ZXR10 1800/2800/3800 Router

User’s Manual
(Volume II)

Version 2.6

ZTE CORPORATION
ZTE Plaza, Keji Road South,
Hi-Tech Industrial Park,
Nanshan District, Shenzhen,
P. R. China
518057
Tel: (86) 755 26771900 800-9830-9830
Fax: (86) 755 26772236
URL: http://support.zte.com.cn
E-mail: [email protected]
LEGAL INFORMATION

Copyright © 2006 ZTE CORPORATION.

The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.

All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.

This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.

ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.

The contents of this document and all policies of ZTE CORPORATION, including without limitation policies related to
support or training are subject to change without notice.

Revision History

Date Revision No. Serial No. Reason for Revision

11/06/2006 R1.0 sjzl20061885 First edition
ZTE CORPORATION
Values Your Comments & Suggestions!
Your opinion is of great value and will help us improve the quality of our product
documentation and offer better services to our customers.
Please fax to: (86) 755-26772236; or mail to Documentation R&D Department,
ZTE CORPORATION, ZTE Plaza, A Wing, Keji Road South, Hi-Tech Industrial Park,
Shenzhen, P. R. China 518057.
Thank you for your cooperation!

Document
ZXR10 1800/2800/3800 Router User's Manual (Volume II)
Name
Document Revision
Product Version V2.6 R1.0
Number
Equipment Installation Date

Presentation:
(Introductions, Procedures, Illustrations, Completeness, Level of Detail, Organization,
Appearance)
… Good … Fair … Average … Poor … Bad … N/A

Your evaluation Accessibility:

of this
(Contents, Index, Headings, Numbering, Glossary)
documentation
… Good … Fair … Average … Poor … Bad … N/A

Intelligibility:
(Language, Vocabulary, Readability & Clarity, Technical Accuracy, Content)
… Good … Fair … Average … Poor … Bad … N/A

Please check the suggestions which you feel can improve this documentation:
… Improve the overview/introduction … Make it more concise/brief
… Improve the Contents … Add more step-by-step procedures/tutorials
… Improve the organization … Add more troubleshooting information
… Include more figures … Make it less technical
Your … Add more examples … Add more/better quick reference aids
suggestions for … Add more detail … Improve the index
improvement of
this … Other suggestions
documentation __________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
# Please feel free to write any comments on an attached sheet.

If you wish to be contacted regarding your comments, please complete the following:
Name Company
Postcode Address
Telephone E-mail
This page is intentionally blank.
Contents

About this Manual ............................................................. i

Purpose ................................................................................ i
Intended Audience ................................................................. i
Prerequisite Skill and Knowledge .............................................. i
What is in This Manual ............................................................ i
Related Documentation.......................................................... ii
Conventions ........................................................................ iii
How to Get in Touch............................................................. iv

Chapter 1.......................................................................... 1

Configuration Methods .................................................... 1

Configuring Serial Port Connection........................................... 2
Configuring Telnet Connection ................................................ 4

Chapter 2.......................................................................... 7

Configuring Traffic Engineering....................................... 7

Overview ............................................................................. 7

MPLS traffic engineering: ................................................ 8

MPLS Engineering Working ..................................................... 8
MPLS Basic Configuration ....................................................... 9
MPLS TE Maintenance & Diagnosis ......................................... 12
MPLS TE Example ............................................................... 14

Chapter 3........................................................................ 17

Configuring IPv6 Addresses .......................................... 17

IPv6 Address Overview ........................................................ 17
Address Classification .......................................................... 20
Address Expression Way ...................................................... 28
IPv6 Address Auto Configuration Technology........................... 30
Basic IPv6 Configuration ...................................................... 32
IPv6 Address Maintenance and Diagnosis ............................... 33
 IPv6 Address Example .........................................................33

Chapter 4........................................................................ 35

Configuring NDP............................................................. 35
Overview ...........................................................................35
NDP Basic Configuration .......................................................38
NDP Maintenance & Diagnosis ............................................... 41
NDP Configuration Example ..................................................42

Chapter 5........................................................................ 43

Other IPv6 Configurations............................................. 43

IPv6 Static Route Configuration .............................................43
Other Configuration Commands............................................. 45
Other Diagnosis and Maintenance Commands.......................... 46
Configuration Example .........................................................49

Chapter 6........................................................................ 51

Configuring IPv6 Tunnel................................................ 51

Overview ...........................................................................51
Tunnel Technology .............................................................. 52
IPv6/IPv4 Dual Stack Technology ..........................................54
Network Address Translator Technology.................................. 54
Basic IPv6 Tunnel Configuration ............................................55
IPv6 Tunnel Maintenance and Diagnosis ................................. 56
IPv6 Tunnel Configuration Example........................................ 57

Chapter 7........................................................................ 59

Configuring NAT-PT ....................................................... 59

Overview ...........................................................................59
NAT-PT Basic Configuration...................................................60
NAT-PT Maintenance and Diagnosis........................................62
NAT-PT Configuration Example .............................................. 63

Chapter 8........................................................................ 65

Configuring RIPng ......................................................... 65

Overview ...........................................................................65
Basic RIPng Configuration.....................................................67
RIPng Maintenance and Diagnosis..........................................69
RIPng Configuration Example ................................................ 70
Chapter 9........................................................................ 71

Configuring OSPFv3....................................................... 71
Overview ........................................................................... 71
LSA Types.......................................................................... 74
OSPFv3 Configuration .......................................................... 75
Configuring Interface Attribute.............................................. 76
Configuring Protocol Attribute ............................................... 78
OSPFv3 Maintenance and Diagnosis ....................................... 81
OSPFv3 Configuration Example ............................................. 86

Chapter 10...................................................................... 87

Configuring IS-IS........................................................... 87
Overview ........................................................................... 87
IS-ISv6 Configuration.......................................................... 88
Global Parameter Configuration............................................. 89
Interface Parameter Configuration ......................................... 94
IS-ISv6 Maintenance and Diagnosis....................................... 97
IS-ISv6 Configuration Example ............................................. 98
Multi-Area IS-ISv6 Configuration......................................... 100

Chapter 11.................................................................... 105

Configuring BGP4......................................................... 105

Overview ......................................................................... 105
BGP4 Configuration ........................................................... 106
BGP Route Advertisement .................................................. 109
BGP Aggregation Advertisement.......................................... 110
Configuring Multihop in EBGP.............................................. 111
BGP Router Reflector ......................................................... 112
BGP Confederation ............................................................ 114
BGP Routing Mode Configuration ......................................... 117
IPv6 Address Family Configuration Mode .............................. 122
BGP Maintenance and Diagnosis .......................................... 125
BGP Configuration Example ................................................ 127

Chapter 12.................................................................... 129

Configuring Multicast Routing ..................................... 129

Overview ......................................................................... 130
Multicast Tree................................................................... 131
 Multicast Routing Protocol................................................... 132
Multicast Common Configurations ........................................ 134
Configuring IGMP .............................................................. 135
Configuring IGMP Timer ..................................................... 137
Configuring PIM-SM ........................................................... 139
Setting PIM-SM Global Parameters....................................... 142
PIM SM Policy Control ........................................................ 144
Configuring MSDP.............................................................. 146
MSDP Extended Configuration ............................................. 147
MSDP Policy Configuration .................................................. 148
Clearing the MSDP Status ................................................... 150
Static Multicast Configuration .............................................. 151
Multicast Maintenance and Diagnosis.................................... 151
IGMP Maintenance and Diagnosis......................................... 153
PIM-SM Maintenance and Diagnosis ..................................... 154
MSDP Maintenance and Diagnosis ........................................ 158
Static Multicast Maintenance and Diagnosis ........................... 161
Multicast Configuration Example .......................................... 161

Chapter 13....................................................................167

Configuring ACL ...........................................................167

Overview ......................................................................... 167
ACL Configuration ............................................................. 168
ACL Application ................................................................. 170
ACL Log Function .............................................................. 171
Precautions on ACL............................................................ 172
ACL Maintenance and Diagnosis........................................... 173
ACL Configuration Example ................................................. 174

Chapter 14....................................................................177

Configuring NAT...........................................................177
Overview ......................................................................... 177
NAT Configuration ............................................................. 179
NAT Maintenance and Diagnosis .......................................... 182
NAT Configuration Example................................................. 184
Distributed Address Translation ........................................... 186
Processing Network with Repeated Address Range by Means of
NAT................................................................................. 188

Chapter 15....................................................................191
Configuring URPF.........................................................191
Overview ......................................................................... 191
Basic URPF Configuration ................................................... 193
URPF Maintenance and Diagnosis ........................................ 193
URPF Configuration Example............................................... 195

Chapter 16.................................................................... 197

Configuring DHCP ........................................................ 197

Overview ......................................................................... 197
DHCP Server Configuration................................................. 198
DHCP Relay Configuration .................................................. 200
DHCP Configuration Example .............................................. 203

Chapter 17.................................................................... 207

Configuring VRRP......................................................... 207

Overview ......................................................................... 207
Basic VRRP Configuration ................................................... 208
VRRP Maintenance and Diagnosis ........................................ 210
VRRP Configuration Example .............................................. 211

Chapter 18.................................................................... 215

Configuring Load Sharing ............................................215

Overview ......................................................................... 215
Basic Load Sharing Configuration ........................................ 215
Load Sharing Example ....................................................... 217
Default Route Load Sharing Example ................................... 223
Dynamic Load Sharing Example .......................................... 230

Chapter 19.................................................................... 233

Configuring QoS ........................................................... 233

Overview ......................................................................... 233
Congestion Avoidance........................................................ 237
CAR Configuration............................................................. 238
PQ Configuration............................................................... 239
CQ Configuration .............................................................. 243
WRED Configuration .......................................................... 245
QoS Maintenance and Diagnosis.......................................... 246
QoS Configuration Example ................................................ 248
Chapter 20....................................................................251

Configuring GRE ...........................................................251

Introduction ..................................................................... 251
GRE Overview................................................................... 253
Configuring GRE................................................................ 254
GRE Maintenance and Diagnosis .......................................... 256
GRE Configuration Example ................................................ 256

Chapter 21....................................................................259

Configuring AUX...........................................................259
Overview ......................................................................... 259
Basic AUX Configuration ..................................................... 260
AUX Configuration Example ................................................ 261

Chapter 22....................................................................263

Configuring Network Management .............................263

NTP................................................................................. 263
Configuring NTP ................................................................ 263
NTP Configuration Example................................................. 265
RADIUS ........................................................................... 265
Radius Configuration.......................................................... 266
RADIUS Configuration Example ........................................... 266
SNMP .............................................................................. 267
SNMP Configuration ........................................................... 267
SNMP Configuration Example .............................................. 271
RMON.............................................................................. 271
RMON Configuration .......................................................... 272
RMON Configuration Example.............................................. 273
SysLog ............................................................................ 275
Syslog Configuration.......................................................... 275
Syslog Example ................................................................ 278
LFAP................................................................................ 279
LFAP Configuration ............................................................ 280
LFAP Configuration Example ............................................... 284

Abbreviations ...............................................................285

Index ............................................................................289

Figures..........................................................................293
Tables ........................................................................... 295
This page is intentionally blank.
About this Manual

Purpose
This Manual provides procedures and guidelines that support the
user operation on the ZXR10 1800/2800/3800 Router.

Intended Audience
This document is intended for engineers and technicians who
perform operation activities on ZXR10 1800/2800/3800 Router.

Prerequisite Skill and Knowledge

To use this document effectively, users should have a general
understanding of OSI Model; Familiarity with the following is
helpful:
„ Protocols
„ Routing concepts, Data Communication Terminologies

What is in This Manual

This Manual contains the following chapters:

TABLE 1 CHAPTER SUMM ARY

Chapter Summary
Configuration Methods Configuration methods for accessing
ZXR10 1800/2800/3800 Router CLI
Configuring Traffic Basic concepts of layer-3 MPLS TE and
Engineering relevant configurations
Configuring IPv6 IPv6 Address configuraitons
Addresses
Configuring NDP Network Discovery protocol
configurations

Confidential and Proprietary Information of ZTE CORPORATION i

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Chapter Summary
Other IPv6 Configurations Relevant configurations of IPv6
Configuring IPv6 Tunnel IPv6 transition technology and tunnels
Configuring NAT-PT Describes the NAT-PT technology and
its relevant configurations
Configuring RIPng RIPng protocol and its relevant
configurations
Configuring OSPFv3 OSPFv3 protocol and its relevant
configurations
Configuring IS-IS IS-IS protocol and its relevant
configurations
Configuring BGP4+ Border gateway protocol and its
relevant configurations
Configuring Multicast Multicast routing and its relevant
Routing configurations
Configuring ACL Access control list and its relevant
configurations
Configuring NAT Network address translation and its
relevant configurations
Configuring URPF Unicast Reverse Path Forwarding
(URPF) and its relevant configurations
Configuring DHCP Dynamic Host Configuration Protocol
(DHCP) and its relevant configurations
Configuring VRRP Virtual router redundancy protocol and
its relevant configurations
Configuring Load sharing Load sharing and its relevant
configuration
Configuring QoS Quality of Services and its relevant
configurations
Configuring GRE Describes several common VPN
technologies and General Route
Encapsulation (GRE) technology with its
detailed configurations
Configuring AUX Introduces AUX and its relevant
configurations
Configuring Network Introduces AUX NTP, RADIUS, SNMP,
Management RMON, SysLog and LFAP network
management protocol and its relevant
configurations

Related Documentation
The following documentation is related to this manual:
„ ZXR10 1800/2800/3800 Router User’s manual volume (I)
„ ZXR10 1800/2800/3800 Router Command Manual

ii Confidential and Proprietary Information of ZTE CORPORATION

 About this Manual

Conventions
Typographical ZTE documents employ the following typographical conventions.
Conventions
TABLE 2 TYPOGRAPHICAL CONVENTIONS

Typeface Meaning
Italics References to other Manuals and documents.
“Quotes” Links on screens.
Bold Menus, menu options, function names, input
fields, radio button names, check boxes, drop-
down lists, dialog box names, window names.
CAPS Keys on the keyboard and buttons on screens and
company name.
Constant width Text that you type, program code, files and
directory names, and function names.
[] Optional parameters.
{} Mandatory parameters.
| Select one of the parameters that are delimited
by it.
Note: Provides additional information about a
certain topic.
Checkpoint: Indicates that a particular step needs
to be checked before proceeding further.
Tip: Indicates a suggestion or hint to make things
easier or more productive for the reader.

Mouse TABLE 3 MOUSE OPERATION CONVENTIONS

Operation
Conventions Typeface Meaning
Click Refers to clicking the primary mouse button (usually
the left mouse button) once.
Double-click Refers to quickly clicking the primary mouse button
(usually the left mouse button) twice.
Right-click Refers to clicking the secondary mouse button
(usually the right mouse button) once.
Drag Refers to pressing and holding a mouse button and
moving the mouse.

Confidential and Proprietary Information of ZTE CORPORATION iii

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

How to Get in Touch

The following sections provide information on how to obtain
support for the documentation and the software.
Customer If you have problems, questions, comments, or suggestions
Support regarding your product, contact us by e-mail at
[email protected]. You can also call our customer support
center at (86) 755 26771900 and (86) 800-9830-9830.
Documentation ZTE welcomes your comments and suggestions on the quality
Support and usefulness of this document. For further questions,
comments, or suggestions on the documentation, you can
contact us by e-mail at [email protected]; or you can fax your
comments and suggestions to (86) 755 26772236. You can also
browse our website at http://support.zte.com.cn, which contains
various interesting subjects like documentation, knowledge base,
forum and service request.

iv Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 1

Configuration Methods

Introduction This chapter introduces configuration methods for accessing

ZXR10 1800/2800/3800 Router CLI.
Contents This chapter covers following topics.

TABLE 4 TOPICS IN CHAPTER 1

Topic Page No

Configuring Serial Port Connection 2

END OF STEPS. 4

Configuring Telnet Connection

Introduction To provide users with maximum operation flexibility, ZXR10

1800 provides multiple configuration methods. A user can select
suitable configuration methods according to connected network.
Configuration methods are described as follows:
„ Configuration through COM port: This is main method to
configure a router.
„ Configuration in Telnet: Through this method, Router can be
configured from any part of network
„ Configuration through NM workstation: This method needs
corresponding NM software supporting SNMP protocol.
„ Downloading router configuration files through TFTP/FTP
Server
„ Configuration on management network interface through
host in Telnet

Confidential and Proprietary Information of ZTE CORPORATION 1

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

FIGURE 1 ZXR10 1800/2800/3800 CONFIGURATION METHODS

TFTP/FTP Server
Telnet Host SNMP NMS

COM Port
ZXR10
HyperTerminal

Configuring Serial Port Connection

Purpose Refer to below procedure for serial port configuration on ZTE
ZXR 1800 router.
Prerequisite There must have an access to Command Line Interface (CLI).
CLI is a text-based interface that can be accessed through a
direct serial connection to device and through telnet connections.
For serial connection, there must be a DB-9 serial cable
connected between Computer System and Router.
Steps In these steps, CLI accessibility occurs through Hyper Terminal
emulation software present in Windows Operating System
1. Click>Start>Programs>Accessories> Communications
> HyperTerminal.
2. Click> HyperTerminal, Type ZTE as connection name,
Click> OK button as shown in Figure 2.
Result: Connect To Window appears.

2 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 1 Configuration Methods

FIGURE 2 CONNECTION WINDOW

3. Select Com port, which are using for connection with router,
Click > OK button as shown in Figure 3.
Result: Com Properties Window appears.
Important! Be sure that Com port is rightly selected.

FIGURE 3 CONNECT TO WINDOW

4. Click > Restore Defaults, select Bits per Second > 9600,
select Data bits>8, select Parity > None, select Stop
bits>1, select Flow control > none, select Click > OK,
then Press> Enter button as shown in Figure 4.

Confidential and Proprietary Information of ZTE CORPORATION 3

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Result: CLI appears.

Important! These options can be manually selected or by
dropping down the radio buttons.

FIGURE 4 COM PROPERTIES WINDOW

END OF STEPS.

Configuring Telnet Connection

Purpose Refer to below procedure which delivers information about how
to configure telnet connection on ZXR10 1800/2800/3800 Router.
Prerequisite For telnet connection, there must be an ip address configured on
any interface of router.

Steps 1. Enter into command prompt and type telnet <ip address> of
router interface

Result: A CLI window appears as shown in below figure.

4 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 1 Configuration Methods

FIGURE 5 CLI WINDOW

2. Enter username and password of router to access router CLI

as shown in Figure 6.

Result: a > sign appears.

FIGURE 6 EXPRESSION CLI WINDOW

3. Write enable command, if there is password to access the

router privileged mode, then write password as shown in
Figure 7.

Result: a # sign appears which shows enabled mode or

privileged mode.

Confidential and Proprietary Information of ZTE CORPORATION 5

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

FIGURE 7 ENABLED MODE CLI WINDOW

4. To prevent an unauthorized access to router in Telnet mode,

user name and password for Telnet access must be
configured on router. To log on to router, the configured user
name and password must be input. Use the following
command to configure the user name and password for
remote login as shown in Table 5.

TABLE 5 USERNAME COMMAND

Command Command Command Function

Format Mode

username Global
<username> Configures user name and
password password for Telnet login
<password>

Result: This prevent an unauthorized access to router in

Telnet mode.
END OF STEPS.

6 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 2

Configuring Traffic
Engineering

Introduction This chapter gives the basic concepts of layer-3 MPLS TE and the
relevant configuration on the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 6 TOPICS IN CHAPTER 2

Topic Page No

7
Overview
MPLS Engineering Working 8

MPLS Basic Configuration 9

END OF STEPS. 12

MPLS TE Maintenance & Diagnosis

END OF STEPS. 13

MPLS TE Example

Overview
Multiprotocol Label Switching (MPLS) traffic engineering software
enables an MPLS backbone to replicate and expand upon the
traffic engineering capabilities of Layer 2 ATM and Frame Relay
networks.
Traffic engineering is essential for service provider and Internet
service provider (ISP) backbones. Such backbones must support

Confidential and Proprietary Information of ZTE CORPORATION 7

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

a high use of transmission capacity, and the networks must be

very resilient, so that they can withstand link or node failures.
MPLS traffic engineering provides an integrated approach to
traffic engineering. With MPLS, traffic engineering capabilities
are integrated into Layer 3, which optimizes the routing of IP
traffic, given the constraints imposed by backbone capacity and
topology.
MPLS traffic engineering:
„ Enhances standard IGPs, such as IS-IS or OSPF, to
automatically map packets onto the appropriate traffic flows.
„ Transports traffic flows across a network using MPLS
forwarding.
„ Determines the routes for traffic flows across a network
based on the resources the traffic flow requires and the
resources available in the network.
„ Employs "constraint-based routing," in which the path for a
traffic flow is the shortest path that meets the resource
requirements (constraints) of the traffic flow. In MPLS traffic
engineering, the traffic flow has bandwidth requirements,
media requirements, a priority versus other flows, and so on.
„ Recovers to link or node failures that change the topology of
the backbone by adapting to a new set of constraints.
The IETF has the following RFCs related to the MPLS TE:
„ RFC3209: RSVP-TE: Extensions to RSVP for LSP Tunnels
„ RFC3630: Traffic Engineering (TE) Extensions to OSPF
Version 2

MPLS Engineering Working

MPLS is an integration of Layer 2 and Layer 3 technologies. By
making traditional Layer 2 features available to Layer 3, MPLS
enables traffic engineering. Thus, you can offer in a one-tier
network what now can be achieved only by overlaying a Layer 3
network on a Layer 2 network.
MPLS traffic engineering automatically establishes and maintains
the tunnel across the backbone, using RSVP. The path used by a
given tunnel at any point in time is determined based on the
tunnel resource requirements and network resources, such as
bandwidth.
Available resources are flooded via extensions to a link-state
based Interior Protocol Gateway (IPG).
Tunnel paths are calculated at the tunnel head based on a fit
between required and available resources (constraint-based
routing). The IGP automatically routes the traffic into these
tunnels. Typically, a packet crossing the MPLS traffic engineering

8 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 2 Configuring Traffic Engineering

backbone travels on a single tunnel that connects the ingress

point to the egress point.
MPLS traffic engineering is built on the following IOS
mechanisms:
„ Label-switched path (LSP) tunnels, which are signalled
through RSVP, with traffic engineering extensions. LSP
tunnels are represented as IOS tunnel interfaces, have a
configured destination, and are unidirectional.
„ A link-state IGP (such as IS-IS) with extensions for the
global flooding of resource information, and extensions for
the automatic routing of traffic onto LSP tunnels as
appropriate.
„ An MPLS traffic engineering path calculation module that
determines paths to use for LSP tunnels.
„ An MPLS traffic engineering link management module that
does link admission and bookkeeping of the resource
information to be flooded.
„ Label switching forwarding, which provides routers with a
Layer 2-like ability to direct traffic across multiple hops as
directed by the resource-based routing algorithm.
One approach to engineer a backbone is to define a mesh of
tunnels from every ingress device to every egress device. The
IGP, operating at an ingress device, determines which traffic
should go to which egress device, and steers that traffic into the
tunnel from ingress to egress. The MPLS traffic engineering path
calculation and signalling modules determine the path taken by
the LSP tunnel, subject to resource availability and the dynamic
state of the network. For each tunnel, counts of packets and
bytes sent are kept.
Sometimes, a flow is so large that it cannot fit over a single link,
so it cannot be carried by a single tunnel. In this case multiple
tunnels between a given ingress and egress can be configured,
and the flow is load shared among them.

MPLS Basic Configuration

Purpose Below procedure gives information about MPLS basic
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To configure device for enabling MPLS TE signaling use mpls
traffic-eng tunnels in global configuration mode as shown
in Table 7.

Confidential and Proprietary Information of ZTE CORPORATION 9

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 7 MPLS TRAFFIC COMM AND

Command Command Command Function

Format Mode

mpls Global config

traffic-eng This enables MPLS TE
tunnels

Result: This configures MPLS TE signaling.

2. To set interface for support RSVP signaling, use mpls
traffic-eng tunnels in interface configuration mode as
shown in Table 8.

TABLE 8 MPLS TRAFFIC INTERFACE COMMAND

Command Command Command Function

Format Mode

mpls Interface config

traffic- This enables MPLS TE on an
eng interface
tunnels

Result: This configures MPLS TE signaling on an interface.

NOTE: RSVP is supported on 1800 Ethernet and Pos
interfaces.
3. To configure the maximum available bandwidth of traffic
engineering and LSP of an interface, use ip rsvp bandwidth
<max-bandwidth> [<flow-bandwidth>] in interface
configuration mode as shown in Table 9.

TABLE 9 IP-RSVP COMM AND

Command Command Command Function

Format Mode

ip rsvp Interface config

bandwidth
<max- This sets the parameter for
bandwidth> maximum available bandwidth
[<flow-
bandwidth>]

Result: This configures the available bandwidth for traffic

engineering of an interface.
4. To configure the IGP to support TE, following commands are
used:
i. To define the Router of the TE, use mpls traffic-eng
router-id <interface-name> command in OSPF
configuration as shown in Table 10.
ii. To configure TE-enabled areas, use mpls traffic-eng
area <area-id> command in OSPF config mode as shown
in Table 10.

10 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 2 Configuring Traffic Engineering

iii. To enable opaque feature of the OSPF, use command

capability opaque in OSPF config mode as shown in
Table 10.

TABLE 10 IGP TE CONFIG COMM AND

Command Command Command Function

Format Mode

mpls OSPF config

traffic-eng
This sets the router id for TE
router-id
signaling
<interface-
name>
mpls OSPF config
traffic-eng
This sets an area for TE signaling
area
<area-id>
capability OSPF config
This sets the OSPF opaque feature
opaque

Result: This configures an IGP protocol to transmit TE.

5. To configure the tunnel interface for TE, use the following
commands:
i. To enter into tunnel interface mode, use interface
tunnel <1-64> command in global configuration mode
as shown in Table 11.
ii. To set the tunnel mode into mpls, use tunnel mode
mpls traffic-eng command in tunnel interface
configuration mode as shown in Table 11.
iii. To define the IP address of the tunnel destination router,
use tunnel destination {ipv4 | ipv6} <ip-address>
command in Table 11.
iv. To set the bandwidth reserved for tunnel use tunnel
mpls traffic-eng bandwidth <bandwidth> command in
tunnel interface configuration mode as shown in Table 11.
v. To configure ERO in order to obtain dynamic selection or
static configuration of an explicit path, use tunnel mpls
traffic-eng path-option <number> {dynamic | explicit
{name <path-name> | identifier <id>}} in tunnel
interface configuration mode as shown in Table 11.
vi. To record the routes used by tunnel, use tunnel mpls
traffic-eng record-route command in tunnel interface
configuration mode as shown inTable 11.

Confidential and Proprietary Information of ZTE CORPORATION 11

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 11 TUNNEL CONFIG COMM AND

Command Command Function

Command Format Mode

interface Global config This configures tunnel

tunnel<1-64> interface
tunnel mode mpls Tunnel This sets the tunnel for
traffic interface config MPLS TE
tunnel destination Tunnel This sets an ip address for
{ipv4 | ipv6} <ip- interface config the tunnel destination
address> router
tunnel mpls Tunnel
This sets the parameter for
traffic-eng interface config
maximum available
bandwidth
bandwidth
<bandwidth>
tunnel mpls Tunnel
traffic-eng path- interface config
option <number>
This sets an ERO for MPLS
{dynamic | explicit
TE
{name <path-
name> | identifier
<id> }}
tunnel mpls Tunnel
This record the routes used
traffic-eng record- interface config
by tunnel
route
ip explicit- Global config
path{name
<name> | identifier This configures an IP
<identifier>}next- explicit path
address < A.B.C.D>
{ loose | strict }

Result: This configures the tunnel with all the necessary

attributes.
END OF STEPS.

MPLS TE Maintenance & Diagnosis

Purpose Below procedure gives information about MPLS maintenance and
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To check the network connectivity, use command ping <ip
address> in Priviliged mode as shown in Table 12.

12 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 2 Configuring Traffic Engineering

TABLE 12 PING COMM AND

Command Command Command Function

Format Mode

ping <ip Priviliged This verifies the network

addre> connectivity

Result: This verifies the network connectivity.

2. To view MPLS TE enabled nodes interfaces, use show mpls
[<interface_id>] command in Priviliged mode as shown in
Table 13.

TABLE 13 SHOW MPLS TRAFFIC COMM AND

Command Command Command Function

Format Mode

show mpls Priviliged

This display the MPLS TE
interface
enabled interfaces
[<interface_id>]

Result: This display the MPLS TE enabled interfaces.

3. To view MPLS TE information at a node, use show mpls
traffic-eng tunnels summary command in Priviliged mode
as shown in Table 14.

TABLE 14 SHOW MPLS TRAFFIC-ENG COMM AND

Command Command Command Function

Format Mode

show mpls Priviliged

traffic-eng This display the MPLS TE tunnels
tunnels information
summary

Result: This shows the MPLS TE tunnels information.

4. To view MPLS TE information for a specific tunnel at a node,
use show mpls traffic-eng tunnels <tunnel_id>command
in Priviliged mode as shown in Table 15.

TABLE 15 SHOW MPLS TUNNEL COMM AND

Command Command Command Function

Format Mode

show mpls Priviliged

traffic-eng This display the MPLS TE specific
tunnels tunnel information
<tunnel_id>

Result: This shows the MPLS TE specific tunnel information.

END OF STEPS.

Confidential and Proprietary Information of ZTE CORPORATION 13

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

MPLS TE Example
FIGURE 8 MPLS TE EXAMPLE

10.10.12.1/24
10.10.12.2/24 10.10.23.3/24
10.10.23.2/24

fei_1/1 fei_1/2 fei_1/1

R1 R2 R3
fei_1/1

The three routers as shown in above figure assume the following

tasks respectively:

Router Loopback Task Tunnel

R1 100.1.1.1 End Tunnel1, destination address
node 100.1.1.3
R2 100.1.1.2 Middle
node
R3 100.1.1.3 End Tunnel3, destination address
node 100.1.1.1

R1 configuration:

R1(config)#interface fei_1/1
R1(config-if)#ip address 10.10.12.1 255.255.255.0
R1(config-if)#ip rsvp bandwidth 30000 10000
R1(config-if)#mpls traffic-eng tunnels
R1(config-if)#exit
R1(config)#interface loopback1
R1(config-if)#ip address 100.1.1.1
255.255.255.255
R1(config-if)#exit

R1(config)#mpls traffic-eng tunnels

R1(config)#
R1(config)#router ospf 1
R1(config-router)#mpls traffic-eng area 0
R1(config-router)#mpls traffic-eng router-id
loopback1
R1(config-router)#network 100.1.1.1 0.0.0.0 area
0
R1(config-router)#network 10.10.12.1 0.0.0.255
area 0

14 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 2 Configuring Traffic Engineering

R1(config-router)#exit
R1(config)#

R2 configuration:

R2(config)#interface fei_1/1
R2(config-if)#ip address 10.10.12.2 255.255.255.0
R2(config-if)#mpls traffic-eng tunnels
R2(config-if)#ip rsvp bandwidth 30000 10000
R2(config-if)#exit
R2(config)#
R2(config)#interface fei_1/2
R2(config-if)#ip address 10.10.23.2 255.255.255.0
R2(config-if)#mpls traffic-eng tunnels
R2(config-if)#ip rsvp bandwidth 30000 10000
R2(config-if)#exit
R2(config)#
R2(config)#interface loopback1
R2(config-if)#ip address 100.1.1.2
255.255.255.255
R2(config-if)#exit
R2(config)#
R2(config)#mpls traffic-eng tunnels
R2(config)#router ospf 2
R2(config-router)#mpls traffic-eng router-id
loopback1
R2(config-router)#mpls traffic-eng area 0
R2(config-router)#network 10.10.12.0 0.0.0.255
area 0
R2(config-router)#network 100.1.1.2 0.0.0.0 area
0
R2(config-router)#network 10.10.23.0 0.0.0.255
area 0
R2(config-router)#exit
R2(config)#

R3 configuration:

R3(config)#int fei_1/1
R3(config-if)#ip address 10.10.23.3
255.255.255.0
R3(config-if)#mpls traffic-eng tunnels
R3(config-if)#ip rsvp bandwidth 30000 10000
R3(config-if)#mpls traffic-eng tunnels
R3(config-if)#exit

Confidential and Proprietary Information of ZTE CORPORATION 15

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

R3(config)#
R3(config)#interface loopback1
R3(config-if)#ip address 100.1.1.3
255.255.255.255
R3(config-if)#exit
R3(config)#router ospf 3
R3(config-router)#mpls traffic-eng router-id
loopback1
R3(config-router)#mpls traffic-eng area 0
R3(config-router)#network 100.1.1.3 0.0.0.0 area
0
R3(config-router)#network 10.10.23.0 0.0.0.255
area 0
R3(config-router)#exit
R3(config)#

Configure the explicit path Tunnel on R1:

R1(config)#interface tunnel21
R1(config-if)#tunnel mode mpls traffic-eng
R1(config-if)#ip address 1.1.21.1 255.255.255.0
R1(config-if)#tunnel destination ipv4 100.1.1.3
R1(config-if)#tunnel mpls traffic-eng path-option
1 explicit-path identifier 21
R1(config-if)#exit
R1(config)#
R1(config)#ip explicit-path identifier 21 next-
address 100.1.1.2 loose
R1(config)#ip explicit-path identifier 21 next-
address 100.1.1.3 loose
R1(config)#interface tunnel22
R1(config-if)#tunnel mode mpls traffic-eng
R1(config-if)#ip address 1.1.22.1 255.255.255.0
R1(config-if)#tunnel destination ipv4 100.1.1.3
R1(config-if)#tunnel mpls traffic-eng path-option
1 explicit-path identifier 22
R1(config-if)#exit
R1(config)#
R1(config)#ip explicit-path identifier 22 next-
address 10.10.12.2 strict
R1(config)#ip explicit-path identifier 22 next-
address 10.10.23.3 strict

16 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3

Configuring IPv6
Addresses

Introduction This chapter provides the relevant configuration of the IPv6

address on the ZXR10 1800/2800/3800 Router.
Contents This chapter covers following topics.

TABLE 16 TOPICS IN CHAPTER 3

Topic Page No

IPv6 Address Overview 17

Address Classification 20

Address Expression Way 28

IPv6 Address Auto Configuration Technology 30

Basic IPv6 Configuration 32

END OF STEPS. 32

IPv6 Address Maintenance and Diagnosis

END OF STEPS. 33

IPv6 Address Example

IPv6 Address Overview

IP version 6 is a new IP protocol designed to replace IP version 4,
the Internet protocol that is predominantly deployed and
extensively used throughout the world.
The current version of IP has not been substantially changed
since RFC 791; Internet Protocol DARPA Internet Program
Protocol Specification was published in 1981. IPv4 has proven to
be robust, easily implemented, and interoperable, and has stood

Confidential and Proprietary Information of ZTE CORPORATION 17

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

the test of scaling an internetwork to a global utility the size of

the Internet today.
However, the initial design did not anticipate the following
conditions:
„ Recent exponential growth of the Internet and the impending
exhaustion of the IPv4 address space
„ Growth of the Internet and the ability of Internet backbone
routers to maintain large routing tables
„ Need for simpler auto configuration and renumbering
„ Requirement for security at the IP level
„ Need for better support for real-time delivery of data—also
called quality of service (QoS)
NOTE: Features such as IP Security (IPSec) and QoS have been
specified for both versions of IP.
Though the 32-bit address space of IPv4 supports about 4 billion
IP devices, the IPv4 addressing scheme is not optimal, as
described by Christian Huitema in RFC 3194, The Host-Density
Ratio for Address Assignment Efficiency: An Update on the H
Ratio. A good number of the initially allocated class A addresses
are probably still not used, but are not likely to be reclaimed.
The Internet Engineering Task Force (IETF) first recognized the
problem of eventual IPv4 address exhaustion around 1990 and
predicted that we had about ten years to solve this problem.
Interestingly, this prediction was made before the explosive
growth of the Internet and the World Wide Web in the 1990s.
Indeed, it is only very recently that the IP address “crunch” has
become widely acknowledged.
The current IP address space is unable to satisfy the potential
huge increase in the number of users or the geographical needs
of the Internet expansion, let alone the requirements of
emerging applications such as Internetenabled personal digital
assistants (PDAs), home area networks (HANs), Internet-
connected transportations (for example, automobiles),
integrated IP telephony services, IP wireless services, and
distributed gaming. IPv6 is designed to meet these requirements
and allow a return to a global environment where the addressing
rules of the network are again transparent to the applications.
The lifetime of IPv4 has been extended using techniques such as
address reuse with Network Address Translation (NAT), classless
interdomain routing (CIDR), and temporary-use allocations
(Dynamic Host Configuration Protocol [DHCP] and RADIUS/PPP).
Although these techniques appear to increase the address space
and satisfy the traditional server/client setup, they fail to meet
the requirements of the peer-to-peer and server (home)-to
client (Internet) applications. The need for always-on
environments (such as residential Internet through broadband,
cable modem, or Ethernet-to-the-home) to be contactable
precludes these IP address conversion, pooling, and temporary
allocation techniques, and the “plug-and-play” required by

18 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3 Configuring IPv6 Addresses

consumer Internet appliances further increases the address

requirements.
Temporary or semi permanent connections such as dialup or
cable modem/xDSL are being given either temporary IPv4
addresses or private addresses. Millions of the new technology
devices such as wireless phones, PDAs, cars, and home
appliances will not be able to get global IPv4 addresses any
longer. Though we do not expect to ever see the last IPv4
address handed out, it is getting much harder to get IPv4
addresses.
The Ipv6 features a huge address capacity up to 128 bits, which
is described as below:

„ Provides 2128 different Ipv6 addresses, that is, number of

the allocable addresses around the world is
340,282,366,920,938,463,463,374,607,431,768,211,456.
„ Provides 2.2×1020 addresses per cm2 if locates the
addresses based on ground area.
The following are differences between IPv4 and IPv6 in header
format.
Table 17and Table 18is the header format of IPv4 and IPv6
respectively. (Numbers in the tables refer to bit numbers.)

TABLE 17 IPV4 HEADER FORM AT

4– 8 - service 16 - data packet length

4-
header type
version
length
16 – identifier 4– 12 - fragment offset
flag
8 – time to live 8– 16 – header checksum
(TTL) transmission
protocol
32 - source IP address
32 - destination IP address
24 – option 8 - filling

TABLE 18 IPV6 HEADER FORM AT

4- 4– 24 – flow label
version priority
16 – payload length 8 – next 8 – HOP limit
header
128 - source IP address
128 - destination IP address

IPv6 header is simpler than IPv4 header in structure, because

many domains in IPv4 header that are not frequently used are

Confidential and Proprietary Information of ZTE CORPORATION 19

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

deleted from IPv6 header and included in its options, which are
defined more strictly, and header extension.
„ IPv4 contains ten domains with fixed length, two address
spaces and some options, while IPv6 contains only six
domains and two address spaces.
„ Although IPv6 header occupies 40 bytes, which is 1.6 times
longer than IPv4 header with 24-byte, it does not consume
too much memory capacity due to its fixed length (the length
of the IPv4 header is variable).
„ The following six domains are deleted from IPv4 header:
header length, service type, identifier, flag, fragment offset
and header checksum. Names and some functions of the
three domains of total length, protocol type and TTL are
changed, and their optional functions are completely
changed. Apart from this, two domains are added, they are
priority and flow label.
„ IPv6 header format is greatly simplified, which effectively
pares down overhead of processing by a router or switch for
headers. At the same time, IPv6 enhances the support to the
extension header and options, which not only allows more
efficient forwarding, but also provides sufficient supports for
future load of new applications to networks. Each IPv6
packet can have 0, 1 or more extension headers. Each
extension header is determined by the “next header” domain
of the previous header.
The obvious difference between IPv4 and IPv6 rest with length:
IPv4 address length is 32-bit while IPv6 is 128-bit. RFC 2373
describes the presentation modes of such addresses, as well as
various address types and their respective structures.
IPv4 address consists of two to three different parts (network
identifier, node identifier, and sometimes sub-net identifier),
while IPv6 address has much more address space and can
support more fields.

Address Classification
RFC 2373 contains a “map” of IPv6 address space, which
describes how the address space is allocated, the different types
of address allocation, prefixes (bit value in front of address
allocation) and the length of address allocation, which is a part
of the whole address space. Table 19shows allocation of IPv6
address space.

TABLE 19 IPV6 ADDRESS SPACE

Prefix Occupation Rate of

Allocation
Address Space
Reserved 0000 0000 1/256

20 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3 Configuring IPv6 Addresses

Prefix Occupation Rate of

Allocation
Address Space
Unallocated 0000 0001 1/256

Reserved for the 0000 001 1/128

NSAP allocation
Reserved for the 0000 010 1/128
IPX allocation

Unallocated 0000 011 1/128

Unallocated 0000 1 1/32
Unallocated 0001 1/16

Aggregatable global 001 1/8

unicast address [2,3]
Unallocated 010 1/8
Unallocated 011 1/8
Unallocated 100 1/8
Unallocated 101 1/8
Unallocated 110 1/8

Unallocated 1110 1/16

Unallocated 1111 0 1/32
Unallocated 1111 10 1/64
Unallocated 1111 110 1/128
Unallocated 1111 1110 0 1/512

Link local unicast 1111 1110 10 1/1024

address [FE8]
Site local unicast 1111 1110 11 1/1024
address [FEC]
Multicast address 1111 1111 1/256
[FF]

NOTE: The hex number in the [ ] in this table refers to the

starting and ending hex numbers of the corresponding address.

The broadcast address in IPv6 is not valid any more. RFC2373

defines three types of IPv6 address:
„ Unicast: the identifier of a single interface. The packets sent
to a unicast address will be transmitted to the interface with
this address identifier.

Confidential and Proprietary Information of ZTE CORPORATION 21

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

„ Multicast: the identifier of a group of interfaces tethered to

different nodes. The packets sent to a multicast address will
be transmitted to all the interfaces with this address
identifier.
„ Anycast: the identifier of a group of interfaces tethered to
different nodes. The packets sent to an anycast address will
be transmitted to an interface with this address identifier
(selecting the nearest one by calculating the distance based
on routing protocol).
An IPv6 unicast address can be regarded as an entity with two
fields. One field is used to identify networks and the other is
used to identify interfaces of nodes on this network. In the
subsequent description of the specific unicast address types, you
will find that the network identifier can be divided into several
parts, each of which identifies different network part.
Unicast Functions of an IPv6 unicast address are subject to the control of
Address CIDR, which is the same as that of an IPv4 address. That is, an
address is divided into two parts upon a specific boundary. The
high bit part of an address includes prefixes for routing, and the
low bit part includes identifiers of network interfaces.
In the IPv6 addressing system structure, any IPv6 unicast
address requires an interface identifier. An interface identifier is
very similar to the 48-bit media access control (MAC) address.
The MAC addresses are encoded through hardware in a network
interface card. They are burned by the manufacturer into a
network interface card and are globally unique. There are no two
network interface cards with an identical MAC address. Such
addresses can be used to uniquely identify the interfaces at the
network link-layer.
The interface identifier of an IPv6 host address is based on the
IEEE EUI-64 format, which creates a locally and globally unique
64-bit interface identifier based on the existing MAC addresses.
Appendixes attached to the RFC 2373 describe how to create
interface identifiers.
These 64-bit interface identifiers can address one by one
globally and can uniquely identify the interface of each network.
This means that, in theory, there are up to 264 different physical
interfaces and about 1.8 x 1019 different addresses, which,
however, only occupy half of the IPv6 address space. It is at
least enough in the foreseeable future.
Aggregately The IPv6 unicast address can be classified into the following
Global Unicast categories:
Address
This is another kind of aggregation, which is independent of ISP.
The provider-based aggregately addresses should be changed as
a provider changes, while the exchange-based addresses are
directly located by an IPv6 switching entity. The exchange
provides address blocks, and users and providers conclude
contracts for the network access.
Such network access is either directly provided by a provider, or
indirectly provided by an exchange. However, the routing is

22 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3 Configuring IPv6 Addresses

through the exchange. In this way, a user needs not to address

again when it changes a provider. At the same time, users are
allowed to use multiple ISPs to process single-block network
address.
Aggregatable global unicast addresses include all the addresses
of which the three starting bits of their address formats are of
001, which can be used as prefixes for other unallocated
unicasts. Format the addresses into the fields as shown in Table
20.

T AB L E 2 0 AG G R E G AT AB L E GL O B AL U N I C AS T AD D R E S S FI E L D S

3 13 8 24 16 64
FP TLA ID RES NLA ID SIA ID Interface identifier

The table includes the following fields:

„ FP field: This is the 3-bit format prefix in an IPv6 address,
indicating to which address category in the IPv6 address
space this address belongs. Currently, the field is 001,
indicating this is the aggregatable global unicast address.
„ TLA ID field: This is the top-level aggregation identifier,
including the routing information about the addresses at the
highest level. Here, it refers to the information about the
maximum routing in network interconnection. Currently, this
field is 13-bit and can obtain at most 8,192 different top
level routes.
„ RES field: This is an 8-bit field and reserved for future use. It
is likely to be used for extending the top- or next-level
aggregation identifier field.
„ NLA ID field: This is the next-level aggregation identifier with
24-bit. This identifier may be used by some institutions
(including large-size ISPs and other institutions that provide
public network access) to control the top-level aggregation
for address space arrangement.
Such institutions can divide this 24-bit field for use in
accordance with their own addressing hierarchical structures. In
this way, a entity can divide two bits of address space into four
internal top-level routes, and allocate the other 22 bits of
address space to other entities (for example, a small local ISP).
If these entities obtain enough address space, they can
subdivide the obtained space in the same way as mentioned
above.
„ SLA ID field: This is the site aggregation identifier and is
used by some institutions to arrange their internal network
structures. Each institution can create its own internal
hierarchical network structure in the same way as that of
IPv4.

Confidential and Proprietary Information of ZTE CORPORATION 23

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

„ If the 16-bit field is dedicated to the plane address space,

there are at most 65,535 different subnets available. If the
first eight bits are used for the internal advanced routing of
this institution, then there will be 255 advanced subnets
available, and each advanced subnet can have up to 255
sub-subnets.
„ Interface identifier field: This is a 64-bit field, containing 64-
bit values of the IEEE EUI-64 interface identifier.
Special In the first 1/256 IPv6 address space, the first 8 bits 0000 0000
Address & of all the addresses are reserved. Most of the vacant address
Reserved spaces are used for special addresses, including:
Address
„ Undesignated address: This is an all-zero address and is
used if no valid address is available. For example, if a host
does not obtain an IPv6 address upon its initial startup from
the network, it can use this address. That is, it can specify
this address for the source address of the IPv6 packet when
it sends out a request for configuration information. This
address can be expressed as 0:0:0:0:0:0:0:0, or as :: as
mentioned above.
„ Loopback address: In IPv4, the loopback address is defined
as 127.0.0.1. Any packet that sends a loopback address
must be sent to a network interface through protocol stack,
instead of being sent to the network link. The network
interface itself should accept these packets in the same way
as it receives packets from external nodes, and transmits
them back to the protocol stack.
„ The loopback function is used for software test and
configuration. Except the lowest bit, all the other bits of an
IPv6 loopback address are 0, that is, a loopback address can
be expressed as 0:0:0:0:0:0:0:1 or ::1.
„ IPv6 address embedded with IPv4 address: In the RFC 2373,
IPv6 provides two kinds of addresses. One is the IPv4-
compatible address, which allows the IPv6 node access not
supporting the IPv4 nodes of the IPv6. The other is the IPv4-
image address, which allows the IPv6 router to transmit IPv6
packets over the IPv4 network in the tunnel mode, where the
nodes understand both IPv4 and IPv6.
The high-order 80 bits of these two kinds of addresses are all set
to zeros, and the low-order 32 bits contain the IPv4 address. If
the middle 16 bits of an address are set to FFFF, it indicates that
this address is the IPv6 address of the IPv4 image. Table
21shows the address structures of these two kinds of addresses.

TABLE 21 STRUCTURE OF THE IPV6 ADDRESS EMBEDDED WITH IPV4

ADDRESS

IPv4 Compatible Address

80 16 32
0000………………………………………………0000 0000 IPv4
address

24 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3 Configuring IPv6 Addresses

IPv4 Compatible Address

IPv4 image address
80 16 32
0000………………………………………………0000 FFFF IPv4
address

Link Local Using the network Model 10 address to translate IPv4 network
Address & addresses provides an option for the institutions that do not
Site-Local want to apply for globally unique IPv4 network addresses.
Address
A router that resides outside of an institution but used by the
institution shall not forward these addresses. It can neither
prevent these addresses from being forwarded, nor distinguish
these addresses from other valid IPv4 addresses. It is
comparatively easier to make configurations for a router to
enable it to forward these addresses.
To realize this function, IPv6 allocates two different address
segments from the globally unique Internet space. Table 22is
originated from RFC 2373, indicating the structures of link-local
and site-local addresses.

TABLE 22 STRUCTURES OF LINK-LOCAL ADDRESS AND SITE-OCAL ADDRESS

Link-local Address
10 54 64
1111111010 0 Interface identifier
Site-local address
10 38 16 64
1111111011 0 Submet Interface identifier
identifier

Link-local addresses are used in single network link for host

numbering. The address identified by the first ten bits of the
prefix is the link-local address. Routers do not process the
packets with link-local addresses at their source end and
destination end because they will never forward these packets.
The middle 54 bits of this address are set to zero, its 64-bit
interface identifier is in the same IEEE structure as mentioned in
the foregoing paragraphs, and the part of this address space
allows some networks to connect up to 264-1 hosts.
Link-local addresses are used for the single network link, and
site-local addresses are used for sites. It means that site-local
addresses can be used to transmit data in the inter-connected
networks but cannot be directly routed to the global Internet
from a site.
Routers within a site can only forward packets within the site
instead of forwarding them outside of the site. The 10-bit prefix

Confidential and Proprietary Information of ZTE CORPORATION 25

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

of a site-local address is immediately followed by a succession of

zeros, which is slightly different from that of a link-local address.
The subnet identifier of a site-local address is 16-bit, and its
interface identifier is still the 64-bit IEEE-based address.
OSI network service access point (NSAP) address and network
internet packet exchange (IPX) address
One of the IPv6 objects is to unify the whole network world for
interoperation between networks of IP, IPX and OSI. To support
this interoperability, IPv6 reserves 1/128 address space for OSI
and IPX respectively.
At present, the IPX addresses have not been precisely defined.
Refer to RFC 1888 (OSI NSAP and IPv6) for description of the
NSAP address allocation.
Multicast The format of the IPv6 multicast address is different from that of
Address the IPv6 unicast address. Multicast addresses can only be used
as destination addresses. No packet uses a multicast address as
the source address. Table 23shows the format of a multicast
address.

TABLE 23 MULTICAST ADDRESS FORM AT

8 4 4 112
11111111 Flag Range Group identifier

The first byte of the address format is set to full-one, identifying

it as a multicast address. The multicast address occupies the
entire 1/256 of the IPv6 address space. The other parts except
the first byte of the multicast address format contain the
following three fields:
„ Flag field: This field consists of four single bit flags. Currently,
only the bit-4 is designated to indicate that whether this
address is a well-known multicast address designated by the
Internet numbering institution, or a temporary multicast
addressed used in a specific occasion.
„ If this flag bit is set to zero, it indicates that this address is a
well-known address. If this flag bit is set to one, it indicates
that this address is a temporary address. The other three
flag bits are reserved for future use.
„ Range field: This is a 4-bit field and is used to indicate the
range of multicast. That is, whether a multicast group only
includes nodes within a same local network, a same site or a
same institution, or includes nodes resides anywhere in the
IPv6 global address space. The possible values for this 4-bit
range from 0 to 15. See Table 24 for the corresponding
range.

TABLE 24 IPV6 MULTICAST RANGE V ALUE

Hex Decimal Value

26 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3 Configuring IPv6 Addresses

Hex Decimal Value

0 0 Reserved
1 1 Node-local range
2 2 Link-local range
3 3 Unallocated
4 4 Unallocated
5 5 Site-local range
6 6 Unallocated
7 7 Unallocated
8 8 Institution-local
range
9 9 Unallocated
10 A Unallocated
11 B Unallocated
12 C Unallocated
13 D Unallocated
14 E Global range
15 F Reserved

„ Group ID field:
The 112-bit multicast ID field identifies a multicast group within
a specified range permanently or temporarily.
„ Anycast address
A multicast address can be shared by many nodes in a sense. All
the nodes of the members of a multicast address expect to
receive all the packets sent to this address. A router connecting
to five different local Ethernet networks should forward a copy of
the multicast packet to each network respectively (assume at
least one node of each network presubscribed to this multicast
address).
Anycast addresses are similar to multicast addresses. Although it
is still the case that an anycast address can be shared by
multiple nodes, however, only one node of an anycast address
expects to receive the packet sent to the anycast address.
Anycast is very helpful in providing some kinds of service,
especially for some service that does not require special
relationship between a client and a server, for example, a
domain name server and a time server. A domain name server is
nothing but a name server, which should provide the same
performance whether it is located closely or remotely.
Similarly, a closely located time server is preferable in terms of
accuracy. Therefore, when a host sends a request to an anycast

Confidential and Proprietary Information of ZTE CORPORATION 27

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

address to obtain information, it is the nearest server relating to

this anycast address that should respond.
Anycast addresses are allocated outside of the normal IPv6
unicast address space. Because anycast addresses cannot be
distinguished from unicast addresses in their forms, each
member of an anycast address should be explicitly configured to
identify an anycast address.

Address Expression Way

An IPv4 address is expressed in four parts separated by dots,
that is, four numbers separated by dots. The following are some
legal IPv4 addresses expressed by decimal integers:
10.5.3.1, 127.0.0.1, 201.199.244.101
An IPv4 address is sometimes expressed as a group of four 2-bit
hex integers or four 8-bit binary integers, of which the latter one
is seldom used.
The length of an IPv6 address is four times than that of an IPv4
address, and the complicatedness of expression for an IPv6
address is also four times than that for an IPv4 address. An IPv6
address can be basically expressed as X:X:X:X:X:X:X:X, among
which X is a 4-bit hex integer (16-bit). Because each number
contains four bits, each integer contains four numbers and each
address contains eight integers, there are totally 128 bits (4 x 4
x 8 = 128). The following are some legal IPv6 addresses:
CDCD:910A:2222:5498:8475:1111:3900:2020
1030:0:0:0:C9B4:FF12:48AA:1A2B
2000:0:0:0:0:0:0:1
Note that all these integers are hex integers and those from A to
F represent 10 to 15. Each integer of an address should be
indicated except for the starting zero. This is a relatively
standard way to express an IPv6 address. Apart from this, there
are two more ways that are clearer and easier to use.
Some IPv6 addresses may contain a succession of zeros, similar
to the second and third examples as mentioned above. In this
case, the succession of zeros can be represented by “spacing”,
as provided in the relevant standard.
That is to say, the address 2000:0:0:0:0:0:0:1 can be
expressed as 2000::1, of which the two colons mean that the
address can be extended to a complete 128-bit address. In this
method, only when the 16-bit group is all-zero can it is
substituted by two colons, which can only be used once in the
address.
Table 25shows some examples for compressed formats of IPv6
addresses.

28 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3 Configuring IPv6 Addresses

TABLE 25 IPV6 ADDRESS COMPRESSION

Normal Format Compressed

Addr Type
Format
Unicast address 1080:0:0:0:8:800:200C:417A 1080::8:800:200C:417A
Multicast address FF01:0:0:0:0:0:0:101 FF01::101
Loopback address 0:0:0:0:0:0:0:1 ::1
Unspecified 0:0:0:0:0:0:0:0 ::
address

In the environment mixed with IPv4 and IPv6, there may be a

third way. The least significant 32-bit in an IPv6 address can be
used to indicate an IPv4 address in a mixed way:
X:X:X:X:X:X:d.d.d.d, among which X represents a 16-bit integer
and d indicates a 8-bit decimal integer.

For example, the address 0:0:0:0:0:0:10.0.0.1 is a legal IPv4

address. Therefore, this address can be expresses as ::10.0.0.1
by combining the two possible expressions.

Because an IPv6 address consists of two parts: subnet prefix

and interface identifier, an IP node address is expected to be
expressed, in a way similar to that of an CIDR address, as an
address carrying an extra value, indicating how many bits of the
address are masks.

An IPv6 node address indicates the length of a prefix by

separating the length from the IPv6 address with a slash. For
example, in the address of
1030:0:0:0:C9B4:FF12:48AA:1A2B/60, the length of the prefix
for routing is 60-bits.

IPv6 Host Generally, an IPv6 host has many IPv6 addresses even it has
Address only one single interface. An IPv6 host can have the following
unicast addresses simultaneously.
„ The link-local address of each interface
„ The unicast address of each interface, which can be a site-
local address or one or more aggregatable global addresses
„ The loopback address (::1) of a loopback interface
„ In addition, each host should always keep listening to the
information from the following multicast addresses:
„ The multicast addresses (FF01::1) of all the nodes within the
node-local range
„ The multicast addresses (FF02::1) of all the nodes within the
link-local range
„ Multicast address of the solicited-node (if the solicited-node
group is added to an interface of the host)

Confidential and Proprietary Information of ZTE CORPORATION 29

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

„ Multicast address of a multicast group (if any multicast group

is added to an interface of the host)
IPv6 Host The following unicast addresses can be allocated to an IPv6
Address router:
„ The link-local address of each interface
„ The unicast address of each interface, which can be a site-
local address or one or more aggregatable global addresses
„ The subnet-router anycast address
„ Other anycast addresses (optional)
„ The loopback address (::1) of a loopback interface
„ Similarly, apart from these addresses, a router should always
keep listening to the information flow from the following
multicast addresses:
„ The multicast addresses (FF01::1) of all the nodes within the
node-local range
„ The multicast addresses (FF01::2) of all the routers within
the node-local range
„ The multicast addresses (FF02::1) of all the nodes within the
link-local range
„ The multicast addresses (FF02::2) of all the routers within
the link-local range
„ The multicast addresses (FF05::2) of all the routers within
the site-local range
„ Multicast address of the solicited-node (if the solicited-node
group is added to an interface of the router)
„ Multicast address of a multicast group (if any multicast group
is added to an interface of the router)

IPv6 Address Auto Configuration

Technology
Stateful Auto The state auto configuration employs the plug-and-play mode to
Configuration insert a node into the IPv6 network and starts it up without any
manual interference. IPv6 has two different mechanisms to
shore up the plug-and-play network connection:
„ Boot protocol (BOOTstrap Protocol, BOOTP)
„ Dynamic host configuration protocol ( DHCP)
Both of the two mechanisms allow IP nodes obtaining
configuration information from a special BOOTP server or the
DHCP server. These protocols use the stateful auto
configuration, that is, a server should retain and manage the
state information of each node.

30 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3 Configuring IPv6 Addresses

Stateless Auto Apart from stateful auto configuration, IPv6 also employs a kind
Configuration of auto configuration service named stateless auto configuration.
RFC2462 describes the IPv6 stateless auto configuration.
For the stateless auto configuration, the local link should support
multicast and network interface should be able to send and
receive multicast packets. In the stateless auto configuration
process, the relevant nodes should meet the following
requirements:
„ A node for auto configuration should determine its own link-
local address.
„ Authenticate this link-local address to make sure that it is
unique in the link.
The node should determine the information to be configured.
Such information may be the IP address of this node, other
configuration information, or both of them. In case of an IP
address is needed, the node should determine whether to obtain
it through the stateless auto configuration or through the
stateful auto configuration.
The procedure is as follows:
„ In the stateless auto configuration process, the host adds its
network adapter MAC address after the 1111111010 prefix of
the link-local address to create a link-local unicast address.
IEEE has modified the network adapter MAC address from
48-bit to 64-bit. If the network adapter MAC address used by
the host is still 48-bit, the IPv6 network adapter driver will
convert the 48-bit MAC address to the 64-bit MAC address in
accordance with an IEEE formula.
„ The host sends a neighbor discovery request to the address
to check whether the address is unique.
If there is no response to the request, it indicates that the link-
local unicast address configured by the host itself is unique.
Otherwise, the host will use an interface ID randomly created to
form a new link-local unicast address.
Taking the address as the source address, the host sends a
router solicitation in the multicast way to all the routers within
the local link to request configuration information. Routers
respond to it with a router advertisement containing the prefix of
an aggregatable global unicast address and other relevant
configuration information.
The host automatically uses the global address prefix obtained
from routers and its own interface ID to automatically configure
a global address to communicate with other hosts within the
Internet.

Confidential and Proprietary Information of ZTE CORPORATION 31

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Basic IPv6 Configuration

Purpose Below procedure gives information about basic IPv6
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To enter into the interface configuration mode for IPv6
address, use interface <interface-name> command in
global configuration mode as shown in Table 26.

TABLE 26 INTERFACE CONFIG COMM AND

Command Command Command Function

Format Mode

interface Global config This enables to enter into interface

<interface- configuration mode for IPv6
name> enabling

Result: This enables to enter into interface configuration

mode.
2. To enable IPv6 address for interface, use ipv6 enable
command in interface configuration mode as shown in Table
27.

TABLE 27 IPV6 ENABLE COMM AND

Command Command Command Function

Format Mode

ipv6 Interface config This enables ipv6 address for an

enable interface

Result: This enables IPv6 address for an interface.

3. To set an ipv6 address for an interface, use ipv6 address
<ipv6-prefix>/<prefix-length> in interface configuration
mode as shown in Table 28.

T AB L E 2 8 I P V6 AD D R E S S C O M M AN D

Command Command Command Function

Format Mode

ipv6 address Interface config

<ipv6- This configures an ipv6
prefix>/<prefix- address for an interface
length>

Result: This configures an ipv6 address for an interface.

END OF STEPS.

32 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 3 Configuring IPv6 Addresses

IPv6 Address Maintenance and

Diagnosis
Purpose Below procedure gives information about IPv6 maintenance and
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To view the detailed information of an IPv6 interface, use
show ipv6 interface <interface-name> command in
priviliged mode as shown inTable 29.

TABLE 29 SHOW IPV6 INTERFACE COMMAND

Command Command Command Function

Format Mode

show ipv6 Priviliged

interface This display an ipv6 interface
<interface- detailed information
name>

Result: This shows ipv6 interface detailed information.

2. To view brief information of an IPV6 interface, use show
ipv6 interface [<interface-name>] brief command in
Priviliged mode as shown in Table 30.

TABLE 30 SHOW IPV6 BRIEF COMM AND

Command Command Command Function

Format Mode

show ipv6 Priviliged

interface
<interface- This display an ipv6 interface brief
name> information
brief

Result: This shows ipv6 interface brief information.

END OF STEPS.

IPv6 Address Example

Suppose a gigabit Ethernet interface board is inserted in the Slot
3 of the ZXR10 1800/2800/3800 Router, and the IPv6 address
should be configured at the second interface. The following are
detailed configurations:

ZXR10(config)#interface gei_0/2
ZXR10(config-if)# ipv6 enable

Confidential and Proprietary Information of ZTE CORPORATION 33

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

ZXR10(config-if)# ipv6 address 2005:1234::1/64

or
ZXR10(config)#interface gei_0/2
ZXR10(config-if)# ipv6 enable
ZXR10(config-if)# ipv6 address link-local
fe80::1111:2222:3333:4444

34 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 4

Configuring NDP

Introduction This chapter describes the NDP and its relevant configuration on
the ZXR10 1800/2800/3800 Router.
Contents This chapter covers following topics.

TABLE 31 TOPICS IN CHAPTER 4

Topic Page No

35
Overview
NDP Basic Configuration 38

NDP Maintenance & Diagnosis 41

NDP Configuration Example 42

Overview
IPv6 does not priviligedute the address resolution protocol (ARP)
or the reserve address resolution protocol (RARP) any more but
supersedes them with the corresponding functions of the
neighbor discovery protocol (NDP). The following are primary
differences between the IPv6 NDP and the IPv4 ARP.
„ In IPv4, the ARP is an independent protocol. It provides
conversion between IP addresses and link-layer addresses.
Different ARPs must be defined for different link-layer
protocols. In IPV6, the NDP contains the ARP functions and
runs over the Internet control message protocol (ICMPv6). It
features more universal, more content, and applicable to
various link-layer protocols.
„ The ARP protocol, ICMPv4 router discovery and ICMPv4
redirectional packet are based on broadcast, while the NDP
neighbor discovery packet is based on the efficient multicast
and unicast.

Confidential and Proprietary Information of ZTE CORPORATION 35

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

„ The reachability detection is meant to determine whether the

host or router represented by the corresponding IP address
can still receive and send packets, to which IPv4 has no
unified solution. The NDP defines the reachability detection
process to ensure that no IP packet will be sent to a black
hole.
RFC 1970 (IPv6 neighbor discovery) describes the neighbor
discovery mechanism, which provides some different purposes,
including the following support:
„ Router discovery: This mechanism helps a host to identify
the local router.
„ Prefix discovery: This mechanism is used by nodes to
determine an address prefix that is used to specify the link-
local address and an address prefix that should be sent to a
router for forwarding.
„ Parameter discovery: This mechanism helps nodes to
determine the information like link-local MTU.
„ Address auto configuration: This mechanism is used for IPv6
node auto configuration.
„ Address resolution: This mechanism substitutes ARP and
RARP to help nodes determine the link-layer address of the
local node, namely the neighbor, from the destination IP
address.
„ Next hop determination: This mechanism is meant to
determine the next destination of a packet, that is,
determine whether the destination of a packet is on a local
link. If it is on the local link, then the next hop is the
destination. Otherwise, the packet should route and the next
hop will serve as a router. The neighbor discovery can be
used to determine a router to be used.
„ Neighbor unreachable detection: Neighbor discovery can help
nodes to determine whether a neighbor (destination node or
router) is reachable.
„ Repeated address detection: Neighbor discovery helps a
node to determine whether an address it wants to use has
been occupied on the local link.
„ Redirection: Sometimes the forwarding router selected by a
node is not the optimum for a packet to be forwarded. In this
case, the forwarding router can redirect the node to send the
packet to an optimum router.
„ For example, the node sends the packet that originally is to
be sent to the Internet to the default router that provides
service for the intranet of the node. This intranet router can
redirect the node, thus sending the packet to the Internet
router that is connected with the same local link.
The neighbor discovery conducts the execution by defining the
special ICMP packets, including:

36 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 4 Configuring NDP

„ Router advertisement: This packet requires the router to

announce its availability periodically, as well as the links and
Internet parameters for configuration. These announcements
contain the network address prefix in using, the suggested
hop-by-hop limiting value and the local MTU indication, and
flag of the auto configuration type to be used by a specified
node.
„ Router solicitation: A host can solicit the local router to send
its router advertisement immediately. The router should send
these advertisements periodically. However, if it receives a
router request packet, it should send the advertisement
immediately rather than wait for the next scheduled
transmission time.
„ Neighbor advertisement: A node should send the neighbor
advertisement packet upon receiving the request of the
neighbor solicitation packet or upon any change of its link-
layer address.
„ Neighbor solicitation: A node sends the neighbor solicitation
packet to request the neighbor’s link-layer address to
authenticate the reachability of the neighbor’s link-layer
address obtained and saved in the cache, or authenticate
that its address is unique on the local link.
„ Redirection: A router sends a redirection packet to notify a
host that it is not the optimum router for a specific
destination.
The router sends the router advertisement packet through
multicast, so that the nodes on the same link can construct their
own available default router list.
Neighbor discovery can also be used to realize other targets,
including:
„ Link-layer address change: A node may have multiple
interfaces for the same network. If the node knows that its
link-layer address is changed, it can send some multicast
groups to notify other nodes of its address change.
„ Entry load balance: A node receiving a large number of
service flows may have multiple network interfaces, which
can be represented by an IP address if neighbor discovery is
employed. The router load balance can be realized by making
the router omit the source link-layer address during its
sending of the router advertisement packet.
„ Every time when a node that searches nodes of this router
wants to send packets to this router, it should execute the
neighbor discovery. Then, the router can select the link-layer
interface that receives the packets to respond to this node.
„ Anycast address: As mentioned above, an anycast address is
a set of the unicast addresses. The packet sends to an
anycast address will be delivered to anyone of its unicast
addresses. Generally, an anycast address is used to identify
a set of nodes providing the same service, that is, send a

Confidential and Proprietary Information of ZTE CORPORATION 37

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

packet to any node of an anycast address without caring

which one among the node-set will respond.
„ Because multiple members of an anycast address may
respond to the request for their respective link-layer address,
the neighbor discovery mechanism requires a node should be
able to predict the possible multiple responses to be received
and handle them properly.
„ Proxy advertisement: If a node fails to properly respond to
the neighbor discovery request, the neighbor discovery
mechanism allows another node to represent this node. For
example, a proxy server can represent the mobile IP node.

NDP Basic Configuration

Purpose Below procedure gives information about basic NDP
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To set the managed-config-flag field of a router
announcement packet, use ipv6 nd managed-config-flag
command in interface configuration mode as shown in Table
32.

TABLE 32 IPV6 ND M AN AGED-CONFIG-FLAG COMM AND

Command Command Command Function

Format Mode

ipv6 nd Interface config This sets the managed-config-flag

managed- field of a router announcement
config-flag packet

Result: This sets the managed-config-flag field of a router

announcement packet.
2. To set the other-config-flag field of a router advertisement
packet, use ipv6 nd other-config-flag command in
interface configuration mode as shown in Table 33.

TABLE 33 IPV6 ND M AN AGED CONFIG COMM AND

Command Command Command Function

Format Mode

ipv6 nd Interface config

This sets the other-config-flag field
managed-
of a router advertisement packet
config-flag

Result: This sets the other-config-flag field of a router

advertisement packet.
3. To set the prefix options included in a router advertisement
packet sent by an interface, use ipv6 nd prefix <ipv6-

38 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 4 Configuring NDP

prefix>/<prefix-length> [[<Valid-lifetime> <preferred-

lifetiem>]{off-link| no-autoconfig|} | ] command in interface
configuration mode as shown in Table 34.

TABLE 34 IPV6 ND PREFIX COMM AND

Command Command Command Function

Format Mode

ipv6 nd prefix Interface config

<ipv6-
prefix>/<prefix-
This sets the prefix options
length> [[<Valid-
included in a router
lifetime>
advertisement packet sent by
<preferred-
an interface
lifetiem>]{off-
link| no-
autoconfig|} | ]

Result: This sets the prefix options included in a router

advertisement packet sent by an interface.
4. To set time intervals for an interface to send router
advertisements, use ipv6 nd ra-interval <seconds>
command in interface configuration mode as shown in Table
35.

TABLE 35 IPV6 ND RA-INTERVAL COMM AND

Command Command Command Function

Format Mode

ipv6 nd ra- Interface config This sets the time intervals for an
interval interface to send router
<seconds> advertisements

Result: This sets the time intervals for an interface to send

router advertisements.

5. To set the value of the ra-lifetime field in a router

advertisement packet sent by an interface, use ipv6 nd ra-
lifetime <seconds> command in interface configuration
mode as shown in Table 36.

TABLE 36 IPV6 ND RA-LIFETIME COMM AND

Command Command Command Function

Format Mode

ipv6 nd ra- Interface config This sets the value of the ra-
lifetime lifetime field in a router
<seconds> advertisement packet sent by an
interface

Result: This sets the value of the ra-lifetime field in a router

advertisement packet sent by an interface.

Confidential and Proprietary Information of ZTE CORPORATION 39

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

6. To set the reachable time within which a remote neighbor is

reachable after it confirms its reachability, use ipv6 nd
reachable-time< milliseconds> command in interface
configuration mode as shown in Table 37.

TABLE 37 IPV6-REACHABLE TIME COMMAND

Command Command Command Function

Format Mode

ipv6 nd ra- Interface config This sets the value of the ra-
lifetime lifetime field in a router
<seconds> advertisement packet sent by an
interface

Result: This sets the value of the ra-lifetime field in a router

advertisement packet sent by an interface.
7. To set the value of the retransmit-time field in a router
advertisement packet, use ipv6 nd retransmit-time
<milliseconds> command in interface configuration mode as
shown in Table 38.

TABLE 38 IPV6-RETRANSMIT TIME COMMAND

Command Command Command Function

Format Mode

ipv6 nd Interface config

This sets the value of the
retransmit-
retransmit-time field in a
time
router advertisement packet
<milliseconds>

Result: This sets the value of the retransmit-time field in a

router advertisement packet.
8. To configure that a router does not send a router
advertisement packet, use ipv6 nd suppress-ra command
in interface configuration mode as shown in Table 39.

TABLE 39 IPV6 ND SUPPRESS-RA COMMAND

Command Command Command Function

Format Mode

ipv6 nd Interface config

This prevents router to send a
suppress-
router advertisement packet
ra

Result: This prevents router to send a router advertisement

packet.
9. To add a static item to the neighbor cache list (supported by
the npct board but not by the npci board), use nd6 add
<ipv6-address> <hardware-address> command in interface
configuration mode as shown in Table 40.

40 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 4 Configuring NDP

T AB L E 4 0 N D6 AD D C O M M AN D

Command Command Command Function

Format Mode

nd6 add Interface config

<ipv6-
This adds a static item to the
address>
neighbor cache list
<hardware-
address>

Result: This adds a static item to the neighbor cache list.

10. To delete an item from the neighbor cache list (supported by

the npct board but not by the npci board), use nd6 delete
<ipv6-address> command in interface configuration mode as
shown in Table 41.

TABLE 41 ND6-DELETE COMM AND

Command Command Command Function

Format Mode

nd6 delete Interface config

This deletes an item from the
<ipv6-
neighbor cache list
address>

Result: This deletes an item from the neighbor cache list.

11. To clear items in the IPv6 neighbor cache list, use clear nd
cache [interface] command in Priviliged mode as shown in
Table 42.

TABLE 42 CLEAR ND CACHE COMM AND

Command Command Command Function

Format Mode

clear nd Priviliged
This clear items in the IPv6
cache
neighbor cache list
[interface]

Result: this clear item in the IPv6 neighbor cache list.

END OF STEPS.

NDP Maintenance & Diagnosis

Purpose Below procedure gives information about NDP maintenance and
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps

Confidential and Proprietary Information of ZTE CORPORATION 41

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

1. To display the content of the neighbor cache list, use show

nd6 cache command in Priviliged mode as shown in Table
43.

TABLE 43 SHOW ND6 CACHE COMM AND

Command Command Command Function

Format Mode

show nd6 Priviliged This displays the content of the

cache neighbor cache

Result: This displays the content of the neighbor cache.

2. To show the packet content of the neighbor discovery
protocol, use debug ipv6 nd command in Priviliged mode as
shown in Table 44.

TABLE 44 DEBUG IPV6 ND COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This shows the packet content of

nd the neighbor discovery protocol

Result: This displays the packet content of the neighbor

discovery protocol.
END OF STEPS.

NDP Configuration Example

The following is a configuration example of the ND.
ZXR10(config)#interface fei_1/1
ZXR10(config-if)# ipv6 enable
ZXR10(config-if)# ipv6 address 8245::202/64
ZXR10(config-if)# nd6 add 2003::200 00d0.d0c7.d0d0

View the ARP table of Ethernet interface fei_1/1:

ZXR10#show nd6 cache
Address Link-Address NetName
Age State
2003::200 0:d0:d0:c7:d0:d0 fei_1/1
static Reachable
8245::202 0:d0:d0:c7:d0:0 fei_1/1
infinity Reachable

42 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 5

Other IPv6 Configurations

Introduction This chapter describes the other relevant configurations of IPv6

on ZXR10 1800/2800/3800 Router.
Contents This chapter covers following topics.

TABLE 45 TOPICS IN CHAPTER 5

Topic Page No

43
IPv6 Static Route Configuration

END OF STEPS. 45

Other Configuration Commands

END OF STEPS. 46

Other Diagnosis and Maintenance Commands

END OF STEPS. 49

Configuration Example

IPv6 Static Route Configuration

Purpose Below procedure gives information about basic IPv6 static route
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To add IPv6 static route, use ipv6 route X:X::X:X /<0-128>
{ (X:X::X:X [<interface> ] ) | <interface> } [<1-254> ]
command in global configuration mode as shown in

Confidential and Proprietary Information of ZTE CORPORATION 43

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 46 IPV6 ROUTE COMM AND

Command Command Command Function

Format Mode

ipv6 route Global Config

X:X::X:X /<0-
128>
{ (X:X::X:X This adds an ipv6 static route
[<interface> ] ) |
<interface> }
[<1-254> ]

Result: This configures an ipv6 static route.

2. To show information about the IPv6 routing table, use show
ipv6 route [ { X:X::X:X /<0-128> | X:X::X:X | static |
rip | ospf | isis | connected | bgp | database } ]
command in Priviliged mode as shown in Table 47.

TABLE 47 SHOW IPV6 ROUTE COMM AND

Command Command Command Function

Format Mode

show ipv6 Priviliged

route
[ { X:X::X:X
/<0-128> |
X:X::X:X |
static | rip | This shows information about
ospf | isis | the IPv6 routing table
connected | bgp
| database } ]
[<interface> ] ) |
<interface> }
[<1-254> ]

Result: This displays information about the IPv6 routing

table.
3. To show the statistic information about numbers of the
various routes in the IPv6 routing table, use show ipv6
route summary command in Priviliged mode as shown in
Table 48.

TABLE 48 SHOW IPV6 ROUTE SUMM ARY COMM AND

Command Command Command Function

Format Mode

show ipv6 Priviliged This shows the statistic information

route about numbers of the various
summary routes in the IPv6 routing table

Result: This displays the statistic information about numbers

of the various routes in the IPv6 routing table.

44 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 5 Other IPv6 Configurations

END OF STEPS.

Other Configuration Commands

Purpose Below procedure gives information about other configuration
commands.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To set the maximum transmission unit (MTU) for sending
IPv6 packet at an interface, use ipv6 mtu <bytes> in
interface configuration mode as shown in Table 49.

TABLE 49 IPV6 MTU COMMAND

Command Command Command Function

Format Mode

ipv6 mtu Interface Config This sets the maximum

<bytes> transmission unit (MTU) for
sending IPv6 packet at an interface

Result: This sets the maximum transmission unit (MTU) for

sending IPv6 packet at an interface.
2. To set the times for an interface to detect repeated address,
use ipv6 dad-attempts <number> command in interface
configuration mode as shown in Table 50.

TABLE 50 IPV6-DAD ATTEMPTS COMM AND

Command Command Command Function

Format Mode

ipv6 dad- Interface Config

This sets the times for an interface
attemps
to detect repeated address
<number>

Result: This sets the times for an interface to detect

repeated address.
3. To show the information about the path MTU cache table,
use show ipv6 mtu command in Priviliged mode as shown
in Table 51.

TABLE 51 SHOW IPV6 MTU COMM AND

Command Command Command Function

Format Mode

show ipv6 Priviliged This shows information about the

mtu path MTU cache table

Result: This displays information about the path MTU cache

table.

Confidential and Proprietary Information of ZTE CORPORATION 45

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

END OF STEPS.

Other Diagnosis and Maintenance

Commands
Purpose Below procedure gives information about NDP maintenance and
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps For the convenience of IPv6 maintenance and diagnosis, the
ZXR10 1800 provides the relevant view and debugging
commands.
1. To diagnose the links to a destination to see whether they
are normal, use ping6 <ipv6-addres>s [interface
{<interface-name>} | num <1-65535> | size <64-8192> |
timeout <1-60>] command in Priviliged mode as shown in
Table 52.

TABLE 52 PING6 COMM AND

Command Command Command Function

Format Mode

ping6 <ipv6- Priviliged

addres>s
[interface
{<interface- This diagnoses the links to a
name>} | num destination for their normal
<1-65535> | function
size <64-8192>
| timeout <1-
60>]

Result: This diagnoses the links to a destination for their

normal function.
2. To diagnose the actually passed paths to a destination, use
trace6 <ipv6-address> [max-ttl <1-254> | timeout <1-
100>] command in Priviliged mode as shown in Table 53.

TABLE 53 TRACE6 COMMAND

Command Command Command Function

Format Mode

trace6 Priviliged
<ipv6-
address>
This diagnoses the actually passed
[ max-ttl
paths to a destination
<1-254> |
timeout
<1-100>]

46 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 5 Other IPv6 Configurations

Result: This diagnoses the actually passed paths to a

destination.
3. To enable an IPV6 Telnet connection, use telnet6 <ipv6-
address> [interface <interface-name>] command in
Priviliged mode as shown in Table 54.

TABLE 54 TELNET6 COMMAND

Command Command Command Function

Format Mode

telnet6 Priviliged
<ipv6-
address> This enables an IPV6 Telnet
[interface connection
<interface-
name>]

Result: This enables an IPV6 Telnet connection.

4. To show the debugging information about the IPv6 Internet
Control Message Protocol (ICMP) packet, use debug ipv6
icmp command in Priviliged mode as shown in Table 55.

TABLE 55 DEBUG IPV6 ICMP COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This shows the debugging

icmp information about the IPv6
Internet Control Message Protocol
(ICMP) packet

Result: This shows the debugging information about the

IPv6 Internet Control Message Protocol (ICMP) packet.
5. To show information about the IPv6 packet received and sent
by the system, use debug ipv6 packet command in
Priviliged mode as shown in Table 56.

TABLE 56 DEBUG IPV6 P ACKET

Command Command Command Function

Format Mode

debug ipv6 Priviliged This shows the information about

packet the IPv6 packet received and sent
by the system

Result: This shows the information about the IPv6 packet

received and sent by the system.
6. To set up the debug switches for establishing and closing the
IPV6 TCP connections, use debug ipv6 tcp driver command
in Priviliged mode as shown in Table 57.

Confidential and Proprietary Information of ZTE CORPORATION 47

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 57 DEBUG IPV6 TCP DRIVER

Command Command Command Function

Format Mode

debug ipv6 Priviliged This sets up the debug switches for

tcp driver establishing and closing the IPV6
TCP connections

Result: This sets up the debug switches for establishing

and closing the IPV6 TCP connections.
7. To show information about the IPV6 TCP packet received and
sent by the system, use debug ipv6 tcp packet command
in Priviliged mode as shown in Table 58.

TABLE 58 DEBUG IPV6 P ACKET

Command Command Command Function

Format Mode

debug ipv6 Priviliged This shows the information about

tcp packet the IPV6 TCP packet received and
sent by the system

Result: This shows the information about the IPV6 TCP

packet received and sent by the system.
8. To set up the debug switches for IPV6 TCP state transition
information, use debug ipv6 tcp transactions command in
Priviliged mode as shown in Table 59.

TABLE 59 DEBUG IPV6 TCP TRANSACTIONS

Command Command Command Function

Format Mode

debug ipv6 Priviliged This sets up the debug switches

tcp for IPV6 TCP state transition
transactions information

Result: This sets up the debug switches for IPV6 TCP state
transition information.
9. To enable all IPV6 TCP debug switches, use debug ipv6 tcp
all command in Priviliged mode as shown in Table 60.

TABLE 60 DEBUG IPV6 TCP ALL COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This enables all the IPV6 TCP

tcp all debug switches

Result: This enables all the IPV6 TCP debug switches.

10. To enable all IPV6 UDP debug switches, use debug ipv6
udp all command in Priviliged mode as shown in Table 61.

48 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 5 Other IPv6 Configurations

TABLE 61 DEBUG IPV6 UDP ALL COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This enables all the IPV6 UDP

udp all debug switches

Result: This enables all the IPV6 UDP debug switches.

END OF STEPS.

Configuration Example
The following part shows an MTU configuration example.
ZXR10(config)#interface fei_1/1
ZXR10(config-if)# ipv6 mtu 1400

Use the Ping6 command:

ZXR10#ping6 3ff::2
sending 64-bytes ICMP echos to 3ff::2,timeout is
1 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip
min/avg/max= 0/1/9 ms

Use the show ipv6 route command:

ZXR10#show ipv6 route summary
IPv6 Routing Table Summary - 13 entries
3 connected, 1 static, 0 RIP, 0 BGP, 4 IS-IS, 5
OSPF

ZXR10#show ipv6 route isis

IPv6 Routing Table
Codes: C - connected, S - static, R - RIP, B -
BGP,
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS
interarea, IS - ISIS static,
O - OSPF intra, OI - OSPF inter, E1 - OSPF ext
1, E2 - OSPF ext 2
Timers: Uptime

I1 ::/0 [115/10]
via fe80::204, fei_1/1, 00:04:52
I1 2:2::/112 [115/20]
via fe80::204, fei_1/1, 00:05:12
I1 2121::/64 [115/30]
via fe80::204, fei_1/1, 00:05:02
I1 4444:4444:4444::/48 [115/30]
via fe80::204, fei_1/1, 00:05:02

Confidential and Proprietary Information of ZTE CORPORATION 49

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

50 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 6

Configuring IPv6 Tunnel

Introduction This chapter describes the IPv6 transition technology and

tunnels, as well as the related configuration on the ZXR10
1800/2800/3800 Router.
Contents This chapter covers following topics.

TABLE 62 TOPICS IN CHAPTER 6

Topic Page No

51
Overview
Tunnel Technology 52

IPv6/IPv4 Dual Stack Technology 54

Network Address Translator Technology 54

Basic IPv6 Tunnel Configuration 55

IPv6 Tunnel Maintenance and Diagnosis 56

IPv6 Tunnel Configuration Example 57

Overview
This is impossible for the IPv6 to supersede the IPv4
immediately; therefore, they will simultaneously exist in the
same environment for quiet a long time. A good transition
mechanism is needed to provide a stable transition and minimize
the effects on the existing users.
At present, this topic is the main target of the IETF ngtrans work
group. Many transition mechanisms have been put forward and
some of them have been used for the 6Bone. IETF recommends
such transition mechanisms as tunnel technology, Dual Stack
and network address transition technology.

Confidential and Proprietary Information of ZTE CORPORATION 51

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Tunnel Technology
Tunnel technology is the primary way for communications
between IPv6 separate subnets during the transition period. This
mechanism connects the isolated IPv6 node islands over the
IPv4 network sea. At the same time, if the IPv6 becomes
dominant in the future, it will server as connections between the
IPv4 islands.
The core concept of the tunnel technology is to make the
existing IPv4 network become the carrier for establishment of
the IPv6 communications by encapsulating the IPv6 datagram
into the IPv4 datagram. The datagram transmission between
nodes at the two ends of a tunnel is implemented through the
IPv4 mechanism, where the tunnel is treated as a directly
connected channel.
In short, the idea of the tunnel policy is to encapsulate the IPv6
datagram into the IPv4 by a router, set the protocol domain of
the IPv4 datagram header to 41, indicating the net load of this
sub-group is a IPv6 sub-group, make the source address and
destination address of the IPv4 datagram correspond to the IPv4
address of the tunnel ingress and egress respectively, and at the
egress of the tunnel, extract the IPv6 datagram and then
forward it to the destination site.
Because the tunnel technology only requires modification to the
ingress and egress of the tunnel and has no requirements on the
other parts, it is easy to be realized.
Advantage The advantage of the tunnel technology highlights transparency
of the tunnel. It enables communications between IPv6 hosts to
ignore the existing tunnel, where the tunnel only servers as a
physical channel. The tunnel technology is widely used during
the early stage when the IPv4 evolves to the IPv6. However, it
cannot realize communications between IPv4 hosts and IPv6
hosts.
A tunnel has an ingress point and a destination point. To make
the data go through a tunnel, the addresses of its two ends must
be known. The ingress point can be determined directly, because
it appears on the boundary of the IPv4 basic structure. However,
it is more complicated to determine the destination point of a
tunnel.
Tunnel Tunnels are classified as configuration tunnels and automatic
Classification tunnels based on the different ways to obtain the destination
address of a tunnel. Configuration tunnels are mainly used from
a router to a router, while automatic tunnels consist of the
following three modes:
„ 6 in 4 tunnel
„ 4 in 6 tunnel
„ 6 to 4 tunnel

52 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 6 Configuring IPv6 Tunnel

The 6to4 technology uses special IPv6 addresses to enable IPv6

islands in the IPv4 sea to connect to each other. Then, the IPv6
egress router creates tunnel connection with other IPv6 domains.
The end point of an IPv4 tunnel can be automatically extracted
from the address prefix of an IPv6 domain, because the IPv4
address of a site is contained in the IPv6 address prefix.
The other interest feature of the 6to4 technology is that it can
automatically extract an IPv4 address from an IPv6 address
prefix. With this mechanism, a site can configure the IPv6
without applying to the registration institution for the IPv6
address space. It simplifies the management of the ISP
providers at the same time.
It can be imagined that in an enterprise with many departments,
each department can build a virtual IPv6 external network by
using private addresses and the NAT technology within the
department through the 6to4 policy. It can also re-establish the
point-to-point IP connection, allow the servers locating on
different places of an enterprise to use the Ipsec protocol, thus
further improving the network security.
In addition, 6to4 mechanism allows communications between
6to4-based IPv6 sites and pure IPv6 sites through the 6to4
Relay Router. Then, the two endpoints that are communicating
with each other require no available IPv4 connection. The 6to4
Relay Router is recommended to run BGP for wider application.
When the 6to4 router of the requesting site sends packets to
another site that resides in another subnet or another user
network, and the prefix of the next destination address contains
the special 6to4 TLA value 2002::/16, the Type 41 IPv4 protocol
is needed to encapsulate the IPv6 packets into the IPv4 packets,
as defined by the conversion mechanism RFC.
The IPv4 source address is contained in the 6to4 prefix of the
requesting site, that is, the IPv4 address of the network external
interface of the 6to4 router is contained in the 6to4 prefix of the
IPv6 packet. At the same time, the IPv4 address of the receiving
site becomes the 6to4 prefix of destination address of the next
IPv6 sending packet.
When the 6to4 router of the receiving site receives an IPv4
packet and determines that it is the Type 41 IPv4 protocol, it will
implement the IPv4 security inspection, remove the header and
conduct local transmission with the IPv6 source packet.
The transmission rule mentioned above is the unique revision to
the IPv6 transmission rule, because the receiving rule of the
primary IPv6 conversion mechanism has been established
already. As the appropriate numbers of 6to4 prefixes are loaded
to the DNS, all sites can cooperate with each other
independently without manual tunnel configuration.

Confidential and Proprietary Information of ZTE CORPORATION 53

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

IPv6/IPv4 Dual Stack Technology

Simply put, dual stack mechanism is to enable IPv6 network
nodes to have both IPv4 stack and IPv6 stack, thus
simultaneously supporting IPv4 and IPv6 protocols. IPv6 and
IPv4 are network layer protocols with similar functions. Both of
them are applied on the same physical platform and with the
same transmission layer protocol TCP or UDP over them. If a
host supports both IPv6 protocol and IPv4 protocol
simultaneously, this host can communicate with a host that only
supports IPv4 protocol or IPv6 protocol. Table 63shows the
protocol structure of the IPv6/IPv4 dual stack.

TABLE 63 PROTOCOL STRUCTURE OF THE IPV6/IPV4 DUAL STACK

Application layer protocol

TCP/UDP protocol
IPv6 protocol IPv4 protocol
Link layer and physical protocol

Network Address Translator

Technology
Network Address Translator (NAT) technology regards IPv4
addresses and IPv6 addresses as internal addresses and global
addresses respectively, and vice versa.
For example, when an internal IPv4 host communicates with an
external IPv6 host, it will translate the IPv4 address (equivalent
to the internal address) to the IPv6 address (equivalent to the
global address) in the NAT server, which maintains a mapping
table between IPv4 and IPv6 addresses.
On the contrary, when an internal IPv6 host communicates with
an external IPv4 host, the IPv6 host is mapped into an internal
address while the IPv4 host a global address. The NAT
technology is a solution to interconnection between IPv4 hosts
and IPv6 host.
Technically, transition from the existing network to the IPv6
network is mature and step by step. The International
Organization for Standardization (ISO) and many R&D
institutions have developed multiple translation mechanisms for
interconnection between IPv4 and IPv6. The following are
popular standards for the IPv4/IPv6 interconnection translation
technology:
„ 6to4: RFC 3056

54 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 6 Configuring IPv6 Tunnel

„ NAT-PT(Network Address Translation-Protocol Translation):

RFC 2766
„ SIIT(Stateless IP/ICMP Translation): RFC 2765
„ Tunnel broker: RFC 3053
„ 6over4: RFC 2529
„ BIS(Bump-In-the-Stack): RFC 2767
„ BIA(Bump-in-the-API): RFC 3338
„ SOCKS-gateway: RFC 3089
„ TCP/UDP-relay: RFC 3142
„ DSTM(Dual Stack Transition Mechanism): draft-ietf-ngtrans-
dstm-08.txt
„ ISATAP(Intra-Site Automatic Tunnel Addressing Protocol):
draft-ietf-ngtrans-isatap-08.txt

Basic IPv6 Tunnel Configuration

Purpose Below procedure gives information about basic IPv6 tunnel
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To create a tunnel and enter into the tunnel configuration
mode, use interface <tunnel-number> command in global
configuration mode as shown in Table 64.

TABLE 64 INTERFACE TUNNEL COMM AND

Command Command Command Function

Format Mode

interface Global config This creates a tunnel and enables

<tunnel- us to enter into tunnel
number> configuration mode

Result: This creates a tunnel and enables us to enter into

tunnel configuration mode.
2. To configure the tunnel mode for the IPv6 tunnel, use
tunnel mode {gre ip | mpls traffic-eng | ipv6ip [6to4]
|ipipv6} command in tunnel configuration mode as shown in
Table 65.

Confidential and Proprietary Information of ZTE CORPORATION 55

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 65 TUNNEL MODE COMM AND

Command Command Command Function

Format Mode

tunnel tunnel config

mode { gre
ip | mpls This creates a tunnel and enables
traffic-eng | us to enter into tunnel
ipv6ip configuration mode
[6to4]
|ipipv6}

Result: This creates a tunnel and enables us to enter into

tunnel configuration mode.
The following are the relevant modes to be selected:
„ Configure 6to4 tunnel:
6to4

„ Configure 6 in 4 tunnel:
ipv6ip

„ Configure 4 in 6 tunnel:
ipipv6

END OF STEPS.

IPv6 Tunnel Maintenance and

Diagnosis
Purpose Below procedure gives information about IPv6 tunnel
maintenance and diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps For the convenience of tunnel maintenance and diagnosis, the
ZXR10 1800/2800/3800 Router provides the relevant view and
debugging commands.
1. To view a tunnel interface, use show ipv6 interface
<interface-name> command in Priviliged mode as shown in
Table 66.

TABLE 66 SHOW IPV6 INTERFACE COMMAND

Command Command Command Function

Format Mode

show ipv6 Priviliged

interface
This display a tunnel interface
<interface-
name>

Result: This shows a tunnel interface.

56 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 6 Configuring IPv6 Tunnel

END OF STEPS.

IPv6 Tunnel Configuration Example

FIGURE 9 IPV6 TUNNEL EXAMPLE

31.1.1.1/16 31.1.1.2/16
R1 R2
Fei_1/1 Fei_1/2

PC1 PC2

As shown in Figure 9, suppose R1 and R2 are dual stack routers,

and PC1 and PC2 are IPv6 hosts. Configure 6 in4 tunnel as
follows (This is not necessary to use the RIPng protocol in
configuration. You may use a static route or other routing
protocols.):
R1(config)#interface tunnel11
R1(config-if)# ipv6 enable
R1(config-if)# ipv6 address 3000:1:1:1::12/64
R1(config-if)# tunnel mode ipv6ip
R1(config-if)# tunnel source ipv4 31.1.1.1
R1(config-if)# tunnel destination ipv4 31.1.1.2
R1(config)# router ipv6 rip
R1(config)# int tunnel11
R1(config-if)# ipv6 router rip
R1(config)# int fei_1/1
R1(config-if)# ipv6 router rip
R2(config)#interface tunnel22
R2(config-if)# ipv6 enable
R2(config-if)# ipv6 address 3000:1:1:1::128/64
R2(config-if)# tunnel mode ipv6ip
R2(config-if)# tunnel source ipv4 31.1.1.2
R2(config-if)# tunnel destination ipv4 31.1.1.1
R2(config)# router ipv6 rip
R2(config)# int tunnel22
R2(config-if)# ipv6 router rip
R2(config)# int fei_1/2
R2(config-if)# ipv6 router rip

Confidential and Proprietary Information of ZTE CORPORATION 57

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

58 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 7

Configuring NAT-PT

Introduction This chapter describes the NAT-PT technology and its relevant
configuration on ZXR10 1800/2800/3800 Router.
Contents This chapter covers following topics.

TABLE 67 TOPICS IN CHAPTER 7

Topic Page No

59
Overview
NAT-PT Basic Configuration 60

NAT-PT Maintenance and Diagnosis 62

NAT-PT Configuration Example 63

Overview
Network Address Translation - Protocol Translation (NAT-PT)
technology is to conduct protocol translation (PT) between IPv4
packets and IPv6 packets while conducting IPV4/IPV6 network
address translation (NAT). It is applicable to communications
between pure IPv6 sites.
For some upper-layer protocols (for example, FTP) with built-in
address information, NAT-PT needs to complete translation by
cooperating with gateways of the application layer. NAPT-PT can
be realized based on NAT-PT by utilizing port information, which
has no essence difference with the NAPT under IPv4.
Generally, the tunnel technology is used for communications
between IPv6 nodes. For the communications between IPv4 and
IPv6 nodes, the NAT-PT technology is used, which provides
grammar and semantic translation for IPv4 packets and IPv6
packets.

Confidential and Proprietary Information of ZTE CORPORATION 59

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Basic working When IPv6 packets in an IPv6 subnet are sending to a gateway,
principle the gateway translates them into IPv4 packets and sends them
to IPv4 subnets. On the contrary, if there are data packets in an
IPv4 subnet to be sent, the gateway translates them into IPv6
packets and sends them to IPv6 subnets. The translation
gateway shall maintain a mapping table of IPv4 and IPv6
addresses.
NAT-PT technology stems from the Stateless IP/ ICMP Translator
(SIIT) technology. SIIT is a kind of network layer translation
technology. The NAT/PT technology is to translate IPv4 protocols
and IPv6 protocols based on the header format specified in
protocol specifications, thus connecting IPv4 and IPv6.
The translation consists of two parts, one is IPv4 and IPv6
address translation, and the other is IPv4 and IPv6 header
translation.

NAT-PT Basic Configuration

Purpose Below procedure gives information about basic NAT-PT
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps The NAT-PT configuration covers the following contents:
1. To enable NAT-PT function, use ipv6 nat enable command
in global configuration mode as shown in Table 68.

TABLE 68 IPV6 NAT ENABLE COMM AND

Command Command Command Function

Format Mode

ipv6 nat Global config

This enables NAT-PT function
enable

Result: This enables NAT-PT function.

2. To configure IPv6 packets of the assigned network address

prefix which supports address translation with NAT-PT, use
ipv6 nat prefix <ipv6-prefix>/<prefix-length> command in
global configuration mode as shown in Table 69.

60 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 7 Configuring NAT-PT

TABLE 69 IPV6 NAT ENABLE COMM AND

Command Command Command Function

Format Mode

ipv6 nat prefix Global config This configures IPv6 packets

<ipv6- of the assigned network
prefix>/<prefix- address prefix which supports
length> address translation with NAT-
PT

Result: This configures IPv6 packets of the assigned

network address prefix which supports address translation
with NAT-PT.
3. To set the aging time for a designated address translation
entry and the maximum number of entries to be translated,
use ipv6 nat translation {udp-time-out<udp-timeout>|
tcp-time-out< tcp-time-out>|icmp-time-out<icmp-time-
out>|max-entries<max-entries >} command in global
configuration mode as shown in Table 70.

TABLE 70 IPV6 NAT PREFIX COMMAND

Command Command Command Function

Format Mode

ipv6 nat prefix Global config This sets the aging time for a
<ipv6- designated address
prefix>/<prefix- translation entry and the
length> maximum number of entries
to be translated

Result: This sets the aging time for a designated address

translation entry and the maximum number of entries to be
translated.
4. To set a v4 address pool for the NAT-PT address translation,
use ipv6 nat v6v4 pool <name> <start-ipv4> <end-ipv4
>prefix-length <prefix-length> command in global
configuration mode as shown in Table 71

TABLE 71 IPV6 NAT V6V4 POOL COMM AND

Command Command Command Function

Format Mode

ipv6 nat Global config

v6v4 pool
<name>
<start-
ipv4> This sets a v4 address pool for the
<end-ipv4 NAT-PT address translation
>prefix-
length
<prefix-
length>

Confidential and Proprietary Information of ZTE CORPORATION 61

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Result: This sets a v4 address pool for the NAT-PT address

translation.
5. To set the dynamic NAT-PT translation rule, use ipv6 nat
v6v4 source list <access-list-name> pool <pool-name>
command in global configuration mode as shown in Table 72.

TABLE 72 IPV6 NAT V6V4 SOURCE LIST COMM AND

Command Command Function

Command Format Mode

ipv6 nat v6v4 Global config

source list
This sets the dynamic NAT-PT
<access-list-
translation rule
name> pool <pool-
name>

Result: This sets the dynamic NAT-PT translation rule.

6. To set the static NAT-PT translation rule, use ipv6 nat v6v4
source X:X::X:X <A.B.C.D> [ protocol { tcp | udp |icmp } ]
[ bidir ] command global configuration mode as shown in
Table 73.

TABLE 73 IPV6 NAT V6-V4 SOURCE COMM AND

Command Command Function

Command Format Mode

ipv6 nat v6v4 Global config

source X:X::X:X
<A.B.C.D> This sets the static NAT-PT
[ protocol { tcp | translation rule
udp |icmp } ]
[ bidir ]

Result: This sets the static NAT-PT translation rule.

END OF STEPS.

NAT-PT Maintenance and Diagnosis

Purpose Below procedure gives information about NAT-PT maintenance
and diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps For the convenience of the NAT-PT maintenance and diagnosis,
the ZXR10 1800/2800/3800 Router provides the relevant view
and debugging commands.
1. To show the relevant NAT-PT statistics, use show ipv6 nat
statistics command in Priviliged mode as shown in Table 74.

62 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 7 Configuring NAT-PT

TABLE 74 SHOW IPV6 NAT STATISTICS

Command Command Function

Command Format Mode

show ipv6 nat Priviliged This shows the relevant NAT-

statistics mode PT statistics

Result: This shows the relevant NAT-PT statistics.

2. To show the NAT-PT translation entries, use show ipv6 nat

translations command in Priviliged mode as shown in Table
75.

TABLE 75 SHOW IPV6 NAT TRANSLATIONS

Command Command Function

Command Format Mode

show ipv6 nat Priviliged This shows the NAT-PT

translations mode translation entries

Result: This shows the NAT-PT translation entries.

3. To show the ipv6 acl entries, use show ipv6 access-list

command in Priviliged mode as shown in Table 76.

TABLE 76 SHOW IPV6 ACCESS-LIST

Command Command Function

Command Format Mode

show ipv6 Priviliged This shows the ipv6 acl

access-list mode entries

Result: This shows the ipv6 acl entries.

END OF STEPS.

NAT-PT Configuration Example

FIGURE 10 NAT-PT CONFIGURATION EXAMPLE

Fei_1/1 Fei_1/2
R1
PC1 PC2

As shown in Figure 10, suppose R1 is a dual stack router, the v6

interface is fei_1/1 and v4 interface is fei_1/2. Configure the
default route on PC1: the gateway to the 3030::/96 network
segment is the IPv6 address of the R1 fei_1/1 interface; and the

Confidential and Proprietary Information of ZTE CORPORATION 63

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

gateway on the PC2 is the IPv4 address of the R1 fei_1/2

interface. The detailed R1 configuration is shown below:
R1(config)# ipv6 nat enable
R1(config)# int fei_1/1
R1(config-if)#ipv6 add 4000::128/96(PC1 address:
4000::1)
R1(config-if)exit
R1(config)# int fei_1/2
R1(config-if)#ip add 1.1.1.1 255.255.255.0(PC2
address: 1.1.1.2/24)
R1(config-if)#exit
R1(config)# ipv6 nat prefix 3030::/96
R1(config)#ipv6 nat v6v4 pool p1 100.1.1.1
100.1.1.254 prefix-length 24
R1(config)# ipv6 access-list l1 permit 4000::/96
R1(config)# ipv6 nat v6v4 source list l1 pool p1

After configuration, ping 6 3030:: 0101:0102 on the PC1, then

the PC2 can receive the ICMP request packet with the source
address translated into 100.1.1.1 and the destination address
translated into 1.1.1.2. Accordingly, the v4 reply packet can be
translated into the v6 packet and sent back to PC1.

64 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 8

Configuring RIPng

Introduction This chapter introduces RIPng protocol and its relevant

configuration on the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 77 TOPICS IN CHAPTER 8

Topic Page No

65
Overview
Basic RIPng Configuration 67

RIPng Maintenance and Diagnosis 68

RIPng Configuration Example 70

Overview
As a mature route standard, RIP is widely applied in Internet,
especially in some small and medium-sized networks. <0}
{0>considering this situation and the compatibility between RIP
and IPvt6, IETF alters the existing technology and sets the RIP
standard under IPv6, namely, RIPng (RIP next generation). It
differs from RIPv2 in that it cancels route authentication.
As the UDP-based protocol, RIPng sends and receives packet
through Port 521. Generally, RIPng packets are classified as two
categories: routing packets and enquiry packets.
RIPng is not intended to create a completely new protocol, but
to make necessary alternation to RIP, thus enabling it to adapt
to the routing requirements under IPv6. Therefore, RIPng has
the same working principle with RIP, except for changes in
address and packet format.

Confidential and Proprietary Information of ZTE CORPORATION 65

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

1. Address version
Both RIPv1 and RIPv2 are based on IPv4 and their address
domain is 32-bit, while RIPng is based on IPv6 and all the
applied addresses are 128-bit.
2. Subnet masks and prefixes length
Because RIPv1 is designed as a network without subnets,
there is no concept of subnet mask. In this way, RIPv1
cannot be used for propagation of extended subnet
addresses or for CIDR classless addresses. Because the
function of supporting subnet routing is added to RIPv2, it
can use subnet masks to distinguish network routes and
subnet routes.
Because IPv6 address prefixes have explicit meanings, RIPng
does not have subnet masks any more but have prefix length.
Similarly, due to application of IPv6 addresses, it is not
necessary to distinguish network routes, subnet routes and
host routes in RIPng.
3. Scope of application
The scope of application for RIPv1 and RIPv2 is designed to
adapt to both TCP/IP suite and other network protocol suites.
Therefore, routing table entries of a packet contain network
protocol suite fields. However, the realization program is
seldom used for other non-IP networks in practice. Therefore,
support to this function is removed from RIPng.
4. Next hop indication
There is no information about next hop in RIPv1. The router
at the receiving end takes the source address of a packet as
the next hop for the route to the destination network. RIPv2
contains explicit information about the next hop, thus
facilitating selection of the optimum route and avoiding
routing loop and slow convergence.
Different from RIPv1 and RIPv2, the next hop fields in RIPng
exist as separate RTEs to avoid overlong Routing table Entry
(RTE) and to improve efficiency in route information
transmission.
5. Packet length
Both RIPv1 and RIPv2 set limit to the length of a packet,
provisioning that each packet can only carry at most 25 RTEs.
However, RIPng has no limit on the length of a packet and
number of RTEs. The length of a packet depends on the MTU
of a medium. Processing on the packet length by RIPng
enables networks to improve efficiency in route information
transmission.
6. Security consideration
RIPv1 packets contain no authentication information, which
results in insecurity. Any host that sends packets through the
UDP Port 520 will be regarded as a router by its neighbor

66 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 8 Configuring RIPng

host, which is likely to cause router spoofing. RIPv2 is

designed to contain authentication packets to enhance
security. Although routers that exchange routes with each
other cannot receive route information from each other
before authentication, RIPv2 does not have adequate
security.
Because IPv6 contains perfect security policies, it is no need
to design separate security authentication packets for RIPng
any more but to use IPv6 security policies.
7. Packet transmission mode
RIPv1 sends route information through broadcast. In this
way, both routers and all the hosts within the same LAN can
receive packets, which is unnecessary and insecurity.
However, both RIPv2 and RIPng can send packets either
through broadcast or through multicast. In this way, packets
can be sent through multicast in networks that support
multicast, thus greatly reducing the quantity of route
information that is transmitted in networks.

Basic RIPng Configuration

Purpose Below procedure gives information about basic RIPng
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To enable RIPng instances, use router ipv6 rip command in
global configuration mode as shown in Table 78.

TABLE 78 IPV6 ROUTER RIP COMM AND

Command Command Command Function

Format Mode

ipv6 router Global config

This enables RIPng instances
rip

Result: This enables RIPng instances.

2. To enable an interface for the RIPng protocol, use ipv6
router rip command in interface configuration mode as
shown in Table 79.

TABLE 79 IPV6 RIP ENABLE COMMAND

Command Command Command Function

Format Mode

ipv6 rip Interface config This enables RIPng instances for

enable an interface

Confidential and Proprietary Information of ZTE CORPORATION 67

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Result: This enables RIPng instances for an interface.

Enhanced 3. To configure timers for the RIPng advertisement, use timers
Configuration basic <update> <timeout> <garbage> command in RIPng
configuration mode as shown in Table 80.

TABLE 80 TIMERS BASIC COMM AND

Command Command Command Function

Format Mode

timers RIPng
basic configuration
This sets timers for the RIPng
<update>
advertisement
<timeout>
<garbage>

Result: This sets timers for the RIPng advertisement.

4. To generate a route to the RIPng protocol manually, use
ipv6 route X:X::X:X/<0-128> command in global
configuration mode as shown in Table 81.

TABLE 81 IPV6 ROUTE COMM AND

Command Command Command Function

Format Mode

ipv6 route Global config

This generates a route to the
X:X::X:X/<0-
RIPng protocol manually
128>

Result: This generates a route to the RIPng protocol

manually.
5. To clear routes received by the RIPng protocol, use clear
ipv6 rip route X:X::X:X/<0-128> | all command in
Priviliged mode as shown in Table 82.

TABLE 82 CLEAR IPV6 ROUTE COMM AND

Command Command Command Function

Format Mode

clear ipv6 rip Priviliged

route This clear the routes received by
X:X::X:X/<0- the RIPng protocol
128> | all

Result: This clear the routes received by the RIPng protocol.

END OF STEPS.

68 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 8 Configuring RIPng

RIPng Maintenance and Diagnosis

Purpose Below procedure gives information about RIPng maintenance
and diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps The ZXR10 1800/2800/3800 Router provides relevant
commands to facilitate maintenance and diagnosis. The following
are common commands used for RIPng maintenance and
diagnosis.
1. To show the content of the RIPng protocol, use show ipv6
rip command in Priviliged mode as shown in Table 83.

TABLE 83 CLEAR IPV6 ROUTE COMM AND

Command Command Command Function

Format Mode

show ipv6 Priviliged This shows the content of the

rip RIPng protocol

Result: This shows the content of the RIPng protocol.

2. To show RIPng protocol enabled interfaces, use show ipv6
rip interface <ifname> command in Priviliged mode as
shown in Table 84.

TABLE 84 SHOW IPV6 RIP INTERFACE COMM AND

Command Command Command Function

Format Mode

show ipv6 Priviliged

rip This shows RIPng protocol enabled
interface interfaces
<ifname>

Result: This shows RIPng protocol enabled interfaces.

3. To show route databases of the RIPng protocol, use show
ipv6 rip database command in Priviliged mode as shown in
Table 85.

TABLE 85 SHOW IPV6 RIP DAT AB ASE COMM AND

Command Command Command Function

Format Mode

show ipv6 Priviliged

This shows route databases of the
rip
RIPng protocol
database

Result: This shows route databases of the RIPng protocol.

Confidential and Proprietary Information of ZTE CORPORATION 69

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

4. To trace operation the of RIPng protocol, use debug ipv6

rip command in Priviliged mode as shown in Table 86.

TABLE 86 DEBUG IPV6 RIP COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This traces the operation of the

rip RIPng protocol

Result: This traces the operation of the RIPng protocol.

END OF STEPS.

RIPng Configuration Example

FIGURE 11 RIPNG CONFIGURATION EXAMPLE

2001::1/64 2005::2/64

2005::1/64 2003::2/64
R1 R2

As shown in Figure 11, run RIPng on both R1 and R2.

R1 configuration:
ZXR10_R1(config)#router ipv6 rip
ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2001::1/64
ZXR10_R1(config-if)#ipv6 router rip
ZXR10_R1(config)#interface fei_1/2
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2005::1/64
ZXR10_R1(config-if)#ipv6 router rip

R2 configuration:
ZXR10_R2(config)#router ipv6 rip
ZXR10_R2(config)#interface fei_2/1
ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2005::2/64
ZXR10_R2(config-if)#ipv6 router rip
ZXR10_R2(config)#interface fei_2/2
ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2003::2/64
ZXR10_R2(config-if)#ipv6 router rip

70 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 9

Configuring OSPFv3

Introduction This chapter introduces the OSPFv3 protocol and its relevant
configuration on the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 87 TOPICS IN CHAPTER 9

Topic Page No

71
Overview
OSPFv3 Basis 71

Difference between OSPFv3 and OSPFv2 72

LSA Types 74

75
OSPFv3 Configuration
OSPFv3 Maintenance and Diagnosis 81

OSPFv3 Configuration Example 85

Overview
OSPFv3 Basis The IPv6 OSPF protocol reserves most of the IPv4 algorithm,
that is, from IPv4 to IPv6, the essential OSPF mechanism
remains unchanged. Both IPv6 and IPv4 contain link state
databases. The link state advertisement (LSA) is contained in
link state databases and such information in the adjacent
routers should be kept synchronous.
Initial database synchronization is implemented through the
database exchange process, which includes exchanging database
description packets, link state enquiry packets and link state
update packets. The subsequent database synchronization is
maintained through flooding with link state update packets and
link state confirmation packets.

Confidential and Proprietary Information of ZTE CORPORATION 71

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

In the broadcast and non-broadcast multicast access (NBMA)

networks, both IPv6 and IPv4 use the OSPF hello packet to
discover and maintain adjacency relation, elect assigned routers
and back up assigned routers. IPv6 and IPv4 also keep
consistent with each other in such aspects as neighbor
determination, basic concept of inter-area routes, introduction of
AS external LSA information and different route calculation.
Difference The IPv6 OSPF protocol is OSPFv3 and the IPv4 OSPF protocol is
between OSPFv2.
OSPFv3 and
The IPv6 OSPF protocol differs from the IPv4 OSPF protocol in
OSPFv2
many aspects due to semantic changes of the IPv6 protocol and
expansion of the IPv6 address space.
1. Processing protocols on links instead of on subnets
IPv6 uses the term of link to describe the facilities or
mediums used by nodes for communications over the link
layer. Nodes are connected with links. Multiple IP subnets
can be attached to a same link. Two nodes in different IP
subnets can communicate with each other directly over a
single link.
2. Deleting address semanteme
The OSPF packet contains no IPv6 address except for the
LSA net load carried by the update packet in the link state.
The router LSA and network LSA do not contain network
addresses any longer and only indicate topology information
simply.
The OSPF router ID and the LSA link state ID are reserved to
be the IPv4 32-bit, without allocation of IPv6 addresses any
more.
The neighbor router ID does not use the IP address ID over
broadcast and NBMA network any more.
3. Expanding flooding range
The LS fields of the LSA reflect its flooding ranges. LSA
features the following three flooding ranges:
i. Link local range: LSA only floods in local links. This range
is applicable to the link LSA.
ii. Area range: The LSA only floods in a single OSPF area.
This range is applicable to the router LSA, network LSA,
inter-area prefix LSA, interarea router LSA and intra-area
prefix LSA.
iii. Autonomous area range: The LSA floods in the route area.
This is applicable to the AS external LSA.
iv. Each link supports multiple instances. The OSPF supports
running multiple OSPF protocol instances over a single
link.
4. Using link local addresses

72 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 9 Configuring OSPFv3

The IPv6 link local addresses are used for neighbor discovery
and automatic configuration over a single link. IPv6 routers
do not forward the IPv6 packets containing link local source
addresses. The IPv6 address range that is allocated to the
link local unicast addresses is FE80/10.
Except for all the OSPF interfaces in the virtual link, link local
addresses related to interfaces can send OSPF packets as
source addresses. In the virtual link, only the IP address in
the global range or of a local site can serve as the source
address.
The link local addresses occur in the LSA of the OSPF link but
are not allowed to occur in other LSA types. In addition, any
link local address cannot be advertised in the inter-area
prefix LSA, AS external LSA or intra-area prefix LSA.
5. Changes of authentication
The authentication type and authentication field are deleted
from the IPv6 OSPF header. All the authentication-related
fields do no occur in the OSPF area and the interface
structure. The IPv6 OSPF employs the IP authentication
header and IP-encapsulated security net load to provide the
security protection to integrity and confidentiality, 16-bit
check and available OSPF packet switching.
6. Changes of packet format
The IPv6 OSPF runs over the IPv6 directly. Address
semanteme is not contained in the OSPF header but in the
different LSA types. Therefore, the IPv6 OSPF is independent
of network protocols. The following are changes of the OSPF
packet format:
i. The OSPF version number is increased from 2 to 3.
ii. Optional fields of the Hello packet and the database
description packet are expanded to 24 bits.
iii. The authentication and authentication type fields are
deleted from the OSPF header.
iv. The Hello packet does not contain the address
semantemes but contain a link interface ID allocated to
the initiating router identifier. If the router becomes the
DR in the link, the interface ID will be the link state ID of
the network LSA.
v. To process the router LSA during the SPF calculation, the
two option bits of R and V6 are added to the option field.
The OSPF header contains an Instance ID, thus allowing
running multiple OSPF protocol instances over a single
link.
7. Changes of the LSA format
All the address semantemes are deleted from the LSA header
and router LSA and network LSA. The two LSAs describe the
topology of the routing area in a way independent of network
protocols. Apart from this, the new LSA for allocating IPv6

Confidential and Proprietary Information of ZTE CORPORATION 73

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

address information and the data required for resolution of

the next hop are added.
Type-3 LSA is renamed intra-area prefix LSA and Type-4 LSA
intra-area router LSA.
8. Processing unknown LSA types
In the IPv6, the unknown LSA types can be regarded as
having the local link flooding range, or be regarded as the
known LSA type to be saved and flooded. The IPv4 OSPF
discards the unknown LSA types simply.
9. Supporting twig area
In the IPv6, twig area can only process router LSA, network
LSA and intra-area prefix LSA, and allow the unknown LSAs
to be saved and flooded as known LSAs.
10. Identifying neighbors with router ID
In the IPv6 OSPF, the neighbor routers on a designated link
are identified by their OSPF router IDs. In the IPv4 OSPF, the
neighbors on point-to-point networks and virtual links are
identified by their router IDs, while those on broadcast,
NBMA and point-to-multipoint links are identified by IPv4
interface addresses.

LSA Types
OSPFv3 routers use LSAs to exchange information for the link
state database, set up an accurate and complete network
diagram, and thus generate routes used in the routing table.
OSPFv3 has the following types of LSAs:
„ Router LSA
The LS type is 0x2001. It can generate one or multiple LSAs on
each router within an area.
„ Network LSA
The LS type is 0x2002. It can generate network LSAs for each
broadcast and NBMA link within an area, which supports two or
multiple routers. Network LSAs are created by link assignment
routers.
„ Inter-area prefix LSA
The LS type is 0x2003. It is equivalent to the Type-3 LSA in the
IPv4. Created by area border routers, the intra-area prefix
router LSA describes routes to IPv6 address prefixes in other
areas. For twig areas, inter-area prefix LSA can also be used to
describe default routes.
„ Inter-area router LSA

74 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 9 Configuring OSPFv3

The LS type is 0x2004. It is equivalent to the Type-4 LSA in the

IPv4. Created by area border routers, it describes routes to
routers in other areas.
„ AS external LSA
The LS type is 0x4005. It is created by the AS border router and
describes destinations to the AS external.
„ Link LSA
The LS type is 0x0008. A router initiates separate link LSA to
each link connecting with it. These LSAs have local link flooding
ranges and will not be flooded out of the related links.
„ Intra-area prefix LSA
The LS type is 0x2009. A router uses the intra-area prefix LSA to
advertise one or multiple IPv6 address prefixes, which are
relating to the router itself, the connected twig network segment
and the connected pass-through network segment.

OSPFv3 Configuration
Purpose Below procedure gives information about basic OSPFv3
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To enable an OSPFv3 process instance, use ipv6 router
ospf <tag> command in global configuration command as
shown in Table 88.

TABLE 88 IPV6 ROUTER OSPF COMM AND

Command Command Command Function

Format Mode

ipv6 router Global config This enables an OSPFv3 process

ospf <tag> instance

Result: This enables an OSPFv3 process instance.

2. To specify the Router ID for an OSPFv3 process, use router-
id <ip-address> command in OSPFv3 configuration mode as
shown in Table 89.

TABLE 89 ROUTER ID COMM AND

Command Command Command Function

Format Mode

router-id OSPFv3
This specifies the Router ID for an
<ip- configuration
OSPFv3 process
address>

Confidential and Proprietary Information of ZTE CORPORATION 75

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Result: This specifies the Router ID for an OSPFv3 process.

END OF STEPS.

Configuring Interface Attribute

Purpose Below procedure gives information about interface attribute
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To specify the time interval for the Hello message at an
interface, use ipv6 ospf hello-interval <interval> [instance
<instance-id>] command in interface configuration mode as
shown in Table 90.

TABLE 90 IPV6 OSPF HELLO-INTERVAL COMM AND

Command Command Command Function

Format Mode

ipv6 ospf Interface

hello- configuration
interval This specifies the specify time
<interval> interval for the Hello message on
[instance an interface
<instance-
id>]

Result: This specifies the specify time interval for the Hello
message on an interface.
2. To specify the time interval at which an interface retransmits
an LSA, use ipv6 ospf retransmit-interval <interval>
[instance <instance-id>] command in interface configuration
mode as shown in Table 91.

TABLE 91 IPV6 OSPF RETRANSMIT-INTERVAL COMM AND

Command Command Command Function

Format Mode

ipv6 ospf Interface

retransmit- configuration
interval This specifies the time interval at
<interval> which an interface retransmits an
[ instance LSA
<instance-
id>]

Result: This specifies the time interval at which an interface

retransmits an LSA.
3. To specify the delay after which an interface transmits a link
state update packet, use ipv6 ospf transmit-delay

76 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 9 Configuring OSPFv3

<interval> [instance <instance-id>] command in interface

configuration mode as shown in Table 92.

TABLE 92 IPV6 OSPF TRANSMIT DELAY COMM AND

Command Command Command Function

Format Mode

ipv6 ospf Interface

transmit- configuration
delay This specifies the delay after which
<interval> an interface transmits a link state
[ instance update packet
<instance-
id>]

Result: This specifies the delay after which an interface

transmits a link state update packet.

4. To specify the dead interval for neighbors at an interface,

use ipv6 ospf dead-interval <interval> [ instance
<instance-id>] command in interface configuration mode as
shown in Table 93.

TABLE 93 IPV6 OSPF DEAD-INTERVAL COMM AND

Command Command Command Function

Format Mode

ipv6 ospf Interface

dead- configuration
interval
This specifies the dead interval for
<interval>
neighbors at an interface
[ instance
<instance-
id>]

Result: This specifies the dead interval for neighbors at an

interface.

5. To set the interface cost value, use ipv6 ospf cost <cost-
value> [instance <instance-id>] command in interface
configuration mode as shown in Table 94.

Confidential and Proprietary Information of ZTE CORPORATION 77

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 94 IPV6 OSPF COST COMM AND

Command Command Command Function

Format Mode

ipv6 ospf Interface

cost <cost- configuration
value>
This sets the interface cost value
[instance
<instance-
id>]

Result: This sets the interface cost value.

6. To set the interface priority, use ipv6 ospf priority <value>
[instance <instance-id>] command in interface configuration
mode as shown in Table 95.

TABLE 95 IPV6 OSPF PRIORITY COMM AND

Command Command Command Function

Format Mode

ipv6 ospf Interface

priority configuration
<value>
This sets the interface priority
[ instance
<instance-
id>]

Result: This sets the interface priority.

END OF STEPS.

Configuring Protocol Attribute

Purpose Below procedure gives information about protocol attribute
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To configure the default measurement value for an area, use
area <area-id> default-cost <cost-value> command in
OSPF v3 configuration mode as shown in Table 96.

T AB L E 9 6 AR E A-D E F AU L T C O S T C OM M AN D

Command Command Command Function

Format Mode

area OSPF v3 This configures the default

<area-id> configuration
measurement value for an
default-
cost <cost-
area
value>

78 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 9 Configuring OSPFv3

Result: This configures the default measurement value for

an area.
2. To configure the range of summary address in an area, use
area <area-id> range X:X::X:X/<0-128> [advertise|not-
advertise] command in OSPF v3 configuration mode as
shown in Table 97.

T AB L E 9 7 AR E A-R AN G E C O M M AN D

Command Command Command Function

Format Mode

area <area-id> OSPF v3

range configuration
X:X::X:X/<0- This configures the range of
128> summary address in an area
[advertise|not-
advertise]

Result: This configures the range of summary address in an

area.
3. To define an area as the stub area, use area <area-id> stub
[no-summary] command in OSPF v3 configuration mode as
shown in Table 98.

T AB L E 9 8 AR E A-S T U B C O M M AN D

Command Command Command Function

Format Mode

area <area-id> OSPF v3

This defines an area as the
stub [no- configuration
stub area
summary]

Result: This defines an area as the stub area.

4. To define an OSPF virtual link, use area <area-id> virtual-

link <router-id> [instance-id] [hello-interval <seconds>]
[retransmit-interval <seconds>] [transmit-delay <seconds>]
[dead-interval <seconds>] command in OSPF v3
configuration mode as shown in Table 99.

Confidential and Proprietary Information of ZTE CORPORATION 79

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 99 AREA-VIRTUAL LINK COMM AND

Command Command Command Function

Format Mode

area <area-id> OSPF v3

virtual-link configuration
<router-id>
[instance-id]
[hello-interval
<seconds>]
This defines an OSPF virtual
[retransmit-
link
interval
<seconds>]
[transmit-delay
<seconds>]
[dead-interval
<seconds>]

Result: This defines an OSPF virtual link.

5. To set the default measurement value for the OSPFv3
protocol, use default-metric <metric-value> command in
OSPF v3 configuration mode as shown in Table 100.

TABLE 100 DEFAULT METRIC COMM AND

Command Command Command Function

Format Mode

default-metric OSPF v3 This sets the default

<metric-value> configuration measurement value for the
OSPFv3 protocol

Result: This sets the default measurement value for the

OSPFv3 protocol.
6. To disable the interface transceiving packets and to enable
an OSPFv3 protocol, use passive-interface <ifname>
command in OSPF v3 configuration mode as shown in Table
101.

TABLE 101 PASSIVE INTERFACE COMMAND

Command Command Command Function

Format Mode

passive- OSPF v3 This disables the interface

interface configuration transceiving packets and to
<ifname> enable an OSPFv3 protocol

Result: This disables the interface transceiving packets and

enables an OSPFv3 protocol.
7. To redistribute routes of another protocol into OSPFv3
protocol and then make this router as the ASBR, use
redistribute <protocol> [metric <metric-value>] [metric-
type <type>] command in OSPF v3 configuration mode as
shown in Table 102.

80 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 9 Configuring OSPFv3

TABLE 102 REDISTRIBUTE COMM AND

Command Command Command Function

Format Mode

redistribute OSPF v3
This redistributes routes of
<protocol> configuration
another protocol into OSPFv3
[metric <metric-
protocol and then make this
value>] [metric-
router as the ASBR
type <type>]

Result: This redistributes routes of another protocol into

OSPFv3 protocol and then make this router as the ASBR.
8. To set time intervals at which routes will be recalculated
after changes are received and time intervals during the
route calculation, use timers spf <delay> <holdtime>
command in OSPF v3 configuration mode as shown in Table
103.

TABLE 103 TIMERS-SPF COMM AND

Command Command Command Function

Format Mode

timers spf OSPF v3 This sets time intervals at

<delay> configuration which routes will be
<holdtime> recalculated after changes are
received and time intervals
during the route calculation

Result: This sets time intervals at which routes will be

recalculated after changes are received and time intervals
during the route calculation.
END OF STEPS.

OSPFv3 Maintenance and Diagnosis

Purpose Below procedure gives information about OSPFv3 maintenance
and diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps Compared with RIPng, OSPFv3 is much more complicated, so
the troubleshooting of OSPFv3 protocol will also be more difficult
because one phenomenon can be caused by different reasons.
The following are common commands used for OSPFv3
maintenance and diagnosis.
1. To show an OSPFv3 instance, use show ipv6 ospf <tag>
command in Priviliged mode as shown in Table 104.

Confidential and Proprietary Information of ZTE CORPORATION 81

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 104 SHOW IPV6 OSPF COMM AND

Command Command Command Function

Format Mode

show ipv6 ospf Priviliged

This shows an OSPFv3 instance
<tag>

Result: This shows an OSPFv3 instance.

2. To show the database information about the OSPFv3 instance,

use show ipv6 ospf database [<lsa-type>] [adv-router
<router-id>] command in Priviliged mode as shown in Table
105.

TABLE 105 SHOW IPV6 OSPF DAT AB ASE

Command Command Command Function

Format Mode

show ipv6 ospf Priviliged

database This shows the database
[<lsa-type>] information about the OSPFv3
[adv-router instance
<router-id>]

Result: This shows the database information about the

OSPFv3 instance.

3. To show the interface information about the OSPFv3 instance,

use show ipv6 ospf interface <ifname> command in
Priviliged mode as shown in Table 106.

TABLE 106 SHOW IPV6 OSPF INTERFACE COMMAND

Command Command Command Function

Format Mode

show ipv6 ospf Priviliged This shows the interface

interface information about the OSPFv3
<ifname> instance

Result: This shows the database information about the

OSPFv3 instance.

4. To show the neighbor information about the OSPFv3 instance,

use show ipv6 ospf neighbor [<ifname> |< neighbor-id>
| detail] command in Priviliged mode as shown in Table 107.

82 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 9 Configuring OSPFv3

TABLE 107 SHOW IPV6 OSPF-NEIGHBOR COMM AND

Command Command Command Function

Format Mode

show ipv6 ospf Priviliged

neighbor This shows the neighbor
[<ifname> |< information about the OSPFv3
neighbor-id> | instance
detail]

Result: This shows the neighbor information about the

OSPFv3 instance.

5. To show the route information calculated by the OSPFv3

instance, use show ipv6 ospf route command in Priviliged
mode as shown in Table 108.

TABLE 108 SHOW IPV6 OSPF ROUTE COMM AND

Command Command Command Function

Format Mode

show ipv6 ospf Priviliged This shows the route

route information calculated by the
OSPFv3 instance

Result: This show the route information calculated by the

OSPFv3 instance.

6. To show the topology information about the OSPFv3 instance,

use show ipv6 ospf topology [area <area-id>] command
in Priviliged mode as shown in Table 109.

TABLE 109 SHOW IPV6 OSPF TOPOLOGY COMMAND

Command Command Command Function

Format Mode

show ipv6 ospf Priviliged This shows the topology

topology [area information about the OSPFv3
<area-id>] instance

Result: This shows the topology information about the

`OSPFv3 instance.
7. To show the virtual link information about the OSPFv3
instance, use show ipv6 ospf virtual-links command in
Priviliged mode as shown in Table 110.

Confidential and Proprietary Information of ZTE CORPORATION 83

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 110 SHOW IPV6 OSPF VIRTUAL LINKS COMM AND

Command Command Command Function

Format Mode

show ipv6 ospf Priviliged This shows the virtual link

virtual-links information about the OSPFv3
instance

Result: This shows the virtual link information about the

OSPFv3 instance.
The ZXR10 1800/2800/3800 ROUTER offers the following debug
command to debug the OSPFv3 protocol and track the relevant
information.
8. To track the events run by the OSPFv3 protocol, use debug
ipv6 ospf events command in Priviliged mode as shown in
Table 111.

TABLE 111 DEBUG IPV6 OSPF EVENTS COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This tracks the events run by

ospf events the OSPFv3 protocol

Result: This tracks the events run by the OSPFv3 protocol.

9. To track the interfaces run by the OSPFv3 protocol, use
debug ipv6 ospf ifsm command in Priviliged mode as
shown in Table 112.

TABLE 112 DEBUG IPV6 OSPF IFSM COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This tracks the interfaces run

ospf ifsm by the OSPFv3 protocol

Result: This tracks the interfaces run by the OSPFv3

protocol.
10. To track the LSAs run by the OSPFv3 protocol, use debug
ipv6 ospf lsa command in Priviliged mode as shown in Table
113

TABLE 113 DEBUG IPV6 OSPF LSA

Command Command Command Function

Format Mode

debug ipv6 Priviliged This tracks the LSAs run by the

ospf lsa OSPFv3 protocol

Result: This tracks the LSAs run by the OSPFv3 protocol.

84 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 9 Configuring OSPFv3

11. To track the adjacency run by the OSPFv3 protocol, use

debug ipv6 ospf nfsm command in Priviliged mode as
shown in Table 114.

TABLE 114 DEBUG IPV6 OSPF NFSM COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This tracks the adjacency run

ospf lsa by the OSPFv3 protocol

Result: This tracks the adjacency run by the OSPFv3

protocol.
12. To track the packet transceiving run by the OSPFv3 protocol,
use debug ipv6 ospf packet command in Priviliged mode
as shown in Table 115.

TABLE 115 DEBUG IPV6 OSPF P ACKET COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This tracks the packet

ospf lsa transceiving run by the
OSPFv3 protocol

Result: This tracks the packet transceiving run by the

OSPFv3 protocol.
13. To track the routes run by the OSPFv3 protocol, use debug
ipv6 ospf route command in Priviliged mode as shown in
Table 116.

TABLE 116 DEBUG IPV6 OSPF ROUTE COMM AND

Command Command Command Function

Format Mode

debug ipv6 Priviliged This tracks the routes run by

ospf route the OSPFv3 protocol OSPFv3
protocol

Result: This tracks the routes run by the OSPFv3 protocol

OSPFv3 protocol.
END OF STEPS.

Confidential and Proprietary Information of ZTE CORPORATION 85

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

OSPFv3 Configuration Example

FIGURE 12 OSPF CONFIGURATION EXAMPLE

Area 23 Area 0 Area 24

2005::1/64
2001::1/64 2005::2/64 2003::2/64
Fei_1/2
Fei_1/1 Fei_2/1 Fei_2/2
R1 R2

As shown in Figure 12, run the OSPFv3 on Routers R1 and R2,

and divide a network into three areas.
R1 configuration:

ZXR10_R1(config)#router ipv6 ospf tag1

ZXR10_R1(config-router)# router-id 1.1.1.1
ZXR10_R1(config-router)# exit
ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2001::1/64
ZXR10_R1(config-if)# ipv6 router ospf area 23 tag
tag1
ZXR10_R1(config)#interface fei_1/2
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2005::1/64
ZXR10_R1(config-if)# ipv6 router ospf area 0 tag
tag1

R2 configuration:

ZXR10_R2(config)#router ipv6 ospf tag2

ZXR10_R2(config-router)# router-id 2.2.2.2
ZXR10_R2(config-router)# exit
ZXR10_R2(config)#interface fei_2/2
ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2003::2/64
ZXR10_R2((config-if)# ipv6 router ospf area 24
tag tag1
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2005::2/64
ZXR10_R2(config-if)# ipv6 router ospf area 0 tag
tag2

86 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10

Configuring IS-IS

Introduction This chapter describes the IS-ISv6 protocol and its relevant
configuration on the ZXR10 1800/2800/3800 Router.
Contents This chapter covers following topics.

TABLE 117 TOPICS IN CHAPTER 10

Topic Page No

Overview 87

IS-ISv6 Configuration 88

IS-ISv6 Maintenance and Diagnosis 105

IS-ISv6 Configuration Example 98

Multi-Area IS-ISv6 Configuration 100

Overview
IS-IS has an early development. ISO10589 and RFC1195
defined how to use the IS-IS as the link state routing protocol to
provide service to the TCP/IP. The subsequent specifications
perfect the IS-IS protocol gradually. The latest draft defines how
to use the IS-IS to support the IPv6.
Because the IS-IS is a routing protocol with high expansibility, it
can support the CLNS routing protocol expanding to support the
IPv4 and support the IPv6.
The draft-ietf-isis-IPv6-05.txt (Routing IPv6 with IS-IS) draft
defines two new TLVs: IPv6 Reachability and IPv6 Interface
Address.
„ The TLV type value of the IPv6 Reachability TLV is 236(0xEC).
Its TLV effects are equal to the two TLVs of the IPv4: IP
internally reachable and IP externally reachable. Up/down
and external are defined in this TLV and are used to indicate

Confidential and Proprietary Information of ZTE CORPORATION 87

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

that routes are redistributed mutually in the L2/L1 and to

determine whether a route is an external route.
„ The TLV type value of the IPv6 Interface Address TLV is
232(0xE8). Its TLV effects are equal to the TLV of the IPv4:
IP port address. The difference is that the original 32-bit
address segment is superseded by the 128-bit address
segment in the new TLV.
The uni-topology IS-IS can only run a single SPF algorithm.
Then, the topologies corresponding to IPv4 and IPv6 must be
identical and with special restriction. While the multi-topology
IS-IS can run multiple SPF algorithms. Then, the topologies
corresponding to IPv4 and IPv6 may be different and with some
flexibility.

IS-ISv6 Configuration
Purpose Below procedure gives information about basic IS-ISv6
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To Initialize the IS-IS route entity, use router ipv6 isis
command in global configuration mode as shown in Table
118.

TABLE 118 ROUTER IPV6 IS-IS COMM AND

Command Command Command Function

Format Mode

router ipv6 Global config This enables an isis process

isis instance

Result: This enables an isis process instance.

2. To configure the network entity title (NET) of a route entity,

use net <net> command in IS-IS configuration mode as
shown in Table 119.

TABLE 119 NET COMM AND

Command Command Command Function

Format Mode

net <net> IS-IS This configures the network entity

configuration title (NET) of a route entity

Result: This configures the network entity title (NET) of a

route entity.

88 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10 Configuring IS-IS

3. To run the IS-ISv6 on an interface, use ipv6 router isis

command in interface configuration mode as shown in Table
120.

TABLE 120 IPV6 ROUTER IS-IS COMM AND

Command Command Command Function

Format Mode

ipv6 router Interface This runs the IS-ISv6 protocol on

isis configuration an interface

Result: This runs the IS-ISv6 protocol on an interface.

END OF STEPS.

Global Parameter Configuration

Purpose Below procedure gives information about global parameter
confighuration of IS-ISv6 protocol.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To enter into the IPv6 family configuration mode, use
address-family ipv6 command in IS-IS configuration mode
as shown in Table 121.

TABLE 121 ADDRESS-FAMILY IPV6 COMMAND

Command Command Command Function

Format Mode

address- IS-IS This enables us to enter into the

family ipv6 configuration IPv6 family configuration mode

Result: This enables us to enter into the IPv6 family

configuration mode.

2. To set the level-1 password, use area-password <word>

command in IS-IS configuration mode as shown in Table 122.

TABLE 122 AREA-P ASSWORD COMM AND

Command Command Command Function

Format Mode

area- IS-IS
password configuration This sets the level-1 password
<word>

Result: This sets the level-1 password.

Confidential and Proprietary Information of ZTE CORPORATION 89

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

3. To configure the authentication mode for the IS-ISv6 route

entity, use authentication [level-1 | level-2] command in
IS-IS configuration mode as shown in Table 123.

TABLE 123 AUTHENTICATION MODE

Command Command Command Function

Format Mode

authentication IS-IS This configures the

[level-1 | level-2] configuration authentication mode for the
IS-ISv6 route entity

Result: This configures the authentication mode for the IS-

ISv6 route entity.

4. To configure the administrative distance for the IS-ISv6

route, use distance <1-255> command in IS-IS
configuration mode as shown in Table 124.

TABLE 124 DISTANCE COMM AND

Command Command Command Function

Format Mode

distance IS-IS This configures the administrative

<1-255> configuration distance for the IS-ISv6 route

Result: This configures the administrative distance for the

IS-ISv6 route.

5. To set the level-2 password, use domain-password

<word> command in IS-IS configuration mode as shown in
Table 125.

TABLE 125 DOM AIN-P ASSWORD COMM AND

Command Command Command Function

Format Mode

domain- IS-IS
password configuration This sets the level-2 password
<word>

Result: This sets the level-2 password.

6. To set the IS-ISv6 to ignore the LSP check and errors, use
ignore-lsp-errors command in IS-IS configuration mode as
shown in Table 126.

90 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10 Configuring IS-IS

TABLE 126 IGNORE-LSP-ERRORS COMMAND

Command Command Command Function

Format Mode

ignore-lsp- IS-IS This sets the IS-ISv6 to ignore the

errors configuration LSP check and errors

Result: This sets the IS-ISv6 to ignore the LSP check and
errors.
7. To configure the routing level for a router, use is-type
{level-1 | level-2-only | level-1-2} command in IS-IS
configuration mode as shown in Table 127.

TABLE 127 IS-TYPE COMMAND

Command Command Command Function

Format Mode

is-type IS-IS
{level-1 | configuration This configures the routing level
level-2-only for a router
| level-1-2}

Result: This configure the routing level for a router.

8. To configure the LSP refresh interval, use lsp-refresh-time

<1-65535> command in IS-IS configuration mode as shown
in Table 128.

TABLE 128 LSP-REFRESH-TIME COMM AND

Command Command Command Function

Format Mode

lsp- IS-IS
refresh- configuration This configures the LSP refresh
time <1- time
65535>

Result: This configures the LSP refresh interval.

9. To configure the LSP life time, use max-lsp-lifetime <1-

65535> command in IS-IS configuration mode as shown in
Table 129.

TABLE 129 MAX-LSP-LIFETIME COMM AND

Command Command Command Function

Format Mode

max-lsp- IS-IS
lifetime configuration This configures the LSP life time
<1-65535>

Result: This configures the LSP life time.

Confidential and Proprietary Information of ZTE CORPORATION 91

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

10. To configure the metric style of a router, use metric-style

{narrow | wide} [level-1 | level-2 | level-1-2] command in
IS-IS configuration mode as shown in Table 130.

TABLE 130 METRIC COMMAND

Command Command Command Function

Format Mode

metric- IS-IS
style configuration
{narrow |
This configures the metric style of
wide}
a router
[level-1 |
level-2 |
level-1-2]

Result: This configures the metric style of a router.

11. To configure route redistribution comes from routes of other

routing protocols, static routes and the connected routes,
use redistribute { {bgp | connected | ospf | rip | static}
[[level-1 | level-2 | level-1-2] | metric <0-63> | [ external |
internal ]] } command in IS-IS configuration mode as shown
in Table 131.

TABLE 131 REDISTRIBUTE COMM AND

Command Command Command Function

Format Mode

redistribute IS-IS
{ {bgp | configuration
connected |
ospf | rip |
This configures route
static}
redistribution comes from routes
[[level-1 |
of other routing protocols, static
level-2 | level-
routes and the connected routes
1-2] | metric
<0-63> |
[ external |
internal ]] }

Result: This configures route redistribution comes from

routes of other routing protocols, static routes and the
connected routes.

12. To set the overload-bit in the LSP packets sent by itself, use
set-overload-bit [suppress {external [interlevel] |
interlevel [external]} | on-startup <5-86400> [suppress
{external [interlevel]| interlevel [external]}] ] command in
IS-IS configuration mode as shown in Table 132.

92 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10 Configuring IS-IS

TABLE 132 SET OVERLOAD-BIT COMM AND

Command Command Command Function

Format Mode

set-overload- IS-IS
bit [suppress configuration
{external
[interlevel] |
interlevel
[external]} |
This sets the overload-bit in the
on-startup <5-
LSP packets sent by it
86400>
[suppress
{external
[interlevel]|
interlevel
[external]}] ]

Result: This sets the overload-bit in the LSP packets sent by

it.

13. To configure the minimum interval for the IS-ISv6 topology

calculation, use spf-interval [ <1-120> | level-1 [ <1-120>]
| level-2 <1-120> ] command in IS-IS configuration mode
as shown in Table 133.

TABLE 133 SPF-INTERVAL COMM AND

Command Command Command Function

Format Mode

spf- IS-IS
interval configuration
[ <1-120> | This configures the minimum
level-1 interval for the IS-ISv6 topology
[ <1-120>] calculation
| level-2
<1-120> ]

Result: This configures the minimum interval for the IS-ISv6

topology calculation.

14. To configure the IS-ISv6 routing summary, use summary-

prefix X:X::X:X/<0-128> [ level-1 | level-1-2 | level-2 ]
command in IS-IS configuration mode as shown in Table 134.

Confidential and Proprietary Information of ZTE CORPORATION 93

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 134 SUMM ARY-PREFIX COMM AND

Command Command Command Function

Format Mode

summary- IS-IS
prefix configuration
X:X::X:X/<0-
This configures the IS-ISv6
128> [ level-1
routing summary
| level-1-2 |
level-2 ]<1-
120> ]

Result: This configures the IS-ISv6 routing summary.

END OF STEPS.

Interface Parameter Configuration

Purpose Below procedure gives information about interface parameter
confighuration of IS-ISv6 protocol.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To configure the IS-ISv6 circuit-type on an interface, use
isis circuit-type {level-1 | level-1-2 | level-2-only}
command in interface configuration mode as shown in Table
135.

TABLE 135 IPV6 ISIS CIRCUIT TYPE COMMAND

Command Command Command Function

Format Mode

isis circuit- interface

type {level- configuration
This configures the IS-ISv6 circuit-
1 | level-1-
type on an interface
2 | level-2-
only}

Result: This configures the IS-ISv6 circuit-type on an

interface.

2. To configure time intervals at which the IS-ISv6 sends csnp

at an interface, use ipv6 isis csnp-interval <0-65535>
[level-1 | level-2] command in interface configuration mode
as shown in Table 136.

94 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10 Configuring IS-IS

TABLE 136 IS-IS CSNP INTERVAL COMMAND

Command Command Command Function

Format Mode

isis csnp- interface

interval <0- configuration This configures time intervals at
65535> which the IS-ISv6 sends csnp on
[level-1 | an interface
level-2]

Result: This configures time intervals at which the IS-

ISv6 sends csnp on an interface.

3. To configure time intervals at which the IS-ISV6 sends two

consecutive hello messages on an interface, use isis hello-
interval {<1-65535>|minimal} [level-1 | level-2] command
in interface configuration mode as shown in Table 137.

TABLE 137 IS-IS HELLO INTERVAL COMM AND

Command Command Function

Command Format Mode

isis hello-interval interface This configures time

{<1- configuration intervals at which the IS-
65535>|minimal} ISv6 sends csnp on an
[level-1 | level-2] interface

Result: This configures time intervals at which the IS-ISv6

sends csnp on an interface.

4. To configure the IS-ISv6 hello multiplier on an interface, use

isis hello-multipiler <3-1000> [level-1 | level-2] command
in interface configuration mode as shown in Table 138.

TABLE 138 IS-IS HELLO MULTIPLIER COMM AND

Command Command Function

Command Format Mode

isis hello-interval interface

This configures the IS-ISv6
{<1- configuration
hello multiplier on an
65535>|minimal}
interface
[level-1 | level-2]

Result: This configures the IS-ISv6 hello multiplier on an

interface.

5. To configure the minimum time interval at which the IS-ISV6

sends two consecutive LSP messages at an interface, use
isis lsp-interval <1-4294967295> command in interface
configuration mode as shown in Table 139.

Confidential and Proprietary Information of ZTE CORPORATION 95

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 139 IS-IS LSP INTERVAL COMM AND

Command Command Command Function

Format Mode

isis lsp- interface This configures the minimum

interval <1- configuration time interval at which the IS-
4294967295> ISV6 sends two consecutive LSP
messages on an interface

Result: This configures the minimum time interval at which

the IS-ISV6 sends two consecutive LSP messages on an
interface.

6. To configure the IS-ISv6 metric on an interface, use isis

metric <1-63> [level-1 | level-2] command in interface
configuration mode as shown in Table 140.

TABLE 140 IS-IS METRIC COMM AND

Command Command Command Function

Format Mode

isis metric interface

<1-63> configuration This configures the IS-ISv6 metric
[level-1 | on an interface
level-2]

Result: This configures the IS-ISv6 metric on an interface.

7. To configure the IS-ISv6 priority at the broadcast network

interface, use isis priority <0-127> [level-1 | level-2]
command in interface configuration mode as shown in Table
141.

TABLE 141 IS-IS PRIORITY COMM AND

Command Command Command Function

Format Mode

isis metric interface

<1-63> configuration This configures the IS-ISv6 priority
[level-1 | at the broadcast network interface
level-2]

Result: This configures the IS-ISv6 priority at the

broadcast network interface.
END OF STEPS.

96 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10 Configuring IS-IS

IS-ISv6 Maintenance and Diagnosis

Purpose Below procedure gives information about IS-ISv6 maintenance
and diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To show the IS-ISv6 database, use show isis database
[ [detail | verbose [ l1 | l2 | level-1 | level-2 ]] | [level-1 |
level-2 | l1 | l2 [detail | verbose] ] ] command in Priviliged
mode as shown in Table 142.

TABLE 142 SHOW IS-IS DATAB ASE COMMAND

Command Command Command Function

Format Mode

show isis Priviliged

database
[ [detail |
verbose [ l1
| l2 | level-1
This shows the IS-ISv6 database
| level-2 ]] |
[level-1 |
level-2 | l1 |
l2 [detail |
verbose] ] ]

Result: This shows the IS-ISv6 database.

2. To show the IS-ISv6 topology, use show isis topology [l1 |

l2 | level-1 | level-2] command in Priviliged mode as shown
in Table 143.

TABLE 143 SHOW IS-IS TOPOLOGY COMM AND

Command Command Command Function

Format Mode

show isis Priviliged

topology
[ l1 | l2 | This shows the IS-ISv6 topology
level-1 |
level-2 ]

Result: This shows the IS-ISv6 topology.

Apart from the show commands mentioned above, the ZXR10
1800/2800/3800 ROUTER provides the following debug
commands:

Confidential and Proprietary Information of ZTE CORPORATION 97

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

3. To track and show all the debugging information about the

IS-ISv6, use debug isis all command in Priviliged mode as
shown in Table 144.

TABLE 144 DEBUG IS-IS ALL COMM AND

Command Command Command Function

Format Mode

debug isis Priviliged This shows and track all the

all debugging information about the
IS-IS

Result: This shows and tracks all the debugging information

about the IS-IS.

4. To track and show the debugging information of the IS-ISv6

route calculation events, use debug isis spf-events
command in Priviliged mode as shown in Table 145.

TABLE 145 DEBUGGING IS-IS SPF EVENTS COMM AND

Command Command Command Function

Format Mode

debug isis Priviliged Result: This tracks and shows the

spf-events debugging information of the
IS-ISv6 route calculation events.

Result: This tracks and shows the debugging information of

the IS-ISv6 route calculation events.
END OF STEPS.

IS-ISv6 Configuration Example

Before configuring IS-ISv6, you need to analyze the whole
network, plan network topology, and decide whether it is
necessary to divide the network into many areas and run
multiple routing protocols on the network according to the
network size. The following example shows the basic
configuration of IS-ISv6 protocol on a single-area network, as
shown in Figure 13.

98 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10 Configuring IS-IS

FIGURE 13 IS-IS CONFIG EXAMPLE

As shown in Figure 13, R1 and R2 form Area 1 and run the IS-
ISv6 protocol. The detailed configuration is displayed as follows.

R1 configuration:

ZXR10_R1(config)#router ipv6 isis

ZXR10_R1(config-router)#net 01.1111.1111.1111.00
ZXR10_R1(config-router)#exit
ZXR10_R1(config)#interface fei_1/2
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2005::1/64
ZXR10_R1(config-if)#ipv6 router isis
ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2001::1/64
ZXR10_R1(config-if)#ipv6 router isis

R2 configuration:

ZXR10_R2(config)#router ipv6 isis

ZXR10_R2(config-router)#net 01.2222.2222.2222.00
ZXR10_R2(config-router)#exit
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2005::2/64
ZXR10_R2(config-if)#ipv6 router isis
ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2003::2/64
ZXR10_R2(config-if)#ipv6 router isis

Confidential and Proprietary Information of ZTE CORPORATION 99

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Multi-Area IS-ISv6 Configuration

For a large network, this must be considered to use multiple
areas in the IS-ISv6. Routers in a geographic area or of similar
functions can be put into one area, which will help reduce the
demand on memory. So routers in an area only need to maintain
a small link state database. Figure 14shows an example of
multi-area IS-ISv6 configuration.

FIGURE 14 MULTI-ARE A CONFIG EXAMPLE

R1 is in Area 1, R2, R3, and R4 in Area 0, and R5 and R6 in Area

2. Segments in Area 1 are aggregated on R1. The static route is
redistributed to the IS-ISv6 on R6.
The detailed configurations of all routers in the figure are as
follows:
R1 configuration:

ZXR10_R1(config)#router ipv6 isis

ZXR10_R1(config-router)#net 01.00D0.D0C7.53E0.00
ZXR10_R1(config-router)#is-type LEVEL-1-2
ZXR10_R1(config-router)#exit
ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2009::1/64
ZXR10_R1(config-if)#ipv6 router isis
ZXR10_R1(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R1(config-router)#exit
ZXR10_R1(config)#interface fei_1/2
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2001:1::1/64

100 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10 Configuring IS-IS

ZXR10_R1(config-if)#ipv6 router isis

ZXR10_R1(config-if)#ipv6 isis circuit-type LEVEL-
1
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#interface fei_2/1
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2001:2::1/64
ZXR10_R1(config-if)#ipv6 router isis
ZXR10_R1(config-if)#ipv6 isis circuit-type LEVEL-
1
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#interface fei_2/2
ZXR10_R1(config-if)#ipv6 enable
ZXR10_R1(config-if)#ipv6 address 2001:3::1/64
ZXR10_R1(config-if)#ipv6 router isis
ZXR10_R1(config-if)#ipv6 isis circuit-type LEVEL-
1
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#router ipv6 isis
ZXR10_R1(config-router)#address-family ipv6
ZXR10_R1(config-router-af)# summary-prefix
2001::/16

R2 configuration:

ZXR10_R2(config)#router ipv6 isis

ZXR10_R2(config-router)#net 00.00D0.E0D7.53E0.00
ZXR10_R2(config-router)#is-type LEVEL-2
ZXR10_R2(config-router)#exit
ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2009::2/64
ZXR10_R2(config-if)#ipv6 router isis
ZXR10_R2(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R2(config-router)#exit
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2003::2/64
ZXR10_R2(config-if)#ipv6 router isis
ZXR10_R2(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#interface fei_2/1

Confidential and Proprietary Information of ZTE CORPORATION 101

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

ZXR10_R2(config-if)#ipv6 enable
ZXR10_R2(config-if)#ipv6 address 2005::2/64
ZXR10_R2(config-if)#ipv6 router isis
ZXR10_R2(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R2(config-if)#exit

R3 configuration:

ZXR10_R3(config)#router isis
ZXR10_R3(config-router)#net 00.00D0.E0C7.53E0.00
ZXR10_R3(config-router)#is-type LEVEL-2
ZXR10_R3(config-router)#exit
ZXR10_R3(config)#interface fei_1/1
ZXR10_R3(config-if)#ipv6 enable
ZXR10_R3(config-if)#ipv6 address 2003::3/64
ZXR10_R3(config-if)#ipv6 router isis
ZXR10_R3(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R3(config-router)#exit
ZXR10_R3(config)#interface fei_1/2
ZXR10_R3(config-if)#ipv6 enable
ZXR10_R3(config-if)#ipv6 address 2004::3/64
ZXR10_R3(config-if)#ipv6 router isis
ZXR10_R3(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R3(config-if)#exit

R4 configuration:

ZXR10_R4(config)#router ipv6 isis

ZXR10_R4(config-router)#net 00.00D0.E0E7.53E0.00
ZXR10_R4(config-router)#is-type LEVEL-2
ZXR10_R4(config-router)#exit
ZXR10_R4(config)#interface fei_1/1
ZXR10_R4(config-if)#ipv6 enable
ZXR10_R4(config-if)#ipv6 address 2004::4/64
ZXR10_R4(config-if)#ipv6 router isis
ZXR10_R4(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R4(config-router)#exit
ZXR10_R4(config)#interface fei_1/2
ZXR10_R4(config-if)#ipv6 enable
ZXR10_R4(config-if)#ipv6 address 2005::4/64

102 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 10 Configuring IS-IS

ZXR10_R4(config-if)#ipv6 router isis

ZXR10_R4(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R4(config-if)#exit
ZXR10_R4(config)#interface fei_2/1
ZXR10_R4(config-if)#ipv6 enable
ZXR10_R4(config-if)#ipv6 address 2006::4/64
ZXR10_R4(config-if)#ipv6 router isis
ZXR10_R4(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R4(config-if)#exit

R5 configuration:

ZXR10_R5(config)#router ipv6 isis

ZXR10_R5(config-router)#net 02.00D0.D0CF.53E0.00
ZXR10_R5(config-router)#is-type LEVEL-1-2
ZXR10_R5(config-router)#exit
ZXR10_R5(config)#interface fei_1/1
ZXR10_R5(config-if)#ipv6 enable
ZXR10_R5(config-if)#ipv6 address 2006::5/64
ZXR10_R5(config-if)#ipv6 router isis
ZXR10_R5(config-if)#ipv6 isis circuit-type LEVEL-
2
ZXR10_R5(config-router)#exit
ZXR10_R5(config)#interface fei_1/2
ZXR10_R5(config-if)#ipv6 enable
ZXR10_R5(config-if)#ipv6 address 2007::5/64
ZXR10_R5(config-if)#ipv6 router isis
ZXR10_R5(config-if)#ipv6 isis circuit-type LEVEL-
1
ZXR10_R5(config-if)#exit

R6 configuration:

ZXR10_R6(config)#router ipv6 isis

ZXR10_R6(config-router)#net 02.00D0.0ECD.53E0.00
ZXR10_R6(config-router)#is-type LEVEL-1
ZXR10_R6(config-router)#exit
ZXR10_R6(config)#interface fei_1/1
ZXR10_R6(config-if)#ipv6 enable
ZXR10_R6(config-if)#ipv6 address 2007::6/64
ZXR10_R6(config-if)#ipv6 router isis
ZXR10_R6(config-if)#ipv6 isis circuit-type LEVEL-

Confidential and Proprietary Information of ZTE CORPORATION 103

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

1
ZXR10_R6(config-router)#exit
ZXR10_R6(config)#interface fei_1/2
ZXR10_R6(config-if)#ipv6 enable
ZXR10_R6(config-if)#ipv6 address 2008::6/64
ZXR10_R6(config-if)#exit
ZXR10_R6(config)# ipv6 route 2009::/64 2008::10
ZXR10_R6(config)#router ipv6 isis
ZXR10_R6(config-router)# address-family ipv6
ZXR10_R6(config-router-af)# redistribute static
level-1
ZXR10_R6(config-router)#end
ZXR10_R6#

104 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11

Configuring BGP4

Introduction This chapter describes the BGP protocol and its relevant
configuration on ZXR10 1800/2800/3800 Router.
Contents This chapter covers following topics.

TABLE 146 TOPICS IN CHAPTER 11

Topic Page No

105
Overview
BGP4 Configuration 106

BGP Route Advertisement 109

Configuring Multihop in EBGP 111

BGP Router Reflector 112

BGP Confederation 114

BGP Routing Mode Configuration 117

IPv6 Address Family Configuration Mode 122

BGP Maintenance and Diagnosis 125

END OF STEPS. 126

BGP Configuration Example

Overview
The BGP multi-protocol extension, namely the BGP, is specified
to enable the BGP4 to support such multiple network layer
protocols as IPv6 and IPX.
To make the BGP4 protocol to support multiple network layer
protocols to select routes, the following functions must be added
to it:

Confidential and Proprietary Information of ZTE CORPORATION 105

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

„ The information newly added to the BGP4 must make a

specific network layer protocol associated with the next hop
information, that is, the address of the next hop should be
indicated by a designated network layer protocol address.
„ The BGP4 protocol should be able to enable a specific
protocol associated with the NLRI, and employ address
family to distinguish various network layer protocols.
This is a mechanism for transmission of the IPv6 routing
information by utilizing the attributes of MP_REACH_NLRI and
MP_UNREACH_NLRI BGP defined by the BGP. Similar to the
common distance vector routing protocols, the BGP4 protocol is
usually independent of the specific address family used by the
protocol.
The IPv6 protocol is a kind of BGP4-supported protocol. The
fundamental difference between protocols of IPv6 and IPv4 in
route information is that IPv6 introduces area-based unicast
addresses and defines the specific situations where specific
address ranges must be applied.

BGP4 Configuration
Purpose Below procedure refers the information about basic BGP4
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To start the BGP4 process, use router bgp <1-65535>
command in global configuration mode as shown in Table
147.

TABLE 147 ROUTER BGP COMM AND

Command Command Command Function

Format Mode

router bgp Global Result: This starts the BGP4

<1-65535> configuration process

Result: This starts the BGP4 process.

2. To configure BGP4 neighbors, use neighbor <ip-address> |

<peer-group-name> remote-as <number> command in BGP
configuration mode as shown in Table 148.

106 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

TABLE 148 NEIGHBOR COMM AND

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
<peer- Result: This configures BGP4
group- neighbors
name>
remote-as
<number>

Result: This configures BGP4 neighbors.

3. To set router-id for BGP advertisements, use bgp router-id
<ip-addr> command in BGP configuration mode as shown in
Table 149.

TABLE 149 ROUTER-ID IP ADDRESS COMM AND

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
<peer- Result: This configures BGP4
group- neighbors
name>
remote-as
<number>

Result: This sets router-id for BGP advertisements.

4. To Enter into the IPv6 unicast address family configuration

mode, use address-family ipv6 [unicast] command in BGP
configuration mode as shown in Table 150.

TABLE 150 ADDRESS-FAMILY IPV6 COMM AND

Command Command Command Function

Format Mode

address- BGP Result: This enables us to Enter

family ipv6 configuration into the IPv6 unicast address
[unicast] family configuration mode

Result: This enables us to Enter into the IPv6 unicast

address family configuration mode.

5. To activate the address capability of neighbors, use

neighbor <ip-address | peer-group-name> activate
command in BGP configuration mode as shown in Table 151.

Confidential and Proprietary Information of ZTE CORPORATION 107

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 151 NEIGHBOUR ACTIVATE COMMAND

Command Command Command Function

Format Mode

address- BGP Result: This enables us to Enter

family ipv6 configuration into the IPv6 unicast address
[unicast] family configuration mode

Result: This enables us to Enter into the IPv6 unicast

address family configuration mode.

6. To set BGP4 external advertisement routes, use network

<ip-address>/<mask> [route-map <map-name>] [backdoor]
command in BGP configuration mode as shown in Table 152.

TABLE 152 NETWORK COMM AND

Command Command Function

Command Format Mode

network <ip- BGP

address>/<mask> configuration This setsBGP4 external
[route-map <map- advertisement routes
name>] [backdoor]

Result: This setsBGP4 external advertisement routes.

END OF STEPS.
Example: below figure shows an example of the BGP
configuration.

FIGURE 15 BASIC BGP CONFIGURATION

2001::1/64 2003::1/64
2005::2/64
2005::1/64
R1 R2
AS100 AS200

Where, router R1 belongs to autonomous system (AS) 100, and

router R2 belongs to AS 200.
R1 configuration:

ZXR10_R1(config)# router ipv6 bgp 100

ZXR10_R1(config-router)# bgp router-id 1.1.1.1
ZXR10_R1(config-router)# neighbor 2005::2 remote-as
200
ZXR10_R1(config-router)# address-family ipv6
ZXR10_R1(config-router-af)# neighbor 2005::2 activate
ZXR10_R1(config-router-af)# network 2001::/64

108 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

R2 configuration:

ZXR10_R2(config)#router ipv6 bgp 200

ZXR10_R2(config-router)# bgp router-id 2.2.2.2
ZXR10_R2(config-router)# neighbor 2005::1 remote-as
100
ZXR10_R2(config-router)# address-family ipv6
ZXR10_R2(config-router-af)# neighbor 2005::1 activate
ZXR10_R2(config-router-af)# network 2003::/64

In the above configuration, R1 and R2 mutually define the peer

party as the BGP neighbor. Because R1 and R2 belong to
different ASs, an EBGP session will be setup. R1 will advertise
the network 2001::/64 and R2 will advertise the network
2003::/64.

BGP Route Advertisement

Purpose Below procedure gives information about BGP route
advertisment configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps In the foregoing paragraphs, the network command is used to
advertise BGP routes. Generally, after setting up BGP neighbors,
you can use the following approaches to advertise the BGP
routes.
1. To advertise routes, use network <ip-address>/<mask>
[route-map <map-name>] [backdoor] command in BGP
configuration mode as shown in Table 153.
In the BGP, we can use the network command to advertise
the networks known to the current router. The known
networks can be learnt through direct, static and dynamic
routes. The use of the network command in BGP is different
from that in IGP.

TABLE 153 NETWORK COMM AND

Command Command Function

Command Format Mode

network <ip- BGP

address>/<mask> configuration This sets BGP4 external
[route-map <map- advertisement routes
name>] [backdoor]

Result: Result: This setsBGP4 external advertisement

routes.

Confidential and Proprietary Information of ZTE CORPORATION 109

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

2. Use the redistribute command in BGP configuration mode

to redistribute the routes learnt by other routing protocols to
BGP4 as shown in Table 154.
Using the redistribute command, you can redistribute IGP
routes to BGP. When using the redistribute command, you
should avoid redistributing the routes learnt from BGP by IGP
to BGP again, and use filter commands to prevent loop if
necessary.

TABLE 154 REDISTRIBUTE COMM AND

Command Command Function

Command Format Mode

network <ip- BGP

This command redistributes
address>/<mask> configuration
the routes learnt by other
[route-map <map-
routing protocols to BGP4.
name>] [backdoor]

Result: This command redistributes the routes learnt by

other routing protocols to BGP4.
END OF STEPS.

BGP Aggregation Advertisement

Purpose Below procedure gives information about BGP4 aggregation
advertisement configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps The BGP protocol can aggregate multiple learnt routes to one
route and advertise it externally, so that the entries in a routing
table can be significantly reduced.
1. To create an aggregation policy in the BGP routing table, use
aggregate-address <ip-addr>/<mask> [as-set]
[summary-only] command in BGP configuration mode as
shown in Table 155.

TABLE 155 AGGREGATE AD DRESS COMMAND

Command Command Command Function

Format Mode

aggregate- BGP
address <ip- configuration This creates an aggregation
addr>/<mask> policy in the BGP routing
[as-set] table.
[summary-only]

Result: This creates an aggregation policy in the BGP

routing table.

110 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

2. To Implement route aggregation only when the next hop

strictly matches the MED, use bgp aggregate-nexthop-
check command in BGP configuration mode as shown in
Table 156.

T AB L E 1 5 6 BG P AG G R E G AT E-N E X T H O P CO M M AN D

Command Command Command Function

Format Mode

aggregate- BGP
This Implements route
address <ip- configuration
aggregation only when the
addr>/<mask>
next hop strictly matches the
[as-set]
MED
[summary-only]

Result: This implements route aggregation only when

the next hop strictly matches the MED.
The following shows an example of route aggregation:
ZXR10(config-router-af)# aggregate-address
1002::/64 as-set summary-only

Configuring Multihop in EBGP

Usually, EBGP neighbors are established on the interface directly
connecting two routers. If EBGP neighbors are to be established
on indirectly-connected interfaces, you need to use the following
command to perform the EBGP multihop configuration, as well
as suitable IGP or static routing configuration to enable
indirectly-connected neighbors to communicate with each other.
neighbor <ip-address> | <peer-group-name> ebgp-
multihop [<value>]
As shown in Figure 16, router R1 needs to set up the adjacency
relation with a non-directly connected interface with the IP
address of 180.225.11.1 on R2. Then, you need to use the
neighbor ebgp-multihop command.

FIGURE 16 BGP MULTI-HOP COMM AND

AS100 AS300
2005::2/64

2005::1/64
R1 R2 2003::2/64

Confidential and Proprietary Information of ZTE CORPORATION 111

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

R1 configuration (other configuration omitted):

ZXR10_R1(config)#router ipv6 bgp 100

ZXR10_R1(config-router)#neighbor 2003::2 remote-
as 300
ZXR10_R1(config-router)#neighbor 2003::2 ebgp-
multihop

R2 configuration (other configuration omitted):

ZXR10_R2(config)#router ipv6 bgp 300

ZXR10_R2(config-router)#neighbor 2005::1 remote-as
100

END OF STEPS.

BGP Router Reflector

For BGP routes in the same AS, an adjacency relation should be
set up between any two routers. Thus, with the increase of
IBPG4+ routers, the number of neighbors will increase by n (n-
1)/2 (n stands for the number of the IBGP routers). We use the
router reflector and the confederation to reduce the workload of
maintenance and configuration.
For the running IBGP routers inside the AS, we select one of
them as the Router Reflector (RR) and take the other IBGP+
routers as clients, which only establish the adjacency relation
with the RR. All clients reflect routes through RR. Thus, the
number of neighbors decreases to n-1.
neighbor <ip-address> | <peer-group-name> route-
reflector-client
As shown in Figure 17, the AS100 has two router reflectors: R3
and R4. Among them, the R4 clients are R5 and R6, and the R3
clients are R1 and R2.

112 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

FIGURE 17 BGP ROUTE REFLECTOR

Lo: 3ffe::8

R8 AS200

Lo: 3ffe::7
AS100
R7

Lo: 3ffe::3 Lo: 3ffe::4

R3 R4

Lo: 3ffe::1 Lo: 3ffe::2 Lo: 3ffe::5 Lo: 3ffe::

R1 R2 R5 R6

Lo: 3ffe::9

R9 AS30

R3 configuration:

ZXR10_R3(config)#router ipv6 bgp 100

ZXR10_R3(config-router)#bgp route-id 3.3.3.3
ZXR10_R3(config-router)#neighbor 3ffe::1 remote-
as 100
ZXR10_R3(config-router)#neighbor 3ffe::2 remote-
as 100
ZXR10_R3 (config-router)#address-family ipv6
ZXR10_R3 (config-router-af)#neighbor 3ffe::1
active
ZXR10_R3 (config-router-af)#neighbor 3ffe::2
active
ZXR10_R3 (config-router-af)# neighbor 3ffe::1
route-reflector-client
ZXR10_R3 (config-router-af)# neighbor 3ffe::2
route-reflector-client

R2 configuration:

ZXR10_R2(config)#router ipv6 bgp 100

ZXR10_R2(config-router)#bgp route-id 2.2.2.2
ZXR10_R2(config-router)#neighbor 3ffe::3 remote-
as 100
ZXR10_R2(config-router)#address-family ipv6

Confidential and Proprietary Information of ZTE CORPORATION 113

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

ZXR10_R2(config-router-af)#neighbor 3ffe::3
active

When a route is received by the RR, it will reflect according to

types of different peers.
1. If a route comes from non-client peers, reflect it to all
client peers.
2. If a route comes from client peers, reflect it to all non-
client peers and client peers.
3. If a route comes from the EBGP peer, reflect it to all non-
client peers and client peers.
If an AS has multiple RRs, such multiple RRs can be classified as
a cluster. There may be multiple clusters inside one AS. A
cluster contains at least more than one RR.

BGP Confederation
Purpose Below procedure gives information about BGP confederation
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps The route confederation has the same function as the router
reflector. The purpose is to reduce the number of the IBGP
neighbor connections established inside the same AS. The route
confederation divides an AS into multiple sub-ASs. Multiple IBGP
routers inside the AS belong to various sub-ASs. The IBGP is
established inside a sub-AS. The EBGP is established between
sub-ASs. The sub-AS number is called confederation number.
But a sub-AS is invisible for the AS external.
1. To set the confederation ID, use bgp confederation
identifier <value> command in BGP configuration mode as
shown in Table 157.

TABLE 157 BGP CONFEDERATION COMMAND

Command Command Command Function

Format Mode

bgp BGP
confederation configuration
This sets the confederation ID
identifier
<value>

Result: This sets the confederation ID.

114 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

2. To set the confederation peer AS number, use bgp

confederation peers <value> […<value>] command in
BGP configuration mode as shown in Table 158.

TABLE 158 BGP CONNECTION PEERS COMM AND

Command Command Command Function

Format Mode

bgp BGP
confederation configuration This sets the confederation
peers <value> peer AS number
[…<value>]

Result: This sets the confederation peer AS number.

END OF STEPS.
Example The following is an example for explaining the application of
the router confederation. As shown in Figure 18, AS200 has
five BGP routers, which is divided into two sub-ASs. One is
defined as AS65010 (containing routers R3, R5 and R6), and
the other is defined as AS65020 (consisting of routers R4
and R7).

FIGURE 18 BGP CONFEDERATION

R1 3ffe:3:1::1 R2
AS100 AS300

Lo: 3ffe:5:3::3 3ffe:3:1::3

3ffe:4:3::3 3ffe:4:3::4

AS65010 R3 3ffe:6:3::3 R4
AS65020
Lo: 3ffe:6:3::6 Lo: 3ffe:7:4::7
Lo: 3ffe:5:3::5

R5 R6 R7
AS200

R3 configuration:

ZXR10_R3(config)#router ipv6 bgp 65010

ZXR10_R3(config-router)#bgp route-id 3.3.3.3
ZXR10_R3(config-router)#bgp confederation
identifier 200
ZXR10_R3(config-router)#bgp confederation peers
65020

Confidential and Proprietary Information of ZTE CORPORATION 115

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

ZXR10_R3(config-router)#neighbor 3ffe:5:3::5
remote-as 65010
ZXR10_R3(config-router)#neighbor 3ffe:6:3::6
remote-as 65010
ZXR10_R3(config-router)#neighbor 3ffe:4:3::4
remote-as 65020
ZXR10_R3(config-router)#neighbor 3ffe:3:1::1
remote-as 100
ZXR10_R3(config-router)#address-family ipv6
ZXR10_R3(config-router-af)#neighbor 3ffe:5:3::5
active
ZXR10_R3(config-router-af)#neighbor 3ffe:6:3::6
active
ZXR10_R3(config-router-af)#neighbor 3ffe:4:3::4
active
ZXR10_R3(config-router-af)#neighbor 3ffe:3:1::1
active

R5 configuration:

ZXR10_R5(config)#router bgp 65010

ZXR10_R5(config-router)#bgp route-id 5.5.5.5
ZXR10_R5(config-router)#bgp confederation
identifier 200
ZXR10_R5(config-router)#neighbor 3ffe:5:3::3
remote-as 65010
ZXR10_R5(config-router)#address-family ipv6
ZXR10_R5(config-router-af)#neighbor 3ffe:5:3::3
active

When establishing the adjacency relation, the EBGP adjacency

relation between the R3 and the confederation peers is
established; the IBGP adjacency relation in the confederation is
established; and EBGP adjacency relation also occurs between
the R3 and the AS100. AS100 does not know whether the
confederation exists. Therefore, router R1 in AS100 still sets up
adjacency relation with R3 by using AS200.
R1 configuration:

ZXR10_R1(config)#router bgp 100

ZXR10_R1(config-router)#bgp route-id 1.1.1.1
ZXR10_R1(config-router)#neighbor 3ffe:3:1::3
remote-as 200
ZXR10_R1(config-router)#address-family ipv6
ZXR10_R1(config-router-af)#neighbor 3ffe:3:1::3
active

116 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

BGP Routing Mode Configuration

Purpose Below procedure gives information about BGP routing mode
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Apart from the primary configurations mentioned above, BGP
also provides some other configurations, which generally run in
two modes:
„ IPv6 routing mode
„ IPv6 address family configuration mode
Steps The following commands are used for IPv6 routing mode
configuration:
1. To allow comparing the MULTI_EXIT_DISCs (MED) of various
neighbor routes in different Ass, use bgp always-compare-
med command in BGP configuration mode as shown in Table
159.

T AB L E 1 5 9 BG P AL W AY S -C O M P AR E C O M M AN D

Command Command Command Function

Format Mode

bgp BGP This allows comparing the

confederation configuration MULTI_EXIT_DISCs (MED) of
identifier various neighbor routes in
<value> different Ass

Result: This allows comparing the MULTI_EXIT_DISCs (MED)

of various neighbor routes in different Ass.

2. To do not compare the as-path attribute during routing, use

bgp bestpath as-path ignore command in BGP
configuration mode as shown in Table 160.

TABLE 160 BGP BESTPATH AS-P ATH IGNORE COMM AND

Command Command Command Function

Format Mode

bgp BGP
bestpath configuration This does not compare the as-path
as-path attribute during routing.
ignore

Result: This does not compare the as-path attribute during

routing.

Confidential and Proprietary Information of ZTE CORPORATION 117

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

3. To set client to client reflection, use bgp client-to-client

reflection command in BGP configuration mode as shown in
Table 161.

TABLE 161 BGP CLIENT TO CLIENT COMM AND

Command Command Command Function

Format Mode

bgp client- BGP

to-client configuration This sets client to client reflection
reflection

Result: This sets client to client reflection.

4. To set the cluster ID of a route reflector, use bgp cluster-id

{<value> | <ip-address>} command in BGP configuration
mode as shown in Table 162.

TABLE 162 BGP CLUSER-ID COMMAND

Command Command Command Function

Format Mode

bgp BGP
cluster-id configuration
This sets the cluster ID of a route
{<value> |
reflector.
<ip-
address>}

Result: This sets the cluster ID of a route reflector.

5. To set the confederation ID, use bgp confederation

identifier <value> command in BGP configuration mode as
shown in Table 163.

TABLE 163 BGP CONFEDERATION IDENTIFIER

Command Command Command Function

Format Mode

bgp BGP
confederation configuration
This sets the confederation ID
identifier
<value>

Result: This sets the confederation ID.

6. To set the confederation peer AS number, use bgp

confederation peers <value> […<value>] command in
BGP configuration mode as shown in Table 164.

118 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

TABLE 164 BGP CONFEDERATION PEER COMM AND

Command Command Command Function

Format Mode

bgp BGP
confederation configuration This sets the confederation
identifier peer AS number
<value>

Result: This sets the confederation peer AS number.

7. To set the local priority value of the routes advertised by the
BGP, use bgp default local-preference <value> command
in BGP configuration mode as shown in Table 165.

TABLE 165 BGP DEFAULT LOCAL PREFERENCE COMM AND

Command Command Command Function

Format Mode

bgp default BGP

This sets the local priority value of
local- configuration
the routes advertised by the BGP.
preference

Result: This sets the local priority value of the routes

advertised by the BGP.
In addition, the following options are provided for the
neighbor command in the BGP routing mode:

8. To activate the address capability of a neighbor (this

command is also provided in the IPv6 address family mode),
use neighbor <ip-address | peer-group-name> activate
command in BGP configuration mode as shown in Table 166.

TABLE 166 NEIGHBOR COMM AND

Command Command Command Function

Format Mode

neighbor BGP
<ip-address configuration This activates the address
| peer- capability of a neighbor (this
group- command is also provided in the
name> IPv6 address family mode)
activate

Result: This activates the address capability of a

neighbor (this command is also provided in the
IPv6 address family mode).

Confidential and Proprietary Information of ZTE CORPORATION 119

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

9. To configure a minimum interval at which route changes are

advertised to neighbors, use neighbor <ip-address> |<
peer-group-name> advertisement-interval <interval>
command in BGP configuration mode as shown in Table 167.

TABLE 167 NEIGHBOR ADVERTISEMENT COMM AND

Command Command Command Function

Format Mode

neighbor <ip- BGP

address> |< peer- configuration This configures a minimum
group-name> interval at which route
advertisement- changes are advertised to
interval neighbors
<interval>

Result: This configures a minimum interval at which route

changes are advertised to neighbors.

10. To set neighbor descriptions, use neighbor <ip-address> |

<peer-group-name> description <line> command in BGP
configuration mode as shown in Table 168.

TABLE 168 NEIGHBOUR-DESCRIPTION COMM AND

Command Command Command Function

Format Mode

neighbor BGP
<ip-address> configuration
| <peer-
This sets neighbor descriptions
group-name>
description
<line>

Result: This sets neighbor descriptions.

11. To configure that a neighbor establishes a link passively, use

neighbor <ip-address> | <peer-group-name> passive
command in BGP configuration mode as shown in Table 169.

TABLE 169 NEIGHBOR-P ASSIVE COMM AND

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
<peer- This configures that a neighbor
group- establishes a link passively
name>
passive
<line>

120 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

Result: This configures that a neighbor establishes a link

passively.
12. To create a peer-group and set a neighbor to a peer-group,
use neighbor <ip-address> | <peer-group-name> peer-
group [<group-name>] command in BGP configuration
mode as shown in Table 170.

TABLE 170 NEIGHBOR-PEER-GROUP COMM AND

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
<peer-
group- This creates a peer-group and set
name> a neighbor to a peer-group
peer-
group
[<group-
name>]

Result: This creates a peer-group and set a neighbor to a

peer-group.

13. To make neighbors enter the management shut-down status,

use neighbor <ip-address> | <peer-group-name>
shutdown command in BGP configuration mode as shown in
Table 171.

TABLE 171 NEIGHBOR-SHUTDOWN COMMAND

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
<peer- This makes neighbors to enter the
group- management shut-down status
name>
shutdown
name>]

Result: This makes neighbors to enter the management

shut-down status.

14. To configure the holdtime, keepalive and connect timers of

neighbors, use neighbor <ip-address> | <peer-group-
name> timers {<keepalive> <holdtime> | connect
<connecttime>} command in BGP configuration mode as
shown in Table 172.

Confidential and Proprietary Information of ZTE CORPORATION 121

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 172 NEIGHBOR-CONNECT COMMAND

Command Command Command Function

Format Mode

neighbor <ip- BGP

address> | configuration
<peer-group-
This configures the holdtime,
name> timers
keepalive and connect timers
{<keepalive>
of neighbors
<holdtime> |
connect
<connecttime>}

Result: This configures the holdtime, keepalive and connects

timers of neighbors.

15. To make the BGP session use any operatable TCP connection
interface, use neighbor <ip-address> | <peer-group-
name> update-source <if-name> | <if-address> command
in BGP configuration mode as shown in Table 173.

TABLE 173 NEIGHBOR-UPDATE-SOURCE COMM AND

Command Command Command Function

Format Mode

neighbor <ip- BGP

address> | configuration
<peer-group-
This makes the BGP session
name> timers
use any operatable TCP
{<keepalive>
connection interface
<holdtime> |
connect
<connecttime>}

Result: This makes the BGP session use any operatable

TCP ` connection interface.
END OF STEPS.

IPv6 Address Family Configuration

Mode
Purpose Below procedure gives information about IPv6 Family
configuration mode.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps For the BGP configuration, use the address-family ipv6
command in the IPv6 routing mode to enter the IPv6 address
family mode configuration. The following commands are
available in this mode:

122 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

1. To send the default route ::/0 to a designated neighbor, use

neighbor <ip-address> | <peer-group-name> default-
originate [route-map <map-name>] command in BGP
configuration mode as shown in Table 174.

TABLE 174 NEIGHBOR-DEFAULT ORIGINATE COMM AND

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
<peer-
group-
This sends the default route ::/0 to
name>
a designated neighbor
default-
originate
[route-map
<map-
name>]

Result: This sends the default route ::/0 to a designated

neighbor.

2. To force itself as the next trunk for route advertisement on

NBMA network, use neighbor <ip-address> | <peer-group-
name> next-hop-self command in BGP configuration mode
as shown in Table 175.

TABLE 175 NEIGHBOR-NEXT-HOP COMMAND

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
This forces itself as the next trunk
<peer-
for route advertisement on NBMA
group-
network
name>
next-hop-
self

Result: This forces itself as the next trunk for route

advertisement on NBMA network.
3. To filter the special ASs in the routes advertised to neighbors,
use neighbor <ip-address > | < peer-group-name>
remove-private-AS command in BGP configuration mode
as shown in Table 176.

TABLE 176 NEIGHBOR REMOTE PRIVATE AS COMM AND

Command Command Command Function

Format Mode

Confidential and Proprietary Information of ZTE CORPORATION 123

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
<peer- This filters the special ASs in the
group- routes advertised to neighbor
name>
next-hop-
self

Result: This filters the special ASs in the routes advertised

to neighbor.
4. To set a neighbor to the router reflector client peer (when all
the clients are invalid, the local reflector is not the router
reflector), use neighbor <ip-address> | <peer-group-
name> route-reflector-client command in BGP
configuration mode as shown in Table 177.

TABLE 177 NEIGHBOR ROUTE REFLECTOR CLIENT COMM AND

Command Command Command Function

Format Mode

neighbor BGP
<ip- configuration
address> |
<peer- This sets a neighbor to the router
group- reflector client peer
name>
next-hop-
self

Result: This sets a neighbor to the router reflector client

peer.
5. To send the community attribute when advertising routes to
neighbors, use neighbor <ip-address> | <peer-group-
name> send-community {both | extended | standard}
command in BGP configuration mode as shown in Table 178.

TABLE 178 NEIGHBOR-SEND COMMUNITY COMMAND

Command Command Command Function

Format Mode

neighbor BGP
<ip-address> configuration
| <peer-
group-name> This sends the community
send- attribute when advertising routes
community to neighbors
{both |
extended |
standard}

124 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

Result: This send the community attribute when

advertising routes to neighbors.
END OF STEPS.

BGP Maintenance and Diagnosis

Purpose Below procedure gives information about BGP maintenance &
configuration mode.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps When encountering the BGP4 route problems, we locate faults
and remove them with relevant debugging commands. The show
command is most frequently used, with which you can view the
current BGP neighbor state and the BGP4 route information
learnt by a router.
1. To show the BGP4 neighbor information, use show bgp all
neighbor command in BGP configuration mode as shown in
Table 179.

TABLE 179 SHOW BGP ALL NEIGHBOR COMM AND

Command Command Command Function

Format Mode

show bgp BGP

This shows the BGP4 neighbor
all configuration
information
neighbor

Result: This shows the BGP4 neighbor information.

2. To show the states of all the BGP4 neighbors, use show bgp
all summary command in BGP configuration mode as shown
in Table 180.

TABLE 180 SHOW BGP ALL SUMM ARY COMM AND

Command Command Command Function

Format Mode

show bgp BGP

This shows the states of all the
all configuration
BGP4 neighbors
summary

Result: This shows the states of all the BGP4 neighbors.

Besides the show command, priviligedute the debug
command to view the establishment process of the BGP4
adjacency, route updating process, etc.
3. To enable all the BGP debugging information, use debug ip
bgp all command in BGP configuration mode as shown in
Table 181.

Confidential and Proprietary Information of ZTE CORPORATION 125

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 181 DEBUG IP BGP ALL COMM AND

Command Command Command Function

Format Mode

debug ip BGP This enables all the BGP debugging

bgp all configuration information

Result: This enables all the BGP debugging information.

4. To enable the BGP event debugging information, use debug
ip bgp events command in BGP configuration mode as
shown in Table 182.

TABLE 182 DEBUG IP BGP EVENTS COMM AND

Command Command Command Function

Format Mode

debug ip BGP This enables the BGP event

bgp all configuration debugging information

Result: This enables the BGP event debugging information.

5. To enable the BGP keepalive packet-related debugging
information, use debug ip bgp keepalives command in
BGP configuration mode as shown in Table 183.

TABLE 183 DEBUG IP BGP KEEPALIVES COMM AND

Command Command Command Function

Format Mode

debug ip BGP This enables the BGP keepalive

bgp all configuration packet-related debugging
information

Result: This enables the BGP keepalive packet-related

debugging information.
6. To enable the relevant debugging information relating to the
update packets received/sent by the BGP, use debug ip bgp
updates command in BGP configuration mode as shown in
Table 184.

TABLE 184 DEBUG IP BGP UPDATES COMM AND

Command Command Command Function

Format Mode

debug ip BGP This enables the relevant

bgp all configuration debugging information relating to
the update packets received/sent
by the BGP

Result: This enables the relevant debugging information

relating to the update packets received/sent by the BGP.
END OF STEPS.

126 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 11 Configuring BGP4

BGP Configuration Example

The following is a BGP4 comprehensive example. It involves the
actual applications of such BGP4 functions as route aggregation
and static route redistribution.
As shown in Figure 19, the R4 establishes the EBGP with the R1;
the R1 establishes the IBGP with the R2; and the R2 establishes
the multi-hop EBGP with the R5. Suppose the R4 has the four
static routes marked at the top right corner of the Figure. During
the R4 configuration, only aggregate and advertise the
2004::/16 network segment. The EBGP multi-hop relationship is
established between the R2 and the R5 through the R3. Make
sure that the addresses through which the adjacency is
established between two routers can be interconnected (this can
be configured through the IGP configuration, which is omitted
here).

FIGURE 19 BGP CONFIGURING EXAMPLE

AS1
Static route:
2003::2/64 2004:1::/64
2004:2::/64
2003::1/64
2001::1/64 R1 R2 2004:3::/64
2005::2/64
2004:4::/64

2001::4/64

R4 R3 2007::5/64 R5
AS2 AS3

R4 configuration:

ZXR10_R4(config)#router ipv6 bgp 2

ZXR10_R4(config-router)#neighbor 2001::1 remote-
as 1
ZXR10_R4(config-router)# address-family ipv6
ZXR10_R4(config-router-af)# neighbor 2001::1
activate
ZXR10_R4(config-router-af)#redistribute static
ZXR10_R4(config-router-af)#aggregate-address
2004::/16 as-set summary-only

Confidential and Proprietary Information of ZTE CORPORATION 127

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

R1 configuration:

ZXR10_R1(config)#router ipv6 bgp 1

ZXR10_R1(config-router)#neighbor 2003::2 remote-
as 1
ZXR10_R1(config-router)#neighbor 2001::4 remote-
as 2
ZXR10_R1(config-router)# address-family ipv6
ZXR10_R1(config-router-af)# neighbor 2001::4
activate
ZXR10_R1(config-router-af)# neighbor 2003::2
activate
ZXR10_R1(config-router-af)# neighbor 2003::2
next-hop-self

R2 configuration:

ZXR10_R2(config)#router ipv6 bgp 1

ZXR10_R2(config-router)#neighbor 2003::1 remote-
as 1
ZXR10_R2(config-router)#neighbor 2007::5 remote-
as 3
ZXR10_R2(config-router)#neighbor 2007::5 ebgp-
multihop
ZXR10_R2(config-router)# address-family ipv6
ZXR10_R2(config-router-af)# neighbor 2003::1
activate
ZXR10_R2(config-router-af)# neighbor 2007::5
activate
ZXR10_R2(config-router-af)#neighbor 2003::1 next-
hop-self

R5 configuration:

ZXR10_R5(config)#router ipv6 bgp 3

ZXR10_R5(config-router)#neighbor 2005::2 remote-
as 1
ZXR10_R5(config-router)#neighbor 2005::2 ebgp-
multihop
ZXR10_R5(config-router)# address-family ipv6
ZXR10_R5(config-router-af)# neighbor 2005::2
activate

128 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12

Configuring Multicast
Routing

Introduction This chapter describes multicast routing and the relevant

configuration on the ZXR10 1800/2800/3800 Router.
Contents This chapter covers following topics.

TABLE 185 TOPICS IN CHAPTER 13

Topic Page No

Overview 130

Multicast Tree 131

Multicast Common Configurations 134

Configuring IGMP 135

Configuring PIM-SM 139

Configuring MSDP 146

Static Multicast Configuration 151

Multicast Maintenance and Diagnosis 151

IGMP Maintenance and Diagnosis 153

END OF STEPS. 154

PIM-SM Maintenance and Diagnosis

MSDP Maintenance and Diagnosis 158

END OF STEPS. 161

Static Multicast Maintenance and Diagnosis

Multicast Configuration Example 161

Confidential and Proprietary Information of ZTE CORPORATION 129

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Overview
Multicast In a multicast network, the sender sends a packet to multiple
Address receivers in a multicast mode. In such a situation, the sender is
called the multicast source. Multiple receivers for the same
packet are identified by same ID. This is called the multicast
group address. In the IP address allocation scheme, class D IP
address, 224.0.0.0-239.255.255.255, is just the multicast
address. The 224.0.0.0-224.0.0.255 and the 239.0.0.0-
239.255.255.255 are used for the purpose of research and
management.
IGMP If a host expects to receive multicast packets sent to a specific
group, it should intercept all the packets sent to the specific
group. To select routes for multicast packets over the Internet, a
host should join or leave a group by notifying this to multicast
routers on its subnets.
The Internet group management protocol (IGMP) is used in
multicasts to complete this task. In this way, multicast routers
can know the members of multicast groups over networks and
there out determine whether to forward multicast packets to
their networks. When a multicast router receives a multicast
packet, it checks the multicast destination address of the packet
and will forward the packet only when its interface has members
of that group.
IGMP provides information that is required when packets are
forwarding to the destination (the last stage). Multicast routers
and the hosts that receive multicast data exchange information
mutually, which is collected from the group members of the
hosts that directly connect to multicast routers.
IGMP is the protocol that is used by multicast routers to know
the information about multicast group members. Generally, it
employs two kinds of packets: group member enquiry packets
and group member report packets.
A multicast router periodically sends query messages of group
members to all hosts to know which specific group members
exist in the connected networks. The mainframe returns a report
message of group members, reporting the multicast group which
they belong to. When a host joins a new group, it will send a
join message immediately rather than wait for an enquiry for
cases where the host is the first member of that group.
When a host starts to receive messages as a member of a group,
the multicast router will check whether members of the group
take part in the process by periodically querying the group. The
multicast router will continue to forward data as long as a host is
still taking part in the process.

130 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

When the host leaves the group, the multicast router will receive
a leave-message and then it will immediately query whether
there are still active group members in the group. If yes, the
multicast router will continue to forward data. If not, it will not
forward data any longer.
There are two versions available in the current actual
applications: the IGMP V1 and the IGMP V2. The IGMP V2 has
more enhanced features than the IGMP V1. It finishes
exchanging information between hosts and routers by means of
four types of messages.
1. Group member query
2. V2 member report
3. Leave report
4. V1 member report
The V1 member report is used for the compatibility with the
IGMP V1.

Multicast Tree
To realize the multicast communication in the TCP/IP network,
the possession of the multicast source, the receiver, and of the
multicast packet path is essential. For path selection, the most
common method is to construct tree routes. The reasons are
that the tree route has two following advantages:
1. The packet reaches different receivers along branches in a
parallel mode.
2. The packet copy only occurs in the branch position, which
makes the packets sent over network to be minimum.
A multicast tree is a set which is composed of a series of input
interfaces and output interfaces of routes. It determines an
unique forwarding path between the subnet where the multicast
source lies and the subnets containing group members.
There are two basic ways to construct multicast trees: source-
based multicast tree and shared multicast tree.
1. Source-based multicast trees
The source-based multicast tree is also called the source
shortest path tree, which constructs a spanning tree toward
all receivers for each source. The spanning tree, with the
subnet of the source as a root node, extends to the subnet
where receivers exist. A multicast group may have many
multicast sources, each of them, or each pair (S, G) of them
corresponding to a multicast tree.
The method to construct the source-based multicast trees is
the reverse route forwarding (RPF). Each router can find the
shortest path toward the source and the corresponding

Confidential and Proprietary Information of ZTE CORPORATION 131

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

output interface according to a unicast route. When receiving

a multicast packet, a router checks whether the input
interface reached is the output interface of the shortest
unicast path from itself to source. If yes, the router copies
and forwards the packet to other interfaces. If not, the
router discards the multicast packet.
The input interface receiving multicast packets in the router
is called the parent link. The output interface sending
multicast packets is called the sub-link.
2. Shared multicast tree
The multicast c constructs a multicast tree for each multicast
group. This tree is shared by all members of a group. Namely,
a shared multicast tree is shared by (*, G) instead of being
constructed for each pair (S, G). Each device wanting to
receive the multicast packets of the group must explicitly
join the shared multicast tree.
The shared multicast tree uses a router or a group of routers
as the center of the multicast tree. All sources of the group
send multicast packets to receivers by sending them to the
center in a unicast mode first, and then forward them from
the center along the shared multicast tree in a multicast
mode.

Multicast Routing Protocol

Multicast routing protocol is responsible for create multicast
trees by exchanging information between routers. Different
multicast routing protocols feature different usages. Multicast
routing protocols are divided into two categories based on the
distribution of multicast users in networks: dense mode and
sparse mode.
Dense mode Multicast routing protocol dense mode is based on dense
distribution of multicast users in networks and redundant
bandwidth. It periodically floods multicast packets to the entire
network to create and maintain multicast trees. That is, routers
that run multicast routing protocol flood the received multicast
packets to all the other interfaces.
When a neighbor router at an interface reports no existence of a
group, this interface will be deleted from the multicast tree of
this group, which is called pruning. When the neighbor router
reports that a receiver of this group occurs again, this interface
will be added to the multicast tree of this group accordingly,
which is called graft.
Multicast routing protocol dense mode contains the following:
„ Distance Vector Multicast Routing Protocol (DVMRP)
„ Multicast Open Shortest Path First (MOSPF)
„ Protocol Independent Multicast Dense Mode (PIM-DM)

132 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

Sparse mode Multicast routing protocol sparse mode is applicable to the

sparse distribution of multicast receivers in networks, where the
bandwidth will be greatly wasted if multicast routing trees are
constructed in the same way used in the dense mode – flooding.
In the sparse mode, if a network device wants to receive
multicast packets, it must first apply to join a multicast routing
tree.
Multicast routing protocol sparse mode contains the following:
„ Core-Based Trees(CBT)
„ Protocol Independent Multicast Sparse Mode(PIM-SM)
ZXR10 1800/2800/3800 Router supported PIM-SM.
PIM-SM The PIM-SM sends multicast packets by using a shared multicast
tree. A shared multicast tree has a center point that is
responsible for sending packets to all the source-sending ends of
a multicast group. Each source-sending end sends packets to the
center point along the shortest path, and then takes the center
point as the root point to distribute packets to various receiving
ends of the group.
The group center point of the PIM-SM is called the Rendezvous
Point (RP). A network may have multiple RPs, whereas a
multicast group has only one RP.
A router can obtain the location of the RP by three methods.
1. Configure RPs manually and statically on the various routers
running the PIM-SM.
2. PIM-SM V1 obtains such locations through automatic RPs
(Auto-RP) dynamically.
3. PIM-SM V2 obtains such locations through the candidate-RP
(RP) notification. The RPs with higher priority will become
formal RPs.
The PIM-SM V2 manually configures some routers running PIM-
SM as candidate-BSRs (BootStrap Router), and selects the
candidate-BSR with the highest priority as the formal BSR.
The BSR is responsible for collecting the candidate-RP
information of each multicast router to find out what candidate-
RPs is in the multicast domain, and notify them to all the PIM
routers in the PIM domain in a unified way. Each PIM router,
according to the similar Hash rules, selects the one with the
highest priority as the formal RP from the same candidate-RP set.
The candidate-RPs is manually configured. The routers running
PIM-SM find each other and maintain the adjacency relation by
exchanging Hello messages. In the multi-across network, Hello
messages also contain the priority information of routers.
According to the parameter, select the designate router (DR).
The multicast source or the first hop router (DR directly
connected with the source) encapsulates packets in a
registration message, and sends it to the RP through a unicast
router. When receiving the registration message, the RP

Confidential and Proprietary Information of ZTE CORPORATION 133

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

decapsulates and takes out the packets, and sends them to the
receiver of the group along the shared multicast tree.
Each host acting as a receiver joins the multicast group through
the member report message of the IGMP. The last hop router (or
the DP in the multi-access network) sends the received joining
message to the RP for registration level by level. After receiving
the joining message, the intermediary router checks whether it
has already had the router of the group. If yes, the intermediary
router adds the downstream request router to the shared
multicast tree as a branch. If not, it continues to send the
joining message to the RP.
When the RP or the multicast router is directly connected with
the receiver, it can switch to the source-based shortest path tree
from the shared multicast tree. When the RP receives the
registration message sent from a new multicast source, the RP
returns a joining message to the DR directly connected with the
multicast source. Thus, the shortest path tree from the source to
the RP is established.
After a DR or a router directly connected with multicast
members receives the first multicast packet from the multicast
group or the received packets reaches a threshold, it can switch
to the source-based shortest path tree from the shared multicast
tree. Once switchover occurs, the router will send a pruning
message to the upstream neighbor, requiring to leave the
shared tree.
MSDP Multicast Source Discovery Protocol (MSDP): This is a
mechanism used to connect multiple PIMSM domains. It works
over the transmission control protocol (TCP) and provides
existence of multicast sources out of the PIM domain for the
PIM-SM.

Multicast Common Configurations

Purpose Below procedure gives information about multicast common
configurations.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps Multicast common configuration is used to start the configuration
shared by the multicast group management protocol and the
multicast routing protocol, including multicast configuration,
showing multicast routing table and multicast forwarding table.
1. To start the multicast protocol, use ip multicast-routing
command in global configuration mode as shown in Table
186.

134 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

TABLE 186 IP MULTICAST ROUTING COMMAND

Command Command Command Function

Format Mode

ip Global config
multicast- This starts the multicast protocol
routing

Result: This starts the multicast protocol.

2. To clear multicast routing, use clear ip mroute command in
Priviliged mode as shown in

TABLE 187 CLEAR IP MROUTE COMM AND

Command Command Command Function

Format Mode

clear ip Global config

This clears multicast routing table.
mroute

Result: This clears multicast routing table.

END OF STEPS.

Configuring IGMP
Purpose Below procedure gives information about configuring IGMP.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
The IGMP function of the ZXR10 access router is based on the
PIM interface. All the interfaces with the enabled PIM can
automatically boot the IGMP function.
At present, the IGMP has the V1 and the V2; the default value is
V2. Use the command below to adjust it according to the actual
conditions.
With the view of security, routers require network elements (NE)
in the same network segment to be the IGMP V1 or the IGMP V2.
The IGMP version is configured based on interfaces. Different
interfaces are configured with different versions.
Steps 1. To start IGMP for different version according to the actual
conditions, use ip igmp version <version> command in
interface configuration mode as shown in Table 188.

Confidential and Proprietary Information of ZTE CORPORATION 135

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 188 IP IGMP VERSION COMM AND

Command Command Command Function

Format Mode

ip igmp Interface config This starts IGMP for different

version version according to the actual
<version> conditions

Result: This starts IGMP for different version according to

the actual conditions.
2. To configure the group range allowing the IGMP to join, use
ip igmp access-group <access-list-number> command in
interface configuration mode as shown in Table 189.

TABLE 189 IP IGMP ACCESS-GROUP COMM AND

Command Command Command Function

Format Mode

ip igmp Interface config

This configures the group range
version
allowing the IGMP to join
<version>

Result: This configures the group range allowing the IGMP

to join.
When running the IGMP on the interface, receive all multicast
groups by default. Set the receiving group range. Discard the
joining request when the joining request from the host does
not fall into this range.
Example: Only receive the group 239.10.10.10 allowed by
the acl 10 at an interface.

ZXR10(config)#access-list 10 permit 239.10.10.10

0.0.0.0
ZXR10(config)#int fei_1/1
ZXR10(config-if)#ip igmp access-group 10

3. To configure the static group member on the IGMP interface,

use ip igmp static-group <group-address> command in
interface configuration mode as shown in. Ip Igmp Static-
Group Command

Command Command Command Function

Format Mode

ip igmp Interface config

This configures the static group
static-
member on the IGMP interface
group

Result: This configures the static group member on the

IGMP interface.
Statically bind the group address to an interface. Namely,
supposing there are always members of the group at the
interface.

136 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

Example: Configure the static group 239.10.10.10 at an

interface.

ZXR10(config)#int fei_1/1
ZXR10(config-if)#ip igmp static-group
239.10.10.10

4. To configure the group range allowing the IGMP to leave

immediately, use ip igmp immediate-leave [group-list
<access-list-number>] command in interface configuration
mode as shown in Table 190.

TABLE 190 IP IGMP IMMEDIATE

Command Command Command Function

Format Mode

ip igmp Interface config

immediate- This configures the group range
leave [group- allowing the IGMP to leave
list <access- immediately
list-number>]

Result: This configures the group range allowing the IGMP

to leave immediately.
END OF STEPS.

Configuring IGMP Timer

Introduction After booting the IGMP on the multicast router interface
connected with the shared network segment, select the optimum
one as the Querier of the network segment, responsible for
sending the query message to obtain the information of group
members.
After sending query messages, the Querier will wait for the
member report of the receiving host for some time. The duration
is the max response time value carried when sending query
messages. The default value is 10 seconds.
Upon receiving query messages, the host member on the
network segment will reduce a random deviation value based on
the maximum response time, and take the result as its own
response time. During the period, if the report of another host
member is received, the host member will cancel it; if not, the
host member will send the host report at the right time.
Therefore, prolonging the max response time will accordingly
increase the waiting chances for the group members of the
network segment, and spare down the burst rate of multiple
host reports on the network segment.
According to the actual network conditions, appropriately adjust
parameter values of several timers related to the Querier.

Confidential and Proprietary Information of ZTE CORPORATION 137

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Purpose Below procedure gives information about configuring IGMP timer.

Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To configure the IGMP query time interval, use ip igmp
query-interval <seconds> command in interface
configuration mode as shown inTable 191.

TABLE 191 IP IGMP QUERY INTERVAL COMM AND

Command Command Command Function

Format Mode

ip igmp Interface config

query- This configures the IGMP query
interval time interval
<seconds>

Result: This configures the IGMP query time interval.

2. To configure the maximum response time value carried by

query messages when they are sent by the IGMP, use ip
igmp query-max-response-time <seconds> command in
interface configuration mode as shown in Table 192.

TABLE 192 IP IGMP QUERY-M AX COMM AND

Command Command Command Function

Format Mode

ip igmp Interface config This configures the maximum

query- response time value carried by
interval query messages when they are
<seconds> sent by the IGMP

Result: This configures the maximum response time value

carried by query messages when they are sent by the IGMP.

3. To configure the timeout length of the IGMP querier, use ip

igmp querier-timeout <seconds> command in interface
configuration mode as shown in Table 193.

TABLE 193 IP IGMP-QUERIER COMM AND

Command Command Command Function

Format Mode

ip igmp Interface config

querier- This configures the timeout
timeout length of the IGMP querier
<seconds>

138 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

Result: This configures the timeout length of the IGMP

querier.

4. To configure the query interval of a specific IGMP group, use

ip igmp last-member-query-interval <seconds>
command in interface configuration mode as shown in Table
194.

TABLE 194 IP-IGMP LAST M EMBER COMMAND

Command Command Command Function

Format Mode

ip igmp Interface config

querier- This configures the query interval
timeout of a specific IGMP group
<seconds>

Result: This configures the query interval of a specific IGMP

group.
END OF STEPS.

Configuring PIM-SM
Basic PIM-SM PIM-SM configuration covers the following contents:
Configuration

Purpose Below procedure gives information about PIM-SM configurations.

Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To enable the PIM-SM, use router pimsm command in
global configuration mode as shown in Table 195.

TABLE 195 ROUTER PIMSM COMM AND

Command Command Command Function

Format Mode

router Global config

This enables the PIM-SM
pimsm

Result: This enables the PIM-SM.

2. To add an interface running the PIM-SM, use ip pim sm
command in interface configuration mode as shown in Table
196

Confidential and Proprietary Information of ZTE CORPORATION 139

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 196 IP PIM SM COMM AND

Command Command Command Function

Format Mode

ip pim sm Interface config This adds an interface running the

PIM-SM

Result: This adds an interface running the PIM-SM.

3. To configure the static RP, use static-rp <ip-address>
[group-list <access-list-number>] [priority <priority>]
command in pimsm configuration mode as shown in Table
197.

TABLE 197 STATIC-RP COMM AND

Command Command Command Function

Format Mode

static-rp Pimsm
<ip- configuration
address>
[group-list
<access- This configures the static RP
list-
number>]
[priority
<priority>]

Result: This configures the static RP.

Configure a static RP for a or multiple specific groups, and
configure the same static RPs for the group on all PIM-SM
multicast routers in the multicast domain.
The RP address should be reachable from other routers.
Usually, the loopback interface address is used to reduce the
network vibration caused by the up/down of a physical
interface. After the static RP is configured, the candidate-RP
is not needed to be configured for the group.
Example: Configure the static RP 10.1.1.1 for all the groups.

ZXR10(config-router)#static-rp 10.1.1.1

Example: Configure the static RP 10.1.1.1 for the multicast

239.132.10.100 allowed by the acl 10.

ZXR10(config-router)#static-rp 10.1.1.1
group-list 10
ZXR10(config)#access-list 10 permit
239.132.10.100 0.0.0.0

4. To configure the candidate-BSR, use bsr-candidate

<interface-name> [<hash-mask-length>] [<priority>]
command in pimsm configuration mode as shown in Table
198.

140 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

TABLE 198 BSR-CANDIDATE COMM AND

Command Command Command Function

Format Mode

bsr- Pimsm
candidate configuration
<interface-
name>
This configures the candidate-BSR
[<hash-
mask-
length>]
[<priority>]

Result: This configures the candidate-BSR.

If the static RP mechanism is not used, every multicast
domain must be configured with the candidate-BSR on more
than one multicast routers, and a BSR should be selected.
The BSR periodically sends booting (BSR) messages to
advertise the RP information. The router running the PIM-SM
updates the RP state according to the latest advertising
messages. The bootstrap message sent by the BSR is also
used to select the formal BSR from the candidate-BSRs.
The default priority of the candidate-BSR is 0. The candidate-
BSRs with higher priority become the formal BSRs. If the
BSR priorities of multiple routers are similar, the IP
addresses should be compared. The candidate-BSR with
greater address will become the formal BSR.
5. To Configure candidate-RPs, use rp-candidate <interface-
name> [group-list <access-list-number>] [priority
<priority>] command in pimsm configuration mode as shown
in Table 199.

TABLE 199 RP-CANDIDATE COMM AND

Command Command Command Function

Format Mode

rp- Pimsm
candidate configuration
<interface-
name>
[group-list
This configures candidate-RPs
<access-
list-
number>]
[priority
<priority>]

Result: This configures candidate-RPs.

In the PIM-SM, the RP is a root of the shared multicast tree.
It is responsible for sending multicast packets to the
receiving member of the group in the downstream along the
shared tree. Each multicast group has only one formal RP.

Confidential and Proprietary Information of ZTE CORPORATION 141

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

The default priority of the candidate-RP is 0. The candidate-

RP with greater priority value has greater priority.
END OF STEPS.

Setting PIM-SM Global Parameters

Introduction When PIM-SM is running, different parameters have different
default value. These parameters can be set to optimize networks.
Purpose Below procedure gives information about PIM-SM global
parameters configurations.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To switch to the source shortest path tree, use spt-
threshold infinity [group-list <access-list-number>]
command in pimsm configuration mode as shown in Table
200.

TABLE 200 SPT-THRESHOLD INFINITY COMM AND

Command Command Command Function

Format Mode

spt- Pimsm
threshold configuration
infinity
This switches to the source
[group-list
shortest path tree
<access-
list-
number>]

Result: This switches to the source shortest path tree.

Only the last hop DP and the RP can actively switch over to
the source shortest path tree. By default, when the RP
receives the first registration information, it will start the
switchover. For the last hop DR, configure the switchover
threshold strategy of the source shortest path tree, with the
unicast group as control granularity. If the switchover
threshold is set to infinity, switchover does not occur. By
default, switchover must take place if traffic exists.

2. To set the DR priority, use ip pim dr-priority <priority>

command in interface configuration mode as shown in Table
201.

TABLE 201 IP PIM DR-PRIORITY COMM AND

Command Command Command Function

Format Mode

ip pim dr- interface This sets the DR priority

142 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

Command Command Command Function

Format Mode
priority configuration
<priority>

Result: This sets the DR priority.

A DR must be selected in a shared (or Multi-Access) network
segment. The router with the highest priority will win the
selection. If the priorities are identical, the router with the
greatest IP address will be selected.
In the shared network segment connected with the multicast
data source, only the DR can send the registration
information to the RP. In the shared network segment
connected with the receiver, only the DR can respond to
IGMP joining/leaving messages, and send PIM
joining/pruning messages to upstream.
The priority of a router is contained in the Hello message
exchanged with neighbors. The default value is 0.
3. To configure an interface to be the PIM domain border, use
ip pim bsr-border command in interface configuration
mode as shown in Table 202.

TABLE 202 IP-PIM BSR BORDER COMM AND

Command Command Command Function

Format Mode

ip pim bsr- interface This configures an interface to be

border configuration the PIM domain border

Result: This configures an interface to be the PIM domain

border.

4. To enable/disable reporting of the multicast packet count,

use packet-count {begin|end} command in pimsm
configuration mode as shown in Table 203.

TABLE 203 PACKET-COUNT COMMAND

Command Command Command Function

Format Mode

packet- Pimsm
This enables/disables reporting of
count configuration
the multicast packet count
{begin|end}

Result: This enables/disables reporting of the multicast

packet count.

5. To set the interval of sending the Hello message, use ip pim

query-interval <seconds> command in interface
configuration mode as shown in Table 204.

Confidential and Proprietary Information of ZTE CORPORATION 143

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 204 IP PIM QUERY INTERVAL COMM AND

Command Command Command Function

Format Mode

ip pim interface
query- configuration This sets the interval of sending
interval the Hello message
<seconds>

Result: This sets the interval of sending the Hello message.

According to the actual network conditions, appropriately
adjust the time interval of the Hello message sent by the
PIM-SM neighbors. The default value is 30 seconds.
6. To limit PIM-SM neighbors, use ip pim neighbor-filter
<access-list-number> command in interface configuration
mode as shown in Table 205.

TABLE 205 IP PIM NEIGHBOR FILTER COMM AND

Command Command Command Function

Format Mode

ip pim interface
neighbor- configuration
filter
This limits PIM-SM neighbors
<access-
list-
number>

Result: This limits PIM-SM neighbors.

With the view of security, the PIM-SM limits some routers to
be neighbors at the interface.
Example: On the fei_1/1 interface, forbid the router
restricted by acl 10 to become the PIM neighbor.

ZXR10(config)#access-list 10 deny 10.1.1.1 0.0.0.0

ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip pim neighbor-filter 10

END OF STEPS.

PIM SM Policy Control

Purpose Below procedure gives information about PIM-SM policy control.

144 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

Prerequisites Refer to Configuration Methods (Chapter 1) to access the router

CLI for configuration.
Steps 1. To filter the multicast packets encapsulated in the received
register packet, use accept-register <access-list-number>
command in pimsm configuration mode as shown in Table
206.

TABLE 206 IP PIM NEIGHBOR FILTER COMM AND

Command Command Command Function

Format Mode

ip pim Pimsm
neighbor- configuration
This filters the multicast packets
filter
encapsulated in the received
<access-
register packet
list-
number>

Result: This filters the multicast packets encapsulated in the

received register packet.
Filter the source addresses of the multicast packets
encapsulated in the register packets according to the rules
defined in the ACL.

2. To filter the candidate RP addresses advertised in the BSR

message, use accept-rp <access-list-number> command in
pimsm configuration mode as shown in Table 207.

TABLE 207 ACCEPT-RP COMM AND

Command Command Command Function

Format Mode

accept-rp Pimsm
This filter the candidate RP
<access- configuration
addresses advertised in the BSR
list-
message
number>

Result: This filter the candidate RP addresses advertised in

the BSR message.

3. To limit PIM-SM neighbors, use ip pim neighbor-filter

<access-list-number> command in interface configuration
mode as shown in Table 208.

TABLE 208 IP PIM NEIGHBOR FILTER COMM AND

Command Command Command Function

Format Mode

ip pim Interface
neighbor- configuration This limits the PIM-SM neighbors
filter

Confidential and Proprietary Information of ZTE CORPORATION 145

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Result: This limits the PIM-SM neighbors.

With the view of security, the PIM-SM limits some routers to
be neighbors at the interface.
Example: On the fei_1/1 interface, forbid the router
restricted by acl 10 to become the PIM neighbor.

ZXR10(config)#access-list 10 deny 10.1.1.1 0.0.0.0

ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip pim neighbor-filter 10

Configuring MSDP
Purpose Below procedure gives information about basic MSDP
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To enable the MSDP PEER to configure a MSDP neighbor, use
ip msdp peer <peer-address> connect-source <interface-
name> command in global configuration mode as shown in
Table 209.

TABLE 209 IP MSDP PEER COMM AND

Command Command Command Function

Format Mode

ip pim Global
This enables the MSDP PEER to
neighbor- configuration
configure a MSDP neighbor
filter

Result: This enables the MSDP PEER to configure a MSDP

neighbor.

2. To enable the MSDP DEFAULT-PEER to define a default MSDP

neighbor, use ip msdp default-peer <peer-address> [list
<acl-number>] command in global configuration mode as
shown in Table 210.

TABLE 210 IP MSDP DEFAULT PEER COMM AND

Command Command Command Function

Format Mode

ip pim Global This enables the MSDP DEFAULT-

neighbor- configuration PEER to define a default MSDP
filter neighbor

Result: This enables the MSDP DEFAULT-PEER to define a

default MSDP neighbor.

146 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

END OF STEPS.

MSDP Extended Configuration

Purpose Below procedure gives information about MSDP extended
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To add illustrative description to MSDP neighbors, use ip
msdp description <peer-address> <desc-text> command
in global configuration mode as shown in Table 211.

TABLE 211 IP MSDP DESCRIPTION COMMAND

Command Command Command Function

Format Mode

ip msdp Global
description configuration
This adds illustrative description
<peer-
to MSDP neighbors
address>
<desc-text>

Result: This adds illustrative description to MSDP neighbors.

The Mesh Group is a group which is composed of MSDP
speakers, where every two of them are connected by the
MDSP. When the SA packet of the MSDP neighbor from the
same Mesh Group are received, it will not be forwarded to
the other MSDP neighbors of this Mesh Group.

2. To take the IP address of a designated interface as the RP

address of the SA message, use ip msdp originator-id
<interface-name> command in global configuration mode as
shown in Table 212.

TABLE 212 IP MSDP ORIGINATOR COMMAND

Command Command Command Function

Format Mode

ip msdp Global
originator- configuration This takes the IP address of a
id designated interface as the RP
<interface- address of the SA message
name>

Result: This takes the IP address of a designated interface

as the RP address of the SA message.

3. To limit the number of SA messages from the designated

MSDP neighbor in the SA cache table, use ip msdp sa-limit

Confidential and Proprietary Information of ZTE CORPORATION 147

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

<peer-address> <sa-limit> command in global configuration

mode as shown in Table 213.

TABLE 213 IP MSDP SA-LIMIT COMM AND

Command Command Command Function

Format Mode

ip msdp Global
This limits the number of SA
originator- configuration
messages from the designated
id
MSDP neighbor in the SA cache
<interface-
table
name>

Result: This limits the number of SA messages from the

designated MSDP neighbor in the SA cache table.

4. To limit the scope of the MSDP neighbor to which the

multicast packets encapsulated into the SA packets to be
sent, use ip msdp ttl-threshold <peer-address> <ttl-
value> command in global configuration mode as shown in
Table 214.

TABLE 214 IP MSDP TTL-THRESHOLD COMM AND

Command Command Command Function

Format Mode

ip msdp Global
ttl- configuration This limits the scope of the MSDP
threshold neighbor to which the multicast
<peer- packets encapsulated into the SA
address> packets to be sent
<ttl-value>

Result: This limits the scope of the MSDP neighbor to which

the multicast packets encapsulated into the SA packets to be
sent.
END OF STEPS.

MSDP Policy Configuration

Purpose Below procedure gives information about MSDP policy
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To limit generation of the SA message, use ip msdp
redistribute [list <acl-number>] command in global
configuration mode as shown in Table 215.

148 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

TABLE 215 IP MSDP REDISTRIBUTE COMMAND

Command Command Command Function

Format Mode

ip msdp Global
redistribute configuration This limits generation of the SA
[list <acl- message
number>]

Result: This limits generation of the SA message.

According to the configured ACL rules, only the (S, G)
multicast routing entries that meet such rules can occur in
the SA message generated by a MSDP neighbor.

2. To set to filter the SA message from a designated MSDP

neighbor, use ip msdp sa-filter in <peer-address> [list
<acl-number>] command in global configuration mode as
shown in Table 216.

TABLE 216 IP MSDP SA-FILTER IN COMMAND

Command Command Command Function

Format Mode

ip msdp Global
This sets to filter the SA
redistribute configuration
message from a designated
[list <acl-
MSDP neighbor
number>]

Result: This sets to filter the SA message from a designated

MSDP neighbor.

3. To set filter the SA message sent to a designated MSDP

neighbor, use ip msdp sa-filter out <peer-address> [list
<acl-number>] command in global configuration mode as
shown in Table 217.

TABLE 217 IP MSDP SA-FILTER OUT COMM AND

Command Command Command Function

Format Mode

ip msdp Global
sa-filter configuration
out <peer- This set filter the SA message sent
address> to a designated MSDP neighbor
[list <acl-
number>]
Result: This set filter the SA message sent to a designated
MSDP neighbor.

Confidential and Proprietary Information of ZTE CORPORATION 149

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

END OF STEPS.

Clearing the MSDP Status

Purpose Below procedure gives information about clearing MSDP status.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To clear the TCP connection with all/designated MSDP
neighbors, use clear ip msdp peer [<peer-address>]
command in Priviliged mode as shown in Table 218.

TABLE 218 CLEAR IP MSDP PEER COMMAND

Command Command Command Function

Format Mode

ip msdp Priviliged
sa-filter
out <peer- This clears the TCP connection with
address> all/designated MSDP neighbors
[list <acl-
number>]

Result: This clears the TCP connection with all/designated

MSDP neighbors.

2. To clear the MSDP SA cache entry, use clear ip msdp sa-

cache [<group-address>] command in Priviliged mode as
shown in Table 219.

TABLE 219 CLEAR IP MSDP S A-C ACHE COMM AND

Command Command Command Function

Format Mode

ip msdp Priviliged
sa-filter
out <peer- This clears the MSDP SA cache
address> entry
[list <acl-
number>]

Result: This clears the MSDP SA cache entry.

150 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

3. To clear the statistics of the MSDP neighbor, use clear ip

msdp statistics [<peer-address>] command in Priviliged
mode as shown in Table 220.

TABLE 220 CLEAR IP MSDP STATISTICS COMM AND

Command Command Command Function

Format Mode

ip msdp Priviliged
sa-filter
out <peer- This clears the statistics of the
address> MSDP neighbor
[list <acl-
number>]

Result: This clears the statistics of the MSDP neighbor.

END OF STEPS.

Static Multicast Configuration

Purpose Below procedure gives information about static multicast
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To do static multicast configuration, use ip mroute <prefix>
<net-mask> {<RPF-address>|<interface-name>} command
in global configuration mode as shown in Table 221.

TABLE 221 IP MROUTE COMM AND

Command Command Function

Command Format Mode

ip mroute <prefix> Global

<net-mask> {<RPF- configration This do static multicast
address>|<interface- configuration
name>}

Result: This do static multicast configuration.

END OF STEPS.

Multicast Maintenance and

Diagnosis
Purpose Below procedure gives information about multicast maintenance
& diagnosis.
Prerequisites

Confidential and Proprietary Information of ZTE CORPORATION 151

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Refer to Configuration Methods (Chapter 1) to access the router

CLI for configuration.
Steps 1. To view multicast routing tables, use show ip mroute
[group <group-address>] [source <source-address>]
[summary] command in Priviliged mode as shown in Table
222.

TABLE 222 SHOW IP MROUTE COMM AND

Command Command Function

Command Format Mode

ip mroute <prefix> Priviliged

<net-mask> {<RPF- This shows multicast
address>|<interface- routing tables.
name>}

Result: This shows multicast routing tables.

2. To view multicast forwarding routing tables, use show ip
forwarding mroute group-address <group-address>
[source-address <source-address>] command in Priviliged
mode as shown in Table 223.

TABLE 223 SHOW IP MROUTE FORWARDING COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
forwarding
mroute
group-
address
This shows multicast forwarding
<group-
routing tables
address>
[source-
address
<source-
address>]

Result: This shows multicast forwarding routing tables.

3. To show the information about the multicast reverse path
forwarding (RPF), use show ip rpf <source-address>
command in Priviliged mode as shown in Table 224.

TABLE 224 SHOW IP RPF COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
This shows the information about
rpf
the multicast reverse path
<source-
forwarding (RPF)
address>

152 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

Result: This shows the information about the multicast

reverse path forwarding (RPF).
END OF STEPS.

IGMP Maintenance and Diagnosis

Purpose Below procedure gives information about IGMP maintenance &
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
ZXR10 1800/2800/3800 Router provides some commands to
show the IGMP status. The following are some common
commands:
Steps 1. To view the IGMP information on an interface, use show ip
igmp interface [<interface-name>] command in Priviliged
mode as shown in Table 225.

TABLE 225 SHOW IP IGMP INTERFACE COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
rpf This shows the IGMP information
<source- on an interface
address>

Result: This shows the IGMP information on an interface.

Example: This shows the IGMP information of the fei_1/1
interface.

ZXR10#show ip igmp interface fei_1/1

fei_1/1
Internet address is 131.1.1.45, subnet mask is
255.255.255.0
IGMP is enabled on interface
Current IGMP version is 2
IGMP query interval is 125 seconds
IGMP last member query interval is 1 seconds
IGMP query max response time is 10 seconds
IGMP querier timeout period is 251 seconds
IGMP querier is 131.1.1.45, never expire
Inbound IGMP access group is not set
IGMP immediate leave control is not set

Confidential and Proprietary Information of ZTE CORPORATION 153

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

2. To view the joining information about the IGMP group on an

interface, use show ip igmp groups [<interface-name>]
command in Priviliged mode as shown in Table 226.

TABLE 226 SHOW IP IGMP GROUPS COMM AND

Command Command Command Function

Format Mode

show ip Priviliged This shows the joining information

igmp about the IGMP group on an
groups interface

Result: This shows the joining information about the IGMP

group on an interface.
Example: This shows the group member information at the
fei_3/1 interface.

ZXR10#show ip igmp groups fei_3/1

IGMP Connected Group Membership
Group addr Interface Present Expire
Last Reporter
233.1.1.4 fei_3/1 01:07:49
never 30.1.1.43
233.1.1.147 fei_3/1 01:07:49
00:03:05 30.1.1.42
233.1.4.21 fei_3/1 01:07:49
00:03:05 30.1.1.42

END OF STEPS.

PIM-SM Maintenance and Diagnosis

Purpose Below procedure gives information about PIM-SM maintenance &
diagnosis mode.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
ZXR10 1800/2800/3800 Router provides some commands to
view the PIM-SM state. The following are some common
commands:
Steps 1. To show multicast routing, use show ip mroute [group
<group-address>] [source <source-address>] [summary]
command in Priviliged mode as shown in Table 227.

154 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

TABLE 227 SHOW IP MROUTE COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
mroute
[group
<group-
address>] This shows multicast routing
[source
<source-
address>]
[summary]

Result: This shows multicast routing.

Example: This shows the contents of the current IP
multicast routing table.

ZXR10#show ip mrout
IP Multicast Routing Table
Flags:D -Dense,S -Sparse,C -Connected,L -Local,P
-Pruned
R -RP-bit set,F -Register flag,T -SPT-bit
set,J -Join SPT
U -Up Send,N -No Used,X -Proxy Join Timer
Running
* -Assert flag
Timers:Uptime/Expires
Interface state:Interface,Next-Hop or
VCD,State/Mode

(*, 233.1.1.3), 00:00:41/00:02:49, RP

43.43.43.43 , 0/0, flags: S
Incoming interface: tunnel22, RPF nbr
22.22.22.43
Outgoing interface list:
pos3_2/1, Forward/Sparse, 00:00:41/00:02:49

(*, 233.1.1.4), 00:13:52/00:03:30, RP

43.43.43.43 , 1/1, flags: SC
Incoming interface: tunnel22, RPF nbr
22.22.22.43
Outgoing interface list:
fei_3/1, Forward/Sparse, 00:13:52/00:03:30 C

(*, 233.1.1.5), 00:00:28/00:03:02, RP

43.43.43.43 , 0/0, flags: SC
Incoming interface: tunnel22, RPF nbr

Confidential and Proprietary Information of ZTE CORPORATION 155

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

22.22.22.43
Outgoing interface list:
fei_3/1, Forward/Sparse, 00:00:28/00:03:02 C
(*, 233.1.1.6), 00:00:28/00:03:02, RP
43.43.43.43 , 0/0, flags: SC
Incoming interface: tunnel22, RPF nbr
22.22.22.43
Outgoing interface list:
fei_3/1, Forward/Sparse, 00:00:28/00:03:02 C

2. To show information about the PIM-SM interface, use show

ip pimsm interface [<interface-name>] command in
Priviliged mode as shown in Table 228.

TABLE 228 SHOW IP PIMSM INTERFACE COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
pimsm
This shows information about the
interface
PIM-SM interface
[<interface-
name>]

Result: This shows information about the PIM-SM interface.

Example: show the configured PIM-SM interfaces.

ZXR10#show ip pimsm interface

Address Interface state Nbr Query
DR DR
Count
Intvl Prior
131.1.1.45 pos3_2/1 Up 1 30
131.1.1.91 1
30.1.1.43 fei_3/1 Up 0 30
30.1.1.43 1
22.22.22.45 tunnel22 Up 1 30
22.22.22.45 1

3. To show information about the PIM-SM neighbor, use show

ip pimsm neighbor [<interface-name>] command in
Priviliged mode as shown in Table 229.

TABLE 229 SHOW IP PIMSM NEIGHBOR COMM AND

Command Command Command Function

Format Mode

show ip Priviliged This shows information about the

156 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

Command Command Command Function

Format Mode
pimsm PIM-SM neighbor
neighbor
[<interface-
name>]

Result: This shows information about the PIM-SM neighbor.

Example: This shows neighbors of the PIM-SM interface.

ZXR10#show ip pimsm neighbor

Neighbor Address Interface DR Prio
Uptime Expires
131.1.1.91 pos3_2/1 30000
00:19:34 00:01:29
22.22.22.43 tunnel22 1
03:21:25 00:01:16

4. To show the BSR information, use show ip pim bsr

command in Priviliged mode as shown in Table 230.

TABLE 230 SHOW IP PIM BSR COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
pimsm
neighbor This shows the BSR information
[<interface-
name>]

Result: This shows the BSR information.

ZXR10#show ip pim bsr

PIMSM Bootstrap information
BSR address: 131.1.1.45(?)---
Uptime: 00:01:06, BSR Priority :200, Hash mask
length:30
Expires:00:00:55
This system is a candidate BSR
candidate BSR address: 131.1.1.45, priority:
200, hash mask length:30
This System is Candidate_RP:
candidate RP address:
55.1.1.45(fei_3/1),priority:100, Group acl:1
candidate RP address:
43.43.43.43(static),priority:0

Confidential and Proprietary Information of ZTE CORPORATION 157

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

5. To show the RP set information advertised by the BSR, use

show ip pim rp mapping command in Priviliged mode as
shown in Table 231.

TABLE 231 SHOW IP PIM RP M APPING COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
This shows the RP set information
pim rp
advertised by the BSR
mapping

Result: This shows the RP set information advertised by the

BSR.

ZXR10#show ip pim rp mapping

Group RP uptime expires
226.1.0.0 17.93.8.3 01:24:57 00:00:49
226.4.0.0 17.93.8.3 01:24:57 00:00:49

MSDP Maintenance and Diagnosis

Purpose Below procedure gives information about MSDP maintenance &
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
ZXR10 1800/2800/3800 Router provides some commands to
view the MSDP state. The following are some common
commands:

Steps 6. To show the detailed information of MSDP neighbors, use

show ip msdp peer [<peer-address>] command in
Priviliged mode as shown in Table 232.

TABLE 232 SHOW IP MSDP PEER COMMAND

Command Command Command Function

Format Mode

show ip Priviliged
msdp peer This shows the detailed
[<peer- information of MSDP neighbors
address>]

Result: This shows the detailed information of MSDP

neighbors.
Example: This shows the detailed information of MSDP
neighbors.

ZXR10#show ip msdp peer

158 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

MSDP Peer 55.1.1.42

Description:
Connection status:

State: Up, Resets: 0, Connection source: fei_1/5

(55.1.1.41)

Uptime(Downtime): 00:20:07, Messages sent/received:

21/21

Connection and counters cleared 00:24:09 ago

SA Filtering:

Input (S,G) filter: none

Output (S,G) filter: none

Peer ttl threshold: 0

SAs learned from this peer: 0

7. To show the (S, G) state of every MSDP neighbor, use show

ip msdp sa-cache [<group-address> [<source-address>]]
command in Priviliged mode as shown in Table 233.

TABLE 233 SHOW IP MSDP S A-CACHE COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
msdp peer This shows the (S, G) state of
[<peer- every MSDP neighbor
address>]

Result: This shows the (S, G) state of every MSDP neighbor.

Example: This shows the (S, G) state of every MSDP
neighbor.

ZXR10#show ip msdp sa-cache

MSDP Source-Active Cache - 4 entries

(101.101.101.101, 224.1.1.1), RP 49.4.4.4,

00:21:45/ 00:05:57

(101.101.101.101, 224.1.1.2), RP 49.4.4.4,

00:21:45/ 00:05:57

(101.101.101.101, 226.1.1.1), RP 50.4.4.4,

00:09:04/ 00:04:57

(101.101.101.101, 226.1.1.2), RP 50.4.4.4,

Confidential and Proprietary Information of ZTE CORPORATION 159

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

00:09:04/ 00:04:57

8. To show all the information received by MSDP, use debug ip

msdp message-recv command in Priviliged mode as shown
in Table 234.

TABLE 234 DEBUG IP MSDP MESSAGE-RECV COMM AND

Command Command Command Function

Format Mode

show ip Priviliged
msdp peer This shows all the information
[<peer- received by MSDP
address>]

Result: This shows all the information received by MSDP.

Example: This shows all the information received by the
MSDP.

ZXR10# debug ip msdp message-recv

MSDP: 105.2.2.2: Received 56-byte msg 2372 from
peer

MSDP: 105.2.2.2: SA TLV, len: 56, ec: 4, RP:

103.4.4.4
MSDP: 105.2.2.2: Peer RPF check failed for
103.4.4.4, we are RP

9. To show all the information about the MSDP, use debug ip

msdp command in Priviliged mode as shown in Table 235.

TABLE 235 DEBUG IP MSDP COMMAND

Command Command Command Function

Format Mode

debug ip Priviliged This shows all the information

msdp about the MSDP

Result: This shows all the information about the MSDP.

Example: This shows all the information about the MSDP.

ZXR10# debug ip msdp

MSDP: Session to peer 102.2.2.2 going down

MSDP: 102.2.2.2: Peer reset, own IP address is

changed
MSDP: Session to peer 142.3.3.3 going down

160 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

MSDP: 142.3.3.3: Peer reset, other side down

MSDP: 105.2.2.2: Received 56-byte msg 2372 from

peer

MSDP: 105.2.2.2: SA TLV, len: 56, ec: 4, RP:

103.4.4.4

MSDP: 105.2.2.2: Peer RPF check failed for

103.4.4.4, we are RP

END OF STEPS.

Static Multicast Maintenance and

Diagnosis
Use the following show ip route multicast command to show
the configured static multicast routing information.

Multicast Configuration Example

PIM-SM The following is an example of the PIM-SM configuration. See
Configuration Figure 20for network topology.
Example
FIGURE 20 MULTICAST CONFIGURATION EXAMPLE

R1 configuration:

ZXR10_R1(config)#interface loopback1
ZXR10_R1(config-if)#ip address 10.1.1.1
255.255.255.255
ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ip address 10.10.10.1

Confidential and Proprietary Information of ZTE CORPORATION 161

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config)#interface fei_1/2
ZXR10_R1(config-if)#ip address 10.10.20.1
255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config)#interface fei_2/1
ZXR10_R1(config-if)#ip address 10.10.30.1
255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config)#router ospf 1
ZXR10_R1(config-router)#network 10.0.0.0
255.255.255.0 area 0.0.0.0
ZXR10_R1(config)#ip multicast-routing
ZXR10_R1(config)#router pimsm
ZXR10_R1(config-router)#rp-candidate loopback1
priority 10
ZXR10_R1(config-router)#bsr-candidate loopback1
10 10

R2 configuration:

ZXR10_R2(config)#interface loopback1
ZXR10_R2(config-if)#ip address 10.1.1.2
255.255.255.255
ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ip address 10.10.20.2
255.255.255.0
ZXR10_R2(config-if)#ip pim sm
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ip address 10.10.40.1
255.255.255.0
ZXR10_R2(config-if)#ip pim sm
ZXR10_R2(config)#interface fei_2/1
ZXR10_R2(config-if)#ip address 10.10.50.1
255.255.255.0
ZXR10_R2(config-if)#ip igmp access-group 10
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 10.0.0.0
255.0.0.0 area 0.0.0.0

162 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

ZXR10_R2(config)#ip multicast-routing
ZXR10_R2(config)#router pimsm
ZXR10_R2(config-router)#rp-candidate loopback1
priority 20
ZXR10_R2(config-router)#bsr-candidate loopback1
10 20
ZXR10_R2(config)#access-list 10 permit any

R3 configuration:

ZXR10_R3(config)#interface loopback1
ZXR10_R3(config-if)#ip address 10.1.1.3
255.255.255.255
ZXR10_R3(config)#interface fei_1/1
ZXR10_R3(config-if)#ip address 10.10.30.2
255.255.255.0
ZXR10_R3(config-if)#ip pim sm
ZXR10_R3(config)#interface fei_1/2
ZXR10_R3(config-if)#ip address 10.10.40.2
255.255.255.0
ZXR10_R3(config-if)#ip pim sm
ZXR10_R3(config)#router ospf 1
ZXR10_R3(config-router)#network 10.0.0.0
255.255.255.0 area 0.0.0.0
ZXR10_R3(config)#ip multicast-routing
ZXR10_R3(config)#router pimsm
ZXR10_R3(config-router)#rp-candidate loopback1
priority 30
ZXR10_R3(config-router)#bsr-candidate loopback1
10 30

MSDP As shown inFigure 20, assign R1 and R3 as a PIMS-SM domain

Configuration and R2 as another PIMS-SM domain, and then enable the
Example multicast data streams of the two PIMS-SM domains to inter-
work through the MSDP.
R1 configuration:

ZXR10_R1(config)#interface loopback1
ZXR10_R1(config-if)#ip address 10.1.1.1
255.255.255.255
ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ip address 10.10.10.1
255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config)#interface fei_1/2

Confidential and Proprietary Information of ZTE CORPORATION 163

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

ZXR10_R1(config-if)#ip address 10.10.20.1

255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config-if)#ip pim bsr-border
ZXR10_R1(config)#interface fei_2/1
ZXR10_R1(config-if)#ip address 10.10.30.1
255.255.255.0
ZXR10_R1(config-if)#ip pim sm
ZXR10_R1(config)#router ospf 1
ZXR10_R1(config-router)#network 10.0.0.0
0.0.0.255 area 0.0.0.0
ZXR10_R1(config)#ip multicast-routing
ZXR10_R1(config)#router pimsm
ZXR10_R1(config-router)#rp-candidate loopback1
priority 10
ZXR10_R1(config-router)#bsr-candidate loopback1
10 10
ZXR10_R1(config)#ip msdp peer 10.10.20.2 connect-
source fei_1/2
ZXR10_R1(config)#ip msdp peer 10.10.30.2 connect-
source fei_1/3

R2 configuration:

ZXR10_R2(config)#interface loopback1
ZXR10_R2(config-if)#ip address 10.1.1.2
255.255.255.255
ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ip address 10.10.20.2
255.255.255.0
ZXR10_R2(config-if)#ip pim sm
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ip address 10.10.40.1
255.255.255.0
ZXR10_R2(config-if)#ip pim sm
ZXR10_R2(config)#interface fei_2/1
ZXR10_R2(config-if)#ip address 10.10.50.1
255.255.255.0
ZXR10_R2(config-if)#ip igmp access-group 10
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 10.0.0.0
0.0.0.255 area 0.0.0.0

164 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 12 Configuring Multicast Routing

ZXR10_R2(config)#ip multicast-routing
ZXR10_R2(config)#router pimsm
ZXR10_R2(config-router)#rp-candidate loopback1
priority 20
ZXR10_R2(config-router)#bsr-candidate loopback1
10 20
ZXR10_R2(config)#access-list 10 permit any
ZXR10_R2(config)#ip msdp peer 10.10.20.1
connect-source fei_1/1
ZXR10_R2(config)#ip msdp peer 10.10.40.2
connect-source fei_1/2
ZXR10_R2(config)#ip msdp default-peer
10.10.20.1

R3 configuration:

ZXR10_R3(config)#interface loopback1
ZXR10_R3(config-if)#ip address 10.1.1.3
255.255.255.255
ZXR10_R3(config)#interface fei_1/1
ZXR10_R3(config-if)#ip address 10.10.30.2
255.255.255.0
ZXR10_R3(config-if)#ip pim sm
ZXR10_R3(config)#interface fei_1/2
ZXR10_R3(config-if)#ip address 10.10.40.2
255.255.255.0
ZXR10_R3(config-if)#ip pim sm
ZXR10_R3(config-if)#ip pim bsr-border
ZXR10_R3(config)#router ospf 1
ZXR10_R3(config-router)#network 10.0.0.0
0.0.0.255 area 0.0.0.0
ZXR10_R3(config)#ip multicast-routing
ZXR10_R3(config)#router pimsm
ZXR10_R3(config-router)#rp-candidate loopback1

Confidential and Proprietary Information of ZTE CORPORATION 165

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

priority 30
ZXR10_R3(config-router)#bsr-candidate loopback1
10 30
ZXR10_R3(config)#ip msdp peer 10.10.40.1
connect-source fei_1/2
ZXR10_R3(config)#ip msdp peer 10.10.30.1
connect-source fei_1/1

166 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 13

Configuring ACL

Introduction This chapter introduces Access Control List (ACL) and its
relevant configuration on the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 236 TOPICS IN CHAPTER 13

Topic Page No

Overview 167

ACL Configuration 168

ACL Application 170

ACL Log Function 171

Precautions on ACL 172

ACL Maintenance and Diagnosis 173

ACL Configuration Example 173

Overview
Normally, ACLs are used to implement policy routing and control
special traffic. An ACL can contain one or multiple IP datagram
rules of special type. An ACL can be so simple that it only
contains one rule or can be so complicated that it contains many
rules. Each rule tells a router whether a packet matching the
selection standard designated in the rule is allowed to pass or is
rejected.
Each ACL defined has an access list NO. for identification, which
is a digit, for example, 100. The ACL is divided into two types:
standard ACL and extended ACL. The access list numbers of
standard ACLs range from 1 to 99, while those of the extended
ACLs range from 100 to 199.

Confidential and Proprietary Information of ZTE CORPORATION 167

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

ACL Configuration
Defining The selection standards in ACL rules describe features of packets.
Selection An ACL based on source address filtering can be defined or an
Standard ACL of special flow based on source or destination can be
defined. Normally, the following standards can be used to define
an ACL statement:
„ Source IP address
„ Destination IP address
„ Source port No.
„ Destination port ID
„ Protocol type
These selection standards are designated as domains of ACL
rules. Upon ACL definition, ACLs numbered 1 through 99 are
called standard ACLs (only source addresses are defined in
standard ACLs), while ACLs numbered 100 through 199 are
called extended ACLs. In extended ACLs, source addresses,
destination addresses, source port IDs, destination port IDs and
protocol IDs will be defined.
The sequences of defining ACL rules are as follows:
Purpose Below procedure gives information about ACL configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To define directly a standard access list or extended access
list, use access-list <access-list-number> {deny|permit}
<source> [<source-wildcard>] command in global
configuration mode as shown in Table 237.

TABLE 237 ACCESS-LIST COMM AND

Command Command Command Function

Format Mode

access-list Global config

<access-list-
number> This defines directly a standard
{deny|permit} access list or extended access
<source> list
[<source-
wildcard>]

Result: This defines directly a standard access list or

extended access list.
2. To enter into the access list configuration mode, use ip
access-list {extended <access-list-number>|standard
<access-list-number>} name <acl-name> command in
global configuration mode as shown in Table 238.

168 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 13 Configuring ACL

TABLE 238 IP ACCESS-LIST COMMAND

Command Command Function

Command Format Mode

ip access-list Global config

{extended <access-
list- This enables to enter into
number>|standard the access list configuration
<access-list- mode
number>}name
<acl-name>

Result: This enables to enter into the access list

configuration mode.

3. To set a name for the access list, use name <acl-name>

command in global configuration mode as shown in Table
239.

TABLE 239 NAME COMM AND

Command Command Command Function

Format Mode

name Global config

<acl- This set a name for the access list
name>

Result: This set a name for the access list.

4. To set permit conditions for standard access list or extended

access list, use permit <source> [<source-wildcard>]
command in ACL configuration mode as shown in Table 240.

TABLE 240 PERMIT COMMAND

Command Command Command Function

Format Mode

permit ACL config

This sets permit conditions for
<source>
standard access list or extended
[<source-
access list
wildcard>]

Result: This set permit conditions for standard access list or

extended access list.

5. To set deny conditions for standard access list or extended

access list, use deny <source> [<source-wildcard>]
command in ACL configuration mode as shown in Table 241.

Confidential and Proprietary Information of ZTE CORPORATION 169

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 241 DENY COMM AND

Command Command Command Function

Format Mode

deny ACL config

This set deny conditions for
<source>
standard access list or extended
[<source-
access list
wildcard>]

Result: This set deny conditions for standard access list or

extended access list.

END OF STEPS.
Each domain of ACL rules is sensitive to locations. For example,
TCP rules: a source address should be followed with a
destination address, and the source port and destination ports
should follow the source and destination addresses.
Not all domains of ACL rules need designation. If no special
domain is designated, a rule will be processed as a wildcard or
will not be considered. If a special domain is designated, the
domain should match the corresponding packets. Each protocol
has many different matching domains. Since each domain is
sensitive to location, sometimes some domains should be
"skipped" to facilitate designation of another domain. The
keyword a n y can be used to skip the source or destination
address domain.

ACL Application
When a group of selection standards are defined for an ACL, the
ACL does not take effect immediately. The ACL will take effect
only when it is used by interfaces or some policies. The common
ACL applications are listed as follows:

„ When an ACL is applied to an interface, the interface permits

or denies datagrams received or sent by routers. The ACL
used in this way is called an "interface ACL".
„ When an ACL is applied to a service, the service permits or
denies datagrams received or sent by routers. The ACL used
in this way is called a "service ACL".
„ An ACL is associated with commands such as i p p o l i c y
and n a t , and it designates the standards to be followed by
packets, addresses and flows for association with features of
these routers. The ACL used in this way is called a "policy
ACL".

170 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 13 Configuring ACL

ACL Log Function

1. Configure standard ACL and extended ACL supports to the
log key words on the command. Add “[log]” on the end of
the rule:
access-list [list number][permit|deny][source
address][wildcard-mask][log]
access-list [list number][permit|deny][protocol |
protocol keyword][source address ][source-wildcard]
[source port][destination address][destination-
wildcard][destination port][log]
Function: if a log is configured during the rule configuration,
a log list index should be assigned to the rule.
NOTE: The maximum log list entry (1-1024) supported by
the current system is 1024; therefore, the scope of the log
index is 1024. If the log index is 0, it indicates that a log is
not configured.
2. Log mode configuration
acl-log [count | time]
NOTE: This command is used to determine acl log mode for
users. Time unit: Second. 30 seconds at least.
3. Query statistic
show acl-statistic [interface]
NOTE: interface can be specified as well as cannot be
specified. For query according to interface No. If the
interface is not specified, query the statistic information from
in and out direction on all interfaces. The displayed result is
as follows:
interface:
acl-in : Permit: Deny:
acl-out: Permit: Deny:
4. Clear ACL statistic
clear-acl-statistic [interface]
If the interface No. is not specified, clear the statistic
information of all interfaces; otherwise clear only the statistic
information of the specified interface.
5. View the ACL log content of the system record.
show logging alarm [typeid acl]

Confidential and Proprietary Information of ZTE CORPORATION 171

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Precautions on ACL
1. For an ACL with multiple rules, the sequence of these rules is
very important, and the ACL performs match strictly
according to the effective sequence. The show running-
config or show access-list command can be used to view
the sequence of effective ACL rules.
If the packet matches with a certain rule, perform the
operation according to the key word permit or deny and
neglect all the subsequent rules. That is to say, the
preferential matching is adopted. A router checks the list
downward and checks one rule at a time until a match entry
is found.
Therefore, more specific rules should be arranged in front of
not so specific rules all the time. For example, the following
ACL permits all TCP datagram’s except those from subnet
10.2.0.0/16.

ZXR10(config)#access-list 101 deny tcp 10.2.0.0

0.0.255.255 any
ZXR10(config)#access-list 101 permit tcp any any

When a TCP packet is sent out from the subnet 10.2.0.0/16,

if the packet matches with the first rule, the packet will be
dropped. If TCP packets from other subnets do not match the
first rule, but match with the second rule, these packets will
be permitted to pass.
2. In the end of each ACL, the system automatically adds an
implicit deny rule that will reject all datagram’s.
For packets that do not match any rules designated by the
user, the implicit deny rule can stop flows, and all packets
match the rule.
Such a processing is made with consideration of security. If
the ACL is misconfigured, packets that should be permitted
to pass are blocked due to the implicit deny rule, and the
worse result is that no data can be sent or received.
Furthermore, if packets that should be denied are sent out, a
security hole occurs. Therefore, the implicit deny rule serves
as a line of defense for misconfiguration of ACLs.
See the following ACL configuration:

ZXR10(config)#access-list 101 permit ip 1.2.3.4

0.0.0.255 any
ZXR10(config)#access-list 101 permit ip 4.3.2.1
0.0.0.255 any

172 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 13 Configuring ACL

Due to the implicit deny rule, the ACL actually has three rules:

ZXR10(config)#access-list 101 permit ip 1.2.3.4

0.0.0.255 any
ZXR10(config)#access-list 101 permit ip 4.3.2.1
0.0.0.255 any
ZXR10(config)#access-list 101 deny any any

If the packet entered is not match with the former two rules,
then the packet will be dropped. This is because the third
rules (implicit deny rule) matches with all packets.

ACL Maintenance and Diagnosis

Introduction For the convenience of ACL maintenance and diagnosis, the
ZXR10 1800/2800/3800 Router provides the following command
to show content of the access list or the content with specified
list number.
Purpose Below procedure gives information about ACL maintenance &
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To display ACL present in running configuration, use show
access-list [{<access-list-number>| name <acl-name>}
command in Priviliged mode as shown in Table 242.

TABLE 242 SHOW ACCESS-LIST COMM AND

Command Command Command Function

Format Mode

show ACL config

access-list
[{<access-
This displays ACL present in
list-
running configuration
number>|
name <acl-
name>}

Result: This displays ACL present in running configuration.

END OF STEPS.

Confidential and Proprietary Information of ZTE CORPORATION 173

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

ACL Configuration Example

Application of ACLs can be applied to interfaces to check incoming or outgoing
ACL to datagrams. Incoming datagrams refer to datagrams that enter a
Interfaces router, while outgoing datagrams refer to datagrams that are
sent out from the router.

For each interface, only one ACL can be applied to the same
protocol in the same direction. For example, two or more ACLs
should not be applied to the incoming direction of the same
interface. If one ACL is applied to incoming datagrams and
another ACL is applied to outgoing datagrams, the two ACLs can
be applied to the same interface. However, the restriction does
not prevent the designation of many rules in an ACL, just place
these rules into another ACL and apply it to the interface.

When a packet enters a router from an interface to which an

incoming ACL is applied, the router will compare the packet with
rules designated by the ACL. If the packet is permitted, it can
enter the ZXR10 router; otherwise, the packet will be dropped.

If the packet needs to be forwarded out from another interface

(that is, the packet will be routed), the second ACL check
possibly should be made. On the output interface, if the
outgoing ACL is applied, the packet will be compared with rules
designated by the outgoing ACL. Therefore, the packet possibly
needs to pass two independent checks: one on the incoming
interface, and the other on the outgoing interface.

1. To apply a configured ACL on an interface, use ip access-

group <acl-number> {in|out} command in interface
configuration mode as shown in Table 243.

TABLE 243 IP ACCESS-GROUP COMM AND

Command Command Command Function

Format Mode

ip access- interface
group <acl- config This configures ACL on an
number> interface
{in|out}name>}

Result: This configures ACL on an interface.

The actual configuration example of the interface ACL is as
shown in Figure 21.

174 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 13 Configuring ACL

FIGURE 21 ACTUAL ACL CONFIGURATION EXAMPLE APPLIED ON AN

INTERFACE

Fei_1/2 Fei_1/1 Fei_1/2

134.141.8.3/24 134.141.7.2/24 134.141.6.3/24
Fei_1/1
R1 134.141.7.3/24 R2
Networks
134.141.9.0/24
136.150.10.0/24

R2 configuration:

ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ip address 134.141.7.2
255.255.255.0
ZXR10_R2(config-if)#ip access-group 100 out
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ip address 134.141.6.3
255.255.255.0
ZXR10_R2(config-if)#ip access-group 100 in
ZXR10_R2(config)#access-list 100 deny ip
134.141.9.0 0.0.0.255 any
ZXR10_R2(config)#access-list 100 deny ip any
134.141.9.0 0.0.0.255
ZXR10_R2(config)#access-list 100 permit ip any any
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 134.141.7.2
0.0.0.0 area 0
ZXR10_R2(config-router)#network 134.141.6.3
0.0.0.0 area 0
Applications of On a ZXR10 1800/2800/3800 Router, ACLs can be created to
ACL to permit or deny access to a service provided by the router, such
Services as HTTP and Telnet. This type of ACLs is called "Service ACLs".

According to the definition, a service ACL is used to control

incoming packets of services sent to a special interface of the
router. For example, on a special interface, some special hosts
can be permitted to access the Telnet Server or special subnets
are denied to access the Web Server. Service ACLs are created
to control the access to some services on a designated interface
of the router. As a result, only the incoming datagram’s sent to
the router will be checked.

The application of an ACL to a service is also implemented by

applying the defined ACL to an interface.

Here in Figure 21., networking is used to describe the detailed

configuration of servicing ACL.

Confidential and Proprietary Information of ZTE CORPORATION 175

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

R2 configuration:

ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ip address 134.141.7.2
255.255.255.0
ZXR10_R2(config-if)#ip access-group 110 out
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ip address 134.141.6.3
255.255.255.0
ZXR10_R2(config-if)#ip access-group 110 in
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#access-list 110 permit tcp any
134.141.9.88 0.0.0.0 eq telnet
ZXR10_R2(config)#router ospf 1
ZXR10_R2(config-router)#network 134.141.7.2
0.0.0.0 area 0
ZXR10_R2(config-router)#network 134.141.6.3
0.0.0.0 area 0

176 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 14

Configuring NAT

Introduction This chapter introduces Network Address Transfer (NAT) and its
relevant configuration on the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 244 TOPICS IN CHAPTER 14

Topic Page No

Overview 177

NAT Configuration 179

NAT Maintenance and Diagnosis 182

NAT Configuration Example 184

Distributed Address Translation 186

Processing Netword with Repeated Address 188

Range by Means of NAT

Overview
With the rapid development of the Internet, one of the most
outstanding problems is that the IP addresses are insufficient.
The application of NAT can relieve such pressure to certain
extent. The NAT permits an organization to reuse one or multiple
registered unique and global IP address.
Figure 22shows the basic operational principles of NAT.

Confidential and Proprietary Information of ZTE CORPORATION 177

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

FIGURE 22 NAT WORKING PRINCIPLE

Internet

S:195.1.1.1/24
D:196.1.1.1/24

R
S:10.1.1.1/24 R2 S:195.1.1.124
1
D:196.1.1.1/24 D:10.2.2.2/24

Network b
Network A

PC1 PC2
10.1.1.1/24 10.2.2.2/24

As shown in Figure 22, networks A and B of two different

organizations use a private network address (10.0.0.0) as their
internal address. Each organization is assigned with a unique
public network address registered on the Internet, and the
address is used for communications between the internal private
network and the external public network.
Between two networks where the address translation is
performed, one network serves as the Intranet (inside), and the
other serves as the Extranet (outside). A router supporting the
NAT function is placed on the border between the Intranet and
the Extranet.
If PC1 (10.1.1.1) wants to send data to PC2 (10.2.2.2), PC1
uses the unique global address 196.1.1.1 of the network of PC2
as the destination address of packets. When a packet reaches R1,
R1 translates the source address 10.1.1.1 into the unique global
address 195.1.1.1.When a packet arrives at R2, R2 translates
the destination address into a private network IP address
10.2.2.2.Similar translation is also made for packets returned
from PC2 to PC1.
To complete such translation, the host on the Intranet does not
need additional configuration. Seeing from the PC1, 196.1.1.1 is
the IP address of PC2 (10.2.2.2) on Network B. Similarly, for the
PC2, 196.1.1.1 is the IP address of PC1 (10.2.2.1) on Network A.
Normally, NAT is used in the following cases:
1. A private network needs to be accessed to the Internet, but
there are not sufficient registered IP addresses.
2. The address spaces of two networks to be interconnected are
repeated.
3. The service provider is changed, and the network should be
addressed once again.

178 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 14 Configuring NAT

NAT is divided into static NAT and dynamic NAT. Where, the
dynamic NAT is further divided into one-to-one dynamic NAT and
address-reload dynamic NAT.
Static address translation, predefined by the network
administrator, indicates a one-to-one relation between internal
addresses and external addresses. During communications
between a host on the Intranet and a host on the Extranet,
before its packets are sent to the Extranet by a router, internal
addresses specified by the static NAT will be translated into the
corresponding Extranet addresses. Furthermore, before the
router sends packets from the Extranet to the Intranet, the
extranet addresses will be translated into the corresponding
Intranet addresses.
Dynamic address translation takes place randomly on a router
according to the configuration. When a host on the Intranet
originates a session with a host on the Extranet, before a packet
enters the Extranet, the router will select an idle address from
the Extranet IP pool (used for address translation) as a new
source address to replace the source address of the Intranet.
The router reserves the translation record, which is used to
translate the destination address of the reply packet to the
destination address of the Intranet. During the session, the
address is monopolized. After the session ends, the extranet
address will be released and can be reallocated.
When the PAT (Port Address Translation) function is enabled, if
there is no available idle address, the router will select an idle
port that has already used an address, and use this pair of
address and port (normally called "socket") to replace the
corresponding address and port in the Intranet packets.

NAT Configuration
Purpose Below procedure gives information about NAT configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To configure the internal and external interfaces of NAT, use
ip nat {inside|outside} command in global configuration
mode as shown in Table 245.

TABLE 245 IP NAT COMM AND

Command Command Command Function

Format Mode

ip nat Global This configures the internal

{inside|outside} configuration and external interfaces of
NAT

Result: This configures the internal and external interfaces

of NAT.

Confidential and Proprietary Information of ZTE CORPORATION 179

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

2. To define NAT rules, use ip nat inside source {list <list-

number> pool <pool-name> [overload [<interface-
name>]]|static <local-ip> <global-ip>| static {tcp|udp}
<global-ip> <global-port> <local-ip> <local-port>}
command in global configuration mode as shown in Table
246.

TABLE 246 IP NAT INSIDE SOURCE COMM AND

Command Command Command Function

Format Mode

ip nat Global
This defines NAT rules
{inside|outside} configuration

Result: This defines NAT rules.

3. To define IP pool used for NAT, use ip nat pool <pool-
name> <start-address> <end-address> prefix-length
<prefix-length> command in global configuration mode as
shown in Table 247.

TABLE 247 IP NAT POOL COMM AND

Command Command Command Function

Format Mode

ip nat pool Global

<pool- configuration
name>
<start-
address>
<end- This defines IP pool used for NAT
address>
prefix-
length
<prefix-
length>

Result: This defines IP pool used for NAT.

4. To set the NAT aging time, use ip nat translation timeout
class {a|b|c|d|e} <timeout> command in global
configuration mode as shown in Table 248.

TABLE 248 IP NAT TR ANSLATION TIMEOUT CLASS COMM AND

Command Command Command Function

Format Mode

ip nat Global
translation configuration
timeout
This set the NAT aging time
class
{a|b|c|d|e}
<timeout>

Result: This set the NAT aging time.

180 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 14 Configuring NAT

5. To set the maximal translation number allowed by the

internal address, use ip nat translation maximal {<list-
number>| default} <max-value> command in global
configuration mode as shown in Table 249.

TABLE 249 IP NAT TR ANSLATION M AXIMAL COMM AND

Command Command Command Function

Format Mode

ip nat Global
translation configuration
maximal
This set the maximal translation
{<list-
number allowed by the internal
number>|
address
default}
<max-
value>

Result: This set the maximal translation number allowed by

the internal address.

6. To start and stop the NTP function, use ip nat start, ip nat
stop commands in global configuration mode as shown in
Table 250.

TABLE 250 IP NAT ST ART, IP NAT STOP COMM ANDS

Command Command Command Function

Format Mode

ip nat Global
This starts and stop the NTP
start, ip configuration
function
nat stop

Result: This starts and stops the NTP function.

7. To start the NAT log function, use ip nat logging

{{all|event|mapping}|{source|destination} <ip-addr>}}
command in global configuration mode as shown in Table
251.

TABLE 251 IP NAT LOGGING COMM AND

Command Command Command Function

Format Mode

ip nat Global
logging configuration
{{all|event|
mapping}|{s
ource|destina This starts the NAT log function
tion} <ip-
addr>}}

Confidential and Proprietary Information of ZTE CORPORATION 181

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Result: This starts the NAT log function.

Important! After the NAT log is enabled, an ftp link should
be set up at the same time so as to write the log to the ftp
files. For example: Logging ftp NOTIFICATIONS <ip
address> ftp_username ftp_password nat.log.
Static or dynamic NAT can be selected according to the
actual networking requirements. In the dynamic NAT
configuration, NAT can be configured as one-to-one dynamic
NAT or as the payload NAT function (one public network
address corresponds to multiple private network address),
that is, PAT.
1. Static NAT configuration procedure:
i. Defines NAT rules.
ii. Designate internal and external ports used for NAT.
2. Dynamic NAT configuration procedure:
i. Define private and public network addresses used for NAT
ii. Defines NAT rules
iii. Designate internal and external ports used for NAT
END OF STEPS.

NAT Maintenance and Diagnosis

Purpose Below procedure gives information about NAT maintenance &
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps For the convenience of NAT maintenance and diagnosis, ZXR10
1800/2800/3800 Router provides related view commands.
1. To show the NAT statistic data, use show ip nat statistic
command in Priviliged mode as shown in Table 252.

TABLE 252 SHOW IP NAT STATISTICS COMM AND

Command Command Command Function

Format Mode

ip nat Priviliged
start, ip This shows the NAT statistic data
nat stop

Result: This shows the NAT statistic data.

2. To show NAT activity translation, use show ip nat
translations {*| {global <global-ip>|local <local-ip>}}
command in Priviliged mode as shown in Table 253.

182 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 14 Configuring NAT

TABLE 253 SHOW IP NAT TRANSLATIONS COMM AND

Command Command Command Function

Format Mode

show ip nat Priviliged

translations
{*|{global This shows NAT activity
<global- translation
ip>|local
<local-ip>}}

Result: This shows NAT activity translation.

3. To show the count of the transfer entries, use show ip nat

count {by-max <count>|by-used <count>|global <global-
ip>|local <local-ip>} command in Priviliged mode as shown
in Table 254.

TABLE 254 SHOW IP NAT COUNT COMM AND

Command Command Command Function

Format Mode

show ip nat Priviliged

count {by-max
<count>|by-
This shows the count of the
used
transfer entries
<count>|global
<global-ip>|local
<local-ip>}

Result: This shows the count of the transfer entries.

4. To show the NAT debug information, use debug ip nat

command in Priviliged mode as shown in Table 255.

TABLE 255 DEBUG IP NAT COMM AND

Command Command Command Function

Format Mode

debug ip Priviliged This shows the NAT debug

nat information

Result: This shows the NAT debug information.

5. To clear the NAT statistical information, use clear ip nat

statistics command in Priviliged mode as shown in Table
256.

Confidential and Proprietary Information of ZTE CORPORATION 183

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 256 CLEAR IP NAT STATISTICS COMM AND

Command Command Command Function

Format Mode

clear ip Priviliged
This clears the NAT statistical
nat
information
statistics

Result: This clears the NAT statistical information.

6. To clear the NAT mapping entries, use clear ip nat

translation {*|[<global-ip> <global-port> <local-ip>
<local-port>] | list <list-number> [<interface-name>] |
{global <global-ip>|local <local-ip>}} command in Priviliged
mode as shown in Table 257.

TABLE 257 CLEAR IP NAT TRANSLATIONS COMM AND

Command Command Command Function

Format Mode

clear ip nat Priviliged

translation
{*|[<global-
ip> <global-
port> <local-
ip> <local-
port>] | list
This clears the NAT mapping
<list-
entries
number>
[<interface-
name>] |
{global
<global-
ip>|local
<local-ip>}}

Result: This clears the NAT mapping entries.

END OF STEPS.

NAT Configuration Example

Static NAT A server inside a Metropolitan Area Network (MAN) requires that
internal users can access a public network via private network IP
addresses from inside and the data should not be sent out the
network, and furthermore, the server also requires non-MAN
users can access via real IP addresses from the public network.
Figure 23 shows a static NAT example.

184 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 14 Configuring NAT

FIGURE 23 NAT EX AMPLE

10.10.1.2/24

Server
Internet
S:202.1.1.2/24
10.10.1.1/24 D:192.1.1.2/24

192.1.1.1/24
10.10.2.1/24 R1

PC
202.1.1.2/24

PC
10.10.2.2/24

R1 configuration:

ZXR10(config)#ip nat start

ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip address 10.10.1.1
255.255.255.0
ZXR10(config-if)#ip nat inside
ZXR10(config-if)#exit
ZXR10(config)#interface fei_1/2
ZXR10(config-if)#ip address 10.10.2.1
255.255.255.0
ZXR10(config-if)#ip nat inside
ZXR10(config-if)#exit
ZXR10(config)#interface fei_2/1
ZXR10(config-if)#ip address 192.1.1.1
255.255.255.0
ZXR10(config-if)#ip nat outside
ZXR10(config-if)#exit
ZXR10(config)#ip nat inside source static
10.10.1.2 192.1.1.2

Confidential and Proprietary Information of ZTE CORPORATION 185

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Distributed Address Translation

This is a natural idea to perform address translation for the data
of the entire MAN on the egress of the MAN to the Internet, and
this is also an ideal solution to the problem of saving public IP
addresses. However, if there are a larger number of MAN users,
NAT processing at a single point has higher requirements for the
NAT capability of the router on the egress.
In this case, the distributed address translation can be used:
multiple routers with lower capability are used to complete
address translation. The disadvantage of this method is that
each link will waste some IP addresses registered on the
Internet.
As shown in Figure 24, every two among the three routers are
interconnected through registered IP addresses.R2 is the egress
to the Internet, and the unified reserved IP addresses are used
in the Intranet connected to R1 and R3. The addresses do not
conflict with each other, since R1 and R3 individually conduct
address translation for the data of the Intranet.

FI G U R E 2 4 CO N F I G U R AT I O N E X AM P L E FO R D I S T R I B UTE D AD D R E S S
TRANSLATION

Internet

NAT Mapping
NATMapping
10.10.1.0/24 10.10.2.0/24
192.1.3.2/30R2 192.1.3.5/30 <->
<->
192.1.1.0/24 192.1.2.0/24
192.1.3.6/30
192.1.3.1/30

R1 10.10.1.1/24 R3 10.10.2.1/24

PC PC
10.10.1.2/24 sever 10.10.2.2/24
10.10.1.3/24

186 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 14 Configuring NAT

R1 configuration:

ZXR10_R1 (config)#ip nat start

ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ip address 10.10.1.1
255.255.255.0
ZXR10_R1(config-if)#ip nat inside
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#interface fei_1/2
ZXR10_R1(config-if)#ip address 192.1.3.1
255.255.255.252
ZXR10_R1(config-if)#ip nat outside
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#access-list 3 deny 10.10.1.2
0.0.0.0
ZXR10_R1(config)#access-list 3 permit 10.10.1.0
0.0.0.255
ZXR10_R1(config)#ip nat inside source static
10.10.1.2 192.1.1.1
ZXR10_R1(config)#ip nat pool netpool 192.1.1.2
192.1.1.254 prefix-length 24
ZXR10_R1(config)#ip nat inside source list 3
pool netpool
ZXR10_R1(config)#ip route 0.0.0.0 0.0.0.0
192.1.3.2

R2 configuration:

ZXR10_R2(config)#ip nat start

ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ip address 192.1.3.2
255.255.255.252
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ip address 192.1.3.5
255.255.255.252
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#ip route 192.1.1.0
255.255.255.0 192.1.3.1
ZXR10_R2(config)#ip route 192.1.2.0
255.255.255.0 192.1.3.6

Confidential and Proprietary Information of ZTE CORPORATION 187

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

R3 configuration:

ZXR10_R3(config)#ip nat start

ZXR10_R3(config)#interface fei_1/1
ZXR10_R3(config-if)#ip address 192.1.3.6
255.255.255.252
ZXR10_R3(config-if)#ip nat outside
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#interface fei_1/2
ZXR10_R3(config-if)#ip address 10.1.2.1
255.255.255.0
ZXR10_R3(config-if)#ip nat inside
ZXR10_R3(config-if)#exit
ZXR10_R3(config)#access-list 3 permit 10.1.2.0
0.0.0.255
ZXR10_R3(config)#ip nat inside source static
10.10.1.2 192.1.1.1
ZXR10_R3(config)#ip nat pool netpool 192.1.2.1
192.1.2.254 prefix-length 24
ZXR10_R3(config)#ip nat inside source list 3
pool netpool
ZXR10_R3(config)#ip route 0.0.0.0 0.0.0.0
192.1.3.5

Processing Network with Repeated

Address Range by Means of NAT
MANs built by different carriers may have repeated available
address range. In this case, NAT translation is needed for
interconnection.
As shown in Figure 25, the address ranges of the two networks
connected to R1 and R2 are mutually repeated. If users in the
two networks want to access the servers of each other from
inside the MAN, confusion may occur. The use of NAT can solve
this problem. In this example, static NAT is used for servers in
the networks, while dynamic NAT is used for hosts.
Suppose that a host with address of 10.10.1.3 on network A
wants to access the server on network B, it uses 10.10.3.129 as
the destination address. When a data packet leaves the network
A, the source address 10.10.1.3 is translated into one among IP
addresses from 10.10.3.65 to 10.10.3.126. Such kind of source
addresses is legal for Network B. When the data packet arrives
at R2, 10.10.3.129 is transferred into the real IP address
10.10.1.2 that the server is in Network B. Similar translation is

188 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 14 Configuring NAT

also made for data packets returned from the server to host in
Network A.

FIGURE 25 CONFIGURATION EXAMPLE FOR PROCESSING OF REPEATED

ADDRESS BY MEANS OF N AT

NAT mapping NAT mapping

static:10.10.1.2<-> 10.10.3.65 static:10.10.1.2<-> 10.10.3.129
dynamic:10.10.1.3~ 10.10.1.254 dynamic:10.10.1.3~ 10.10.1.254
<->10.10.3.66~10.10.3.126 <->10.10.3.130~10.10.3.190

10.10.3.1/30
R1 10.10.1.1/24 10.10.3.2/30 R2 10.10.1.1/24

PC PC
10.10.1.3/24 Server 10.10.1.3/24 Server
10.10.1.2/24 10.10.1.2/24
Network A Network B

R1 configuration:

ZXR10_R1(config)#ip nat start

ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ip address 10.10.1.1
255.255.255.0
ZXR10_R1(config-if)#ip nat inside
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#interface fei_1/2
ZXR10_R1(config-if)#ip address 10.10.3.1
255.255.255.252
ZXR10_R1(config-if)#ip nat outside
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#access-list 3 deny 10.10.1.2
0.0.0.0
ZXR10_R1(config)#access-list 3 permit 10.10.1.0
0.0.0.255
ZXR10_R1(config)#ip nat inside source static
10.10.1.2 10.10.3.65
ZXR10_R1(config)#ip nat pool netpool 10.10.3.66
10.10.3.126 prefix-length 26
ZXR10_R1(config)#ip nat inside source list 3 pool
netpool overload
ZXR10_R1(config)#ip route 0.0.0.0 0.0.0.0
10.10.3.2

Confidential and Proprietary Information of ZTE CORPORATION 189

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

R2 configuration:

ZXR10_R2(config)#ip nat start

ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ip address 10.10.3.2
255.255.255.252
ZXR10_R2(config-if)#ip nat outside
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#interface fei_1/2
ZXR10_R2(config-if)#ip address 10.10.1.1
255.255.255.0
ZXR10_R2(config-if)#ip nat inside
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#access-list 3 deny 10.10.1.2
0.0.0.0
ZXR10_R2(config)#access-list 3 permit 10.10.1.0
0.0.0.255
ZXR10_R2(config)#ip nat inside source static
10.10.1.2 10.10.3.129
ZXR10_R2(config)#ip nat pool netpool 10.10.3.130
10.10.3.190 prefix-length 26
ZXR10_R2(config)#ip nat inside source list 3 pool
netpool overload
ZXR10_R2(config)#ip route 10.10.3.64
255.255.255.192 10.10.3.1

190 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 15

Configuring URPF

Introduction This chapter introduces Unicast Reverse Path Forwarding (URPF)

and its relevant configuration on ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 258 TOPICS IN CHAPTER 15

Topic Page No

Overview 191

Basic URPF Configuration 193

URPF Maintenance and Diagnosis 193

END OF STEPS. 194

URPF Configuration Example

Overview
URPF is shortened form of Unicast Reverse Path Forwarding,
which is to prevent the network attack behavior that based on
the source address spoofing. It is called “reverse” because it is
compared with the normal routing query. Generally, a router
receives a packet and obtains the destination address of the
packet and queries the route directing towards the destination
address. If the route is found, then forward the packet normally;
otherwise drop it.
URPF obtains the source address and ingress of the packet and
takes the source address as the destination address to query in
the forwarding list whether the interface responded with the
source address matches with the ingress. If it is not matched,
then the source destination is considered a forged one, drop the
packet. By this means, URPF can prevent effectively the
malicious attack through modifying source address in the
network.
Figure 26 is a kind of simple network model.

Confidential and Proprietary Information of ZTE CORPORATION 191

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

FIGURE 26 FORGED SOURCE ADDRESS

Fei_1/1 Fei_1/2

3.3.3.3 2.2.2.2 2.2.2.1

S1 S2 S3

Forge a packet with source address being 2.2.2.1 on S1 and

send a request to server S2, when S2 responds to the request,
send packet to the real “2.2.2.1” (that is, S3). These kinds of
illegal packet are all attacks to S2 and S3.
The attacker originates an attack by changing source addresses
randomly. In this example, the source address uses some
reserved non-global IP addresses; therefore it is not reachable.
In fact even it is a legal IP address, as long as it is not reachable,
it can be used for originating an attack.
There is another case, as shown in Figure 27: the attacker can
forge a source address, which is an address of another legal
network, and exists in a global routing list. For example, an
attacker forgers a source address, which make the one who was
attacked thought the attack was from a forged source address,
but in fact, the source address is innocent at all, and sometimes
the network administrator even shut off all data stream from the
source address because of this, which make the attacker
successfully realized the service rejection attack.

FIGURE 27 FORGED SOURCE ADDRESS-II

2 0 4 .6 9 .2 0 7 .0 / 2 4

The more complicated case is that the flooding attack of TCP

SYN makes the SYN-ACK data packet sent to many hosts that
have no relation with the attack at all, thus these hosts became
the sacrifice of the attack. This makes the attacker spoof one or
more systems at the same time.
Also UDP and ICMP can be used for a flood attack.
All these attacks will severely reduce system performance, and
even make the system breakdown. URPF is the technology used
for preventing such kind of attack.

192 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 15 Configuring URPF

Basic URPF Configuration

Purpose Below procedure gives information about URPF configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps There are three types of URPFs: strict URPF (sRPF), loose URPF
(lRPF), and ignoring default route URPF (lnRPF).
1. To enable the URPF verification function on an interface, use
ip verify {strict|loose|loose ignoring default route} [unicast
reverse-path <list>] command in interface configuration
mode as shown in Table 259.

TABLE 259 IP VERIFY COMM AND

Command Command Function

Command Format Mode

ip verify Interface
{strict|loose|loose configuration
This enables the URPF
ignoring default
verification function on an
route} [unicast
interface
reverse-path
<list>]

Result: This enables the URPF verification function on an

interface.
Important! Except for the lnRPF, the other two URPFs
should verify the default route, and the default route should
satisfy a condition that the egress is the ingress.
2. To enable/disable the URPF log, use urpf log {on | off}
command in global configuration mode as shown in Table
260.

TABLE 260 URPF LOG COMM AND

Command Command Command Function

Format Mode

urpf log Global

This enables/disables the URPF log
{on | off} configuration

Result: This enables/disables the URPF log.

Important! To open the urpf log, be sure logging on first.
END OF STEPS.

URPF Maintenance and Diagnosis

Purpose Below procedure gives information about URPF maintenance &
diagnosis.

Confidential and Proprietary Information of ZTE CORPORATION 193

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Prerequisites Refer to Configuration Methods (Chapter 1) to access the router

CLI for configuration.
Steps 1. To view the URPF statistic count of the port, use show ip
interface [brief] [<interface-name>] command in Priviliged
mode as shown in Table 261.

TABLE 261 SHOW IP INTERFACE COMMAND

Command Command Command Function

Format Mode

show ip Priviliged
interface
This display the URPF statistic
[brief]
count of the port
[<interface-
name>]

Result: This display the URPF statistic count of the port.

2. To view the statistic data of the system URPF, use show ip

traffic command in Priviliged mode as shown in Table 262.

TABLE 262 SHOW IP TRAFFIC COMM AND

Command Command Command Function

Format Mode

show ip Priviliged This display the statistic data of

traffic the system URPF

Result: This display the statistic data of the system URPF.

3. To view URPF Log Information, use show logging alarm

typeid urpf command in Priviliged mode as shown in Table
263.

TABLE 263 SHOW LOGGING ALARM TYPEID COMM AND

Command Command Command Function

Format Mode

show Priviliged
logging
This display URPF Log Information
alarm
typeid urpf

Result: This display URPF Log Information.

END OF STEPS.

194 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 15 Configuring URPF

URPF Configuration Example

FIGURE 28 URPG EXAMPLE

Fei_1/2 Fei_1/2
192.168.0.1/24 133.1.0.1/24
Fei_1/1
100.1.1.2/24

Fei_1/1
R1 100.1.1.1/24 R2
Networks Networks
192.168.0.0/24 133.1.0.0/24

As shown in Figure 28, the strict URPF on the interface fei_1/2 of

the router R1 prevents the malicious attack from the users on
behind the 192.168.0.0/24 network to the network behind
router R1, and permits user with the source address being
171.1.0/24 network segment can verify through the URPF.
R1 configuration:

ZXR10_R1(config)#interface fei_1/2
ZXR10_R1(config-if)#ip add 192.168.0.1 255.255.255.0
ZXR10_R1(config-if)# ip verify strict unicast-reverse-
path 10
ZXR10_R1(config-if)#exit
ZXR10_R1(config)# access-list 10 permit 171.1.1.0
0.0.0.255
ZXR10_R1(config)#end
ZXR10_R1#

Confidential and Proprietary Information of ZTE CORPORATION 195

 Chapter 16

Configuring DHCP

Introduction This chapter introduces Dynamic Host Configuration Protocol

(DHCP) and its relevant configuration on the on ZXR10
1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 264 TOPICS IN CHAPTER 16

Topic Page No

Overview 197

DHCP Server Configuration 198

DHCP Configuration Example 203

Overview
The Dynamic Host Configuration Protocol (DHCP) enables a host
on the network to obtain an IP address ensuring its normal
communication and relevant configuration information from a
DHCP server. The RFC2131 describes the DHCP in detail.
The DHCP adopts UDP as the transmission protocol. The host
sends a message to Port 67 of the DHCP server, and the host
returns the message to Port 68 of the host. The DHCP works in
the following steps:
1. The host sends a broadcast packet DHCPDiscover including
the request IP address and other configuration parameters.
2. The DHCP server returns a unicast packet DHCPOffer
including the valid IP address and configuration.
3. The host selects the server that arrives at DHCPOffer first,
and sends a unicast DHCPRequest to the server, indicating to
accept relevant configuration.
4. The selected DHCP server returns a unicast packet DHCPAck
for confirmation.

Confidential and Proprietary Information of ZTE CORPORATION 197

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

By now the host can use the IP address and relevant

configuration obtained from the DHCP server for communication.
The IP addresses assigned by the DHCP server to the host fall
into the following three forms:
„ The administrator assigns an IP address to a specific host.
„ Assign the address to the host randomly and permanently.
„ Assign the address to the host for a certain period randomly.
Usually third method is adopted. The valid time segment of
using the address is called lease period. Once the lease period
expires, the host must request the server for continuous lease.
The host cannot continue to lease until it accepts the request,
otherwise, it must give up unconditionally.
The router does not send the received broadcast packet from a
subnet to another by default. But the router as the default
gateway of the client host must send the broadcast packet to the
subnet where the DHCP server locates when the DHCP server
and client host are not in the same subnet. This function is
called DHCP relay.
The ZXR10 1800/2800/3800 ROUTER can act as a DHCP server
or DHCP relay to forward DHCP information, but it cannot use
both functions at the same time.

DHCP Server Configuration

Purpose Below procedure gives information about DHCP server
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.

Steps 1. To configure IP address pool, and the DHCP server assigns

the address to the client host, use ip local pool <pool-name>
<low-ip-address> <high-ip-address> <net-mask> command in
global configuration mode as shown in Table 265.

TABLE 265 IP LOCAL POOL COMM AND

Command Command Command Function

Format Mode

ip local Global
pool <pool- configuration
name>
<low-ip- This configures IP address pool,
address> and the DHCP server assigns the
<high-ip- address to the client host
address>
<net-
mask>

198 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 16 Configuring DHCP

Result: This configures IP address pool, and the DHCP

server assigns the address to the client host.
2. To set the timeout of the address conflict in the IP address
pool, use ip local pool conflict-ip <timeout> command in
global configuration mode as shown in Table 266.

TABLE 266 IP LOCAL POOL CONFLICT-IP COMM AND

Command Command Command Function

Format Mode

ip local Global
This sets the timeout of the
pool configuration
address conflict in the IP address
conflict-ip
pool
<timeout>

Result: This sets the timeout of the address conflict in

the IP address pool.
3. To set the lease period during which the DHCP server leases
IP address to the client, use ip dhcp server leasetime
<time> command in global configuration mode as shown in
Table 267.

TABLE 267 IP DHCP SERVER LEASE TIME COMMAND

Command Command Command Function

Format Mode

ip dhcp Global
This sets the lease period during
server configuration
which the DHCP server leases IP
leasetime
address to the client
<time>

Result: This sets the lease period during which the DHCP
server leases IP address to the client.
4. To set the DNS address returned by the DHCP server to the
user, use ip dhcp server dns <mdns-address> [<sdns-
address>] command in global configuration mode as shown
in Table 268.

TABLE 268 IP DHCP SERVER DNS COMMAND

Command Command Command Function

Format Mode

ip dhcp Global
server dns configuration
This sets the DNS address
<mdns-
returned by the DHCP server to the
address>
user
[<sdns-
address>]

Result: This sets the DNS address returned by the DHCP

server to the user.

Confidential and Proprietary Information of ZTE CORPORATION 199

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

5. To set DHCP server arp update, use ip dhcp server update

arp command in global configuration mode as shown in
Table 269.

TABLE 269 IP DHCP SERVER UPDATE AR P COMM AND

Command Command Command Function

Format Mode

ip dhcp Global
server dns configuration
<mdns- This sets the DHCP server arp
address> updates
[<sdns-
address>]

Result: This sets the DHCP server arp updates.

6. To enable the built-in DHCP server process, use ip dhcp
server enable command in global configuration mode as
shown in Table 270.

TABLE 270 IP DHCP SERVER-ENABLE COMM AND

Command Command Command Function

Format Mode

ip dhcp Global
This enables the built-in DHCP
server configuration
server process
enable

Result: This enables the built-in DHCP server process.

END OF STEPS.

DHCP Relay Configuration

Purpose Below procedure gives information about DHCP relay
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To configure a DHCP agent address on the interface
connected to the Client’s subnet, use ip dhcp relay agent
<ip-address> command in interface configuration mode as
shown in Table 271.

200 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 16 Configuring DHCP

TABLE 271 IP DHCP RELAY-AGENT COMMAND

Command Command Command Function

Format Mode

ip dhcp Interface
This configures a DHCP agent
relay configuration
address on the interface connected
agent <ip-
to the Client’s subnet
address>

Result: This configures a DHCP agent address on the

interface connected to the Client’s subnet.

2. To configure the IP address of the external DHCP server on

the interface connected to the client subnet, use ip dhcp
relay server <ip-address> command in interface
configuration mode as shown in Table 272.

TABLE 272 IP DHCP RELAY SERVER COMM AND

Command Command Command Function

Format Mode

ip dhcp Interface This configures the IP address of

relay configuration the external DHCP server on the
server <ip- interface connected to the client
address> subnet

Result: This configures the IP address of the external DHCP

server on the interface connected to the client subnet.

3. To enable the built-in DHCP relay process, use ip dhcp relay

update arp command in global configuration mode as shown
in Table 273.

TABLE 273 IP DHCP RELAY UPDATE ARP COMM AND

Command Command Command Function

Format Mode

ip dhcp Interface
This enables the built-in DHCP
relay configuration
relay process
update arp

Result: This enables the built-in DHCP relay process.

4. To configure for inserting 82 options when the DHCP process

conducts the relay forwarding, use ip dhcp relay
information option command in global configuration mode
as shown in Table 274.

Confidential and Proprietary Information of ZTE CORPORATION 201

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 274 IP DHCP RELAY INFORM ATION OPTION COMMAND

Command Command Command Function

Format Mode

ip dhcp relay Global This configures for inserting 82

information configuration options when the DHCP process
option conducts the relay forwarding

Result: This configures for inserting 82 options when the

DHCP process conducts the relay forwarding.

5. To configure the format for inserting the 82 options when the

DHCP process conducts the relay forwarding, use ip dhcp
relay information format china-tel/ dsl-forum command
in global configuration mode as shown in Table 275.

TABLE 275 IP DHCP RELAY INFORM ATION FORM AT COMM AND

Command Command Command Function

Format Mode

ip dhcp relay Global

information configuration This configures for inserting 82
format options when the DHCP process
china-tel/ conducts the relay forwarding
dsl-forum

Result: This configures for inserting 82 options when the

DHCP process conducts the relay forwarding.

6. 82 options format of China Telecom/ 82 options format of the

DSL forum:
Configure the DHCP process handling policy when the relay
data packet handled by the DHCP process has inserted 82
options, and in the local configuration 82 options is needed
to insert, use ip dhcp relay information policy keep/
replace command in global configuration mode as shown in
Table 276.

TABLE 276 IP DHCP RELAY INFORM ATION POLICY COMMAND

Command Command Command Function

Format Mode

ip dhcp relay Global This configures the DHCP process

information configuration handling policy when the relay
policy keep/ data packet handled by the
replace DHCP process has inserted 82
options.

Keep the previous 82 options,and transparently

transmit/replace them.

202 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 16 Configuring DHCP

Result: This configures the DHCP process handling policy

when the relay data packet handled by the DHCP process has
inserted 82 options.

7. To debug the dhcp process, use debug ip dhcp command in

Priviliged mode as shown in Table 277.

TABLE 277 DEBUG IP DHCP COMMAND

Command Command Command Function

Format Mode

debug ip Global This enables to debug the dhcp

dhcp configuration process

Result: This enables to debug the dhcp process.

END OF STEPS.

DHCP Configuration Example

DHCP Server R1 acts as the DHCP server and default gateway, and the host
Configuration obtains IP addresses through the DHCP dynamically, as shown in
Example Figure 29.

FIGURE 29 DHCP SERVER CONFIGURATION EXAMPLE

NDS server
10.10.2.2/24

R1 10.10.1.1/24

PC
FTP server
10.10.1.2/24

R1 configuration:

Confidential and Proprietary Information of ZTE CORPORATION 203

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

ZXR10(config)#ip dhcp server dns 10.10.2.2

ZXR10(config)#ip dhcp server leasetime 90
ZXR10(config)#ip local pool dhcp 10.10.1.3
10.10.1.254 255.255.255.0
ZXR10(config)#interface fei_1/1
ZXR10(config-if)#user-interface
ZXR10(config-if)#ip address 10.10.1.1 255.255.255.0
ZXR10(config-if)#ip dhcp gateway 10.10.1.1
255.255.255.0
ZXR10(config-if)#peer default ip pool dhcp
ZXR10(config-if)#exit
ZXR10(config)#ip dhcp server enable
ZXR10(config)#ip dhcp server update arp
ZXR10(config)#ip local pool conflict-ip
DHCP Relay
The router at the user end is connected directly as DHCP relay
Configuration
when the DHCP client and server are not in the same network.
Example
R1 enables DHCP relay function, and a single server 10.10.2.2
provides DHCP server function, as shown in Figure 30. This
mode is usually adopted when a lot of hosts require the DHCP
service.

FIGURE 30 DHCP RELAY CONFIGURATION EXAMPLE

DHCP server
10.10.2.2/24

R1 10.10.1.1/24

PC
FTP server
10.10.1.2/24

R1 configuration:

204 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 16 Configuring DHCP

ZXR10(config)#interface fei_1/1
ZXR10(config-if)#user-interface
ZXR10(config-if)#ip address 10.10.1.1
255.255.255.0
ZXR10(config-if)#ip dhcp relay agent 10.10.1.1
ZXR10(config-if)#ip dhcp relay server 10.10.2.2
ZXR10(config-if)#exit
ZXR10(config)#ip dhcp relay enable
ZXR10(config)#ip dhcp relay update arp

Confidential and Proprietary Information of ZTE CORPORATION 205

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

206 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 17

Configuring VRRP

Introduction This chapter introduces VRRP protocol and its relevant

configuration on the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 278 TOPICS IN CHAPTER 17

Topic Page No

Overview 207

Basic VRRP Configuration 208

VRRP Maintenance and Diagnosis 210

VRRP Configuration Example 211

Overview
The host in a broadcast domain usually sets a default gateway
as the next hop of route packets. The host in the broadcast
domain cannot communicate with the host in another network
unless the default gateway works normally. To avoid a single-
point fault caused by the default gateway, a broadcast domain
can be configured with multiple router interfaces, and also the
routers run Virtual Router Redundancy Protocol (VRRP).
The VRRP is used to configure multiple router interfaces in a
broadcast domain into a group to form a virtual router, and
assigns an IP address to the router to function as its interface
address. This interface address may be the address of one of
router interfaces or the third party address.
The router is used as the master router if its interface address is
used, and other routers are used as the backup ones.
The router with high priority is used as the master router if the
third party address is used. If two routers have the same priority,
the router sending VRRP packets first is used as the master one.

Confidential and Proprietary Information of ZTE CORPORATION 207

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Set the IP address of the virtual router to gateway on the host in

this broadcast. The master router is replaced with the backup
router with the highest priority if the master one is faulty, with
affecting the host in this domain. The host in this domain cannot
communicate with outside world unless all routers in the VRRP
group work abnormally.
We can configure these routers into multiple groups for mutual
backup. The hosts in the domain use different IP addresses as
gateway to implement data load balance.

Basic VRRP Configuration

Purpose Below procedure gives information about basic VRRP
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.

Steps 1. To configure the virtual IP address of VRRP on an interface

and runs VRRP, use vrrp <group> ip <ip-address>
[secondary] command in interface configuration mode as
shown in Table 279.

TABLE 279 VRRP IP COMMAND

Command Command Command Function

Format Mode

vrrp Interface
<group> ip configuration This configures the virtual IP
<ip- address of VRRP on an interface
address> and runs VRRP
[secondary]

Result: This configures the virtual IP address of VRRP on an

interface and runs VRRP.
Configure multiple virtual addresses in a VRRP address, the
linked host can use any address as gateway for
communication.
2. To configure VRRP priority on the interface, use vrrp
<group> priority <priority> command in interface
configuration mode as shown in Table 280.

TABLE 280 VRRP PRIORITY COMMAND

Command Command Command Function

Format Mode

vrrp Interface
<group> configuration This configures VRRP priority on
priority the interface
<priority>

208 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 17 Configuring VRRP

Result: This configures VRRP priority on the interface.

3. To configure whether the virtual equipment can preempt in
backup status, use vrrp <group> preempt [delay
<seconds>] command in interface configuration mode as
shown in Table 281.

TABLE 281 VRRP PREEMPT COMMAND

Command Command Command Function

Format Mode

vrrp Interface
<group> configuration This configures whether the
preempt virtual equipment can preempt in
[delay backup status
<seconds>]

Result: This configures whether the virtual equipment can

preempt in backup status.
4. To configure an interval for sending a VRRP advertisement on
the interface, use vrrp <group> advertise [msec]
<interval> command in interface configuration mode as
shown in Table 282.

TABLE 282 VRRP ADVERTISE COMM AND

Command Command Command Function

Format Mode

vrrp Interface
<group> configuration This configures an interval for
preempt sending a VRRP advertisement on
[delay the interface
<seconds>]

Result: This configures an interval for sending a VRRP

advertisement on the interface.
5. To configure how to learn about the time interval for sending
VRRP packets on the interface, use vrrp <group> learn
command in interface configuration mode as shown in Table
283.

TABLE 283 VRRP LEARN COMM AND

Command Command Command Function

Format Mode

vrrp Interface This configures how to learn about

<group> configuration the time interval for sending VRRP
learn packets on the interface

Result: This configures how to learn about the time interval

for sending VRRP packets on the interface.

Confidential and Proprietary Information of ZTE CORPORATION 209

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

6. To configure the string for VRRP authentication on the

interface, use vrrp <group> authentication <string>
command in interface configuration mode as shown in Table
284.

TABLE 284 VRRP AUTHENTICATION COMM AND

Command Command Command Function

Format Mode

vrrp <group> Interface This configures the string for

authentication configuration VRRP authentication on the
<string> interface

Result: This configures the string for VRRP authentication

on the interface.

7. To show all the Track configuration information, use show

track [<track-num>] command in Priviliged mode as shown
in Table 285.

TABLE 285 SHOW TRACK COMM AND

Command Command Command Function

Format Mode

show track Priviliged

This shows all the Track
[<track-
configuration information
num>]

Result: This shows all the Track configuration information.

END OF STEPS.

VRRP Maintenance and Diagnosis

Purpose Below procedure gives information about VRRP maintainance &
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To show the configuration information of all the VRRP groups,
use show vrrp [<group>|brief|interface <interface-name>]
command in Priviliged mode as shown in Table 286.

TABLE 286 SHOW VRRP COMM AND

Command Command Command Function

Format Mode

210 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 17 Configuring VRRP

Command Command Command Function

Format Mode

show vrrp Priviliged

[<group>| This shows the configuration
brief|interface information of all the VRRP
<interface- groups
name>]

Result: This shows the configuration information of all the

VRRP groups.

2. To turns on the VRRP debug information switch, use debug

vrrp {state|packet|event|error|all} command in Priviliged
mode as shown in Table 287.

TABLE 287 DEBUG VRRP COMM AND

Command Command
Command Format Mode Function

debug vrrp Priviliged This turns on the

{state|packet|event|error|all} VRRP debug
information
switch

Result: This turns on the VRRP debug information switch.

NOTE: The use of the debug command may affect the
performance of routers. This is recommended that the no
command be used to disable the debug command after
debugging.

VRRP Configuration Example

Basic VRRP R1 and R2 runs the VRRP protocol between each other, as
Configuration shown in Figure 31. The R1 interface address 10.0.0.1 is used as
the VRRP virtual address; therefore R1 is used as the master
router.

Confidential and Proprietary Information of ZTE CORPORATION 211

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

FIGURE 31 BASIC VRRP CONFIGURATION EXAMPLE

master backup

R1
R2
10.0.0.1/16 10.0.0.2/16

PC4
PC1 PC2 PC3

Gateway 10.0.0.1/16

R1 configuration:

ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ip address 10.0.0.1
255.255.0.0
ZXR10_R1(config-if)#vrrp 1 ip 10.0.0.1

R2 configuration:

ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ip address 10.0.0.2
255.255.0.0
ZXR10_R2(config-if)#vrrp 1 ip 10.0.0.1

Symmetric As shown in Figure 32, two VRRP groups are booted in this
VRRP example, where PC1 and PC2 use the virtual router in Group 1
configuration as default gateway with the address 10.0.0.1, while PC3 and
PC4 use the virtual router in Group 2 as default gateway with
the address 10.0.0.2. Routers R1 and R2 back up each other.
The external communications of the four hosts will be
interrupted only when both routers fail.

212 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 17 Configuring VRRP

FIGURE 32 SYMMETRIC VRRP CONFIGURATION EX AMPLE

master backup

R1 R2
Interface:10.0.0.1/16 Interface:10.0.0.2/16
group-id=1,addr=10.0.0.1/16 group-id=1,addr=10.0.0.1/16
group-id=2,addr=10.0.0.2/16 group-id=2,addr=10.0.0.2/16

PC1 PC2 PC3 PC4

Gateway:10.0.0.1/16 Gateway:10.0.0.2/16

R1 configuration:

ZXR10_R1(config)#interface fei_1/1
ZXR10_R1(config-if)#ip address 10.0.0.1
255.255.0.0
ZXR10_R1(config-if)#vrrp 1 ip 10.0.0.1
ZXR10_R1(config-if)#vrrp 2 ip 10.0.0.2

R2 configuration:

ZXR10_R2(config)#interface fei_1/1
ZXR10_R2(config-if)#ip address 10.0.0.2
255.255.0.0
ZXR10_R2(config-if)#vrrp 1 ip 10.0.0.1
ZXR10_R2(config-if)#vrrp 2 ip 10.0.0.2

Confidential and Proprietary Information of ZTE CORPORATION 213

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

214 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18

Configuring Load Sharing

Introduction This chapter introduces load sharing and its relevant

configuration on the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 288 TOPICS IN CHAPTER 19

Topic Page No

Overview 215

Basic Load Sharing Configuration 215

Load Sharing Example 217

Default Route Load Sharing Example 223

Dynamic Load Sharing Example 230

Overview
Load sharing is a strategy to conduct load balance on multi-links.
Load sharing can base on the source and destination addresses
or base on signal packet.

Basic Load Sharing Configuration

Purpose Below procedure gives information about basic load sharing
configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To configure protocol to support load sharing, use
maximum-paths <number> command in route
configuration mode as shown in Table 289.

Confidential and Proprietary Information of ZTE CORPORATION 215

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 289 MAXIMUM P ATHS COMM AND

Command Command Command Function

Format Mode

maximum- Route
This configures protocol to
paths configuration
support load sharing
<number>

Result: This configures protocol to support load sharing.

Currently the ZXR10 1800/2800/3800 Router supports BGP,
OSPF, ISIS, RIP and load sharing of the static route.
For example: configure BGP load sharing:

DUT1(config)#router bgp 100

DUT1(config-router)#maximum-paths 8

2. To configure interface load sharing mode, use ip load-

sharing {per-destination|per-packet} command in route
configuration mode as shown in global configuration mode as
shown in Table 290.

TABLE 290 IP LOAD SHARING COMM AND

Command Command Command Function

Format Mode

ip load-sharing Global
{per- configuration This configures interface load
destination|per- sharing mode
packet}

Result: This configures interface load sharing mode.

„ Load sharing is configured on the egress, per-destination by
default.
„ Load sharing mode is the per-packet only when all interfaces
are configured as per-packet mode.
For example: configure load-sharing mode:

DUT1(config)#int fei_1/1
DUT1(config-if)#ip load-sharing per-packet
DUT1(config-if)#exit
DUT1(config)#show running-config interface fei_1/1
Building configuration...
interface fei_1/1
negotiation auto
ip load-sharing per-packet
end

216 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18 Configuring Load Sharing

3. To configure dynamic load sharing bandwidth on interface,

use load-sharing bandwidth<1-10000> in interface
configuration mode as shown in Table 291.

TABLE 291 LOAD SHARING BANDWIDTH COMM AND

Command Command Command Function

Format Mode

load-sharing Global
This configures dynamic load
bandwidth<1- configuration
sharing bandwidth on interface
10000>

Result: This configures dynamic load sharing bandwidth on

interface.
END OF STEPS.
Configure In calculating load-sharing weight, this should be
dynamic load calculated according to the link bandwidth. When the
sharing dynamic load sharing bandwidth is configured, then the
bandwidth: configured bandwidth will be used to participating in the
load sharing bandwidth calculating. At the same time,
when the link configured with load-sharing bandwidth is
occupied by other traffics, exceeding the configured load-
sharing bandwidth, the link will not participating the load
sharing function actually.
The dynamic load sharing bandwidths are different on
different links.

Load Sharing Example

BGP Load FIGURE 33 LOAD SHARING EXAMPLE
Sharing
Example IP_A a IP_A c

DUT1 DUT2

As shown in Figure 33, there are two thousand/hundred M links

between DUT1 and DUT2, and connects the tester with Pos48
port. Take the BGP load sharing as an example; the task of the
two routers is as follows:

Router Link 1 Link 2 AS

DUT1 gei_0/1,12.0.0.1 gei_0/2,12.0.1.1 100
DUT2 gei_0/1,12.0.0.2 gei_0/2,12.0.1.2 200

DUT1 configuration:

Confidential and Proprietary Information of ZTE CORPORATION 217

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

DUT1(config)#interface gei_0/1
DUT1(config-if)#ip address 12.0.0.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface gei_0/2
DUT1(config-if)#ip address 12.0.1.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface pos48_1/1
DUT1(config-if)#ip address 120.1.1.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#
DUT1(config)#router bgp 100
DUT1(config-router)#neighbor 12.0.0.2 remote-as
200
DUT1(config-router)#neighbor 12.0.1.2 remote-as
200
DUT1(config-router)#network 120.1.1.0
255.255.255.0
DUT1(config-router)#maximum-paths 8
DUT1(config-router)#exit
DUT1(config)#

DUT2 configuration:

DUT2(config)#interface gei_0/1
DUT2(config-if)#ip address 12.0.0.2 255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface gei_0/2
DUT2(config-if)#ip address 12.0.1.2 255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface pos48_1/1
DUT2(config-if)#ip address 120.1.2.2 255.255.255.0
DUT2(config-if)#exit
DUT2(config)#
DUT2(config)#router bgp 200
DUT2(config-router)#neighbor 12.0.0.1 remote-as
100
DUT2(config-router)#neighbor 12.0.1.1 remote-as
100
DUT2(config-router)#network 120.1.2.0
255.255.255.0
DUT2(config-router)#maximum-paths 8
DUT2(config)#

Query the DUT1 route:

218 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18 Configuring Load Sharing

DUT1#show ip route bgp

IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
120.1.2.0 255.255.255.0 12.0.1.2 gei_0/2
bgp 20 0
120.1.2.0 255.255.255.0 12.0.0.2 gei_0/1
bgp 20 0
120.1.2.2 255.255.255.255 12.0.1.2 gei_0/2
bgp 20 0
120.1.2.2 255.255.255.255 12.0.0.2 gei_0/1
bgp 20 0

Query the DUT2 route:

DUT1#show ip route bgp

IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
120.1.1.0 255.255.255.0 12.0.1.1
gei_0/2 bgp 20 0
120.1.1.0 255.255.255.0 12.0.0.1
gei_0/1 bgp 20 0
120.1.1.1 255.255.255.255 12.0.1.1
gei_0/2 bgp 20 0
120.1.1.1 255.255.255.255 12.0.0.1
gei_0/1 bgp 20 0

Here, the traffics between testers can send mutually to realize

load balance, and the load sharing can be checked through the
interface traffic statistic.
OSPF Load As shown in Figure 33, there are two thousand/hundred M links
Sharing between DUT1 and DUT2, and connects the tester with Pos48
Example port. Take the OSPF load sharing as an example; the task of the
two routers is as follows:

Router Link 1 Link 2

DUT1 gei_0/1,12.0.0.1 gei_0/2,12.0.1.1
DUT2 gei_0/1,12.0.0.2 gei_0/2,12.0.1.2

DUT1configuration:

Confidential and Proprietary Information of ZTE CORPORATION 219

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

DUT1(config)#interface gei_0/1
DUT1(config-if)#ip address 12.0.0.1
255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface gei_0/2
DUT1(config-if)#ip address 12.0.1.1
255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface pos48_1/1
DUT1(config-if)#ip address 120.1.1.1
255.255.255.0
DUT1(config-if)#exit
DUT1(config)#
DUT1(config)#router ospf 100
DUT1(config-router)#network 12.0.0.0 0.0.0.255
area 0
DUT1(config-router)#network 12.0.1.0 0.0.0.255
area 0
DUT1(config-router)#network 120.1.1.0 0.0.0.255
area 0
DUT1(config-router)#maximum-paths 8
DUT1(config-router)#exit
DUT1(config)#

DUT2configuration:

DUT2(config)#interface gei_0/1
DUT2(config-if)#ip address 12.0.0.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface gei_0/2
DUT2(config-if)#ip address 12.0.1.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface pos48_1/1
DUT2(config-if)#ip address 120.1.2.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#
DUT2(config)#router ospf 200
DUT2(config-router)#network 12.0.0.0 0.0.0.255
area 0
DUT2(config-router)#network 12.0.1.0 0.0.0.255
area 0
DUT2(config-router)#network 120.1.2.0 0.0.0.255

220 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18 Configuring Load Sharing

area 0
DUT2(config-router)#maximum-paths 8
DUT2(config)#

Query the DUT1 route:

DUT1#show ip route ospf
IPv4 Routing Table:
Dest Mask Gw
Interface Owner pri metric
120.1.2.0 255.255.255.0 12.0.1.2
gei_0/2 ospf 110 0
120.1.2.0 255.255.255.0 12.0.0.2
gei_0/1 ospf 110 0
...

Query the DUT2 route:

DUT1#show ip route bgp

IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
120.1.1.0 255.255.255.0 12.0.1.1
gei_0/2 ospf 110 0
120.1.1.0 255.255.255.0 12.0.0.1
gei_0/1 ospf 110 0
...

Here, the traffics between testers can send mutually to realize

load balance, and the load sharing can be checked through the
interface traffic statistic.
ISIS Load As shown in Figure 33, there are two thousand/hundred M links
Sharing between DUT1 and DUT2, and connects the tester with Pos48
Example port. Take the OSPF load sharing as an example, the task of the
two routers is as follows:

Router Link 1 Link 2

DUT1 gei_0/1,12.0.0.1 gei_0/2,12.0.1.1
DUT2 gei_0/1,12.0.0.2 gei_0/2,12.0.1.2

DUT 1configuration:
DUT1(config)#interface gei_0/1
DUT1(config-if)#ip address 12.0.0.1 255.255.255.0
DUT1(config-if)#ip router isis
DUT1(config-if)#exit
DUT1(config)#interface gei_0/2
DUT1(config-if)#ip address 12.0.1.1 255.255.255.0
DUT1(config-if)#ip router isis

Confidential and Proprietary Information of ZTE CORPORATION 221

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

DUT1(config-if)#exit
DUT1(config)#interface pos48_1/1
DUT1(config-if)#ip address 120.1.1.1 255.255.255.0
DUT1(config-fi)#ip router isis
DUT1(config-if)#exit
DUT1(config)#
DUT1(config)#router isis
DUT1(config-router)#maximum-paths 8
DUT1(config-router)#exit
DUT1(config)#

DUT2 configuration:

DUT2(config)#interface gei_0/1
DUT2(config-if)#ip address 12.0.0.2 255.255.255.0
DUT2(config-if)#ip router isis
DUT2(config-if)#exit
DUT2(config)#interface gei_0/2
DUT2(config-if)#ip address 12.0.1.2 255.255.255.0
DUT2(config-if)#ip router isis
DUT2(config-if)#exit
DUT2(config)#interface pos48_1/1
DUT2(config-if)#ip address 120.1.2.2 255.255.255.0
DUT2(config-if)#ip router isis
DUT2(config-if)#exit
DUT2(config)#
DUT2(config)#router isis
DUT2(config-router)#maximum-paths 8
DUT2(config)#

Query the DUT1 route:

DUT1#show ip route isis-l2
IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
120.1.2.0 255.255.255.0 12.0.1.2 gei_0/2
isis-l2 115 10
120.1.2.0 255.255.255.0 12.0.0.2 gei_0/1
isis-l2 115 10
...

222 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18 Configuring Load Sharing

Query the DUT2 route:

DUT1#show ip route isis-l2

IPv4 Routing Table:
Dest Mask Gw
Interface Owner pri metric
120.1.1.0 255.255.255.0 12.0.1.1 gei_0/2
isis-l2 115 10
120.1.1.0 255.255.255.0 12.0.0.1 gei_0/1
isis-l2 115 10
...

Here, the traffics between testers can send mutually to realize

load balance, and the load sharing can be checked through the
interface traffic statistic.

Default Route Load Sharing

Example
Static Default As shown in Figure 33, there are two thousand/hundred M links
Route Load between DUT1 and DUT2, and connects the tester with Pos48
Sharing port. Take the OSPF load sharing as an example; the task of the
Example two routers is as follows:

Router Link 1 Link 2

DUT1 gei_0/1,12.0.0.1 gei_0/2,12.0.1.1
DUT2 gei_0/1,12.0.0.2 gei_0/2,12.0.1.2

DUT1 configuration:
DUT1(config)#interface gei_0/1
DUT1(config-if)#ip address 12.0.0.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface gei_0/2
DUT1(config-if)#ip address 12.0.1.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface pos48_1/1
DUT1(config-if)#ip address 120.1.1.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#ip route 0.0.0.0 0.0.0.0 12.0.0.2 tag
150
DUT1(config)#ip route 0.0.0.0 0.0.0.0 12.0.1.2 tag
160
DUT1(config)#
DUT1(config)#

Confidential and Proprietary Information of ZTE CORPORATION 223

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

DUT2 configuration:

DUT2(config)#interface gei_0/1
DUT2(config-if)#ip address 12.0.0.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface gei_0/2
DUT2(config-if)#ip address 12.0.1.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface pos48_1/1
DUT2(config-if)#ip address 120.1.2.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#
DUT2(config)#ip route 0.0.0.0 0.0.0.0 12.0.0.1
tag 150
DUT2(config)#ip route 0.0.0.0 0.0.0.0 12.0.1.1
tag 160
DUT2(config)#

Query the DUT1 route:

DUT1# show ip route static
IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
0.0.0.0 0.0.0.0 12.0.1.2 gei_0/2
static 1 0
0.0.0.0 0.0.0.0 12.0.0.2 gei_0/1
static 1 0
...

Query the DUT2 route:

DUT1#show ip route bgp

IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
0.0.0.0 0.0.0.0 12.0.1.1 gei_0/2
static 1 0
0.0.0.0 0.0.0.0 12.0.0.1 gei_0/1
static 1 0
...

224 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18 Configuring Load Sharing

Here, the traffics between testers can send mutually to realize

load balance, and the load sharing can be checked through the
interface traffic statistic.
OSPF Default As shown in Figure 33, there are two thousand/hundred M links
Route Load between DUT1 and DUT2, and connects the tester with Pos48
Sharing port. Take the OSPF load sharing as an example; the task of the
Example two routers is as follows:

Router Link 1 Link 2

DUT1 gei_0/1,12.0.0.1 gei_0/2,12.0.1.1
DUT2 gei_0/1,12.0.0.2 gei_0/2,12.0.1.2

DUT1 configuration:
DUT1(config)#interface gei_0/1
DUT1(config-if)#ip address 12.0.0.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface gei_0/2
DUT1(config-if)#ip address 12.0.1.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface pos48_1/1
DUT1(config-if)#ip address 120.1.1.1
255.255.255.0
DUT1(config-if)#exit
DUT1(config)#
DUT1(config)#router ospf 100
DUT1(config-router)#network 12.0.0.0 0.0.0.255
area 1
DUT1(config-router)#network 12.0.1.0 0.0.0.255
area 1
DUT1(config-router)#network 120.1.1.0 0.0.0.255
area 1
DUT1(config-router)#maximum-paths 8
DUT1(config-router)#area 1 stub
DUT1(config-router)#exit
DUT1(config)#

DUT2 configuration:

DUT2(config)#interface gei_0/1
DUT2(config-if)#ip address 12.0.0.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface gei_0/2
DUT2(config-if)#ip address 12.0.1.2
255.255.255.0

Confidential and Proprietary Information of ZTE CORPORATION 225

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

DUT2(config-if)#exit
DUT2(config)#interface pos48_1/1
DUT2(config-if)#ip address 120.1.2.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#
DUT2(config)#router ospf 200
DUT2(config-router)#network 12.0.0.0 0.0.0.255
area 0
DUT2(config-router)#network 12.0.1.0 0.0.0.255
area 0
DUT2(config-router)#network 120.1.2.0
0.0.0.255 area 0
DUT2(config-router)#maximum-paths 8
DUT2(config-router)#area 1 stub no-summary
DUT2(config)#

Query the DUT1 route:

DUT1#show ip route ospf
IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
0.0.0.0 0.0.0.0 12.0.1.2 gei_0/2
ospf 110 0
0.0.0.0 0.0.0.0 12.0.0.2 gei_0/1
ospf 110 0
...

Here, the testers send traffics from the corresponding DUT1

interface to realize load balance, and the load sharing on DUT1
interface can be checked through the interface traffic statistic.
ISIS Default As shown in Figure 33, there are two thousand/hundred M links
Route Load between DUT1 and DUT2, and connects the tester with Pos48
Sharing port. Take the OSPF load sharing as an example; the task of the
Example two routers is as follows:

Router Link 1 Link 2

DUT1 gei_0/1,12.0.0.1 gei_0/2,12.0.1.1
DUT2 gei_0/1,12.0.0.2 gei_0/2,12.0.1.2

226 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18 Configuring Load Sharing

DUT1 configuration:

DUT1(config)#interface gei_0/1
DUT1(config-if)#ip address 12.0.0.1 255.255.255.0
DUT1(config-if)#ip router isis
DUT1(config-if)#isis circuit-type level-1
DUT1(config-if)#exit
DUT1(config)#interface gei_0/2
DUT1(config-if)#ip address 12.0.1.1 255.255.255.0
DUT1(config-if)#ip router isis
DUT1(config-if)#isis circuit-type level-1
DUT1(config-if)#exit
DUT1(config)#interface pos48_1/1
DUT1(config-if)#ip address 120.1.1.1 255.255.255.0
DUT1(config-fi)#ip router isis
DUT1(config-if)#isis circuit-type level-1
DUT1(config-if)#exit
DUT1(config)#
DUT1(config)#router isis
DUT1(config-router)#maximum-paths 8
DUT1(config-router)# is-type level-1
DUT1(config-router)#exit
DUT1(config)#

DUT2 configuration:

DUT2(config)#interface gei_0/1
DUT2(config-if)#ip address 12.0.0.2 255.255.255.0
DUT2(config-if)#ip router isis
DUT2(config-if)#exit
DUT2(config)#interface gei_0/2
DUT2(config-if)#ip address 12.0.1.2 255.255.255.0
DUT2(config-if)#ip router isis
DUT2(config-if)#exit
DUT2(config)#interface pos48_1/1
DUT2(config-if)#ip address 120.1.2.2 255.255.255.0
DUT2(config-if)#ip router isis
DUT2(config-if)#exit
DUT2(config)#
DUT2(config)#router isis
DUT2(config-router)#maximum-paths 8
DUT2(config)#

Confidential and Proprietary Information of ZTE CORPORATION 227

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Query the DUT1 route:

DUT1#show ip route isis-l1
IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
0.0.0.0 0.0.0.0 12.0.1.2 gei_0/2 isis-
l1 115 10
0.0.0.0 0.0.0.0 12.0.0.2 gei_0/1 isis-
l1 115 10
...

Here, the testers send traffics mutually from the corresponding

DUT1 interface, DUT2 establishes 12 neighbors with the tester to
realize load balance, and the load sharing can be checked
through the interface traffic statistic.
BGP Default As shown in Figure 33, there are two thousand/hundred M links
Route Load between DUT1 and DUT2, and connects the tester with Pos48
Sharing port. Take the BGP load sharing as an example; the task of the
Example two routers is as follows:

Router Link 1 Link 2

DUT1 gei_0/1,12.0.0.1 gei_0/2,12.0.1.1
DUT2 gei_0/1,12.0.0.2 gei_0/2,12.0.1.2

DUT1 configuration:
DUT1(config)#interface gei_0/1
DUT1(config-if)#ip address 12.0.0.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface gei_0/2
DUT1(config-if)#ip address 12.0.1.1 255.255.255.0
DUT1(config-if)#exit
DUT1(config)#interface pos48_1/1
DUT1(config-if)#ip address 120.1.1.1
255.255.255.0
DUT1(config-if)#exit
DUT1(config)#
DUT1(config)#router bgp 100
DUT1(config-router)#neighbor 12.0.0.2 remote-as
200
DUT1(config-router)#neighbor 12.0.1.2 remote-as
200
DUT1(config-router)#network 120.1.1.0
255.255.255.0
DUT1(config-router)#maximum-paths 8
DUT1(config-router)#exit
DUT1(config)#

228 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18 Configuring Load Sharing

DUT2 configuration:

DUT2(config)#interface gei_0/1
DUT2(config-if)#ip address 12.0.0.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface gei_0/2
DUT2(config-if)#ip address 12.0.1.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#interface pos48_1/1
DUT2(config-if)#ip address 120.1.2.2
255.255.255.0
DUT2(config-if)#exit
DUT2(config)#
DUT2(config)#router bgp 200
DUT2(config-router)#neighbor 12.0.0.1 remote-as
100
DUT2(config-router)#neighbor 12.0.0.1 default-
originate
DUT2(config-router)#neighbor 12.0.1.1 remote-as
100
DUT2(config-router)#neighbor 12.0.1.1 default-
originate
DUT2(config-router)#network 120.1.2.0
255.255.255.0
DUT2(config-router)#maximum-paths 8
DUT2(config)#

Query the DUT1 route:

DUT1#show ip route bgp
IPv4 Routing Table:
Dest Mask Gw Interface
Owner pri metric
0.0.0.0 0.0.0.0 12.0.1.2 gei_0/2
bgp 20 0
0.0.0.0 0.0.0.0 12.0.0.2 gei_0/1
bgp 20 0
...

Here, testers can send traffic from DUT1 side to realize load
balance, and the load sharing can be checked through the
interface traffic statistic.

Confidential and Proprietary Information of ZTE CORPORATION 229

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Dynamic Load Sharing Example

FIGURE 34 DYNAMIC LOAD SHARING EXAMPLE

13.1.1.2/24
Common data
stream R1 R2
1
2
Special stream 3
14.1.1.2/24
(such as voice or
video)

As shown in Figure 34, R1 and R2 are connected through 3 links,

for example: link 1, 2 and 3. The bandwidths of the three links
are all 2M. Load sharing is all enabled on the three links. The
special data stream is specified to go through Link 3 (the static
routing configuration mode used in this example, the link can
also be made through the strategy routing mode, and the effect
is the same), while common data stream realize the load sharing
on link 1, 2 and 3. The special point lies in that link 3 is
configured with the bandwidth share-loading command, which
makes link 3 will not take the load-sharing traffic forwarding
when the bandwidth on link 3 reaches or exceeds 1M. (Take
OSPF Load sharing as an example)
Link 1: CE1_1/1.1
Link 2: CE1_1/2.1
Link 3: CE1_1/3.1
Voice flow: fei_2/1 Destination address 14.1.1.2/24
Common data: fei_3/1 Destination address 13.1.1.2/24

R1 configuration:
R1(config)#interface ce1_1/1.1
R1(config-if)#ip address 12.0.1.1 255.255.255.0
R1(config-if)#ip load-sharing per-packet
R1(config-if)#exit
R1(config)#interface ce1_1/2.1
R1(config-if)#ip address 12.0.2.1 255.255.255.0
R1(config-if)# ip load-sharing per-packet
R1(config-if)#exit
R1(config)#interface ce1_1/3.1
R1(config-if)#ip address 12.0.3.1 255.255.255.0
R1(config-if)# ip load-sharing per-packet
R1(config-if)# load-sharing bandwidth 1000
R1(config-if)#exit
R1(config)#interface fei_2/1
R1(config-if)#ip address 120.1.1.1 255.255.255.0

230 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 18 Configuring Load Sharing

R1(config-if)#exit
R1(config)# interface fei_3/1
R1(config-if)#ip address 120.1.2.1 255.255.255.0
R1(config-if)#exit
R1(config)#router ospf 100
R1(config-router)#network 12.0.1.0 0.0.0.255 area
0
R1(config-router)#network 12.0.2.0 0.0.0.255 area
0
R1(config-router)#network 12.0.3.0 0.0.0.255 area
0
R1(config-router)#network 120.1.2.0 0.0.0.255
area 0
R1(config-router)#maximum-paths 8
R1(config-router)#exit
R1(config)#ip route 14.1.1.0 255.255.255.0
12.0.3.2

DUT2 configuration:
R2(config)#interface ce1_1/1.1
R2(config-if)#ip address 12.0.1.2 255.255.255.0
R2(config-if)#exit
R2(config)#interface ce1_1/2.1
R2(config-if)#ip address 12.0.2.2 255.255.255.0
R2(config-if)#exit
R2(config)#interface ce1_1/3.1
R2(config-if)#ip address 12.0.3.2 255.255.255.0
R2(config-if)#exit
R2(config)#interface fei_2/1
R2(config-if)#ip address 120.1.1.2 255.255.255.0
R2(config-if)#exit
R2(config)# interface fei_3/1
R2(config-if)#ip address 120.1.2.2 255.255.255.0
R2(config-if)#exit
R2(config)#router ospf 100
R2(config-router)#network 12.0.1.0 0.0.0.255 area
0
R2(config-router)#network 12.0.2.0 0.0.0.255 area
0
R2(config-router)#network 12.0.3.0 0.0.0.255 area
0
R2(config-router)#network 13.1.1.0 0.0.0.255 area
0
R2(config-router)#network 14.1.1.0 0.0.0.255 area
0
R2(config-router)#exit
R2(config)#

Confidential and Proprietary Information of ZTE CORPORATION 231

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Query the DUT1 route:

DUT1#show ip route
IPv4 Routing Table:
Dest Mask Gw
Interface Owner pri metric
13.1.1.0 255.255.255.0 12.0.1.2 ce1_1/1.1
ospf 110 0
13.1.1.0 255.255.255.0 12.0.2.2 ce1_1/2.1
ospf 110 0
13.1.1.0 255.255.255.0 12.0.3.2 ce1_1/3.1
ospf 110 0
14.1.1.0 255.255.255.0 12.0.3.2 ce1_1/3.1
static 1 0
...

First the special flow and common flow deliver at the same time,
keep the bandwidth of the special flow is no more than 1M, here
link 3 will take data packet forwarding of both the special flow,
and part of common flow. Add special flow up to 1M, here link 3
will take all data packet forwarding of the special flow, but take
part of common flow no more, and remain this state when the
flow keeps growing. When the special flow traffic falls less than
1M, link 3 will dynamically detect the variation of the bandwidth,
and then share the common flow forwarding function.

232 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19

Configuring QoS

Introduction This chapter introduces QoS and its relevant configuration on

the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 292 TOPICS IN CHAPTER 19

Topic Page No

Overview 215

Basic Load Sharing Configuration 215

Load Sharing Example 217

Default Route Load Sharing Example 223

Dynamic Load Sharing Example 230

Overview
In traditional IP network, all packets will be treated in the same
way; each router will use First In First Out Queuing (FIFO)
strategy to process all packets, and do the best-effort send the
packets to the destination, but provide no guarantee to the
security or transmission delay.
With the continuous emergence of new applications of IP
network, a new requirement for IP network service quality is
raised, because the traditional IP network at the best effort
cannot satisfy the requirement for applications. For example, the
VoIP service, if the packet is transmitted with long delay, it
cannot be accepted by users. To solve the problem, provide the
Internet with the capability of supporting QoS.
QoS is used to offer various applications different service quality
to meet different requirements of applications, for example, to
provide specific bandwidth, reduce packet loss ratio, and

Confidential and Proprietary Information of ZTE CORPORATION 233

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

decrease packet transfer delay and delay jitter. To implement

the above purposes, QoS provides the following functions:
1. Packet classification and coloring up
2. Congestion management
3. Traffic policing and traffic shaping
4. Congestion avoidance
5. Total rate limit of the physical interface
Packet Packet classification is to divide the packet into multi priorities or
Classification service types. Network administrator can set packet
classification strategy, which including physical interface, source
address, destination address, MAC address, IP protocol, port
number of the application.
General classification algorithms are all limited in the head of the
IP packet, including link layer (Layer 2), network layer (Layer 3),
and transmission layer (Layer 4); packet contents are seldom
used for classification standards. There is on scope limit on the
classification results, which can be the stream, determined by a
five-element group (source address, source port number,
protocol number, destination address, destination port number),
or can be all packets of a certain network segment.
Packet classification uses the following technologies: ACL and IP
priority. Generally, on the boarder of the network, ADC and MAC
addresses, interfaces and other matching rules are used to
classify a packet.
Congestion Congestion management is how to manage and control when the
Management network is congested. The processing method of the congestion
management is use queuing technology, send all packets from
one interface to multi queues, and process them according the
priority of each queue. Different queuing algorithms are used to
solve different problems, and different effects will be produced
consequently. The queues used by the ZXR10 1800/2800/3800
Router are FIFO and PQ.

The handling of the congestion management includes creation of

the queues, classification of the packet, sending packets to
different queues, and queuing dispatching. When an interface is
not congested, the packet will be sent out immediately when it
reaches the interface. When the speed of the packet reaching an
interface exceeds the speed of an interface sending a packet,
the interface will be congested.

Here, the congestion management will classify these packet, and

send to different queues; which the queue dispatching will
process the packets with different priorities respectively, and the
packet with high priority will be processed with priority.

1. First In First Out Queuing (FIFO)

234 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19 Configuring QoS

FIGURE 35 FIFO QUEUING DIAGRAM

Queuing Dequeue
dispatching
FIFO
The data packets that Data packet left
should be transmitted the interface
on this interface.

As shown in Figure 35, all packets that output from this interface
will enter into the tail of the FIFO queue of the interface
according to the sequence of arriving; when the interface sends
packets, it starts to send in turn from the head of the FIFO
queue. There is no distinction when all the packets are sent, and
provide no guarantee to the quality of the packet transmission.

2. Priority Queuing

FIGURE 36 PQ QUEUING DIAGR AM

Queuing

high Dequeue
Queuing
dispatching
Classific medium
ation
The data normal Data packet left
packets that
the interface
should be
low
transmitted on
this interface

As shown in
2. Priority Queuing
, PQ is to classify the packets, and it can classify all packets into
four categories at most. The packets will be sent to the
corresponding queues according to the packet classification.
Four queues in PQ are high, medium, normal and low, with
priority reduced in turn.
When the packet dequeues, PQ will let the packet with high
priority dequeue and send it. The packet with the medium
priority will not be sent until all the packets with high priority are
sent. Similarly, the packet with normal priority will not be sent
only after the packets with medium priority are sent, and the
last is the queue with low priority.
Thus, the packet with higher priority in the classification will be
sent with priority, while the packet with higher priority will
forestall the packet with lower priority in the congestion time. In
this way the packet of the key service will be processed with
priority, and the packet of the non-key service will be handled

Confidential and Proprietary Information of ZTE CORPORATION 235

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

after the key service is processed. Thus, not only timely

processing of the key service is guaranteed, but also the
network resource is fully used.
Traffic Policing Traffic policing is typically to restrain the traffic and conflict of a
certain connection entering into a certain network. When the
packet satisfy a certain condition, if the packet traffic of a
certain connection is over large, the traffic policing will take
different actions to process the packet, such as drop the packet,
or reset the priority level of the packet. Generally, CAR are used
to restrain the traffic of a certain type of packet, for example,
the HTTP packets are restrained not to exceed 50% network
bandwidth.
For ISP, it is really necessary to control the traffic sent to the
network by users. For enterprise networks, controlling on some
applications is an effective tool to control network status. The
network administrator can also use Committed Access Rate (CAR)
to control traffic.
CAR takes the use of Token Bucket (TB) to control traffic, as
shown in Figure 37.

FIGURE 37 BASIC HANDLING PROCESS DIAGR AM

Put the token into the

bucket according to the
specified speed
Classific
ation
The data Continuous
packets that transmission
should be
transmitted on
Token Pass
this interface
bucket

Drop

First, classify the packets according to the matching rules preset.

If the packet has no stated traffic restriction, it can be sent
continuously without the processing in the token bucket; if the
packet is to be controlled in its traffic, and then it should be
processed in the token bucket.
If there are enough tokens in the token bucket that can be used
for sending packet, then the packets is allowed to pass, and the
packet can be sent continuously; if the tokens in the token
bucket cannot satisfy the sending conditions, then the packet
will be dropped. Thus, the traffic can be controlled on a certain
type of packet.
The token bucket puts the token according to the speed set by
the user. The user can also set the capacity of the bucket. When
the token in the bucket exceeds the capacity of the bucket, the
token will not be added. When the packet is processed by the

236 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19 Configuring QoS

token bucket, if there are enough tokens in the token bucket

that can be used for sending packet, then the packets is allowed
to pass, at the same time, the amount of token in the bucket will
be reduced correspondingly according to the length of the packet.
When the token in the bucket are so few that a packet cannot be
sent, the packet will be dropped.
Token bucket is very good tool for controlling data traffic. When
the token bucket is full of tokens, all the packets presented by
tokens in the bucket can be sent, burst data transmission is
allowed in this case. When there are no tokens in the bucket,
the packet cannot be sent, and it can be sent again only when
new tokens produced in the bucket. In this way the packet
traffic have to be less or equal to the speed of token generating,
so that to reach the purpose of restricting the traffic.

Congestion Avoidance
The memory resource is limited, processing with traditional
processing method, when the length of the queue reach the
stated maximum, all incoming packets will be dropped. For the
TCP packet, if a large number of packets are dropped, it will
result in timeout of TCP, which will trigger a slow booting of TCP
and congestion avoidance mechanism, making the TCP reduce
the packet transmission.
When the queue drops multi TCP connection packets at the
same time, it will cause multi TCP connections entering slow
booting and congestion avoidance at the same time, which is
called global TCP synchronization. Thus the packets that multi
TCP connections send to the queue will be reduced
simultaneously, which make the amount of packet sending to
the queue is less than the speed of line sending, and reduce the
use of the link bandwidth. And, the packet traffic sending to the
queue often changes randomly, which makes the traffic on the
line vibrates between extremely less and extremely full.
To avoid such kind of cases, a queue can use the drop policy of
the WRED packet (the difference between WRED and RED lies in
that the former introduces IP priority to distinguish drop
policies).When the WRED is used, user can set the low and high
limit of the queue.
When the length of the queue is less than the low limit, WRED
does not drop the packet; when the length is between the low
limit and high limit, WRED starts to drop the packet at random
(the longer the queue is, the higher probability it will be
dropped); when the length of the queue is greater than the high
limit, it will drop all the packets.
Because WRED drops packet randomly, it can avoid multi-TCP
connections reducing transmission speed at the same time, and
avoid global synchronization phenomenon of TCP. When the
packet of a certain TCP connection is dropped and is sent slow

Confidential and Proprietary Information of ZTE CORPORATION 237

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

down, other TCP connection is still sent with higher transmission

speed. Thus, no matter when there are always TCP connections
with higher speed transmission, which improves the usage of the
link bandwidth.
If the comparison between the queuing length, and low/high
limit set by a user are adopted directly, and drop (this is the
absolute length of setting queuing threshold), which will result in
unfair treat to the burst data stream, making against the
transmission of the data stream.
Therefore when compared with the low/high limit and drop,
average length of queuing is adopted (this is the comparative
value of setting the comparison between the queuing threshold
and average length). The average length of queue is the result
of the queuing length being filtered with low pass. It reflects the
variation tendency of the queue, and is not sensitive to the
sudden change of the queue, thus it avoids the unfair treatment
to the burst data stream.
Figure 38and Figure 39show the WRED policy and tail drop
policy respectively.

FIGURE 38 WRED POLICY

WRED
policy
Dequeue
dispatching
Continuous
Drop transmission
threshold

FIGURE 39 TAIL DROP POLICIES

Tail drop
policy

Dequeue
dispatching
Continuous
transmission

CAR Configuration
Purpose Below procedure gives information about CAR configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps Use the following commands to set interface input or output
traffic policing strategy, and configure promised access rate.

238 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19 Configuring QoS

rate-limit { input | output } {access-group <acl-index> |

localport | dscp <dscp-value> | mpls-exp <mpls-exp-value> |
precedence <precedence-value> | mac <xxxx.xxxx.xxxx> |
mac-dst < xxxx.xxxx.xxxx > [< xxxx.xxxx.xxxx >] } <bps>
<burst-normal> <burst-max> conform-action <action>
exceed-action <action>
END OF STEPS.

PQ Configuration
Purpose Below procedure gives information about PQ configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To assign a priority queue for the data packet in the priority
list entering a certain specified interface, use priority-list
<list-number> interface <interface-name> { high |
medium | normal | low } command in global configuration
mode as shown in Table 293.

TABLE 293 MAXIMUM P ATHS COMM AND

Command Command Command Function

Format Mode

priority- Global
list <list- configuration
number>
interface This assigns a priority queue for
<interface- the data packet in the priority list
name> entering a certain specified
{ high | interface
medium |
normal |
low }

Result: This assigns a priority queue for the data packet in

the priority list entering a certain specified interface.

2. To assign a priority queue for the data packet in the priority

list not complying with any rules, use priority-list <list-
number> default {high | medium | normal | low }
command in global configuration mode as shown in Table
294.

Confidential and Proprietary Information of ZTE CORPORATION 239

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 294 PRIORITY-LIST DEFAULT COMM AND

Command Command Command Function

Format Mode

priority- Global
list <list- configuration
number>
interface
This assigns a priority queue for
<interface-
the data packet in the priority list
name>
not complying with any rules
{ high |
medium |
normal |
low }

Result: This assigns a priority queue for the data packet in

the priority list not complying with any rules.

3. To assign a priority queue for the data packet in the priority

list where the DSCP is the specified value, use priority-list
<list-number> dscp <dscp-value> {high | medium | normal
| low} command in global configuration mode as shown in
Table 295.

TABLE 295 PRIORITY-LIST DSCP COMMAND

Command Command Command Function

Format Mode

priority- Global
list <list- configuration
number>
dscp This assigns a priority queue for
<dscp- the data packet in the priority list
value> where the DSCP is the specified
{ high | value
medium |
normal |
low}

Result: This assigns a priority queue for the data packet in

the priority list where the DSCP is the specified value.

4. To assign a priority queue for the data packet in the priority

list where the ACL No. is the specified number, use priority-
list <list-number> list <access-list-number> { high |
medium | normal | low} command in global configuration
mode as shown in Table 296.

240 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19 Configuring QoS

TABLE 296 PRIORITY-LIST LIST COMM AND

Command Command Command Function

Format Mode

priority- Global
list <list- configuration
number>
list
This assigns a priority queue for
<access-
the data packet in the priority list
list-
where the ACL No. is the specified
number>
number
{ high |
medium |
normal |
low}

Result: This assigns a priority queue for the data packet in

the priority list where the ACL No. is the specified number.

5. To assign a priority queue for the data packet in the priority

list where the MPLS-EXP field value is the specified value,
use priority-list < list-number > mpls-exp <mpls-exp-
value> {high | medium | normal | low} command in global
configuration mode as shown in Table 297.

TABLE 297 PRIORITY LIST-MPLS COMMAND

Command Command Command Function

Format Mode

priority- Global
list < list- configuration
number >
mpls-exp This assigns a priority queue for
<mpls-exp- the data packet in the priority list
value> where the MPLS-EXP field value is
{high | the specified value
medium |
normal |
low}

Result: This assigns a priority queue for the data packet in

the priority list where the MPLS-EXP field value is the
specified value.

6. To assign a priority queue for the data packet in the priority

list where the IP priority value is the specified value, use
priority-list < list-number > precedence <precedence>
{ high | medium | normal | low} command in global
configuration mode as shown in Table 298.

Confidential and Proprietary Information of ZTE CORPORATION 241

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 298 PRIORITY LIST-PRECEDENCE COMM AND

Command Command Command Function

Format Mode

priority-list < Global

list-number > configuration This assigns a priority queue
precedence for the data packet in the
<precedence> priority list where the IP
{ high | priority value is the specified
medium | value
normal | low}

Result: This assigns a priority queue for the data packet in

the priority list where the IP priority value is the specified
value.
7. To set the maximum numbers of data packet of each priority
queue can hold in the priority list, use priority-list <list-
number> queue-limit <high-limit> <medium-limit>
<normal-limit> <low-limit> command in global configuration
mode as shown in Table 299.

TABLE 299 PRIORITY LIST QUEUE LIMIT COMM AND

Command Command Command Function

Format Mode

priority- Global
list <list- configuration
number>
queue-
limit
This sets the maximum numbers of
<high-
data packet of each priority queue
limit>
which can hold in the priority list
<medium-
limit>
<normal-
limit>
<low-limit>

Result: This sets the maximum numbers of data packet of

each priority queue which can hold in the priority list.
8. To assign the specified priority list to an interface, which
applies the congestion management rules defined by the
priority list, use priority-group <list-number> command in
interface configuration mode as shown in Table 300.

TABLE 300 PRIORITY-GROUP COMM AND

Command Command Command Function

Format Mode

priority- Interface This assigns the specified priority

group <list- configuration list to an interface, which applies
number> the congestion management rules
defined by the priority list

242 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19 Configuring QoS

Result: This assigns the specified priority list to an interface,

which applies the congestion management rules defined
by the priority list.

END OF STEPS.

CQ Configuration
Purpose Below procedure gives information about CQ configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To assign a priority queue for the data packet in the priority
list entering a certain specified interface, use priority-list
<list-number> interface <interface-name> { high |
medium | normal | low } command in interface configuration
mode as shown in Table 301.

TABLE 301 PRIORITY LIST – INTERFACE COMM AND

Command Command Command Function

Format Mode

priority- Interface
list <list- configuration
number>
interface This assigns a priority queue for
<interface- the data packet in the priority list
name> entering a certain specified
{ high | interface
medium |
normal |
low }

Result: This assigns a priority queue for the data packet in

the priority list entering a certain specified interface.

2. To assign a priority queue for the data packet in the priority

list where the ACL No. is the specified number, use priority-
list <list-number> list <access-list-number> { high |
medium | normal | low} command in interface configuration
mode as shown in Table 302.

Confidential and Proprietary Information of ZTE CORPORATION 243

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 302 PRIORITY-LIST LIST COMM AND

Command Command Command Function

Format Mode

priority- Global
list <list- configuration
number>
list
This assigns a priority queue for
<access-
the data packet in the priority list
list-
where the ACL No. is the specified
number>
number
{ high |
medium |
normal |
low}

Result: This assigns a priority queue for the data packet in

the priority list where the ACL No. is the specified number.

3. To assign a priority queue for the data packet in the priority

list not complying with any rules, use priority-list <list-
number> default {high | medium | normal | low }
command in global configuration mode as shown in Table
303.

TABLE 303 PRIORITY-LIST DEFAULT COMM AND

Command Command Command Function

Format Mode

priority- Global
list <list- configuration
number>
interface
This assigns a priority queue for
<interface-
the data packet in the priority list
name>
not complying with any rules
{ high |
medium |
normal |
low }

Result: This assigns a priority queue for the data packet in

the priority list not complying with any rules.

4. To set the maximum numbers of data packet of each priority

queue can hold in the priority list, use priority-list <list-
number> queue-limit <high-limit> <medium-limit>
<normal-limit> <low-limit> command in global configuration
mode as shown in Table 304.

244 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19 Configuring QoS

TABLE 304 PRIORITY LIST QUEUE LIMIT COMM AND

Command Command Command Function

Format Mode

priority- Global
list <list- configuration
number>
queue-
limit
This sets the maximum numbers of
<high-
data packet of each priority queue
limit>
which can hold in the priority list
<medium-
limit>
<normal-
limit>
<low-limit>

Result: This sets the maximum numbers of data packet of

each priority queue which can hold in the priority list.

5. To assign the specified custom list to an interface, this

applies the congestion management rules defined by the
custom list, use custom-queue-list <list-number>
command in interface configuration mode as shown in Table
305.

TABLE 305 CUSTOM-QUEUE LIST COMMAND

Command Command Command Function

Format Mode

custom- Interface
This assigns the specified custom
queue-list configuration
list to an interface, which applies
<list-
the congestion management rules
number>
defined by the custom list
<low-limit>

Result: This assigns the specified custom list to an interface,

which applies the congestion management rules defined
by the custom list.
END OF STEPS.

WRED Configuration
Purpose Below procedure gives information about WRED configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To set enabling Weighted Random Early Detection (WRED)
on an interface, use random-detect enable command in
global configuration mode as shown in Table 306.

Confidential and Proprietary Information of ZTE CORPORATION 245

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 306 RANDOM DETECT ENABLE COMM AND

Command Command Command Function

Format Mode

custom- Interface
queue-list configuration This sets enabling Weighted
<list- Random Early Detection (WRED)
number> on an interface
<low-limit>

Result: This sets enabling Weighted Random Early Detection

(WRED) on an interface.
END OF STEPS.

QoS Maintenance and Diagnosis

Purpose Below procedure gives information about QoS maintainance and
diagnosis.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.

Steps 1. To show the configuration information of the priority list, use

show queuing priority [<list-number>] command in
Priviliged mode as shown in Table 307.

TABLE 307 SHOW QUEUING PRIORITY COMM AND

Command Command Command Function

Format Mode

show Priviliged
queuing
This shows the configuration
priority
information of the priority list
[<list-
number>]

Result: This shows the configuration information of the

priority list.

2. To show the congestion management strategy information

and statistic information of the interface, use show queuing
interface <interface-name> command in Priviliged mode as
shown in Table 308.

246 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19 Configuring QoS

TABLE 308 SHOW QUEUING INTERFACE COMM AND

Command Command Command Function

Format Mode

show Priviliged
This shows the congestion
queuing
management strategy information
interface
and statistic information of the
<interface-
interface
name>

Result: This shows the congestion management strategy

information and statistic information of the interface.

3. To show all fair queuing configuration information of the all

interfaces configured with fair queuing, use show queuing
fair command in Priviliged mode as shown in Table 309.

TABLE 309 SHOW QUEUING FAIR COMMAND

Command Command Command Function

Format Mode

show Priviliged This shows all fair queuing

queuing configuration information of the all
fair interfaces configured with fair
queuing

Result: This shows all fair queuing configuration information

of the all interfaces configured with fair queuing.
4. To show the configuration information of the entire custom
list, use show queuing custom command in Priviliged
mode as shown in Table 310.

TABLE 310 SHOW QUEUING CUSTOM COMM AND

Command Command Command Function

Format Mode

show Priviliged This shows the configuration

queuing information of the entire custom
custom list

Result: This shows the configuration information of the

entire custom list.

5. To show WRED configuration information and statistic

information of the all interface configured with WRED, use
show queuing random-detect command in Priviliged
mode as shown in Table 311.

Confidential and Proprietary Information of ZTE CORPORATION 247

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 311 SHOW QUEUING RANDOM-DETECT COMM AND

Command Command Command Function

Format Mode

show Priviliged This shows WRED configuration

queuing information and statistic
random- information of the all interface
detect configured with WRED

Result: This shows WRED configuration information and

statistic information of the all interface configured with WRED.
END OF STEPS.

QoS Configuration Example

1. To configure QoS function on the ZXR10 1800/2800/3800
ROUTER, use qos ip command in global configuration mode
as shown in Table 312.

TABLE 312 QOS IP COMMAND

Command Command Command Function

Format Mode

qos ip Priviliged This configures QoS function

Result: This configures QoS function.

The following configurations are all conducted when the
function is enabled.
CAR Example 2. The input and output rate restriction on the interface.
The input rate limit of the interface fei_3/1 is 2M, all the data
packets exceed this scope will be dropped.

ZXR10(config-if)#rate-limit input localport

2000000 200000 400000 confire-action transmit
exceed-action drop

3. Limit rate through access list

Limit the stream speed rate matching with the access list 99
sent by the interface ce1_3/1.2 as 500K. The priority filed of
the data packet within this scope is set to 2, and the one
exceeding this scope to 6.

ZXR10(config-if)#rate-limit output access-group 99

500000 50000 100000 confire-action set-prec-
transmit 2 exceed-action set-prec-transmit 6

4. Set and classify the IP priority levels through access list.

248 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 19 Configuring QoS

Set the IP priority of the data packet from 1.1.1.0/24 as 5,

while the IP priority of other data packet as 5.

ZXR10(config)#access-list 1 permit 1.1.1.0

0.0.0.255;
ZXR10(config-if)#rate-limit input access-group 1
100000000 2000 2000 conform-action set-prec-
transmit 5 exceed-action set-prec-transmit 5
ZXR10(config-if)# rate-limit input localport
100000000 2000 2000 conform-action set-prec-
transmit 4 exceed-action set-prec-transmit 4

PQ Example 5. Interface-based PQ configuration

Specify the data packet entered from the interface fei_1/1 to
enter into the medium queue:

ZXR10(config)#priority-list 3 interface fei_1/1

medium

6. ACL-based PQ configuration
Specify the data packet matching with IP access list 10 to
enter into the high queue:

ZXR10(config)#access-list 10 permit 168.1.1.0

0.0.0.255
ZXR10(config)#priority-list 1 list 10 high

7. Configure the queue length of the priority queue.

Specify the capacity of the four queues high, medium,
normal and low to be 10, 40, 60 and 80:

ZXR10(config)#priority-list 10 queue-limit 10
40 60 80

8. Apply PQ for interface

Apply PQ list 3 for E1 interface e1_2/2.1:

ZXR10(config-if)#priority-group 3

CQ 9. Interface-based CQ configuration
Configuration
Specify the data packet entered from the interface fei_6/1to
enter into the custom queue 2:

ZXR10(config)#queue-list 1 interface fei_1/1 2

10. ACL-based PQ configuration

Confidential and Proprietary Information of ZTE CORPORATION 249

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Specify the data packet matching with IP access list 10 to enter

into the custom queue 3:

ZXR10(config)# access-list 10 permit 168.1.1.0

0.0.0.255
ZXR10(config)#queue-list 16 list 10 3

11. Configure the queue length and bandwidth of the custom

queue.
Specify the queue length and bandwidth to be 128 and 10000:

ZXR10(config)# queue-list 16 queue 3 byte-count

10000 limit 128

12. Apply PQ for interface

Apply CQ list 16 for E1 interface ce1_2/2.1:

ZXR10(config-if)#priority-group 16

WRED Example Configure congestion avoidance on interface.

ZXR10(config-if)# random-detect precedence 1 20 30

20

250 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 20

Configuring GRE

Introduction The chapter introduces several common VPN technologies and

also describes the General Route Encapsulation (GRE)
technology and its detailed configuration on ZXR10
1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 313 TOPICS IN CHAPTER 21

Topic Page No

Introduction 251

GRE Overview 253

Configuring GRE 254

END OF STEPS. 256

GRE Maintenance and Diagnosis

GRE Configuration Example 256

Introduction
VPN stands for Virtual Private Network, which is relative to
actual private networks. An actual private network (such as a
banking network, a governmental network or a large enterprise
network) implements interconnection via leased lines, while a
VPN is a private to transmit private data over the common
Internet.
A virtual private network is not a real private network, but can
implement the functions of a private network. VPN depends
upon ISP (Internet Service Provider) and NSP (Network Service
Provider) to set up a dedicated data communications network on

Confidential and Proprietary Information of ZTE CORPORATION 251

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

a public network. The description of IP-based VPNs in the IETF

Draft is as follows: "The use of the IP mechanism to simulate a
private WAN" is a technology to simulate a point-to-point leased
line on a common data network by using the private tunneling
technology.
On a virtual private network, the connection between any two
nodes does not have any end-to-end physical link necessary for
a traditional private network, but is dynamically set up by using
the resources of the public network. In addition, a VPN user also
can customize a network that best meet the actual requirements
and also can control contact with other users. Such a VPN also
supports dial-up users.
Tunneling The tunneling technology, similar to the point-to-point
Technology connection technology, is a basic VPN technology, which can set
up a data channel (tunnel) on a public network so that packets
can be transmitted on the tunnel.
A tunnel is formed by tunneling protocols, covering L2 and L3
tunneling protocols.
The L2 tunneling protocol first encapsulates network protocols
into PPP, and then encapsulates an entire packet into the
tunneling protocol. The data packet formed through this kind of
dual-layer encapsulation conducts its transmission depending on
layer-2 protocol. Packets formed in this dual-layer encapsulation
are transmitted based on the L2 protocols such as L2F, PPTP and
L2TP.
L2TP stands for L2 Tunneling Protocol formed with the
integration of IETF, PPTP and L2F, which is the current IETF
standard. This is a VPN technology implemented in a special link
layer, which encapsulates packets of the L2 protocol PPP into IP
packets for transmission. With this technology, employees of an
enterprise on business can directly access the Intranet by means
of a dial-up network. For a terminal user to use the technology,
the support of the related ISP is needed.
The L3 tunneling protocols directly encapsulates network
protocols into the tunneling protocols, and the formed packets
are transmitted by means of the L3 protocols. The L3 tunneling
protocols includes VTP and IPSec. IPSec (IP Security) defines a
system, which is used to provide security protocol selection,
security algorithm and determine the password used so that the
security in the IP layer can be guaranteed and the secure data
transmission can be implemented.
The use of this kind of protocols to construct a VPN network
means the encapsulation (multiple encapsulation modes can be
used) and encryption of IP packets and the transmission of the
IP packets on the Internet. The use of IPSec improves the
security, but the processing of IPSec occupies large quantities of
network equipment (such as routers) resources due to the
complexity of protocols and leads to low efficiency. Furthermore,
if a piece of dedicated encryption hardware is used, the costs will
increase.

252 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 20 Configuring GRE

Other VPN Some other VPN technologies are described as follows.

Technologies
1. The encryption/decryption technology is a mature
technology in data communications. The VPN can directly
use the existing technology.
2. The key management technology is intended to
guarantee secure transfer of a key on a public data
network so that the key will not be stolen.
3. The existing key management technology is divided into
two types: SKIP and ISAKMP/OAKLEY.SKIP uses the
calculation rules of Diffie-Hellman to transfer keys on
networks. In ISAKMP, both parties have two keys used
for public or private applications
The most common identity authentication technologies are user
name, password and card authentication.
Some other latest technologies, such as MPLS VPN, need the
corresponding services of the ISP.

GRE Overview
General Route Encapsulation (GRE) means that an IP header is
added externally to an IP packet, that is to say, the private data
is processed in a disguise way and added with a "jacket" and
then is sent to other places.
Since IP addresses of a private enterprise network are normally
planned by the enterprise itself, so correct routing cannot be
completed between the enterprise network and the external
Internet. However, on the egress of the enterprise network,
normally there will be a unique IP address of the Internet. The
address can be identified uniquely on the Internet. GRE is used
to encapsulate packets with the destination and source IP
addresses being the internal addresses of the enterprise and add
an IP header. The destination address is the IP address of the
egress of the remote Internet, while the source address is the IP
address of the egress of the local Internet. Thus, the packets
can be transmitted correctly on the Internet. This technology is
the simplest VPN technology.
When a router sends or forwards an IP datagram, if the IP
datagram should be sent out a GRE tunnel interface after routing
process, GRE encapsulation is needed. Upon encapsulation, the
GRE header field is processed according to the option
configuration of the GRE tunnel interface, and finally a route is
found according to the encapsulated destination address and the
datagram is sent to the output network interface to implement
forwarding of the datagram.
If the length of the datagram to be sent is greater than the MTU
(Maximum Transmission Unit) of the interface, fragmentation

Confidential and Proprietary Information of ZTE CORPORATION 253

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

operation should be performed before GRE encapsulation and

sending, that is, fragmentation is performed before
encapsulation. If the DF bit of the IP data header is set to "1"
and also fragmentation is needed, an ICMP message will be
returned (the type is 3, the code is 4, with the MTU of the
interface included).
When a router receives an IP datagram, if the destination
address is a local address and the protocol field of the header is
47, it indicates that the datagram has experienced GRE, so
resolution on the local router is needed. After validity check, the
GRE packet should be mapped to the locally saved GRE tunnel
ID according to the source and destination addresses of the GRE
packet. If the corresponding GRE tunnel does not exist, the
datagram will be dropped and then the GRE options will be
processed subsequently. At present, the system only supports
the "key" option and neglects other options. If the key tag in the
flag field in the GRE header is different from the key tag of the
corresponding tunnel, or the key tags are configured but the key
values are different, the datagram will be dropped.
Minus 1 from the TTL of the resolved IP data header, further
process it. A routing process is used to judge whether the
datagram is to be locally sent or forwarded.\

Configuring GRE
Purpose Below procedure gives information about GRE configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To create a tunnel and enter into the interface configuration
mode of the tunnel, use interface <tunnel-number>
command in global configuration mode as shown in Table
314.

TABLE 314 INTERFACE TUNNELCOMM AND

Command Command Command Function

Format Mode

interface Global This creates a tunnel and enables

<tunnel- configuration to enter into the interface
number> configuration mode of the tunnel

Result: This creates a tunnel and enables to enter into the

interface configuration mode of the tunnel.

2. To configure a source address for the tunnel, use tunnel

source <ip-address> command in tunnel configuration
mode as shown in Table 315.

254 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 20 Configuring GRE

TABLE 315 TUNNEL SOURCE COMM AND

Command Command Command Function

Format Mode

tunnel Global
This configures a source address
source <ip- configuration
for the tunnel
address>

Result: This configures a source address for the tunnel.

3. To configure a destination address for the tunnel, use tunnel

destination <ip-address> command in tunnel configuration
mode as shown in Table 316.

TABLE 316 TUNNEL DESTINATION COMMAND

Command Command Command Function

Format Mode

tunnel Global
This configures a destination
destination configuration
address for the tunnel
<ip-address>

Result: This configures a destination address for the tunnel.

4. To configure the GRE tunnel to enable the key option and

configure a key, use tunnel key <key> command in tunnel
configuration mode as shown in Table 317.

TABLE 317 TUNNEL KEY COMM AND

Command Command Command Function

Format Mode

tunnel key Global This configures the GRE tunnel and

<key> configuration enable the key option and
configure a key

Result: This configures the GRE tunnel and enables the key
option and configures a key.
NOTE: The key strings at both ends of the tunnel must be
the same.
5. To configure the GRE tunnel and to enable the tunnel
sequence option, use tunnel sequencing command in
tunnel configuration mode as shown in Table 318.

TABLE 318 TUNNEL SEQUENCING COMMAND

Command Command Command Function

Format Mode

tunnel key Global This configures the GRE tunnel and

<key> configuration to enable the tunnel sequence
option

Confidential and Proprietary Information of ZTE CORPORATION 255

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Result: This configures the GRE tunnel and to enable the

tunnel sequence option.
6. To configure the GRE tunnel and to enable the tunnel
checksum option, use tunnel checksum command in tunnel
configuration mode as shown in Table 319.

TABLE 319 TUNNEL CHECKSUM COMM AND

Command Command Command Function

Format Mode

tunnel key Global This configures the GRE tunnel and

<key> configuration to enable the tunnel checksum
option

Result: This configures the GRE tunnel and to enable the

tunnel checksum option.
END OF STEPS.

GRE Maintenance and Diagnosis

Use the debug gre command to output the debugging contents
of the GRE tunnel encapsulation information, for the
convenience of troubleshooting.

GRE Configuration Example

Suppose the public network of a router R1 in place A of a certain
cooperation is 100.1.1.1, and private network is 10.1.1.0/24;
and public network of a router R2 in place B is 200.1.1.1 and
private network is 172.16.0.0/16. To interconnect the network
segments of the private networks in the two places, and to
realize the VPN function, use the following configuration.
R1 configuration:

ZXR10_R1#config terminal
ZXR10_R1(config)#interface tunnel1
ZXR10_R1(config)#ip address 192.168.1.1
255.255.255.252
ZXR10_R1(config-if)#tunnel source 100.1.1.1
ZXR10_R1(config-if)#tunnel destination 200.1.1.1
ZXR10_R1(config-if)#tunnel key test
ZXR10_R1(config-if)#exit
ZXR10_R1(config)#ip route 172.16.0.0 255.255.0.0
192.168.1.2

R2 configuration:

256 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 20 Configuring GRE

ZXR10_R2#config terminal
ZXR10_R2(config)#interface tunnel1
ZXR10_R2(config)#ip address 192.168.1.2
255.255.255.252
ZXR10_R2(config-if)#tunnel source 200.1.1.1
ZXR10_R2(config-if)#tunnel destination 100.1.1.1
ZXR10_R2(config-if)#tunnel key test
ZXR10_R2(config-if)#exit
ZXR10_R2(config)#ip route 10.1.1.0 255.255.255.0
192.168.1.1

Confidential and Proprietary Information of ZTE CORPORATION 257

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

258 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 21

Configuring AUX

Introduction This chapter introduces AUX and its relevant configuration on

the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 320 TOPICS IN CHAPTER 22

Topic Page No

Overview 259

Basic AUX Configuration 260

END OF STEPS. 260

AUX Configuration Example

Overview
The ZXR10 1800/2800/3800 Router provides more remote
checking and detecting methods through out-band NM to track
equipment in real time, reduce maintenance cost, locate fault
fast and solve the problem.
Figure 40 shows the AUX connection diagram.

Confidential and Proprietary Information of ZTE CORPORATION 259

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

FIGURE 40 AUX CONNECTION DIAGR AM

PSTN
Modem Modem
TALK / DATA TAL K / DATA
TALK RS CS TR RD TD CD TALK RS CS TR RD TD CD

PC AUX口 ZXR10

In Figure 40, the PC connects with Modem; the AUX port on the
ZXR10 1800/2800/3800 ROUTER connects with another Modem,
the two Modems connect with the PSTN (or connects with the
equipment which can realize the dialup function).Dial up on the
computer, and realize the remote connection with the ZXR10
1800/2800/3800 router through Modem.

Basic AUX Configuration

Purpose Below procedure gives information about AUX configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps The configuration of AUX is to set remote manual login for AUX
through the answer-manual command. (Manual answer mode is
the default mode of the system, if has been switched to the auto
answer before, it should be switched back to the manual answer
mode by performing first the answer-remote manual command
in the configuration mode).
1. The basic configuration steps of AUX are as follows:
2. Connect the cables according to Figure 40.
3. Configure AUX through the local terminal.
4. Connect the ZXR10 1800/2800/3800 Router through
remote terminal dialup.
5. The configurations of AUX can also perform the remote
AUX login through auto answer m o d e .
6. The basic configuration steps of AUX are the same with
the manual answer mode.
END OF STEPS.

260 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 21 Configuring AUX

AUX Configuration Example

Create an environment according to Figure 40. The following is
the procedure of remote manual login:
1. When the remote dialup is successful, “A request of
access is from one remote user, now!.” displays on the
local terminal.
2. Perform first answer-remote manual in the
configuration mode.
3. Then type into the command: “answer-manual” to answer
manually.

ZXR10(config)#answer-remote manual
ZXR10#answer-manual

4. After the answer is successful, “SysctrlProcess: This

system *IN USE* via remote console.” displays on the
local terminal. Here the local terminal cannot be used; its
right of use is turned over to the remote terminal.
Create an environment according to Figure 40. The following is
the procedure of remote auto login:
1. Perform first a n s w e r - r e m o t e a u t o in the configuration
mode.
2. When the remote dialup is successful, the system
answers automatically.
3. After the answer is successful, “SysctrlProcess: This
system *IN USE* via remote console.” displays on the
local terminal. Here the local terminal cannot be used; its
right of use is turned over to the remote terminal.

Confidential and Proprietary Information of ZTE CORPORATION 261

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

262 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22

Configuring Network
Management

Introduction This chapter introduces AUX NTP, RADIUS, SNMP, RMON,

SysLog and LFAP network management protocol and its relevant
configuration on the ZXR10 1800/2800/3800 Router.

Contents This chapter covers following topics.

TABLE 321 TOPICS IN CHAPTER 22

Topic Page No

Overview 259

Basic AUX Configuration 260

END OF STEPS. 260

AUX Configuration Example

NTP
Overview The Network Time Protocol (NTP) is a time synchronization
protocol applied to different network members, and its
transmission is based on the UDP. The devices implementing the
NTP exchanges NTP packets and automatically adjust the clock
of each system to keep their clocks consistent. In practice, the
ZXR10 1800/2800/3800 Router can act as the NTP client.

Configuring NTP
Purpose Below procedure gives information about NTP configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.

Confidential and Proprietary Information of ZTE CORPORATION 263

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Steps NTP configuration covers the following contents:

1. To define a time server, use ntp server <ip-address>
[version <number>] command in global configuration mode
as shown in Table 322.

TABLE 322 NTP SERVER COMM AND

Command Command Command Function

Format Mode

ntp server Global

<ip- configuration
address> This defines a time server
[version
<number>]

Result: This defines a time server.

2. To enable the NTP function, use ntp enable command in
global configuration mode as shown in Table 323.

TABLE 323 NTP ENABLE COMM AND

Command Command Command Function

Format Mode

ntp enable Global

This enables the NTP function
configuration

Result: This enables the NTP function.

3. To configure the packet source address sent by the NTP, use
ntp source <ip-address> command in global configuration
mode as shown in Table 324.

TABLE 324 NTP SOURCE COMM AND

Command Command Command Function

Format Mode

ntp enable Global This configures the packet source

configuration address sent by the NTP

Result: This configures the packet source address sent by

the NTP.
4. To show the NTP running status, use show ntp status
command in Priviliged mode as shown in Table 325.

TABLE 325 SHOW NTP STATUS COMM AND

Command Command Command Function

Format Mode

show ntp Global

This shows the NTP running status
status configuration

Result: This shows the NTP running status.

264 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

END OF STEPS.

NTP Configuration Example

As shown in Figure 41, the router serves as the NTP client
(suppose the NTP version is version 2).

FIGURE 41 NTP CONFIGURATION EX AMPLE

ZXR10 configuration:

ZXR10(config)#interface fei_1/1
ZXR10(config-if)#ip address 192.168.2.2
255.255.255.0
ZXR10(config-if)#exit
ZXR10(config)#ntp enable
ZXR10(config)#ntp server 192.168.2.1 version 2
ZXR10(config) #ntp source 192.168.2.2

RADIUS
Overview The Remote Authentication Dial In User Service (RADIUS) is a
standard AAA protocol. AAA represents Authorization,
Authentication and Accounting. For a router, AAA can
authenticate users accessing the router to prevent the entry of
unauthorized users and improve the equipment security.
At present, the ZXR10 1800 supports RADIUS authentication
and can provide authentication of Telnet users accessing the
routers.
The ZXR10 1800/2800/3800 ROUTER supports multiple RADIUS
server groups. Each RADIUS group permits the configuration of
three authentication servers, and each group can be configured
with two parameters: server timeout time and retry times. The
administrator can configure different RADIUS groups to select a
specific RADIUS server.

Confidential and Proprietary Information of ZTE CORPORATION 265

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Radius Configuration
Purpose Below procedure gives information about radius configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps RADIUS configuration covers the following contents:
1. To configure RADIUS server authentication configuration
group, use radius authentication-group<group-number>
command in global configuration mode as shown in Table
326.

TABLE 326 SHOW NTP STATUS COMM AND

Command Command Function

Command Format Mode

radius server Global

<group-number> configuration
This configures RADIUS
authen
server authentication
{master|slave|third}
configuration group
<ip-address> <port-
number> <key>

Result: This configures RADIUS server authentication

configuration group.
2. To specify the user authentication mode for Telnet login, use
user-authentication-type {local|radius<group>}
command in global configuration mode as shown in Table
327.

TABLE 327 USER- AUTHENTICATION-TYPE COMMAND

Command Command Function

Command Format Mode

user-authentication- Global This specifies the user

type configuration authentication mode
{local|radius<group>} for Telnet login

Result: This specifies the user authentication mode for

Telnet login.
END OF STEPS.

RADIUS Configuration Example

Configure a RADIUS group with the timeout time of three
seconds and retry times of three times. The RADIUS and routers
can reach each other on a network.
The detailed configuration is as follows:

266 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

Z X R 1 0 ( c o n f i g ) # radius authentication-group<group-number>
ZXR10(config)#user-authentication-type radius 1

SNMP
Overview The Simple Network Management Protocol (SNMP) is the most
popular NMS protocol nowadays. With this protocol, a network
management server can be used to manage all types of
equipment on a network.
The SNMP is managed based on the server and client. The
background NMS server serves as the SNMP server and the
foreground network device serves as the SNMP client. The
foreground and background share an MIB and communicate with
each other through the SNMP protocol.
Routers serve as SNMP agents. The designated SNMP server
needs to be configured and the contents and authorities
collected by the NMS (Network Management System) need to be
defined. The ZXR10 1800/2800/3800 Router supports multiple
versions of SNMP.

SNMP Configuration
Purpose Below procedure gives information about SNMP configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To set the SNMP packet community (Community Name), use
snmp-server community <community-name> [view
<view-name>] [ro|rw] command in global configuration
mode as shown in Table 328.

TABLE 328 SNMP-SERVER COMMUNITY COMM AND

Command Command Command Function

Format Mode

snmp-server Global
community configuration
<community- This sets the SNMP packet
name> [view community
<view-name>]
[ro|rw]

Result: This sets the SNMP packet community.

The SNMPv1/v2c adopts the community authentication mode.
The SNMP community is named by strings, and different
communities have read-only or read-write access authorities.
The communities with read-only authority can only query

Confidential and Proprietary Information of ZTE CORPORATION 267

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

equipment information, and the community with read-write

authority can configure the equipment.
Of course, both read-only and read-write are limited by the
view. That is, they can be operated only in the allowed view
range. If the view parameter is omitted, the system default
view (DefaultView) will be used; if the ro/rw parameter is
omitted, the ro (read-only) will be used.
2. To define the SNMPv2 view, use snmp-server view <view-
name> <subtree-id> {included|excluded} command in
global configuration mode as shown in Table 329.

TABLE 329 SNMP-SERVER VIEW COMMAND

Command Command Function

Command Format Mode

snmp-server view Global

<view-name> configuration This defines the SNMPv2
<subtree-id> view
{included|excluded}

Result: This defines the SNMPv2 view.

The command uses the included or excluded parameter to
add <subtree- id > to the designated view or delete it from
the designated view. The same <view-name> can be
configured for multiple times, and the result is a set that
multiple commands act on.
3. To set the system handler contact mode (sysContact) of the
MIB object, use snmp-server contact <mib-syscontact-
text> command in global configuration mode as shown in
Table 330.

TABLE 330 SNMP-SERVER CONTACT COMM AND

Command Command Function

Command Format Mode

snmp-server view Global This sets the system

<view-name> configuration handler contact mode
<subtree-id> (sysContact) of the MIB
{included|excluded} object

Result: This sets the system handler contact mode

(sysContact) of the MIB object.
sysContact is a management variable of the system group in
the MIB II system, and it records ID and contact mode of the
relevant personnel of the managed equipment.
4. To set the location (sysLocation) of the MIB object, use
snmp-server location <mib-syslocation-text> command in
global configuration mode as shown in Table 331.

268 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

TABLE 331 SNMP-SERVER LOCATION COMM AND

Command Command Command Function

Format Mode

snmp- Global
server configuration
location This sets the location
<mib- (sysLocation) of the MIB object
syslocation-
text>

Result: This sets the location (sysLocation) of the MIB object.

sysLocation is a management variable of the system group in
the MIB II, and is used to indicate the location of the
managed equipment.
5. To set the type of TRAP allowed for sending, use snmp-
server enable trap [<notification-type>] command in
global configuration mode as shown in Table 332.

TABLE 332 SNMP SERVER ENABLE-TR AP COMMAND

Command Command Command Function

Format Mode

snmp-server Global
enable trap configuration This sets the type of TRAP
[<notification- allowed for sending
type>]

Result: This sets the type of TRAP allowed for sending.

TRAP is the information automatically sent by the managed
device to the NMS upon no request, which is used to report
some critical important event.
6. To set the destination host of the TRAP, use snmp-server
host [mng|vrf <vrf-name>] <ip-address> [trap|inform]
version {1|2c|3 {auth|noauth|priv}} <community-name>
[udp-port <udp-port>] […<trap-type>] command in global
configuration mode as shown in Table 333.

TABLE 333 SNMP-SERVER HOST COMMAND

Command Command Function

Command Format Mode

snmp-server host Global

[mng|vrf <vrf-name>] configuration
<ip-address>
[trap|inform] version
{1|2c|3 This sets the destination
{auth|noauth|priv}} host for the TRAP
<community-name>
[udp-port <udp-
port>] […<trap-
type>]

Confidential and Proprietary Information of ZTE CORPORATION 269

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Result: This sets the destination host for the TRAP.

7. To set SNMPV3 GROUP, use snmp-server group
<groupname> v3 {auth|noauth|priv}[context <context-
name> match-prefix|match-exact ] [read <readview>]
[write <writeview>] [notify <notifyview>] command in
global configuration mode as shown in Table 334.

TABLE 334 SNMP-SERVER GROUP COMMAND

Command Command Function

Command Format Mode

snmp-server host Global

[mng|vrf <vrf-name>] configuration
<ip-address>
[trap|inform] version
{1|2c|3
This sets SNMPV3 GROUP
{auth|noauth|priv}}
<community-name>
[udp-port <udp-
port>] […<trap-
type>]

Result: This sets SNMPV3 GROUP.

8. To set SNMPV3 USER, use snmp-server user <username>
<groupname> v3 [encrypted] [auth {md5|sha} <auth-
password> [priv des56 <priv-password>]] command in
global configuration mode as shown in Table 335.

TABLE 335 SNMP-SERVER USER COMMAND

Command Command Function

Command Format Mode

snmp-server host Global

[mng|vrf <vrf-name>] configuration
<ip-address>
[trap|inform] version
{1|2c|3
This sets SNMPV3 USER
{auth|noauth|priv}}
<community-name>
[udp-port <udp-
port>] […<trap-
type>]

Result: This sets SNMPV3 USER.

NOTE: In configuring the encryption mode for user and
group, only the security level of user matches completely
with or is higher than the one of group, can it be set up
connection with SNMP.
9. To show the statistic information about the SNMP messages,
use show snmp command in global configuration mode as
shown in Table 336.

270 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

TABLE 336 SHOW SNMP COMM AND

Command Command Function

Command Format Mode

snmp-server host Global

[mng|vrf <vrf-name>] configuration
<ip-address>
[trap|inform] version
This shows the statistic
{1|2c|3
information about the
{auth|noauth|priv}}
SNMP messages
<community-name>
[udp-port <udp-
port>] […<trap-
type>]

Result: This shows the statistic information about the SNMP

messages.
END OF STEPS.

SNMP Configuration Example

The following is a configuration example of the SNMP.

ZXR10(config)#snmp-server view myViewName

1.3.6.1.2.1 included
ZXR10(config)#snmp-server community myCommunity
view myview rw
ZXR10(config)#snmp host 168.1.1.1 ver 1
community-name ospf
ZXR10(config)#snmp-server location this is
ZXR10 in china
ZXR10(config)#snmp-server contant this is
ZXR10, tel: (025)2872006
ZXR10(config)#snmp-server group g1 v3 auth
write private notify private
ZXR10(config)#snmp-server user u1 g1 v3 auth
md5 123 priv des56 123

RMON
Overview Remote Monitoring of Network (RMON) can be used for
monitoring remote service of the network. With the application
of RMON, a remote detector (that is, the local router system)
completes data collection and processing. The router also
contains a piece of RMON proxy software used for

Confidential and Proprietary Information of ZTE CORPORATION 271

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

communications with the NMS via SNMP. Normally, only when

necessary will the information be sent to the NMS.

RMON Configuration
Purpose Below procedure gives information about RMON configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To enable the interface statistic function (for Ethernet only,
use rmon collection statistics <index> [owner <string>]
command in interface configuration mode as shown in Table
337.

TABLE 337 RMON COLLECTION STASTICS

Command Command Function

Command Format Mode

rmon collection Global

This enables the interface
statistic <index> configuration
statistic function (for
[owner <string>]
Ethernet only
[…<trap-type>]

Result: This enables the interface statistic function (for

Ethernet only.
2. To set an alarm and MIB object, use rmon alarm <index>
<variable> <interval> {delta|absolute} rising-threshold
<value> [<event-index>] falling-threshold <value>
[<event-index>] [owner <string>] command in global
configuration mode as shown in Table 338.

TABLE 338 RMON AL ARM COMM AND

Command Command Function

Command Format Mode

snmp-server host Global

[mng|vrf <vrf-name>] configuration
<ip-address>
[trap|inform] version
{1|2c|3 This sets set an alarm
{auth|noauth|priv}} and MIB object
<community-name>
[udp-port <udp-
port>] […<trap-
type>]

Result: This sets set an alarm and MIB object.

3. To configure an event, use rmon event <index> [log] [trap
<community>] [description <string>] [owner <string>]

272 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

command in global configuration mode as shown in Table

339.

TABLE 339 RMON EVENT COMM AND

Command Command Function

Command Format Mode

rmon event <index> Global

[log] [trap configuration
<community>] This configures an event
[description <string>]
[owner <string>]

Result: This configures an event.

4. To show RMON configuration and relevant information, use
show rmon [alarms] [events] [history] [statistic] command
in global configuration mode as shown in Table 340.

TABLE 340 SHOW RMON COMM AND

Command Command Function

Command Format Mode

show rmon [alarms] Global This shows RMON

[events] [history] configuration configuration and
[statistic] relevant information

Result: This shows RMON configuration and relevant

information.
END OF STEPS.

RMON Configuration Example

The following are several configuration examples of the RMON.
1. Configure and start statistic control entries of the RMON.

ZXR10(config)#interface fei_1/1
ZXR10(config-if)#rmon collection statistic 1 owner
rmontest
ZXR10(config-if)#

Suppose that the number of computers connected to the fei_1/1

interface is "n". When these computers are engaged in
communications on subnets, the NMS software can show the
traffic statistic, or the show command can display the RMON
statistic.

ZXR10#show rmon statistic

EtherStatsEntry 1 is active, and owned by
rmontest

Confidential and Proprietary Information of ZTE CORPORATION 273

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Monitors ifEntry.1.1 which has

Received 60739740 octets, 201157 packets,
1721 broadcast and 9185 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 32 collisions.
# of dropped packet events (due to lack of
resources): 511
# of packets received of length (in octets):
64: 92955, 65-127: 14204, 128-255: 1116,
256-511: 4479, 512-1023: 85856, 1024-1518:2547
ZXR10#

2. View RMON history information with the show command.

ZXR10#show rmon history

Entry 1 is active, and owned by rmontest
Monitors ifEntry.1.1 every 10 seconds
Requested # of time intervals, ie buckets, is 10
Granted # of time intervals, ie buckets, is 10
Sample # 1 began measuring at 00:11:00
Received 38346 octets, 216 packets,
0 broadcast and 80 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 0 collisions.
# of dropped packet events is 0
Network utilization is estimated at 1

3. Configure and start alarm control entries of the RMON.

ZXR10(config)#rmon alarm 1 system.3.0 10 absolute

rising-threshold 1000 1 Falling-threshold 10 0
owner rmontest
ZXR10(config)#

4. View RMON alarm information with the show command.

ZXR10#show rmon alarm

Alarm 1 is active, owned by rmontest
Monitors system.3.0 every 10 seconds
Taking absolute samples, last value was 54000
Rising threshold is 1000, assigned to event 1
Falling threshold is 10, assigned to event 0
On startup enable rising or falling alarm
ZXR10#

5. Configure and enable the event function.

274 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

ZXR10(config)#rmon event 1 log trap rmontrap

description test owner rmontest
ZXR10(config)#

6. Configure an alarm control entry and wait for 10 s, and then

view RMON event contents with the Show command.

ZXR10#show rmon event

Event 1 is active, owned by rmontest
Description is test
Event firing causes log and trap to community
rmontrap, last fired 05:40:20
Current log entries:
index time description
1 05:40:14 test
ZXR10#

SysLog
Overview The ZXR10 1800/2800/3800 ROUTER provides the user with log
information setting and query functions. Log information
facilitates the daily maintenance of routers. The log information
can show the alarms and interface status changes happened on
routers.
The log information can be displayed on a configuration terminal
in real time or can be stored in a router or a background log
server in the form of files. Start the syslog protocol on the
ZXR10 3900/3200, and the ZXR10 1800/2800/3800 Router
communicates with the background syslog server through the
protocol to deliver log information.

Syslog Configuration
Purpose Below procedure gives information about Syslog configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.

Steps 1. To start the log function, use logging on command in global

configuration mode as shown in Table 341.

Confidential and Proprietary Information of ZTE CORPORATION 275

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 341 LOGGING ON COMM AND

Command Command Command Function

Format Mode

logging on Global This configures RADIUS server

configuration authentication configuration group

Result: This starts the log function.

2. To set the log buffer size, use logging buffer <buffer-size>
command in global configuration mode as shown in Table
342.

TABLE 342 LOGGING BUFFER COMM AND

Command Command Command Function

Format Mode

logging Global
buffer configuration
This sets the log buffer size
<buffer-
size>

Result: This sets the log buffer size.

3. To set log clearance mode, use logging mode <mode>
[<interval>] command in global configuration mode as
shown in Table 343.

TABLE 343 LOGGING MODE

Command Command Command Function

Format Mode

logging Global
mode configuration This sets the log clearance mode
<mode>

Result: This sets the log clearance mode.

4. To set the log level displayed on the console interface or
telnet interface, use logging console <level> command in
global configuration mode as shown in Table 344.

TABLE 344 LOGGING CONSOLE COMM AND

Command Command Command Function

Format Mode

logging Global This sets the log level displayed on

mode configuration the console interface or telnet
<mode> interface

Result: This sets the log level displayed on the console

interface or telnet interface.
5. To set the log level saved in log buffer, use logging level
<level> command in global configuration mode as shown in
Table 345.

276 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

TABLE 345 LOGGING LEVEL COMM AND

Command Command Command Function

Format Mode

logging Global
This sets the log level saved in log
level configuration
buffer
<level>

Result: This sets the log level saved in log buffer.

6. To set the background FTP log server parameter, use
logging ftp <level> [vrf <vrf-name>|mng] <ftp-server>
<username> <password> [<filename>] command in global
configuration mode as shown in Table 346.

TABLE 346 LOGGING FTP COMM AND

Command Command Command Function

Format Mode

logging ftp Global

<level> [vrf configuration
<vrf-
name>|mng] This sets the background FTP log
<ftp-server> server parameter
<username>
<password>
[<filename>]

Result: This sets the background FTP log server parameter.

7. To configure the information level of an alarm sending a trap,
use logging trap <level> <community> [vrf <vrf-
name>|mng] <host-address> command in global
configuration mode as shown in Table 347.

TABLE 347 LOGGING TRAP COMM AND

Command Command Command Function

Format Mode

logging ftp Global

<level> [vrf configuration
<vrf-
name>|mng] This configures the information
<ftp-server> level of an alarm sending a trap
<username>
<password>
[<filename>]

Result: This configures the information level of an alarm

sending a trap.
8. To show the alarm information records in the alarm log
buffer, use show logging alarm {[typeid <type>] [start-
date <date>] [end-date <date>] [level <level>]} command
in Priviliged mode as shown in Table 348.

Confidential and Proprietary Information of ZTE CORPORATION 277

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 348 SHOW LOGGING ALARM COMMAND

Command Command Command Function

Format Mode

show Priviliged
logging
alarm
{[typeid
<type>] This shows the alarm
[start-date information records in the
<date>] alarm log buffer
[end-date
<date>]
[level
<level>]}

Result: This shows the alarm information records in the

alarm log buffer.
Now, the supported alarm information types contain
ENVIROMENT, BOARD, PORT, ROS, DATABASE, OAM,
SECURITY, OSPF, RIP, BGP, DRP, TCP-UDP, IP, IGMP,
TELNET, ARP, ISIS, ICMP, SNMP and RMON.
END OF STEPS.

Syslog Example
The following is a system log setting example. Before
configuration, you must enable the log function with the logging
on command.

ZXR10(config)#logging on
ZXR10(config)#logging buffer 100
ZXR10(config)#logging mode FULLCLEAR
ZXR10(config)#logging console warnings
ZXR10(config)#logging level errors
ZXR10(config)#logging ftp notificational
168.1.70.100 target target zxralarm.log
ZXR10(config)#snmp-server host
ZXR10(config)#snmp-server enable trap
ZXR10(config)#logging trap level ZTE 10.0.0.1

278 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

LFAP
Overview Lightweight Flow Accounting Protocol (LFAP) is the protocol
developed by River Stone Corporation for network traffic statistic,
and currently it has developed to V5.0.In provides a means to
learn about the detailed network resource usage, and provides a
foundation for network analysis and charging.
The specific functions are as follows:
1. Network charging: The data output from LFAP provides the
detailed network usage, including: destination IP address,
source port number, destination port number, protocol type,
service type, and input interface).The operator can provide
flexible charging strategy base on the information, for
example, he can make different charging standards
according to time, bandwidth, service type, and service
quality.
2. Network design analysis: the LFAP data can be used as the
foundation for network planning, upgrading, and network
strategy formulating, to reduce the investment of the
network operator, and make them obtain the maximum
profit.
3. Network policing: LFAP data can provide basically the real
time network policing. Analysis on these data can make the
network administrator find the faults of a certain router or
switch, and solve them in time.
4. Network application analysis: Through analyzing the LFAP
data, the operator can learn the running status of an
application (WEB, VOD), and arrange the network service
and bandwidth reasonably based on this.
5. User status policing: you can learn the details of network
resource usage of a user, and formulate security strategies
and use restriction based on these users.
6. Data storage analysis: LFAP data can be stored; you can
learn in detail where are the users, what they did, and how
long, so that the ISP can use these information later for
analysis. For example: you can formulate the advertisement
strategy based on user network resource usage.
The ZXR10 1800 realizes the CCE part of the LFAP, exchanges
data with FAS and responds to user command, and configures
correctly the LFAP running environment. The role of CCE is to
inform FAS when data stream starts to pass, and transmit the
statistic data to FAS regularly during this process until the end of
the stream. FAS can analyze or take it as a charging foundation
based on these data. TCP connection is used between CCE and
FAS, and LFAP protocol is used for communication.

Confidential and Proprietary Information of ZTE CORPORATION 279

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

LFAP Configuration
Purpose Below procedure gives information about LFAP configuration.
Prerequisites Refer to Configuration Methods (Chapter 1) to access the router
CLI for configuration.
Steps 1. To enable the LFAP function, use lfap enable command in
global configuration mode as shown in Table 349.

TABLE 349 LFAP ENABLE COMM AND

Command Command Command Function

Format Mode

lfap enable Global

This enables the LFAP function
configuration

Result: This enables the LFAP function.

2. To disable the LFAP, use lfap disable command in global
configuration mode as shown in Table 350.

TABLE 350 LFAP DISABLE COMM AND

Command Command Command Function

Format Mode

lfap enable Global

This disables the LFAP
configuration

Result: This disables the LFAP.

3. To set the FAS address, use lfap fas-server [{mng | <vrf>
<WORD>}] <A.B.C.D> command in global configuration
mode as shown in Table 351.

TABLE 351 LFAS FAS SERVER COMM AND

Command Command Command Function

Format Mode

lfap fas- Global

server configuration
[ { mng |
This sets the FAS address
<vrf>
<WORD>} ]
<A.B.C.D>

Result: This sets the FAS address.

4. To set the backup-server1 address, use lfap backup-
server1 {mng | <vrf> <WORD>}] <A.B.C.D> command in
global configuration mode as shown in Table 352.

280 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

TABLE 352 LFAP BACKUP-SERVER 1 COMM AND

Command Command Command Function

Format Mode

lfap Global
backup- configuration
server1
This sets the backup-server1
{mng |
address
<vrf>
<WORD>}]
<A.B.C.D>

Result: This sets the backup-server1 address.

5. To set the backup-server2 address, use lfap backup-
server2 {mng | <vrf> <WORD>}] <A.B.C.D> command in
global configuration mode as shown in Table 353.

TABLE 353 LFAP BACKUP-SERVER2 COMM AND

Command Command Command Function

Format Mode

lfap fas- Global

server2 configuration
[ { mng | This sets the backup-server2
<vrf> address
<WORD>} ]
<A.B.C.D>

Result: This sets the backup-server2 address.

6. To set the maximum size for the flow update each time, use
lfap max-send-fun-size <1-2000> command in global
configuration mode as shown in Table 354.

TABLE 354 LFAP M AX-SEND-FUN SIZE COMM AND

Command Command Command Function

Format Mode

lfap max- Global

send-fun- configuration This sets the maximum size for the
size <1- flow update each time
2000>

Result: This sets the maximum size for the flow update each
time.
7. To set the flow statistic updating interval, use lfap update-
interval <1-1440> command in global configuration mode
as shown in Table 355.

Confidential and Proprietary Information of ZTE CORPORATION 281

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 355 LFAP UPDATE-INTERVAL COMM AND

Command Command Command Function

Format Mode

lfap Global
update- configuration This sets the flow statistic updating
interval interval
<1-1440>

Result: This sets the flow statistic updating interval.

8. To set the waiting time for retrying connection with FAS, use
lfap server-retry-interval <1-2000> command in global
configuration mode as shown in Table 356.

TABLE 356 LFAP SERVER RETRY-INTERVAL COMM AND

Command Command Command Function

Format Mode

lfap Global
update- configuration This sets the waiting time for
interval retrying connection with FAS
<1-1440>

Result: This sets the waiting time for retrying connection

with FAS.
9. To set the maximum waiting interval for message response,
use lfap message-response-interval <2- 2000>
command in global configuration mode as shown in Table
357.

TABLE 357 LFAP MESSAGE-RESPONSE-INTERVAL COMM AND

Command Command Command Function

Format Mode

lfap Global
message- configuration
This sets the maximum waiting
response-
interval for message response
interval
<2- 2000>

Result: This sets the maximum waiting interval for message

response.
10. To set the maximum waiting interval for keeping the
message alive, use lfap ka-interval <2-2000> command in
global configuration mode as shown in Table 358.

TABLE 358 LFAP KA-INTERVAL COMM AND

Command Command Command Function

Format Mode

lfap ka- Global This sets the maximum waiting

interval configuration interval for keeping the message
<2-2000> alive

282 Confidential and Proprietary Information of ZTE CORPORATION

 Chapter 22 Configuring Network Management

Result: This sets the maximum waiting interval for keeping

the message alive.
11. To set the flow aging time, use lfap flow-expired-time
<60-60000> command in global configuration mode as
shown in Table 359.

TABLE 359 LFAP FLOW-EXPIRED TIME COMM AND

Command Command Command Function

Format Mode

lfap flow- Global

expired- configuration
This sets the flow aging time
time <60-
60000>

Result: This sets the flow aging time.

12. To set the interface sample rate, use lfap statistic sample-
rate <1000-8000> command in interface configuration
mode as shown in Table 360.

TABLE 360 LFAP STATISTIC S AMPLE-RATE COMM AND

Command Command Command Function

Format Mode

lfap flow- Interface

expired- configuration
This sets the interface sample rate
time <60-
60000>

Result: This sets the interface sample rate.

13. To show the configuration information of current LFAP, use
show lfap config command in Priviliged mode as shown in
Table 361.

TABLE 361 SHOW LFAP CONFIG COMM AND

Command Command Command Function

Format Mode

show lfap Priviliged This shows the configuration

config information of current LFAP

Result: This shows the configuration information of current

LFAP.
14. To show the statistic information of current LFAP, use show
lfap statistic command in Priviliged mode as shown in Table
362.

Confidential and Proprietary Information of ZTE CORPORATION 283

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

TABLE 362 SHOW LFAP STATISTIC COMM AND

Command Command Command Function

Format Mode

show lfap Priviliged This shows the statistic information

statistic of current LFAP

Result: This shows the statistic information of current LFAP.

END OF STEPS.

LFAP Configuration Example

The following is a configuration example of the lfap:

zxr10(config)#lfap enable
zxr10(config)#lfap fas-server 168.1.110.119
zxr10(config)#lfap backup-server1 168.1.119.120
zxr10(config)#lfap backup-server2 168.1.120.114
zxr10(config)#lfap max-send-fun-size 1000
zxr10(config)#lfap update-interval 100
zxr10(config)#lfap server-retry-interval 5
zxr10(config)#lfap message-response-interval 10
zxr10(config)#lfap ka-interval 1000
zxr10(config)#lfap flow-expired-time 10000
zxr10(config)#show lfap config
lfap protocol : enable
server-retry-interval : 5
message-response-interval : 10
ka-interval : 1000
update-interval : 100
max-send-fun-size : 1000
flow-expired-time : 10000
fas-server : 168.1.110.119 no
connect <GLOBAL>
backup-server1 : 168.1.119.120 no
connect <GLOBAL>
zxr10(config)#int fei_1/1
zxr10(config-if)#lfap statistic sample-rate 2000

284 Confidential and Proprietary Information of ZTE CORPORATION

Abbreviations

Abbreviations Full name

ABR Area Border Router
ACL Access Control List
AD Administrative Distance
API Application Programming Interface
ARP Address ResolutionProtocol
AS Autonomous System
ASBR Autonomous System Border Router
ASN Abstract Syntax Notation
ATM Asynchronous Transfer Mode
BGP Border Gateway Protocol
BOOTP BOOTstrap Protocol
BRD Backup Designate Router
CHAP Challenge Handshake Authentication Protocol
CIDR Classless Inter-Domain Routing
CLNP ConnectionLess Network Protocol
CLNS ConnectionLess Network Sevice
COS Class of Service
CRC Cyclic Redundancy Check
CRLDP Constraint based Routing Label Distribution Protocol
CSN Cryptographic Sequence Number
CSU Channel Service Unit
DDN Digit Data Network
DHCP Dynamic Host Configuration Protocol
DIS Designate IS
DNS Domain Name System
DR Designate Router
DSU Data Service Unit
EBGP External Border Gateway Protocol
EGP External Gateway Protocol

Confidential and Proprietary Information of ZTE CORPORATION 285

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Abbreviations Full name

ES End System
FDDI Fiber Distributed Data Interface
FEC Forwarding Equivalence Class
FIFO First In and First Out
FPGA Field Programmable Gate Array
FSM Finite State Machine
FTP File Transfer Protocol
GBIC Gigabit Interface Converter
GRE General Routing Encapsulation
ICMP Internet Control Message Protocol
IETF Internet Engineering Task Force
IGMP Internet Group Management Protocol
IGP Interior Gateway Protocol
IP Internet Protocol
ISO International Organization for Standardization
ISP Internet Service Provider
LAN Local Area Network
LAPB Link Access Procedure Balanced
LCP Link Control Protocol
LDP Label Distribution Protocol
LLC Logical Link Control
LSA Link State Advertisement
LSP Link State PDU
LSR Label Switch Router
MAC Media Access Control
MD5 Message Digest 5
MED MULTI_EXIT_DISC
MIB Management Information Base
MPLS Multi-Protocol Label Switching
MTU Maximum Transmission Unit
NAT Network Address Translation
NBMA Non-Broadcast Multiple Access
NCP Network Control Protocol
NIC Network Information Center
NLRI Network Layer Reachable Information
NMS Network Management System
NSAP Network Service Access Point

286 Confidential and Proprietary Information of ZTE CORPORATION

 Abbreviations

Abbreviations Full name

NSP Network Service Provider
NTP Network Time Protocol
NVT Network Virtual Terminal
OAM Operation And Management
OID Object ID
OSI Open Systems Interconnection
OSPF Open Shortest Path First
PAP Passwork Authentication Protocol
PAT Port Address Translation
PCB Process Control Block
PCM Pulse Code Modulation
PDU Protocol Data Unit
POS Packet over SDH
PPP Point-to-Point Protocol
PSNP Partial Sequence Num PDU
PRT Process Registry Table
QOS Quality of Service
RARP Reverse Address Resolution Protocol
RADIUS Remote Authentication Dial In User Service
RFC Request For Comments
RIP Routing Information Protocol
RLE Route lookup engine
RMON Remote Monitoring
ROS Router Operation System
RSVP Resource Reservation Protocol
SDH Synchronous Digital Hierarchy
SDLC Synchronous Data Link Control
SMP Security Main Processor
SMTP Simple Mail Transfer Protocol
SNMP Simple Network Management Protocol
SNP Sequence Num PDU
SPF Shortest Path First
TCP Transmission Control Protocol
TFTP Trivial File Transfer Protocol
TOS Type Of Service
TELNET Telecommunication Network Protocol
TTL Time To Live

Confidential and Proprietary Information of ZTE CORPORATION 287

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Abbreviations Full name

UDP User Datagram Protocol
VLSM Variable Length Subnet Mask
VPN Virtual Private Network
VRF Virtual Routing Forwarding
VRRP Virtual Router Redundancy Protocol
WAN Wide Area Network
WWW World Wide Web

288 Confidential and Proprietary Information of ZTE CORPORATION

Index

Abstract Syntax Notation, 285 Digit Data Network, 285

Access Control List, 145, 149, Domain Name System, 53, 199,
167, 168, 169, 170, 171, 285
172, 173, 174, 175, 234, Dynamic Host Configuration
240, 241, 243, 244, 249, Protocol, ii, 18, 30, 197, 198,
285 199, 200, 201, 202, 203,
Address ResolutionProtocol, 35, 204, 285
36, 42, 278, 285 End System, 286
Administrative Distance, 285 External Border Gateway
Application Programming Protocol, 105, 109, 111, 114,
Interface, 55, 285 116, 127, 285
Area Border Router, 285 External Gateway Protocol, 285
Asynchronous Transfer Mode, 7, Fiber Distributed Data Interface,
285 286
Autonomous System, 72, 73, Field Programmable Gate Array,
75, 108, 112, 114, 115, 118, 286
119, 123, 217, 285 File Transfer Protocol, 1, 59,
Autonomous System Border 277, 286
Router, 80, 81, 285 Finite State Machine, 286
Backup Designate Router, 285 First In and First Out, 233, 234,
BOOTstrap Protocol, 30, 285 235, 286
Border Gateway Protocol, 49, Forwarding Equivalence Class,
53, 105, 106, 107, 108, 109, 21, 286
110, 111, 112, 114, 115, Full name, 285
117, 118, 119, 120, 121, General Routing Encapsulation,
122, 123, 124, 125, 126, ii, 251, 253, 254, 255, 256,
127, 216, 217, 228, 278, 260, 286
285 Gigabit Interface Converter,
Challenge Handshake 286
Authentication Protocol, 285 Interior Gateway Protocol, 8, 9,
Channel Service Unit, 285 10, 11, 109, 110, 111, 127,
Class of Service, 285 286
Classless Inter-Domain Routing, International Organization for
18, 22, 29, 66, 285 Standardization, 54, 286
ConnectionLess Network Internet Control Message
Protocol, 285 Protocol, 36, 47, 49, 55, 60,
ConnectionLess Network Sevice, 64, 192, 254, 278, 286
87, 285 Internet Engineering Task Force,
Constraint based Routing Label 8, 18, 51, 65, 252, 286
Distribution Protocol, 285 Internet Group Management
Cryptographic Sequence Protocol, 129, 130, 131, 134,
Number, 285 135, 136, 137, 138, 139,
Cyclic Redundancy Check, 273, 143, 153, 154, 278, 286
274, 285 Internet Protocol, 8, 11, 12, 17,
Data Service Unit, 285 18, 19, 25, 29, 30, 31, 35,
Designate IS, 285 36, 37, 38, 53, 55, 60, 66,
Designate Router, 73, 133, 134, 72, 73, 87, 88, 111, 130,
142, 143, 156, 157, 285 131, 141, 143, 147, 155,

Confidential and Proprietary Information of ZTE CORPORATION 289

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

160, 167, 168, 177, 178, Open Systems Interconnection,

179, 180, 181, 183, 184, i, 25, 26, 287
186, 188, 192, 194, 197, Operation And Management,
198, 199, 201, 203, 207, 278, 287
208, 233, 234, 237, 241, Packet over SDH, 287
242, 248, 249, 250, 252, Partial Sequence Num PDU, 287
253, 254, 278, 279, 286 Passwork Authentication
Internet Service Provider, 7, 22, Protocol, 287
23, 53, 236, 251, 252, 253, Point-to-Point Protocol, 18, 252,
279, 286 287
Label Distribution Protocol, 286 Port Address Translation, 179,
Label Switch Router, 286 182, 287
Link Access Procedure Balanced, Process Control Block, 287
286 Process Registry Table, 287
Link Control Protocol, 286 Protocol Data Unit, 286, 287
Link State Advertisement, 71, Pulse Code Modulation, 287
72, 73, 74, 75, 76, 286 Quality of Service, 287
Link State PDU, 8, 9, 10, 90, 91, Remote Authentication Dial In
92, 93, 95, 96, 286 User Service, ii, 18, 263, 265,
Local Area Network, 67, 286 266, 276, 287
Logical Link Control, 286 Remote Monitoring, ii, 263, 271,
Management Information Base, 272, 273, 274, 275, 278,
267, 268, 269, 272, 286 287
Maximum Transmission Unit, 36, Request For Comments, 17, 18,
37, 45, 49, 66, 253, 286 20, 22, 24, 25, 26, 36, 53,
Media Access Control, 22, 31, 54, 55, 287
234, 286 Resource Reservation Protocol,
Message Digest 5, 286 8, 9, 10, 287
MULTI_EXIT_DISC, 111, 117, Reverse Address Resolution
286 Protocol, 35, 36, 287
Multi-Protocol Label Switching, Route lookup engine, 287
7, 8, 9, 10, 12, 13, 14, 241, Router Operation System, 278,
253, 286 287
Network Address Translation, Routing Information Protocol,
18, 53, 54, 55, 59, 60, 61, 49, 65, 216, 278, 287
62, 63, 177, 178, 179, 180, Security Main Processor, 287
181, 182, 183, 184, 186, Sequence Num PDU, 287
188, 189, 286 Shortest Path First, 73, 88, 287
Network Control Protocol, 286 Simple Mail Transfer Protocol,
Network Information Center, 287
286 Simple Network Management
Network Layer Reachable Protocol, ii, 1, 263, 267, 270,
Information, 106, 286 271, 272, 278, 287
Network Management System, Synchronous Data Link Control,
267, 269, 272, 273, 286 287
Network Service Access Point, Synchronous Digital Hierarchy,
21, 25, 26, 286 287
Network Service Provider, 251, Telecommunication Network
287 Protocol, 278, 287
Network Time Protocol, ii, 181, Time To Live, 19, 20, 254, 287
263, 264, 265, 287 Transmission Control Protocol,
Network Virtual Terminal, 287 47, 48, 54, 55, 66, 87, 122,
Non-Broadcast Multiple Access, 131, 134, 150, 170, 172,
72, 74, 123, 286 192, 237, 278, 279, 287
Object ID, 287 Trivial File Transfer Protocol, 1,
Open Shortest Path First, 8, 10, 287
11, 49, 71, 72, 73, 74, 78, Type Of Service, 287
79, 80, 81, 216, 219, 221, User Datagram Protocol, 48, 49,
223, 225, 226, 230, 278, 54, 55, 65, 66, 192, 197,
287 263, 278, 288

290 Confidential and Proprietary Information of ZTE CORPORATION

 Index

Variable Length Subnet Mask, Virtual Router Redundancy

288 Protocol, ii, 207, 208, 209,
Virtual Private Network, ii, 251, 210, 211, 212, 213, 288
252, 253, 256, 288 Virtual Routing Forwarding, 288
Wide Area Network, 252, 288
World Wide Web, 288

Confidential and Proprietary Information of ZTE CORPORATION 291

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

This page is intentionally blank.

292 Confidential and Proprietary Information of ZTE CORPORATION

Figures

Figure 1 ZXR10 1800/2800/3800 Configuration Methods ........2

Figure 2 Connection Window ...............................................3
Figure 3 Connect to Window................................................3
Figure 4 Com Properties Window .........................................4
Figure 5 Cli Window ...........................................................5
Figure 6 Expression Cli Window ...........................................5
Figure 7 Enabled Mode Cli Window .......................................6
Figure 8 Mpls Te Example ................................................. 14
Figure 9 Ipv6 Tunnel Example ........................................... 57
Figure 10 Nat-Pt Configuration Example.............................. 63
Figure 11 Ripng Configuration Example............................... 70
Figure 12 Ospf Configuration Example ................................ 86
Figure 13 Is-Is Config Example.......................................... 99
Figure 14 Multi-Area Config Example ................................ 100
Figure 15 Basic Bgp Configuration.................................... 108
Figure 16 Bgp Multi-Hop Command .................................. 111
Figure 17 Bgp Route Reflector ......................................... 113
Figure 18 Bgp Confederation ........................................... 115
Figure 19 Bgp Configuring Example.................................. 127
Figure 20 Multicast Configuration Example ........................ 161
Figure 21 Actual ACL Configuration Example Applied on an
Interface ....................................................................... 175
Figure 22 Nat Working Principle ....................................... 178
Figure 23 Nat Example ................................................... 185
Figure 24 Configuration Example for Distributed Address
Translation .................................................................... 186
Figure 25 Configuration Example for Processing of Repeated
Address by Means of NAT ................................................ 189
Figure 26 Forged Source Address..................................... 192
Figure 27 Forged Source Address-II ................................. 192

Confidential and Proprietary Information of ZTE CORPORATION 293

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Figure 28 Urpg Example ................................................. 195

Figure 29 Dhcp Server Configuration Example ................... 203
Figure 30 Dhcp Relay Configuration Example ..................... 204
Figure 31 Basic VRRP Configuration Example ..................... 212
Figure 32 Symmetric VRRP Configuration Example ............. 213
Figure 33 Load Sharing Example...................................... 217
Figure 34 Dynamic Load Sharing Example......................... 230
Figure 35 Fifo Queuing Diagram ...................................... 235
Figure 36 Pq Queuing Diagram ........................................ 235
Figure 37 Basic Handling Process Diagram ........................ 236
Figure 38 WRED Policy ................................................... 238
Figure 39 Tail Drop Policies ............................................. 238
Figure 40 Aux Connection Diagram .................................. 260
Figure 41 Ntp Configuration Example ............................... 265

294 Confidential and Proprietary Information of ZTE CORPORATION

Tables

Table 1 Chapter Summary ...................................................i

Table 2 Typographical Conventions ..................................... iii
Table 3 Mouse Operation Conventions ................................. iii
Table 4 Topics In Chapter 1 ................................................1
Table 5 Username Command...............................................6
Table 6 Topics In Chapter 2 ................................................7
Table 7 Mpls Traffic Command........................................... 10
Table 8 Mpls Traffic Interface Command ............................. 10
Table 9 Ip-Rsvp Command................................................ 10
Table 10 Igp Te Config Command ...................................... 11
Table 11 Tunnel Config Command...................................... 12
Table 12 Ping Command ................................................... 13
Table 13 Show Mpls Traffic Command ................................ 13
Table 14 Show Mpls Traffic-Eng Command .......................... 13
Table 15 Show Mpls Tunnel Command ................................ 13
Table 16 Topics In Chapter 3............................................. 17
Table 17 IPv4 Header Format ............................................ 19
Table 18 IPv6 Header Format ............................................ 19
Table 19 IPv6 Address Space ............................................ 20
Table 20 Aggregatable Global Unicast Address Fields ............ 23
Table 21 Structure of the IPv6 Address Embedded with IPv4
Address .......................................................................... 24
Table 22 Structures of Link-local Address and Site-ocal Address
..................................................................................... 25
Table 23 Multicast Address Format ..................................... 26
Table 24 IPv6 Multicast Range Value .................................. 26
Table 25 IPv6 Address Compression ................................... 29
Table 26 Interface Config Command................................... 32
Table 27 Ipv6 Enable Command ........................................ 32
Table 28 Ipv6 Address Command....................................... 32

Confidential and Proprietary Information of ZTE CORPORATION 295

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Table 29 Show Ipv6 Interface Command............................. 33

Table 30 Show Ipv6 Brief Command................................... 33
Table 31 Topics In Chapter 4............................................. 35
Table 32 Ipv6 Nd Managed-Config-Flag Command................ 38
Table 33 Ipv6 Nd Managed Config Command....................... 38
Table 34 Ipv6 Nd Prefix Command ..................................... 39
Table 35 Ipv6 Nd Ra-Interval Command ............................. 39
Table 36 Ipv6 Nd Ra-Lifetime Command ............................. 39
Table 37 Ipv6-Reachable Time Command ........................... 40
Table 38 Ipv6-Retransmit Time Command .......................... 40
Table 39 Ipv6 Nd Suppress-Ra Command ........................... 40
Table 40 Nd6 Add Command ............................................. 41
Table 41 Nd6-Delete Command ......................................... 41
Table 42 Clear Nd Cache Command.................................... 41
Table 43 Show Nd6 Cache Command ................................. 42
Table 44 Debug Ipv6 Nd Command .................................... 42
Table 45 Topics In Chapter 5............................................. 43
Table 46 Ipv6 Route Command ......................................... 44
Table 47 Show Ipv6 Route Command ................................. 44
Table 48 Show Ipv6 Route Summary Command................... 44
Table 49 Ipv6 Mtu Command ............................................ 45
Table 50 Ipv6-Dad Attempts Command .............................. 45
Table 51 Show Ipv6 Mtu Command .................................... 45
Table 52 Ping6 Command ................................................. 46
Table 53 Trace6 Command ............................................... 46
Table 54 Telnet6 Command .............................................. 47
Table 55 Debug Ipv6 Icmp Command................................. 47
Table 56 Debug Ipv6 Packet ............................................. 47
Table 57 Debug Ipv6 Tcp Driver ........................................ 48
Table 58 Debug Ipv6 Packet ............................................. 48
Table 59 Debug Ipv6 Tcp Transactions ............................... 48
Table 60 Debug Ipv6 Tcp All Command .............................. 48
Table 61 Debug Ipv6 Udp All Command .............................. 49
Table 62 Topics In Chapter 6............................................. 51
Table 63 Protocol Structure of the IPv6/IPv4 Dual Stack ....... 54
Table 64 Interface Tunnel Command .................................. 55

296 Confidential and Proprietary Information of ZTE CORPORATION

 Tables

Table 65 Tunnel Mode Command ....................................... 56

Table 66 Show Ipv6 Interface Command............................. 56
Table 67 Topics In Chapter 7............................................. 59
Table 68 Ipv6 Nat Enable Command................................... 60
Table 69 Ipv6 Nat Enable Command................................... 61
Table 70 Ipv6 Nat Prefix Command .................................... 61
Table 71 Ipv6 Nat v6v4 Pool Command .............................. 61
Table 72 Ipv6 Nat V6v4 Source List Command..................... 62
Table 73 Ipv6 Nat v6-v4 Source Command ......................... 62
Table 74 Show Ipv6 Nat Statistics...................................... 63
Table 75 Show IPv6 Nat Translations.................................. 63
Table 76 Show Ipv6 Access-List......................................... 63
Table 77 Topics In Chapter 8............................................. 65
Table 78 IPv6 Router Rip Command ................................... 67
Table 79 Ipv6 Rip Enable Command ................................... 67
Table 80 Timers Basic Command ....................................... 68
Table 81 Ipv6 Route Command ......................................... 68
Table 82 Clear Ipv6 Route Command ................................. 68
Table 83 Clear Ipv6 Route Command ................................. 69
Table 84 Show Ipv6 Rip Interface Command ....................... 69
Table 85 Show Ipv6 Rip Database Command ....................... 69
Table 86 Debug Ipv6 Rip Command ................................... 70
Table 87 Topics In Chapter 9............................................. 71
Table 88 Ipv6 Router Ospf Command ................................. 75
Table 89 Router Id Command............................................ 75
Table 90 Ipv6 Ospf Hello-Interval Command ....................... 76
Table 91 Ipv6 Ospf Retransmit-Interval Command ............... 76
Table 92 Ipv6 Ospf Transmit Delay Command ..................... 77
Table 93 Ipv6 Ospf Dead-Interval Command ....................... 77
Table 94 Ipv6 Ospf Cost COmmand.................................... 78
Table 95 Ipv6 Ospf Priority Command ................................ 78
Table 96 Area-Default Cost Command ................................ 78
Table 97 Area-Range Command......................................... 79
Table 98 Area-Stub Command........................................... 79
Table 99 Area-Virtual Link Command................................. 80
Table 100 Default Metric Command.................................... 80

Confidential and Proprietary Information of ZTE CORPORATION 297

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Table 101 Passive Interface Command ............................... 80

Table 102 Redistribute Command ...................................... 81
Table 103 Timers-Spf Command........................................ 81
Table 104 Show Ipv6 Ospf Command ................................. 82
Table 105 Show IPv6 Ospf Database .................................. 82
Table 106 Show Ipv6 Ospf Interface Command.................... 82
Table 107 Show Ipv6 Ospf-Neighbor Command ................... 83
Table 108 Show Ipv6 Ospf Route Command ........................ 83
Table 109 Show Ipv6 Ospf Topology Command.................... 83
Table 110 Show Ipv6 Ospf Virtual Links Command ............... 84
Table 111 Debug Ipv6 Ospf Events Command ..................... 84
Table 112 Debug Ipv6 Ospf IfSm Command ........................ 84
Table 113 Debug Ipv6 Ospf Lsa ......................................... 84
Table 114 Debug Ipv6 Ospf Nfsm Command........................ 85
Table 115 Debug Ipv6 Ospf Packet Command...................... 85
Table 116 Debug Ipv6 Ospf Route Command....................... 85
Table 117 Topics In Chapter 10 ......................................... 87
Table 118 Router Ipv6 Is-Is Command ............................... 88
Table 119 Net Command .................................................. 88
Table 120 Ipv6 Router Is-Is Command ............................... 89
Table 121 Address-Family Ipv6 Command........................... 89
Table 122 Area-Password Command .................................. 89
Table 123 Authentication Mode.......................................... 90
Table 124 Distance Command ........................................... 90
Table 125 Domain-Password Command .............................. 90
Table 126 Ignore-Lsp-Errors Command .............................. 91
Table 127 Is-Type Command ............................................ 91
Table 128 Lsp-Refresh-TIme Command .............................. 91
Table 129 Max-Lsp-Lifetime Command ............................... 91
Table 130 Metric Command............................................... 92
Table 131 Redistribute Command ...................................... 92
Table 132 Set Overload-Bit Command ................................ 93
Table 133 Spf-Interval Command ...................................... 93
Table 134 Summary-Prefix Command................................. 94
Table 135 Ipv6 Isis Circuit Type Command.......................... 94
Table 136 Is-Is Csnp Interval Command ............................. 95

298 Confidential and Proprietary Information of ZTE CORPORATION

 Tables

Table 137 Is-Is Hello Interval Command ............................. 95

Table 138 Is-Is Hello Multiplier Command ........................... 95
Table 139 Is-Is Lsp Interval Command ............................... 96
Table 140 Is-Is Metric Command ....................................... 96
Table 141 Is-Is Priority Command...................................... 96
Table 142 Show Is-Is Database Command .......................... 97
Table 143 Show Is-Is Topology Command........................... 97
Table 144 Debug Is-Is All Command .................................. 98
Table 145 Debugging Is-Is Spf Events Command ................. 98
Table 146 Topics In Chapter 11 ....................................... 105
Table 147 Router Bgp Command...................................... 106
Table 148 Neighbor Command......................................... 107
Table 149 Router-Id Ip address Command ........................ 107
Table 150 Address-Family IPv6 Command......................... 107
Table 151 Neighbour Activate Command........................... 108
Table 152 Network Command ......................................... 108
Table 153 Network Command ......................................... 109
Table 154 Redistribute Command .................................... 110
Table 155 Aggregate Address Command ........................... 110
Table 156 Bgp Aggregate-Nexthop Command .................... 111
Table 157 Bgp Confederation Command ........................... 114
Table 158 Bgp Connection Peers Command ....................... 115
Table 159 Bgp Always-Compare Command........................ 117
Table 160 Bgp Bestpath As-Path Ignore Command ............. 117
Table 161 Bgp Client To Client Command.......................... 118
Table 162 Bgp Cluser-Id Command .................................. 118
Table 163 Bgp Confederation Identifier ............................. 118
Table 164 Bgp Confederation Peer Command .................... 119
Table 165 Bgp Default Local Preference Command ............. 119
Table 166 Neighbor Command......................................... 119
Table 167 Neighbor Advertisement Command.................... 120
Table 168 Neighbour-Description Command ...................... 120
Table 169 Neighbor-Passive Command ............................. 120
Table 170 Neighbor-Peer-Group Command........................ 121
Table 171 Neighbor-Shutdown Command.......................... 121
Table 172 Neighbor-Connect Command ............................ 122

Confidential and Proprietary Information of ZTE CORPORATION 299

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Table 173 Neighbor-Update-Source Command................... 122

Table 174 Neighbor-Default Originate Command ................ 123
Table 175 Neighbor-Next-Hop Command .......................... 123
Table 176 Neighbor Remote Private As Command .............. 123
Table 177 Neighbor Route Reflector Client Command.......... 124
Table 178 Neighbor-Send Community Command................ 124
Table 179 Show Bgp All Neighbor Command ..................... 125
Table 180 Show Bgp All Summary Command..................... 125
Table 181 Debug Ip Bgp All Command.............................. 126
Table 182 Debug Ip Bgp Events Command ........................ 126
Table 183 Debug Ip Bgp Keepalives Command .................. 126
Table 184 Debug Ip Bgp Updates Command ...................... 126
Table 185 Topics In Chapter 13 ....................................... 129
Table 186 Ip Multicast Routing Command ......................... 135
Table 187 Clear Ip Mroute Command ............................... 135
Table 188 Ip Igmp Version Command............................... 136
Table 189 Ip Igmp Access-Group Command ...................... 136
Table 190 Ip Igmp Immediate ......................................... 137
Table 191 Ip Igmp Query Interval Command ..................... 138
Table 192 Ip Igmp Query-Max Command.......................... 138
Table 193 Ip Igmp-Querier Command .............................. 138
Table 194 Ip-Igmp Last Member Command ....................... 139
Table 195 Router Pimsm Command.................................. 139
Table 196 Ip Pim Sm Command....................................... 140
Table 197 Static-Rp Command ........................................ 140
Table 198 Bsr-Candidate Command ................................. 141
Table 199 Rp-Candidate Command .................................. 141
Table 200 Spt-Threshold Infinity Command....................... 142
Table 201 Ip Pim Dr-Priority Command............................. 142
Table 202 Ip-Pim Bsr Border Command ............................ 143
Table 203 Packet-Count Command .................................. 143
Table 204 Ip Pim Query Interval Command ....................... 144
Table 205 Ip Pim Neighbor Filter Command....................... 144
Table 206 Ip Pim Neighbor Filter Command....................... 145
Table 207 Accept-Rp Command ....................................... 145
Table 208 Ip Pim Neighbor Filter Command....................... 145

300 Confidential and Proprietary Information of ZTE CORPORATION

 Tables

Table 209 Ip Msdp Peer Command ................................... 146

Table 210 Ip Msdp Default Peer Command ........................ 146
Table 211 Ip Msdp Description Command.......................... 147
Table 212 Ip Msdp Originator Command ........................... 147
Table 213 Ip Msdp Sa-Limit Command.............................. 148
Table 214 Ip Msdp Ttl-Threshold Command ....................... 148
Table 215 Ip Msdp Redistribute Command ........................ 149
Table 216 Ip Msdp Sa-Filter In Command ......................... 149
Table 217 Ip Msdp Sa-Filter Out Command ....................... 149
Table 218 Clear Ip Msdp Peer Command ........................... 150
Table 219 Clear Ip Msdp Sa-Cache Command .................... 150
Table 220 Clear Ip Msdp Statistics Command .................... 151
Table 221 Ip Mroute Command........................................ 151
Table 222 Show Ip Mroute Command ............................... 152
Table 223 Show Ip Mroute Forwarding Command ............... 152
Table 224 Show Ip Rpf Command .................................... 152
Table 225 Show Ip Igmp Interface Command .................... 153
Table 226 Show Ip Igmp Groups Command....................... 154
Table 227 Show Ip Mroute Command ............................... 155
Table 228 Show Ip Pimsm Interface Command .................. 156
Table 229 Show Ip PimSm Neighbor Command.................. 156
Table 230 Show Ip Pim Bsr Command .............................. 157
Table 231 Show Ip Pim Rp Mapping Command................... 158
Table 232 Show Ip Msdp Peer Command .......................... 158
Table 233 Show Ip Msdp Sa-Cache Command ................... 159
Table 234 Debug Ip Msdp Message-Recv Command............ 160
Table 235 Debug Ip Msdp Command ................................ 160
Table 236 Topics In Chapter 13 ....................................... 167
Table 237 Access-List Command...................................... 168
Table 238 Ip Access-List Command .................................. 169
Table 239 Name Command ............................................. 169
Table 240 Permit Command ............................................ 169
Table 241 Deny Command .............................................. 170
Table 242 Show Access-List Command ............................. 173
Table 243 Ip Access-Group Command .............................. 174
Table 244 Topics In Chapter 14 ....................................... 177

Confidential and Proprietary Information of ZTE CORPORATION 301

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Table 245 Ip Nat Command ............................................ 179

Table 246 IP Nat Inside Source Command......................... 180
Table 247 Ip Nat Pool Command...................................... 180
Table 248 Ip Nat Translation Timeout Class Command ........ 180
Table 249 Ip Nat Translation Maximal Command ............... 181
Table 250 Ip Nat start, Ip Nat Stop Commands.................. 181
Table 251 IP Nat Logging Command................................. 181
Table 252 Show Ip Nat Statistics Command ...................... 182
Table 253 Show Ip Nat Translations Command .................. 183
Table 254 Show IP Nat Count Command ........................... 183
Table 255 Debug Ip Nat Command .................................. 183
Table 256 Clear Ip Nat Statistics Command....................... 184
Table 257 Clear Ip Nat Translations Command................... 184
Table 258 Topics In Chapter 15 ....................................... 191
Table 259 Ip Verify Command ......................................... 193
Table 260 Urpf Log Command ......................................... 193
Table 261 Show Ip Interface Command ............................ 194
Table 262 Show IP Traffic Command ................................ 194
Table 263 Show Logging Alarm Typeid Command............... 194
Table 264 Topics In Chapter 16 ....................................... 197
Table 265 Ip Local Pool Command ................................... 198
Table 266 Ip Local Pool Conflict-Ip Command .................... 199
Table 267 Ip Dhcp Server Lease Time Command................ 199
Table 268 Ip Dhcp Server Dns Command .......................... 199
Table 269 Ip Dhcp Server Update Arp Command................ 200
Table 270 Ip Dhcp Server-Enable Command...................... 200
Table 271 Ip Dhcp Relay-Agent Command ........................ 201
Table 272 Ip Dhcp Relay Server Command........................ 201
Table 273 Ip Dhcp Relay Update Arp Command ................. 201
Table 274 Ip Dhcp Relay Information Option Command ...... 202
Table 275 Ip Dhcp Relay Information Format Command...... 202
Table 276 Ip Dhcp Relay Information Policy Command........ 202
Table 277 Debug Ip Dhcp Command ................................ 203
Table 278 Topics In Chapter 17 ....................................... 207
Table 279 Vrrp Ip Command ........................................... 208
Table 280 Vrrp Priority Command .................................... 208

302 Confidential and Proprietary Information of ZTE CORPORATION

 Tables

Table 281 Vrrp Preempt Command................................... 209

Table 282 Vrrp Advertise Command ................................. 209
Table 283 Vrrp Learn Command ...................................... 209
Table 284 Vrrp Authentication Command .......................... 210
Table 285 Show Track Command ..................................... 210
Table 286 Show Vrrp Command....................................... 210
Table 287 Debug Vrrp Command ..................................... 211
Table 288 Topics In Chapter 19 ....................................... 215
Table 289 Maximum Paths Command ............................... 216
Table 290 Ip Load Sharing Command ............................... 216
Table 291 Load Sharing Bandwidth Command ................... 217
Table 292 Topics In Chapter 19 ....................................... 233
Table 293 Maximum Paths Command ............................... 239
Table 294 Priority-List Default Command .......................... 240
Table 295 Priority-List Dscp Command ............................. 240
Table 296 Priority-List List Command ............................... 241
Table 297 Priority List-Mpls Command .............................. 241
Table 298 Priority List-Precedence Command..................... 242
Table 299 Priority List Queue Limit Command .................... 242
Table 300 Priority-Group Command ................................. 242
Table 301 Priority List – Interface Command ..................... 243
Table 302 Priority-List List Command ............................... 244
Table 303 Priority-List Default Command .......................... 244
Table 304 Priority List Queue Limit Command .................... 245
Table 305 Custom-Queue List Command........................... 245
Table 306 Random Detect Enable Command...................... 246
Table 307 Show Queuing Priority Command ...................... 246
Table 308 Show Queuing Interface Command.................... 247
Table 309 Show Queuing Fair Command ........................... 247
Table 310 Show Queuing Custom Command...................... 247
Table 311 Show Queuing Random-Detect Command........... 248
Table 312 Qos Ip Command ............................................ 248
Table 313 Topics In Chapter 21 ....................................... 251
Table 314 Interface TunnelCommand ............................... 254
Table 315 Tunnel Source Command ................................. 255
Table 316 Tunnel Destination Command ........................... 255

Confidential and Proprietary Information of ZTE CORPORATION 303

ZXR10 1800/2800/3800 Router User’s Manual (Volume II)

Table 317 Tunnel Key Command...................................... 255

Table 318 Tunnel Sequencing Command........................... 255
Table 319 Tunnel Checksum Command............................. 256
Table 320 Topics In Chapter 22 ....................................... 259
Table 321 Topics In Chapter 22 ....................................... 263
Table 322 Ntp Server Command ...................................... 264
Table 323 Ntp Enable Command ...................................... 264
Table 324 Ntp Source Command...................................... 264
Table 325 Show Ntp Status Command .............................. 264
Table 326 Show Ntp Status Command .............................. 266
Table 327 User-Authentication-Type Command.................. 266
Table 328 Snmp-Server Community Command .................. 267
Table 329 Snmp-Server View Command ........................... 268
Table 330 Snmp-Server Contact Command ....................... 268
Table 331 Snmp-Server Location Command ...................... 269
Table 332 Snmp Server Enable-Trap Command ................. 269
Table 333 Snmp-Server Host Command ........................... 269
Table 334 Snmp-Server Group Command ......................... 270
Table 335 Snmp-Server User Command ........................... 270
Table 336 Show Snmp Command .................................... 271
Table 337 Rmon Collection Stastics .................................. 272
Table 338 Rmon Alarm Command .................................... 272
Table 339 Rmon Event Command .................................... 273
Table 340 Show Rmon Command .................................... 273
Table 341 Logging On Command ..................................... 276
Table 342 Logging Buffer Command ................................. 276
Table 343 Logging Mode................................................. 276
Table 344 Logging Console Command .............................. 276
Table 345 Logging Level Command .................................. 277
Table 346 Logging Ftp Command..................................... 277
Table 347 Logging Trap Command ................................... 277
Table 348 Show Logging Alarm Command......................... 278
Table 349 Lfap Enable Command ..................................... 280
Table 350 Lfap Disable Command .................................... 280
Table 351 Lfas Fas Server Command................................ 280
Table 352 Lfap Backup-Server 1 Command ....................... 281

304 Confidential and Proprietary Information of ZTE CORPORATION

 Tables

Table 353 Lfap Backup-Server2 Command ........................ 281

Table 354 Lfap Max-Send-Fun Size Command ................... 281
Table 355 Lfap Update-Interval Command ........................ 282
Table 356 Lfap Server Retry-Interval Command................. 282
Table 357 Lfap Message-Response-Interval Command ........ 282
Table 358 Lfap Ka-Interval Command............................... 282
Table 359 Lfap Flow-Expired Time Command..................... 283
Table 360 Lfap Statistic Sample-Rate Command ................ 283
Table 361 Show Lfap Config Command ............................. 283
Table 362 Show Lfap Statistic Command.......................... 284

Confidential and Proprietary Information of ZTE CORPORATION 305