ame pa Route Selection and Control on NE Series Routers ee BRABAR METAr mean = Pa @ Foreword + A routing protocol is used to discover routes to different. destination network segments on a network, thereby ‘guiding routers in forwarding packets. It is impossible for 2 router to accept all the routes learnt by different routing protocols running on the network. + Arouter must be able to learn useful routes, fiter out unwanted routes, and select optimal routes. This course comprehensively describes route control and route selection. AERAMOA MOLT REETB THcourse Name Pa @ Objectives + Upon completion of this course, you will be able «2 Choate correct route selection tools according to different route selection and control scenarios. +2 Properly configure route selection and control on a network consisting of NE series routers. enipte seta tahaiin ca tuations mgt SIE HUAWE! Confidential information of Huawei. No Spreading Without PermissionCourse Name i © Contents Route Selection and Control Overview Route Selection and Control Tools Route Selection and Control Configuration of Route Selection and Control on NE Serles Routers 5. Hands-on Practice on Route Selection and Control corte set iminindng ce cunipaimen mt NP HUAN: Confidential information of Huawei. No Spreading Without PermissionCourse Name Ps © Contents 1. Route Selection and Control Overview 2. Route Selection and Control Tools 13. Route Selection and Control 4 Configuration of Route Selection and Control on NE Series Routers 55. Hands-on Practice on Route Selection and Control Confidential Information of Huawei. No Spreading Without PermissionCourse Name Introduction to Route Selection and Control = When adverts resving, or veerdating route, aroutr nents to Implement certain poles accordog tothe actual etworing requcements for filtering the router of changing the attributes ofthe + Contling route advertisement + Advert th etesthat et te pied condos saya sd eros contol abe sd ec © Fern al conteling redstted routes + hen etiing thoes drying tec © Seting the special route atbutes eth rnp ata the rae ered sing rote ply : Pore Confidential Information of Huawei. No Spreading Without Permission Ps.Course Name py Route Selection and Control conrad asked ae Me wave Confidential Information of Huawel. No Spreading Without Permissionween Ps Basic Process of Route Selection and Control + Route policy implementation can be divided into two steps: step Description Define the cacti ofthe routes on which he out poy | >. [Pati he matching res oh te poe ed forte adverteament, caption and redibtion ee ABARAT KARA ABETCourse Name ps Self-Test Question About Route Selection and Control Overview 41. The route control involves (_ ). A. Advertsing routes B. Recelving routes, C.Filtering and controling the introduced routes D. Setting attributes of a specified route Cernpee ovr eamsginceuaatonansees gen SNE HUAI + Anco Confidential information of Huawei. No Spreading Without PermissionCourse Name P10 © Contents Route Selection and Control Overview Route Selection and Control Tools Route Selection and Control awe Configuration of Route Selection and Control on NE Serles Routers 5. Hands-on Practice on Route Selection and Control, criterium tahiniacet aterm, — rae SIE AWE! Confidential Information of Huawei, No Spreading Without PermissionCourse Name pn Access Control List + An ACL isa group of sequetiarules that consist ofthe permit | deny statements and ate described by source adress, destination a and port number. + Based on thelr functions, ACLs ean be classified Into three types: + ema tigg om 20 2958, et La bed tomate 1 Weng tm 3001 998, mada CL can bed + th ner ging rom 1001998 nerd Ak cn ad Confidential Information of Huawei. No Spreading Without PermissionCourse Name paz Access Control List + ACLrule matching process 2 Check whether the se as contre the RCL tain secs may lw svatnt ACLs to rare +e ACL it and paca neo be ccd acd th yl the {dec ote of th action teed y th re and no sabeegunt le fie Ac eta ay source ace, dettin ade, pet otc cared hy Tse pet amber, drat ort abe and ‘ein options inthe MP types need oe atch the ACL are guesed sordng tt eric runs or reaching Once ia ate ‘hesenicle ido te th aan stage as contin oe ee) Confidential Information of Huawei. No Spreading Without PermissionCourse Name pas Access Control List + Rule matching sequence: = Configuration Sequence + Inconguton equnce made, matching ie peromed cording tthe + mau sequence mote, the tm aortic aocrtes route 1 tpt the sales ctntemant nthe pectin at pact rage he ageing scoring othe "depth Got pe + On VRP 5, the default rule matching mode s configuration sequence. + ACLs can be dassifid into those used for IPva routes and those used for IPvs routes, namely, ACLS. Pe rvawe Confidential Information of Huawei. No Spreading Without PermissionACL Example (1) aaa.a/s2 \ aasave et number 2004 2.2.1.0/24 |"tuleo permit source 1.4.00 0.0.258.258 2.2.2,0/24 1.2,0.0/26 2.0.0.0/8 |] tt.0.0n6 contoeset it indogn ca tigen mnt HAE ‘+ The meaning of this ACL is only matching the route entity withthe first 2 bytes "1.1". The last 2 bytes will be ignored. So that the network 1.1.1.432, 1.1.1.0724 and 1.1.0.0/16 are matched. confidenti Permission Information of Huawei. No Spreading WithoutACL Example (2) aaaa/s2 2.1.2.0/24 |actnumber 2008 sant ete taney} aiitetsrae “coppight© 2011 uauat Tcalog Co, Lt Aight served, Paget ME ruawer + This ACL means that ll the 32 bits of route must be match. So finally only ‘one route entity 1.1.0.0/16 is matched. Confidential information of Huawei. No Spreading Without PermissionACL Example (3) 12.21/32 \ aaaayse 1.2.2.1/32 \ act number 2004 2.2.3.2/32 | tule permitsource Minoooses2s | 2.2.3.1/32 a.aa.ayoz aas.a/32 “ aa.s.a/32 a.n.6.1/32 ee + Please remember that “0” means the routing entity must strictly match ‘and “1” means the routing entity can be ignored. So convert decimal wildcard mask 0.0.254.255 into binary that is "00000000.00000000.11111110.11111111". Ths binary wildcard mask means thatthe first 16 bits and the 24th bit must be strictly match, and ‘the others are ignored. The conclusion i that the frst 16 bits must be “1.1 land the 24th bt must he "1" also, So network 1.1.1.1/32, 1.1.3.1/32, 1.1.5.132 are matched, the other routing entity are out of match Confidential Information of Huawei. No Spreading Without PermissionACL Example (4) aa...2/32) a.a.2.0/24 1.1.0.0/26 1.0.0.0/8 Pe rule permit source 1.1.1 0 annys2 Fle deny source 1.11.00 ule 2 permit souree 11.0.0 0.0256.0 rule deny ‘Actually, there are more than one rule that can be configuredin ACL. For this example, we configure 4 rules in ACL 2001 "1.1.1.1132" matches “rule, permit "1.1.1.0724" matches “ule 1", denied, °1.1.0.0/16" matches “rule 2"; permit "1.0.0.018" can not match the frst three match conditions, soit fitered by "rule" Confidential Information of Huawei. No Spreading Without PermissionACL Example (5) a riaase | \ 2.21,1,0/24 | act number 2008 oer eas [ninopnnit source 2.2.0.0/36 2.0.0.0/8 [How to fiter 4.1.1.0726 7 La.a.o/24 La.2.0/25 Be euawer ‘© Using ACL. can match prefic of route, but for routes with same prefs, but different masks, how to distinguish them? In this case, prfbclist can be used. Confidential Information of Huawel, No Spreading Without PermissionHem pao IP-Prefix + Used to filter IP prefix according prefix number and prefix of length «+ Prefivlist has better capability than ACL + Prefirlist can not filter data packets + Example: ip ip-prefix test index 10 permit 10.0.0.0 16 greater-equal 24 less-equal 28 «Prefix number must be 10.0 2 2acxprefixlangth <=28 1 Such as:10.0.1.0/24, 10.0.2.0/25, 10.0.2.192/26 connivei hainioinc statins rons SnEATIRAR) MALTA RASHESCourse Name P20 IP-Prefix + IP prefix list matching sequence: 1 During the matching, the system checks each entry according to the index numbers in ascending order. Therefore, the specified entry index numbers must conform tothe expected, matching sequence. 1 Once an entry I found to meet the condition, the filter Hist is considered as passed and the system does not match any other + IP prefix ists can be classified into Pv prefix lists and IPvs prefix lists, Compared with ACLs, IP prefix ists can be configured easly and applied flexibly Confidential Information of Huawel. No Spreading Without Permissionween a IP-Prefix Example a.a..1/32 ‘ptp-prett Prof index 10 1.2.2.0/24 || eiegeame rat | 1.1,1.0/25 ,| Sfeater-equel 26 less-equal 24 2.2.1,0/26 1.1.0.0/16 3.0.0.0/8 ee Notes ‘= ONVRP 5, by default all the routes that fil to be matched are prohibited rom passing through the IP profixlist. [After entrles in permit mode are configured, by default, all the routes that {all to be matched are in deny mode. n this case, only the routes that are matched can pass through the IP prefix list. 12 After entries in deny mode are configured, by default all he other routes are alo in deny mode. inthis case, even if all the routes are matched, no route can pass through the IP prefix list. Therefore, you need to define ‘entry permit 0.0.0.0 0 less-equal 32 following multiple entries in deny ‘made to permit all other routes. «© Iftwo or more entries are defined, the matching mode of at least one of| ‘the entries must be set to permit. SISOS RUT RABIESae p22 AS-Path-Filter + The AS Path ‘2 group of matching conditions specified for the AS_Path field, namely, AS_Path list. ‘+ The AS_Path filter is defined by using a regular expression. 2 Example + Run ps path iter 10 permit. to match all AS PATH sts. + Run pas path-fiter 10 permit_1006 to match all he routes originated from £5100, + Run pas path-lter 10 permit *200_ to match ll the routes compennineinicesistigmment non Sprnnwer | Introduction: ‘2 Asan important route attribute in BGP routes, an AS_Path lst records all the ASs that a BGP route traverses, When BGP routes with different [AS Path lists need to be received selectively the AS Path filtercan be used to entract the required routes and filter out unwanted routes ERMA ARAS OLE RIERA heCourse Name pas Common Regular Expressions Regular ] Meaning Expression AS | Incte the routes originated fom the local AS. + [Indah route, yo. |e hat he routes mst pas trogh a0, [tates that nly the routs om ASO re accented 105 Indicates al the routes eignated tom ASt0. ee Confidential Information of Huawei. No Spreading Without Permissionmeen pas Community-Filter + A.community filter list specifies matching conditions for the ‘community attribute field. + Community filters can be classified into two types: basic and advanced: 1 Basle community ters are used to match the actual community atibutes and constants ip community fer 1 permit 100: 1002 + ip community iter 1 pet 100:1 + fp communityfiter 1 pemsit novxport + Regular expressions can be used for advanced community ‘Alters. Ip community iter 100 permit M0 anit © 2041 nme Tite gtr, Pap Me Huawer + Introduction 1 Inadditionto the AS_Path fitter, community filters are another important attribute used to control BGP route advertisement and reception. A ‘community fitter can be used to selector filter BGP routes according to the ‘community attribute. EAARAR BOUT REINARHE P25 Route-Policy(1/2) + Aroute policy is used to match the specified routes or certain attributes, such as the next hop and outbound interface, of the routes, and change the attributes of these routes when conditions are met + Route policy can consis of multiple nodes, among which an OR relationship exists (The method of specifying node numbers is the same as the method of specifying the index numbers of IP prefix lists). When a route entry enters the route policy filter, ‘the system checks each node in turn according to the node sequence numbers. A route is considered to have passed the filter once any node of the route policy passes the fite, and ‘the system does not match any other node. ‘enti @ 201 Taos Coy SA hrm Pe Be uawer ‘+ Introduction: ‘© As.a complicated filter route policy can not only match certain attributes ofthe specified routes but also change route attributes when conditions are met. A route policy can use the above-mentioned four types of filters to define it matching rues. AD BOREBUAR BLT RE EAMCourse Name p26 Route-Policy(2/2) + Allof the nodes has the i-match and apply sub cause, and the it- match clauses “And” relationship. + There are two node matching modes: permit and deny. = tmpeit mode, route etry passes the fteing ofthe node, the ‘apply dtne ofthe nodes erected end the ster does nt match ‘the route entry against any other node. Others, the system matches the route entry agaist the next node © Indeny mode, the apply cae ot exacted, fa route entry meets a the fmatch causes ofthe node the route ents probited rom ‘azrng though the node and the sytem does not match the route ‘nty against the next node, Others, the system continues to match ‘the route entry aginst the next node. Information of Huawei. No Spreading Without PermissionCourse Name par Route-Policy Example zy Se, sittepoliey BY permit node 56 + Remarks: ‘© On VAP 5, by default, all the routes that fall to be matched are prohibited ‘rom passing the route policy. © Hf more than one node Is defined in the route policy, ensure that the matching mode of atleast one node is permit. The reason Is that, when a route policy is used to filter routes: + Hany route fails to pass any node, itis considered that the route fallsto pass the route policy + lf the matching mode of all the nodes of the route policyis deny, it {s considered thatthe route can pass the route policy Confidential information of Huawei. No Spreading Without PermissionCourse Name p28 Comparison of Filters river [RPPRHEEN | athingconon [Remar yoarlc routing | Destination address, | fen referenced by ack paneer eothep | Fiterpolcy and route: cy teriomntiy | | epee [Panera [orien ate [tery ara rower [Ores rtia_| ten, [ten ee by ee ert emai. |e I Path vane | Oenetreced by BOP | AS Pat iter [0c pnted command corms Jace omni atbte_ | en rece y BP Conronerotien nonngacetenipamnee —rpat NB HUAWEL Confidential Information of Huawei. No Spreading Without PermissionCourse Name p29 Self-Test Questions About Route Selection and Control Tool 1. Which of the following statements about “ip ip-prefix Prefix permit 160.0.0.0 8" Is true? (_ ) ‘A. The frst tree bits ofthe prefix must be 101. The mask length must range from 8 to 32 bits. B. The first three bits of the prefix must be 101. The mask length must be 8 bits. C. The prefix number must be 160. The mask length must range from 8 to 32 bits. D. The prefix number must be 160. The mask length must bes bits. omee ottomeseminaincaticatinnmenes, — pas uae Confidential Information of Huawei. No Spreading Without PermissionCourse Name P30 Self-Test Questions About Route Selection and Control Tool 2. Which of the following filters can filter only BGP routes? Oo) Aad B.IP-Prefix C.AS-PATH-Filter D. Community-Filter apie ©2011 Harm neg CAE ABER PaO Me Hua: Confidential Information of Huawei. No Spreading Without PermissionCourse Name pat Self-Test Questions About Route Selection and Control Tool ‘3. What is the difference between the ACL and the IP-Prefix? oO) ‘A. The ACL can be used to match data besides routing information. 1B. The ACL can be used to differentiate routes with the same prefix and different masks. C. The IP-Prefix can be used to match data except routing information D. The iP-Prefix can be used to differentiate routes with the same prefix and different masks. comimtestitiom gina tegen mga AB UAE! a0 Confidential Information of Huawei, No Spreading Without PermissionCourse Name p32 Self-Test Questions About Route Selection and Control Tool 4. Which ofthe following statements about the Route Policy are ‘ruer() [A-The Route-Policy consists ofthe “It match” and “apply statements . The Route-Policy can have multiple nodes. A route can be matched only if all conditions of a node are mat. The Route-Poicy can have multiple nodes. A route can be ‘matched only if one condition of a node met. fa route is denied after the fist node of the Route Policy is matched and the route matches the second node, the action defined atthe second node is also performed. corte cote adeany ca tears. teas NP HUANG Confidential Information of Huawei. No Spreading Without PermissionCourse Name pa © Contents 41. Route Selection and Control Overview 2. Route Selection and Control Tools 3. Route Selection and Control 4. Configuration of Route Selection and Control on NE Series Routers 55. Hands-on Practice on Route Selection and Control Cosine rv eamsginc ua mianansenes rama SRE HUAWEL Confidential information of Huawei. No Spreading Without PermissionRem pat ®© Contents 3. Route Selection and Control 3.1 Selecting and Controlling Routes by Using Route Filtering 3.2 Selecting and Controlling Routes by Adjusting Routing Protocol Priorities 2.3 Controlling Packet Forwarding Paths by Using Policy based Routing conrionezer iam nign cat ategiaend, nga SAE HUANG So BRAIUAR) BLT ARABUERT ART HePa Avoiding Sub-Optimal Routes by Using Route Filtering(1/2) costae tinier etiam — rane MN Hua + Introduction: Different protocols run on different networks, which need to share routing Information. © Alarge network may consist of a number of small networks. The complexities ofthese small networks vary. Static routing or routing {Information protocol (RiP) Is deployed on some very small networks for simple management. On networks with very complicated link types, OSPF {s deployed (OSPF supports more network types than IS-1S does). 151 is deployed on other networks. Route redistribution may need to be configured to achieve interconnection on these small networks. During route redistribution, sub-optimal routes may be generated due to complicated or improper redistribution. in tis case, a route policy is needed to fiter redistributed routes, thereby preventing sub-optimal routes. ER ATRAR MALTA REHEATCourse Name Avoiding Sub-Optimal Routes by Using Route Filtering(2/2) iss, WP a See gan a ipa hp Confidential Information of Huawei. No Spreading Without Permissioname par Avoiding Routing Loops by Using Route Filtering(1/2) corte sett noningmco atime — moet SMe HUAWEL + tntroduction: ' Inadditionto sub-optimal routes routing loops may be generated during route redistribution. A route policy can be used to filter routes, thereby avoiding routing loop. APERABOT MOLT REPARBI ACourse Name p38 Avoiding Routing Loops by Using Route Filtering(2/2) Confidential Information of Huawei. No Spreading Without PermissioneRe Po ‘Accurately Controlling Route Redistribution and Route Advertisement by Using Route + Introduction: 12 In route redistribution, only certain routes, instead ofall routes, may need to be redistributed. Route filtering can be used to accurately control route redistribution, BNA) BLT RBS awaa p40 Route Filtering Rules + Theroutepoliy fier can eference an IP prefix list asa matching condition + Ineach routing protocol, the fiterpoicy command can be run to refer an prefix stor refer an ACL to filter ecalved and advertised routes 2 that only the routs that meet the condition are received or sadvertsad, © The ter polcyimport command is used to Her receive routes. 1 The terpolcy export command is used to fier advertised routes. +The fier policy command operation procedure na distancevector protocol and that ina link-state protocol ae different 1+ Introduction: «©The preceding section describes the functions of route filtering in route selection and control. Note that route filtering effects of filters vary with routing protocols. Ths topic describes route filtering rules. HS BRARAE) ALITA RIOT RAESTCourse Name pat Route Filtering Rules cininesninmainio cats — rant NR Confidential Information of Huawei. No Spreading Without PermissionBRE p42 ®© Contents 3. Route Selection and Control 3.1 Selecting and Controlling Routes by Using Route Filtering 3.2 Selecting and Controlling Routes by Adjusting Routing Protocol Priorities 3.3 Controlling Packet Forwa based Routing 19 Paths by Using Policy EeRRARAR MUTA REISERee pag Selecting and Controlling Routes by Adjusting Routing Protocol Priorities «The following table Hits the default priorities ofthe routing protocols or routing categories on VRP Si Protocol Preference srr . 1s 5 o i oor as coprgh© 2011 anaes a Ad AB sven get Me rwawer + Introduction: «2 Defined routing protocol priorities vary with vendors. Routing protocal priorities are used to allocate diferent priorities to the routes discovered by different protocols. inthis way, when learning the same route from dlifferont routing protocols, a router can select the routes according to the route priorities. EDBRABAR BGR AGECourse Name pas Floating Static Routes are Typical | Application of Routing Protocol Priorities +The protocol preference of OSPF is 10 and of static route is 60. “+ When the active link becomes faulty, the OSPF neighbor relationshipis interrupted. As a result, the routes leamt from ‘OSPF become invalid and are cleared from the routing table. Cerin tinct ashe — ant SRL UAW Confidential Information of Huawei. No Spreading Without PermissionCourse Name Selecting and Controlling Routes by Adjusting Routing Protocol Priorities- Floating Static Route Configuration ~ 2 42.12.120 82 Bat a10 SRT Confidential information of Huawei. No Spreading Without PermissionCourse Name Pas Selecting and Controlling Routes by Adjusting Routing Protocol Priorities- Floating Static Route Verification 2222) RIA S3__242121.0 StI, s242.42.120 yt 201 aa eg Ca Ae Page Me vanes Confidential Information of Huawei. No Spreading Without PermissionCourse Name par Selecting and Controlling Routes by Adjusting Routing Protocol Priorities- Application of Routing Protocol Priorities in Routing Protocol Migration e-8@ = a) amr 201 turn mag ca ue Achmet at? Me waver Confidential Information of Huawei. No Spreading Without Permissionamen Pa ®© contents 3. Route Selection and Control 3.1 Selecting and Controlling Routes by Using Route Filtering 3.2 Selecting and Controlling Routes by Adjusting Routing Protocol Priorities 3.3 Controlling Packet Forwarding Paths by Using Policy- based Routing contierottietiminnce atime — mete SMP HUAWEL AREA AIRATL IU REARS Iane pao Controlling Packet Forwarding Paths by Using Policy-based Routing «Poynter aly wed cnr pce fora Tt pectea canbe forwarded not eroding he rouge «Foye tng supa maton based on ACs an pat cg sy pec the patho dain pce! oer. «Poy ned tng co be csi is er pone ong Sc a ed tg tsp dng eee ‘Somme regent ahaa aed cy generate hot cy ndronigneyestthe paces BM rwawer “+ Introduction: ©. By sing a route policy, a router can selectively receive and advertise routes. Next, the router needs to forward packets according to the learnt route, There Is one more problem: If packets are forwarded simply by querying the routing table according to the destination P addresses of IP packets, packet forwarding cannot be controlled effectivly.Polcy-based outing can solve ths problem. 2 Not afecting routing table generation, policy-based routing is @ ‘mechanism of selecting forwarding paths based on user-defined policies. Policy-based routing can be used for purposes such as security and load sharing. ea RRARAA AUT RNG H HLControlling Packet Forwarding Paths by Using Policy-based Routing Example copy © 201 arm wnepisCo-LM AB a sened—Pae Pe rwawes + Remarks: ‘= When applying policy-based configuration, pay attention to the following points: +The contents of policy-based routing are specified by it match and ‘apply clauses. A policy can contain multiple if match clauses that are used in combination, 1+ Apolicy specified by a policy name can contain multiple policy points. policy points specified by a node-id. The smaller the node“ is the higher the priortyis and the policy specified by the node-idis executed first + only multiple next hops are set in a poli load-shared among multiplenext hops only. + only multiple outbound interfaces ae set ina policy, packet {forwarding can be load-shared among multiple outbound interfaces only. + tf multiple next hops and outbound interfaces are set in a policy, packet forwarding Is load-shated among the outbound interfaces only. + An outbound interface set in policy-based routing must not be a broadcast interface, for example, an Ethernet interface. packet forwarding s EPEREBAR ROE RETROCourse Name pst Self-Test Questions About Route Selection and Control 1. The priority of the OSPF route is ( ). Ao 8.10 100 0.255 ona 201 Ma ange 8 gern Me vawer Confidential Information of Huawei. No Spreading Without PermissionCourse Name ps2 Self-Test Questions About Route Selection and Control 2. Which ofthe following statements about policy-based routingare ‘rue? () ‘Ain policy-based routing, the “apply statement can be used to modify the outbound interface, next hop and priority of packet forwarding. B. In policy-based routing, multiple “it match” statements can be defined. Hf multiple next hops or outbound interfaces are specified by using the “apply” statement, load balancing is applied to forwarding. D. Polic-based routing can be configured inthe interface view or system view, depending on the scenario. ‘epyahe0201 Heel eps ovo ALi nsenee, Pe Me ruawer + asco Confidential Information of Huawei. No Spreading Without Permissioncouse Name ps3 Self-Test Questions About Route Selection and Control 2. The intranet ofa company uses a private dass 8 IP address. To prevent the routing information about the intranet from being leaked! ‘othe publicnetwork, a route fitering policy needs to be configured on the outbound router to filter all routes onthe network segment from 172.16.0.0to 172:31.255.255. How to configure the I-Prefx? O ip-prefix Prefixt deny 172.16.0.024 greater equal 12 lessequal 32 ip ip-prefix Profit deny 172,16.0.08 greater-equal 6 less-equal 32 ip ip-prefix Prefict deny 172.16.0.0 16 greater-equal 16 less-equal 32 ‘prefix Preixt deny 172.16.0.0 12 greater-equal 12 less-equal cPhaorninntiningnce usatinaramer — rao SN Huawer Confidential Information of Huawei. No Spreading Without PermissionCourse Name pss © Contents 1. Route Selection and Control Overview 2. Route Selection and Control Tools 3. Route Selection and Control 4, Configuration of Route Selection and Control on NE Serles Routers 5. Hands-on Practice on Route Selection and Control rose SMe ruawer Confidential Information of Huawei. No Spreading Without PermissionRae pss Typical Application Scenario of Route Selection and Contror, opp © 201 aml nee. Md AB seed Pa Me uawer + Description: ‘Route selection and control is widely used on the existing network. is typically applicable to route redistribution and advertisement. JAB) RICA RABIETTAIOH Bewa Ps Configuration Example-Topology Description = + Remarks 1 The MAN egress routers CRs and the BRs on the backbone network are Interconnected in ring mode. 8GP runs on the CRs and BRs to transfer routes between MANs and the backbone network. «ISAS eunson the backbone network to achieve interconnection, © OSPFis enabled on MANS to achieve interconnection 12 The AR is connected to user network 100.*. 12 On BR3, loopback addresses are used to simulate the user networks 200.":** of other MANS. ‘2 The preceding figure shows the detailed planning, the redistribution and advertisement. irectionsof route Hebe AAS) ELA RIOTween Por Configuring a Filter-Policy to Control Route Advertisement(1/6) + On the AR, configure static routes to simulate user See DIBbitai Abe Ifo Ria TOR abolitHie user routes on the AR: conan re tem tondeserce senna — moet) MN uae + Introduction 1» As mentioned above, static routing is often used between the AR anda ‘ser. A user communicates with other users by using a static route. The AR. ‘needs to redistribute routes to users into the IGP running on the MANS for advertisement to the CRs, which further advertise the routes. When ‘redistributing static routes to users an advertising the routes to the CRs, the AR may need to choose only the needed routes from the redistributed or advertised user routes for advertisement to the CRS. This topic describes how to control route advertisement on NE series routers by configuring @ filter-poicy on the AR. Ee BOUT REITER EHCourse Name pe Configuring a Filter-Policy to Control Route Advertisement(2/6) connie ret huniTtnie catia — eat HUAWEL Confidential Information of Huawei. No Spreading Without PermissionCourse Name ps9 Configuring a Filter-Policy to Control Route Advertisement(3/6) + Display the information about the user network routes on ‘Confidential Information of Huawei. No Spreading WithoutCourse Nome Configuring a Filter-Policy to Control Route Advertisement(4/6) + On the AR, configure a route advertisement policy: TaRieci 7000 basic-2000}zule permit course 100.1. (a rae (aRceci-basie-2000]rale permit cource 100.1.1.2 0 I? xpply the iiiter-poticy that the AR advertises on Confidential Information of Huawei. No Spreading Permission Me ruawe: ‘WithoutCourse Name Per Configuring a Filter-Policy to Control Route Advertisement(5/6) + Display the IP routing table information on CR1: 3! Information of Huawel. No Spreading WithouteRe Pez Configuring a Filter-Policy to Control Route Advertisement(6/6) isplay the IP routing table information on CR2: SUEDE PUMg?oT amine te . ngoertniet imines tahun — rout SNP HUAWEL “+ Remarks: 2 Inthis example, when static routes are redistibutedinto OSPF on the AR, a filter policy can also be configured to control the route redistribution to achieve the same purpose. «©. The reference configuration command is as follows lst the complete configuration command) 2 (AR-ospf-tlimport-route static route-policy *** SERIA MAL REET ITweet Pass Configuring a Route-Policy to Control the AS-Path Attribute for Influencing Route Advertisement(1/7) + On RY and CR, redistribute routes into BGP: fenacbpplocteoch 1ap.iisd 266.258.258.255, (eracbgp)neewors 100.3112 295.2380285.255, ‘+ Display the information on the user routes that ORT rece rom CRY and opi © 201 tamales Cv se Atoms Pa BE rvawe: + Introduction 1 Alter receiving user routes advertised by the AR, the CRs further advertise the routes to the backbone network. During this process, due the requirement on trafic distribution on egress links, route policies ae often configured when the CRs advertise routes to the backbone network to control the route advertisement. This allows proper distribution of inbound data traffic on egress links. This topic describes how to control route advertisement on NE series routers by configuring route;plicy on the Re. ‘= When CR1 and CR2 advertise user routes to the backbone network, itis resuited that the traffic that enters the MAN from the backbone network and is destined for user 100.1.1.1 takes the active path BR1 > CR1 > AR and standby path 82 > CR2> AR; it is required thatthe traffic bound for user 100.1.4.2 take the active path BR2 > CR2> AR and standby path BRT > CRI >AR, Ho BORAMUAR RUST -RABUETT AIRE teCourse Name Psa Configuring a Route-Policy to Control the AS-Path Attribute for Influencing Route Advertisement(2/7) + Display the information on the user outs that ORZ receive fom CRY and +The BGP routing tale nformaton on BR and BAZ shows thatthe net hops ofthe best routes to the user network onthe MAN are respectively the interface thet diet interconnects CRY al BR and the interface rectly Interconnects CR2 and BR In ths way, the efi ound for ater re nh en tena. Confidential information of Huawei. No Spreading Without PermissionCourse Name Pos: Configuring a Route-Policy to Control the AS-Path Attribute for Influencing Route Advertisement(3/7) + Configure route policies on CRI: et wine 200 i Be Hvawer Confidential Information of Huawei. No Spreading Without PermissionCourse Name P66 Configuring a Route-Policy to Control the AS-Path Attribute for Influencing Route Advertisement(4/7) Configure route policies on CR2: copier nondigmceamnipanaenes —roie —_-MP HUAWE! Confidential Information of Huawei. No Spreading Without PermissionCourse Name Por Configuring a Route-Policy to Control the AS-Path Attribute for Influencing Route Advertisement(5/7) + Display the BGP routing table information on BR1 and __ cortez ian dniigmcnaannpament, — monet SMe HUANG Confidential Information of Huawei. No Spreading Without PermissionCourse Name Pos Configuring a Route-Policy to Control the AS-Path Attribute for Influencing Route Advertisement(6/7) + Therouting table information on BR1 and OR2 shows that ater route policies are configured on CRt and CR2 to change the AS-Path attribute ofthe BGP routes, ORT and BR2 prefer the routes with shorter AS-Path sts. When all the inks work properly the trafic {rom the backbone network and bound for ure 100.1.1.1 taker the path BRI > CRI > AR and the traffic fom the backbone network and bound for user 100.1.1.2 takes the path BR2 > CR2> AR. + Shut down the ink between BRY and CR to simulate a ink fut: [Temi tieenet0/070TeRtaave = engi 0201 ma tg Cad Magee Paget Me rwawer Confidential Information of Huawel. No Spreading Without Permissionmee Po Configuring a Route-Policy to Control the AS-Path Attribute for Influencing Route Advertisement(7/7) Display the BGP routing table information on BR1 and + Notes: ‘2 The BGP routing table information on BR1 and BR2 shows that after the link between BRI and CRI becomes faulty all the traffic ls forwarded by Using the fink betwveen BR2 and CR2. After the link between BR2 and CR2 {shut down to simulate link fault, all the traffic is forwarded by using the link betwoon BR1 and CRI, 1 In summary, route policies can be configured on CRY and CR2 to effectively control the advertisement of the user routes on MANS to the backbone ‘network. This allows the traffic that enters MANS from the backbone to be properly distributed on the MAN ingress links SRERARAR MOA REITERaEEm P70 Configuring a Route-Policy to Control the Community Attribute for Influencing Route Advertisement(1/5) + On BRS, redistribute the simulated user routes into BGP: ERS Ge wees + On CRI, splay the information about the BGP routes to the user segment on BRS: api 201 Heal ees Co AD rene Fae Pe Huawer + Introduction: Route polices are often used to control the route advertisement from a [MAN to the backbone network, During the route advertisement from the backbone network to a MAN route policies may alz be used to properly distribute the traffic entering the backbone network on different inks. This topic describes how to control route advertisement on NE series routers by setting the community attribute on BRS. + Notes: «© Inthe topology as shown inthe preceding figure, it is required that the ‘affic fom the MAN and bound for the simulated user network segment 200.1.1.1 on BRS is forwarded by using the link between CR1 and BR1 as the egress link and the traffic bound for 200.1.1.2is forwarded by using the link between CR2 and BR2 as the egress link. EaRAAIRAR LTE ABHCourse Name pn Configuring a Route-Policy to Control the Community Attribute for Influencing Route Advertisement(2/5) 1+ On CRI and CR2- dap the information about the BGP routes to the ‘+ The BGP routlng table information on CRT and CR2 shows thatthe next hops ofthe best routes tothe user networks on the backbone network are respectively the intrfaco that directly interconnects BRY ‘and CR andthe Interface directly interconnects BR2 and CR In thie ‘way, the tatfic hound for diferent user netorks fll to be Aributed on diferent nk. A Confidential Information of Huawei. No Spreading Without PermissionCourse Name pr. Configuring a Route-Policy to Control the Community Attribute for Influencing Route Advertisement(3/5) Congr ote polls on BFS: Confidential Information of Huawei. No Spreading Without PermissionBeen pas Configuring a Route-Policy to Control the Community Attribute for Influencing Route Advertisement(4/5) ‘+ Digpay the infomation about the BGP backbone network use oUNes advertised from BR! to CR1 and thoce advertised from BR2 to CR2. coygtesntnnntehniniecr umn ron iprtuawer Notes: ‘+ The information about the user network routes advertised from BR1 to (CRI and those advertised from BR2 to CR2 shows that the community attribute route policy configured on BRS has taken effect. Of the two user routes advertised from BR3 to BR1 and BR2, the community attribute of the route 200.1.1.2 received by BR1 is no-advertise and the community attribute ofthe route 200.1.1.1 received by BR? Is noradvertse. Therefore, [BR1 does not advertise route 200.1.1.2 0 any other neighbor and BR2 does not advertise route 200.1.1.1 to any neighbor. SBORATRAE) REA RERTRIGH BLCourse Name Configuring a Route-Policy to Control the Community Attribute for Influencing Route Advertisement(5/5) cece a andere nt Pies Confidential information of Huawei. No Spreading Without Permissioncourse Name Pas © Contents 1. Route Selection and Control Overview 2. Route Selection and Control Tools, 3. Route Selection and Control 4. Configuration of Route Selection and Control on NE Series Routers 5. Hands-on Practice on Route Selection and Control ont © 2041 nme tg ghd, Pa Me rwawer Confidential Information of Huawei. No Spreading Without PermissionCourse Name P76 Hands-on Practice-Topology Description ovo rn tame imine atghanaenet — mae NP HUAI Confidential Information of Huawei. No Spreading Without PermissionCourse Name pa Hands-on Tasks Task Description pvn0 2011 hon Tees oy AKA gene gar Be waiver Confidential information of Huawei. No Spreading Without PermissionCourse Name P78 @ Summary 1. Route Selection and Control Overview 2. Route Selection and Control Tools. 3. Route Selection and Control 4. Configuration of Route Selection and Control on NE Series Routers conte im nmignctstignmet rom panne Confidential Information of Huawei. No Spreading Without PermissionCourse Name P79 Thank you www huawel.com Confidential Information of Huawei. No Spreading Without Permission