|
|
This chapter describes how to configure IP routing protocol-independent features used by the Cisco Optical Networking System (ONS) 15303. The Cisco ONS 15303 supports only static, default, and policy routing modes. In particular, the Cisco ONS 15303 relies upon policy routing to ensure that traffic arriving on an input interface is forwarded only to the configured output interface within the user plane, and that traffic from the user and management planes of the network are not intermixed. Within the Cisco ONS 15303, there is a conceptual distinction between the set of interfaces that serve user/subscriber traffic and those that serve internal management traffic. The former set of interfaces comprise the user plane network, while the latter comprise the management plane network. Policy routing allows traffic to be kept logically separated, and to ensure administrative forwarding rules are observed. Therefore, traffic from different subscribers and management traffic can be kept separated.
For a complete description of the IP routing protocol-independent commands in this chapter, refer to the "IP Routing Protocol-Independent Commands" chapter of the Network Protocols Command Reference, Part 1. To locate documentation of other commands in this chapter, use the command reference master index or search online.
The following sections describe optional features that are protocol-independent:
See the "IP Routing Protocol-Independent Configuration Examples" section for configuration examples.
Like other Cisco IOS platforms, the Cisco ONS 15303 supports variable-length subnet masks (VLSMs). With VLSMs, you can use different masks for the same network number on different interfaces, which allows you to conserve IP addresses and more efficiently use available address space. However, using VLSMs also presents address assignment challenges for the network administrator and ongoing administrative challenges.
Refer to RFC 1219 for detailed information about VLSMs and how to correctly assign addresses.
The best way to implement VLSMs is to keep your existing numbering plan in place and gradually migrate some networks to VLSMs to recover address space. See the "Variable-Length Subnet Mask Example" section for an example of using VLSMs.
Static routes are user-defined routes that cause packets moving between a source and a destination to take a specified path. Static routes can be important if the Cisco IOS software cannot build a route to a particular destination. They are also useful for specifying a gateway of last resort to which all unroutable packets will be sent.
To configure a static route, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Establish a static route. | ip route prefix mask {address | interface} [distance] [tag tag] [permanent] |
See the "Policy Routing to Segregate Different User Traffic Example" section for an example of configuring static routes.
The software remembers static routes until you remove them (using the no form of the ip route global configuration command). However, you can override static routes with dynamic routing information through prudent assignment of administrative distance values. Each dynamic routing protocol has a default administrative distance, as listed in Table 9-1. If you would like a static route to be overridden by information from a dynamic routing protocol, simply ensure that the administrative distance of the static route is higher than that of the dynamic protocol.
| Route Source | Default Distance |
|---|---|
Connected interface | 0 |
Static route | 1 |
Enhanced IGRP summary route | 5 |
External BGP | 20 |
Internal Enhanced IGRP | 90 |
IGRP | 100 |
OSPF | 110 |
IS-IS | 115 |
RIP | 120 |
Internal BGP | 200 |
Unknown | 255 |
When an interface goes down, all static routes through that interface are removed from the IP routing table. Also, when the software can no longer find a valid next hop for the address specified as the forwarding router's address in a static route, the static route is removed from the IP routing table.
As an edge networking device, a Cisco ONS 15303 might not be able to determine the routes to all other networks. To provide complete routing capability, the common practice is to use some routers as smart routers and give the remaining routers default routes to the smart router. (Smart routers have routing table information for the entire internetwork.) These default routes can be passed along dynamically, or can be configured into the individual routers.
Most dynamic interior routing protocols include a mechanism for causing a smart router to generate dynamic default information that is then passed along to other routers.
If a router has a directly connected interface onto the specified default network, the dynamic routing protocols running on that device will generate or source a default route. In the case of RIP, it will advertise the pseudonetwork 0.0.0.0. In the case of IGRP, the network itself is advertised and flagged as an exterior route.
A router that is generating the default for a network also can need a default of its own. One way of doing this is to specify a static route to the network 0.0.0.0 through the appropriate device.
To define a static route to a network as the static default route, complete the following task in global configuration mode:
| Task | Command |
|---|---|
Specify a default network. | ip default-network network-number |
When default information is being passed along through a dynamic routing protocol, no further configuration is required. The system periodically scans its routing table to choose the optimal default network as its default route. In the case of RIP, there is only one choice, network 0.0.0.0. In the case of IGRP, there might be several networks that can be candidates for the system default. The Cisco IOS software uses both administrative distance and metric information to determine the default route (gateway of last resort). The selected default route appears in the gateway of last resort display of the show ip route EXEC command.
If dynamic default information is not being passed to the software, candidates for the default route are specified with the ip default-network command. In this usage, ip default-network takes an unconnected network as an argument. If this network appears in the routing table from any source (dynamic or static), it is flagged as a candidate default route and is a possible choice as the default route.
If the router has no interface on the default network, but does have a route to it, it considers this network as a candidate default path. The route candidates are examined and the best one is chosen, based on administrative distance and metric. The gateway to the best default path becomes the gateway of last resort.
The Cisco ONS 15303 relies upon policy routing to ensure that traffic arriving on an input interface is forwarded only to the selected output interface within the user plane, and that traffic from the user and management planes of the network is not intermixed. The policy routing rules allow multiple users to use a Cisco ONS 15303 while ensuring that each user's traffic is forwarded only between administratively defined input and output interfaces. For multisubscriber applications, it is important that the policy routing rules be specified such that traffic arriving on Ethernet interfaces is routing to the serial interface. Routing of traffic between two Ethernet interfaces on the same Cisco ONS 15303 should be disabled through the use of policy routing rules.
In general, policy routing is a more flexible mechanism for routing packets than destination routing. It is a process whereby the router puts packets through a route map before routing them. The route map determines which packets are routed to which router next. You might enable policy routing if you want certain packets to be routed some way other than the obvious shortest path. Some possible applications for policy routing are to provide equal access, protocol-sensitive routing, source-sensitive routing, routing based on interactive versus batch traffic, or routing based on dedicated links.
To enable policy routing, you must identify which route map to use for policy routing and create the route map. The route map itself specifies the match criteria and the resulting action if all of the match clauses are met. These steps are described in the following three task tables.
To enable policy routing on an interface, indicate which route map the router should use by completing the following task in interface configuration mode. All packets arriving on the specified interface will be subject to policy routing. This command disables fast switching of all packets arriving on this interface.
| Task | Command |
|---|---|
Identify the route map to use for policy routing. | ip policy route-map map-tag |
You must also define the route map to be used for policy routing. Complete the following task in global configuration mode:
| Task | Command |
|---|---|
Define a route map to control where packets are output. | route-map map-tag [permit | deny] [sequence-number] |
The next step is to define the criteria by which packets are examined to see if they will be policy routed. No match clause in the route map indicates all packets. Complete one or more of the following tasks in route-map configuration mode:
| Task | Command |
|---|---|
Match the Level 3 length of the packet. | match length min max |
Match the destination IP address that is permitted by one or more standard or extended access lists. | match ip address {access-list-number | name} [...access-list-number | name] |
The last step is to set the precedence and specify where the packets that pass the match criteria are output. To do so, complete the following tasks in route-map configuration mode:
| Task | Command |
|---|---|
Set the precedence value in the IP header. | set ip precedence value |
Specify the next hop to which to route the packet (it need not be adjacent). | |
Specify the output interface for the packet. | set interface type number [... type number] |
Specify the next hop to which to route the packet, if there is no explicit route for this destination. | set ip default next-hop ip-address [... ip-address] |
Specify the output interface for the packet, if there is no explicit route for this destination. | set default interface type number [... type number] |
The precedence bits in the IP header can be set in the router when policy routing is enabled. When the packets containing those headers arrive at another router, the packets are ordered for transmission according to the precedence set, if the queuing feature is enabled. The router does not honor the precedence bits if queuing is not enabled; the packets are sent in first-in, first-out order.
You can change the precedence setting, using either a number or name. The names came from RFC 791, but are evolving. You can enable other features that use the values in the set ip precedence command to determine precedence. Table 9-2 lists the possible numbers and their corresponding name, from least important to most important.
| Number | Name |
|---|---|
0 | routine |
1 | priority |
2 | immediate |
3 | flash |
4 | flash-override |
5 | critical |
6 | internet |
7 | network |
The set commands can be used in conjunction with each other. They are evaluated in the order shown in the previous task table. A usable next hop implies an interface. When the local router finds a next hop and a usable interface, it routes the packet.
To display the cache entries in the policy route-cache, use the show ip cache policy command.
If you want policy routing to be fast-switched, see the section "Enable Fast-Switched Policy Routing," which follows.
See the "Policy Routing to Segregate Different User Traffic Example" section for an example of policy routing.
IP policy routing can now be fast-switched. Prior to this feature, policy routing could only be process switched, which meant that on most platforms, the switching rate was approximately 1,000 to 10,000 packets per second. This was not fast enough for many applications. Users who need policy routing to occur at faster speeds can now implement policy routing without slowing down the router.
Fast-switched policy routing supports all of the match commands and most of the set commands, except for the following restrictions:
Policy routing must be configured before you configure fast-switched policy routing. Fast switching of policy routing is disabled by default. To have policy routing be fast-switched, complete the following task in interface configuration mode:
| Task | Command |
|---|---|
Enable fast switching of policy routing. |
Packets that are generated by the router are not normally policy-routed. To enable local policy routing for such packets, indicate which route map the router should use by completing the following task in global configuration mode. All packets originating on the router will then be subject to local policy routing.
| Task | Command |
|---|---|
Identify the route map to use for local policy routing. | ip local policy route-map map-tag |
Use the show ip local policy command to display the route map used for local policy routing, if one exists.
You can remove all contents of a particular cache, table, or database. You also can display specific statistics. The following sections describe each of these tasks.
You can remove all contents of a particular table. Clearing a table can become necessary when the contents of the particular structure have become, or are suspected to be, invalid.
To clear one or more routes from the IP routing table, complete the following task in EXEC mode:
| Task | Command |
|---|---|
Clear one or more routes from the IP routing table. | clear ip route {network [mask] | *} |
You can display specific statistics such as the contents of IP routing tables, caches, and databases. Information provided can be used to determine resource utilization and solve network problems. You can also display information about node reachability and discover the routing path your device's packets are taking through the network.
To display various routing statistics, complete the following tasks in EXEC mode:
| Task | Command |
|---|---|
Display the cache entries in the policy route-cache. | |
Display the local policy route map, if any. | |
Display policy route maps. | |
Display the parameters and current state of the active routing protocol process. | show ip protocols |
Display the current state of the routing table. | show ip route [address [mask] [longer-prefixes]] | [protocol [process-id]] |
Display the current state of the routing table in summary form. | |
Display supernets. | |
Display all route maps configured or only the one specified. | show route-map [map-name] |
The following sections provide routing protocol-independent configuration examples:
In the following example, a 14-bit subnet mask is used, leaving two bits of address space reserved for serial line host addresses. There is sufficient host address space for two host endpoints on a point-to-point serial link.
interface ethernet 0 ip address 131.107.1.1 255.255.255.0 ! 8 bits of host address space reserved for ethernets interface serial 0 ip address 131.107.254.1 255.255.255.252 ! 2 bits of address space reserved for serial lines ! Router is configured for OSPF and assigned AS 107 router ospf 107 ! Specifies network directly connected to the router network 131.107.0.0 0.0.255.255 area 0.0.0.0
The following example provides two sources with equal access to two different service providers. Packets arriving on serial interface 1 from the source 1.1.1.1 are sent to the router at 6.6.6.6 if the router has no explicit route for the packet's destination. Packets arriving from the source 2.2.2.2 are sent to the router at 7.7.7.7 if the router has no explicit route for the packet's destination. All other packets for which the router has no explicit route to the destination are discarded.
access-list 1 permit ip 1.1.1.1 access-list 2 permit ip 2.2.2.2 ! interface serial 1 ip policy route-map equal-access ! route-map equal-access permit 10 match ip address 1 set ip default next-hop 6.6.6.6 route-map equal-access permit 20 match ip address 2 set ip default next-hop 7.7.7.7 route-map equal-access permit 30 set default interface null0
Posted: Fri Apr 7 10:23:14 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.