Page 1
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
First Published: 2017-07-31
Last Modified: 2017-11-03
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Page 2
©
2017 Cisco Systems, Inc. All rights reserved.
Page 3
CONTENTS
CHAPTER 1
Configuring Bidirectional Forwarding Detection 1
Bidirectional Forwarding Detection 1
Finding Feature Information 1
Prerequisites for Bidirectional Forwarding Detection 1
Restrictions for Bidirectional Forwarding Detection 2
Information About Bidirectional Forwarding Detection 2
BFD Operation 2
Neighbor Relationships 2
BFD Detection of Failures 3
BFD Version Interoperability 3
BFD Session Limits 4
BFD Support for Nonbroadcast Media Interfaces 4
BFD Support for Nonstop Forwarding with Stateful Switchover 4
BFD Support for Stateful Switchover 4
BFD Support for Static Routing 4
Benefits of Using BFD for Failure Detection 5
How to Configure Bidirectional Forwarding Detection 6
Configuring BFD Session Parameters on the Interface 6
Configuring BFD Support for Dynamic Routing Protocols 7
Configuring BFD Support for eBGP 7
Configuring BFD Support for EIGRP 8
Configuring BFD Support for IS-IS 10
Prerequisites 10
Configuring BFD Support for IS-IS for All Interfaces 11
Configuring BFD Support for IS-IS for One or More Interfaces 12
Configuring BFD Support for OSPF 13
Configuring BFD Support for OSPF for All Interfaces 14
Configuring BFD Support for OSPF for One or More Interfaces 15
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
iii
Page 4
Contents
Configuring BFD Support for HSRP 17
Configuring BFD Support for Static Routing 18
Configuring BFD Echo Mode 21
Prerequisites 21
Restrictions 21
Disabling BFD Echo Mode Without Asymmetry 21
Creating and Configuring BFD Templates 22
Configuring a Single-Hop Template 22
Monitoring and Troubleshooting BFD 23
Monitoring and Troubleshooting BFD 23
Feature Information for Bidirectional Forwarding Detection 24
CHAPTER 2
Configuring MSDP 25
Information About Configuring MSDP 25
MSDP Overview 25
MSDP Operation 26
MSDP Benefits 27
How to Configure MSDP 28
Default MSDP Configuration 28
Configuring a Default MSDP Peer 28
Caching Source-Active State 30
Requesting Source Information from an MSDP Peer 31
Controlling Source Information that Your Switch Originates 32
Redistributing Sources 33
Filtering Source-Active Request Messages 35
Controlling Source Information that Your Switch Forwards 36
Using a Filter 36
Using TTL to Limit the Multicast Data Sent in SA Messages 39
Controlling Source Information that Your Switch Receives 40
Configuring an MSDP Mesh Group 42
Shutting Down an MSDP Peer 43
Including a Bordering PIM Dense-Mode Region in MSDP 44
Configuring an Originating Address other than the RP Address 46
Monitoring and Maintaining MSDP 47
Configuration Examples for Configuring MSDP 48
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
iv
Page 5
Contents
Configuring a Default MSDP Peer: Example 48
Caching Source-Active State: Example 49
Requesting Source Information from an MSDP Peer: Example 49
Controlling Source Information that Your Switch Originates: Example 49
Controlling Source Information that Your Switch Forwards: Example 49
Controlling Source Information that Your Switch Receives: Example 50
Feature Information for Multicast Source Discovery Protocol 50
CHAPTER 3
Configuring IP Unicast Routing 51
Information About Configuring IP Unicast Routing 52
Information About IP Routing 52
Types of Routing 53
Classless Routing 53
Address Resolution 55
Proxy ARP 55
ICMP Router Discovery Protocol 55
UDP Broadcast Packets and Protocols 56
Broadcast Packet Handling 56
IP Broadcast Flooding 57
How to Configure IP Routing 57
How to Configure IP Addressing 58
Default IP Addressing Configuration 59
Assigning IP Addresses to Network Interfaces 60
Using Subnet Zero 61
Disabling Classless Routing 62
Configuring Address Resolution Methods 63
Defining a Static ARP Cache 63
Setting ARP Encapsulation 65
Enabling Proxy ARP 66
Routing Assistance When IP Routing is Disabled 68
Proxy ARP 68
Default Gateway 68
ICMP Router Discovery Protocol (IRDP) 69
Configuring Broadcast Packet Handling 71
Enabling Directed Broadcast-to-Physical Broadcast Translation 71
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
v
Page 6
Contents
Forwarding UDP Broadcast Packets and Protocols 73
Establishing an IP Broadcast Address 75
Flooding IP Broadcasts 76
Monitoring and Maintaining IP Addressing 77
How to Configure IP Unicast Routing 78
Enabling IP Unicast Routing 78
Example of Enabling IP Routing 79
What to Do Next 79
Information About RIP 80
Summary Addresses and Split Horizon 80
How to Configure RIP 81
Default RIP Configuration 81
Configuring Basic RIP Parameters 82
Configuring RIP Authentication 84
Configuring Summary Addresses and Split Horizon 85
Configuring Split Horizon 87
Configuration Example for Summary Addresses and Split Horizon 88
Information About OSPF 89
OSPF Nonstop Forwarding 89
OSPF NSF Awareness 90
OSPF NSF Capability 90
OSPF Area Parameters 90
Other OSPF Parameters 90
LSA Group Pacing 91
Loopback Interfaces 91
How to Configure OSPF 92
Default OSPF Configuration 92
Configuring Basic OSPF Parameters 93
Configuring OSPF Interfaces 95
Configuring OSPF Area Parameters 97
Configuring Other OSPF Parameters 99
Changing LSA Group Pacing 101
Configuring a Loopback Interface 102
Monitoring OSPF 103
Configuration Examples for OSPF 104
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
vi
Page 7
Contents
Example: Configuring Basic OSPF Parameters 104
Information About EIGRP 104
EIGRP Features 104
EIGRP Components 105
EIGRP Nonstop Forwarding 106
EIGRP NSF Awareness 106
EIGRP NSF Capability 106
EIGRP Stub Routing 106
How to Configure EIGRP 107
Default EIGRP Configuration 108
Configuring Basic EIGRP Parameters 109
Configuring EIGRP Interfaces 111
Configuring EIGRP Route Authentication 113
Monitoring and Maintaining EIGRP 115
Information About BGP 115
BGP Network Topology 115
Nonstop Forwarding Awareness 117
Information About BGP Routing 117
Routing Policy Changes 117
BGP Decision Attributes 118
Route Maps 119
BGP Filtering 119
Prefix List for BGP Filtering 120
BGP Community Filtering 120
BGP Neighbors and Peer Groups 121
Aggregate Routes 121
Routing Domain Confederations 121
BGP Route Reflectors 121
Route Dampening 122
More BGP Information 122
How to Configure BGP 122
Default BGP Configuration 122
Enabling BGP Routing 126
Managing Routing Policy Changes 128
Configuring BGP Decision Attributes 129
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
vii
Page 8
Contents
Configuring BGP Filtering with Route Maps 131
Configuring BGP Filtering by Neighbor 132
Configuring BGP Filtering by Access Lists and Neighbors 133
Configuring Prefix Lists for BGP Filtering 135
Configuring BGP Community Filtering 136
Configuring BGP Neighbors and Peer Groups 137
Configuring Aggregate Addresses in a Routing Table 140
Configuring Routing Domain Confederations 141
Configuring BGP Route Reflectors 143
Configuring Route Dampening 144
Monitoring and Maintaining BGP 145
IS-IS Routing 147
IS-IS Dynamic Routing 147
Nonstop Forwarding Awareness 147
IS-IS Global Parameters 148
IS-IS Interface Parameters 148
How to Configure IS-IS Routing 149
Default IS-IS Configuration 149
Enabling IS-IS Routing 150
Configuring IS-IS Global Parameters 152
Configuring IS-IS Interface Parameters 155
Monitoring and Maintaining IS-IS 158
Information About Multi-VRF CE 158
Understanding Multi-VRF CE 159
Network Topology 159
Packet-Forwarding Process 160
Network Components 161
VRF-Aware Services 161
How to Configure Multi-VRF CE 161
Default Multi-VRF CE Configuration 161
viii
Multi-VRF CE Configuration Guidelines 162
Configuring VRFs 163
Configuring VRF-Aware Services 164
Configuring VRF-Aware Services for ARP 165
Configuring VRF-Aware Services for Ping 165
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
Page 9
Contents
Configuring VRF-Aware Services for SNMP 165
Configuring VRF-Aware Servcies for uRPF 166
Configuring VRF-Aware RADIUS 168
Configuring VRF-Aware Services for Syslog 168
Configuring VRF-Aware Services for Traceroute 169
Configuring VRF-Aware Services for FTP and TFTP 169
Configuring Multicast VRFs 170
Configuring a VPN Routing Session 173
Configuring BGP PE to CE Routing Sessions 174
Monitoring Multi-VRF CE 175
Configuration Examples for Multi-VRF CE 176
Multi-VRF CE Configuration Example 176
Configuring Unicast Reverse Path Forwarding 179
Protocol-Independent Features 179
Distributed Cisco Express Forwarding 180
Information About Cisco Express Forwarding 180
How to Configure Cisco Express Forwarding 180
Number of Equal-Cost Routing Paths 182
Information About Equal-Cost Routing Paths 182
How to Configure Equal-Cost Routing Paths 183
Static Unicast Routes 183
Information About Static Unicast Routes 183
Configuring Static Unicast Routes 184
Default Routes and Networks 186
Information About Default Routes and Networks 186
How to Configure Default Routes and Networks 186
Route Maps to Redistribute Routing Information 187
Information About Route Maps 187
How to Configure a Route Map 187
How to Control Route Distribution 191
Policy-Based Routing 193
Information About Policy-Based Routing 193
How to Configure PBR 194
Filtering Routing Information 197
Setting Passive Interfaces 197
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
ix
Page 10
Contents
Controlling Advertising and Processing in Routing Updates 199
Filtering Sources of Routing Information 200
Managing Authentication Keys 201
Prerequisites 201
How to Configure Authentication Keys 201
Monitoring and Maintaining the IP Network 203
Feature Information for IP Unicast Routing 203
CHAPTER 4
Configuring Generic Routing Encapsulation(GRE) Tunnel IP Source and Destination VRF
Membership 205
Restrictions for GRE Tunnel IP Source and Destination VRF Membership 205
Information About GRE Tunnel IP Source and Destination VRF Membership 206
How to Configure GRE Tunnel IP Source and Destination VRF Membership 206
Configuration Example for GRE Tunnel IP Source and Destination VRF Membership 207
Additional References 208
Feature History for Generic Routing Encapsulation Tunnel IP Source and Destination VRF
Membership 209
Notices 211
Trademarks 211
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
x
Page 11
Configuring Bidirectional Forwarding Detection
Bidirectional Forwarding Detection, page 1
•
Bidirectional Forwarding Detection
This document describes how to enable the Bidirectional Forwarding Detection (BFD) protocol. BFD is a
detection protocol that is designed to provide fast forwarding path failure detection times for all media types,
encapsulations, topologies, and routing protocols.
BFD provides a consistent failure detection method for network administrators, in addition to fast forwarding
path failure detection. Because the network administrator can use BFD to detect forwarding path failures at
a uniform rate, rather than the variable rates for different routing protocol hello mechanisms, network profiling
and planning will be easier, and reconvergence time will be consistent and predictable.
Finding Feature Information
CHAPTER 1
Your software release may not support all the features documented in this module. For the latest caveats and
feature information, see Bug Search Tool and the release notes for your platform and software release. To
find information about the features documented in this module, and to see a list of the releases in which each
feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support.
To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not
required.
Prerequisites for Bidirectional Forwarding Detection
Cisco Express Forwarding and IP routing must be enabled on all participating switches.
•
One of the IP routing protocols supported by BFD must be configured on the switches before BFD is
•
deployed. You should implement fast convergence for the routing protocol that you are using. See the
IP routing documentation for your version of Cisco IOS software for information on configuring fast
convergence. See the Restrictions for Bidirectional Forwarding Detection section for more information
on BFD routing protocol support in Cisco IOS software.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
1
Page 12
Configuring Bidirectional Forwarding Detection
Restrictions for Bidirectional Forwarding Detection
Restrictions for Bidirectional Forwarding Detection
BFD works only for directly connected neighbors. BFD neighbors must be no more than one IP hop
•
away. Multihop configurations are not supported.
BFD support is not available for all platforms and interfaces. To confirm BFD support for a specific
•
platform or interface and obtain the most accurate platform and hardware restrictions, see the Cisco IOS
software release notes for your software version.
BFD packets are not matched in the QoS policy for self-generated packets.
•
BFD packets are matched in the class class-default command. So, the user must make sure of the
•
availability of appropriate bandwidth to prevent dropping of BFD packets due to oversubscription.
BFD HA support is not available starting Cisco Denali IOS XE 16.3.1
•
Information About Bidirectional Forwarding Detection
BFD Operation
BFD provides a low-overhead, short-duration method of detecting failures in the forwarding path between
two adjacent routers, including the interfaces, data links, and forwarding planes.
BFD is a detection protocol that you enable at the interface and routing protocol levels. Cisco supports BFD
asynchronous mode, which depends on the sending of BFD control packets between two systems to activate
and maintain BFD neighbor sessions between routers. Therefore, in order for a BFD session to be created,
you must configure BFD on both systems (or BFD peers). Once BFD has been enabled on the interfaces and
at the router level for the appropriate routing protocols, a BFD session is created, BFD timers are negotiated,
and the BFD peers will begin to send BFD control packets to each other at the negotiated interval.
Neighbor Relationships
BFD provides fast BFD peer failure detection times independently of all media types, encapsulations, topologies,
and routing protocols BGP, EIGRP, IS-IS, and OSPF. By sending rapid failure detection notices to the routing
protocols in the local router to initiate the routing table recalculation process, BFD contributes to greatly
reduced overall network convergence time. The figure below shows a simple network with two routers running
OSPF and BFD. When OSPF discovers a neighbor (1) it sends a request to the local BFD process to initiate
a BFD neighbor session with the OSPF neighbor router (2). The BFD neighbor session with the OSPF neighbor
router is established (3).
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
2
Page 13
Configuring Bidirectional Forwarding Detection
The figure below shows what happens when a failure occurs in the network (1). The BFD neighbor session
with the OSPF neighbor router is torn down (2). BFD notifies the local OSPF process that the BFD neighbor
is no longer reachable (3). The local OSPF process tears down the OSPF neighbor relationship (4). If an
alternative path is available, the routers will immediately start converging on it.
A routing protocol needs to register with BFD for every neighbor it acquires. Once a neighbor is registered,
BFD initiates a session with the neighbor if a session does not already exist.
OSPF registers with BFD when:
A neighbor finite state machine (FSM) transitions to full state.
•
Information About Bidirectional Forwarding Detection
Both OSPF BFD and BFD are enabled.
•
On broadcast interfaces, OSPF establishes a BFD session only with the designated router (DR) and backup
designated router (BDR), but not between any two routers in DROTHER state.
BFD Detection of Failures
Once a BFD session has been established and timer negations are complete, BFD peers send BFD control
packets that act in the same manner as an IGP hello protocol to detect liveliness, except at a more accelerated
rate. The following information should be noted:
BFD is a forwarding path failure detection protocol. BFD detects a failure, but the routing protocol must
•
take action to bypass a failed peer.
Starting Cisco IOS XE Denali 16.3.1, Cisco devices will support BFD version 0, where devices will use
•
one BFD session for multiple client protocols in the implementation. For example, if a network is running
OSPF and EIGRP across the same link to the same peer, only one BFD session will be established, and
BFD will share session information with both routing protocols.
BFD Version Interoperability
All BFD sessions come up as Version 1 by default and will be interoperable with Version 0. The system
automatically performs BFD version detection, and BFD sessions between neighbors will run in the highest
common BFD version between neighbors. For example, if one BFD neighbor is running BFD Version 0 and
the other BFD neighbor is running Version 1, the session will run BFD Version 0. The output from the show
bfd neighbors [details] command will verify which BFD version a BFD neighbor is running.
See the Example Configuring BFD in an EIGRP Network with Echo Mode Enabled by Default for an example
of BFD version detection.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
3
Page 14
Information About Bidirectional Forwarding Detection
BFD Session Limits
Starting Cisco IOS XE Denali 16.3.1, the number of BFD sessions that can be created has been increased to
100.
BFD Support for Nonbroadcast Media Interfaces
Starting Cisco IOS XE Denali 16.3.1, the BFD feature is supported on routed, SVI and L3 portchannels.
The bfd interval command must be configured on the interface to initiate BFD monitoring.
BFD Support for Nonstop Forwarding with Stateful Switchover
Typically, when a networking device restarts, all routing peers of that device detect that the device went down
and then came back up. This transition results in a routing flap, which could spread across multiple routing
domains. Routing flaps caused by routing restarts create routing instabilities, which are detrimental to the
overall network performance. Nonstop forwarding (NSF) helps to suppress routing flaps in devices that are
enabled with stateful switchover (SSO), thereby reducing network instability.
NSF allows for the forwarding of data packets to continue along known routes while the routing protocol
information is being restored after a switchover. With NSF, peer networking devices do not experience routing
flaps. Data traffic is forwarded through intelligent line cards or dual forwarding processors while the standby
RP assumes control from the failed active RP during a switchover. The ability of line cards and forwarding
processors to remain up through a switchover and to be kept current with the Forwarding Information Base
(FIB) on the active RP is key to NSF operation.
In devices that support dual RPs, SSO establishes one of the RPs as the active processor; the other RP is
designated as the standby processor, and then synchronizes information between them. A switchover from
the active to the standby processor occurs when the active RP fails, when it is removed from the networking
device, or when it is manually taken down for maintenance.
Configuring Bidirectional Forwarding Detection
BFD Support for Stateful Switchover
The BFD protocol provides short-duration detection of failures in the path between adjacent forwarding
engines. In network deployments that use dual RP routers or switches (to provide redundancy), the routers
have a graceful restart mechanism that protects the forwarding state during a switchover between the active
RP and the standby RP.
The dual RPs have variable switchover times that depend on the ability of the hardware to detect a
communication failure. When BFD is running on the RP, some platforms are not able to detect a switchover
before the BFD protocol times out; these platforms are referred to as slow switchover platforms.
BFD Support for Static Routing
Unlike dynamic routing protocols, such as OSPF and BGP, static routing has no method of peer discovery.
Therefore, when BFD is configured, the reachability of the gateway is completely dependent on the state of
the BFD session to the specified neighbor. Unless the BFD session is up, the gateway for the static route is
considered unreachable, and therefore the affected routes will not be installed in the appropriate Routing
Information Base (RIB).
For a BFD session to be successfully established, BFD must be configured on the interface on the peer and
there must be a BFD client registered on the peer for the address of the BFD neighbor. When an interface is
used by dynamic routing protocols, the latter requirement is usually met by configuring the routing protocol
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
4
Page 15
Configuring Bidirectional Forwarding Detection
instances on each neighbor for BFD. When an interface is used exclusively for static routing, this requirement
must be met by configuring static routes on the peers.
If a BFD configuration is removed from the remote peer while the BFD session is in the up state, the updated
state of the BFD session is not signaled to IPv4 static. This will cause the static route to remain in the RIB.
The only workaround is to remove the IPv4 static BFD neighbor configuration so that the static route no
longer tracks BFD session state. Also, if you change the encapsulation type on a serial interface to one that
is unsupported by BFD, BFD will be in a down state on that interface. The workaround is to shut down the
interface, change to a supported encapsulation type, and then reconfigure BFD.
A single BFD session can be used by an IPv4 static client to track the reachability of next hops through a
specific interface. You can assign a BFD group for a set of BFD-tracked static routes. Each group must have
one active static BFD configuration, one or more passive BFD configurations, and the corresponding static
routes to be BFD-tracked. Nongroup entries are BFD-tracked static routes for which a BFD group is not
assigned. A BFD group must accommodate static BFD configurations that can be part of different VRFs.
Effectively, the passive static BFD configurations need not be in the same VRF as that of the active
configuration.
For each BFD group, there can be only one active static BFD session. You can configure the active BFD
session by adding a static BFD configuration and a corresponding static route that uses the BFD configuration.
The BFD session in a group is created only when there is an active static BFD configuration and the static
route that uses the static BFD configuration. When the active static BFD configuration or the active static
route is removed from a BFD group, all the passive static routes are withdrawn from the RIB. Effectively, all
the passive static routes are inactive until an active static BFD configuration and a static route to be tracked
by the active BFD session are configured in the group.
Similarly, for each BFD group, there can be one or more passive static BFD configurations and their
corresponding static routes to be BFD-tracked. Passive static session routes take effect only when the active
BFD session state is reachable. Though the active BFD session state of the group is reachable, the passive
static route is added to the RIB only if the corresponding interface state is up. When a passive BFD session
is removed from a group, it will not affect the active BFD session if one existed, or the BFD group reachability
status.
Information About Bidirectional Forwarding Detection
Benefits of Using BFD for Failure Detection
When you deploy any feature, it is important to consider all the alternatives and be aware of any trade-offs
being made.
The closest alternative to BFD in conventional EIGRP, IS-IS, and OSPF deployments is the use of modified
failure detection mechanisms for EIGRP, IS-IS, and OSPF routing protocols.
If you set EIGRP hello and hold timers to their absolute minimums, the failure detection rate for EIGRP falls
to within a one- to two-second range.
If you use fast hellos for either IS-IS or OSPF, these Interior Gateway Protocol (IGP) protocols reduce their
failure detection mechanisms to a minimum of one second.
There are several advantages to implementing BFD over reduced timer mechanisms for routing protocols:
Although reducing the EIGRP, IS-IS, and OSPF timers can result in minimum detection timer of one
•
to two seconds, BFD can provide failure detection in less than one second.
Because BFD is not tied to any particular routing protocol, it can be used as a generic and consistent
•
failure detection mechanism for EIGRP, IS-IS, and OSPF.
Because some parts of BFD can be distributed to the data plane, it can be less CPU-intensive than the
•
reduced EIGRP, IS-IS, and OSPF timers, which exist wholly at the control plane.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
5
Page 16
Configuring Bidirectional Forwarding Detection
How to Configure Bidirectional Forwarding Detection
How to Configure Bidirectional Forwarding Detection
Configuring BFD Session Parameters on the Interface
To configure BFD on an interface, you need to set the baseline BFD session parameters on an interface. Repeat
the steps in this procedure for each interface over which you want to run BFD sessions to BFD neighbors.
Procedure
PurposeCommand or Action
Step 1
Step 2
Step 3
Example:
Device> enable
Example:
Device# configure terminal
ip address ipv4-address mask
•
ipv6 address ipv6-address/mask
•
Example:
Configuring an IPv4 address for the interface:
Device(config-if)# ip address
10.201.201.1 255.255.255.0
Configuring an IPv6 address for the interface:
Device(config-if)# ipv6 address
2001:db8:1:1::1/32
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
Enters global configuration mode.configure terminal
Configures an IP address for the interface.Perform one of the following steps:
Step 4
bfd interval milliseconds min_rx milliseconds
multiplier interval-multiplier
Enables BFD on the interface.
The BFD interval configuration is removed when
the subinterface on which it is configured is
Example:
Device(config-if)# bfd interval 100
min_rx 100 multiplier 3
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
6
removed.
The BFD interval configuration is not removed
when:
an IPv4 address is removed from an interface
•
an IPv6 address is removed from an interface
•
IPv6 is disabled from an interface
•
Page 17
Configuring Bidirectional Forwarding Detection
How to Configure Bidirectional Forwarding Detection
PurposeCommand or Action
an interface is shutdown
•
IPv4 CEF is disabled globally or locally on
•
an interface
IPv6 CEF is disabled globally or locally on
•
an interface
Step 5
end
Example:
Device(config-if)# end
Configuring BFD Support for Dynamic Routing Protocols
Configuring BFD Support for eBGP
This section describes the procedure for configuring BFD support for BGP so that BGP is a registered protocol
with BFD and will receive forwarding path detection failure messages from BFD.
Before You Begin
e BGP must be running on all participating routers.
The baseline parameters for BFD sessions on the interfaces over which you want to run BFD sessions to BFD
neighbors must be configured. See the Configuring BFD Session Parameters on the Interface section for more
information.
Exits interface configuration mode and returns to
privileged EXEC mode.
Output from the show bfd neighbors details command shows the configured intervals.Note
Procedure
Step 1
Example:
Device> enable
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
PurposeCommand or Action
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
7
Page 18
How to Configure Bidirectional Forwarding Detection
Configuring Bidirectional Forwarding Detection
PurposeCommand or Action
Step 2
Step 3
Step 4
Step 5
Step 6
Example:
Device# configure terminal
router bgp as-tag
Example:
Device(config)# router bgp tag1
neighbor ip-address fall-over bfd
Example:
Device(config-router)# neighbor
172.16.10.2 fall-over bfd
end
Example:
Device(config-router)# end
show bfd neighbors [details]
Example:
Enters global configuration mode.configure terminal
Specifies a BGP process and enters router
configuration mode.
Enables BFD support for fallover.
Exits router configuration mode and returns the
router to privileged EXEC mode.
(Optional) Verifies that the BFD neighbor is
active and displays the routing protocols that
BFD has registered.
Device# show bfd neighbors detail
Step 7
show ip bgp neighbor
Example:
Device# show ip bgp neighbor
Configuring BFD Support for EIGRP
This section describes the procedure for configuring BFD support for EIGRP so that EIGRP is a registered
protocol with BFD and will receive forwarding path detection failure messages from BFD. There are two
methods for enabling BFD support for EIGRP:
You can enable BFD for all of the interfaces for which EIGRP is routing by using the bfd all-interfaces
•
command in router configuration mode.
You can enable BFD for a subset of the interfaces for which EIGRP is routing by using the bfd interface
•
type number command in router configuration mode.
(Optional) Displays information about BGP and
TCP connections to neighbors.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
8
Page 19
Configuring Bidirectional Forwarding Detection
Before You Begin
EIGRP must be running on all participating routers.
The baseline parameters for BFD sessions on the interfaces over which you want to run BFD sessions to BFD
neighbors must be configured. See the Configuring BFD Session Parameters on the Interface section for more
information.
Output from the show bfd neighbors details command shows the configured intervals.Note
Procedure
How to Configure Bidirectional Forwarding Detection
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Example:
Device> enable
Example:
Device# configure terminal
router eigrp as-number
Example:
Device(config)# router eigrp 123
Do one of the following:
bfd all-interfaces
•
bfd interface type number
•
Example:
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
Enters global configuration mode.configure terminal
Configures the EIGRP routing process and enters
router configuration mode.
Enables BFD globally on all interfaces associated
with the EIGRP routing process.
or
Enables BFD on a per-interface basis for one or
more interfaces associated with the EIGRP routing
process.
Device(config-router)# bfd
all-interfaces
Example:
Device(config-router)# bfd interface
GigabitFastEthernet 1/0/1
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
9
Page 20
How to Configure Bidirectional Forwarding Detection
Configuring Bidirectional Forwarding Detection
PurposeCommand or Action
Step 5
Step 6
Step 7
end
Example:
Device(config-router) end
show bfd neighbors [details]
Example:
Device# show bfd neighbors details
show ip eigrp interfaces [type number]
[as-number] [detail]
Example:
Device# show ip eigrp interfaces
detail
Configuring BFD Support for IS-IS
This section describes the procedures for configuring BFD support for IS-IS so that IS-IS is a registered
protocol with BFD and will receive forwarding path detection failure messages from BFD. There are two
methods for enabling BFD support for IS-IS:
Exits router configuration mode and returns the
router to privileged EXEC mode.
(Optional) Verifies that the BFD neighbor is active
and displays the routing protocols that BFD has
registered.
(Optional) Displays the interfaces for which BFD
support for EIGRP has been enabled.
Prerequisites
Note
You can enable BFD for all of the interfaces on which IS-IS is supporting IPv4 routing by using the bfd
•
all-interfaces command in router configuration mode. You can then disable BFD for one or more of
those interfaces using the isis bfd disable command in interface configuration mode.
You can enable BFD for a subset of the interfaces for which IS-IS is routing by using the isis bfd
•
command in interface configuration mode.
To configure BFD support for IS-IS, perform the steps in one of the following sections:
IS-IS must be running on all participating routers.
The baseline parameters for BFD sessions on the interfaces that you want to run BFD sessions to BFD neighbors
over must be configured. See the Configuring BFD Session Parameters on the Interface section for more
information.
Output from the show bfd neighbors details command shows the configured intervals. The output does
not show intervals that were changed because hardware-offloaded BFD sessions were configured with
Tx and Rx intervals that are not multiples of 50 ms.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
10
Page 21
Configuring Bidirectional Forwarding Detection
Configuring BFD Support for IS-IS for All Interfaces
To configure BFD on all IS-IS interfaces that support IPv4 routing, perform the steps in this section.
Procedure
How to Configure Bidirectional Forwarding Detection
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
Example:
Device> enable
Example:
Device# configure terminal
router isis area-tag
Example:
Device(config)# router isis tag1
bfd all-interfaces
Example:
Device(config-router)# bfd
all-interfaces
exit
Example:
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
Enters global configuration mode.configure terminal
Specifies an IS-IS process and enters router
configuration mode.
Enables BFD globally on all interfaces associated with
the IS-IS routing process.
(Optional) Returns the router to global configuration
mode.
Step 6
Step 7
Device(config-router)# exit
interface type number
Example:
Device(config)# interface
fastethernet 6/0
ip router isis [ tag ]
Example:
Device(config-if)# ip router isis
tag1
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
(Optional) Enters interface configuration mode.
(Optional) Enables support for IPv4 routing on the
interface.
11
Page 22
How to Configure Bidirectional Forwarding Detection
Configuring Bidirectional Forwarding Detection
PurposeCommand or Action
Step 8
Step 9
Step 10
Step 11
isis bfd [disable]
Example:
Device(config-if)# isis bfd
end
Example:
Device(config-if)# end
show bfd neighbors [details]
Example:
Device# show bfd neighbors details
show clns interface
Example:
Device# show clns interface
(Optional) Enables or disables BFD on a per-interface
basis for one or more interfaces associated with the
IS-IS routing process.
Note
You should use the disable keyword only if
you had earlier enabled BFD on all of the
interfaces that IS-IS is associated with, using
the bfd all-interfaces command in
configuration mode.
Exits interface configuration mode and returns the
router to privileged EXEC mode.
(Optional) Displays information that can be used to
verify if the BFD neighbor is active and displays the
routing protocols that BFD has registered.
(Optional) Displays information that can be used to
verify if BFD for IS-IS has been enabled for a specific
IS-IS interface that is associated.
Configuring BFD Support for IS-IS for One or More Interfaces
To configure BFD for only one or more IS-IS interfaces, perform the steps in this section.
Procedure
Step 1
Example:
Device> enable
Step 2
Example:
Device# configure terminal
PurposeCommand or Action
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
Enters global configuration mode.configure terminal
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
12
Page 23
Configuring Bidirectional Forwarding Detection
How to Configure Bidirectional Forwarding Detection
PurposeCommand or Action
Step 3
Step 4
Step 5
Step 6
interface type number
Example:
Device(config)# interface
fastethernet 6/0
ip router isis [ tag ]
Example:
Device(config-if)# ip router isis
tag1
isis bfd [disable]
Example:
Device(config-if)# isis bfd
end
Example:
Enters interface configuration mode.
Enables support for IPv4 routing on the interface.
Enables or disables BFD on a per-interface basis for
one or more interfaces associated with the IS-IS routing
process.
Note
You should use the disable keyword only if
you enabled BFD on all of the interfaces that
IS-IS is associated with using the bfd
all-interfaces command in router
configuration mode.
Exits interface configuration mode and returns the
router to privileged EXEC mode.
Device(config-if)# end
Step 7
show bfd neighbors [details]
Example:
Device# show bfd neighbors
details
Step 8
show clns interface
Example:
Device# show clns interface
Configuring BFD Support for OSPF
This section describes the procedures for configuring BFD support for OSPF so that OSPF is a registered
protocol with BFD and will receive forwarding path detection failure messages from BFD. You can either
configure BFD support for OSPF globally on all interfaces or configure it selectively on one or more interfaces.
There are two methods for enabling BFD support for OSPF:
(Optional) Displays information that can help verify if
the BFD neighbor is active and displays the routing
protocols that BFD has registered.
(Optional) Displays information that can help verify if
BFD for IS-IS has been enabled for a specific IS-IS
interface that is associated.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
13
Page 24
How to Configure Bidirectional Forwarding Detection
You can enable BFD for all of the interfaces for which OSPF is routing by using the bfd all-interfaces
•
command in router configuration mode. You can disable BFD support on individual interfaces using
the ip ospf bfd [disable] command in interface configuration mode.
You can enable BFD for a subset of the interfaces for which OSPF is routing by using the ip ospf bfd
•
command in interface configuration mode.
See the following sections for tasks for configuring BFD support for OSPF:
Configuring BFD Support for OSPF for All Interfaces
To configure BFD for all OSPF interfaces, perform the steps in this section.
If you do not want to configure BFD on all OSPF interfaces and would rather configure BFD support specifically
for one or more interfaces, see the Configuring BFD Support for OSPF for One or More Interfaces section.
Before You Begin
OSPF must be running on all participating routers.
The baseline parameters for BFD sessions on the interfaces over which you want to run BFD sessions to BFD
neighbors must be configured. See the Configuring BFD Session Parameters on the Interface section for more
information.
Configuring Bidirectional Forwarding Detection
Procedure
Step 1
Step 2
Step 3
Step 4
Example:
Device> enable
Example:
Device# configure terminal
router ospf process-id
Example:
Device(config)# router ospf 4
bfd all-interfaces
Example:
Device(config-router)# bfd
all-interfaces
PurposeCommand or Action
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
Enters global configuration mode.configure terminal
Specifies an OSPF process and enters router
configuration mode.
Enables BFD globally on all interfaces associated with
the OSPF routing process.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
14
Page 25
Configuring Bidirectional Forwarding Detection
How to Configure Bidirectional Forwarding Detection
PurposeCommand or Action
Step 5
Step 6
Step 7
Step 8
exit
Example:
Device(config-router)# exit
interface type number
Example:
Device(config)# interface
fastethernet 6/0
ip ospf bfd [disable]
Example:
Device(config-if)# ip ospf bfd
disable
end
Example:
Device(config-if)# end
(Optional) Returns the device to global configuration
mode. Enter this command only if you want to perform
Step 7 to disable BFD for one or more interfaces.
(Optional) Enters interface configuration mode. Enter
this command only if you want to perform Step 7 to
disable BFD for one or more interfaces.
(Optional) Disables BFD on a per-interface basis for one
or more interfaces associated with the OSPF routing
process.
Note
You should use the disable keyword only if you
enabled BFD on all of the interfaces that OSPF
is associated with using the bfd all-interfaces
command in router configuration mode.
Exits interface configuration mode and returns the router
to privileged EXEC mode.
Step 9
Step 10
show bfd neighbors [details]
Example:
Device# show bfd neighbors
detail
show ip ospf
Example:
Device# show ip ospf
Configuring BFD Support for OSPF for One or More Interfaces
To configure BFD on one or more OSPF interfaces, perform the steps in this section.
Before You Begin
OSPF must be running on all participating routers.
The baseline parameters for BFD sessions on the interfaces over which you want to run BFD sessions to BFD
neighbors must be configured. See the Configuring BFD Session Parameters on the Interface section for more
information.
(Optional) Displays information that can help verify if
the BFD neighbor is active and displays the routing
protocols that BFD has registered.
(Optional) Displays information that can help verify if
BFD for OSPF has been enabled.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
15
Page 26
How to Configure Bidirectional Forwarding Detection
Procedure
Configuring Bidirectional Forwarding Detection
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Example:
Device> enable
Example:
Device# configure terminal
interface type number
Example:
Device(config)# interface
fastethernet 6/0
ip ospf bfd [disable]
Example:
Device(config-if)# ip ospf bfd
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
Enters global configuration mode.configure terminal
Enters interface configuration mode.
Enables or disables BFD on a per-interface basis for one
or more interfaces associated with the OSPF routing
process.
Note
You should use the disable keyword only if
you enabled BFD on all of the interfaces that
OSPF is associated with using the bfd
all-interfaces command in router configuration
mode.
Step 5
Step 6
Step 7
end
Example:
Device(config-if)# end
show bfd neighbors [details]
Example:
Device# show bfd neighbors
details
show ip ospf
Example:
Device# show ip ospf
Exits interface configuration mode and returns the router
to privileged EXEC mode.
(Optional) Displays information that can help verify if
the BFD neighbor is active and displays the routing
protocols that BFD has registered.
(Optional) Displays information that can help verify if
BFD support for OSPF has been enabled.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
16
Page 27
Configuring Bidirectional Forwarding Detection
Configuring BFD Support for HSRP
Perform this task to enable BFD support for Hot Standby Router Protocol (HSRP.) Repeat the steps in this
procedure for each interface over which you want to run BFD sessions to HSRP peers.
HSRP supports BFD by default. If HSRP support for BFD has been manually disabled, you can reenable it
at the router level to enable BFD support globally for all interfaces or on a per-interface basis at the interface
level.
Before You Begin
HSRP must be running on all participating routers.
•
Cisco Express Forwarding must be enabled.
•
Procedure
How to Configure Bidirectional Forwarding Detection
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
Example:
Device> enable
Example:
Device# configure terminal
ip cef [distributed]
Example:
Device(config)# ip cef
interface type number
Example:
Device(config)# interface FastEthernet
6/0
ip address ip-address mask
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
Enters global configuration mode.configure terminal
Enables Cisco Express Forwarding or
distributed Cisco Express Forwarding.
Enters interface configuration mode.
Configures an IP address for the interface.
Step 6
Example:
Device(config-if)# ip address 10.1.0.22
255.255.0.0
standby [group-number] ip [ip-address
[secondary]]
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
Activates HSRP.
17
Page 28
How to Configure Bidirectional Forwarding Detection
Example:
Device(config-if)# standby 1 ip 10.0.0.11
Configuring Bidirectional Forwarding Detection
PurposeCommand or Action
Step 7
Step 8
Step 9
Step 10
Step 11
standby bfd
Example:
Device(config-if)# standby bfd
Example:
Device(config-if)# exit
standby bfd all-interfaces
Example:
Device(config)# standby bfd
all-interfaces
Example:
Device(config)# exit
show standby neighbors
Example:
(Optional) Enables HSRP support for BFD
on the interface.
Exits interface configuration mode.exit
(Optional) Enables HSRP support for BFD
on all interfaces.
Exits global configuration mode.exit
(Optional) Displays information about
HSRP support for BFD.
Device# show standby neighbors
Configuring BFD Support for Static Routing
Perform this task to configure BFD support for static routing. Repeat the steps in this procedure on each BFD
neighbor. For more information, see the "Example: Configuring BFD Support for Static Routing" section.
Procedure
Step 1
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
18
PurposeCommand or Action
Enables privileged EXEC mode.enable
Page 29
Configuring Bidirectional Forwarding Detection
Example:
Device> enable
How to Configure Bidirectional Forwarding Detection
PurposeCommand or Action
Enter your password if prompted.
•
Step 2
Step 3
Step 4
Example:
Device# configure terminal
interface type number
Example:
Device(config)# interface serial 2/0
ip address ipv4-address mask
•
ipv6 address ipv6-address/mask
•
Example:
Configuring an IPv4 address for the interface:
Device(config-if)# ip address
10.201.201.1 255.255.255.0
Configuring an IPv6 address for the interface:
Device(config-if)# ipv6 address
2001:db8:1:1::1/32
Enters global configuration mode.configure terminal
Configures an interface and enters interface
configuration mode.
Configures an IP address for the interface.Perform one of the following steps:
Step 5
bfd interval milliseconds mix_rx milliseconds
multiplier interval-multiplier
Example:
Device(config-if)# bfd interval 500
min_rx 500 multiplier 5
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
Enables BFD on the interface.
The bfd interval configuration is removed when
the subinterface on which it is configured is
removed.
The bfd interval configuration is not removed
when:
an IPv4 address is removed from an
•
interface
an IPv6 address is removed from an
•
interface
IPv6 is disabled from an interface
•
an interface is shutdown
•
IPv4 CEF is disabled globally or locally on
•
an interface
19
Page 30
How to Configure Bidirectional Forwarding Detection
Configuring Bidirectional Forwarding Detection
PurposeCommand or Action
IPv6 CEF is disabled globally or locally on
•
an interface
Step 6
Step 7
Step 8
Step 9
exit
Example:
Device(config-if)# exit
ip route static bfd interface-type
interface-number ip-address [group
group-name [passive]]
Example:
Device(config)# ip route static bfd
TenGigabitEthernet1/0/1 10.10.10.2 group
group1 passive
ip route [vrf vrf-name] prefix mask {ip-address
| interface-type interface-number [ip-address]}
[dhcp] [distance] [name next-hop-name]
[permanent | track number] [tag tag]
Example:
Device(config)# ip route 10.0.0.0
255.0.0.0
exit
Example:
Exits interface configuration mode and returns
to global configuration mode.
Specifies a static route BFD neighbor.
The interface-type, interface-number, and
•
ip-address arguments are required because
BFD support exists only for directly
connected neighbors.
Specifies a static route BFD neighbor.
Exits global configuration mode and returns to
privileged EXEC mode.
Device(config)# exit
Step 10
show ip static route
(Optional) Displays static route database
information.
Example:
Device# show ip static route
Step 11
show ip static route bfd
(Optional) Displays information about the static
BFD configuration from the configured BFD
groups and nongroup entries.
Exits privileged EXEC mode and returns to user
Step 12
Example:
Device# show ip static route bfd
exit
EXEC mode.
Example:
Device# exit
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
20
Page 31
Configuring Bidirectional Forwarding Detection
Configuring BFD Echo Mode
BFD echo mode is enabled by default, but you can disable it such that it can run independently in each direction.
BFD echo mode works with asynchronous BFD. Echo packets are sent by the forwarding engine and forwarded
back along the same path in order to perform detection--the BFD session at the other end does not participate
in the actual forwarding of the echo packets. The echo function and the forwarding engine are responsible for
the detection process; therefore, the number of BFD control packets that are sent out between two BFD
neighbors is reduced. In addition, because the forwarding engine is testing the forwarding path on the remote
(neighbor) system without involving the remote system, there is an opportunity to improve the interpacket
delay variance, thereby achieving quicker failure detection times than when using BFD Version 0 with BFD
control packets for the BFD session.
Echo mode is described as without asymmetry when it is running on both sides (both BFD neighbors are
running echo mode).
How to Configure Bidirectional Forwarding Detection
Prerequisites
BFD must be running on all participating routers.
Before using BFD echo mode, you must disable the sending of Internet Control Message Protocol (ICMP)
redirect messages by entering the no ip redirects command, in order to avoid high CPU utilization.
The baseline parameters for BFD sessions on the interfaces over which you want to run BFD sessions to BFD
neighbors must be configured. See the Configuring BFD Session Parameters on the Interface section for more
information.
Restrictions
BFD echo mode does not work in conjunction with Unicast Reverse Path Forwarding (uRPF) configuration.
If BFD echo mode and uRPF configurations are enabled, then the sessions will flap.
Disabling BFD Echo Mode Without Asymmetry
The steps in this procedure show how to disable BFD echo mode without asymmetry—no echo packets will
be sent by the router, and the router will not forward BFD echo packets that are received from any neighbor
routers.
Repeat the steps in this procedure for each BFD router.
Procedure
Step 1
Example:
Router> enable
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
PurposeCommand or Action
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
21
Page 32
How to Configure Bidirectional Forwarding Detection
Configuring Bidirectional Forwarding Detection
PurposeCommand or Action
Step 2
Example:
Router# configure terminal
Step 3
Example:
Router(config)# no bfd echo
Step 4
end
Example:
Router(config)# end
Creating and Configuring BFD Templates
You can configure a single-hop template to specify a set of BFD interval values. BFD interval values specified
as part of the BFD template are not specific to a single interface.
Enters global configuration mode.configure terminal
Disables BFD echo mode.no bfd echo
Use the no form to disable BFD echo mode.
•
Exits global configuration mode and returns to
privileged EXEC mode.
Configuring bfd-template will disable echo mode.Note
Configuring a Single-Hop Template
Perform this task to create a BFD single-hop template and configure BFD interval timers.
Procedure
Step 1
Example:
Device> enable
Step 2
Example:
Device# configure terminal
PurposeCommand or Action
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
Enters global configuration mode.configure terminal
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
22
Page 33
Configuring Bidirectional Forwarding Detection
How to Configure Bidirectional Forwarding Detection
PurposeCommand or Action
Step 3
Step 4
bfd-template single-hop template-name
Example:
Device(config)# bfd-template
single-hop bfdtemplate1
interval min-tx milliseconds min-rx
milliseconds multiplier multiplier-value
Example:
Device(bfd-config)# interval min-tx
120 min-rx 100 multiplier 3
Step 5
end
Example:
Device(bfd-config)# end
Monitoring and Troubleshooting BFD
This section describes how to retrieve BFD information for maintenance and troubleshooting. The commands
in these tasks can be entered as needed, in any order desired.
This section contains information for monitoring and troubleshooting BFD for the following Cisco platforms:
Creates a single-hop BFD template and enters
BFD configuration mode.
Configures the transmit and receive intervals
between BFD packets, and specifies the number
of consecutive BFD control packets that must be
missed before BFD declares that a peer is
unavailable.
Exits BFD configuration mode and returns the
device to privileged EXEC mode.
Monitoring and Troubleshooting BFD
To monitor or troubleshoot BFD on Cisco 7600 series routers, perform one or more of the steps in this section.
Procedure
Step 1
Example:
Router> enable
Step 2
Example:
Router# show bfd neighbors details
PurposeCommand or Action
Enables privileged EXEC mode.enable
Enter your password if prompted.
•
(Optional) Displays the BFD adjacency database.show bfd neighbors [details]
The details keyword shows all BFD protocol
•
parameters and timers per neighbor.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
23
Page 34
Feature Information for Bidirectional Forwarding Detection
Configuring Bidirectional Forwarding Detection
PurposeCommand or Action
Step 3
debug bfd [packet | event]
(Optional) Displays debugging information about
BFD packets.
Example:
Router# debug bfd packet
Feature Information for Bidirectional Forwarding Detection
Table 1: Feature Information for Bidirectional Forwarding Detection
Feature InformationReleaseFeature Name
This feature was introducedCisco IOS XE Everest 16.5.1aBidirectional Forwarding
Detection
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
24
Page 35
Configuring MSDP
Information About Configuring MSDP, page 25
•
How to Configure MSDP, page 28
•
Monitoring and Maintaining MSDP, page 47
•
Configuration Examples for Configuring MSDP, page 48
•
Feature Information for Multicast Source Discovery Protocol, page 50
•
Information About Configuring MSDP
This section describes how to configure the Multicast Source Discovery Protocol (MSDP on the switch. The
MSDP connects multiple Protocol-Independent Multicast sparse-mode (PIM-SM) domains.
MSDP is not fully supported in this software release because of a lack of support for Multicast Border Gateway
Protocol (MBGP), which works closely with MSDP. However, it is possible to create default peers that MSDP
can operate with if MBGP is not running.
CHAPTER 2
To use this feature, the active switch must be running the Network Advantage feature set.Note
MSDP Overview
MSDP allows multicast sources for a group to be known to all rendezvous points (RPs) in different domains.
Each PIM-SM domain uses its own RPs and does not depend on RPs in other domains. An RP runs MSDP
over the Transmission Control Protocol (TCP) to discover multicast sources in other domains.
An RP in a PIM-SM domain has an MSDP peering relationship with MSDP-enabled devices in another
domain. The peering relationship occurs over a TCP connection, primarily exchanging a list of sources sending
to multicast groups. The TCP connections between RPs are achieved by the underlying routing system. The
receiving RP uses the source lists to establish a source path.
The purpose of this topology is to have domains discover multicast sources in other domains. If the multicast
sources are of interest to a domain that has receivers, multicast data is delivered over the normal, source-tree
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
25
Page 36
MSDP Overview
building mechanism in PIM-SM. MSDP is also used to announce sources sending to a group. These
announcements must originate at the domain’s RP.
MSDP depends heavily on the Border Gateway Protocol (BGP) or MBGP for interdomain operation. We
recommend that you run MSDP in RPs in your domain that are RPs for sources sending to global groups to
be announced to the Internet.
MSDP Operation
When a source sends its first multicast packet, the first-hop router (designated router or RP) directly connected
to the source sends a PIM register message to the RP. The RP uses the register message to register the active
source and to forward the multicast packet down the shared tree in the local domain. With MSDP configured,
the RP also forwards a source-active (SA) message to all MSDP peers. The SA message identifies the source,
the group the source is sending to, and the address of the RP or the originator ID (the IP address of the interface
used as the RP address), if configured.
Each MSDP peer receives and forwards the SA message away from the originating RP to achieve peer
reverse-path flooding (RPF). The MSDP device examines the BGP or MBGP routing table to discover which
peer is the next hop toward the originating RP of the SA message. Such a peer is called an RPF peer
(reverse-path forwarding peer). The MSDP device forwards the message to all MSDP peers other than the
RPF peer. For information on how to configure an MSDP peer when BGP and MBGP are not supported, see
the Configuring a Default MSDP Peer, on page 28.
If the MSDP peer receives the same SA message from a non-RPF peer toward the originating RP, it drops
the message. Otherwise, it forwards the message to all its MSDP peers.
The RP for a domain receives the SA message from an MSDP peer. If the RP has any join requests for the
group the SA message describes and if the (*,G) entry exists with a nonempty outgoing interface list, the
domain is interested in the group, and the RP triggers an (S,G) join toward the source. After the (S,G) join
reaches the source’s DR, a branch of the source tree has been built from the source to the RP in the remote
domain. Multicast traffic can now flow from the source across the source tree to the RP and then down the
shared tree in the remote domain to the receiver.
Configuring MSDP
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
26
Page 37
Configuring MSDP
MSDP Overview
This figure shows MSDP operating between two MSDP peers. PIM uses MSDP as the standard mechanism
to register a source with the RP of a domain. When MSDP is configured, this sequence occurs.
Figure 1: MSDP Running Between RP Peers
By default, the switch does not cache source or group pairs from received SA messages. When the switch
forwards the MSDP SA information, it does not store it in memory. Therefore, if a member joins a group soon
after an SA message is received by the local RP, that member needs to wait until the next SA message to hear
about the source. This delay is known as join latency.
Local RPs can send SA requests and get immediate responses for all active sources for a given group. By
default, the switch does not send any SA request messages to its MSDP peers when a new member joins a
group and wants to receive multicast traffic. The new member waits to receive the next periodic SA message.
If you want a new member of a group to learn the active multicast sources in a connected PIM sparse-mode
domain that are sending to a group, configure the switch to send SA request messages to the specified MSDP
peer when a new member joins a group.
MSDP Benefits
MSDP has these benefits:
It breaks up the shared multicast distribution tree. You can make the shared tree local to your domain.
•
Your local members join the local tree, and join messages for the shared tree never need to leave your
domain.
PIM sparse-mode domains can rely only on their own RPs, decreasing reliance on RPs in another domain.
•
This increases security because you can prevent your sources from being known outside your domain.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
27
Page 38
How to Configure MSDP
Domains with only receivers can receive data without globally advertising group membership.
•
Global source multicast routing table state is not required, saving memory.
•
How to Configure MSDP
Default MSDP Configuration
MSDP is not enabled, and no default MSDP peer exists.
Configuring a Default MSDP Peer
Before You Begin
Configure an MSDP peer.
Configuring MSDP
Procedure
Step 1
Step 2
Step 3
enable
Example:
Device> enable
Example:
Device# configure terminal
ip msdp default-peer ip-address |
name [prefix-list list]
Example:
Router(config)# ip msdp
default-peer 10.1.1.1
prefix-list site-a
PurposeCommand or Action
Enables privileged EXEC mode. Enter your password if
prompted.
Enters the global configuration mode.configure terminal
Defines a default peer from which to accept all MSDP SA
messages.
For ip-address | name, enter the IP address or Domain
•
Name System (DNS) server name of the MSDP default
peer.
(Optional) For prefix-list list, enter the list name that
•
specifies the peer to be the default peer only for the
listed prefixes. You can have multiple active default
peers when you have a prefix list associated with each.
When you enter multiple ip msdp default-peer
commands with the prefix-list keyword, you use all the
default peers at the same time for different RP prefixes.
This syntax is typically used in a service provider cloud
that connects stub site clouds.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
28
Page 39
Configuring MSDP
Configuring a Default MSDP Peer
PurposeCommand or Action
When you enter multiple ip msdp default-peer
commands without the prefix-list keyword, a single
active peer accepts all SA messages. If that peer fails,
the next configured default peer accepts all SA
messages. This syntax is typically used at a stub site.
Step 4
Step 5
Step 6
ip prefix-list name [description
string] | seq number {permit |
deny} network length
Example:
Router(config)# prefix-list
site-a seq 3 permit 12 network
length 128
ip msdp description {peer-name |
peer-address} text
Example:
Router(config)# ip msdp
description peer-name site-b
(Optional) Creates a prefix list using the name specified in
Step 2.
(Optional) For description string, enter a description
•
of up to 80 characters to describe this prefix list.
For seq number, enter the sequence number of the entry.
•
The range is 1 to 4294967294.
The deny keyword denies access to matching conditions.
•
The permit keyword permits access to matching
•
conditions.
For network length, specify the network number and
•
length (in bits) of the network mask that is permitted or
denied.
(Optional) Configures a description for the specified peer to
make it easier to identify in a configuration or in show
command output.
By default, no description is associated with an MSDP peer.
Returns to privileged EXEC mode.end
Step 7
Step 8
Example:
Device(config)# end
Verifies your entries.show running-config
Example:
Device# show running-config
(Optional) Saves your entries in the configuration file.copy running-config
startup-config
Example:
Device# copy running-config
startup-config
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
29
Page 40
Caching Source-Active State
Caching Source-Active State
If you want to sacrifice some memory in exchange for reducing the latency of the source information, you
can configure the Device to cache SA messages. Perform the following steps to enable the caching of
source/group pairs:
Follow these steps to enable the caching of source/group pairs:
Procedure
Configuring MSDP
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
enable
Example:
Device> enable
Example:
Device# configure terminal
ip msdp cache-sa-state [list
access-list-number]
Example:
Device(config)# ip msdp
cache-sa-state 100
access-list access-list-number {deny
| permit} protocol source
source-wildcard destination
destination-wildcard
Enables privileged EXEC mode. Enter your password if
prompted.
Enters the global configuration mode.configure terminal
Enables the caching of source/group pairs (create an SA state).
Those pairs that pass the access list are cached.
For list access-list-number, the range is 100 to 199.
Note
An alternative to this command is the ip msdp
sa-reques global configuration command, which
causes the Device to send an SA request message to
the MSDP peer when a new member for a group
becomes active.
Creates an IP extended access list, repeating the command as
many times as necessary.
For access-list-number, the range is 100 to 199. Enter
•
the same number created in Step 2.
The deny keyword denies access if the conditions are
Example:
Device(config)# access-list
100 permit ip 171.69.0.0
0.0.255.255 224.2.0.0
0.0.255.255
•
matched. The permit keyword permits access if the
conditions are matched.
For protocol, enter ip as the protocol name.
•
For source, enter the number of the network or host
•
from which the packet is being sent.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
30
Page 41
Configuring MSDP
Requesting Source Information from an MSDP Peer
PurposeCommand or Action
For source-wildcard, enter the wildcard bits in dotted
•
decimal notation to be applied to the source. Place ones
in the bit positions that you want to ignore.
For destination, enter the number of the network or host
•
to which the packet is being sent.
For destination-wildcard, enter the wildcard bits in
•
dotted decimal notation to be applied to the destination.
Place ones in the bit positions that you want to ignore.
Recall that the access list is always terminated by an implicit
deny statement for everything.
Step 5
Example:
Device(config)# end
Step 6
Example:
Device# show running-config
Step 7
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
(Optional) Saves your entries in the configuration file.copy running-config
startup-config
Example:
Device# copy running-config
startup-config
Requesting Source Information from an MSDP Peer
If you want a new member of a group to learn the active multicast sources in a connected PIM sparse-mode
domain that are sending to a group, perform this task for the Device to send SA request messages to the
specified MSDP peer when a new member joins a group. The peer replies with the information in its SA
cache. If the peer does not have a cache configured, this command has no result. Configuring this feature
reduces join latency but sacrifices memory.
Follow these steps to configure the Device to send SA request messages to the MSDP peer when a new member
joins a group and wants to receive multicast traffic:
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
31
Page 42
Controlling Source Information that Your Switch Originates
Procedure
Configuring MSDP
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
enable
Example:
Device> enable
Example:
Device# configure terminal
ip msdp sa-request {ip-address | name}
Example:
Device(config)# ip msdp sa-request
171.69.1.1
Example:
Enables privileged EXEC mode. Enter your password
if prompted.
Enters the global configuration mode.configure terminal
Configure the Device to send SA request messages
to the specified MSDP peer.
For ip-address | name, enter the IP address or name
of the MSDP peer from which the local Device
requests SA messages when a new member for a
group becomes active.
Repeat the command for each MSDP peer that you
want to supply with SA messages.
Returns to privileged EXEC mode.end
Device(config)# end
Step 5
Step 6
Example:
Device# show running-config
copy running-config startup-config
Verifies your entries.show running-config
(Optional) Saves your entries in the configuration
file.
Example:
Device# copy running-config
startup-config
Controlling Source Information that Your Switch Originates
You can control the multicast source information that originates with your Device:
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
32
Page 43
Configuring MSDP
Sources you advertise (based on your sources)
•
Receivers of source information (based on knowing the requestor)
•
For more information, see the Redistributing Sources, on page 33 and the Filtering Source-Active Request
Messages, on page 35.
Redistributing Sources
SA messages originate on RPs to which sources have registered. By default, any source that registers with an
RP is advertised. The A flag is set in the RP when a source is registered, which means the source is advertised
in an SA unless it is filtered.
Follow these steps to further restrict which registered sources are advertised:
Procedure
Controlling Source Information that Your Switch Originates
PurposeCommand or Action
Step 1
Step 2
Step 3
enable
Example:
Device> enable
Example:
Device# configure terminal
ip msdp redistribute [list
access-list-name] [asn
aspath-access-list-number]
[route-map map]
Example:
Device(config)# ip msdp
redistribute list 21
Enables privileged EXEC mode. Enter your password if
prompted.
Enters the global configuration mode.configure terminal
Configures which (S,G) entries from the multicast routing table
are advertised in SA messages.
By default, only sources within the local domain are advertised.
• (Optional) list access-list-name— Enters the name or
number of an IP standard or extended access list. The
range is 1 to 99 for standard access lists and 100 to 199
for extended lists. The access list controls which local
sources are advertised and to which groups they send.
• (Optional) asn aspath-access-list-number—Enters the IP
standard or extended access list number in the range 1 to
199. This access list number must also be configured in
the ip as-path access-list command.
• (Optional) route-map map—Enters the IP standard or
extended access list number in the range 1 to 199. This
access list number must also be configured in the ip
as-path access-list command.
The Device advertises (S,G) pairs according to the access list
or autonomous system path access list.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
33
Page 44
Controlling Source Information that Your Switch Originates
Configuring MSDP
PurposeCommand or Action
Step 4
Use one of the following:
access-listaccess-list-number
•
{deny| permit}
source
[source-wildcard]
access-listaccess-list-number
•
{deny| permit}
protocol source
source-wildcard destination
destination-wildcard
Example:
Device(config)# access list 21
permit 194.1.22.0
or
Device(config)# access list 21
permit ip 194.1.22.0 1.1.1.1
194.3.44.0 1.1.1.1
Creates an IP standard access list, repeating the command as
many times as necessary.
or
Creates an IP extended access list, repeating the command as
many times as necessary.
• access-list-number—Enters the same number created in
Step 2. The range is 1 to 99 for standard access lists
and 100 to 199 for extended lists.
• deny—Denies access if the conditions are matched. The
permit keyword permits access if the conditions are
matched.
• protocol—Enters ip as the protocol name.
• source—Enters the number of the network or host from
which the packet is being sent.
• source-wildcard—Enters the wildcard bits in dotted
decimal notation to be applied to the source. Place ones
in the bit positions that you want to ignore.
• destination—Enters the number of the network or host to
which the packet is being sent.
• destination-wildcard—Enters the wildcard bits in dotted
decimal notation to be applied to the destination. Place
ones in the bit positions that you want to ignore.
Step 5
Step 6
Step 7
Recall that the access list is always terminated by an implicit
deny statement for everything.
Returns to privileged EXEC mode.end
Example:
Device(config)# end
Verifies your entries.show running-config
Example:
Device# show running-config
(Optional) Saves your entries in the configuration file.copy running-config
startup-config
Example:
Device# copy running-config
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
34
Page 45
Configuring MSDP
startup-config
Filtering Source-Active Request Messages
By default, only Device that are caching SA information can respond to SA requests. By default, such a Device
honors all SA request messages from its MSDP peers and supplies the IP addresses of the active sources.
However, you can configure the Device to ignore all SA requests from an MSDP peer. You can also honor
only those SA request messages from a peer for groups described by a standard access list. If the groups in
the access list pass, SA request messages are accepted. All other such messages from the peer for other groups
are ignored.
To return to the default setting, use the no ip msdp filter-sa-request {ip-address| name} global configuration
command.
Follow these steps to configure one of these options:
Controlling Source Information that Your Switch Originates
PurposeCommand or Action
Procedure
Step 1
Step 2
Step 3
enable
Example:
Device> enable
Example:
Device# configure terminal
Use one of the following:
ip msdp filter-sa-request
•
{ip-address| name}
ip msdp filter-sa-request
•
{ip-address| name}
list access-list-number
PurposeCommand or Action
Enables privileged EXEC mode. Enter your password
if prompted.
Enters the global configuration mode.configure terminal
Filters all SA request messages from the specified MSDP
peer.
or
Filters SA request messages from the specified MSDP
peer for groups that pass the standard access list. The
access list describes a multicast group address. The range
for the access-list-number is 1 to 99.
Example:
Device(config)# ip msdp filter
sa-request 171.69.2.2
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
35
Page 46
Controlling Source Information that Your Switch Forwards
Configuring MSDP
PurposeCommand or Action
Step 4
Step 5
Step 6
access-list access-list-number {deny |
permit} source [source-wildcard]
Example:
Device(config)# access-list 1
permit 192.4.22.0 0.0.0.255
Example:
Device(config)# end
Creates an IP standard access list, repeating the
command as many times as necessary.
For access-list-number, the range is 1 to 99.
•
The deny keyword denies access if the conditions
•
are matched. The permit keyword permits access
if the conditions are matched.
For source, enter the number of the network or
•
host from which the packet is being sent.
(Optional) For source-wildcard, enter the wildcard
•
bits in dotted decimal notation to be applied to the
source. Place ones in the bit positions that you want
to ignore.
Recall that the access list is always terminated by an
implicit deny statement for everything.
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
Example:
Device# show running-config
Step 7
Example:
Device# copy running-config
startup-config
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Controlling Source Information that Your Switch Forwards
By default, the Device forwards all SA messages it receives to all its MSDP peers. However, you can prevent
outgoing messages from being forwarded to a peer by using a filter or by setting a time-to-live (TTL) value.
Using a Filter
By creating a filter, you can perform one of these actions:
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
36
Page 47
Configuring MSDP
Controlling Source Information that Your Switch Forwards
Filter all source/group pairs
•
Specify an IP extended access list to pass only certain source/group pairs
•
Filter based on match criteria in a route map
•
Follow these steps to apply a filter:
Procedure
PurposeCommand or Action
Step 1
Step 2
Step 3
enable
Example:
Device> enable
Example:
Device# configure terminal
Use one of the following:
ip msdp sa-filter out
•
{ip-address | name}
ip msdp sa-filter out
•
{ip-address | name}
list access-list-number
ip msdp sa-filter out
•
{ip-address | name}
route-map map-tag
Enables privileged EXEC mode. Enter your password if
prompted.
Enters the global configuration mode.configure terminal
Filters all SA messages to the specified MSDP peer.
•
Passes only those SA messages that pass the IP
•
extended access list to the specified peer. The range
for the extended access-list-number is 100 to 199.
If both the list and the route-map keywords are used,
all conditions must be true to pass any (S,G) pair in
outgoing SA messages.
Passes only those SA messages that meet the match
•
criteria in the route map map-tag to the specified
MSDP peer.
If all match criteria are true, a permit from the route
map passes routes through the filter. A deny filters
routes.
Example:
Device(config)# ip msdp sa-filter
out switch.cisco.com
or
Device(config)# ip msdp sa-filter
out list 100
or
Device(config)# ip msdp sa-filter
out switch.cisco.com route-map
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
37
Page 48
Controlling Source Information that Your Switch Forwards
22
Configuring MSDP
PurposeCommand or Action
Step 4
access-list access-list-number {deny |
permit} protocol source
source-wildcard destination
destination-wildcard
Example:
Device(config)# access list 100
permit ip 194.1.22.0 1.1.1.1
194.3.44.0 1.1.1.1
(Optional) Creates an IP extended access list, repeating the
command as many times as necessary.
For access-list-number, enter the number specified
•
in Step 2.
The deny keyword denies access if the conditions
•
are matched. The permit keyword permits access if
the conditions are matched.
For protocol, enter ip as the protocol name.
•
For source, enter the number of the network or host
•
from which the packet is being sent.
For source-wildcard, enter the wildcard bits in dotted
•
decimal notation to be applied to the source. Place
ones in the bit positions that you want to ignore.
For destination, enter the number of the network or
•
host to which the packet is being sent.
For destination-wildcard, enter the wildcard bits in
•
dotted decimal notation to be applied to the
destination. Place ones in the bit positions that you
want to ignore.
Recall that the access list is always terminated by an
implicit deny statement for everything.
Step 5
Step 6
Step 7
Returns to privileged EXEC mode.end
Example:
Device(config)# end
Verifies your entries.show running-config
Example:
Device# show running-config
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Example:
Device# copy running-config
startup-config
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
38
Page 49
Configuring MSDP
Controlling Source Information that Your Switch Forwards
Using TTL to Limit the Multicast Data Sent in SA Messages
You can use a TTL value to control what data is encapsulated in the first SA message for every source. Only
multicast packets with an IP-header TTL greater than or equal to the ttl argument are sent to the specified
MSDP peer. For example, you can limit internal traffic to a TTL of 8. If you want other groups to go to external
locations, you must send those packets with a TTL greater than 8.
Follow these steps to establish a TTL threshold:
Procedure
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
enable
Example:
Device> enable
Example:
Device# configure terminal
ip msdp ttl-threshold {ip-address |
name} ttl
Example:
Device(config)# ip msdp
ttl-threshold switch.cisco.com 0
Enables privileged EXEC mode. Enter your password
if prompted.
Enters the global configuration mode.configure terminal
Limits which multicast data is encapsulated in the
first SA message to the specified MSDP peer.
For ip-address | name, enter the IP address or
•
name of the MSDP peer to which the TTL
limitation applies.
For ttl, enter the TTL value. The default is 0,
•
which means all multicast data packets are
forwarded to the peer until the TTL is
exhausted. The range is 0 to 255.
Returns to privileged EXEC mode.end
Step 5
Example:
Device(config)# end
Verifies your entries.show running-config
Example:
Device# show running-config
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
39
Page 50
Controlling Source Information that Your Switch Receives
Configuring MSDP
PurposeCommand or Action
Step 6
copy running-config startup-config
(Optional) Saves your entries in the configuration
file.
Example:
Device# copy running-config
startup-config
Controlling Source Information that Your Switch Receives
By default, the Device receives all SA messages that its MSDP RPF peers send to it. However, you can control
the source information that you receive from MSDP peers by filtering incoming SA messages. In other words,
you can configure the Device to not accept them.
You can perform one of these actions:
Filter all incoming SA messages from an MSDP peer
•
Specify an IP extended access list to pass certain source/group pairs
•
Filter based on match criteria in a route map
•
Follow these steps to apply a filter:
Procedure
Step 1
Step 2
Step 3
enable
Example:
Device> enable
Example:
Device# configure terminal
Use one of the following:
ip msdp sa-filter in
•
{ip-address | name}
ip msdp sa-filter in
•
PurposeCommand or Action
Enables privileged EXEC mode. Enter your password if
prompted.
Enters the global configuration mode.configure terminal
Filters all SA messages to the specified MSDP peer.
•
Passes only those SA messages from the specified
•
peer that pass the IP extended access list. The range
for the extended access-list-number is 100 to 199.
If both the list and the route-map keywords are used,
all conditions must be true to pass any (S,G) pair in
outgoing SA messages.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
40
Page 51
Configuring MSDP
{ip-address | name}
list access-list-number
ip msdp sa-filter in
•
{ip-address | name}
route-map map-tag
Example:
Device(config)# ip msdp sa-filter
in switch.cisco.com
or
Device(config)# ip msdp sa-filter
in list 100
Controlling Source Information that Your Switch Receives
PurposeCommand or Action
Passes only those SA messages from the specified
•
MSDP peer that meet the match criteria in the route
map map-tag.
If all match criteria are true, a permit from the route
map passes routes through the filter. A deny filters
routes.
Step 4
or
Device(config)# ip msdp sa-filter
in switch.cisco.com route-map 22
access-list access-list-number {deny |
permit} protocol source
source-wildcard destination
destination-wildcard
Example:
Device(config)# access list 100
permit ip 194.1.22.0 1.1.1.1
194.3.44.0 1.1.1.1
(Optional) Creates an IP extended access list, repeating the
command as many times as necessary.
access-list-number, enter the number specified in
•
Step 2.
The deny keyword denies access if the conditions
•
are matched. The permit keyword permits access if
the conditions are matched.
For protocol, enter ip as the protocol name.
•
For source, enter the number of the network or host
•
from which the packet is being sent.
For source-wildcard, enter the wildcard bits in dotted
•
decimal notation to be applied to the source. Place
ones in the bit positions that you want to ignore.
For destination, enter the number of the network or
•
host to which the packet is being sent.
For destination-wildcard, enter the wildcard bits in
•
dotted decimal notation to be applied to the
destination. Place ones in the bit positions that you
want to ignore.
Recall that the access list is always terminated by an
implicit deny statement for everything.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
41
Page 52
Configuring an MSDP Mesh Group
Configuring MSDP
PurposeCommand or Action
Step 5
Example:
Device(config)# end
Step 6
Example:
Device# show running-config
Step 7
Example:
Device# copy running-config
startup-config
Configuring an MSDP Mesh Group
An MSDP mesh group is a group of MSDP speakers that have fully meshed MSDP connectivity among one
another. Any SA messages received from a peer in a mesh group are not forwarded to other peers in the same
mesh group. Thus, you reduce SA message flooding and simplify peer-RPF flooding. Use the ip msdp
mesh-group global configuration command when there are multiple RPs within a domain. It is especially
used to send SA messages across a domain. You can configure multiple mesh groups (with different names)
in a single Device.
Follow these steps to create a mesh group:
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Procedure
PurposeCommand or Action
Step 1
enable
Enables privileged EXEC mode. Enter your password
if prompted.
Example:
Device> enable
Step 2
Example:
Device# configure terminal
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
42
Enters the global configuration mode.configure terminal
Page 53
Configuring MSDP
Shutting Down an MSDP Peer
PurposeCommand or Action
Step 3
Step 4
Step 5
ip msdp mesh-group name {ip-address
| name}
Example:
Device(config)# ip msdp mesh-group
2 switch.cisco.com
Example:
Device(config)# end
Example:
Device# show running-config
Configures an MSDP mesh group, and specifies the
MSDP peer belonging to that mesh group.
By default, the MSDP peers do not belong to a mesh
group.
For name, enter the name of the mesh group.
•
For ip-address | name, enter the IP address or
•
name of the MSDP peer to be a member of the
mesh group.
Repeat this procedure on each MSDP peer in the
group.
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
Step 6
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Shutting Down an MSDP Peer
If you want to configure many MSDP commands for the same peer and you do not want the peer to become
active, you can shut down the peer, configure it, and later bring it up. When a peer is shut down, the TCP
connection is terminated and is not restarted. You can also shut down an MSDP session without losing
configuration information for the peer.
Follow these steps to shut down a peer:
(Optional) Saves your entries in the configuration
file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
43
Page 54
Including a Bordering PIM Dense-Mode Region in MSDP
Procedure
Configuring MSDP
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
enable
Example:
Device> enable
Example:
Device# configure terminal
ip msdp shutdown {peer-name | peer
address}
Example:
Device(config)# ip msdp shutdown
switch.cisco.com
Example:
Device(config)# end
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Shuts down the specified MSDP peer without
losing configuration information.
For peer-name | peer address, enter the IP
address or name of the MSDP peer to shut
down.
Returns to privileged EXEC mode.end
Step 5
Step 6
Example:
Device# show running-config
copy running-config startup-config
Verifies your entries.show running-config
(Optional) Saves your entries in the
configuration file.
Example:
Device# copy running-config
startup-config
Including a Bordering PIM Dense-Mode Region in MSDP
You can configure MSDP on a Device that borders a PIM sparse-mode region with a dense-mode region. By
default, active sources in the dense-mode region do not participate in MSDP.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
44
Page 55
Configuring MSDP
Including a Bordering PIM Dense-Mode Region in MSDP
Note
We do not recommend using the ip msdp border sa-address global configuration command. It is better
to configure the border router in the sparse-mode domain to proxy-register sources in the dense-mode
domain to the RP of the sparse-mode domain and have the sparse-mode domain use standard MSDP
procedures to advertise these sources.
The ip msdp originator-id global configuration command also identifies an interface to be used as the RP
address. If both the ip msdp border sa-address and the ip msdp originator-id global configuration commands
are configured, the address derived from the ip msdp originator-id command specifies the RP address.
Follow these steps to configure the border router to send SA messages for sources active in the dense-mode
region to the MSDP peers:
Procedure
PurposeCommand or Action
Step 1
enable
Enables privileged EXEC mode. Enter your password
if prompted.
Example:
Device> enable
Step 2
Example:
Enters the global configuration mode.configure terminal
Step 3
Step 4
Device# configure terminal
ip msdp border sa-address interface-id
Example:
Device(config)# ip msdp border
sa-address 0/1
ip msdp redistribute [list
access-list-name] [asn
aspath-access-list-number] [route-map
map]
Example:
Device(config)# ip msdp redistribute
list 100
Configures the switch on the border between a
dense-mode and sparse-mode region to send SA
messages about active sources in the dense-mode
region.
For interface-id, specifies the interface from which
the IP address is derived and used as the RP address
in SA messages.
The IP address of the interface is used as the
Originator-ID, which is the RP field in the SA
message.
Configures which (S,G) entries from the multicast
routing table are advertised in SA messages.
For more information, see the Redistributing
Sources, on page 33.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
45
Page 56
Configuring an Originating Address other than the RP Address
Configuring MSDP
PurposeCommand or Action
Step 5
Step 6
Step 7
Example:
Device(config)# end
Example:
Device# show running-config
copy running-config startup-config
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
(Optional) Saves your entries in the configuration
file.
Example:
Device# copy running-config
startup-config
Configuring an Originating Address other than the RP Address
You can allow an MSDP speaker that originates an SA message to use the IP address of the interface as the
RP address in the SA message by changing the Originator ID. You might change the Originator ID in one of
these cases:
If you configure a logical RP on multiple Device in an MSDP mesh group.
•
If you have a Device that borders a PIM sparse-mode domain and a dense-mode domain. If a Device
•
borders a dense-mode domain for a site, and sparse-mode is being used externally, you might want
dense-mode sources to be known to the outside world. Because this Device is not an RP, it would not
have an RP address to use in an SA message. Therefore, this command provides the RP address by
specifying the address of the interface.
If both the ip msdp border sa-address and the ip msdp originator-id global configuration commands are
configured, the address derived from the ip msdp originator-id command specifies the address of the RP.
Follow these steps to allow an MSDP speaker that originates an SA message to use the IP address on the
interface as the RP address in the SA message:
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
46
Page 57
Configuring MSDP
Monitoring and Maintaining MSDP
Procedure
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
ip msdp originator-id interface-id
Example:
Device(config)# ip msdp originator-id
0/1
Example:
Device(config)# end
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Configures the RP address in SA messages to
be the address of the originating device
interface.
For interface-id, specify the interface on the
local Device.
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
Example:
Device# show running-config
Step 6
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Monitoring and Maintaining MSDP
Commands that monitor MSDP SA messages, peers, state, and peer status:
(Optional) Saves your entries in the
configuration file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
47
Page 58
Configuration Examples for Configuring MSDP
Table 2: Commands for Monitoring and Maintaining MSDP
Configuring MSDP
PurposeCommand
debug ip msdp [peer-address | name] [detail]
[routes]
show ip msdp count [autonomous-system-number]
show ip msdp peer [peer-address | name]
show ip msdp sa-cache [group-address |
source-address | group-name | source-name]
[autonomous-system-number]
Commands that clear MSDP connections, statistics, and SA cache entries:
Table 3: Commands for Clearing MSDP Connections, Statistics, or SA Cache Entries
Debugs an MSDP activity.
Debugs MSDP peer reset reasons.debug ip msdp resets
Displays the number of sources and groups originated
in SA messages from each autonomous system. The
ip msdp cache-sa-state command must be configured
for this command to produce any output.
Displays detailed information about an MSDP peer.
Displays (S,G) state learned from MSDP peers.
Displays MSDP peer status and SA message counts.show ip msdp summary
PurposeCommand
clear ip msdp peer peer-address | name
clear ip msdp statistics [peer-address | name]
clear ip msdp sa-cache [group-address | name]
Clears the TCP connection to the specified MSDP
peer, resetting all MSDP message counters.
Clears statistics counters for one or all the MSDP
peers without resetting the sessions.
Clears the SA cache entries for all entries, all sources
for a specific group, or all entries for a specific
source/group pair.
Configuration Examples for Configuring MSDP
Configuring a Default MSDP Peer: Example
This example shows a partial configuration of Router A and Router C in . Each of these ISPs have more than
one customer (like the customer in ) who use default peering (no BGP or MBGP). In that case, they might
have similar configurations. That is, they accept SAs only from a default peer if the SA is permitted by the
corresponding prefix list.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
48
Page 59
Configuring MSDP
Router A
Router(config)# ip msdp default-peer 10.1.1.1
Router(config)# ip msdp default-peer 10.1.1.1 prefix-list site-a
Router(config)# ip prefix-list site-b permit 10.0.0.0/1
Router C
Router(config)# ip msdp default-peer 10.1.1.1 prefix-list site-a
Router(config)# ip prefix-list site-b permit 10.0.0.0/1
Caching Source-Active State: Example
This example shows how to enable the cache state for all sources in 171.69.0.0/16 sending to
groups 224.2.0.0/16:
Device(config)# ip msdp cache-sa-state 100
Device(config)# access-list 100 permit ip 171.69.0.0 0.0.255.255 224.2.0.0 0.0.255.255
Caching Source-Active State: Example
Requesting Source Information from an MSDP Peer: Example
This example shows how to configure the switch to send SA request messages to the MSDP peer at 171.69.1.1:
Device(config)# ip msdp sa-request 171.69.1.1
Controlling Source Information that Your Switch Originates: Example
This example shows how to configure the switch to filter SA request messages from the MSDP peer
at 171.69.2.2. SA request messages from sources on network 192.4.22.0 pass access list 1 and are accepted;
all others are ignored.
Device(config)# ip msdp filter sa-request 171.69.2.2 list 1
Device(config)# access-list 1 permit 192.4.22.0 0.0.0.255
Controlling Source Information that Your Switch Forwards: Example
This example shows how to allow only (S,G) pairs that pass access list 100 to be forwarded in an SA message
to the peer named switch.cisco.com:
Device(config)# ip msdp peer switch.cisco.com connect-source gigabitethernet1/0/1
Device(config)# ip msdp sa-filter out switch.cisco.com list 100
Device(config)# access-list 100 permit ip 171.69.0.0 0.0.255.255 224.20 0 0.0.255.255
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
49
Page 60
Configuring MSDP
Controlling Source Information that Your Switch Receives: Example
Controlling Source Information that Your Switch Receives: Example
This example shows how to filter all SA messages from the peer named switch.cisco.com:
Device(config)# ip msdp peer switch.cisco.com connect-source gigabitethernet1/0/1
Device(config)# ip msdp sa-filter in switch.cisco.com
Feature Information for Multicast Source Discovery Protocol
Table 4: Feature Information for Multicast Source Discovery Protocol
Feature InformationReleaseFeature Name
This feature was introducedCisco IOS XE Everest 16.5.1aMulticast Source Discovery
Protocol
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
50
Page 61
CHAPTER 3
Configuring IP Unicast Routing
Information About Configuring IP Unicast Routing, page 52
•
Information About IP Routing, page 52
•
How to Configure IP Routing, page 57
•
How to Configure IP Addressing, page 58
•
Monitoring and Maintaining IP Addressing, page 77
•
How to Configure IP Unicast Routing, page 78
•
Information About RIP, page 80
•
How to Configure RIP, page 81
•
Configuration Example for Summary Addresses and Split Horizon, page 88
•
Information About OSPF, page 89
•
How to Configure OSPF, page 92
•
Monitoring OSPF, page 103
•
Configuration Examples for OSPF, page 104
•
Information About EIGRP, page 104
•
How to Configure EIGRP, page 107
•
Monitoring and Maintaining EIGRP, page 115
•
Information About BGP, page 115
•
How to Configure BGP, page 122
•
Monitoring and Maintaining BGP, page 145
•
IS-IS Routing, page 147
•
How to Configure IS-IS Routing, page 149
•
Monitoring and Maintaining IS-IS, page 158
•
Information About Multi-VRF CE, page 158
•
How to Configure Multi-VRF CE, page 161
•
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
51
Page 62
Information About Configuring IP Unicast Routing
Configuration Examples for Multi-VRF CE, page 176
•
Configuring Unicast Reverse Path Forwarding, page 179
•
Protocol-Independent Features, page 179
•
Monitoring and Maintaining the IP Network, page 203
•
Feature Information for IP Unicast Routing, page 203
•
Information About Configuring IP Unicast Routing
This module describes how to configure IP Version 4 (IPv4) unicast routing on the switch.
A switch stack operates and appears as a single router to the rest of the routers in the network. Basic routing
functions like static routing and the Routing Information Protocol (RIP), are available with both the Network
Essentials license and the Network Advantage license. To use advanced routing features and other routing
protocols, you must have the Network Advantage license enabled on the standalone switch or on the active
switch.
Configuring IP Unicast Routing
Note
In addition to IPv4 traffic, you can also enable IP Version 6 (IPv6) unicast routing and configure interfaces
to forward IPv6 traffic if the switch or switch stack is running the Network Essentials or Network Advantage
license.
Information About IP Routing
In some network environments, VLANs are associated with individual networks or subnetworks. In an IP
network, each subnetwork is mapped to an individual VLAN. Configuring VLANs helps control the size of
the broadcast domain and keeps local traffic local. However, network devices in different VLANs cannot
communicate with one another without a Layer 3 device (router) to route traffic between the VLAN, referred
to as inter-VLAN routing. You configure one or more routers to route traffic to the appropriate destination
VLAN.
This figure shows a basic routing topology. Switch A is in VLAN 10, and Switch B is in VLAN 20. The router
has an interface in each VLAN.
Figure 2: Routing Topology Example
When Host A in VLAN 10 needs to communicate with Host B in VLAN 10, it sends a packet addressed to
that host. Switch A forwards the packet directly to Host B, without sending it to the router.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
52
Page 63
Configuring IP Unicast Routing
When Host A sends a packet to Host C in VLAN 20, Switch A forwards the packet to the router, which
receives the traffic on the VLAN 10 interface. The router checks the routing table, finds the correct outgoing
interface, and forwards the packet on the VLAN 20 interface to Switch B. Switch B receives the packet and
forwards it to Host C.
Types of Routing
Routers and Layer 3 switches can route packets in these ways:
Default routing refers to sending traffic with a destination unknown to the router to a default outlet
or destination.
Static unicast routing forwards packets from predetermined ports through a single path into and out of a
network. Static routing is secure and uses little bandwidth, but does not automatically respond to changes in
the network, such as link failures, and therefore, might result in unreachable destinations. As networks grow,
static routing becomes a labor-intensive liability.
Dynamic routing protocols are used by routers to dynamically calculate the best route for forwarding traffic.
There are two types of dynamic routing protocols:
By using default routing
•
By using preprogrammed static routes for the traffic
•
By dynamically calculating routes by using a routing protocol
•
Types of Routing
•
•
Distance-vector protocols supported by the switch are Routing Information Protocol (RIP), which uses a single
distance metric (cost) to determine the best path and Border Gateway Protocol (BGP), which adds a path
vector mechanism. The switch also supports the Open Shortest Path First (OSPF) link-state protocol and
Enhanced IGRP (EIGRP), which adds some link-state routing features to traditional Interior Gateway Routing
Protocol (IGRP) to improve efficiency.
Classless Routing
By default, classless routing behavior is enabled on the Device when it is configured to route. With classless
routing, if a router receives packets for a subnet of a network with no default route, the router forwards the
packet to the best supernet route. A supernet consists of contiguous blocks of Class C address spaces used to
simulate a single, larger address space and is designed to relieve the pressure on the rapidly depleting Class
B address space.
Routers using distance-vector protocols maintain routing tables with distance values of networked
resources, and periodically pass these tables to their neighbors. Distance-vector protocols use one or a
series of metrics for calculating the best routes. These protocols are easy to configure and use.
Routers using link-state protocols maintain a complex database of network topology, based on the
exchange of link-state advertisements (LSAs) between routers. LSAs are triggered by an event in the
network, which speeds up the convergence time or time required to respond to these changes. Link-state
protocols respond quickly to topology changes, but require greater bandwidth and more resources than
distance-vector protocols.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
53
Page 64
Classless Routing
Configuring IP Unicast Routing
In the figure, classless routing is enabled. When the host sends a packet to 120.20.4.1, instead of discarding
the packet, the router forwards it to the best supernet route. If you disable classless routing and a router receives
packets destined for a subnet of a network with no network default route, the router discards the packet.
Figure 3: IP Classless Routing
In the figure , the router in network 128.20.0.0 is connected to subnets 128.20.1.0, 128.20.2.0, and 128.20.3.0.
If the host sends a packet to 120.20.4.1, because there is no network default route, the router discards the
packet.
Figure 4: No IP Classless Routing
To prevent the Device from forwarding packets destined for unrecognized subnets to the best supernet route
possible, you can disable classless routing behavior.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
54
Page 65
Configuring IP Unicast Routing
Address Resolution
You can control interface-specific handling of IP by using address resolution. A device using IP can have
both a local address or MAC address, which uniquely defines the device on its local segment or LAN, and a
network address, which identifies the network to which the device belongs.
The local address or MAC address is known as a data link address because it is contained in the data link
layer (Layer 2) section of the packet header and is read by data link (Layer 2) devices. To communicate with
a device on Ethernet, the software must learn the MAC address of the device. The process of learning the
MAC address from an IP address is called address resolution. The process of learning the IP address from
the MAC address is called reverse address resolution.
The Device can use these forms of address resolution:
Address Resolution Protocol (ARP) is used to associate IP address with MAC addresses. Taking an IP
•
address as input, ARP learns the associated MAC address and then stores the IP address/MAC address
association in an ARP cache for rapid retrieval. Then the IP datagram is encapsulated in a link-layer
frame and sent over the network. Encapsulation of IP datagrams and ARP requests or replies on IEEE
802 networks other than Ethernet is specified by the Subnetwork Access Protocol (SNAP).
Address Resolution
Proxy ARP
Proxy ARP helps hosts with no routing tables learn the MAC addresses of hosts on other networks or
•
subnets. If the Device (router) receives an ARP request for a host that is not on the same interface as the
ARP request sender, and if the router has all of its routes to the host through other interfaces, it generates
a proxy ARP packet giving its own local data link address. The host that sent the ARP request then sends
its packets to the router, which forwards them to the intended host.
The Device also uses the Reverse Address Resolution Protocol (RARP), which functions the same as ARP
does, except that the RARP packets request an IP address instead of a local MAC address. Using RARP
requires a RARP server on the same network segment as the router interface. Use the ip rarp-server address
interface configuration command to identify the server.
For more information on RARP, see the Cisco IOS Configuration Fundamentals Configuration Guide
Proxy ARP, the most common method for learning about other routes, enables an Ethernet host with no routing
information to communicate with hosts on other networks or subnets. The host assumes that all hosts are on
the same local Ethernet and that they can use ARP to learn their MAC addresses. If a Device receives an ARP
request for a host that is not on the same network as the sender, the Device evaluates whether it has the best
route to that host. If it does, it sends an ARP reply packet with its own Ethernet MAC address, and the host
that sent the request sends the packet to the Device, which forwards it to the intended host. Proxy ARP treats
all networks as if they are local and performs ARP requests for every IP address.
ICMP Router Discovery Protocol
Router discovery allows the Device to dynamically learn about routes to other networks using ICMP router
discovery protocol (IRDP). IRDP allows hosts to locate routers. When operating as a client, the Device
generates router discovery packets. When operating as a host, the Device receives router discovery packets.
The Device can also listen to Routing Information Protocol (RIP) routing updates and use this information to
infer locations of routers. The Device does not actually store the routing tables sent by routing devices; it
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
55
Page 66
Broadcast Packet Handling
merely keeps track of which systems are sending the data. The advantage of using IRDP is that it allows each
router to specify both a priority and the time after which a device is assumed to be down if no further packets
are received.
Each device discovered becomes a candidate for the default router, and a new highest-priority router is selected
when a higher priority router is discovered, when the current default router is declared down, or when a TCP
connection is about to time out because of excessive retransmissions.
UDP Broadcast Packets and Protocols
User Datagram Protocol (UDP) is an IP host-to-host layer protocol, as is TCP. UDP provides a low-overhead,
connectionless session between two end systems and does not provide for acknowledgment of received
datagrams. Network hosts occasionally use UDP broadcasts to find address, configuration, and name
information. If such a host is on a network segment that does not include a server, UDP broadcasts are normally
not forwarded. You can remedy this situation by configuring an interface on a router to forward certain classes
of broadcasts to a helper address. You can use more than one helper address per interface.
You can specify a UDP destination port to control which UDP services are forwarded. You can specify multiple
UDP protocols. You can also specify the Network Disk (ND) protocol, which is used by older diskless Sun
workstations and the network security protocol SDNS.
By default, both UDP and ND forwarding are enabled if a helper address has been defined for an interface.
The description for the ip forward-protocol interface configuration command in the Cisco IOS IP Command
Reference, Volume 1 of 3: Addressing and Services lists the ports that are forwarded by default if you do not
specify any UDP ports.
Configuring IP Unicast Routing
Broadcast Packet Handling
After configuring an IP interface address, you can enable routing and configure one or more routing protocols,
or you can configure the way the Device responds to network broadcasts. A broadcast is a data packet destined
for all hosts on a physical network. The Device supports two kinds of broadcasting:
A directed broadcast packet is sent to a specific network or series of networks. A directed broadcast
•
address includes the network or subnet fields.
A flooded broadcast packet is sent to every network.
•
Note
Routers provide some protection from broadcast storms by limiting their extent to the local cable. Bridges
(including intelligent bridges), because they are Layer 2 devices, forward broadcasts to all network segments,
thus propagating broadcast storms. The best solution to the broadcast storm problem is to use a single broadcast
address scheme on a network. In most modern IP implementations, you can set the address to be used as the
broadcast address. Many implementations, including the one in the Device, support several addressing schemes
for forwarding broadcast messages.
You can also limit broadcast, unicast, and multicast traffic on Layer 2 interfaces by
using the storm-control interface configuration command to set traffic suppression
levels.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
56
Page 67
Configuring IP Unicast Routing
IP Broadcast Flooding
You can allow IP broadcasts to be flooded throughout your internetwork in a controlled fashion by using the
database created by the bridging STP. Using this feature also prevents loops. To support this capability,
bridging must be configured on each interface that is to participate in the flooding. If bridging is not configured
on an interface, it still can receive broadcasts. However, the interface never forwards broadcasts it receives,
and the router never uses that interface to send broadcasts received on a different interface.
Packets that are forwarded to a single network address using the IP helper-address mechanism can be flooded.
Only one copy of the packet is sent on each network segment.
To be considered for flooding, packets must meet these criteria. (Note that these are the same conditions used
to consider packet forwarding using IP helper addresses.)
The packet must be a MAC-level broadcast.
•
The packet must be an IP-level broadcast.
•
The packet must be a TFTP, DNS, Time, NetBIOS, ND, or BOOTP packet, or a UDP specified by the
•
ip forward-protocol udp global configuration command.
IP Broadcast Flooding
The time-to-live (TTL) value of the packet must be at least two.
•
A flooded UDP datagram is given the destination address specified with the ip broadcast-address interface
configuration command on the output interface. The destination address can be set to any address. Thus, the
destination address might change as the datagram propagates through the network. The source address is never
changed. The TTL value is decremented.
When a flooded UDP datagram is sent out an interface (and the destination address possibly changed), the
datagram is handed to the normal IP output routines and is, therefore, subject to access lists, if they are present
on the output interface.
In the Device, the majority of packets are forwarded in hardware; most packets do not go through the Device
CPU. For those packets that do go to the CPU, you can speed up spanning tree-based UDP flooding by a
factor of about four to five times by using turbo-flooding. This feature is supported over Ethernet interfaces
configured for ARP encapsulation.
How to Configure IP Routing
By default, IP routing is disabled on the Device, and you must enable it before routing can take place. For
detailed IP routing configuration information, see the Cisco IOS IP Configuration Guide.
In the following procedures, the specified interface must be one of these Layer 3 interfaces:
A routed port: a physical port configured as a Layer 3 port by using the no switchport interface
•
configuration command.
A switch virtual interface (SVI): a VLAN interface created by using the interface vlan vlan_id global
•
configuration command and by default a Layer 3 interface.
Note
On enabling ip routing, the VLAN configured as SVI will also learn broadcast ARP
requests which are not self destined.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
57
Page 68
How to Configure IP Addressing
An EtherChannel port channel in Layer 3 mode: a port-channel logical interface created by using the
•
interface port-channel port-channel-number global configuration command and binding the Ethernet
interface into the channel group. For more information, see the “Configuring Layer 3 EtherChannels”
chapter in the Layer 2 Configuration Guide.
All Layer 3 interfaces on which routing will occur must have IP addresses assigned to them.
Configuring IP Unicast Routing
The switch does not support tunnel interfaces for unicast routed traffic.Note
Note
A Layer 3 switch can have an IP address assigned to each routed port and SVI.
The number of routed ports and SVIs that you can configure is limited to 128, exceeding the recommended
number and volume of features being implemented might impact CPU utilization because of hardware
limitations.
Configuring routing consists of several main procedures:
To support VLAN interfaces, create and configure VLANs on the Device or switch stack, and assign
•
VLAN membership to Layer 2 interfaces. For more information, see the "Configuring VLANs” chapter
in the VLAN Configuration Guide.
Configure Layer 3 interfaces.
•
Enable IP routing on the switch.
•
Assign IP addresses to the Layer 3 interfaces.
•
Enable selected routing protocols on the switch.
•
Configure routing protocol parameters (optional).
•
How to Configure IP Addressing
A required task for configuring IP routing is to assign IP addresses to Layer 3 network interfaces to enable
the interfaces and allow communication with the hosts on those interfaces that use IP. The following sections
describe how to configure various IP addressing features. Assigning IP addresses to the interface is required;
the other procedures are optional.
Default Addressing Configuration
•
Assigning IP Addresses to Network Interfaces
•
Configuring Address Resolution Methods
•
Routing Assistance When IP Routing is Disabled
•
Configuring Broadcast Packet Handling
•
Monitoring and Maintaining IP Addressing
•
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
58
Page 69
Configuring IP Unicast Routing
Default IP Addressing Configuration
Table 5: Default Addressing Configuration
Default SettingFeature
None defined.IP address
Default IP Addressing Configuration
ARP
IP domain
IP forward-protocol
No permanent entries in the Address Resolution Protocol (ARP) cache.
Encapsulation: Standard Ethernet-style ARP.
Timeout: 14400 seconds (4 hours).
255.255.255.255 (all ones).IP broadcast address
Enabled.IP classless routing
Disabled.IP default gateway
Disabled (all IP directed broadcasts are dropped).IP directed broadcast
Domain list: No domain names defined.
Domain lookup: Enabled.
Domain name: Enabled.
If a helper address is defined or User Datagram Protocol (UDP) flooding is
configured, UDP forwarding is enabled on default ports.
Any-local-broadcast: Disabled.
Spanning Tree Protocol (STP): Disabled.
Turbo-flood: Disabled.
IRDP
Disabled.IP helper address
Disabled.IP host
Disabled.
Defaults when enabled:
Broadcast IRDP advertisements.
•
Maximum interval between advertisements: 600 seconds.
•
Minimum interval between advertisements: 0.75 times max interval
•
Preference: 0.
•
Enabled.IP proxy ARP
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
59
Page 70
Assigning IP Addresses to Network Interfaces
Default SettingFeature
Disabled.IP routing
Disabled.IP subnet-zero
Assigning IP Addresses to Network Interfaces
An IP address identifies a location to which IP packets can be sent. Some IP addresses are reserved for special
uses and cannot be used for host, subnet, or network addresses. RFC 1166, “Internet Numbers,” contains the
official description of IP addresses.
An interface can have one primary IP address. A mask identifies the bits that denote the network number in
an IP address. When you use the mask to subnet a network, the mask is referred to as a subnet mask. To
receive an assigned network number, contact your Internet service provider.
Configuring IP Unicast Routing
Procedure
Step 1
Step 2
Step 3
Step 4
enable
Example:
Device> enable
Example:
Device# configure terminal
interface interface-id
Example:
Device(config)# interface gigabitethernet
1/0/1
no switchport
Example:
PurposeCommand or Action
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Enters interface configuration mode, and
specifies the Layer 3 interface to configure.
Removes the interface from Layer 2
configuration mode (if it is a physical
interface).
Device(config-if)# no switchport
Step 5
ip address ip-address subnet-mask
Configures the IP address and IP subnet
mask.
Example:
Device(config-if)# ip address 10.1.5.1
255.255.255.0
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
60
Page 71
Configuring IP Unicast Routing
Assigning IP Addresses to Network Interfaces
PurposeCommand or Action
Step 6
Step 7
Step 8
Step 9
Step 10
Example:
Device(config-if)# no shutdown
Example:
Device(config)# end
Example:
Device# show ip route
show ip interface [interface-id]
Example:
Device# show ip interface gigabitethernet
1/0/1
Example:
Enables the physical interface.no shutdown
Returns to privileged EXEC mode.end
Verifies your entries.show ip route
Verifies your entries.
Verifies your entries.show running-config
Step 11
Using Subnet Zero
Subnetting with a subnet address of zero is strongly discouraged because of the problems that can arise if a
network and a subnet have the same addresses. For example, if network 131.108.0.0 is subnetted as
255.255.255.0, subnet zero would be written as 131.108.0.0, which is the same as the network address.
You can use the all ones subnet (131.108.255.0) and even though it is discouraged, you can enable the use of
subnet zero if you need the entire subnet space for your IP address.
Use the no ip subnet-zero global configuration command to restore the default and disable the use of subnet
zero.
Device# show running-config
copy running-config startup-config
Example:
Device# copy running-config
startup-config
(Optional) Saves your entries in the
configuration file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
61
Page 72
Assigning IP Addresses to Network Interfaces
Procedure
Configuring IP Unicast Routing
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
ip subnet-zero
Example:
Device(config)# ip subnet-zero
Example:
Device(config)# end
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Enables the use of subnet zero for interface
addresses and routing updates.
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
Example:
Device# show running-config
Step 6
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Disabling Classless Routing
To prevent the Device from forwarding packets destined for unrecognized subnets to the best supernet route
possible, you can disable classless routing behavior.
(Optional) Saves your entries in the
configuration file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
62
Page 73
Configuring IP Unicast Routing
Procedure
Configuring Address Resolution Methods
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
Example:
Device(config)#no ip classless
Example:
Device(config)# end
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Disables classless routing behavior.no ip classless
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
Example:
Device# show running-config
Step 6
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Configuring Address Resolution Methods
You can perform the following tasks to configure address resolution.
Defining a Static ARP Cache
ARP and other address resolution protocols provide dynamic mapping between IP addresses and MAC
addresses. Because most hosts support dynamic address resolution, you usually do not need to specify static
(Optional) Saves your entries in the
configuration file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
63
Page 74
Configuring Address Resolution Methods
ARP cache entries. If you must define a static ARP cache entry, you can do so globally, which installs a
permanent entry in the ARP cache that the Device uses to translate IP addresses into MAC addresses. Optionally,
you can also specify that the Device respond to ARP requests as if it were the owner of the specified IP address.
If you do not want the ARP entry to be permanent, you can specify a timeout period for the ARP entry.
Procedure
Configuring IP Unicast Routing
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
enable
Example:
Device> enable
Example:
Device# configure terminal
arp ip-address hardware-address type
Example:
Device(config)# ip 10.1.5.1
c2f3.220a.12f4 arpa
arp ip-address hardware-address type
[alias]
Example:
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Associates an IP address with a MAC (hardware)
address in the ARP cache, and specifies
encapsulation type as one of these:
• arpa—ARP encapsulation for Ethernet
interfaces
• snap—Subnetwork Address Protocol
encapsulation for Token Ring and FDDI
interfaces
• sap—HP’s ARP type
(Optional) Specifies that the switch respond to ARP
requests as if it were the owner of the specified IP
address.
Device(config)# ip 10.1.5.3
d7f3.220d.12f5 arpa alias
Step 5
interface interface-id
Enters interface configuration mode, and specifies
the interface to configure.
Example:
Device(config)# interface
gigabitethernet 1/0/1
Step 6
arp timeout seconds
(Optional) Sets the length of time an ARP cache
entry will stay in the cache. The default is 14400
Example:
seconds (4 hours). The range is 0 to 2147483
seconds.
Device(config-if)# arp 20000
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
64
Page 75
Configuring IP Unicast Routing
Configuring Address Resolution Methods
PurposeCommand or Action
Step 7
Step 8
Step 9
Step 10
Step 11
Example:
Device(config)# end
show interfaces [interface-id]
Example:
Device# show interfaces
gigabitethernet 1/0/1
Example:
Device# show arp
Example:
Device# show ip arp
copy running-config startup-config
Example:
Returns to privileged EXEC mode.end
Verifies the type of ARP and the timeout value used
on all interfaces or a specific interface.
Views the contents of the ARP cache.show arp
Views the contents of the ARP cache.show ip arp
(Optional) Saves your entries in the configuration
file.
Device# copy running-config
startup-config
Setting ARP Encapsulation
By default, Ethernet ARP encapsulation (represented by the arpa keyword) is enabled on an IP interface.
You can change the encapsulation methods to SNAP if required by your network.
To disable an encapsulation type, use the no arp arpa or no arp snap interface configuration command.
Procedure
Step 1
enable
Example:
Device> enable
PurposeCommand or Action
Enables privileged EXEC mode. Enter your
password if prompted.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
65
Page 76
Configuring Address Resolution Methods
Configuring IP Unicast Routing
PurposeCommand or Action
Step 2
Step 3
Step 4
Step 5
Step 6
Example:
Device# configure terminal
interface interface-id
Example:
Device(config)# interface
gigabitethernet 1/0/2
Example:
Device(config-if)# arp arpa
Example:
Device(config)# end
show interfaces [interface-id]
Example:
Enters the global configuration mode.configure terminal
Enters interface configuration mode, and specifies
the Layer 3 interface to configure.
Specifies the ARP encapsulation method:arp {arpa | snap}
• arpa—Address Resolution Protocol
• snap—Subnetwork Address Protocol
Returns to privileged EXEC mode.end
Verifies ARP encapsulation configuration on all
interfaces or the specified interface.
Step 7
Enabling Proxy ARP
By default, the Device uses proxy ARP to help hosts learn MAC addresses of hosts on other networks or
subnets.
Device# show interfaces
copy running-config startup-config
Example:
Device# copy running-config
startup-config
(Optional) Saves your entries in the configuration
file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
66
Page 77
Configuring IP Unicast Routing
Procedure
Configuring Address Resolution Methods
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
interface interface-id
Example:
Device(config)# interface
gigabitethernet 1/0/2
Example:
Device(config-if)# ip proxy-arp
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Enters interface configuration mode, and
specifies the Layer 3 interface to configure.
Enables proxy ARP on the interface.ip proxy-arp
Returns to privileged EXEC mode.end
Step 6
Step 7
Example:
Device(config)# end
show ip interface [interface-id]
Example:
Device# show ip interface
gigabitethernet 1/0/2
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Verifies the configuration on the interface or
all interfaces.
(Optional) Saves your entries in the
configuration file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
67
Page 78
Routing Assistance When IP Routing is Disabled
Routing Assistance When IP Routing is Disabled
These mechanisms allow the Device to learn about routes to other networks when it does not have IP routing
enabled:
Proxy ARP
•
Default Gateway
•
ICMP Router Discovery Protocol (IRDP)
•
Proxy ARP
Proxy ARP is enabled by default. To enable it after it has been disabled, see the “Enabling Proxy ARP” section.
Proxy ARP works as long as other routers support it.
Default Gateway
Configuring IP Unicast Routing
Another method for locating routes is to define a default router or default gateway. All non-local packets are
sent to this router, which either routes them appropriately or sends an IP Control Message Protocol (ICMP)
redirect message back, defining which local router the host should use. The Device caches the redirect messages
and forwards each packet as efficiently as possible. A limitation of this method is that there is no means of
detecting when the default router has gone down or is unavailable.
Procedure
PurposeCommand or Action
Step 1
enable
Enables privileged EXEC mode. Enter your
password if prompted.
Example:
Device> enable
Step 2
Step 3
Example:
Device# configure terminal
ip default-gateway ip-address
Example:
Enters the global configuration mode.configure terminal
Sets up a default gateway (router).
Device(config)# ip default gateway
10.1.5.1
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
68
Page 79
Configuring IP Unicast Routing
Routing Assistance When IP Routing is Disabled
PurposeCommand or Action
Step 4
Example:
Device(config)# end
Step 5
Step 6
show ip redirects
Example:
Device# show ip redirects
copy running-config startup-config
Example:
Device# copy running-config
startup-config
ICMP Router Discovery Protocol (IRDP)
The only required task for IRDP routing on an interface is to enable IRDP processing on that interface. When
enabled, the default parameters apply.
You can optionally change any of these parameters. If you change the maxadvertinterval value, the holdtime
and minadvertinterval values also change, so it is important to first change the maxadvertinterval value,
before manually changing either the holdtime or minadvertinterval values.
Returns to privileged EXEC mode.end
Displays the address of the default gateway
router to verify the setting.
(Optional) Saves your entries in the
configuration file.
Procedure
Step 1
Step 2
enable
Example:
Device> enable
Example:
Device# configure terminal
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
PurposeCommand or Action
Enables privileged EXEC mode. Enter your password
if prompted.
Enters the global configuration mode.configure terminal
69
Page 80
Routing Assistance When IP Routing is Disabled
Configuring IP Unicast Routing
PurposeCommand or Action
Step 3
Step 4
Step 5
Step 6
interface interface-id
Example:
Device(config)# interface
gigabitethernet 1/0/1
Example:
Device(config-if)# ip irdp
ip irdp multicast
Example:
Device(config-if)# ip irdp
multicast
ip irdp holdtime seconds
Example:
Device(config-if)# ip irdp
holdtime 1000
Enters interface configuration mode, and specifies the
Layer 3 interface to configure.
Enables IRDP processing on the interface.ip irdp
(Optional) Sends IRDP advertisements to the multicast
address (224.0.0.1) instead of IP broadcasts.
Note
This command allows for compatibility with
Sun Microsystems Solaris, which requires
IRDP packets to be sent out as multicasts.
Many implementations cannot receive these
multicasts; ensure end-host ability before using
this command.
(Optional) Sets the IRDP period for which
advertisements are valid. The default is three times the
maxadvertinterval value. It must be greater than
maxadvertinterval and cannot be greater than 9000
seconds. If you change the maxadvertinterval value,
this value also changes.
Step 7
Step 8
Step 9
ip irdp maxadvertinterval seconds
Example:
Device(config-if)# ip irdp
maxadvertinterval 650
ip irdp minadvertinterval seconds
Example:
Device(config-if)# ip irdp
minadvertinterval 500
ip irdp preference number
Example:
Device(config-if)# ip irdp
preference 2
(Optional) Sets the IRDP maximum interval between
advertisements. The default is 600 seconds.
(Optional) Sets the IRDP minimum interval between
advertisements. The default is 0.75 times the
maxadvertinterval. If you change the
maxadvertinterval, this value changes to the new
default (0.75 of maxadvertinterval).
(Optional) Sets a device IRDP preference level. The
allowed range is –231 to 231. The default is 0. A higher
value increases the router preference level.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
70
Page 81
Configuring IP Unicast Routing
Configuring Broadcast Packet Handling
PurposeCommand or Action
Step 10
Step 11
Step 12
Step 13
ip irdp address address [number]
Example:
Device(config-if)# ip irdp
address 10.1.10.10
Example:
Device(config)# end
Example:
Device# show ip irdp
Example:
Device# copy running-config
startup-config
(Optional) Specifies an IRDP address and preference
to proxy-advertise.
Returns to privileged EXEC mode.end
Verifies settings by displaying IRDP values.show ip irdp
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Configuring Broadcast Packet Handling
Perform the tasks in these sections to enable these schemes:
Enabling Directed Broadcast-to-Physical Broadcast Translation
•
Forwarding UDP Broadcast Packets and Protocols
•
Establishing an IP Broadcast Address
•
Flooding IP Broadcasts
•
Enabling Directed Broadcast-to-Physical Broadcast Translation
By default, IP directed broadcasts are dropped; they are not forwarded. Dropping IP-directed broadcasts makes
routers less susceptible to denial-of-service attacks.
You can enable forwarding of IP-directed broadcasts on an interface where the broadcast becomes a physical
(MAC-layer) broadcast. Only those protocols configured by using the ip forward-protocol global configuration
command are forwarded.
You can specify an access list to control which broadcasts are forwarded. When an access list is specified,
only those IP packets permitted by the access list are eligible to be translated from directed broadcasts to
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
71
Page 82
Configuring Broadcast Packet Handling
physical broadcasts. For more information on access lists, see the “Information about Network Security with
ACLs" section in the Security Configuration Guide.
Procedure
Configuring IP Unicast Routing
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
interface interface-id
Example:
Device(config)# interface
gigabitethernet 1/0/2
ip directed-broadcast
[access-list-number]
Example:
Device(config-if)# ip
directed-broadcast 103
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Enters interface configuration mode, and specifies
the interface to configure.
Enables directed broadcast-to-physical broadcast
translation on the interface. You can include an
access list to control which broadcasts are
forwarded. When an access list, only IP packets
permitted by the access list can be translated.
Returns to global configuration mode.exit
Example:
Device(config-if)# exit
Step 6
ip forward-protocol {udp [port] | nd |
sdns}
Example:
Specifies which protocols and ports the router
forwards when forwarding broadcast packets.
• udp—Forward UPD datagrams.
port: (Optional) Destination port that controls
Device(config)# ip forward-protocol
nd
which UDP services are forwarded.
• nd—Forward ND datagrams.
• sdns—Forward SDNS datagrams
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
72
Page 83
Configuring IP Unicast Routing
Configuring Broadcast Packet Handling
PurposeCommand or Action
Step 7
Step 8
Step 9
Step 10
Example:
Device(config)# end
show ip interface [interface-id]
Example:
Device# show ip interface
Example:
Device# show running-config
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Returns to privileged EXEC mode.end
Verifies the configuration on the interface or all
interfaces
Verifies your entries.show running-config
(Optional) Saves your entries in the configuration
file.
Forwarding UDP Broadcast Packets and Protocols
If you do not specify any UDP ports when you configure the forwarding of UDP broadcasts, you are configuring
the router to act as a BOOTP forwarding agent. BOOTP packets carry DHCP information.
Procedure
Step 1
Step 2
enable
Example:
Device> enable
Example:
Device# configure terminal
PurposeCommand or Action
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
73
Page 84
Configuring Broadcast Packet Handling
Configuring IP Unicast Routing
PurposeCommand or Action
Step 3
Step 4
Step 5
Step 6
Step 7
interface interface-id
Example:
Device(config)# interface
gigabitethernet 1/0/1
ip helper-address address
Example:
Device(config-if)# ip helper address
10.1.10.1
Example:
Device(config-if)# exit
ip forward-protocol {udp [port] | nd | sdns}
Example:
Device(config)# ip forward-protocol
sdns
Enters interface configuration mode, and
specifies the Layer 3 interface to configure.
Enables forwarding and specifies the
destination address for forwarding UDP
broadcast packets, including BOOTP.
Returns to global configuration mode.exit
Specifies which protocols the router forwards
when forwarding broadcast packets.
Returns to privileged EXEC mode.end
Step 8
Step 9
Step 10
Example:
Device(config)# end
show ip interface [interface-id]
Example:
Device# show ip interface
gigabitethernet 1/0/1
Example:
Device# show running-config
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Verifies the configuration on the interface or
all interfaces.
Verifies your entries.show running-config
(Optional) Saves your entries in the
configuration file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
74
Page 85
Configuring IP Unicast Routing
Establishing an IP Broadcast Address
The most popular IP broadcast address (and the default) is an address consisting of all ones (255.255.255.255).
However, the Device can be configured to generate any form of IP broadcast address.
Procedure
Configuring Broadcast Packet Handling
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
interface interface-id
Example:
Device(config)# interface
gigabitethernet 1/0/1
ip broadcast-address ip-address
Example:
Device(config-if)# ip broadcast-address
128.1.255.255
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Enters interface configuration mode, and
specifies the interface to configure.
Enters a broadcast address different from the
default, for example 128.1.255.255.
Returns to privileged EXEC mode.end
Step 6
Step 7
Example:
Device(config)# end
show ip interface [interface-id]
Example:
Device# show ip interface
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
Verifies the broadcast address on the interface
or all interfaces.
(Optional) Saves your entries in the
configuration file.
75
Page 86
Configuring Broadcast Packet Handling
Flooding IP Broadcasts
Procedure
Configuring IP Unicast Routing
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
ip forward-protocol spanning-tree
Example:
Device(config)# ip forward-protocol
spanning-tree
Example:
Device(config)# end
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Uses the bridging spanning-tree database
to flood UDP datagrams.
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
Example:
Device# show running-config
Step 6
copy running-config startup-config
(Optional) Saves your entries in the
configuration file.
Example:
Device# copy running-config
startup-config
Step 7
Enters the global configuration mode.configure terminal
Example:
Device# configure terminal
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
76
Page 87
Configuring IP Unicast Routing
Monitoring and Maintaining IP Addressing
PurposeCommand or Action
Step 8
Step 9
Step 10
Step 11
ip forward-protocol turbo-flood
Example:
Device(config)# ip forward-protocol
turbo-flood
Example:
Device(config)# end
Example:
Device# show running-config
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Uses the spanning-tree database to speed
up flooding of UDP datagrams.
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
(Optional) Saves your entries in the
configuration file.
Monitoring and Maintaining IP Addressing
When the contents of a particular cache, table, or database have become or are suspected to be invalid, you
can remove all its contents by using the clear privileged EXEC commands. The Table lists the commands for
clearing contents.
Table 6: Commands to Clear Caches, Tables, and Databases
Clears the IP ARP cache and the fast-switching cache.clear arp-cache
clear host {name | *}
clear ip route {network [mask] | *}
You can display specific statistics, such as the contents of IP routing tables, caches, and databases; the
reachability of nodes; and the routing path that packets are taking through the network. The Table lists the
privileged EXEC commands for displaying IP statistics.
Removes one or all entries from the hostname and the address
cache.
Removes one or more routes from the IP routing table.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
77
Page 88
How to Configure IP Unicast Routing
Table 7: Commands to Display Caches, Tables, and Databases
Configuring IP Unicast Routing
Displays the entries in the ARP table.show arp
show hosts
show ip interface [interface-id]
show ip masks address
show ip route [address [mask]] |
[protocol]
Displays the default domain name, style of lookup service, name
server hosts, and the cached list of hostnames and addresses.
Displays IP addresses mapped to TCP ports (aliases).show ip aliases
Displays the IP ARP cache.show ip arp
Displays the IP status of interfaces.
Displays IRDP values.show ip irdp
Displays the masks used for network addresses and the number of
subnets using each mask.
Displays the address of a default gateway.show ip redirects
Displays the current state of the routing table.
Displays the current state of the routing table in summary form.show ip route summary
How to Configure IP Unicast Routing
Enabling IP Unicast Routing
By default, the Device is in Layer 2 switching mode and IP routing is disabled. To use the Layer 3 capabilities
of the Device, you must enable IP routing.
Procedure
Step 1
enable
Example:
Device> enable
PurposeCommand or Action
Enables privileged EXEC mode. Enter your
password if prompted.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
78
Page 89
Configuring IP Unicast Routing
Example of Enabling IP Routing
PurposeCommand or Action
Step 2
Step 3
Step 4
Step 5
Step 6
Example:
Device# configure terminal
Example:
Device(config)# ip routing
Example:
Device(config)# end
Example:
Device# show running-config
copy running-config startup-config
Example:
Enters the global configuration mode.configure terminal
Enables IP routing.ip routing
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
(Optional) Saves your entries in the
configuration file.
Device# copy running-config
startup-config
Example of Enabling IP Routing
This example shows how to enable IP routingusing RIP as the routing protocol :
Device# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Device(config)# ip routing
Device(config-router)# end
What to Do Next
You can now set up parameters for the selected routing protocols as described in these sections:
RIP
•
OSPF,
•
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
79
Page 90
Information About RIP
EIGRP
•
BGP
•
Unicast Reverse Path Forwarding
•
Protocol-Independent Features (optional)
•
Information About RIP
The Routing Information Protocol (RIP) is an interior gateway protocol (IGP) created for use in small,
homogeneous networks. It is a distance-vector routing protocol that uses broadcast User Datagram Protocol
(UDP) data packets to exchange routing information. The protocol is documented in RFC 1058. You can find
detailed information about RIP in IP Routing Fundamentals, published by Cisco Press.
RIP is supported in the Network Essentials feature set.Note
Configuring IP Unicast Routing
Using RIP, the Device sends routing information updates (advertisements) every 30 seconds. If a router does
not receive an update from another router for 180 seconds or more, it marks the routes served by that router
as unusable. If there is still no update after 240 seconds, the router removes all routing table entries for the
non-updating router.
RIP uses hop counts to rate the value of different routes. The hop count is the number of routers that can be
traversed in a route. A directly connected network has a hop count of zero; a network with a hop count of 16
is unreachable. This small range (0 to 15) makes RIP unsuitable for large networks.
If the router has a default network path, RIP advertises a route that links the router to the pseudonetwork
0.0.0.0. The 0.0.0.0 network does not exist; it is treated by RIP as a network to implement the default routing
feature. The Device advertises the default network if a default was learned by RIP or if the router has a gateway
of last resort and RIP is configured with a default metric. RIP sends updates to the interfaces in specified
networks. If an interface’s network is not specified, it is not advertised in any RIP update.
Summary Addresses and Split Horizon
Routers connected to broadcast-type IP networks and using distance-vector routing protocols normally use
the split-horizon mechanism to reduce the possibility of routing loops. Split horizon blocks information about
routes from being advertised by a router on any interface from which that information originated. This feature
usually optimizes communication among multiple routers, especially when links are broken.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
80
Page 91
Configuring IP Unicast Routing
How to Configure RIP
Default RIP Configuration
Table 8: Default RIP Configuration
originate
How to Configure RIP
Default SettingFeature
Enabled.Auto summary
Disabled.Default-information
Built-in; automatic metric translations.Default metric
IP RIP authentication
key-chain
Timers basic
No authentication.
Authentication mode: clear text.
DisabledIP RIP triggered
Varies with media.IP split horizon
None defined.Neighbor
None specified.Network
Disabled.Offset list
0 milliseconds.Output delay
Update: 30 seconds.
•
Invalid: 180 seconds.
•
Hold-down: 180 seconds.
•
Flush: 240 seconds.
•
Enabled.Validate-update-source
Receives RIP Version 1 and 2 packets; sends Version 1 packets.Version
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
81
Page 92
Configuring Basic RIP Parameters
Configuring Basic RIP Parameters
To configure RIP, you enable RIP routing for a network and optionally configure other parameters. On the
Device, RIP configuration commands are ignored until you configure the network number.
Procedure
Configuring IP Unicast Routing
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
Example:
Device(config)# ip routing
router rip
Example:
Device(config)# router rip
network network number
Example:
Device(config)# network 12
Enables privileged EXEC mode. Enter your password if
prompted.
Enters the global configuration mode.configure terminal
Enables IP routing. (Required only if IP routing is disabled.)ip routing
Enables a RIP routing process, and enter router configuration
mode.
Associates a network with a RIP routing process. You can
specify multiple network commands. RIP routing updates
are sent and received through interfaces only on these
networks.
Note
You must configure a network number for the RIP
commands to take effect.
Step 6
neighbor ip-address
(Optional) Defines a neighboring router with which to
exchange routing information. This step allows routing
Example:
updates from RIP (normally a broadcast protocol) to reach
nonbroadcast networks.
Device(config)# neighbor
10.2.5.1
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
82
Page 93
Configuring IP Unicast Routing
Configuring Basic RIP Parameters
PurposeCommand or Action
Step 7
Step 8
Step 9
offset-list [access-list number |
name] {in | out} offset [type
number]
Example:
Device(config)# offset-list
103 in 10
timers basic update invalid
holddown flush
Example:
Device(config)# timers basic
45 360 400 300
version {1 | 2}
Example:
Device(config)# version 2
(Optional) Applies an offset list to routing metrics to increase
incoming and outgoing metrics to routes learned through RIP.
You can limit the offset list with an access list or an interface.
(Optional) Adjusts routing protocol timers. Valid ranges for
all timers are 0 to 4294967295 seconds.
• update—The time between sending routing updates.
The default is 30 seconds.
• invalid—The timer after which a route is declared
invalid. The default is 180 seconds.
• holddown—The time before a route is removed from
the routing table. The default is 180 seconds.
• flush—The amount of time for which routing updates
are postponed. The default is 240 seconds.
(Optional) Configures the switch to receive and send only
RIP Version 1 or RIP Version 2 packets. By default, the switch
receives Version 1 and 2 but sends only Version 1. You can
also use the interface commands ip rip {send | receive}
version 1 | 2 | 1 2} to control what versions are used for
sending and receiving on interfaces.
Step 10
Step 11
Step 12
no auto summary
Example:
Device(config)# no auto
summary
no validate-update-source
Example:
Device(config)# no
validdate-update-source
output-delay delay
Example:
Device(config)# output-delay
8
(Optional) Disables automatic summarization. By default, the
switch summarizes subprefixes when crossing classful
network boundaries. Disable summarization (RIP Version 2
only) to advertise subnet and host routing information to
classful network boundaries.
(Optional) Disables validation of the source IP address of
incoming RIP routing updates. By default, the switch validates
the source IP address of incoming RIP routing updates and
discards the update if the source address is not valid. Under
normal circumstances, disabling this feature is not
recommended. However, if you have a router that is
off-network and you want to receive its updates, you can use
this command.
(Optional) Adds interpacket delay for RIP updates sent. By
default, packets in a multiple-packet RIP update have no delay
added between packets. If you are sending packets to a
lower-speed device, you can add an interpacket delay in the
range of 8 to 50 milliseconds.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
83
Page 94
Configuring RIP Authentication
Configuring IP Unicast Routing
PurposeCommand or Action
Step 13
Example:
Device(config)# end
Step 14
Example:
Device# show ip protocols
Step 15
startup-config
Example:
Device# copy running-config
startup-config
Configuring RIP Authentication
Returns to privileged EXEC mode.end
Verifies your entries.show ip protocols
(Optional) Saves your entries in the configuration file.copy running-config
RIP Version 1 does not support authentication. If you are sending and receiving RIP Version 2 packets, you
can enable RIP authentication on an interface. The key chain specifies the set of keys that can be used on the
interface. If a key chain is not configured, no authentication is performed, not even the default.
The Device supports two modes of authentication on interfaces for which RIP authentication is enabled: plain
text and MD5. The default is plain text.
Procedure
PurposeCommand or Action
Step 1
enable
Enables privileged EXEC mode. Enter your
password if prompted.
Example:
Device> enable
Step 2
Example:
Device# configure terminal
Enters the global configuration mode.configure terminal
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
84
Page 95
Configuring IP Unicast Routing
Configuring Summary Addresses and Split Horizon
PurposeCommand or Action
Step 3
Step 4
Step 5
Step 6
Step 7
interface interface-id
Example:
Device(config)# interface gigabitethernet
1/0/1
ip rip authentication key-chain name-of-chain
Example:
Device(config-if)# ip rip authentication
key-chain trees
ip rip authentication mode {text | md5}
Example:
Device(config-if)# ip rip authentication
mode md5
Example:
Device(config)# end
Enters interface configuration mode, and
specifies the interface to configure.
Enables RIP authentication.
Configures the interface to use plain text
authentication (the default) or MD5 digest
authentication.
Returns to privileged EXEC mode.end
Verifies your entries.show running-config
Example:
Device# show running-config
Step 8
copy running-config startup-config
Example:
Device# copy running-config
startup-config
Configuring Summary Addresses and Split Horizon
Note
In general, disabling split horizon is not recommended unless you are certain that your application requires
it to properly advertise routes.
If you want to configure an interface running RIP to advertise a summarized local IP address pool on a network
access server for dial-up clients, use the ip summary-address rip interface configuration command.
(Optional) Saves your entries in the
configuration file.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
85
Page 96
Configuring Summary Addresses and Split Horizon
If split horizon is enabled, neither autosummary nor interface IP summary addresses are advertised.Note
Procedure
Configuring IP Unicast Routing
PurposeCommand or Action
Step 1
Step 2
Step 3
Step 4
Step 5
enable
Example:
Device> enable
Example:
Device# configure terminal
interface interface-id
Example:
Device(config)# interface gigabitethernet
1/0/1
ip address ip-address subnet-mask
Example:
Device(config-if)# ip address 10.1.1.10
255.255.255.0
ip summary-address rip ip address ip-network
mask
Enables privileged EXEC mode. Enter your
password if prompted.
Enters the global configuration mode.configure terminal
Enters interface configuration mode, and
specifies the Layer 3 interface to configure.
Configures the IP address and IP subnet.
Configures the IP address to be
summarized and the IP network mask.
Example:
Device(config-if)# ip summary-address rip
ip address 10.1.1.30 255.255.255.0
Step 6
Disables split horizon on the interface.no ip split horizon
Example:
Device(config-if)# no ip split horizon
Step 7
Returns to privileged EXEC mode.end
Example:
Device(config)# end
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
86
Page 97
Configuring IP Unicast Routing
Configuring Split Horizon
PurposeCommand or Action
Step 8
Step 9
show ip interface interface-id
Example:
Device# show ip interface gigabitethernet
1/0/1
copy running-config startup-config
Example:
Device# copy running-config startup-config
Configuring Split Horizon
Routers connected to broadcast-type IP networks and using distance-vector routing protocols normally use
the split-horizon mechanism to reduce the possibility of routing loops. Split horizon blocks information about
routes from being advertised by a router on any interface from which that information originated. This feature
can optimize communication among multiple routers, especially when links are broken.
Verifies your entries.
(Optional) Saves your entries in the
configuration file.
Note
In general, we do not recommend disabling split horizon unless you are certain that your application
requires it to properly advertise routes.
Procedure
PurposeCommand or Action
Step 1
enable
Enables privileged EXEC mode. Enter your
password if prompted.
Example:
Device> enable
Step 2
Example:
Device# configure terminal
Enters the global configuration mode.configure terminal
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
87
Page 98
Configuration Example for Summary Addresses and Split Horizon
Configuring IP Unicast Routing
PurposeCommand or Action
Step 3
Step 4
Step 5
Step 6
Step 7
interface interface-id
Example:
Device(config)# interface gigabitethernet
1/0/1
ip address ip-address subnet-mask
Example:
Device(config-if)# ip address 10.1.1.10
255.255.255.0
Example:
Device(config-if)# no ip split-horizon
Example:
Device(config)# end
show ip interface interface-id
Enters interface configuration mode, and
specifies the interface to configure.
Configures the IP address and IP subnet.
Disables split horizon on the interface.no ip split-horizon
Returns to privileged EXEC mode.end
Verifies your entries.
Example:
Device# show ip interface gigabitethernet
1/0/1
Step 8
copy running-config startup-config
(Optional) Saves your entries in the
configuration file.
Example:
Device# copy running-config startup-config
Configuration Example for Summary Addresses and Split Horizon
In this example, the major net is 10.0.0.0. The summary address 10.2.0.0 overrides the autosummary address
of 10.0.0.0 so that 10.2.0.0 is advertised out interface Gigabit Ethernet port 2, and 10.0.0.0 is not advertised.
In the example, if the interface is still in Layer 2 mode (the default), you must enter a no switchport interface
configuration command before entering the ip address interface configuration command.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
88
Page 99
Configuring IP Unicast Routing
Information About OSPF
Note
If split horizon is enabled, neither autosummary nor interface summary addresses (those configured with
the ip summary-address rip router configuration command) are advertised.
Device(config)# router rip
Device(config-router)# interface gigabitethernet1/0/2
Device(config-if)# ip address 10.1.5.1 255.255.255.0
Device(config-if)# ip summary-address rip 10.2.0.0 255.255.0.0
Device(config-if)# no ip split-horizon
Device(config-if)# exit
Device(config)# router rip
Device(config-router)# network 10.0.0.0
Device(config-router)# neighbor 2.2.2.2 peer-group mygroup
Device(config-router)# end
Information About OSPF
OSPF is an Interior Gateway Protocol (IGP) designed expressly for IP networks, supporting IP subnetting
and tagging of externally derived routing information. OSPF also allows packet authentication and uses IP
multicast when sending and receiving packets. The Cisco implementation supports RFC 1253, OSPF
management information base (MIB).
The Cisco implementation conforms to the OSPF Version 2 specifications with these key features:
Definition of stub areas is supported.
•
Routes learned through any IP routing protocol can be redistributed into another IP routing protocol. At
•
the intradomain level, this means that OSPF can import routes learned through EIGRP and RIP. OSPF
routes can also be exported into RIP.
Plain text and MD5 authentication among neighboring routers within an area is supported.
•
Configurable routing interface parameters include interface output cost, retransmission interval, interface
•
transmit delay, router priority, router dead and hello intervals, and authentication key.
Virtual links are supported.
•
Not-so-stubby-areas (NSSAs) per RFC 1587are supported.
•
OSPF typically requires coordination among many internal routers, area border routers (ABRs) connected to
multiple areas, and autonomous system boundary routers (ASBRs). The minimum configuration would use
all default parameter values, no authentication, and interfaces assigned to areas. If you customize your
environment, you must ensure coordinated configuration of all routers.
OSPF Nonstop Forwarding
The Device or switch stack supports two levels of nonstop forwarding (NSF):
OSPF NSF Awareness, on page 90
•
OSPF NSF Capability, on page 90
•
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
89
Page 100
OSPF Area Parameters
OSPF NSF Awareness
The Network Advantage license supports OSPF NSF Awareness for IPv4. When the neighboring router is
NSF-capable, the Layer 3 Device continues to forward packets from the neighboring router during the interval
between the primary Route Processor (RP) in a router crashing and the backup RP taking over, or while the
primary RP is manually reloaded for a non-disruptive software upgrade.
This feature cannot be disabled.
OSPF NSF Capability
The Network Advantage license supports the OSPFv2 NSF IETF format in addition to the OSPFv2 NSF Cisco
format that is supported in earlier releases. For information about this feature, see : NSF—OSPF (RFC 3623
OSPF Graceful Restart).
The Network Advantage license also supports OSPF NSF-capable routing for IPv4 for better convergence
and lower traffic loss following a stack master change.
Configuring IP Unicast Routing
Note
OSPF NSF requires that all neighbor networking devices be NSF-aware. If an NSF-capable router discovers
non-NSF aware neighbors on a network segment, it disables NSF capabilities for that segment. Other
network segments where all devices are NSF-aware or NSF-capable continue to provide NSF capabilities.
Use the nsf OSPF routing configuration command to enable OSPF NSF routing. Use the show ip ospf
privileged EXEC command to verify that it is enabled.
For more information, see Cisco Nonstop Forwarding: http://www.cisco.com/en/US/docs/ios/ha/configuration/
guide/ha-nonstp_fwdg.html
OSPF Area Parameters
You can optionally configure several OSPF area parameters. These parameters include authentication for
password-based protection against unauthorized access to an area, stub areas, and not-so-stubby-areas (NSSAs).
Stub areas are areas into which information on external routes is not sent. Instead, the area border router (ABR)
generates a default external route into the stub area for destinations outside the autonomous system (AS). An
NSSA does not flood all LSAs from the core into the area, but can import AS external routes within the area
by redistribution.
Route summarization is the consolidation of advertised addresses into a single summary route to be advertised
by other areas. If network numbers are contiguous, you can use the area range router configuration command
to configure the ABR to advertise a summary route that covers all networks in the range.
Other OSPF Parameters
You can optionally configure other OSPF parameters in router configuration mode.
Route summarization: When redistributing routes from other protocols. Each route is advertised
•
individually in an external LSA. To help decrease the size of the OSPF link state database, you can use
the summary-address router configuration command to advertise a single router for all the redistributed
routes included in a specified network address and mask.
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
90
Loading...