2.2.2 as its router
RTA uses 1.1.1.1 as its router id
s
id ; RTC uses 3.3.3.3 as its:router id .
e area 0 , Network 10.2.1.0/30 is in area
Network 10.1.1.0/30 iscin
u r is in area 2 , all links use the same
bandwidth , so s o router has two equivalent path to the
1, Network 10.3.1.0/30
each
Re .
opposite network
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In RTA's routing table , there is only one route to 10.2.1.0/30
Trouble analysis: h t
through backbone area ,with the next-hop is 10.1.1.2.
s :
e
Routing information inter-areas only can be advertised through
c
r
area 0 , can’t be advertised between non-backbone area , thus ,
u
s o
RTC can’t advertise the routing information 10.2.1.0/30 to RTA
directly , so only area 1's ABR˄RTB˅can advertise the routing
R e
information 10.2.1.0/30 to RTA , in RTA's routing table , with the
g
next-hop only 10.1.1.2 (RTB).
n routing table , the routing information reach to
ni
In RTB's
a r
10.3.1.0/30 has only one next-hop 10.1.1.1 (RTA).
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Configure a virtual link between RTB and RTC , virtual link use
h t
area 1 as transit area , the aim of configure virtual link is to make
RTC connect to backbone area , so that , RTC can advertise
s :
routing information to backbone area .
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After change the configuration , check RTA and RTB's routing
h t
table ,RTB‘s routing table is correct , in RTB's routing table ,
there are two next-hops to 10.3.1.0/30, which means equivalent
s :
route . But there is only one next-hop to 10.2.1.0/30 on RTA .
Trouble analyse:
c e
u r
s o
After configure virtual link between RTB and RTC , area 1 is
transit area , so RTC only can advertise area 2's routing
R e
information to RTB through area 1 , RTC can not advertise area
g
1's routing information to RTA through area 2 , so in RTA ‘s
ntable , there is only one next-hop to 10.2.1.0/30 .
n i
routing
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
Configure a virtual link between RTA and RTC , the transit area
of virtual link is area 2 .
t
Virtual link is use to make RTChconnect to backbone area , RTC
can advertise area 1 and s : 2's information to backbone area
area
at the same time .
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Check RTA and RTB's routing table again , route item is correct ,
the equivalent route exist .
Summary : h t
s :
e
When configure OSPF areas , if a router connect more than two
c
r
areas , one of them must be area 0 , this link can be physical link
u
o
, also can be virtual link .
s
R e
Make sure ABR advertise all the route directly connect from non-
backbone area to backbone area .
n g
When build a network , avoid to use virtual link , use backbone
areaias hub node , non-backbones area as spoke node , don’t
rn a connection between nonbackbone areas .
amake
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp into area 1. Configuring
In this case :
h t
All the networks on RTC are configured
route aggregation on RTB, aggregating 20.1.1.1/32 and
20.1.1.2/32 into 20.1.1.0/24,:
s advertises
when RTB advertises routing
c e
information to area 0 , only 20.1.1.0/24 , detail routing
u
information 20.1.1.1/32r and 20.1.1.2/32 are restrained .
o1.1.1.1 ; RTB 's router id is 2.2.2.2 ; RTC 's
RTA 's router idsis
Re ; RTD 's router id is 4.4.4.4 .
router id is 3.3.3.3
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Check RTA's routing table , routing information is incorrect , the
h t
detail routing information uses RTD as next-hop , the aggregated
routing information uses RTD as next-hop , they are all existing .
Trouble analyse : s :
c e
r
Because the detail routing information select RTD as next-hop ,
u
s o
which means RTD only advertises detail routing information
,while not aggregated routing information ,maybe it doesn’t do
R e
routing aggregation . Aggregated route selects RTB as next-hop ,
g
which means RTB advertise routes correctly .
nconfigure route aggregation on many of ABRs , route
n
Wheni
r
aggregation should be configured on all the ABRs , not only on
apart of them .
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There is an aggregated route in RTD's routing table , this route
to RTD . h t
item is advertised through backbone area , but it is meaningless
s :
Why there existing that invalid route , because route aggregation
c e
is just configured on RTB but not on RTD .
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There is also an invalid aggregated route received through
aggregated route to RTC . h t

backbone on RTC‘s routing table. RTD advertised this
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Checking the OSPF configuration on these two ABRS , route
aggregation on RTD . h t
aggregation is correctly configured on RTB , but there is no route
s :
Correctly configure route aggregation on RTD can resolve that
problem .
c e
u r
s o
It shows , if the route aggregation is not properly configured ,it
can cause route loop .
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
In this case : :
p , which makes area 2
t tRTC
connected to backbone area . h
Configuring virtual link on RTB and
Configuring route aggregation on
s :
area 1, and aggregate 20.1.1.1/32 and 20.1.1.2/32 into
20.1.1.0/24 on RTB . e
r c ; RTB's router id is 2.2.2.2 ; RTC's
o u; RTD's router id is 4.4.4.4 ;RTE's router id is
RTA's router id is 1.1.1.1
s
router id is 3.3.3.3
5.5.5.5 . Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
RTA's routing table contains both aggregated route and detail
t
routes ; but there is only detail route in RTE's routing table .
h are normal .
Except that , other routes of OSPF
s :
Trouble analyses :
c e both aggregated route and detail
raggregation isn’t configured on all area 1's
RTA's routing table exists
u
o
routes , due to route
s
Re
ABR .
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Checking the OSPF configuration on RTB and RTC , RTB has
h t
configured route aggregation , RTC didn’t configure route
aggregation , that's why RTA's routing table contains both
s :
aggregated route and detail routes , because RTB advertises
aggregated route to RTA
c ethrough backbone area , however ,
u
RTC advertises detail r routes to backbone through virtual link .
s
But , why is thereono aggregated route , only detail routing on
RTE? Re
n
Because gtype
, when configure virtual link on a router , if the router
n i
learns a 3 LSA through virtual link transit area , this LSA can
r processed.
be
abackbone
In another word , the LSA must exist in both
Le processed.
area's and transit area's LSDB , this LSA can be
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTC learns aggregated type 3 LSA through backbone area (
t
virtual link ) , this LSA is advertised by RTB .
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This virtual link's transit area is area 1, but RTB aggregates area
that ‘s why there's no h t

1's routes , so RTB will not advertise aggregated route to area 1 ,
s :
aggregated type 3 LSA in area 1's LSDB , and also , RTC will not
c e
process the aggregated route learnt from virtual link .
u r
s o
RTC can’t process the aggregate routes learnt from backbone
area , so RTC can’t advertise aggregated routes into area 2,
Re
there is only detail routes on RTE , but no aggregated route .
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
What are common reasons for failure of establishing OSPF
neighbor relationship?
h t
Router id confusion , area id mismatch , network mask
mismatch, authentications :
type and authentication password
c e
mismatch, external routing capability mismatch , wrong static
u
neighbor configurationr on NBMA network .
s o to the Backbone Area?
Must ABR be connected
ABR must be Reconnected to the Backbone Area (area 0) , both
physicalglink and virtual link can be used .
i nconfiguring route aggregation, is it necessary to configure
n
When
r
e aaggregation on all ABRs?
L When configuring route aggregation , you must configure
re aggregation on all ABRs.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Due to the storage memory limitation , if LSDB is very large ,
overflow . h t
some router can’t store the entire LSDB , this is called LSDB
s :
LSDB overflow always cause by AS external LSA ( type 5 LSA )
c e
which has a very large number .
u r
s o
The size of LSDB can be reduced through configuring area into
stub or totally stub area .
Re
This chapter introduces another method to deal with overload of
ng
type 5 LSA , without configuring stub area or NSSA .
i
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RFC1765 defines a new OSPF parameter : ospfExtLsdbLimit ,
configuration of VRP platform . h t

which means the maximum quantity of type 5 LSA, the
lsdb-overflow-limit number s :
c e
r
number˖The number of type 5 LSA in LSDB , range is
u
o
1~1000000 , by default this function is disabled .
s
Re
When type 5 LSA in LSDB is overloaded , router gets into
overflow state , the type 5 LSA generate by itself is aging . and
ng
no more type 5 LSA can be generated .
i
nThe overloaded OSPF router can receive type 5 LSA generated
ar by rother outer , but the quantity can’t be larger than the
Le limitation , if receive a new type 5 LSA when overload , the LSA
re will be discarded .
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Demand circuit can be built up when there has traffic , if there is
In this case , branch uses an ISDN

t
no traffic , the link is down , in order to reduce the cost.
h line connect to headquarter ,
using OSPF routing protocol s : , we hope if there is traffic , the
c e
branch can dial up to headquarter , if no traffic , the link
u r ,so the cost is reduced .
disconnects automatically
OSPF can’t sent s ohello packet periodically , also can’t flood LSA
periodicallyR, e
it need to extend the OSPF working mechanism .
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The first extension is that OSPF's hello packet , DD packet and
supports Demand Circuit or not . h t

LSA's Options field add a DC bit, which means this router
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When the router which supports demand circuit to send a hello
packet , DC bit must be set to 1 .
If a router receives a hello packet
t
h with DC bit set to 1 , it will
consider this link as a demand s : circuit link , even though this side
c e
is not configured into a demand circuit link .
u rlink , no matter neighbor is built up or not ,
On a normal P-to-P
OSPF router will s osend a hello packet every 10 seconds , but on
demand circuitRe link , OSPF changes this mechanism :
n
Before theg neighbourship built up , a hello packet is sent every
n i
poll interval (120 seconds by default) , which is used to discover
a r
neighbors .
Le After building up a neighbourship , no hello is sent. The router
re considers its peer is active all the time .
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Line protocol current state is always up , means the data link
, advertise this link's network . h t

layer is up .So the routing protocol believes this link is always up
s :
If this physical link is down due to no data transfer , but the data
c e
link layer is still up , all the networks can be advertised outside
u r
through routing protocol .
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
Flooding LSA on demand circuit : :
p the sequence number or
t tonly
h
1. Content in LSA is changed , not
LS Age .
2. When LS Age reachess
:
c e to MaxAge ( the LSA needs to be
deleted .)
u rcircuit can’t be renewed periodically , it
The LSA on demand
s o circuit extension , the first bit of LS Age (
Re)is set to 1 , which means the LSA can’t age ,
defines on demand
DoNotAge bit
when a g
age i n router receives a LSA with DoNotAge set to 1 , it can’t
n this LSA .
ArDoNotAge LSA will be removed if BOTH of the following
e aconditions are met:
L 1) The LSA has been in the router's database for at least
re
Mo
MaxAge seconds.
2) The originator of the LSA has been unreachable (means that
the demand circuit remains in operative for longer than the
maxage.) for at least MaxAge seconds.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
The mechanism of checking the opposite side on demand circuit
t
is active or not in steady state ( the neighbor is built up ) .
1. If there is data , the demandhcircuit is active .
s :
2. After the demand circuit
c e is active , generate Router-LSA to the
other side .
3. If the other sideu
r
o response LS Ack , means the neighbor is
active , if no LSsAck is received in transit interval (5 seconds by
Re the neighbor is not active .
default ) , means
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this case , RTA is a low-end router , in some situation , the
h t
CPU is overloading , or memory utilization is very high ,the
administrator hopes the great traffic don‘t pass through RTA also
s :
hopes the networks¡¯traffic directly connected to RTA can’t be
interrupted .
c e
u r
VRP platform support a stub router , when a router is configured
s o
as stub router, the Router-LSA of this router , the metric of non-
Re
stub connection network is set to a very large value ( 65535 ) , so
ng
this link can’t be chosen , the cost of a stub connection network
is not change , so the data sending to a stub network can’t be
ni
interrupted .
r
astub-router
Le stub-router command is used to configure this router into a stub
re router .
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When RTA is configured as a stub router , in the Router-LSA
stub network's cost is not changed . h t

generated by itself , cost of non-stub network is set to 65535 ,
s :
Due to non-stub network's cost is very large , the other router will
c e
keep away from this router , so the traffic on this router is
reduced .
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
What type of LSA is limited in LSDB overflow protection ˛
Type 5 LSA .
h t
:
How to send and receive Hellos over Demand Circuit ˛
s
e
Before establishing neighbor relationship , Sending Hellos every
c
Poll interval.
u r
s o
After establishing neighbor relationship , No sending Hellos .
R
How to age LSA e over Demand Circuit ?
Set the g
n first bit of LS Age˄DoNotAge bit˅to one .
i the cost for the network to which Stub Router is attached
n
What’s
?r
a
Le Non-stub network's cost is 65535 , stub network's cost is not
re changed .
Mo

e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
e n
m /
c o
i .
we
#!* ua
.h
+, n g
n i
ar

le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
SDJH
e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
HCDP-IERN Module 3 BGP .
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

HCDP-IERN Module 3 BGP
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 1 What is BGP
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Autonomous system refers to a set of routers managed by the
strategy. h t
same technical organization and adopts the unified routing
s :
Each autonomous system has a unique AS number which is
allocated by IANA.
c e
u r
s o
We distinguish different autonomous systems by using different
numbers. When the network administrator does not want his/her
Re
communication data to pass some autonomous systems, these
ng
AS numbers become very useful. For example, the network
i
administrator wants to avoid some autonomous systems
n
ar
managed by his competitor or avoid some autonomous systems
Le administrator can specify the path for data transmission by using

which are lack of security mechanism. In this case, network
re routing protocol, routing policy and AS number.

Mo The AS numbers range from 1 to 65535. Among them, AS
numbers 1 to 64511 are the registered Internet numbers while
those from 64512 to 65535 are reserved for private use.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
p within an autonomous
The differences between the IGP and EGP are:
ttrun
h IS-IS. It emphasizes on
1. IGP is the routing protocols that
system such as RIP, OSPF, and
discovery and calculationsof:the route.
c e that run between the autonomous
r
2. EGP is the routing protocols
u
systems.
o
Nowadays, it issoften referred to BGP. BGP emphasizes on
Re advertising and selection of optimal path.
control of route
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
BGP (Border Gateway Protocol) is a dynamic routing protocol
h t
that runs between the autonomous systems. Its basic function is
to automatically exchange the loop-free network reachability
s :
information between the ASs. This network reachability
c e
information contains the list of autonomous system that the
r
reachability information traverses. This reachability information is
u
o
sufficient to construct the topology map of the AS from which the
s
Re
routing loops may be avoided and some routing policies at the
AS level can be enforced. Protocols like OSPF and RIP are
ng
interior gateway protocols (IGPs) that run inside an autonomous
i
n
system while BGP is exterior gateway protocol (EGP) that run
ar
between ISPs.
Le BGP was first introduced in 1988. The earliest versions of BGP
re are RFC1105 (BGP-1), RFC1163 (BGP-2) and RFC1267 (BGP-
Mo
3). The current version of BGP is RFC4271/RFC1771 (BGP-4).
BGP-4 has become the standard routing protocol for Internet.
The features of the BGP are as follow:
BGP provides the exchange of loop-free routing information
between the autonomous systems (loop-free routing is
guaranteed by using the AS-PATH attribute). BGP is policybased
routing protocol. It enforces the policy through abundant BGP
route attributes. It works on application layer and uses TCP as

the transport layer protocol (BGP exchanges the route
between the neighbors on top of the reliable TCP connection).
BGP is a distance vector routing protocol. This means that it will
announce to its neighbors those networks that it can reach by
itself. However, the BGP route selection is not solely based on
the distance (route selection is based on the bandwidth for most
e n
of the routing protocols). The BGP route selection is based on
m/
the abundant route attributes. These attributes attached to the
c o
reachable IP subnets.
i .
Therefore, we called BGP a distance vector routing protocol. It is we
easier to understand BGP as a distance vector routing protocol
ua
when we treat the whole AS as a single router. Apart from
. h
n g
that, BGP has some features of the link state protocol. For
n i
example, incremental updated, advertising route with IP subnet
mask a, etc..
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
To establish the TCP connection, two routers of each connection
h t
must know the IP address of each other. A router can learn the IP
address of another router via direct connection, static route, or
IGP.
s :
The border router of theeISP will try to establish the TCP
r c learning the IP address of the other
u is not established successfully, the routers
connection after successfully
o
s the connection. This process will be
end. If the connection
e
R
will try to re-establish
g
repeated until the connection is established successfully.
nthe TCP connection is successful, two routers will
i
n some information to verify the capability of the other
When
r
exchange
aend or determine the next action to be performed. This is
e
L necessary because any equipment that support IP protocol stack
re
Mo
can support the establishment of TCP connection. However, not
all the equipments that support IP protocol stack can support
BGP. Therefore, the exchange of information is to guarantee the
capability of the router in supporting BGP. After confirming the
capability of the routers, information from the BGP tables is
exchanged.
The two routers that establish the BGP connection form the peer

relationship with each other. To guarantee the normal operation

of the BGP process, the two ends of the peers will send the
keepalive message periodically to ensure the validity of the
connection.
If one end of the peer can’t receive any keepalive message from
its peer within the hold time interval, the BGP process can be
considered has been stopped in the neighbor. Therefore, the
e n
TCP connection will be closed and all the routes learnt from the
m/
neighbor will be removed.
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
BGP uses TCP (port 179) as its transport protocol. TCP can
Periodic updates is not required.h t

ensure the reliable transmission of BGP.
s : incremental routes only (for

eroute, changed route or withdrawn
For route updating, BGP sends
c
example new reachable
r the bandwidth occupied by BGP
route). This greatlyureduces
s oTherefore, BGP is suitable for advertising a
Reof routing information over the Internet.
route advertising.
large volume
n g initialization, BGP router sends all the routes to its

During the
peeriand at the same time it saves the routes which have been
r n in its local database. When the local BGP receives a
e anew route, it will compare this new route with the saved
sent
L information which has been sent out.
re
Mo If the local BGP has not sent this new route before, it will send it
out. Otherwise, the local BGP will compare this new route with
the route already sent. If the new route is better, then local BGP
will send out this new route and at the same time update the
route already sent.
Else, if the new route is worse, it will not send the new route.
What will the local BGP do if it finds out that one of the local

roules fails (for example the corresponding port fails)

and this route was once sent? In this case, the local BGP will
send a route withdrawal message to the BGP peer. In
conclusion, BGP does not necessarily broadcast all the routing
information every time. It only sends the incremental routes after
the initialization, which ensures the minimum communication
between the BGP and its peer.
e n
In addition, BGP sends and receives the keepalive message to
m/
verify the TCP connectivity.
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 3 BGP Message Types
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Routers that run a BGP routing process are often referred to as
h t
BGP speakers. Four types of messages that are exchanged
between the BGP speakers are Open, Keepalive, Update, and
s :
Notification. Among them, Open, Keepalive and Notification
c e
messages are used to establish and maintain the neighbor
relationship.
u r
s o
Open Message: includes the BGP version, AS number of the
Re
sender and etc. After the establishment of TCP connection, two
ng
routers that try to establish the neighbor relationship will
exchange the Open message and check whether the neighbor
ni
relationship can be established.
r
aKeepalive
Le periodically
Message: Keepalive message is exchanged
to maintain the neighbor relationship. It is used to
re verify the connectivity of the peer.
Mo Update Message: Update message is used to exchange the

routing information between peers.
It consists of withdrawn route information, network layer
reachability information and various paths attribute information.
Among the four message types, update message is the most
important message for BGP.
Notification Message: Notification message is the error checking
mechanism used in BGP.

BGP speaker will send the notification message when an error
occurs. This will always cause the BGP connection to be closed.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Marker˖This 16-octet field contains a value that the receiver of
h t
the message can predict. In open message without
authentication,then the Marker must be all ones. Otherwise, the
s :
value of the marker can be predicted by some a computation
c e
specified as part of the authentication mechanism used. The
r
Marker can be used to detect loss of synchronization between a
u
o
pair of BGP peers, and to authenticate incoming BGP messages.
s
Re
Length: This 2-octet unsigned integer indicates the total length of
the message, including the header, in octets. Type˖This 1-octet
ng
unsigned integer indicates the type code of the message. The
i
n
following type codes are defined:
a1r–Open
Le 2 –Update
re 3 –Notification
Mo 4 –Keepalive

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After a transport protocol connection is established, the first
h t
message sent by each side is an OPEN message. If the OPEN
message is acceptable, a KEEPALIVE message confirming the
s :
OPEN is sent back. Once the OPEN is confirmed, UPDATE,
c e
KEEPALIVE, and NOTIFICATION messages may be exchanged.
u r
The following describe each of the Open message fields:
s o
Version ˖This 1octet unsigned integer number indicates the
Re
BGP version number of the originator.
ng
My Autonomous System ˖This 2-octet unsigned integer
i
n
indicates the Autonomous System number of the sender.
r Time˖This 2-octet unsigned integer indicates the number
aHold
Le ofTimer.
seconds that the sender proposes for the value of the Hold
re Upon receipt of an OPEN message, a BGP speaker
Mo
MUST calculate the value of the Hold Timer by using the smaller
of its configured Hold Time and the Hold Time received in the
OPEN message. It is the maximum number of seconds that may
elapse between the receipt of successive KEEPALIVE and/or
UPDATE messages. The value of hold timer increases from
0 to the hold time value. The hold timer will be reset to 0 when
the Keepalive or Update message is receipt. The neighbor will be
declared dead when the hold timer expired.
BGP Identifier ˖indicates the router ID of the sender. This value

is determined during the handshake operation between the BGP
peers. The value of the BGP Identifier is the same for every local
interface and every BGP peer.
Optional Parameters Len ˖indicates the total length of the
optional parameters in bytes. A length value of 0 indicates that no
optional parameters are present.
e n
Optional Parameters: indicates a list of optional parameters used
m/
in BGP neighbor session negotiation. This field is represented by
c o
one or several triplet <Parameters Types, Parameter Length,
i .
Parameter Value> with lengths of 1 byte, 1 byte and variable
we
length, respectively.You can refer the optional parameters from
ua
RFC3392.
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
KEEPALIVE messages are sent periodically between BGP
h t
neighbors to ensure that the connection is valid. Keepalive
message consists of only message header and has a length
s :
of 19 octets. The KEEPALIVE messages are sent at a rate that
c e
ensures that the hold time will not expire When the BGP
u r
connection has been formed between a router and its neighbor,
s o
the Keepalive message will be sent periodically to the peer at
R e
every keepalive interval. This is to ensure the availability of the
g
connection.
n
i
The recommended KEEPALIVE rate is one-third of the Hold
n value. By default, the Keepalive interval is 60s while the
r
Timer
ahold time interval is 180s. The value of hold timer increases from
Le 0thetoKeepalive
the hold time value. The hold timer will be reset to 0 when
re or Update message is receipt. The neighbor will be
Mo
declared dead when the hold timer expired.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Update messages are used to transfer routing information
following field: h t
between the BGP peers. Update message consists of the
s :
Withdrawn Routes Length: (2 bytes unsigned integer) indicates
c e
the length of the withdrawn route. A withdrawn Routes Length of
u r
0 indicates that no routes are to be withdrawn and that no
s o
Withdrawn Routes field is included in the message.
Withdrawn R e (Variable Length) indicates a list of routes to
Routes:
g
be withdrawn. Each route in the list is described with a (Length,
Prefix)ntuple in which the Length is the length of the prefix and
i
thenPrefix is the IP address prefix of the withdrawn route. For
a r
Le example, <19, 198.18.160.0> indicates network 198.18.160.0
255.255.224.0.
re Path Attribute Length: (2 bytes unsigned integer) indicates the

Mo total length of the Path Attribute field in octets. A value of zero
indicates that the path attributes field is empty.
Path Attributes: (variable length) lists the attributes associated
with the NLRI. Each path attribute is a variable-length triple of
(Attribute Type, Attribute Length, Attribute Value).
Network Layer Reachability Information: (variable length)
consists of a list of (Length, Prefix) tuples in which the format is
the same as withdrawn route field. The Length

indicates the length in bits of the following prefix, and the Prefix
is the IP address prefix of the NLRI.
The smallest Update information is 23 bytes (19 bytes of header
+ 2 bytes of withdrawn route length + path attribute length). This
type of update information is called End-of-RIB and it is used in
BGP GR.
e n
One UPDATE message can advertise one route only at one time,
m/
but it can also carry multiple path attributes.
c o
One UPDATE message can also advertise multiple routes at one i .
time, but the path attributes must be the same. we
a
One UPDATE message can list multiple withdrawn routes atuone
time.
g.h
in
r n
e a
/ l
:/
ttp
h
s :
c e
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A notification message is used when error occurs or the peer
h t
connection is stopped. This message carries various error codes
(e.g. timer expiry), error subcode and error information.
s :
Errorcode: A 1 byte field indicaties the type of error. Every errors
c e
is identified by the unique error code. Every error code can
u r
contain one or more error sub codes. If no appropriate
s o
Error Sub code is defined, a zero value is used for the Error
Subcode field. Re
ng
Errsubcode˖
i
n
Message Header Error Sub Codes:
a1r– Connection not synchronized.
Le 2 – Incorrect message length
re 3 – Incorrect message type
Mo Open Message Error Sub Codes:
1 – Unsupported Version Number.
2 – Incorrect Peer AS.
3 – Incorrect BGP Identifier.
4 – Unsupported Optional Parameter.

5 – RFC1771 defines it as Authentication Failure. It is

deprecated in RFC4271.Please refer to RFC1771/RFC4271
6 – Unacceptable Hold Time.
Update Message Error Sub Codes:
1 – Malformed Attribute List.
2 – Unrecognized Well-known Attribute.
e n
3 – Missing Well-known Attribute.
m/
4 – Attribute Flags Error. c o
i .
5 – Attribute Length Error.
we
6 – Invalid ORIGIN Attribute
ua
7 – RFC1771 defines it as AS Routing Loop. It is
. h
deprecated in RFC4271.Please refer to RFC1771/RFC4271.
n g
n i
8 – Invalid NEXT_HOP Attribute.
ar
9 – Optional Attribute Error
le
10 – Invalid Network Field.
/ /
:
tp to diagnose the reason for
11 – Malformed AS_PATH.
the NOTIFICATION. The contents

t
Data: This variable-length field is used
h of the Data field depend upon
s :
the Error Code and Error Subcode. Note that the length of the
c e from the message Length field by

Data field can be determined
the formula:
u r
Message Lengtho= 21 + Data Length. The minimum length of the
e smessage is 21 octets (including message
header). R
NOTIFICATION
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
BGP uses TCP port 179 to establish the connection with its peer.
h t
Similar to the establishment of TCP connection, BGP uses a
series of session and handshakes to establish the BGP
s :
connection. TCP uses the handshake negotiation to advertise the
c
parameters like port. The e handshake negotiation parameters of
u r hold timer of BGP connection, local
BGP include BGP version,
s o information and so on. These
router ID, authentication
R
parameters are e included in the Open message.
g is sent to advertise the routing information to the peer if
After the BGP connection is formed successfully, the Update
n
iis a route to be sent. Update message carries the attribute
message
n
a rthe route when it is used to distribute the routing information to
there
Le the
of
peer. This attribute information can help the peer to select the
re best route. Update message can also be used to inform the
Mo
changes to the BGP peer when the route of the local BGP
changes.
After exchanging the routing information for a period of time
between the local BGP and the peer BGP, the status become
stable when no new route to be advertised. At this moment,
Keepalive message is sent periodically to verify the validity of the
BGP connection. When the hold time for a particular peer is
expired and the local BGP still doesn’t receive any

BGP message from its peer, this BGP connection will be
regarded as invalid. As a result, the BGP connection is closed
and the local BGP will withdraw all the BGP routes learnt from
that BGP peer.
A Notification message is sent to notify the BGP peer when an
error is detected during the running of the BGP. For example, the
e n
local BGP does not support the BGP version of the peer; the
m/
local BGP receives the Update message with illegal structure
c o
from the peer and so on. Besides, the local BGP that exits the
i .
BGP connection will also send a Notification message.
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Idle˖ This is the first state of the BGP connection in which BGP
is waiting for a start event.
h t
Example of start event are establishing a BGP session through
:
s itsanresources,
router configuration or resetting already existing session. After
c e
the Start event, BGP initializes resets a
ConnectRetry timer,rinitiates a TCP connection, and starts
o u that may be initiated by a remote peer.
s to a Connect state.
listening for a connection
e
R
BGP then transitions
g
In case of errors, BGP falls back to the Idle state.
n In this state, BGP establish the firs TCP connection. If
i
nTCP connection is successful, the state transitions to
Connect:
r
the
aOpenSent (this is where the OPEN message is sent). If the
e
L connection is fail, the state transitions to Active. If the Connect
re Retry timer expires, the state remains in the Connect stage, the
Mo timer is reset, and a TCP connection is initiated again.
Active: In this state, BGP always attempt to establish the TCP
connection. If the Connectretry timer expires, it will return to the
connect state. Otherwise, it will enter the OpenSent state. If the
TCP connection fails, it will remain in the Active state and keep
initiating the TCP connection. In addition, BGP continues to listen
for a connection that might be initiated from another peer.
The state might go back to Idle in case of other events, such as

a Stop event initiated by the system or the operator.
OpenSent: In this state, BGP connection has been established.
The Open message has been sent, and BGP is waiting to hear
an Open message from its neighbor. The OPEN message is
checked for correctness. In case of errors, such as a bad version
number or an unacceptable AS, the system sends an error
e n
NOTIFICATION message and goes back to Idle. If there are no
m/
errors, BGP starts sending KEEPALIVE messages and resets
c o
the KEEPALIVE timer. Meanwhile, it will enter the OpenConfirm
i .
state.
we
OpenConfirm ˖ In this state, the BGP process waits for a
ua
h
Keepalive or Notification message. If a Keepalive is received, the
.
g
state transitions to Established. If a Notification is received, or a
n
i
TCP disconnect is received, the state transitions to Idle.If the
n
ar
Hold timer expires, an error is detected, or a Stop event occurs,
a Notification is sent to the neighbor and the BGP connection is
closed, changing the state to Idle.
le
/ /
:
Established˖This is the final stage in the neighbor negotiation.
ttp
At this stage, BGP starts exchanging UPDATE packets with its
peers. The Hold Timer restarts at the receipt of an UPDATE or
h
KEEPALIVE message. If the system receives any
s :
NOTIFICATION message (if an error has occurred), the state
c e
falls back to Idle. The UPDATE messages are checked for
u r
errors, such as missing attributes, duplicate attributes, and so on.
s o
If errors are found, a NOTIFICATION message is sent to the
Re
peer, and the state falls back to Idle. If the Hold Timer expires, or
a disconnect notification is received from the transport protocol,
ng
or a Stop event, the system falls back to the Idle state.
i
n
ar
By using"display bgp peer" command, we always observe these
Le The neighbor state Active indicates that TCP connection fail to

2 states: Active and Established.
re establish. This could be due to the inability of a neighbor to reach
Mo the IP address of its peer or mistakes in the configuration. As a

result, the neighbors not able to exchange the routing
information.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp all the IP routing
•IP Routing Table (IP-RIB)
h t
Entire routing information base, includes
information.
s :
ebase, it includes the routes that will be
•BGP Routing Table (Loc-RIB)
c
r speaker.
BGP routing information
u
o
used by the local BGP
s
Re
•Neighbor List
g
The list of BGP peer
n
i
•Adj-RIB-In
n
a r the routes that are received from other BGP speakers. Adj-
Store
Le advertised
RIBs-In contain unprocessed routing information that has been
re to the local BGP speaker by its peers.
Mo
Adj-RIB-Out
Store the routes that will be advertised to other BGP speakers.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Upon receiving the update data packet from the peer, the BGP
h t
speaker will store this update data packet into the BGP Routing
Information Base (RIB) for route selection. The Adj-RIB-In which
s :
is associated with each individual peer of the BGP speaker is
c e
specified. Then, the update data packets are being manipulated
r
or filtered by the Input Policy Engine associated with the peer.
u
o
The router will then execute the route selection criteria and a
s
Re
best path is selected for every IP prefix. The Loc-RIB contains
only the preferred routes that have been selected as the best
ng
path to each available destination. This best route is then sent to
i
n
the local IP-RIB, and it is under the installation consideration.
r multiple routes to the same IP subnet exist, the best path
aWhen
Le and all the equal cost paths are sent to the IP-RIB for
re consideration. In addition to the best route received from the
Mo
BGP peer, LOC-RIB also contains route that the local router
originates (if configured to do so) about the network inside its
autonomous systems. This is how an AS advertises its internal
networks to the outside world. Before the contents of the LOC-
RIB are advertised to other BGP peers, it must be processed by
the output policy engine. Only the route that has been filtered by
the output policy engine can be installed in the Adj-RIBOut.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
p :
Q. How to discover the neighbor in BGP˛
t tdiscovery
h the neighborsmechanism.
A. BGP does not use any neighbor
Therefore, we have to specify all manually.
:
s and the port number that BGP
e
2. Name the underlying protocol
c
used.
A. BGP uses TCPu
r
o port 179.
sfour BGP message types, and how is each one
R e
3. What are the
used?.
g
n The Open message includes BGP version number, AS
i
A: OPEN:
n of theboth
r
number originator and so on. After the TCP session is
aand determine whether
Le established, neighbors send Open messages to each other
the neighbor relationship can be formed.
re KEEPALIVE: Keepalive message is exchanged periodically to
Mo maintain the neighbor relationship. It is used to verify the

connectivity of the peer.
NOTIFICATION: Notification message is the error checking
mechanism used in BGP. BGP speaker will send the notification
message when an error occurs. This will always cause the BGP
connection to close.

UPDATE: Among the 4 message types, update message is the

most important message in the BGP system. Update message is
used to exchange the routing information between the peers. It
consists of all the information used by BGP to form the loop-free
network structure.
It comprises of Network Layer Reachability Information (NLRI),
path attributes and withdrawn route fields.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

&KDSWHU%*31HLJKERU5HODWLRQVKLS
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Similar to OSPF and IS-IS, BGP learns the route through
h t
neighbor. The route learning process is slightly different between
them. In OSPF and IS-IS, the neighbor relationship is
s :
established automatically. However, in BGP, we have to manually
c e
specify the IP address of the neighbor. Therefore, in BGP, 2
r
routers that are connected directly via physical link might not
u
o
necessarily form the neighbor relationship. In contrast, 2 routers
s
R e
that are not connected directly via physical link might form the
neighbor relationship.
n g
To establish the neighbor relationship, BGP rely on the TCP
i
nTCP connection
connection. The IP connectivity between 2 BGP routers that form
a r
the must be assured. We can use the protocol
Le other than BGP to realize the IP connectivity. In other words,
re either IGP or static route can be used for this purpose. For
Mo
convenience, we call the use of either IGP or static route to
implement the IP connectivity as IGP connectivity or IGP
reachability.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
BGP runs in the following two modes: IBGP (Internal BGP),
EBGP (External BGP)
•If two peers that exchange BGP
t
h messages belong to the same
: such as RTB and RTD.
AS, they are Internal BGPs(IBGP),
c e BGP messages belong to different
r BGP (EBGP), such as RTD and RTE.
•If two peers that exchange
u
o
AS, they are External
Although BGP s
Re between different border routers of an AS. Only
runs between ASs, it is necessary to establish
BGP connection
n g the routing
in this way, information can be transmitted to the
n
whole i network. To establish the communication between AS100
a r
and AS300, we need to establish the IBGP connection between
Le The basic configuration of BGP is as follow:

RTB and RTD.
re
Mo
Enable BGP (specify the local AS number), enter BGP view
[Router A] bgp as-number
Using the bgp command, you can enable BGP and enter BGP
view.
By default, the BGP is disabled.
One router can run in only one AS. This means that one router

can be specified with only one AS-number.

Specified the peer IP address and its AS number
[Router A-bgp] peer { group-name | ipv4-address | ipv6-address}
asnumber as-number
By using peer as-number command, you can configure the AS
number of a peer or peer group. Using the undo peer as-number
command, you can delete the AS number of a peer or peer group e n
m/
By default, the opposite end of the peer group has no AS
c o
number.
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The direct physical connection is not necessarily exists between the
IBGP peers.
However, the TCP connection must
t
h be established between them. We
s
usually specify the IBGP neighbor: by using the loopback interface to
ensure the reliability of theeroute advertisement of IBGP peers. In the
r c is used, we must specify the source
case where loopback interface
o u packet.
interface of route update
e
peer { group-names | peer-address } connect-interface interface-name
In most of theR cases, there is a direct physical link between the EBGP
peers. g
i n it is hard to realize this in some cases. To establish the
n connection with the peer on the indirectly connected network,
However,
r
e awe need to modify the maximum hop of EBGP packet by using the
EBGP
L following command:
re
Mo
peer { group-name | peer-address } ebgp-max-hop [ ttl ]
“ttl” is the maximum hop value. It is in the range of 1 to 255. If you
specify the maximum hop as 1, you can not establish the EBGP
connection with the peer on the indirectly connected network.
Besides the “ebgp-max-hop” command, we need to ensure that the
loopback interface of the BGP peer is reachable.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Under the normal circumstance, when there is more than one
select the best route for its own use.h t

alternatives route to the same IP subnet, the BGP speaker will
s :
The best route is the candidate for installation in the IP routing
c e
table. However, before a route can be installed, the router will
u r
check if there is there is any other routing protocol that has
s o
information about the same subnet. If the subnet is known via
Re
different sources, the router uses the route preference to
ng
determine which source is more trustworthy. The router will
install the route with smaller route preference value. That is to
ni
say the router will select also the best route for its own use and
ar
the best route of BGP speaker might not the best route for the
Le router. For example, there are 2 routes to the same IP subnet.
re One is the best route selected by the BGP speaker and another
Mo
is the static route. In this case, router will install the static route
into the IP routing table because it has lower route preference
value compare to BGP. Therefore, the best route of BGP will not
be installed into the IP routing table.
As shown in the slide above, there are 2 routes towards network
192.168.3.0 on RTA. The next hops are 10.1.1.2 and 10.2.2.2
respectively.
Base on the route selection criteria (will learn later), BGP will
select a best route which is indicated with “>” sign. After that, the
router will check if any better routes of other routing protocols
exist. If exists, the better route will be installed in the IP routing
table. Else, the best route of BGP will be installed into the IP
routing table.
For example, the static route to 192.168.3.0 is better compare to
e n
BGP route to the same IP subnet ( the route preference of static
m/
route is 60 while the route preference for BGP is 255, lower route
c o
preference value is more trustworthy).
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
BGP speaker advertises only the best routes used by itself to its
h t
peers. This means that it only advertises the BGP routes which
are installed in the IP routing table to its peers.
s :
Once the best route (“>”) that has been selected by BGP is
c e
installed in the IP routing table, BGP will send Update message
u r
which consists of that best route entry to other BGP peer.
s o
However, BGP will never sends the updates back on the
same BGP R e upon which it was received.
session
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
For the routes obtained from EBGP, BGP speaker will advertise
t
them to all its neighbors (including EBGP and IBGP).
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
IGPs are used to exchange the routing information between the
routers.
Therefore, the next hop of anyh
t
router is the interface IP address
of the router that announces :
sBGPtheisroute. This can be easily
understood. However, the e
c the autonomous systems.
used to exchange the loop-free
r
u can be regarded as an “abstract router”
routing information between
o
es will directly send the update (which has been
The autonomous system
in BGP. So,RRTB
g in the route update packet. As a result, the next hop
received from RTC) to RTA without making any changes to the
n
i
information
fornRTA to reach the network 192.168.1.0/24 is therefore
a r
Le 20.0.0.2. This causes unreachability of RTA to route
20.0.0.2. It is possible that RTA does not know the route
re 192.168.1.0/24.
Mo BGP provides a command that can be used to force the next hop
to be the IP address of the border IBGP neighbor. This is to
ensure that the IBGP neighbor can find the correct next hop
information.
Configuration Command:
peer { group-name | ipv4-address } next-hop-local

By using the undo peer next-hop-local, you can restore to the

default configuration.
By default, when the BGP notifies the EBGP peer of the route, it
change the nexthop attribute to its local IP address. When the
BGP notify the IBGP peers of the routes obtained from EBGP, it
does not change the next-hop attribute of the route.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTC learns the route update from its IBGP RTA. Assume that
from IBGP RTA to its IBGP RTD. h t

this rule doesn’t enforced. RTC will send the route update learnt
s :
RTD will send the route update learnt from IBGP RTC to its IBGP
c e
RTB. Similarly, RTB will send the route update learnt from IBGP
u r
RTD to its IBGP RTA. As a result, routing loop is generated.
s o
Therefore, this rule is used to prevent routing loop inside an
Re
autonomous system.
ng
However, the enforcement of this rule introduces a new problem
i
n
to the network:
r will not able to receive the BGP route from AS12. To resolve
aRTD
Le this problem, we often establish the IBP logical full mesh
re connection. This means that we need to create 2 more IBGP
Mo
connections for the network above. One of the IBGP connection
is created between RTA-RTD and another one is created
between RTB-RTC.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
IBG Full Mesh is one of the solution for route advertisement
h t
problem caused by the IBGP split horizon rule as described in
the previous slide. The disadvantage of this method is that the
s :
router need to maintain a large number of IBGP sessions and
c e
this consume a lot of resources.
u r
Besides that, BGP provides 2 other methods for the problem
s o
caused by the IBGP split horizon rule.
Re -- RFC 2796
Route-Reflector
n g -- RFC 3065
Confederation
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The concept of synchronization between BGP and IGP: BGP
h t
speaker will not advertise the routing information learnt from the
IBGP peer to its EBGP peer unless all routers within the AS had
s :
learned about that route through the IGP.
c e
This is known as synchronization. If a router knows about these
ur it assumes that the route has already
destinations via an IGP,
been propagatedoinside the AS, and internal reachability is
e s
assured.
R
g
One of the main responsibilities of BGP is to transmit the network
n information of its autonomous system to other
i
reachability
n
r
autonomous
aencapsulate
system. AS shown in the diagram above, RTB will
e
L TCP connection
into the BGP
the routing information towards network 10.1.1.0/24
update message and advertise it to RTE via the
re established by RTB and RTE. If RTE does not
Mo
take the synchronization into account, it will directly accept this
routing information and send it to RTF. If RTE or RTF has data
packet to be sent to network 10.1.1.0/24, this data packet must
pass RTD and RTC to reach the destination 10.1.1.0/24.
Since synchronization of IGP and BGP was not taken into
account earlier, the routing tables of RTD and RTC do not
contain the routing information to network 10.1.1.0/24 and result

in the data packet to be discarded when it reaches RTD.

Therefore, BGP must synchronize with IGP (RIP, OSPF and so
on). In other words, a router when receives route update
information from its IBGP peer will attempt to verify the internal
reachability for that route before advertising it to other EBGP
peers (check whether that route contains in the routing table of
IGP, whether non-BGP routers can deliver traffic to that route). If
e n
that route is known via an IGP, the router announces it to other
m/
EBGP peers.Otherwise, the router treats the route as not being
c o
synchronized with the IGP and does not advertise it.
i .
There are many solutions for the synchronization problem. The
we
simplest one is for RTB to redistribute the BGP routing
ua
information to the IGP routing table and then the IGP routing
. h
g
protocol will advertise it to RTE. As a result, the synchronization
n
i
is achieved. However, this is not recommended because the
n
consumption of memory and CPU on the IGP a r
BGP routing table is very huge. This results in the high
lethat cannot handle

routers. The low and middle end equipments
/ /
this burden will fail.
p : route to 10.1.1.0/24 on
t
Another solution is to configure a static
RTB, and then redistribute it intotIGP routing table. The
h
: you are using, it is not suitable to
synchronization is therefore achieved.
s
e .By default, the VRP platform
No matter what kind of method
c
r
be used in the large network.
u
o
adopts “Undo synchronization” and it cannot be changed.
s must be met in order to cancel the
e
Certain conditions
R We can cancel the synchronization when all the
synchronization.
n g
routers in the ASs establish an IBGP full connection. This means
that i
r n RTC-RTE, and RTD-RTE has established the IBGP
the routers between RTB-RTC, RTB-RTD, RTB-RTE, RTC-
e aneighbor relationship via TCP connection. Since the IBGP

RTD,
L neigbor relationship has been formed between RTB-RTD, RTD

re has learnt the BGP route towards 10.1.1.0/24 from RTB. when
Mo the data arrive at RTD, RTD will in turn transmit the data to RTC.
Similarly, RTC has learnt the BGP route towards network
10.1.1.0/24 from RTB because the IBGP neighbor relationship
has been formed between RTB-RTC.
Therefore, RTC will in turn send the data to RTB. As a result, the
data will not lost during the data transmission.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

&KDSWHU%*35RXWH$GYHUWLVHPHQW
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The main function of BGP is to transmit the loop-free routing
h t
information between the autonomous systems instead of
discovering and calculating routing information. Therefore, the
s :
routing information of BGP needs to be redistributed into BGP
using command.
c e
u r
To become BGP route, there are 2 methods : using network
s o
command or import command
R e use the aggregate command to redistribute the

In fact, we can
g to use this method is the BGP routing table must
IGP aggregated route into the BGP routing table. The
n
i those detailed route first. Therefore, we do not
recondition
n
a r this method as one of the solutions.
contain
Le By using the Network command: the router will inject the routing
consider
re
Mo
information of IP routing table into the BGThen, the injected
routing information will be sent to other peer via BGP. The
precondition is that the routing information to be injected into the
BGP routing table via network command must be existed in the
IP routing table.
The related command:
network ipv4-address [ mask | mask-length ] [ route-policy

route-policy-name ]
ipv4-address: Specified the IPv4 network address advertised by
BGP in dotted decimal format.
mask/mask-length: Specifies the network mask or the length of
the network mask.
Default subnet mask will be used if it is not specified.
e n
route-policy-name: Specifies the routing policy applied to the
m/
advertised routes.
c o
By default, BGP do not advertise any of the local routes.
i .
P routing table according to the Network specified.
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The second method is redistributing other routing protocols into
h t
BGP routing table by using the import command. Besides, we
can specify the routing policy for the imported route.
s :
import-route protocol [ process-id ] [ med med | route-policy
route-policy-name ]
c e
u r
s o
protocol: specifies the importable external routing protocols. At
present, the importable external routing protocols include isis,
Re
ospf, static, direct and rip.
ng
process-id: specifies the process id if the imported routing
i
n
protocol are isis, ospf or rip.
r specifies the med metric of the imported route. The value is
aMed:
Le ranging from 0 to 65535. route-policy-name: When the routes are
re imported from other routing protocol, will filter those routes by
Mo
using the specified routing policy.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp exchange BGP messages
1. How many types BGP relationship?
A˖IBGP and EBGP. If two peers
belong to the same AS, they are
t
h Internal BGP (IBGP). If two
that
:
peers that exchange BGPsmessages belong to different AS, they
c
are External BGP (EBGP). e
u r
o
2. Why the IBGP full connection is established inside an AS?
s obtained from IBGP, the BGP speaker will not
e
A˖For the route
R to its IBGP neighbors. This is to prevent the
advertise them
n g between
routing loop inside an AS. So, IBGP full connection must be
ni
established the BGP speakers inside an AS in order to
a r the routing information to all other IBGP peers

transmit
Le successfully.
re 3. What is the requirement to inject the route into the BGP
Mo
routing table by using network command.
A˖The routes to be injected into the BGP routing table via
network command must be available inside the IP routing table.
In addition, we must specify the length of the subnet mask
precisely.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The enterprises and service providers are often concerned about
h t
such questions, Example: How to filter some BGP routes˛How
to control the BGP route selection? These questions can be
s :
solved by using abundant BGP path attributes.
BGP path attributes is aeset of parameters and it further
describes a specificr
c
o upolicy.
route. We usevarious path attributes when
es of BGP path attributes˖

configure the route
There are 4Rtypes
n g mandatory
Well-known
n i discretionary
Well-known
r transitive
aOptional
Le Optional non-transitive
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
BGP implementations must recognize all the well-known
h t
attributes. The wellknown mandatory attributes must be included
in every update messages while the well-known discretionary
s :
attributes may or may not be included in the update messages.
c e
Once the updates of BGP peer carry the well-known mandatory
u r
attribute, BGP peer must advertise it to other peers.
s o
Well-known attributes must be recognized by all BGP
implementationRe
ng
•Well-known mandatory
i
n
must be included in all BGP update messages,
r
aexample:
Le •Well-known discretionary
NEXT_HOP attribute.
re may or may mot be sent in the BGP update message, example:

Mo LOCAL_PREF attribute

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In addition to the well-known attribute, each update messages
h t
can include one or more optional attributes. Not every BGP
speakers are required to support these optional attributes.
s :
BGP implementations is not necessarily required to support the
optional attributes:
c e
u r
o
•Optional transitive
s
R e
BGP process should accept the path in which it is included even
if it doesn't support the attribute and it should pass the route on
n g
i
to its peers.
n AGGREGATOR attribute
a r
Example:
Le •Optional non-transitive
re BGP process that does not recognize attribute can ignore
Mo the Update in which it is included and not advertise the route to

its other peers.
Example: MED attribute

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Attributes Well-known/Optional Mandatory/Discretionary Transitive/Non-transitive
Origin Well-known
h t
Mandatory --
AS_PATH Well-known
:
Mandator
s
--
Next-hop Well-known e
Mandatory
c Discretionary
--
u
Local-preference Well-known r --
MED Optional
s o -- Non-transitive
Community OptionalRe -- transitive
Origin˖Origin
n gis a well-known mandatory attribute that is used to define the
origin of ni routing information. It indicates how a route becomes BGP route,
r the
suchaas IGP, EGP and INCOMPLETE.
Le A well-known mandatory attribute that lists a sequence of the
As_PATH:
re autonomous systems passed by a route. It is used to prevent the routing loop.
Mo Besides, it can be used for route filtering and selection.
Next hop: A well-known mandatory attribute that defines the IP address of the
border router that should be used as the next hop to the destinations listed in
the Network Layer Reachability field of the UPDATE message.
MED˖MED is an optional non-transitive attribute. When some AS has multiple

entries, the MED attribute can be used to help other external AS

in selecting a better entry path. The smaller the MED value of a
route, the higher its precedence.
Local-Preference˖Local preference is a well-known
discretionary attribute. It is used only inside an autonomous
system and not passed to other autonomous systems. If an
internal BGP speaker receives multiple routes to the same
e n
destination, it compares the local preference attributes of the
m/
routes.
c o
This reflects the preference level of the BGP speaker for each
i .
external route.
we
The larger the local preference value, the higher the preference
ua
level of the route.
. h
n g
Community˖It is an optional transitive attribute that is designed
n
to simplify policy enforcement. It marks a group of routing i
ar
information that has the same feature which is irrelevant to its IP
subnet or autonomous system.
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Origin attribute specify the origin of the BGP path information. In
h t
fact, it is the methods for BGP speaker to generate the BGP
route. BGP considers three types of origins:
s :
• IGP: The route with origin IGP is marked with “i” in BGP routing
c e
table (by using the “display bgp routing-table” command).The
u r
origins are IGP for the routes internal to the AS and are
s o
advertised via the network command. This method is also called
Re
as semi dynamic redistribution of BGP information. The
ng
network advertised via the network command is dynamically
ni
discovered and calculated by IGP (including static route). Some
ar
of the routing information is selectively redistributed into the BGP
Le
system via network command. That’s why it is called as “semi
dynamic”.
re • EGP: The route with origin EGP is marked with “E” in BGP
Mo routing table. The origin “EGP” was used when the Internet when
the routes are redistributed from EGP into the BGP routing table.
It is used when the Internet was migrating from EGP to BGP. It is
rather difficult to encounter the route with origin EGP in the real
network. This is because EGP protocol is basically obsolete and
not used anymore.
•Incomplete: The route with origin Incomplete is marked with “?”
in BGP routing table. The route with origin incomplete is learned

by some other means. It means that the information for
determining the origin of the route is incomplete. Routes that
BGP learnt through redistribution from IGP or static route carry
the incomplete origin attribute. Injecting the IGP routes into BGP
dynamically or semi dynamically is based on the dependency of
the BGP routes on the IGP routes.
e n
Unconditionally injecting the IGP routes into BGP might bring
m/
some drawbacks.
c o
The unnecessary or wrong information might leak into the BGP
i .
routing table. For example, the IGP might consist of some
we
special address for internal AS only or some unregistered
ua
address. Apart from that, it might also cause the fluctuation of
. h
BGP (because the BGP route is base on the IGP route). BGP
n g
i
use a process called route dampening to penalize and ultimately
n
a r
discontinue advertisement of fluctuating routes, depending on
their degree of instability. We will not discuss this in detail here.
In this circumstance, we must adopt some l e strategies,
/ / filtering
:
and ascertain those networks can be redistributed
p(fortoexample
from IGP into
BGP. For the protocol that can be used
the internal route and external routett distinguish between
OSPF), we can
h
ensure that only the internal route is redistributed into the BGP
s :
equipments will inject c e
by using the appropriate configuration. By default, Huawei
OSPF external routes r only the OSPF routes into the BGP. The
u will not be injected. Besides, the static
s o
route can be redistributed into BGP and this method
can increase R e
the stability of the route. The static routes will never
n
disappearg from the IP routing table and hence will always be
i
advertised.
n
a r precedence order of the 3 origin values are
The
Le These 3 origin values are used to control the selection of BGP

IGP>EGP>INCOMPLETE.
re
Mo
routes.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
AS_PATH is an important well known mandatory attribute in
h t
BGP. It contains a sequence of autonomous system numbers
that represent the path a route has traversed. To prevent routing
s :
loop, BGP will not accept the routing update that contains its
c e
local AS number in the AS_PATH attribute. Therefore, the egress
u r
router will append its AS number to the AS_PATH attribute each
s o
time the route is advertised by an egress router to the EBGP
R e
peer in another AS. This is to record the path that has been
g
traversed by a particular route. If the local AS number is
found n
i in AS_PATH attribute of the routing update information, it
n that the update has already passed this AS or the
r
indicates
aupdate is originated in this AS. This update information need to
Le be discarded to prevent routing loop.
re In addition, AS_PATH attribute is one of the important parameter
Mo used to determine the best route to reach a destination. When 2
or more routes toward the same destination exist on a router, the
AS_PATH attribute can be used for route selection. A shorter
AS_PATH is always preferred over a longer one. In case of a tie,
other attributes are used to determine the best path to the
destination. Note: In the most of the actual network
implementations, AS_PATH is used to determine the best route
when multiple paths towards the same destination exist.

As shown in the diagram above, the BGP route for network
18.0.0.0/8 in AS 200 passes through AS200, AS300, and AS400
in order to reach AS100. Its AS_PATH is recorded as (400, 300,
200). Another path exist by passing AS200 and AS500 in order to
reach AS100. Its AS_PATH is recorded as (500, 200). In this
scenario, BGP will select the route with shortest AS_PATH.
e n
Therefore, route with AS_PATH “(500, 200)” will be selected.
m/
After perform the BGP route aggregation, granularity that exists
c o
in the specific routes that form the aggregate is lost by default.
i .
Assume that an AS is advertising an aggregate address
we
representing addresses in several autonomous systems. In this
ua
. h
case, the AS that originates the aggregate route include only its
own number in the AS_PATH. The AS_PATH g
n the
information of the specific route is not included. Thisicauses
r n prefixes.
aback to the AS
lost of the path information to some of the more-specific
e
Therefore, the aggregated route might be sent
/ l the routing
where the specific route reside and this generate
: / when learn the topic
loop. We will discuss this problem in detail
of route aggregation.
t p
t
For most of the circumstances,hroute filtering base on AS _PATH
s :
list provides more flexible control over the route filtering base on
the prefix list.
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
By default, BGP detects the routing loop via AS number. As
h
established between RTA-RTC and RTB-RTC.
t
shown in the diagram above, the EBGP relationship is
s :
RTB will append its local AS number (213) when sends the
c e
update about network 10.0.0.0/8 to RTC. When RTA receives the
u r
same update from RTC, the AS_PATH attribute of the route
s o
contains its local AS number (213). Therefore, RTA will ignore
Re
this update information.
ng
In some special implementation like the case of hub and spoke,
i
we need accept the BGP route with the repeated AS number. In
n
ar
this case, we can use the command below to force the router
Le peer { group-name | ipv4-address } allow-as-loop [ number ]

accept the BGP route with repeated AS number.
re
Mo
parameters˖
group-name˖specify the name of the peer group.
ipv4-address˖specify the IPv4 address of the peer
number˖specify the repeating times of the AS-number that are
allowed.
It is ranging from 1 to 1. The default value is 1.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
The length of the AS_PATH can be extended to influence the
route selection.
t
h the RTA in AS123 that sends
For this example, we can configure
s
the EBGP updates of network: 10.0.0.0/8 to AS 387 by appending
c e of the AS number 123. After the
the AS_PATH with 2 copies
u r to RTB, its AS_PATH will be (123,
route has been advertised
s o alternative routes to reach network
123,123). The second
R
10.0.0.08 thateRTB received is from AS462 which originates from
gprocess and determine the route to be used in order to
AS123. Its AS_PATh is (462,123). RTB will perform the route
n
i network 10.0.0.0/8. In this case, RTB will select the best
selection
n
a r base on the length of the AS_PATH. RTB will prefer the
reach
Le route
route
with shorter AS_PATH: (462 123). The data is therefore
re forwarded to AS123 via AS462. As a result, the high speed link
Mo
between RTC and RTD is selected while the low speed link
between RTA and RTB is used for backup.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Next hop is well-known mandatory attribute that defines the IP
h t
address of the border router that should be used as the next hop
to the destinations listed in the Network Layer Reachability field
s :
of the UPDATE message. The next hop processing of BGP is
c e
very complex. The following 3 rules apply:
u r
(Note: RTA and RTC establish the EBGP neighbor relationship
s o
through the directly connected Ethernet interface. RTA and RTB
Re
establish the IBGP neighbor relationship through the directly
ng
connected interface. RTC and RTD establish the IBGP neighbor
relationship through the directly connected Ethernet interface
ni
a1.rWhen BGP advertise update message to the EBGP peer, the
between 10.0.0.2 and 10.0.0.3).
Le NEXT_HOP is the IP address of the advertising router's

re interface. When BGP advertise update message to the IBGP
Mo peer, and the NLRI of the update refers to a destination
within the same AS, the NEXT_HOP is the IP address of the
neighbor that advertised the route. AS shown in the diagram
above, the next hop is 10.0.0.2 when RTC advertise the route
18.0.0.0/8 to its EBGP RTA. The next hop is 21.0.0.1 when RTB
advertise the route 19.0.0.0/8 to its IBGP RTA.
2. The next hop processing for multi-access network (broadcast
network or NBMA network) is different. As shown in the diagram

above: RTD advertise the route 20.0.0.0/8 to RTC with next hop
IP as 10.0.0.3. If RTC advertises the route 20.0.0.0/8 to RTA with
next hop 10.0.0.2, the packets from RTA to network 20.0.0.0/8
will have to crossed the shared LAN twice. To optimise the
packet forwarding in the multi-access network, RTC will use
10.0.0.3 as next hop instead of 10.0.0.2 when advertising the
e n
route 20.0.0.0/8 to EBGP RTA.
m/
3. When BGP advertise update message to IBGP peer and the
c o
NLRI of the update refers to a destination in a different AS, the
i .
NEXT_HOP is the IP address of the external peer from which the
we
route was learned. As shown in the diagram above, the next hop
remain 10.0.0.2 when RTA advertise the route 18.0.0.0/8 ua
. h
learnt from EBGP peer to its IBGP peer RTB. This default
n g
i
behavior of BGP might bring some potential problems: If the
n
ar
next-hop address towards 10.0.0.2 for RTB is unreachable, the
packets for the destination 18.0.0.0/8 will be dropped.
le
Solution˖
//
:
First Method˖Issue the command “import route direct” in the
p
BGP view of RTA.
tt
Second Method ˖Issue the command h peer { group-name | ipv4-
address } next-hop-local on:RTA. By using this command, the
next hop IP address is setsto the local address when advertising
c epeer group.
r
the route to the peer or
u
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Local preference is a well-known discretionary attribute. In
h t
certain circumstance, one single ISP can access to the Internet
by connecting to 2 larger ISPs using the high speed link. As
s :
shown in the diagram, ISP0 is connecting to ISP1 and ISP2
c e links.
respectively via 2 separate
u r distributes the traffic evenly on 2 of the
uplinks? Assume s othat 2 routes that exist in the Internet are
In this case, how ISP0
R
210.52.83.0/24 e (represented as 83 for the explanation below)
ng is to direct the traffic toward network 83 to the link
and 210.52.82.0/24 (represented as 82 for the discussion).
Our i
r
of nISP1 and direct the traffic toward network 82 to the link of
objective
e aISP2.
L The internal network structure of ISP0 is as follows: Full mesh
re
Mo
IBGP peer relationship is established for RT3, RT4 and RT5.
RT3 establishes the EBGP peer relationship with ISP2 while RT4
establishes the EBGP relationship with ISP1. As a result, both
RT3 and RT4 will receive the route 82 and 83 from their
respective EBGP peer. Both RT3 and RT4 will in turn advertise
the route 82 and 83 to their respective IBGP peer. Finally, RT5
learns the route 82 and 83 from two different sources. Therefore,
we need to modify the attribute of the source on RT3 and RT4
in order to implement load balancing.

How to implement the load balancing? In this case, BGP can add
the local preference attribute to the routes. If an internal BGP
speaker receives multiple routes to the same destination, it
compares the local preference attributes of the routes. The route
with the highest local preference is selected.
When RT3 receives the routes 82 and 83 from ISP2, the local
e n
preference of route 83 is set to 100 (default local preference is
m/
100, not require to configure it) while the local preference of
c o
route 82 is set to 200. Similarly, when RT4 receives the
i .
routes 82 and 83 from ISP1, the local preference of route 82 is
we
set to 100 while the local preference of route 83 is set to 200. As
ua
a result, RT5 will receive 2 routes from 2 different sources.
. h
g
These 2 routes carry different local preference value and toward
n
the same destination. RT5 will carry out the route selection
n i
ar
based on the value of the local preference. Finally, the traffic
le
from route 83 is sent to ISP1 while the traffic from 82 is sent to
ISP2.
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
We have introduced how the local preference is used to control
h t
the traffic leaving the AS. In certain circumstance, we need to
control the incoming traffic into an AS. MED attribute can be
s :
used to achieve this purpose. This can be shown from the
c e
example above. In this network, AS100 has 2 uplink connections
r
to 2 different routers in AS200. Assume that 2 routes that exist in
u
o
the Internet are 210.52.83.0/24 (represented as 83 for the
s
Re
explanation below) and 210.52.82.0/24 (represented as 82 for
the discussion). These 2 routes are advertised to the border
ng
router RT3 in AS100 through BGP.
i
n
The network administrator of AS200 would like to achieve the
ar
objectives as follow:
Le The data traffic from AS100 to reach 82 must pass through RT2
re while the data traffic from AS100 to reach 83 must pass through
Mo
RT1. From here, we can observe the difference between local
preference and MED. Local preference is used to control the
outgoing data traffic from an AS while MED is used to control the
incoming data traffic into an AS.
The objective above can be achieved by providing a MED value
for the advertised route. When the peer at the other end receives
multiple routes toward a destination, it will make the selection

base on the MED value.

1. When the border router RT1 in AS200 advertises the routes 82
and 83 to RT3 in AS 100, it will mark the route 83 with MED
value 50 and mark the route 82 with MED value 100.
2. When the border router RT2 in AS200 advertise the routes 82
and 83 to RT3 in AS100, it will mark the route 82 with MED value
50 and mark the route 83 with MED value 100.
e n
3. When RT3 in AS 100 has learnt the same routes from EBGP
m/
peer RT2 and RT1, it will select RT1 as the next hop to reach 83
c o
and RT2 as the next hop to reach 82.
i .
We prefer the lowest MED value. This is because MED value is we
considered as a metric. Therefore, the metric with lowest value
ua
or lowest distance is preferred.
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
By default, the BGP router only compare the MED values of the
h t
routes from the same AS (different peers). However, we can use
the command comparedifferent- as-med to tell BGP to compare
s :
MEDs from different ASs for the same route. This command is
c e
used only when different ASs adopt same routing policies
and routing protocol.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
In BGP, a community is a group of destination that share the
common nature.
RFC1997 defined the community
t
h attribute as variable length
s
optional transitive attribute.:
c e administrator may define which
Each autonomous system
u r belongs to. By default, all destinations
s o Internet community. Received routes
communities a destination
belong to the general
e community are advertised freely.
belonging toRInternet
A singlegroute can have more than one community attribute
i nThe BGP router that sees multiple community attribute
rn in one route can apply the appropriate policy according to
values.
values
e aone or more or all of those attribute values. The router can add
L or modify the community attribute values before it transmits the
re
Mo
route to other peers.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The community attribute consists of a set of four octet values,
h t
each of which specify a community. All routes with this attribute
belong to the communities listed in the attribute.
s :
The community attribute values ranging from 0x0000000 through
c e
0x0000FFFF and 0xFFFF0000 through 0xFFFFFFFF are
reserved.
u r
s o
Well-known community attributes are recognized and have global
significance. Re
ng
The following are well-known community attributes:
i
nNO_EXPORT(0xFFFFFFF01)˖Routes received carrying this
ar value cannot be advertised to EBGP peers or, if a confederation
Le is configured, the routescannot be advertised outside of the
re confederation.
Mo
NO_ADVERTISE(0xFFFFFFF02)˖All routes received carrying a
communities attribute containing this value MUST NOT be
advertised to o t h er BGP peers.
NO_EXPORT_SUBCONFED(0xFFFFFFF03) ˖ All routes
received carrying a communities attribute containing this value
MUST NOT be advertised to external BGP pe e rs (this includes
peers in other members autonomous systems inside a BGP

confederation). It is also called as LOCAL_AS attribute.

In addition to the well-known community attribute, private
community attributes can be defined for special uses. These
attributes are identified by some numerical value. A common
practice is to use the first 2 bytes of the community
attribute for the AS number and the last 2 bytes for an arbitrary
value ranging from 0 to 65535. (e.g. AS 690 may define
e n
research, educational and commercial community values that
m/
may be used for policy routing as defined by the operators of that
c o
AS using community attribute values 0x02B20000 through
i .
0x02B2FFFF (690:0~65535))
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 2 BGP Route Selection
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
1. If the next hop of this route is unreachable, then ignore this
route.
t
2. Select the route with highesthPreferred-Value. This new
parameter is added in VRP5.s : It can be used to assign a
c e
preference value for a peer.
u r the more preferable the route.
o with a higher local preference
The higher the number,
s
Reaggregated route to the detailed routes
3. Select the route
4. Prefer the
n gthe route with the shortest AS_PATH.
i
5. Prefer
6. n
a r BGP compares the origin attribute of the route and selects the
Le EGP, which is lower than Incomplete.

route with the lowest origin attribute code: IGP is lower than
re 7. Select the route with the lowest MED value. This comparison
Mo is done only if the AS number is the same for all the routes being
considered.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tppath to the BGP
8. Prefer EBGP routes over IBGP routes.
t
h the lowest IGP metric to the
9. Prefer the route with the shortest
NEXT_HOP. This is the route with
next-hop router. s :
c eidentical, they are equivalent route and c
When all the above are
u rbalancing.
omust be the same
an be used for load
s
Re selection rules can be ignored when load
Note: AS_PATH
The last 3 route
n g is implemented.
balancing
i the route with the shortest cluster-list.
10.nSelects
a r
Le with smaller router ID if Originator ID is unavailable.
11. Prefer the route with smaller Originator ID. Select the route
re 12. Prefer the route with smaller peer IP address.

Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
1. What are BGP path attributes? How many attributes are
available at present?
A: BGP is a policy tool for route
t
hselection. Different from IGP, the
: the routing information
main function of BGP is tostransmit
c e BGP path attributes describe the
instead of route discovering.
ur route. It can be used to control the route
characteristic of a BGP
advertisement. Atopresent, BGP4 has 16 types of path attributes.
2. How the R es attribute prevent the routing loop?
AS_PATH
that i ng be passed
A˖AS_PATH attribute list is a sequence of autonomous systems
r n must
network.
through in order to reach the indicated
These sequence of autonomous systems are appended
a
Le the route into BGP is always found in the rightmost end of the
from the right to the left. Therefore, the AS that originally injected
re AS_PATH. Each time the routing update crossed the boundary of

Mo an AS, the AS number of the sender is appended to the front part
of the AS_PATH. A router that have received the BGP update will
check the AS_PATH attribute and look for its own AS number. If it
is found in the AS_PATH, then the route has already crossed the
AS. This route information will be discarded to prevent the
routing loop in this situation.

3. What is the difference between the MED and LOCAL_PREF

attribute?
A˖MED is used by the EBGP peer while LOCAL_PREF is used
by the IBGP peer. In other words, EBGP speaker can used the
MED to inform the neighboring AS of the preferred link for
incoming traffic when multiple links exist between 2 autonomous
systems. The LOCAL_PREF attribute can be used to identify the
e n
preferred route when multiple IBGP speaker are advertising the
m/
same route within an autonomous system.
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 1 What is route aggregation
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Route Aggregation Rule: Adopt the method of longest match
subnet mask.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Automatic Aggregation: Aggregate the imported IGP subnet
h t
routes to their major network addresses automatically. Once the
automatic aggregation is enabled, BGP will not receive the
s :
subnet routes that are redistributed from IGP. BGP will
c e major network addresses.

receive only the aggregate
u r command is used to aggregate the
o their major network addresses automatically.
The summary automatic
imported routessto
R e automatic is used to disable to the
The undo summary
g
configuration. By default, the summary automatic function
n
n i
is not enabled.
a r the summary automatic function is enabled, BGP no longer

After
Le receives the subnet routes from an IGP. BGP receives only the
re aggregate network addresses.
Mo
This can reduce the number of routes in the routing table

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Manual Aggregation: Aggregate the local BGP routes. In general,
than the automatic aggregation. h t

the preference of the manual aggregation is much more higher
s :
By default, both of the specific route and aggregate route will be
c e
advertised when manual aggregation is used.
u r
s o
The aggregate command is used create an aggregate record in
the BGP routing table. The nn command is use disable the
Re
function. By default, no route aggregation is preformed.
ng
Multiple BGP specific BGP routes can be summarized into a
i
n
single aggregate route by using “ aggregate” command. The
ar
aggregate route is then advertised to other peers. Different from
Le command requires us to manually specify the required aggregate

the command “summary automatic”, the “aggregate”
re
Mo
prefix ip address mask [ as-set | attribute-policy route-policy-
name1 | detail suppressed | origin-policy route-policy-name2 |
suppress-policy route-policyname3

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 2 AS_SET
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The AS_PATH attribute has been learnt so far consists of an
particular destination. h t
ordered sequence of AS numbers that describes the path to a
s :
The VRP platform of Huawei products support 4 types of
AS_PATH attributes:
c e
u r
•AS_SEQUENCE
s o
•AS_SET
R e
•AS_CONFED_SEQUENCE
n g
i
•AS_CONFED_SET
n
r
AS_SEQUENCE
ahas traversed.
is the ordered list of AS numbers that a route
Le Each time the route passes an AS, the AS number will be

re recorded in the front part of the list.
Mo AS_SET is often used in route aggregation. It is an unordered list
of the AS numbers along a path to a destination.
AS_CONFED_SEQUENCE is an ordered list of AS numbers
along a path to a destination. It is used in the same way as the
AS_SEQUENCE, except that the AS numbers in the list belong
to autonomous systems within the local confederation.

l AS_CONFED_SET is an unordered list of AS numbers along a

path to a destination. It is used in exactly the same way as the
AS_SET, except that the AS numbers in the list belong to
autonomous systems within the local confederation.
AS_CONFED can be used only in BGP confederation. When an
update is sent to a peer external to the confederation, the
AS_CONFED information is removed.
e n
In the diagram above, RTA and RTB advertise their local network
m/
to RTC. RTC will summarized those networks and advertised it
c o
to RTD by using command:
i .
aggregate 160.0.0.0 255.0.0.0 detail-suppressed . As a result,
we
the routes 162.20.0.0/16 and 160.10.0.0/16 are summarized into
ua
a single route 160.0.0.0/8.
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Observe the routing table of RTC by using the command “display
bgp routing table”
t
Status codes: * - valid, > - best,hd - damped,
h - history, i - internal, s - s
:
c e? - incomplete
suppressed, S - Stale
r
Origin : i - IGP, e - EGP,
u
Network
s o NextHop Path/Ogn
*> 160.0.0.0/8
R e 127.0.0.1 i
n g
s> 160.10.0.0 10.2.2.2 200 i
n i
s> 160.20.0.0 11.1.1.2 100 i
aItris shown that an additional aggregate route exists in the BGP

Le routing table after the configuration . Besides, the AS_PATH
re attribute of the aggregate route not carry any AS information.
Mo
This indicates that the aggregate route without AS_SET
is generated by RTC.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTC aggregate the route 160.20.0.0/16 from AS 100 and the
h t
route 160.10.0.0/16 from AS200. Only the aggregate route is
advertised to RTD since RTC has issued the parameter detail-
s :
suppressed. The specified routes 160.10.0.0/16 and
c e
160.20.0.0/16 are suppressed. Below is the BGP routing table
information of RTD.
u r
s o
Please take note of the as-path attribute of the aggregate route.
[RTD] displayRebgp routing-table
n g * - valid, > - best, d - damped,
Status codes:
n i i - internal, s - suppressed, S - Stale

h - history,
r : i - IGP, e - EGP, ? - incomplete
aOrigin
Le Network NextHop Path/Ogn
re *> 160.0.0.0/8 4.4.4.1 300 i
Mo The aggregate route 160.0.0.0/8 is generated by AS300 with
origin IGP. The aspath information of the specified route
160.10.0.0/16 and 160.20.0.0/16 are lost.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Now, we add the parameter as-set in the aggregate command of
aggregate 160.0.0.0 255.0.0.0h

t
RTC. The configuration is as below.
detail-suppressed as-set.
s :
c e
u r
s o
R e
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The BGP routing table of RTC after the modification of
configuration is as below:
[RTC] display bgp routing-tableh
t
Status codes: * - valid, > s
:
e - best, d - damped,
h - history, i - internal,cs - suppressed, S - Stale
r
Origin : i - IGP, eo- u
e s EGP, ? - incomplete
Network
R NextHop Path/Ogn
n g
*> 160.0.0.0/8 127.0.0.1 {200 100} i
n i
s> 160.10.0.0 10.2.2.2 200 i
a r 160.20.0.0
s> 11.1.1.2 100 I
e
L After configuring the as-set parameter, the as-path information of
re the BGP routing table on RTC is shown as {200,100}. This
Mo indicates the router has aggregated the routes from A200 and
AS100.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The BGP routing table of RTD after the modification in
configuration is as below:
[RTD] display bgp routing-tableh
t
Status codes: * - valid, > s
:
e - best, d - damped,
h - history, i - internal,cs - suppressed, S - Stale
r
Origin : i - IGP, eo- u
e s EGP, ? - incomplete
Network
R NextHop Path/Ogn
n g
*> 160.0.0.0/8 4.4.4.1 300 {200 100} i
n i information plays an important role in preventing routing

AS_SET
a r This is because it records the AS’ information for the

loop.
Le aggregate route
components of the aggregate route that have been traversed. An
re might be re-entered into any AS’ listed in the

AS_SET through BGP route.
Mo This will result in routing loop. Once BGP loop detection
mechanism finds its AS number is in the list of the AS_SET
attribute of the aggregate route received, it will ignore that route.
This will prevent the routing loop.
Note: After the as-set parameter is used, the as-path information
of the aggregate route contains the as-path information for each

of the specific routes being aggregated. This information is

updated according to the changes occurring in the specific routes
being aggregated. When the route 160.20.0.0/16 in the example
above fails, the as-path information of the aggregate route will be
changed from 300{200ˈ100} to 300 {200}. This result in the
attribute of the aggregate route change. The aggregate route will
be in the unstable state if the router aggregates thousands of
e n
routes and at the same times problems keep happening to those
m/
specific routes being aggregated.
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tisp used, the as-path
.
This infoAfter the as-set parameter
information of the aggregate route
t
h contains the as-path
information for each of thes :specific routes being aggregated,
e
information is updatedcaccording
u r to the changes occurring in the
o
specific routes being aggregated. When the route 160.20.0.0/16
in the examplesabove fails, the as-path information of the
R e will be changed from 300{200ˈ100} to 300
aggregate route
gThe aggregate route will be in the unstable state if the
{200}. This results in the attribute of the aggregate route
n
n i aggregates thousands of routes and at the same times
change.
a r
router
Le aggregated.
problems keep happening to those specific routes being
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Aggregate route does not inherit the original BGP route attributes
by default.
t
h mask [ as-set | attribute-
The command aggregate ip-address
policy routepolicy- name1s|:
detail-suppressed | origin-policy
route-policy-name2 | e
r c
o u
suppress-policy route-policy-name3 ] is used to modify the
attributes of thesBGP aggregate route.
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using the key word attribute policy, you can set the attribute of
the aggregate route.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tpenable aggregation of
origin-policy
Using the key word origin-policy,twill
h
:
only routes that match the route policy.
s
c e
suppress-policy
u r
s
Using the key wordo suppress-policy, an aggregate route can be
R e the detail route can be suppressed. You can use
generated while
n g
the ifmatch of route-policy to selectively suppress some of the
i routes.
specific
n
a r of the other routes still can be advertised.
Some
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
1. Describe the function of AS_SET used in BGP aggregate
route.
t
A˖Generates aggregate routehthat contains the AS’ information
:
for the components of thesaggregate route that have been
traversed. e
c when perform BGP route aggregation.
u r
o
2. Describe the precaution
s change in the attributes of the aggregate route.
e
A˖Take note the
R change happen in the AS_PATH attribute. If the
For example, the
AS_SETgparameter is not included when configure the route
i n system will indicate that the aggregate route is
r n by the aggregator. Therefore, only the local AS
aggregation,
generated
e anumber of the aggregator is included in the as-path attribute. In
L addition, we need to take note the change for other BGP
re
Mo
attributes as well.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tppreference
1. Select the route with highest Preferred-Value
h t
2. Select the route with highest local
s:shortest AS_PATH
3. Prefer the aggregated route to the detailed routes
1. Prefer the route with e
the
r corigin attribute of the route and selects the
2. BGP compares the
o u origin attribute code: IGP is lower than
s than Incomplete.
route with the lowest
EGP, which iselower
R
g
3. Select the route with the lowest MED value.
n EBGP routes over IBGP routes
i
4. Prefer
n
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
8. Prefer the route with the shortest path to the BGP
next-hop router. h t
NEXT_HOP. This is the route with the lowest IGP metric to the
s :
When all the above are identical, they are equivalent route and
c e
can be used for load balancing.
u r
o
Note: AS_PATH must be the same
s
R e
The last 3 route selection rules can be ignored when load
balancing is implemented
n g
9. Selects the route with the shortest cluster-list
i
10.nPrefer the route with smaller Originator ID. Select the route
r smaller router ID if Originator ID is unavailable.
awith
Le 11. Prefer the route with smaller peer IP address.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Base on the BGP route selection process and the common BGP
route selection are as follow: h t

path attributes, 9 important BGP parameters that affect the BGP
•Preferred Value s :
c e
•LOCAL_PREF
u r
•AS_PATH
s o
•ORIGIN
R e
•MED
g
nneighbor type EBGP or IBGP?
i
•Is the
n cost of IGP
a r
•Internal
Le •Cluster-list
re •COMMUNITY
Mo The parameters specified above can directly affect the BGP

route selection.
Among them, the most common used parameters are
LOCAL_PREF, AS_PATH and MED. The function and the
configuration of these parameters will be discussed in detail in
the following slides.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
LOCAL_PREF attribute is used within an AS between IBGP
h t
peers to determine the best path for the data traffic to exit an AS.
LOCAL_PREF attributes become very useful when there are
s :
multiple routes to leave the AS and reach an outside
network.
c e
u r
s o
default local-preference command is used to configure the BGP
default local preference, higher values are preferred.
Re
The range of the LOCAL_PREF value on Huawei equipments
ng
are from 0 to 4294967295. Its default value is 100
i
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the diagram above, router D will receive 2 different
RTB and RTC respectively. h t

update information to reach the network 192.168.1.1/32 from
s :
By default, RTD will perform the BGP route selection. The
c e
selected best route will be responsible to send the data to the
u r
destination 192.168.1.1/32. Both RTB and RTC change their
s o
default local preference value by using the “default
Re
localpreference”
ng
command . The local preference of RTB has been changed to
i
2000 while the local preference of RTC has been changed to
n
ar
1000. As a result, RTD receives 2 routes that carry different local
Le One of the routes carries the local preference 2000 with the IP
preference value toward 192.168.1.1/32.
re prefix of RTB as the next hop IP address. Another route carries

Mo the local preference 1000 with the IP prefix of RTC as the next
hop IP address. In this circumstance (all other parameters adopt
the default value), the route with RTB as next hop IP address will
be selected as the best route which in charge of the data
transmission to reach 192.168.1.1/32. This is because the
highest local preference is preferred.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
LOCAL_PREF is an important parameter that affect the BGP
h t
route selection within an AS. BGP can work together with some
policy tools to implement load balancing in some complex
network.
s :
c
As shown in the diagram e above, RTD can reach 192.168.1.0/24
u r via 2 different routes. We can set the
and 192.168.2.0 in AS100
s o as RTB for the data to reach 192.168.1.0/24
next hop IP address
R e
and set the next hop IP address as RTC for the data to reach
g via policy.
192.168.2.0/24. These can be achieved by configuring the local
n
i
preference
n
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Explanation of the configuration:
#
h t
acl number 2000
s :
e
rule 5 permit source 192.168.1.0 0.0.0.255
c
#
u r
s o
Specify the range of IP addresses that match the ACL 2000.
bgp 200 R e
g
n as-number 200
peer 10.1.1.1 as-number 100
ni
peer
a#r 3.3.3.3
Le ipv4-family unicast
re
Mo
undo synchronization
peer 10.1.1.1 enable
peer 10.1.1.1 route-policy test1 import
#
Apply route policy test1 for the route information received from
peer 10.1.1.1.

#
route-policy test1 permit node 10
if-match acl 2000
apply local-preference 2000
apply local-preference 1000
e n
#
m/
Node 10 in the routing policy assigns LOCAL_PREF 2000 to the c o
network that i .
we
match ACL2000. Node 20 in the routing policy assigns
ua
LOCAL_PREF 1000 to
. h
those networks that do not match ACL2000.
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
MED attribute is used to determine the entry point to an AS. It is
h t
used when multiple paths exist between 2 AS’ and one AS is
trying to influence the entry point from another AS. MED attribute
s :
is considered as metric or cost. Its value is in the range of 0 to
c e
4284967295. The lowest MED value is preferred. By default, the
MED value is 0.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The MED value is configured in AS100 via policy to influence the
h t
BGP route selection in AS200. The configuration of MED value
realize the incoming traffic control when multiple paths exist.
s :
There are 2 networks in AS100: 192.168.1.0/24 and
c e
192.168.3.0/24. The routing updates of these 2 networks is sent
u r
to AS200 via RTA and RTC. On RTA, the MED value is
s o
configured as 1000 for the data to reach 192.168.1.0/24 and the
MED valueR iseconfigured as 2000 for the data to reach
g
192.168.3.0/24. On RTC, the MED value is configured as 2000
for thendata to reach 192.168.1.0/24 and the MED value is
n i as 1000 for the data to reach 192.168.3.0/24. After
a r configuration, the traffic of RTF in AS200 can reach
configured
Le 192.168.3.0
the
via RTC and the data traffic of RTF in AS200 can
re reach 192.168.1.0 via RTA. In AS100, the load balancing is
Mo
implemented base on the incoming traffic.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
#
h t
bgp 100
s :
c e
u r
s o
# R e
n g
ipv4-family unicast
n
undoi
r synchronization
apeer 10.1.1.2 enable
Le peer 10.1.1.2 route-policy test1 export \\apply
re rout e
Mo policy test1 for the route sent to peer 10.1.1.2
peer 3.3.3.3 enable
peer 5.5.5.5 enable
#

\\route-policy test1ˈnode 10
if-match ip-prefix 1
\\if match ip-prefix 1, apply cost (also called as MED) 2000
apply cost 2000
\\route-policy test1ˈnode 20
e n
apply cost 1000
m/
\\for all other routes that do not match ip-prefix 1, apply cost c o
2000 i .
we
#
u a
.h
ip ip-prefix 1 index 10 permit 192.168.3.0 24 greater-equal 24
less-equal 24
g
n the
\\defines the range of IP address as 192.168.3.0/24ithrough
ip-prefix list r n
e a
#
/ l
:/
ttp
h
s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
We can define multiple filtering policies (permit or deny) under
h t
the same as-pathfilter number. The operation “OR” is applied
during the matching process. This indicates that at least one
s :
occurrence is required to make the test true. No occurrence
c e
indicates that the test failed AS_PATH Filter uses the regular
r
expression method to filter the AS_PATH attribute information.
u
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Regular expression is a formula used to match the string
h t
according to certain rules. Next, the decision process is done
(permit or deny) on the AS_PATH attribute of the BGP route base
on the matched string.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Ā^” represents start of a line. The regular expression ^12 can
h t
match sequence 12 of the first AS number 123 in AS_PATH (123
621 743 34512 2374). In other words, the AS number of the
s :
routing information must be start with sequence 12.
c
“$” represents the end of e a line. The regular expression 74$ can
match sequence 74 r
u of the last AS number 2374 in AS_PATH
o 2374). In other words, the AS number of the
s
(123 621 743 34512
e must be end with sequence 74.
R
routing information
g
“^” is used at the front of a group of matching symbols.
n
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tpregular expression 23|43
Regular expression 23|43 matches AS23 or AS43.
AS shown in the example above,tthe
matches AS_PATH (123 621 743 h 34512 2374) for 3 times.
Regular expression 23|43scan : match some characters of the
c e
whole AS number. For example, it matches 43 of the AS743. In
addition, it matches r
o u the 23 of the AS123 and AS2374.
s
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Regular expression [1-3] matches the character “1”, “2” or “3”.
h t
Regular expression [47] matches the character “4” or “7”. When
used together, regular expression [1- 3][47] matches the AS
s :
number of 14, 17, 24, 27, 34 or 37.
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Ā.āand Ā_āare different in that Ā.ācan be used to match
h t
any single character, including white space while Ā_āis used to
match any delimiters. Example of the delimiters are comma, left
s :
parenthesis, right parenthesis, the beginning of theinput string,
c e
the end of the input string, space and so on.
u r
"_34512 170$"among AS-PATH(123 621 743 34512 170)
s o
indicates that AS34512 and AS170 are indicates connected ."_"
Re
indicates any delimiters. The underscore in thisregular
ng
expression represents the white space in between the "743
34512".
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The "."sign in the middle of the regular expression [1-3].[47] can
h t
match any single character, including space. So the AS_PATH
(123 621 743 34512 2374) matches the regular expression [1-
s :
3].[47] 3 times: “1 7”, “237”and “374”.
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In the diagram above, the most difficult part is the “.+” sign in the
h t
middle of the regular expression. As per discussed earlier, “.”
sign in the regular expression matches any single character
s :
including white space while “+” sign matches one or more
c e Therefore, “.+” sign matches multiple

sequences of the pattern.
u r white space or sequence of the
single characters including
s o above, the “.+” sign matches “ 743
pattern. In the example
ReAS_PATH (123 621 743 34512 170).

34512 ” of the
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Base on the requirement specified in the diagram above, we
h t
need to configure the filtering policies on RTC. These filtering
policies are implemented to the routes coming from the EBGP
peer RTA and EBGP peer RTD.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
#
h t
bgp 400
s :
c e
u r
#
s o
R e
ipv4-family unicast
g
n enable
ni
peer
r 10.4.4.2
apeer 10.4.4.2 as-path-filter 1 import
Le the route coming from the peer RTA
\\apply as-path-filter to
re peer 10.3.3.1 enable

Mo peer 10.3.3.1 as-path-filter 1 import
the route
\\apply as-path-filter to
coming from the peer RTD

#
ip as-path-filter 1 permit ^300_
\\receive only the routing information from AS300
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In the example above, ASBR RTA and ASBR RTD in AS100
network. h t
announce the network 10.0.0.0/24 to all other nodes in the
s :
As a result, both RTB and RTC have 2 different paths to reach
c e
AS100. By default, the routers will select the best path to reach
u r
AS100. For example, RTC will select the path between RTC and
s o
RTD to reach the network 10.0.0.0/24. From the diagram above,
Re
the bandwidth of the link between RTC and RTD is 10M only. In
ng
contrast, the bandwidth of the links between RTA-RTB and RTB-
ni
RTC are 1000M.
ar
Therefore, we would like to direct the traffic to reach the network
Le
10.0.0.0/24 by using the path via RTC-RTB-RTA.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
bgp 100
h t
s :
c e
#
u r
s
ipv4-family unicast o
R e
g
n enable
peer 10.4.4.1 enable
ni
peer
r 10.1.1.2
apeer 10.1.1.2 route-policy set community export
Le \\apply routing policy “set community” to the route advertise to
re the peer.
Mo peer 10.1.1.2 advertise-community
\\advertise community attributes to a peer or peer group. By
default, no community attribute is advertised to any peer or peer
group.
#

route-policy set community permit node 10

apply community 100:1
\\apply community attribute as 100:1
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Explanation on the configuration:
#
h t
ip community-filter 1 permit 100:1 \\configure the filtering list for
community attribute
s :
c e
ip community-filter 2 permit 100:2
u r
#
s o
Re
ip community-filter basic-comm-filter-num { deny | permit } [
communitynumber| aa:nn ] * &<1-16> [ internet | no-export-
ng
subconfed | no-advertise | no-export ]
ni
ip community-filter adv-comm-filter-num { deny | permit } regular-
ar
expression In the basic community attribute list, we can specify
Le
only the community number or well-known community attributes.
In the advanced community attribute list, we can specify the
re regular expression that is used for string matching.
Mo Example:
# The basic community list with list number 1
[Quidway] ip community-filter 1 permit internet
# The advanced community attribute list with list number
[Quidway] ip community-filter 100 permit ^10

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
display bgp routing-table community [ aa:nn &<1-13> ] [ no-
community˖display the routing

t
advertise | noexport | no-export-subconfed ][ whole-match ]
hinformation that belong to a
specified BGP community.s:
c e number.
r the BGP routes that carry no-advertise
aa:nn˖specify the community
u
o Routes received carrying this value
no-advertise ˖ specify
s
Re
community attribute.
cannot be advertised at all, to either EBGP or IBGP peers.
n g
n i
no-export˖specify the BGP routes that carry no-export
r
community attribute.
aRoutes received carrying this value cannot be advertised to
e
L EBGP peers or, if a confederation is configured, the routes
re cannot be advertised outside of the confederation.
Mo no-export-subconfed˖specify the BGP routes that carry no-
export-subconfed community attribute. All routes received
carrying a communities attribute containing this value MUST
NOT be advertised to external BGP peers (this includes peers in
other members autonomous systems inside a BGP
confederation). whole-match˖indicates the exact matching.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
display bgp routing-table [ ipv4-address ] [ { mask | mask-length }
[ longerprefixes ] ]
ipv4-address˖display the network
t
h address in IPv4 format.
s :the subnet mask in dotted decimal
mask/mask-length˖specify
c esubnet mask
r for the longer prefix match.
format/the length of the
u
o
longer-prefixes˖allow
s
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
p mainly consist of ACL, IP-
1. Describe the route policy tools used in BGP.
t tare
h In addition, the policy tools
The route policy tools used in BGP
PREFIX list, Filter-List, route policy.
s :
AS-PATH-FILTER and COMMUNITY-FILTER are solely designed
for BGP. e
c that affect the BGP route selection.
u r
o
2. List out the parameters
as follow: R
es
The important parameters that affect the BGP route selection are
n
Preferredg Value
n i
a r
Local-Preference
Le Origin
AS-Path
re
Mo
MED
EBGP/IBGP
IGP Cost
CLUSTER ID
Communities
Among them, the commonly used parameters are Preferred

ValueˈLocal-Prefˈ
AS_PATHˈMED and Community.
3. Describe the difference between "+" and"*" used in regular
expressions.
Describe also the difference between"." and "_" .
"+" matches one or more sequences of the pattern whereas "*"
e n
matches zero or more sequences of the pattern.
m/
"." matches any single character, including white space while"_"
c o
matches any delimiters like comma, bracket, white space and so
i .
on.
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There are 3 routers in AS200 namely RTA, RTB and RTC. In the
h t
diagram above, assume that RTA receives an update from an
external peer and this update has been selected as the best
s :
route by RTA. By default, RTA will forward the update to its two
c e
internal peers, RTB and RTC. Since RTB and RTC form the
r
IBGP peer relationship, they will not advertise the route learnt
u
o
from their respective IBGP peer to other IBGP peers.
s
Re
Next, assume that RTC has been configured as the route
ng
reflector. It works by relaxing the rule that a BGP speaker cannot
advertise routes learned from IBGP peer to other IBGP peers.
n i
After the configuration, RTC is allowed to advertise the
r learnt from RTA to other IBGP peers. As a result, the IBGP
aroute
Le session between RTA and RTB can be cancelled.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Confederation controls the large numbers of IBGP peers by sub-
h t
dividing an autonomous system into a group of sub-autonomous
systems, called member autonomous systems. Since the EBGP
s :
session is formed between the subautonomous systems, no full
c e
mesh connection is required between them.
u r
However, IBGP full mesh is required between the BGP speakers
s o
within a sub-autonomous system.
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
We use the term "Route Reflection" to describe the operation of
h t
a BGP speaker advertising an IBGP learned route to another
IBGP peer. Such a BGP speaker is said to be a "Route
s :
Reflector" (RR), and such a route is said to be a reflected
route.
c e
u r
o
The internal peers of a RR are divided into two groups:
s
1) Client peers
R e
2) Non-Client peers
A RR n
g
i reflects routes between these groups, and may reflect
n among
a r
routes client peers. A RR along with its client peers form
Le slides.
a Cluster. We will discuss the concept of cluster in detail in other
The Non-Client peer must be fully meshed but the Client
re peers need not be fully meshed. Diagram above depicts a
Mo simple example outlining the basic RR components using the

terminology mentioned here.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When a RR receives a route from an IBGP peer, it selects the
h t
best route based on the BGP route selection process. After the
best route is selected, it must do the following depending on the
s :
type of the peer it is receiving the best route from:
c e IBGP peer Reflect to all the Clients.

1) A Route from a Non-Client
2) A Route from a u r peer Reflect to all the Non-Client peers
o peers. (Hence the Client peers are not
Client
and also to thesClient
beefully meshed.)
required to R
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Inside an AS, multiple RRs might exist to provide redundancy for
h t
the Clients. As a result, the routing update between the RRs
might generate a routing loop. We use the concept of cluster to
prevent this from happen.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Usually a cluster of clients will have a single RR. In that case, the
h t
cluster will be identified by the BGP ROUTER-ID of the RR.
However, this represents a single point of failure so to make it
s :
possible to have multiple RRs in the same cluster, all
RRs in the same clusteremust be manually configured with a 4-
r cthat an RR can discard routes from other
u
byte CLUSTER_ID so
RRs in the sameocluster.
e s
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
When a route is reflected, routing loop might be generated due to
the misconfiguration.
So, the Route Reflection method
t
h defines the following attributes
s : of routing information:
e
to detect and avoid the looping
1) ORIGINATOR_ID c
u r
ORIGINATOR_ID
s o is an optional, non-transitive BGP attribute of
Type code 9.eThis attribute is 32 bits long and it will be created
by a RR in Rreflecting a route.
g
n this attribute will carry the ROUTER_ID of the
i
Normally,
nbeen created,
r
originator of the route in the local AS. Once the ORIGINATOR_ID
aallowed to add, delete
e has the subsequent BGP speakers are not
L receives an update thatorcarrymodify it. When a BGP speaker
re the ORIGINATOR_ID attribute, the
Mo BGP speaker will match it with its local ROUTER_ID. The update
will be discarded if match.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp BGP attribute of Type
2) CLUSTER_LIST
h t
Cluster-list is an optional, non-transitive
code 10. It is a sequence of CLUSTER_ID values representing
:
the reflection path that thesroute has passed. When a RR reflects
a route, it must prependethe local CLUSTER_ID to the
r cCLUSTER_LIST is empty, it must
CLUSTER_LIST. If the
o uUsing this attribute an RR can identify if the
create a new one.
e s is looped back to the same cluster due to
R
routing information
g
misconfiguration. If the local CLUSTER_ID is found in the
n the advertisement received should be ignored.
i
cluster-list,
n
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The AS may be has many Clusters. each RR is IBGP
h t
relationship, one RR can put another RR configuration as his
own client or the non-client. So it can be flexible configuration the
s :
relationship between the cluster in AS.
As shown in figure, oneeAS divided into several reflection cluster,
c
each RR configuredrother RR to the non-client, all the RR
o u each other. Each client only establish IBGP
sthe RR in the same cluster. So all the BGP
established between
e
R will receive reflection routing information.
connection with
g
routers in AS
n
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Route reflection can effectively reduce the total number.
h t
However, RRs required to be fully meshed in some
circumstances. As a result, RRs require to maintain a
s :
large number of IBGP session especially in a large network.
c e
Therefore, the hierarchical route reflection is introduced to further
u r
reduce the number of IBGP sessions.
s o
Depend on the network requirement, the number of levels in the
Re
hierarchical route reflection can be increased gradually. Normally,
ng
2 levels hierarchy or 3 levels hierarchy is sufficient for current
ni
network deplayment.
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
To deal with the IBGP full mesh problem within an AS,
h t
confederation is used to subdivide an AS into a group of sub-
autonomous systems, known as member autonomous systems.
s :
The BGP speakers within the confederation speak EBGP
c e
to peers in other sub-autonomous systems. Therefore, full mesh
u r between them. However, BGP
connection is not require
s
speakers within theo confederation speak IBGP to peers in the
R e
same sub-autonomous system and full meshed IBGP
g
connection is required for all routers inside the sub-autonomous
n
i sessions are formed between the sub-autonomous
system.
n
a r inside a confederation. These EBGP sessions behave
EBGP
Le differently from the conventional EBGP sessions and are

systems
re therefore identified as intra-confederation EBGP session

Mo to differentiate them from conventional EBGP sessions. Intra-
confederation EBGP sessions, while having EBGP-like
properties (for example, updating the AS-PATH attribute when
BGP route is propagated), still run inside a real AS and
share some properties with IBGP sessions. Similar to IBGP
sessions, LOCAL_PREF, MED and NEXT_HOP are not

changed in updates propagated across the intra-confederation

EBGP sessions.
External peers do not see the internal structure of the
confederation. Instead, they will see the whole confederation as
a single AS. This means that the AS_PATH information that has
been modified inside an confederation is removed when the
update information is sent to the conventional EBGP neighbor.
e n
All BGP routers inside the sub-autonomous systems must be
m/
fully meshed.
c o
Alternatively, we can implement the route reflection. One of the
i .
advantages of implementing confederation is that sub-
we
autonomous systems are not required to use the same IGP.
ua
Each of the sub-autonomous systems do not require to
. h
advertise their own internal topology to other sub-autonomous
n g
n
systems. However, when different IGPs are used, each of the i
ar
sub-autonomous system must ensure the reachability of the next
hop of BGP.
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Currently, BGP specifies that the AS_PATH attribute is a well-
h t
known mandatory attribute that is composed of a sequence of AS
path segments. Each AS path segment is represented by a triple
s :
<path segment type, path segment length, path segment value>.
c e
In BGPv4, the path segment type is a 1-octet long field with the
r
two following values defined:
u
s
Value Segment Typeo
1 AS_SET: R e
unordered set of ASs a route in the UPDATE
g
message has traversed
n
n i
2 AS_SEQUENCE: ordered set of ASs a route in the UPDATE
a r
message has traversed
Le 3Numbers
AS_CONFED_SEQUENCE: ordered set of Member AS
re in the local confederation that the UPDATE message
Mo
has traversed
4 AS_CONFED_SET: unordered set of Member AS Numbers in
the local confederation that the UPDATE message has traversed

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Inside a confederation, AS_CONFED is used to prevent the
t
routing loop between the sub-autonomous systems.
h inside the confederation:
The AS_PATH modification process
s : session
e number is added in the leftmost of
1. Intra-confederation EBGP
c
ur attribute type 4,
• Sub-autonomous system
the AS_PATH asoAS_PATH
e s
R
AS_CONFED_SEQUENCE.
g
2. IBGP session
n the AS-PATH attribute
• Notimodify
r nEBGP session with external peer
e a• the sub-autonomous system number is removed from the
3.
L
re AS_PATH attribute, and the confederation ID is prepended to
Mo the leftmost of the AS_PATH.

When a BGP speaker propagates a route which it has learned
from another BGP speaker's UPDATE message, it shall modify
the route's AS_PATH attribute based on the location of the BGP
speaker to which the route will be sent:
a) When a given BGP speaker advertises the route to another

BGP speaker located in its own autonomous system, the

advertising speaker shall not modify the AS_PATH attribute
associated with the route.
b) When a given BGP speaker advertises the route to a BGP
speaker located in a neighboring autonomous system that is a
member of the local autonomous system confederation, then the
advertising speaker shall update the AS_PATH attribute as
e n
follows:1. if the first path segment of the AS_PATH is of type
m/
AS_CONFED_SEQUENCE, the local system shall prepend its
c o
own AS number as the last element of the sequence (put it in the
i .
leftmost position).
we
2. if the first path segment of the AS_PATH is not of type
ua
AS_CONFED_SEQUENCE the local system shall prependha
new path segment of type AS_CONFED_SEQUENCE g
.
innthat
to the
AS_PATH, including its own confederation identifieri
r n
segment.
e a route to a BGP
c) ˖When a given BGP speaker advertises the
/ l system that is not
speaker located in a neighboring autonomous
a member of the current autonomous : / confederation, the
tpAS_PATH attribute as
system
advertising speaker shall update the
follows:1. if the first path segment t
h of the AS_PATH is of type
AS_CONFED_SEQUENCE,
s : that segment and any immediately
following segments ofcthe e type AS_CONFED_SET or
u r
AS_CONFED_SEQUENCE
o are removed from the AS_PATH
s the sanitized AS_PATH attribute to be operated
e
attribute, leaving
on by stepsR2, or 3.
n
2. if the gfirst path segment of the remaining AS_PATH is of type
n i
r
AS_SEQUENCE, the local system shall prepend its own
aconfederation ID as the last element of the sequence (put it in
e
L the leftmost position).
re
Mo
3. if there are no path segments following the removal of the first
AS_CONFED_SET/AS_CONFED_SEQUENCE segments, or if
the first path segment of the remaining AS_PATH is of type
AS_SET the local system shall prepend a new path segment of
type AS_SEQUENCE to the AS_PATH, including its own
confederation ID in that segment.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When an update is sent to a peer external to the confederation,
h t
the AS_CONFED_SEQUENCE and AS_CONFED_SET
information is stripped from the AS_PATH attribute, and the
s :
confederation ID is pretended to the AS_PATH. Because of this,
c e
external peers see the confederation as a single AS rather than
u r
as a collection of autonomous systems.
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
1. Describe the problem solved by BGP route reflector and BGP
confederation.
h t
A: Because of the BGP route advertisement behavior, IBGP
peers must be interconnect :
s to each other.
e
This result in the IBGPcfull meshes connection. The IBGP full
u rcan solve the problem caused by the BGP
meshes connection
advertisement s o However, it brings another problem to
behavior.
the network. ReThe BGP speaker must therefore maintain
n g and confederation.
a large numbers of IBGP sessions. So BGP introduces route
n i
reflection
a rDescribe the advertisement principle of BGP route reflector.

2.
Le A:process
1). Select the best route based on the BGP route selection
re 2). For the route received from Non-client IBGP, reflect
Mo
only to all the Client Peers
3). For the route learnt from Client IBGP, reflect to all Clients and
Non- Clients 3. Describe the AS_PATH modification in BGP
confederation.
A: The confederation technology will generate a lot of sub-
autonomous systems.
Therefore, 2 new AS_PATHs have been introduced for
confederation. There are AS_CONFED_SEQUENCE and

AS_CONFED_SET. The update is transmitted between the sub-
autonomous systems. Each time the update information passes
through a sub-autonomous system, the sub-autonomous system
number will be included in the leftmost position of the
AS_CONFED_SEQUENCE. When an update is sent to a peer
external to the confederation, the AS_CONFED_SEQUENCE
e n
information is removed from the AS_PATH attribute,
m/
and the confederation ID is prepended to the AS_PATH.
c o
Because of this, external peers see the confederation as a single
i .
AS rather than as a collection of autonomous systems. Apart
we
from that, when a confederation receives an update from the AS
ua
outside the confederation, the confederation will keep the
. h
AS_PATH of that AS outside the confederation and create an
n g
AS_CONFED_SEQUENCE for used inside the confederation
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 1 What is BGP Multi-homed
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
The network is multi-homed if it has more than one exit point to
the outside world.
For example, the network can h
t
be multi-homed to a single
s :
provider or multiple providers.
c e
u r
The purpose of multi-homed is to provide the reliability or
o
achieve the load balancing via redundant links.
Load balancingsallows a router to distribute the incoming traffic or
Re among multiple paths. Multiple paths can be
outgoing traffic
n gOSPF either
learnt through static route or dynamic routing protocol such
n i
as RIP, and so on.
a r default, BGP allow only a single best path and does not
By
Le perform load balancing.
re This lesson will introduce the methods how to perform load
Mo
balancing in different scenarios using BGP.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
BGP multi-homed can be divided into the following types:
•Single-homed Stub Network
h t
•Multi-home Stub Network
s :
Single border router
c e

u r
Multiple border routers
s o
•Multi-homed to different ISPs
Re
This lesson will discuss the types of BGP multi-homed network
ng
listed above in detail.
i
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The scenario refers to single-homed Stub Network where 2
h t
different autonomous systems are connected though their
respective border router in their own autonomous system. To
s :
achieve load balancing, multiple links are used between 2 border
c e
routers. Current VRP platform can support a maximum of 8 equal
u r
cost paths for load balancing.
s o
Single-homed network can not provide high redundancy and is
Re
therefore suitable for small network. As shown in the diagram
ng
above, customer in AS can reach ISP100 via 2 links. In this kind
i
of network, BGP is not necessary for the customer network in
n
r to the border router and redistributes the route into its own
AS65100 . The customer only need to add a static default
aroute
Le AS. Similarly, the ISP need to add a static route pointing to the
re customer's address range and advertises these route into its AS.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Multi-homed Stub Network for a single border router can provide
h t
the redundancy by protecting not only failure of a single link but
also protect failure of a single ISP router.
s :
When implement this kind of design solution, BGP can be used
e
to provide an effective control for load balancing that might be
c
implemented.
u r
o
Private autonomous system number can be assigned to the
s
Re
customer network for the single upstream service provider
solution as shown in the diagram above. The service provider will
ng
send a default route to customer via BGP. The customer does
ni
not require to obtain a public unique registered autonomous
ar
system number that is visible in the Internet from IRR. The
upstream service provider will remove the
Le private autonomous system number from the received update
re information.
Mo
The use of BGP in this design solution allows the enterprise to
have a better control the incoming and outgoing traffic flow. It is
very useful when both of the links have different link bandwidth.
This is because route selection policy can be used for
proportionally traffic load balancing according to the bandwidth of
the link.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
The use of single enterprise border router might result in single
point of failure.
This single point of failure can h
t
be avoided by adding one or more
:
enterprise border routers.sEach of the enterprise border routers
c e links of the upstream service
is connected to one or several
provider. This kind ofrsolution still connects to single upstream
service provider.o
u
e sis still allowed to use the private autonomous
R
The enterprise
g
system number in this design. The advantage of using private
n system number is that the enterprise does not
i
autonomous
n to obtain a new public autonomous system number.
r
require
aThe use of BGP provides additional support for enterprise to
e
L define the route policies for incoming and outgoing traffic. In
re addition to the EBGP session with upstream service provider, the
Mo enterprise needs to establish full mesh IBGP sessions between
all the border routers and all the layer 3 devices that might
provide the cross-over to border routers. This is to ensure that
the traffic will not be sent to devices that do not have routing
information of the intended destination.
The enterprise network should distribute the default route from
each of the border routers. The default route can be advertised
only when the uplink is connected and activated. This prevents

the traffic from going to the border router along the default route
in the case where the uplink of the border router fails. This kind
of conditional advertisement can be achieved by the static
default route pointing to the interface, or by importing the default
static route received from BGP to IGP. In this context, the
conditional advertisement here is not referred to the BGP
e n
conditional advertisement feature. Other route information
m/
received from the upstream service provider should not be
c o
imported to any of the IGP process running on the border router.
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this design, the border routers need to establish the EBGP
h t
peer relationship with the routers of their upstream service
provider. Besides, the full IBGP sessions are established
s :
between all the border routers and any of the layer 3 devices that
c e
might provide cross-over to the border routers. The received
r
routing information might include only the default route, or even
u
o
the complete routing table. In this case, the routing information
s
e
received is the same as that of single router.
R
ng
The most common load balancing mechanism involves the use
of partial route selection information. This means that the
ni
enterprise network requests some of the routing information from
ar
its upstream service provider and use it together with the default
Le outbound filtering policies for reasonable load balancing. Finally,
route, or request the full routing table and modify the inbound or
re
Mo
the implementation method is dependant on the objective of the
enterprise. The easiest method is to use one of the links as the
primary connection while the other links are solely used for
backup purpose. The most difficult task is to achieve load
balancing evenly among multiple paths.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A single EBGP session is established between 2 routers. The
h t
EBGP session above use loopback address instead of the
physical address as the source. Each of the directly connected
s :
physical interfaces is configured with a static route pointing to the
c e
remote loopback address. This solution resolves the next hop IP
u r
address and the iterated route of next hop IP address is used to
s o
achieve load balancing.
e we must manually modify the TTL value of the
Please noteRthat
gcannot be established.
EBGP. Its value must be equal or greater than 2. Else, the BGP
n
i
session
n
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
EBGP multi-path provides another solution for traffic load
h t
balancing on multi-path links. An EBGP session is established for
each link between 2 routers. These EBGP sessions are directly
s :
bound to the physical interface addresses. The result
c e receive multiple path information with

is that both of the routers
u
one link representing rone path information. EBGP multi-path
s
allows all paths too installed on the router up to a maximum of
be
8 paths.
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The local AS65102 can reach the upstream AS100 via 2 different
h t
links. One of the link is configured as the primary link ( the link in
red color is primary link) and its responsibility is to transmit all the
s :
traffic. Another link is configured as the backup link (the link in
c e
grey color is backup link). When the primary link fails, all the
r
traffic will be switched over to the backup link.
u
s o
As shown in the diagram above, both primary and backup links
Re
advertise the route 200.100.0.0/24. However, the MED value of
ng
the route 200.100.0.0/24 is increased through the routing policy
on the backup link.
ni
ar
On the other hand, the local preference value of all the received
Le
IP prefix on inbound direction of the backup link is decreased
through routing policy. By doing so, the incoming and outgoing
re traffic can be distributed on the primary link.
Mo The private autonomous system number can be used within the

local AS65102.
AS 100 will remove the private AS number when it advertises the
route to the external neighbor.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This solution uses multiple local routers to provide multiple links
h t
that connect to the upstream autonomous system. In the
diagram above, 2 of the routers connect to the upstream AS100
s :
through EBGP peer respectively. Both of the links
implement load balancing
c e for the inbound and outbound traffic of
u r
local network 200.100.0.0/24 Both of the local routers advertise
s o
the route 200.100.0.0/24 as normal. At the same time, the /24
R e
route is subnetted into two /25 prefixes. Then, the /25 prefixes
g note that the /25 prefixes may not be installed in the

are advertised to the upstream AS100 through one of the routers.
Pleasentake
IP n i table of the device.
routing
a r
e Therefore, we need to add a static route on advertising router: ip
L prefixes can200.100.0.0
route-static 25 null 0. This is done to ensure the /25
re be advertised to the external peer successfully.
Mo The purpose of performing the subnetting is to allow the

upstream equipments match the routes as detailed as possible
and implement the load balancing base on the inbound traffic.
We can further subnet the /25 prefix if the perfect load
balancing can not be achieved by using the /25 prefixes. This
action can be continue until the perfect load balancing which is
close to 50/50 is achieved.
How to implement the load balancing for outbound traffic? We

can receive only partial routing information which is desired by
using route policies. Load balancing can be achieved by
configuring route policy based on different destination IP
addresses.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this kind of design, the EBGP peer relationship is established
h t
between the border routers of the enterprise and their upstream
ISP. In addition, the full mesh IBGP session is established
s :
between all the border routers and all the layer 3 equipment that
c e
might provide the cross-over to the border routers. The received
r
routing information might include only the default route, or even
u
o
the complete routing table. In this case, the received routing
s
e
information is the same as that of single router.
R
ng
The most common load balancing mechanism involves the use
of partial route selection information. This means that the
ni
enterprise network requests some of the routing information from
ar its upstream service provider and uses it together with the default
Le route, or request the complete routing table and modify the
re inbound or outbound filtering policies for reasonable load
Mo
balancing. Finally, the implementation method is dependant on
the objective of the enterprise. The easiest method is to use one
of the link as the primary connection while the other links are
solely used for backup purpose. The most difficult task is to
achieve load balancing evenly among multiple paths.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
This solution is similar to the implementation of multi-homed to
the same ISP.
t
h the enterprise network through
The traffic flow which enters into
the optimized route depend s :on AS-Path attribute.
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the diagram above, AS102 advertises the route
h t
200.100.0.0/24 on both up-links as normal. The backup link also
advertises the route and extends the length of the AS-Path.
s :
Therefore, the inbound traffic enters the enterprise network
c e
through the master link. At the same time, the backup can
provide redundancy.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This solution is similar to the implementation of multi-homing to
the same ISP.
The purpose for splitting the prefix
t
h is to allow upstream
equipments to match the s : route that have been splitted.
specific
c
By doing so, load balancing e base on inbound traffic can be
implement.
u r
But this methodscano not always be used. In this situation, to
extend the R e of the AS-Path also can implement load
length
g
balancing. After the routes have been advertised to different
ISPs, n
nitraffic flows on one of the links is obviously heavier
the traffic utilization rate on the links are monitored.
Ifrthe
e acompare to another link, then we can extend the AS-Path length
L on the link that has higher utilization rate.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the diagram above, AS102 advertise the route
h t
200.100.0.0/24 on both up-links as normal. At the same time,
one /24 prefix is split into two /25 prefixes.
s :
One of /25 prefixes is advertised to one side and one of the /25
c e
prefixes advertised to the other side. After the routes have been
u r
advertised to different ISPs, the traffic utilization rate on the links
s o
are monitored. If the traffic flows on one of the links is still
Re
obviously heavier compared to another link, then we can
ng
extend the AS-Path length on the link that has higher utilization
ni
rate.
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpnetwork with better
Why is multi-homing of networks necessary?
A: Multi-homed solution providestthe
redundancy, and abundant traffic h control solution.
:
2. How can inbound trafficsload balancing with multi-homing to
c e
rto different ISPs, the inbound traffic load
different ISPs be implemented?
u
A: For multi-homing
s oachieved by increasing the length of the
AS_PATH. R
e
balancing can be
It is recommended that the length of the AS_PATH
n
should beg increased by one each time. This is because we
can i
n control the traffic flow each time the length of the AS_PATH
isrincreased by one. Therefore, we should observe the traffic flow
a
Le and increase it gradually.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 1 BGP Troubleshooting Procedures
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Causes of BGP failure can be categorized into the following 3
types:
Mis-configuration h t
s :
e
Poor understanding on BGP or inaccurate configuration script
c
r
will cause mis-configuration. This will in turn result in a series of
u
s o
undefined errors between the BGP speakers.
Human beingeproblems
Human g
R
i n of routing protocol you are using. The following are
being problems can result in BGP failure regardless of
n of human being problems: use of wrong command,

the types
r
aexample
Le poor network design and so on
re Version Problems
Mo Poor understanding in the version information can result in
failure. For example, certain features supported by some version
only but not by others

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Troubleshooting Procedure˖
1. Discover the failure
h t
:
Collect and record the symptom of the failure
s
2. Collect information
c e
u r
Collect the information by using various BGP display command
s
3. Troubleshooting o
Re
Base on the symptoms collected and the checklist of previous
i ng
experience, troubleshoot the problem step by step according to
the procedure in the checklist until the problem is solved. Contact
n
ar
the technical support if problem cannot be solved.
Le 4.After
Summarize the experience
re the problem has been solved, record down the symptoms
Mo
of the problem discovered and its solution. The objective of doing
so is to share the experience with the engineers who provide the
support in future.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
BGP will not be able to form the neighbor relationship when error
t
occurs on one of the three points listed below:
TCP connection BGP uses thehTCP as the transport layer
s
protocol, its port number is :179.
If port 179 is blocked,c e will not be able to form the neighbor
u r BGP
relationship.
s o
Re
IP connectivity
g the reachability
In most of the cases, BGP peers rely on either static route or IGP
n
i of OPEN message
to provide
n
a r
Exchange
Le information
OPEN message is an important packet used to exchange the
re during the process of peer relationship

establishment. The information exchanged includes: AS number,
Mo update source address and capabilities of the BGP peer

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In addition to pay attention to the problems with regarding to the
h t
TCP connection, IP connectivity, and exchange of OPEN
message, configuration error is another common reason that
causes the failure of BGP.
s :
c
By default, the TTL value e for the EBGP update packet is 1.
Therefore, we need r
command when o
u to manually modify the TTL value by using
e s or non directly connected interface.
BGP forms the neighbor relationship through
R
loopback address
g
Besides, we need to aware that the mismatch of the source
n used to form the neighbor relationship will result in the
i
interface
n of EBGP neighbor relationship establishment.
r
failure
aIn addition to the establishment of EBGP peer relationship, we
e
L have to pay attention to the establishment of IBGP peer
re relationship as well. Similarly, the mismatch of the source
Mo interface used to form the neighbor relationship will result
in the failure of the IBGP neighbor relationship establishment.
Next, we need to pay attention to the other problems such as the
physical connectivity problem. The physical connectivity
problems will result in flapping of the link.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the diagram above, RTB in AS100 would like to form
h t
IBGP neighbor relationship with RTA in the same AS . Besides,
RTB in AS100 would like to form EBGP neighbor relationship
with RTC in AS200.
s :
c e are as below:
The symptoms of the failure
u rnot able to form the IBGP neighbor
1) RTA and RTB are
s
relationship with oeach other through loopback interface
e
2) RTB andRRTC are not able to form the EBGP neighbor
n g with each other through loopback interface

relationship
n
Basedi on the previous analysis that we have learnt, the reasons
a r might cause the failure in neighbor relationship
that
Le establishment are as follow:
re • TCP Port 179 is blocked
Mo • No IP connectivity
• Parameters abnormality in the OPEN message
• Configuration error in EBGP/IBGP
• Failure in physical layer or others

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
First of all, issue the "display bgp peer" command on RTB to
h t
check the BGP peer information. Please note that the state of
both of its peers is “Active”. This indicates that the TCP
connection has not been formed.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The “display tcp status” command can be used to check the TCP
port status of the local router.
The TCP port 179 of the 2 lines
t
has shown above is in the
s : that TCP port 179 is not blocked.
“Listening” state. This indicates
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
How can we determine whether the TCP port of the remote peer
We can use the debug command

t
is being blocked or not by using command line?
h to turn on the debugging
information. As shown in s : diagram above, 2 TCP packets with
the
c
port 179 are received frome 1.1.1.1 and 3.3.3.3 respectively. This
u
indicates that the portr 179 of the remote peers 1.1.1.1
s
and 3.3.3.3 is notoblocked.
After some R
e
careful analysis, we notice that the source address is
that i ngformsthethedestination
1.1.1.1 while address is 10.1.1.2. This indicates
r n of RTB through loopback address. Similarly,

RTA
interface
neighbor relationship with the physical
e aRTC forms the neighbor relationship with physical interface of

L RTB through loopback address as well.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
We have confirmed that the TCP port is not blocked. Next, we
h t
have to ensure that the IP connectivity exists between the BGP
speakers. The common method to check the IP connectivity is by
using “ping” command.
s :
c
To check the reachabilitye of 2 ends of the ports more precisely,
u r address of the ping by including the “-
we can specify the source
s o the “ping” command.
a” parameter right after
e diagram above, the IP connectivity is working
As shown inRthe
g
well from source IP 2.2.2.2 to destination 1.1.1.1.
n
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There is an IP connectivity problem between RTB and RTC. The
address of RTC. h t
ping result is time out from loopback address of RTB to loopback
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
From the IP routing table of RTB, we can observe that there are
h t
2 static routes with destination IP 1.1.1.1 and 3.3.3.3
respectively. This indicates the problem is not on RTB. This
s :
problem is due to RTC does not have the return path back to
c
RTB. This can be double e confirm by checking the IP routing table
of RTC.
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpbeen modified, and this
Next, check the configuration script of RTB and RTC.
The TTL value of the EBGP has t
h cannot be established between
causes the neighborrelationship
not
RTB and RTC. s :

e number of its peer 2.2.2.2 is incorrect.
On RTC, the specifiedcAS
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp source of BGP neighbor
We can create a checklist base on the collected information.
TCP connection Incorrect in the t
h update
: the TTL value of the EBGP

IP connectivity of RTC does not have the route to RTB
s
e
Configuration information Modify
update information oncRTB and RTC.
u r
s o AS number of the peer is incorrect.
On BGP, the specified
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp is formed by using the best
The TCP connection problem has to be solved first.
t
h However, the neighbor
By default, the BGP peer relationship
interface IP address of the source.
s : loopback address in this case.
relationship is formed by using
c e it by using “peer connect-interface”
Therefore, we need to modify
command.
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After the modification, IBGP neighbor relationship has been
in the “Active” state. h t

established successfully. However, the EBGP relationship is still
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
For the second step of the checklist, add a static route to
h t
destination 2.2.2.2 on RTC in order to solve the IP connectivity
problem. However, the EBGP peer relationship still has not been
s :
established. From the debugging information, the specified AS
c e
number of the peer is incorrect.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After the modification on RTC, the problem still persists.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
We can change the TTL value of the EBGP update packet to 2
solved after the modification. h t

by adding the “peer ebgp-max-hop” command. The problem is
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
Base on the troubleshooting case in the previous example, we
can conclude that:
• Take note to the common things
t
h below:
s :
e
1. Is TCP port 179 being blocked?
c
2. IP Connectivity
u r
s o
• For IBGP neighbor
following: e
relationship establishment, take note to the
R
g
1. Specified the update source address
n neighbor relationship establishment, take note to the
• ForiEBGP
r n
following:
e a1. Problem with regarding to the multi-hop EBGP
L 2. Specified the update source address
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 3 Troubleshooting the

Learning of BGP Routing Information
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
BGP only advertises the IP prefixes that have been installed in
the IP routing table.
Besides this, the subnet mask h
t
length of the IP prefix must be
matched exactly. s :
c e
u r
As shown in the diagram above, route 2.2.2.2/32 advertised by
o
BGP must be carried along with a 32 bit subnet mask, otherwise
s default subnet mask according to the class of
BGP will use the
R e
that IP address.
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Problem symptom: The EBGP neighbor relationship between
h t
RTB and RTC is established successfully. However, RTC does
not have the route towards 2.2.2.2/32 of RTB.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Check the BGP configuration by using “display cu configuration
bgp” command.
t
From the configuration, we canhobserve that RTB has advertised
routing information 2.0.0.0s : BGP 100 routing process. In this
on
c e subnet mask automatically. The 8
case, BGP will use the default
u r that has been assigned automatically is
bits default subnet mask
s
not match with the o bits subnet mask in the IP routing
32
table. As a R e BGP will not advertise this routing information
result,
ng can be solved by advertising the route together

entry to its peer.
Thisiproblem
r n the subnet mask information. The modification can be made
with
e aby using the following command:
L "network 2.2.2.2 255.255.255.225".
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
p :
How to become BGP route? There are 3 methods as follow:
Through network command The t IPtprefixes to be advertised by
using network command must h be installed in the IP routing table.
In addition, the subnet mask :
smask
length of the IP prefix to b
c
advertised and the subnete length of the route in the IP
routing table must u rexactly matched. We can configure a static
o point to the null interface if the IP prefix to be
route with nextshop
be
Renot available in the IP routing table.

advertised is
Throughgaggregate command .The IP prefixes to be advertised
i n aggregate command must be installed in the BGP
r n table.
by using
routing
e aThrough import command. The IP prefixes to be advertised by
L using import must be installed in the IP routing table.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTB and RTC from the previous example is used for the
h t
explanation. Assume that RTB does not want to advertise
2.2.2.2/32. Instead, RTB would like to advertise only 2.2.0.0/16.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Configure a static route: ip route-static 2.2.0.0 16 null 0. The
h t
purpose of doing so is to add a routing entry with 16 bits subnet
mask in the IP routing table. The entry 2.2.0.0/16 will be added to
s :
the IP routing table after the static route command is issued.
c e
As a result, RTB can successfully advertise 2.2.0.0/16 to RTC.
On the other hand,uwe r can also achieve the route aggregation
result by usings o “network” command together with the static
the
R
route as shown e above. Even though we can perform the
g route, it introduces administrative burden on the
aggregation by using the “network” command together with
n
n i
the static
a r
configuration task for the network administrator. Besides, the
Le functionality offered by the “aggregate” command.

functionality by using this method is not as perfect as the
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After the BGP neighbor relationship has been established,
t
exchange the routing information via UPDATE message
h to its peer
BGP advertises only the best route
s :EBGP peers, advertise it to all of its
e from IBGP peers, only advertise it
For the route received from
c
rsynchronization must be ensure first)
peers For the route received
u
o
to EBGP peers (the
s
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the diagram above, BGP routing table includes the
and the value of the BGP attributes. h t

BGP router ID, the meaning of the status code, routing entries
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTC advertise its directly connected route 10.2.2.0/30 to RTB.
RTA. h t
After RTB receives the routing update, it will not advertise it to
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
From the routing table of RTB, we can observe that RTB has
h t
learnt the routing information towards 10.2.2.0/30 from RTC.
However, 10.2.2.0/30 is not selected as the best route.
s :
Therefore, BGP will not send the route 10.2.2.0/30 to IP routing
table nor advertise it to e
c other BGP peer.
r learnt from RTC is not selected as the
u
oreason is fairly simple. Network 10.2.2.0/30 is
Why the route 10.2.2.0/30
best route? The s
e the link in between RTB and RTC. This implies
R
used to connect
g
that there is a direct route with preference value 0 on RTB. The
direct n
i route has the highest preference value in the routing table.
Asna result, RTB will not use the BGP routing update learnt from
a r
Le
RTC.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The solution is very simple, we can re-advertise the route
h t
10.2.2.0/30 by using “network” command on RTB. As a result,
RTA can successfully learn the network 10.2.2.0/30.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 3 Troubleshooting the Learning of

BGP Routing Information
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The sub-optimal path is generated due to inappropriate
h t
configuration of the metric value. Among others metric value that
can affect the BGP route selection are AS_PATH, MED and IGP
cost value.
s :
c
RT7 has received 3 updatee information from RT4, RT5 and RT6
respectively.
u r
o
These 3 updatesinformation carry different metric value as
e diagram above. In addition, the “next-hop-local”
indicated inRthe
g
command is issued on RT4, RT5 and RT8 respectively.
n
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
BGP will compare the routing information that has been received
h t
one by one according to their receiving order. The path that has
been selected by BGP at the end is regarded as the best path.
s :
First of all, the comparison is made between path 1 and path 2.
c e
Since the AS_PATH for path 1 and path 2 are the same. So, we
u r
will choose the path with lower MED value. According to the BGP
s o
route selection process, path 1 is better than path 2 because its
Re
MED value is lower.
ng
Next, the comparison is made between path 1 and path 3. By
i
default, BGP will not compare the MED value when the
n
ar
AS_PATH of path 1 and path 3 is the same. In the case, BGP will
Le 3 is selected as the best path since it has the lower IGP metric.
compare the IGP metric for path1 and path 3. At the end, path
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Similarly, make the comparison between path 1 and path 2
h t
according to the route selection process mentioned in the
previous slide. In this case, path 2 has been selected as the best
s :
route. Next, the comparison is made between path 2 and path
3. Ultimately, path 3 hasebeen selected as the best route.
r creflector, the selected best route will be
o u RT6.
Since RT7 is the route
reflected to RT4
e s and
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 4 Troubleshooting
BGP Path Selection
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Both RT4 and RT6 receive the reflected routing information from
EBGP routes over IBGP routes. h t

RT7. According to the BGP route selection process, BGP prefer
s :
Therefore, RT4 is still using its original routing entry which learnt
c e
from RT2 instead of the reflected route from RT5.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RT6 receives the reflected route from RT7 and a route from RT8.
h t
RT6 will make the comparison between these 2 routes. Since the
AS_PATH between these 2 routes are the same, RT6 will check
s :
the MED value of these routes. The route with lower MED value
c e
is preferred over the route with higher MED value. As a result,
u r
the reflected route from RT7 has been selected as the best route
by RT6.
s o
R e 1 has been selected as the best route, RT6 will
Once the path
g
send an UPDATE message to withdraw its original route sent
towardnRT7.
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Table above shows the routing table of RT7 after the route
received from RT6 has been withdrawn
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
From the example above, we can observe that the modified MED
h t
value of the route is sent from external As to local AS. By default,
the local BGP will not modify the MED value of the route
s :
received from the external AS. This will cause unpredictable
c e
result during the route selection process. How to solve this
problem?
u r
s o
We can set the MED value of the received route as 0 so that the
Re
MED value will not affect the BGP route selection. As a result,
ng
IGP cost will be used to affect the BGP route selection instead of
MED. This is to ensure the BGP uses the nearest exit point to
n i
transmit the data to external AS.
r note that this is only one of the solutions. Since BGP is a
aPlease
Le policy tool, it has many methods that be used to affect the BGP
re route selection. We will not discuss each of the methods in detail
Mo
here.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There are a lot of route selection parameters in BGP. Incorrect
h t
configuration of these parameters might result in abnormalities in
the BGP routing table. The major parameters that affect the BGP
route selection are:
s :
Between EBGP peers e
r c
AS_PATH
o u
MED
e s
R / ROUTER_ID
ORIGINATOR_ID
g
n IBGP peers
i
Between
n Cost value
r
IGP
aMED
e
L In addition to the parameters mentioned above, there are other
re
Mo
BGP parameters that can also affect the BGP route selection, for
example: community attribute, Local_Pref and so on.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
1. List down the things that need to be checked when
relationship establishment. h t
troubleshoot the problem with regarding to the BGP neighbor
s :
A: When troubleshooting the problem with regards to the
c e
establishment of the BGP neighbor relationship, we need to
u r
check whether or not the TCP port 179 is being blocked. Besides
s o
this, we must check whether the existence of IP connectivity
between the R e
neighbors. We also need to pay attention to the
g For example, the problems with regards to the
problem with regards to the EBGP/IBGP neighbor relationship
n
i EBGP and EBGP/IBGP update source. In addition, we
establishment.
n
a r to pay attention to the parameters in the OPEN message
multi-hop
Le such
need
as the correctness of the AS number and the configuration
re of the ROUTER ID. The problems of incorrect configuration due
Mo
to human error might contribute to the failure of establishment of
the BGP neighbor relationship.
2. List the things that need to be checked when troubleshooting
the problem with regards to the learning of BGP routing
information.
A: The neighbor will learn the routing information by exchanging
the UPDATE message once the neighbor relationship has been
formed. We have to pay attention to the principle of BGP route

advertisement. The IP prefixes to be advertised must be installed
in the IP routing table. In addition, the subnet mask length of the
IP prefix to be advertised and the subnet mask length of the
route in the IP routing table must exactly match. The IP prefixes
advertised by using the aggregate command must be installed in
the BGP routing table. On the other hand, we must issue the
e n
“peer next-hop-local” command if the IBGP next hop is not
reachable. m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m /
c o
Module 4 i .
we
Route Selection & Control ua
g.h
in
r n
e a
/ l
:/
ttp
h
s :
c e
u r
s o
Re
n g
ni
ar
Le
re
Mo
SDJH
e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
HCDP-IERN Module 4 Route Selection & Control
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
When we implement routing policy or policy-based route, we
h t
should first filter the specified route information or data packet.
Different filtering tools can be used according to different filtering
s :
objects. Generally, access control list and prefix-list can be used
c e
to match IP address, but prefix-list can not filter data packet, it
r
can only filter routing information. So we should first know the
u
o
match object, route or data, and then choose the proper tool.
s
R e
As-PATH-FILTER is used to match AS-PATH attribute in BGP
g
route information, so it can only filter BGP route.
n
i
Community-filter is used to match community attribute in BGP
n information, so it only can filter BGP route .
r
route
aRoute-policy is a powerful filter tool, it is not only a filter but also
Le a policy tool. As a filter, it can match route and data packet by
re using if-match sentence, if-match sentence can also transfer
Mo other filters. As a policy tool, it can modify route attribute or
forwarding behavior of data packet by using apply sentence.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Access control list can match not only data packet but also route
information.
t
h source IP address.
Basic access control list can match
:
Advanced access controlslist can match source IP address,
c esource port number, destination port
rnumber.
destination IP address,
u
o
number and protocol
s
Re
Interface-based Access control list can match interface.
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There are two kinds of match orders: Configuration sequence
and Automatic sequence.
Configuration sequence: Matches
t
h the ACL rules according to
s : sequence adopts depth-first
their configuration order Automatic
principle.
c e
u r matches the ACL statement according
s o principle. For example, 129.102.1.1 0.0.0.0
The “depth-first” principle
to the longest match
indicates a R e 129.102.1.1, but 129.102.1.1 0.0.0.255
host:
g the former rule will be matched first in access control
indicates a network segment: 129.102.1.1 ̚ 129.102.1.255.
n
i detailed standard is:
Obviously,
n
a r
list. The
Le For the basic access control list. The router matches ACL rule
re according to the source wildcard mask. Then match the
Mo
configuration sequence if two rule got the same source wildcard
mask. For the interface-based access control list. The rule “any”
should be back, the other rule can be according to configuration
sequence. For advanced access control list, compare wildcard of
source address first, then compare wildcard of destination
address, at last compare port range, the smaller should be
ahead. If the port range is the same, then adopt configuration
sequence.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The result of this ACL is to only match the route entity with the
first 2 bytes "1.1".
t
h so the network 1.1.1.1/32,
The last 2 bytes will be ignored,
: matched.
1.1.1.0/24 and 1.1.0.0/16sare
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
This ACL means that all the 32 bits of route must be match. So
t
finally only one route entity 1.1.0.0/16 is matched.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Please remember that “0” means the routing entity must strictly
h t
match and “1” means the routing entity can be ignored. So
convert decimal wildcard mask 0.0.254.255 into binary that is
s :
“00000000.00000000.11111110.11111111”. This binary wildcard
c e
mask means that the first 16 bits and the 24th bit must be strictly
r
match, and the others are ignored. The conclusion is that the first
u
o
16 bits must be “1.1”
s
Re
and the 24th bit must be “1” also. So network 1.1.1.1/32,
ng
1.1.3.1/32, 1.1.5.1/32 are matched, the other routing entity are
not matched.
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
There is actually more than one rule that can be configured in an
h t
ACL. For this example, we configured 4 rules in ACL 2001.
“1.1.1.1/32” matches “rule 0”, permit.
:
“1.1.1.0/24” matches “rules1”, denied.
c e 2”; permit.
r
“1.1.0.0/16” matches “rule
u
s
“1.0.0.0/8” can noto match the first three match conditions, so it is
Re 3”.
filtered by “rule
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using an ACL is is possible to match the prefix of a route, but for
h t
routes with same prefix, but different masks, how can they be
distinguished ? In this case, a prefix list can be used.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Prefix list can filter IP prefix, match prefix number and prefix
h t
length; the performance of prefix list is higher than access control
list. But the prefix list can not filter data packet.
s :
For example˖ip ip-prefix test index 10 permit 10.0.0.0 16
c
greater-equal 24 less-equal 28 e
u r
o
Prefix number must be 10.0
s
Re
24<=prefix length <=28
The routes that satisfy the condition are as followings:
ng
10.0.1.0/24, 10.0.2.0/25, 10.0.2.192/26
i
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
For this prefix list, “index 10” defines two match condition: one is
“1.1.1.0 24 ” indicates that the h

t
“1.1.1.0 24 ”, the other is “greater-equal 24 less-equal 24”.
first three bytes of prefix must be
“1.1.1”; s :
c e
u r
Āgreater-equal 24 less-equal 24”indicates that mask length of
condition. s o
route must be 24 bits. So, only “1.1.1.0/24” satisfies the match
Notes: prefix
e
R can define multiple “index”
lists
n g
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
AS-PATH attribute is used to record the AS the route passes
h t
during the transmission. If one route originates from AS100,
passes through AS300, AS200, AS500ˈand reaches AS600 at
s :
last, then in AS600, the AS-PATH attribute of the route is ‘500
c e
200 300 100’. AS-PATH attribute is a string in fact, so we can use
u r
regular expression. Regular expression uses some special
s o
symbols to express special signification.
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Regular expression is very flexible, the same signification can be
expressed in many ways.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Community attribute includes Well-known community attribute
and private community attribute.
Well-known community attribute
t
h includes: internet, no-advertise,
s
no-export, noexport-subconfed.:
c e is manually defined, it adds
rprefix in order to constitute corresponding
Private community attribute
u
management tag to
s o is AS:NUMBER.
policy and the format
Re
Advanced community list can use regular expression to match
n g attribute.
community
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Route-policy is a powerful filter tool and policy tool. Each Route-
h t
policy node comprises a set of if-match and apply clauses. If-
match sentence can match ACL, ip-prefix, as-path-filter,
s :
community-filter, interface, ip, extcommunity-filter, cost,
c e and so on. Apply sentence can modify

mpls-label, route type, tag
route attribute.
u r
o to control routing information such as route
Route-policy issused
Re attributes.
filtering or route
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The route in routing table matches the node of route policy
according to the sequence.
First, it defines prefix list Pref1h
t
to match 5.5.5.5/32 and
1.1.2.0/24, the item that can :
s match the prefix list is denied by
node 10 of route policy.e
r cbe seen.
So in the filtered routing table, 5.5.5.5/32
u to filter 6.6.6.6/32, although the node 20
and 1.1.2.0/24 can not
oused
Prefix list Pref2sis
Reis “permit”, 6.6.6.6/32 is filtered.
of route policy
Node 30gof route policy defines two if-match sentences, it should
i nACL 2001 and the next-hop should match ACL 2002 at the
r n time; the route item that matches ACL 2001 includes:
match
same
e a1.1.3.0/24, 1.1.3.0/25 and so on 4 routes in total. But if it want to
L satisfy node 30, it should satisfy that the next-hop is 13.13.13.1.
re So only two routes satisfy the condition, the cost of them are
Mo modified to 21 by the apply sentence.
The left routes are 1.1.3.0/24 and 1.1.3.0/25 whose next-hop is
34.34.34.2, they try to match node 40. Route 1.1.3.0/25 can
match prefix list Pref3,and the cost is modified to 11.
The last route 1.1.3.0/24 will be reserved by node 50.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Q˖Which route selection tools are introduced in this section?
h t
A˖ACL; IP-Prefix list; AS-Path-Filter˗Community
Routing-Policy.
Filter˗
s :
c e
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
On RTA, OSPF runs only over network segment 11.0.0.0, in
h t
RTA’s routing table, 2.2.2.2 and 10.0.0.0 are direct network
segment; before configuring route import, 2.2.2.2 and 10.0.0.0
s :
will not be advertised to RTB; in RTB’s routing table, there is
c
no any information aboute 2.2.2.2 and 10.0.0.0 network segment.
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
If import direct route into OSPF on RTA, RTA will advertise route
h t
information about network segment 2.2.2.2 and 10.0.0.0 to RTB,
so, on RTB, we can see route about network segment 2.2.2.2
s :
and 10.0.0.0, they are learnt by OSPF (Proto filed is O_ASE,
c e
namely , OSPF external route).
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
On RTA, we configure a static route destined for 2.2.2.2. if route
h t
import is not configured on RTA, this static route will not be
advertised into OSPF routing domain automatically.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTA, importing static route is configured, network segment
t
2.2.2.2 will be advertised to RTB through OSPF.
h segment 10.0.0.0, and
OSPF does not run over the network
network segment 10.0.0.0sis : not static route but direct route. So
c e to RTB.
10.0.0.0 will not be advertised
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
In this network, OSPF and RIP run at the same time, OSPF runs
h t
over network segment 11.0.0.0, RIP runs over network segment
10.0.0.0 and 2.0.0.0. RTB doesn’t have any route information
s :
about network segment 2.0.0.0 and 10.0.0.0 before importing
route.
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Import RIP into OSPF on RTA, then RTB can learn route
Note: h t
information about network segment 2.0.0.0 and 10.0.0.0.
s :
e
In RTA routing table, although 10.0.0.0 is a direct connected
c
r
network, RIP is running on network segment, so it is imported
u
into OSPF.
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In general, one protocol is enough. But in some cases, we
should configure route import.
1. The mergence of organizations
t
h implementing different
s
protocols For example, company: A implements OSPF, while
company B implementseISIS and A and B will combine into
r c of A and that of B want to communicate
ucase, route import is needed.
company C. The network
o
es use different protocols, and the networks
each other, in this
2. DifferentR
networks
g
need to share route information A large-scale network may be
made n
ninetworks is different, some run RIP, some run OSPF
of many small-scale networks, the complexity of the small-
a r can support more network types than ISIS), the other run
scale
Le ISIS.
(OSPF
To implement the intercommunication of small-scale
re networks, route import is needed.
Mo 3ǃThe limitation of network protocol

Dial-up network is accounted by time, so generally, Dial-up
network is used as backup link; if the master link is normal, Dial-
up link does not work. In Dial-up network, ISIS protocol is not
suitable (OSPF protocol has the special design for Dial-up link),
because ISIS sends packet periodically, which will lead that the

Dial-up link is UP state even though the master link is normal. In

general, static route is configured on Dial-up link, and then import
static route into ISIS.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
In the network, ISIS and RIP are running at the same time. RTC
h t
and RTB are ASBRs. On RTC, import RIP into ISIS. Network
segment 2.2.2.2 will be advertised to RTA by ISIS, and then RTA
s :
will advertise it to RTB. RTB learns route 2.2.2.2 from RIP and
c e
ISIS at the same time, then RTB will compare the preference of
r
ISIS and RIP, the preference of ISIS is 15, the preference of RIP
u
o
is 100, RTB will choose the route advertised by ISIS.
s
Re
RTB will choose the sub-optimal path RTB-RTA-RTC-RTD to
ng
send data packet to 2.2.2.2. So when configure route import,
sub-optimal route is avoided. But how to avoid? It is introduced in
ni
the following course .
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTA imports direct route 2.2.2.2 into OSPF, OSPF will advertises
h t
it to RTB, and RTB will advertise to RTC and RTE by the ASE
route (preference is 150). On RTE, importing of OSPF-ASE
s :
is configured, and imports 2.2.2.2 into ISIS. On RTC, importing
c e
ISIS is configured, and imports the ISIS routes into OSPF. The
u r
network segment 2.2.2.2 is advertised into OSPF by ISIS, which
s o
is called route feedback. RTB learns route about DEST
from RTA andR enow also from RTC, and because the preferences
g
are the same (all are OSPF ASE routes), it compares the metric
value.nIf RTB chooses the route advertised by RTC, a loop will
ni For example, RTD sends a packet to 2.2.2.2, the packet
a rsent to RTE and RTB, and then RTB forwards it to RTC, then
occur.
Le RTD, at last, the packet goes back to the originator.

is
re
Mo
In complex environment, loop should be avoided carefully, but
how to avoid? It is introduced in the following section.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
From the routing table, we can see that loop has occurred.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Different routing protocols calculate route metric according to
h t
different elements, the metric value is different. The metric range
is also different. The metric of ISIS and OSPF can be based on
s :
bandwidth, and the value range is large; the metric of RIP is
c e
based on hop, the range is small, so when we configure ISIS and
r
RIP import or OSPF and RIP import, we must be careful
u
o
(Fortunately on VRP, when import OSPF or ISIS into RIP, if cost
s
Re
is not appointed, the value defaults to 1. Even so, we should
configure metric manually so as to reflect real topology).
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 2 Filtering Route
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As referred before, route import may lead to sub-optimal route
h t
and route loop, then, we can adopt route filter to avoid the
problem. Besides, route filter can ensure the route import and
advertisement precisely.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
In this network, ISIS and RIP are running at the same time. RTB
h t
and RTC are ASBR. On RTC, import RIP into ISIS. Network
segment 2.2.2.2 is advertised to RTA by ISIS, then RTA
s :
advertises it to RTB. RTB learns route 2.2.2.2 from RIP
c e it will compare the preferences of

and ISIS at the same time,
u r
ISIS and RIP, the preferences of ISIS is 15, the preferences of
s o
RIP is 100, so RTB will choose the route advertised by ISIS. RTB
sends packeteto 2.2.2.2 along the sub-optimal path RTB-RTA-
RTC-RTD. R
Here, n
g
ni2.2.2.2 from ISIS and RIP, and it choose the route learnt
the reason causing sub-optimal route is that RTB learns
r ISIS. We can configure route filter on RTB to filter ISIS
route
afrom
Le route, in this way, RTB will use RIP route to forward data packet
re so as to avoid sub-optimal route.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Configure filter-policy on RTB to filter ISIS route 2.0.0.0, then RIP
t
route 2.0.0.0 is listed in routing table.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
RTA imports direct route 2.2.2.2 into OSPF, and set the metric as
h t
2, OSPF advertises 2.2.2.2 to RTB, RTC, RTE as ASE route
(preference is 150). On RTE, importing OSPF-ASE is configured
s :
to import 2.2.2.2 into ISIS. On RTC, importing ISIS is configured
c e
to import ISIS route into OSPF, network segment 2.2.2.2 is
u r
advertised to OSPF by ISIS, which is called route feedback. In
s o
this case, RTB learns route 2.2.2.2 from RTA and RTC at the
R e
same time. Because the preference is the same ( OSPF ASE
ng
route), it compares metric value, if RTB choose the route
advertised by RTC, loop occurs. For example, RTD sends packet
ni
to 2.2.2.2, packet is first sent to RTE, and then to RTB; because
ar
RTB choose RTC route, RTB sends packet to RTC, RTD, and at
Le Here, route loop is caused by route feedback. So, as long as we
last, reaches the originator.
re
Mo
filter 2.2.2.2 when configuring route import on RTC, route loop
can be avoided.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
On RTC, route policy can be used to filter route 2.0.0.0 when
t
importing IS-IS routes into OSPF, so as to avoid routing loops.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
When we advertise routes, it is not expected to advertise private
route information of private network. h t

route to public network, sometimes, it is necessary to hide the
s :
Route filter can be used to control the advertisement of route
information precisely.
c e
u r
s o
When import route, it is not expected to import all the routes but
only some special ones, route filter can be used to control route
Re
import precisely.
ng
In this example, routing table has three types of private routes,
i
nwe need to define prefix list to filter private route. "ip ip-prefix P1
ar
index 5 deny 10.0.0.0 8 greaterequal 8 less-equal 32" can filter
Le
private route 10.0.0.0~10.255.255.255; "ip ipprefix P1 index 10
deny 172.16.0.0 12 greater-equal 16 less-equal 32” can filter
re
Mo
route 172.16.0.0~172.31.255.255; "ip ip-prefix P1 index 15 deny
192.168.0.0 16 greater-equal 16 less-equal 32"can filter route
192.168.0.0~192.168.255.255; "ip ip-prefix P1 index 20 permit
0.0.0.0 0 less-equal 32"permits other routes to pass.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Route filter can only filter route information, link state information
h t
can not be filtered. For OSPF, only type 3,5,7 routes can be
filtered. The filter direction can be ingress and egress. For link
s :
state routing protocol, for example OSPF and ISIS, filtering route
c e
at ingress can not prevent the transmission of link state
r
information, it can only prevent the route from being added to
u
o
local routing table, its neighbors still can receive complete link
s
e
state information and calculate the route.
R
ng
Route filter can filter route imported from other protocols, for
example, importing RIP route into OSPF, OSPF can use route
ni
filter to filter some RIP route.
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The routing protocol preference defined by different
h t
manufacturers is different. The function of preference is to
distribute preference to routes discovered by different
s :
protocols, then when a router learns the same route from
c e
different routing protocols, it can choose the route according to
the preference.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Float static route is a typical application for preference of routing
h t
protocol. In many cases, master/backup links are used to
connect remote network. Dynamic routing protocol runs on the
s :
master link, for example OSPF,ISIS and so on. Backup link is
c e and accounted according to the

Dial-up link, it is expensive
connection time, so r
dynamic routing o
u on the Dial-up link, we do not configure
e s If the master link is normal, router can learn the
protocol but configure a static route to the
same routeRfrom OSPF and static configuration. But the

remote network.
n g of static route is lower than that of OSPF, router

preference
ni OSPF route and data packet will is forwarded
chooses
a r master link. If the master link is down, OSPF neighbors
Le are
through
disconnected, the OSPF route is invalid and cleared from the
re routing table. In this case, the static route is valid and added into
Mo
routing table, the data packet is forwarded though backup link.
When the master link restores OSPF neighbor relation is
established again, the OSPF route replaces the static route and
the backup link is down again.
This kind of configuration not only saves cost, but also strengths
reliability of the network. But it can not implement load balance.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this example, RTA has two links connected to RTB and
h t
interface S2 establishes neighbor relationship with RTB and
learns the route about network segment 2.2.2.2; besides, the
s :
static route destined for 2.2.2.2 is configured and the egress
of the static route is S3.eIf the two links can works normally, RTA
c
choose OSPF routerto 2.2.2.2. In the routing table, we can see
o ufor network segment 2.2.2.2 is learnt by
s
the route destined
e
OSPF.
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
If there is something wrong with the link above, RTA and RTB
h t
cannot exchange hello packet, so the neighbor relation is invalid
and the route 2.2.2.2 learnt by OSPF in the routing table of RTA
s :
is valid. In this case, the static route configured before occurs in
c e
the routing table and RTA can access 2.2.2.2 through interface
S3 .
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Sometimes, we need to use new routing protocol to replace the
h t
current routing protocol and as much as possible to reduce the
broken time of network during transition.
s :
For example, the network is running OSPF, which is to be
c e
transitioned to ISIS. The two type of protocols can run at the
u r
same time on every router. Modify the preference of the two
s o
protocols, so that ISIS can only run backstage at first. After
R e ISIS neighbor relationship and LSDB are in good

confirming that
g
condition, modify the preference of ISIS and make it replace the
n
n ibackstage steps includes:
current routing protocol.
a r
The
Le 1ǃOnly OSPF runs in the network, check both hardware and
re software , upgrade to insure hardware and software can support
Mo
transfer.
2ǃConfigure ISIS, set proper preference, insure that ISIS only
runs backstage; in this case, ISIS link state database is
established on every router, but routing table and forwarding
table dose not change. In this phase, verify the ISIS running
state, only each router has established LSDB and all the
expected LSP is existed in database, ISIS route that can reflect
IP routing table can already be generated,
this phase can be ended.

3ǃChange preference and make ISIS replace the primary IGP,
so that ISIS can run front stage.
4ǃDelete the primary IGP after the network work normally.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Adjusting preference of a routing protocol properly can avoid
sub-optimal route.
t
h of ISIS on RTB and then
In this topology, change preference
s :
RTB chooses RIP route preferentially to avoid sub-optimal route.
c e
Note:
r
u preference, we must be careful and
o
When adjusting protocol
s that causes route confusion.
e
avoid new problem
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp pref 150) to both RTC and
In this example, direct routes are imported into OSPF in RTA.
h
1.RTB advertises 2.2.2.2/32(ospf-ase
RTE.
t
s : pref 150) is imported to ISIS. So
e routing table,but it is an ISIS routing
2.In RTE, 2.2.2.2/32(ospf-ase
c
rwill receive 2.2.2.2/32(isis pref 15) from
2.2.2.2/32 will be in RTD’s
u
with pref 15 3. RTC
RTD. Also please s oremember at step1 RTC received
Re pref 150) from RTB.RTC choose
2.2.2.2/32(ospf-ase
n g pref 15) as best route because of lowest pref.

2.2.2.2/32(isis
n i suppose now we import ISIS into OSPF in RTC now,

4. Just
a r will be two 2.2.2.2/32 (both are ospf-ase pref 150)items in
there
Le RTB’s routing table.But one is from RTC with RTC as next
re hop(this one will cause loop), another one is from RTA with RTA
Mo
as next hop.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Now if we change isis preference in RTC as shown in the slide.
Let’s look at what will happen.
Step1 and Step2 are same. h t
s :
e
3. RTC will receive 2.2.2.2/32(isis pref 15) from RTD. But we
c
r
already changed the preference in RTC. So RTC will think the
u
s o
preference of 2.2.2.2/32(isis ) is 160. Also please remember at
step1 RTC received 2.2.2.2/32(ospf-ase pref 150) from
R e
RTB.RTC choose 2.2.2.2/32(ospf-ase pref 150) as best route
ng
because of lowest pref.
i
n
4. Just suppose now we import ISIS into OSPF in RTC now, just
ar
because now in RTC’s routing table,2.2.2.2/32 is ospf-ase
Le So finally, RTC choose 2.2.2.2/32 (ospf-ase pref 150) with RTB
routing, it will not be ‘re-imported’.
re
Mo
as next-hop, RTB will use2.2.2.2/32 (ospf-ase pref 150) with RTA
as next-hop, RTD choose 2.2.2.2/32 (isis pref 15) with RTE as
next-hop. No loop occurs.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
It is complex for OSPF to distribute default route. Different area
differently. h t
types and configuration position distribute default route
s :
The area type of OSPF includes: ordinary area, STUB area, total
STUB area, NSSA area.
c e
u r
s o
The area defaults to general area. General area can be standard
area or backbone area. Standard area is the most common area,
R e
it carries intra-area route, inter-area route and external area
ng
route. Backbone area connects other OSPF areas together. In
i
general area, default route is not be generated in default.
n
ar
We can configure forced advertisement default route or non-
Le If non-forced advertisement is configured, a router advertises a

forced advertisement TYPE 5 route on ASBR.
re
Mo
default route only when an active default route that is not
advertised by the it's own OSPF process, exists in the routing
table. it advertises default route. At the same time, router learns
TYPE5 default route advertised by other OSPF routers.
If the default route advertised by other OSPF router is prior than
the active default route in the local routing table, the router will
use the route advertised by OSPF route and stop advertising

TYPE5 default route. If forced advertisement is configured, no

matter whether default route exists in the routing table, the router
advertises default route. At the same time, it does not learn
TYPE5 default route advertised by other OSPF routers.
TYPE5 LSA is flooded in the whole routing domain.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Distribution of default route for OSPF is complex, for the details,
please refer to the table above.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The network above is popular in the real network. AS100 has two
h t
egress routers RTC and RTD that connect to AS200, EBGP
neighbor relationship is established between RTE and RTC, as
s :
well as RTF and RTD; IBGP neighbor relation is established
c e
between RTE and RTF, as well as between RTC and RTD.
u r
AS100 is an OSPF routing domain.
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
AS100 does not need to know all the BGP routes of AS200, so
RTF. h t
distribute the BGP default route to RTC and RTD from RTE and
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Import OSPF route into BGP and then AS200 can forward the
data packet to AS100.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
RTA and RTB do not run the BGP protocol, so they can not
h t
access AS200. RTC and RTD distribute OSPF default route
forcibly and then RTA and RTB can use default route to send
s :
data packet to egress router RTC and RTD , RTC and RTD can
c e according to BGP default route.

forward data packet to AS200
u r
s o
Re
n g
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RTA and RTB learn OSPF default route from RTC and RTD, to
table. h t
form load balance, which can be verified according to the routing
s :
When RTA or RTB send packets to AS200, some packets
c e
choose RTC as the egress, while others choose RTD.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This kind of network can work well if link is normal, but once the
link is down, problems occur.
In the network, the up link of RTD
t
h is down, RTD can not learn
BGP default route from RTF, s : but it can learn default route from
RTC (the next-hop of RTD
c e default route is 3.3.3.3, this is the
loopback address ofrRTC). RTA and RTB can still access AS200,
but partial traffic o
u
es
go through the link between RTC and RTD,
which is theRsub-optimal route. moreover, if the network is not
g
well designed, congestion occurs between RTC and RTD.
n
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The more serious problem is that the up link of RTD and link
h t
between RTC and RTD are both down at the same time. In this
case, RTD can neither receive EBGP default routes from RTF,
s :
not IBGP default route of RTC through the link between RTC and
c e
RTD. But the IBGP neighbor relationship between RTC
u r
and RTD is valid, so RTD can learn IBGP default route
s o
advertised by RTC through RTA and RTB, and implement load
Re
balancing. When RTB sends data packets to AS200, because of
ng
the load balancing, partial packets are sent to RTC, which sends
the packets correctly according to EBGP default route; other
ni
packets are sent to RTD, so problem occurs now, RTD checks its
ar routing table and finds two default routes, one is destined for
Le RTA, and the other is destined for RTB, RTD also implements
re load balancing and sends partial packets to RTB, thus a loop
Mo
occurs.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
How can this problem be avoided? Configure advertisement
To solve the problem mentioned

t
default route on RTC and RTD non-forcibly.
h before, configure non-forced
advertisement default routes :on both RTC and RTD.
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Besides, adjust preference of routing protocol on RTC and RTD
h t
to make the EBGP route preference higher than that of OSPF,
and OSPF route preference higher than that of IBGP.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
When the uplink of RTD is down, RTD cannot learn EBGP
h t
default route from RTF, but it can learn IBGP default route from
RTC. In the routing table of RTD, only OSPF default route exists
s :
(the preference of OSPF is higher that that of IBGP).
c
According to the condition e of non-forced advertisement default
u r routing table , OSPF default route learnt
route, that exists in it's
s o dose not advertise any default route. On
from other routers, RTD
RTA and RTB,
R e only one default route pointing to RTC exists. RTA
g
and RTB will take RTC as the egress to send packets to AS200.
n
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When the two links are down, RTD does not advertise a default
t
route, therefore the problem can be avoided.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp of the priority of a routing
Q˖Which routing policies are introduced in this section?
h t
A˖Route import; route filter; adjusting
protocol; default route advertisement.
:
Q˖How can sub-optimalsroutes be avoided?
c eand the changing priority of routing
r
A˖Through route filter
protocol can avoidusub-optimal routes.
Q˖How cane so loops be avoided?
R routing
g
A˖Route filtering and by changing priority of routing protocol
can benused to avoid routing loops.
n i is the difference between a forced advertisement and
a r
Q ˖What
Le A˖ A ĀNon-forced advertisement” should satisfy some

a non-forced advertisement?
re conditions (for example, a specified route exists), a “forced

Mo advertisement” can advertise a default route without
satisfying any condition.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Policy-based routing mainly controls the forwarding of packets,
h t
namely, the router can forward the packet according to the
routing policy instead of the routing table (because the general
s :
forwarding needs to lookup the forwarding table, but after
c e not need to lookup forwarding table

configure the policy, it does
anymore).
u r
Routing policy s o controls the route information import
mainly
(which routeR e
information can be imported, which can not),
greceiving (control the receiving or discarding of
distribution (which information can be advertised out, which can
n
i ).
not) and
n
ar
information
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this topology, if there is no load balancing, the route for
h t
destination 5.5.5.5 in RTA routing table goes though RTB or
RTC. We can configure policy-based route on RTA to make the
s :
packet from 1.1.1.1 be forwarded to 5.5.5.5 though RTC and the
c e
packet from 1.1.1.2 be forwarded to 5.5.5.5 though RTB.
u r
Define the match rule of the policy-based route
s o
1ǃEnter into system view˖system-view
Re
2ǃCreate policy or policy node˖policy-based-route po licy-
ng
name { deny | permit } node node-id
i
n
3 ǃConfigure match condition of IP packet length ˖ if-match
ar
packet-length minimum-length maximum-length
Le number
4ǃConfigure match condition of IP address˖if-match acl ac l-
re Policy include multiple policy nodes, which are appointed
Mo
by sequence number node-id. The smaller the value, the higher
the prior is, the corresponding policy is implemented first. If
create policy-based-route repeatedly, the new configure will
covers the old one. The particular content of policy is appointed
by if-match and apply sentence.
“Permit” means to implement the policy-based route on the
packet that satisfies the match condition, “deny” means

oppositely. IP unicast policy-based route provides two methods to

define packet: match according to the packet length and ACL rule.
One item of policy can include multiple if-match sentences.
Define the policy-based route
1ǃEnter system view˖system-view
2ǃCreate policy or policy node˖policy-based-route po licy-name {
deny | permit } node node-id
e n
3ǃConfigure the priority of a packet˖apply ip-precedence p
m/
recedence
c o
4ǃConfigure the default next-hop of packet˖apply ip-address default
i .
next-hop ip-address1 [ ip-address2 ]
we
5ǃConfigure default egress of a packet˖apply default output-
ua
.h
interface interfacetype1 interface-number1 [ interface-type2 interface-
number2 ]
n g
6ǃConfigure the next-hop of a packet˖apply ip-address
n i next-hop i p-
address
ar interface-
7ǃConfigure egress of a packet˖apply output-interface
l e
/
type1 interfacenumber1 [ interface-type2 interface-number2 ]
/ access-vpn vpn-instance
8 ǃConfigure access VPN instance ˖ apply
p :
vpninstance- name&<1-6>
tt
h
“Apply” sentence is used to guide the forwarding of the packet that
:
satisfies the match rule. One policy can include multiple “apply”
s
sentences.
If we configure multiple c
e
u r traffic can implement load balance among
next-hops or egresses, it adopts load balance
multiple nexthops o
to forward packets. The
s or egresses. If egress and next-hop are configured
e only implements load balance among egresses.
R
at the same time, it
Note:
g
Egressncannot be ethernet interface or other broadcast interfaces.
n iApply policy-based route
ar
Le effect policy-based
apply route in system view, in this case, it only takes
e
on local generated packet;
r
Mo
Start local policy-based route
1ǃEnter into the system view˖system-view
2ǃEnable local policy-based route˖ip local policy-based-route po
licy-name Local policy route can only take effect on local generated
packet. Only one local policy can be configured.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Q˖What is the difference between policy-based route and
routing policy?
A˖ Policy-based route controls
t
h the forwarding of packets,
s : the packet according to the
namely, the router can forward
routing policy instead ofethe routing table (because the general
forwarding needs tor
c
o u it does not need to lookup forwarding table
lookup the forwarding table and after
any more). es
configure the policy,
R
g
Routing policy controls the route information import (which route
n can be imported, which one can not), distribution
i
information
n information can be advertised out, which one can not) and
r
(which
areceiving (control the receiving or discarding of information ).
e
L Q: What is the function of policy-based route?
re
Mo
A: Compared with traditional routing protocol, it can provide more
powerful control of forwarding and storing packets for network
management. The network manager can choose the forwarding
path according to not only destination address but also the
protocol type, packet size, application, source IP address or
other parameters. It can also control load balance among
multiple routers, QoS for packet forwarding on single link and so
on.
e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
e n
m /
c o
Module 5 i .
we
Multicast ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
SDJH
e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
HCDP-IERN Module 5 Multicast
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 1 Introduction of Multicast
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When transmitting with the unicast mode, the system creates a
h t
data transmission channel and sends a copy of the information
for each subscriber who requested for the information. Thus,
s :
when a lot of users request for the same information
at the same time, there e
c is load of duplicate flows in the network.
ur mechanism for one-to-one
While unicast is a simple
communication, o
es to its knees due to its huge bandwidth
for one-to-many communication
it brings theRnetwork
demands.
n g
When
n i transmitting with the unicast mode one receiver receives
a r
one copy from the sender. The bottleneck effect on bandwidth is
Le increase as the number of users increases. The unicast

a big problem as the number of transmissions made will
re
Mo
mode is better applied to networks with fewer users instead of
environments where messages are sent on a larger scale.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In broadcasting, the system sends the information to all the users
h t
in a network whether they need it or not, which undermines
information security and impairs charging efficiency. Moreover, if
s :
only a few receivers request the data, the network resources are
c e
used and the bandwidth is wasted.
u r
So, the broadcast mode is suitable for networks with a high
s o
density of users. If the number of users who request for the
Re
same information is not clear, neither the unicast nor the
ng
broadcast mode is a wise choice.
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The information sender or the multicast source sends only one
h t
copy of the information to the network and creates tree-shaped
routes by the multicast routing protocol to let the network
s :
intelligently replicate the packet only where it needs to,
c e
which helps conserve bandwidth and network resources both on
the sending and ther
u receiving end of a transmission.
o on the group. Receivers in one group use the
s
Multicast is based
e address as the destination address. As shown
R
same IP multicast
g group and then they can receive data.
in the diagram above, Receiver A and Receiver C joined the
n
i with the unicast mode, multicast does not dramatically
multicast
n
r the burden of the network when the number of users
Compared
aincrease
Le hikes. Whatever how many receivers are there in the network,
re there is only one data stream with the same information. And
Mo unlike the broadcast scheme which requires the source to send
an individual copy to each receiver, multicast conserves network
resources by sending packets only to receivers who are
interested in the information.
In the multicast mode:
The information sender is called the “multicast source”.

Receivers that get the same information from a multicast group

and each of the receivers are a “multicast group member”.
Routers that provide the multicasting service are “multicast
routers”.
Multicast routers do not only provide multicasting services, but
also carry out management on group members. Moreover, a
multicast router itself can be a member of one or more multicast
e n
groups. And those groups do not have any physical or
m/
geographical boundaries—the hosts can be located anywhere on
c o
the Internet.
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp traffic and relieves the
The advantages of multicast lie in:
•Enhanced efficiency: it reducest
h
burden for servers and the hardware.
network
•Optimized performance: s
:
c elightens the network load.
it reduces traffic redundancy, saves
network bandwidth and
u r it makes multipoint applications
o
•Distributed applications:
s
Retechnology provides a satisfactory solution for
possible.
The multicast
n g information from a single point to multiple points
transmitting
ni makes an efficient one-to-many transmission in IP
which
a r
networks a reality.
Le The multicast technology brings us versatile value-added
re services from on-line live broadcasting, Web TV, distance
Mo
education, tele-healthcare to on-line radio broadcasting, and real-
time audio/video conferencing.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The multicast technology provides a satisfactory solution to one-
h t
to-many transmission which makes an efficient point-to-
multipoint communication in IP networks a reality. While the plus
s :
points of the multicast technology is obvious there are also
c e
disadvantages since it is based on the UDP.
•Best effort
u r
s o
Since packet loss is inevitable, the multicasting application
R e
program should be designed to overcome packet loss instead of
ng
depending on the multicast network for reliability. “Reliable
i
multicasting” is still under research.
n
ar
•No congestion avoidance mechanism
Le •For lack of mechanisms like the TCP window mechanism and
re the slow start mechanism, multicast could cause traffic
Mo
congestion on the network. If possible, multicasting application
program is expected to avoid congestion by certain checking
attempts.
•Packet repetition
Some mechanisms of certain multicasting protocols such as the
Assert mechanism and the SPT switch mechanism may cause
packet repetition occasionally and the multicasting application

program should tolerate that .

•Packet disorder
Multicasting protocols may lead to packet disorder when packets
reach their destination and the multicasting application program
should take methods such as the buffer pool mechanism to
rectify it.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This chapter presents multicast address structure, address
address and unicast MAC address. h t

classification and the differences between multicast MAC
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 2 Multicast Address Structure
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In unicast, a datagram travels from the source address to the
h t
destination address as the hop-by-hop theory defines. While in
multicast, the destination address of a datagram is a group of
s :
addresses instead of a unique one. All the receivers that request
c e
the data are put into one group and as soon as they join the
r
group, data destined for the address of the group is sent to them
u
s o
Every member in the group, as it is called “the multicast group”,
Re
can receive the datagram.
ng
The Internet Assigned Numbers Authority (IANA) controls the
ni
assignment of IP Multicast Addresses. IANA has assigned the
ar
Class D address space to be used for IP Multicast. This means
Le
that all IP multicast-group addresses fall in this range: 224.0.0.0 -
239.255.255.255. The Class D address cannot be put into the
re source IP address field of an IP packet.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
•ASM :
p can be a multicast
t tsender
source to send information to ahmulticast address. Hosts can
In the ASM model, any information
: to the multicast group after they

receive all the informationssent
c e receivers have no idea about where
join the group. In this model,
the multicast sourceris before they get information from the
o u join or withdraw from the group at any time.
source and they
e s can
•SFM R
g
n the members of a multicast group are totally equal from
The SFM model is similar to the ASM model as in both the two
i
nperspective of the information sender. However, the SFM
modes,
r
amodel is an extension of the ASM model as it can filter multicast
the
e
L sources. In the SFM model, the upper layer software checks the
re
Mo
source address of multicast packets and decides whether to let
the packets from a specific multicast source to pass. Thus,
receivers can only get data from some of the sources. To
receivers, multicast sources are filtered and only some of them
are valid.
•SSM
In daily life, users are interested in information sent by particular

sources and are reluctant to get information from other sources.

The SSM model provides a service that enables users to choose
sources at the client.
The substantial difference between the SSM model and the ASM
model is that in the SSM model, receivers get to know the
position of the multicast source beforehand. The SSM model
uses multicast addresses in a different range from the ASM
e n
model and sets up special forwarding paths between receivers
m/
and specific resources.
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Permanent group address: multicast address reserved by IANA
h t
for routing protocols. The permanent group address is used to
identify a set of specified network devices (reserved multicast
s :
group). The permanent group address never change, however,
c e
the number of its members can be any, even 0. 224.0.0.5
u r
is the multicast address reserved for OSPF routers.
s o
Temporary group address: an IP address allocated to a multicast
Re
group for temporary use. A temporary group address is discarded
ng
when the number of members in the group turns to 0.
ni
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tprange of 224.0.0.0 and
•Reserved Link Local Address
The IANA reserves addresses intthe
h protocols, topology search and
224.0.0.255 to be used by routing
s : with these addresses should
maintenance protocols. Packets
never be forwarded by aerouter whatever their time-to- live (TTL)
r c 224.0.0.0 is reserved and will not be
u
values are. The address
o
allocated.
e s
R Address
•Globally Scoped
n
The rangeg of addresses from 224.0.1.0 to 238.255.255.255 is
n i Globally Scoped Address and they are multicast
called
a r
addresses that can be used globally.
Le 233/8 is the address range for GLOP which is an address
re allocation mechanism works for AS’. An AS defines its range by
Mo
using it’s AS number derived from the bits of the middle
two octets of the multicast address, the fourth octet is used by
the AS to represent it’s obtained 255 multicast addresses.
•Administratively Scoped Address The range of addresses from
239.0.0.0 to 239.255.255.255 is reserved for enterprises for
internal use. These addresses are similar to reserved addresses
of common IP address but can only be used within enterprises.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The MAC address of the destination is the MAC address of the
h t
receiver when packets are transmitted in the unicast mode on an
Ethernet. However, when packets are transmitted in the multicast
s :
mode, the destination turns to a group of hosts instead of one
c e
receiver. In this case, we use the MAC multicast address.
u r
The MAC multicast address is used to label receivers that belong
s o
to the same multicast group at the data-link layer.
As defined RbyeIANA, the first 24 bits of the MAC multicast
g
address is 0x01005e and the lower 23 bits are the lower 23 bits
of the n
n i multicast IP address.
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
The mapping of an IP address to its MAC address is illustrated
by the above figure.
t
h address is 0x01005e.
The first 24 bits of a MAC multicast
:
The first four bits of an IPsmulticast address are 1110 which
c eis a multicast address and in the last 28
rare mapped to the MAC address.
indicate that the address
u
o
bits, the final 23 bits
s
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The first four bits of an IP multicast address is 1110 which
h t
indicates the address is a multicast address. And 23 bits of the
last 28 bits of the IP multicast address are mapped to the MAC
s :
address which means five bits are dropped during the process.
c e
The direct outcome is 32 IP multicast addresses are all mapped
to the same MAC address.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 3 Multicast Basic Principle
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Multicast protocols consist of multicast management protocols
selection. h t
for host registration and multicast routing protocols for route
s :
The applications of every Multiple multicast protocol are marked
in the above figure.
c e
u r
s o
Internet Group Management Protocol (IGMP) works between
hosts and multicast routers. This protocol provides a mechanism
R e
for establishing and maintaining the relations between hosts and
g
multicast routers.
n routing protocols are applied to multicast routers.
i
n protocols create and maintain routes for multicasting and
Multicast
r
These
amake packet forwarding more reliable and efficient.
Le For the ASM model, multicast routing can be classified into the
re
Mo
inter-domain routing and the intra-domain routing.
Intra-domain multicast routing protocols are used to search
multicast sources and build multicast trees to send information to
receivers within autonomous systems.
Intra-domain routing protocols include DVRMP, MOSPF and
PIM.
DVRMP stands for Distance Vector Multicast Routing Protocol

and it is a protocol of dense mode. This protocol defines the

maximum hops to be 32.
MOSPF is an extension of OSPF and it supports multicasting by
defining new LSAs.
Protocol Independent Multicast (PIM) is a typical intra-domain
multicast routing protocol and it comes in two modes, namely,
the Dense Mode (DM) and the SM (Sparse Mode). DM is
e n
suitable when receivers are densely dotted in a network;
m/
while SM is fit for networks where receivers scatter sparsely. PIM
c o
must work together with unicast routing protocols.
i .
Inter-domain multicast routing protocols are used to transfer we
information between ASs.
ua
.h
Multicast Source Discovery Protocol (MSDP) is able to spread
news about multicast sources across ASs. n g
MultiProtocol Border Gateway Protocol (MPBGP) n
i
of MBGP and it can advertise multicast routes a r is an extension
For the SSM model, there is no concept of l

e across ASs.
/ / the intra-domain and

the inter-domain.
:
p of where the multicast
As the receivers have the knowledge
tt
h
sources are beforehand, the router can create paths for
s:the intra-domain multicast routing

multicasting directly with the function of PIM-SM.
In this section, we focuseon
protocols. r c
o u
e s
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The one-way routes between a source and multiple receivers for
The two basic types of multicast

t
multicasting form the multicast distribution tree.
h distribution trees are source
s
path trees and shared trees.:
•Source Path Tree ce
r
Source path tree isua multicast distribution tree with its root at the
s o forming a spanning tree through the
Re receivers. Because this tree uses the shortest
source and branches
network to the
tree i ng The
path through the network, it is also referred to as a shortest path
n (SPT). network is responsible for building a tree for

r source that sends multicast datagram.
each
a
Le •Shared Tree
re Unlike source trees that have their root at the source, shared
Mo
trees use a router as the root. This shared root is called a
Rendezvous Point (RP) and all the shortest paths between the
RP and its receivers form a distribution tree.
When using a shared tree, there is only one tree in the network.
All the sources in the network use the tree to send their traffic to
the root and then the traffic is forwarded down the shared tree to
reach all receivers.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Source path tree is a multicast distribution tree with its root at the
h t
source and branches forming a spanning tree through the
network to the receivers. Because this tree uses the shortest
s :
path through the network, it is also referred to as a shortest path
c e
tree (SPT). The network is responsible for building a tree for
r
each source that sends multicast datagram.
u
s o
The figure above shows an example of two STPs in a network
Re
since there are two multicast sources, namely, Source 1 and
ng
Source 2. R1 and R2 are the two receivers that get information
from the two sources. The two STPs are:
n i
r S1—A---C (R1) -----E (R2)
aS2---F----D---C
Le
(R1 )------E (R2)
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Unlike source trees that have their root at the source, shared
h t
trees use a router as the root. This shared root is called a
Rendezvous Point (RP) and all the shortest paths between the
s :
RP and its receivers form a distribution tree.
c
When using a shared tree,e there is only one tree in the network.
All the sources in thernetwork use the tree to send their traffic to
u
the root and thenothe traffic is forwarded down the shared tree to
e s
R
reach all receivers.
g
In the example above, two sources, S1 and S2, share the tree D
n (RT) -- --E (R2).
i
(RP) ----C
n
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Shortest Path Trees have the advantage of creating the optimal
h t
path between the source and the receivers. This guarantees the
minimum amount of network latency for forwarding multicast
s :
traffic. This optimization does come at a price. The
c e information for each source. In a

routers must maintain path
u r of sources and thousands of groups
network that has thousands
s o a serious problem. Memory
this can quickly become
consumptione
R from the size of the multicast routing table is a
gTrees have the advantage of requiring the minimum

factor that network designers must take into consideration.
n
n i of state in each router. The disadvantage of shared trees
Shared
aisrthat under certain circumstances the paths between the source

amount
Le and receivers might not be the optimal paths as the packets are
re sent to the RP first and then forwarded to the receivers. And it is
Mo also a very tough test for the reliability and capability of the RP.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 4 Multicast Data Forwarding
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In unicast routing, traffic is routed through the network along a
h t
single path from the source to the destination host. A unicast
router does not actually care about the source address. It is the
s :
destination address and how to forward the traffic towards that
c e
destination that a unicast router really concerns about.
u r
In multicast routing, the source sends traffic to an arbitrary group
s o
of receivers that are represented by a multicast group address.
R e
The multicast router must determine which direction is upstream
g
(towards the source) and which direction (or directions)
n
i
is downstream and then forwards packets down the downstream.
n concept of forwarding multicast traffic away from the source,
r
The
arather than to the receiver, is called Reverse Path Forwarding
Le (RPF).
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
RPF makes use of the existing unicast routing table to determine
h t
the upstream and downstream neighbors. A router only forwards
a multicast packet when it is received on the upstream interface
(RPF interface).
s :
e
RPF not only enables routers to correctly forward multicast traffic
c
r
down the distribution tree, but also helps to guarantee that the
u
multicasting.
s o
distribution tree is loop free which is very important for
Re
RPF detection is the essence of the RPF mechanism. When a
ng
multicast packet arrives at a router, the router performs the RPF
ni
detection on the packet. The packet is forwarded only after it
ar
passes the check. Otherwise it is dropped. For traffic flowing
down a source tree, the RPF detection procedure works as
Le follows:
re Step 1. The router looks up the RPF interface of the multicast
Mo
source in a SPT environment or the RPF interface of the RP
when a shared tree is used. The RPF interface is the egress
where the router sends out the packet.
Step 2. If a packet is received from the RPF interface, then it
passes RPF detection and is forwarded.
Step 3. If the RPF detection in Step 2 fails, the packet is
dropped.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In the figure above, Router RTE performs RPF detection after it
h t
received a multicast packet from S0. The RPF detection
discovers that the packet is received from a wrong interface, so
Router RTE discards the packet.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The process of a RPF detection is actually a process of
t
consulting the unicast routing table.
h table to see if the egress to
Routers look up the unicast routing
: receives packets after they get
the source is the interfacesthat
multicast packets. If theeegress to the source is not the interface
r cthen RFP detection fails and packets is
u
that receives packets,
o
dropped.
e sabove, the S0 interface of the router enables RPF
R
In the example
g
detection after it receives a multicast packet. After consulting the
nrouting table, it finds the egress to the source
i
unicast
n
r
151.10.0.0/16 is S1 which is not the interface that received
athe packet. So it decides to discard the packet since the packet
e
L is not received from the correct interface.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In this example the network remains the same as the previous
h t
example. The router performs RPF detection after it receives a
multicast packet. After performing a lookup of the unicast routing
s :
table, the router finds the egress towards the source is S1 which
c e
is also the ingress of the packet, so the packet passes the
r
detection and is forwarded along the distribution tree.
u
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpIP multicast address.
1. What is multicast?
A multicast group is identified bytan
Receivers can receive any data hsent to the group after they joins
s :
the multicast group. The information sender or the multicast
c
source sends only one copy e of the information to the
u r
network and creates
o tree-shaped routes by multicast routing
protocols to letsthe network intelligently replicate the packet only
where it needsR e to, which helps conserve bandwidth and network
gis the structure of a multicast address?
resources.
n
ni
2. What
aTher Class D multicast addresses fall in the range from 224.0.0.0

Le topermanent
239.255.255.255. The addresses can be classified into
re group address and temporary group address
Mo
according to their longevity. Permanent group addresses are
multicast addresses reserved by IANA for routing protocols. They
are used to identify a specific group of network equipments and
cannot be changed. The number of members in the group can be
anything, even 0. The temporary group addresses are IP
addresses allocated to multicast groups for temporary use. The
address of a group is discarded as soon as there is no member

in the group. Upon their usage scope, multicast addresses can

be divided into reserved link local address, globally scoped
address and administratively scoped address.
3. What are the multicast relevant protocols?
Multicast protocols consist of IGMP that is for host registration
and multicast routing protocols for route selection. Intra-domain
multicast routing protocols include PIM-SM, PIM-DM and
e n
DVMRP. Inter-domain protocols include MSDP and
m/
MBGP.
c o
4. What is a multicast distribution tree and what types of i .
distribution trees are there? we
u a
.h
One-way paths between a source and its multiple receivers form
a distribution tree.
g
There are two types of distribution trees: Source PathnTree and
n i
Shared Tree.
a r its root at the
l ethrough the
Source path tree is a multicast distribution tree with
source and branches forming a spanning tree
/ / uses the shortest
: to as a shortest path
network to the receivers. Because this tree
p
tta router as its root and all the
path through the network, it is also referred
tree (SPT). The shared tree takes
h
:
shortest paths between the RP and its receivers as branches.
s
c e
5. What is the RPF principle?
RPF makes use of the
u r existing unicast routing table to determine
the upstream and
s odownstream neighbors. A router only forwards
R e when it is received on the upstream interface
a multicast packet
g to the source in the unicast routing table when they

(RPF interface). The procedure of RPF detection is: routers look
up thenroute
ni packets. If the egress of the route is the ingress of the
receive
a r the packets pass the detection and are forwarded;
packets,
Le otherwise, the packets are discarded.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
IGMP is a signaling mechanism used by a host to communicate
on the host side and the router side. h t

with a router on the end network for IP multicast. IGMP functions
s :
The working mechanism of IGMP is as follows:
c e
r
1. The receiver host reports the group membership to the shared
u
network.
s o
R e
2. Among all IGMP-enabled multicast routers in a network
segment, a router is elected as the querier. The election
ng
mechanism varies with IGMP version. The
i
n
querier periodically sends the information about group members
ar
to the shared network segment.
Le 3.hostAfter receiving the information sent by the querier, the receiver
re sends a response to report the membership.
Mo 4. The multicast routers in this network segment refresh the

member information according to the received response. If the
routers do not receive any response within the timeout duration,
the routers considers that no member of this group exists in this
network segment. Thus, the routers stop forwarding the multicast
data of this group.
All receiver hosts taking part in multicast transmission must apply
IGMP. A host can join or leave a multicast group at any time on

any location, regardless of the number of members in the
multicast group.
A multicast router cannot and also need not store the
membership of all hosts.
The router only needs to check whether the network segment
connected to each interface has receivers of a multicast group,
e n
namely the members of a multicast group. The hosts need only
m/
to store the information about the multicast groups they have
c o
join.
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
From this figure, you can see that IGMP is on the lowest layer of
h t
the multicast protocol system. IGMP is the base of other
multicast protocols. Among all multicast protocols, only IGMP is
s :
directly related to the host that demands a program. The
c e joining and leaving of host in the

IGMP-enabled router manages
multicast group.
u r
s o the user information and sends the
The router maintains
Reto the host.
multicast data
n g
n i
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Currently, IGMP has three versions: IGMPv1, IGMPv2, and
h t
IGMPv3. All versions support the any-source multicast (ASM)
model. IGMPv3 can be applied to the source-specific multicast
s :
(SSM) model independently. IGMPv1 and IGMPv2 need
c
the support of SSM-mappinge technology for the application in the
SSM model.
u r
IGMPv1 (RFC1112) s o defines the basic process of member query
and report. Re
IGMPv2g(RFC2236) adds the mechanism for members to leave a
i nquickly.
n can specify the packets from certain multicast sources
group
r
e athat the multicast members can receive or cannot receive.
IGMPv3
L
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The IGMPv1 packet format is shown in the figure. The packet
contains the following fields:
t
h In IGMPv1, the value is 1.
Version: indicates the IGMP version.
In IGMPv2, the packet does s :not contain this field.
c eof the IGMP packet.
r types of packets:
Type: indicates the type
u
so (0x11): A router periodically sends member
IGMPv1 supports two
Membership e
R to check whether members of a multicast group
query messages
query
n g
exist. The default query interval is 60 seconds.
i
n group.
a r
Membership report (0x12): A host sends this packet to join a
e multicast
L The membership report message can be sent passively or
re actively.
Mo If a host wants to join a multicast group after it receives the

membership query message, it sends the membership report
message.
In this case, the membership report message is sent passively.
If a host want to join a multicast group, it can actively sends the
membership report message without waiting for the member

Query message.
Group address: varies with the type of IGMP packets.
In a membership report message, the group address is a
specified multicast address.
In a membership query message, the group address is 0.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
As shown in the figure, the host sends an IGMP membership
multicast group. h t
report message actively to indicate that it wants to join a
s :
The group address in this packet is the address of the multicast
c
group the host wants to join.e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The IGMPv1 query and response process is as follows:
h t
1. The IGMP querier periodically sends membership query
messages (in which the group address is 0) to all hosts in the
s :
shared network segment in multicast mode. The destination of
e
the membership query messages is 224.0.0.1.
c
r
2. All hosts in the network segment receive the query message.
u
o
If some hosts (for example, PC1, PC2, and PC3) want to join
s
Re
multicast group G, they send membership report messages in
multicast mode to announce that they will join group G. The
ng
membership report message contains the address of multicast
ni
group G. Assume that PC2 sends the membership report first.
ar
3. After the query and response, the IGMP router finds the
Le
receiver of group G in the network. Then the router generates a
(*, G) multicast entry and forwards multicast packets based on
re this entry.
Mo
* Indicates a multicast group member, and G indicates multicast
group.
As specified in IGMPv1, when multiple routers exist in the shared
network, a querier is elected based on the multicast routing
protocol. The election mechanism varies with the multicast
routing protocol.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The destination of the IGMP membership query message is
h t
224.0.0.1. That is, all hosts in this network segment can receive
this packet. However, not all receivers respond to this query. In
s :
this example, Only one host responds with the membership
c e
report message. Other hosts suppress transmission of
r
membership report messages.
u
s o
When a host receives the IGMP membership query message,
Re
the host starts a count down timer for each multicast group it has
ng
joined. In IGMPv1, the timer value is fixed to 10 seconds. When
a timer expires, the host actively sends a membership report
ni
message. The group address is the address of the
ar corresponding multicast group, and the destination address is
Le 224.0.0.1. Thus all other hosts in this network segment receive
re the membership report message. The hosts suppress
Mo
membership report messages and reset the timer.
When the router sends the membership query messages again,
each host starts the timer again to repeat the process of query,
response, and suppression.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
IGMPv1 does not define the packet for leaving a multicast group,
h t
so a host leaves a multicast without sending any packets. Then
how does the multicast router know the user has left the group?
s :
The answer is response timeout. IGMPv1 is implemented based
on response timeout.
c e
u r
After members leave the group without sending any packets, the
s o
router still sends membership query messages every 60
Re
seconds. If the router sends membership query messages three
ng
times but does not receive any membership report messages,
the router considers that no member exists in this group and stop
ni
ar
forwarding multicast packet to this network segment.
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Different from the IGMPv1 packet, the IGMPv2 packet does not
IGMPv2 supports three types of

t
contain the version field but has a maximum response time field.
h packets:
s : message, which falls into the
Type=0x11 membership query
c e
r whether each multicast group is
following two subtypes:
u
o the group has members. The group
•Regular query: determines
s
address in a
e query message contains all 0s.
valid, that is, whether
Rregular
n g group query: checks whether a specified multicast
•Specified
n
groupi has members. The group address is a specified multicast
a r
address.
Le Type=0x16 IGMPv2 membership report
re To be compatible with IGMPv1, IGMPv2 defines an additional
Mo packet type 0x12 = IGMPv1 membership report

Type=0x17 leaving message, sent by a host actively

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The maximum response time field is used only in the
membership query message.
t
h the host to respond to the query
This field indicates the period for
message. The IGMPv1 packet s : does not contain this field.
Group address field: ce
u rmessage, the group address is 0.
o query message, the group address is the
In the regular query
s
address of R
e
In the specified group
the group to be queried.
Whenn
g
n i or leaving message, the group address field is the
a member host responds with a membership report
a r of the target group.

message
Le The checksum field is a 16-bit field used to check the length of

address
re the IGMP message, namely, the valid load of an IP packet.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When a host joins a multicast group for the first time, the host
h t
sends the membership report message immediately. To avoid
loss or damage of the initial membership report, it is
s :
recommended to set the host to send the message once
c
or twice, again in a shorteinterval. The interval recommended in
u
RFC2326 is 10 seconds.r
An IGMPv2 host s oalso supports the membership report message
of IGMPv1.Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The maximum response time field is a new field in IGMPv2. As
h t
described before, a host starts a timer for each multicast group it
has joined when it receives a membership query message. The
s :
host sends the membership report after the timer expires. In
c e
IGMPv2, the timer is a random value ranging from 1 to the
maximum response time.
u r
s o
The maximum response time field is used to adjust the duration
R e
for a host to respond to the membership query message and
ng
specifies the maximum allowed time before sending a
i
responding report in units of 1/10 of a second. In all other
n
ar
messages, it is set to zero by the sender and ignored by
Le In IGMPv1, the membership query message initiated by the

receivers.
re
Mo
multicast router is sent to all multicast groups in the network
segment. Such query message is a regular query message.
IGMPv2 defines a specified group query message. The
destination address is the specified group query message is the
IP address of a multicast group. Only the members of this group
respond to this query message. Members of other groups do not
send response messages.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
All routers running the IGMP on a shared network can receive
h t
the membership report from hosts. So, only one router needs to
send the membership query message. Thus, a mechanism is
s :
needed to elect a router as the querier. The IGMPv1 uses the
c e
multicast routing protocol to elect the querier. The IGMPv2
u r
specifies the multicast router with the smallest IP address on a
s o
shared network as the IGMP querier.
R e sends membership query messages. In

Only the querier
g
IGMPv1, the querier is elected through the multicast routing
n
i modifies the election mechanism. IGMPv2 stipulates
protocol.
n
r the multicast router with the smallest IP address is elected
IGMPv2
athat
Le as the querier.
re
Mo
When a router starts, it sends an IGMP regular query message
to destination address 224.0.0.1.
When a router receives the regular query message, it compares
the source IP address of this message with the IP address of the
receiving interface. The router with the smallest IP address is
elected as the querier.
Sometimes the querier is Down and another router becomes the

querier. All routers except the current querier start a query timer
to periodically check the status of the IGMP querier. The check
interval is 120 seconds. The interval can set by the timer other-
querier-present interval command.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In IGMPv1, a host does not send any message to the multicast
h t
router when leaving a multicast group. The multicast router has
to judge whether a member leaves the group by the response
timeout.
s :
c e to leave a group, it sends the
In IGMPv2, if a host decides
leaving message to r
multicast mode. o
u all multicast routers in the network in
e s (224.0.0.2). To check whether this multicast
That is, the leaving message is sent to the
R other member hosts, the multicast router sends

destination address
n g
group contains
the specified group query message to the network. If the router
does i
n (1notsecond
receive the response within the maximum response
a r
time by default), the router sends the specified
Le group query message again. If the router still does not receive
re any response, it considers that all members have left this group.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A router running IGMPv1 regards IGMPv2 messages as invalid
h t
and ignores such messages. When the IGMP querier runs
IGMPv1, hosts that run IGMPv2 must send IGMPv1 messages.
s :
When an IGMPv2 host detects that the querier is an IGMPv1
c e
router, the host must respond with IGMPv1 messages. In this
u r
case, the IGMPv2 host can also suppress the leaving message.
s o
To maintain the interface status, whenever the interface receives
R e
an IGMPv1 query message, the IGMPv2 host starts 400-second
ng
timer. When the next IGMPv1 query message is received, the
i
timer is reset. When the timer expires, this interface is restored
n
aAnr IGMPv2 host must allow its membership report to be
to an IGMPv2 interface and sends IGMPv2 message again.
Le suppressed by IGMPv1 or IGMPv2 membership report.

re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
If the IGMP querier is an IGMPv2 router, and the IGMPv2/host is
h t
in the same group, all IGMPv1 messages of this group are
received. IGMPv2 messages are not suppressed on IGMPv1
s :
hosts. An IGMPv1 host cannot analyze IGMPv2 messages, so it
ignores such messages.
c e
u r
Whenever an IGMPv1 host joins the group, IGMPv2 leaving
s o
message is suppressed.
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
If some IGMPv1 routers exist in the subnet, IGMPv1 must be
enabled on all routers in this subnet.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
IGMP is applied to the network that connects the router and
h t
users. Both the router and user host must run IGMP. Here, only
the IGMP configuration on the router is mentioned.
s :
Before configuring IGMP, you must enable IP multicast routing,
c e
because IP multicast routing is the prerequisite to all multicast
u r
functions. If IP multicast routing is disabled, all related
s o
configurations are canceled.
Re routing-enable
[Huawei]multicast
n g
Enable multicast routing.
n i IGMP on the interface connected to the user host, you

To enable
r to configure the matching IGMP version on the router and
aneed
Le host, because different versions support different packets.
re [Huawei-Ethernet0/0] igmp enable
Mo Enable IGMP on an interface.

To add the hosts in the network connected to the interface to
specified groups and to enable the interface to receive packets
from these groups, you can set an ACL on this interface to limit
the range of multicast groups the interface serves.
The IGMP version can be configured in the following modes:

1. Interface configuration
2. [Huawei-Ethernet0/0]igmp version 2
The configuration on the interface takes precedence of the global
configuration. If the version is not configured on the interface, the
global configuration takes effect.
2. Global configuration
e n
[Huawei] igmp //Enable IGMP globally.
m/
[Huawei-igmp] igmp version: 2 //Globally configure the IGMP
c o
version.
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The display igmp interface command is used to display the
h t
configuration and running information of IGMP on an interface. If
this command is used in global mode, the IGMP running
s :
information of all IGMP-enabled interfaces is displayed. If this
c e
command is used on an interface, the IGMP running information
r
of this interface is displayed.
u
s o
If IGMP is configured properly, you can view the IP address,
R e
IGMP version, and IGMP parameters on an IGMP-enabled
g
interface through this command.
Value n
i of query interval for IGMP (in seconds): indicates the
n of regular query messages. The default value is 60
r
interval
aseconds.
Le Value of other querier time out for IGMP (in seconds): 120
re indicates that the timeout duration of the IGMP querier is 120
Mo seconds.
Other parameters related to IGMP are not mentioned here. For
details, refer to the VRP configuration guide.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The display igmp group command is used to display the
h t
information about multicast groups. The display contains the
multicast that the router joins dynamically through the
s :
membership report and the group that the router joins
c e lines.
statically through command
r shows the information about the
The bold line in theudisplay
o the router has joined.
multicast groupsthat
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
IGMPv3 is compatible with IGMPv1 and v2. In addition, IGMPv3
h t
enhances the capability of controlling hosts. It can specify the
multicast group (G) a host can join and the multicast source (S)
s :
from which the host can receive messages.
If a host need to receiveethe information from specified sources,
r c field in the IGMP message to include
u source address Sources in this IGMP
it can set the Filter-Mode
o
sthe host can receive multicast packets from the
and specify the multicast
e
message. Thus
R To facilitate the description, we express this
g
specified sources.
nInclude Sources (S1, S2, …).
field as
i
n host does not want to receive messages from specified
r
If the
asources,
e (S1, S2,
it can set the corresponding field as Exclude Sources
L except the specified
…). Thus, the host can receive packets from all sources
re source addresses.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In IGMPv1 and v2, the response message and query message
h t
have the same format. That is, the messages contains only the
group address. The IGMPv3 response message contains group
s :
address 224.0.0.22 and contains the record of one or more
c e
groups. Each group record contains a multicast group address
r
and some source addresses. Multicast records are divided into
u
the following types:
s o
R e
Current status record: records the current receiving state of the
ng
interface. The value can be Include or Exclude. Include indicates
that the host receives messages from the specified source
ni
addresses. Exclude indicates that the host receives messages
ar
from all source addresses except the specified addresses.
Le Filter mode change record: records the change from Include
re state to Exclude state, or from Exclude state to Include state.
Mo Source address list change record: records the new source

addresses or deleted resource addresses.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
IGMPv3 supports the regular query message of IGMPv1, the
h t
specified group query message of IGMPv2. In addition, IGMPv3
supports the specified source/group query message. The
s :
IGMPv3 message contains the multicast source address and
c e
control fields (such as the robustness coefficient and query
interval).
u r
s o
The regular query message does not contain the group address
Re
or source address.
ng
The specified group query message contains the group address
i
nbut does not contain the source address. The specified
ar
source/group query message contains the group address and
Le
one or more source addresses.
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This table shows the comparison of three IGMP versions.
through the multicast routing protocol. h t

IGMPv1 does not support querier election. The querier is elected
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 3 IGMP Snooping
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
IGMP snooping runs at the link layer. It is a multicast constraint
t
mechanism used to manage and control multicast groups.
When a layer-2 switch receiveshthe IGMP packet transmitted
between the host and router, s : the switch analyzes the contents of
the packet through IGMP
c e snooping.
u ran IGMP membership report message from
s
the host, it adds othe host to the matching multicast table. If the
If the switch detects
R
switch detects e the leaving message from the host, it deletes the
g
multicast entry for this host. By snooping IGMP packets, the
switchnestablishes and maintains a multicast MAC address table
i
onnlayer 2. Then the switch can forward multicast packets
a r
Le delivered
table.
by the router based on the MAC multicast address
re If IGMP snooping is not enabled, multicast packets are

Mo transmitted on layer 2 through broadcast. After IGMP snooping is
enabled, packets are transmitted on layer 2 through multicast.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
IGMP snooping runs at the link layer. It is a multicast constraint
t
When a layer-2 switch receiveshthe IGMP packet transmitted
between the host and router, s : the switch analyzes the contents of
the packet through IGMP
c e snooping.
u ran IGMP membership report message from
s
the host, it adds othe host to the matching multicast table. If the
If the switch detects
R
switch detects e the leaving message from the host, it deletes the
g
multicast entry for this host. By snooping IGMP packets, the
switchnestablishes and maintains a multicast MAC address table
i
onnlayer 2. Then the switch can forward multicast packets
a r
Le delivered
table.
by the router based on the multicast MAC address
re If IGMP snooping is not enabled, multicast packets are

Mo transmitted on layer 2 through broadcast. After IGMP snooping is
enabled, packets are transmitted on layer 2 through multicast.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Through IGMP snooping, a LAN switch detects IGMP messages
and the multicast group address. h t

and establishes the mapping between the host, related interface,
s :
The working mechanism of IGMP snooping on a layer-2 switch is
shown in the figure.
c e
u r
s o
When receiving an IGMP regular query message, the switch
checks the source port. If the source port is the port of the router,
R e
the switch reset the aging timer for this port; otherwise, the
g
switch starts the aging timer for the router port.
nreceiving an IGMP specified group query message, the
i
n sends the specified group query message only to the IP
When
r
switch
amulticast group to be queried.
Le When receiving an IGMP report message, the switch checks
re
Mo
whether the MAC multicast group mapping the IP multicast group
the host wants to join exists. If the MAC multicast group does not
exist, the switch creates a MAC multicast group and adds the
port that receives this report message to this group. At the same
time, the switch starts the aging timer of this port and adds all
router ports in the same VLAN to this MAC multicast group. The
switch also creates an IP multicast group and adds the port that
receives this message to the group. If the MAC multicast group
exists, but the port that receives this message is not in

the MAC multicast group, the switch adds the port to the MAC
multicast group and starts the aging timer for this port. Then the
switch checks whether the mapping IP multicast group exists. If
the IP multicast group does not exist, the switch create an IP
multicast group and adds the port that receives this message to
this group. If the IP multicast group exists, the switch adds the
e n
port that receives this packet to the IP multicast group.If the MAC
m/
multicast exists, and the port that receives this message is in the
c o
MAC multicast group, the switch resets the aging timer for the
i .
port that receives this message.
we
When the switch receives a leaving message, it sends the
ua
.
specified group query to the port that receives this message to h
g
check whether other hosts connected to this port are the member
n
i
of the multicast group the host wants to leave. At the same time,
n
r
the switch starts a query response timer. If the switch does not
a
e
receive the report message from this multicast group, the switch
l
/
deletes this port from the MAC multicast group. If the MAC
/
:
multicast group does not contain any member ports, the switch
tp
requests the router to delete this branch from the multicast tree.
t
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
This figure shows how the information about multicast groups is
h t
established and maintained through IGMP snooping.
1. PC2 wants to join multicast group 224.1.2.3, so PC sends an
s :
IGMP membership report to the multicast group. The report
e
message contains MAC address 0100.5e01.0203. Initially, the
c
r
forwarding table does not contain the entry with this MAC
u
s o
address. Therefore, this report message is flooded to all ports of
the switch, including internal port 0 connected to the CPU.
Re
2. When the CPU receives the report message from PC2, the
ng
CPU establishes a forwarding entry according to the information
ni
in the IGMP report. This entry contains the port of PC2, the port
ar
of the connected router, and the internal port connected to the
CPU.
Le 3. After the entry is established, all multicast frames to
re destination address 0100.5e01.0203 are suppressed on ports 0,
Mo
1, 3 and cannot spread to other ports.
4. Assume that PC4 wants to join multicast group 224.1.2.3 and
sends an IGMP report to this group. The switch forwards the
report to port 1 and port 3 according to the forwarding entry. The
CPU of the switch also receives this report and it adds a port
(port 5) to the entry with MAC address 0100.5e01.0203.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The configuration of IGMP snooping on a layer-2 switch is quite
view or VLAN view. h t

simple. You only need to enable IGMP snooping in the system
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The display igmp-snooping group command is used to display
h t
the IGMP information on a switch, including the port connected
to the multicast router, IP address of the multicast group, and
MAC address of the user host.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
1. What types of packets does IGMPv1 define?
report message. h t
IGMPv1 defines the membership query packet and membership
s :
2. What are the additional functions of IGMPv2 when compared
with IGMPv1?
c e
u r
IGMPv2 adds the member leaving packet. A multicast member
s o
sends a leaving packet to leaving the group. IGMPv2 also adds
e
the specified group query packet.
R
ng
The packet is used to check whether the multicast group that a
member leaves contains other members.
ni
ar
3. What is the principle function of IGMP snooping?
Le
IGMP snooping runs on the link layer. It is the multicast restraint
re When a layer-2 switch receives the IGMP packet transmitted
Mo
between a host and a router, the switch analyzes the contents of
the packet through IGMP snooping.
By detecting the IGMP packets, the switch establishes and
maintains a Multicast MAC address table on layer 2. Then the
switch can forward multicast packets
delivered by the router based on multicast MAC address table.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 1
PIM-DM Overview and Configuration
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Protocol Independent Multicast (PIM) use all unicast routing
h t
protocols, to provide routing information for reverse with
forwarding.The multicast routing is irrelevant with the unicast
:
routing protocols, if only the unicast routing protocol can
s
c e
generate corresponding routing entries.Protocol Independent
Multicast Dense Mode (PIMDM) is a dense mode multicast
u r
routing protocol applicable to small-sized networks, in which
s o
multicast receivers are located densely.
Re
PIM-DM is based on the assumption that every subnet in the
ng
network has at least one receiving node of the multicast source.
In this case, multicast packets are flooded to all nodes in the
ni
network, and thus related resources (bandwidth and router CPU)
ar are consumed.
Le To reduce the consumption of network resources, the dense
re mode multicast routing protocol prunes the branches that do not

need to forward multicast packets and only keeps the branches
Mo that contain the receivers. PIM-DM will sent graft message to
restore forwarding of multicast packets on the pruned branches
when pruned branches need to forward multicast packets.
Periodical packet flooding and pruning is the feature of the dense
mode multicast routing protocol. Such protocol is applicable only
to small-sized LANs.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
In dense mode, the forwarding paths of multicast form a source
tree.
t
The multicast source is the roothof the source tree and the
s : of the source tree. The source
multicast receivers are leaves
c e the multicast source to the receivers,
uses the shortest path from
u r the shortest path tree (SPT). In
so the tree is also called
this figure, the s o show the paths from the source to the
arrows
receivers. Re
PIM-DMgdoes not depend on specific unicast routing protocol. In
i nPIM-DM performs RPF check by using the existing
r n routing table.
stead,
unicast
e aForwarding of packets has two directions, upstream and
L downstream.
re
Mo
The interface that receives the multicast packets is the upstream
interface.
The interface that forwards the multicast packets is the
downstream interface.
Packets are forwarded from the upstream interface to the
downstream interface.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp to PIM-DM. Packet
The protocol number is 103 in all PIM packets.
The packet types listed here aretrelated
types related to PIM-SM will behintroduced in the PIM-SM
section. s :
c e are Hello message, Join/Prune
rGraft response packet and Assert packet.
Packet types used in PIM-DM
u
s
The Assert packetso are sent in multicast mode and the
packet, Graft packet,
destinationRiseall PIM routers on 224.0.0.13.
ng functions
These packets
SPT.iTheir
are used to periodically set up and maintain the
n
r mechanism.
working
will be described in the part of PIM-DM
a
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The configuration of PIM-DM is very simple. You need to enable
t
PIM-DM on the interfaces of a router.
Before enabling PIM-DM on anhinterface, you must enable IP
s :
multicast routing in the system-view of router.
e
The command used tocenable IP multicast routing is multicast
routing-enable. ur
s o
Re
n g
n i
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 2
PIM-DM Protocol Mechanism
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In a PIM-DM network, a router sends Hello messages upon
h t
startup to discover neighbors and maintains neighbor relation.
Routers periodically send Hello messages, and thus a SPT is
s :
established and maintained. Using the pim timer hello interval
c e
command, you can set the Hello interval in the interface view.
r
The default Hello interval is 30 seconds.
u
s o
Another function of the Hello message is electing the designated
Re
router (DR) in the network segment containing multiple routers.
ng
The DR acts as the IGMPv1 querier. In the IGMP section, we
have mentioned that the IGMPv1 querier is elected by the DIM-
ni
DM message.
r compares the priority values and IP addresses contains
aPIM-DM
Le in Hello messages to elect the DR as the IGMPv1 querier.
re When the DR is down, and its neighbor cannot receive the Hello
Mo message from DR within the timeout duration, its neighbors will
trigger the election of a new DR.
Using the pim hello-option holdtime interval command, you can
set the Hello timeout duration. The default timeout duration is
105 seconds.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
PIM-DM is based on the assumption that all hosts in the network
h t
will receive the multicast packet. When the multicast source (S)
sends a multicast packet to a multicast group (G), each router
s :
that receives the packet performs reverse path forwarding (RPF)
c e
check according to the routing table.
u r
•If the packet passes the RPF check, the router creates an (S,
s o
G) entry, and then forwards the packet to all downstream PIM-
R e
DM nodes in the network. This process is called flooding.
ng
•If the packet does not pass the RPF check, it indicates that the
i
packet is received on a wrong interface. The router discards this
n
r this process, each router in the PIM-DM multicast domain
packet.
aAfter
Le creates an (S, G) entry. S means the IP address of multicast
re source. G means the multicast IP address.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A router floods multicast packets regardless whether there is any
h t
exsiting downstream multicast members so bandwidth is wasted.
Prune mechanism of PIM-DM can avoid waste of bandwidth.
s :
If edge router does not contain any multicast receiver, the router
c e
sends the Prune message to its upstream node. When the
u r
upstream node receives the Prune message, it updates its
s o
multicast routing table .The pruning process lasts until the
R
router whose ebranches need to forward multicast packets. Thus
g
a shortest path tree (SPT) with the multicast source S as root is
n
ni mechanism is provided for the pruned nodes. After the
established.
Artimeout
atimeout duration, the flood-prune process starts again. The
Le default prune timeout duration is 210 seconds.
re
Mo
The flood-prune process of PIM-DM occurs periodically.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Multicast routers. prune redundant branches according to Prune
h t
messages to establish a new SPT. Although routers stop
forwarding multicast packets to the branch that contains no
s :
members after they receive the Prune message, each
router still keeps the (S,eG) entry of this branch. Once a member
on this branch joins r
c
branch resumes o
u the multicast group, forwarding on this
e s quickly
R
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The pruned downstream nodes restore to forwarding state when
h t
the prune timer expires. The default prune timer is 210 seconds.
That means a node must wait such a long time to join the group.
s :
To shorten the waiting time, the node sends
Graft message to notifyethe upstream node when it needs to turn
to forwarding state. r
c
o uthe network starts to receive multicast
When a receiver
e sthe Graft message is transmitted to multicast
in
R
packets again,
g
source S hop by hop. When the intermediate nodes receive the
n
i
Graft message, they respond with acknowledgement messages.
nthis way, the pruned branch resumes packet transmission.
a r
In
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A pruned path turns to a forwarding path, and thus a new SPT is
established.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
PIM-DM adopts the RPF check mechanism. This mechanism
h t
helps to establish a multicast forwarding tree rooted from the
source based on the existing unicast routing table, multicast
s :
static routing table, MBGP routing table.
c
When receiving a multicaste packet, a router checks whether the
ur packet is correct. If the interface receiving
forwarding path of this
this packet is theointerface responsible for sending the packet to
the multicast e s as specified by the unicast routing table,
R source,
g
the router considers that the packet is transmitted through
n path. Otherwise, the router discards the packet.
i
the correct
na basis for checking the correctness of the path, routing
r
As
ainformation can be generated by any unicast routing protocol, for
e
L example, RIP and OSPF. The type of the routing protocol is not
re limited.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In a shared network, for example, Ethernet, a packet may be
h t
forwarded repeatedly. As shown in the figure, a LAN consists of
routers A, B, C and D. Each router has a path to the multicast
s :
source. When routers A, B, and C receive a multicast packet
c e
from the upstream node, they all forward the packet to the
r
Ethernet. The downstream node, namely router D, receives three
u
o
identical multicast packets.
s
R e
The Assert mechanism is adopted to avoid this problem. This
ng
mechanism elects a unique forwarder for the multicast packet.
Routers in the network send Assert packets to select the best
n i
path.
r best path is elected as follows:
aThe
Le If two or more paths have the same priority and same cost to the
re multicast source, the router with the highest IP address becomes
Mo the upstream neighbor in the (S, G) entry. This router forwards
the multicast packets related to the (S, G) entry.
Other routers prune the corresponding interface to forbid the
interfaces to forwarding the packet.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The working process of PIM-DM consists of neighbor discovery,
Neighbor discovery h t
flooding, pruning, graft and Assert mechanism.
s :
e
Multicast routers send Hello messages to discover neighbors
c
r
and maintain neighbor relations. Routers compare the priorities
u
s o
and IP addresses in Hello messages to elect the DR in the
network segment. The DR acts as the IGMPv1 querier.
Flooding R e
g
na router receives a multicast packet, it performs RPF
Multicast source S sends multicast packets to multicast group G.
i
n based on the unicast routing table. If the packet passes
when
a r
check
Le the RPF check, the router creates an (S, G) entry, and then
re forward the packet to all downstream PIM-DM nodes in the
Mo
network. This process is flooding. If the packet does not pass the
RPF check, the router discards the packet.
Pruning
If no downstream node contains the multicast member, the router
sends the Prune message to the upstream node to request the
upstream node stop for warding packets to this branch. After the
upstream node receives the Prune message, it deletes the

corresponding interface from the interface list mapping the (S, G)

entry. The pruning process lasts until only the branches that
need to forward data remain. Thus a SPT with multicast source S
as the root is established.
Graft
When a pruned node needs to turn to forwarding state, the node
sends the Graft message to request the upstream node to e n
restore packet forwarding.
m/
c o
Assert mechanism
i .
The Assert mechanism is used to specify the forwarder in a
we
shared network.
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 3
PIM-DM Configuration Verification
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using the display pim routing-table command, you can view the
t
PIM multicast routing table of a router.
h a router creates a (S, G) entry.
After receiving a multicast packet,
s : about the nodes that this
The (S, G) entry lists information
packet passes, namely e
c the upstream node, downstream node
r relation. The RPF neighbor relation is
u
and the RPF neighbor
o the packet is received by the correct
s
used to check whether
interface. Re
n g table of a router is empty, you need to check the

If the routing
ni
configuration.
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using the display pim neighbor command, you can view the
t
information about PIM neighbors of a router.
h RTA (10.2.2.1) and RTB
In general, RTC has two neighbors:
(172.16.1.1). s :
c e
u r
s o
Re
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using the display pim interface command, you can view the PIM
h t
information on an interface, including whether the PIM protocol is
enabled, the PIM mode and the IP address of the DR.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tpthat every subnet in the
1. What is the principle of PIM-DM?
PIM-DM is based on the assumption
network has at least one receiver
t
h of the multicast source. In this
s
case, multicast packets are :flooded to all nodes in the network.
c e that do not need to forward
r only keeps the branches that contain the
PIM-DM prunes the branches
u
receivers. The s o branches need by graft mechanism to
multicast packets and
pruned
Re of multicast packets on the pruned branches.
restore forwarding
2. Whatgis the function of graft in PIM-DM?
i n use the Prune message to prune the branches that do
ncontain multicast members. If a node on the pruned branch
Routers
r
e aneeds to join the multicast group, the node needs to wait until the
not
L prune timer expires. When the downstream node needs to turn to
re
Mo
forwarding state, the node can use the graft mechanism to notify
the upstream node that a member joins the group. Thus the
response period is shortened.
When a receiver in the network starts to receive multicast
packets again, it sends a Graft message. The Graft message is
forwarded to multicast source hop by hop. When the
intermediate nodes receive the Graft message , they respond

With acknowledgement messages. In this way, the pruned

branch resumes packet transmission.
3. What is the function of the Assert mechanism in PIM-DM?
Assert mechanism avoids repeated forwarding of same packets
in a shared network, for example, Ethernet. Assert mechanism
elects a unique forwarder for the same packet in the shared
network. Other routers prune corresponding interfaces from (s,6)
e n
entry.
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
PIM-SM is based on the assumption that the multicast members
h t
locate sparsely. That is, near no network segment has multicast
group members. Multicast route is established only when a host
s :
in a network segment joins the multicast group. At this time, the
c e
upstream node begins to forward multicast packets to this
u r
network segment. The goal of the PIM-SM model is to establish
s o
and maintain a unidirectional shared Tree.A router in the PIM
Re
network is selected as the public root node of the shared tree.
ng
The public root node is called the rendezvous point (RP). The RP
ni
forwards multicast packets to receivers along the shared tree.
ar
At the receiver's side, the router connected to the receiver sends
Le
the Join message to the RP of the multicast group. The Join
message is forwarded hop by hop and reaches the root (RP).
re The path that the Join message passes by becomes a branch of
Mo the shared tree, namely, the rendezvous point tree (RPT).
When the sender needs to send multicast data to a multicast
group, the first-hop router sends Register message to the RP.
The Register message reaches the RP and triggers
stablishment of the RPT. The multicast source then sends the
multicast packet to the RP. The multicast packet is duplicated on
the RP and forwarded to the receivers along the RPT.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
PIM-SM uses two types of trees: the shared tree and source
path tree.
t
h receiver is the shared tree.
The path from the RP to the multicast
s :source to the RP is the source path
e
The path from the multicast
c
tree.
u r according to the type of the tree.
o the RP address is used as the source
RPF check is performed
s
On the sharede
address forRRPF check.
tree,
g
On thensource path tree, the address of the multicast source is
nias the source address for RPF check.
a r
used
Le Protocol Mechanism.
The RPF check process will be described in Chapter 2 PIM-SM
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The basic configuration of PIM-SM is similar to the configuration
h t
of PIM-DM. for PIM-SM, you also need to enable the multicast
routing protocol, and then enable PIM-SM on the interfaces of
the router.
s :
e
After the brief introduction of the PIM-SM principle, you have
c
r
known that RP is an important role in the PIM-SM network. As
u
s o
the root of RPT, the RP forwards multicast packets and controls
join of multicast groups. The RP can be discovered in various
Re
ways. Discovery and election of the RP will be described in
ng
Chapter 2. Here we manually specify RTB (172.16.1.1) as the
RP to show the configuration of PIM-SM.
ni
ar
PIM-SM configuration involves the following steps:
Le
1. Globally enable the multicast routing protocol.
2. Enable PIM-SM on the interfaces.
re 3. Specify the address of RP.
Mo Note: If the RP is manually specified, the RP address must be
configured on each router. The procedure is as follows:
Enter the PIM view.
[RTC] pim
Specify 172.16.1.1 as the RP address.
[RTC-pim] static-rp 172.16.1.1

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using the display pim neighbor command, you can view the
h t
information about PIM-SM neighbors of the router. After the
configuration, RTC has two PIM neighbors: RTA and RTB.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpspecified. The "Static" field
View the information about the RP in the PIM-SM network.
t
h indicates that the RP is
In this example, the RP is manually
before "RP" in the display information
manually specified. s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using the display pim interface command, you can view the
h t
information about a PIM interface. The display information
includes whether PIM is enabled, PIM version, PIM mode, PIM
s :
query interval and IP address of the DR.
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Using the display pim routing-table command on RTB, you can
see two entries:
t
h It indicates that RTB has
an (S, G) entry and a (*, G) entry.
s
received the multicast packet : and can forward the packet.
c eentry is recorded in the routing table. S
As you know, the (S, G)
u r source and G indicates the multicast
s
group. The routerso on the source path tree (SPT) from the
indicates the multicast
Re to RP create such entries.

multicast source
(*, G) isgthe entry for only PIM-SM. This entry is the entry of (any
i n source, multicast group). The routers on the RPT
r n such entry.
multicast
create
a
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

Chapter 2 PIM-SM Protocol Mechanism
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In a PIM-SM network, a router needs to send Hello messages to
h t
discover its neighbors upon startup. Routers periodically send
Hello messages to maintain the neighbor relation. Another
s :
function of the Hello message is electing the DR in a network
c e
segment containing multiple routers. The DR acts as the IGMPv1
querier.
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
PIM-SM also elects the DR in a shared network (such as
network segment. h t
Ethernet). The DR is the only multicast packet forwarder in the
s :
In PIM-SM, all shared networks must have a DR, no matter
c e
whether the network is connected to the multicast source or the
receiver.
u r
s o
The DR at the receiver end sends the Join message to the RP.
R e
The DR at the multicast source side sends the Register message
ng
to the RP.
i
n
Routers on the shared network send Hello messages (containing
ar
the DR priority option) to each other. The router with the highest
Le If some routers have the same priority or at least one router in
DR priority is elected as the DR in the network segment.
re
Mo
the network cannot add the priority option in the Hello message,
the router with the largest IP address is elected as the DR.
When the DR is Down, it cannot respond to the Hello message
sent by other router within the timeout duration. The neighbor
routers then trigger the election of a new DR.
Using the pim timer hello interval command, you can set the
interval of Hello messages in the interface view. By default, the

Hello interval is 30 seconds.

Using the pim hello-option holdtime interval command, you can
change the value of the Hello timeout duration. By default, the
Hello timeout duration is 105 seconds.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
In a PIM-SM network, the node acts as the root of the shared
h t
tree is called the rendezvous point (RP).
The RP has the following functions:
s : through the shared tree to
e
1. Forwards all multicast flows
c
receivers.
u r packets of some or all multicast groups. A
o one or more RPs.
2. Forwards multicast
s
e
network can have
The RP canRbe discovered in any of the following ways:
n g specify the IP address of the RP on the DR, all leaf
i and all routers that forward multicast flows.
1. Manually
n
a r
routers,
Le of the RP.
Use the static-rp rp-address command to specify the IP address
re 2. Enable the BootStrap protocol to elect the RP through the

Mo bootstrap mechanism.
The RP is the core router in the PIM-SM domain. Is a simple
small-sized network, one RP is enough for packet forwarding,
because the amount of multicast data is small. In this case, you
can manually specify the RP on all routers in the SM domain. But
in most cases, the PIM-SM network is very large and large
amount of multicast packets forwarded by the RP. In such a
network, each multicast group needs an RP, thus the load on

each RP is reduced and the topology of the shared tree is
optimized. In such network, RPs are elected through the
bootstrap mechanism. In this case, you need to configure the
bootstrap router (BSR).
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The RP can be specified manually or elected through the
bootstrap mechanism.
In the latter case, you need to h
t
enable the BootStrap protocol.
s :
c e
In a PIM-SM domain, all candidate RPs (C-RPs) take part in the
RP election.
u r
s o
R e
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The BSR is the management core in the PIM-SM network. The
h t
BSR collects the Advertisement messages sent by C-RPs, and
then selects the C-RP information for each multicast group to
s :
form an RP set (a database of mapping between multicast
c e
groups and RPs). The BSR advertises the RP set to the entire
r
network so that all routers (including the DR) obtain the location
u
of RPs.
s o
R e
A PIM-SM domain can also have multiple C-RPs. The RP for
g
each multicast group is elected through the BSR mechanism.
n (or management domain ), only one router is
i
In a network
n as the BSR, but multiple candidate BSRs (C-BSRs) can
r
elected
abe configured. Once the BSR is Down, a new BSR is elected
Le through the bootstrap mechanism. Thus, the service is not
re interrupted by fault of the BSR.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tasp C-BSRs. Each C-BSR has
The working mechanism of a BSR is as follows:
1. Qualified routers are configured
a priority. When a router is elected
t
h as the C-BSR, it starts a timer
(300 seconds by default) s to:snoop the BootStrap messages in
the network. A BootStrap
c e message contains the priority and the
u
IP address of the C-BSR.r
2. When a C-BSR s o receives a BootStrap message, it compares
R
its own prioritye with the priority in the message. If the priority in
gBootStrap messages. If the priority of the C-BSR is
the message is higher, the CBSR resets the timer and continue
n
i the C-BSR sends a BootStrap message to announce that
to snoop
n
itris the BSR. If the priorities are equal, the C-BSR compares its
higher,
a
Le IProuter
address with the IP address contained in the message. The
re with the larger address becomes the BSR.
Mo The destination address of the BootStrap message is 224.0.0.13

and all PIM routers can receive this packet. The TTL of this
packet is set to 1, but each PIM router floods this packet from all
its PIM-enabled interfaces. Thus, all PIM routers can receive the
BootStrap message.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
1. The candidate RP(C-RP) sends the Advertisement message
to the BSR.
h t
When receiving the BootStrap message (BSR message), the C-
s :
RP can locate the BSR in the network. The C-RP then sends the
e
Candidate-RP-Advertisement message to notify the BSR of the
c
r
multicast groups it serves in unicast mode. Thus, the BSR
u
s o
collects the information about all C-RPs in the network and
establishes an RP set. Then the BSR sends BSR messages to
Re
all routers in the network.
ng
The C-RP periodically sends Advertisement messages (every 60
ni
seconds) in unicast mode.
ar
2. The BSR periodically sends BSR messages (every 60
Le
seconds) to all PIM routers (224.0.0.13).
The BSR message contains the RP-set and BSR address. The
re message is flooded to the entire network hop by hop.
Mo 3. All routers elect the RP according to the received RP set

through the same RP election algorithm. Therefore, the routers
elect the same RP.
If the RP is specified manually, instead of being elected from C-
RPs, each router should be configured with the C-RP address,
priority, and the multicast group it serves.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When a receiver host joins multicast group G, the host sends an
h t
IGMP packet to notify the leaf router connected to it. The leaf
router obtains the information about this receiver, and then sends
s :
a Join message to the upstream node toward the RP.
Each router on the pathefrom the leaf router to the RP generates
r c
o u
a (*, G) entry in the forwarding table. These routers form a
s
branch of the rendezvous point tree (RPT). (*, G) indicates that
packets fromeany multicast source are sent to G.
R
g
RP is the root of the RPT and the receivers are leaves of the
RPT. n
n ithe packet sent from multicast source S to multicast group
a rreaches RP, the packet will reach the leaf router and then the
After
Le receiver host. If the receiver host does not want to receive the
G
re information from this source, the nearest multicast router sends

Mo the Prune message to the RP in the converse direction . When
the first upstream router receives the Prune message, the router
deletes the interface,
which connects to the downstream router, from the interface list
of multicast router.
The router check that other existing interface need to forward
packets or not. If no need such receivers exist, the router
sends the Prune message to its upstream router.This process is

the same as the pruning process of PIM-DM.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
When multicast source S sends a multicast packet to multicast
h t
group G, the router directly connected to multicast source S
encapsulates the multicast packet into the Register packet. Then
s :
the router sends the packet to the corresponding RP in unicast
c e
mode to notify the RP of the multicast source.
u r
When receiving the Register message from multicast source S,
s o
the RP decapsulates the message, and then forwards the
Re
message to the receiver along the RPT. In addition, the RP
ng
sends the Join message in the converse direction to multicast
source S. The Join message contains the (S, G) entry, and thus
ni
all routers on the path between the RP and the multicast source
ar generates an (S, G) entry. These routers that the Join message
Le passes form a branch of the SPT. The multicast source is the
re root of the SPT, and the RP is the destination of the SPT.
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
A multicast packet sent by multicast source S reaches the RP
along the RPT to receivers. h t

along the established SPT. The RP then forwards the packet
s :
After the RP receives the multicast flow forwarded along the
c e
SPT, the RP sends the Register-stop message to the router
u r
directly connected to the multicast source.
s o
The multicast source registration process is complete.
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After the multicast source registers to the RP successfully,
h t
multicast packets are sent to the RP along the SPT and then
forwarded by the RP to the receivers along the RPT.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
For a specified source, PIM-SM sets the bandwidth threshold for
h t
the SPT. Thus the last-hop router (the DR closest to the receiver)
can switch from the RPT to the SPT. When the last-hop router
s :
detects that multicast packets sent from the RP to multicast
c e
group G exceeds the threshold, the router sends a Join message
u r
with the (S, G) entry to the next-hop router toward multicast
s o
group G according to the unicast routing table. The Join
R e
message reaches the first-hop router (the DR closest to the
g
multicast source) after passing the routers on the path. All
these n
n i routers create an (S, G) entry, and thus an SPT branch is
r
established.
aWhen the throughput of packets exceeds the preset value, PIM-
Le SM switches the router from the RPT to the SPT.
re
Mo
On the VRP, by default, the router directly connected to the
receiver joins the SPT immediately after it detects the multicast
source; that is, the router receives the first data packet from the
source.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The RPT switches to the SPT, multicast packets are sent from
h t
the multicast source directly to the receiver. Through switchover
between the RPT and the SPT, PIM-SM can establish the SPT in
s :
a more economical way than PIM-DM does.
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
The last-hop router sends the Prune message to the RP. The
h t
Prune message contains the RP information and reaches the RP
hop by hop. After receiving the Prune message, the RP forwards
s :
the Prune message in the converse direction.
Thus, the multicast floweis switched from the RPT to the SPT.
r c
o u
e s
R
n g
ni
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
After switchover, an SPT is established between the multicast
source and the receiver.
h t
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp send Hello messages to
Neighbor discovery
t
h neighbor relation, and negotiate
In a PIM-SM network, multicast routers
discover neighbors, maintain the
protocol parameters. s :
c e segment compare the priorities and
r messages to elect the DR. The DR acts as
Routers in the same network
u
s o
IP addresses in Hello
the IGMPv1 querier.
Assert Re
Routersgin a shared network (such as an Ethernet) elects the
i n forwarder.
nelection
designated
r
e aDR
L Routers elects the designated router (DR) for the shared network
re between the multicast source and receivers.
Mo RP discovery
The RP is specified manually or elected through the BSR
messages.
Join
When a receiver host joins a multicast group G. The host send
an IGMP packet to notify the leaf router directly connected to it.

The leaf router then

sends the Join message to the upstream node toward the RP.
Prune
The pruning process is initiated by the leaf router. When all
downstream members leave the multicast group, the leaf router
sends a Prune message to the upstream node to request the
upstream node stop forwarding packets to this branch. e n
m/
Register
c o
The Register messages notify the RP of the existence of the
i .
multicast source.
we
ua
RTP-SPT switchover
PIM-SM sets a bandwidth threshold for the SPT. When thehtraffic
g .
receiver side) switches from the RPT to the SPT. in
exceeds this threshold, the last-hop router (the DR at the
r n
e a
/ l
: /
t tp
h
s :
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tthep C-BSR and C-RP interface
In this figure:
h
Interface POS3/0/0 of Router E is
of the PIM-SM network.
t
s : A and end network N1. IGMPv2
IGMPv2 runs between Router
c e B, Router C, and end network N2.
r
also runs between Router
u
oIP addresses of interfaces on the router and
Configuration roadmap:
s
Re routing protocol.
1. Configure the
enable the unicast
n g the IP address and mask of each interface.
i
2. Configure
3. n
a r Enable OSPF between the routers. Make sure routers can
Le 4. Enable the multicast function. Enable PIM-SM on each

communicate with each other .
re interface and enable IGMP on the interfaces connected to hosts.

Mo 5. Configure POS3/0/0 of Router RTE as the C-BSR and C-RP
interface.

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Configurations of Router B, Router C, Router D, and Router E
t
are similar to the configuration of Router A.
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
c-rp interface-type interface-number [ group-policy basic-acl-
h t
number | priority priority | holdtime hold-interval | advertisement-
interval adv-interval ] * interface-type interface-number: indicates
s :
the interface of the C-RP. PIM-SM must be enabled on this
interface.
c e
u r
group-policy basic-acl-number : indicates that the multicast
s o
groups that the CRP serves are groups permitted by the ACL.
Re indicates the number of the basic ACL.

basic-acl-number
n g C-RP serves all multicast groups.

By default,
ni priority : indicates the priority of the C-RP. A larger value

priority
r
aindicates a lower the priority. The default value is 1.
Le Using the undo c-rp { interface-type interface-number | all }
re command, you can cancel the C-RP configuration.
Mo c-bsr interface-type interface-number hash-mask-len [ priority ]

interface-type interface-number: specifies the interface type and
interface number on the router. The C-BSR is configured on the
specified interface. PIMSM must be enabled on the interface;
otherwise, the configuration does not take effect.
hash-mask-len: specifies the mask length. The router ANDs the
mask with the multicast group, and then searches for the RP.
The value ranges from 0 to 32.

priority: specifies the priority of the C-BSR. The value ranges
from 0 to 255. The default value is 0. A larger value indicates a
higher priority.
Using the undo c-bsr command, you can cancel the configuration
of the CBSR.
e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
ttp
h
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using the display pim interface command, you can display the
h t
information about all PIM-enabled interfaces. You can find all
PIM-SM-enabled interfaces in the display information.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
//
:
tp
Using the display pim bsr-info command, you can display the
information about the BSR.
t
h the IP address, Hash mask
The display information includes
:
length, and priority of thesBSR.
c e
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tp
Using the display pim rp-info command, you can display the
h t
information about RPs for all multicast groups, including the RP
discovered through BSR mechanism and the static RPs.
s :
c e
u r
s o
Re
i ng
n
ar
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/
/
:
tp
Using the display pim routing-table command, you can display
t
the PIM multicast routing tables of all instances.
The display information showshthe information about the
upstream interfaces mapping s : the (*, G) entry and (S, G) entry,
RFP neighbors, and RPs.
c e
r are created on the router, it indicates
If (*, G) and (S, G)uentries
that the router s o forward multicast routers.
can
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
. h
n g
n i
ar
le
/ /
:
tpthat no network nodes need
1. What is the principle of PIM-SM?
t
to receive multicast data whenhthe multicast source begins to
PIM-SM is based on the assumption
s
send multicast packets. The :core task of multicast forwarding is
c e a unidirectional RPT. A router is
establishing and maintaining
elected as the RP ofrthe RPT. The RP forwards the multicast
o u along the RPT.
s
packet to the receiver
e
R side, the router connected to the receiver sends
At the receiver
the Joingmessage to the RP of the multicast group. The Join
i n is forwarded hop by hop and reaches the root (RP).
r
Then path that the Join message passes by becomes a branch of
message
e athe RPT.
L When the sender needs to send multicast data to a multicast
re
Mo
group, the first-hop router sends registers message to the RP.
The Register message reaches the RP and triggers
establishment of the SPT. The multicast source then sends the
multicast packet to the RP. The multicast packet is duplicated on
the RP and forwarded to the receivers along the RPT. The
packet is duplicated only at the crotches. The duplication repeats
until the packet reaches the receiver.

2. How does a router join the RPT?

When a receiver host joins multicast group G, the host sends an
IGMP packet to notify the leaf router to which receiver host
connected . The leaf router obtains the information about this
receiver, and then sends a Join message to the upstream node
toward the RP.
Each router on the path from the leaf router to the RP generates
e n
a (*, G) entry in the forwarding table. These routers form a
m/
branch of the rendezvous point tree (RPT).
c o
3. How does a multicast group register?
i .
When multicast source sends a multicast packet to multicast we
group G, the router directly connected to multicast source
ua
. h
encapsulates the multicast packet into the Register packet, and
g
nsource, the
then sends the packet to the corresponding RP in unicast mode.
When receiving the Register message from multicast i
n the
RP de-encapsulates the message, and then forwards r
a the RP
l e
message to the receiver along the RPT. In addition,
sends the Join message in the converse /
: /(S, G) entry, and thus all
direction to multicast
source. The Join message contains the
routers along the path between thetRP p and the multicast
source generates an (S, G) entry.
t
h These routers that the Join
message passes form a branch
s : of the SPT. The multicast source
c
is the root of the SPT, ande the RP is the destination of the SPT.
u r
s o
Re
n g
n i
a r
Le
re
Mo

e n
m/
c o
i .
we
ua
.h
n g
n i
ar
le
//
:
ttp
h
s :
c e
u r
s o
Re
ing
n
ar
Le
re
Mo
The privilege of HCNA/HCNP/HCIE:
With any Huawei Career Certification, you have the privilege on http://learning.huawei.com/en to enjoy:
 1、Comprehensive E-Learning Courses
e n
Content：All Huawei Career Certification E-Learning courses / m
o


.c
Methods to get the E-learning privilege : submit Huawei Account and email being used for Huawei Account
registration to Learning@huawei.com . e i
a w
 2、 Training Material Download u
h training material
Content: Huawei product training material and Huawei career certification g .
n

Method：Logon http://learning.huawei.com/en and enter HuaWei n iTraining/Classroom Training ,then you can
r

download training material in the specific training introduction a

le page.
3、 Priority to participate in Huawei Online Open Class(LVC) /

: /
 Content：The Huawei career certification training covering
t p all ICT technical domains like R&S, UC&C, Security,
Storage and so on, which are conducted by Huawei ht professional instructors
Method：The plan and participate methodsplease : refer to LVC Open Courses Schedule
ce

 4、Learning Tool: eNSP

u r
eNSP (Enterprise Network SimulationoPlatform) is a graphical network simulation tool which is developed by

e s
Huawei and free of charge. eNSP R mainly simulates enterprise routers, switches as close to the real hardware as
it possible, which makes the n glab practice available and easy without any real device.
n iup Huawei Technical Forum which allows candidates to discuss technical issues with

r
In addition, Huawei has built
aexam
Huawei experts , share
L e experiences with others or be acquainted with Huawei Products(
e
http://support.huawei.com/ecommunity/）
r
Mo
HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential 1

Huawei Technologies Co., Ltd. 1

Uploaded by

Copyright:

Available Formats

Huawei Technologies Co., Ltd. 1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Huawei Technologies Co., Ltd. 1

Uploaded by

Copyright:

Available Formats

The privilege of HCNA/HCNP/HCIE:

download training material in the specific training introduction a

 4、Learning Tool: eNSP

8KRG_OTM UT OZY YZXUTM ZKINTOIGR GTJ VXULKYYOUTGR ZXGOTOTM Y_YZKS

s o /TZKXTKZ]UXQ +^VKXZ OY JKYOMTKJ ZU KTJ[K

n g JOGMTUYZOIY GTJ ZXU[HRKYNUUZOTM UL .[G]KO VXUJ[IZY

HCIE- HCIE- HCIE-

R&S Carrier Transmissio

WLAN LTE Security UC CC VC Cloud Storage Design

XGTMOTM LXUS RKGXTKXY VXKVGXOTM LUX ZNK .)*6/+84 K^GSOTGZOUT ZU

/ l Y[HTKZ JO\OYOUT GTJ

s : GTJ ZNK (UXJKX -GZK]G_ 6XUZUIUR

"$   

Le,  &   

HC Series   "#

Module 4 Route Selection & Control .....................................................................................Page 553

Route Selection Tools.....................................................................................................Page 555

Routing Policy.................................................................................................................Page 574

Policy-based Route Selection ........................................................................................Page 625

Module 5 Multicast ................................................................................................................Page 635

HC Series HUAWEI TECHNOLOGIES Page3

Page4 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page5

Page6 HUAWEI TECHNOLOGIES HC Series

Le features. The hierarchical network structure requires a specific IP

HC Series HUAWEI TECHNOLOGIES Page7

Page8 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page9

Page10 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page11

Le number of valid bits in class A address is 7. The first octet of

re class A address ranges from 1 to 126 (127 is reserved). For

HC Series HUAWEI TECHNOLOGIES Page13

R e with the all 1s host ID is called broadcast

Page14 HUAWEI TECHNOLOGIES HC Series

c e Multiple subnets are divided within

HC Series HUAWEI TECHNOLOGIES Page15

Page16 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page17

Page18 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page19

namely, the 16-bit host ID.sThe : subnet mask of class C address

Page20 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page21

a r networks/subnets, but less IP addresses can be allocated.

Le Such addressing scheme can save lots of IP addresses, which

re can be used in other subnets.

Page22 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page23

R the IP addresses of the four

g between the four routers and the gateway are

Le the number of host bits is 5 and the number of subnet bits is 3.

re Therefore, the number of host bits is 5 in each office.

Page24 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page25

in dotted decimal notation. h t

Page26 HUAWEI TECHNOLOGIES HC Series

HC Series HUAWEI TECHNOLOGIES Page27

8KRG_OTM UT OZY YZXUTM ZKINTOIGR GTJ VXULKYYOUTGR ZXGOTOTM Y_YZKS

s o /TZKXTKZ]UXQ +^VKXZ OY JKYOMTKJ ZU KTJ[K

n g JOGMTUYZOIY GTJ ZXU[HRKYNUUZOTM UL .[G]KO VXUJ[IZY

XGTMOTM LXUS RKGXTKXY VXKVGXOTM LUX ZNK .)*6/+84 K^GSOTGZOUT ZU

/ l Y[HTKZ JO\OYOUT GTJ

"$

Le,&

HC Series "#