Configuring GateD

Configuring GateD

Table of Contents About this Manual ................................................................................................. 11 $XGLHQ.H  &RQYHQWLRQV  Overview and Statement Summary .................................................................... 13 :KDWLV*DWH'"  *DWH'6\QWD[   6WDWHPHQW*URXSLQJ   5RXWH3UHIHUHQ.HDQG6HOH.WLQJD5RXWH   6WDWHPHQW6XPPDU\  Preferences and Route Selection ....................................................................... 19 5RXWH3UHIHUHQ.HV  %*35RXWH6HOH.WLRQ   $VVLJQLQJ3UHIHUHQ.HV   6DPSOH3UHIHUHQ.H6SH.LIL.DWLRQV  Trace Statements and Global Options ............................................................... 23 7UD.HRSWLRQV2YHUYLHZ  *OREDO7UD.LQJ2SWLRQV  3D.NHW7UD.LQJ  7UD.HRSWLRQV6\QWD[   Directive Statements ............................................................................................ 27 Options Statements ............................................................................................. 29 Interface Statement .............................................................................................. 31 ,QWHUID.H6\QWD[   ,QWHUID.H/LVWV  ([DPSOHRI'HILQH6WDWHPHQWVIRU*DWH'   ([DPSOHRI'HILQH6WDWHPHQWIRU*DWH'   ,3,QWHUID.H$GGUHVVHVDQG5RXWHV  ,QWHUID.H$OLDVHVIRU,3Y  Definition Statements .......................................................................................... 43 'HILQLWLRQ2YHUYLHZ  $XWRQRPRXV6\VWHP6\QWD[   5RXWHU,'6\QWD[  0DUWLDQ6\QWD[  6DPSOH'HILQLWLRQ6WDWHPHQWV  

Multiple RIBs .........................................................................................................47 0XOWLSOH5,%V2YHUYLHZ  'LUH.W,QWHUID.H5RXWHV  6WDWL.5RXWHV  $JJUHJDWH5RXWHV  ,PSRUWLQJ5RXWHV   JLL  Configuration Initialization and Re-init ...............................................................51 2YHUYLHZ  3KDVH,QLWLDOL]DWLRQRI3UR.HVV  3KDVH,QLWLDOL]DWLRQRI7DVNV   Unicast Protocol Statements ...............................................................................53 8QL.DVW3URWR.RO2YHUYLHZ  Intra-Domain Routing Protocols ..........................................................................55 ,QWUD'RPDLQ5RXWLQJ3URWR.ROV  5,3  263)   ,6,6  Routing Information Protocol (RIP) .....................................................................57 2YHUYLHZ  5,36\QWD[   5,37UD.LQJ2SWLRQV  The OSPF Protocol ...............................................................................................69 263)2YHUYLHZ  1RWHVRQ1HZ263)  2OG263)   1HZ263)   The IS-IS Intra-Domain Protocol ..........................................................................111 2YHUYLHZ  ,6,66\QWD[   ,6,6'HIDXOWV  ,6,67UD.LQJ2SWLRQV  ,6,6([DPSOH6\QWD[   Inter-Domain Routing Protocols ..........................................................................121 ,QWHU'RPDLQ2YHUYLHZ  (*3  %*3   The Exterior Gateway Protocol (EGP) .................................................................123 (*32YHUYLHZ   (*36\QWD[   (*37UD.LQJ2SWLRQV  

Configuring GateD

The Border Gateway Protocol ............................................................................. 129 %*32YHUYLHZ   5RXWH6HOH.WLRQ   ([WHQGHG%*3)HDWXUHV   &LV.R,QWHURSHUDELOLW\   %*3,VVXHV   %*33XEOL.   %*3&RQVRUWLXP   Other Routing Protocols ...................................................................................... 195 2WKHU5RXWLQJ3URWR.ROV2YHUYLHZ  5RXWHU'LV.RYHU\   Router Discovery .................................................................................................. 197 5RXWHU'LV.RYHU\2YHUYLHZ  7KH5RXWHU'LV.RYHU\6HUYHU  5RXWHU'LV.RYHU\6HUYHU6\QWD[  7KH5RXWHU'LV.RYHU\&OLHQW6\QWD[   5RXWHU'LV.RYHU\7UD.LQJ2SWLRQV  Other Support ....................................................................................................... 203 2WKHU6XSSRUW2YHUYLHZ  ,&03   5HGLUH.W  .HUQHO,QWHUID.H   6WDWL.5RXWHV   The ICMP Statement ............................................................................................. 205 ,&032YHUYLHZ  ,&036\QWD[  ,&037UD.LQJ2SWLRQV   Redirect Processing ............................................................................................. 207 5HGLUH.W2YHUYLHZ   5HGLUH.W6\QWD[  7UD.LQJ2SWLRQV   The Kernel Interface Statement .......................................................................... 209 .HUQHO,QWHUID.H2YHUYLHZ  .HUQHO,QWHUID.H6\QWD[   .HUQHO,QWHUID.H7UD.LQJ2SWLRQV  )RUZDUGLQJ7DEOHVDQG5RXWLQJ7DEOHV   5HDGLQJWKH,QWHUID.H/LVW   5HDGLQJ,QWHUID.H3K\VL.DO$GGUHVVHV   Static Routes ........................................................................................................ 219 6WDWL.2YHUYLHZ   6WDWL.6\QWD[  Multicast Protocol Statements ............................................................................ 223 0XOWL.DVW3URWR.RO2YHUYLHZ  

Intra-Domain Multicast Routing Protocols .........................................................225 ,QWUD'RPDLQ5RXWLQJ3URWR.ROV2YHUYLHZ   '9053   3,0'0DQG3,060   06'3QRW\HWDYDLODEOH  The DVMRP Statement .........................................................................................227 '90532YHUYLHZ  '90536\QWD[   7UD.LQJ2SWLRQV  Protocol Independent Multicast (PIM-DM and PIM-SM) ....................................231 3,02YHUYLHZ  3,06\QWD[   3,07UD.LQJ2SWLRQV  3,06DPSOH&RQILJXUDWLRQ)LOHV  Multicast Inter-Domain Routing Protocols .........................................................243 0XOWL.DVW,QWHU'RPDLQ2YHUYLHZ   03%*3   Multi-Protocol - Border Gateway Protocol (MPBGP) .........................................245 03%*32YHUYLHZ   03%*36\QWD[  03%*37UD.LQJ2SWLRQV   03%*3&RQILJXUDEOH2SWLRQV  Multicast Source Discovery Protocol (MSDP) ....................................................273 06'32YHUYLHZ   06'36\QWD[   06'37UD.LQJ2SWLRQV   Other Support ........................................................................................................275 2WKHU0XOWL.DVW6XSSRUW2YHUYLHZ   ,*03   0XOWL.DVW6WDWHPHQW  Internet Group Management Protocol (IGMP) ....................................................277 ,*032YHUYLHZ   ,*036\QWD[  ,*037UD.LQJ2SWLRQV   6DPSOH,*03&RQILJXUDWLRQV  Multicast Statement ..............................................................................................283 0XOWL.DVW6WDWHPHQW2YHUYLHZ   0XOWL.DVW6WDWHPHQW6\QWD[   IPv6 .........................................................................................................................285 ,3Y3URWR.RO2YHUYLHZ 

Configuring GateD

Static Routes for IPv6 (Preliminary) ................................................................... 287 ,3Y6WDWL.2YHUYLHZ  ,3Y6WDWL.6\QWD[   RIPng ..................................................................................................................... 291 ,3Y6WDWL.2YHUYLHZ  5,3QJ6\QWD[   5,3QJ7UD.LQJ2SWLRQV   RSD Control Statements ...................................................................................... 295 56'2YHUYLHZ   RSd View Statements ........................................................................................... 297 9LHZ2YHUYLHZ  9LHZ6\QWD[   Link-layer Unreachability Control Using RSC ................................................... 303 Sample RIBs/View Statements ............................................................................ 305 Route Filtering ...................................................................................................... 311 5RXWH)LOWHULQJ2YHUYLHZ   5RXWH)LOWHULQJ6\QWD[  Matching AS Paths ............................................................................................... 315 $63DWK2YHUYLHZ   $63DWK0DW.KLQJ6\QWD[   $63DWK5HJXODU([SUHVVLRQV   AS Path Attributes ................................................................................................ 319 $63DWK$WWULEXWHV2YHUYLHZ   $63DWK$WWULEXWHV6\QWD[  Route Importation ................................................................................................ 321 5RXWH,PSRUWDWLRQ2YHUYLHZ  6SH.LI\LQJ3UHIHUHQ.HV   5RXWH)LOWHUV   ,PSRUWLQJ5RXWHVLQWR'LIIHUHQW5,%6   ,PSRUWLQJ5RXWHVIURP%*3DQG(*3  ,PSRUWLQJ5RXWHVIURP5,3DQG5HGLUH.WV  ,PSRUWLQJ5RXWHVIURP263)  ([DPSOHVRI,PSRUWDWLRQLQWR0XOWL.DVW5,%V  Route Exportation ................................................................................................ 327 5RXWH([SRUWDWLRQ2YHUYLHZ  6SH.LI\LQJ0HWUL.V  5RXWH)LOWHUV   6SH.LI\LQJWKH'HVWLQDWLRQ  6SH.LI\LQJWKH6RXU.H   Route Aggregation ............................................................................................... 335 5RXWH$JJUHJDWLRQ2YHUYLHZ 

$JJUHJDWLRQDQG*HQHUDWLRQ6\QWD[  ([SRUWLQJ*HQHUDWHGYV$JJUHJDWHG5RXWHV  $JJUHJDWLQJLQWR8QL.DVWDQG0XOWL.DVW5,%V  Route Flap Dampening .........................................................................................341 5RXWH)ODS'DPSHQLQJ2YHUYLHZ  5RXWH)ODS'DPSHQLQJ6\QWD[   SNMP ......................................................................................................................343 61032YHUYLHZ   61036\QWD[   61037UD.LQJ2SWLRQV   SMUX ......................................................................................................................347 608;2YHUYLHZ   608;6\QWD[  608;7UD.LQJ2SWLRQV   Sample Host Configurations ................................................................................351 2YHUYLHZ  5,3  Sample Interior Gateway (Intra-Domain) Configurations ..................................353 2YHUYLHZ  5,3  263)   5,3DQG263)   Sample Exterior Gateway (Inter-Domain) Configurations .................................361 2YHUYLHZ  5,3(*3&RQILJXUDWLRQ  %*3263)&RQILJXUDWLRQ  Sample Multicast Router Configurations ...........................................................365 2YHUYLHZ  ,*03DQG'9053Y  6DPSOH3,060YRYHU5,3.RQILJXUDWLRQ   ,*032QO\   3,0'HQVH0RGHRYHU263)  Sample RSd Configurations ................................................................................371 2YHUYLHZ  5RXWH6HUYHU)RXU&OLHQWV  %*36WDWHPHQW   6WDWL.5RXWHV  5RXWH)ODS'DPSHQLQJ   9LHZV   Glossary of Terms ................................................................................................375 References .............................................................................................................385 5HTXHVWIRU&RPPHQWV5)&VE\1XPEHU  
8

Configuring GateD

Deprecated Features ............................................................................................ 393 3URWR.ROV   .H\ZRUGV   Frequently Asked Questions ............................................................................... 395 .HUQHO,QWHUD.WLRQV  3URWR.ROV  

10

Configuring GateD

Chapter 1
About this Manual
1.0.0 Audience 7KLVPDQXDOLVZULWWHQIRUV\VWHPDGPLQLVWUDWRUVZKRDUHWU\LQJWR.RQILJ XUH*DWH'WRURXWHSD.NHWV<RXZLOOQHHGWRXQGHUVWDQGEDVL.URXWLQJ .RQ.HSWVDQG81,;.RPPDQGVWRXQGHUVWDQGWKLVPDQXDO 7KURXJKRXWWKLVPDQXDONH\ZRUGVDQGVSH.LDO.KDUD.WHUVWKDWWKHSDUVHU H[SH.WVH[D.WO\DUHGLVSOD\HGLQcourier bold3DUDPHWHUVDUHVKRZQLQ courier italics2SWLRQDONH\ZRUGVRUSDUDPHWHUVDUHVKRZQLQVTXDUH EUD.NHWV
>
DQG
@
7KHYHUWL.DOEDU
_
LVXVHGWRLQGL.DWHD.KRL.HRI SDUDPHWHUV3DUHQWKHVHV

DQG

DUHXVHGWRJURXSNH\ZRUGVDQGSDUDP HWHUVZKHQQH.HVVDU\ )RUH[DPSOHLQWKHV\QWD[GHV.ULSWLRQ
[ backbone | ( area areanumber ) ] backboneDQGareaDUHNH\ZRUGVareanumberLVDYDULDEOHRIarea7KH

1.0.1 Conventions

VTXDUHEUD.NHWVLQGL.DWHWKDWWKHVHNH\ZRUGVDUHRSWLRQDO7KHYHUWL.DOEDU LQGL.DWHVWKDWHLWKHUbackboneRUareaareanumberPD\EHVSH.LILHG %H.DXVHareanumberLVLQWKHLWDOL.V\RXPXVWSURYLGHWKHYDOXHIRUWKLV YDULDEOH

11

About This Manual

12

Configuring GateD

Chapter 1 Section 1
Overview and Statement Summary
1.1.0 What is GateD? *DWH'LVDPRGXODUVRIWZDUHSURJUDP.RQVLVWLQJRI core services a routing database protocol modules supporting multiple routing protocols RIP versions 1 and 2 OSPF version 1 and 2 IS-IS EGP version 2 BGP versions 2 through 4 and BGP4+ ICMP DVMRP MSDP, PIM-SM and DM IGMP IPv6 protocols, such as RIPng *DWH'ZDVILUVWXVHGWRLQWHU.RQQH.WWKH16)1(7DQGHPHUJLQJUHJLRQDO QHWZRUNVDQGWRLPSOHPHQWILOWHUHGURXWLQJEDVHGRQSROL.\*DWH'DOORZV DQHWZRUNDGPLQLVWUDWRUWR.RQWUROLPSRUWDQGH[SRUWRIURXWLQJLQIRUPD WLRQE\ individual protocol source and destination autonomous system source and destination interface previous hop router specific destination address 7KHQHWZRUNDGPLQLVWUDWRU.DQVSH.LI\DSUHIHUHQ.HOHYHOIRUHD.K.RPEL QDWLRQRIURXWLQJLQIRUPDWLRQWKDWLVLPSRUWHGE\XVLQJDIOH[LEOHPDVNLQJ .DSDELOLW\2Q.HWKHSUHIHUHQ.HOHYHOVDUHDVVLJQHG*DWH'PDNHVDGH.L VLRQDERXWZKL.KURXWHWRXVHLQGHSHQGHQWRIWKHSURWR.ROVLQYROYHG *DWH'LVGHVLJQHGWRKDQGOHG\QDPL.URXWLQJLWLQ.OXGHVDURXWLQJGDWD EDVHEXLOWIURPLQIRUPDWLRQH[.KDQJHGE\URXWLQJSURWR.ROV 1.1.1 GateD Syntax 7KH*DWH'.RQILJILOH.RQVLVWVRIDVHTXHQ.HRIVWDWHPHQWVWHUPLQDWHGE\ DVHPL.RORQ

6WDWHPHQWVDUH.RPSRVHGRIWRNHQVVHSDUDWHGE\ZKLWH VSD.HZKL.K.DQEHDQ\.RPELQDWLRQRIEODQNVWDEVDQGQHZOLQHV7KLV VWUX.WXUHVLPSOLILHVLGHQWLIL.DWLRQRIWKHSDUWVRIWKH.RQILJXUDWLRQDVVR.L DWHGZLWKHD.KRWKHUDQGZLWKVSH.LIL.SURWR.ROV&RPPHQWVPD\EHVSH.L ILHGLQHLWKHURIWZRIRUPV2QHIRUPEHJLQVZLWKDSRXQGVLJQ

DQG UXQVWRWKHHQGRIWKHOLQH7KHRWKHUIRUPCVW\OHVWDUWVZLWKD

DQG .RQWLQXHVXQWLOLWUHD.KHV



13

Overview and Statement Summary

1.1.2 Statement Grouping

7KH.RQILJXUDWLRQVWDWHPHQWVDQGWKHRUGHULQZKL.KWKHVHVWDWHPHQWV DSSHDUGLYLGHgated.confLQWRVL[JRXSLQJV     RSWLRQVJURXSLQJ6HH&KDSWHU6H.WLRQIRUPRUHLQIRUPDWLRQ LQWHUID.HJURXSLQJ6HH&KDSWHU6H.WLRQIRUPRUHLQIRUPDWLRQ GHILQLWLRQJURXSLQJ6HH&KDSWHU6H.WLRQIRUPRUHLQIRUPDWLRQ XQL.DVWDQGPXOWL.DVWSURWR.ROJURXSLQJ6HH&KDSWHUVDQGIRU PRUHLQIRUPDWLRQ  VWDWL.JURXSLQJ6HH&KDSWHU6H.WLRQIRUPRUHLQIRUPDWLRQ  .RQWURODQGDJJUHJDWHJURXSLQJ6HH&KDSWHU6H.WLRQVDQGIRU PRUHLQIRUPDWLRQ (QWHULQJDJURXSLQJRXWRIRUGHU.DXVHVDQHUURUZKHQSDUVLQJWKH.RQ ILJXUDWLRQILOH6HHWKHVWDWHPHQWVXPPDU\WDEOHEHORZIRUPRUHLQIRUPD WLRQDERXWWKHVHJURXSLQJV 7ZRRWKHUW\SHVRIVWDWHPHQWVGRQRWILWLQWKHVH.DWHJRULHV%directive VWDWHPHQWVDQG%trace VWDWHPHQWV7KHVHVWDWHPHQWVSURYLGHLQVWUX. WLRQVWRWKHSDUVHUDQG.RQWUROWUD.LQJIURPWKH.RQILJXUDWLRQILOH7KH\ GRQRWUHODWHWRWKH.RQILJXUDWLRQRIDQ\SURWR.RODQGPD\R..XUDQ\ ZKHUHLQWKHgated.confILOH6HH&KDSWHU6H.WLRQIRUPRUHLQIRU PDWLRQDERXW'LUH.WLYH6WDWHPHQWVDQG&KDSWHU6H.WLRQIRUPRUH LQIRUPDWLQDERXW7UD.H6WDWHPHQWV

1.1.3 Route Preference and Selecting a Route

3UHIHUHQ.HLVWKHYDOXH*DWH'XVHVWRRUGHUSUHIHUHQ.HRIURXWHVIURP RQHSURWR.RORUSHHURYHUDQRWKHU3UHIHUHQ.H.DQEHVHWLQWKH*DWH' .RQILJXUDWLRQILOHVLQVHYHUDOGLIIHUHQW.RQILJXUDWLRQVWDWHPHQWV3UHIHU HQ.H.DQEHVHWEDVHGRQRQHQHWZRUNLQWHUID.HRYHUDQRWKHUIURPRQH SURWR.RORYHUDQRWKHURUIURPRQHUHPRWHJDWHZD\RYHUDQRWKHU%*3 VHOH.WVWKHEHVWSDWKWRDQ$6IURPDOOWKHNQRZQSDWKVDQGSURSDJDWHV WKHVHOH.WHGSDWKWRLWVQHLJKERUV*DWH'XVHV.HUWDLQ.ULWHULDLQD.HUWDLQ RUGHUWRVHOH.WWKHEHVWSDWK6HH&KDSWHU6H.WLRQIRUPRUHLQIRUPD WLRQDERXW3UHIHUHQ.HV 7KHVXPPDU\WDEOHRIWKH.RQILJXUDWLRQVWDWHPHQWVOLVWVHD.K*DWH'.RQ ILJXUDWLRQVWDWHPHQWE\QDPHLGHQWLILHVWKHVWDWHPHQWW\SHDQGSURYLGHV DVKRUWV\QRSVLVRIWKH.RPPDQG
VIXQ.WLRQ0RUHGHWDLOHGGHILQLWLRQV DQGGHV.ULSWLRQVRIHD.KRIWKHHLJKW.ODVVHVRI*DWH'VWDWHPHQWVIROORZ

1.1.4 Statement Summary

14

Configuring GateD

7KHVHVWDWHPHQWVPXVWDSSHDULQVWDWHPHQWW\SHRUGHULQWKH.RQILJXUD WLRQILOHIRUH[DPSOHGHILQLWLRQVWDWHPHQWVPXVWSUH.HGHSURWR.ROVWDWH PHQWVDQGEHSUH.HGHGE\DQLQWHUID.HVWDWHPHQW Table 1: 6XPPDU\RI*DWH'&RQILJXUDWLRQ6WDWHPHQWV Statement Name Chapter, Section Statement is Described &KDSWHU 6H.WLRQ Statement Type Statement Function Type of Protocol

%directory

directive

Sets the directory for include files. Includes a file into

gated.conf

n/a

%include

&KDSWHU 6H.WLRQ

directive

n/a

.
%trace

&KDSWHU 6H.WLRQ

trace

Specifies which events are traced. Defines GateD options. Defines GateD interfaces. Defines the AS number.

n/a

options

&KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ

option

n/a

interfaces

interface

n/a

autonomoussystem routerid

definition definition

n/a

Defines the n/a originating router protocol (BGP, OSPF). Defines invalid destination addresses. n/a

martians

&KDSWHU 6H.WLRQ

definition

15

Overview and Statement Summary

Table 1: 6XPPDU\RI*DWH'&RQILJXUDWLRQ6WDWHPHQWV Statement Name Chapter, Section Statement is Described &KDSWHU 6H.WLRQ Statement Type Statement Function Type of Protocol

multicast

protocol

Defines interfacespecific multicast options. Enables RIP protocol. Enables ISIS protocol. Configures kernel interface options.

n/a

rip

&KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ

protocol protocol protocol

Unicast Unicast Pseudopr otocol

isis

kernel

ospf

&KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ

protocol

Enables Unicast OSPF protocol. Enables EGP protocol. Enables BGP protocol. Configures the processing of ICMP redirects. Configures the processing of general ICMP packets. Unicast

egp

protocol

bgp

protocol

Unicast

redirect

protocol

Pseudopr otocol

icmp

&KDSWHU 6H.WLRQ

protocol

Pseudopr otocol

16

Configuring GateD

Table 1: 6XPPDU\RI*DWH'&RQILJXUDWLRQ6WDWHPHQWV Statement Name Chapter, Section Statement is Described &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ &KDSWHU 6H.WLRQ Statement Type Statement Function Type of Protocol

snmp

protocol

Enables reporting to SNMP. Enables PIM protocol. Enables DVMRP protocol. Enables MSDP protocol. Defines static routes. Defines which routes to import. Defines which routes to export. Defines which routes to aggregate. Defines which routes to generate.

Network Management Multicast

pim

protocol

dvmrp

protocol

Multicast

msdp

protocol

Multicast

static

static control

Pseudopr otocol n/a

import

export

&KDSWHU 6H.WLRQ

control

n/a

aggregate

&KDSWHU 6H.WLRQ

control

n/a

generate

&KDSWHU 6H.WLRQ

control

n/a

17

Overview and Statement Summary

18

Configuring GateD

Chapter 1 Section 2
Preferences and Route Selection
1.2.0 Route Preferences 3UHIHUHQ.HLVWKHYDOXHWKDW*DWH'XVHVWRVHOH.WRQHURXWHRYHUDQRWKHU ZKHQPRUHWKDQRQHURXWHWRWKHVDPHGHVWLQDWLRQLVOHDUQHGIURPGLIIHU HQWSURWR.ROVRUSHHUV3UHIHUHQ.H.DQEHVHWLQWKH*DWH'.RQILJXUDWLRQ ILOHVLQVHYHUDOGLIIHUHQW.RQILJXUDWLRQVWDWHPHQWV3UHIHUHQ.H.DQEHVHW EDVHGRQRQHQHWZRUNLQWHUID.HRYHUDQRWKHURQHSURWR.RORYHUDQRWKHU RURQHUHPRWHJDWHZD\RYHUDQRWKHU3UHIHUHQ.HPD\QRWEHXVHGWR.RQ WUROWKHVHOH.WLRQRIURXWHVZLWKLQDQLQWHULRUJDWHZD\SURWR.RO7KLV.RQ WUROLVD..RPSOLVKHGDXWRPDWL.DOO\E\WKHSURWR.ROEDVHGRQPHWUL. 3UHIHUHQ.HPD\EHXVHGWRVHOH.WURXWHVIURPWKHVDPHH[WHULRUJDWHZD\ SURWR.ROVX.KDV%*3OHDUQHGIURPGLIIHUHQWSHHUVRUDXWRQRPRXVV\V WHPV(D.KURXWHKDVRQO\RQHSUHIHUHQ.HYDOXHDVVR.LDWHGZLWKLWHYHQ WKRXJKSUHIHUHQ.H.DQEHVHWDWPDQ\SOD.HVLQWKH.RQILJXUDWLRQILOH6LP SO\WKHODVWRUPRVWVSH.LIL.SUHIHUHQ.HYDOXHVHWIRUDURXWHLVWKHYDOXH XVHG 7KH preference YDOXHLVDQDUELWUDULO\DVVLJQHGYDOXHXVHGWRGHWHUPLQH WKHRUGHURIURXWHVWRWKHVDPHGHVWLQDWLRQLQDVLQJOHURXWLQJGDWDEDVH 7KHD.WLYHURXWHLV.KRVHQE\WKHORZHVWpreference YDOXH6RPHSURWR .ROVLPSOHPHQWDVH.RQGSUHIHUHQ.H(preference2)VRPHWLPHVUHIHUUHG WRDVDWLHEUHDNHU7KH%*3SURWR.ROXVHVpreference2. 1.2.1 BGP Route Selection 7KHVHOH.WLRQSUR.HVVGLIIHUVVOLJKWO\EHWZHHQWKH%*3SXEOL..RGHDQGWKH .RQVRUWLXPYHUVLRQVRI*DWH'7KHSXEOL..RGHLVEDVHGRQ5)& ZKLOHWKH.RQVRUWLXP.RGHLVNHSWXSWRGDWHZLWKWKHODWHVW%*3GUDIW 7KHSXEOL..RGHDOVRGRHVQRWVXSSRUW0('V6HH&KDSWHU6H.WLRQ IRUPRUHLQIRPDWLRQDERXW0('V7KHGLIIHUHQ.HVDUHVXPPDUL]HGLQWKH IROORZLQJWDEOH 7DEOH3UHIHUHQ.H6HOH.WLRQ3UH.HGHQ.H 5)&JDWHGSXE &RQILJXUHG3ROL.\ 6RXU.H,*3(%*3,%*3 /R.DOB3UHI 2ULJLQ,*3(*3 ,Q.RPSOHWH %*3GUDIWJDWHGXQL JDWHG.RPER &RQILJXUHG3ROL.\ /R.DOB3UHI 6KRUWHVW$63DWK 2ULJLQ,*3(*3 ,Q.RPSOHWH

19

Preferences and Route Selection

7DEOH3UHIHUHQ.H6HOH.WLRQ3UH.HGHQ.H 5)&JDWHGSXE 6KRUWHVW$63DWK 6KRUWHVW,*3GLVWDQ.H /RZHVW5RXWHU,'  %*3GUDIWJDWHGXQL JDWHG.RPER %HVW0(' 6KRUWHVW,*3'LVWDQ.H 6RXU.H,*3(%*3,%*3 /RZHVW5RXWHU,'

 &RQILJXUHG3ROL.\7KHURXWHZLWKVPDOOHVWSUHIHUHQ.HDV GHWHUPLQHGE\WKHSROL.\GHILQHGLQJDWHG.RQI7ZRSUHIHU HQ.HVH[LVWSUHIHUHQ.HLVDWLHEUHDNHUZKHQWZRURXWHVKDYH WKHVDPHSUHIHUHQ.H  /R.DOB3UHI7KHURXWHZLWKWKHKLJKHVW%*3OR.DOSUHIHUHQ.H  6KRUWHVW$63DWK7KHURXWHZLWKWKHIHZHVWDXWRQRPRXVV\V WHPVOLVWHGLQLWV$63DWK  2ULJLQ,*3(*3,Q.RPSOHWH7KHURXWHZLWKDQ$6SDWK RULJLQRI,*3LVSUHIHUUHG1H[WLQSUHIHUHQ.HLVWKHURXWHZLWK $6SDWKRULJLQRI(*3/HDVWSUHIHUUHGLVDQ$6SDWKWKDWLV LQ.RPSOHWH  %HVW0('LIQRWLJQRUHG7KHURXWHZLWKWKHORZHVW0XOWL ([LW'LV.ULPLQDWRULVSUHIHUUHG0('VDUHRQO\.RPSDUHG EHWZHHQURXWHVWKDWZHUHUH.HLYHGIURPWKHVDPHQHLJKERU$6 6RWKLVWHVWLVRQO\DSSOLHGLIWKHOR.DO$6KDVWZRRUPRUH.RQ QH.WLRQVWRDJLYHQQHLJKERU$6  6KRUWHVW,*3'LVWDQ.H7KHURXWHZKRVH1(;7B+23LV .ORVHUZLWKUHVSH.WWRWKH,*3GLVWDQ.HLVSUHIHUUHG  6RXU.H,*3(%*3,%*33UHIHUILUVWWKHVWUL.WO\LQWHULRU URXWHWKHQWKHVWUL.WO\H[WHULRUURXWHWKHQWKHH[WHULRUURXWH OHDUQHGIURPDQLQWHULRUVHVVLRQ  /RZHVW5RXWHU,'7KHURXWHIURPWKH%*3VSHDNHUZLWKWKH ORZHVW5RXWHU,'LVSUHIHUUHG

20

Configuring GateD

7DEOH'HIDXOW3UHIHUHQ.HV 3UHIHUHQ.HRI 'LUH.W.RQQH.WHGQHWZRUNV 263)URXWHV ,6,6OHYHOURXWHV ,6,6OHYHOURXWHV ,QWHUQDOO\JHQHUDWHGGHIDXOW 5HGLUH.WV 5RXWHVOHDUQHGYLDURXWH VR.NHW 6WDWL.URXWHVIURP.RQILJ $1663)6/63URXWHV 5,3URXWHV 3RLQWWRSRLQWLQWHUID.H 5RXWHVWRLQWHUID.HVWKDWDUH interfaces GRZQ $JJUHJDWHJHQHUDWHURXWHV 263)$6H[WHUQDOURXWHV %*3URXWHV (*3 1.2.2 Assigning Preferences
aggregate/generate ospf bgp egp

'HILQHGE\ 6WDWHPHQW
interface ospf isis level 1 isis level 2 gendefault redirect kernel

'HIDXOW                

static slsp rip

$GHIDXOWSUHIHUHQ.HLVDVVLJQHGWRHD.KVRXU.HIURPZKL.K*DWH' UH.HLYHVURXWHV3UHIHUHQ.HYDOXHVUDQJHIURPWRZLWKWKHORZ HVWQXPEHULQGL.DWLQJWKHPRVWSUHIHUUHGURXWH 7KHIROORZLQJWDEOHVXPPDUL]HVWKHGHIDXOWSUHIHUHQ.HYDOXHVIRU URXWHVOHDUQHGLQYDULRXVZD\V7KHWDEOHOLVWVWKHVWDWHPHQWVVRPH RIWKHVHDUH.ODXVHVZLWKLQVWDWHPHQWVWKDWVHWSUHIHUHQ.HDQG VKRZVWKHW\SHVRIURXWHVWRZKL.KHD.KVWDWHPHQWDSSOLHV7KH WDEOHOLVWVWKHSUHIHUHQ.HSUH.HGHQ.HEHWZHHQSURWR.ROVDQGWKH GHIDXOWSUHIHUHQ.HIRUHD.KW\SHRIURXWH7KHPRUHQDUURZWKH V.RSHRIWKHVWDWHPHQWWKHKLJKHUWKHSUH.HGHQ.HLWVSUHIHUHQ.H YDOXHLVJLYHQEXWWKHVPDOOHUWKHVHWRIURXWHVLWDIIH.WV

21

Preferences and Route Selection

BGP allows two preferences: preference and preference2. preference2 is a tie breaker and has a default value of 0. 1.2.3 Sample Preference Specifications
interfaces { interface 138.66.12.2 preference 10 ; } ; rip yes { preference 90 ; } ; import proto rip gateway 138.66.12.1 preference 75 ;

,QWKHVHVWDWHPHQWVWKHSUHIHUHQ.HDSSOL.DEOHWRURXWHVOHDUQHGYLD 5,3IURPJDWHZD\LV7KHODVWSUHIHUHQ.HDSSOL.DEOH WRURXWHVOHDUQHGYLD5,3IURPJDWHZD\LVGHILQHGLQ WKHacceptVWDWHPHQW7KHSUHIHUHQ.HDSSOL.DEOHWRRWKHU5,3 URXWHVLVIRXQGLQWKHripVWDWHPHQW7KHSUHIHUHQ.HVHWRQWKH interfaceVWDWHPHQWDSSOLHVRQO\WRWKHURXWHWKDWJRHVWRWKDW LQWHUID.H

22

Configuring GateD

Chapter 1 Section 3
Trace Statements and Global Options
1.3.0 Traceoptions Overview 7UD.HVWDWHPHQWV.RQWUROWUD.LQJRSWLRQV*DWH'
VWUD.LQJRSWLRQVPD\EH .RQILJXUHGDWPDQ\OHYHOV7UD.LQJRSWLRQVLQ.OXGHWKHILOHVSH.LIL.DWLRQV .RQWURORSWLRQVDQGJOREDODQGSURWR.ROVSH.LIL.WUD.LQJRSWLRQV8QOHVV RYHUULGGHQWUD.LQJRSWLRQVIURPWKHQH[WKLJKHUOHYHODUHLQKHULWHGE\ ORZHUOHYHOV)RUH[DPSOH%*3SHHUWUD.LQJRSWLRQVDUHLQKHULWHGIURP %*3JURXSWUD.LQJRSWLRQVZKL.KDUHLQKHULWHGIURPJOREDO%*3WUD.LQJ RSWLRQVZKL.KDUHLQKHULWHGIURPJOREDO*DWH'WUD.LQJRSWLRQV$WHD.K OHYHOWUD.LQJVSH.LIL.DWLRQVRYHUULGHWKHLQKHULWHGRSWLRQV :KHQPRUHWKDQRQHWUD.HRSWLRQVOLQHLVXVHGLQDVH.WLRQWKHODVWWUD .HRSWLRQVOLQHWREHSDUVHGE\*DWH'LVWKHRQHWKDWWDNHVHIIH.W,QWKH .DVHRIJOREDOWUD.LQJDQ\WUD.HILOHVVSH.LILHGLQDQ\traceoptionsOLQH ZLOOEH.UHDWHGEXWWUD.LQJZLOO.HDVHIRUWKDWILOHZKHQWKHQH[WtraceoptionsOLQHLVSDUVHG 1.3.1 Global Tracing Options *DWH'XVHVWZRW\SHVRIJOREDORSWLRQVWKRVHWKDWDIIH.WRQO\JOREDORSHU DWLRQVDQGWKRVHWKDWKDYHSRWHQWLDOVLJQLIL.DQ.HWRSURWR.ROV 1.3.1.0 Global Significance Only 7KHWUD.HIODJVWKDWKDYHRQO\JOREDOVLJQLIL.DQ.HDUH VSH.LILHVWRWUD.HWKHOH[L.DODQDO\]HUDQGSDUVHU parse LVPRVWO\ XVHGE\*DWH'GHYHORSHUVIRUGHEXJJLQJ VSH.LILHVWRWUD.HWKHDOOR.DWLRQRIDQGIUHHLQJRISROL.\EOR.NV advLV PRVWO\XVHGE\*DWH'GHYHORSHUVIRUGHEXJJLQJ.
symbols symbolsVSH.LILHVWRWUD.HV\PEROVUHDGIURPWKHNHUQHODWVWDUWXS7KH RQO\XVHIXOZD\WRVSH.LI\WKLVOHYHORIWUD.LQJLVYLDWKH-tRSWLRQRQWKH adv adv parse parse

.RPPDQGOLQHEH.DXVHWKHV\PEROVDUHUHDGIURPWKHNHUQHOEHIRUHSDUVLQJ WKH.RQILJXUDWLRQILOH.

iflist iflist specifies to trace the reading of the kernel interface list. Specify iflist with the -t option on the command line because the first inter-

face scan is done before reading the configuration file. 1.3.1.1 Protocol Significance 7KHWUD.HIODJVWKDWKDYHSRWHQWLDOVLJQLIL.DQ.HWRSURWR.ROVDUH

23

Trace Statements and Global Options

all all

VSH.LILHVWRWXUQRQDOORIWKHIROORZLQJ VSH.LILHVWRWUD.HERWK normal DQG route.

general general normal normal

VSH.LILHVWRWUD.HQRUPDOSURWR.ROR..XUUHQ.HV$EQRUPDO SURWR.ROR..XUUHQ.HVDUHDOZD\VWUD.HG

route routeVSH.LILHVWRWUD.HURXWLQJWDEOH.KDQJHVIRUURXWHVLQVWDOOHG

E\WKLVSURWR.RORUSHHU

state state

VSH.LILHVWRWUD.HVWDWHPD.KLQHWUDQVLWLRQVLQWKHSURWR.ROV

policy policy

VSH.LILHVWRWUD.HDSSOL.DWLRQRISURWR.RODQGXVHUVSH.L ILHGSROL.\WRURXWHVEHLQJLPSRUWHGDQGH[SRUWHG

task task

VSH.LILHVWRWUD.HV\VWHPLQWHUID.HDQGSUR.HVVLQJDVVR.LDWHG ZLWKWKLVSURWR.RORUSHHU
timer timer

VSH.LILHVWRWUD.HWLPHUXVDJHE\WKLVSURWR.RORUSHHU

1RWDOORIWKHDERYHRSWLRQVDSSO\WRDOORIWKHSURWR.ROV,QVRPH .DVHVWKHLUXVHGRHVQRWPDNHVHQVHIRULQVWDQ.H5,3GRHVQRW KDYHDVWDWHPD.KLQHDQGLQVRPH.DVHVWKHUHTXHVWHGWUD.LQJKDV QRWEHHQLPSOHPHQWHGVX.KDV5,3VXSSRUWRIWKH policy RSWLRQ &XUUHQWO\\RX.DQ
WVSH.LI\SD.NHWWUD.LQJIURPWKH.RPPDQGOLQH EH.DXVHDJOREDORSWLRQIRUSD.NHWWUD.LQJ.RXOG.UHDWHWRRPX.K RXWSXW :KHQSURWR.ROVLQKHULWWKHLUWUD.LQJRSWLRQVIURPWKHJOREDOWUD. LQJRSWLRQVWUD.LQJOHYHOVWKDWGRQ
WPDNHVHQVHVX.KDV parse, adv DQG packet WUD.LQJRSWLRQVDUHPDVNHGRXW *OREDOWUD.LQJVWDWHPHQWVKDYHDQLPPHGLDWHHIIH.WHVSH.LDOO\SDUV LQJRSWLRQVWKDWDIIH.WWKHSDUVLQJRIWKH.RQILJXUDWLRQILOH7UD.LQJ YDOXHVLQKHULWHGE\SURWR.ROVVSH.LILHGLQWKH.RQILJXUDWLRQILOHDUH LQLWLDOO\LQKHULWHGIURPWKHJOREDORSWLRQVWKDWDUH.XUUHQWO\LQHIIH.W DVWKHSURWR.RO.RQILJXUDWLRQHQWULHVDUHSDUVHGXQOHVVWKH\DUH RYHUULGGHQE\PRUHVSH.LIL.RSWLRQV$IWHUWKH.RQILJXUDWLRQILOHLV UHDGWUD.LQJRSWLRQVWKDWZHUHQRWH[SOL.LWO\VSH.LILHGDUHLQKHULWHG IURPWKHJOREDORSWLRQVLQHIIH.WDWWKHHQGRIWKH.RQILJXUDWLRQ ILOH 1.3.2 Packet Tracing Tracing of packets is very flexible. For any given protocol there are one or more options for tracing packets. All protocols allow
24

Configuring GateD

use of the packets keyword for tracing all packets sent and received by the protocol. Most protocols have other options for limiting tracing to a useful subset of packet types. These tracing options can be further controlled with the following modifiers: PXVWEHVSH.LILHGEHIRUH send RU recv. 1RUPDOO\SD.NHWV DUHWUD.HGLQDWHUVHIRUPRIRQHRUWZROLQHV:KHQdetail LV VSH.LILHGDPRUHYHUERVHIRUPDWSURYLGHVIXUWKHUGHWDLORQWKH .RQWHQWVRIWKHSD.NHW
send RU recv send RUrecvOLPLWWKHWUD.LQJWRSD.NHWVVHQWRUUH.HLYHG,IRQHLV detailLIVSH.LILHGPXVWEHEHIRUH send detail detail

QRWVSH.LILHGERWKVHQWDQGUH.HLYHGSD.NHWVZLOOEHWUD.HG

RU recv. ,IDSURWR.RO DOORZVIRUVHYHUDOGLIIHUHQWW\SHVRISD.NHWWUD.LQJPRGLILHUVPD\ EHDSSOLHGWRHD.KLQGLYLGXDOW\SH+RZHYHUEHDZDUHWKDWZLWKLQ RQHWUD.LQJVSH.LIL.DWLRQWKHWUD.HIODJVDUHVXPPHGXSVRVSH.LI\ LQJ detail packets ZLOOWXUQRQIXOOWUD.LQJIRUDOOSD.NHWV

1.3.3 Traceoptions Syntax

traceoptions [ trace_file [ replace ] [ size tracesize [ k | m ] files tracefiles ] ] [ control_options ] trace_options [ except trace_options ] ; traceoptions none ;

7KLVVHTXHQ.HRIRSWLRQVLVXVHGWRVSH.LI\WKHQDPHRIWKHWUD.H ILOH(trace_file) RUILOHVDQGSDUDPHWHUVDERXWWKHVHVILOHV7UD.H ILOHV.DQEHVSH.LILHGDVDJOREDOSDUDPHWHUIRUDOORI*DWH'RUIRUD SURWR.ROLQVWDQ.HRUIRUDSHHURUSHHUVZLWKLQDSURWR.RO

trace_file trace_file VSH.LILHVWKHILOHWRUH.HLYHWUD.LQJLQIRUPDWLRQ,IWKLV

ILOHQDPHGRHVQRWEHJLQZLWKDVODVKWKHGLUH.WRU\ZKHUH *DWH'ZDVVWDUWHGLVSUHSHQGHGWRWKHQDPH

replace replace

VSH.LILHVWRVWDUWWUD.LQJE\UHSOD.LQJDQH[LVWLQJILOH7KH GHIDXOWLVWRDSSHQGWRDQH[LVWLQJILOH

size tracesize [ k | m ] files tracefiles size OLPLWVWKHPD[LPXPVL]HRIWKHWUD.HILOHWRWKHVSH.LILHGVL]H

PLQLPXPN:KHQWKHWUD.HILOHUHD.KHVWKHVSH.LILHGVL]HLWLV UHQDPHGWR file.0, WKHQ file.1, file.2 XSWRWKHPD[LPXP QXPEHURIILOHVPLQLPXPVSH.LIL.DWLRQLV

25

Trace Statements and Global Options

control_options control_options VSH.LILHVRSWLRQVWKDW.RQWUROWKHDSSHDUDQ.HRI

WUD.LQJ9DOLGYDOXHVLQ.OXGH

nostamp nostamp VSH.LILHVWKDWDWLPHVWDPSVKRXOGQRWEHSUHSHQGHG

WRDOOWUD.HOLQHV

trace_options except trace_options except trace_options LVXVHGWRHQDEOHDEURDG.ODVVRI

WUD.LQJDQGWKHQGLVDEOHPRUHVSH.LIL.RSWLRQV

SURWR.RORUSHHU

none noneVSH.LILHVWKDWDOOWUD.LQJVKRXOGEHWXUQHGRIIIRUWKLV

26

Configuring GateD

Chapter 1 Section 4
Directive Statements
'LUH.WLYHVWDWHPHQWVSURYLGHGLUH.WLRQWRWKH*DWH'.RQILJXUDWLRQODQ JXDJHSDUVHUDERXWLQ.OXGHGILOHVDQGWKHGLUH.WRULHVLQZKL.KWKHVHILOHV UHVLGH'LUH.WLYHVWDWHPHQWVDUHLPPHGLDWHO\D.WHGXSRQE\WKHSDUVHU 2WKHUVWDWHPHQWVWHUPLQDWHZLWKDVHPL.RORQEXWGLUH.WLYHVWDWHPHQWV WHUPLQDWHZLWKDQHZOLQH7KHWZRGLUH.WLYHVWDWHPHQWVDUH
%directory directory %directory GHILQHVWKHGLUH.WRU\ZKHUHWKHLQ.OXGHGILOHVDUHVWRUHG :KHQ %directory LVXVHG*DWH'ORRNVLQWKHGLUH.WRU\LGHQWLILHGE\WKH

SDWKQDPHIRUDQ\LQ.OXGHGILOHVWKDWGRQRWKDYHDIXOO\TXDOLILHGILOHQDPH LHGRQRWEHJLQZLWK %directory GRHVQRWD.WXDOO\.KDQJHWKH.XU UHQWGLUH.WRU\LWMXVWVSH.LILHVWKHSUHIL[DSSOLHGWRLQ.OXGHGILOHQDPHV

%include filename %includeLGHQWLILHVDQLQ.OXGHILOH7KH.RQWHQWRIWKHILOHLVLQ.OXGHGLQ WKH gated.conf ILOHDWWKHSRLQWLQWKH gated.confILOHZKHUHWKH %includeGLUH.WLYHLVHQ.RXQWHUHG,IWKHILOHQDPHLVQRWIXOO\TXDOLILHG

LHLWGRHVQRWEHJLQZLWKWKHILOHLV.RQVLGHUHGWREHUHODWLYHWRWKH GLUH.WRU\GHILQHGLQWKH %directory GLUH.WLYH7KH %include GLUH.WLYH VWDWHPHQW.DXVHVWKHVSH.LILHGILOHWREHSDUVHG.RPSOHWHO\EHIRUHUHVXP LQJZLWKWKLVILOH1HVWLQJXSWRWHQOHYHOVLVVXSSRUWHG7KHPD[LPXP QHVWLQJOHYHOPD\EHLQ.UHDVHGE\.KDQJLQJWKHGHILQLWLRQRI FI_MAX LQ
parse.h.

,QD.RPSOH[HQYLURQPHQWVHJPHQWLQJDODUJH.RQILJXUDWLRQLQWRVPDOOHU PRUHHDVLO\XQGHUVWRRGVHJPHQWVPLJKWEHKHOSIXO2QHRIWKHJUHDW DGYDQWDJHVRI*DWH'KRZHYHULVWKDWLW.RPELQHVWKH.RQILJXUDWLRQRI VHYHUDOGLIIHUHQWURXWLQJSURWR.ROVLQWRDVLQJOHILOH6HJPHQWLQJDVPDOOILOH XQQH.HVVDULO\.RPSOL.DWHVURXWLQJ.RQILJXUDWLRQV

27

Directive Statements

28

Configuring GateD

Chapter 1 Section 5
Options Statements
2SWLRQVVWDWHPHQWVDOORZVSH.LIL.DWLRQRIVRPHJOREDORSWLRQV,IXVHG RSWLRQVPXVWDSSHDUEHIRUHDQ\RWKHUW\SHRI.RQILJXUDWLRQVWDWHPHQWLQ WKHJDWHG.RQIILOH 7KHRSWLRQVVWDWHPHQWVV\QWD[LV
options [ nosend ] [ noresolv ] [ gendefault [ preference preference] [ gateway optionsgateway] ] [ syslog [ upto ] log_level ] [ mark time ] ;

7KHRSWLRQVOLVW.DQ.RQWDLQRQHRUPRUHRIWKHIROORZLQJRSWLRQV
gendefault [ preference preference ] [ gateway optionsgateway] :KHQD%*3RU(*3QHLJKERULVXS gendefault.DXVHV*DWH'WR.UH DWHDGHIDXOWURXWHZLWKWKHVSH.LDOSURWR.ROGHIDXOWgendefault.DQEH GLVDEOHGSHU%*3(*3JURXSZLWKWKHnongendefaultRSWLRQ%\

GHIDXOWWKLVURXWHKDVDSUHIHUHQ.HRI7KLVURXWHLVQRUPDOO\QRW LQVWDOOHGLQWKHNHUQHOIRUZDUGLQJWDEOHLWLVRQO\SUHVHQWVRLW.DQEH DQQRXQ.HGWRRWKHUSURWR.ROV,IDgatewayLVVSH.LILHGWKHGHIDXOWURXWH ZLOOEHLQVWDOOHGLQWKHNHUQHOIRUZDUGLQJWDEOHZLWKDQH[WKRSRIWKHOLVWHG optionsgateway6HH&KDSWHU6H.WLRQIRUPRUHLQIRUPDWLRQDERXW 3UHIHUHQ.H 1RWH7KHXVHRIWKHPRUHJHQHUDOgenerate default RSWLRQLVSUH IHUUHGWRWKHXVHRIWKLVgendefaultRSWLRQ7KH gendefault RSWLRQKDV EHHQGHSUH.DWHG6HH&KDSWHU6H.WLRQ5RXWH$JJUHJDWLRQIRUPRUH LQIRUPDWLRQRQWKHgenerate VWDWHPHQW
nosend nosend.DXVHV*DWH'WRVHQGQRSD.NHWVnosendPDNHVLWSRVVLEOHWRUXQ

*DWH'RQDOLYHQHWZRUNWRWHVWSURWR.ROLQWHUD.WLRQVZLWKRXWD.WXDOO\SDU WL.LSDWLQJLQWKHURXWLQJSURWR.ROV7KHSD.NHWWUD.HVLQWKH*DWH'ORJ.DQ EHH[DPLQHGWRYHULI\WKDW*DWH'LVIXQ.WLRQLQJSURSHUO\nosendLVPRVW XVHIXOIRU5,3DQGSRVVLEO\WKH608;6103LQWHUID.HnosendGRHVQRW \HWDSSO\WR%*3DQGVKRXOGQRWEHXVHGZLWK(*3DQG263)

noresolv

%\GHIDXOW*DWH'ZLOOWU\WRUHVROYHV\PEROL.QDPHVLQWR,3DGGUHVVHVE\ XVLQJWKH gethostbyname() DQG getnetbyname() OLEUDU\.DOOV7KHVH .DOOVXVXDOO\XVHWKH'RPDLQ1DPH6\VWHP'16LQVWHDGRIWKHKRVW

V

29

Options Statements

OR.DOKRVWDQGQHWZRUNWDEOHV,IWKHUHLVLQVXIIL.LHQWURXWLQJLQIRU PDWLRQWRVHQG'16TXHULHV*DWH'ZLOOGHDGOR.NGXULQJVWDUWXS noresolv .DQEHXVHGWRSUHYHQWWKHVH.DOOV6\PEROL.QDPHVZLOO UHVXOWLQ.RQILJXUDWLRQILOHHUURUV

syslog [ upto ] log_level syslog .RQWUROVWKHDPRXQWRIGDWD*DWH'ORJVYLDV\VORJRQV\V WHPVZKHUH setlogmask()LVVXSSRUWHG7KHDYDLODEOHORJJLQJOHY HOVDQGRWKHUWHUPLQRORJ\DUHDVGHILQHGLQWKHsetlogmask(3) PDQSDJH7KHGHIDXOWLVHTXLYDOHQWWR syslog upto info.

7KHYDOXHVIRUlog_levelDUHKLJKWRORZ 7DEOH9DOXHVIRUlog_level

log_level value emerg (high) alert setlogmask term LOG_EMERG

'HILQLWLRQ DSDQL..RQGLWLRQ D.RQGLWLRQWKDWVKRXOGEH .RUUH.WHGLPPHGLDWHO\VX.K DVD.RUUXSWHGV\VWHPGDWD EDVH .ULWL.DO.RQGLWLRQVHJKDUG GLVNHUURUV HUURUV ZDUQLQJPHVVDJHV .RQGLWLRQVWKDWDUHQRWHUURU .RQGLWLRQVEXWVKRXOGSRVVL EO\EHKDQGOHGLQGLYLGXDOO\ LQIRUPDWLRQDOPHVVDJHV PHVVDJHVWKDW.RQWDLQLQIRU PDWLRQQRUPDOO\RIXVHRQO\ ZKHQGHEXJJLQJDSURJUDP

LOG_ALERT

crit

LOG_CRIT

err warnings notice

LOG_ERR LOG_WARNING LOG_NOTICE

info debug (low)

LOG_INFO LOG_DEBUG

LI*DWH'LVVWLOOUXQQLQJ

mark time mark .DXVHV*DWH'WRRXWSXWDPHVVDJHWRWKHWUD.HORJDWWKH VSH.LILHGLQWHUYDO mark .DQEHXVHGDVRQHPHWKRGRIGHWHUPLQLQJ

30

Configuring GateD

Chapter 1 Section 6
Interface Statement
1.6.0 Interface Syntax 1.6.0.0 Version 3.5 and 4.0
interfaces { options [ strictinterfaces ] [ scaninterval time ] [ aliases-nexthop ( primary | lowestip | keepall ) ]; ; interface interface_list [ preference interfacepreference ] [ down preference downpreference ] [ passive ] [ simplex ] [ reject ] [ blackhole ] [ AS autonomoussystem ] ; define address [ ( broadcast address ) | ( pointtopoint address ) ] [ netmask mask ] [ multicast ] ; };

1.6.0.1 Version 5.1.x, 4.1.x, 1.x 7KLVQHZLQWHUID.HV\QWD[SURYLGHVEHWWHUVXSSRUWIRUDOLDVHVDQGWXQQHOV

interfaces { options [ strictinterfaces ] [ scaninterval time ] [ aliases-nexthop ( primary | lowestip | keepall )]; ; interface interface_list [ preference interfacepreference ] [ down preference downpreference ] [ passive ] [ simplex ] [ reject ] [ blackhole ] [ AS autonomoussystem ] [ alias primary address ] [ aliases-nexthop ( primary | lowestip |

31

Interface Statement

keepall ) ] ; define ( subnet | p2p ) local address [options ] [ broadcast address ] [ remote address ] [ tunnel encapsulation_protocol ] [ netmask address ] [ [ no ]multicast ] [ [ no ]unicast ] ; };

$QLQWHUID.HLVWKH.RQQH.WLRQEHWZHHQDURXWHUDQGRQHRILWV DWWD.KHGQHWZRUNV$SK\VL.DOLQWHUID.HPD\EHVSH.LILHGE\LQWHU ID.HQDPHE\,3DGGUHVVRUE\GRPDLQQDPHXQOHVVWKHQHWZRUNLV DQXQQXPEHUHGSRLQWWRSRLQWQHWZRUN0XOWLSOHOHYHOVRIUHIHU HQ.HLQWKH.RQILJXUDWLRQODQJXDJHDOORZLQWHUID.HVWREHLGHQWLILHG XVLQJZLOG.DUGRULQWHUID.HW\SHQDPH%H.DUHIXOZLWKWKHXVHRI LQWHUID.HQDPHVEH.DXVHIXWXUH81,;RSHUDWLQJV\VWHPVPD\DOORZ PRUHWKDQRQHDGGUHVVSHULQWHUID.H7KH interface_listLVD OLVWRIRQHRUPRUHLQWHUID.HQDPHVLQ.OXGLQJZLOG.DUGQDPHV QDPHVZLWKRXWDQXPEHUDQGQDPHVWKDWPD\VSH.LI\PRUHWKDQ RQHLQWHUID.HRUDGGUHVVRUWKHWRNHQDOOIRUDOOLQWHUID.HV
options options

DOORZV.RQILJXUDWLRQRIVRPHJOREDORSWLRQVUHODWHGWR LQWHUID.HVLQ.OXGLQJ
strictinterfaces strictinterfaces LQGL.DWHVWKDWLWLVDIDWDOHUURUWRUHIHUWR

DQLQWHUID.HLQWKH.RQILJXUDWLRQILOHWKDWLVQRWSUHVHQWZKHQ *DWH'LVVWDUWHGDQGQRWOLVWHGLQDGHILQHVWDWHPHQW:LWKRXW strictinterfacesDZDUQLQJPHVVDJHZLOOEHLVVXHGEXW *DWH'ZLOO.RQWLQXH

scaninterval time scaninterval VSH.LILHVKRZRIWHQ*DWH'V.DQVWKHNHUQHO

LQWHUID.HOLVWIRU.KDQJHV7KHGHIDXOWLVHYHU\VH.RQGVRQ PRVWV\VWHPVDQGVH.RQGVRQV\VWHPVWKDWSDVVLQWHUID.H VWDWXV.KDQJHVWKURXJKWKHURXWLQJVR.NHWHJ%6'1RWH WKDW*DWH'ZLOODOVRV.DQWKHLQWHUID.HOLVWRQUH.HLSWRID SIGUSR2

aliases-nexthop ( primary | lowestip | keepall ) aliases-nexthopVSH.LILHVZKL.KDGGUHVV*DWH'ZLOOLQVWDOO DVWKHQH[WKRSIRULQWHUID.HURXWHV,IprimaryLVXVHGWKH SULPDU\LQWHUID.HDGGUHVVGHIDXOWZLOOEHLQVWDOOHG,IlowestipLVXVHGWKHDGGUHVVZLWKWKHORZHVW,3DGGUHVVZLOOEH LQVWDOOHG,IkeepallLVXVHGDOOLQWHUID.HURXWHVDUHNHSWLQ WKHNHUQHOXSWRDPD[LPXPRIRT_N_MULTIPATHURXWHV

32

Configuring GateD aliases-nexthopLVD.RPSLOHWLPH.RQVWDQWaliasesnexthopLVDJOREDOSDUDPHWHUWKDWPD\EHRYHUULGGHQIRU

LQWHUID.HVXVLQJWKHLQWHUID.HRSWLRQ

interface interface_list interface sets interface options on the specified interfaces. An interface list is all or a list of interface names, domain names, or

numeric addresses. (See1.7.2 for more information about interface lists.) Options available on this statement include:
preference interfacepreference preference VHWVWKHSUHIHUHQ.HIRUURXWHVWRWKLVLQWHUID.H

ZKHQLWLVXSDQGDSSHDUVWREHIXQ.WLRQLQJSURSHUO\7KH GHIDXOWSUHIHUHQ.HLV0(See 1.3 for more information about interface lists.)

down preference downpreference down preference VHWVWKHSUHIHUHQ.HIRUURXWHVWRWKLVLQWHU

ID.HZKHQ*DWH'GRHVQRWEHOLHYHLWWREHIXQ.WLRQLQJSURS HUO\EXWWKHNHUQHOGRHVQRWLQGL.DWHLWLVGRZQ7KHGHIDXOW YDOXHLV120.

passive passive

SUHYHQWV*DWH'IURP.KDQJLQJWKHSUHIHUHQ.HRI WKHURXWHWRWKLVLQWHUID.HLILWLVQRWEHOLHYHGWREHIXQ.WLRQLQJ SURSHUO\GXHWROD.NRIUH.HLYHGURXWLQJLQIRUPDWLRQ*DWH' ZLOORQO\SHUIRUPWKLV.KH.NLIWKHLQWHUID.HLVD.WLYHO\SDUWL.L SDWLQJLQDURXWLQJSURWR.RO GHILQHVDQLQWHUID.HDVXQDEOHWRKHDULWVRZQEURDG .DVWSD.NHWV6RPHV\VWHPVGHILQHDQLQWHUID.HDVVLPSOH[ZLWK WKH IFF_SIMPLEXIODJ2QRWKHUVLWQHHGVWREHVSH.LILHGLQ WKH.RQILJXUDWLRQILOH2QVLPSOH[LQWHUID.HVSD.NHWVIURPWKH LQWHUID.HLWVHOIDUHDVVXPHGWRKDYHEHHQORRSHGED.NLQVRIW ZDUHDQGDUHQRWXVHGDVDQLQGL.DWLRQWKDWWKHLQWHUID.HLV IXQ.WLRQLQJSURSHUO\
reject reject VSH.LILHVWKDWWKHDGGUHVVRIWKHLQWHUID.HWKDWPDW.KHV simplex simplex

WKHVH.ULWHULDZLOOEHXVHGDVWKHOR.DODGGUHVVZKHQLQVWDOOLQJ reject URXWHVLQWKHNHUQHO reject VKRXOGRQO\EHXVHGZLWK V\VWHPVEDVHGRQ %6'7DKRHRUHDUOLHUWKDWKDYHLQVWDOOHGD reject RUblackholeSVHXGRLQWHUID.H

blackhole blackhole

VSH.LILHVWKDWWKHDGGUHVVRIWKHLQWHUID.HWKDW PDW.KHVWKHVH.ULWHULDZLOOEHXVHGDVWKHOR.DODGGUHVVZKHQ LQVWDOOLQJ reject URXWHVLQWKHNHUQHO blackhole VKRXOGRQO\

33

Interface Statement

EHXVHGZLWKV\VWHPVEDVHGRQ %6'7DKRHRUHDUOLHUWKDW KDYHLQVWDOOHGDreject RU blackhole SVHXGRLQWHUID.H

AS autonomoussystem ASVSH.LILHVWKHDXWRQRPRXVV\VWHPWKDWZLOOEHXVHGWR.UHDWHDQ

$6SDWKDVVR.LDWHGZLWKWKHURXWH.UHDWHGIURPWKHGHILQLWLRQRI WKLVLQWHUID.H
alias primary address

*DWH'YHUVLRQV[[[RQO\ alias primary VSH.LILHVDSULPDU\DGGUHVVIRUWKLVLQWHUID.H alias primary RYHUULGHVWKHDGGUHVVWKDW*DWH'GHWHUPLQHVWR EHSULPDU\

aliases-nexthop ( primary | lowestip | keepall )

*DWH'YHUVLRQV[[[RQO\ aliases-nexthop VSH.LILHVZKL.KDGGUHVV*DWH'ZLOOLQVWDOODV WKHQH[WKRSIRUWKHURXWHDVVR.LDWHGZLWKWKLVLQWHUID.H,I primaryLVXVHGWKHSULPDU\LQWHUID.HDGGUHVVGHIDXOWZLOOEH LQVWDOOHG,IlowestipLVXVHGWKHDGGUHVVZLWKWKHORZHVW,3 DGGUHVVZLOOEHLQVWDOOHG,I keepallLVXVHGDOOLQWHUID.HURXWHVZLOO EHNHSWLQWKHNHUQHOXSWRDPD[LPXPRI RT_N_MULTIPATH. aliases-nexthopLVD.RPSLOHWLPH.RQVWDQWaliases-nexthop RYHUULGHVWKHJOREDORSWLRQIRUWKLVLQWHUID.H
define address

*DWH'YHUVLRQVDQGRQO\ define VSH.LILHVLQWHUID.HVWKDWPLJKWQRWEHSUHVHQWZKHQ*DWH' LVVWDUWHGVRWKH.RQILJXUDWLRQILOHPD\UHIHUWRWKHPZKHQ strictinterfaces LVGHILQHG3RVVLEOH define NH\ZRUGVDUH

( broadcast address ) | ( pointtopoint address ) broadcastGHILQHVWKHLQWHUID.HDVEURDG.DVW.DSDEOHHJ

(WKHUQHWRU7RNHQ5LQJDQGVSH.LILHVWKHEURDG.DVWDGGUHVV pointtopoint GHILQHVWKHLQWHUID.HDVDSRLQWWRSRLQWLQWHU ID.HHJ6/,3RU333DQGVSH.LILHVWKHDGGUHVVRQWKHOR.DO VLGH7KHILUVWDGGUHVVRQWKH defineVWDWHPHQWUHIHUVWRWKH DGGUHVVRIWKHKRVWRQWKHUHPRWHHQGRIWKHLQWHUID.HWKH address VSH.LILHGDIWHUWKHpointtopointNH\ZRUGGHILQHV WKHDGGUHVVRQWKHOR.DOVLGHRIWKHLQWHUID.H
netmask mask netmask VSH.LILHVWKHVXEQHWPDVNWREHXVHGRQWKLVLQWHU ID.Hnetmask LVLJQRUHGRQSRLQWWRSRLQWLQWHUID.HV multicast multicast

VSH.LILHVWKDWWKHLQWHUID.HLVPXOWL.DVW.DSDEOH

34

Configuring GateD

define (subnet | p2p) local address [options];

(GateD versions 4.1.x/5.1.x/6.1.x only) define VSH.LILHVLQWHUID.HVWKDWPLJKWQRWEHSUHVHQWZKHQ*DWH' LVVWDUWHGVRWKH.RQILJXUDWLRQILOHPD\UHIHUWRWKHPZKHQ strictinterfaces LVGHILQHG3RVVLEOHdefine NH\ZRUGVDUH
broadcast address broadcast GHILQHVWKHLQWHUID.HDVEURDG.DVW.DSDEOHHJ

(WKHUQHWRU7RNHQ5LQJDQGVSH.LILHVWKHEURDG.DVWDGGUHVV
remote address remote GHILQHVWKHLQWHUID.HDVDUHPRWHDGGUHVVRIDORJL.DO tunnel encapsulation_protocol tunnel GHILQHVWKHHQ.DSVXODWLRQSURWR.ROWRXVHIRUDSRLQW

SRLQWWRSRLQWOLQN

WRSRLQWWXQQHO&XUUHQWO\RQO\,3,3HQ.DSVXODWLRQ>5)&@ LVUH.RJQL]HG,3,3HQ.DSVXODWLRQLVZKDWWKHPXOWL.DVWWXQQHOV VXSSRUWHGE\NHUQHOVXVH5)&LVDYDLODEOHDWXUOKWWS ZZZ.LVRKLRVWDWHHGXKWELQUI.UI.KWPO

netmask address netmask GHILQHVWKHQHWPDVNRIDORJL.DOVXEQHW

H[SOL.LWO\HQDEOHVGLVDEOHVPXOWL.DVWRQWKH LQWHUID.H%\GHIDXOW,3,3WXQQHOVDUHPXOWL.DVWQRXQL.DVW LQWHUID.HV H[SOL.LWO\HQDEOHVGLVDEOHVXQL.DVWURXWLQJRQ WKHLQWHUID.H%\GHIDXOW,3,3WXQQHOVDUHPXOWL.DVWQRXQL.DVW LQWHUID.HV $QLQWHUID.HQRWGHILQHGDVEURDG.DVWRUSRLQWWRSRLQWLVDVVXPHG WREHQRQEURDG.DVWPXOWLD..HVV1%0$VX.KDVDQ;QHW ZRUN 1.6.1 Interface Lists $QLQWHUID.HOLVWLVDOLVWRIUHIHUHQ.HVWRDQLQWHUID.HRUJURXSRI LQWHUID.HV5HIHUWRLQWHUID.HVLQRQHRIWKHIROORZLQJIRXUZD\V OLVWHGIURPPRVWJHQHUDOWRPRVWVSH.LIL.
all allUHIHUVWRDOODYDLODEOHLQWHUID.HV interface name wildcard interface name wildcard [no]unicast [no]unicast

[no]multicast [no]multicast

UHIHUVWRDOOWKHLQWHUID.HVRIWKH VDPHW\SH81,;LQWHUID.HV.RQVLVWRIWKHQDPHRIWKHGHYL.H GULYHUVX.KDVieDQGDXQLWQXPEHUVX.KDV 0, 5 RU 225HIHUHQ.HV WRWKHQDPH.RQWDLQRQO\DOSKDEHWL..KDUD.WHUVDQGPDW.KDQ\LQWHU ID.HVWKDWKDYHWKHVDPHDOSKDEHWL.SDUW)RUH[DPSOH ie RQD6XQ ZRXOGUHIHUWRDOO,QWHUODQ(WKHUQHWLQWHUID.HVle ZRXOGUHIHUWRDOO /DQ.H(WKHUQHWLQWHUID.HV+RZHYHUie ZRXOGQRWPDW.K iel0.
35

Interface Statement

LQWHUID.H7KLVQDPHLVVSH.LILHGDVDQDOSKDEHWL.SDUWIROORZHGE\D QXPHUL.SDUWinterface nameZLOOPDW.KRQHVSH.LIL.LQWHUID.H %HDZDUHWKDWRQPDQ\V\VWHPVPRUHWKDQRQHSURWR.ROLH,3 DGGUHVV.DQEHRQDJLYHQSK\VL.DOLQWHUID.H)RUH[DPSOH ef1 will PDW.KDQLQWHUID.HQDPHG ef1EXWQRWDQLQWHUID.HQDPHGef10. PDW.KHVRQHVSH.LIL.LQWHUID.H7KHUHIHU HQ.H.DQEHE\SURWR.RODGGUHVVIRUH[DPSOH 10.0.0.51RUE\ V\PEROL.KRVWQDPHIRUH[DPSOH nic.ddn.mil). 1RWHWKDWDV\P EROL.KRVWQDPHUHIHUHQ.HLVRQO\YDOLGZKHQLWUHVROYHVWRRQO\RQH DGGUHVV8VHRIV\PEROL.KRVWQDPHVLVQRWUH.RPPHQGHG
interface address interface address

interface name interface name UHIHUVWRDVSH.LIL.LQWHUID.HXVXDOO\RQHSK\VL.DO

,IPDQ\LQWHUID.HOLVWVDUHSUHVHQWLQWKH.RQILJXUDWLRQILOHZLWK PRUHWKDQRQHSDUDPHWHUWKHVHSDUDPHWHUVDUH.ROOH.WHGDWUXQ WLPHWR.UHDWHWKHVSH.LIL.SDUDPHWHUOLVWIRUDJLYHQLQWHUID.H,IWKH VDPHSDUDPHWHULVVSH.LILHGRQPRUHWKDQRQHOLVWWKHSDUDPHWHU ZLWKWKHPRVWVSH.LIL.LQWHUID.HLVXVHG )RUH[DPSOH.RQVLGHUDV\VWHPZLWKWKUHHLQWHUID.HV le0, le1 and du0.
rip yes { interface all noripin noripout ; interface le ripin ; interface le1 ripout ; } ;

5,3SD.NHWVZRXOGRQO\EHD..HSWHGIURPLQWHUID.HVle0 DQGle1 EXWQRWIURP du05,3SD.NHWVZRXOGRQO\EHVHQWRQLQWHUID.H le1. 1.6.2 Example of Define Statements for GateD 3.5/4.0
interfaces { define 192.168.12.5 broadcast 192.168.12.255. netmask 255.255.255.0 ; define 192.168.13.129 netmask 255.255.255.252 broadcast 192.168.13.131; # pointtopoint - is local side, 1st address is remote define 192.168.13.116 pointtopoint 192.168.13.114 multicast; };

7KHILUVWdefine KDVDQ(WKHUQHWZKHUH\RXQHHGWRGHILQHWKH EURDG.DVWDGGUHVVDVD

36

Configuring GateD

7KHVH.RQGdefine VKRZVKRZDPD\EHLPSOHPHQWHGLQWKH define VWDWHPHQW7KHdefine WHOOV*DWH'WRWUHDWWKHLQWHUID.H ZLWKDOR.DODGGUHVVRIDQHWPDVNRI DQGDEURDG.DVWRI 7KHWKLUGdefine VKRZVKRZDSRLQWWRSRLQWLQWHUID.HLVGHILQHG 7KHUHPRWHVLGHRIWKHSRLQWWRSRLQWLQWHUID.HLVJLYHQILUVWDQG WKHOR.DOVLGHWKHRQHRQWKLVPD.KLQHLVJLYHQVH.RQG 1.6.3 Example of Define Statement for GateD 4.2/5.0/6.0
interfaces { define p2p local 198.108.60.89 remote 141.213.10.41 multicast nounicast tunnel ipip; define subnet local 192.168.12.114 netmask 255.255.255.0; define subnet local 192.168.13.129 netmask 255.255.255.248 broadcast 192.168.13.131; define p2p local 192.168.13.114 remote 192.168.13.116; };

7KHILUVW define .RQILJXUHVDPXOWL.DVWRQO\,3LQ,3WXQQHOXVDEOH E\URXWLQJSURWR.ROVIRUWKHPXOWL.DVW5,%6HH&KDSWHU  6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWPXOWL.DVW5,%V1RWHWKDW WKHNH\ZRUGV multicast nounicastKHUHDUHUHGXQGDQWZLWKWKH GHIDXOWVIRU tunnel ipip. ,QID.WWKHVWDQGDUGPXOWL.DVWNHUQHO .DQQRWVXSSRUWDQ\RWKHU.RPELQDWLRQ 7KHVH.RQGdefine WHOOV*DWH'WRWUHDWWKHLQWHUID.HZLWKWKHOR.DO DGGUHVVDVDVXEQHWHYHQLILW
V D.WXDOO\DSRLQWWRSRLQWOLQN7KLVGRHVKRZHYHUUHTXLUHWKDWWKH D.WXDOUHPRWHSRLQWWRSRLQWDGGUHVVIDOOZLWKLQWKH.RQILJXUHGVXE QHWSUHIL[ 7KHWKLUGdefine VKRZVKRZDPD\EHLPSOHPHQWHGLQWKH GHILQHVWDWHPHQW7KH define WHOOV*DWH'WRWUHDWWKHLQWHUID.H ZLWKDOR.DODGGUHVVRIDQHWPDVNRI DQGDEURDG.DVWRI 7KHIRXUWKdefine WHOOV*DWH'WRWUHDWWKHLQWHUID.HZLWKWKHOR.DO DGGUHVVDVDSRLQWWRSRLQWOLQNWR HYHQLILW
VQRWD.WXDOO\DSRLQWWRSRLQWOLQN,ILW
VD.WXDOO\DVXE QHWWKLVUHTXLUHVWKDWWKH.RQILJXUHGUHPRWHSRLQWWRSRLQWDGGUHVV IDOOZLWKLQWKHD.WXDOVXEQHWSUHIL[  1.6.4 IP Interface Addresses and Routes 7KH%6'DQGODWHUQHWZRUNLQJLPSOHPHQWDWLRQVDOORZIRXU W\SHVRILQWHUID.HV6RPHLPSOHPHQWDWLRQVDOORZPXOWLSOHSURWR.RO

37

Interface Statement

DGGUHVVHVSHUSK\VL.DOLQWHUID.H7KHVHLPSOHPHQWDWLRQVDUHPRVWO\ EDVHGRQ%6'5HQRRUODWHU
loopback loopback PXVWKDYHWKHDGGUHVVRI3D.NHWVVHQWWR loopback DUHVHQWED.NWRWKHRULJLQDWRU7KLVLQWHUID.HLVDOVRXVHG reject DQG blackhole URXWHV$OWKRXJKDQHWPDVNLVUHSRUWHGRQ

DVD.DW.KDOOLQWHUID.HIRULPSOHPHQWLQJRWKHUIHDWXUHVVX.KDV

WKLVLQWHUID.HLWLVLJQRUHG$VVLJQDQDGGLWLRQDODGGUHVVWRWKLV LQWHUID.HWKDWLVWKHVDPHDVWKH263)RU%*3routerid WRDOORZ URXWLQJWRDV\VWHPEDVHGRQWKHrouterid WKDWZLOOZRUNLIVRPH LQWHUID.HVDUHGRZQ

broadcast broadcastLVDPXOWLD..HVVLQWHUID.H.DSDEOHRIDSK\VL.DOOHYHO

EURDG.DVWVX.KDV(WKHUQHW7RNHQ5LQJDQG)'',7KLVLQWHUID.H KDVDQDVVR.LDWHGVXEQHWPDVNDQGEURDG.DVWDGGUHVV7KHLQWHUID.H URXWHWRD broadcastQHWZRUNZLOOEHDURXWHWRWKH.RPSOHWHVXE QHW

RIVHULDOOLQN7KLVLQWHUID.HKDVDOR.DODGGUHVVDQGDUHPRWH DGGUHVV$OWKRXJKLWPD\EHSRVVLEOHWRVSH.LI\PXOWLSOHDGGUHVVHV IRUDSRLQWWRSRLQWLQWHUID.HWKHUHGRHVQRWVHHPWREHDXVHIXO UHDVRQIRUGRLQJVR7KHUHPRWHDGGUHVVPXVWEHXQLTXHDPRQJDOO WKHLQWHUID.HDGGUHVVHVRQDJLYHQURXWHU7KHOR.DODGGUHVVPD\EH VKDUHGDPRQJPDQ\SRLQWWRSRLQWDQGXSWRRQHQRQSRLQWWR SRLQWLQWHUID.Hpoint-to-point LVWH.KQL.DOO\DIRUPRIWKHrouterid PHWKRGIRUDGGUHVVOHVVOLQNV7KLVWH.KQLTXH.RQVHUYHVVXE QHWVEH.DXVHQRQHDUHUHTXLUHGZKHQXVLQJWKLVWH.KQLTXH

point-to-point point-to-pointLVDWXQQHOWRDQRWKHUKRVWXVXDOO\RQVRPHVRUW

,IDVXEQHWPDVNLVVSH.LILHGRQDSRLQWWRSRLQWLQWHUID.HLWLVRQO\ XVHGE\5,3YHUVLRQWRGHWHUPLQHZKL.KVXEQHWVPD\EHSURSD JDWHGWRWKHURXWHURQWKHRWKHUVLGHRIWKLVLQWHUID.H

non-broadcast multi-access or nbma nbmaLVPXOWLD..HVVEXWQRW.DSDEOHRIEURDG.DVW$QH[DPSOHRI WKLVZRXOGEHframe relay DQG X.25. 7KLVW\SHRILQWHUID.HKDVD

OR.DODGGUHVVDQGDVXEQHWPDVN

7RLQVXUH.RQVLVWHQ.\*DWH'LQVXUHVWKDWWKHUHLVDURXWHDYDLODEOH WRHD.K,3LQWHUID.HWKDWLV.RQILJXUHGDQGXS1RUPDOO\WKLVLV GRQHE\WKHifconfig .RPPDQGWKDW.RQILJXUHVWKHLQWHUID.H )RUSRLQWWRSRLQWLQWHUID.HV*DWH'LQVWDOOVVRPHVSH.LDOURXWHV,I WKHOR.DODGGUHVVRQRQHRUPRUHSRLQWWRSRLQWLQWHUID.HVLVQRW VKDUHGZLWKDQRQSRLQWWRSRLQWLQWHUID.H*DWH'LQVWDOOVDURXWH WRWKHOR.DODGGUHVVSRLQWLQJDWWKH loopbackLQWHUID.HZLWKDSUHI HUHQ.HRI 110. 7KLVLQVXUHVWKDWSD.NHWVRULJLQDWLQJRQWKLVKRVW GHVWLQHGIRUWKLVOR.DODGGUHVVDUHKDQGOHGOR.DOO\263)SUHIHUVWR
38

Configuring GateD

URXWHSD.NHWVIRUWKHOR.DOLQWHUID.HD.URVVWKHSRLQWWRSRLQWOLQN ZKHUHWKH\ZLOOEHUHWXUQHGE\WKHURXWHURQWKHUHPRWHHQG7KLVLV XVHGWRYHULI\RSHUDWLRQRIWKHOLQN%H.DXVH263)LQVWDOOVURXWHV ZLWKDSUHIHUHQ.HRI10WKHVHURXWHVZLOORYHUULGHWKHURXWH LQVWDOOHGZLWKDSUHIHUHQ.HRI 110. ,IWKHOR.DODGGUHVVRIRQHRUPRUHSRLQWWRSRLQWLQWHUID.HVLV VKDUHGZLWKDQRQSRLQWWRSRLQWLQWHUID.H*DWH'LQVWDOOVDURXWH WRWKHOR.DOZLWKDSUHIHUHQ.HRI0WKDWZLOOQRWEHLQVWDOOHGLQWKH IRUZDUGLQJWDEOH7KLVLVWRSUHYHQWSURWR.ROVOLNH263)IURPURXW LQJSD.NHWVWRWKLVDGGUHVVD.URVVDVHULDOLQWHUID.HZKHQWKLVV\VWHP .RXOGEHIXQ.WLRQLQJDVDKRVW :KHQWKHVWDWXVRIDQLQWHUID.H.KDQJHV*DWH'QRWLILHVDOOWKHSUR WR.ROVZKL.KWDNHWKHDSSURSULDWHD.WLRQ*DWH'DVVXPHVWKDW LQWHUID.HVWKDWDUHQRWPDUNHG83GRQRWH[LVW *DWH'LJQRUHVDQ\LQWHUID.HVWKDWKDYHLQYDOLGGDWDIRUWKHOR.DO UHPRWHRUEURDG.DVWDGGUHVVHVRUWKHVXEQHWPDVN,QYDOLGGDWD LQ.OXGHV]HURVLQDQ\ILHOG*DWH'ZLOODOVRLJQRUHDQ\SRLQWWR SRLQWLQWHUID.HWKDWKDVWKHVDPHOR.DODQGUHPRWHDGGUHVVHV *DWH'DVVXPHVWKDWWKHLQWHUID.HLVLQVRPHVRUWRIORRSED.NWHVW PRGH  8QGHURSHUDWLQJV\VWHPVWKDWVXSSRUWWKH IFF_PRIVATE IODJ *DWH'ZLOOQRWDGYHUWLVHLQWHUID.HVZLWKWKLVIODJVHW+RZHYHU WKHVHLQWHUID.HVZLOOEHLQVWDOOHGLQWKHURXWLQJWDEOH 1.6.5 Interface Aliases for IPv4 1.6.5.0 Aliases Overview *DWH'DOORZVWKHXVHRI,3YDOLDVHVRQLQWHUID.HVPRUHWKDQRQH ORJL.DOLQWHUID.H.DQH[LVWIRUHD.KSK\VL.DOLQWHUID.HRQWKH PD.KLQH7\SL.DOO\\RX.UHDWHWKHVHORJL.DOLQWHUID.HVXVLQJWKH LIconfig(1).RPPDQG7ZRRSWLRQVLQWKHLQWHUID.HV.RPPDQG DIIH.WWKHRSHUDWLRQRI*DWH'ZLWKUHVSH.WWR,3YDOLDVHV 1. options aliases-nh [ keepall | lowestip | primary ] 2. interface interface-name alias primary address
mask

7KH.RQILJXUDWLRQLQIRUPDWLRQLQWKHLQWHUID.HV.RPPDQGGLUH.WO\ DIIH.WVWKHEHKDYLRURIWKHSURWR.ROVZKHQDOLDVHVDUH.RQILJXUHG 1.6.5.1 Using aliases-nh primary (default) :KHQ.RQILJXUHGZLWKaliases-nh primaryZKL.KLVWKHGHIDXOW *DWH'.KRRVHVDSULPDU\DGGUHVVRQHD.K,3YVXEQHWWKDWLV.RQ ILJXUHGRQHD.KLQWHUID.H7KHSULPDU\.KRVHQE\*DWH'LVEDVHG

39

Interface Statement

RQWKHRUGHULQZKL.KWKHDGGUHVVHVDUHUHDGIURPWKHNHUQHO)RU H[DPSOH.RQVLGHUDPD.KLQHZLWKRQHSK\VL.DOLQWHUID.HOHZLWK ILYHORJL.DODGGUHVVHV

le0: flags=1000843 <UP, BROADCAST, RUNNING, MULTICAST, IPv4> mtu 1500 inet 172.16.0.178 netmask ffff0000 broadcast 172.16.255.255 inet 172.16.0.179 netmask ffff0000 broadcast 172.16.255.255 inet 12.1.1.2 netmask ff000000 broadcast 12.255.255.255 inet 12.1.1.1 netmask ff000000 broadcast 12.255.255.255 inet 192.168.10.1 netmask ffffff00 broadcast 192.168.10.255

,QWKLV.DVH*DWH'ZLOOPDUNWKHIROORZLQJLQWHUID.HVDVSULPDU\DG GUHVVHV IRUVXEQHW IRUVXEQHW IRUVXEQHW

7KHIODJVIRUWKHLQWHUID.H.DQEHVHHQLQWKHJLLshow interfaces .RPPDQGLQWKHWUD.HILOHDIWHUDQLQWHUID.HV.DQRULQWKH*DWH' GXPSILOH6HH*DWH',QWHUD.WLYH,QWHUID.H9HUVLRQRQ SDJH RI2SHUDWLQJ*DWH'IRUPRUHLQIRUPDWLRQDERXWJLL :KHQ.RQILJXUHGDVDERYHWKHSURWR.ROVXVHWKHSULPDU\DGGUHVV IRURSHUDWLRQ$WWHPSWLQJWRXVHDORJL.DODGGUHVVWKDWKDVQRWEHHQ PDUNHGDVSULPDU\ZLOOOHDGWRXQGHVLUHGUHVXOWVWR.KDQJHWKHSUL PDU\DGGUHVVHVVHHEHORZ :KHQXVLQJSK\VL.DOLQWHUID.HQDPHZLOG.DUGVLQWKH.RQILJXUD WLRQILOHWKHSURWR.ROVZLOODWWHPSWWRRSHUDWHRQDOOSULPDU\ DGGUHVVHVRQWKDWLQWHUID.H6HHLQWHUID.HQDPHZLOG.DUGRQ SDJH IRUPRUHLQIRUPDWLRQDERXWZLOG.DUGV

40

Configuring GateD

+HUHLVDQH[DPSOH263)VWDWHPHQW
ospf yes { backbone { interface le0 cost 1; } }

:KHQ.RQILJXUHGWKLVZD\263)ZLOOUXQRYHUWKHWKUHHSULPDU\ DGGUHVVHVVKRZQDERYH,QWKH.DVHZKHUHWKHUHDUHQRQHLJKERUV RQVRPHRIWKHLQWHUID.HVVWXEOLQNVZLOOEHDQQRXQ.HG6HH7KH 263)3URWR.RORQSDJH IRUPRUHLQIRUPDWLRQDERXW263) 7RPDUNSULPDU\DGGUHVVHVIRUDVXEQHWLQWKH.RQILJXUDWLRQILOH XVHWKHDOLDVSULPDU\RSWLRQ*DWH'ZLOORQO\DOORZRQHSULPDU\ DGGUHVVWREH.RQILJXUHGIRUHD.KVXEQHWRQWKHLQWHUID.H DWWHPSWLQJWR.RQILJXUHPRUHWKDQRQHZLOOUHVXOWLQDSDUVHUHUURU 1RWHWKDWWKHPDVNPXVWEHVSH.LILHG )RULQWHUID.HURXWHVZKHQDSULPDU\DGGUHVVRSHUDWLRQLV.RQILJ XUHGWKHQH[WKRSIRUGLUH.WVXEQHWVZLOOEHWKHSULPDU\DGGUHVV 1.6.5.2 Using aliases-nh lowestip 9HUVLRQVRI*DWH'SULRUWR[DQGGHIDXOWHGWRXVLQJWKH ORZHVW,3RIDQLQWHUID.HIRUDOOSURWR.RORSHUDWLRQV7KLVIHDWXUH KDVEHHQOHIWLQSOD.HIRU.RPSDWLELOLW\1RWHWKDWDOLDVHVDUHQRW UHDOO\VXSSRUWHGZLWKWKLVRSWLRQWKHRQO\YDOLGORJL.DOLQWHUID.HLV WKHLQWHUID.HZLWKWKHQXPHUL.DOO\ORZHVW,3DGGUHVV :KHQ.RQILJXUHGWRXVHlowestip*DWH'ZLOOLQVWDOOURXWHVWR GLUH.WQHWVZLWKDQH[WKRSRIWKHORZHVW,3DGGUHVVIRUWKDWQHW ZRUN.RQILJXUHGRQWKHPD.KLQH 1.6.5.3 Using aliases-nh keepall keepallLVRQO\VXSSRUWHGRQNHUQHOVWKDW.DQVXSSRUWURXWHVLQ WKHNHUQHOZLWKPRUHWKDQRQHGHVWLQDWLRQ:KHQ.RQILJXUHGZLWK keepall*DWH'ZLOODWWHPSWWRLQVWDOOLQGLYLGXDOURXWHVIRUHD.K ,3YDOLDV 7KH.RPSLOHWLPH.RQVWDQW57B1B08/7,3$7+PXVWEHVHWWRDW OHDVWWZL.HDVKLJKDVWKHPD[LPXPQXPEHURIORJL.DODGGUHVVHVWKH XVHUH[SH.WVWR.RQILJXUHRQDQ\LQWHUID.H)RUH[DPSOHLIQRPRUH WKDQORJL.DODGGUHVVHVZLOOEHXVHGRQDQ\SK\VL.DOLQWHUID.H 57B1B08/7,3$7+PXVWEHVHWWRDWOHDVW
keepallLVQRWUH.RPPHQGHGEH.DXVHLWLQ.UHDVHVWKHDPRXQWRI

PHPRU\UHTXLUHGWRVWRUHDVLQJOHURXWH:LWKDODUJHURXWLQJWDEOH *DWH'.DQ.RQVXPHDOODYDLODEOHPHPRU\UHVRXU.HV

41

Interface Statement

,QSURWR.RORSHUDWLRQkeepallEHKDYHVVLPLODUWRaliases-nh primaryLQWKDWSULPDU\DGGUHVVHVDUH.KRVHQIRUHD.K,3YVXE QHW3ULPDU\DGGUHVVHV.DQEHPDQXDOO\.RQILJXUHG

42

Configuring GateD

Chapter 1 Section 7
Definition Statements
1.7.0 Definition Overview 'HILQLWLRQVWDWHPHQWVDUHJHQHUDO.RQILJXUDWLRQVWDWHPHQWVWKDWUHODWHWRDOO RI*DWH'RUDWOHDVWWRPRUHWKDQRQHSURWR.RO7KHWKUHHGHILQLWLRQVWDWH PHQWVDUHautonomoussystemrouteridDQGmartians,IXVHGautonomoussystemrouteridDQGmartiansPXVWDSSHDUEHIRUHDQ\RWKHU W\SHRI.RQILJXUDWLRQVWDWHPHQWLQgated.confILOH
autonomoussystem autonomous_system [ loops number ] ; autonomoussystemVHWVWKHDXWRQRPRXVV\VWHPQXPEHURIWKLVURXWHUWR EHautonomous_systemautonomoussystemLVUHTXLUHGLI%*3RU(*3

1.7.1 Autonomous System Syntax

LVLQXVH7KH$6QXPEHULVDVVLJQHGE\WKH1HWZRUN,QIRUPDWLRQ&HQWHU 1,&

loopsLVRQO\IRUSURWR.ROVVXSSRUWLQJ$6SDWKVVX.KDV%*3loops.RQ WUROVWKHQXPEHURIWLPHVWKLVDXWRQRPRXVV\VWHPPD\DSSHDULQDQ$6 SDWKDQGGHIDXOWVWR

1.7.2 Router ID Syntax

routerid host ; routeridVHWVWKHURXWHULGHQWLILHUIRUXVHE\WKH%*3DQG263)SURWR

.ROV7KHGHIDXOWLVWKHDGGUHVVRIWKHILUVWLQWHUID.HHQ.RXQWHUHGE\*DWH' 7KHDGGUHVVRIDQRQSRLQWWRSRLQWLQWHUID.HLVSUHIHUUHGRYHUWKHOR.DO DGGUHVVRIDSRLQWWRSRLQWLQWHUID.HDQGDQDGGUHVVRQDORRSED.NLQWHU ID.HWKDWLVQRWWKHORRSED.NDGGUHVVLVPRVWSUHIHUUHG

martians { host host [ allow ] ;

1.7.3 Martian Syntax

network [ allow ] ; network mask mask [ allow ] ; network masklen number [ allow ] ;
default [ allow ] ; } ; martiansDOORZVDGGLWLRQVWRWKHOLVWRIPDUWLDQDGGUHVVHV6HHWKHVH.WLRQ

&KDSWHU6H.WLRQ5RXWH)LOWHULQJIRUPRUHLQIRUPDWLRQRQVSH.LI\LQJ UDQJHV$OVRWKHallowSDUDPHWHUPD\EHVSH.LILHGWRH[SOL.LWO\DOORZD VXEVHWRIDUDQJHWKDWZDVGLVDOORZHG

0DUWLDQVDUHQHWZRUNVWKDWDUH.RQVLGHUHGLOOHJDOWREHURXWHGRQWKHLQWHU QHW5)&VSH.LILHVWKHVHQHWZRUNVWKDWDVSDUWRIWKHSULYDWHLQWHUQHW VSD.H SUHIL[ SUHIL[

43

Definition Statements

SUHIL[ 7KHSUHIL[HVDUH.RQVLGHUHGXQURXWDEOH*DWH'GRHVQRWWUHDWWKHVH DVPDUWLDQDGGUHVVHVEXWWKHPDUWLDQV\QWD[ZLOODOORZ\RXWUHDWSUL YDWHDGGUHVVVSD.HDVLOOHJDO 5)&VSH.LILHV.RPPRQXVDJHIRU,3QXPEHUV7KHGHIDXOWOLVW RIPDUWLDQVDUH 0/8 (0.0.0.0 netmask 255.0.0.0) 5)&VSH.LILHVRQSDJHWKDW^+RVWQXPEHU`.DQRQO\EHXVHGDV DVRXU.HDGGUHVV 127/8 (127.0.0.0 netmask 255.0.0.0) [[[LVVSH.LILHGE\5)&WRORRSED.NDGGUHVVHV5)& SDJHLWHPJVWDWHVWKHVHDGGUHVHVVKRXOGQHYHUDSSHDU RXWVLGHDKRVW$GGUHVVLVQRUPDOO\XVHGDVDORRSED.N DGGUHVV 128.0/16 (128.0.0.0 netmask 255.255.0.0) LVUHVHUYHGIRUIXUWKHUXVH1RUHIHUHQ.HWRWKLVSUHIL[LV PDGHLQ5)&EXW.RPPRQXVDJHKDV.RQVLGHUHGWKLVWREH LOOHJDO 191.255/8 (192.255.0.0 netmask 255.255.0.0) SLVUHVHUYHGIRUIXUWKHUXVH1RUHIHUHQ.HWRWKLVSUHIL[ LVPDGHLQ5)&EXW.RPPRQXVDJHKDV.RQVLGHUHGWKLVWREH LOOHJDO 192.0.0/24 (192.0.0.0 netmask 255.255.255.0) LVUHVHUYHGIRUIXUWKHUXVH1RUHIHUHQ.HWRWKLVSUHIL[ LVPDGHLQ5)&EXW.RPPRQXVDJHKDV.RQVLGHUHGWKLVWREH LOOHJDO 223.255.255/24 (223.255.255.0 netmask 255.255.255.0) LVUHVHUYHGIRUIXUWKHUXVH1RUHIHUHQ.HWRWKLV SUHIL[LVPDGHLQ5)&EXW.RPPRQXVDJHKDV.RQVLGHUHGWKLV WREHLOOHJDO 255.255.240/17 (255.255.240.0 netmask 255.255.240.0) LVWKHXSSHUERXQGRQ&ODVV(DGGUHVV 1.7.4 Sample Definition Statements
options gendefault ;

7KLVoptionsVWDWHPHQWWHOOVWKHV\VWHPWRJHQHUDWHDGHIDXOW URXWHZKHQLWSHHUVZLWKDQ(*3RU%*3QHLJKERU
autonomoussystem 249 ; 7KLVautonomoussystemVWDWHPHQWWHOOV*DWH'WRXVH$6

QXPEHUIRU(*3DQG%*3

44

Configuring GateD

interface 128.66.12.2 passive ; 7KHinterfaceVWDWHPHQWWHOOV*DWH'QRWWRPDUNLQWHUID.H

DVGRZQHYHQLILWVHHVQRWUDIIL.
martians { 0.0.0.26 };

7KLVmartian'sVWDWHPHQWSUHYHQWVURXWHVWRIURP HYHUEHLQJD..HSWHG

45

Definition Statements

46

Configuring GateD

Chapter 1 Section 8
Multiple RIBs
1.8.0 Multiple RIBs Overview *DWH'NHHSVPXOWLSOH5,%V5RXWLQJ,QIRUPDWLRQ%DVHVZLWKD.WLYH URXWHV&XUUHQWO\WZR5,%VDUHDYDLODEOHXQL.DVWDQGPXOWL.DVW%XW RQO\URXWHVLQWKHXQL.DVW5,%JHWLQVWDOOHGLQWKHNHUQHOEH.DXVHWKH 81,;NHUQHOVXSSRUWVRQO\URXWHVLQWKHXQL.DVW5,%7KHPXOWL.DVW5,% LVXVHGE\PXOWL.DVWURXWLQJSURWR.ROVWR.RQVWUX.WPXOWL.DVWWUHHV (D.KURXWHPD\EHD.WLYHLQRQHRUPRUH5,%VVLPXOWDQHRXVO\ 1.8.1 Direct (Interface) Routes 7KHGLUH.WURXWHVIRUHD.KPXOWL.DVW.DSDEOHLQWHUID.HDSSO\WRDUHHOLJL EOHWREH.RPHD.WLYHLQWKH0XOWL.DVW5,%7KHGLUH.WURXWHVIRUHD.K XQL.DVW.DSDEOHLQWHUID.HDSSO\WRWKHXQL.DVW5,%1RDGGLWLRQDO.RQILJX UDWLRQLVQHHGHGWRD.KLHYHWKLV 6WDWL.URXWHV.DQEHWDJJHGZLWKRQHRUPRUH5,%QDPHV%\GHIDXOWD VWDWL.URXWHDSSOLHVRQO\WRWKHXQL.DVW5,%6HH&KDSWHU6H.WLRQIRU PRUHLQIRUPDWLRQDERXW6WDWL.5RXWHV ([DPSOH
static { 10.0.0.0 10.0.1.0 10.0.2.0 10.0.3.0 cast; }; masklen masklen masklen masklen 24 24 24 24 interface interface interface interface le1; le1 unicast; le1 multicast; le1 unicast multi-

1.8.2 Static Routes

7KHILUVWWZRVWDWL.URXWHVDSSO\RQO\WRWKHXQL.DVW5,%7KHWKLUGDSSOLHV RQO\WRWKHPXOWL.DVW5,%DQGWKHODVWDSSOLHVWRERWK 1.8.3 Aggregate Routes 5,%VQHHGQRWEHVSH.LILHGIRUDJJUHJDWHURXWHV6HH&KDSWHU6H.WLRQ IRUPRUHLQIRUPDWLRQDERXW6WDWL.5RXWHV%\GHIDXOWDQDJJUHJDWHDSSOLHV WRDOO5,%VWRZKL.KDQ\.RQWULEXWLQJURXWHDSSOLHV)RUH[DPSOHDQDJJUH JDWHDSSOLHVWRWKHXQL.DVW5,%LIDQGRQO\LIDQ\.RQWULEXWLQJURXWHDSSOLHV WRWKHXQL.DVW5,% ([DPSOH
aggregate 10.0.0.0 masklen 8 { proto static { 10.0.0.0 masklen 8 refines; }; };

47

Multiple RIBs

,IDQ\VWDWL.URXWHLQWKHXQL.DVW5,%PDW.KHVWKHURXWHILOWHUZKL.K WKUHHRIWKHIRXUVWDWL.URXWHVLQWKHSUHYLRXVH[DPSOHGRWKH DJJUHJDWHZLOOH[LVWLQWKHXQL.DVW5,%/LNHZLVHIRUWKHPXOWL.DVW 5,% 5,%OLPLWVPD\KRZHYHUEHVSH.LILHG%\GHIDXOWWKHOLPLWLVDOOULEV LHDOO5,%VWRZKL.KDQ\.RQWULEXWLQJURXWHDSSOLHV7KLVGHIDXOW .DQEHRYHUULGGHQZLWKDPRUHVSH.LIL.OLPLWDVLQWKHH[DPSOH EHORZ
aggregate 10.0.0.0 masklen 8 unicast { proto static { 10.0.0.0 masklen 8 refines; }; };

7KHDERYHDJJUHJDWHDSSOLHVRQO\WRWKHXQL.DVW5,%DQGRQO\LID .RQWULEXWLQJURXWHLVLQWKHXQL.DVW5,%&RQWULEXWLQJURXWHVLQ RWKHU5,%VDUHLJQRUHG 1.8.4 Importing Routes 1RUPDOO\URXWHVIURPXQL.DVWURXWLQJSURWR.ROVDUHRQO\LPSRUWHG LQWRWKHXQL.DVW5,%6HH&KDSWHU6H.WLRQIRUPRUHLQIRUPD WLRQ5RXWHVIURPPXOWL.DVWURXWLQJSURWR.ROVLH'9053DUH RQO\LPSRUWHGLQWRWKHPXOWL.DVW5,%+RZHYHUPDQ\PXOWL.DVW URXWLQJSURWR.ROVHJ3,0603,0'0&%7GRQRWPDLQWDLQ WKHLURZQURXWLQJWDEOHEXWUDWKHUUHO\RQWKHXQL.DVWURXWLQJSUR WR.ROLQVWHDG7RVXSSRUWWKHVHSURWR.ROVXQL.DVWURXWHVPXVWEH LPSRUWHGLQWRWKHPXOWL.DVW5,%,IWKLVLVQRWGRQHRQO\LQWHUID.H URXWHVZLOOEHDYDLODEOHWRWKHVHPXOWL.DVWSURWR.ROV %H.DXVH%*3LVDEOHWRWDJURXWHVDVWRZKL.K5,%VWKH\DSSO\ QRDGGLWLRQDO.RQILJXUDWLRQLVUHTXLUHGIRU%*3URXWHV7KH5,3 DQG5HGLUH.WSURWR.ROVKRZHYHUGRQRWGRWKLV+HQ.H*DWH' PXVWEH.RQILJXUHGWRLPSRUW5,3RU5HGLUH.WURXWHVLQWRWKHPXO WL.DVW5,% 2QHRUPRUH5,%QDPHVPD\EHVSH.LILHGDVIROORZVZKHUHmulticast DQG unicast DSSHDUEHORZ
import proto ( rip | hello | redirect ) [ ( interface interface_list ) | ( gateway gateway_list ) ] [ preference preference ] [ multicast ] [ unicast ] { route_filter [ restrict | ( preference preference ) ] [ multicast ] [ unicast ]; };

,IQR5,%VDUHVSH.LILHGWKHXQL.DVW5,%RQO\LVDVVXPHG

48

Configuring GateD

([DPSOH
import proto rip { 0.0.0.0 masklen 0 refines; 198.0.0.0 masklen 8 refines multicast unicast; };

7KLVH[DPSOHNHHSVWKHQRUPDOEHKDYLRURIDOORZLQJDOO5,3URXWHV LQWKHXQL.DVW5,%EXWDOVRLPSRUWVDOOURXWHVIDOOLQJXQGHU LQWRWKHPXOWL.DVW5,% ([DPSOH

import proto rip { 0.0.0.0 masklen 0 refines multicast unicast; };

7KLVH[DPSOHLPSRUWVDOO5,3URXWHVLQWRWKHPXOWL.DVW5,%DVZHOO DVWKHXVXDOXQL.DVW5,%7KLVZRXOGEHXVHGIRUH[DPSOHLQD 3,060GRPDLQXVLQJ5,3DVWKHXQL.DVWURXWLQJSURWR.RO 7RLPSRUW263)URXWHVLQWRWKHPXOWL.DVW5,%\RX.XUUHQWO\PXVW LPSRUWDOO263)URXWHVDVIROORZV

ospf yes { defaults { ribs unicast multicast; ... }; ... };

<RXPD\QRWLPSRUW263)URXWHVLQWRRQO\WKHPXOWL.DVW5,% $WWHPSWLQJWRGRVRZLOOEHIODJJHGDVD.RQILJXUDWLRQHUURU 1.8.5 gii ,QJLLWKH show ip walkupDQGshow ip walkdown.RPPDQGV KDYHEHHQH[SDQGHGWRDOORZD5,%QDPHDVDQDGGLWLRQDORSWLRQDO DUJXPHQW,IQR5,%LVVSH.LILHGWKHRXWSXW.RYHUVDOO5,%V.RP ELQHG$OVRDQRWKHU.ROXPQKDVEHHQDGGHGWRWKHLURXWSXWWR VKRZWRZKL.K5,%VDURXWHDSSOLHVXIRUXQL.DVWPIRUPXOWL .DVW

49

Multiple RIBs

Example:
GateD> sh ip walkdown 10 100 um Agg 10/8 --IGP (Id 1) 100 u Sta 10/24 192.168.10.89 IGP (Id 1) 100 u Sta 10.0.1/24 192.168.10.89 IGP (Id 1) 100 m Sta 10.0.2/24 192.168.10.89 IGP (Id 1) 100 um Sta 10.0.3/24 192.168.10.89 IGP (Id 1) GateD> sh ip walkdown 10 unicast 100 u Agg 10/8 --- IGP (Id 1) 100 u Sta 10/24 192.168.10.89 IGP (Id 1) 100 u Sta 10.0.1/24 192.168.10.89 IGP (Id 1) 100 u Sta 10.0.3/24 192.168.10.89 IGP (Id 1) GateD> sh ip walkdown 10 m 100 m Agg 10/8 --IGP (Id 1) 100 m Sta 10.0.2/24 192.168.10.89 IGP (Id 1) 100 m Sta 10.0.3/24 192.168.10.89 IGP (Id 1) GateD>

6HH2SHUDWLQJ*DWH'&KDSWHUIRUPRUHLQIRUPDWLRQDERXWJLLWKH *DWH',QWHUD.WLYH,QWHUID.H

50

Configuring GateD

Chapter 1 Section 9
Configuration Initialization and Re-init
1.9.0 Overview 1.9.1 Phase 1 Initialization of Process :KHQ*DWH'LVVWDUWHGRUUHLQLWLDOL]HGZLWKWKH+83VLJQDOLWJRHV WKURXJKWKHIROORZLQJVHULHVRIHYHQWV $WVWDUWXSRUUHLQLWWLPH*DWH'DWWHPSWVWRILQGWKHVWDWHRIWKHNHUQHO URXWLQJWDEOHDQGWKH.RQILJXUDWLRQRIWKHPD.KLQH
VLQWHUID.HV1RWHLQ RUGHUWRGRWKHIRUPHU*DWH'PXVWEHUXQQLQJDVURRW7KHSUR.HVVJRHV WKURXJKWKHIROORZLQJVHTXHQ.H 1.9.1.1 Reading the Kernel Routing Table 7KHUHDGLQJRIWKHNHUQHOURXWLQJWDEOHLVRQO\GRQHRQ.HWRILQGWKHLQLWLDO VWDWHRIWKHWDEOH$IWHULWKDVEHHQUHDG*DWH'OLVWHQVIRU.KDQJHVYLDWKH URXWLQJVR.NHWNPHPRULR.WOLQWHUID.HV:KL.KRQH*DWH'XVHVGHSHQGV RQWKHRSHUDWLQJV\VWHP6HHWKHNHUQHOVWDWHPHQWIRUPRUHLQIRUPDWLRQ 1.9.1.2 Reading the Kernel Interface List $WVWDUWXSDQGUHLQLWWLPHDVZHOODVSHULRGL.DOO\GXULQJRSHUDWLRQ*DWH' ZLOOV.DQWKHOLVWRILQWHUID.HV,WGRHVWKLVXVLQJRQHRIVHYHUDOPHWKRGV GHSHQGLQJRQWKHRSHUDWLQJV\VWHP$Q\WLPHWKHLQWHUID.HOLVWLVV.DQQHG WKHHQWLUHOLVWLVUHDGDQG.KDQJHVDUHUHSRUWHGWRWKHSURWR.ROVLQGLYLGXDOO\ 1.9.2 Phase 2 Initialization of Tasks (D.KWDVNKDVD.DOOED.NKRRNDVVR.LDWHGZLWKLQLWLDOL]DWLRQSUHSDUVHLQL WLDOL]DWLRQDQGSROL.\LQLWLDOL]DWLRQDPRQJDQGLQWHUID.H.KDQJHVRWKHU WKLQJV$WVWDUWXSHD.KSURWR.RO
V.DOOED.NLV.DOOHGLQWKLVRUGHU      
Var_initLQLWLDOL]HYDULDEOHVEHIRUHSDUVLQJ InitLQLWLDOL]HWKHSURWR.ROZLWKSDUVHULQIRUPDWLRQ ReinitLQVWDOOWKHQHZ.RQILJXUDWLRQLQIRUPDWLRQ Interface ChangeQRWLI\WKHSURWR.ROVRIWKHLQWHUID.H.KDQJHV Reinit FinalizeILQDOL]HWKHQHZ.RQILJXUDWLRQ New PolicySDVVWKHURXWHVWKURXJKWKHQHZSROL.\

6RPHSURWR.ROVGHIHULQLWLDOL]DWLRQRISURWR.ROLQWHUID.HVWUX.WXUHVXQWLO WKHILUVW,QWHUID.H&KDQJHQRWLIL.DWLRQDQGDWWKDWWLPHWKH\DUHDGGHGRU GHOHWHGD..RUGLQJWRWKH.RQILJXUDWLRQRIWKHPD.KLQHDQGWKHLQIRUPDWLRQ LQWKH.RQILJILOH6HH,QWHUD.WLRQVZLWK*DWH'IRUPRUHLQIRUPDWLRQDERXW KRZ*DWH'LQWHUD.WVZLWKV\VWHPDGPLQLVWUDWLRQD.WLRQV

51

Configuration Initialization and Re-init

52

Configuring GateD

Chapter 2
Unicast Protocol Statements
2.0 Unicast Protocol Overview $OOURXWLQJSURWR.ROVGHWHUPLQHWKHEHVWURXWHWRHD.KGHVWLQDWLRQDQG GLVWULEXWHURXWLQJLQIRUPDWLRQDPRQJWKHV\VWHPVRQDQHWZRUN8QL.DVW URXWLQJSURWR.ROVDOORZSD.NHWVWREHURXWHGWRRQHGHVWLQDWLRQUDWKHU WKDQWRVHYHUDORUDOOSRVVLEOHGHVWLQDWLRQV 5RXWLQJSURWR.ROVDUHGLYLGHGLQWRWZRJHQHUDOJURXSVLQWUDGRPDLQURXW LQJRULQWHULRUSURWR.ROVDQGLQWHUGRPDLQURXWLQJRUH[WHULRUSURWR.ROV ,QWUDGRPDLQURXWLQJSURWR.ROVURXWHSD.NHWVZLWKLQDQDXWRQRPRXVV\V WHPLQWHUGRPDLQURXWLQJSURWR.ROVURXWHEHWZHHQDXWRQRPRXVV\VWHPV *DWH'VRIWZDUH.RPELQHVPDQDJHPHQWRIWKHLQWUDGRPDLQDQGLQWHU GRPDLQURXWLQJSURWR.ROVLQRQHVRIWZDUHGDHPRQ

53

Unicast Protocol Statements

54

Configuring GateD

Chapter 2 Section 1
Intra-Domain Routing Protocols
2.1.0 Intra-Domain Routing Protocols ,QWUD'RPDLQ5RXWLQJSURWR.ROVRULQWHULRUSURWR.ROVDUHXVHGWR H[.KDQJHUHD.KDELOLW\LQIRUPDWLRQZLWKLQDQDXWRQRPRXVV\VWHP$6 7KH\DUHUHIHUUHGWRDVD.ODVVE\WKHD.URQ\PLJS,QWUDGRPDLQURXWLQJ SURWR.ROVVXSSRUWHGE\*DWH'LQ.OXGH5,3263)DQG,6,6 7KH5RXWLQJ,QIRUPDWLRQ3URWR.RO9HUVLRQ DQG9HUVLRQ LVWKHPRVW .RPPRQO\XVHGLQWHULRUSURWR.RO5,3VHOH.WVWKHURXWHZLWKWKHORZHVW PHWUL.DVWKHEHVWURXWH7KHPHWUL.LVDQDVVLJQHGKRS.RXQWUHSUHVHQWLQJ WKHQXPEHURIJDWHZD\VWKURXJKZKL.KGDWDPXVWSDVVLQRUGHUWRUHD.KLWV GHVWLQDWLRQ7KHORQJHVWSDWKWKDW5,3D..HSWVLV KRSV,IWKHPHWUL.LV JUHDWHUWKDQDGHVWLQDWLRQLV.RQVLGHUHGXQUHD.KDEOHDQG*DWH'GLV .DUGVWKHURXWH5,3DVVXPHVWKDWWKHEHVWURXWHLVWKHRQHWKDWXVHVWKH IHZHVWJDWHZD\VLHWKHVKRUWHVWSDWK5,3GRHVQRWWDNHLQWRD..RXQW .RQJHVWLRQRUGHOD\VRQURXWHV 7KH5,3YHUVLRQ SURWR.ROLVGHV.ULEHGLQ5)&DQGWKH5,3 YHUVLRQ SURWR.ROLVGHV.ULEHGLQ5)&/LQNVWRUHOHYDQW5)&V.DQ EHIRXQGDW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOV.RQILJBJXLGHUHI HUHQ.HVKWPO 2.1.2 OSPF 2SHQ6KRUWHVW3DWK)LUVWLVDOLQNVWDWHSURWR.RO263)LVEHWWHUVXLWHG WKDQ5,3IRU.RPSOH[QHWZRUNVZLWKPDQ\URXWHUV263)SURYLGHVHTXDO .RVWPXOWLSDWKURXWLQJ 263)LVGHV.ULEHGLQ5)&7KH263).RGHLQ*DWH'VXSSRUWV 263)YHUVLRQ VSH.LILHGE\5)&ZKL.KREVROHWHG5)&7KH 263)YHUVLRQ 0,%LVGHILQHGLQ5)&ZKL.KUHSOD.HG5)& 2WKHUUHODWHGGR.XPHQWVDUH5)&5)&DQG5)&/LQNV WRUHOHYDQW5)&V.DQEHIRXQGDW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOV.RQILJBJXLGHUHI HUHQ.HVKWPO 2.1.3 IS-IS ,QWHUPHGLDWH6\VWHPWR,QWHUPHGLDWH6\VWHP,6,6LVDOLQNVWDWHLQWHULRU JDWHZD\SURWR.RO,*3RULJLQDOO\GHYHORSHGIRUURXWLQJ,62&/13 ,QWHUQDWLRQDO2UJDQL]DWLRQIRU6WDQGDUGL]DWLRQ&RQQH.WLRQOHVV1HWZRUN 3URWR.ROSD.NHWV7KHYHUVLRQGLVWULEXWHGZLWK*DWH'.DQURXWH,3SD.N HWVDVZHOO

2.1.1 RIP

55

Intra-Domain Routing Protocols

56

Configuring GateD

Chapter 2 Section 1.1

Routing Information Protocol (RIP)
2.1.1.0 Overview 2QHRIWKHPRVWZLGHO\XVHGLQWHULRUJDWHZD\SURWR.ROVLVWKH5RXWLQJ ,QIRUPDWLRQ3URWR.RO5,35,3LVDQLPSOHPHQWDWLRQRIDGLVWDQ.HYH. WRURU%HOOPDQ)RUGURXWLQJSURWR.ROIRUOR.DOQHWZRUNV5,3.ODVVLILHV URXWHUVDVD.WLYHDQGSDVVLYHVLOHQW$.WLYHURXWHUVDGYHUWLVHWKHLUURXWHV UHD.KDELOLW\LQIRUPDWLRQWRRWKHUVSDVVLYHURXWHUVOLVWHQDQGXSGDWHWKHLU URXWHVEDVHGRQDGYHUWLVHPHQWVEXWGRQRWDGYHUWLVH7\SL.DOO\URXWHUVUXQ 5,3LQD.WLYHPRGHZKLOHKRVWVXVHSDVVLYHPRGH $URXWHUUXQQLQJ5,3LQD.WLYHPRGHVHQGVXSGDWHVDWVHWLQWHUYDOV(D.K XSGDWH.RQWDLQVSDLUHGYDOXHVZKHUHHD.KSDLU.RQVLVWVRIDQ,3QHWZRUN DGGUHVVDQGDQLQWHJHUGLVWDQ.HWRWKDWQHWZRUN5,3XVHVDKRS.RXQWPHW UL.WRPHDVXUHWKHGLVWDQ.HWRDGHVWLQDWLRQ,QWKH5,3PHWUL.DURXWHU DGYHUWLVHVGLUH.WO\.RQQH.WHGQHWZRUNVDWDPHWUL.RIE\GHIDXOW1HW ZRUNVWKDWDUHUHD.KDEOHWKURXJKRQHRWKHUJDWHZD\DUHKRSVHW.7KXV WKHQXPEHURIKRSVRUKRS.RXQWDORQJDSDWKIURPDJLYHQVRXU.HWRD JLYHQGHVWLQDWLRQUHIHUVWRWKHQXPEHURIJDWHZD\VWKDWDGDWDJUDPZRXOG HQ.RXQWHUDORQJWKDWSDWK8VLQJKRS.RXQWVWR.DO.XODWHVKRUWHVWSDWKV GRHVQRWDOZD\VSURGX.HRSWLPDOUHVXOWV)RUH[DPSOHDSDWKZLWKDKRS .RXQWWKDW.URVVHVWKUHH(WKHUQHWVPD\EHVXEVWDQWLDOO\IDVWHUWKDQDSDWK ZLWKDKRS.RXQWWKDW.URVVHVWZRVORZVSHHGVHULDOOLQHV7R.RPSHQVDWH IRUGLIIHUHQ.HVLQWH.KQRORJ\PDQ\URXWHUVDGYHUWLVHDUWLIL.LDOO\KLJKKRS .RXQWVIRUVORZOLQNV $VGHOLYHUHGZLWKPRVW81,;V\VWHPV5,3LVUXQE\WKHURXWLQJGDHPRQ routedSURQRXQ.HGURXWHG$5,3URXWLQJGDHPRQG\QDPL.DOO\ EXLOGVRQLQIRUPDWLRQUH.HLYHGWKURXJK5,3XSGDWHV:KHQVWDUWHGXS 5,3LVVXHVDUHTXHVWIRUURXWLQJLQIRUPDWLRQDQGWKHQOLVWHQVIRUUHVSRQVHV WRWKHUHTXHVW,IDV\VWHP.RQILJXUHGWRVXSSO\5,3KHDUVWKHUHTXHVWLW UHVSRQGVZLWKDUHVSRQVHSD.NHWEDVHGRQLQIRUPDWLRQLQLWVURXWLQJGDWD EDVH7KHUHVSRQVHSD.NHW.RQWDLQVGHVWLQDWLRQQHWZRUNDGGUHVVHVDQGWKH URXWLQJPHWUL.IRUHD.KGHVWLQDWLRQ :KHQD5,3UHVSRQVHSD.NHWLVUH.HLYHGWKHURXWLQJGDHPRQWDNHVWKH LQIRUPDWLRQDQGUHEXLOGVWKHURXWLQJGDWDEDVHDGGLQJQHZURXWHVDQG EHWWHUORZHUPHWUL.URXWHVWRGHVWLQDWLRQVDOUHDG\OLVWHGLQWKHGDWDEDVH 5,3DOVRGHOHWHVURXWHVIURPWKHGDWDEDVHLIWKHQH[WURXWHUWRWKDWGHVWLQD WLRQUHSRUWVWKDWWKHURXWH.RQWDLQVPRUHWKDQKRSVRULIWKHURXWHLV GHOHWHG$OOURXWHVWKURXJKDJDWHZD\DUHGHOHWHGLIQRXSGDWHVDUHUH.HLYHG IURPWKDWJDWHZD\IRUDVSH.LILHGWLPHSHULRG,QJHQHUDOURXWLQJXSGDWHV DUHLVVXHGHYHU\VH.RQGV,QPDQ\LPSOHPHQWDWLRQVLIDJDWHZD\LVQRW KHDUGIURPIRUVH.RQGVDOOURXWHVIURPWKDWJDWHZD\DUHGHOHWHGIURP WKHURXWLQJGDWDEDVH7KLVVH.RQGLQWHUYDODOVRDSSOLHVWRGHOHWLRQRI VSH.LIL.URXWHV

57

Routing Information Protocol (RIP)

5,3YHUVLRQPRUH.RPPRQO\NQRZQDV5,3,,DGGVDGGLWLRQDO .DSDELOLWLHVWR5,36RPHRIWKHVH.DSDELOLWLHVDUH.RPSDWLEOHZLWK 5,3,DQGVRPHDUHQRW7RDYRLGVXSSO\LQJLQIRUPDWLRQWR5,3, URXWHVWKDW.RXOGEHPLVLQWHUSUHWHG5,3,,.DQXVHRQO\QRQ.RP SDWLEOHIHDWXUHVZKHQLWVSD.NHWVDUHPXOWL.DVW2QLQWHUID.HVWKDW DUHQRW.DSDEOHRI,3PXOWL.DVW5,3,.RPSDWLEOHSD.NHWVDUHXVHG WKDWGRQRW.RQWDLQSRWHQWLDOO\.RQIXVLQJLQIRUPDWLRQ 6RPHRIWKHPRVWQRWDEOH5,3,,HQKDQ.HPHQWVDUH 1H[WKRS 1HWZRUNPDVN $XWKHQWL.DWLRQ 5,3WDJILHOG 7KHVHIHDWXUHVLQ5,3,DQG,,DUH.RQWUDVWHGLQWKHIROORZLQJSDUD JUDSKV 1H[WKRS :LWK5,3,,DURXWHU.DQDGYHUWLVHDQH[WKRSRWKHUWKDQLWVHOI 1H[WKRSLVXVHIXOZKHQDGYHUWLVLQJDVWDWL.URXWHWRDGXPE URXWHUWKDWGRHVQRWUXQ5,3EH.DXVHLWDYRLGVKDYLQJSD.NHWV WKDWDUHSDVVHGWKURXJKWKHGXPEURXWHUIURPKDYLQJWR.URVVD QHWZRUNWZL.H%H.DXVH5,3,URXWHUVZLOOLJQRUHQH[WKRS LQIRUPDWLRQLQ5,3,,SD.NHWVSD.NHWVPLJKW.URVVDQHWZRUN WZL.HZKL.KLVH[D.WO\ZKDWKDSSHQVZLWK5,3,6RQH[WKRS LQIRUPDWLRQLVSURYLGHGLQ5,3,.RPSDWLEOH5,3,,SD.NHWV 1HWZRUNPDVN 5,3,DVVXPHVWKDWDOOVXEQHWZRUNVRIDJLYHQQHWZRUNKDYHWKH VDPHQHWZRUNPDVN5,3,XVHVWKLVDVVXPSWLRQWR.DO.XODWHWKH QHWZRUNPDVNVIRUDOOURXWHVUH.HLYHG7KLVDVVXPSWLRQSUH YHQWVVXEQHWVZLWKGLIIHUHQWQHWPDVNVIURPEHLQJLQ.OXGHGLQ 5,3SD.NHWV5,3,,DGGVWKHDELOLW\WRVSH.LI\WKHQHWZRUN PDVNZLWKHD.KQHWZRUNLQDSD.NHW$OWKRXJK5,3,URXWHUV ZLOOLJQRUHWKHQHWZRUNPDVNLQ5,3,,SD.NHWVWKHLU.DO.XODWLRQ RIWKHQHWZRUNPDVNZLOOTXLWHSRVVLEO\EHZURQJ)RUWKLVUHD VRQ5,3,.RPSDWLEOH5,3,,SD.NHWVPXVWQRW.RQWDLQQHW ZRUNVWKDWZRXOGEHPLVLQWHUSUHWHG7KHVHQHWZRUNVPXVWRQO\ EHSURYLGHGLQQDWLYH5,3,,SD.NHWVWKDWDUHPXOWL.DVW 5,3,GHULYHVWKHQHWZRUNPDVNRIUH.HLYHGQHWZRUNVDQGKRVWV IURPWKHQHWZRUNPDVNRIWKHLQWHUID.HYLDZKL.KSD.NHWZDV UH.HLYHG,IDUH.HLYHGQHWZRUNRUKRVWLVRQWKHVDPHQDWXUDO QHWZRUNDVWKHLQWHUID.HRYHUZKL.KLWZDVUH.HLYHGDQGWKDW QHWZRUNLVVXEQHWWHGWKHVSH.LILHGPDVNLVPRUHVSH.LIL.WKDQ WKHQDWXUDOQHWPDVNWKHVXEQHWPDVNLVDSSOLHGWRWKHGHVWLQD WLRQ,IELWVRXWVLGHWKHPDVNDUHVHWLWLVDVVXPHGWREHDKRVW RWKHUZLVHLWLVDVVXPHGWREHDVXEQHW2QSRLQWWRSRLQWLQWHU
58

Configuring GateD

ID.HVWKHQHWPDVNLVDSSOLHGWRWKHUHPRWHDGGUHVV7KHQHW PDVNRQWKHVHLQWHUID.HVLVLJQRUHGLILWPDW.KHVWKHQDWXUDO QHWZRUNRIWKHUHPRWHDGGUHVVRULVDOORQHV8QOLNHSUHYLRXV UHOHDVHVWKH]HURVXEQHWDVXEQHWZRUNWKDWPDW.KHVWKHQDWX UDOQHWZRUNRIWKHLQWHUID.HEXWKDVDPRUHVSH.LIL.RUORQJHU QHWZRUNPDVNLVDGYHUWLVHG,IWKLVLVQRWGHVLUDEOHDURXWHILO WHUPD\EHXVHGWRUHMH.WLW $XWKHQWL.DWLRQ 5,3,,SD.NHWVPD\.RQWDLQRQHRIWZRW\SHVRIDXWKHQWL.DWLRQ VWULQJVWKDWPD\EHXVHGWRYHULI\WKHYDOLGLW\RIWKHVXSSOLHG URXWLQJGDWD$XWKHQWL.DWLRQPD\EHXVHGLQ5,3,.RPSDWLEOH 5,3,,SD.NHWVEXWEHDZDUHWKDW5,3,URXWHUVZLOOLJQRUHWKHVH SD.NHWVXQOHVVnocheckzero LVVHOH.WHG7KHILUVWPHWKRGLVD VLPSOHSDVVZRUGLQZKL.KDQDXWKHQWL.DWLRQNH\RIXSWR .KDUD.WHUVLVLQ.OXGHGLQWKHSD.NHW,IWKLVGRHVQRWPDW.KZKDW LVH[SH.WHGWKHSD.NHWZLOOEHGLV.DUGHG7KLVPHWKRGSURYLGHV YHU\OLWWOHVH.XULW\EH.DXVHLWLVSRVVLEOHWROHDUQWKHDXWKHQWL.D WLRQNH\E\ZDW.KLQJ5,3SD.NHWV 7KHVH.RQGPHWKRGXVHVWKH0'DOJRULWKPWR.UHDWHD .U\SWR.KH.NVXPRID5,3SD.NHWDQGDQDXWKHQWL.DWLRQNH\RI XSWR.KDUD.WHUV7KHWUDQVPLWWHGSD.NHWGRHVQRW.RQWDLQ WKHDXWKHQWL.DWLRQNH\LWVHOILQVWHDGLW.RQWDLQVD.U\SWR.KH.N VXP.DOOHGWKHGLJHVW7KHUH.HLYLQJURXWHUZLOOSHUIRUPD .DO.XODWLRQXVLQJWKH.RUUH.WDXWKHQWL.DWLRQNH\DQGGLV.DUGWKH SD.NHWLIWKHGLJHVWGRHVQRWPDW.K,QDGGLWLRQDVHTXHQ.H QXPEHULVPDLQWDLQHGWRSUHYHQWWKHUHSOD\RIROGHUSD.NHWV 7KLVPHWKRGSURYLGHVDPX.KVWURQJHUDVVXUDQ.HWKDWURXWLQJ GDWDRULJLQDWHGIURPDURXWHUZLWKDYDOLGDXWKHQWL.DWLRQNH\ 7ZRDXWKHQWL.DWLRQPHWKRGV.DQEHVSH.LILHGSHULQWHUID.H 3D.NHWVDUHDOZD\VVHQWXVLQJWKHSULPDU\PHWKRGEXWUH.HLYHG SD.NHWVDUH.KH.NHGZLWKERWKWKHSULPDU\DQGVH.RQGDU\ PHWKRGVEHIRUHEHLQJGLV.DUGHG,QDGGLWLRQDVHSDUDWHDXWKHQ WL.DWLRQNH\LVXVHGIRUQRQURXWHUTXHULHV 5,3WDJILHOG 5,3WDJVDUHQRWVXSSRUWHGE\WKLVLPSOHPHQWDWLRQ7KH5,3 WDJVSDVVHGE\WKH5,3SURWR.RODUH.RSLHGLQWR*DWH' rt_entry VWUX.WXUHLQWRWKH rt_tag field RIWKHURXWHHQWU\ 7KLVLPSOHPHQWDWLRQGRHVGRHVQRWVHQG5,3WDJVEXWUDWKHU ]HURVWKHWDJILHOG 2.1.1.1 RIP Syntax
rip ( on | off ) [ { broadcast | nobroadcast ; nocheckzero ;

59

Routing Information Protocol (RIP)

preference preference ; defaultmetric metric ; query authentication [none | simple password | md5 password ) ] ; interface interface_list [ noripin ] | [ ripin ] [ noripout ] | [ ripout ] [ metricin metric ] [ metricout metric ] [ version 1 ]|[ version 2 [ multicast | broadcast ] ] [ [ secondary ] authentication [ none | simple auth_key | md5 md5-key ] ] ; trustedgateways gateway_list ; sourcegateways gateway_list ; traceoptions trace_options ; } ] ; rip

7KHripVWDWHPHQWHQDEOHVRUGLVDEOHV5,3,IWKHripVWDWHPHQWLV QRWVSH.LILHGWKHGHIDXOWLVrip on ; 1RWH7KHIROORZLQJ.RQILJXUDWLRQILOHZLOOQRWSDUVH

rip ;

<RXPXVWLQ.OXGHDWOHDVWon RU yesIRUWKH.RQILJXUDWLRQILOHWR SDUVH.RUUH.WO\ 5,3RSWLRQVDUHDVIROORZV

broadcast | nobroadcast broadcast

VSH.LILHVWKDW5,3SD.NHWVZLOOEHEURDG.DVWUHJDUG OHVVRIWKHQXPEHURILQWHUID.HVSUHVHQW7KLVLVXVHIXOZKHQ SURSDJDWLQJVWDWL.URXWHVRUURXWHVOHDUQHGIURPDQRWKHUSURWR .ROLQWR5,3,QVRPH.DVHVWKHXVHRI broadcast ZKHQRQO\ RQHQHWZRUNLQWHUID.HLVSUHVHQW.DQ.DXVHGDWDSD.NHWVWR WUDYHUVHDVLQJOHQHWZRUNWZL.Hnobroadcast VSH.LILHVWKDW 5,3SD.NHWVZLOOQRWEHEURDG.DVWRQDWWD.KHGLQWHUID.HVHYHQLI WKHUHDUHPRUHWKDQRQH,IDsourcegateways .ODXVHLV SUHVHQWURXWHVZLOOVWLOOEHXQL.DVWGLUH.WO\WRWKDWJDWHZD\5,3 GHIDXOWVWRnobroadcastZKHQWKHUHLVRQO\RQHLQWHUID.HDQG broadcastZKHQWKHUHLVPRUHWKDQRQH

60

Configuring GateD

nocheckzero nocheckzero

VSH.LILHVWKDW5,3VKRXOGQRW.KH.NIRU]HUR ILOOHGUHVHUYHGILHOGVLQLQ.RPLQJYHUVLRQ5,3SD.NHWV1RU PDOO\5,3ZLOOUHMH.WSD.NHWVZKHUHWKHUHVHUYHGILHOGVDUHQRQ ]HUR VSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP 5,3.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQD URXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYH URXWHZLOOEHVHOH.WHGIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHU HQ.H(D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ 5,3
VGHIDXOWLVpreference PD\EHXVHGWR.KDQJHWKH GHIDXOWYDOXHIRU5,3preference PD\EHRYHULGGHQE\D preference YDOXHVSH.LILHGLQLPSRUWSROL.\
preference

preference preference

defaultmetric metric

GHILQHVWKHPHWUL.XVHGZKHQDGYHUWLVLQJ URXWHVYLD5,3WKDWZHUHOHDUQHGIURPRWKHUSURWR.ROV defaultmetricGHIDXOWVWRLIQRWVSH.LILHGdefaultmetric PD\EHRYHUULGGHQE\DPHWUL.VSH.LILHGLQH[SRUWSROL.\ defaultmetricZLOOQRWDSSO\WRWKHIROORZLQJURXWHV

defaultmetric

DJJUHJDWHVZKL.KDOZD\VKDYHDPHWUL.RI GLUH.WURXWHVWKDWDUHQRWSRLQWWRSRLQWZKL.KDOZD\VKDYH DPHWUL.RI URXWHVRQSRLQWWRSRLQWOLQNVZKL.KDOZD\VKDYHDPHWUL. RI URXWHVZLWKDORRSED.NLQWHUID.HDVWKHJDWHZD\ZKL.K DOZD\VKDYHDPHWUL.RILQILQLW\
query authentication [ none | simple password | md5 password ] ; query authentication VSH.LILHVWKHDXWKHQWL.DWLRQUHTXLUHG RIrip poll TXHU\SD.NHWVWKDWRULJLQDWHIURPWKHULSTXHU\

WRRO7KHDXWKHQWL.DWLRQLVVSH.LILHGE\RQHWRHLJKWGH.LPDO GLJLWVZLWKDYDOXHEHWZHHQDQGVHSDUDWHGE\SHULRGVD RQHWRHLJKWE\WHKH[DGH.LPDOVWULQJSUH.HGHGE\[RUDRQH WRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV7KHWKUHHDXWKHQWL.D WLRQV.KHPHVDYDLODEOHDUHnone, simple DQG md5 DXWKHQWL.D WLRQ.
none

:KHQQRDXWKHQWL.DWLRQLVUHTXLUHGXVHDXWKHQWL.DWLRQW\SH none.

61

Routing Information Protocol (RIP)

simple

:KHQ\RXZLVKWRNHHS.HUWDLQURXWHUVIURPH[.KDQJLQJ5,3 SD.NHWVXVHWKHsimple IRUPRIDXWKHQWL.DWLRQ

md5

:KHQ\RXGRQRWWUXVWRWKHUXVHUVRI\RXUQHWZRUNXVH0' DXWKHQWL.DWLRQ7KHV\VWHPZRUNVE\XVLQJVKDUHGVH.UHWNH\V %H.DXVHWKHNH\VDUHXVHGWRVLJQWKHSD.NHWVZLWKDQ0' .KH.NVXPWKH\.DQQRWEHIRUJHGRUWDPSHUHGZLWK%H.DXVH WKHNH\VDUHQRWLQ.OXGHGLQWKHSD.NHWVQRRSLQJWKHNH\LVQRW SRVVLEOH8VHUVRIWKHQHWZRUN.DQVWLOOVQRRSWKH.RQWHQWVRI SD.NHWVKRZHYHUEH.DXVHWKHSD.NHWVDUHQRWHQ.U\SWHG7KH IROORZLQJH[DPSOHVKRZVKRZWRXVHPGHQ.U\SWLRQ

query authentication md5 password

ZKHUH password is:

key your-key id id-number [ { [ start-generate date-time ; ] [ stop-generate date-time ; ]

[ start-accept date-time ; ] [ stop-accept date-time ; ] } ] ;

ZKHUHid-number LVDQLQWHJHUZLWKDYDOXHEHWZHHQDQG DQG date-timeLVLQWKHIRUPDW<<<<00'' ++00,IDQ\WLPHILHOGVDUHXVHGDOODUHUHTXLUHG,IQR YDOXHLVJLYHQIRUWKHWLPHUDQJHVWKHGHIDXOWYDOXHVDUH NH\LVDOZD\VJHQHUDWHG NH\LVDOZD\VD..HSWHG

7KXVLI\RXDOZD\VZDQW\RXUNH\WREHD..HSWHGVLPSO\VSH. LI\DVHTXHQ.HVX.KDV
query authentication md5 key "mikeyone" id 1;

7RVSH.LI\PXOWLSOH0'NH\VDGGWKHIROORZLQJWRWKHDSSUR SULDWH5,3VWDWHPHQWV
query authentication md5 { password password . . . password } ;

62

Configuring GateD

ZKHUH password LVDVVSH.LILHGDERYH

interface interface_list interface

.RQWUROVYDULRXVDWWULEXWHVRIVHQGLQJ5,3RQVSH .LIL.LQWHUID.HV6HH6H.WLRQRQLQWHUID.HOLVWVSH.LIL.DWLRQIRU WKHGHV.ULSWLRQRIWKHinterface_list.

1RWH,IWKHUHDUHPXOWLSOHLQWHUID.HV.RQILJXUHGRQWKHVDPH VXEQHW5,3XSGDWHVZLOORQO\EHVHQWIURPWKHILUVWRQHIRU ZKL.K5,3RXWSXWLV.RQILJXUHG7KLVOLPLWDWLRQLVUHTXLUHG EH.DXVHRIWKHZD\WKH81,;NHUQHORSHUDWHV 1RWH$OWKRXJKLWLVSRVVLEOHWRVSH.LI\DORRSED.NLQWHUID.HRU ORRSED.NDGGUHVVLQDQLQWHUID.HVWDWHPHQW5,3ZLOOQRWQRU PDOO\VHQGSD.NHWVWRDORRSED.N7RRYHUULGHWKLVEHKDYLRUXVH Dsourcegateways clause with the loopback address included in the gateway_list. 7KHSRVVLEOHSDUDPHWHUVIRUinterface include:
noripin | ripin noripin VSH.LILHVWKDW5,3SD.NHWVUH.HLYHGYLDWKHVSH.LILHG LQWHUID.HZLOOEHLJQRUHGripinLVWKHGHIDXOWripin VSH.LILHV WKDW5,3SD.NHWVRQDOOQRQORRSED.NLQWHUID.HVZLOOEHOLV WHQHGWR6SH.LI\LQJripin PD\EHQH.HVVDU\ZKHQ noripinLV XVHGRQDZLOG.DUGLQWHUID.HGHV.ULSWRU noripout_ripout noripout

VSH.LILHVWKDWQR5,3SD.NHWVZLOOEHVHQWRQWKH VSH.LILHGLQWHUID.HV7KHGHIDXOWLVWRVHQG5,3RQDOOEURDG .DVWDQGQRQEURDG.DVWLQWHUID.HVZKHQLQ broadcastPRGH 7RVHQG5,3RQSRLQWWRSRLQWLQWHUID.HVPDQXDOO\.RQILJXUH ripoutripoutLVWKHGHIDXOWEXW\RXPXVWVSH.LI\ ripout WRVHQG5,3RQSRLQWWRSRLQWLQWHUID.HVDQGZKHQ noripin LVXVHGRQDZLOG.DUGLQWHUID.HGHV.ULSWRU
metricin metric

VSH.LILHVWKH5,3metric WRDGGWRLQ.RPLQJ URXWHVEHIRUHWKH\DUHLQVWDOOHGLQWKHURXWLQJWDEOH7KH GHIDXOWLVWKHNHUQHOLQWHUID.HPHWUL.SOXVZKL.KLVWKH GHIDXOW5,3KRS.RXQW,ImetricinLVVSH.LILHGLWZLOOEH XVHGDVWKHDEVROXWHYDOXHDQGWKHNHUQHOPHWUL.ZLOOQRWEH DGGHGmetricin LVXVHGWRPDNHWKLVURXWHUSUHIHU5,3 URXWHVIURPRWKHULQWHUID.HVRYHU5,3URXWHVOHDUQHGYLDWKH VSH.LILHGLQWHUID.HV
metricin

63

Routing Information Protocol (RIP)

metricout metric metricout VSH.LILHVWKH5,3PHWUL.WREHDGGHGWRURXWHVWKDW DUHVHQWYLDWKHVSH.LILHGLQWHUID.HV7KHGHIDXOWLV]HUR metricoutLVXVHGWRPDNHRWKHUURXWHUVSUHIHURWKHUVRXU.HVRI

5,3URXWHVRYHUWKLVURXWHU

version 1 | [ version 2 [ multicast | broadcast ]@

VSH.LILHVWKDWWKH5,3SD.NHWVVHQWRQWKHVSH.L ILHGLQWHUID.HVZLOOEHYHUVLRQSD.NHWV version 1 LVWKH GHIDXOWversion 2 VSH.LILHVWKDW5,3YHUVLRQSD.NHWVZLOO EHVHQWRQWKHVSH.LILHGLQWHUID.HVV,I,3PXOWL.DVWVXSSRUWLV DYDLODEOHRQWKHVSH.LILHGLQWHUID.HVWKHGHIDXOWLVWRVHQGIXOO YHUVLRQSD.NHWV,IPXOWL.DVWVXSSRUWLVQRWDYDLODEOHYHUVLRQ .RPSDWLEOHYHUVLRQSD.NHWVZLOOEHVHQWmulticast VSH.L ILHVWKDW5,3YHUVLRQSD.NHWVVKRXOGEHPXOWL.DVWRQWKLV LQWHUID.HmulticastLVWKHGHIDXOWLIYHUVLRQLVVSH.LILHG broadcast VSH.LILHVWKDW5,3.RPSDWLEOH5,3YHUVLRQ SD.NHWVVKRXOGEHEURDG.DVWRQWKLVLQWHUID.HHYHQLI,3PXOWL .DVWLVDYDLODEOH
version 1 [ secondary ] authentication [ none | simple auth_key | md5 md5-key ] authentication LVXVHGE\5,3WRJHQHUDWHDQGYHULI\WKH DXWKHQWL.DWLRQILHOGLQWKH5,3KHDGHUauthentication LV VSH.LILHGE\RQHWRHLJKWGH.LPDOGLJLWVZLWKDYDOXHEHWZHHQ DQGVHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WHKH[DGH.L PDOVWULQJSUH.HGHGE\[RUDRQHWRHLJKW.KDUD.WHUVWULQJLQ GRXEOHTXRWHV

%\GHILQLWLRQDOO5,3SURWR.ROTXHULHVDUHDXWKHQWL.DWHGKRZ HYHURQHPHWKRGRIDXWKHQWL.DWLRQLVnone.$XWKHQWL.DWLRQ .DQKHOSWRJXDUDQWHHWKDWURXWLQJLQIRUPDWLRQLVRQO\ LPSRUWHGIURPWUXVWHGURXWHUV$YDULHW\RIDXWKHQWL.DWLRQ V.KHPHV.DQEHXVHGEXWDVLQJOHV.KHPHPXVWEH.RQILJXUHG IRUHD.KLQWHUID.H7KHXVHRIGLIIHUHQWV.KHPHVHQDEOHVVRPH LQWHUID.HVWRXVHPX.KVWUL.WHUDXWKHQWL.DWLRQWKDQRWKHUV7KH WKUHHDXWKHQWL.DWLRQV.KHPHVDYDLODEOHDUHnone simple DQG md5 DXWKHQWL.DWLRQ.
none

:KHQQRDXWKHQWL.DWLRQLVUHTXLUHGXVHDXWKHQWL.DWLRQW\SH none. 7RXVHDXWKHQWL.DWLRQW\SHnone, DGGWKHIROORZLQJOLQHV WRWKHDSSURSULDWH5,3LQWHUID.HVWDWHPHQWV

[ secondary ] authentication none ;

64

Configuring GateD

simple

:KHQ\RXZLVKWRNHHS.HUWDLQURXWHUVIURPH[.KDQJLQJ5,3 SD.NHWVXVHWKHsimple IRUPRIDXWKHQWL.DWLRQ7KHLQWHU ID.HVWKDWWKHSD.NHWVDUHWREHVHQWRQVWLOOQHHGWREHWUXVWHG EH.DXVHWKHNH\ZLOOEHSOD.HGLQWKHSD.NHWVDQG.DQEHVHHQ E\DQ\RQHZLWKD..HVVWRWKHQHWZRUN7RVSH.LI\DXWKHQWL.D WLRQW\SH simpleDGGWKHIROORZLQJOLQHVWR\RXU5,3LQWHU ID.HVWDWHPHQWV

[ secondary ] authentication simple password ; md5

:KHQ\RXGRQRWWUXVWRWKHUXVHUVRI\RXUQHWZRUNXVH0' DXWKHQWL.DWLRQ7KHV\VWHPZRUNVE\XVLQJVKDUHGVH.UHWNH\V %H.DXVHWKHNH\VDUHXVHGWRVLJQWKHSD.NHWVZLWKDQ0' .KH.NVXPWKH\.DQQRWEHIRUJHGRUWDPSHUHGZLWK%H.DXVH WKHNH\VDUHQRWLQ.OXGHGLQWKHSD.NHWVQRRSLQJWKHNH\LVQRW SRVVLEOH8VHUVRIWKHQHWZRUN.DQVWLOOVQRRSWKH.RQWHQWVRI SD.NHWVKRZHYHUEH.DXVHWKHSD.NHWVDUHQRWHQ.U\SWHG *DWH'XVHVWKH0'DOJRULWKPDQGDQDXWKHQWL.DWLRQNH\RI XSWR.KDUD.WHUVZLWKPXOWLSOH0'NH\VSHULQWHUID.H (D.KNH\KDVWZRDVVR.LDWHGWLPHUDQJHV7RVSH.LI\DVLQJOH 0'NH\RQDQLQWHUID.HDGGWKHIROORZLQJWRWKHDSSURSULDWH 5,3LQWHUID.HVWDWHPHQWV
[ secondary ] authentication md5 password

ZKHUH password is:

key your-key id id-number [ { [ start-generate date-time ; ] [ stop-generate date-time ; ]

[ start-accept date-time ; ] [ stop-accept date-time ; ] } ] ;

ZKHUHid-numberLVDQLQWHJHUZLWKDYDOXHEHWZHHQDQG DQGdate-timeLVLQWKHIRUPDW<<<<00'' ++00,IDQ\WLPHILHOGVDUHXVHGDOODUHUHTXLUHG,IQR YDOXHLVJLYHQIRUWKHWLPHUDQJHVWKHGHIDXOWYDOXHVDUH NH\LVDOZD\VJHQHUDWHG NH\LVDOZD\VD..HSWHG 7KXVLI\RXDOZD\VZDQW\RXUNH\WREHD..HSWHGVSH.LI\D VHTXHQ.HVX.KDV
[ secondary ] authentication md5 key "mikeyone"

65

Routing Information Protocol (RIP)

id 1;

7RVSH.LI\PXOWLSOH0'NH\VRQDQLQWHUID.HDGGWKHIROORZ LQJWRWKHDSSURSULDWH5,3LQWHUID.HVWDWHPHQWV
[ secondary ] authentication md5 { password password . . . password } ;

ZKHUH passwordLVDVVSH.LILHGDERYH )RUH[DPSOHWZRURXWHUVPD\VWDUWRXWJHQHUDWLQJNH\DQG ZDQWWRVZLW.KWRNH\DW*07,QRUGHUWRPDNHWKH WUDQVLWLRQEHWZHHQNH\VHDVLHUWKHURXWHUVDJUHHWRVWRSJHQHU DWLQJNH\DW*07EXWD..HSWNH\XQWLO*07.H\ LVD..HSWHGPLQXWHVEHIRUHWKHSODQQHGVZLW.KWLPHLH *077KHVHRYHUODSSLQJUDQJHVDOORZWKH.OR.NVRQWKH URXWHUVWREHVOLJKWO\RXWRIV\Q.7KLVVHTXHQ.HRINH\VZRXOG EHVSH.LILHGE\
[ secondary ] authentication md5 { key "mikeyone" id 1 { stop-generate 1999/05/01 06:00 ; stop-accept 1999/05/01 06:10; }; key "mikeytwo" id 2 { start-generate 1999/05/01 06:00; start-accept 1999/05/01 05:50; }; }; trustedgateways gateway_list trustedgatewaysGHILQHVWKHOLVWRIJDWHZD\VIURPZKL.K5,3 ZLOOD..HSWXSGDWHV7KHgateway_listLVDOLVWRIKRVWQDPHV

RU,3DGGUHVVHV%\GHIDXOWDOOURXWHUVRQWKHVKDUHGQHWZRUN DUHWUXVWHGWRVXSSO\URXWLQJLQIRUPDWLRQ%XWLIWKH trustedgateways .ODXVHLVVSH.LILHGRQO\XSGDWHVIURPWKHJDWH ZD\VLQWKHOLVWDUHD..HSWHG

sourcegateways gateway_list

GHILQHVDOLVWRIURXWHUVWRZKL.K5,3VHQGV SD.NHWVGLUH.WO\QRWWKURXJK multicast or broadcast. sourcegateways.DQEHXVHGWRVHQGGLIIHUHQWURXWLQJLQIRU PDWLRQWRVSH.LIL.JDWHZD\V8SGDWHVWRJDWHZD\VLQWKLVOLVWDUH QRWDIIH.WHGE\ noripoutRQWKHLQWHUID.H

sourcegateways

66

Configuring GateD

traceoptions trace_options traceoptionsVSH.LILHVWKHWUD.LQJRSWLRQVIRU5,36HH

7UD.H6WDWHPHQWVDQGWKH5,3VSH.LIL.WUD.LQJRSWLRQVEHORZ 2.1.1.2 RIP Tracing Options

7KH policy RSWLRQORJVLQIRUPDWLRQZKHQHYHUDQHZURXWHLV DQQRXQ.HGRUWKHPHWUL.EHLQJDQQRXQ.HG.KDQJHVRUDURXWHJRHV RUOHDYHVKROGGRZQ3D.NHWWUD.LQJRSWLRQVZKL.KPD\EHPRGLILHG ZLWK detail, send RU recvLQ.OXGH
packets

7UD.HDOO5,3SD.NHWV
request

7UD.H5,3LQIRUPDWLRQUHTXHVWSD.NHWVVX.KDVUHTXHVWSROO DQGSROOHQWU\
response

7UD.H5,3UHVSRQVHSD.NHWVZKL.KDUHWKHW\SHRISD.NHWWKDW D.WXDOO\.RQWDLQVURXWLQJLQIRUPDWLRQ
other

7UD.HDQ\RWKHUW\SHRISD.NHW7KHRQO\YDOLGRQHVDUH WUD.HBRQDQGWUD.HBRIIERWKRIZKL.KDUHLJQRUHG. ([DPSOHVRI5,3WUD.LQJRSWLRQV

traceoptions none; traceoptions /var/tmp/rip_peer1 detail packets; traceoptions receive request; traceoptions send response;

67

Routing Information Protocol (RIP)

68

Configuring GateD

Chapter 2 Section 1.2

The OSPF Protocol
2.1.2.0 OSPF Overview 2SHQ6KRUWHVW3DWK)LUVW5RXWLQJ263)LVDVKRUWHVWSDWKILUVWRUOLQN VWDWHSURWR.RO263)LVDQLQWHULRUJDWHZD\SURWR.ROWKDWGLVWULEXWHVURXW LQJLQIRUPDWLRQEHWZHHQURXWHUVLQDVLQJOHDXWRQRPRXVV\VWHP263) .KRRVHVWKHOHDVW.RVWSDWKDVWKHEHVWSDWK263)LVVXLWDEOHIRU.RPSOH[ QHWZRUNVZLWKDODUJHQXPEHURIURXWHUVEH.DXVHLWSURYLGHVHTXDO.RVW PXOWLSDWKURXWLQJZKHUHSD.NHWVWRDVLQJOHGHVWLQDWLRQ.DQEHVHQWYLD PRUHWKDQRQHLQWHUID.HVLPXOWDQHRXVO\ ,QDOLQNVWDWHSURWR.ROHD.KURXWHUPDLQWDLQVDGDWDEDVHGHV.ULELQJWKH HQWLUH$6WRSRORJ\ZKL.KLWEXLOGVRXWRIWKH.ROOH.WHGOLQNVWDWHDGYHUWLVH PHQWVRIDOOURXWHUV(D.KSDUWL.LSDWLQJURXWHUGLVWULEXWHVLWVOR.DOVWDWHLH WKHURXWHU
VXVDEOHLQWHUID.HVDQGUHD.KDEOHQHLJKERUVWKURXJKRXWWKH$6 E\IORRGLQJ(D.KPXOWLD..HVVQHWZRUNWKDWKDVDWOHDVWWZRDWWD.KHGURXW HUVKDVDGHVLJQDWHGURXWHUDQGDED.NXSGHVLJQDWHGURXWHU7KHGHVLJQDWHG URXWHUIORRGVDOLQNVWDWHDGYHUWLVHPHQWIRUWKHPXOWLD..HVVQHWZRUNDQG KDVRWKHUVSH.LDOUHVSRQVLELOLWLHV7KHGHVLJQDWHGURXWHU.RQ.HSWUHGX.HV WKHQXPEHURIDGMD.HQ.LHVUHTXLUHGRQDPXOWLD..HVVQHWZRUN 263)DOORZVQHWZRUNVWREHJURXSHGLQWRDUHDV5RXWLQJLQIRUPDWLRQ SDVVHGEHWZHHQDUHDVLVDEVWUD.WHGSRWHQWLDOO\DOORZLQJDVLJQLIL.DQWUHGX. WLRQLQURXWLQJWUDIIL.263)XVHVIRXUGLIIHUHQWW\SHVRIURXWHVOLVWHGLQ RUGHURISUHIHUHQ.HLQWUDDUHDLQWHUDUHDW\SH$6(DQGW\SH$6( ,QWUDDUHDSDWKVKDYHGHVWLQDWLRQVZLWKLQWKHVDPHDUHD,QWHUDUHDSDWKV KDYHGHVWLQDWLRQVLQRWKHU263)DUHDV%RWKW\SHVRI$XWRQRPRXV6\VWHP ([WHUQDO$6(URXWHVDUHURXWHVWRGHVWLQDWLRQVH[WHUQDOWR263)DQG XVXDOO\H[WHUQDOWRWKH$XWRQRPRXV6\VWHP5RXWHVH[SRUWHGLQWR263) $6(DVW\SH$6(URXWHVDUHVXSSRVHGWREHIURPLQWHULRUJDWHZD\SURWR .ROVHJ5,3ZKRVHH[WHUQDOPHWUL.VDUHGLUH.WO\.RPSDUDEOHWR263) PHWUL.V:KHQDURXWLQJGH.LVLRQLVEHLQJPDGH263)ZLOODGGWKHLQWHUQDO .RVWWRWKH$6ERUGHUURXWHUWRWKHH[WHUQDOPHWUL.7\SH$6(VDUHXVHG IRUH[WHULRUJDWHZD\SURWR.ROVZKRVHPHWUL.VDUHQRW.RPSDUDEOHWR263) PHWUL.V,QWKLV.DVHRQO\WKHLQWHUQDO263).RVWWRWKH$6ERUGHUURXWHULV XVHGLQWKHURXWLQJGH.LVLRQ )URPWKHWRSRORJ\GDWDEDVHHD.KURXWHU.RQVWUX.WVDWUHHRIWKHVKRUWHVW SDWKVZLWKLWVHOIDVWKHURRW7KLVVKRUWHVWSDWKWUHHJLYHVWKHURXWHWRHD.K GHVWLQDWLRQLQWKH$6([WHUQDOO\GHULYHGURXWLQJLQIRUPDWLRQDSSHDUVRQ WKHWUHHDVOHDYHV7KHOLQNVWDWHDGYHUWLVHPHQWIRUPDWGLVWLQJXLVKHV EHWZHHQLQIRUPDWLRQD.TXLUHGIURPH[WHUQDOVRXU.HVDQGLQIRUPDWLRQ D.TXLUHGIURPLQWHUQDOURXWHUVVRWKHUHLVQRDPELJXLW\DERXWWKHVRXU.H RUUHOLDELOLW\RIURXWHV([WHUQDOO\GHULYHGURXWLQJLQIRUPDWLRQIRUH[DP SOHURXWHVOHDUQHGIURP(*3RU%*3LVSDVVHGWUDQVSDUHQWO\WKURXJKWKH DXWRQRPRXVV\VWHPDQGLVNHSWVHSDUDWHIURP263)
VLQWHUQDOO\GHULYHG

69

Open Shortest Path First Protocol (OSPF)

GDWD(D.KH[WHUQDOURXWH.DQDOVREHWDJJHGE\WKHDGYHUWLVLQJURXWHU HQDEOLQJDSDVVLQJRIDGGLWLRQDOLQIRUPDWLRQEHWZHHQURXWHUVRQWKHERU GHUVRIWKHDXWRQRPRXVV\VWHP 263)RSWLRQDOO\LQ.OXGHV7\SHRI6HUYL.H726URXWLQJDQGDOORZV DGPLQLVWUDWRUVWRLQVWDOOPXOWLSOHURXWHVWRDJLYHQGHVWLQDWLRQIRUHD.K W\SHRIVHUYL.HHJORZGHOD\RUKLJKWKURXJKSXW$URXWHUUXQQLQJ 263)XVHVWKHGHVWLQDWLRQDGGUHVVDQGWKHW\SHRIVHUYL.HWR.KRRVHWKH EHVWURXWHWRWKHGHVWLQDWLRQ 263)LQWUDDQGLQWHUDUHDURXWHVDUHDOZD\VLPSRUWHGLQWRWKH*DWH' URXWLQJGDWDEDVHZLWKDSUHIHUHQ.HRI,WZRXOGEHDYLRODWLRQRIWKH SURWR.ROLIDQ263)URXWHUGLGQRWSDUWL.LSDWHIXOO\LQWKHDUHD
V263)VR LWLVQRWSRVVLEOHWRRYHUULGHWKLV$OWKRXJKLWLVSRVVLEOHWRJLYHRWKHU URXWHVORZHUSUHIHUHQ.HYDOXHVH[SOL.LWO\GRLQJVRZRXOGYLRODWHWKH 263)SURWR.RODQG.RXOGOHDGWRLQ.RUUH.WURXWLQJ7KHUHIRUH\RX.DQ QRWVSH.LI\LPSRUWRUH[SRUWSROL.\IRU263)\RXPD\RQO\VSH.LI\ H[SRUWSROL.\IRU263)$6( +DUGZDUHPXOWL.DVW.DSDELOLWLHVDUHDOVRXVHGZKHUHSRVVLEOHWRGHOLYHU OLQNVWDWXVPHVVDJHV263)DUHDVDUH.RQQH.WHGE\WKHED.NERQHDUHDWKH DUHDZLWKLGHQWLILHU$OODUHDVPXVWEHORJL.DOO\.RQWLJXRXVDQGWKH ED.NERQHLVQRH[.HSWLRQ7RSHUPLWPD[LPXPIOH[LELOLW\263)DOORZV WKH.RQILJXUDWLRQRIYLUWXDOOLQNVZKL.KHQDEOHVWKHED.NERQHDUHDWR DSSHDU.RQWLJXRXVGHVSLWHWKHSK\VL.DOUHDOLW\ $OOURXWHUVLQDQDUHDPXVWDJUHHRQWKDWDUHD
VSDUDPHWHUV%H.DXVHDVHS DUDWH.RS\RIWKHOLQNVWDWHDOJRULWKPLVUXQIRUHD.KDUHDPRVW.RQILJXUD WLRQSDUDPHWHUVDUHGHILQHGRQDSHUDUHDEDVLV$OOURXWHUVEHORQJLQJWR DQDUHDPXVWDJUHHRQWKDWDUHD
V.RQILJXUDWLRQ0LV.RQILJXUDWLRQZLOO NHHSQHLJKERUVIURPIRUPLQJDGMD.HQ.LHVEHWZHHQWKHPVHOYHVDQGURXW LQJLQIRUPDWLRQPLJKWQRWIORZRU.RXOGORRS *DWH'.DQUXQRYHUDYDULHW\RISK\VL.DO.RQQH.WLRQVVHULDO.RQQH.WLRQV /$1LQWHUID.HV$70RU)'',7KH263).RQILJXUDWLRQVXSSRUWVWKUHH GLIIHUHQWW\SHVRI.RQQH.WLRQVLQWKHLQWHUID.H.ODXVHV /$1DQGSRLQWWRSRLQW $QH[DPSOHRID/$1LQWHUID.HLVDQ(WKHUQHWRUD)'',LQWHUID.H$ SRLQWWRSRLQWLQWHUID.H.DQEHDVHULDOOLQHXVLQJSSS*DWH'ZLOOXVHD 0XOWL.DVW,3DGGUHVVHVRQ/$1LQWHUID.HVWRUHD.K263)URXWHUV 1RQ%URDG.DVW0XOWLSOH$..HVV $70ZLWKYLUWXDO.LU.XLWVLVDQH[DPSOHRID1RQ%URDG.DVW0XOWLSOH $..HVVPHGLXP%H.DXVHWKHUHLVQRJHQHUDOPXOWL.DVWLQDOO$70GHYL.HV HD.KURXWHUPXVWEHOLVWHGVRWKDW*DWH'.DQSROOHD.KURXWHU*DWH'ZLOO XQL.DVWWKHSD.NHWVWRWKHURXWHUVLQWKH1%0$QHWZRUN

70

Configuring GateD

3RLQWWR0XOWLSRLQWQHZ263)RQO\ 3RLQWWR0XOWLSRLQW.RQQH.WLYLW\LVXVHGZKHQWKHQHWZRUNGRHVQRWSUR YLGHIXOO.RQQH.WLYLW\WRDOOURXWHUVLQWKHQHWZRUN-XVWDVRQWKH1%0$ IRUPDW\RXPXVWSURYLGHDOLVWRIURXWHUVWKDWWKH*DWH'GHDPRQZLOO TXHU\DV263)SHHUV *DWH'LQ.OXGHVWZRYHUVLRQVRI263)WKHRULJLQDOYHUVLRQRVSIRUROG RVSIDQGDQHZO\UHZULWWHQYHUVLRQQHZRVSI:KHQEXLOGLQJ*DWH' \RX.DQVHOH.WHLWKHURUERWK:KHQEXLOGLQJROG263)LVUHIHUUHGWRDV ospf DQGQHZRVSILVUHIHUUHGWRDV ospf2. ,QWKHUXQWLPH.RQILJXUDWLRQ ILOH ospf .RQILJXUHVWKHRVSIWKDWZDVEXLOWZLWK*DWH',IERWKYHUVLRQV ZHUHEXLOWLQWR*DWH' ospf ZLOOVHOH.WROGRVSI)XUWKHUPRUH\RX.DQ DOZD\VVHOH.WROGRVSIZLWK old-ospfRUVHOH.WQHZRVSIZLWKnew-ospf. 7KLVEHKDYLRULVVXPPDUL]HGLQWKHWDEOHEHORZ 'H.LVLRQ7DEOHIRUospf %XLOWZLWK RVSI
ospf

%XLOWZLWK RVSI VHOH.WV

new_ospf

%XLOWZLWK ERWK VHOH.WV

old_ospf

VHOH.WV
old_ospf

old_ospf

VHOH.WV
old_ospf

SDUVHHUURUV VHOH.WV
new_ospf

VHOH.WV
old_ospf

new_ospf

SDUVHHUURUV

VHOH.WV
new_ospf

2.1.2.1 Notes on New OSPF

1HZ263)VRXU.Hnew_ospf*.[ch]LVDUHSOD.HPHQWIRUWKHRULJLQDO

ROG
263).RGHVRXU.Hospf_*.[ch] 1HZ263) LV5)&.RPSOLDQWWKHRULJQDO263)LVPRVWO\.RPSOLDQW .DQUH.RQILJXUHZLWKRXWUHVWDUWLQJWKHSURWR.RO UXQVIDVWHUWKDQWKHRULJLQDO263) LV.OHDQHUVPDOOHUDQGKDVDOHVV.RPSOH[LPSOHPHQWDWLRQWKDQWKH RULJLQDO263)

1HZ263)SDVVHVDOO263)WHVWVLQWKH0HULW*DWH'7HVWLQJ7RRONLW *$77DQGWKH536263)WHVWV ,I\RXDUHXVLQJWKHQHZDXWR.RQIV\VWHPLQ[LHrunning ./configure ospf2LVWKHGHIDXOWSURWR.RO,I\RXDUHXVLQJWKHROGHU.RQILJ XUDWLRQILOHV\VWHPLQ[VSH.LI\ ospf2LQWKHSURWR.ROOLQH

71

Open Shortest Path First Protocol (OSPF)

2.1.2.2 Old OSPF

2.1.2.2.1 Old OSPF Syntax

ospf | old-ospf on | off [ { defaults { preference defasepref ; cost defasecost ; tag [ as ] tagvalue ; type 1 | 2 ; inherit-metric ; } ; exportlimit routes ; exportinterval time ; traceoptions trace_options ; syslog [first pktcnt][ every every_pktcnt ]; monitorauthkey key-value; area areanumber | backbone { stub [ cost stub_default_cost] ; networks { network [ restrict ] ; network mask mask [ restrict ] ; network masklen number [ restrict ] ; host host [ restrict ] ; } ; stubhosts { host cost hostcost ; } ; interface interface_list; [ cost ifcost ] [ { enable | disable ; retransmitinterval iftime ; transitdelay iftime ; priority ifpriority ; hellointerval iftime ; routerdeadinterval iftime ; passive ; auth [none | simple auth_key | md5 ospf_md5_key] ; secondary [none | simple | md5] auth_key; } ] ; interface interface_list nonbroadcast [ cost ifnbcost ] [ { pollinterval ifnbtime ; routers { gateway [ eligible ] ; } ; retransmitinterval ifnbtime ; transitdelay ifnbtime ; priority ifnbpriority ; hellointerval ifnbtime ; routerdeadinterval ifnbtime ;

72

Configuring GateD

passive ; auth [none | simple auth_key | md5 ospf_md5_key] ; secondary [none | simple | md5] auth_key; } ] ; } ] ; Backbone only: virtuallink neighborid router_id transitarea area { retransmitinterval vltime ; transitdelay vltime ; priority vlpriority ; hellointerval vltime ; routerdeadinterval vltime ; passive ; auth [none | simple auth_key | md5 ospf_md5_key] ; secondary [none | simple | md5] auth_key; } ; ospf | old-ospf

7KHospfVWDWHPHQWHQDEOHVRUGLVDEOHV263)%\GHIDXOW263)LVGLV DEOHG
defaults

7KHVHSDUDPHWHUVVSH.LI\WKHGHIDXOWVXVHGZKHQLPSRUWLQJ263) $XWRQRPRXV6\VWHP([WHUQDO$6(URXWHVLQWRWKH*DWH'URXWLQJ WDEOHDQGH[SRUWLQJURXWHVIURPWKH*DWH'URXWLQJWDEOHLQWR263) $6(V

preference defasepref preferenceVSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURPWKH

263)$6(.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQD URXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYHURXWH ZLOOEHVHOH.WHGIURPIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHUHQ.H (D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ7KHGHIDXOW IRU263)LV

cost defasecost costLVXVHGZKHQH[SRUWLQJDQRQ263)URXWHIURPWKH*DWH' URXWLQJWDEOHLQWR263)DVDQ$6(7KHGHIDXOWYDOXHLVcostPD\ tag [ as ] tagvalue

EHH[SOL.LWO\RYHUULGGHQLQH[SRUWSROL.\

263)$6(URXWHVKDYHDELWWDJILHOGWKDWLVQRWXVHGE\WKH263) SURWR.ROEXWPD\EHXVHGE\H[SRUWSROL.\WRILOWHUURXWHV:KHQ 263)LVLQWHUD.WLQJZLWKDQ(*3WKHWDJILHOGPD\EHXVHGWRSURSD JDWH$6SDWKLQIRUPDWLRQLQZKL.K.DVHWKHas NH\ZRUGLVVSH.LILHG DQGWKHWDJLVOLPLWHGWRELWVRILQIRUPDWLRQ,IQRWVSH.LILHGWKH

73

Open Shortest Path First Protocol (OSPF)

WDJLVVHWWR
type 1 | 2

5RXWHVH[SRUWHGIURPWKH*DWH'URXWLQJWDEOHLQWR263)GHIDXOWWR EH.RPLQJW\SH$6(V7KLVGHIDXOWPD\EHH[SOL.LWO\.KDQJHGKHUH DQGRYHUULGGHQLQH[SRUWSROL.\

inherit-metric inherit-metric DOORZVDQ263)$6(URXWHWRLQKHULWWKHPHWUL.RI

WKHH[WHUQDOURXWHZKHQQRPHWUL.LVVSH.LILHGRQWKHH[SRUW7KLV RSWLRQPDLQWDLQV.RPSDWLELOLW\ZLWKDOOWKH.XUUHQWH[SRUWIXQ.WLRQV $PHWUL.VSH.LILHGRQWKHH[SRUWZLOOWDNHSUH.HGHQ.H 7KH.RVWVSH.LILHGLQWKHGHIDXOWZLOOEHXVHGLILQKHULWPHWUL.LVQRW VSH.LILHG

$6(H[SRUWUDWH%H.DXVHRIWKHQDWXUHRI263)WKHUDWHDWZKL.K $6(VDUHIORRGHGPD\QHHGWREHOLPLWHG7KHIROORZLQJWZRSDUDPHWHUV .DQEHXVHGWRDGMXVWWKRVHUDWHOLPLWV1RWH7KHVHNH\ZRUGV.XUUHQWO\ SDUVHLQQHZ263)WRPDLQWDLQ.RQILJ.RPSDWLELOLW\KRZHYHUWKH\DUH RQO\LPSOHPHQWHGLQROG263)

exportlimit routes exportlimitVSH.LILHVKRZPDQ\$6(VZLOOEHJHQHUDWHGDQG

IORRGHGLQHD.KEDW.K7KHGHIDXOWLV
exportinterval time

exportintervalVSH.LILHVKRZRIWHQDEDW.KRI$6(OLQNVWDWH DGYHUWLVHPHQWVZLOOEHJHQHUDWHGDQGIORRGHGLQWR263)7KH GHIDXOWLVWLPHSHUVH.RQG. traceoptions trace_options traceoptions VSH.LILHVWKHWUD.LQJRSWLRQVIRU263)6HH 6H.WLRQ 7UD.H6WDWHPHQWVDQGWKH263)VSH.LIL.WUD.LQJRSWLRQV syslog

[ first pktcnt ] [ every every_pktcnt ]

VSH.LILHVWKHWUD.LQJRSWLRQVIRUORJJLQJ263)SD.NHWV7KH ORJZLOO.RQWDLQWKHILUVWpckcnt SD.NHWVIRUHYHU\W\SHRI263) SD.NHW$IWHUWKHILUVW pckcntSD.NHWVWKHV\VORJZLOORQO\VDYHRQH PHVVDJHSHUHYHU\every_pktcntSD.NHWV

syslog monitorauthkey key-value

7KH263)VWDWHPD\EHTXHULHGXVLQJWKHRVSIBPRQLWRUXWLOLW\7KH RVSIBPRQLWRUXWLOLW\VHQGVQRQVWDQGDUG263)SD.NHWVWKDWJHQHUDWH DWH[WUHVSRQVHIURP263)%\GHIDXOWWKHVHUHTXHVWVDUHQRWDXWKHQ WL.DWHG,IDQDXWKHQWL.DWLRQNH\LV.RQILJXUHGWKHLQ.RPLQJUHTXHVWV PXVWPDW.KWKHVSH.LILHGDXWKHQWL.DWLRQNH\1R263)VWDWHPD\EH .KDQJHGE\WKHVHSD.NHWVEXWWKHD.WRITXHU\LQJ263).DQXVHV\V WHPUHVRXU.HVkey-valueLVVSH.LILHGE\RQHWRHLJKWGH.LPDOGLJLWV

74

Configuring GateD

VHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WHKH[DGH.LPDOVWULQJSUH.HGHG E\[RUDRQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV
area areanumber | backbone

(D.K263)URXWHUPXVWEH.RQILJXUHGLQWRDWOHDVWRQH263) DUHD. ,I PRUHWKDQRQHDUHDLV.RQILJXUHGDWOHDVWRQHPXVWEHWKHED.NERQH 7KHED.NERQHPD\RQO\EH.RQILJXUHGXVLQJWKH backbone NH\ZRUG ,WPD\QRWEHVSH.LILHGDVDUHD7KHED.NERQHLQWHUID.HPD\EHD YLUWXDOOLQN

stub

[ cost stub_default_cost ]

$ stubDUHDLVRQHLQZKL.KWKHUHDUHQR$6(URXWHV(D.KURXWHULQ WKHDUHDPXVWVSH.LI\WKDWWKHDUHDLVDVWXERUDGMD.HQ.LHVZLOOQRW IRUP,ID costLVVSH.LILHGWKLVLVXVHGWRLQMH.WDGHIDXOWURXWHLQWR WKHDUHDZLWKWKHVSH.LILHG.RVWRULJLQDWLQJIURPWKLVURXWHUcost VKRXOGRQO\EHVSH.LILHGRQDQ$UHD%RUGHU5RXWHU$%5,WLVSRVVL EOHWRXVHstub RQPXOWLSOH$%5VDQGJLYHWKHPGLIIHUHQW .RVWV
networks

7KH networks OLVWGHV.ULEHVWKHV.RSHRIDQDUHD,QWUDDUHD/6$V WKDWIDOOZLWKLQWKHVSH.LILHGUDQJHVDUHQRWDGYHUWLVHGLQWRRWKHUDUHDV DVLQWHUDUHDURXWHV,QVWHDGWKHVSH.LILHGUDQJHVDUHDGYHUWLVHGDV VXPPDU\QHWZRUN/6$V,I restrict LVVSH.LILHGWKHVXPPDU\QHW ZRUN/6$VDUHQRWDGYHUWLVHG,QWUDDUHD/6$VWKDWGRQRWIDOOLQWR DQ\UDQJHDUHDOVRDGYHUWLVHGDVVXPPDU\QHWZRUN/6$V7KLVRSWLRQ LVYHU\XVHIXORQZHOOGHVLJQHGQHWZRUNVLQUHGX.LQJWKHDPRXQWRI URXWLQJLQIRUPDWLRQSURSDJDWHGEHWZHHQDUHDV7KHHQWULHVLQWKLVOLVW DUHHLWKHUQHWZRUNVRUVXEQHWZRUNPDVNSDLUV6HH6H.WLRQRQ URXWHILOWHULQJIRUPRUHGHWDLODERXWVSH.LI\LQJUDQJHV
stubhosts

7KHstubhostsOLVWVSH.LILHVGLUH.WO\DWWD.KHGKRVWVWKDWVKRXOGEH DGYHUWLVHGDVUHD.KDEOHIURPWKLVURXWHUDQGWKH.RVWVZLWKZKL.KWKH\ VKRXOGEHDGYHUWLVHG2QO\SRLQWWRSRLQWOLQNVDQGDOLDVHVRQWKH ORRSED.N.DQEHDGYHUWLVHGXVLQJstubhosts. 3RLQWWRSRLQWLQWHU ID.HVRQZKL.KLWLVQRWGHVLUDEOHWRUXQ263)VKRXOGEHVSH.LILHG KHUH,WLVDOVRXVHIXOWRDVVLJQDQDGGLWLRQDODGGUHVVWRWKHORRSED.N LQWHUID.HRQHQRWRQWKHQHWZRUNDQGDGYHUWLVHLWDVDVWXEKRVW ,IWKLVDGGUHVVLVWKHVDPHRQHXVHGDVWKHURXWHULGLWHQDEOHVURXWLQJ WR263)URXWHUVE\URXWHULGLQVWHDGRIE\LQWHUID.HDGGUHVV5RXWLQJ E\URXWHULGLVPRUHUHOLDEOHWKDQURXWLQJWRRQHRIWKHURXWHU
VLQWHU ID.HDGGUHVVHVZKL.KPD\QRWDOZD\VEHUHD.KDEOH
interface interface_list [ cost ifcost ]

7KLVIRUPRIWKHLQWHUID.H.ODXVHLVXVHGWR.RQILJXUHDEURDG.DVW ZKL.KUHTXLUHV,3PXOWL.DVWVXSSRUWRUDSRLQWWRSRLQWLQWHUID.H 6HHWKH6H.WLRQRQLQWHUID.HOLVWVSH.LIL.DWLRQIRUWKHGHV.ULSWLRQRI WKHinterface_list. (D.KLQWHUID.HKDVDcost7KH.RVWVRIDOO

75

Open Shortest Path First Protocol (OSPF)

LQWHUID.HVWKDWDSD.NHWPXVW.URVVWRUHD.KDGHVWLQDWLRQDUHVXPPHG WRJHWWKH.RVWWRWKDWGHVWLQDWLRQ7KHGHIDXOWifcostLVEXW DQRWKHUQRQ]HURYDOXHPD\EHVSH.LILHG

enable | disable

(QDEOHRUGLVDEOHWKHLQWHUID.H
retransmitinterval iftime

VHWVWKHQXPEHURIVH.RQGVEHWZHHQOLQN VWDWHDGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHVEHORQJLQJWR WKLVLQWHUID.H

retransmitinterval transitdelay iftime transitdelayVHWVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWR WUDQVPLWDOLQNVWDWHXSGDWHRYHUWKLVLQWHUID.Htransitdelay

WDNHVLQWRD..RXQWWUDQVPLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVW EHJUHDWHUWKDQ
priority ifpriority

LW\IRUEH.RPLQJWKHGHVLJQDWHGURXWHU:KHQPRUHWKDQRQH URXWHUDWWD.KHGWRDQHWZRUNDWWHPSWWREH.RPHWKHGHVLJQDWHG URXWHUWKHRQHZLWKWKHKLJKHVWSULRULW\ZLQV,IWKH.RPSHWLQJ URXWHUVKDYHWKHVDPHSULRULW\WKHRQHZLWKWKHKLJKHUURXWHU,' EH.RPHVWKHGHVLJQDWHGURXWHUWKHQH[WKLJKHVWEH.RPHVWKH ED.NXSGHVLJQDWHGURXWHU$URXWHUZLWKDURXWHUSULRULW\VHWWR LVLQHOLJLEOHWREH.RPHWKHGHVLJQDWHGURXWHU

hellointerval iftime

priority LVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRU

VHWVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ KHOORSD.NHWVWKDWWKHURXWHUVHQGVRQWKHLQWHUID.H7KHGHIDXOW YDOXHIRUhellointerval LV

hellointerval routerdeadinterval iftime

VHWVWKHQXPEHURIVH.RQGVDIWHUQRW KHDULQJDURXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUVZLOO GH.ODUHLWGRZQ7KHGHIDXOWYDOXHIRUrouterdeadinterval is 40.
routerdeadinterval passive

'RQRWVHQGRUUH.HLYHSD.NHWVRQWKLVLQWHUID.Hpassive KDVWKH HIIH.WRIRULJLQDWLQJDVWXEOLQNWRWKLVLQWHUID.HLQWRWKHGRPDLQ

auth [none | simple auth_key | md5 md5-key ] auth

LVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\WKH DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KHDXWKHQWL.DWLRQLV .RQILJXUHGRQDSHULQWHUID.HEDVLV,WLVVSH.LILHGE\RQHWRHLJKW GH.LPDOGLJLWVVHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WHKH[DGH.L

76

Configuring GateD

PDOVWULQJSUH.HGHGE\[RUDRQHWRHLJKW.KDUD.WHUVWULQJLQ GRXEOHTXRWHV 6SH.LI\0'DXWKHQWL.DWLRQZLWKWKHmd5-key,ZKL.KLVVSH.LILHG DV:

key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

:KHUH auth-keyLVDRQHWRHLJKW.KDUD.WHUVWULQJid-number LV DQLQWHJHUZLWKDYDOXHEHWZHHQDQGDQGdate-timeLVLQ WKHIRUPDW<<<<00''++00,IDQ\WLPHILHOGVDUHXVHG DOODUHUHTXLUHG 6HH6H.WLRQIRUDPRUHGHWDLOHGGHV.ULSWLRQ

secondary

[ none | simple | md5 ] auth_key

secondary LVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHU LI\WKHVH.RQGDU\DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KH DXWKHQWL.DWLRQNH\.DQEH.RQILJXUHGRQDSHULQWHUID.HEDVLV,WLV VSH.LILHGE\RQHWRHLJKWGH.LPDOGLJLWVVHSDUDWHGE\SHULRGVD RQHWRHLJKWE\WHKH[DGH.LPDOVWULQJSUH.HGHGE\[RUDRQHWR HLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV6HH6H.WLRQIRUD PRUHGHWDLOHGGHV.ULSWLRQ interface interface_list nonbroadcast [ cost ifnbcost ]

7KLVIRUPRIWKHLQWHUID.H.ODXVHLVXVHGWRVSH.LI\DQRQEURDG.DVW LQWHUID.HRQDQRQEURDG.DVWPXOWLD..HVV1%0$PHGLXP%H.DXVH DQ263)EURDG.DVWPHGLXPPXVWVXSSRUW,3PXOWL.DVWLQJDEURDG .DVW.DSDEOHPHGLXPWKDWGRHVQRWVXSSRUW,3PXOWL.DVWLQJPXVWEH .RQILJXUHGDVDQRQEURDG.DVWLQWHUID.H

pollinterval ifnbtime pollinterval LVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ263) SD.NHWVWKDWWKHURXWHUVHQGVEHIRUHDGMD.HQ.\LVHVWDEOLVKHGZLWK DQHLJKERU routers gateway

[ eligible ]

%\GHILQLWLRQLWLVQRWSRVVLEOHWRVHQGEURDG.DVWSD.NHWVWRGLV .RYHU263)QHLJKERUVRQDQRQEURDG.DVWPHGLXPVRDOOQHLJK ERUVPXVWEH.RQILJXUHG7KHgatewayOLVWLQ.OXGHVRQHRUPRUH QHLJKERUVDQGDQLQGL.DWLRQRIWKHLUHOLJLELOLW\WREH.RPHDGHVLJ QDWHGURXWHU

retransmitinterval ifnbtime retransmitinterval

VHWVWKHQXPEHURIVH.RQGVEHWZHHQOLQN VWDWHDGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHVEHORQJLQJWR
77

Open Shortest Path First Protocol (OSPF)

WKLVLQWHUID.H
transitdelay ifnbtime transitdelay VHWVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWR WUDQVPLWDOLQNVWDWHXSGDWHRYHUWKLVLQWHUID.H transitdelay

WDNHVLQWRD..RXQWWUDQVPLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVW EHJUHDWHUWKDQ
priority ifnbpriority

LW\IRUEH.RPLQJWKHGHVLJQDWHGURXWHU:KHQPRUHWKDQRQH URXWHUDWWD.KHGWRDQHWZRUNDWWHPSWWREH.RPHWKHGHVLJQDWHG URXWHUWKHRQHZLWKWKHKLJKHVWSULRULW\ZLQV,IWKH.RPSHWLQJ URXWHUVKDYHWKHVDPHSULRULW\WKHRQHZLWKWKHKLJKHUURXWHU,' EH.RPHVWKHGHVLJQDWHGURXWHUWKHQH[WKLJKHVWEH.RPHVWKH ED.NXSGHVLJQDWHGURXWHU$URXWHUZLWKDURXWHUSULRULW\VHWWR LVLQHOLJLEOHWREH.RPHWKHGHVLJQDWHGURXWHU

hellointerval ifnbtime

priority LVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRU

VHWVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ KHOORSD.NHWVWKDWWKHURXWHUVHQGVRQWKHLQWHUID.H7KHGHIDXOW YDOXHIRUhellointerval LV

hellointerval routerdeadinterval ifnbtime

VHWVWKHQXPEHURIVH.RQGVDIWHUQRW KHDULQJDURXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUVZLOO GH.ODUHLWGRZQ7KHGHIDXOWYDOXHIRUrouterdeadinterval LV 
routerdeadinterval passive

'RQRWVHQGRUUH.HLYHSD.NHWVRQWKLVLQWHUID.HpassiveKDVWKH HIIH.WRIRULJLQDWLQJDVWXEOLQNWRWKLVLQWHUID.HLQWRWKHGRPDLQ
auth

[ none | simple auth_key | md5 md5-key ]

DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KHDXWKHQWL.DWLRQLV .RQILJXUHGRQDSHULQWHUID.HEDVLV,WLVVSH.LILHGE\RQHWRHLJKW GH.LPDOGLJLWVVHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WHKH[DGH.L PDOVWULQJSUH.HGHGE\[RUDRQHWRHLJKW.KDUD.WHUVWULQJLQ GRXEOHTXRWHV 6SH.LI\0'DXWKHQWL.DWLRQZLWKWKHmd5-key ZKL.KLVVSH.L ILHGDV

key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

authLVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\WKH

78

Configuring GateD

:KHUH auth-keyLVDRQHWRHLJKW.KDUD.WHUVWULQJLGQXPEHULV DQLQWHJHUZLWKDYDOXHEHWZHHQDQGDQG date-time LVLQ WKHIRUPDW<<<<00''++00,IDQ\WLPHILHOGVDUHXVHG DOODUHUHTXLUHG 6HH6H.WLRQIRUDPRUHGHWDLOHGGHV.ULSWLRQ

secondary

[ none | simple | md5 ] auth_key

WKHVH.RQGDU\DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KH DXWKHQWL.DWLRQNH\.DQEH.RQILJXUHGRQDSHULQWHUID.HEDVLV,WLV VSH.LILHGE\RQHWRHLJKWGH.LPDOGLJLWVVHSDUDWHGE\SHULRGVD RQHWRHLJKWE\WHKH[DGH.LPDOVWULQJSUH.HGHGE\[RUDRQHWR HLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV6HHIRUDPRUH GHWDLOHGGHV.ULSWLRQ %D.NERQHRQO\

virtuallink neighborid router_id transitarea area

secondaryLVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\

9LUWXDOOLQNVDUHXVHGWRHVWDEOLVKRULQ.UHDVH.RQQH.WLYLW\RIWKHED.N ERQHDUHD7KHneighboridLVWKHURXWHUBLGRIWKHRWKHUHQGRIWKH YLUWXDOOLQN7KHDUHDVSH.LILHGLQWKHtransitareaPXVWDOVREH.RQ ILJXUHGRQWKHV\VWHP$OOVWDQGDUGLQWHUID.HSDUDPHWHUVGHILQHGE\ WKHLQWHUID.H.ODXVHDERYHPD\EHVSH.LILHGRQDYLUWXDOOLQN

retransmitinterval vltime retransmitinterval LVWKHQXPEHURIVH.RQGVEHWZHHQOLQNVWDWH DGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHVEHORQJLQJWRWKLVLQWHU ID.H transitdelay vltime transitdelayLVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWRWUDQV PLWDOLQNVWDWHXSGDWHRYHUWKLVLQWHUID.HtransitdelayWDNHVLQWR D..RXQWWUDQVPLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVWEHJUHDWHUWKDQ  priority vlpriority priorityLVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRULW\

IRUEH.RPLQJWKHGHVLJQDWHGURXWHU:KHQPRUHWKDQRQHURXWHU DWWD.KHGWRDQHWZRUNDWWHPSWWREH.RPHWKHGHVLJQDWHGURXWHUWKH RQHZLWKWKHKLJKHVWSULRULW\ZLQV,IWKH.RPSHWLQJURXWHUVKDYHWKH VDPHSULRULW\WKHRQHZLWKWKHKLJKHUURXWHU,'EH.RPHVWKHGHVLJ QDWHGURXWHUWKHQH[WKLJKHVWEH.RPHVWKHED.NXSGHVLJQDWHGURXWHU $URXWHUZLWKDURXWHUSULRULW\VHWWRLVLQHOLJLEOHWREH.RPHWKHGHV LJQDWHGURXWHU

hellointerval vltime hellointervalLVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQKHOORSD.N HWVWKDWWKHURXWHUVHQGVRQWKHLQWHUID.H

79

Open Shortest Path First Protocol (OSPF)

routerdeadinterval vltime

LVWKHQXPEHURIVH.RQGVDIWHUQRWKHDULQJD URXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUVZLOOGH.ODUHLW GRZQ
routerdeadinterval passive

'RQRWVHQGRUUH.HLYHSD.NHWVRQWKLVLQWHUID.H passiveKDVWKH HIIH.WRIRULJLQDWLQJDVWXEOLQNWRWKLVLQWHUID.HLQWRWKHGRPDLQ

auth auth

[ none | simple auth_key | md5 md5-key ]

LVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\WKH DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KHDXWKHQWL.DWLRQLV.RQILJ XUHGRQDSHULQWHUID.HEDVLV,WLVVSH.LILHGE\RQHWRHLJKWGH.LPDO GLJLWVVHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WHKH[DGH.LPDOVWULQJ SUH.HGHGE\[RUDRQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV 6SH.LI\0'DXWKHQWL.DWLRQZLWKWKHmd5-keyZKL.KLVVSH.LILHGDV

key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

:KHUH auth_key LVDRQHWRHLJKW.KDUD.WHUVWULQJid-number LVDQ LQWHJHUZLWKDYDOXHEHWZHHQDQGDQGdate-time LVLQWKHIRU PDW<<<<00''++00,IDQ\WLPHILHOGVDUHXVHGDOODUH UHTXLUHG 6HH6H.WLRQIRUDPRUHGHWDLOHGGHV.ULSWLRQ
secondary

[ none | simple | md5 ] auth_key

VH.RQGDU\DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KHDXWKHQWL.D WLRQNH\.DQEH.RQILJXUHGRQDSHULQWHUID.HEDVLV,WLVVSH.LILHGE\ RQHWRHLJKWGH.LPDOGLJLWVVHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WH KH[DGH.LPDOVWULQJSUH.HGHGE\[RUDRQHWRHLJKW.KDUD.WHUVWULQJ LQGRXEOHTXRWHV6HH6H.WLRQIRUDPRUHGHWDLOHGGHV.ULS WLRQ ,QWHUID.HSDUDPHWHUVIRUSRLQWWRSRLQWOLQNVLQ.OXGH

nomulticast

secondaryLVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\WKH

%\GHIDXOW263)SD.NHWVWRQHLJKERUVRQSRLQWWRSRLQWLQWHUID.HV DUHVHQWYLDWKH,3PXOWL.DVWPH.KDQLVP6RPHLPSOHPHQWDWLRQVRI,3 PXOWL.DVWLQJIRU81,;KDYHDEXJKRZHYHUWKDWSUH.OXGHVWKHXVHRI ,3PXOWL.DVWLQJRQWKHVHLQWHUID.HV*DWH'ZLOOGHWH.WWKLV.RQGLWLRQ DQGIDOOED.NWRVHQGLQJXQL.DVW263)SD.NHWVWRWKLVSRLQWWRSRLQW QHLJKERU,IWKHXVHRI,3PXOWL.DVWLQJLVQRWGHVLUHGEH.DXVHWKH UHPRWHQHLJKERUGRHVQRWVXSSRUWLWWKH nomulticast SDUDPHWHU

80

Configuring GateD

PD\EHVSH.LILHGWRIRU.HWKHXVHRIXQL.DVW263)SD.NHWV7KLV RSWLRQPD\DOVREHXVHGWRHOLPLQDWHZDUQLQJVZKHQ*DWH'GHWH.WV WKHEXJPHQWLRQHGDERYH 2.1.2.2.2 Old OSPF Tracing Options

lsabuild

&UHDWHWKHOLQNVWDWHDGYHUWLVHPHQW
lsatransmit (or lsatx)

7UD.HWKHOLQNVWDWHSD.NHWVWUDQVPLWWHG
lsareceive

(or lsarx)

7UD.HWKHOLQNVWDWHSD.NHWUH.HLYHG
spf

7UD.HWKH6KRUWHVW3DWK)LUVW63).DO.XODWLRQV

debug

7UD.H263)DWWKHGHEXJJLQJOHYHORIGHWDLO Packet tracing options (which may be modified with detail, send and recv) include:
hello

7UD.H263)KHOORSD.NHWVZKL.KDUHXVHGWRGHWHUPLQHQHLJKERU UHD.KDELOLW\
dd

7UD.H263)GDWDEDVHGHV.ULSWLRQGGSD.NHWVZKL.KDUHXVHGLQV\Q .KURQL]LQJ263)GDWDEDVHV

request

7UD.H263)OLQNVWDWHUHTXHVWSD.NHWVZKL.KDUHXVHGLQV\Q.KURQL] LQJ263)GDWDEDVHV
lsu

7UD.H263)OLQNVWDWHXSGDWHSD.NHWVZKL.KDUHXVHGLQV\Q.KURQL] LQJ263)GDWDEDVHV
ack

7UD.H263)OLQNVWDWHD.NSD.NHWVZKL.KDUHXVHGLQV\Q.KURQL]LQJ 263)GDWDEDVHV 2.1.2.2.3 Old OSPF Authentication %\GHILQLWLRQDOO263)SURWR.ROH[.KDQJHVDUHDXWKHQWL.DWHGKRZHYHU RQHPHWKRGRIDXWKHQWL.DWLRQLVQRQH$XWKHQWL.DWLRQ.DQKHOSWRJXDU DQWHHWKDWURXWLQJLQIRUPDWLRQLVRQO\LPSRUWHGIURPWUXVWHGURXWHUV$ YDULHW\RIDXWKHQWL.DWLRQV.KHPHV.DQEHXVHGEXWDVLQJOHV.KHPHPXVW EH.RQILJXUHGIRUHD.KLQWHUID.H7KHXVHRIGLIIHUHQWV.KHPHVHQDEOHV VRPHLQWHUID.HVWRXVHPX.KVWUL.WHUDXWKHQWL.DWLRQWKDQRWKHUV7KHWKUHH

81

Open Shortest Path First Protocol (OSPF)

DXWKHQWL.DWLRQV.KHPHVDYDLODEOHDUHQRQHVLPSOHDQG0'DXWKHQWL.D WLRQ 2.1.2.2.3.1 No Authentication :KHQQRDXWKHQWL.DWLRQLVUHTXLUHGXVHDXWKHQWL.DWLRQW\SH none. 7RXVH DXWKHQWL.DWLRQW\SH noneDGGWKHIROORZLQJOLQHVWRWKHDSSURSULDWH 263)LQWHUID.HVWDWHPHQWV
auth none ;

2.1.2.2.3.2 Simple Authentication Key :KHQ\RXZLVKWRNHHS.HUWDLQURXWHUVIURPH[.KDQJLQJ263)SD.NHWV XVHWKHVLPSOHIRUPRIDXWKHQWL.DWLRQ7KHLQWHUID.HVWKDWWKHSD.NHWVDUH WREHVHQWRQVWLOOQHHGWREHWUXVWHGEH.DXVHWKHNH\ZLOOEHSOD.HGLQWKH SD.NHWVDQG.DQEHVHHQE\DQ\RQHZLWKD..HVVWRWKHQHWZRUN7RVSH.LI\ DXWKHQWL.DWLRQW\SHsimple,DGGWKHIROORZLQJOLQHVWR\RXU263)LQWHU ID.HVWDWHPHQWV
auth simple auth_key;

2.1.2.2.3.3 MD5 Authentication :KHQ\RXGRQRWWUXVWRWKHUXVHUVRI\RXUQHWZRUNXVH0'DXWKHQWL.D WLRQ7KHV\VWHPZRUNVE\XVLQJVKDUHGVH.UHWNH\V%H.DXVHWKHNH\VDUH XVHGWRVLJQWKHSD.NHWVZLWKDQ0'.KH.NVXPWKH\.DQQRWEHIRUJHG RUWDPSHUHGZLWK%H.DXVHWKHNH\VDUHQRWLQ.OXGHGLQWKHSD.NHWVQRRS LQJWKHNH\LVQRWSRVVLEOH8VHUVRIWKHQHWZRUN.DQVWLOOVQRRSWKH.RQ WHQWVRISD.NHWVKRZHYHUEH.DXVHWKHSD.NHWVDUHQRWHQ.U\SWHG *DWH'
V0'DXWKHQWL.DWLRQLV.RPSOLDQWZLWKWKHVSH.LIL.DWLRQLQ263) 5)&7KLVVSH.LIL.DWLRQXVHVWKH0'DOJRULWKPDQGDQDXWKHQWL.D WLRQNH\RIXSWR.KDUD.WHUV5)&DOORZVPXOWLSOH0'NH\VSHU LQWHUID.H(D.KNH\KDVWZRDVVR.LDWHGWLPHUDQJHV 7RVSH.LI\DVLQJOH0'NH\RQDQLQWHUID.HDGGWKHIROORZLQJWRWKH DSSURSULDWH263)LQWHUID.HVWDWHPHQWV
auth md5 md5-key

ZKHUH md5-key LV

key your-key id id-number [ { [ start-generate date-time ; ] [ stop-generate date-time ; ] [ start-accept date-time ; ] [ stop-accept date-time ; ] } ] ;

82

Configuring GateD

ZKHUH id-number LVDQLQWHJHUZLWKDYDOXHEHWZHHQDQGDQG date-time LVLQWKHIRUPDW<<<<00''++00,IDQ\WLPHILHOGV DUHXVHGDOODUHUHTXLUHG ,IQRYDOXHLVJLYHQIRUWKHWLPHUDQJHVWKHGHIDXOWYDOXHVDUH NH\LVDOZD\VJHQHUDWHG NH\LVDOZD\VD..HSWHG 7KXVLI\RXDOZD\VZDQW\RXUNH\WREHD..HSWHGVSH.LI\DVHTXHQ.HVX.K DV
auth md5 key "mikeyone" id 1;

7RVSH.LI\PXOWLSOH0'NH\VRQDQLQWHUID.HDGGWKHIROORZLQJWRWKH DSSURSULDWH263)LQWHUID.HVWDWHPHQWV
auth md5 { md5-key md5-key . . . md5-key } ;

where md5-key is as specified above. )RUH[DPSOHWZRURXWHUVPD\VWDUWRXWJHQHUDWLQJNH\DQGZDQWWR VZLW.KWRNH\DW*07,QRUGHUWRPDNHWKHWUDQVLWLRQEHWZHHQ NH\VHDVLHUWKHURXWHUVDJUHHWRVWRSJHQHUDWLQJNH\DW*07EXW D..HSWNH\XQWLO*07.H\LVD..HSWHGPLQXWHVEHIRUHWKH SODQQHGVZLW.KWLPHLH*077KHVHRYHUODSSLQJUDQJHVDOORZWKH .OR.NVRQWKHURXWHUVWREHVOLJKWO\RXWRIV\Q.7KLVVHTXHQ.HRINH\V ZRXOGEHVSH.LILHGE\
auth md5 { key "mikeyone" id 1 { stop-generate 1999/05/01 06:00; stop-accept 1999/05/01 06:10; }; key "mikeytwo" id 2 { start-generate 1999/05/01 06:00; start-accept 1999/05/01 05:50; }; };

83

Open Shortest Path First Protocol (OSPF)

2.1.2.2.4 Simple Configurations for Novice Users 2.1.2.2.4.1 Host Configuration 7KHVLPSOHVW.RQILJXUDWLRQIRUDKRVWXVHULVWKHIROORZLQJZKL.KZLOOVHW *DWH'LQWRWKHED.NERQHDUHDVSH.LILHGIRUDOOLQWHUID.HV7KH*DWH' 263)KDVGHIDXOWVIRUDKRVWWKDWZLOOQRWDOORZLWWREH.RPHDGHVLJQDWHG URXWHU'5IRU263)
ospf yes { backbone { interface all; }; };

7KHVLPSOHVW.RQILJXUDWLRQIRUDKRVWXVHULQDQDUHDRXWVLGHWKHED.N ERQHLV
ospf yes { area 0.0.0.1 { interface all; }; };

2.1.2.2.4.2 Router Configurations 7KHVDPHVLPSOHVW.RQILJXUDWLRQV.DQDOVREHXVHGIRU81,;V\VWHPUXQ QLQJDVDURXWHU )RUDED.NERQHWKHVLPSOHVW.RQILJXUDWLRQLV 

ospf yes { backbone { interface all {priority 1;}; }; };

)RUDQDUHDWKHVLPSOHVW.RQILJXUDWLRQLV 

ospf yes { area 0.0.0.1 { interface all {priority 1;}; }; };

84

Configuring GateD

2.1.2.2.5 Deprecated Functionality 2.1.2.2.5.1 Area Statement Keywords

authtype 0 | 1 | none | simple authtypeZDVXVHGWRVHWWKHDUHDZLGHDXWKHQWL.DWLRQPHWKRG7KH YDOLGYDOXHVIRUauthtypeZHUHnone (0) IRUQRDXWKHQWL.DWLRQRU simple (1) IRUVLPSOHSDVVZRUGDXWKHQWL.DWLRQ:KHQ simple (1) ZDVVSH.LILHGauthkey VKRXOGKDYHEHHQXVHGWRVSH.LI\WKHSDVV

ZRUGIRUHD.KLQWHUID.H7KLVPHWKRGZDVXVHGWRLPSOHPHQW 5)&DQGSUHYLRXVYHUVLRQVRI263)
VDXWKHQWL.DWLRQ1HZHU YHUVLRQVRIWKH263)VWDQGDUGDOORZDXWKHQWL.DWLRQW\SHWREHVSH.L ILHGRQDSHULQWHUID.HEDVLV7KXV\RXVKRXOGQRZXVHWKH auth NH\ ZRUGWRVSH.LI\DXWKHQWL.DWLRQ

2.1.2.2.5.2 Interface Statement Keywords

authkey auth_key authkey

ZDVXVHGWRVSH.LI\WKHSDVVZRUGIRUDQLQWHUID.HZKHQ XVLQJWKHDUHDZLGH authtype simple DXWKHQWL.DWLRQPHWKRG

2.1.2.2.6 Non-Standard Behavior and Open Bugs (GJH.DVHEXJVLQWKLVLPSOHPHQWDWLRQRI263)DUHGR.XPHQWHGLQWKLV VH.WLRQLQWKHIRUPRI$19/WHVW.DVHVWKDWKDYHIDLOHG $QHZLPSOHPHQWDWLRQRI263)SDVVHVWKHHQWLUH$19/WHVWVXLWH 6HH1HZ263)RQSDJH  7KH.XUUHQWOLVWRIEXJVLVDVIROORZV $19/'87IRUZDUGV,3SD.NHWWRWKH.RUUH.WLQWHUID.HDQGQH[W KRSEDVHGRQDQHQWU\LQWKH263)URXWLQJWDEOH $19/'87IRUZDUGV,3SD.NHWVEDVHGRQWKHPRVWSUHIHUHQWLDO SDWKW\SH $19/'87VHQGVDQ,&03GHVWLQDWLRQXQUHD.KDEOHLIWKHUHLV QRLQWUDDUHDURXWHIRUDSD.NHWGHVWLQHGIRUWKHURXWHU
V.RQILJXUHG DUHD $19/1HZVXPPDU\OLQNDGYHUWLVHPHQWVDUHUHIORRGHGZLWK /6$JH 0D[$JHZKHQURXWLQJWDEOHHQWULHVDUHGHOHWHGRUDUHQR ORQJHUDGYHUWLVDEOH $19/'87JHQHUDWHVQHZVXPPDU\OLQNDGYHUWLVHPHQWVZKHQ WKH.RVWRIDSDWKWRDYLUWXDOOLQNHQGSRLQW.KDQJHVLQWKHURXWLQJ WDEOH $19/,ILQWUDDUHDURXWHVH[LVWWRDQ$6ERXQGDU\URXWHULQ PRUHWKDQRQHDUHDWKHDUHDSURYLGLQJWKHVKRUWHVWSDWKLVDOZD\V .KRVHQ ,QDGGLWLRQWKHXVHUVKRXOGEHDZDUHWKDWROG263)GRHVQRWVXSSRUW/6 6HTXHQ.H:UDSSLQJRU5)&IXQ.WLRQDOLW\

85

Open Shortest Path First Protocol (OSPF)

2.1.2.3 New OSPF

2.1.2.3.1 New OSPF Syntax

ospf | new-ospf on | off [ { retransmitinterval global_default_time ; transitdelay global_default_time ; priority global_default_priority ; hellointerval global_default_time ; routerdeadinterval global_default_time ; pollinterval global_default_time ; advertise-subnet on | off ; opaque-capability on | off ; auth [none | simple auth_key | md5 md5-key] defaults { preference defasepref ; cost defasecost ; tag [ as ] tagvalue ; type 1 | 2 ; inherit-metric ; ribs unicast [ multicast ] ; }; traceoptions trace_options_ospf2 ; rfc1583compatibility enable | disable ; area areanumber | backbone { nssa [ cost defaultcost ] ; nssanetworks { network mask stubmask metric cost ; network masklen number metric cost ; host stubhost metric cost ; }; stub [ cost stub_default_cost] ; stubhosts { host metric cost ; }; stubnetworks { network mask stubmask metric cost ; network masklen number metric cost ; host stubhost metric cost ; }; networks { network [ restrict ] ; network mask netmask [ restrict ] ; network masklen number [ restrict ] ; host nethost [ restrict ] ; } ; summaryfilters { route_filter } ; retransmitinterval area_default_time ; transitdelay area_default_time ;

86

Configuring GateD

priority area_default_priority ; hellointerval area_default_time ; routerdeadinterval area_default_time ; pollinterval area_default_time ; advertise-subnet on | off ; opaque-capability on | off ; auth [none | simple auth_key | md5 md5-key] ; interface interface_list [ cost ifcost ] [ { enable | disable ; retransmitinterval iftime ; transitdelay iftime ; priority ifpriority ; hellointerval iftime ; routerdeadinterval iftime ; pollinterval iftime ; passive ; advertise-subnet on | off ; opaque-capability on | off ; auth [none | simple auth_key | md5 md5-key] ; } ] ; interface interface_name | interface address nonbroadcast [ cost ifnbcost ] [ { strict-routers on | off routers { gatewaylist [ eligible ] ; } ; retransmitinterval ifnbtime ; transitdelay ifnbtime ; priority ifnbpriority ; hellointerval ifnbtime ; routerdeadinterval ifnbtime ; pollinterval ifnbtime ; passive ; advertise-subnet on | off ; opaque-capability on | off ; auth [none | simple auth_key | md5 md5-key] ; } ] ; interface interface_name | interface address point-to-multipoint [ cost ptmcost ] [ { strict-routers on | off routers { gatewaylist ; } ; retransmitinterval ptmtime ; transitdelay ptmtime ; priority ptmpriority ; hellointerval ptmtime ; routerdeadinterval ptmtime ;

87

Open Shortest Path First Protocol (OSPF)

pollinterval ptmtime ; passive ; advertise-subnet on | off ; opaque-capability on | off ; auth [none | simple auth_key | md5 md5-key] ; } ] ; Backbone only: virtuallink neighborid router_id transitarea area [ { retransmitinterval vltime ; transitdelay vltime ; priority vlpriority ; hellointerval vltime ; routerdeadinterval vltime ; pollinterval vltime ; passive ; advertise-subnet on | off ; opaque-capability on | off ; auth [none | simple auth_key | md5 md5-key] ; } ] ; } ; } ] ; ospf | new-ospf

7KHospfVWDWHPHQWHQDEOHVRUGLVDEOHV263)%\GHIDXOW263)LVGLV DEOHG
retransmitinterval global_default_time

VHWVWKHGHIDXOWIRUWKHQXPEHURIVH.RQGV EHWZHHQOLQNVWDWHDGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHV7KH global_default_time ZLOOEHWKHYDOXHIRUWKHUHWUDQVPLWLQWHUYDO XQOHVVLWLVRYHUULGGHQE\ an area_default_time LQDQDUHDVWDWH PHQWRUE\DQiftime, ifnbtime RUptmtimeLQWKHLQWHUID.HVWDWH PHQW
retransmitinterval transitdelay global_default_time

VHWVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWR WUDQVPLWDOLQNVWDWHXSGDWH transitdelayWDNHVLQWRD..RXQWWUDQV PLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVWEHJUHDWHUWKDQ7KH global_default_time ZLOOEHWKHYDOXHIRUWKHWUDQVLWGHOD\XQOHVV LWLVRYHUULGGHQE\DQarea_default_time LQDQDUHDVWDWHPHQWRUE\ DQ iftime, ifnbtime RU ptmtimeLQWKHLQWHUID.HVWDWHPHQW
transitdelay priority global_default_priority

LVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRULW\ IRUEH.RPLQJWKHGHVLJQDWHGURXWHU:KHQPRUHWKDQRQHURXWHU DWWD.KHGWRDQHWZRUNDWWHPSWWREH.RPHWKHGHVLJQDWHGURXWHUWKH RQHZLWKWKHKLJKHVWSULRULW\ZLQV,IWKH.RPSHWLQJURXWHUVKDYHWKH

priority

88

Configuring GateD

VDPHSULRULW\WKHRQHZLWKWKHKLJKHVWURXWHU,'EH.RPHVWKHGHVLJ QDWHGURXWHUWKHQH[WKLJKHVWEH.RPHVWKHED.NXSGHVLJQDWHGURXWHU $URXWHUZLWKDURXWHUSULRULW\VHWWRLVLQHOLJLEOHWREH.RPHWKHGHV LJQDWHGURXWHU7KHglobal_default_priority ZLOOEHWKHYDOXH IRUWKHSULRULW\XQOHVVLWLVRYHUULGGHQE\DQ area_default_priorityLQDQDUHDVWDWHPHQWRUE\DQifpriority, ifnbpriority RU ptmpriority LQWKHLQWHUID.HVWDWHPHQW
hellointerval global_default_time

LVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQKHOOR SD.NHWVWKDWWKHURXWHUVHQGVRQWKHLQWHUID.H7KH global_default_time ZLOOEHWKHYDOXHIRUWKHhellointerval XQOHVVLWLVRYHUULGGHQE\DQ area_default_timeLQDQDUHDVWDWH PHQWRUE\DQiftime, ifnbtime RU ptmtimeLQWKHLQWHUID.HVWDWH PHQW
hellointerval routerdeadinterval global_default_time

LVWKHQXPEHURIVH.RQGVZLWKRXWUH.HLYLQJD URXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUVZLOOGH.ODUHLW GRZQ7KHglobal_default_time ZLOOEHWKHYDOXHIRUWKHURXWHU GHDGLQWHUYDOXQOHVVLWLVRYHUULGGHQE\DQ area_default_time LQDQ DUHDVWDWHPHQWRUE\DQiftime, ifnbtime RU ptmtime LQWKH LQWHUID.HVWDWHPHQW
routerdeadinterval pollinterval

global_default_time

LVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ263) SD.NHWVWKDWWKHURXWHUVHQGVEHIRUHDGMD.HQ.\LVHVWDEOLVKHGZLWKD QHLJKERU7KH global_default_timeZLOOEHWKHYDOXHIRUWKHSROO LQWHUYDOXQOHVVLWLVRYHUULGGHQE\DQarea_default_time iQDQDUHD VWDWHPHQWRUE\DQ iftime, ifnbtime RU ptmtimeLQWKHLQWHUID.H VWDWHPHQW
pollinterval advertise-subnet on | off

VSH.LILHVWKDW263)ZKHQDGYHUWLVLQJSRLQWWR SRLQWLQWHUID.HVZLOODGYHUWLVHWKHQHWZRUNQXPEHUDQGQHWPDVNRI WKHSRLQWWRSRLQWLQWHUID.HLQVWHDGRIDKRVWURXWHWRWKHOR.DO,3 %H.DXVHVRPHWLPHVWKHQHWPDVNLVVHWLPSURSHUO\RQSRLQWWRSRLQW LQWHUID.HVWKHGHIDXOWLV off. 7KHJOREDO advertise-subnet ZLOOEH WKHGHIDXOWXQOHVVLWLVRYHUULGGHQLQWKHDUHDRULQWHUID.HVWDWHPHQW
advertise-subnet opaque-capability on | off

.RQILJXUHVVXSSRUWIRU5)&2SDTXH /6$V$QLQWHUQDO$3,LVSURYLGHGIRUYLHZLQJW\SHW\SHDQG W\SH/6$V%H.DXVHWKLVPD\XQQH.HVVDULO\LQ.UHDVHWKHVL]HRIWKH URXWHU

V/LQN6WDWH'DWDEDVHDQGLWGRHVQRWDIIH.WQRUPDOSURWR.RO RSHUDWLRQWKHGHIDXOWLVoff. 5RXWHUVWKDWGRQRWVXSSRUWRSDTXH /6$VVKRXOG.RQWLQXHWRLQWHURSHUDWHZLWKWKRVHWKDWGRVXSSRUW
opaque-capability

89

Open Shortest Path First Protocol (OSPF)

WKHP
auth

[ none | simple auth_key | md5 md5-key ]

iVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\WKH DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KHJOREDODXWKHQWL.DWLRQ ZLOOEHWKHGHIDXOWXQOHVVLWLVVSH.LILHGLQWKHDUHDRULQWHUID.HVWDWH PHQW,WLVVSH.LILHGE\RQHWRHLJKWGH.LPDOGLJLWVZLWKDYDOXH EHWZHHQDQGVHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WHKH[D GH.LPDOVWULQJSUH.HGHGE\[RUDRQHWRHLJKW.KDUD.WHUVWULQJLQ GRXEOHTXRWHV6HH6H.WLRQIRUDPRUHGHWDLOHGGHV.ULSWLRQ

auth

6SH.LI\0'DXWKHQWL.DWLRQZLWKWKHmd5-keyZKL.KLVVSH.LILHGDV
key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

:KHUHauth-key LVDRQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV id-number LVDQLQWHJHUZLWKDYDOXHEHWZHHQDQGDQGdatetime LVLQWKHIRUPDW<<<<00''++00,IDQ\WLPHILHOGV DUHXVHGDOODUHUHTXLUHG

defaults

7KHVHSDUDPHWHUVVSH.LI\WKHGHIDXOWVXVHGZKHQLPSRUWLQJ263) $XWRQRPRXV6\VWHP([WHUQDO$6(URXWHVLQWRWKH*DWH'URXWLQJ WDEOHDQGH[SRUWLQJURXWHVIURPWKH*DWH'URXWLQJWDEOHLQWR263) $6(V

preference defasepref preferenceVSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURPWKH 263)$6(.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQD URXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYHURXWH ZLOOEHVHOH.WHGIURPIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHUHQ.H (D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ7KHGHIDXOW IRU263)LV cost defasecost

LVXVHGZKHQH[SRUWLQJDQRQ263)URXWHIURPWKH*DWH' URXWLQJWDEOHLQWR263)DVDQ$6(7KHGHIDXOWYDOXHLVcostPD\ EHH[SOL.LWO\RYHUULGGHQLQH[SRUWSROL.\

cost tag [ as ] tagvalue

263)$6(URXWHVKDYHDELWWDJILHOGWKDWLVQRWXVHGE\WKH263) SURWR.ROEXWPD\EHXVHGZKHQH[SRUWLQJWRSURWR.ROVRWKHUWKDQ 263):KHQ263)LVLQWHUD.WLQJZLWK%*3WKHtagILHOGPD\EH XVHGWRSURSDJDWH$6SDWKLQIRUPDWLRQLQZKL.K.DVHWKHasNH\ZRUG LVVSH.LILHGDQGWKHWDJLVOLPLWHGWRELWVRILQIRUPDWLRQ,IQRW

90

Configuring GateD

VSH.LILHGWKHWDJLVVHWWR
type 1 | 2

5RXWHVH[SRUWHGIURPWKH*DWH'URXWLQJWDEOHLQWR263)GHIDXOWWR EH.RPLQJW\SH$6(V7KLVGHIDXOWPD\EHH[SOL.LWO\.KDQJHGKHUH DQGRYHUULGGHQLQH[SRUWSROL.\

inherit-metric inherit-metric DOORZVDQ263)$6(URXWHWRLQKHULWWKHPHWUL.RI WKHH[WHUQDOURXWHZKHQQRPHWUL.LVVSH.LILHGRQWKHH[SRUW inherit-metric PDLQWDLQV.RPSDWLELOLW\ZLWKDOOWKH.XUUHQWH[SRUW IXQ.WLRQV

$PHWUL.VSH.LILHGRQWKHH[SRUWZLOOWDNHSUH.HGHQ.H 7KHcostVSH.LILHGLQWKHGHIDXOWVWDWHPHQWdefasecostZLOOEH XVHGLIinherit-metricLVQRWVSH.LILHG

ribs unicast [ multicast ]

VSH.LILHVWKH5,%5RXWLQJ,QIRUPDWLRQ%DVHLQZKL.K263) LQWHUQDOURXWHVDUHLQVWDOOHG7KHXQL.DVW5,%LVUHTXLUHGDQGLVWKH GHIDXOW,Q.RGHEDVHVWKDWVXSSRUWH[WHQGHG5,%VUHOHDVHVZLWK PXOWL.DVWSURWR.ROV263)URXWHVPD\EHLQVWDOOHGLQWKHPXOWL.DVW 5,% ribs KDVQRHIIH.WRQVHOIRULJLQDWHG$6(URXWHVDVWKH\DUH H[SRUWHGIURPDQRWKHUSURWR.RO
ribs traceoptions trace_options_ospf2

VSH.LILHVWKHWUD.LQJRSWLRQVIRUQHZ263)6HH6H. WLRQ7UD.H6WDWHPHQWVDQGWKH263)VSH.LIL.WUD.LQJRSWLRQV

traceoptions rfc1583compatibility enable | disable

6HW rfc1583compatibilityWRGLVDEOHLIDOOWKHURXWHUVXVLQJDQ 263)LPSOHPHQWDWLRQLQ\RXUGRPDLQDUHEDVHGRQUI.RUODWHU 7KLVRSWLRQVKRXOGEHVHWWKHVDPHZD\RQDOOURXWHUVLQWKHGRPDLQ ,IDQ\RIWKHURXWHUVGRQRWKDYHWKLVRSWLRQ\RXVKRXOGDOZD\V .KRRVHenable.:KHQGLVDEOHGWKHSUHIHUHQ.HUXOHVIRUEHVWURXWH HOH.WLRQDUH.KDQJHGWRHOLPLQDWH.HUWDLQNLQGVRISRVVLEOHURXWLQJ ORRSV

area areanumber | backbone

(D.K263)URXWHUPXVWEH.RQILJXUHGLQWRDWOHDVWRQH263)DUHD,I PRUHWKDQRQHDUHDLV.RQILJXUHGDWOHDVWRQHPXVWEHWKHED.NERQH 7KHED.NERQHLQWHUID.HPD\EHDYLUWXDOOLQN

nssa [ cost defaultcost ] nssa

.RQILJXUHVWKHDUHDDVD1RW6R6WXEE\$UHD166$D..RUGLQJ WR5)&,IWKHURXWHULVDQ$UHD%RUGHU5RXWHUnssa ZLOOWUDQV ODWHDW\SH/6$VWRW\SH/6$VLIWKHURXWHUKDVWKHKLJKHVW5RXWHU ,'RIDOOWKH$UHD%RUGHU5RXWHUVLQWKHDUHD7KHWUDQVODWLRQLV DIIH.WHGE\WKHnssanetworks .ODXVHZKL.KLVVLPLODULQRSHUDWLRQWR

91

Open Shortest Path First Protocol (OSPF)

WKH networks .ODXVH.

nssanetworks nssanetworks OLVWVWKHQHWUDQJHVWKDWVKRXOGEHWUDQVODWHGLQWRW\SH

/6$VIURP166$W\SH/6$V7KHGHIDXOWEHKDYLRULVWRWUDQVODWH W\SH/6$VWKDWGRQRWIDOOZLWKLQD.RQILJXUHGQHWUDQJH7KLV.ODXVH LVRQO\YDOLGLQDQ166$

stub [ cost stub_default_cost]

$stub DUHDLVRQHLQZKL.KWKHUHDUHQR$6(URXWHV(D.KURXWHULQ WKHDUHDPXVWVSH.LI\WKDWWKHDUHDLVDVWXERUDGMD.HQ.LHVZLOOQRW IRUP,IDcostLVVSH.LILHGWKLVLVXVHGWRLQMH.WDGHIDXOWURXWHLQWR WKHDUHDZLWKWKHVSH.LILHG.RVWRULJLQDWLQJIURPWKLVURXWHU.RVW VKRXOGRQO\EHVSH.LILHGRQDQ$UHD%RUGHU5RXWHU$%5,WLVSRVVL EOHWRXVH stub RQPXOWLSOH$%5VDQGJLYHWKHPGLIIHUHQW .RVWV
stubhosts

7KHstubhosts OLVWVSH.LILHVGLUH.WO\DWWD.KHGKRVWVWKDWVKRXOGEH DGYHUWLVHGDVUHD.KDEOHIURPWKLVURXWHUDQGWKH.RVWVZLWKZKL.KWKH\ VKRXOGEHDGYHUWLVHG3RLQWWRSRLQWLQWHUID.HVRQZKL.KLWLVQRW GHVLUDEOHWRUXQ263)VKRXOGEHVSH.LILHGKHUH,WLVDOVRXVHIXOWR DVVLJQDQDGGLWLRQDODGGUHVVWRWKHORRSED.NLQWHUID.HRQHQRWRQWKH QHWZRUNDQGDGYHUWLVHLWDVDVWXEKRVW,IWKLVDGGUHVVLVWKHVDPH RQHXVHGDVWKHURXWHULGLWHQDEOHVURXWLQJWR263)URXWHUVE\ URXWHULGLQVWHDGRIE\LQWHUID.HDGGUHVV5RXWLQJE\URXWHULGLVPRUH UHOLDEOHWKDQURXWLQJWRRQHRIWKHURXWHU
VLQWHUID.HDGGUHVVHVZKL.K PD\QRWDOZD\VEHUHD.KDEOH
stubnetworks

7KHstubnetworks OLVWVSH.LILHVGLUH.WO\DWWD.KHGQHWZRUNVWKDW VKRXOGEHDGYHUWLVHGDVUHD.KDEOHIURPWKLVURXWHUDQGWKH.RVWVZLWK ZKL.KWKH\VKRXOGEHDGYHUWLVHG,QWHUID.HVRQZKL.KLWLVQRWGHVLU DEOHWRUXQ263)VKRXOGEHVSH.LILHGKHUH1R.KH.NLQJLV.XUUHQWO\ GRQHRQZKHWKHUWKHVSH.LILHGQHWZRUNLVD.WXDOO\UHD.KDEOHIURPWKLV URXWHUVR.DUHVKRXOGEHWDNHQ

networks

7KH networks OLVWGHV.ULEHVWKHV.RSHRIDQDUHDRQDQ$%5,QWUD DUHD/6$VWKDWIDOOZLWKLQWKHVSH.LILHGUDQJHVDUHQRWDGYHUWLVHGLQWR RWKHUDUHDVDVLQWHUDUHDURXWHV,QVWHDGWKHVSH.LILHGUDQJHVDUHDGYHU WLVHGDVVXPPDU\QHWZRUN/6$V,Irestrict LVVSH.LILHGWKHVXP PDU\QHWZRUN/6$VDUHQRWDGYHUWLVHG,QWUDDUHD/6$VWKDWGRQRW IDOOLQWRDQ\UDQJHDUHDOVRDGYHUWLVHGDVVXPPDU\QHWZRUN/6$V2Q ZHOOGHVLJQHGQHWZRUNVnetworksUHGX.HVWKHDPRXQWRIURXWLQJ LQIRUPDWLRQSURSDJDWHGEHWZHHQDUHDV7KHHQWULHVLQWKLVOLVWDUH HLWKHUQHWZRUNVRUVXEQHWZRUNPDVNSDLUV6HH6H.WLRQRQURXWH ILOWHULQJIRUPRUHGHWDLODERXWVSH.LI\LQJUDQJHV6SH.LI\LQJnetworks RQDQRQ$%5ZLOOKDYHQRHIIH.W

92

Configuring GateD

summaryfilters

7KHsummaryfilters VWDWHPHQW.RQWDLQVURXWHILOWHUVWKDWVSH.LI\ ZKL.KVXPPDU\/6$VWRILOWHUIURPWKHVWXEDUHD7KDWLVLIDVXP PDU\ZRXOGQRUPDOO\EHLQMH.WHGLQWRWKHVWXEDUHDLWLV.RPSDUHG DJDLQVWWKHVXPPDU\ILOWHUVOLVWDQGLIDPDW.KLVIRXQGWKHDQQRXQ.H PHQWRIWKHVXPPDU\/6$VLQWRWKHVWXEDUHDZLOOEHVXSSUHVVHG)RU QRUPDORSHUDWLRQVXPPDU\ILOWHUVVKRXOGRQO\EHXVHGLQVWXEDUHDV WKDWKDYHDGHIDXOWURXWHEHLQJJHQHUDWHGVHHstub cost stub_default_cost,QWKLVXVDJH\RX.RXOGILOWHUDOOVXPPDU\WKLV ZLOOQRWLQ.OXGHWKHJHQHUDWHGGHIDXOWWRIXUWKHUUHGX.HWKHDPRXQWRI URXWLQJLQIRUPDWLRQSUHVHQWLQWKHVWXEDUHD
VURXWHUV8VHRI summaryfilters LQQRQVWXEDUHDVLVQRWUH.RPPHQGHGEH.DXVHLWPD\ EUHDNURXWLQJ
retransmitinterval area_default_time retransmitinterval VHWVWKHQXPEHURIVH.RQGVEHWZHHQOLQN VWDWHDGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHVEHORQJLQJWRLQWHU ID.HVLQWKLVDUHD7KH area_default_time ZLOOEHWKHYDOXHIRUWKH UHWUDQVPLWLQWHUYDOXQOHVVLWLVRYHUULGGHQE\DQ iftime, ifnbtime RU ptmtime LQWKHLQWHUID.HVWDWHPHQW transitdelay area_default_time

VHWVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWR WUDQVPLWDOLQNVWDWHXSGDWHRYHULQWHUID.HVLQWKLVDUHD transitdelay WDNHVLQWRD..RXQWWUDQVPLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVWEH JUHDWHUWKDQ7KHarea_default_time ZLOOEHWKHYDOXHIRUWKH WUDQVLWGHOD\XQOHVVLWLVRYHUULGGHQE\DQiftime, ifnbtime RU ptmtime LQWKHLQWHUID.HVWDWHPHQW
transitdelay priority area_default_priority priorityLVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRULW\ IRUEH.RPLQJWKHGHVLJQDWHGURXWHUIRUHD.KRIWKHVSH.LILHGLQWHUID.HV LQWKHDUHD:KHQPRUHWKDQRQHURXWHUDWWD.KHGWRDQHWZRUNDWWHPSW WREH.RPHWKHGHVLJQDWHGURXWHUWKHRQHZLWKWKHKLJKHVWSULRULW\ ZLQV,IWKHURXWHUVKDYHWKHVDPHSULRULW\WKHRQHZLWKWKHKLJKHVW URXWHU,'EH.RPHVWKHGHVLJQDWHGURXWHUWKHQH[WKLJKHVWEH.RPHV WKHED.NXSGHVLJQDWHGURXWHU$URXWHUZLWKDURXWHUSULRULW\VHWWRLV LQHOLJLEOHWREH.RPHWKHGHVLJQDWHGURXWHU7KH area_default_priority ZLOOEHWKHYDOXHIRUWKHSULRULW\XQOHVVLWLV RYHUULGGHQE\DQDQifpriorityifnbpriorityRU ptmpriority LQWKHLQWHUID.HVWDWHPHQW hellointerval area_default_time hellointervalVHWVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQKHOOR

SD.NHWVWKDWWKHURXWHUVHQGVRQLQWHUID.HVLQWKLVDUHD7KH area_default_time ZLOOEHWKHYDOXHIRUWKHKHOORLQWHUYDOXQOHVVLW LVRYHUULGGHQE\DQDQ iftime, ifnbtime RU ptmtime LQWKHLQWHU

93

Open Shortest Path First Protocol (OSPF)

ID.HVWDWHPHQW
routerdeadinterval area_default_time routerdeadinterval VHWVWKHQXPEHURIVH.RQGVZLWKRXWUH.HLYLQJ

DURXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUVZLOOGH.ODUHLW GRZQ7KHarea_default_time ZLOOEHWKHYDOXHIRUWKHURXWHUGHDG LQWHUYDOXQOHVVLWLVRYHUULGGHQE\DQDQ iftime, ifnbtime RU ptmtime LQWKHLQWHUID.HVWDWHPHQW
pollinterval area_default_time pollinterval iVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ263)SD.N

HWVWKDWWKHURXWHUVHQGVEHIRUHDGMD.HQ.\LVHVWDEOLVKHGZLWKDQHLJK ERU7KH area_default_time ZLOOEHWKHYDOXHIRUWKHSROOLQWHUYDO XQOHVVLWLVRYHUULGGHQE\DQDQiftime, ifnbtime RU ptmtimeLQ WKHLQWHUID.HVWDWHPHQW

advertise-subnet on | off advertise-subnetVSH.LILHVWKDW263)ZKHQDGYHUWLVLQJSRLQWWR

SRLQWLQWHUID.HVZLOODGYHUWLVHWKHQHWZRUNQXPEHUDQGQHWPDVNRI WKHSRLQWWRSRLQWLQWHUID.HLQVWHDGRIDKRVWURXWHWRWKHOR.DO,3 %H.DXVHVRPHWLPHVWKHQHWPDVNLVVHWLPSURSHUO\RQSRLQWWRSRLQW LQWHUID.HVWKHGHIDXOWLV off.

opaque-capability on | off opaque-capability

cRQILJXUHVVXSSRUWIRU5)&2SDTXH /6$V$QLQWHUQDO$3,LVSURYLGHGIRUYLHZLQJW\SHW\SHDQG W\SH/6$V%H.DXVHWKLVPD\XQQH.HVVDULO\LQ.UHDVHWKHVL]HRIWKH URXWHU

V/LQN6WDWH'DWDEDVHDQGLWGRHVQRWDIIH.WQRUPDOSURWR.RO RSHUDWLRQWKHGHIDXOWLV off. 5RXWHUVWKDWGRQRWVXSSRUWRSDTXH /6$VVKRXOG.RQWLQXHWRLQWHURSHUDWHZLWKWKRVHWKDWGRVXSSRUW WKHP

auth [ none | simple auth_key | md5 md5-key ] auth

is used by OSPF authentication to generate and verify the authentication field in the OSPF header. The authentication is configured on a per-interface basis. It is specified by one to eight decimal digits (with a value between 0 and 255) separated by periods, a one-to-eight byte hexadecimal string preceded by 0x, or a one-toeight character string in double quotes. See Section  for a more detailed description. Specify MD5 authentication with the md5-key, which is specified as:
key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;]

94

Configuring GateD

}];

:KHUH auth-keyLVDRQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV id-number LVDQLQWHJHUZLWKDYDOXHEHWZHHQDQGDQG datetime LVLQWKHIRUPDW<<<<00''++00,IDQ\WLPHILHOGV DUHXVHGDOODUHUHTXLUHG

interface interface_name | interface address nonbroadcast [ cost ifnbcost ]

7KLVIRUPRIWKHLQWHUID.H.ODXVHLVXVHGWRVSH.LI\DQRQEURDG.DVW LQWHUID.HRQDQRQEURDG.DVWPXOWLD..HVV1%0$PHGLXP%H.DXVH DQ263)EURDG.DVWPHGLXPPXVWVXSSRUW,3PXOWL.DVWLQJDEURDG .DVW.DSDEOHPHGLXPWKDWGRHVQRWVXSSRUW,3PXOWL.DVWLQJPXVWEH .RQILJXUHGDVDQRQEURDG.DVWLQWHUID.H

strict-routers on | off

,I onWKHGHIDXOW*DWH'LJQRUHVSD.NHWVIURPURXWHUVQRWVSH.L ILHGLQWKH routers VWDWHPHQW

routers

{ gatewaylist [ eligible ] }

%\GHILQLWLRQLWLVQRWSRVVLEOHWRVHQGEURDG.DVWSD.NHWVWRGLV .RYHU263)QHLJKERUVRQDQRQEURDG.DVWPHGLXPVRDOOQHLJK ERUVPXVWEH.RQILJXUHG7KHgatewaylistLQ.OXGHVRQHRU PRUHQHLJKERUVDQGDQLQGL.DWLRQRIWKHLUHOLJLELOLW\WREH.RPHD GHVLJQDWHGURXWHU

retransmitinterval ifnbtime retransmitinterval VHWVWKHQXPEHURIVH.RQGVEHWZHHQOLQN VWDWHDGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHVEHORQJLQJWR WKLVLQWHUID.H transitdelay ifnbtime transitdelayVHWVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWR WUDQVPLWDOLQNVWDWHXSGDWHRYHUWKLVLQWHUID.H transitdelay

WDNHVLQWRD..RXQWWUDQVPLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVW EHJUHDWHUWKDQ
priority ifnbpriority

priority LVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRU

LW\IRUEH.RPLQJWKHGHVLJQDWHGURXWHURQWKLVLQWHUID.H:KHQ PRUHWKDQRQHURXWHUDWWD.KHGWRDQHWZRUNDWWHPSWWREH.RPH WKHGHVLJQDWHGURXWHUWKHRQHZLWKWKHKLJKHVWSULRULW\ZLQV,I WKHURXWHUVKDYHWKHVDPHSULRULW\WKHRQHZLWKWKHKLJKHVWURXWHU ,'EH.RPHVWKHGHVLJQDWHGURXWHUWKHQH[WKLJKHVWEH.RPHVWKH ED.NXSGHVLJQDWHGURXWHU$URXWHUZLWKDURXWHUSULRULW\VHWWR LVLQHOLJLEOHWREH.RPHWKHGHVLJQDWHGURXWHU263)VXSSRUWV ERWK1%0$DQGSRLQWWRSRLQWLQWHUID.HV7KHSULRULW\IRUWKHVH LQWHUID.HVPXVWEHPDQXDOO\.RQILJXUHGWRHOH.WWKHGHVLJQDWHG

95

Open Shortest Path First Protocol (OSPF)

URXWHU
hellointerval ifnbtime

VHWVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ KHOORSD.NHWVWKDWWKHURXWHUVHQGVRQWKHLQWHUID.H
hellointerval routerdeadinterval ifnbtime routerdeadinterval

VHWVWKHQXPEHURIVH.RQGVZLWKRXW UH.HLYLQJDURXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUV ZLOOGH.ODUHLWGRZQ

pollinterval ifnbtime pollinterval LVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ263) SD.NHWVWKDWWKHURXWHUVHQGVEHIRUHDGMD.HQ.\LVHVWDEOLVKHGZLWK DQHLJKERU opaque-capability on | off

.RQILJXUHVVXSSRUWIRU5)&2SDTXH /6$V$QLQWHUQDO$3,LVSURYLGHGIRUYLHZLQJW\SHW\SH DQGW\SH/6$V%H.DXVHWKLVPD\XQQH.HVVDULO\LQ.UHDVHWKH VL]HRIWKHURXWHU

V/LQN6WDWH'DWDEDVHDQGLWGRHVQRWDIIH.WQRU PDOSURWR.RORSHUDWLRQWKHGHIDXOWLV off. 5RXWHUVWKDWGRQRW VXSSRUWRSDTXH/6$VVKRXOG.RQWLQXHWRLQWHURSHUDWHZLWKWKRVH WKDWGRVXSSRUWWKHP
opaque-capability auth

[ none | simple auth_key | md5 md5-key ]

authLVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\WKH

DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KHDXWKHQWL.DWLRQLV .RQILJXUHGRQDSHULQWHUID.HEDVLV,WLVVSH.LILHGE\RQHWRHLJKW GH.LPDOGLJLWVZLWKDYDOXHEHWZHHQDQGVHSDUDWHGE\SHUL RGVDRQHWRHLJKWE\WHKH[DGH.LPDOVWULQJSUH.HGHGE\[RUD RQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV6HH6H.WLRQ IRUDPRUHGHWDLOHGGHV.ULSWLRQ

6SH.LI\0' DXWKHQWL.DWLRQZLWKWKH md5-key, ZKL.KLVVSH.LILHG DV

key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

:KHUH auth-key LVDRQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOH TXRWHVid-number LVDQLQWHJHUZLWKDYDOXHEHWZHHQDQG DQG date-time LVLQWKHIRUPDW<<<<00''++00,I DQ\WLPHILHOGVDUHXVHGDOODUHUHTXLUHG
interface interface_name | interface address nonbroadcast

96

Configuring GateD

[ cost ifnbcost ] 7KLVIRUPRIWKHLQWHUID.H.ODXVHLVXVHGWRVSH.LI\DQRQEURDG.DVW LQWHUID.HRQDQRQEURDG.DVWPXOWLD..HVV1%0$PHGLXP%H.DXVH DQ263)EURDG.DVWPHGLXPPXVWVXSSRUW,3PXOWL.DVWLQJDEURDG .DVW.DSDEOHPHGLXPWKDWGRHVQRWVXSSRUW,3PXOWL.DVWLQJPXVWEH .RQILJXUHGDVDQRQEURDG.DVWLQWHUID.H

strict-routers on | off

,I on WKHGHIDXOW*DWH'LJQRUHVSD.NHWVIURPURXWHUVQRWVSH.L ILHGLQWKH routers VWDWHPHQW.

routers

{ gatewaylist [ eligible ] }

B\GHILQLWLRQLWLVQRWSRVVLEOHWRVHQGEURDG.DVWSD.NHWVWRGLV .RYHU263)QHLJKERUVRQDQRQEURDG.DVWPHGLXPVRDOOQHLJK ERUVPXVWEH.RQILJXUHG7KHgatewaylist LQ.OXGHVRQHRU PRUHQHLJKERUVDQGDQLQGL.DWLRQRIWKHLUHOLJLELOLW\WREH.RPHD GHVLJQDWHGURXWHU

retransmitinterval ifnbtime retransmitintervalVHWVWKHQXPEHURIVH.RQGVEHWZHHQOLQN

VWDWHDGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHVEHORQJLQJWR WKLVLQWHUID.H
transitdelay ifnbtime

transitdelay VHWVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWR WUDQVPLWDOLQNVWDWHXSGDWHRYHUWKLVLQWHUID.H transitdelay WDNHVLQWRD..RXQWWUDQVPLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVW EHJUHDWHUWKDQ priority ifnbpriority priority LVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRU

LW\IRUEH.RPLQJWKHGHVLJQDWHGURXWHURQWKLVLQWHUID.H:KHQ PRUHWKDQRQHURXWHUDWWD.KHGWRDQHWZRUNDWWHPSWWREH.RPH WKHGHVLJQDWHGURXWHUWKHRQHZLWKWKHKLJKHVWSULRULW\ZLQV,I WKHURXWHUVKDYHWKHVDPHSULRULW\WKHRQHZLWKWKHKLJKHVWURXWHU ,'EH.RPHVWKHGHVLJQDWHGURXWHUWKHQH[WKLJKHVWEH.RPHVWKH ED.NXSGHVLJQDWHGURXWHU$URXWHUZLWKDURXWHUSULRULW\VHWWR LVLQHOLJLEOHWREH.RPHWKHGHVLJQDWHGURXWHU263)VXSSRUWV ERWK1%0$DQGSRLQWWRSRLQWLQWHUID.HV7KHSULRULW\IRUWKHVH LQWHUID.HVPXVWEHPDQXDOO\.RQILJXUHGWRHOH.WWKHGHVLJQDWHG URXWHU

hellointerval ifnbtime

VHWVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ KHOORSD.NHWVWKDWWKHURXWHUVHQGVRQWKHLQWHUID.H
hellointerval routerdeadinterval ifnbtime routerdeadinterval

VHWVWKHQXPEHURIVH.RQGVZLWKRXW
97

Open Shortest Path First Protocol (OSPF)

UH.HLYLQJDURXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUV ZLOOGH.ODUHLWGRZQ
pollinterval ifnbtime

LVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ263) SD.NHWVWKDWWKHURXWHUVHQGVEHIRUHDGMD.HQ.\LVHVWDEOLVKHGZLWK DQHLJKERU

pollinterval passive

'RQRWVHQGRUUH.HLYHSD.NHWVRQWKLVLQWHUID.H$QH[DPSOHRI ZKHQ passiveLVXVHGLVLIWKLVLVWKHRQO\URXWHRQWKHQHWZRUN passive KDVWKHHIIH.WRIRULJLQDWLQJDVWXEOLQNWRWKLVLQWHUID.H LQWRWKHGRPDLQ1RWH263) passive LVQRWXVHGWROHDUQRWKHU URXWHUV
DQQRXQ.HPHQWVLQWKHVDPHZD\DVLQ5,3passive7R OHDUQDERXWURXWHVLI\RXUKRVWLV.RQQH.WHGWRDVLQJOHQHWZRUN RQZKL.KWKHUHDUHPXOWLSOHURXWHUVXVH5RXWHU'LV.RYHU\.RP ELQHGZLWK,&03UHGLUH.WVWROHDUQDGHIDXOWURXWHDQGWKHEHVW URXWH,I\RXUKRVWLV.RQQH.WHGGLUH.WO\WRPXOWLSOHQHWZRUNVWKLV PHWKRGPLJKWQRWSURGX.HWKHEHVWURXWHV
advertise-subnet on | off advertise-subnet VSH.LILHVWKDW263)ZKHQDGYHUWLVLQJSRLQW

WRSRLQWLQWHUID.HVZLOODGYHUWLVHWKHQHWZRUNQXPEHUDQGQHW PDVNRIWKHSRLQWWRSRLQWLQWHUID.HLQVWHDGRIDKRVWURXWHWRWKH OR.DO,3%H.DXVHVRPHWLPHVWKHQHWPDVNLVVHWLPSURSHUO\RQ SRLQWWRSRLQWLQWHUID.HVWKHGHIDXOWLVoff.

opaque-capability on | off

cRQILJXUHVVXSSRUWIRU5)&2SDTXH /6$V$QLQWHUQDO$3,LVSURYLGHGIRUYLHZLQJW\SHW\SH DQGW\SH/6$V%H.DXVHWKLVPD\XQQH.HVVDULO\LQ.UHDVHWKH VL]HRIWKHURXWHU

V/LQN6WDWH'DWDEDVHDQGLWGRHVQRWDIIH.WQRU PDOSURWR.RORSHUDWLRQWKHGHIDXOWLVoff. 5RXWHUVWKDWGRQRW VXSSRUWRSDTXH/6$VVKRXOG.RQWLQXHWRLQWHURSHUDWHZLWKWKRVH WKDWGRVXSSRUWWKHP
opaque-capability auth

[ none | simple auth_key | md5 md5-key ]

authLVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\WKH

DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KHDXWKHQWL.DWLRQLV .RQILJXUHGRQDSHULQWHUID.HEDVLV,WLVVSH.LILHGE\RQHWRHLJKW GH.LPDOGLJLWVZLWKDYDOXHEHWZHHQDQGVHSDUDWHGE\SHUL RGVDRQHWRHLJKWE\WHKH[DGH.LPDOVWULQJSUH.HGHGE\[RUD RQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV6HH6H.WLRQ IRUDPRUHGHWDLOHGGHV.ULSWLRQ 6SH.LI\0'DXWKHQWL.DWLRQZLWKWKHmd5-key, which is specified as:
key auth-key id id-number [ {

98

Configuring GateD

[start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

:KHUH auth-keyLVDRQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOH TXRWHV id-number LVDQLQWHJHUZLWKDYDOXHEHWZHHQDQG DQGGDWHWLPHLVLQWKHIRUPDW<<<<00''++00,IDQ\ WLPHILHOGVDUHXVHGDOODUHUHTXLUHG

interface interface_name | interface address point-tomultipoint [ cost ptmcost ]

7KLVIRUPRIWKHLQWHUID.H.ODXVHLVXVHGWRVSH.LI\DSRLQWWRPXOWL SRLQWLQWHUID.H7KLVIRUP.DQEHXVHGZKHQWKHQHWZRUNGRHVQRW SURYLGHIXOO.RQQH.WLYLW\WRDOOURXWHUVRQWKHQHWZRUN

strict-routers on | off

,I on WKHGHIDXOW*DWH'LJQRUHVSD.NHWVIURPURXWHUVQRWVSH.L ILHGLQWKHrouters VWDWHPHQW

routers

{ gatewaylist}

%\GHILQLWLRQLWLVQRWSRVVLEOHWRVHQGEURDG.DVWSD.NHWVWRGLV .RYHU263)QHLJKERUVRQDQRQEURDG.DVWPHGLXPVRDOOQHLJK ERUVPXVWEH.RQILJXUHG7KHgatewaylistLQ.OXGHVRQHRU PRUHQHLJKERUVDQGDQLQGL.DWLRQRIWKHLUHOLJLELOLW\WREH.RPHD GHVLJQDWHGURXWHU

retransmitinterval ptmtime retransmitinterval VHWVWKHQXPEHURIVH.RQGVEHWZHHQOLQN VWDWHDGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHVEHORQJLQJWR WKLVLQWHUID.H transitdelay ptmtime transitdelayVHWVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWR WUDQVPLWDOLQNVWDWHXSGDWHRYHUWKLVLQWHUID.Htransitdelay WDNHVLQWRD..RXQWWUDQVPLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVW EHJUHDWHUWKDQ priority ptmpriority priority

iVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRU LW\IRUEH.RPLQJWKHGHVLJQDWHGURXWHURQWKLVLQWHUID.H:KHQ PRUHWKDQRQHURXWHUDWWD.KHGWRDQHWZRUNDWWHPSWWREH.RPH WKHGHVLJQDWHGURXWHUWKHRQHZLWKWKHKLJKHVWSULRULW\ZLQV,I WKHURXWHUVKDYHWKHVDPHSULRULW\WKHRQHZLWKWKHKLJKHVWURXWHU ,'EH.RPHVWKHGHVLJQDWHGURXWHUWKHQH[WKLJKHVWEH.RPHVWKH ED.NXSGHVLJQDWHGURXWHU$URXWHUZLWKDURXWHUSULRULW\VHWWR LVLQHOLJLEOHWREH.RPHWKHGHVLJQDWHGURXWHU263)VXSSRUWV

99

Open Shortest Path First Protocol (OSPF)

ERWK1%0$DQGSRLQWWRSRLQWLQWHUID.HV7KHSULRULW\IRUWKHVH LQWHUID.HVPXVWEHPDQXDOO\.RQILJXUHGWRHOH.WWKHGHVLJQDWHG URXWHU

hellointerval ptmtime hellointerval VHWVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ KHOORSD.NHWVWKDWWKHURXWHUVHQGVRQWKHLQWHUID.H routerdeadinterval ptmtime routerdeadinterval

VHWVWKHQXPEHURIVH.RQGVZLWKRXW UH.HLYLQJDURXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUV ZLOOGH.ODUHLWGRZQ

pollinterval ptmtime

LVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ263) SD.NHWVWKDWWKHURXWHUVHQGVEHIRUHDGMD.HQ.\LVHVWDEOLVKHGZLWK DQHLJKERU

pollinterval passive

'RQRWVHQGRUUH.HLYHSD.NHWVRQWKLVLQWHUID.H$QH[DPSOHRI ZKHQpassive LVXVHGLVLIWKLVLVWKHRQO\URXWHRQWKHQHWZRUN passive KDVWKHHIIH.WRIRULJLQDWLQJDVWXEOLQNWRWKLVLQWHUID.H LQWRWKHGRPDLQ1RWH263) passive LVQRWXVHGWROHDUQRWKHU URXWHUV
DQQRXQ.HPHQWVLQWKHVDPHZD\DVLQ5,3passive7R OHDUQDERXWURXWHVLI\RXUKRVWLV.RQQH.WHGWRDVLQJOHQHWZRUN RQZKL.KWKHUHDUHPXOWLSOHURXWHUVXVH5RXWHU'LV.RYHU\.RP ELQHGZLWK,&03UHGLUH.WVWROHDUQDGHIDXOWURXWHDQGWKHEHVW URXWH,I\RXUKRVWLV.RQQH.WHGGLUH.WO\WRPXOWLSOHQHWZRUNVWKLV PHWKRGPLJKWQRWSURGX.HWKHEHVWURXWHV
advertise-subnet on | off

If on, 263)ZKHQDGYHUWLVLQJSRLQWWRSRLQWLQWHUID.HVZLOO DGYHUWLVHWKHQHWZRUNQXPEHUDQGQHWPDVNRIWKHSRLQWWRSRLQW LQWHUID.HLQVWHDGRIDKRVWURXWHWRWKHOR.DO,3%H.DXVHVRPH WLPHVWKHQHWPDVNLVVHWLPSURSHUO\RQSRLQWWRSRLQWLQWHUID.HV WKHGHIDXOWLVoff.

opaque-capability on | off opaque-capability

.RQILJXUHVVXSSRUWIRU5)&2SDTXH /6$V$QLQWHUQDO$3,LVSURYLGHGIRUYLHZLQJW\SHW\SH DQGW\SH/6$V%H.DXVHWKLVPD\XQQH.HVVDULO\LQ.UHDVHWKH VL]HRIWKHURXWHU

V/LQN6WDWH'DWDEDVHDQGLWGRHVQRWDIIH.WQRU PDOSURWR.RORSHUDWLRQWKHGHIDXOWLV off. 5RXWHUVWKDWGRQRW VXSSRUWRSDTXH/6$VVKRXOG.RQWLQXHWRLQWHURSHUDWHZLWKWKRVH WKDWGRVXSSRUWWKHP [ none | simple auth_key | md5 md5-key ]

auth

auth is used by OSPF authentication to generate and verify the

100

Configuring GateD

authentication field in the OSPF header. The authentication is configured on a per-interface basis. It is specified by one to eight decimal digits (with a value between 0 and 255) separated by periods, a one-to-eight byte hexadecimal string preceded by 0x, or a one-to-eight character string in double quotes. See Section 2.1.2.3.3 for a more detailed description. 6SH.LI\0'DXWKHQWL.DWLRQZLWKWKHmd5-key,ZKL.KLVVSH.LILHG DV
key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

:KHUH auth-key is a one-to-eight character string in double quotes, id-number LVDQLQWHJHUZLWKDYDOXHEHWZHHQDQG DQG date-timeLVLQWKHIRUPDW<<<<00''++00,I DQ\WLPHILHOGVDUHXVHGDOODUHUHTXLUHG Backbone only:
virtuallink neighborid router_id transitarea area

9LUWXDOOLQNVDUHXVHGWRHVWDEOLVKRULQ.UHDVH.RQQH.WLYLW\RIWKHED.N ERQHDUHD7KHneighborid LVWKHURXWHUBLGRIWKHRWKHUHQGRIWKH YLUWXDOOLQN7KHDUHDVSH.LILHGLQWKHtransitareaPXVWDOVREH.RQ ILJXUHGRQWKHV\VWHP$OOVWDQGDUGLQWHUID.HSDUDPHWHUVGHILQHGE\ WKHLQWHUID.H.ODXVHDERYHPD\EHVSH.LILHGRQDYLUWXDOOLQN

retransmitinterval vltime retransmitinterval VHWVWKHQXPEHURIVH.RQGVEHWZHHQOLQNVWDWH DGYHUWLVHPHQWUHWUDQVPLVVLRQVIRUDGMD.HQ.LHVEHORQJLQJWRWKLVLQWHU ID.H transitdelay vltime

VHWVWKHHVWLPDWHGQXPEHURIVH.RQGVUHTXLUHGWR WUDQVPLWDOLQNVWDWHXSGDWHRYHUWKLVLQWHUID.H transitdelayWDNHV LQWRD..RXQWWUDQVPLVVLRQDQGSURSDJDWLRQGHOD\VDQGPXVWEHJUHDWHU WKDQ

transitdelay priority vlpriority priorityLVDQXPEHUEHWZHHQDQGWKDWVSH.LILHVWKHSULRULW\

IRUEH.RPLQJWKHGHVLJQDWHGURXWHURQWKLVLQWHUID.H:KHQPRUHWKDQ RQHURXWHUDWWD.KHGWRDQHWZRUNDWWHPSWWREH.RPHWKHGHVLJQDWHG URXWHUWKHRQHZLWKWKHORZHVWSULRULW\ZLQV,IWKHURXWHUVKDYHWKH VDPHSULRULW\WKHRQHZLWKWKHKLJKHVWURXWHU,'EH.RPHVWKHGHVLJ QDWHGURXWHUWKHQH[WKLJKHVWEH.RPHVWKHED.NXSGHVLJQDWHGURXWHU

101

Open Shortest Path First Protocol (OSPF)

$URXWHUZLWKDURXWHUSULRULW\VHWWRLVLQHOLJLEOHWREH.RPHWKHGHV LJQDWHGURXWHU263)VXSSRUWVERWK1%0$DQGSRLQWWRSRLQWLQWHU ID.HV7KHSULRULW\IRUWKHVHLQWHUID.HVPXVWEHPDQXDOO\.RQILJXUHGWR HOH.WWKHGHVLJQDWHGURXWHU.

hellointerval vltime hellointervalVHWVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQKHOOR

SD.NHWVWKDWWKHURXWHUVHQGVRQWKHLQWHUID.H

routerdeadinterval vltime

VHWVWKHQXPEHURIVH.RQGVZLWKRXWUH.HLYLQJ DURXWHU
VKHOORSD.NHWVEHIRUHWKHURXWHU
VQHLJKERUVZLOOGH.ODUHLW GRZQ
routerdeadinterval pollinterval vltime pollinterval

LVWKHOHQJWKRIWLPHLQVH.RQGVEHWZHHQ263) SD.NHWVWKDWWKHURXWHUVHQGVEHIRUHDGMD.HQ.\LVHVWDEOLVKHGZLWKD QHLJKERU

passive

'RQRWVHQGRUUH.HLYHSD.NHWVRQWKLVLQWHUID.H$QH[DPSOHRIZKHQ passive LVXVHGLVLIWKLVLVWKHRQO\URXWHRQWKHQHWZRUN. passive KDVWKHHIIH.WRIRULJLQDWLQJDVWXEOLQNWRWKLVLQWHUID.HLQWRWKH GRPDLQ1RWH263) passive LVQRWXVHGWROHDUQRWKHUURXWHUV

 DQQRXQ.HPHQWVLQWKHVDPHZD\DVLQ5,3passive7ROHDUQDERXW URXWHVLI\RXUKRVWLV.RQQH.WHGWRDVLQJOHQHWZRUNRQZKL.KWKHUH DUHPXOWLSOHURXWHUVXVH5RXWHU'LV.RYHU\.RPELQHGZLWK,&03UHGL UH.WVWROHDUQDGHIDXOWURXWHDQGWKHEHVWURXWH,I\RXUKRVWLV.RQ QH.WHGGLUH.WO\WRPXOWLSOHQHWZRUNVWKLVPHWKRGPLJKWQRWSURGX.H WKHEHVWURXWHV
advertise-subnet on | off advertise-subnet

VSH.LILHVWKDW263)ZKHQDGYHUWLVLQJSRLQWWR SRLQWLQWHUID.HVZLOODGYHUWLVHWKHQHWZRUNQXPEHUDQGQHWPDVNRI WKHSRLQWWRSRLQWLQWHUID.HLQVWHDGRIDKRVWURXWHWRWKHOR.DO,3 %H.DXVHVRPHWLPHVWKHQHWPDVNLVVHWLPSURSHUO\RQSRLQWWRSRLQW LQWHUID.HVWKHGHIDXOWLVoff

opaque-capability on | off opaque-capability.RQILJXUHVVXSSRUWIRU5)&2SDTXH

/6$V$QLQWHUQDO$3,LVSURYLGHGIRUYLHZLQJW\SHW\SHDQG W\SH/6$V%H.DXVHWKLVPD\XQQH.HVVDULO\LQ.UHDVHWKHVL]HRIWKH URXWHU

V/LQN6WDWH'DWDEDVHDQGLWGRHVQRWDIIH.WQRUPDOSURWR.RO RSHUDWLRQWKHGHIDXOWLVoff. 5RXWHUVWKDWGRQRWVXSSRUWRSDTXH /6$VVKRXOG.RQWLQXHWRLQWHURSHUDWHZLWKWKRVHWKDWGRVXSSRUW WKHP

102

Configuring GateD

auth [ none | simple auth_key | md5 md5-key

authLVXVHGE\263)DXWKHQWL.DWLRQWRJHQHUDWHDQGYHULI\WKH

DXWKHQWL.DWLRQILHOGLQWKH263)KHDGHU7KHDXWKHQWL.DWLRQLV.RQILJ XUHGRQDSHULQWHUID.HEDVLV,WLVVSH.LILHGE\RQHWRHLJKWGH.LPDO GLJLWVZLWKDYDOXHEHWZHHQDQGVHSDUDWHGE\SHULRGVDRQHWR HLJKWE\WHKH[DGH.LPDOVWULQJSUH.HGHGE\[RUDRQHWRHLJKW.KDU D.WHUVWULQJLQGRXEOHTXRWHV6HH6H.WLRQIRUDPRUHGHWDLOHG GHV.ULSWLRQ 6SH.LI\0'DXWKHQWL.DWLRQZLWKWKHmd5-keyZKL.KLVVSH.LILHGDV

key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

:KHUHauth-keyLVDRQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHV id-numberLVDQLQWHJHUZLWKDYDOXHEHWZHHQDQGDQGdatetime LVLQWKHIRUPDW<<<<00''++00,IDQ\WLPHILHOGV DUHXVHGDOODUHUHTXLUHG 2.1.2.3.2 Tracing Options

db

7UD.H.KDQJHVWRWKH263)/6$GDWDEDVH
debug

7UD.H263)DWWKHGHEXJJLQJOHYHORIGHWDLO
drelect

7UD.HGHVLJQDWHGURXWHUHOH.WLRQSUR.HVV
flood

7UD.HWKH263)IORRGLQJDOJRULWKP
ospf-state

7UD.HWKHVWDWHWUDQVLWLRQV
spf

7UD.HWKH6KRUWHVW3DWK)LUVW.DO.XODWLRQ 3D.NHWWUD.LQJRSWLRQVZKL.KPD\EHPRGLILHGZLWKdetail, send DQG recvLQ.OXGH

hello

7UD.H263)KHOORSD.NHWVZKL.KDUHXVHGWRGHWHUPLQHQHLJKERU UHD.KDELOLW\
dd

7UD.H263)GDWDEDVHGHV.ULSWLRQ''SD.NHWVZKL.KDUHXVHGLQ

103

Open Shortest Path First Protocol (OSPF)

V\Q.KURQL]LQJ263)GDWDEDVHV
lsa

7UD.H263)OLQNVWDWHD.NSD.NHWVZKL.KDUHXVHGLQV\Q.KURQL]LQJ 263)GDWDEDVHV
lsr

7UD.HOSPF link state request packetsZKL.K are used in synchronizing OSPF databases.
lsu

7UD.HOSPF link state update packetsZKL.K are used in synchronizing OSPF databases. 2.1.2.3.2.1 Authentication %\GHILQLWLRQDOO263)SURWR.ROH[.KDQJHVDUHDXWKHQWL.DWHGKRZHYHU RQHPHWKRGRIDXWKHQWL.DWLRQLV none. $XWKHQWL.DWLRQ.DQKHOSWRJXDUDQ WHHWKDWURXWLQJLQIRUPDWLRQLVRQO\LPSRUWHGIURPWUXVWHGURXWHUV$ YDULHW\RIDXWKHQWL.DWLRQV.KHPHV.DQEHXVHGEXWDVLQJOHV.KHPHPXVW EH.RQILJXUHGIRUHD.KLQWHUID.H7KHXVHRIGLIIHUHQWV.KHPHVHQDEOHV VRPHLQWHUID.HVWRXVHPX.KVWUL.WHUDXWKHQWL.DWLRQWKDQRWKHUV7KHWKUHH DXWKHQWL.DWLRQV.KHPHVDYDLODEOHDUHQRQHVLPSOHDQG0'DXWKHQWL.D WLRQ 2.1.2.3.2.1.1 No Authentication :KHQQRDXWKHQWL.DWLRQLVUHTXLUHGXVHDXWKHQWL.DWLRQW\SHQRQH7RXVH DXWKHQWL.DWLRQW\SHnone, DGGWKHIROORZLQJOLQHVWRWKHDSSURSULDWH 263)LQWHUID.HVWDWHPHQWV
auth none ;

2.1.2.3.2.1.2 Simple Authentication Key :KHQ\RXZLVKWRNHHS.HUWDLQURXWHUVIURPH[.KDQJLQJ263)SD.NHWV XVHWKHVLPSOHIRUPRIDXWKHQWL.DWLRQ7KHLQWHUID.HVWKDWWKHSD.NHWVDUH WREHVHQWRQVWLOOQHHGWREHWUXVWHGEH.DXVHWKHNH\ZLOOEHSOD.HGLQWKH SD.NHWVDQG.DQEHVHHQE\DQ\RQHZLWKD..HVVWRWKHQHWZRUN7RVSH.LI\ DXWKHQWL.DWLRQW\SHsimpleDGGWKHIROORZLQJOLQHVWR\RXU263)LQWHU ID.HVWDWHPHQWV
auth simple auth_key;

2.1.2.3.2.1.3 MD5 Authentication :KHQ\RXGRQRWWUXVWRWKHUXVHUVRI\RXUQHWZRUNXVH0'DXWKHQWL.D WLRQ7KHV\VWHPZRUNVE\XVLQJVKDUHGVH.UHWNH\V%H.DXVHWKHNH\VDUH XVHGWRVLJQWKHSD.NHWVZLWKDQ0'.KH.NVXPWKH\.DQQRWEHIRUJHG RUWDPSHUHGZLWK%H.DXVHWKHNH\VDUHQRWLQ.OXGHGLQWKHSD.NHWVQRRS LQJWKHNH\LVQRWSRVVLEOH8VHUVRIWKHQHWZRUN.DQVWLOOVQRRSWKH.RQ WHQWVRISD.NHWVKRZHYHUEH.DXVHWKHSD.NHWVDUHQRWHQ.U\SWHG

104

Configuring GateD

*DWH'
V0'DXWKHQWL.DWLRQLV.RPSOLDQWZLWKWKHVSH.LIL.DWLRQLQ263) 5)&7KLVVSH.LIL.DWLRQXVHVWKH0'DOJRULWKPDQGDQDXWKHQWL.D WLRQNH\RIXSWR.KDUD.WHUV5)&DOORZVPXOWLSOH0'NH\VSHU LQWHUID.H(D.KNH\KDVWZRDVVR.LDWHGWLPHUDQJHV 7RVSH.LI\DVLQJOH0'NH\RQDQLQWHUID.HDGGWKHIROORZLQJWRWKH DSSURSULDWH263)LQWHUID.HVWDWHPHQWV
auth md5 md5-key

ZKHUHmd5-keyLV
key auth-key id id-number [ { [start-generate date-time;] [stop-generate date-time;] [start-accept date-time;] [stop-accept date-time;] }];

ZKHUHauth-keyLVDRQHWRHLJKW.KDUD.WHUVWULQJLQGRXEOHTXRWHVidnumber LVDQLQWHJHUEHWZHHQDQGdate-timeLVLQWKHIRUPDW <<<<00''++00,IDQ\WLPHILHOGVDUHXVHGDOODUHUHTXLUHG. ,IQRYDOXHLVJLYHQIRUWKHWLPHUDQJHVWKHGHIDXOWYDOXHVDUH NH\LVDOZD\VJHQHUDWHG NH\LVDOZD\VD..HSWHG 7KXVLI\RXDOZD\VZDQW\RXUNH\WREHD..HSWHGVLPSO\VSH.LI\D VHTXHQ.HVX.KDV

auth md5 key "mikeyone" id 1;

7RVSH.LI\PXOWLSOH0'NH\VRQDQLQWHUID.HDGGWKHIROORZLQJWRWKH DSSURSULDWH263)LQWHUID.HVWDWHPHQWV
auth md5 { md5-key md5-key . . . md5-key } ; ZKHUH md5-key LVDVVSH.LILHGDERYH

)RUH[DPSOHWZRURXWHUVPD\VWDUWRXWJHQHUDWLQJNH\DQGZDQWWR VZLW.KWRNH\DW*07,QRUGHUWRPDNHWKHWUDQVLWLRQEHWZHHQ NH\VHDVLHUWKHURXWHUVDJUHHWRVWRSJHQHUDWLQJNH\DW*07EXW D..HSWNH\XQWLO*07.H\LVD..HSWHGPLQXWHVEHIRUHWKH SODQQHGVZLW.KWLPHLH*077KHVHRYHUODSSLQJUDQJHVDOORZWKH

105

Open Shortest Path First Protocol (OSPF)

.OR.NVRQWKHURXWHUVWREHVOLJKWO\RXWRIV\Q.7KLVVHTXHQ.HRINH\V ZRXOGEHVSH.LILHGE\
auth md5 { key "mikeyone" id 1 { stop-generate 1999/05/01 06:00; stop-accept 1999/05/01 06:10; }; key "mikeytwo" id 2 { start-generate 1999/05/01 06:00; start-accept 1999/05/01 05:50; }; };

2.1.2.3.3 Simple Configurations for Novice Users 2.1.2.3.3.1 Host Configuration 7KHVLPSOHVW.RQILJXUDWLRQIRUDKRVWXVHULVWKHIROORZLQJZKL.KZLOOVHW *DWH'LQWRWKHED.NERQHDUHDVSH.LILHGIRUDOOLQWHUID.HV7KH*DWH' 263)KDVGHIDXOWVIRUDKRVWWKDWZLOOQRWDOORZLWWREH.RPHDGHVLJQDWHG URXWHU'5IRU263)
new-ospf yes;

7KHVLPSOHVW.RQILJXUDWLRQIRUDKRVWXVHULQDQDUHDRXWVLGHWKHED.N ERQHLV
new-ospf yes { area 0.0.0.2; { interface all; }; };

2.1.2.3.3.2 Router Configurations 7KHVDPHVLPSOHVW.RQILJXUDWLRQV.DQDOVREHXVHGIRU81,;V\VWHPUXQ QLQJDVDURXWHU7KHIROORZLQJ.RQILJXUDWLRQLVIRUDURXWHULQWKHED.N ERQH

new-ospf yes { priority 1; backbone { interface all; }; };

7KHIROORZLQJJLYHVWKHVDPH.RQILJXUDWLRQDVDERYH
106

Configuring GateD

new-ospf yes { priority 1; };

7KHIROORZLQJ.RQILJXUDWLRQLVIRUDURXWHULQDUHD
new-ospf yes { priority 1; area 0.0.0.2 { interface all; }; };

7KHIROORZLQJ.RQILJXUDWLRQLVIRUDVLPSOHERUGHUURXWHU
new-ospf yes { priority 1; backbone { interface fxp0; }; area 0.0.0.1 { interface fxp1; }; };

To reduce the amount of routing information in the ospf domain, use area ranges. In this example area 0.0.0.1 may be the only area with 192.168.x/24 networks in it. By specifying a network range, only a single LSA is announced to the ED.NERQH (and thus to other areas) advertising the larger 192.168/16 route. 7KHIROORZLQJ.RQILJXUDWLRQLVIRUD ERUGHUURXWHUZLWKVXPPDUL]LQJDUHDUDQJH
new-ospf yes { priority 1; backbone { interface fxp0; }; area 0.0.0.1 { networks { 192.168 masklen 16; }; interface fxp1; }; };

107

Open Shortest Path First Protocol (OSPF)

7RUHGX.HWKHDPRXQWRIURXWLQJLQIRUPDWLRQLQDVLQJOHDUHDPDNHLWD VWXEDUHD6WXEDUHDVGRQRWUH.HLYH/6$VIRUH[WHUQDOURXWHVEHLQJUHDG YHUWLVHGLQ263)1RUPDOO\\RXZRXOGDOVRRULJLQDWHDGHIDXOWVXPPDU\ URXWHLQWRWKHDUHDVRWKDWLQWHUQDOURXWHUVKDYHDURXWHWRQRQLQWHUQDO QHWZRUNV7KHIROORZLQJ.RQILJXUDWLRQLVIRUDERUGHUURXWHUDWWD.KLQJWR VWXEDUHDDQGLQMH.WLQJDGHIDXOWURXWH 

new-ospf yes { priority 1; backbone { interface fxp0; }; area 0.0.0.1 { stub cost 1; interface fxp1; }; };

To further reduce the amount of routing information, when using stub areas, you can filter all (or some subset) of the summary (except the generated default). Be sure to specify the cost 1 part of the stub statement so that a default route is generated for the routers in the stub area. 7KHIROORZLQJ.RQILJXUDWLRQLVIRUDERUGHUURXWHUDWWD.KLQJWRVWXEDUHD LQMH.WLQJDGHIDXOWURXWHDQGILOWHULQJDOOVXPPDU\
new-ospf yes { priority 1; backbone { interface fxp0; }; area 0.0.0.1 { stub cost 1; summary-filters { all; }; interface fxp1; }; };

7KH*DWH'GHYHORSPHQWWHDPZHO.RPHVDQ\.RPPHQWVRUGLV.XVVLRQRQ WKHVHGHIDXOWVWRJDWHG#JDWHGPHULWHGXIRU.RPPHQWVRUJDWHGSHR SOH#JDWHGPHULWHGXIRUGLV.XVVLRQ

108

Configuring GateD

109

Open Shortest Path First Protocol (OSPF)

110

Configuring GateD

Chapter 2 Section 1.3

The IS-IS Intra-Domain Protocol
2.1.3.0 Overview ,6,6LVDOLQNVWDWHLQWHULRUJDWHZD\SURWR.RO,*3RU,QWUD'RPDLQ5RXW LQJ3URWR.RORULJLQDOO\GHYHORSHGIRUURXWLQJ,62&/13,QWHUQDWLRQDO 2UJDQL]DWLRQIRU6WDQGDUGL]DWLRQ&RQQH.WLRQOHVV1HWZRUN3URWR.RO SD.NHWV7KHYHUVLRQGLVWULEXWHGZLWK*DWH'URXWHV,3SD.NHWV ,Q,62WHUPLQRORJ\DURXWHULVUHIHUUHGWRDVDQLQWHUPHGLDWHV\VWHP ,6,6,6LQWUDGRPDLQURXWLQJLVRUJDQL]HGKLHUDU.KL.DOO\VRWKDWDODUJH GRPDLQPD\EHDGPLQLVWUDWLYHO\GLYLGHGLQWRVPDOOHUDUHDV7KHVHDUHDV URXWHXVLQJ/HYHOLQWHUPHGLDWHV\VWHPVZLWKLQDUHDVDQG/HYHOLQWHUPH GLDWHV\VWHPVEHWZHHQDUHDV5RXWLQJEHWZHHQDGPLQLVWUDWLYHGRPDLQVLV KDQGOHGE\%RUGHU,QWHUPHGLDWH6\VWHPV%,6VXVLQJ,'53WKH,QWHU 'RPDLQ5RXWLQJ3URWR.RO/HYHOV\VWHPVURXWHGLUH.WO\WRV\VWHPVZLWKLQ WKHLURZQDUHD/HYHOV\VWHPVURXWHWRZDUGD/HYHOLQWHUPHGLDWHV\VWHP ZKHQWKHGHVWLQDWLRQV\VWHPLVLQDGLIIHUHQWDUHD/HYHOLQWHUPHGLDWHV\V WHPVURXWHEHWZHHQDUHDVDQGNHHSWUD.NRIWKHSDWKVWRGHVWLQDWLRQDUHDV 6\VWHPVLQWKH/HYHOVXEGRPDLQURXWHWRZDUGDGHVWLQDWLRQDUHDRU DQRWKHUURXWLQJGRPDLQ $VZLWKDQ\,QWHUQHWURXWLQJSURWR.RO,6,6VXSSRUWIRUODUJHURXWLQJ GRPDLQVPD\DOVRLQ.OXGHPDQ\W\SHVRILQGLYLGXDOVXEQHWZRUNV7KHVH VXEQHWZRUNVPD\LQ.OXGHSRLQWWRSRLQWOLQNVPXOWLSRLQWOLQNVDQG G\QDPL.DOO\HVWDEOLVKHGGDWDOLQNVDVLQ;VXEQHWZRUNVDQGEURDG.DVW VXEQHWZRUNVOLNH,62/$1V,Q,6,6DOOVXEQHWZRUNW\SHVDUH WUHDWHGE\WKHVXEQHWZRUNLQGHSHQGHQWIXQ.WLRQVDVWKRXJKWKH\ZHUH .RQQH.WLRQOHVVVXEQHWZRUNVXVLQJVXEQHWZRUN.RQYHUJHQ.HIXQ.WLRQV ZKHUHQH.HVVDU\ /LNH263),6,6XVHVDVKRUWHVWSDWKILUVWDOJRULWKPWRGHWHUPLQH URXWHV$.RQJHVWLRQ.RQWURO.RPSRQHQWPRQLWRUVDQGSUHYHQWVEXIIHU GHDGOR.NDWHD.KLQWHUPHGLDWHV\VWHP*DWH'.RQILJXUDWLRQV\QWD[DOORZV DVPX.KDXWR.RQILJXUDWLRQDVSRVVLEOHWKXVUHGX.LQJWKHSUREDELOLW\RI HUURU*DWH'.RQILJXUDWLRQV\QWD[DOVRDOORZVSROL.\WREHVSH.LILHGIRU H[.KDQJLQJURXWLQJLQIRUPDWLRQZLWKRWKHUSURWR.ROVUXQQLQJLQ*DWH' VX.KDV%*3(*3DQG5,37KHQHZ,6,6SURWR.ROVXSSRUWVPXOWLSDWK ORDGVSOLWIRUZDUGLQJ,6,6DOVRVXSSRUWVIXOOLQMH.WLRQRIH[WHULRUQHW ZRUNSUHIL[HVDQGDWWULEXWHLQIRUPDWLRQWKXVHOLPLQDWLQJWKHQHHGIRUDQ\ LQWHUQDO%*3RUVLPLODUSURWR.ROV,6,6VXSSRUWVVWDWL.URXWLQJGRPDLQ LQIRUPDWLRQDW/HYHOLQWHUPHGLDWHV\VWHPV 7KHUHD.KDEOHDGGUHVVSUHIL[LQGL.DWHVWKDWDQ\1HWZRUN6HUYL.H$..HVV 3RLQWV16$3VWKDWPDW.KWKHSUHIL[PD\EHUHD.KDEOHYLDWKH6XEQHW 3RLQWRI$WWD.KPHQW613$ZLWKZKL.KWKHSUHIL[LVDVVR.LDWHG:KHUH WKHVXEQHWZRUNWRZKL.KWKLV613$LV.RQQH.WHGLVDJHQHUDOWRSRORJ\

111

IS-IS Protocol

VXEQHWZRUNVXSSRUWLQJG\QDPL.DOO\HVWDEOLVKHGGDWDOLQNVWKHSUHIL[DOVR KDVDVVR.LDWHGZLWKLWWKHUHTXLUHGVXEQHWZRUNDGGUHVVLQJLQIRUPDWLRQRU DQLQGL.DWLRQWKDWLWPD\EHGHULYHGIURPWKHGHVWLQDWLRQ16$3DGGUHVV 7KHDGGUHVVSUHIL[HVDUHKDQGOHGE\WKH/HYHOURXWLQJDOJRULWKPLQWKH VDPHZD\WKDWLQIRUPDWLRQDERXW/HYHOLVKDQGOHGZLWKLQWKHGRPDLQ 2.1.3.1 IS-IS Syntax

isis ( on | off ) { [ area areaid ; ] [ area auth authkey ; ] [ domain auth authkey ; ] [ domain-wide ( on | off ) ; ] [ export-defaults ; ] [ export-defaults level ( 1 | 2 ) ; ] [ export-defaults metric ( metricnum | inherit ) ; ] [ export-defaults metric-type ( internal | external ) ; ] [ external preference preferencenum ; ] [ interface interface_name | interface_address [ { [ ( enable | disable ) ; ] [ auth authkey ; ] [ csn-interval intervaltime [ level ( 1 | 2 | 1 and 2 ) ] ; ] [ dis-hello-interval intervaltime [ level ( 1 | 2 | 1 and 2 ) ] ; ] [ encap [ iso | ip ] ; ] [ hello-interval intervaltime [ level ( 1 | 2 | 1 and 2 ) ] ; ] [ hello-multiplier multipliernum [ level ( 1 | 2 | 1 and 2 ) ] ; ] [ lsp-interval intervaltime ; ] [ level ( 1 | 2 | 1 and 2 ) ; ] [ max-burst burstcount ; ] [ metric metricnum [ level ( 1 | 2 | 1 and 2 ) ] ; ] [ passive ( on | off ) ; ] [ priority prioritylevel [ level ( 1 | 2 | 1 and 2 ) ] ; ] [ retransmit-interval intervaltime ; ] } ] ; ] [ level ( 1 | 2 | 1 and 2 ) ; ] [ overload-bit ( on | off ) ; ] [ preference preferencenum ; ] [ psn-interval intervaltime ; ] [ require-snp-auth ( on | off ) ; ] [ ribs ( unicast | unicast multicast ) ; ] [ spf-interval intervaltime ; ] [ summary-originate [ inet ] { [ ipv4-network mask ipv4-network metric cost-value ; ]

112

Configuring GateD

[ ipv4-network masklen ipv4-network metric cost-value ; ] } ; ] [ summary-filter [ inet ] { [ ipv4-network mask ipv4-netmask ; ] [ ipv4-netmask masklen ipv4-netmask ; ] } ; ] [ systemid systemid ; ] [ traceoptions isis_traceoptions ; ]

,39VSH.LIL.
[ inet6 ( on | off ) ; ] [ summary-originate inet6 { [ ipv6-network mask ipv6-network metric cost-value ; ] [ ipv6-network masklen ipv6-network metric cost-value ; ] } ; ] [ summary-filter inet6 { [ ipv6-network mask ipv6-netmask ; ] [ ipv6-netmask masklen ipv6-netmask ; ] } ; ]

26,VSH.LIL.

[ config-time seconds ; ] [ es-config-time seconds ; ] [ hold-time seconds ; ] };

1RWHV 7KH.LU.XLWOHYHOLVUHVWUL.WHGE\WKHJOREDOOHYHO 7KH.LU.XLWHQ.DSVXODWLRQGHIDXOWLV,3LI,62ZDVQ

W.RPSLOHG
isis

( on | off ) isisHQDEOHVWKH,6,6SURWR.ROLQ*DWH'7KH isisVWDWHPHQW.RQ VLVWVRIDQLQLWLDOGHV.ULSWLRQRIWKH,6DQGDOLVWRIVWDWHPHQWVWKDW GHWHUPLQHWKH.RQILJXUDWLRQRIWKHVSH.LIL..LU.XLWVDQGQHWZRUNVWR EHPDQDJHG7KHGHIDXOWLVoff6WDWHPHQWVPD\DSSHDULQDQ\RUGHU DQGLQ.OXGH

areaVHWVWKH,'3,QLWLDO'RPDLQ3DUWDQGWKH+2'63+LJK

area areaid

2UGHU'RPDLQ6SH.LIL.3DUWRIWKH1(7IRUWKLVV\VWHP8SWRWKUHH DUHDDGGUHVVHVPD\EHVSH.LILHGWRR.WHWIRUPDWE\VSH.LI\LQJ PRUHareaVWDWHPHQWV

113

IS-IS Protocol

area auth authkey area authauthkeyVHWVWKHDXWKHQWL.DWLRQW\SHDQGDXWKHQWL.DWLRQ NH\IRUOHYHOURXWLQJ7KHIRUPDWIRUauthkeyLVDVIROORZV simple string

RU

{ [ simple string ; ] ... [ simple string ; ] }

where string is specified by one to eight decimal digits (with a value between 0 and 255) separated by periods, a one-to-eight byte hexadecimal string preceded by 0x, or a one-to-eight character string in double quotes.
domain auth authkey domain auth authkey sets the authentication type and authentication key for level 2 routing. The format for authkey is as follows: simple string

RU
{ [ simple string ; ] ... [ simple string ; ] }

ZKHUHstringLVVSH.LILHGE\RQHWRHLJKWGH.LPDOGLJLWVZLWKDYDOXH EHWZHHQDQGVHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WHKH[D GH.LPDOVWULQJSUH.HGHGE\[RUDRQHWRHLJKW.KDUD.WHUVWULQJLQ GRXEOHTXRWHV export-defaults level 1 | 2 export-defaultslevelVHWVWKHGHIDXOWOHYHODWZKL.KWKHURXWHV DUHH[SRUWHG$OHYHOURXWHUZLOOH[SRUWDVlevel 1E\GHIDXOW$ OHYHODQGDOHYHODQGURXWHUZLOOERWKH[SRUWDVlevel 2E\ GHIDXOW export-defaults metric ( metricnum | inherit ) export-defaults metric sets the default metric set on IP External Reachability Information routes (which are routes exported as IS-IS from another protocol). export-defaults metric can be inherited or assigned a number from 1 to 63. The default is inherit.

114

Configuring GateD

export-defaults metric-type ( internal | external ) export-defaults metric-type sets the default type of the metric

set on routes exported as IS-IS from another protocol. Internal metrics are comparable to IP Internal Reachability Information metrics and are preferable to external metrics. The default is internal.
external preference preferencenum external preferenceVHWVWKHSUHIHUHQ.HRIURXWHVOHDUQHGIURP

,6,6WKDWDUHPDUNHGDV,3([WHUQDO5HD.KDELOLW\,QIRUPDWLRQLH URXWHVH[SRUWHGLQWR,6,6ZLWKH[WHUQDOPHWUL.V9DOLGYDOXHVIRU preferencenumDUHWKURXJK7KHGHIDXOWLV interface interface_name | interface address interface specifies a list of the names or the addresses of interfaces on which to run IS-IS. The default is all. More than one interface statement may be specified.

auth authkey [ level 1 | level 2 | level 1 and 2 ] authVHWVWKHDXWKHQWL.DWLRQW\SHDQGDXWKHQWL.DWLRQNH\IRUWKLV LQWHUID.H7KHGHIDXOWLVQRDXWKHQWL.DWLRQ7KHIRUPDWIRUauthkeyLVDVIROORZV

simplestring RU ^ >simplestring@  >simplestring@ ` ZKHUHstringLVVSH.LILHGE\RQHWRHLJKWGH.LPDOGLJLWVZLWKD YDOXHEHWZHHQDQGVHSDUDWHGE\SHULRGVDRQHWRHLJKWE\WH KH[DGH.LPDOVWULQJSUH.HGHGE\[RUDRQHWRHLJKW.KDUD.WHU VWULQJLQGRXEOHTXRWHV csn-intervalintervaltime> level 1 | level 2 | level 1 and 2@ csn-intervalVHWVWKHLQWHUYDODWZKL.KWKH',6'HVLJQDWHG ,QWHUPHGLDWH6\VWHPZLOOPXOWL.DVW&61SD.NHWV9DOLGYDOXHVIRU intervaltimeDUHWKURXJKVH.RQGV dis-hello-interval intervalnum > level 1 | level 2 | level 1 and 2@ dis-hello-interval sets the hello interval used if the IS becomes the DIS (Designated Intermediate System). Valid values for intervalnum are 1 to 100.

115

IS-IS Protocol

enable | disable enable or disable overrides the interface statement to enable or disable IS-IS on this interface. enable or disable are only necessary at this level if the interface is specified. The default is enable. encap [ ip | iso ] encap sets the encapsulation type of the IS-IS packets. The system must have an ISO network protocol stack and the interface must have an ISO NSAP (Network Service Access Point) address assigned to it in order to use iso encapsulation. This is not required to use ip encapsulation. iso is the default if ISO was compiled with GateD; otherwise, ip is the default. level ( 1 | 2 | 1 and 2 ) level sets the level(s) of this interface. If the level of the router is level 1, then a level 2 interface should not be specified. IS-IS won't run on interfaces that specify a level not supported by the global level. If the level of the router is level 2, then a level 1 interface should not be specified. Only if the router is level 1 and 2 may a level 1 and 2 interface be specified. The default is level 1 and 2. metric metricnum [ level 1 | level 2 | level 1 and 2 ] metric 1.

sets the cost of traversing this interface. The default is

priority prioritylevel [ level 1 | level 2 | level 1 and 2 ] priority sets the priority for DIS election. The highest priority

IS on the link will become Designated Intermediate System. Valid values for prioritylevel are 1 to 127. (If two Intermediate Systems have the same prioritylevel, the one with the lower system-id becomes the DIS.) hello-interval intervaltime > level 1 | level 2 | level 1 and 2@ sets the interval at which hello packets are sent on the interface. Valid values for intervaltime are 1 to 300. hello-multiplier multipliernum > level 1 | level 2 | level 1 and 2@
hello-interval

sets the number of hello-intervals between reception of a hello before considering the neighbor IS down. Valid values for multipliernum are 1 to 100.
hello-multiplier

116

Configuring GateD

level ( 1 | 2 | 1 and 2 ) level VHWVWKHOHYHOVDWZKL.KWKLVLQWHUPHGLDWHV\VWHPZLOOURXWH$

OHYHOLQWUDDUHDURXWHU.DQQRWKDYHDQ\OHYHOLQWHUID.HV$OHYHO LQWHUDUHDURXWHU.DQQRWKDYHDQ\OHYHOLQWHUID.HV$OHYHODQG PD\KDYHOHYHOOHYHODQGOHYHODQGLQWHUID.HV7KHGHIDXOWLV level 1 and 2.

preference preferencenum preference GHWHUPLQHVKRZ,6,6,3,QWHUQDO5HD.KDELOLW\5RXWHV .RPSHWHZLWKURXWHVIURPRWKHUSURWR.ROVLQWKH*DWH'URXWLQJWDEOH preferencenum YDOXHVLQ.OXGHWKURXJK7KHGHIDXOWLV psn-interval intervaltime psn-intervalVHWVWKHUDWHDWZKL.K361SD.NHWVDUHSRVVLEO\LI QHHGHGPXOWL.DVWIURPWKH,69DOLGYDOXHVIRU intervaltime DUH

WKURXJK ribs ( unicast | unicast multicast ) ribs VHWVWKH5,%VLQWRZKL.K,6,6URXWHVZLOOEHSOD.HG7KH GHIDXOWLVunicast

spf-interval intervaltime

spf-intervalVHWVWKHDPRXQWRIWLPHWRZDLWZKHQDURXWLQJWDEOH UH.DO.XODWLRQLVUHTXLUHGEHIRUHSHUIRUPLQJWKHUH.DO.XODWLRQspfintervalDOORZVWLPHIRUPRUH.KDQJHVWRR..XUEHIRUHWKH.DO.XOD WLRQLVSHUIRUPHG9DOLGYDOXHVIRU intervaltime DUHWKURXJK summary-originate [ inet ] summary-originateGHV.ULEHVDVHWRIOHYHO,6,6URXWHVWKDWZLOO

EHVXPPDUL]HGIURPWKHOHYHODUHD.RQQH.WHGWRWKLVOHYHOURXWHU LQWROHYHOURXWLQJ7KHURXWHVPXVWILUVWDUULYHLQWKLVURXWHU
V5,% EHIRUHWKH\ZLOOEHRULJLQDWHG$JJUHJDWLRQRIURXWHVPD\EHGRQHLQ WKLVIDVKLRQE\SURYLGLQJOHVVVSH.LIL.QHWPDVNV
system-idVHWVWKHVL[R.WHWV\VWHPLGHQWLILHUSRUWLRQRIWKH1(7 1HWZRUN(QWLW\7LWOHIRUWKLVV\VWHPsystem-id RYHUULGHVWKH

system-id systemid

DXWR.RQILJXUHGV\VWHP,'GHWHUPLQHGIURPLQWHUID.HDGGUHVVHVDQG .RUUHVSRQGLQJQHWPDVNV,IQRV\VWHPLGHQWLILHULVVSH.LILHGWKHV\V WHP,'SRUWLRQRIWKHILUVWUHDO.LU.XLW

V16$3LVXVHG2Q.HDV\VWHP ,'LVVHWLW.DQQRWEH.KDQJHGZLWKRXWGLVDEOLQJDQGUHHQDEOLQJDOORI ,6,6
traceoptions isis_traceoptions traceoptions VSH.LILHVWKHWUD.LQJRSWLRQVIRUQHZ,6,67KH GHIDXOWLVnone.6HH6H.WLRQ7UD.H6WDWHPHQWVDQGWKH,6,6VSH .LIL.7UD.H2SWLRQVVH.WLRQEHORZ

117

IS-IS Protocol

2.1.3.2 IS-IS Defaults

isis off { config-time 60; es-config-time 60; export-defaults { metric-type internal; metric inherit; level 2; }; external preference 151; hold-time 120; inet6 off; interface all { enable; csn-interval 10 level 1 and 2; dis-hello-interval 3 level 1 and 2; hello-interval 10 level 1 and 2; hello-multiplier 3 level 1 and 2; encap iso; level 1 and 2; lsp-interval 33; max-burst 5; metric 10 level 1 and 2; priority 64 level 1 and 2; retransmit-interval 5; }; level 1 and 2; overload-bit off; preference 11; psn-interval 2; require-snp-auth off; ribs unicast; spf-interval 2; traceoptions none; }

2.1.3.3 IS-IS Tracing Options

7UD.HRSWLRQV.DQEHRQHRUPRUHRIWKHIROORZLQJ
adjacency

7UD.HEURDG.DVWQHWZRUNDGMD.HQ.LHVDQGSRLQWWRSRLQWQHWZRUN DGMD.HQ.LHV
dis-election

7UD.HGHVLJQDWHGLQWHUPHGLDWHV\VWHPHOH.WLRQ
db

7UD.HWKHOLQNVWDWHGDWDEDVH
flood

7UD.HWKHIORRGLQJOWKHOLQNVWDWHSD.NHWVWDWHV

118

Configuring GateD

spf

7UD.HHYHQWVUHODWLQJWRWKH,6,6URXWLQJWDEOH.DO.XODWLRQVKRUWHVW SDWKILUVW

debug

7UD.HYHUERVHGHEXJJLQJPHVVDJHV [ detail ] [ ( send | recv ) ] packets 7UD.HDOO,6,63'8VSD.NHWV,IdetailLVVSH.LILHGDIXOOWUD.HRI WKHSD.NHWLVSURYLGHGRWKHUZLVHDVXPPDU\LVJLYHQsendRUrecv ZLOOUHVWUL.WWUD.LQJWRWKHUHVSH.WLYHW\SHRIHYHQWVHQGLQJRUUH.HLY LQJRWKHUZLVHERWKVHQWDQGUH.LHYHG,6,63'8VZLOOEHWUD.HG [ detail ] [ ( send | recv ) ] hello 7UD.H,,+3'8V,6RU,6+HOORSD.NHWV,IdetailLVVSH.LILHGDIXOO WUD.HRIWKHSD.NHWLVSURYLGHGRWKHUZLVHDVXPPDU\LVJLYHQsendRU recvZLOOUHVWUL.WWUD.LQJWRWKHUHVSH.WLYHW\SHRIHYHQWVHQGLQJRU UH.HLYLQJRWKHUZLVHERWKVHQWDQGUH.LHYHG,,+3'8VZLOOEHWUD.HG [ detail ] [ ( send | recv ) ] lsp 7UD.H/63VOLQNVWDWHSD.NHWV,IdetailLVVSH.LILHGDIXOOWUD.HRI WKHSD.NHWLVSURYLGHGRWKHUZLVHDVXPPDU\LVJLYHQsendRUrecv ZLOOUHVWUL.WWUD.LQJWRWKHUHVSH.WLYHW\SHRIHYHQWVHQGLQJRUUH.HLY LQJRWKHUZLVHERWKVHQWDQGUH.LHYHG/63VZLOOEHWUD.HG [ detail ] [ ( send | recv ) ] csn 7UD.H&613'8V.RPSOHWHVHTXHQ.HQXPEHUVSD.NHWV,IdetailLV VSH.LILHGDIXOOWUD.HRIWKHSD.NHWLVSURYLGHGRWKHUZLVHDVXPPDU\ LVJLYHQsendRUrecvZLOOUHVWUL.WWUD.LQJWRWKHUHVSH.WLYHW\SHRI HYHQWVHQGLQJRUUH.HLYLQJRWKHUZLVHERWKVHQWDQGUH.LHYHG&61 3'8VZLOOEHWUD.HG [ detail ] [ ( send | recv ) ] psn 7UD.H3613'8VSDUWLDOVHTXHQ.HQXPEHUVSD.NHWV,IdetailLV VSH.LILHGDIXOOWUD.HRIWKHSD.NHWLVSURYLGHGRWKHUZLVHDVXPPDU\ LVJLYHQsendRUrecvZLOOUHVWUL.WWUD.LQJWRWKHUHVSH.WLYHW\SHRI HYHQWVHQGLQJRUUH.HLYLQJRWKHUZLVHERWKVHQWDQGUH.LHYHG361 3'8VZLOOEHWUD.HG

2.1.3.4 IS-IS Example Syntax

)RUH[SRUWLQJLQWR,6,6
export proto isis [ metric-type ( internal | external ) ] [ level ( 1 | 2 ) ] { [ ... ] } ;

119

IS-IS Protocol

)RUH[SRUWLQJ,6,6LQWRDQRWKHUSURWR.RO
export proto otherproto ... { proto isis [ internal | external ] ... { [ ... ] } ; } ;

120

Configuring GateD

Chapter 2 Section 2
Inter-Domain Routing Protocols
2.2.0 Inter-Domain Overview ([WHULRURULQWHUGRPDLQURXWLQJSURWR.ROVDUHXVHGWRH[.KDQJHURXWLQJ LQIRUPDWLRQEHWZHHQDXWRQRPRXVV\VWHPV5RXWHUVZLWKLQDQDXWRQRPRXV V\VWHPUXQDQLQWHULRUURXWLQJSURWR.ROVX.KDV5,3RU263)2QO\WKRVH JDWHZD\VWKDW.RQQH.WDQDXWRQRPRXVV\VWHPWRDQRWKHUDXWRQRPRXVV\V WHPQHHGWRUXQDQH[WHULRUURXWLQJSURWR.RO7ZRXQL.DVWH[WHULRUSURWR .ROVDUHVXSSRUWHGE\*DWH'(*3DQG%*3 2ULJLQDOO\(*3([WHULRU*DWHZD\3URWR.ROUHD.KDELOLW\LQIRUPDWLRQZDV SDVVHGLQWR$53$1(70,/1(7.RUHJDWHZD\VZKHUHWKHEHVWURXWHV ZHUH.KRVHQDQGSDVVHGED.NRXWWRDOO.RQQH.WHGDXWRQRPRXVV\VWHPV$V WKH,QWHUQHWPRYHGWRZDUGDOHVVKLHUDU.KL.DODU.KLWH.WXUH(*3DQH[WH ULRUURXWLQJSURWR.ROZKL.KDVVXPHVDKLHUDU.KL.DOVWUX.WXUHEH.DPHOHVV HIIH.WLYH7KH(*3SURWR.ROLVGHV.ULEHGLQ5)&DQG5)&/LQNV WRUHOHYDQW5)&V.DQEHIRXQGDW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOV.RQILJBJXLGHUHI HUHQ.HVKWPO %RUGHU*DWHZD\3URWR.ROLVUHSOD.LQJ(*3DVWKHH[WHULRUSURWR.RORI .KRL.H%*3H[.KDQJHVUHD.KDELOLW\LQIRUPDWLRQEHWZHHQDXWRQRPRXVV\V WHPVEXWSURYLGHVPRUH.DSDELOLWLHVWKDQ(*3%*3XVHVSDWKDWWULEXWHV WRSURYLGHPRUHLQIRUPDWLRQDERXWHD.KURXWHDVDQDLGLQVHOH.WLQJWKH EHVWURXWH3DWKDWWULEXWHVPD\LQ.OXGHIRUH[DPSOHDGPLQLVWUDWLYHSUHIHU HQ.HVEDVHGRQSROLWL.DORUJDQL]DWLRQDORUVH.XULW\SROL.\.RQVLGHUDWLRQV LQWKHURXWLQJGH.LVLRQ%*3VXSSRUWVQRQKLHUDU.KL.DOWRSRORJLHVDQG.DQ EHXVHGWRLPSOHPHQWDQHWZRUNVWUX.WXUHRIHTXLYDOHQWDXWRQRPRXVV\V WHPV /LQNVWRUHOHYDQW5)&V.DQEHIRXQGDW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOV.RQILJBJXLGHUHI HUHQ.HVKWPO %*3YHUVLRQLVGHV.ULEHGLQ5)&YHUVLRQLQ5)&YHUVLRQ LQ5)&DQGYHUVLRQLQ5)&7KHYHUVLRQ0,%LVGHV.ULEHG LQ5)&7KHWKUHHGR.XPHQWV5)&5)&DQG5)& GHV.ULEHWKHDSSOL.DWLRQRIYHUVLRQVDQGLQWKH,QWHUQHW$SURWR.RO DQDO\VLVRIDQH[SHULHQ.HZLWK%*3YHUVLRQLVDYDLODEOHLQ5)&DQG 5)&5)&WDONVDERXWDGYHUWLVLQJDGHIDXOWURXWHLQ%*3YHU VLRQDQG %*3YHUVLRQLVGHV.ULEHGLQ5)&7KH%*30,%LPSOHPHQWHG E\*DWH'LVGUDIWVWDQGDUGEXWV.KHGXOHGWRJRWRVWDQGDUG2WKHUUHIHU

2.2.1 EGP

2.2.2 BGP

121

Inter-Domain Routing Protocols

HQ.HVIRU%*3DUH5)&%*3&RPPXQLWLHV5)&%*35RXWH 5HIOH.WLRQ5)&%*3$6&RQIHGHUDWLRQVDQG5)&%*3 263)LQWHUD.WLRQ$XVHIXODSSOL.DWLRQGR.XPHQWLV5)&$Q$SSOL .DWLRQRIWKH%*3&RPPXQLW\$WWULEXWHLQ0XOWLKRPH5RXWLQJ

122

Configuring GateD

Chapter 2 Section 2.1

The Exterior Gateway Protocol (EGP)
2.2.1.0 EGP Overview 7KH([WHULRU*DWHZD\3URWR.RO(*3LVDQH[WHULRUURXWLQJRU,QWHU 'RPDLQ5RXWLQJSURWR.ROXVHGIRUH[.KDQJLQJURXWLQJLQIRUPDWLRQZLWK JDWHZD\VLQRWKHUDXWRQRPRXVV\VWHPV8QOLNHLQWHULRUSURWR.ROV(*3 SURSDJDWHVRQO\UHD.KDELOLW\LQGL.DWLRQVQRWWUXHPHWUL.V(*3XSGDWHV .RQWDLQPHWUL.V.DOOHGGLVWDQ.HVZKL.KUDQJHIURPWR*DWH'ZLOO RQO\.RPSDUH(*3GLVWDQ.HVOHDUQHGIURPWKHVDPH$6 %HIRUH(*3VHQGVURXWLQJLQIRUPDWLRQWRDUHPRWHURXWHULWPXVWHVWDE OLVKDQDGMD.HQ.\ZLWKWKDWURXWHU7KLVLVD..RPSOLVKHGE\DQH[.KDQJHRI +HOORQRWWREH.RQIXVHGZLWKWKH+(//2SURWR.RORU263)KHOORPHV VDJHVDQG,+HDUG<RX,+8PHVVDJHVZLWKWKDWURXWHU5RXWHUV.RP PXQL.DWLQJYLD(*3DUH.DOOHG(*3QHLJKERUVDQGWKHH[.KDQJHRI +HOORDQG,+8PHVVDJHVLVUHIHUUHGWRDVD.TXLULQJDQHLJKERU2Q.H WKHQHLJKERULVD.TXLUHGWKHV\VWHPSROOVWKHQHLJKERUIRUURXWLQJLQIRU PDWLRQ7KHQHLJKERUUHVSRQGVE\VHQGLQJDQXSGDWH.RQWDLQLQJURXWLQJ LQIRUPDWLRQ,IWKHV\VWHPUH.HLYHVDSROOIURPLWVQHLJKERULWUHVSRQGV ZLWKLWVRZQXSGDWHSD.NHW:KHQWKHV\VWHPUH.HLYHVDQXSGDWHLW LQ.OXGHVURXWHVIURPWKHXSGDWHLQWRLWVURXWLQJGDWDEDVH,IWKHQHLJKERU IDLOVWRUHVSRQGWRWKUHH.RQVH.XWLYHSROOV*DWH'DVVXPHVWKDWWKHQHLJK ERULVGRZQDQGUHPRYHVWKHQHLJKERU
VURXWHVIURPLWVGDWDEDVH 2.2.1.1 EGP Syntax
egp on | off [ { preference preference ; defaultmetric metric ; packetsize maxpacketsize ; traceoptions trace_options; group [ peeras autonomous_system ] [ localas autonomous_system ] [ maxup number ] { neighbor neighbor_address [ preference preference ] [ preference2 preference ] [ metricout metric ] [ nogendefault ] [ importdefault ] [ exportdefault ] [ gateway gateway ]

123

The Exterior Gateway Protocol

[ [ [ [ [ [ ; } ; } ] ;

lcladdr local_address ] sourcenet network ] p1 time | minhello ] p2 time | minpoll ] ttl ttl ] traceoptions trace_options ]

preference preference

.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQDURXWHKDV EHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYHURXWHZLOOEH VHOH.WHGIURPIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHUHQ.H7KH GHIDXOWSUHIHUHQ.HIRU(*3LV preference PD\EHRYHUULGGHQ E\Dpreference VSH.LILHGRQWKHJURXSRUQHLJKERUVWDWHPHQWVRU E\LPSRUWSROL.\
defaultmetric metric

preferenceVSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP(*3

defaultmetric GHILQHVWKHPHWUL.XVHGZKHQDGYHUWLVLQJURXWHVYLD (*3,IQRWVSH.LILHGWKHGHIDXOWYDOXHLVZKL.KVRPHV\VWHPV PD\.RQVLGHUXQUHD.KDEOHdefaultmetric PD\EHRYHUULGGHQE\D PHWUL.VSH.LILHGRQWKHQHLJKERURUJURXSVWDWHPHQWVRULQH[SRUW SROL.\ packetsize maxpacketsize

GHILQHVWKHH[SH.WHGPD[LPXPVL]HRIDSD.NHWWKDW (*3H[SH.WVWRUH.HLYHIURPDQHLJKERU,IDSD.NHWODUJHUWKDQmaxpacketsizeLVUH.HLYHGLWZLOOEHLQ.RPSOHWHDQGKDYHWREHGLV .DUGHG7KHOHQJWKRIWKLVSD.NHWZLOOEHQRWHGDQGWKHH[SH.WHGVL]H ZLOOEHLQ.UHDVHGWREHDEOHWRUH.HLYHDSD.NHWRIWKLVODUJHUVL]H6SH. LI\LQJWKHSDUDPHWHUKHUHZLOOSUHYHQWWKHILUVWSD.NHWIURPEHLQJ GURSSHG,IQRWVSH.LILHGWKHGHIDXOWVL]HLVE\WHV$OOSD.NHW VL]HVDUHURXQGHGXSWRDPXOWLSOHRIWKHV\VWHPSDJHVL]H

packetsize traceoptions trace_options

VSH.LILHVWKHWUD.LQJRSWLRQVIRU(*3%\GHIDXOW WKHVHDUHLQKHULWHGIURPWKHJOREDOWUD.HRSWLRQV traceoptions PD\ EHRYHUULGGHQRQDJURXSRUQHLJKERUEDVLV6HH6H.WLRQ7UD.H 6WDWHPHQWVDQGWKH(*3VSH.LIL.WUD.LQJRSWLRQVEHORZ

traceoptions group

(*3QHLJKERUVPXVWEHVSH.LILHGDVPHPEHUVRIDJURXS$ group LV XVXDOO\XVHGWRVSH.LI\DOOQHLJKERUVLQRQHDXWRQRPRXVV\VWHP 3DUDPHWHUVVSH.LILHGRQWKHgroup .ODXVHDSSO\WRDOORIWKHVXEVLG LDU\QHLJKERUVXQOHVVH[SOL.LWO\RYHUULGGHQRQDneighbor .ODXVH$Q\ QXPEHURIgroup.ODXVHVPD\VSH.LI\DQ\QXPEHURIneighbor

124

Configuring GateD

.ODXVHV$Q\SDUDPHWHUVIURPWKH neighborVXE.ODXVHPD\EHVSH.L ILHGRQWKHgroup .ODXVHWRSURYLGHGHIDXOWVIRUWKHZKROHJURXS ZKL.KPD\EHRYHUULGGHQIRULQGLYLGXDOQHLJKERUV,QDGGLWLRQWKH group .ODXVHLVWKHRQO\SOD.HWRVHWWKHIROORZLQJDWWULEXWHV

peeras autonomous_system peerasLGHQWLILHVWKHDXWRQRPRXVV\VWHPQXPEHUH[SH.WHGIURP SHHUVLQWKHJURXS,IQRWVSH.LILHGLWZLOOEHOHDUQHGG\QDPL.DOO\ localas autonomous_system

LGHQWLILHVWKHDXWRQRPRXVV\VWHPWKDW*DWH'LVUHSUH VHQWLQJWRWKHJURXS7KHGHIDXOWLVWKDWZKL.KKDVEHHQVHWJOR EDOO\LQWKHautonomoussystem VWDWHPHQW7KLVRSWLRQLVXVXDOO\ RQO\XVHGZKHQDV\VWHPLVPDVTXHUDGLQJDVDQRWKHUDXWRQRPRXV V\VWHPLWVXVHLVGLV.RXUDJHG

localas maxup number

VSH.LILHVWKHQXPEHURIQHLJKERUV*DWH'VKRXOGD.TXLUH IURPWKLVJURXS7KHGHIDXOWLVWRD.TXLUHDOORIWKHQHLJKERUVLQ WKHJURXS*DWH'ZLOODWWHPSWWRD.TXLUHWKHILUVW number QHLJK ERUVLQWKHRUGHUOLVWHG,IRQHRIWKHILUVWQHLJKERUVLVQRWDYDLO DEOHLWZLOOD.TXLUHRQHIXUWKHUGRZQWKHOLVW,IDIWHUVWDUWXS *DWH'GRHVPDQDJHWRD.TXLUHWKHPRUHGHVLUDEOHQHLJKERULWZLOO GURSWKHOHVVGHVLUDEOHRQH

maxup neighborneighbor_address

(D.KneighborVXE.ODXVHGHILQHVRQH(*3QHLJKERUZLWKLQD JURXS7KHRQO\SDUWRIWKHVXE.ODXVHWKDWLVUHTXLUHGLVWKH neighbor_address DUJXPHQWZKL.KLVWKHV\PEROL.KRVWQDPH RU,3DGGUHVVRIWKHQHLJKERU$OORWKHUSDUDPHWHUVDUHRSWLRQDO

preference preference

6SH.LILHVWKHpreference XVHGIRUURXWHVOHDUQHGIURPWKHVH QHLJKERUV7KLV.DQGLIIHUIURPWKHGHIDXOW(*3SUHIHUHQ.HVHWLQ WKHegp VWDWHPHQWVRWKDW*DWH'.DQSUHIHUURXWHVIURPRQH QHLJKERURUJURXSRIQHLJKERUVRYHUDQRWKHU7KLVSUHIHUHQ.H PD\EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\.

preference2 preference

,QWKH.DVHRID preference WLHWKHVH.RQGSUHIHUHQ.H preference2, PD\EHXVHGWREUHDNWKHWLH7KHGHIDXOWYDOXHLV

metricout metric metricout GHILQHVDPHWUL.WREHXVHGIRUDOOURXWHVVHQWWRWKLV QHLJKERU7KHYDOXHRYHUULGHVWKHGHIDXOWPHWUL.VHWLQWKHegp VWDWHPHQWDQGDQ\PHWUL.VVSH.LILHGE\H[SRUWSROL.\EXWRQO\IRU WKLVVSH.LIL.QHLJKERURUJURXSRIQHLJKERUV

125

The Exterior Gateway Protocol

nogendefault nogendefault

SUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH ZKHQ(*3UH.HLYHVDYDOLGXSGDWHIURPLWVQHLJKERU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKHgendefault RSWLRQLVHQDEOHG

importdefault importdefaultHQDEOHV*DWH'WRD..HSWWKHGHIDXOWURXWH

LILWLVLQ.OXGHGLQDUH.HLYHG(*3XSGDWH,IQRWVSH.LILHG WKHGHIDXOWURXWH.RQWDLQHGLQDQ(*3XSGDWHLVLJQRUHG)RUHIIL .LHQ.\VRPHQHWZRUNVKDYHH[WHUQDOURXWHUVDQQRXQ.HDGHIDXOW URXWHWRDYRLGVHQGLQJODUJH(*3XSGDWHSD.NHWV enables GateD to include the default route (0.0.0.0) in EGP updates sent to this EGP neighbor. This allows the system to advertise the default route via EGP. Normally a default route is not included in EGP updates.

exportdefault exportdefault

gateway gateway

,IDQHWZRUNLVQRWVKDUHGZLWKDQHLJKERUgateway VSH.LILHVD URXWHURQDQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHU IRUURXWHVUH.HLYHGIURPWKLVQHLJKERU gateway LVUDUHO\XVHG

lcladdr local_address

VSH.LILHVWKHDGGUHVVWREHXVHGRQWKHOR.DOHQGRIWKH .RQQH.WLRQZLWKWKHQHLJKERU7KHOR.DODGGUHVVPXVWEHRQDQ LQWHUID.HWKDWLVVKDUHGZLWKWKHQHLJKERURUZLWKWKHQHLJKERU

V gatewayZKHQWKHgateway SDUDPHWHULVXVHG$VHVVLRQZLOORQO\ EHRSHQHGZKHQDQLQWHUID.HZLWKWKHDSSURSULDWHOR.DODGGUHVV WKURXJKZKL.KWKHQHLJKERURUJDWHZD\DGGUHVVLVGLUH.WO\UHD.K DEOHLVRSHUDWLQJ
lcladdr sourcenet network sourcenet

VSH.LILHVWKHQHWZRUNTXHULHGLQWKH(*3SROOSD.N HWV%\GHIDXOWWKLVLVWKHQHWZRUNVKDUHGZLWKQHLJKERUWKDWKDV DQDGGUHVVVSH.LILHG,IWKHUHLVQRQHWZRUNVKDUHGZLWKWKHQHLJK ERURQHRIWKHQHWZRUNVWRZKL.KWKHQHLJKERULVDWWD.KHGVKRXOG EHVSH.LILHGsourcenet.DQDOVREHXVHGWRVSH.LI\DQHWZRUN VKDUHGZLWKWKHQHLJKERURWKHUWKDQWKHRQHRQZKL.KWKH(*3 SD.NHWVDUHVHQW7KLVSDUDPHWHULVQRUPDOO\QRWQHHGHG VHWVWKHPLQLPXPD..HSWDEOHLQWHUYDOEHWZHHQWKH WUDQVPLVVLRQRI(*3+HOORSD.NHWV7KHGHIDXOW+HOORLQWHUYDOLV VH.RQGV,IWKHQHLJKERUIDLOVWRUHVSRQGWRWKUHH+HOORSD.NHWV *DWH'VWRSVWU\LQJWRD.TXLUHWKHQHLJKERU6HWWLQJDODUJHULQWHU YDOJLYHVWKHQHLJKERUDEHWWHU.KDQ.HWRUHVSRQG minhelloLVDQ

p1 time | minhello time minhello

126

Configuring GateD

DOLDVIRUWKHp1 YDOXHGHILQHGLQWKH(*3VSH.LIL.DWLRQ
p2 time | minpoll time

VHWVWKHWLPHLQWHUYDOEHWZHHQSROOVWRWKHQHLJKERU 7KHGHIDXOWLVVH.RQGV,IWKUHHSROOVDUHVHQWZLWKRXWD UHVSRQVHWKHQHLJKERULVGH.ODUHGGRZQDQGDOOURXWHVOHDUQHG IURPWKDWQHLJKERUDUHUHPRYHGIURPWKHURXWLQJGDWDEDVH$ ORQJHUSROOLQJLQWHUYDOVXSSRUWVDPRUHVWDEOHURXWLQJGDWDEDVH EXWLVQRWDVUHVSRQVLYHWRURXWLQJ.KDQJHVminpoll LVDQDOLDVIRU WKH p2 YDOXHGHILQHGLQWKH(*3VSH.LIL.DWLRQ

minpoll ttl ttl

%\GHIDXOW*DWH'VHWVWKH,377/IRUOR.DOQHLJKERUVWRDQG WKH77/IRUQRQOR.DOQHLJKERUVWR ttl LVSURYLGHGZKHQ DWWHPSWLQJWR.RPPXQL.DWHZLWKLPSURSHUO\IXQ.WLRQLQJURXWHUV WKDWLJQRUHSD.NHWVVHQWZLWKDttlRI

traceoptions trace_options traceoptions VSH.LILHVWKHWUD.LQJRSWLRQVIRUWKLV(*3QHLJK ERU%\GHIDXOWWKHVHDUHLQKHULWHGIURPJURXSRU(*3JOREDO WUD.HRSWLRQV6HH6H.WLRQ7UD.H6WDWHPHQWVDQGWKH(*3VSH .LIL.WUD.LQJRSWLRQVEHORZ

2.2.1.2 EGP Tracing Options

7KH state DQG policy RSWLRQVZRUNZLWK(*3 3D.NHWWUD.LQJRSWLRQVZKL.KPD\EHPRGLILHGZLWKdetail, send DQG recv
packets

Trace all EGP packets.

hello

Trace EGP Hello/I-Heard-U packets, which are used to determine neighbor reachability.
acquire

Trace EGP Acquire/Cease packets, which are used to initiate and terminate EGP sessions.
update

7UD.H(*33ROO8SGDWHSD.NHWVZKL.KDUHXVHGWRUHTXHVWDQG UH.HLYHUHD.KDELOLW\XSGDWHV

127

The Exterior Gateway Protocol

128

Configuring GateD

Chapter 2 Section 2.2

The Border Gateway Protocol
2.2.2.0 BGP Overview 7KH%RUGHU*DWHZD\3URWR.RO%*3LVDQH[WHULRURULQWHUGRPDLQURXW LQJSURWR.ROXVHGIRUH[.KDQJLQJURXWLQJLQIRUPDWLRQEHWZHHQDXWRQR PRXVV\VWHPV%*3LVXVHGWRH[.KDQJHURXWLQJLQIRUPDWLRQEHWZHHQ PXOWLSOHWUDQVLWDXWRQRPRXVV\VWHPVDVZHOODVEHWZHHQWUDQVLWDQGVWXE DXWRQRPRXVV\VWHPV%*3LVUHODWHGWR(*3H[WHULRUJDWHZD\SURWR.RO EXWKDVPRUH.DSDELOLW\JUHDWHUIOH[LELOLW\DQGUHTXLUHVOHVVEDQGZLGWK %*3XVHVSDWKDWWULEXWHVWRSURYLGHPRUHLQIRUPDWLRQDERXWHD.KURXWH DQGLQSDUWL.XODUWRPDLQWDLQDQ$6SDWK$Q$6SDWKLQ.OXGHVWKH$6QXP EHURIHD.KDXWRQRPRXVV\VWHPWKDWWKHURXWHKDVWUDQVLWHGZKL.KSUR YLGHVLQIRUPDWLRQVXIIL.LHQWWRSUHYHQWURXWLQJORRSVLQDQDUELWUDU\ WRSRORJ\3DWKDWWULEXWHVPD\DOVREHXVHGWRGLVWLQJXLVKEHWZHHQJURXSV RIURXWHVWRGHWHUPLQHDGPLQLVWUDWLYHSUHIHUHQ.HVDOORZLQJJUHDWHUIOH[LELO LW\LQGHWHUPLQLQJURXWHSUHIHUHQ.HWRD.KLHYHDYDULHW\RIDGPLQLVWUDWLYH HQGV %*3VXSSRUWVWZREDVL.W\SHVRIVHVVLRQVEHWZHHQQHLJKERUV LQWHUQDO VRPHWLPHVUHIHUUHGWRDV,%*3DQGH[WHUQDO,QWHUQDOVHVVLRQVDUHUXQ EHWZHHQURXWHUVLQWKHVDPHDXWRQRPRXVV\VWHP([WHUQDOVHVVLRQVUXQ EHWZHHQURXWHUVLQGLIIHUHQWDXWRQRPRXVV\VWHPV:KHQDQ$6VHQGV URXWHVWRDQH[WHUQDOSHHUWKHOR.DO$6QXPEHULVSUHSHQGHGWRWKH$6 SDWK7KLVPHDQVWKDWURXWHVUH.HLYHGIURPDQH[WHUQDOSHHUDUHJXDUDQWHHG WRKDYHWKH$6QXPEHURIWKDWSHHUDWWKHVWDUWRIWKHSDWK,QJHQHUDO URXWHVUH.HLYHGIURPDQLQWHUQDOQHLJKERUZLOOQRWKDYHWKHOR.DO$6QXP EHUSUHSHQGHGWRWKH$6SDWK7KRVHURXWHVZLOOKDYHWKHVDPH$6SDWK WKDWWKHURXWHKDGZKHQWKHRULJLQDWLQJLQWHUQDOQHLJKERUUH.HLYHGWKH URXWHIURPDQH[WHUQDOSHHU5RXWHVZLWKQR$6QXPEHUVLQWKHSDWKPD\ EHOHJLWLPDWHO\UH.HLYHGIURPLQWHUQDOQHLJKERUV7KHVHURXWHVVKRXOGEH .RQVLGHUHGLQWHUQDOWRWKHUH.HLYHU
VRZQ$6 7KH*DWH'LPSOHPHQWDWLRQVXSSRUWVWKUHHYHUVLRQVRIWKH%*3SURWR.RO YHUVLRQVDQG%*3YHUVLRQVDQGDUHTXLWHVLPLODULQ.DSDELOLW\DQG IXQ.WLRQ7KH\ZLOORQO\SURSDJDWH.ODVVHGQHWZRUNURXWHVDQGWKH$6SDWK LVDVLPSOHDUUD\RI$6QXPEHUV%*3ZLOOSURSDJDWHIXOO\JHQHUDO DGGUHVVDQGPDVNURXWHVDQGWKH$6SDWKVWUX.WXUH.DQUHSUHVHQWWKH UHVXOWVRIDJJUHJDWLQJGLVVLPLODUURXWHV,QWKH.XUUHQW,QWHUQHW%*3LV PRVWXVHG ([WHUQDO%*3VHVVLRQVPD\RUPD\QRWLQ.OXGHDVLQJOHPHWUL.ZKL.K%*3 .DOOVWKH0XOWL([LW'LV.ULPLQDWRU0('DPRQJWKHSDWKDWWULEXWHV)RU %*3YHUVLRQVDQGWKLVPHWUL.LVDELWXQVLJQHGLQWHJHU)RU%*3 YHUVLRQLWLVDELWXQVLJQHGLQWHJHU6PDOOHUYDOXHVRIWKH0('DUH SUHIHUUHG&XUUHQWO\WKLVPHWUL.LVRQO\XVHGWREUHDNWLHVEHWZHHQURXWHV ZLWKHTXDOSUHIHUHQ.HIURPWKHVDPHQHLJKERULQJ$6

129

The Border Gateway Protocol (BGP)

,QWHUQDO%*3VHVVLRQV.DUU\DWOHDVWRQHPHWUL.LQWKHSDWKDWWULEXWHV ZKL.K%*3.DOOVWKH/R.DOB3UHI)RU%*3YHUVLRQVDQGDURXWHLV SUHIHUUHGLILWVYDOXHIRU/R.DOB3UHILVVPDOOHU)RU%*3YHUVLRQD URXWHLVSUHIHUUHGLILWVYDOXHIRUWKLVPHWUL.LVODUJHU%*3YHUVLRQLQWHU QDOVHVVLRQVPD\RSWLRQDOO\LQ.OXGHDVH.RQGPHWUL.WKH0('.DUULHGLQ IURPH[WHUQDOVHVVLRQV7KHXVHRIWKHVHPHWUL.VLVGHSHQGHQWRQWKHW\SH RILQWHUQDOSURWR.ROSUR.HVVLQJWKDWLVVSH.LILHG %*3.ROODSVHVURXWHVZLWKVLPLODUSDWKDWWULEXWHVLQWRDVLQJOHXSGDWHIRU DGYHUWLVHPHQW5RXWHVWKDWDUHUH.HLYHGLQDVLQJOHXSGDWHZLOOEHUHDGYHU WLVHGLQDVLQJOHXSGDWH7KH.KXUQ.DXVHGE\WKHORVVRIDQHLJKERUZLOOEH PLQLPL]HGDQGWKHLQLWLDODGYHUWLVHPHQWVHQWGXULQJSHHUHVWDEOLVKPHQW ZLOOEHPD[LPDOO\.RPSUHVVHG%*3GRHVQRWUHDGLQIRUPDWLRQIURPWKH NHUQHOPHVVDJHE\PHVVDJHEXWILOOVWKHLQSXWEXIIHU%*3SUR.HVVHVDOO .RPSOHWHPHVVDJHVLQWKHEXIIHUEHIRUHUHDGLQJDJDLQ%*3DOVRGRHV PXOWLSOHUHDGVWR.OHDUDOOLQ.RPLQJGDWDTXHXHGRQWKHVR.NHW7KLVIHD WXUHPD\.DXVHRWKHUSURWR.ROVWREHEOR.NHGIRUSURORQJHGLQWHUYDOVE\D EXV\SHHU.RQQH.WLRQ $OOXQUHD.KDEOHPHVVDJHVDUH.ROOH.WHGLQWRDVLQJOHPHVVDJHDQGVHQW SULRUWRUHD.KDEOHURXWHVGXULQJDIODVKXSGDWH)RUWKHVHXQUHD.KDEOH DQQRXQ.HPHQWVWKHQH[WKRSLVVHWWRWKHOR.DODGGUHVVRQWKH.RQQH. WLRQQRPHWUL.LVVHQWDQGWKHSDWKRULJLQLVVHWWRLQ.RPSOHWH2QH[WHU QDO.RQQH.WLRQVWKH$6SDWKLQXQUHD.KDEOHDQQRXQ.HPHQWVLVVHWWRWKH OR.DO$62QLQWHUQDO.RQQH.WLRQVWKH$6SDWKLVVHWWROHQJWK 7KH%*3LPSOHPHQWDWLRQH[SH.WVH[WHUQDOSHHUVWREHGLUH.WO\DWWD.KHG WRDVKDUHGVXEQHW%*3DOVRH[SH.WVWKRVHSHHUVWRDGYHUWLVHQH[WKRSV WKDWDUHKRVWDGGUHVVHVRQWKDWVXEQHWDOWKRXJKWKLV.RQVWUDLQW.DQEH UHOD[HGE\.RQILJXUDWLRQIRUWHVWLQJ)RUJURXSVRILQWHUQDOSHHUVKRZ HYHURQHRIWKHVHYHUDODYDLODEOHDOWHUQDWLYHVPD\EHVHOH.WHGE\VSH.LI\LQJ WKHJURXSW\SHDQGURXWHUHIOH.WLRQRSWLRQV 7ZRLQWHUQDOURXWLQJJURXSVH[LVWgroup type internal DQG group type routing. 7KH group type internal H[SH.WVDOOSHHUVWREH GLUH.WO\DWWD.KHGWRDVKDUHGVXEQHWVRWKDWOLNHH[WHUQDOSHHUVWKHQH[W KRSVUH.HLYHGLQ%*3DGYHUWLVHPHQWVPD\EHXVHGGLUH.WO\IRUIRUZDUG LQJ%XW group type routingZLOOGHWHUPLQHWKHLPPHGLDWHQH[WKRSV IRUURXWHVE\XVLQJWKHQH[WKRSUH.HLYHGZLWKDURXWHIURPDSHHUDVD IRUZDUGLQJDGGUHVVDQGXVLQJWKLVWRORRNXSDQLPPHGLDWHQH[WKRSLQ DQ,*3
VURXWHV6X.KJURXSVVXSSRUWGLVWDQWSHHUVEXWQHHGWREH LQIRUPHGRIWKH,*3ZKRVHURXWHVWKH\DUHXVLQJWRGHWHUPLQHLPPHGLDWH QH[WKRSV6HH5RXWH5HIOH.WLRQ2YHUYLHZDQG([DPSOHVRQSDJH  IRUPRUHLQIRUPDWLRQ )RU group type internal %*3DQGIRUWHVWJURXSVZKHUHSRVVLEOHD VLQJOHRXWJRLQJPHVVDJHLVEXLOWIRUDOOJURXSSHHUVEDVHGRQWKH.RPPRQ SROL.\$.RS\RIWKHPHVVDJHLVVHQWWRHYHU\SHHULQWKHJURXS7KH.RS\ LQ.OXGHVSRVVLEOHDGMXVWPHQWVWRWKHQH[WKRSILHOGDVDSSURSULDWHWRHD.K

130

Configuring GateD

SHHU7KLVSUR.HVVPLQLPL]HVWKH.RPSXWDWLRQDOORDGRIUXQQLQJODUJH QXPEHUVRISHHUVLQWKHVHW\SHVRIJURXSV%*3DOORZVXQ.RQILJXUHG SHHUVWR.RQQH.WLIDQDSSURSULDWHJURXSKDVEHHQ.RQILJXUHGZLWKDQ allow.ODXVH 2.2.2.1 Route Selection %*3VHOH.WVWKHEHVWSDWKWRDQ$6IURPDOOWKHNQRZQSDWKVDQGSURSD JDWHVWKHVHOH.WHGSDWKWRLWVQHLJKERUV*DWH'XVHVVSH.LIL..ULWHULDLQD VSH.LILHGRUGHUWRVHOH.WWKHEHVWSDWK6HH6H.WLRQ3UHIHUHQ.HVDQG 5RXWH6HOH.WLRQIRUPRUHLQIRUPDWLRQ 7KHIROORZLQJIHDWXUHVDUHRUZLOOEHSURYLGHGLQH[WHQGHG%*3 5RXWHUHIOH.WLRQGUDIWLHWILGUURXWHUHIOH.WY 5RXWH5HIOH.WLRQLVVXSSRUWHGIRUUHGX.WLRQRIODUJHLQWHUQDOSHHUJURXSV 6HH5RXWH5HIOH.WLRQ2YHUYLHZDQG([DPSOHVRQSDJH  &RPPXQLW\6XSSRUW5)& *DWH'DOORZVIRUILOWHULQJRIURXWHVEDVHGRQ.RPPXQLWHVRQLPSRUW,Q H[SRUWLQJURXWHV*DWH'DOORZVWKH.RPPXQLWLHVWREHDGGHGRUGHOHWHG 6HH&RPPXQLWLHV2YHUYLHZDQG([DPSOHVRQSDJH  %*35RXWH)ODS'DPSHQLQJ5)& *DWH'VXSSRUWVWKHYDULHGSDUDPHWHUVRQ5RXWH)ODS'DPSHQLQJ$6 &RQIHGHUDWLRQV>5)&@6HH:HLJKWHG5RXWH'DPSHQLQJ2YHUYLHZ 6\QWD[DQG'HIDXOWVRQSDJH  7&30'>5)&@ 6XSSRUWIRUWKH7&30'LVSODQQHGIRU*DWH' $63DWKSUHSHQG *DWH'DOORZVWKHSUHSHQGLQJRI$XWRQRPRXV6\VWHPVLQ*DWH' 2.2.2.3 Cisco Interoperability *DWH'.RQILJXUDWLRQGLIIHUVJUHDWO\IURP&LV.RURXWHUV7KLVVH.WLRQ .RPSDUHV %*3URXWHVHOH.WLRQ /R.DOB3UHI.RQILJXUDWLRQ 0('.RQILJXUDWLRQ LPSRUWDQGH[SRUWSROL.\.RQILJXUDWLRQ

2.2.2.2 Extended BGP-4 Features

2.2.2.3.0 Cisco vs GateD Route Selection: 7KHIROORZLQJWDEOH.RPSDUHV&LV.RDQG*DWH'EJS GUDIWURXWHVHOH.WLRQSROL.\

131

The Border Gateway Protocol (BGP)

&LV.R $.WLYH5RXWH,IWKHQH[WKRSLV LQD..HVVLEOHGRQRW.RQVLGHULW

*DWH'EJSGUDIW $.WLYH5RXWH,I*DWH'.DQQRW LQVWDOODURXWHLQWKHNHUQHO *DWH'ZLOOQRW.RQVLGHULWVHOH.W WKHURXWHDVWKHD.WLYHURXWH

&RQILJXUHG3ROL.\&RQVLGHU &RQILJXUHG3ROL.\&RQVLGHUWKH ODUJHU%*3DGPLQLVWUDWLYHZHLJKWV URXWHZLWKVPDOOHVWSUHIHUHQ.HDV ILUVW GHWHUPLQHGE\WKHSROL.\GHILQHG LQgated.conf. 7LHVDUHEURNHQ E\WKH preference2 ZLWKWKH ORZHVWYDOXHV /R.DOB3UHI,IWKHURXWHUVKDYH WKHVDPHZHLJKW.RQVLGHUWKH URXWHZLWKKLJKHUOR.DOSUHIHU HQ.H /R.DO5RXWHU,IWKHURXWHVKDYH WKHVDPHOR.DOSUHIHUHQ.HSUHIHU WKHURXWHWKDWWKHOR.DOURXWHU RULJLQDWHG 6KRUWHVW$63DWK,IQRURXWHLV RULJLQDWHGSUHIHUWKHVKRUWHU $XWRQRPRXV6\VWHPSDWK 6KRUWHVW$63DWK,IWKHURXWHV KDYHWKHVDPH%*3OR.DOSUHIHU HQ.HSUHIHUWKHURXWHZLWKWKH IHZHVW$XWRQRPRXV6\VWHPV OLVWHGLQLWV$6SDWK 2ULJLQ,*3(*3,Q.RPSOHWH ,IURXWHVKDYHWKHVDPH$XWRQR PRXV6\VWHPSDWKOHQJWKSUHIHU WKHORZHVWRULJLQ.RGH1H[WLQ SUHIHUHQ.HLVWKHURXWHZLWK $XWRQRPRXV6\VWHPSDWKRULJLQ RI(*3/HDVWSUHIHUUHGLVDQ $XWRQRPRXV6\VWHPSDWKWKDWLV LQ.RPSOHWH /R.DOB3UHI,IWKH%*33UHIHU HQ.HVPDW.Kpreference DQG preference2SUHIHUWKHURXWH ZLWKWKHKLJKHVW%*3OR.DOSUHIHU HQ.H

,*3(*3,Q.RPSOHWH,IDOO URXWHVKDYHSDWKVZLWKWKHVDPH $XWRQRPRXV6\VWHPSDWKOHQJWK SUHIHUWKHORZHVWRULJLQ.RGH ,*3(*3,Q.RPSOHWH

132

Configuring GateD

&LV.R 0(',IRULJLQ.RGHVDUHWKH VDPHDQGDOOWKHSDWKVDUHIURP WKHVDPH$XWRQRPRXV6\VWHP SUHIHUWKHSDWKZLWKWKHORZHVW 0XOWL([LW'LV.ULPLQDWRU0(' PHWUL.$PLVVLQJPHWUL.LVWUHDWHG DV]HUR

*DWH'EJSGUDIW 0('LIQRWLJQRUHG,IRULJLQ .RGHVDUHWKHVDPHSUHIHUWKH URXWHZLWKWKHEHVW0XOWL([LW 'LV.ULPLQDWRU0('VDUHRQO\ .RPSDUHGEHWZHHQURXWHVWKDW ZHUHUH.HLYHGIURPWKHVDPH QHLJKERU$XWRQRPRXV6\VWHP 6RWKLVWHVWLVRQO\DSSOLHGLIWKH OR.DO$XWRQRPRXV6\VWHPKDV WZRRUPRUH.RQQH.WLRQVWRD JLYHQQHLJKERU$XWRQRPRXV6\V WHP$PLVVLQJPHWUL.LVWUHDWHG DV 6KRUWHVW,*3GLVWDQ.H,IWKH 0('VDUHWKHVDPHSUHIHUWKH URXWHZKRVH NEXT_HOPLV.ORVHU ZLWKUHVSH.WWRWKH,*3GLV WDQ.H 6RXU.H,*3(%*3,%*3,I WKH,*3GLVWDQ.HVDUHWKHVDPH SUHIHUILUVWWKHVWUL.WO\LQWHULRU URXWHWKHQWKHVWUL.WO\H[WHULRU URXWHWKHQWKHH[WHULRUURXWH OHDUQHGIURPDQLQWHULRUVHVVLRQ /RZHVW5RXWHU,',IWKHVRXU.HV DUHWKHVDPHSUHIHUWKHURXWH ZKRVHQH[WKRS,3DGGUHVVLV QXPHUL.DOO\ORZHVW

([WHUQDO,QWHUQDO,IWKH0('V DUHWKHVDPHSUHIHUH[WHUQDO SDWKVRYHULQWHUQDOSDWKV

&ORVHVW1HLJKERU,I,*3V\Q .KURQL]DWLRQLVGLVDEOHGDQGRQO\ LQWHUQDOSDWKVUHPDLQSUHIHUWKH SDWKWKURXJKWKH.ORVHVWQHLJK ERU /RZHVW,3$GGUHVV,IWKHQHLJK ERUVDUHHTXDOO\.ORVHSUHIHUWKH URXWHZLWKWKHORZHVW,3DGGUHVV YDOXHIRUWKH%*3URXWHU,'

2.2.2.3.1 Local_Pref Configuration Example: 7KHIROORZLQJ.RQILJXUDWLRQVVHWDLocal_Pref RIIRUSHHUVLQ$6 1RWHWKDW*DWH'

V.RQILJXUDWLRQXVHVWKH setpref .RPPDQG7KH /R.DOB3UHIYDOXH.RPHVIURPWKLVHTXDWLRQLocal_Pref = 254 (global protocol preference for this route) + metric. 7KH JOREDOSURWR.ROSUHIHUHQ.HIRU%*3LVVHH6H.WLRQ$VVLJQLQJ 3UHIHUHQ.HV,QWKLVH[DPSOHZHXVHWKHV\QWD[ setpref 36WRVSH.LI\D Local_Pref YDOXHRI 

133

The Border Gateway Protocol (BGP)

Cisco:
router bgp 100 network 192.168.0.0 neighbor 192.168.1.1 remote-as 200 neighbor 192.168.1.1 route-map set-local-pref in route-map set-local-pref permit 10 set local preference 120

GateD:
group type internal peeras 200 setpref 36 { (254-170+36) = 120 peer 192.168.1.1; }; #

2.2.2.3.2 MED Configuration Example: 7KHIROORZLQJ.RQILJXUDWLRQVVHWDPHWUL.RIRQURXWHVH[SRUWHGWR $6 &LV.R

ip as-path access-list 1 permit .* route-map med permit 10 match as-path 1 set metric 127

*DWH'
export proto bgp as 200 { proto bgp aspath .* origin any { all metric 127; }; };

2.2.2.3.3 Import Filter Example: &LV.R

router bgp neighbor neighbor ip as-path ip as-path 200 192.168.10.32 192.168.10.32 access-list 2 access-list 2 remote-as 100 filter-list 2 in deny _690$ permit .*

*DWH'

as 200; routerid 192.168.10.55; bgp on { group type external peeras 100 { peer 192.168.10.32;

134

Configuring GateD

}; }; import proto bgp aspath (.* 690) origin any { all restrict; }; import proto bgp aspath (.*) origin any { all; };

2.2.2.3.4 Export Filter Example: &LV.R

router bgp 200 neighbor 192.168.10.32 remote-as 100 neighbor 192.168.10.32 filter-list 3 out ip as-path access-list 3 deny _400$ ip as-path access-list 3 permit .*

*DWH'
as 200; routerid 192.168.10.55; bgp on { group type external peeras 100 { peer 192.168.10.32; }; }; export proto bgp as 100 { proto bgp aspath (.* 400) origin any { all restrict; }; proto bgp aspath (.*) origin any { all; };

}; 2.2.2.4 BGP Issues 2.2.2.4.1 Third Party Route Advertisement 7KLUGSDUW\URXWHDGYHUWLVHPHQWVDUHDVSH.LDOIRUPRIDGYHUWLVHPHQWVWR H[WHUQDOSHHUV,QSDUWL.XODUDQ\DGYHUWLVHPHQWWKDWKDVDQH[WKRS DWWULEXWHWKDW.RQWDLQVDQ,3DGGUHVVGLIIHUHQWWKDQWKH,3DGGUHVVRIWKH SHHUVHQGLQJWKHDGYHUWLVHPHQWLV.DOOHGWKLUGSDUW\$WKLUGSDUW\DGYHU WLVHPHQWLVOHJDOHVVHQWLDOO\ZKHQWKHQH[WKRSWKDWLVDGYHUWLVHGLVRQWKH QHWZRUNWKDWLVXVHGIRUSHHULQJ *DWH'E\GHIDXOWSHUIRUPVWKLUGSDUW\URXWHDGYHUWLVHPHQWVZKHQWKH QH[WKRSWKDWLWLVXVLQJLIXVHGZRXOGUHVXOWLQDOHJDOWKLUGSDUW\URXWH DGYHUWLVHPHQW$OVRE\GHIDXOW*DWH'UHMH.WVWKLUGSDUW\URXWHDGYHUWLVH PHQWVWKDWDUHLOOHJDO7KHUHDUHWZRRSWLRQVWKDW.DQEHXVHGWRDOWHUWKLV

135

The Border Gateway Protocol (BGP)

GHIDXOWEHKDYLRUnexthopselfDQGgateway7KHIRUPHUGHDOVZLWK URXWHVRULJLQDWHGE\*DWH'WKHODWWHUZLWKERWKVHQGLQJDQGUH.HLYLQJ WKLUGSDUW\DGYHUWLVHPHQWV

nexthopself .DXVHV*DWH'WRLQ.OXGHDQH[WKRSRIKLVRZQ,3DGGUHVV LQDOODGYHUWLVHPHQWVWRDQH[WHUQDOSHHU+HQ.HQRDGYHUWLVHPHQWVWKDW *DWH'VHQGV.RXOGEH.RQVLGHUHGWKLUGSDUW\

7KHVH.RQGRSWLRQgateway LVPHDQWIRUXVHLQVLWXDWLRQVZKHUHWKH SHHUVDUHQRWGLUH.WO\.RQQH.WHGWRRQHDQRWKHU:LWKWKH gateway RSWLRQ\RXVSH.LI\WKHILUVWKRSDORQJWKHSDWKWRWKHSHHU*DWH'ZLOO WKHQSHUIRUPWKLUGSDUW\URXWHDGYHUWLVHPHQWVDVWKRXJKWKHQHWZRUN VKDUHGZLWKWKHJDWHZD\ZHUHUHDOO\WKHQHWZRUNVKDUHGZLWKWKHSHHU *DWH'ZLOODOVRVXEVWLWXWHRQUH.HLYHGDGYHUWLVHPHQWVWKHDGGUHVVRIWKH JDWHZD\IRUWKHDGGUHVVRIWKHQH[WKRSUH.HLYHG 7KHIROORZLQJLVDVDPSOH%*3VWDWHPHQWLQZKL.K*DWH'WXUQVRIIWKLUG SDUW\URXWHDGYHUWLVHPHQWVZLWKUHVSH.WWRSHHUEXWQRW ZLWKUHVSH.WWR
bgp yes { group type external peeras 1 { peer 192.168.10.1 nexthopself; peer 192.168.10.2; }; };

,QWKHSUH.HGLQJH[DPSOHLI*DWH'OHDUQHGUHD.KDELOLW\IRUQHWZRUN ZLWKDQH[WKRSRIWKHDGYHUWLVHPHQWVWRSHHU DQGSHHUZRXOGGLIIHUWKHDGYHUWLVHPHQWWR SHHUZRXOG.RQWDLQDQH[WKRSRIWKH*DWH'ER[WKHDGYHU WLVHPHQWWRSHHUZRXOG.RQWDLQDQH[WKRSRI  $QGKHUHLVDQH[DPSOHZKHUHWKH*DWH'ER[LVDWWD.KHGWRWKHQHWZRUN EXWWKHSHHULVQRW1RWHWKDWWKHJDWHZD\URXWHU PXVWEHDEOHWRIRUZDUGSD.NHWVWRWKHSHHU 
bgp yes { group type external peeras 1 { peer 192.168.77.12 gateway 192.168.10.1; }; };

,QWKLVH[DPSOH*DWH'ZLOOHQVXUHWKDWDOORIWKHQH[WKRSVWKDWLWDGYHU WLVHVWRLWVSHHUDUHRQWKHQHWZRUNVKDUHGZLWKWKHJDWH ZD\DQ\QH[WKRSVWKDWLWUH.HLYHVIURPWKHSHHU ZLOOEHUHSOD.HGZLWKWKHDGGUHVVRIWKHJDWHZD\ 

136

Configuring GateD

2.2.2.4.2 Determining Next Hops ,Q*DWH'DWSUHVHQWWKHUHDUHWKUHHGLIIHUHQW.DVHVIRUQH[WKRSGHWHUPL QDWLRQgroup type internal, group type externalDQGDQ\WKLQJ HOVH0RGLIL.DWLRQRIWKHQH[WKRSIRUgroup type external LV.RYHUHG LQ7KLUG3DUW\5RXWH$GYHUWLVHPHQWRQSDJH $VIDUDV,%*3SHHUV DUH.RQ.HUQHGWKH%*3VSH.LIL.DWLRQLV.OHDUWKHQH[WKRSWKDWLVVHQW VKDOOEHWKHQH[WKRSWKDWZDVUH.HLYHG,QSUD.WL.HWKLVUHVWUL.WLRQLVQ
W UHDOO\QH.HVVDU\DQGXQWLOUH.HQWO\*DWH'LJQRUHGWKLVSDUWL.XODUUHVWUL. WLRQLQDOO.DVHVH[.HSWZKHQD.WLQJDURXWHUHIOH.WRUDQGZRXOGVHQGD QH[WKRSRQWKHQHWZRUNXVHGIRUSHHULQJ 1RZLQWKH.DVHRIgroup type internal, *DWH'ZLOODOZD\VVHQGWR LWV,%*3SHHUVWKHQH[WKRSWKDWLWLVXVLQJ7KLVDOORZVIRUEHWWHUURXWLQJ LQVRPH.DVHV&RQVLGHUWKHIROORZLQJWRSRORJ\
192.168.10/24 ---*********--* * A B | | ---+-----+-+--192.168.11/24 | C

:KHUHURXWHUV$DQG%DUHSHHULQJRYHUWKHVKDUHGQHWZRUN 8QGHUWKHROGEHKDYLRULIURXWHU$OHDUQVRIDURXWHWRGHVWLQDWLRQ' WKURXJKURXWHU&URXWHU$ZLOODGYHUWLVHWRURXWHU%DURXWHWR'ZLWKD QH[WKRSRI$EH.DXVH$LVXQDZDUHWKDW%LVDOVRRQWKHVKDUHGQHWZRUN :LWKWKHQHZEHKDYLRU$ZLOODGYHUWLVHDURXWHWRGHVWL QDWLRQ'WKURXJK&%LVWKHQJLYHQWKHDELOLW\WRGHWHUPLQHZKHWKHULW .DQUHD.K&ZLWKRXWJRLQJWKURXJK$,WLVLPSRUWDQWWREHDULQPLQGWKDW group type internalLVLQWHQGHGIRUSHHUVRQGLUH.WO\DWWD.KHGQHW ZRUNV,IWKHSHHUVDUHQRWRQGLUH.WO\VKDUHGQHWZRUNVgroup type routingVKRXOGEHXVHG )RUQH[WKRSGHWHUPLQDWLRQ group type routing XVHVHVVHQWLDOO\WKH VDPHDOJRULWKPWKDWH[WHUQDOSHHUVZLWKWKHgateway RSWLRQXVH*DWH' GHWHUPLQHVZKL.KQHWZRUNLVEHLQJXVHGWRUHD.KWKHLPPHGLDWHQH[WKRS WRLWVSHHU,WWKHQLQVXUHVWKDWWKHQH[WKRSDGYHUWLVHGLVRQWKHVDPHQHW ZRUNDVWKHLPPHGLDWHQH[WKRS 2.2.2.4.3 AS Stuffing and Spoofing $6VWXIILQJRUSUHSHQGLQJLVD..RPSOLVKHGZLWKWKHascount.RP PDQGascountLVXVHGWRELDVXSVWUHDPSHHUV
URXWHVHOH.WLRQPRVW URXWHUVSUHIHUURXWHVZLWKVKRUWHU$63DWKV6HHascountcount RQSDJH IRUPRUHLQIRUPDWLRQDERXWascount 7UDGLWLRQDOO\WKH%*3VSH.LIL.DWLRQKDVQRWDOORZHGWKHH[LVWHQ.HRI ORRSHG$63DWKV/RRSVPXVWEHLJQRUHGLQRUGHUWRDOORZ$6SUHSHQG LQJ7KHnov4asloop.RPPDQG.DQEHXVHGWRSUHYHQWURXWHVZLWK

137

The Border Gateway Protocol (BGP)

ORRSHG$6SDWKVIURPEHLQJDGYHUWLVHGWRH[WHUQDOSHHUV6HH nov4asloopRQSDJH IRUPRUHLQIRUPDWLRQDERXWnov4asloop 7KHv3asloopokay.RPPDQG.DQEHXVHGWRDOORZORRSHG$6SDWKVWR %*3YH[WHUQDOSHHUV6HHv3asloopokayRQSDJH IRUPRUH LQIRUPDWLRQDERXWv3asloopokay 7KHlocalas.RPPDQG.DQEHXVHGWRVSRRIWKH$6WKDW%*3UHSUH VHQWVWRDJURXSRISHHUV7KHGHIDXOW$6LVWKDW.RQILJXUHGLQWKHDXWRQ RPRXVV\VWHPVWDWHPHQWlocalasSURYLGHVDZD\WRVSHDN%*3IURP PRUHWKDQ$66HHOR.DODVDXWRQRPRXVBV\VWHPRQSDJH IRU PRUHLQIRUPDWLRQDERXWlocalas 2.2.2.5 BGP Public 2.2.2.5.1 BGP Public Syntax 1RWH$WWKHWRSRI\RXU.RQILJXUDWLRQILOH\RXPXVWVSH.LI\WKH$6DQG URXWHULGLQRUGHUIRU%*3WRZRUN
bgp ( on | off ) [ { preference bpgpreference ; defaultmetric metric ; traceoptions trace_options ; group type (( external peeras autonomous_system ) | ( internal peeras autonomous_system ) | ( igp peeras autonomous_system proto protocol ) | ( routing peeras autonomous_system proto protocol interface interface_list ) | ( test peeras autonomous_system )) [ gateway gateway ] [ holdtime time ] [ indelay time ] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address | localtcp local_address ] [ localas autonomous_system ] [ logupdown ] [ metricout metric ] [ noaggregatorid ] [ nogendefault ] [ nov4asloop ] [ outdelay time ] [ passive ] [ preference grouppreference ] [ preference2 grouppreference2 ] [ recvbuffer buffersize ] [ sendbuffer buffersize ]

138

Configuring GateD

[ [ [ [ [ [ {

setpref metric ] showwarnings ] traceoptions trace_options ] ttl ttl ] v3asloopokay ] version number ] allow { [ network ] ; [ network ] mask [ mask ] ; [ network ] masklen [ number ] ; all; host [ ipnumber ] ; } ;

} ; peer host [ gateway gateway ] [ holdtime time ] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address | localtcp local_address ] [ localas autonomous_system ] [ logupdown ] [ metricout metric ] [ noaggregatorid ] [ nogendefault ] [ nov4asloop ] [ outdelay ] [ passive ] [ preference peerpreference ] [ preference2 peerpreference2 ] [ recvbuffer buffersize ] [ sendbuffer buffersize ] [ showwarnings ] [ traceoptions trace_options ] [ ttl ttl ] [ v3asloopokay ] [ version number ] ; } ; } ] ; bgp

7KHbgpVWDWHPHQWHQDEOHVRUGLVDEOHV%*3%\GHIDXOW%*3LVGLVDEOHG 7KHGHIDXOWPHWUL.IRUDQQRXQ.LQJURXWHVYLD%*3LVQRWWRVHQGDPHWUL.

139

The Border Gateway Protocol (BGP)

preference bgppreference

VSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP %*3.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQD URXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYH URXWHZLOOEHVHOH.WHGIURPIURPWKHSURWR.ROZLWKWKHORZHVW SUHIHUHQ.H(D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH. WLRQ7KHGHIDXOWSUHIHUHQ.HIRU%*3LV7KLVSUHIHUHQ.H PD\EHRYHUULGGHQE\DSUHIHUHQ.HVSH.LILHGRQWKH group RU peer VWDWHPHQWVRUE\LPSRUWSROL.\
preference defaultmetric metric

GHILQHVWKHPHWUL.XVHGZKHQDGYHUWLVLQJ URXWHVYLD%*3,IQRWVSH.LILHGQRPHWUL.LVSURSDJDWHG7KLV PHWUL.PD\EHRYHUULGGHQE\DPHWUL.VSH.LILHGRQWKH peer RU group VWDWHPHQWVRULQH[SRUWSROL.\

defaultmetric traceoptions trace_options traceoptions VSH.LILHVWKHWUD.LQJRSWLRQVIRU%*3%\GHIDXOW

WKHVHDUHLQKHULWHGIURPWKHJOREDOWUD.HRSWLRQV7KHVHYDOXHV PD\EHRYHUULGGHQRQWKHpeer RU group VWDWHPHQWV6HH 7UD.H6WDWHPHQWVDQGWKH%*3VSH.LIL.WUD.LQJRSWLRQVEHORZ)

group type (( external peeras autonomous_system ) | (internal peeras autonomous_system) | (routing peeras autonomous_system proto protocol interface interface_list) | (test peeras autonomous_system))

,QWKH.ODVVL.group type external %*3JURXSIXOOSROL.\ .KH.NLQJLVDSSOLHGWRDOOLQ.RPLQJDQGRXWJRLQJDGYHUWLVHPHQWV 7KHH[WHUQDOSHHUVPXVWEHGLUH.WO\UHD.KDEOHWKURXJKRQHRI WKHPD.KLQH

VOR.DOLQWHUID.HV7KHQH[WKRSWUDQVPLWWHGLV.RP SXWHGZLWKUHVSH.WWRWKHVKDUHGLQWHUID.Hgroup type internal peeras LVDQLQWHUQDOJURXSWKDWXVHVWKHURXWHVRIDQ LQWHULRUSURWR.ROWRUHVROYHIRUZDUGLQJDGGUHVVHV group type routing peeras SURSDJDWHVH[WHUQDOURXWHV EHWZHHQURXWHUVWKDWDUHQRWGLUH.WO\.RQQH.WHGgroup type routing peeras DOVR.RPSXWHVLPPHGLDWHQH[WKRSVIRUWKRVH H[WHUQDOURXWHVE\XVLQJWKH%*3QH[WKRSWKDWDUULYHGZLWKWKH URXWHDVDIRUZDUGLQJDGGUHVVWREHUHVROYHGYLDDQLQWHUQDOSUR WR.RO
VURXWLQJLQIRUPDWLRQ,QHVVHQ.HLQWHUQDO%*3LVXVHGWR .DUU\$6H[WHUQDOURXWHVDQGWKH,*3LVH[SH.WHGWRRQO\.DUU\ $6LQWHUQDOURXWHV7KHODWWHULVXVHGWRILQGLPPHGLDWHQH[W KRSVIRUWKHIRUPHUproto protocolQDPHVWKHLQWHULRUSURWR .ROWREHXVHGWRUHVROYH%*3URXWHQH[WKRSVDQGPD\EHWKH QDPHRIDQ\,*3LQWKH.RQILJXUDWLRQLQ.OXGLQJstatic%\ GHIDXOWWKHQH[WKRSLQ%*3URXWHVDGYHUWLVHGWR group type routing peers ZLOOEHVHWWRWKHOR.DODGGUHVVRQWKH%*3 .RQQH.WLRQWRWKRVHSHHUVEH.DXVHLWLVDVVXPHGWKDWDURXWHWR

140

Configuring GateD

WKLVDGGUHVVZLOOEHSURSDJDWHGYLDWKH,*37KH interface_list .DQRSWLRQDOO\SURYLGHDOLVWRILQWHUID.HV ZKRVHURXWHVDUH.DUULHGYLDWKH,*3IRUZKL.KWKLUGSDUW\QH[W KRSVPD\EHXVHGLQVWHDG)RU263)*DWH'XVHVWKHtagILHOG WRSDVV$6LQIRUPDWLRQ3OHDVHUHIHUWR6H.WLRQ263) 6\QWD[WKHtagRSWLRQIRUPRUHGHWDLOV)RUWKHgroup types internalDQGrouting,WKHSDUDPHWHUVlcladdr, outdelay, DQG metricout PXVWEHVHWLQWKHgroup VWDWHPHQWQRWRQD SHUSHHUEDVLV,IWKHVHRSWLRQVDUHVHWRQWKHpeer VWDWHPHQW WKH\PXVWHTXDOWKHYDOXHVVHWRQWKH.RUUHVSRQGLQJ group VWDWHPHQW test peeras LVDQH[WHQVLRQWRH[WHUQDO%*3WKDWLPSOHPHQWVD IL[HGSROL.\XVLQJWHVWSHHUV)L[HGSROL.\DQGVSH.LDO.DVH.RGH PDNHWHVWSHHUVUHODWLYHO\LQH[SHQVLYHWRPDLQWDLQ7HVWSHHUVGR QRWQHHGWREHRQDGLUH.WO\DWWD.KHGQHWZRUN,I*DWH'DQGWKH SHHUDUHRQWKHVDPHGLUH.WO\DWWD.KHGVXEQHWWKHDGYHUWLVHG QH[WKRSLV.RPSXWHGZLWKUHVSH.WWRWKDWQHWZRUNRWKHUZLVH WKHQH[WKRSLVWKHOR.DOPD.KLQH
V.XUUHQWQH[WKRS$OOURXWLQJ LQIRUPDWLRQDGYHUWLVHGE\DQGUH.HLYHGIURPDWHVWSHHULVGLV .DUGHGDQGDOO%*3DGYHUWLVDEOHURXWHVDUHVHQWED.NWRWKHWHVW SHHU0HWUL.VIURP(*3DQG%*3GHULYHGURXWHVDUHIRU ZDUGHGLQWKHDGYHUWLVHPHQWRWKHUZLVHQRPHWUL.LVLQ.OXGHG
gateway gateway gateway LQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKWKLVJURXSgateway VSH.LILHVD

URXWHURQDQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHU IRUURXWHVUH.HLYHGIURPWKLVSHHU7KH gateway SDUDPHWHUPD\ DOVREHXVHGWRVSH.LI\DQH[WKRSIRUJURXSVWKDWDUHRQVKDUHG QHWZRUNV)RUH[DPSOH\RXPLJKWXVHgateway WRHQVXUHWKDW WKLUGSDUW\QH[WKRSVDUHQHYHUD..HSWHGIURPDJLYHQJURXSE\ VSH.LI\LQJWKDWJURXS

VDGGUHVVDVLWVRZQJDWHZD\7KH gateway VSH.LILHGPXVWKDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUH YHQWURXWLQJORRSVgateway LVQRWQHHGHGLQPRVW.DVHV
holdtime time holdtime VSH.LILHVWKH%*3KROGWLPHYDOXHLQVH.RQGVWRXVH

ZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVJURXS,I*DWH'GRHV QRWUH.HLYHDNHHSDOLYHRUXSGDWHPHVVDJHZLWKLQWKHSHULRG VSH.LILHGLQWKHKROGWLPHILHOGRIWKH%*3RSHQPHVVDJHWKHQ WKH%*3.RQQH.WLRQZLOOEH.ORVHG7KHYDOXHPXVWEHDWOHDVW 7KHGHIDXOWYDOXHLV

indelay time indelay time LVWKHDPRXQWRIWLPHD%*3URXWHPXVWEH SUHVHQWEHIRUHLWLVLPSRUWHGLQWRWKH*DWH'URXWLQJGDWDEDVH 7KHGHIDXOWYDOXHLVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG

141

The Border Gateway Protocol (BGP)

keep ( all | none ) keep all

retains routes learned from a group even if the routes' AS paths contain one of the router's own exported AS numbers. keep none causes GateD to disregard routes containing the router's own AS numbers. keep none is the default. to always send keepalives, even when an update could have correctly substituted for one. keepalivesalways allows interoperability with routers that do not completely obey the protocol specifications on this point.
lcladdr VSH.LILHVWKHDGGUHVVWREHXVHGRQWKHOR.DOHQGRIWKH

keepalivesalways keepalivesalways causes GateD

lcladdr local_address | localtcp local_address

7&3.RQQH.WLRQZLWKWKHJURXS)RUH[WHUQDOSHHUVWKHOR.DO DGGUHVVPXVWEHRQDQLQWHUID.HWKDWLVVKDUHGZLWKWKHSHHURU ZLWKWKHSHHU

VJDWHZD\ZKHQ gateway LVXVHG$VHVVLRQZLWK DQH[WHUQDOSHHUZLOORQO\EHRSHQHGZKHQDQLQWHUID.HZLWKWKH DSSURSULDWHOR.DODGGUHVVWKURXJKZKL.KWKHSHHURUJDWHZD\ DGGUHVVLVGLUH.WO\UHD.KDEOHLVRSHUDWLQJ)RURWKHUW\SHVRI SHHUVDSHHUVHVVLRQZLOOEHPDLQWDLQHGZKHQDQ\LQWHUID.HZLWK WKHVSH.LILHGOR.DODGGUHVVLVRSHUDWLQJ,QHLWKHU.DVHDQLQ.RP LQJ.RQQH.WLRQZLOORQO\EHUH.RJQL]HGDVDPDW.KIRUD.RQILJ XUHGSHHULILWLVDGGUHVVHGWRWKH.RQILJXUHGOR.DODGGUHVV)RU group types internal DQG routingVHWWKLVlcladdr RQ WKH group .ODXVH. )RU group type testURXWLQJLWLVDGYLVDEOH WRVHWWKH lcladdr WRDQRQSK\VL.DOLQWHUID.HVX.KDVDORRS ED.NLQWHUID.H :KHQ%*3LVILUVWVWDUWHGLWGHWHUPLQHVZKL.KLQWHUID.HVLWZLOO EHXVLQJWR.RPPXQL.DWHZLWKHD.KSHHU%H.DXVHWKLVKDSSHQV DIWHUWKH.RQILJXUDWLRQILOHKDVEHHQUHDGEXWEHIRUHLWKDVEHHQ D.WLYDWHGDQ\VWDWHPHQWVWKDWDIIH.WLQWHUID.HVIRUH[DPSOH PDUNLQJDSDUWL.XODU,3DGGUHVVDVWKHSULPDU\DGGUHVVIRUD JLYHQLQWHUID.HZLOOQRWKDYHWDNHQSOD.H\HW&RQVHTXHQWO\ %*3GRHVQ
WQH.HVVDULO\KDYHWKHVDPHYLHZRIWKHLQWHUID.HVDV WKHUHVWRI*DWH')RUH[DPSOH%*3ZLOODOZD\VSL.NWKHORZHVW ,3IRUDQLQWHUID.HDVEHLQJWKHSULPDU\7KLVLVLPSRUWDQW EH.DXVHLWDIIH.WVWKH,3DGGUHVVWKDW%*3ZLOOXVHWRSHHUIURP 7R.KRRVHWKH.RUUH.WLQWHUID.H\RX.DQXVHWKHlocaltcp RSWLRQWRH[SOL.LWO\VSH.LI\ZKL.K,3DGGUHVVWRXVHIRUSHHULQJ
localas autonomous_system localasLGHQWLILHVWKHDXWRQRPRXVV\VWHPWKDW*DWH'LVUHSUH

142

Configuring GateD

VHQWLQJWRWKLVJURXSRISHHUV7KHGHIDXOWLVWKDWZKL.KKDV EHHQVHWJOREDOO\LQWKHautonomoussystemVWDWHPHQW.
logupdown logupdown .DXVHVDPHVVDJHWREHORJJHGYLDWKHV\VORJPH.KD QLVPZKHQHYHUD%*3JURXSHQWHUVRUOHDYHVWKH(VWDEOLVKHG VWDWH metricout metric metricout PD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHG JURXSV7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKH PRVWSUHIHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\  SHHUOHYHOmetricout  JURXSOHYHOmetricout  defaultmetric

)RU group types internal DQG routingVHW metricout RQ WKHgroup .ODXVHLQVWHDGRIRQWKHpeer VXE.ODXVH0('QHHGV WREH.RPPRQEHWZHHQDOOSHHUVLQDQLQWHUQDOJURXSRUORRSLQJ PD\R..XU.
noaggregatorid

.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDVLQVWHDGRIWKH routerid RIWKHURXWHU LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJ DJJUHJDWHURXWHVZLWKGLIIHUHQW$6SDWKV

noaggregatorid nogendefault nogendefaultSUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH

ZKHQ%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKHJHQGHIDXOWRSWLRQLVHQDEOHG
nov4asloop

nov4asloop SUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VH nov4asloop WRDYRLG DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV outdelay time outdelay GDPSHQVURXWHIOX.WXDWLRQV7KH outdelay time iV WKHDPRXQWRIWLPHDURXWHPXVWEHSUHVHQWLQWKH*DWH'URXW LQJGDWDEDVHEHIRUHLWLVH[SRUWHGWR%*37KHGHIDXOWYDOXHIRU outdelayLVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG)RUgroup types internal DQG routingVHWoutdelayRQWKHgroup .ODXVH passive passiveSUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQD%*3.RQ

143

The Border Gateway Protocol (BGP)

QH.WLRQZLWKSHHUVLQWKLVJURXS,QVWHDGLWZLOOZDLWIRUWKHSHHU WRLQLWLDWHD.RQQH.WLRQpassive ZDVLQWURGX.HGWRKDQGOHD SUREOHPLQ%*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKWERWK DWWHPSWWRLQLWLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLVSUREOHP LVIL[HGLQWKH%*3SURWR.ROVRWKH passiveRSWLRQLVQRW QHHGHGZLWK%*3VHVVLRQV 1RWH,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQ passive ZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RUWKLV UHDVRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRIpassive LVGLV.RXUDJHG.
preference grouppreference

VSH.LILHVWKHSUHIHUHQ.HXVHGIRUURXWHVOHDUQHG IURPWKLVJURXS7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW %*3SUHIHUHQ.HVHWLQWKHbgp VWDWHPHQWVRWKDW*DWH'.DQ SUHIHUURXWHVIURPRQHJURXSRYHURWKHUV7KLVSUHIHUHQ.HPD\ EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\.

preference preference2 grouppreference2 preference2

EUHDNVD preference WLH7KHGHIDXOWYDOXHLV

recvbuffer buffer_size recvbuffer.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHG recvbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

sendbuffer buffer_size sendbuffer.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRI

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGsendbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

setpref metric setprefDOORZV%*3

V Local_Pref

DWWULEXWHWREHXVHGWRVHW WKH*DWH'SUHIHUHQ.HRQUH.HSWLRQDQGDOORZV*DWH'SUHIHU HQ.HWRVHWWKHLocal_Pref RQWUDQVPLVVLRQ7KHsetpref metric ZRUNVDVDORZHUOLPLWEHORZZKL.KWKHLPSRUWHG Local_PrefPD\QRWVHWWKH*DWH'SUHIHUHQ.H)RUIXOOGHWDLOV VHHSetpref/Local_Pref Overview on page 187.)
showwarnings showwarnings.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ

UH.HLYLQJTXHVWLRQDEOH%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV DUHVLOHQWO\LJQRUHG

144

Configuring GateD

traceoptions trace_options

VSH.LILHVWKHWUD.LQJRSWLRQVIRUWKLV%*3 JURXS%\GHIDXOWWKHVHDUHLQKHULWHGIURP%*3JOREDOWUD.H RSWLRQV6HH7UD.H6WDWHPHQWVDQGWKH%*3VSH.LIL.WUD. LQJRSWLRQVEHORZ

traceoptions ttl ttl

%\GHIDXOW*DWH'VHWVWKH,377/IRUOR.DOSHHUVWRDQGWKH 77/IRUQRQOR.DOSHHUVWRWKHGHIDXOWNHUQHOYDOXH7KHttl RSWLRQLVSURYLGHGPDLQO\ZKHQDWWHPSWLQJWR.RPPXQL.DWH ZLWKLPSURSHUO\IXQ.WLRQLQJURXWHUVWKDWLJQRUHSD.NHWVVHQW ZLWKDttl RI1RWDOONHUQHOVDOORZWKH77/WREHVSH.LILHG IRU7&3.RQQH.WLRQV

v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVZKRVH$6SDWKLV ORRSHGLHZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKHSDWK WRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKH v3asloopokayIODJ UHPRYHVWKLV.RQVWUDLQWv3asloopokay LVLJQRUHGZKHQVHWRQ LQWHUQDOJURXSV

version number versionVSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK WKLVSHHU,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLVXVHG ILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,IYHUVLRQLVVSH.L ILHGRQO\WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLD WLRQ7KH.XUUHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG 1RWH:LWKLQDJURXS%*3SHHUVPD\EH.RQILJXUHGLQRQHRIWZRZD\V 7KH\PD\EHLPSOL.LWO\.RQILJXUHGZLWKWKH allow VWDWHPHQWRUH[SOL.LWO\ .RQILJXUHGZLWKD peer VWDWHPHQW. allow

permits peer connections from any addresses in the specified range of network and mask pairs. All parameters for these peers must be configured on the group clause. The internal peer structures are created when an incoming open request is received, and destroyed when the connection is broken. For more details on specifying the network/mask pairs, see Section 6.1 on route filtering.
allow peer host

.RQILJXUHVDQLQGLYLGXDOSHHU(D.KSHHULQKHULWVDOO SDUDPHWHUVVSH.LILHGRQDgroup.ODXVHDVGHIDXOWV0DQ\ GHIDXOWVPD\EHRYHUULGGHQE\SDUDPHWHUVH[SOL.LWO\VSH.LILHGRQ WKH peer VXE.ODXVH:LWKLQHD.Kgroup .ODXVHLQGLYLGXDOSHHUV .DQEHVSH.LILHGRUDJURXSRISRWHQWLDOSHHUV.DQEHVSH.LILHG XVLQJ allow. 8VH allow WRVSH.LI\DVHWRIDGGUHVVPDVNV,I
peer

145

The Border Gateway Protocol (BGP)

*DWH'UH.HLYHVD%*3.RQQH.WLRQUHTXHVWIURPDQ\DGGUHVVLQ WKHVHWVSH.LILHGLWZLOOD..HSWLWDQGVHWXSDSHHUUHODWLRQVKLS 7KH%*3 peer VXE.ODXVHDOORZVWKHIROORZLQJSDUDPHWHUV$OO DUHRSWLRQDO

gateway gateway gateway LQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKDSHHUgateway VSH.LILHVDURXWHURQ

DQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHUIRUURXWHV UH.HLYHGIURPWKLVSHHUgateway PD\DOVREHXVHGWRVSH.LI\D QH[WKRSIRUSHHUVWKDWDUHRQVKDUHGQHWZRUNV)RUH[DPSOH \RXPLJKWXVH gatewayWRHQVXUHWKDWWKLUGSDUW\QH[WKRSVDUH QHYHUD..HSWHGIURPDJLYHQSHHUE\VSH.LI\LQJWKDWSHHU

V DGGUHVVDVLWVRZQJDWHZD\7KHJDWHZD\VSH.LILHGPXVWKDYH .RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQWURXWLQJORRSVgatewayLVQRWQHHGHGLQPRVW.DVHV
holdtime time holdtime VSH.LILHVWKH%*3KROGWLPHYDOXHLQVH.RQGVWRXVH

ZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVSHHU,I*DWH'GRHV QRWUH.HLYHDNHHSDOLYHRUXSGDWHPHVVDJHZLWKLQWKHSHULRG VSH.LILHGLQWKHKROGWLPHILHOGRIWKH%*3RSHQPHVVDJHWKHQ WKH%*3.RQQH.WLRQZLOOEH.ORVHG7KHYDOXHPXVWEHDWOHDVW 7KHGHIDXOWYDOXHLV ( all | none )

keep

keep allUHWDLQVURXWHVOHDUQHGIURPDSHHUHYHQLIWKHURXWHV
 keep none.DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQLQJWKH URXWHU
VRZQ$6QXPEHUV keep noneLVWKHGHIDXOW keepalivesalways keepalivesalways .DXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV HYHQZKHQDQupdate .RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH keepalivesalways DOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR

$6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6QXPEHUV

QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

lcladdr local_address | localtcp local_address lcladdr VSH.LILHVWKHDGGUHVVWREHXVHGRQWKHOR.DOHQGRIWKH

7&3.RQQH.WLRQZLWKWKHSHHU)RUH[WHUQDOSHHUVWKHOR.DO DGGUHVVPXVWEHRQDQLQWHUID.HWKDWLVVKDUHGZLWKWKHSHHURU ZLWKWKHSHHU

VJDWHZD\ZKHQgateway LVXVHG$VHVVLRQZLWK DQH[WHUQDOSHHUZLOORQO\EHRSHQHGZKHQDQLQWHUID.HZLWKWKH DSSURSULDWHOR.DODGGUHVVWKURXJKZKL.KWKHSHHURUJDWHZD\ DGGUHVVLVGLUH.WO\UHD.KDEOHLVRSHUDWLQJ)RURWKHUW\SHVRI SHHUVDSHHUVHVVLRQZLOOEHPDLQWDLQHGZKHQDQ\LQWHUID.HZLWK WKHVSH.LILHGOR.DODGGUHVVLVRSHUDWLQJ,QHLWKHU.DVHLQ.RPLQJ .RQQH.WLRQVZLOORQO\EHUH.RJQL]HGDVPDW.KLQJD.RQILJXUHG

146

Configuring GateD

SHHULIWKH\DUHDGGUHVVHGWRWKH.RQILJXUHGOR.DODGGUHVV)RU group types internal DQG routing, VHW lcladdr RQWKH gateway .ODXVH)RU group type test URXWLQJLWLVDGYLVDEOH WRVHWWKHlcladdrWRDQRQSK\VL.DOLQWHUID.HVX.KDVDORRS ED.NLQWHUID.H :KHQ%*3LVILUVWVWDUWHGLWGHWHUPLQHVZKL.KLQWHUID.HVLWZLOO EHXVLQJWR.RPPXQL.DWHZLWKHD.KSHHU%H.DXVHWKLVKDSSHQV DIWHUWKH.RQILJXUDWLRQILOHKDVEHHQUHDGEXWEHIRUHLWKDVEHHQ D.WLYDWHGDQ\VWDWHPHQWVWKDWDIIH.WLQWHUID.HVIRUH[DPSOH PDUNLQJDSDUWL.XODU,3DGGUHVVDVWKHSULPDU\DGGUHVVIRUD JLYHQLQWHUID.HZLOOQRWKDYHWDNHQSOD.H\HW&RQVHTXHQWO\ %*3GRHVQ
WQH.HVVDULO\KDYHWKHVDPHYLHZRIWKHLQWHUID.HVDV WKHUHVWRI*DWH')RUH[DPSOH%*3ZLOODOZD\VSL.NWKHORZHVW ,3IRUDQLQWHUID.HDVEHLQJWKHSULPDU\7KLVLVLPSRUWDQW EH.DXVHLWDIIH.WVWKH,3DGGUHVVWKDW%*3ZLOOXVHWRSHHUIURP 7R.KRRVHWKH.RUUH.WLQWHUID.H\RX.DQXVHWKHlocaltcp RSWLRQWRH[SOL.LWO\VSH.LI\ZKL.K,3DGGUHVVWRXVHIRUSHHULQJ
localas autonomous_system localasLGHQWLILHVWKHDXWRQRPRXVV\VWHPWKDW*DWH'LVUHSUH VHQWLQJWRWKLVJURXSRISHHUV7KHGHIDXOWLVWKDWZKL.KKDV EHHQVHWJOREDOO\LQWKHautonomoussystemVWDWHPHQW. logupdown logupdown.DXVHVDPHVVDJHWREHORJJHGYLDWKHV\VORJPH.KD

QLVPZKHQHYHUD%*3SHHUHQWHUVRUOHDYHVWKH(VWDEOLVKHG VWDWH
metricout metric metricout

PD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHG SHHUV7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKH PRVWSUHIHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\  SHHUOHYHO metricout  JURXSOHYHO metricout  GHIDXOWPHWUL. )RU group types internal DQG routingVHWmetricout RQ WKHgroup .ODXVHLQVWHDGRIRQWKHpeer VXE.ODXVH0('QHHGV WREH.RPPRQEHWZHHQDOOSHHUVLQDQLQWHUQDOJURXSRUORRSLQJ PD\R..XU
noaggregatorid

.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDVLQVWHDGRIWKHrouterid RIWKHURXWHU LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJ DJJUHJDWHURXWHVZLWKGLIIHUHQW$6SDWKV

noaggregatorid

147

The Border Gateway Protocol (BGP)

nogendefault

ZKHQ%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKH gendefault RSWLRQLV HQDEOHG

nov4asloop nov4asloop

nogendefaultSUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH

SUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VH nov4asloop WRDYRLG DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV

outdelay time

GDPSHQVURXWHIOX.WXDWLRQV7KH outdelay time LV WKHDPRXQWRIWLPHDURXWHPXVWEHSUHVHQWLQWKH*DWH'URXW LQJGDWDEDVHEHIRUHLWLVH[SRUWHGWR%*37KHGHIDXOWYDOXHIRU outdelayLVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG)RU group types internal DQG routingVHW outdelayRQWKH group .ODXVH
outdelay passive

SUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQD%*3.RQ QH.WLRQZLWKWKLVSHHU,QVWHDGLWZLOOZDLWIRUWKHSHHUWRLQLWLDWH D.RQQH.WLRQpassive ZDVLQWURGX.HGWRKDQGOHDSUREOHPLQ %*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKWERWKDWWHPSWWRLQL WLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLVSUREOHPLVIL[HGLQWKH %*3SURWR.ROVR passive LVQRWQHHGHGZLWK%*3VHVVLRQV 1RWH,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQpassive ZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RUWKLV UHDVRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRIpassive LVGLV.RXUDJHG
passive preference peerpreference

VSH.LILHVWKHSUHIHUHQ.HXVHGIRUURXWHVOHDUQHG IURPWKHVHSHHUV7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW %*3SUHIHUHQ.HVHWLQWKHbgpVWDWHPHQWVRWKDW*DWH'.DQ SUHIHUURXWHVIURPRQHSHHURUJURXSRYHURWKHUV7KLVSUHIHU HQ.HPD\EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\

preference preference2 peerpreference2 preference2

EUHDNVDpreference WLH7KHGHIDXOWYDOXHLV

recvbuffer buffer_size recvbuffer

.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHG recvbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

148

Configuring GateD

sendbuffer buffer_size

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHG sendbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

showwarnings showwarnings

sendbuffer.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRI

.DXVH*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ UH.HLYLQJTXHVWLRQDEOH%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV DUHVLOHQWO\LJQRUHG

traceoptions VSH.LILHVWKHWUD.LQJRSWLRQVIRUWKLV%*3SHHU %\GHIDXOWWKHVHDUHLQKHULWHGIURPJURXSRU%*3JOREDOWUD.H RSWLRQV6HH7UD.H6WDWHPHQWVDQGWKH%*3VSH.LIL.WUD. LQJRSWLRQVEHORZ

traceoptions trace_options

ttl ttl

%\GHIDXOW*DWH'VHWVWKH,377/IRUOR.DOSHHUVWR DQGWKH 77/IRUQRQOR.DOSHHUVWRWKHGHIDXOWNHUQHOYDOXH7KHttl RSWLRQLVSURYLGHGPDLQO\ZKHQDWWHPSWLQJWR.RPPXQL.DWH ZLWKLPSURSHUO\IXQ.WLRQLQJURXWHUVWKDWLJQRUHSD.NHWVVHQW ZLWKD77/RI 1RWDOONHUQHOVDOORZWKH77/WREHVSH.LILHG IRU7&3.RQQH.WLRQV

v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVZKRVH$6SDWKLV ORRSHGLHZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKHSDWK WRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKH v3asloopokayIODJ UHPRYHVWKLV.RQVWUDLQWv3asloopokayLVLJQRUHGZKHQVHWRQ LQWHUQDOJURXSVRUSHHUV

version number version VSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK WKLVSHHU,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLVXVHG ILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,Iversion LVVSH.L ILHGRQO\WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLD WLRQ7KH.XUUHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG

2.2.2.5.2 Public BGP Tracing Options 1RWH 7KHVWDWHRSWLRQZRUNVZLWK%*3EXWGRHVQRWSURYLGHWUXHVWDWH WUDQVLWLRQLQIRUPDWLRQ 3D.NHWWUD.LQJRSWLRQVZKL.KPD\EHPRGLILHGZLWKdetailsendDQG recvLQ.OXGHWKHIROORZLQJ

149

The Border Gateway Protocol (BGP)

packets

7UD.HDOO%*3SD.NHWV
open

7UD.H%*3RSHQSD.NHWVZKL.KDUHXVHGWRHVWDEOLVKDSHHUUHOD WLRQVKLS
update

7UD.H%*3XSGDWHSD.NHWVZKL.KDUHXVHGWRSDVVQHWZRUN UHD.KDELOLW\LQIRUPDWLRQ
keepalive

7UD.H%*3NHHSDOLYHSD.NHWVZKL.KDUHXVHGWRYHULI\SHHU UHD.KDELOLW\
all

7UD.HHYHU\WKLQJLQ.OXGLQJDGGLWLRQV.KDQJHVGHOHWLRQVWRWKH *DWH'URXWLQJWDEOH 2.2.2.5.3 BGP Configurable Options 6HHWKHIROORZLQJVH.WLRQVIRUPRUHLQIRUPDWLRQDERXWVSH.LIL.%*3 RSWLRQV 2.2.2.5.3.1 Route Reflection Overview and Example %*3VXSSRUWVURXWHUHIOH.WLRQIRULQWHUQDOSHHUJURXSVZLWK%*3YHU VLRQRQO\:KHQXVLQJURXWHUHIOH.WLRQWKHUXOHWKDWDURXWHUPD\QRW UHDGYHUWLVHURXWHVIURPLQWHUQDOSHHUVWRRWKHULQWHUQDOSHHUVLVUHOD[HGIRU VRPHURXWHUVZKL.KDUH.DOOHGURXWHUHIOH.WRUV *HQHUDOO\DOOERUGHUURXWHUVLQDVLQJOH$6QHHGWREHLQWHUQDOSHHUVRI HD.KRWKHUDQGLQID.WDOOQRQERUGHUURXWHUVIUHTXHQWO\QHHGWREHLQWHU QDOSHHUVRIDOOERUGHUURXWHUV$OWKRXJKWKLV.RQILJXUDWLRQLVXVXDOO\ D..HSWDEOHLQVPDOOQHWZRUNVLWPD\OHDGWRXQD..HSWDEO\ODUJHLQWHUQDO SHHUJURXSVLQODUJHQHWZRUNV7RKHOSDGGUHVVWKLVSUREOHP%*3VXS SRUWVURXWHUHIOH.WLRQIRULQWHUQDOSHHUJURXSVZLWK%*3YHUVLRQRQO\ :KHQXVLQJURXWHUHIOH.WLRQWKHUXOHWKDWDURXWHUPD\QRWUHDGYHUWLVH URXWHVIURPLQWHUQDOSHHUVWRRWKHULQWHUQDOSHHUVLVUHOD[HGIRUVRPH URXWHUV.DOOHGURXWHUHIOH.WRUV$W\SL.DOXVHRIURXWHUHIOH.WLRQPLJKW LQYROYHD.RUHED.NERQHRIIXOO\PHVKHGURXWHUVIXOO\PHVKHGPHDQV DOOWKHURXWHUVLQWKHJURXSSHHUGLUH.WO\ZLWKDOORWKHUURXWHUVLQWKH JURXS6RPHRIWKHVHURXWHUVD.WDVURXWHUHIOH.WRUVIRUURXWHUVWKDWDUH QRWSDUWRIWKH.RUHJURXS 7ZRW\SHVRIURXWHUHIOH.WLRQDUHVXSSRUWHGURXWHV.DQEHVHQWWRDOO LQWHUQDOSHHUVRURQO\WRLQWHUQDOSHHUVWKDWDUHQRWPHPEHUVRIWKH.OL HQW
VJURXS%\GHIDXOWDOOURXWHVUH.HLYHGE\WKHURXWHUHIOH.WRUIURPD .OLHQWDUHVHQWWRDOOLQWHUQDOSHHUVLQ.OXGLQJWKH.OLHQW
VJURXSEXWQRWWKH .OLHQWLWVHOI,IWKHno-client-reflect RSWLRQLVHQDEOHGURXWHV UH.HLYHGIURPDURXWHUHIOH.WLRQ.OLHQWDUHVHQWRQO\WRLQWHUQDOSHHUVWKDW
150

Configuring GateD

DUHQRWPHPEHUVRIWKH.OLHQW
VJURXS,QWKLV.DVHWKH.OLHQW
VJURXSPXVW LWVHOIEHIXOO\PHVKHG,QHLWKHU.DVHDOOURXWHVUH.HLYHGIURPDQRQ.OLHQW LQWHUQDOSHHUDUHVHQWWRDOOURXWHUHIOH.WLRQ.OLHQWV 7\SL.DOO\DVLQJOHURXWHUZLOOD.WDVWKHUHIOH.WRUIRUDVHWRU.OXVWHURI.OL HQWV+RZHYHUIRUUHGXQGDQ.\WZRRUPRUHPD\DOVREH.RQILJXUHGWREH UHIOH.WRUVIRUWKHVDPH.OXVWHU,QWKLV.DVHD.OXVWHU,'VKRXOGEH VHOH.WHGXVLQJWKH clusterid NH\ZRUGWRLGHQWLI\DOOUHIOH.WRUVVHUYLQJ WKH.OXVWHU*UDWXLWRXVXVHRIPXOWLSOHUHGXQGDQWUHIOH.WRUVLVQRWDGYLVHG EH.DXVHLW.DQOHDGWRDQLQ.UHDVHLQWKHPHPRU\UHTXLUHGWRVWRUHURXWHV RQWKHUHGXQGDQWUHIOH.WRUV
SHHUV 1RVSH.LDO.RQILJXUDWLRQLVUHTXLUHGRQWKHURXWHUHIOH.WLRQ.OLHQWV)URP D.OLHQW
VSHUVSH.WLYHDURXWHUHIOH.WRULVVLPSO\DQRUPDO,%*3SHHU$Q\ %*3YHUVLRQ VSHDNHUVKRXOGEHDEOHWREHDUHIOH.WRU.OLHQW 1RWH*DWH'YHUVLRQV%DQGHDUOLHUDVZHOODV$DQGHDUOLHU.RQ WDLQDEXJWKDWSUHYHQWVWKHPIURPD.WLQJDVURXWHUHIOH.WLRQ.OLHQWV 5HIHUWRWKHURXWHUHIOH.WLRQVSH.LIL.DWLRQGR.XPHQW5)&IRUIXU WKHUGHWDLOV5)&.DQEHIRXQGDW KWWSZZZPHULWHGXLQWHUQHWGR.XPHQWVUI.UI.W[W $OOURXWHVUH.HLYHGIURPDQ\JURXSPHPEHUZLOOEHVHQWWRDOORWKHULQWHU QDOQHLJKERUVDQGDOOURXWHVUH.HLYHGIURPDQ\RWKHULQWHUQDOQHLJKERUV ZLOOEHVHQWWRWKHUHIOH.WRU.OLHQWV%H.DXVHWKHURXWHUHIOH.WRUIRUZDUGV URXWHVLQWKLVZD\WKHUHIOH.WRU.OLHQWJURXSQHHGQRWEHIXOO\PHVKHG,I WKHno-client-reflectRSWLRQLVVSH.LILHGURXWHVUH.HLYHGIURPUHIOH. WRU.OLHQWVZLOORQO\EHVHQWWRLQWHUQDOQHLJKERUVWKDWDUHQRWLQWKHVDPH JURXSDVWKHVHQGLQJUHIOH.WRU.OLHQW,QWKLV.DVHWKHUHIOH.WRU.OLHQW JURXSVKRXOGEHIXOO\PHVKHG,QDOO.DVHVURXWHVUH.HLYHGIURPQRUPDO LQWHUQDOSHHUVZLOOEHVHQWWRDOOUHIOH.WRU.OLHQWV 1RWH ,WLVQH.HVVDU\WRH[SRUWURXWHVIURPWKHOR.DO$6ED.NLQWRWKH OR.DO$6ZKHQD.WLQJDVDURXWHUHIOH.WRU)RUH[DPSOHVXSSRVHWKDWWKH OR.DO$6QXPEHULV $QH[SRUWVWDWHPHQWOLNHWKHIROORZLQJZRXOGVXI IL.HWRPDNHUHIOH.WLRQZRUN.RUUH.WO\
export proto bgp as 2 { proto bgp as 2 {all;}; # for reflection # other exports };

,IWKH.OXVWHU,'LV.KDQJHGDQG*DWH'LVUH.RQILJXUHGZLWKDSIGHUPDOO %*3VHVVLRQVZLWKUHIOH.WRU.OLHQWVZLOOEHGURSSHGDQGUHVWDUWHG

151

The Border Gateway Protocol (BGP)

$QRWKHUH[DPSOHIROORZV
traceoptions "/var/tmp/gated.log" replace size 1000k files 3 all; autonomous-system 64512; routerid 192.168.11.1; rip no; bgp yes { group type internal peeras 64512 reflector-client { peer 192.168.10.2; peer 192.168.10.3; peer 192.168.10.4; peer 192.168.10.5; peer 192.168.10.6; }; group type internal peeras 64512 { peer 192.168.11.2; peer 192.168.11.3; }; };

static { default gw 172.16.0.1 retain; };

import proto bgp as 64512 { all; };

export proto bgp as 64512 { proto bgp as 64512 { all; }; };

 7KHDERYHJDWHG.RQIILOHLVIRUDURXWHUHIOH.WRULQDVHWRIIXOO\ PHVKHG,%*3PD.KLQHV2IWKHPD.KLQHVDUHQRWUHIOH.WRUV7KHVH DUHUHIOH.WRU.OLHQWVDQGDUHQRW.RQILJXUHGLQDQ\VSH.LDOZD\

152

Configuring GateD

,QWKLVPHVKWKHUHDUHDWRWDORI,%*3.RQQH.WLRQV:LWKRXWWKHURXWH UHIOH.WRUV5WKURXJK5ZRXOGKDYHWRPDLQWDLQDIXOOLQWHUQDOPHVKRQ WKHLURZQ7KLVZRXOGUHVXOWLQRU,%*3.RQQH.WLRQV 2.2.2.5.3.2 Weighted Route Dampening Overview, Syntax and Defaults 7KHEDVL.LGHDRIZHLJKWHGURXWHGDPSHQLQJLVWRWUHDWURXWHVWKDWDUH EHLQJDQQRXQ.HGDQGZLWKGUDZQIODSSLQJDWDUDSLGUDWHDVXQUHD.KDEOH ,IDURXWHIODSVDWDORZUDWHLWVKRXOGQRWEHVXSSUHVVHGDWDOORUVXS SUHVVHGRQO\IRUDEULHISHULRGRIWLPH:LWKZHLJKWHGURXWHGDPSHQLQJ WKHVXSSUHVVLRQRIDURXWHRUURXWHVR..XUVLQDPDQQHUWKDWDGDSWVWRWKH IUHTXHQ.\DQGGXUDWLRQWKDWDSDUWL.XODUURXWHDSSHDUVWREHIODSSLQJ7KH PRUHDURXWHIODSVGXULQJDSHULRGRIWLPHWKHORQJHULWZLOOEHVXS SUHVVHG7KHDGDSWLYH.KDUD.WHULVWL.VRIZHLJKWHGURXWHGDPSHQLQJDUH .RQWUROOHGE\DIHZ.RQILJXUDEOHSDUDPHWHUV &XUUHQWO\RQO\URXWHVOHDUQHGYLD%*3DUHVXEMH.WWRZHLJKWHGURXWH GDPSHQLQJDOWKRXJKQRSURWR.ROVZLOODQQRXQ.HVXSSUHVVHGURXWHV7KH ZHLJKWHGURXWHGDPSHQLQJ.RQILJXUDWLRQVWDWHPHQWLVQRWZLWKLQWKH%*3 VWDWHPHQWEXWLVDVHSDUDWHDQGGLVWLQ.W.RQILJXUDWLRQ.RQ.HSWXDOO\LWLV PX.KOLNHinterfaceRUkernelVWDWHPHQWV 7KHV\QWD[IRUZHLJKWHGURXWHGDPSHQLQJLQ*DWH'LV
dampen-flap { [ suppress-above metric ; reuse-below metric ; max-flap metric ; unreach-decay time ; reach-decay time ; keep-history time ; ] }; suppress-above metric suppress-aboveLVWKHYDOXHRIWKHLQVWDELOLW\PHWUL.DWZKL.K URXWHVXSSUHVVLRQZLOOWDNHSOD.HDURXWHZLOOQRWEHLQVWDOOHGLQ WKH),%RUDQQRXQ.HGHYHQLILWLVUHD.KDEOHGXULQJWKHSHULRG WKDWLWLVVXSSUHVVHG reuse-below metric reuse-below LVWKHYDOXHRIWKHLQVWDELOLW\PHWUL.DWZKL.KD VXSSUHVVHGURXWHZLOOEH.RPHXQVXSSUHVVHGLILWLVUHD.KDEOH EXW.XUUHQWO\VXSSUHVVHG7KHYDOXHDVVLJQHGWR reuse-below PXVWEHOHVVWKDQ suppress-above. max-flap metric max-flapLVWKHXSSHUOLPLWRIWKHLQVWDELOLW\PHWUL.7KLVYDOXH PXVWEHJUHDWHUWKDQWKHODUJHURIDQG suppress_above.

153

The Border Gateway Protocol (BGP)

$VVLJQHGWRWKHDERYHWKUHHSDUDPHWHUVLVDIORDWLQJSRLQWQXPEHULQ XQLWVRIIODSV(D.KWLPHDURXWHEH.RPHVXQUHD.KDEOHLVDGGHGWRWKH .XUUHQWLQVWDELOLW\PHWUL.

reach-decay time reach-decay

VSH.LILHVWKHWLPHGHVLUHGIRUWKHLQVWDELOLW\PHW UL.YDOXHWRUHD.KRQHKDOIRILWV.XUUHQWYDOXHZKHQWKHURXWHLV UHD.KDEOH7KLVKDOIOLIHYDOXHGHWHUPLQHVWKHUDWHDWZKL.KWKH PHWUL.YDOXHLVGH.D\HG$VPDOOHUKDOIOLIHYDOXHZLOOPDNHDVXS SUHVVHGURXWHUHXVDEOHVRRQHUWKDQDODUJHUYDOXH H[.HSWWKDWLW VSH.LILHVWKHUDWHDWZKL.KWKHLQVWDELOLW\PHWUL.LVGH.D\HGZKHQ DURXWHLVXQUHD.KDEOH,WVKRXOGKDYHDYDOXHJUHDWHUWKDQRU HTXDOWRreach-decay.

unreach-decay time unreach-decayD.WVWKHVDPHDVreach-decay

keep-history time

VSH.LILHVWKHSHULRGRYHUZKL.KWKHURXWHIODS SLQJKLVWRU\LVWRPDLQWDLQHGIRUDJLYHQURXWH7KHVL]HRIWKH .RQILJXUDWLRQDUUD\VGHV.ULEHGEHORZLVGLUH.WO\DIIH.WHGE\WKLV YDOXH ,IRQO\dampen-flap {};LVVSH.LILHGLQWKH.RQILJXUDWLRQILOHWKHQWKH IROORZLQJGHIDXOWYDOXHVDUHXVHG

keep-history suppress-above = 3.0; reuse-below = 2.0; max-flap = 16.0; unreach-decay = 900; reach-decay = 300; keep-history = 1800;

2.2.2.5.3.3 Setpref/Local_Pref Overview 7KH setpref RSWLRQDOORZV*DWH'WRVHWWKHLocal_Pref WRUHIOH.W *DWH'

VRZQLQWHUQDOSUHIHUHQ.HIRUWKHURXWHDVJLYHQE\WKHJOREDOSUR WR.ROSUHIHUHQ.HYDOXH7KH setpref RSWLRQPD\EHXVHGZLWKURXWLQJRU LQWHUQDOW\SHJURXSV7KH Local_Pref LVQHYHUVHWGLUH.WO\EXWUDWKHUDV DIXQ.WLRQRIWKH*DWH'preference DQG setpref PHWUL.V. ,I setpref RSWLRQLVVHWRQRQHLQWHUQDOSHHUJURXSLWPXVWEHVHWRQDOO LQWHUQDOSHHUJURXSV7KH setpref RSWLRQPD\RQO\EHXVHGRQLQWHUQDO SHHUJURXSW\SHVLQWHUQDORUURXWLQJ 7KHWUDQVODWLRQRI*DWH'
VLQWHUQDOSUHIHUHQ.HWRDQGIURP Local_Pref LVGRQHDVIROORZV,QWKHWDEOHEHORZmetric LVWKHDUJXPHQWWRsetprefHJLQWKHVWDWHPHQW "setpref 100," metric LV. "([SRUWHG 3UHIHUHQ.HLVWKH*DWH'SUHIHUHQ.HRIWKHH[SRUWHGURXWH,PSRUWHG 3UHIHUHQ.HLVWKH*DWH'SUHIHUHQ.HDVVLJQHGWRWKHLPSRUWHGURXWH

154

Configuring GateD

,QHIIH.WDQ\*DWH'SUHIHUHQ.HRIOHVVWKDQmetric LVH[SRUWHGVX.KWKDW ([SRUWHG 3UHIHUHQ.H /HVVWKDQmetric

metricWR

/R.DOB3UHI  WRmetric *UHDWHUWKDQ

,PSRUWHG 3UHIHUHQ.H
metric metricWR metric

1$

LWZLOOEHUHLPSRUWHGE\DGLVWDQW*DWH'ZLWKDSUHIHUHQ.HRIH[D.WO\ metric.$Q\SUHIHUHQ.HRI metric RUDERYHZLOOEHH[SRUWHGVX.KWKDWLW ZLOOEHUHLPSRUWHGZLWKWKHVDPHSUHIHUHQ.HLWKDGRULJLQDOO\

Local_PrefDVH[SRUWHGWR%*3SHHUVLV.DO.XODWHGDV Local_Pref ric

JOREDOSURWR.RO preference IRUWKLVURXWH met-

$YDOXHJUHDWHUWKDQZLOOEHUHVHWWR*DWH'ZLOORQO\VHQG Local_Pref YDOXHVEHWZHHQDQG )RUH[DPSOHVXSSRVH*DWH'LVVHQGLQJURXWHVWRDQLQWHUQDOJURXSXVLQJ setpref 100DQGWKHURXWHVDUHVXEVHTXHQWO\UH.HLYHGE\DQRWKHU URXWHULQWKHJURXSDOVRXVLQJsetpref 1007KHWDEOHEHORZOLVWV VRPHVDPSOHURXWHSUHIHUHQ.HVWKHLocal_PrefsZLWKZKL.KWKHURXWHV ZLOOEHVHQWDQGWKHSUHIHUHQ.HVZLWKZKL.KWKHURXWHVZLOOEHLPSRUWHG 3UHIHUHQ.H%HIRUH ([SRUW      /R.DOB3UHI       3UHIHUHQ.H$IWHU ,PSRUW     

Note: 1RQ*DWH',%*3LPSOHPHQWDWLRQVPD\VHQG Local_Prefs WKDW DUHJUHDWHUWKDQ:KHQRSHUDWLQJDPL[HGQHWZRUNRIWKLVW\SHLWLV UH.RPPHQGHGWKDWDOOURXWHUVUHVWUL.WWKHPVHOYHVWRVHQGLQJ Local_Prefs LQWKHUDQJHmetricWR 1RWH$OOURXWHUVLQWKHVDPHQHWZRUNWKDWDUHUXQQLQJ*DWH'DQGSDUWL. LSDWLQJLQ,%*3VKRXOGXVHsetpref XQLIRUPO\7KDWLVLIRQHURXWHUKDV setpref VHWDOOVKRXOGVHWLWDQGDOOVKRXOGXVHWKHVDPHYDOXHRImetric.7KHYDOXHIRU metric VKRXOGEHVHOH.WHGWREH.RQVLVWHQWZLWKWKH

155

The Border Gateway Protocol (BGP)

LPSRUWSROL.\LQXVHLQWKHQHWZRUN)RUH[DPSOHLILPSRUWSROL.\VHWV *DWH'SUHIHUHQ.HVUDQJLQJIURPWRDsetpref metric RI ZRXOGPDNHVHQVH,WLVDGYLVDEOHWRVHW metric KLJKHQRXJKWRDYRLG .RQIOL.WVEHWZHHQ%*3URXWHVDQG,*3RUVWDWL.URXWHV 5RXWHVSURSDJDWHGE\,%*3PXVWLQ.OXGHDLocal_Pref DWWULEXWH Local_Pref PD\EHXVHGE\D%*3VSHDNHUWRLQIRUPRWKHU%*3VSHDN HUVLQLWVRZQDXWRQRPRXVV\VWHPRIWKHRULJLQDWLQJVSHDNHU
VGHJUHHRI SUHIHUHQ.HIRUDQDGYHUWLVHGURXWH8QOHVVWKH setpref RSWLRQKDVEHHQ VHW%*3VHQGVWKHLocal_PrefSDWKDWWULEXWHDV

*DWH'DOZD\VXVHVWKHUH.HLYHG Local_Pref WRVHOH.WEHWZHHQ%*3 URXWHVWKDWKDYHWKHVDPH*DWH'SUHIHUHQ.H%*3URXWHVZLWKDODUJHU Local_PrefDUHSUHIHUUHG )RUWKLVWRSRORJ\

BGP2 / \ / \ BGP1---BGP3 | | AS 65000

AS 65100

7KHIROORZLQJ.RQILJXUDWLRQZLOO.DXVH$6WRSUHIHUURXWHVIURP WKH%*3%*3OLQN %*3&RQILJXUDWLRQ

bgp yes { group type external peeras 65000 { peer 10.0.0.2; # BGP2 }; group type internal peeras 65100 setpref 100 { peer 192.168.10.2; # BGP3 }; };

%*3&RQILJXUDWLRQ
bgp yes { group type external peeras 65000 { peer 10.0.0.2; # BGP2 }; group type internal peeras 65100 setpref 99 { peer 192.168.10.1; # BGP1 }; };

2.2.2.6 BGP Consortium

2.2.2.6.1 BGP Consortium Syntax 1RWH$WWKHWRSRI\RXU.RQILJXUDWLRQILOH\RXPXVWVSH.LI\WKH$6DQG URXWHULGLQRUGHUIRU%*3WRZRUN

156

Configuring GateD

bgp ( on | off) [ { confed-id asnumber preference bgppreference ; defaultmetric metric ; traceoptions trace_options ; [ clusterid host ; ] group type (( external peeras autonomous_system [ ascount count ] [ comm ] [ confed ] [ gateway gateway ] [ holdtime time ] [ ignorefirstashop ] [ indelay time] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address | localtcp local_address ] [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ ) { localas autonomous_system ] med ] metricout metric ] noaggregatorid ] nogendefault ] nexthopself ] nov4asloop ] outdelay time ] passive ] preference grouppreference ] preference2 grouppreference2 ] recvbuffer buffersize ] sendbuffer buffersize ] showwarnings ] v3asloopokay ] version number ]

allow { [ network [ network [ network all; host [ } ; } ;

] ; ] mask [ mask ] ; ] masklen [ number ] ;

ipnumber ] ;

157

The Border Gateway Protocol (BGP)

| ( internal peeras autonomous_system [ comm ] [ confed ] [ gateway gateway ] [ holdtime time ] [ ignorefirstashop ] [ indelay time] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address | localtcp local_address ] [ med ] [ metricout metric ] [ noaggregatorid ] [ nogendefault ] [ nov4asloop ] [ outdelay time ] [ passive ] [ preference grouppreference ] [ preference2 grouppreference2 ] [ recvbuffer buffersize ] [ reflector-client [ no-client-reflect ] [ sendbuffer buffersize ] [ showwarnings ] [ v3asloopokay ] [ version number ] ) { allow { [ network ] ; [ network ] mask [ mask ] ; [ network ] masklen [ number ] ; all; host [ ipnumber ] ; } ; } ; | ( routing peeras autonomous_system proto protocol [ comm ] [ confed ] [ gateway gateway ] [ holdtime time ] [ ignorefirstashop ] [ indelay time] [ interface interface_list ] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address | localtcp local_address ]

158

Configuring GateD

[ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ ) {

logupdown ] med ] metricout metric ] noaggregatorid ] nogendefault ] nov4asloop ] outdelay time ] passive ] preference grouppreference ] preference2 grouppreference2 ] recvbuffer buffersize ] reflector-client [ no-client-reflect ] ] sendbuffer buffersize ] setpref metric ] showwarnings ] traceoptions trace_options ] ttl ttl ] v3asloopokay ] version number ] ]

allow { [ network ] mask [ mask ] ; [ network ] masklen [ number ] ; all; host [ ipnumber ] ; } ; } ; | ( test peeras autonomous_system )) { allow { [ network ] ; [ network ] mask [ mask ] ; [ network ] masklen [ number ] ; all; host [ ipnumber ] ; } ; } ; peer host [ ascount count ] [ confed ] [ gateway gateway ] [ holdtime time ] [ ignorefirstashop ] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address | localtcp local_address ]

159

The Border Gateway Protocol (BGP)

[ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ ; } ; } ] ;

logupdown ] med ] metricout metric ] nexthopself ] noaggregatorid ] nogendefault ] nov4asloop ] passive ] preference peerpreference ] preference2 peerpreference2 ] recvbuffer buffersize ] routetopeer ] sendbuffer buffersize ] showwarnings ] traceoptions trace_options ] ttl ttl ] v3asloopokay ] version number ]

7KHbgpVWDWHPHQWHQDEOHVRUGLVDEOHV%*3%\GHIDXOW%*3LVGLVDEOHG 7KHGHIDXOWPHWUL.IRUDQQRXQ.LQJURXWHVYLD%*3LVWRVHQGQRPHWUL.
confed-id asnumber confederation-id

VSH.LILHVWKHDXWRQRPRXVV\VWHPQXPEHU RIWKH.RQIHGHUDWLRQWRZKL.KWKLVURXWHUEHORQJV

preference bgppreference preferenceVSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP

%*3.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQD URXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYH URXWHZLOOEHVHOH.WHGIURPIURPWKHSURWR.ROZLWKWKHORZHVW SUHIHUHQ.H(D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH. WLRQ7KHGHIDXOWSUHIHUHQ.HIRU%*3LV7KLVSUHIHUHQ.H PD\EHRYHUULGGHQE\LPSRUWSROL.\

defaultmetric metric defaultmetricGHILQHVWKHPHWUL.XVHGZKHQDGYHUWLVLQJ

URXWHVYLD%*3,IQRWVSH.LILHGQRPHWUL.LVSURSDJDWHG7KLV PHWUL.PD\EHRYHUULGGHQE\DPHWUL.VSH.LILHGRQWKHgroupRU peerVWDWHPHQWVRULQH[SRUWSROL.\

traceoptions trace_options traceoptions

VSH.LILHVWKHWUD.LQJRSWLRQVIRU%*3%\ GHIDXOWWKHVHDUHLQKHULWHGIURPWKHJOREDOWUD.HRSWLRQV7KHVH

160

Configuring GateD

YDOXHVPD\EHRYHUULGGHQRQDgroupRUpeerEDVLV6HH6H. WLRQ7UD.H6WDWHPHQWVDQGWKH%*3VSH.LIL.WUD.LQJRSWLRQV EHORZ

clusterid host clusteridVSH.LILHVWKHURXWHUHIOH.WLRQ.OXVWHU,'IRU%*3 7KH.OXVWHU,'GHIDXOWVWREHWKHVDPHDVWKHURXWHU,',ID URXWHULVWREHDURXWHUHIOH.WRUWKHQDVLQJOH.OXVWHU,'VKRXOG EHVHOH.WHGDQG.RQILJXUHGRQDOOURXWHUHIOH.WRUVLQWKH.OXVWHU 7KHRQO\.RQVWUDLQWVRQWKH.KRL.HRI.OXVWHU,'LVWKDWD,'V RI.OXVWHUVZLWKLQDQ$6PXVWEHXQLTXHZLWKLQWKDW$6DQGE WKH.OXVWHU,'PXVWQRWEH&KRRVLQJWKH.OXVWHU,'WR EHWKHURXWHU,'RIRQHURXWHULQWKH.OXVWHUZLOODOZD\VIXOILOO WKHVH.ULWHULD,IWKHUHLVRQO\RQHURXWHUHIOH.WRULQWKH.OXVWHU WKHclusteridVHWWLQJPD\EHRPLWWHGEH.DXVHWKHGHIDXOWZLOO VXIIL.H 1RWH%*3SHHUVDUHJURXSHGE\W\SHDQGWKHDXWRQRPRXVV\VWHPRIWKH SHHUV$Q\QXPEHURIJURXSVPD\EHVSH.LILHGEXWHD.KPXVWKDYHD XQLTXH.RPELQDWLRQRIW\SHSHHUDXWRQRPRXVV\VWHPDQGcommRSWLRQV 7KH%*3VWDWHPHQWKDVgroup.ODXVHVDQGpeerVXE.ODXVHV$Q\QXPEHU RIpeerVXE.ODXVHVPD\EHVSH.LILHGZLWKLQDgroup$group.ODXVHXVX DOO\GHILQHVGHIDXOWSDUDPHWHUVIRUDJURXSRISHHUV7KHVHSDUDPHWHUV DSSO\WRDOOVXEVLGLDU\peerVXE.ODXVHV$Q\SDUDPHWHUVIURPWKHpeer VXE.ODXVHPD\EHVSH.LILHGRQWKHgroup.ODXVHWRSURYLGHGHIDXOWVIRU WKHZKROHJURXSZKL.KPD\EHRYHUULGGHQIRULQGLYLGXDOSHHUV group type external peeras autonomous_system

,QWKH.ODVVL.H[WHUQDO%*3JURXSIXOOSROL.\.KH.NLQJLVDSSOLHG WRDOOLQ.RPLQJDQGRXWJRLQJDGYHUWLVHPHQWV7KHH[WHUQDOSHHUV PXVWEHGLUH.WO\UHD.KDEOHWKURXJKRQHRIWKHPD.KLQH

VOR.DO LQWHUID.HV7KHQH[WKRSWUDQVPLWWHGLV.RPSXWHGZLWKUHVSH.W WRWKHVKDUHGLQWHUID.H
ascount count ascountGHV.ULEHVWKHQXPEHURI WLPHVWKDWWKLVURXWHUZLOO LQVHUWLWVRZQ$6QXPEHUZKHQLWVHQGVWKH$6SDWKWRDQH[WHU QDOSHHU7KHGHIDXOWLV+LJKHUYDOXHVDUHW\SL.DOO\XVHGWRELDV XSVWUHDPSHHUV
URXWHVHOH.WLRQ$OOWKLQJVEHLQJHTXDOPRVW URXWHUVZLOOSUHIHUWRXVHURXWHVZLWKVKRUWHU$63DWKV8VLQJ ascountWKH$63DWKWKLVURXWHUVHQGV.DQEHDUWLIL.LDOO\OHQJWK HQHG 1RWHascountVXSHUVHGHVWKHnov4asloopRSWLRQ5HJDUGOHVV RIZKHWKHUnov4asloopLVVHWWKLVURXWHUZLOOVWLOOVHQGPXOWLSOH .RSLHVRILWVRZQ$6LIWKHascountRSWLRQLVVHWWRVRPHWKLQJ JUHDWHUWKDQ $OVRQRWHWKDWLIWKHYDOXHRIascountLV .KDQJHGDQG*DWH'LVUH.RQILJXUHGURXWHVZLOOQRWEHVHQWWR UHIOH.WWKHQHZVHWWLQJ,I\RXZDQWWKHVHURXWHVWREHVHQW

161

The Border Gateway Protocol (BGP)

UHVWDUWWKHSHHUVHVVLRQE\.RPPHQWLQJRXWWKHJURXSascount UH.RQILJXULQJDQGWKHQXQ.RPPHQWLQJDQGUH.RQILJXULQJDJDLQ RUE\UHVWDUWLQJ*DWH'

comm

VSH.LILHVWKH.RPPXQLW\DWWULEXWHRULJLQDWHGIRUWKHSHHU 6HH&RPPXQLWLHV2YHUYLHZDQG([DPSOHVRQSDJH IRU PRUHLQIRUPDWLRQ

comm confed confedVSH.LILHVWKDWWKHSHHUVLQWKLVJURXSEHORQJWRWKHVDPH

.RQIHGHUDWLRQDVWKLVURXWHU
gateway gateway

gatewayLQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKWKLVJURXSgatewayVSH.LILHVD

URXWHURQDQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHU IRUURXWHVUH.HLYHGIURPWKLVSHHU7KHgatewaySDUDPHWHUPD\ DOVREHXVHGWRVSH.LI\DQH[WKRSIRUJURXSVWKDWDUHRQVKDUHG QHWZRUNV)RUH[DPSOH\RXPLJKWXVHgatewayWRHQVXUHWKDW WKLUGSDUW\QH[WKRSVDUHQHYHUD..HSWHGIURPDJLYHQJURXSE\ VSH.LI\LQJWKDWJURXS

VDGGUHVVDVLWVRZQJDWHZD\7KHgateway VSH.LILHGPXVWKDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQW URXWLQJORRSVgatewayLVQRWQHHGHGLQPRVW.DVHV
holdtime time holdtimeVSH.LILHVWKH%*3KROGWLPHYDOXHLQVH.RQGVWRXVH

ZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVJURXS,I*DWH'GRHV QRWUH.HLYHDkeepalive update RU notificationPHVVDJH ZLWKLQWKHSHULRGVSH.LILHGLQWKHKROGWLPHILHOGRIWKH%*3 RSHQPHVVDJHWKHQWKH%*3.RQQH.WLRQZLOOEH.ORVHG7KH YDOXHPXVWEHDWOHDVW7KHGHIDXOWYDOXHLV

ignorefirstashop

6RPHURXWHUVNQRZQDVURXWHVHUYHUVDUH.DSDEOHRISURSD JDWLQJURXWHVZLWKRXWDSSHQGLQJWKHLURZQ$6WRWKH$63DWK %\GHIDXOW*DWH'ZLOOGURSVX.KURXWHV6SH.LI\LQJignorefirstashopRQWKHgroup.ODXVHDOORZV*DWH'WRNHHSWKHVH URXWHVignorefirstashopVKRXOGRQO\EHXVHGLIWKHUHLVQR GRXEWWKDWWKHSHHUVLQWKLVJURXSDUHURXWHVHUYHUVDQGQRWQRU PDOURXWHUV

indelay time indelay timeLVWKHDPRXQWRIWLPHD%*3URXWHPXVWEH

SUHVHQWEHIRUHLWLVLPSRUWHGLQWRWKH*DWH'URXWLQJGDWDEDVH 7KHGHIDXOWYDOXHLVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG

keep ( all | none ) keep allUHWDLQVURXWHVOHDUQHGIURPDJURXSHYHQLIWKH

162

Configuring GateD

URXWHV
$6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6 QXPEHUVkeep none.DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQ LQJWKHURXWHU
VRZQ$6QXPEHUVkeep noneLVWKHGHIDXOW
keepalivesalways keepalivesalways.DXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV

keepalivesalwaysDOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR

HYHQZKHQDQXSGDWH.RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

lcladdr local_address | localtcp local_address lcladdrRUlocaltcpVSH.LILHVWKHDGGUHVVWREHXVHGRQWKH

OR.DOHQGRIWKH7&3.RQQH.WLRQZLWKWKHSHHU)RUH[WHUQDO SHHUVWKHOR.DODGGUHVVPXVWEHRQDQLQWHUID.HWKDWLVVKDUHG ZLWKWKHSHHURUZLWKWKHSHHU

VJDWHZD\ZKHQWKHJDWHZD\ SDUDPHWHULVXVHG$VHVVLRQZLWKDQH[WHUQDOSHHUZLOORQO\EH RSHQHGZKHQDQLQWHUID.HZLWKWKHDSSURSULDWHOR.DODGGUHVV WKURXJKZKL.KWKHSHHURUJDWHZD\DGGUHVVLVGLUH.WO\UHD.KDEOH LVRSHUDWLQJ)RURWKHUW\SHVRISHHUVDSHHUVHVVLRQZLOOEH PDLQWDLQHGZKHQDQ\LQWHUID.HZLWKWKHVSH.LILHGOR.DODGGUHVVLV RSHUDWLQJ,QHLWKHU.DVHDQLQ.RPLQJ.RQQH.WLRQZLOORQO\EH UH.RJQL]HGDVDPDW.KIRUD.RQILJXUHGSHHULILWLVDGGUHVVHGWR WKH.RQILJXUHGOR.DODGGUHVV

:KHQ%*3LVILUVWVWDUWHGLWGHWHUPLQHVZKL.KLQWHUID.HVLWZLOO EHXVLQJWR.RPPXQL.DWHZLWKHD.KSHHU%H.DXVHWKLVKDSSHQV DIWHUWKH.RQILJXUDWLRQILOHKDVEHHQUHDGEXWEHIRUHLWKDVEHHQ D.WLYDWHGDQ\VWDWHPHQWVWKDWDIIH.WLQWHUID.HVIRUH[DPSOH PDUNLQJDSDUWL.XODU,3DGGUHVVDVWKHSULPDU\DGGUHVVIRUD JLYHQLQWHUID.HZLOOQRWKDYHWDNHQSOD.H\HW&RQVHTXHQWO\ %*3GRHVQ

WQH.HVVDULO\KDYHWKHVDPHYLHZRIWKHLQWHUID.HVDV WKHUHVWRI*DWH')RUH[DPSOH%*3ZLOODOZD\VSL.NWKHORZHVW ,3IRUDQLQWHUID.HDVEHLQJWKHSULPDU\7KLVLVLPSRUWDQW EH.DXVHLWDIIH.WVWKH,3DGGUHVVWKDW%*3ZLOOXVHWRSHHUIURP 7R.KRRVHWKH.RUUH.WLQWHUID.H\RX.DQXVHWKHlocaltcp RSWLRQWRH[SOL.LWO\VSH.LI\ZKL.K,3DGGUHVVWRXVHIRUSHHULQJ
localas autonomous_system localasLGHQWLILHVWKHDXWRQRPRXVV\VWHPWKDW*DWH'LVUHSUH VHQWLQJWRWKLVJURXSRISHHUV7KHGHIDXOWLVWKDWZKL.KKDV EHHQVHWJOREDOO\LQWKHautonomoussystemVWDWHPHQW med

%\GHIDXOWDQ\PHWUL.0XOWLB([LWB'LV.UH.HLYHGRQD%*3 .RQQH.WLRQLVLJQRUHG,I0('VDUHXVHGLQURXWLQJ.RPSXWD WLRQVWKHmedRSWLRQPXVWEHVSH.LILHGRQWKHgroup.ODXVH%\ GHIDXOW0('VDUHQRWVHQWRQH[WHUQDO.RQQH.WLRQV7RVHQG 0('VXVHWKHmetricRSWLRQRIWKHexportVWDWHPHQWRUWKH

163

The Border Gateway Protocol (BGP) metricoutSHHUJURXSSDUDPHWHU

:KHQWZRURXWHVWRWKHVDPHGHVWLQDWLRQDUHUH.HLYHGIURPGLI IHUHQWSHHUVZLWKLQWKHVDPHpeer-asWKH\.RXOGKDYHGLIIHUHQW 0('V:KHQ.KRRVLQJEHWZHHQWKHVHURXWHVDVVXPLQJWKDW QRWKLQJHOVHPDNHVRQHSUHIHUDEOHWRWKHRWKHUVX.KDV.RQILJ XUHGSROL.\WKHYDOXHVRIWKHGLIIHUHLQJ0('VDUHXVHGWR .KRRVHZKL.KURXWHWRXVH,QWKLV.RPSDULVRQWKHURXWHZLWK WKHORZHVW0('LVSUHIHUUHG5RXWHVZLWKRXW0('VDUHWUHDWHG DVKDYLQJWKHKLJKHVWSRVVLEOH0('7RHQDEOH0('.RPSDUL VRQLQWKHURXWHVHOH.WLRQDOJRULWKP\RXPXVWVSH.LI\WKHmed RSWLRQIRUWKHSHHU
metricout metric metricoutPD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHG

JURXS7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKHPRVW SUHIHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\  SHHUOHYHOmetricout  JURXSOHYHOmetricout

4. defaultmetric noaggregatorid noaggregatorid.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDVLQVWHDGRIWKHrouteridRIWKHURXWHU

LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJ DJJUHJDWHURXWHVZLWKGLIIHUHQW$6SDWKV

nogendefault nogendefaultSUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH ZKHQ%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKHgendefaultRSWLRQLV HQDEOHG nexthopself

VHWVWKLVJURXS
VQH[WKRSVWRWKHURXWHU
VRZQ DGGUHVVHYHQLILWZRXOGQRUPDOO\EHSRVVLEOHWRVHQGDWKLUG SDUW\QH[WKRSnexthopselfPD\.DXVHLQHIIL.LHQWURXWHVWREH IROORZHGEXWLWPD\EHQHHGHGLQVRPH.DVHVWRGHDOZLWKEUR NHQEULGJHGLQWHU.RQQH.WPHGLDLQ.DVHVZKHUHWKHURXWHUVRQ WKHVKDUHGPHGLXPGRQRWUHDOO\KDYHIXOO.RQQH.WLYLW\WRHD.K RWKHURUZKHQSROLWL.DOVLWXDWLRQV.DXVHEURNHQOLQNV
nexthopself nov4asloop nov4asloopSUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VHnov4asloopWRDYRLG

DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV

164

Configuring GateD

outdelay time

GDPSHQVURXWHIOX.WXDWLRQV7KH outdelay time LVWKHDPRXQWRIWLPHDURXWHPXVWEHSUHVHQWLQWKH*DWH' URXWLQJGDWDEDVHEHIRUHLWLVH[SRUWHGWR%*37KHGHIDXOWYDOXH LVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG)RUgroup types internalDQGroutingVHWoutdelayRQWKHgroup.ODXVH

outdelay passive passiveSUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQD%*3.RQ

QH.WLRQZLWKSHHUVLQWKLVJURXS,QVWHDG*DWH'ZLOOZDLWIRU WKHSHHUWRLQLWLDWHD.RQQH.WLRQpassiveZDVLQWURGX.HGWR KDQGOHDSUREOHPLQ%*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKW ERWKDWWHPSWWRLQLWLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLV SUREOHPLVIL[HGLQWKH%*3SURWR.ROVRWKHpassiveRSWLRQ LVQRWQHHGHGZLWK%*3VHVVLRQV 1RWH,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQpassiveZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RU WKLVUHDVRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRI passiveLVGLV.RXUDJHG

preference grouppreference preferenceVSH.LILHVWKHSUHIHUHQ.HXVHGIRUURXWHVOHDUQHG

IURPWKLVJURXS7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW %*3SUHIHUHQ.HVHWLQWKHbgpVWDWHPHQWVRWKDW*DWH'.DQ SUHIHUURXWHVIURPRQHJURXSRYHURWKHUV7KLVSUHIHUHQ.HPD\ EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\

preference2 grouppreference2 preference2EUHDNVDpreferenceWLH7KHGHIDXOWYDOXHLV recvbuffer buffer_size recvbuffer.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGrecvbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

sendbuffer buffer_size sendbuffer.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRI

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGsendbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

showwarnings.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ

showwarnings

UH.HLYLQJTXHVWLRQDEOH%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV

165

The Border Gateway Protocol (BGP)

DUHVLOHQWO\LJQRUHG
v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVWKDWKDYHORRSHG$6 SDWKVLHURXWHVZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKH SDWKWRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKHv3asloopokayIODJ UHPRYHVWKLV.RQVWUDLQWv3asloopokayLVLJQRUHGZKHQVHWRQ LQWHUQDOJURXSV

version number versionVSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK

WKLVJURXS,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLV XVHGILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,ILWLVVSH.LILHG RQO\WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLDWLRQ 7KH.XUUHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG

allow

7KHallow.ODXVHDOORZVSHHU.RQQH.WLRQVIURPDQ\DGGUHVVHV LQWKHVSH.LILHGUDQJHRIQHWZRUNDQGPDVNSDLUV$OOSDUDPHWHUV IRUWKHVHSHHUVPXVWEH.RQILJXUHGRQWKHgroup.ODXVH7KH LQWHUQDOSHHUVWUX.WXUHVDUH.UHDWHGZKHQDQLQ.RPLQJRSHQ UHTXHVWLVUH.HLYHGDQGGHVWUR\HGZKHQWKH.RQQH.WLRQLVEUR NHQ)RUPRUHGHWDLOVRQVSH.LI\LQJWKHQHWZRUNPDVNSDLUVVHH 6H.WLRQRQURXWHILOWHULQJ

group type internal peeras autonomous_system group type internalVSH.LILHVDQLQWHUQDOJURXSRSHUDWLQJ

ZKHUHWKHUHLVQR,3OHYHO,*3IRUH[DPSOHDQ60'6QHWZRUN RU0,/1(7$OOSHHUVLQWKLVJURXSDUHUHTXLUHGWREHGLUH.WO\ UHD.KDEOHYLDDVLQJOHLQWHUID.H$OOQH[WKRSLQIRUPDWLRQLV .RPSXWHGZLWKUHVSH.WWRWKLVLQWHUID.H,PSRUWDQGH[SRUWSRO L.\PD\EHDSSOLHGWRJURXSDGYHUWLVHPHQWV5RXWHVUH.HLYHG IURPH[WHUQDO%*3RU(*3SHHUVDUHE\GHIDXOWUHDGYHUWLVHG ZLWKWKHUH.HLYHGPHWUL.lcladdroutdelayDQGmetricout PXVWEHVHWLQWKHgroup.ODXVHQRWRQDSHUSHHUEDVLVIRUWKH group types internalDQGrouting,IWKHVHRSWLRQVDUHVHW RQWKHSHHUVXE.ODXVHWKH\PXVWHTXDOWKHYDOXHVVHWRQWKH.RU UHVSRQGLQJgroup.ODXVH
comm

VSH.LILHVWKH.RPPXQLW\DWWULEXWHRULJLQDWHGIRUWKHSHHU 6HH&RPPXQLWLHV2YHUYLHZDQG([DPSOHVRQSDJHIRU PRUHLQIRUPDWLRQ

comm confed confedVSH.LILHVWKDWWKHSHHUVLQWKLVJURXSEHORQJWRWKHVDPH .RQIHGHUDWLRQDVWKLVURXWHU

166

Configuring GateD

gateway gateway gatewayLQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKDJURXSgatewayVSH.LILHVDURXWHU

RQDQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHUIRU URXWHVUH.HLYHGIURPWKLVSHHU7KHgatewaySDUDPHWHUPD\ DOVREHXVHGWRVSH.LI\DQH[WKRSIRUJURXSVWKDWDUHRQVKDUHG QHWZRUNV)RUH[DPSOH\RXPLJKWXVHgatewayWRHQVXUHWKDW WKLUGSDUW\QH[WKRSVDUHQHYHUD..HSWHGIURPDJLYHQJURXSE\ VSH.LI\LQJWKDWJURXS

VDGGUHVVDVLWVRZQJDWHZD\7KHgateway VSH.LILHGPXVWKDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQW URXWLQJORRSVgatewayLVQRWQHHGHGLQPRVW.DVHV
holdtime time holdtimeVSH.LILHVWKH%*3KROGWLPHYDOXHLQVH.RQGVWRXVH

ZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVJURXS,I*DWH'GRHV QRWUH.HLYHDkeepaliveupdateRUnotificationPHVVDJH ZLWKLQWKHSHULRGVSH.LILHGLQWKHKROGWLPHILHOGRIWKH%*3 RSHQPHVVDJHWKHQWKH%*3.RQQH.WLRQZLOOEH.ORVHG7KH YDOXHPXVWEHDWOHDVW7KHGHIDXOWYDOXHLV

ignorefirstashop

6RPHURXWHUVNQRZQDVURXWHVHUYHUVDUH.DSDEOHRISURSD JDWLQJURXWHVZLWKRXWDSSHQGLQJWKHLURZQ$6WRWKH$63DWK %\GHIDXOW*DWH'ZLOOGURSVX.KURXWHV6SH.LI\LQJignorefirstashopRQWKHgroup.ODXVHDOORZV*DWH'WRNHHSWKHVH URXWHVignorefirstashopVKRXOGRQO\EHXVHGLIWKHUHLVQR GRXEWWKDWWKHSHHUVLQWKLVJURXSDUHURXWHVHUYHUVDQGQRWQRU PDOURXWHUV

indelay time indelay timeLVWKHDPRXQWRIWLPHD%*3URXWHPXVWEH SUHVHQWEHIRUHLWLVLPSRUWHGLQWRWKH*DWH'URXWLQJGDWDEDVH 7KHGHIDXOWYDOXHLVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG keep ( all | none )

UHWDLQVURXWHVOHDUQHGIURPDJURXSHYHQLIWKH URXWHV
$6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6 QXPEHUVkeep none.DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQ LQJWKHURXWHU
VRZQ$6QXPEHUVkeep noneLVWKHGHIDXOW
keep all keepalivesalways keepalivesalways.DXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV

keepalivesalwaysDOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR

HYHQZKHQDQXSGDWH.RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

lcladdr local_address | localtcp local_address

8VHlcladdrWRVSH.LI\WKHDGGUHVVWREHXVHGRQWKHOR.DOHQG

167

The Border Gateway Protocol (BGP)

RIWKH7&3.RQQH.WLRQZLWKWKHJURXS)RULQWHUQDOURXWLQJDQG WHVWLQJW\SHVRISHHUVDSHHUVHVVLRQZLOOEHPDLQWDLQHGZKHQ DQ\LQWHUID.HZLWKWKHVSH.LILHGOR.DODGGUHVVLVRSHUDWLQJ$Q LQ.RPLQJ.RQQH.WLRQZLOORQO\EHUH.RJQL]HGDVDPDW.KWRD .RQILJXUHGJURXSLILWLVDGGUHVVHGWRWKH.RQILJXUHGOR.DO DGGUHVV)RUgroup types internalDQGroutingVHW lcladdrRQWKHgroup.ODXVH :KHQ%*3LVILUVWVWDUWHGLWGHWHUPLQHVZKL.KLQWHUID.HVLWZLOO EHXVLQJWR.RPPXQL.DWHZLWKHD.KSHHU%H.DXVHWKLVKDSSHQV DIWHUWKH.RQILJXUDWLRQILOHKDVEHHQUHDGEXWEHIRUHLWKDVEHHQ D.WLYDWHGDQ\VWDWHPHQWVWKDWDIIH.WLQWHUID.HVIRUH[DPSOH PDUNLQJDSDUWL.XODU,3DGGUHVVDVWKHSULPDU\DGGUHVVIRUD JLYHQLQWHUID.HZLOOQRWKDYHWDNHQSOD.H\HW&RQVHTXHQWO\ %*3GRHVQ
WQH.HVVDULO\KDYHWKHVDPHYLHZRIWKHLQWHUID.HVDV WKHUHVWRI*DWH')RUH[DPSOH%*3ZLOODOZD\VSL.NWKHORZHVW ,3IRUDQLQWHUID.HDVEHLQJWKHSULPDU\7KLVLVLPSRUWDQW EH.DXVHLWDIIH.WVWKH,3DGGUHVVWKDW%*3ZLOOXVHWRSHHUIURP 7R.KRRVHWKH.RUUH.WLQWHUID.H\RX.DQXVHWKHlocaltcp RSWLRQWRH[SOL.LWO\VSH.LI\ZKL.K,3DGGUHVVWRXVHIRUSHHULQJ
med

%\GHIDXOWDQ\PHWUL.0XOWLB([LWB'LV.UH.HLYHGRQD%*3 .RQQH.WLRQLVLJQRUHG,I0('VDUHXVHGLQURXWLQJ.RPSXWD WLRQVWKHmedRSWLRQPXVWEHVSH.LILHGRQWKHJURXS%\GHIDXOW 0('VDUHQRWVHQWRQH[WHUQDO.RQQH.WLRQV7RVHQG0('V XVHWKHmetricRSWLRQRIWKHexportVWDWHPHQWRUWKHmetricoutSHHUJURXSSDUDPHWHU :KHQWZRURXWHVWRWKHVDPHGHVWLQDWLRQDUHUH.HLYHGIURPGLI IHUHQWSHHUVZLWKLQWKHVDPHpeer-asWKH\.RXOGKDYHGLIIHUHQW 0('V:KHQ.KRRVLQJEHWZHHQWKHVHURXWHVDVVXPLQJWKDW QRWKLQJHOVHPDNHVRQHSUHIHUDEOHWRWKHRWKHUVX.KDV.RQILJ XUHGSROL.\WKHYDOXHVRIWKHGLIIHUHLQJ0('VDUHXVHGWR .KRRVHZKL.KURXWHWRXVH,QWKLV.RPSDULVRQWKHURXWHZLWK WKHORZHVW0('LVSUHIHUUHG5RXWHVZLWKRXW0('VDUHWUHDWHG DVKDYLQJWKHKLJKHVWSRVVLEOH0('7RHQDEOH0('.RPSDUL VRQLQWKHURXWHVHOH.WLRQDOJRULWKP\RXPXVWVSH.LI\WKHmed RSWLRQIRUWKHSHHU
metricout metric

PD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHG JURXSV7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKH PRVWSUHIHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\  SHHUOHYHOmetricout  JURXSOHYHOmetricout

metricout

168

Configuring GateD

 defaultmetric
noaggregatorid noaggregatorid.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDVLQVWHDGRIWKHrouteridRIWKHURXWHU

LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJ DJJUHJDWHURXWHVZLWKGLIIHUHQW$6SDWKV
nogendefault

nogendefault

SUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOW URXWHZKHQ%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KH GHIDXOWURXWHLVRQO\JHQHUDWHGZKHQWKHgendefaultRSWLRQLV HQDEOHG

nov4asloop nov4asloopSUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VHnov4asloopWRDYRLG DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV outdelay time

GDPSHQVURXWHIOX.WXDWLRQV7KHtimeLVWKHDPRXQW RIWLPHDURXWHPXVWEHSUHVHQWLQWKH*DWH'URXWLQJGDWDEDVH EHIRUHLWLVH[SRUWHGWR%*37KHGHIDXOWYDOXHIRUoutdelayLV PHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG)RUgroup types internalDQGroutingVHWoutdelayRQWKHgroup.ODXVH

outdelay passive passiveSUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQD%*3.RQ

QH.WLRQZLWKSHHUVLQWKLVJURXS,QVWHDG*DWH'ZLOOZDLWIRU WKHSHHUWRLQLWLDWHD.RQQH.WLRQpassiveZDVLQWURGX.HGWR KDQGOHDSUREOHPLQ%*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKW ERWKDWWHPSWWRLQLWLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLV SUREOHPLVIL[HGLQWKH%*3SURWR.ROVRWKHpassiveRSWLRQ LVQRWQHHGHGZLWK%*3VHVVLRQV 1RWH,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQpassiveZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RU WKLVUHDVRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRI passiveLVGLV.RXUDJHG

preference grouppreference preferenceVSH.LILHVWKHSUHIHUHQ.HXVHGIRUURXWHVOHDUQHG IURPWKLVJURXS7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW %*3SUHIHUHQ.HVHWLQWKHbgpVWDWHPHQWVRWKDW*DWH'.DQ SUHIHUURXWHVIURPRQHJURXSRYHURWKHUV7KLVSUHIHUHQ.HPD\ EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\ preference2 grouppreference2 preference2EUHDNVDpreferenceWLH7KHGHIDXOWYDOXHLV

169

The Border Gateway Protocol (BGP)

recvbuffer buffer_size recvbuffer.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGrecvbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

reflector-client [ no-client-reflect ] reflector-clientVSH.LILHVWKDW*DWH'ZLOOD.WDVDURXWH UHIOH.WRUIRUWKLVJURXSno-client-reflect VSH.LILHVWKDW *DWH'ZLOOQRWD.WDVDQLQWUDJURXSUHIOH.WRU sendbuffer buffer_size sendbuffer.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRI

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGsendbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

showwarnings showwarnings.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ

UH.HLYLQJTXHVWLRQDEOH%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV DUHVLOHQWO\LJQRUHG

v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVWKDWKDYHORRSHG$6 SDWKVLHURXWHVZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKH SDWKWRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKHv3asloopokayIODJ UHPRYHVWKLV.RQVWUDLQWv3asloopokayLVLJQRUHGZKHQVHWRQ LQWHUQDOJURXSV

version number versionVSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK

WKLVJURXS,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLV XVHGILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,ILWLVVSH.LILHG RQO\WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLDWLRQ 7KH.XUUHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG

allow

7KHallow.ODXVHDOORZVSHHU.RQQH.WLRQVIURPDQ\DGGUHVVHV LQWKHVSH.LILHGUDQJHRIQHWZRUNDQGPDVNSDLUV$OOSDUDPHWHUV IRUWKHVHSHHUVPXVWEH.RQILJXUHGRQWKHgroup.ODXVH7KH LQWHUQDOSHHUVWUX.WXUHVDUH.UHDWHGZKHQDQLQ.RPLQJRSHQ UHTXHVWLVUH.HLYHGDQGGHVWUR\HGZKHQWKH.RQQH.WLRQLVEUR NHQ)RUPRUHGHWDLOVRQVSH.LI\LQJWKHQHWZRUNPDVNSDLUVVHH 6H.WLRQRQURXWHILOWHULQJ

group type routing peeras autonomous_system proto proto-

170

Configuring GateD

col
group type routingLVDQLQWHUQDOJURXSWKDWXVHVWKHURXWHV RIDQLQWHULRUSURWR.ROWRUHVROYHIRUZDUGLQJDGGUHVVHVgroup type routingSURSDJDWHVH[WHUQDOURXWHVEHWZHHQURXWHUVWKDW DUHQRWGLUH.WO\.RQQH.WHGgroup type routingDOVR.RP SXWHVLPPHGLDWHQH[WKRSVIRUWKRVHH[WHUQDOURXWHVE\XVLQJ WKH%*3QH[WKRSWKDWDUULYHGZLWKWKHURXWHDVDIRUZDUGLQJ DGGUHVVWREHUHVROYHGYLDDQLQWHUQDOSURWR.RO
VURXWLQJLQIRU PDWLRQ,QHVVHQ.HLQWHUQDO%*3LVXVHGWR.DUU\$6H[WHUQDO URXWHVDQGWKH,*3LVH[SH.WHGWR.DUU\RQO\$6LQWHUQDOURXWHV 7KHODWWHULVXVHGWRILQGLPPHGLDWHQH[WKRSVIRUWKHIRUPHU protoQDPHVWKHLQWHULRUSURWR.ROWREHXVHGWRUHVROYH%*3 URXWHQH[WKRSVDQGPD\EHWKHQDPHRIDQ\,*3LQWKH.RQILJ XUDWLRQLQ.OXGLQJstatic%\GHIDXOWWKHQH[WKRSLQ%*3 URXWHVDGYHUWLVHGWRgroup type routing peersZLOOEHVHWWR WKHOR.DODGGUHVVRQWKH%*3.RQQH.WLRQWRWKRVHSHHUVEH.DXVH LWLVDVVXPHGDURXWHWRWKLVDGGUHVVZLOOEHSURSDJDWHGYLDWKH ,*37KHinterface.DQRSWLRQDOO\SURYLGHDOLVWRILQWHUID.HV WKDWKDYHURXWHV.DUULHGYLDWKH,*3IRUZKL.KWKLUGSDUW\QH[W KRSVPD\EHXVHGLQVWHDG )RU263)*DWH'XVHVWKHtagILHOGWRSDVV$6LQIRUPDWLRQ 3OHDVHUHIHUWR6H.WLRQ263)6\QWD[WKHtagRSWLRQ IRUPRUHGHWDLOV

)RUgroup types internalDQGroutingVHWWKHlcladdr outdelayDQGmetricoutLQWKHgroup.ODXVHQRWRQDSHU SHHUEDVLV,IWKHVHRSWLRQVDUHVHWRQWKHpeerVXE.ODXVHWKH\ PXVWHTXDOWKHYDOXHVVHWRQWKH.RUUHVSRQGLQJgroup.ODXVH

comm

VSH.LILHVWKH.RPPXQLW\DWWULEXWHRULJLQDWHGIRUWKHSHHU 6HH&RPPXQLWLHV2YHUYLHZDQG([DPSOHVRQSDJHIRU PRUHLQIRUPDWLRQ

comm confed confedVSH.LILHVWKDWWKHSHHUVLQWKLVJURXSEHORQJWRWKHVDPH

.RQIHGHUDWLRQDVWKLVURXWHU

gateway gateway gatewayLQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKWKLVJURXSgatewayVSH.LILHVD URXWHURQDQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHU IRUURXWHVUH.HLYHGIURPWKLVSHHU7KHgatewaySDUDPHWHUPD\ DOVREHXVHGWRVSH.LI\DQH[WKRSIRUJURXSVWKDWDUHRQVKDUHG QHWZRUNV)RUH[DPSOH\RXPLJKWXVHgatewayWRHQVXUHWKDW WKLUGSDUW\QH[WKRSVDUHQHYHUD..HSWHGIURPDJLYHQJURXSE\ VSH.LI\LQJWKDWJURXS
VDGGUHVVDVLWVRZQJDWHZD\7KHgateway

171

The Border Gateway Protocol (BGP)

VSH.LILHGPXVWKDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQW URXWLQJORRSVgatewayLVQRWQHHGHGLQPRVW.DVHV
holdtime time holdtimeVSH.LILHVWKH%*3KROGWLPHYDOXHLQVH.RQGVWRXVH

ZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVJURXS,I*DWH'GRHV QRWUH.HLYHDkeepalive update,RUnotificationPHVVDJH ZLWKLQWKHSHULRGVSH.LILHGLQWKHKROGWLPHILHOGRIWKH%*3 RSHQPHVVDJHWKHQWKH%*3.RQQH.WLRQZLOOEH.ORVHG7KH YDOXHPXVWEHDWOHDVW7KHGHIDXOWYDOXHLV

ignorefirstashop

6RPHURXWHUVNQRZQDVURXWHVHUYHUVDUH.DSDEOHRISURSD JDWLQJURXWHVZLWKRXWDSSHQGLQJWKHLURZQ$6WRWKH$63DWK %\GHIDXOW*DWH'ZLOOGURSVX.KURXWHV6SH.LI\LQJignorefirstashopRQWKHgroup.ODXVHDOORZV*DWH'WRNHHSWKHVH URXWHVignorefirstashopVKRXOGRQO\EHXVHGLIWKHUHLVQR GRXEWWKDWWKHSHHUVLQWKLVJURXSDUHURXWHVHUYHUVDQGQRWQRU PDOURXWHUV

indelay time indelay timeLVWKHDPRXQWRIWLPHD%*3URXWHPXVWEH

SUHVHQWEHIRUHLWLVLPSRUWHGLQWRWKH*DWH'URXWLQJGDWDEDVH 7KHGHIDXOWYDOXHLVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG

interface interface

SURYLGHVDOLVWRILQWHUID.HVWKDWKDYHURXWHV.DUULHG YLDWKH,*3IRUZKL.KWKLUGSDUW\QH[WKRSVPD\EHXVHG

keep ( all | none ) keep allUHWDLQVURXWHVOHDUQHGIURPDJURXSHYHQLIWKH

URXWHV
$6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6 QXPEHUVkeep none.DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQ LQJWKHURXWHU
VRZQ$6QXPEHUVkeep none LVWKHGHIDXOW

keepalivesalways keepalivesalways.DXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV

keepalivesalwaysDOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR

HYHQZKHQDQXSGDWH.RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

lcladdr local_address | localtcp local_address

8VH lcladdrWRVSH.LI\WKHDGGUHVVWREHXVHGRQWKHOR.DOHQG RIWKH7&3.RQQH.WLRQZLWKWKHJURXS)RULQWHUQDOURXWLQJDQG WHVWLQJW\SHVRISHHUVDSHHUVHVVLRQZLOOEHPDLQWDLQHGZKHQ DQ\LQWHUID.HZLWKWKHVSH.LILHGOR.DODGGUHVVLVRSHUDWLQJ$Q LQ.RPLQJ.RQQH.WLRQZLOORQO\EHUH.RJQL]HGDVDPDW.KIRUD .RQILJXUHGSHHULILWLVDGGUHVVHGWRWKH.RQILJXUHGOR.DODGGUHVV )RUgroup types internalDQGroutingVHWlcladdrRQ

172

Configuring GateD

WKHgroup.ODXVH)RUgroup type routingLWLVDGYLVDEOHWR VHWWKHlcladdrWRDQRQSK\VL.DOLQWHUID.HVX.KDVDORRSED.N LQWHUID.H :KHQ%*3LVILUVWVWDUWHGLWGHWHUPLQHVZKL.KLQWHUID.HVLWZLOO EHXVLQJWR.RPPXQL.DWHZLWKHD.KSHHU%H.DXVHWKLVKDSSHQV DIWHUWKH.RQILJXUDWLRQILOHKDVEHHQUHDGEXWEHIRUHLWKDVEHHQ D.WLYDWHGDQ\VWDWHPHQWVWKDWDIIH.WLQWHUID.HVIRUH[DPSOH PDUNLQJDSDUWL.XODU,3DGGUHVVDVWKHSULPDU\DGGUHVVIRUD JLYHQLQWHUID.HZLOOQRWKDYHWDNHQSOD.H\HW&RQVHTXHQWO\ %*3GRHVQ
WQH.HVVDULO\KDYHWKHVDPHYLHZRIWKHLQWHUID.HVDV WKHUHVWRI*DWH')RUH[DPSOH%*3ZLOODOZD\VSL.NWKHORZHVW ,3IRUDQLQWHUID.HDVEHLQJWKHSULPDU\7KLVLVLPSRUWDQW EH.DXVHLWDIIH.WVWKH,3DGGUHVVWKDW%*3ZLOOXVHWRSHHUIURP 7R.KRRVHWKH.RUUH.WLQWHUID.H\RX.DQXVHWKHlocaltcp RSWLRQWRH[SOL.LWO\VSH.LI\ZKL.K,3DGGUHVVWRXVHIRUSHHULQJ
logupdown logupdown.DXVHVPHVVDJHVWREHORJJHGYLDWKHV\VORJPH.KD

QLVPZKHQHYHUD%*3JURXSHQWHUVRUOHDYHVWKH(VWDEOLVKHG VWDWH

med

%\GHIDXOWDQ\PHWUL.0XOWLB([LWB'LV.UH.HLYHGRQD%*3 .RQQH.WLRQLVLJQRUHG,I0('VDUHXVHGLQURXWLQJ.RPSXWD WLRQVWKHmedRSWLRQPXVWEHVSH.LILHGRQWKHJURXS%\GHIDXOW 0('VDUHQRWVHQWRQH[WHUQDO.RQQH.WLRQV7RVHQG0('V XVHWKHmetricRSWLRQRIWKHexportVWDWHPHQWRUWKHmetricoutSHHUJURXSSDUDPHWHU :KHQWZRURXWHVWRWKHVDPHGHVWLQDWLRQDUHUH.HLYHGIURPGLI IHUHQWSHHUVZLWKLQWKHVDPHpeer-asWKH\.RXOGKDYHGLIIHUHQW 0('V:KHQ.KRRVLQJEHWZHHQWKHVHURXWHVDVVXPLQJWKDW QRWKLQJHOVHPDNHVRQHSUHIHUDEOHWRWKHRWKHUVX.KDV.RQILJ XUHGSROL.\WKHYDOXHVRIWKHGLIIHUHLQJ0('VDUHXVHGWR .KRRVHZKL.KURXWHWRXVH,QWKLV.RPSDULVRQWKHURXWHZLWK WKHORZHVW0('LVSUHIHUUHG5RXWHVZLWKRXW0('VDUHWUHDWHG DVKDYLQJWKHKLJKHVWSRVVLEOH0('7RHQDEOH0('.RPSDUL VRQLQWKHURXWHVHOH.WLRQDOJRULWKP\RXPXVWVSH.LI\WKHmed RSWLRQIRUWKHSHHU
metricout metric metricoutPD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHG

JURXSV7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKH PRVWSUHIHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\  SHHUOHYHOmetricout

173

The Border Gateway Protocol (BGP)

 JURXSOHYHOmetricout  defaultmetric
noaggregatorid noaggregatorid.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDVLQVWHDGRIWKHrouteridRIWKHURXWHU

LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJ DJJUHJDWHURXWHVZLWKGLIIHUHQW$6SDWKV

nogendefault nogendefaultSUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH

ZKHQ%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKHgendefaultRSWLRQLV HQDEOHG

nov4asloop nov4asloopSUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VHnov4asloopWRDYRLG

DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV

outdelay time outdelayGDPSHQVURXWHIOX.WXDWLRQV7KHoutdelaytimeLV

WKHDPRXQWRIWLPHDURXWHPXVWEHSUHVHQWLQWKH*DWH'URXW LQJGDWDEDVHEHIRUHLWLVH[SRUWHGWR%*37KHGHIDXOWYDOXHIRU outdelayLVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG)RUgroup typesinternalDQGroutingVHWoutdelayRQWKHgroup .ODXVH

passive passiveSUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQD%*3.RQ

QH.WLRQZLWKSHHUVLQWKLVJURXS,QVWHDG*DWH'ZLOOZDLWIRU WKHSHHUWRLQLWLDWHD.RQQH.WLRQpassiveZDVLQWURGX.HGWR KDQGOHDSUREOHPLQ%*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKW ERWKDWWHPSWWRLQLWLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLV SUREOHPLVIL[HGLQWKH%*3SURWR.ROVRWKHpassiveRSWLRQ LVQRWQHHGHGZLWK%*3VHVVLRQV 1RWH,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQpassiveZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RU WKLVUHDVRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRI passiveLVGLV.RXUDJHG VSH.LILHVWKHSUHIHUHQ.HXVHGIRUURXWHVOHDUQHG IURPWKLVJURXS7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW %*3SUHIHUHQ.HVHWLQWKHbgpVWDWHPHQWVRWKDW*DWH'.DQ SUHIHUURXWHVIURPRQHJURXSRYHURWKHUV7KLVSUHIHUHQ.HPD\ EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\
preference

preference grouppreference

174

Configuring GateD

preference2 grouppreference2 preference2EUHDNVDpreferenceWLH7KHGHIDXOWYDOXHLV recvbuffer buffer_size recvbuffer.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGrecvbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV reflector-client [ no-client-reflect ] reflector-client

VSH.LILHVWKDW*DWH'ZLOOD.WDVDURXWH UHIOH.WRUIRUWKLVJURXSno-client-reflectVSH.LILHVWKDW *DWH'ZLOOQRWD.WDVDQLQWUDJURXSUHIOH.WRU

sendbuffer buffer_size sendbuffer.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRI WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGsendbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV setpref metric

DOORZV%*3
V/R.DOB3UHIDWWULEXWHWREHXVHGWRVHW WKH*DWH'SUHIHUHQ.HRQUH.HSWLRQDQGDOORZV*DWH'SUHIHU HQ.HWRVHWWKH/R.DOB3UHIRQWUDQVPLVVLRQ7KHsetprefPHW UL.ZRUNVDVDORZHUOLPLWEHORZZKL.KWKHLPSRUWHG /R.DOB3UHIPD\QRWVHWWKH*DWH'SUHIHUHQ.H)RUIXOOGHWDLOV VHHWKHGLV.XVVLRQRILocal_Pref
setpref showwarnings showwarnings

.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ UH.HLYLQJTXHVWLRQDEOH%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV DUHVLOHQWO\LJQRUHG

traceoptions trace_options

GHIDXOWWKHVHDUHLQKHULWHGIURPWKHJOREDOWUD.HRSWLRQV7KHVH YDOXHVPD\EHRYHUULGGHQRQDgroupRUpeerEDVLV6HH6H. WLRQ7UD.H6WDWHPHQWVDQGWKH%*3VSH.LIL.WUD.LQJRSWLRQV EHORZ

ttl ttl

traceoptionsVSH.LILHVWKHWUD.LQJRSWLRQVIRU%*3%\

%\GHIDXOW*DWH'VHWVWKH,377/IRUOR.DOSHHUVWRDQGWKH 77/IRUQRQOR.DOSHHUVWRWKHGHIDXOWNHUQHOYDOXH7KHttl RSWLRQLVSURYLGHGPDLQO\ZKHQDWWHPSWLQJWR.RPPXQL.DWH ZLWKLPSURSHUO\IXQ.WLRQLQJURXWHUVWKDWLJQRUHSD.NHWVVHQW

175

The Border Gateway Protocol (BGP)

ZLWKD77/RI1RWDOONHUQHOVDOORZWKH77/WREHVSH.LILHG IRU7&3.RQQH.WLRQV
v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVWKDWKDYHORRSHG$6 SDWKVLHURXWHVZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKH SDWKWRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKHv3asloopokayIODJ UHPRYHVWKLV.RQVWUDLQWv3asloopokayLVLJQRUHGZKHQVHWRQ LQWHUQDOJURXSV

version number versionVSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK

WKLVJURXS,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLV XVHGILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,ILWLVVSH.LILHG RQO\WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLDWLRQ 7KH.XUUHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG

allow

7KHallow.ODXVHDOORZVSHHU.RQQH.WLRQVIURPDQ\DGGUHVVHV LQWKHVSH.LILHGUDQJHRIQHWZRUNDQGPDVNSDLUV$OOSDUDPHWHUV IRUWKHVHSHHUVPXVWEH.RQILJXUHGRQWKHgroup.ODXVH7KH LQWHUQDOSHHUVWUX.WXUHVDUH.UHDWHGZKHQDQLQ.RPLQJRSHQ UHTXHVWLVUH.HLYHGDQGGHVWUR\HGZKHQWKH.RQQH.WLRQLVEUR NHQ)RUPRUHGHWDLOVRQVSH.LI\LQJWKHQHWZRUNPDVNSDLUVVHH 6H.WLRQRQURXWHILOWHULQJ

group type test peeras autonomous_system group type testLVDQH[WHQVLRQWRH[WHUQDO%*3WKDWLPSOH

PHQWVDIL[HGSROL.\XVLQJWHVWSHHUV)L[HGSROL.\DQGVSH.LDO .DVH.RGHPDNHWHVWSHHUVUHODWLYHO\LQH[SHQVLYHWRPDLQWDLQ 7HVWSHHUVGRQRWQHHGWREHRQDGLUH.WO\DWWD.KHGQHWZRUN,I *DWH'DQGWKHSHHUDUHRQWKHVDPHGLUH.WO\DWWD.KHGVXEQHW WKHDGYHUWLVHGQH[WKRSLV.RPSXWHGZLWKUHVSH.WWRWKDWQHW ZRUNRWKHUZLVHWKHQH[WKRSLVWKHOR.DOPD.KLQH

V.XUUHQWQH[W KRS$OOURXWLQJLQIRUPDWLRQDGYHUWLVHGE\DQGUH.HLYHGIURPD WHVWSHHULVGLV.DUGHGDQGDOO%*3DGYHUWLVDEOHURXWHVDUHVHQW ED.NWRWKHWHVWSHHU0HWUL.VIURP(*3DQG%*3GHULYHG URXWHVDUHIRUZDUGHGLQWKHDGYHUWLVHPHQWRWKHUZLVHQRPHWUL. LVLQ.OXGHG 1RWH:LWKLQDJURXS%*3SHHUVPD\EH.RQILJXUHGLQRQHRIWZRZD\V 7KH\PD\EHLPSOL.LWO\.RQILJXUHGZLWKWKHallowVWDWHPHQWRUH[SOL.LWO\ .RQILJXUHGZLWKDpeerVWDWHPHQW
allow

7KHallow.ODXVHDOORZVSHHU.RQQH.WLRQVIURPDQ\DGGUHVVHV LQWKHVSH.LILHGUDQJHRIQHWZRUNDQGPDVNSDLUV$OOSDUDPHWHUV IRUWKHVHSHHUVPXVWEH.RQILJXUHGRQWKHgroup.ODXVH7KH LQWHUQDOSHHUVWUX.WXUHVDUH.UHDWHGZKHQDQLQ.RPLQJRSHQ

176

Configuring GateD

UHTXHVWLVUH.HLYHGDQGGHVWUR\HGZKHQWKH.RQQH.WLRQLVEUR NHQ)RUPRUHGHWDLOVRQVSH.LI\LQJWKHQHWZRUNPDVNSDLUVVHH 6H.WLRQRQURXWHILOWHULQJ

peer host

$peerVXE.ODXVH.RQILJXUHVDQLQGLYLGXDOSHHU(D.KSHHU LQKHULWVDOOSDUDPHWHUVVSH.LILHGRQDgroupDVGHIDXOWV0DQ\ GHIDXOWVPD\EHRYHUULGGHQE\SDUDPHWHUVH[SOL.LWO\VSH.LILHGRQ WKHpeerVXE.ODXVH :LWKLQHD.Kgroup.ODXVHLQGLYLGXDOSHHUV.DQEHVSH.LILHGRUD JURXSRISRWHQWLDOSHHUV.DQEHVSH.LILHGXVLQJallow8VHWKH allowVWDWHPHQWWRVSH.LI\DVHWRIDGGUHVVPDVNV,I*DWH' UH.HLYHVD%*3.RQQH.WLRQUHTXHVWIURPDQ\DGGUHVVLQWKHVHW VSH.LILHGLWZLOOD..HSWLWDQGVHWXSDSHHUUHODWLRQVKLS7KH %*3peerVXE.ODXVHDOORZVWKHIROORZLQJSDUDPHWHUV$OODUH RSWLRQDO
ascount count ascount GHV.ULEHVWKHQXPEHURI WLPHVWKDWWKLVURXWHUZLOO LQVHUWLWVRZQ$6QXPEHUZKHQLWVHQGVWKH$6SDWKWRDQH[WHU QDOSHHU7KHGHIDXOWLV+LJKHUYDOXHVDUHW\SL.DOO\XVHGWRELDV XSVWUHDPSHHUV
URXWHVHOH.WLRQ$OOWKLQJVEHLQJHTXDOPRVW URXWHUVZLOOSUHIHUWRXVHURXWHVZLWKVKRUWHU$63DWKV8VLQJ ascountWKH$63DWKWKLVURXWHUVHQGV.DQEHDUWLIL.LDOO\OHQJWK HQHG 1RWHascountVXSHUVHGHVWKHnov4asloopRSWLRQ5HJDUGOHVV RIZKHWKHUnov4asloopLVVHWWKLVURXWHUZLOOVWLOOVHQGPXOWLSOH .RSLHVRILWVRZQ$6LIWKHascountRSWLRQLVVHWWRVRPHWKLQJ JUHDWHUWKDQ $OVRQRWHWKDWLIWKHYDOXHRIascountLV .KDQJHGDQG*DWH'LVUH.RQILJXUHGURXWHVZLOOQRWEHVHQWWR UHIOH.WWKHQHZVHWWLQJ,I\RXZDQWWKHVHURXWHVWREHVHQW UHVWDUWWKHSHHUVHVVLRQE\.RPPHQWLQJRXWWKHSHHUUH.RQILJXU LQJDQGWKHQXQ.RPPHQWLQJDQGUH.RQILJXULQJDJDLQRUE\ UHVWDUWLQJ*DWH' $6SUHSHQGLQJRUVWXIILQJLVPDGHSRVVLEOHE\WKHascount SHHURSWLRQ7KHIROORZLQJH[DPSOHLQVHUWV*DWH'$6QXPEHU WLPHVLQWKH$63DWKRIDQRXWJRLQJURXWH group type external peeras 201 { peer 192.168.10.32 ascount 6; }; gateway gateway gatewayLQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKDSHHUgatewayVSH.LILHVDURXWHURQ

DQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHUIRUURXWHV

177

The Border Gateway Protocol (BGP)

UH.HLYHGIURPWKLVSHHU7KHgatewaySDUDPHWHUPD\DOVREH XVHGWRVSH.LI\DQH[WKRSIRUSHHUVWKDWDUHRQVKDUHGQHWZRUNV )RUH[DPSOH\RXPLJKWXVHgatewayWRHQVXUHWKDWWKLUGSDUW\ QH[WKRSVDUHQHYHUD..HSWHGIURPDJLYHQSHHUE\VSH.LI\LQJ WKDWSHHU

VDGGUHVVDVLWVRZQJDWHZD\7KHgatewayVSH.LILHG PXVWKDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQWURXWLQJ ORRSVgatewayLVQRWQHHGHGLQPRVW.DVHV
holdtime time holdtimeVSH.LILHVWKH%*3KROGWLPHYDOXHLQVH.RQGVWRXVH

ZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVSHHU,I*DWH'GRHV QRWUH.HLYHDkeepaliveupdateRUnotificationPHVVDJH ZLWKLQWKHSHULRGVSH.LILHGLQWKHKROGWLPHILHOGRIWKH%*3 RSHQPHVVDJHWKHQWKH%*3.RQQH.WLRQZLOOEH.ORVHG7KH YDOXHPXVWEHDWOHDVW7KHGHIDXOWYDOXHLV

ignorefirstashop

ignorefirstashopGLVDEOHVURXWHGURSSLQJIURPSHHUVWKDWGR QRWLQVHUWWKHLURZQ$6QXPEHULQWRWKH$63DWKignorefirstashopVKRXOGRQO\EHXVHGLI\RXNQRZSRVLWLYHO\WKDWWKH

SHHULVDURXWHVHUYHUDQGQRWDQRUPDOURXWHU

keep ( all | none ) keep allUHWDLQVURXWHVOHDUQHGIURPDSHHUHYHQLIWKHURXWHV



$6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6QXPEHUV keep none.DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQLQJWKH URXWHU
VRZQ$6QXPEHUVkeep noneLVWKHGHIDXOW

keepalivesalways keepalivesalways.DXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV

keepalivesalwaysDOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR

HYHQZKHQDQXSGDWH.RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

lcladdr local_address | localtcp local_address lcladdrVSH.LILHVWKHDGGUHVVWREHXVHGRQWKHOR.DOHQGRIWKH

7&3.RQQH.WLRQZLWKWKHSHHU)RUH[WHUQDOSHHUVWKHOR.DO DGGUHVVPXVWEHRQDQLQWHUID.HWKDWLVVKDUHGZLWKWKHSHHURU ZLWKWKHSHHU

VJDWHZD\ZKHQWKHgatewaySDUDPHWHULVXVHG$ VHVVLRQZLWKDQH[WHUQDOSHHUZLOORQO\EHRSHQHGZKHQDQLQWHU ID.HZLWKWKHDSSURSULDWHOR.DODGGUHVVWKURXJKZKL.KWKHSHHU RUJDWHZD\DGGUHVVLVGLUH.WO\UHD.KDEOHLVRSHUDWLQJ)RURWKHU W\SHVRISHHUVDSHHUVHVVLRQZLOOEHPDLQWDLQHGZKHQDQ\LQWHU ID.HZLWKWKHVSH.LILHGOR.DODGGUHVVLVRSHUDWLQJ,QHLWKHU.DVH DQLQ.RPLQJ.RQQH.WLRQZLOORQO\EHUH.RJQL]HGDVDPDW.KIRUD .RQILJXUHGSHHULILWLVDGGUHVVHGWRWKH.RQILJXUHGOR.DODGGUHVV :KHQ%*3LVILUVWVWDUWHGLWGHWHUPLQHVZKL.KLQWHUID.HVLWZLOO

178

Configuring GateD

EHXVLQJWR.RPPXQL.DWHZLWKHD.KSHHU%H.DXVHWKLVKDSSHQV DIWHUWKH.RQILJXUDWLRQILOHKDVEHHQUHDGEXWEHIRUHLWKDVEHHQ D.WLYDWHGDQ\VWDWHPHQWVWKDWDIIH.WLQWHUID.HVIRUH[DPSOH PDUNLQJDSDUWL.XODU,3DGGUHVVDVWKHSULPDU\DGGUHVVIRUD JLYHQLQWHUID.HZLOOQRWKDYHWDNHQSOD.H\HW&RQVHTXHQWO\ %*3GRHVQ

WQH.HVVDULO\KDYHWKHVDPHYLHZRIWKHLQWHUID.HVDV WKHUHVWRI*DWH')RUH[DPSOH%*3ZLOODOZD\VSL.NWKHORZHVW ,3IRUDQLQWHUID.HDVEHLQJWKHSULPDU\7KLVLVLPSRUWDQW EH.DXVHLWDIIH.WVWKH,3DGGUHVVWKDW%*3ZLOOXVHWRSHHUIURP 7R.KRRVHWKH.RUUH.WLQWHUID.H\RX.DQXVHWKHlocaltcp RSWLRQWRH[SOL.LWO\VSH.LI\ZKL.K,3DGGUHVVWRXVHIRUSHHULQJ
logupdown logupdown.DXVHVPHVVDJHVWREHORJJHGYLDWKHV\VORJPH.KD QLVPZKHQHYHUD%*3SHHUHQWHUVRUOHDYHVWKH(VWDEOLVKHG VWDWH med

%\GHIDXOWDQ\PHWUL.0XOWLB([LWB'LV.UH.HLYHGRQD%*3 .RQQH.WLRQLVLJQRUHG,I0('VDUHXVHGLQURXWLQJ.RPSXWD WLRQVWKHmedRSWLRQPXVWEHVSH.LILHGRQWKHJURXS%\GHIDXOW 0('VDUHQRWVHQWRQH[WHUQDO.RQQH.WLRQV7RVHQG0('V XVHWKHmetricRSWLRQRIWKHexportVWDWHPHQWRUWKHmetricoutSHHUJURXSSDUDPHWHU :KHQWZRURXWHVWRWKHVDPHGHVWLQDWLRQDUHUH.HLYHGIURPGLI IHUHQWSHHUVZLWKLQWKHVDPHpeer-asWKH\.RXOGKDYHGLIIHUHQW 0('V:KHQ.KRRVLQJEHWZHHQWKHVHURXWHVDVVXPLQJWKDW QRWKLQJHOVHPDNHVRQHSUHIHUDEOHWRWKHRWKHUVX.KDV.RQILJ XUHGSROL.\WKHYDOXHVRIWKHGLIIHUHLQJ0('VDUHXVHGWR .KRRVHZKL.KURXWHWRXVH,QWKLV.RPSDULVRQWKHURXWHZLWK WKHORZHVW0('LVSUHIHUUHG5RXWHVZLWKRXW0('VDUHWUHDWHG DVKDYLQJWKHKLJKHVWSRVVLEOH0('7RHQDEOH0('.RPSDUL VRQLQWKHURXWHVHOH.WLRQDOJRULWKP\RXPXVWVSH.LI\WKHmed RSWLRQIRUWKHSHHU
metricout metric metricoutPD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHG SHHUV7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKH PRVWSUHIHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\  SHHUOHYHOmetricout  JURXSOHYHOmetricout  defaultmetric )RUgroup typesinternal DQGroutingVHWmetricoutRQ WKHgroup.ODXVHLQVWHDGRIRQWKHpeerVXE.ODXVH

179

The Border Gateway Protocol (BGP)

nexthopself

DGGUHVVHYHQLILWZRXOGQRUPDOO\EHSRVVLEOHWRVHQGDWKLUG SDUW\QH[WKRSnexthopselfPD\.DXVHLQHIIL.LHQWURXWHVWREH IROORZHGEXWLWPD\EHQHHGHGLQVRPH.DVHVWRGHDOZLWKEUR NHQEULGJHGLQWHU.RQQH.WPHGLDLQ.DVHVZKHUHWKHURXWHUVRQ WKHVKDUHGPHGLXPGRQRWUHDOO\KDYHIXOO.RQQH.WLYLW\WR HD.KRWKHURUZKHQSROLWL.DOVLWXDWLRQV.DXVHEURNHQOLQNV nexthopself.DQRQO\EHXVHGIRUH[WHUQDOSHHUV

noaggregatorid noaggregatorid.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDVLQVWHDGRIWKHrouteridRIWKH

nexthopselfVHWVWKLVSHHU
VQH[WKRSWRWKHURXWHU
VRZQ

URXWHULQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UH DWLQJDJJUHJDWHURXWHVZLWKGLIIHUHQW$6SDWKV

nogendefault nogendefaultSUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH

ZKHQ%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKHgendefaultRSWLRQLV HQDEOHG

nov4asloop

nov4asloopSUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VHnov4asloopWR DYRLGDGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUG WKHURXWHVRQWRYHUVLRQSHHUV passive passiveSUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQD%*3.RQ

QH.WLRQZLWKWKLVSHHU,QVWHDG*DWH'ZLOOZDLWIRUWKHSHHUWR LQLWLDWHD.RQQH.WLRQpassiveZDVLQWURGX.HGWRKDQGOHD SUREOHPLQ%*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKWERWK DWWHPSWWRLQLWLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLVSUREOHP LVIL[HGLQWKH%*3SURWR.ROVRWKHpassiveRSWLRQLVQRW QHHGHGZLWK%*3VHVVLRQV 1RWH,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQpassiveZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RU WKLVUHDVRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRI passiveLVGLV.RXUDJHG

preference peerpreference preferenceVSH.LILHVWKHSUHIHUHQ.HXVHGIRUURXWHVOHDUQHG

IURPWKHVHSHHUV7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW %*3SUHIHUHQ.HVHWLQWKHbgpVWDWHPHQWVRWKDW*DWH'.DQ SUHIHUURXWHVIURPRQHSHHURYHURWKHUV7KLVSUHIHUHQ.HPD\EH H[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\

180

Configuring GateD

preference2 peerpreference2 preference2EUHDNVDpreferenceWLH7KHGHIDXOWYDOXHLV sendbuffer buffer_size sendbuffer.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRI WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGsendbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV recvbuffer buffer_size recvbuffer.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHV WKHPD[LPXPVXSSRUWHGrecvbufferLVQRWQHHGHGRQQRU PDOO\IXQ.WLRQLQJV\VWHPV

routetopeer

routetopeerVSH.LILHVWKHD.WXDO77/XVHGRQDVR.NHWLQDOO .DVHV,QSDUWL.XODULI*DWH'UHDOL]HVWKDWWZR%*3VSHDNHUVDUH SHHULQJRYHUDVLQJOHQHWZRUN*DWH'DXWRPDWL.DOO\VHWVWKH dontrouteRSWLRQRQWKHLUVR.NHW7KLVLQWXUQ.DXVHVWKH 77/RIWKHSD.NHWVWREHVHWWRroutetopeerSUHYHQWVWKH dontrouteRSWLRQIURPEHLQJVHW,I\RXVSH.LI\routetopeer EXWGRQ

WVSH.LI\D77/DQG\RXDUHGLUH.WO\.RQQH.WHG*DWH' ZLOOVHWWKH77/RI\RXUVR.NHWWR,I\RXZDQWD77/JUHDWHU WKDQIRUGLUH.WO\.RQQH.WHGSHHUV\RXPXVWVSH.LI\ERWK routetopeerDQGWKHttlWKDW\RXUHTXLUH showwarnings showwarnings.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ UH.HLYLQJTXHVWLRQDEOH%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV DUHVLOHQWO\LJQRUHG traceoptions trace_options traceoptionsVSH.LILHVWKHWUD.LQJRSWLRQVIRUWKLV%*3SHHU %\GHIDXOWWKHVHDUHLQKHULWHGIURPJURXSRU%*3JOREDOWUD.H RSWLRQV6HH6H.WLRQ7UD.H6WDWHPHQWVDQGWKH%*3VSH.LIL. WUD.LQJRSWLRQVEHORZ ttl ttl

%\GHIDXOW*DWH'VHWVWKH,377/IRUOR.DOSHHUVWRDQGWKH 77/IRUQRQOR.DOSHHUVWRWKHGHIDXOWNHUQHOYDOXH7KHttl RSWLRQLVSURYLGHGPDLQO\ZKHQDWWHPSWLQJWR.RPPXQL.DWH ZLWKLPSURSHUO\IXQ.WLRQLQJURXWHUVWKDWLJQRUHSD.NHWVVHQW ZLWKD77/RI1RWDOONHUQHOVDOORZWKH77/WREHVSH.LILHG

181

The Border Gateway Protocol (BGP)

IRU7&3.RQQH.WLRQV
v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVWKDWKDYHORRSHG$6 SDWKVLHURXWHVZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKH SDWKWRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKHv3asloopokay IODJUHPRYHVWKLV.RQVWUDLQWv3asloopokayLVLJQRUHGZKHQ VHWRQLQWHUQDOSHHUV

version number versionVSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK

WKLVSHHU,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLVXVHG ILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,ILWLVVSH.LILHGRQO\ WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLDWLRQ7KH .XUUHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG 2.2.2.6.2 BGP Consortium Tracing Options 1RWH 7KHVWDWHRSWLRQZRUNVZLWK%*3EXWGRHVQRWSURYLGHWUXHVWDWH WUDQVLWLRQLQIRUPDWLRQ 3D.NHWWUD.LQJRSWLRQVZKL.KPD\EHPRGLILHGZLWKdetailsendDQG recvLQ.OXGHWKHIROORZLQJ
packets

7UD.HDOO%*3SD.NHWV
open

7UD.H%*3RSHQSD.NHWVZKL.KDUHXVHGWRHVWDEOLVKDSHHUUHOD WLRQVKLS
update

7UD.H%*3XSGDWHSD.NHWVZKL.KDUHXVHGWRSDVVQHWZRUN UHD.KDELOLW\LQIRUPDWLRQ
keepalive

7UD.H%*3NHHSDOLYHSD.NHWVZKL.KDUHXVHGWRYHULI\SHHU UHD.KDELOLW\
all

7UD.HDGGLWLRQV.KDQJHVGHOHWLRQVWRWKH*DWH'URXWLQJWDEOH 2.2.2.6.3 BGP Consortium Configurable Options 6HHWKHIROORZLQJVH.WLRQVIRUPRUHLQIRUPDWLRQDERXWVSH.LIL.%*3 RSWLRQV 2.2.2.6.3.1 Route Reflection Overview and Examples %*3VXSSRUWVURXWHUHIOH.WLRQIRULQWHUQDOSHHUJURXSVZLWK%*3YHU VLRQRQO\:KHQXVLQJURXWHUHIOH.WLRQWKHUXOHWKDWDURXWHUPD\QRW UHDGYHUWLVHURXWHVIURPLQWHUQDOSHHUVWRRWKHULQWHUQDOSHHUVLVUHOD[HGIRU VRPHURXWHUVZKL.KDUH.DOOHGURXWHUHIOH.WRUV

182

Configuring GateD

*HQHUDOO\DOOERUGHUURXWHUVLQDVLQJOH$6QHHGWREHLQWHUQDOSHHUVRI HD.KRWKHUDQGLQID.WDOOQRQERUGHUURXWHUVIUHTXHQWO\QHHGWREHLQWHU QDOSHHUVRIDOOERUGHUURXWHUV$OWKRXJKWKLV.RQILJXUDWLRQLVXVXDOO\ D..HSWDEOHLQVPDOOQHWZRUNVLWPD\OHDGWRXQD..HSWDEO\ODUJHLQWHUQDO SHHUJURXSVLQODUJHQHWZRUNV7RKHOSDGGUHVVWKLVSUREOHP%*3VXS SRUWVURXWHUHIOH.WLRQIRULQWHUQDOSHHUJURXSVZLWK%*3YHUVLRQRQO\ :KHQXVLQJURXWHUHIOH.WLRQWKHUXOHWKDWDURXWHUPD\QRWUHDGYHUWLVH URXWHVIURPLQWHUQDOSHHUVWRRWKHULQWHUQDOSHHUVLVUHOD[HGIRUVRPH URXWHUV.DOOHGURXWHUHIOH.WRUV$W\SL.DOXVHRIURXWHUHIOH.WLRQPLJKW LQYROYHD.RUHED.NERQHRIIXOO\PHVKHGURXWHUVIXOO\PHVKHGPHDQV DOOWKHURXWHUVLQWKHJURXSSHHUGLUH.WO\ZLWKDOORWKHUURXWHUVLQWKH JURXS6RPHRIWKHVHURXWHUVD.WDVURXWHUHIOH.WRUVIRUURXWHUVWKDWDUH QRWSDUWRIWKH.RUHJURXS 7ZRW\SHVRIURXWHUHIOH.WLRQDUHVXSSRUWHGURXWHV.DQEHVHQWWRDOO LQWHUQDOSHHUVRURQO\WRLQWHUQDOSHHUVWKDWDUHQRWPHPEHUVRIWKH.OL HQW
VJURXS%\GHIDXOWDOOURXWHVUH.HLYHGE\WKHURXWHUHIOH.WRUIURPD .OLHQWDUHVHQWWRDOOLQWHUQDOSHHUVLQ.OXGLQJWKH.OLHQW
VJURXSEXWQRWWKH .OLHQWLWVHOI,IWKHno-client-reflect RSWLRQLVHQDEOHGURXWHV UH.HLYHGIURPDURXWHUHIOH.WLRQ.OLHQWDUHVHQWRQO\WRLQWHUQDOSHHUVWKDW DUHQRWPHPEHUVRIWKH.OLHQW
VJURXS,QWKLV.DVHWKH.OLHQW
VJURXSPXVW LWVHOIEHIXOO\PHVKHG,QHLWKHU.DVHDOOURXWHVUH.HLYHGIURPDQRQ.OLHQW LQWHUQDOSHHUDUHVHQWWRDOOURXWHUHIOH.WLRQ.OLHQWV 7\SL.DOO\DVLQJOHURXWHUZLOOD.WDVWKHUHIOH.WRUIRUDVHWRU.OXVWHURI.OL HQWV+RZHYHUIRUUHGXQGDQ.\WZRRUPRUHPD\DOVREH.RQILJXUHGWREH UHIOH.WRUVIRUWKHVDPH.OXVWHU,QWKLV.DVHD.OXVWHU,'VKRXOGEH VHOH.WHGXVLQJWKH clusterid NH\ZRUGWRLGHQWLI\DOOUHIOH.WRUVVHUYLQJ WKH.OXVWHU*UDWXLWRXVXVHRIPXOWLSOHUHGXQGDQWUHIOH.WRUVLVQRWDGYLVHG EH.DXVHLW.DQOHDGWRDQLQ.UHDVHLQWKHPHPRU\UHTXLUHGWRVWRUHURXWHV RQWKHUHGXQGDQWUHIOH.WRUV
SHHUV 1RVSH.LDO.RQILJXUDWLRQLVUHTXLUHGRQWKHURXWHUHIOH.WLRQ.OLHQWV)URP D.OLHQW
VSHUVSH.WLYHDURXWHUHIOH.WRULVVLPSO\DQRUPDO,%*3SHHU$Q\ %*3YHUVLRQ VSHDNHUVKRXOGEHDEOHWREHDUHIOH.WRU.OLHQW 1RWH*DWH'YHUVLRQV%DQGHDUOLHUDVZHOODV$DQGHDUOLHU.RQ WDLQDEXJWKDWSUHYHQWVWKHPIURPD.WLQJDVURXWHUHIOH.WLRQ.OLHQWV 5HIHUWRWKHURXWHUHIOH.WLRQVSH.LIL.DWLRQGR.XPHQW5)&IRUIXU WKHUGHWDLOV5)&.DQEHIRXQGDW KWWSZZZPHULWHGXLQWHUQHWGR.XPHQWVUI.UI.W[W $OOURXWHVUH.HLYHGIURPDQ\JURXSPHPEHUZLOOEHVHQWWRDOORWKHULQWHU QDOQHLJKERUVDQGDOOURXWHVUH.HLYHGIURPDQ\RWKHULQWHUQDOQHLJKERUV ZLOOEHVHQWWRWKHUHIOH.WRU.OLHQWV%H.DXVHWKHURXWHUHIOH.WRUIRUZDUGV URXWHVLQWKLVZD\WKHUHIOH.WRU.OLHQWJURXSQHHGQRWEHIXOO\PHVKHG,I WKHno-client-reflectRSWLRQLVVSH.LILHGURXWHVUH.HLYHGIURPUHIOH. WRU.OLHQWVZLOORQO\EHVHQWWRLQWHUQDOQHLJKERUVWKDWDUHQRWLQWKHVDPH

183

The Border Gateway Protocol (BGP)

JURXSDVWKHVHQGLQJUHIOH.WRU.OLHQW,QWKLV.DVHWKHUHIOH.WRU.OLHQW JURXSVKRXOGEHIXOO\PHVKHG,QDOO.DVHVURXWHVUH.HLYHGIURPQRUPDO LQWHUQDOSHHUVZLOOEHVHQWWRDOOUHIOH.WRU.OLHQWV 1RWH ,WLVQH.HVVDU\WRH[SRUWURXWHVIURPWKHOR.DO$6ED.NLQWRWKH OR.DO$6ZKHQD.WLQJDVDURXWHUHIOH.WRU)RUH[DPSOHVXSSRVHWKDWWKH OR.DO$6QXPEHULV $QH[SRUWVWDWHPHQWOLNHWKHIROORZLQJZRXOGVXI IL.HWRPDNHUHIOH.WLRQZRUN.RUUH.WO\

export proto bgp as 2 { proto bgp as 2 {all;}; # for reflection # other exports };

,IWKH.OXVWHU,'LV.KDQJHGDQG*DWH'LVUH.RQILJXUHGZLWKDSIGHUPDOO %*3VHVVLRQVZLWKUHIOH.WRU.OLHQWVZLOOEHGURSSHGDQGUHVWDUWHG $QRWKHUH[DPSOHIROORZV

traceoptions "/var/tmp/gated.log" replace size 1000k files 3 all; autonomous-system 64512; routerid 192.168.11.1; rip no; bgp yes { group type internal peeras 64512 reflector-client { peer 192.168.10.2; peer 192.168.10.3; peer 192.168.10.4; peer 192.168.10.5; peer 192.168.10.6; }; group type internal peeras 64512 { peer 192.168.11.2; peer 192.168.11.3; }; };

static { default gw 172.16.0.1 retain; };

import proto bgp as 64512 {

184

Configuring GateD

all; };

export proto bgp as 64512 { proto bgp as 64512 { all; }; };

 7KHDERYHJDWHG.RQIILOHLVIRUDURXWHUHIOH.WRULQDVHWRIIXOO\ PHVKHG,%*3PD.KLQHV2IWKHPD.KLQHVDUHQRWUHIOH.WRUV7KHVH DUHUHIOH.WRU.OLHQWVDQGDUHQRW.RQILJXUHGLQDQ\VSH.LDOZD\ ,QWKLVPHVKWKHUHDUHDWRWDORI,%*3.RQQH.WLRQV:LWKRXWWKHURXWH UHIOH.WRUV5WKURXJK5ZRXOGKDYHWRPDLQWDLQDIXOOLQWHUQDOPHVKRQ WKHLURZQ7KLVZRXOGUHVXOWLQRU,%*3.RQQH.WLRQV 2.2.2.6.3.2 Weighted Route Dampening Overview, Syntax and Defaults 7KHEDVL.LGHDRIZHLJKWHGURXWHGDPSHQLQJLVWRWUHDWURXWHVWKDWDUH EHLQJDQQRXQ.HGDQGZLWKGUDZQIODSSLQJDWDUDSLGUDWHDVXQUHD.KDEOH ,IDURXWHIODSVDWDORZUDWHLWVKRXOGQRWEHVXSSUHVVHGDWDOORUVXS SUHVVHGRQO\IRUDEULHISHULRGRIWLPH:LWKZHLJKWHGURXWHGDPSHQLQJ WKHVXSSUHVVLRQRIDURXWHRUURXWHVR..XUVLQDPDQQHUWKDWDGDSWVWRWKH IUHTXHQ.\DQGGXUDWLRQWKDWDSDUWL.XODUURXWHDSSHDUVWREHIODSSLQJ7KH PRUHDURXWHIODSVGXULQJDSHULRGRIWLPHWKHORQJHULWZLOOEHVXS SUHVVHG7KHDGDSWLYH.KDUD.WHULVWL.VRIZHLJKWHGURXWHGDPSHQLQJDUH .RQWUROOHGE\DIHZ.RQILJXUDEOHSDUDPHWHUV &XUUHQWO\RQO\URXWHVOHDUQHGYLD%*3DUHVXEMH.WWRZHLJKWHGURXWH GDPSHQLQJDOWKRXJKQRSURWR.ROVZLOODQQRXQ.HVXSSUHVVHGURXWHV7KH ZHLJKWHGURXWHGDPSHQLQJ.RQILJXUDWLRQVWDWHPHQWLVQRWZLWKLQWKH%*3 VWDWHPHQWEXWLVDVHSDUDWHDQGGLVWLQ.W.RQILJXUDWLRQ.RQ.HSWXDOO\LWLV PX.KOLNHinterfaceRUkernelVWDWHPHQWV 7KHV\QWD[IRUZHLJKWHGURXWHGDPSHQLQJLQ*DWH'LV
dampen-flap { [ suppress-above metric ; reuse-below metric ; max-flap metric ; unreach-decay time ; reach-decay time ; keep-history time ; ] };

185

The Border Gateway Protocol (BGP)

suppress-above metric suppress-aboveLVWKHYDOXHRIWKHLQVWDELOLW\PHWUL.DWZKL.K

URXWHVXSSUHVVLRQZLOOWDNHSOD.HDURXWHZLOOQRWEHLQVWDOOHGLQ WKH),%RUDQQRXQ.HGHYHQLILWLVUHD.KDEOHGXULQJWKHSHULRG WKDWLWLVVXSSUHVVHG LVWKHYDOXHRIWKHLQVWDELOLW\PHWUL.DWZKL.KD VXSSUHVVHGURXWHZLOOEH.RPHXQVXSSUHVVHGLILWLVUHD.KDEOH EXW.XUUHQWO\VXSSUHVVHG7KHYDOXHDVVLJQHGWR reuse-below PXVWEHOHVVWKDQ suppress-above.

reuse-below metric reuse-below

max-flap metric max-flapLVWKHXSSHUOLPLWRIWKHLQVWDELOLW\PHWUL.7KLVYDOXH PXVWEHJUHDWHUWKDQWKHODUJHURIDQG suppress_above.

$VVLJQHGWRWKHDERYHWKUHHSDUDPHWHUVLVDIORDWLQJSRLQWQXPEHULQ XQLWVRIIODSV(D.KWLPHDURXWHEH.RPHVXQUHD.KDEOHLVDGGHGWRWKH .XUUHQWLQVWDELOLW\PHWUL.

reach-decay time reach-decay

VSH.LILHVWKHWLPHGHVLUHGIRUWKHLQVWDELOLW\PHW UL.YDOXHWRUHD.KRQHKDOIRILWV.XUUHQWYDOXHZKHQWKHURXWHLV UHD.KDEOH7KLVKDOIOLIHYDOXHGHWHUPLQHVWKHUDWHDWZKL.KWKH PHWUL.YDOXHLVGH.D\HG$VPDOOHUKDOIOLIHYDOXHZLOOPDNHDVXS SUHVVHGURXWHUHXVDEOHVRRQHUWKDQDODUJHUYDOXH H[.HSWWKDWLW VSH.LILHVWKHUDWHDWZKL.KWKHLQVWDELOLW\PHWUL.LVGH.D\HGZKHQ DURXWHLVXQUHD.KDEOH,WVKRXOGKDYHDYDOXHJUHDWHUWKDQRU HTXDOWRreach-decay.

unreach-decay time unreach-decayD.WVWKHVDPHDVreach-decay

keep-history time

VSH.LILHVWKHSHULRGRYHUZKL.KWKHURXWHIODS SLQJKLVWRU\LVWRPDLQWDLQHGIRUDJLYHQURXWH7KHVL]HRIWKH .RQILJXUDWLRQDUUD\VGHV.ULEHGEHORZLVGLUH.WO\DIIH.WHGE\WKLV YDOXH ,IRQO\dampen-flap {};LVVSH.LILHGLQWKH.RQILJXUDWLRQILOHWKHQWKH IROORZLQJGHIDXOWYDOXHVDUHXVHG

keep-history suppress-above = 3.0; reuse-below = 2.0; max-flap = 16.0; unreach-decay = 900; reach-decay = 300; keep-history = 1800;

186

Configuring GateD

2.2.2.6.3.3 Setpref/Local_Pref Overview 7KH setpref RSWLRQDOORZV*DWH'WRVHWWKHLocal_Pref WRUHIOH.W *DWH'

VRZQLQWHUQDOSUHIHUHQ.HIRUWKHURXWHDVJLYHQE\WKHJOREDOSUR WR.ROSUHIHUHQ.HYDOXH7KH setpref RSWLRQPD\EHXVHGZLWKURXWLQJRU LQWHUQDOW\SHJURXSV7KH Local_Pref LVQHYHUVHWGLUH.WO\EXWUDWKHUDV DIXQ.WLRQRIWKH*DWH'preference DQG setpref PHWUL.V. ,I setpref RSWLRQLVVHWRQRQHLQWHUQDOSHHUJURXSLWPXVWEHVHWRQDOO LQWHUQDOSHHUJURXSV7KH setpref RSWLRQPD\RQO\EHXVHGRQLQWHUQDO SHHUJURXSW\SHVLQWHUQDORUURXWLQJ 7KHWUDQVODWLRQRI*DWH'
VLQWHUQDOSUHIHUHQ.HWRDQGIURP Local_Pref LVGRQHDVIROORZV,QWKHWDEOHEHORZmetric LVWKHDUJXPHQWWRsetprefHJLQWKHVWDWHPHQW "setpref 100," metric LV. "([SRUWHG 3UHIHUHQ.HLVWKH*DWH'SUHIHUHQ.HRIWKHH[SRUWHGURXWH,PSRUWHG 3UHIHUHQ.HLVWKH*DWH'SUHIHUHQ.HDVVLJQHGWRWKHLPSRUWHGURXWH ,QHIIH.WDQ\*DWH'SUHIHUHQ.HRIOHVVWKDQmetric LVH[SRUWHGVX.KWKDW ([SRUWHG 3UHIHUHQ.H /HVVWKDQmetric
metricWR

/R.DOB3UHI  WRmetric *UHDWHUWKDQ

,PSRUWHG 3UHIHUHQ.H
metric metricWR metric

1$

LWZLOOEHUHLPSRUWHGE\DGLVWDQW*DWH'ZLWKDSUHIHUHQ.HRIH[D.WO\ metric.$Q\SUHIHUHQ.HRI metric RUDERYHZLOOEHH[SRUWHGVX.KWKDWLW ZLOOEHUHLPSRUWHGZLWKWKHVDPHSUHIHUHQ.HLWKDGRULJLQDOO\

Local_PrefDVH[SRUWHGWR%*3SHHUVLV.DO.XODWHGDV Local_Pref ric

JOREDOSURWR.RO preference IRUWKLVURXWH met-

$YDOXHJUHDWHUWKDQZLOOEHUHVHWWR*DWH'ZLOORQO\VHQG Local_Pref YDOXHVEHWZHHQDQG )RUH[DPSOHVXSSRVH*DWH'LVVHQGLQJURXWHVWRDQLQWHUQDOJURXSXVLQJ setpref 100DQGWKHURXWHVDUHVXEVHTXHQWO\UH.HLYHGE\DQRWKHU URXWHULQWKHJURXSDOVRXVLQJsetpref 1007KHWDEOHEHORZOLVWV VRPHVDPSOHURXWHSUHIHUHQ.HVWKHLocal_PrefsZLWKZKL.KWKHURXWHV ZLOOEHVHQWDQGWKHSUHIHUHQ.HVZLWKZKL.KWKHURXWHVZLOOEHLPSRUWHG 3UHIHUHQ.H%HIRUH ([SRUW  /R.DOB3UHI   3UHIHUHQ.H$IWHU ,PSRUW 

187

The Border Gateway Protocol (BGP)

3UHIHUHQ.H%HIRUH ([SRUW        

/R.DOB3UHI

3UHIHUHQ.H$IWHU ,PSRUW    

Note: 1RQ*DWH',%*3LPSOHPHQWDWLRQVPD\VHQG Local_Prefs WKDW DUHJUHDWHUWKDQ:KHQRSHUDWLQJDPL[HGQHWZRUNRIWKLVW\SHLWLV UH.RPPHQGHGWKDWDOOURXWHUVUHVWUL.WWKHPVHOYHVWRVHQGLQJ Local_Prefs LQWKHUDQJHmetricWR 1RWH$OOURXWHUVLQWKHVDPHQHWZRUNWKDWDUHUXQQLQJ*DWH'DQGSDUWL. LSDWLQJLQ,%*3VKRXOGXVHsetpref XQLIRUPO\7KDWLVLIRQHURXWHUKDV setpref VHWDOOVKRXOGVHWLWDQGDOOVKRXOGXVHWKHVDPHYDOXHRImetric.7KHYDOXHIRU metric VKRXOGEHVHOH.WHGWREH.RQVLVWHQWZLWKWKH LPSRUWSROL.\LQXVHLQWKHQHWZRUN)RUH[DPSOHLILPSRUWSROL.\VHWV *DWH'SUHIHUHQ.HVUDQJLQJIURPWRDsetpref metric RI ZRXOGPDNHVHQVH,WLVDGYLVDEOHWRVHW metric KLJKHQRXJKWRDYRLG .RQIOL.WVEHWZHHQ%*3URXWHVDQG,*3RUVWDWL.URXWHV 5RXWHVSURSDJDWHGE\,%*3PXVWLQ.OXGHDLocal_Pref DWWULEXWH Local_Pref PD\EHXVHGE\D%*3VSHDNHUWRLQIRUPRWKHU%*3VSHDN HUVLQLWVRZQDXWRQRPRXVV\VWHPRIWKHRULJLQDWLQJVSHDNHU
VGHJUHHRI SUHIHUHQ.HIRUDQDGYHUWLVHGURXWH8QOHVVWKH setpref RSWLRQKDVEHHQ VHW%*3VHQGVWKHLocal_PrefSDWKDWWULEXWHDV *DWH'DOZD\VXVHVWKHUH.HLYHG Local_Pref WRVHOH.WEHWZHHQ%*3 URXWHVWKDWKDYHWKHVDPH*DWH'SUHIHUHQ.H%*3URXWHVZLWKDODUJHU Local_PrefDUHSUHIHUUHG )RUWKLVWRSRORJ\
BGP2 / \ / \ BGP1---BGP3 | | AS 65000

AS 65100

7KHIROORZLQJ.RQILJXUDWLRQZLOO.DXVH$6WRSUHIHUURXWHVIURP WKH%*3%*3OLQN %*3&RQILJXUDWLRQ

bgp yes { group type external peeras 65000 { peer 10.0.0.2; # BGP2 };

188

Configuring GateD

group type internal peeras 65100 setpref 100 { peer 192.168.10.2; # BGP3 }; };

%*3&RQILJXUDWLRQ
bgp yes { group type external peeras 65000 { peer 10.0.0.2; # BGP2 }; group type internal peeras 65100 setpref 99 { peer 192.168.10.1; # BGP1 }; };

2.2.2.6.3.4 Communities Overview and Examples 7KH.RPPXQLW\DWWULEXWHDOORZVWKHDGPLQLVWUDWRURIDURXWLQJGRPDLQWR WDJJURXSVRIURXWHVZLWKD.RPPXQLW\WDJ7KHWDJ.RQVLVWVRIR.WHWVRI DXWRQRPRXVV\VWHP$6DQGR.WHWVRI.RPPXQLW\,'7KHcommunity DWWULEXWHLVSDVVHGIURPURXWLQJGRPDLQWRURXWLQJGRPDLQWRPDLQWDLQ WKHJURXSLQJRIWKHVHURXWHV$VHWRIURXWHVPD\KDYHPRUHWKDQRQH .RPPXQLW\WDJLQLWVcommunityDWWULEXWH 7KHLPSRUWDQGH[SRUWSROL.\RID.RPPXQLW\LV.RQILJXUHGXVLQJWKH .RPP.ODXVHRUcomm-add.ODXVHWRWKHgroupimportDQG export VWDWHPHQWV 3OHDVHUHIHUWRWKH.RPPXQLWLHVVSH.LIL.DWLRQ5)&DQGLWVD..RP SDQ\LQJXVDJHGR.XPHQW5)&IRUIXUWKHUGHWDLOVRQ%*3.RP PXQLWLHV5)&.DQEHIRXQGDW KWWSZZZPHULWHGXLQWHUQHWGR.XPHQWVUI.UI.W[W 5)&.DQEHIRXQGDW KWWSZZZPHULWHGXLQWHUQHWGR.XPHQWVUI.UI.W[W &RPPXQLWLHVDUHQRWDYDLODEOHLQWKH*DWH'SXEOL..RGH &RPPXQLWLHVPD\EHVSH.LILHGDVDQ$6DQGD.RPPXQLW\,'ZLWKWKH comm-splitNH\ZRUGRUDVRQHRIWKHGLVWLQJXLVKHGVSH.LDO.RPPXQLWLHV ZLWKWKHcommNH\ZRUG:KHQRULJLQDWLQJ%*3.RPPXQLWLHVWKHVHWRI .RPPXQLWLHVWKDWLVD.WXDOO\VHQWLVWKHXQLRQRIWKH.RPPXQLWLHVUH.HLYHG ZLWKWKHURXWHLIDQ\WKRVHVSH.LILHGLQJURXSSROL.\LIDQ\DQGWKRVH VSH.LILHGLQH[SRUWSROL.\LIDQ\:KHQUH.HLYLQJ%*3.RPPXQLWLHVWKH XSGDWHLVRQO\PDW.KHGLIDOO.RPPXQLWLHVVSH.LILHGLQcommDUHSUHVHQWLQ WKH%*3XSGDWH,IDGGLWLRQDO.RPPXQLWLHVDUHDOVRSUHVHQWLQWKH XSGDWHLWZLOOVWLOOEHPDW.KHG7KHOLPLWRI.RPPXQLWLHVLQDQ\VLQJOH SROL.\.ODXVHPD\EHLQ.UHDVHGDW.RPSLOHWLPHE\LQ.UHDVLQJWKHYDOXHRI AS_COMM_MAX

189

The Border Gateway Protocol (BGP)

comm-split autonomous_system community_id comm-split.DXVHVD.RPPXQLW\WDJWREHDGGHGWRWKHWUDQV PLWWHGSDWKDWWULEXWHV7KHautonomous_systemSDUWRIWKH

.RPPXQLW\VKRXOGEHVHWWRWKHOR.DO$6XQOHVVWKHUHLVDVSH .LIL.QHHGWRGRRWKHUZLVH7KLVDVVR.LDWHVDQ$6ZLWKD.RPPX QLW\

community no-export community no-exportLVDVSH.LDO.RPPXQLW\WKDWLQGL.DWHV

WKDWWKHURXWHVDVVR.LDWHGZLWKWKLVDWWULEXWHPXVWQRWEHDGYHU WLVHGRXWVLGHD%*3$6ERXQGDU\ LVDVSH.LDO.RPPXQLW\WKDWLQGL .DWHVWKDWWKHURXWHVDVVR.LDWHGZLWKWKLVDWWULEXWHPXVWQRWEH DGYHUWLVHGWRRWKHU%*3SHHUV

community no-advertise community no-advertise

community no-export-subconfed community no-export-subconfedLVDVSH.LDO.RPPXQLW\

WKDWLQGL.DWHVWKDWWKHURXWHVDVVR.LDWHGZLWKWKLVDWWULEXWHPXVW QRWEHDGYHUWLVHGWRH[WHUQDO%*3SHHUV

community none

ZRUGWKDWVSH.LILHVWKDWDUH.HLYHG%*3XSGDWHLVRQO\WREH PDW.KHGLIQR.RPPXQLWLHVDUHSUHVHQW,WKDVQRHIIH.WZKHQ RULJLQDWLQJ.RPPXQLWLHV 7KHIROORZLQJH[DPSOHZLOOLPSRUWRQO\URXWHVIURP$6WKDWDUH VWDPSHGZLWK.RPPXQLW\

import proto bgp as 203 comm { comm-split 203 99 } { all; };

community noneLVQRWD.WXDOO\D.RPPXQLW\EXWUDWKHUDNH\

7KHIROORZLQJH[DPSOHZLOORQO\H[SRUWURXWHVWR$6DQGIURP$6 WKDWDUHVWDPSHGZLWK.RPPXQLW\
export proto bgp as 205 comm { comm-split 203 99 } { proto bgp static {

190

Configuring GateD

all; }; };

&RPPXQLWLHVDUHDGGHGWRDURXWHZLWKWKHcomm-add DVSDWKRSWLRQV 7KHIROORZLQJH[DPSOHH[SRUWVURXWHVWR$6DQGIURP$6URXWHV WKDWDUHVWDPSHGZLWK.RPPXQLW\RQWRRXWJRLQJURXWHV

export proto bgp as 205 comm-add { comm-split 203 99 } { proto bgp static { all; }; };

2.2.2.6.3.5 Multi-Exit Discriminator Overview and Examples 7KH0XOWL([LW'LV.ULPLQDWRURU0('DOORZVWKHDGPLQLVWUDWRURID URXWLQJGRPDLQWR.KRRVHEHWZHHQYDULRXVH[LWVIURPDQHLJKERULQJ$6 7KLVDWWULEXWHLVXVHGRQO\IRUGH.LVLRQPDNLQJLQ.KRRVLQJWKHEHVWURXWH WRWKHQHLJKERULQJ$6,IDOOWKHRWKHUID.WRUVIRUDSDWKWRDJLYHQ$6DUH HTXDOWKHSDWKZLWKWKHORZHU0('YDOXHWDNHVSUHIHUHQ.HRYHURWKHU SDWKV 7KLVDWWULEXWHLVQRWSURSDJDWHGWRRWKHUQHLJKERULQJ$6V7KLVDWWULEXWH PD\EHSURSDJDWHGKRZHYHUWRRWKHU%*3VSHDNHUVZLWKLQWKHVDPH$6 7KH0('DWWULEXWHIRU%*3YHUVLRQLVDIRXUR.WHWXQVLJQHGLQWHJHU 0('LVRULJLQDWHGXVLQJWKHmetricoutRSWLRQRIJURXSRUSHHUVWDWH PHQWVRUWKHmetricRSWLRQRIWKHH[SRUWVWDWHPHQW,WLVLPSRUWHGXVLQJ WKHmedNH\ZRUGRQWKH%*3JURXSVWDWHPHQW 0('VDUHQRWDYDLODEOHLQWKH*DWH'SXEOL..RGH 7KHmetricoutDQGmetricRSWLRQVDUHXVHGWRVSH.LI\WKHYDOXHRI 0('IRUH[SRUWHGURXWHV0('VDUHDYDLODEOHLQJDWHGXQLDQGJDWHG .RPEREXWQRWJDWHGSXE7KHmetricoutRSWLRQ.DQEHVSH.LILHGRQ WKHJURXSVWDWHPHQW
group type external peeras 31337 metricout 5 { peer 192.168.10.32; peer 192.168.10.33; };

$QGWKHSHHUVWDWHPHQW
group type external peeras 31337 {

191

The Border Gateway Protocol (BGP)

peer 192.168.10.32 metricout 2; peer 192.168.10.33 metricout 3; };

7KHHTXLYDOHQWPHWUL.NH\ZRUG.DQEHVSH.LILHGRQWKHH[SRUWVWDWHPHQW OLNHWKLV
export proto bgp as 31337 metric 5 { proto static { all; }; };

$QGOLNHWKLV
export proto bgp as 31337 { proto bgp as 64000 metric 1 { all; }; proto static metric 3 { all; }; proto direct metric 7 { all; }; };

7KHPHGNH\ZRUGPXVWEHVSH.LILHGRQWKHJURXSVWDWHPHQWIRU*DWH' WR.RQVLGHUPHWUL.VZKHQ.DO.XODWLQJDQH[WKRSWKHGHIDXOWD.WLRQLVWR LJQRUH0('V 2.2.2.6.3.6 Confederations 7KH%*3VSH.LIL.DWLRQUHTXLUHVWKDWDOOLQWHUQDO%*3VSHDNHUVPDLQWDLQD IXOOPHVK$VWKHQXPEHURI%*3VSHDNHUVLQDQ$6JURZVWKHQXPEHU RISHHULQJVHVVLRQVWKDWPXVWEHPDLQWDLQHGJURZVID.WRULDOO\7KLV.DQ SXWDJUHDWVWUDLQRQLQIUDVWUX.WXUHERWKLQWHUPVRIWKHKDUGZDUHLQURXW HUVDQGLQWHUPVRIWKHDPRXQWRIEDQGZLGWK.RQVXPHGE\URXWLQJWUDI IL. ,QRUGHUWRKHOSUHOLHYHWKHVWUDLQRQUHVRXU.HV5)&VSH.LILHVDQ DOWHUQDWLYHWRIXOOPHVK,%*3NQRZQDV%*3&RQIHGHUDWLRQV$%*3 &RQIHGHUDWLRQLVD.ROOH.WLRQRIDXWRQRPRXVV\VWHPVWKDWSUHVHQWWKHP VHOYHVDVDVLQJOH$6WRSHHUVRXWVLGHRIWKH.RQIHGHUDWLRQ $OO%*3VSHDNHUVZLWKLQD.RQIHGHUDWLRQDUHDVVLJQHGWZR$6QXPEHUV 7KHILUVWRIWKHVHLVWKHLUQRUPDO$6QXPEHUWREHXVHGZLWKLQWKH.RQ IHGHUDWLRQ7KHVH.RQGLVNQRZQDVWKHLU.RQIHGHUDWLRQ,' $OO%*3VSHDNHUVZLWKLQDVLQJOH.RQIHGHUDWLRQPXVWEHDVVLJQHGWKH VDPH.RQIHGHUDWLRQ,'7KLV.RQIHGHUDWLRQ,'LVWKHDXWRQRPRXVV\VWHP QXPEHUWKDW%*3VSHDNHUVRXWVLGHRIWKH.RQIHGHUDWLRQVHHDV.RQVLVWLQJ RIDOO%*3VSHDNHUVZLWKLQWKH.RQIHGHUDWLRQGHVSLWHWKHID.WWKDWWKH
192

Configuring GateD

YDULRXVPHPEHUVRIWKH.RQIHGHUDWLRQDUHDOPRVW.HUWDLQO\D.WXDOO\ZLWKLQ GLIIHUHQWDXWRQRPRXVV\VWHPV :KHQ%*3VSHDNHUVZLWKLQWKHVDPH.RQIHGHUDWLRQ.RPPXQL.DWHZLWK HD.KRWKHUWKH\SHUIRUPLGHQWL.DOO\WR%*3VSHDNHUVQRWLQ.RQIHGHUD WLRQVZLWKRQHH[.HSWLRQUDWKHUWKDQXVLQJWKH$6B6(48(1&(DQG $6B6(7SDWKDWWULEXWHVWKH\XVHWKH&21)('B6(48(1&(DQG &21)('B6(7SDWKDWWULEXWHV7KHQZKHQD%*3VSHDNHUZLWKLQWKH .RQIHGHUDWLRQJRHVWRDGYHUWLVHURXWHVWRD%*3VSHDNHUQRWZLWKLQWKH .RQIHGHUDWLRQDOODWWULEXWHVRIWKHW\SH&21)('B6(48(1&(RU &21)('B6(7DUHVWULSSHGDQGUHSOD.HGZLWKDVLQJOH $6B6(48(1&(.RQVLVWLQJRIWKH.RQIHGHUDWLRQLGHQWLILHU,QWKLVIDVK LRQWKHLQWHUQDO$6WRSRORJ\RIWKH.RQIHGHUDWLRQLVNHSWKLGGHQIURPWKH UHVWRIWKHZRUOG

193

The Border Gateway Protocol (BGP)

194

Configuring GateD

Chapter 2 Section 3
Other Routing Protocols
2.3.0 Other Routing Protocols Overview 2.3.1 Router Discovery *DWH'VXSSRUWVWKHIROORZLQJ

The Router Discovery protocol is used to inform hosts of the availability of other hosts to which it can send packets. Router Discovery is used to supplement a statically configured default router. This is the preferred protocol for hosts to run. They are discouraged from ZLUHWDSSLQJ routing protocols. Router Discovery is describedLQ5)&ZKL.K.DQEH IRXQGDW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOV.RQILJBJXLGHUHI HUHQ.HVKWPO

195

Other Routing Protocols

196

Configuring GateD

Chapter 2 Section 3.1

Router Discovery
2.3.1.0 Router Discovery Overview 7KH5RXWHU'LV.RYHU\3URWR.ROLVDQ,(7)VWDQGDUGSURWR.RO5)& XVHGWRLQIRUPKRVWVRIWKHH[LVWHQ.HRIURXWHUV,WLVLQWHQGHGWREHXVHG LQVWHDGRIKDYLQJKRVWVZLUHWDSURXWLQJSURWR.ROVVX.KDV5,3,WLVXVHGLQ SOD.HRIRULQDGGLWLRQWRVWDWL.DOO\.RQILJXUHGGHIDXOWURXWHVLQKRVWV$ OLQNWR5)&.DQEHIRXQGDW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOV.RQILJBJXLGHUHI HUHQ.HVKWPO 7KHSURWR.ROLVVSOLWLQWRWZRSRUWLRQVWKH serverSRUWLRQZKL.KUXQVRQ URXWHUVDQGWKH client SRUWLRQZKL.KUXQVRQKRVWV*DWH'WUHDWVWKHVH PX.KOLNHWZRVHSDUDWHSURWR.ROVRQO\RQHRIZKL.KPD\EHHQDEOHGDWD WLPH 2.3.1.1 The Router Discovery Server 7KH5RXWHU'LV.RYHU\6HUYHUUXQVRQURXWHUVDQGDQQRXQ.HVWKHLUH[LVW HQ.HWRKRVWV7KH5RXWHU'LV.RYHU\6HUYHUDQQRXQ.HVKRVWV
H[LVWHQ.HE\ SHULRGL.DOO\PXOWL.DVWLQJRUEURDG.DVWLQJDURXWHUDGYHUWLVHPHQWWRHD.K LQWHUID.HRQZKL.KLWLVHQDEOHG7KHVHURXWHUDGYHUWLVHPHQWV.RQWDLQDOLVW RIDOOWKHURXWHUV
DGGUHVVHVRQDJLYHQLQWHUID.HDQGWKHSUHIHUHQ.HRIHD.K DGGUHVVIRUXVHDVWKHGHIDXOWURXWHURQWKDWLQWHUID.H ,QLWLDOO\WKHVHURXWHUDGYHUWLVHPHQWVR..XUHYHU\IHZVH.RQGVWKHQIDOO ED.NWRHYHU\IHZPLQXWHV,QDGGLWLRQDKRVWPD\VHQGDURXWHUVROL.LWD WLRQWRZKL.KWKHURXWHUZLOOUHVSRQGZLWKDXQL.DVWURXWHUDGYHUWLVHPHQW XQOHVVDPXOWL.DVWRUEURDG.DVWDGYHUWLVHPHQWLVGXHPRPHQWDULO\ (D.KURXWHUDGYHUWLVHPHQW.RQWDLQVDQDGYHUWLVHPHQWlifetime ILHOGLQGL .DWLQJIRUKRZORQJWKHDGYHUWLVHGDGGUHVVHVDUHYDOLG7KLVOLIHWLPHLV.RQ ILJXUHGVX.KWKDWDQRWKHUURXWHUDGYHUWLVHPHQWZLOOEHVHQWEHIRUHWKH OLIHWLPHKDVH[SLUHG$OLIHWLPHRI]HURLVXVHGWRLQGL.DWHWKDWRQHRUPRUH DGGUHVVHVDUHQRORQJHUYDOLG 2QV\VWHPVVXSSRUWLQJ,3PXOWL.DVWLQJWKHURXWHUDGYHUWLVHPHQWVDUHE\ GHIDXOWVHQWWRWKHDOOKRVWVPXOWL.DVWDGGUHVV+RZHYHUWKHXVH RI broadcast PD\EHVSH.LILHG:KHQURXWHUDGYHUWLVHPHQWVDUHEHLQJ VHQWWRWKHDOOKRVWVPXOWL.DVWDGGUHVVRUDQLQWHUID.HLV.RQILJXUHGIRUWKH OLPLWHGEURDG.DVWDGGUHVV255.255.255.255,DOO,3DGGUHVVHV.RQILJXUHG RQWKHSK\VL.DOLQWHUID.HDUHLQ.OXGHGLQWKHURXWHUDGYHUWLVHPHQW:KHQ WKHURXWHUDGYHUWLVHPHQWVDUHEHLQJVHQWWRDQHWRUVXEQHWEURDG.DVWRQO\ WKHDGGUHVVDVVR.LDWHGZLWKWKDWQHWRUVXEQHWLVLQ.OXGHG $KRVWOLVWHQVIRUURXWHUDGYHUWLVHPHQWVYLDWKHDOOKRVWVPXOWL.DVWDGGUHVV (224.0.0.2)LI,3PXOWL.DVWLQJLVDYDLODEOHDQGHQDEOHGRURQWKHLQWHU ID.H
VEURDG.DVWDGGUHVV:KHQVWDUWLQJXSRUZKHQUH.RQILJXUHGDKRVW

197

Router Discovery

PD\VHQGDIHZURXWHUVROL.LWDWLRQVWRWKHDOOURXWHUVPXOWL.DVWDGGUHVV 224.0.0.2,RUWKHLQWHUID.H
VEURDG.DVWDGGUHVV :KHQDURXWHUDGYHUWLVHPHQWZLWKQRQ]HUROLIHWLPHLVUH.HLYHGWKHKRVW LQVWDOOVDGHIDXOWURXWHWRHD.KRIWKHDGYHUWLVHGDGGUHVVHV,IWKHSUHIHU HQ.HLVineligibleRUWKHDGGUHVVLVQRWRQDQDWWD.KHGLQWHUID.HWKH URXWHLVPDUNHGXQXVDEOHEXWUHWDLQHG,IWKHSUHIHUHQ.HLVXVDEOHWKH PHWUL.LVVHWDVDIXQ.WLRQRIWKHSUHIHUHQ.HVX.KWKDWWKHURXWHZLWKWKH EHVWSUHIHUHQ.HLVXVHG,IPRUHWKDQRQHDGGUHVVZLWKWKHVDPHSUHIHU HQ.HLVUH.HLYHGWKHRQHZLWKWKHORZHVW,3DGGUHVVZLOOEHXVHG7KHVH GHIDXOWURXWHVDUHQRWH[SRUWDEOHWRRWKHUSURWR.ROV :KHQD5RXWHU$GYHUWLVHPHQWZLWKD]HUROLIHWLPHLVUH.HLYHGWKHKRVW GHOHWHVDOOURXWHVZLWKQH[WKRSDGGUHVVHVOHDUQHGIURPWKDWURXWHU,Q DGGLWLRQDQ\URXWHUVOHDUQHGIURP,&03UHGLUH.WVSRLQWLQJWRWKHVH DGGUHVVHVZLOOEHGHOHWHG7KHVDPHZLOOKDSSHQZKHQDURXWHUDGYHUWLVH PHQWLVQRWUH.HLYHGWRUHIUHVKWKHVHURXWHVEHIRUHWKHOLIHWLPHH[SLUHV 2.3.1.2 Router Discovery Server Syntax
routerdiscovery server ( on | off ) [ { traceoptions trace_options ; interface interface_list [ maxadvinterval time ] | [ minadvinterval time ] | [ lifetime time ] ; address interface_list [ advertise ] | [ ignore ] | [ broadcast ] | [ multicast ] | [ ineligible ] | [ preference preference ] ; } ] ; traceoptions trace_options traceoptions

VSH.LILHVWKHURXWHUGLV.RYHU\WUD.LQJRSWLRQV6HH 7UD.H6WDWHPHQWVDQG*OREDO2SWLRQVRQSDJH DQG5RXWHU'LV .RYHU\7UD.LQJ2SWLRQVRQSDJH 

interface VSH.LILHVWKHSDUDPHWHUVWKDWDSSO\WRSK\VL.DOLQWHUID.HV 1RWHDVOLJKWGLIIHUHQ.HLQ.RQYHQWLRQIURPWKHUHVWRI*DWH' interface VSH.LILHVDOLVWRISK\VL.DOLQWHUID.HVVX.KDV le0, ef0 DQG en1ZKLOHaddress VSH.LILHVDOLVWRI,3DGGUHVVHV6HH,QWHU ID.H6WDWHPHQWRQSDJH 

interface interface_list

maxadvinterval time

LVWKHPD[LPXPWLPHDOORZHGEHWZHHQVHQGLQJ EURDG.DVWRUPXOWL.DVWURXWHUDGYHUWLVHPHQWVIURPWKHLQWHUID.HmaxadvintervalPXVWEHQROHVVWKDQVH.RQGVDQGQRPRUHWKDQ PLQXWHVRUVH.RQGV7KHGHIDXOWLVPLQXWHV

maxadvinterval

198

Configuring GateD

RUVH.RQGV
minadvinterval time

iVWKHPLQLPXPWLPHDOORZHGEHWZHHQVHQGLQJ XQVROL.LWHGEURDG.DVWRUPXOWL.DVWURXWHUDGYHUWLVHPHQWVIURPWKH LQWHUID.HminadvintervalPXVWEHQROHVVWKDQVH.RQGVDQGQR JUHDWHUWKDQmaxadvinterval7KHGHIDXOWLV* maxadvinterval.

minadvinterval lifetime time lifetime LQGL.DWHVKRZORQJWKHDGGUHVVHVLQDURXWHUDGYHUWLVHPHQW DUHYDOLG lifetimePXVWEHQROHVVWKDQ maxadvinterval DQGQR

JUHDWHUWKDQWZRKRXUVWKLUW\PLQXWHVRUVH.RQGV7KH GHIDXOWLV maxadvinterval.

address interface_list

specifies the parameters that apply to the specified set of addresses on this physical interfaces. Note a slight difference in convention from the rest of GateD; interface specifies a list of physical interfaces (such as le0, ef0 and en1), while address specifies a list of IP addresses. 6HH,QWHUID.H6WDWHPHQWRQ SDJH 
address advertise | ignore advertise

VSH.LILHVWKHDGGUHVVHVVKRXOGEHLQ.OXGHGLQURXWHU DGYHUWLVHPHQWV advertise LVWKHGHIDXOWignore VSH.LILHVWKDWWKH JLYHQDGGUHVVHVVKRXOGQRWEHLQ.OXGHGLQURXWHUDGYHUWLVHPHQWV VSH.LILHVWKDWWKHJLYHQDGGUHVVHVVKRXOGEHLQ.OXGHGLQ DEURDG.DVWURXWHUDGYHUWLVHPHQWEH.DXVHWKLVV\VWHPGRHVQRWVXS SRUW,3PXOWL.DVWLQJRUVRPHKRVWVRQWKHDWWD.KHGQHWZRUNGRQRW VXSSRUW,3PXOWL.DVWLQJ,WLVSRVVLEOHWRPL[DGGUHVVHVRQDSK\VL.DO LQWHUID.HVX.KWKDWVRPHDUHLQ.OXGHGLQDEURDG.DVWURXWHUDGYHUWLVH PHQWDQGVRPHDUHLQ.OXGHGLQDPXOWL.DVWURXWHUDGYHUWLVHPHQW broadcast LVWKHGHIDXOWLIWKHURXWHUGRHVQRWVXSSRUW,3PXOWL.DVW LQJmulticast VSH.LILHVWKDWWKHJLYHQDGGUHVVHVVKRXOGRQO\EH LQ.OXGHGLQDPXOWL.DVWURXWHUDGYHUWLVHPHQW,IWKHV\VWHPGRHVQRW VXSSRUW,3PXOWL.DVWLQJWKHDGGUHVVHVZLOOQRWEHLQ.OXGHG,IWKH V\VWHPVXSSRUWV,3PXOWL.DVWLQJWKHGHIDXOWLVWRLQ.OXGHWKH DGGUHVVHVLQDPXOWL.DVWURXWHUDGYHUWLVHPHQWLIWKHJLYHQLQWHUID.H VXSSRUWV,3PXOWL.DVWLQJ,IWKHJLYHQLQWHUID.HGRHVQRWVXSSRUW,3 PXOWL.DVWLQJWKHDGGUHVVHVZLOOEHLQ.OXGHGLQDEURDG.DVWURXWHU DGYHUWLVHPHQW
preference preference preferenceVSH.LILHVWKHGHJUHHRISUHIHUHQ.HRIWKHDGGUHVVHVDVD

broadcast | multicast broadcast

GHIDXOWURXWHUDGGUHVVUHODWLYHWRRWKHUURXWHUDGGUHVVHVRQWKHVDPH

199

Router Discovery

VXEQHWpreference LVDELWVLJQHGWZR
V.RPSOHPHQWLQWHJHU ZLWKKLJKHUYDOXHVPHDQLQJPRUHSUHIHUDEOH1RWHWKDWKH[ PD\RQO\EHVSH.LILHGDVineligible.7KHGHIDXOWLV
ineligible

VSH.LILHVWKDWWKHJLYHQDGGUHVVHVZLOOEHDVVLJQHGD SUHIHUHQ.HRIKH[ZKL.KPHDQVWKDWWKHDGGUHVVLVQRWHOL JLEOHWREHWKHGHIDXOWURXWHIRUDQ\KRVWV ineligible LVXVHIXO ZKHQWKHDGGUHVVHVVKRXOGQRWEHXVHGDVDGHIDXOWURXWHEXWDUH JLYHQDVWKHQH[WKRSLQDQ,&03UHGLUH.Wineligible DOORZVWKH KRVWVWRYHULI\WKDWWKHJLYHQDGGUHVVHVDUHXSDQGDYDLODEOH
ineligible

2.3.1.3 The Router Discovery Client Syntax

routerdiscovery client ( on | off ) [ { traceoptions trace_options ; preference preference ; interface interface_list [ enable ] | [ disable ]| [ multicast ] [ quiet ] | [ solicit ] ; } ] ; traceoptions trace_options

VSH.LILHVWKHWUD.LQJRSWLRQVIRU263)6HH7UD.H 6WDWHPHQWVDQG*OREDO2SWLRQVRQSDJH DQGWKH5RXWHU'LV.RY HU\7UD.LQJ2SWLRQVRQSDJH 

traceoptions preference preference preferenceVSH.LILHVKRZ5RXWHU'LV.RYHU\GHIDXOWURXWHV.RP SDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQDURXWHKDVEHHQ OHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYHURXWHZLOOEHVHOH.WHG IURPWKHSURWR.ROZLWKWKHORZHVWSUHIHUHQ.H(D.KSURWR.ROKDVD GHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ7KHGHIDXOWIRU5RXWHU'LV.RYHU\ &OLHQWVLV interface interface_list interface VSH.LILHVWKHSDUDPHWHUVWKDWDSSO\WRSK\VL.DOLQWHUID.HV 1RWHDVOLJKWGLIIHUHQ.HLQ.RQYHQWLRQIURPWKHUHVWRI*DWH' interface VSH.LILHVMXVWSK\VL.DOLQWHUID.HVVX.KDVOHHIDQG HQ7KH5RXWHU'LV.RYHU\&OLHQWKDVQRSDUDPHWHUVWKDWDSSO\RQO\ WRLQWHUID.HDGGUHVVHV6HH,QWHUID.H6WDWHPHQWRQSDJH  enable | disable | multicast enable

VSH.LILHVWKDW5RXWHU'LV.RYHU\VKRXOGEHSHUIRUPHGRQWKH VSH.LILHGLQWHUID.HVenable LVWKHGHIDXOWdisable VSH.LILHVWKDW 5RXWHU'LV.RYHU\VKRXOGQRWEHSHUIRUPHGRQWKHVSH.LILHGLQWHU ID.HVmulticast VSH.LILHVWKDWURXWHUVROL.LWDWLRQVVKRXOGEHPXOWL .DVWRQWKHVSH.LILHGLQWHUID.HV,I,3PXOWL.DVWLVQRWDYDLODEOHRQ WKLVKRVWDQGLQWHUID.HQRVROL.LWDWLRQZLOOEHSHUIRUPHG7KHGHIDXOW

200

Configuring GateD

LVWRPXOWL.DVWURXWHUVROL.LWDWLRQVLIWKHKRVWDQGLQWHUID.HVXSSRUWLW RWKHUZLVHURXWHUVROL.LWDWLRQVDUHEURDG.DVW
quiet_solicit quiet

VSH.LILHVWKDWQRURXWHUVROL.LWDWLRQVZLOOEHVHQWRQWKLVLQWHU ID.HHYHQWKRXJK5RXWHU'LV.RYHU\ZLOOEHSHUIRUPHGsolicit VSH.LILHVWKDWLQLWLDOURXWHUVROL.LWDWLRQVZLOOEHVHQWRQWKLVLQWHUID.H solicit LVWKHGHIDXOW

2.3.1.4 Router Discovery Tracing Options

The Router Discovery Client and Server support the state trace flag, which traces various protocol occurrences.
state

7UD.HVWDWHWUDQVLWLRQV 7KH5RXWHU'LV.RYHU\&OLHQWDQG6HUYHUGRQRWGLUH.WO\VXSSRUWDQ\ SD.NHWWUD.LQJRSWLRQV7UD.LQJRIURXWHUGLV.RYHU\SD.NHWVLVHQDEOHGYLD WKH,&036WDWHPHQW6HH6H.WLRQIRUPRUHLQIRUPDWLRQRQ,&03

201

Router Discovery

202

Configuring GateD

Chapter 2 Section 4
Other Support
2.4.0 Other Support Overview 2.4.1 ICMP ,QDGGLWLRQWRURXWLQJSURWR.ROV*DWH'SURYLGHVWKHIROORZLQJVXSSRUWIRU 8QL.DVW,&035HGLUH.W.HUQHO,QWHUID.HDQG6WDWL.5RXWHV 2QV\VWHPVZLWKRXWWKH%6'URXWLQJVR.NHW*DWH'OLVWHQVWR,&03PHV VDJHVUH.HLYHGE\WKHV\VWHP3UR.HVVLQJRI,&03UHGLUH.WPHVVDJHVLV KDQGOHGE\WKH redirect VWDWHPHQW.
redirectSUR.HVVHV,&03RU,62UHGLUH.WVOHDUQHGE\PRQLWRULQJ,&03 PHVVDJHVRUE\WKHURXWLQJVR.NHWRQV\VWHPVWKDWVXSSRUWVR.NHWV redirectSUR.HVVHVWKHUHGLUH.WUHTXHVWDQGGH.LGHVZKHWKHUWRD..HSWWKH

2.4.2 Redirect

UHGLUH.W,IWKHUHGLUH.WLVD..HSWHGDURXWHLVLQVWDOOHGLQWKH*DWH'URXWLQJ WDEOHZLWKWKHSURWR.ROredirect. 5HGLUH.WVDUHGHOHWHGIURPWKHURXWLQJ WDEOHDIWHU PLQXWHV 2.4.3 Kernel Interface $OWKRXJKWKHNHUQHOLQWHUID.HLVQRWWH.KQL.DOO\DURXWLQJSURWR.ROLWKDV PDQ\.KDUD.WHULVWL.VRIRQHDQG*DWH'KDQGOHVLWVLPLODUO\7KHURXWHV *DWH'.KRRVHVWRLQVWDOOLQWKHNHUQHOIRUZDUGLQJWDEOHDUHWKRVHWKDWZLOO D.WXDOO\EHXVHGE\WKHNHUQHOWRIRUZDUGSD.NHWV 7KH add, delete DQG change RSHUDWLRQVWKDW*DWH'PXVWXVHWRXSGDWH WKHW\SL.DONHUQHOIRUZDUGLQJWDEOHWDNHDQRQWULYLDODPRXQWRIWLPH7KH WLPHXVHGGRHVQRWSUHVHQWDSUREOHPIRUROGHUURXWLQJSURWR.ROV5,3 (*3ZKL.KDUHQRWSDUWL.XODUO\WLPH.ULWL.DODQGGRQRWHDVLO\KDQGOHYHU\ ODUJHQXPEHUVRIURXWHVDQ\ZD\7KHQHZHUURXWLQJSURWR.ROV263) %*3KDYHVWUL.WHUWLPLQJUHTXLUHPHQWVDQGDUHRIWHQXVHGWRSUR.HVV PDQ\PRUHURXWHV7KHVSHHGRIWKHNHUQHOLQWHUID.HEH.RPHV.ULWL.DOZKHQ WKHVHSURWR.ROVDUHXVHG 2.4.4 Static Routes 6WDWL.VWDWHPHQWVGHILQHWKHVWDWL.URXWHVXVHGE\*DWH'$VLQJOHstatic VWDWHPHQW.DQVSH.LI\DQ\QXPEHURIURXWHV7KHstaticVWDWHPHQWVR..XU DIWHUSURWR.ROVWDWHPHQWVDQGEHIRUH.RQWUROVWDWHPHQWVLQWKH gated.confILOH$Q\QXPEHURIstaticVWDWHPHQWVPD\EHVSH.LILHG HD.K.RQWDLQLQJDQ\QXPEHURIVWDWL.URXWHGHILQLWLRQV7KHVHURXWHV.DQEH RYHUULGGHQE\URXWHVZLWKEHWWHUSUHIHUHQ.HYDOXHV

203

Other Support

204

Configuring GateD

Chapter 2 Section 4.1

The ICMP Statement
2.4.1.0 ICMP Overview 2QV\VWHPVZLWKRXWWKH%6'URXWLQJVR.NHW*DWH'OLVWHQVWR,&03PHV VDJHVUH.HLYHGE\WKHV\VWHP*DWH'.XUUHQWO\VXSSRUWV router discoveryDVZHOODV redirect. 3UR.HVVLQJRI,&03UHGLUH.WPHVVDJHVLV KDQGOHGE\WKHredirect VWDWHPHQW6HH6H.WLRQIRUPRUHLQIRUPD WLRQDERXWredirect &XUUHQWO\WKHRQO\UHDVRQWRVSH.LI\WKH icmpVWDWHPHQWLVWREHDEOHWR WUD.HWKH,&03PHVVDJHVWKDW*DWH'UH.HLYHV 2.4.1.1 ICMP Syntax
icmp { traceoptions trace_options ; } traceoptions trace_options ;

6SH.LILHVWKHWUD.LQJRSWLRQVIRU,&036HH6H.WLRQ7UD.H6WDWH PHQWVDQGWKH,&03VSH.LIL.WUD.LQJRSWLRQVEHORZ 2.4.1.2 ICMP Tracing Options 3D.NHWWUD.LQJRSWLRQVZKL.KPD\EHPRGLILHGZLWK detail DQG recv
packets

7UD.HDOO,&03SD.NHWVUH.HLYHG
redirect

7UD.HRQO\,&03UHGLUH.WSD.NHWVUH.HLYHG
routerdiscovery

7UD.HRQO\,&03URXWHUGLV.RYHU\SD.NHWVUH.HLYHG
info

7UD.HRQO\,&03LQIRUPDWLRQDOSD.NHWVZKL.KLQ.OXGHPDVNUHTXHVW UHVSRQVHLQIRUHTXHVWUHVSRQVHH.KRUHTXHVWUHVSRQVHDQGWLPH VWDPSUHTXHVWUHVSRQVH

error

7UD.HRQO\,&03HUURUSD.NHWVZKL.KLQ.OXGHWLPHH[.HHGHGSDUDPH WHUSUREOHPXQUHD.KDEOHDQGVRXU.HTXHQ.K

205

ICMP

206

Configuring GateD

Chapter 2 Section 4.2

Redirect Processing
2.4.2.0 Redirect Overview 7KH redirect .RGHUH.HLYHV,&03RU,62UHGLUH.WVOHDUQHGE\PRQLWRU LQJ,&03PHVVDJHVRURQV\VWHPVWKDWVXSSRUWWKHURXWLQJVR.NHWOHDUQHG YLDWKHVR.NHW*DWH'SUR.HVVHVWKHUHGLUH.WUHTXHVWDQGGH.LGHVZKHWKHU WRD..HSWWKHUHGLUH.W,IWKHUHGLUH.WLVD..HSWHGDURXWHLVLQVWDOOHGLQWKH *DWH'URXWLQJWDEOHZLWKWKHSURWR.RO redirect.5HGLUH.WVDUHGHOHWHG IURPWKHURXWLQJWDEOHDIWHUPLQXWHV ,I*DWH'GHWHUPLQHVWKDWDUHGLUH.WLVQRWD..HSWDEOHLWWULHVWRILJXUHRXWLI WKHNHUQHOIRUZDUGLQJWDEOHKDVEHHQPRGLILHG2QV\VWHPVZKHUH,&03 PHVVDJHVDUHPRQLWRUHG*DWH'WULHVWRVH.RQGJXHVVZKDWWKHNHUQHO ZRXOGKDYHGRQHZLWKWKHUHGLUH.W2QV\VWHPVWKDWVXSSRUWDURXWLQJ VR.NHWWKHNHUQHOSURYLGHVDQLQGL.DWLRQRIZKHWKHUWKHUHGLUH.WZDV D..HSWHG*DWH'LJQRUHVUHGLUH.WVWKDWZHUHQRWSUR.HVVHG ,I*DWH'KDVGHWHUPLQHGWKDWWKHVWDWHRIWKHNHUQHOIRUZDUGLQJWDEOHKDV EHHQ.KDQJHGWKHQH.HVVDU\UHTXHVWVWRWKHNHUQHODUHPDGHWRUHVWRUHWKH .RUUH.WVWDWH 1RWHWKDWRQ.XUUHQWO\DYDLODEOHV\VWHPVLWLVQRWSRVVLEOHWRGLVDEOHWKH SUR.HVVLQJRI,&03UHGLUH.WVHYHQZKHQWKHV\VWHPLVIXQ.WLRQLQJDVD URXWHU7RLJQRUHWKHHIIH.WVRIUHGLUH.WV*DWH'PXVWSUR.HVVHD.KRQH DQGD.WLYHO\UHVWRUHDQ\.KDQJHVLWPDGHWRWKHNHUQHO
VVWDWH%H.DXVHRI WKHPH.KDQLVPVLQYROYHGWKHUHZLOOEHWLPHVZKHUHWKHHIIH.WVRIUHGLUH.WV DUHSUHVHQWLQWKHNHUQHO %\GHIDXOW*DWH'UHPRYHVUHGLUH.WVZKHQD.WLYHO\SDUWL.LSDWLQJLQDQLQWH ULRUJDWHZD\SURWR.RO5,3263)RU,6,6,WLVQRWSRVVLEOHWRHQDEOH UHGLUH.WVRQ.HWKH\KDYHEHHQDXWRPDWL.DOO\GLVDEOHG/LVWHQLQJWR5,3LQ nobroadcast PRGHGRHVQRW.DXVHUHGLUH.WVWREHLJQRUHGQRUGRHVWKH XVHRI(*3DQG%*35HGLUH.WVPXVWEHPDQXDOO\.RQILJXUHGRIILQWKHVH .DVHV 1RWHWKDWLQD..RUGDQ.HZLWKWKHODWHVW,(7)5RXWHU5HTXLUHPHQWVGR.X PHQW*DWH'LQVXUHVWKDWDOO,&03QHWUHGLUH.WVDUHSUR.HVVHGDVKRVWUHGL UH.WV:KHQDQ,&03QHWUHGLUH.WLVD..HSWHG*DWH'LVVXHVWKHUHTXHVWVWR WKHNHUQHOWRPDNHVXUHWKDWWKHNHUQHOIRUZDUGLQJWDEOHLVXSGDWHGWR UHIOH.WDKRVWUHGLUH.WLQVWHDGRIDQHWUHGLUH.W

207

Redirect Processing

7KHredirectVWDWHPHQWGRHVQRWSUHYHQWWKHV\VWHPIURPVHQGLQJUHGL UH.WVRQO\IURPOLVWHQLQJWRWKHP 2.4.2.1 Redirect Syntax

redirect on | off [ { preference preference ; interface interface_list [ noredirects ] | [redirects ] ; trustedgateways gateway_list ; traceoptions trace_options ; } ] ; preference preferenceVHWVWKHSUHIHUHQ.HIRUDURXWHOHDUQHGIURPDUHGLUH.W

7KHGHIDXOWLV

interface interface_list interface DOORZVWKHHQDEOLQJDQGGLVDEOLQJRIUHGLUH.WVRQDQLQWHU ID.HE\LQWHUID.HEDVLV6HH6H.WLRQIRUWKHGHV.ULSWLRQRIWKH interface_list7KHSRVVLEOHSDUDPHWHUVDUH noredirects noredirects VSH.LILHVWKDWUHGLUH.WVUH.HLYHGYLDWKHVSH.LILHGLQWHU ID.HZLOOEHLJQRUHG7KHGHIDXOWLVWRD..HSWUHGLUH.WVRQDOOLQWHU ID.HV redirects redirects LVWKHGHIDXOW7KLVDUJXPHQWPD\EHQH.HVVDU\ZKHQ noredirects LVXVHGRQDZLOG.DUGLQWHUID.HGHV.ULSWRU trustedgateways gateway_list trustedgateways GHILQHVWKHOLVWRIJDWHZD\VIURPZKL.KUHGLUH.WV ZLOOEHD..HSWHG7KH gateway_listLVVLPSO\DOLVWRIKRVWQDPHVRU DGGUHVVHV%\GHIDXOWDOOURXWHUVRQWKHVKDUHGQHWZRUNVDUHWUXVWHG WRVXSSO\UHGLUH.WV%XWLIWKHtrustedgateways.ODXVHLVVSH.LILHG RQO\UHGLUH.WVIURPWKHJDWHZD\VLQWKHOLVWDUHD..HSWHG traceoptions trace_options

7KHUHDUHQR redirectVSH.LIL.WUD.LQJRSWLRQV$OOQRQHUURUPHV VDJHVDUHWUD.HGZKHQnormalLVVSH.LILHGIRUtrace_options 2.4.2.2 Tracing Options 7KHUHDUHQR redirectVSH.LIL.WUD.LQJRSWLRQV$OOQRQHUURUPHV VDJHVDUHWUD.HGZKHQnormalLVVSH.LILHGIRUtrace_options

208

Configuring GateD

Chapter 2 Section 4.3

The Kernel Interface Statement
2.4.3.0 Kernel Interface Overview $OWKRXJKWKHNHUQHOLQWHUID.HLVQRWWH.KQL.DOO\DURXWLQJSURWR.ROLWKDV PDQ\.KDUD.WHULVWL.VRIRQHDQG*DWH'KDQGOHVLWVLPLODUO\7KHURXWHV *DWH'.KRRVHVWRLQVWDOOLQWKHNHUQHOIRUZDUGLQJWDEOHDUHWKRVHWKDWZLOO D.WXDOO\EHXVHGE\WKHNHUQHOWRIRUZDUGSD.NHWV 7KHDGGGHOHWHDQG.KDQJHRSHUDWLRQVWKDW*DWH'PXVWXVHWRXSGDWHWKH W\SL.DONHUQHOIRUZDUGLQJWDEOHWDNHDQRQWULYLDODPRXQWRIWLPH7KHWLPH XVHGGRHVQRWSUHVHQWDSUREOHPIRUROGHUURXWLQJSURWR.ROV5,3(*3 ZKL.KDUHQRWSDUWL.XODUO\WLPH.ULWL.DODQGGRQRWHDVLO\KDQGOHODUJHQXP EHUVRIURXWHVDQ\ZD\7KHQHZHUURXWLQJSURWR.ROV263)%*3KDYH VWUL.WHUWLPLQJUHTXLUHPHQWVDQGDUHRIWHQXVHGWRSUR.HVVPDQ\PRUH URXWHV7KHVSHHGRIWKHNHUQHOLQWHUID.HEH.RPHV.ULWL.DOZKHQWKHVHSUR WR.ROVDUHXVHG 7RSUHYHQW*DWH'IURPOR.NLQJXSIRUVLJQLIL.DQWSHULRGVRIWLPHZKLOH LQVWDOOLQJODUJHQXPEHUVRIURXWHVXSWRDPLQXWHRUPRUHKDVEHHQ REVHUYHGRQUHDOQHWZRUNVWKHSUR.HVVLQJRIWKHVHURXWHVLVQRZGRQHLQ EDW.KHV7KHVL]HRIWKHVHEDW.KHVPD\EH.RQWUROOHGE\WKHWXQLQJSDUDP HWHUVGHV.ULEHGEHORZEXWQRUPDOO\WKHGHIDXOWSDUDPHWHUVZLOOSURYLGHWKH SURSHUIXQ.WLRQDOLW\ 'XULQJQRUPDOVKXWGRZQSUR.HVVLQJ*DWH'GHOHWHVDOOWKHURXWHVLWKDV LQVWDOOHGLQWKHNHUQHOIRUZDUGLQJWDEOHH[.HSWIRUWKRVHPDUNHGZLWK retain. 2SWLRQDOO\*DWH'.DQOHDYHDOOURXWHVLQWKHNHUQHOIRUZDUGLQJ WDEOHE\QRWGHOHWLQJDQ\URXWHVXVLQJnoflushatexit7KLVRSWLRQLVXVH IXORQV\VWHPVZLWKODUJHQXPEHUVRIURXWHVEH.DXVHLWHOLPLQDWHVWKHQHHG WRUHLQVWDOOWKHURXWHVZKHQ*DWH'UHVWDUWVZKL.K.DQJUHDWO\UHGX.HWKH WLPHLWWDNHVWRUH.RYHUIURPDUHVWDUW

209

The Kernel Interface Statement

2.4.3.1 Kernel Interface Syntax

kernel { options [ nochange ] [ noflushatexit ] [ protosync ] ; remnantholdtime ; routes number ; flash [ limit number ] [ type interface | interior | all ] ; background [ limit number ] [ priority flash | higher | lower ] ; traceoptions trace_options ; } ; options options

VSH.LILHVWKHNHUQHORSWLRQV7KHYDOLGRSWLRQVLQ.OXGH

nochange

2QV\VWHPVVXSSRUWLQJWKHURXWLQJVR.NHW nochangeLQVXUHVWKDW .KDQJHRSHUDWLRQVZLOOQRWEHSHUIRUPHGRQO\GHOHWHVDQGDGGVZLOO nochange LVXVHIXORQHDUO\YHUVLRQVRIWKHURXWLQJVR.NHW.RGH ZKHUHWKH.KDQJHRSHUDWLRQZDVEURNHQ

noflushatexit

'XULQJQRUPDOVKXWGRZQSUR.HVVLQJ*DWH'GHOHWHVDOOURXWHVIURP WKHNHUQHOIRUZDUGLQJWDEOHWKDWGRQRWKDYHDretain LQGL.DWLRQ noflushatexit SUHYHQWVURXWHGHOHWLRQVDWVKXWGRZQ,QVWHDG URXWHVDUH.KDQJHGDQGDGGHGWRPDNHVXUHWKDWDOOWKHURXWHVPDUNHG ZLWKretain JHWLQVWDOOHGnoflushatexit LVKDQG\RQV\VWHPVZLWK WKRXVDQGVRIURXWHV8SRQVWDUWXS*DWH'ZLOOQRWL.HZKL.KURXWHV DUHLQWKHNHUQHOIRUZDUGLQJWDEOHDQGQRWDGGWKHPED.N
protosync protosync NHHSVWKHNHUQHOSURWR.ROILHOG.XUUHQWZLWK*DWH'
VSUR

WR.RO

routes number

2QVRPHV\VWHPVNHUQHOPHPRU\LVDWDSUHPLXP:LWKroutes, D OLPLW.DQEHSOD.HGRQWKHPD[LPXPQXPEHURIURXWHV*DWH'ZLOO LQVWDOOLQWKHNHUQHO1RUPDOO\*DWH'DGGV.KDQJHVRUGHOHWHVURXWHV LQLQWHUID.HLQWHUQDOH[WHUQDORUGHULHLWTXHXHVLQWHUID.HURXWHV ILUVWIROORZHGE\LQWHUQDOURXWHVIROORZHGE\H[WHUQDOURXWHVDQG WKHQSUR.HVVHVWKHTXHXHIURPWKHEHJLQQLQJ,Iroutes LVVSH.LILHG DQGWKH number LVKLW*DWH'GRHVWZRV.DQVRIWKHOLVWLQVWHDG2Q

210

Configuring GateD

WKHILUVWV.DQLWGRHVGHOHWHVDQGDOVRGHOHWHVDOO.KDQJHGURXWHVWXUQ LQJWKHTXHXHG.KDQJHVLQWRDGGV,WWKHQUHV.DQVWKHOLVWGRLQJDGGV LQLQWHUID.HLQWHUQDOH[WHUQDORUGHUXQWLOLWKLWVWKHOLPLWDJDLQ7KLV W\SHRIV.DQQLQJZLOOWHQGWRIDYRULQWHUQDOURXWHVRYHUH[WHUQDO URXWHV7KHGHIDXOWLVQRWWROLPLWWKHQXPEHURIURXWHVLQWKHNHUQHO IRUZDUGLQJWDEOH

flash

:KHQURXWHV.KDQJHWKHSUR.HVVRIQRWLI\LQJWKHSURWR.ROVLV.DOOHGD IODVKXSGDWH7KHNHUQHOIRUZDUGLQJWDEOHLQWHUID.HLVWKHILUVWWREH QRWLILHG1RUPDOO\DPD[LPXPRILQWHUID.HURXWHVPD\EHSUR .HVVHGGXULQJRQHIODVKXSGDWH flash DOORZVWXQLQJRIWKHVHSDUDPH WHUV

limit number limit VSH.LILHVWKHPD[LPXPQXPEHURIURXWHVWKDWPD\EH SUR.HVVHGGXULQJRQHIODVKXSGDWH7KHGHIDXOWLV$YDOXHRI ZLOO.DXVHDOOSHQGLQJURXWH.KDQJHVRIWKHVSH.LILHGW\SHWR EHSUR.HVVHGGXULQJWKHIODVKXSGDWH type interface | interior | all type

VSH.LILHVWKHW\SHRIURXWHVWKDWZLOOEHSUR.HVVHGGXULQJD IODVKXSGDWHinterior VSH.LILHVWKDWLQWHULRUURXWHVZLOOEH LQVWDOOHGall VSH.LILHVWKHLQ.OXVLRQRIH[WHULRUURXWHVDVZHOO 7KHGHIDXOWLVinterfaceZKL.KVSH.LILHVWKDWRQO\LQWHUID.H URXWHVZLOOEHLQVWDOOHGGXULQJDIODVKXSGDWH 6SH.LI\LQJflash limit -1 all.DXVHVDOOURXWHVWREH LQVWDOOHGGXULQJWKHIODVKXSGDWHWKLVPLPL.VWKHEHKDYLRURI YHUVLRQRI*DWH'

background

%H.DXVHRQO\LQWHUID.HURXWHVDUHQRUPDOO\LQVWDOOHGGXULQJDIODVK XSGDWHWKHUHPDLQLQJURXWHVDUHSUR.HVVHGLQEDW.KHVLQWKHED.N JURXQGWKDWLVZKHQQRURXWLQJSURWR.ROWUDIIL.LVEHLQJUH.HLYHG 1RUPDOO\URXWHVDUHLQVWDOOHGDWDWLPHWRDOORZRWKHUWDVNVWREH SHUIRUPHG%D.NJURXQGSUR.HVVLQJLVGRQHDWORZHUSULRULW\WKDQ IODVKXSGDWHV7KHIROORZLQJSDUDPHWHUV.RQWUROKRZURXWHVDUH LQVWDOOHG

limit number

VSH.LILHVWKHQXPEHURIURXWHVWKDWPD\EHSUR.HVVHGGXULQJ RQHEDW.K7KHGHIDXOWLV
limit priority flash | higher| lower priority

VSH.LILHVWKHSULRULW\RIWKHSUR.HVVLQJRIEDW.KHVRINHU QHOXSGDWHVLQUHODWLRQVKLSWRWKHIODVKXSGDWHSUR.HVVLQJ7KHGHIDXOW

211

The Kernel Interface Statement

LVlower, ZKL.KPHDQVWKDWIODVKXSGDWHVDUHSUR.HVVHGILUVW7RSUR .HVVNHUQHOXSGDWHVDWWKHVDPHSULRULW\DVIODVKXSGDWHVVSH.LI\ flash. 7RSUR.HVVNHUQDOXSGDWHVDWDKLJKHUSULRULW\XVHhigher. 2.4.3.2 Kernel Interface Tracing Options $OWKRXJKWKHNHUQHOLQWHUID.HLVQ
WWH.KQL.DOO\DURXWLQJSURWR.ROLQPDQ\ .DVHVLWLVKDQGOHGDVRQH7KHIROORZLQJWZRRSWLRQVDUHHQWHUHGIURPWKH .RPPDQGOLQHEH.DXVHWKH.RGHWKDWXVHVWKHPLVH[H.XWHGEHIRUHWKH WUD.HILOHLVSDUVHG
symbols

7UD.HsymbolsZKL.KDUHUHDGIURPWKHNHUQHOE\QOLVWRUVLPLODU LQWHUID.H

iflist

7UD.HiflistWKHLQWHUID.HOLVWV.DQiflistLVXVHIXOZKHQHQWHUHG IURPWKH.RPPDQGOLQHEH.DXVHWKHILUVWLQWHUID.HOLVWV.DQLVSHU IRUPHGEHIRUHWKH.RQILJXUDWLRQILOHLVSDUVHG 7KHIROORZLQJWUD.LQJRSWLRQVPD\RQO\EHVSH.LILHGLQWKH.RQILJXUDWLRQ ILOH7KH\DUHQRWYDOLGIURPWKH.RPPDQGOLQH

remnants

7UD.H UHPQDQWVZKL.KVSH.LI\URXWHVUHDGIURPWKHNHUQHOZKHQ *DWH'VWDUWV

request

7UD.HUHTXHVWZKLch VSH.LILHVWRDGGGHOHWHRU.KDQJHURXWHVLQWKH NHUQHOIRUZDUGLQJWDEOH 7KHIROORZLQJJHQHUDORSWLRQDQGSD.NHWWUD.LQJRSWLRQVRQO\DSSO\RQ V\VWHPVWKDWXVHWKHURXWLQJVR.NHWWRH[.KDQJHURXWLQJLQIRUPDWLRQZLWK WKHNHUQHO7KH\GRQRWDSSO\RQV\VWHPVWKDWXVHWKHROGBSD4.3 ioctl()LQWHUID.HWRWKHNHUQHO

info

7UD.HLQIRPHVVDJHVZKL.KDUHPHVVDJHVUH.HLYHGIURPWKHURXWLQJ VR.NHWVX.KDV7&3ORVVDJHURXWLQJORRNXSIDLOXUHDQGURXWHUHVROX WLRQUHTXHVWV*DWH'GRHVQRW.XUUHQWO\SUR.HVVWKHVHPHVVDJHVMXVW ORJVWKHLQIRUPDWLRQLIUHTXHVWHG Packet tracing options (which may be modified with detail, send and recv):
routes

7UD.Hroutes that are exchanged with the kernel, including add, delete or change messages and add, delete or change messages received from other processes.
redirect

7UD.Hredirect messages, which are received from the kernel.

212

Configuring GateD

interface

7UD.HLQWHUID.H VWDWXVPHVVDJHV that areUH.HLYHGIURPWKHNHUQHO 7KHVHDUHRQO\VXSSRUWHGRQV\VWHPVZLWKQHWZRUNLQJ.RGHGHULYHG IURP%6'

other

7UD.HRWKHU PHVVDJHVWKDWDUHUH.HLYHGIURPWKHNHUQHOLQ.OXGLQJ WKRVHPHQWLRQHGLQWKHLQIRW\SHDERYH 2.4.3.3 Forwarding Tables and Routing Tables 7KHUHVWRIWKLVVH.WLRQDVVXPHVWKDWWKHUHDGHUXQGHUVWDQGVKRZ*DWH' LQWHUD.WVZLWKD81,;V\VWHP&KDSWHU2YHUYLHZRIWKH,QWHUQDO3UR .HVVLQ4XL.N6WDUWLQJ*DWH'KDVDYHU\EULHIRYHUYLHZRIWKLVSUR.HVV 7KHWDEOHLQWKHNHUQHOWKDW.RQWUROVWKHIRUZDUGLQJRISD.NHWVLVDIRU ZDUGLQJWDEOHDOVRNQRZQDVDIRUZDUGLQJLQIRUPDWLRQEDVHRU),%7KH WDEOHWKDW*DWH'XVHVLQWHUQDOO\WRVWRUHURXWLQJLQIRUPDWLRQLWOHDUQV IURPURXWLQJSURWR.ROVLVDURXWLQJWDEOHDOVRNQRZQDVDURXWLQJLQIRU PDWLRQEDVHRU5,%7KHURXWLQJWDEOHLVXVHGWR.ROOH.WDQGVWRUHURXWHV IURPYDULRXVSURWR.ROV)RUHD.KXQLTXH.RPELQDWLRQRIQHWZRUNDQG PDVNDQD.WLYHURXWHLV.KRVHQ7KLVURXWHZLOOEHWKHRQHZLWKWKHEHVW QXPHUL.DOO\VPDOOHVWSUHIHUHQ.H$OOWKHD.WLYHURXWHVDUHLQVWDOOHGLQWKH NHUQHOIRUZDUGLQJWDEOH7KHHQWULHVLQWKLVWDEOHDUHZKDWWKHNHUQHOD.WX DOO\XVHVWRIRUZDUGSD.NHWV 2.4.3.3.1 Updating the Forwarding Table 7ZRPDLQPHWKRGVRIXSGDWLQJWKHNHUQHO),%DUHWKHioctl() LQWHUID.H DQGWKHURXWLQJVR.NHWLQWHUID.H 2.4.3.3.1.1 The ioctl() Interface 7KH ioctl iQWHUID.HWRWKHIRUZDUGLQJWDEOHZDVLQWURGX.HGLQBSD 4.3 DQGZLGHO\GLVWULEXWHGLQ BSD 4.3.,WKDVVHYHUDOOLPLWDWLRQVLQ.OXGLQJ IL[HGVXEQHWPDVNV DRQHZD\LQWHUID.H EOLQGXSGDWHV WKHLQDELOLW\WRVXSSRUW.KDQJHV

)L[HG6XEQHW0DVNV 7KH ioctlLQWHUID.HDOORZVRQO\IL[HGVXEQHWPDVNV7KH BSD 4.3 QHW ZRUNLQJ.RGHDVVXPHGWKDWDOOVXEQHWVRIDJLYHQQHWZRUNKDGWKHVDPH VXEQHWPDVN7KLVOLPLWDWLRQLVHQIRU.HGE\WKHNHUQHO7KHQHWZRUNPDVN LVQRWVWRUHGLQWKHNHUQHOIRUZDUGLQJWDEOHEXWGHWHUPLQHGZKHQD SD.NHWLVIRUZDUGHGE\VHDU.KLQJIRULQWHUID.HVRQWKHVDPHQHWZRUN One-way Interface Because of the one-way interface, GateD is able to update the kernel forwarding table, but it is not aware of other modifications of the for-

213

The Kernel Interface Statement

warding table. GateD is able to listen to ICMP messages and guess how the kernel has updated the forwarding table with response to ICMP redirects. Blind Updates %H.DXVHRIEOLQGXSGDWHV*DWH'LVQRWDEOHWRGHWH.W.KDQJHVWRWKHIRU ZDUGLQJWDEOHUHVXOWLQJIURPWKHXVHRIWKHWKHURXWH.RPPDQGE\WKH V\VWHPDGPLQLVWUDWRU8VHRIWKHURXWH.RPPDQGRQV\VWHPVWKDWXVHWKH ioctl()LQWHUID.HLVVWURQJO\GLV.RXUDJHGZKLOH*DWH'LVUXQQLQJ No Change %H.DXVHQR.KDQJHRSHUDWLRQLVVXSSRUWHGDURXWHPXVWEHGHOHWHGDQGD QHZRQHDGGHGWR.KDQJHDURXWHWKDWH[LVWVLQWKHNHUQHO 2.4.3.3.1.2 The Routing Socket Interface 7KHURXWLQJVR.NHWLQWHUID.HWRWKHNHUQHOIRUZDUGLQJWDEOHZDVLQWUR GX.HGLQ BSD 4.3 RenoZLGHO\GLVWULEXWHGLQBSD 4.3 Net/2DQG LPSURYHGLQBSD 4.4. 7KLVLQWHUID.HLVVLPSO\DVR.NHWVLPLODUWRD8'3 VR.NHWRQZKL.KWKHNHUQHODQG*DWH'H[.KDQJHPHVVDJHV,WKDVVHYHUDO DGYDQWDJHVRYHUWKH ioctl() LQWHUID.HLQ.OXGLQJ YDULDEOHVXEQHWPDVNV DWZRZD\LQWHUID.H YLVLEOHXSGDWHV WKHDELOLW\WRVXSSRUW.KDQJHV WKHDELOLW\WREHH[SDQGHG

Variable Subnet Masks 9DULDEOHVXEQHWPDVNVDUHGLIIHUHQWPDVNVWKDW.DQEHXVHGRQWKHVXE QHWVRIWKHVDPHQHWZRUN%H.DXVHWKHQHWZRUNPDVNLVSDVVHGWRWKHNHU QHOH[SOL.LWO\WKHVHYDULDEOHVXEQHWPDVNV.DQEHXVHG$OVRURXWHVZLWK PDVNVWKDWDUHPRUHJHQHUDOWKDQWKHQDWXUDOPDVN.DQEHXVHG8VLQJ PRUHJHQHUDOPDVNVLVNQRZQDV.ODVVOHVVURXWLQJ Two-way Interface $WZRZD\LQWHUID.HDOORZV*DWH'WR.KDQJHWKHNHUQHOIRUZDUGLQJWDEOH ZLWKWKLVLQWHUID.HDQGDOORZVWKHNHUQHOWRUHSRUW.KDQJHVWRWKHIRUZDUG LQJWDEOHWR*DWH'$UHGLUH.WPHVVDJHWKDWKDVPRGLILHGWKHNHUQHOIRU ZDUGLQJWDEOH.DQQRZEHUHSRUWHGZKL.KPHDQVWKDW*DWH'QRORQJHU QHHGVWRPRQLWRU,&03PHVVDJHVWROHDUQDERXWUHGLUH.WPHVVDJHV$OVR WKHNHUQHOQRZLQGL.DWHVZKHWKHULWSUR.HVVHGWKHUHGLUH.WPHVVDJHZKL.K DOORZV*DWH'WRVDIHO\LJQRUHUHGLUH.WPHVVDJHVWKDWWKHNHUQHOGLGQRW SUR.HVV Visable Updates 9LVDEOHXSGDWHVDOORZ.KDQJHVWRWKHURXWLQJWDEOHE\RWKHUSUR.HVVHV LQ.OXGLQJWKHURXWH.RPPDQGWREHUH.HLYHGYLDWKHURXWLQJVR.NHW

214

Configuring GateD

%H.DXVHWKHVH.KDQJHVDUHUH.HLYHG*DWH'.DQLQVXUHWKDWWKHNHUQHOIRU ZDUGLQJWDEOHLVLQV\Q.ZLWKWKHURXWLQJWDEOH$OVRWKHV\VWHPDGPLQLV WUDWRU.DQXVHWKHroute.RPPDQGZKLOH*DWH'LVUXQQLQJ Changes 7KHDELOLW\WRVXSSRUW.KDQJHVDOORZVURXWHVLQWKHNHUQHOWREHDWRPL.DOO\ .KDQJHG%H.DXVHVRPHHDUO\YHUVLRQVRIWKHURXWLQJVR.NHW.RGHKDG EXJVLQWKH.KDQJHPHVVDJHSUR.HVVLQJWKHUHDUH.RPSLODWLRQWLPHDQG .RQILJXUDWLRQWLPHRSWLRQVWKDW.DXVHGHOHWHDQGDGGVHTXHQ.HVWREH XVHGLQOLHXRI.KDQJHPHVVDJHV Expansion 7KHDELOLW\WREHH[SDQGHGDOORZVQHZOHYHOVRINHUQHO*DWH'.RPPXQL .DWLRQVWREHDGGHGE\DGGLQJQHZPHVVDJHW\SHV 2.4.3.3.2 Reading the Forwarding Table :KHQ*DWH'VWDUWVXSLWUHDGVWKHNHUQHOIRUZDUGLQJWDEOHDQGLQVWDOOV .RUUHVSRQGLQJURXWHVLQWRWKHURXWLQJWDEOH7KHVHURXWHVDUH.DOOHGUHP QDQWVDQGDUHWLPHGRXWDIWHUDPLQXWHLQWHUYDORUDVVRRQDVDPRUH DWWUD.WLYHURXWHLVOHDUQHG7KLVV\VWHPDOORZVIRUZDUGLQJWRR..XUZKLOH WKHURXWLQJSURWR.ROVVWDUWOHDUQLQJURXWHV 7KUHHPDLQPHWKRGVIRUUHDGLQJWKHIRUZDUGLQJWDEOHIURPWKHNHUQHODUH YLD NPHP JHWNHUQLQIRV\V.WO 26VSH.LIL.PHWKRGV

2.4.3.3.2.1 Reading Forwarding Table via kmem 2QPDQ\V\VWHPVHVSH.LDOO\WKRVHEDVHGRQBSD 4.3, *DWH'PXVWKDYH NQRZOHGJHRIWKHNHUQHO
VGDWDVWUX.WXUHVDQGUHDGWKH.XUUHQWVWDWHRI IRUZDUGLQJWDEOH7KLVPHWKRGLVVORZDQGVXEMH.WWRHUURULIWKHNHUQHO IRUZDUGLQJWDEOHLVXSGDWHGZKLOH*DWH'LVLQWKHPLGGOHRIUHDGLQJLW (UURUVDUHOLNHO\WRR..XULIWKHV\VWHPDGPLQLVWUDWRUXVHVWKHroute.RP PDQGRULIDQ,&03UHGLUH.WPHVVDJHLVUH.HLYHGZKLOH*DWH'LVVWDUWLQJ XS 'XHWRDQRYHUVLJKWVRPHV\VWHPVVX.KDV OSF/1,ZKL.KDUHEDVHGRQ BSD 4.3 RenoRUODWHUGRQRWKDYHWKH getkerninfo() V\VWHP.DOO GHV.ULEHGEHORZZKL.KDOORZV*DWH'WRUHDGURXWHVIURPWKHNHUQHO ZLWKRXWNQRZLQJDERXWNHUQHOLQWHUQDOVWUX.WXUHV2QWKHVHV\VWHPVLWLV QH.HVVDU\WRUHDGWKHNHUQHOUDGL[WUHHIURPWKHNHUQHOUHDGLQJNHUQHO PHPRU\5HDGLQJWKHUDGL[WUHHLVHYHQPRUHHUURUSURQHWKDQUHDGLQJWKH KDVKEDVHGIRUZDUGLQJWDEOH

215

The Kernel Interface Statement

2.4.3.3.2.2 Reading the Forwarding Table via getkerninfo/

sysctl

%HVLGHVWKHURXWLQJVR.NHWBSD 4.3 Reno LQWURGX.HGWKHgetkerninfo() V\VWHP.DOO7KLV.DOODOORZVDXVHUSUR.HVVRIZKL.K*DWH'LV RQHWRUHDGYDULRXVLQIRUPDWLRQIURPWKHNHUQHOZLWKRXWNQRZOHGJHRI WKHNHUQHOGDWDVWUX.WXUHV,QWKH.DVHRIWKHIRUZDUGLQJWDEOHLWLV UHWXUQHGWR*DWH'DXWRPDWL.DOO\DVDVHULHVRIURXWLQJVR.NHWPHVVDJHV 7KLVPHWKRGSUHYHQWVWKHSUREOHPVDVVR.LDWHGZLWKWKHIRUZDUGLQJWDEOH .KDQJLQJZKLOH*DWH'LVUHDGLQJLW BSD 4.4 .KDQJHGWKHgetkerninfo() LQWHUID.HLQWRWKH sysctl() LQWHU ID.HZKL.KWDNHVGLIIHUHQWSDUDPHWHUVEXWRWKHUZLVHIXQ.WLRQVLGHQWL.DOO\. 2.4.3.3.2.3 Reading the Forwarding Table via OS-specific Methods 6RPHRSHUDWLQJV\VWHPVIRUH[DPSOH SunOS 5, GHILQHWKHLURZQPHWKRG RIUHDGLQJWKHNHUQHOIRUZDUGLQJWDEOH7KH SunOS 5 YHUVLRQLVVLPLODULQ .RQ.HSWWRWKHgetkerninfo() PHWKRG. 2.4.3.4 Reading the Interface List 7KHNHUQHOVXSSRUWVXEV\VWHPRI*DWH'LVUHVSRQVLEOHIRUUHDGLQJWKH VWDWXVRIWKHNHUQHO
VSK\VL.DODQGSURWR.ROLQWHUID.HVSHULRGL.DOO\*DWH' GHWH.WV.KDQJHVLQWKHLQWHUID.HOLVWDQGQRWLILHVWKHSURWR.ROVVRWKH\.DQ VWDUWRUVWRSLQVWDQ.HVRUSHHUV7KHLQWHUID.HOLVWLVUHDGRQHRIWKHIRO ORZLQJWZRZD\V 6,2&*,)&21) V\V.WO

2.4.3.4.1 Reading the Interface List with SIOCGIFCONF 2QV\VWHPVEDVHGRQBSD 4.3, 4.3 Reno DQG 4.3 Net/2 WKH SIOCGIFCONFioctl LQWHUID.HLVXVHGWRUHDGWKHNHUQHOLQWHUID.HOLVW8VLQJWKLV PHWKRGDOLVWRILQWHUID.HVDQGVRPHEDVL.LQIRUPDWLRQDERXWWKHPLV UHWXUQHGE\WKH6,2&*,)&21).DOO2WKHULQIRUPDWLRQPXVWEHOHDUQHG E\LVVXLQJRWKHULR.WOVWROHDUQWKHLQWHUID.HQHWZRUNPDVNIODJV078 PHWUL.GHVWLQDWLRQDGGUHVVIRUSRLQWWRSRLQWLQWHUID.HVDQGEURDG.DVW DGGUHVVIRUEURDG.DVW.DSDEOHLQWHUID.HV *DWH'UHDGVDQGUHUHDGVWKLVOLVWHYHU\VH.RQGVORRNLQJIRU.KDQJHV :KHQWKHURXWLQJVR.NHWLVLQXVH*DWH'DOVRUHUHDGVWKHOLVWZKHQHYHUD PHVVDJHVLVUH.HLYHGLQGL.DWLQJD.KDQJHLQURXWLQJ.RQILJXUDWLRQ5H.HLSW RIDSIGUSR2 VLJQDODOVR.DXVHV*DWH'WRUHUHDGWKHOLVW7KHLQWHUYDOLQ ZKL.K*DWH'UHDGVWKHOLVWPD\EHH[SOL.LWO\.RQILJXUHGLQWKHLQWHUID.H .RQILJXUDWLRQ6HH6H.WLRQIRUPRUHLQIRUPDWLRQDERXWWKHLQWHUID.H VWDWHPHQW

216

Configuring GateD

2.4.3.4.2 Reading the Interface List with sysctl BSD 4.4 DGGHGWKHDELOLW\WRUHDGWKHNHUQHOLQWHUID.HOLVWYLDWKHV\V.WO V\VWHP.DOO7KHLQWHUID.HVWDWXVLVUHWXUQHGDXWRPDWL.DOO\DVDOLVWRIURXW LQJVR.NHWPHVVDJHVWKDW*DWH'SDUVHVIRUWKHUHTXLUHGLQIRUPDWLRQ %6'DOVRDGGHGURXWLQJVR.NHWPHVVVDJHVWRUHSRUWLQWHUID.HVWDWXV .KDQJHVLPPHGLDWHO\7KLVDOORZV*DWH'WRUHD.WTXL.NO\WR.KDQJHVLQ LQWHUID.H.RQILJXUDWLRQ :KHQ sysctl is used, *DWH'UHUHDGVWKHLQWHUID.HOLVWRQO\RQ.HD PLQXWH,WDOVRUHUHDGVLWRQURXWLQJWDEOH.KDQJHLQGL.DWLRQVDQGZKHQD SIGUSR2LVUH.HLYHG7KLVLQWHUYDOPD\EHH[SOL.LWO\.RQILJXUHGLQWKH LQWHUID.H.RQILJXUDWLRQ 2.4.3.5 Reading Interface Physical Addresses /DWHUYHUVLRQRIWKHgetkerninfo() DQG sysctl()LQWHUID.HVUHWXUQWKH LQWHUID.HSK\VL.DODGGUHVVHVDVSDUWRIWKHLQWHUID.HLQIRUPDWLRQ2QPRVW V\VWHPVZKHUHLQIRUPDWLRQDERXWSK\VL.DODGGUHVVHVLVQRWUHWXUQHG *DWH'V.DQVWKHNHUQHOSK\VL.DOLQWHUID.HOLVWIRUWKLVLQIRUPDWLRQIRU LQWHUID.HVZLWK,))B%52$'&$67VHWDVVXPLQJWKDWWKHLUGULYHUVDUH KDQGOHGWKHVDPHDV(WKHUQHWGULYHUV2QVRPHV\VWHPVVX.KDVSunOS 4 DQG SunOS 5V\VWHPVSH.LIL.LQWHUID.HVDUHXVHGWROHDUQWKLVLQIRUPD WLRQ 7KHLQWHUID.HSK\VL.DODGGUHVVHVDUHXVHIXOIRU,6,6)RU,3SURWR.ROV WKH\DUHQRW.XUUHQWO\XVHGEXWPD\EHLQWKHIXWXUH 2.4.3.5.1 Reading Kernel Variables $WVWDUWXS*DWH'UHDGVVRPHVSH.LDOYDULDEOHVRXWRIWKHNHUQHOZKL.KLV XVXDOO\GRQHZLWKWKH nlist (or kvm_nlist) V\VWHP.DOO6RPHV\VWHPV XVHGLIIHUHQWPHWKRGV 7KHYDULDEOHVUHDGLQ.OXGHWKHVWDWXVRI8'3.KH.NVXP.UHDWLRQDQGJHQ HUDWLRQ,3IRUZDUGLQJDQGNHUQHOYHUVLRQIRULQIRUPDWLRQDOSXUSRVHV 2QV\VWHPVZKHUHWKHURXWLQJWDEOHLVUHDGGLUH.WO\IURPNHUQHOPHPRU\ WKHURRWRIWKHKDVKWDEOHRUUDGL[WUHHURXWLQJWDEOHLVUHDG2QV\VWHPV ZKHUHLQWHUID.HSK\VL.DODGGUHVVHVDUHQRWVXSSOLHGE\RWKHUPHDQVWKH URRWRIWKHLQWHUID.HOLVWLVUHDG 2.4.3.5.2 Special Route Flags 7KHODWHU%6'EDVHGNHUQHOVXSSRUWVWKHVSH.LDOURXWHIODJVGHV.ULEHG KHUH
RTF_REJECT

,QVWHDGRIIRUZDUGLQJDSD.NHWDVZLWKDQRUPDOURXWHURXWHVZLWK RTF_REJECT .DXVHSD.NHWVWREHGURSSHGDQG unreachable PHV VDJHVWREHVHQWWRWKHSD.NHWRULJLQDWRUV7KLVIODJLVRQO\YDOLGRQ URXWHVSRLQWLQJDWWKHORRSED.NLQWHUID.H.

217

The Kernel Interface Statement

RTF_BLACKHOLE

/LNHWKHRTF_REJECT IODJURXWHVZLWKRTF_BLACKHOLE.DXVHSD.N HWVWREHGURSSHGEXWXQUHD.KDEOHPHVVDJHVDUHQRWVHQW7KLVIODJLV RQO\YDOLGRQURXWHVSRLQWLQJDWWKHORRSED.NLQWHUID.H

RTF_STATIC

:KHQ*DWH'VWDUWVLWUHDGVDOOWKHURXWHV.XUUHQWO\LQWKHNHUQHOIRU ZDUGLQJWDEOH%HVLGHVLQWHUID.HURXWHVLWXVXDOO\PDUNVHYHU\WKLQJ HOVHDVDUHPQDQWIURPDSUHYLRXVUXQRI*DWH'DQGGHOHWHVLWDIWHUD IHZPLQXWHV7KLVPHDQVWKDWURXWHVDGGHGZLWKWKHURXWH.RPPDQG ZLOOQRWEHUHWDLQHGDIWHU*DWH'KDVVWDUWHG7RIL[WKLVWKH RTF_STATIC IODJZDVDGGHG:KHQWKHroute.RPPDQGLVXVHGWR LQVWDOODURXWHWKDWLVQRWDQLQWHUID.HURXWHLWVHWVWKHRTF_STATIC IODJ7KLVVLJQDOVWR*DWH'WKDWVDLGURXWHZDVDGGHGE\WKHV\VWHP DGPLQLVWUDWRUDQGVKRXOGEHUHWDLQHG

218

Configuring GateD

Chapter 2 Section 4.4

Static Routes
2.4.4.0 Static Overview VWDWHPHQWVGHILQHWKHVWDWL.URXWHVXVHGE\*DWH'$VLQJOH VWDWHPHQW.DQVSH.LI\DQ\QXPEHURIURXWHV7KH static VWDWH PHQWVR..XUDIWHUSURWR.ROVWDWHPHQWVDQGEHIRUH.RQWUROVWDWHPHQWVLQWKH gated.conf ILOH$Q\QXPEHURIstaticVWDWHPHQWVPD\EHVSH.LILHG HD.K.RQWDLQLQJDQ\QXPEHURIVWDWL.URXWHGHILQLWLRQV7KHVHURXWHV.DQEH RYHUULGGHQE\URXWHVZLWKEHWWHUSUHIHUHQ.HYDOXHV
Static static static { ( host host ) | default | ( network [ ( mask mask ) | ( masklen number ) ] ) gateway gateway_list [ interface interface_list ] [ preference preference ] [ retain ] [ reject ] [ blackhole ] [ noinstall ] ; ( network [ ( mask mask ) | ( masklen number ) ] ) interface interface [ preference preference ] [ retain ] [ reject ] [ blackhole ] [ noinstall ] ; [ unicast ] ; (*DWH'YHUVLRQ[[RQO\ [ multicast ] ; (*DWH'YHUVLRQ[[RQO\ } ;

2.4.4.1 Static Syntax

host host | default | ( network [ ( mask mask ) | ( masklen number ) ] ) gateway gateway_list

DVWDWL.URXWHWKURXJKRQHRUPRUHJDWHZD\V6WDWL.URXWHVDUHLQVWDOOHG ZKHQRQHRUPRUHRIWKHJDWHZD\VOLVWHGDUHDYDLODEOHRQGLUH.WO\ DWWD.KHGLQWHUID.HV,IPRUHWKDQRQHHOLJLEOHJDWHZD\LVDYDLODEOH gatewaysDUHOLPLWHGE\WKHQXPEHURIPXOWLSDWKGHVWLQDWLRQVVXS SRUWHGWKLV.RPSLOHWLPHSDUDPHWHULV.XUUHQWO\DOPRVWDOZD\VRQ 81,;

interface interface_list

hostLVWKHPRVWJHQHUDOIRUPRIWKHstaticVWDWHPHQWhostGHILQHV

:KHQinterface LVVSH.LILHGJDWHZD\VDUHRQO\.RQVLGHUHGYDOLG ZKHQWKH\DUHRQRQHRIWKHVHLQWHUID.HV6HH6H.WLRQIRUWKH GHV.ULSWLRQRIWKH interface_list.

219

Static Routes

preference preference

VSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURPVWDWL. URXWHV.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQDURXWH KDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYHURXWHZLOO EHVHOH.WHGIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHUHQ.H(D.KSURWR .ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ7KHGHIDXOWVWDWL.SUHIHU HQ.HLV

preference retain

1RUPDOO\*DWH'UHPRYHVDOOURXWHVH[.HSWLQWHUID.HURXWHVIURPWKH NHUQHOIRUZDUGLQJWDEOHGXULQJDJUD.HIXOVKXWGRZQ7KH retain RSWLRQPD\EHXVHGWRSUHYHQWVSH.LIL.VWDWL.URXWHVIURPEHLQJ UHPRYHGretain LQVXUHVWKDWVRPHURXWLQJLVDYDLODEOHZKHQ*DWH' LVQRWUXQQLQJ

reject

,QVWHDGRIIRUZDUGLQJDSD.NHWDVDQRUPDOURXWHrejectURXWHV .DXVHSD.NHWVWREHGURSSHGDQGXQUHD.KDEOHPHVVDJHVWREHVHQWWR WKHSD.NHWRULJLQDWRUV6SH.LI\LQJreject .DXVHVWKLVURXWHWREH LQVWDOOHGDVDUHMH.WURXWH1RWDOONHUQHOIRUZDUGLQJHQJLQHVVXSSRUW UHMH.WURXWHV

blackhole

$EOD.NKROHURXWHLVWKHVDPHDVDUHMH.WURXWHH[.HSWWKDWXQUHD.KDEOH PHVVDJHVDUHQRWVXSSRUWHG6SH.LI\LQJblackhole .DXVHVWKLVURXWH WREHLQVWDOOHGDVDEOD.NKROHURXWH

noinstall

1RUPDOO\WKHURXWHZLWKWKHORZHVWSUHIHUHQ.HLVLQVWDOOHGLQWKHNHU QHOIRUZDUGLQJWDEOHDQGLVWKHURXWHH[SRUWHGWRRWKHUSURWR.ROV :KHQnoinstall LVVSH.LILHGRQDURXWHLWZLOOQRWEHLQVWDOOHGLQWKH NHUQHOIRUZDUGLQJWDEOHZKHQLWLVD.WLYHEXWLWZLOOVWLOOEHHOLJLEOHWR EHH[SRUWHGWRRWKHUSURWR.ROV ( network [ ( mask mask ) | ( masklen number ) ] ) 7KLVIRUPGHILQHVDVWDWL.LQWHUID.HURXWHWKDWLVXVHGIRUSULPLWLYH VXSSRUWRIPXOWLSOHQHWZRUNDGGUHVVHVRQRQHLQWHUID.H
interface interface_list

:KHQ interface interface_list LVVSH.LILHGJDWHZD\VDUHRQO\ .RQVLGHUHGYDOLGZKHQWKH\DUHRQRQHRIWKHVHLQWHUID.HV6HHWKHVH. WLRQRQLQWHUID.HOLVWVSH.LIL.DWLRQIRUWKHGHV.ULSWLRQRIWKH interface_list.

preference preference

VSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURPVWDWL. URXWHV.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQDURXWH KDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYHURXWHZLOO

preference

220

Configuring GateD

EHVHOH.WHGIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHUHQ.H(D.KSURWR .ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ7KHGHIDXOWVWDWL.SUHIHU HQ.HLV

retain

1RUPDOO\*DWH'UHPRYHVDOOURXWHVH[.HSWLQWHUID.HURXWHVIURPWKH NHUQHOIRUZDUGLQJWDEOHGXULQJDJUD.HIXOVKXWGRZQ7KH retain RSWLRQPD\EHXVHGWRSUHYHQWVSH.LIL.VWDWL.URXWHVIURPEHLQJ UHPRYHGretainLQVXUHVWKDWVRPHURXWLQJLVDYDLODEOHZKHQ*DWH' LVQRWUXQQLQJ

reject

,QVWHDGRIIRUZDUGLQJDSD.NHWOLNHDQRUPDOURXWH reject URXWHV .DXVHSD.NHWVWREHGURSSHGDQGXQUHD.KDEOHPHVVDJHVWREHVHQWWR WKHSD.NHWRULJLQDWRUV6SH.LI\LQJ reject .DXVHVWKLVURXWHWREH LQVWDOOHGDVDUHMH.WURXWH1RWDOONHUQHOIRUZDUGLQJHQJLQHVVXSSRUW UHMH.WURXWHV

blackhole

$EOD.NKROHURXWHLVWKHVDPHDVDUHMH.WURXWHH[.HSWWKDWXQUHD.KDEOH PHVVDJHVDUHQRWVXSSRUWHG6SH.LI\LQJ blackhole.DXVHVWKLVURXWH WREHLQVWDOOHGDVDEOD.NKROHURXWH

noinstall

1RUPDOO\WKHURXWHZLWKWKHORZHVWSUHIHUHQ.HLVLQVWDOOHGLQWKHNHU QHOIRUZDUGLQJWDEOHDQGLVWKHURXWHH[SRUWHGWRRWKHUSURWR.ROV :KHQ noinstall LVVSH.LILHGRQDURXWHLWZLOOQRWEHLQVWDOOHGLQWKH NHUQHOIRUZDUGLQJWDEOHZKHQLWLVD.WLYHEXWLWZLOOVWLOOEHHOLJLEOHWR EHH[SRUWHGWRRWKHUSURWR.ROV *DWH'YHUVLRQ[[RQO\

unicast

7KLVURXWHZLOOEHORDGHGLQWKHXQL.DVWULEV%\GHIDXOWDOOVWDWL.URXWHV DUHORDGHGLQWKHXQL.DVWULE
multicast

7KLVURXWHZLOOEHORDGHGLQWKHPXOWL.DVWULEV6WDWL.URXWHVDUH LQVWDOOHGLQWRWKHPXOWL.DVWULERQO\E\VSH.LIL.DWLRQ

221

Static Routes

222

Configuring GateD

Chapter 3
Multicast Protocol Statements
3.0 Multicast Protocol Overview AOOURXWLQJSURWR.ROVGHWHUPLQHWKHEHVWURXWHWRHD.KGHVWLQDWLRQDQG WKH\GLVWULEXWHURXWLQJLQIRUPDWLRQDPRQJWKHV\VWHPVRQDQHWZRUN0XO WL.DVWURXWLQJSURWR.ROVDOORZSD.NHWVWREHURXWHGWRDVHOH.WVHWRIGHVWL QDWLRQV Routing protocols are divided into two general groups: intra-domain routing (or interior) protocols and inter-domain routing (or exterior) protocols. Intra-domain routing protocols route packets within an autonomous system; inter-domain routing protocols route between autonomous systems. GateD software combines management of the intra-domain and inter-domain routing protocols in one software daemon.

223

Multicast Protocol Statements

224

Configuring GateD

Chapter 3 Section 1
Intra-Domain Multicast Routing Protocols
3.1.0 Intra-Domain Routing Protocols Overview 3.1.1 DVMRP ,QWUDGRPDLQPXOWL.DVWURXWLQJSURWR.ROVDUHXVHGWRH[.KDQJHUHD.KDELOLW\ LQIRUPDWLRQZLWKLQDQDXWRQRPRXVV\VWHP$67KH\DUHUHIHUUHGWRDVD .ODVVE\WKHD.URQ\PLJS7ZRLQWUDGRPDLQPXOWL.DVWURXWLQJSURWR.ROV DUH.XUUHQWO\VXSSRUWHGE\*DWH'DQGRQHZLOOEHDYDLODEOHVRRQ '9053LVWKHRULJLQDO,3PXOWL.DVWURXWLQJSURWR.RO,WZDVGHVLJQHGWR UXQRYHUERWKPXOWL.DVW.DSDEOH/$1VDVZHOODVWKURXJKQRQPXOWL.DVW .DSDEOHURXWHUV,QWKH.DVHRIQRQPXOWL.DVW.DSDEOHURXWHUVWKH,3PXOWL .DVWSD.NHWVDUHWXQQHOHGWKURXJKWKHURXWHUVDVXQL.DVWSD.NHWV%H.DXVH '9053UHSOL.DWHVWKHSD.NHWVLWKDVDQHIIH.WRQSHUIRUPDQ.HEXWKDV SURYLGHGDQLQWHUPHGLDWHVROXWLRQIRU,3PXOWL.DVWURXWLQJRQWKH,QWHUQHW XQWLOURXWHUYHQGRUVGH.LGHWRVXSSRUWQDWLYH,3PXOWL.DVWURXWLQJ 7KH*DWH'LPSOHPHQWDWLRQLV.RPSOLDQWZLWKWKH'9053YVSH.LIL .DWLRQ 3.1.2 PIM-DM and PIM-SM 3,0'HQVH0RGHSURYLGHVPXOWL.DVWURXWLQJIRUDGHQVHO\SRSXODWHG JURXS 3,06SDUVH0RGHSURYLGHVHIIL.LHQWURXWLQJIRUDJURXSGLVWULEXWHG VSDUVHO\D.URVVDZLGHDUHD 3,06SDUVH0RGHLVVSH.LILHGLQ5)&  5)& .DQEHIRXQGDW IWSIWSLVLHGXLQQRWHVUI.W[W 3.1.3 MSDP (not yet available) 06'3LVLQWHQGHGWRMRLQDGPLQLVWUDWLYHO\VHSDUDWH3,060UHJLRQVE\ GLVWULEXWLQJLQIRUPDWLRQDERXWPXOWL.DVWVRXU.HVZLWKLQHD.KUHJLRQ 06'3VSHDNHUVSHHURYHU7&3.RQQH.WLRQVDQGDQQRXQ.HRUIRUZDUG LQIRUPDWLRQDERXWVRXU.HVDQGWKHJURXSVWRZKL.KWKH\DUHPXOWL.DVWLQJ :KHQDUHQGH]YRXVSRLQWLQRQH3,060GRPDLQOHDUQVYLD06'3RID PXOWL.DVWVRXU.HLQDQRWKHU3,060GRPDLQWKHQLWDWWHPSWVWRMRLQ WRZDUGVWKHPXOWL.DVWWUHHURRWHGDWWKHVRXU.H MSDP is designed to work very closely with PIM-SM. For MSDP to be configured in GateD, PIM-SM must be configured as well

225

Multicast Intra-Domain Routing Protocols

226

Configuring GateD

Chapter 3 Section 1.1

The DVMRP Statement
3.1.1.0 DVMRP Overview 7KH dvmrp VWDWHPHQWLVXVHGWR.RQILJXUH'9053*DWH'0XOWL.DVWLV .RPSOLDQWZLWKWKH'9053YVSH. '9053LVWKHRULJLQDO,3PXOWL.DVWURXWLQJSURWR.RO,WZDVGHVLJQHGWR UXQRYHUERWKPXOWL.DVW.DSDEOH/$1VOLNH(WKHUQHWDVZHOODVWKURXJK QRQPXOWL.DVW.DSDEOHURXWHUV,QWKH.DVHRIQRQPXOWL.DVW.DSDEOHURXW HUVWKH,3PXOWL.DVWSD.NHWVDUHWXQQHOHGWKURXJKWKHURXWHUVDVXQL.DVW SD.NHWV%H.DXVH'9053UHSOL.DWHVWKHSD.NHWVLWKDVDQHIIH.WRQSHUIRU PDQ.HEXWKDVSURYLGHGDQLQWHUPHGLDWHVROXWLRQIRU,3PXOWL.DVWURXWLQJ RQWKH,QWHUQHWZKLOHURXWHUYHQGRUVGH.LGHWRVXSSRUWQDWLYH,3PXOWL.DVW URXWLQJ DVMRP has both "tree construction" and "route" passage functions. The DVMRP "routes" are loaded into the multicast RIB under import policy and exported using export policy. 3.1.1.1 DVMRP Syntax
dvmrp ( on | off | routing-only ) { [ interface interface_list { [ enable | disable | routing-only ; ] [ nodvmrpout ; ] [ noretransmit ; ] [ metric metric ; ] };] defaultmetric metric ; [ traceoptions trace_options ; ] } dvmrp

7KH dvmrp VWDWHPHQWHQDEOHVRUGLVDEOHVWKH'9053SURWR.RO,IWKH dvmrp VWDWHPHQWLVQRWVSH.LILHGWKHGHIDXOWLVdvmrp off,IHQDEOHG '9053ZLOOGHIDXOWWRHQDEOLQJDOOLQWHUID.HVWKDWDUHPXOWL.DVW.DSDEOH dvmrp routing-only VSH.LILHVWKDW'9053ZLOOEHXVHGRQO\WRSURSD JDWHWKHPXOWL.DVW5,%EXWWKDWLWZLOOQRWEHXVHGIRUWUHH.RQVWUX.WLRQ dvmrp routing-only PD\EHXVHGWROHW'9053.DUU\WKHPXOWL.DVW 5,%ZKL.KLVWKHQXVHGE\3,060
interface interface_list

(QDEOHVRUGLVDEOHV'9053RQWKLVLQWHUID.HRUOLVWRILQWHUID.HV
enable | disable | routing-only

,IQRLQWHUID.HVWDWHPHQWLVVSH.LILHGDOOLQWHUID.HVDUHHQDEOHG,IRQH RUPRUHLQWHUID.HVWDWHPHQWLVSUHVHQWWKHGHIDXOWEHKDYLRULVWRGLV DEOHQRQVSH.LILHGLQWHUID.HV enablePD\KDYHWREHVHWZKHQ dis-

227

Distance Vector Multicast Routing Protocol (DVMRP) able LVXVHGRQDZLOG.DUGLQWHUID.HGHV.ULSWRU disableVSH.LILHVWKDW '9053SD.NHWVUH.HLYHGYLDWKHVSH.LILHGLQWHUID.HZLOOEHLJQRUHG 7KHGHIDXOWLVWROLVWHQWR'9053RQDOOPXOWL.DVW.DSDEOHLQWHUID.HV routing-only VSH.LILHVWKDWWKH'9053URXWLQJWDEOHZLOOEH SURSDJDWHGRYHUWKHVSH.LILHGLQWHUID.HVEXWWKDWLWLVQRWWKHPXOWL .DVWURXWLQJSURWR.ROWKDWZLOOEHXVHGIRUWUHH.RQVWUX.WLRQ routing-only PD\EHXVHGWROHW'9053.DUU\WKHPXOWL.DVW5,% ZKL.KLVWKHQXVHGE\3,060 nodvmrpout nodvmrpoutVSH.LILHVWKDWQR'9053SD.NHWVZLOOEHVHQWRQWKH

VSH.LILHGLQWHUID.HV

noretransmit noretransmit

ID.HV
metric metric

GLVDEOHVSUXQHUHWUDQVPLVVLRQRQWKHVSH.LILHGLQWHU

metric SURYLGHVDZD\WR.RQILJXUHWKHPHWUL.RQDSK\VL.DOSRUWRU

WXQQHO7KLVPHWUL.ZLOOEHDGGHGWRDOOURXWHVWKDWDUHOHDUQHGYLDWKLV LQWHUID.H
defaultmetric metric

VSH.LILHVWKHPHWUL.DSSOLHGWRDQ\LQWHUID.HWKDW GRHVQRWLPSOL.LWO\KDYHDPHWUL.VHWZLWKWKHLQWHUID.HVmetricVWDW PHQWVHHDERYH

defaultmetric traceoptions trace_options

6HH6H.WLRQ7UD.H6WDWHPHQWVDQGWKH'9053VSH.LIL.WUD.LQJ RSWLRQVEHORZ 3.1.1.2 Tracing Options 6SH.LILHVWKHWUD.LQJRSWLRQVIRU'9053 Packettracing options (which may be modified with detail, send, or recv):
packets

7UD.HDOO'9053SD.NHWV
probe

7UD.HDOO'9053URXWHUSUREHSD.NHWV
report

Trace all DVMRP route report packets.

mapper

7UD.HDOO'9053QHLJKERUDQGQHLJKERUSD.NHWV
prune

7UD.HDOO'9053SUXQHSD.NHWV
graft

7UD.HDOO'9053JUDIWDQGJUDIWD.NSD.NHWV

228

Configuring GateD

229

Distance Vector Multicast Routing Protocol (DVMRP)

230

Configuring GateD

Chapter 3 Section 1.2

Protocol Independent Multicast (PIM-DM and PIM-SM)
3.1.2.0 PIM Overview 7UDGLWLRQDOPXOWL.DVWURXWLQJPH.KDQLVPVHJ'9053DQG0263) ZHUHLQWHQGHGIRUXVHZLWKLQUHJLRQVZKHUHJURXSVDUHGHQVHO\SRSXODWHG RUEDQGZLGWKLVXQLYHUVDOO\SOHQWLIXO:KHQJURXSVDQGVHQGHUVWRWKHVH JURXSVDUHGLVWULEXWHGVSDUVHO\D.URVVDZLGHDUHDWKHVHGHQVHPRGH V.KHPHVGRQRWSHUIRUPHIIL.LHQWO\3,0LVPDGHRIWZRSURWR.ROVRQHIRU HD.KW\SHRIJURXSGLVWULEXWLRQ3,06SDUVH0RGH3,060SURYLGHVHIIL .LHQWURXWLQJIRUDJURXSGLVWULEXWHGVSDUVHO\D.URVVDZLGHDUHD3,0 'HQVH0RGH3,0'0SURYLGHVPXOWL.DVWURXWLQJIRUDGHQVHO\SRSXODWHG JURXS 0XOWL.DVWLQJSURWR.ROVUHTXLUHWZRGLIIHUHQWIXQ.WLRQVLQRUGHUWR.UHDWH VRXU.HEDVHGWUHHVRUJURXSEDVHGWUHHV  DVHWRIURXWHVXVHGWR.DO.XODWHWKHUHYHUVHSDWKIRUZDUGLQJDQG  DPH.KDQLVPE\ZKL.KWREXLOGWUHHV 3,0LVSURWR.ROLQGHSHQGHQWEH.DXVHLWGHSHQGVRQH[LVWLQJXQL.DVWURXWHV WR.DO.XODWHWKHUHYHUVHSDWKIRUZDUGLQJ,Q.RQWUDVW'9053SDVVHVWKLV VHWRIURXWHVZLWKLQWKHSURWR.RO 7KHGHWDLOHGSURWR.ROVSH.LIL.DWLRQLVDOVRDYDLODEOHDV3URWR.RO,QGHSHQ GHQW0XOWL.DVW3,03URWR.RO6SH.LIL.DWLRQZKL.K.DQEHIRXQGDW KWWSZZZPHULWHGXLQWHUQHWGR.XPHQWVUI.UI.W[W 3,0'0DQG3,060VKDUHVRPH.RPPRQSUR.HVVLQJRI3,0SD.NHWV UH.HLYHG7KLV.RPPRQSUR.HVVLQJLV.RQILJXUHGLQWKH pim SURWR.ROVWDWH PHQW7KH sparse RSWLRQV.RQILJXUHWKH3,060LQIRUPDWLRQIRU.RP SRQHQWVRQWKLVURXWHURU3,060QHLJKERUV7KH dense RSWLRQV .RQILJXUHWKH3,0'HQVH0RGHSURWR.RO 3.1.2.1 PIM Syntax
pim ( on | off){ [ traceoptions trace_options ; ] [ hello-interval sec ; ] [ hello-holdtime sec ; ] [ hello-priority pri ; ] [ mrt-timeout sec ; ] [ mrt-period sec ; ] [ assert-holdtime sec ; ] [ jp-interval sec ; ] [ jp-holdtime sec ; ] [ jp-delay-timeout sec ; ] dense name {

231

Protocol Independent Multicast (PIM)

pimdm-member-is-sender(on|off) interface interface-list (enable|disable) { global-options ; pimdm-interface-options ; }; }; sparse name { [ threshold bps ; ] [ threshold-dr bps ; ] [ threshold-rp bps ; ] [ reg-sup-timeout secs ; ] [ probe-period secs ; ] [ crp-holdtime secs ; ] [ bsr-holdtime secs ; ] [ bsr ( off | no ) | ( address | on | yes ) [ { [ priority pri ; ] [ bsr-period secs ; ] } ] ; ] [ crp ( off | no ) | ( address | on | yes ) [ { [ priority pri ; ] [ group { [ group-address [ priority pri ]; ] [ group-address mask mask [ priority pri ]; ] [ group-address masklen length [ priority pri ]; ] [ all [ priority pri ] ; ] [ host host [ priority pri ] ; ] } ; ] } ] ; ] interface interface-list [ { [ ( enable | disable ) ; ] [ hello-interval sec ; ] [ hello-holdtime sec ; ] [ hello-priority pri ; ] [ assert-holdtime sec ; ] [ jp-interval sec ; ] [ jp-sup-timeout sec ; ] [ jp-delay-timeout sec ; ] [ boundary ; ] } ] ; }; }; }; pim

232

Configuring GateD

7KH pimVWDWHPHQWHQDEOHVRUGLVDEOHVWKH3,0SURWR.RO,IWKH pim VWDWH PHQWLVQRWVSH.LILHG3,0ZLOOQRWUXQ$OOLQWHUID.HVWKDWZLOOUXQ3,0 PXVWEHPXOWL.DVW.DSDEOHDQGVSH.LILHGZLWKLQHLWKHUWKHsparse RU GHQVHVWDWHPHQWVLQRUGHUWRGHWHUPLQHWKHPRGHDQGJURXSZLWKZKL.K WKHLQWHUID.HZLOOEHDVVR.LDWHG0XOWL.DVW.DSDEOHLQWHUID.HVDUHLGHQWLILHG E\WKHIFF_MULTICASTLQWHUID.HIODJ 2SWLRQVRXWVLGHRIWKHsparse DQG dense .ODXVHVLQ.OXGH
traceoptions trace_options

6HH7UD.H6WDWHPHQWVIRUJHQHUL.WUD.HRSWLRQVDQGWKH3,0VSH .LIL.WUD.LQJRSWLRQVEHORZ
hello-interval sec hello-interval VSH.LILHVWKDW3,0KHOORPHVVDJHVVKRXOGEHVHQW HYHU\secVH.RQGV7KHGHIDXOWLVVH.RQGV hello-holdtime sec

3,0KHOORPHVVDJHV.RQWDLQDKROGWLPHWKDWVSH.LILHVKRZORQJQHLJK ERUVVKRXOGZDLWIRUKHOORPHVVDJHVEHIRUHH[SLULQJWKHVHQGHU
V QHLJKERUVWDWHhello-holdtime VSH.LILHVWKDWDKROGWLPHRIVH.VH. RQGVVKRXOGEHDGYHUWLVHG7KHGHIDXOWLVVH.RQGV
hello-priority pri

3,0+HOORPHVVDJHV.RQWDLQD3ULRULW\ILHOGWKDWLVXVHGWRHOH.WD 'HVLJQDWHG)RUZDUGHURQDVKDUHGQHWZRUNIRUDJLYHQ6*SDLU 7KHURXWHUZLWKWKHKLJKHVWSULRULW\ZLQVWKH')HOH.WLRQ,QWKH.DVH RIDWLHWKHURXWHUZLWKWKHODUJHVW,3DGGUHVVZLQV

mrt-timeout sec

VSH.LILHVWKHQXPEHURIVH.RQGVDQPUWHQWU\H[LVWV EHIRUHLWWLPHVRXW7KHGHIDXOWLVVH.RQGV
mrt-timeout mrt-period sec

7KH3,0mrt LVH[DPLQHGSHULRGL.DOO\IRU6*HQWULHVWKDWVKRXOGEH GHOHWHGLHEH.DXVHWKHGRZQVWUHDPLQWHUID.HOLVWKDVEH.RPHQXOO mrt-period VSH.LILHVWKHQXPEHURIVH.RQGVWRZDLWEHWZHHQH[DPL QDWLRQV7KHGHIDXOWLVVH.RQGV

assert-holdtime sec assert-holdtimeVSH.LILHVWKHQXPEHURIVH.RQGVEHWZHHQWKH WLPHDQDVVHUWLVUH.HLYHGDQGWKHWLPHDWZKL.KWKHDVVHUWLVWLPHG RXW7KHGHIDXOWLVVH.RQGV jp-interval sec jp-interval VSH.LILHVWKDW3,0-RLQ3UXQHPHVVDJHVKRXOGEHVHQW HYHU\ sec VH.RQGV7KHGHIDXOWLVVH.RQGV

233

Protocol Independent Multicast (PIM)

jp-holdtime sec

VSH.LILHVWKH-RLQ3UXQHKROGWLPHWKDWLVDGYHUWLVHGLQ 3,0-RLQ3UXQHPHVVDJHV5H.HLYHUVPXVWZDLWDWOHDVWWKLVORQJDIWHU UH.HLYLQJD-RLQ3UXQHPHVVDJHEHIRUHGHOHWLQJWKH-RLQ3UXQHVWDWH DVVR.LDWHGZLWKWKHDGYHUWLVHU,WLVUH.RPPHQGHGWKDWWKHYDOXHEHVHW WR jp-interval7KHGHIDXOWLVVH.RQGV

jp-holdtime jp-delay-timeout sec jp-delay-timeoutVSH.LILHVWKHPD[LPXPQXPEHURIVH.RQGV EHWZHHQWKHWLPHZKHQWKH53)QHLJKERU.KDQJHVDQGWKHWLPHDW ZKL.KDWULJJHUHG-RLQ3UXQHPHVVDJHLVVHQW7KHGHIDXOWLVVH. RQGV

3,0'0denseRSWLRQVLQ.OXGH

pimdm-member-is-sender ( on | off )

'HQVHPRGHSURWR.ROVOLNH'9053DQG3,0'0QHHGWRUHJLVWHU LQWHUHVWLQHYHU\WKLQJ6R\RXQHHGWR.DOOregister_interest ZLWK ZKHQ3,0'0LVHQDEOHGDQGXQUHJLVWHULWZKHQLWWHU PLQDWHV7KHVHQGHUVDUHPHPEHUVKHXULVWL.XVHGE\3,0LVGHV.ULEHG LQWKHPXOWL.DVWLQWHURSHUDELOLW\GUDIWZKL.K.DQEHIRXQGDW KWWSZZZPHULWHGXLQWHUQHWGR.XPHQWVLQWHUQHWGUDIWVGUDIW WKDOHUPXOWL.DVWLQWHURSW[W 3,060sparseRSWLRQVLQ.OXGH
threshold bps

VSH.LILHVLQE\WHVSHUVH.RQGZKHQHLWKHUWKH'5'HV LJQDWHG5RXWHURU535HQGH]YRXV3RLQWZLOOVZLW.KWRDVKRUWHVW SDWKWUHH7KHGHIDXOWLVE\WHVSHUVH.RQG

threshold threshold-dr bps threshold-drVSH.LILHVLQE\WHVSHUVH.RQGZKHQWKH'5ZLOO

VZLW.KWRDVKRUWHVWSDWKWUHH7KHGHIDXOWLVE\WHVSHUVH.RQG
threshold-rp bps

VSH.LILHVLQE\WHVSHUVH.RQGZKHQWKH53ZLOO VZLW.KWRDVKRUWHVWSDWKWUHH7KHGHIDXOWLVE\WHVSHUVH.RQG
threshold-rp reg-sup-timeout secs reg-sup-timeout VSH.LILHVWKHPHDQQXPEHURIVH.RQGVEHWZHHQ UH.HLYLQJD3,05HJLVWHU6WRSPHVVDJHDQGDOORZLQJ5HJLVWHUVWREH VHQWDJDLQ$ORZHUYDOXHPHDQVPRUHIUHTXHQWEXUVWVDWWKH53D KLJKHUYDOXHPHDQVDORQJHUMRLQODWHQ.\IRUQHZUH.HLYHUV7KH GHIDXOWLVVH.RQGV1RWHWKDWLIQXOO5HJLVWHUVDUHVHQW probeperiod VH.RQGVEHIRUHWKHWLPHRXWWKHQ5HJLVWHUEXUVWVDUHSUH YHQWHGDQG reg-sup-timeoutPD\WKHQEHORZHUHGWRGH.UHDVHMRLQ ODWHQ.\

234

Configuring GateD

probe-period secs

:KHQ3,0QXOO5HJLVWHUPHVVDJHVDUHXVHG probe-period sSH.LILHV WKHQXPEHURIVH.RQGVSULRUWRWKHUHJLVWHUVXSSUHVVLRQWLPHUH[SLU\ WRVHQGDQXOO5HJLVWHUPHVVDJH,ID3,05HJLVWHU6WRSPHVVDJHLV UH.HLYHGEHIRUHWKHQXOO5HJLVWHUPHVVDJHLVVHQWWKHQWKHUHJLVWHU VXSSUHVVLRQWLPHULVUHVHWDQGWKHVHQGLQJRIWKHQXOO5HJLVWHUPHV VDJHLVGHOD\HG

crp-holdtime secs

)RU&53V crp-holdtimeVSH.LILHVWKHKROGWLPHDGYHUWLVHGLQ& 53$GYPHVVDJHVDQGLVXVHGE\WKH%65%RRWVWUDS5RXWHUWRWLPH RXW53V7KLVVKRXOGEHVHWWR >crp-adv-period@7KHGHIDXOW LVVH.RQGV

bsr-period secs

$WWKHHOH.WHG%65 bsr-period VSH.LILHVWKHLQWHUYDOEHWZHHQRULJL QDWLQJERRWVWUDSPHVVDJHVDQGVKRXOGEHHTXDOWRVH.RQGV

bsr-holdtime secs

VSH.LILHVWKHWLPHDIWHUZKL.KWKHHOH.WHG%65ZLOOEH DVVXPHGXQUHD.KDEOHZKHQERRWVWUDSPHVVDJHVDUHQRWUH.HLYHGIURP LW7KLVVKRXOGEHVHWWR >bsr-period@7KHGHIDXOWLV VH.RQGV

bsr-holdtime bsr ( ( address | on | yes ) [ priority pri ] ) | ( off | no ) ]

$3,0%RRW6WUDS5RXWHU%65LVUHVSRQVLEOHIRUGLVWULEXWLQJ53 DQGJURXSDGGUHVVLQIRUPDWLRQWRLWV3,0GRPDLQ0XOWLSOHURXWHUVLQ D3,0GRPDLQPD\EH.RQILJXUHGDV.DQGLGDWH%65V&%65VDQG WKH3,0SURWR.ROSURYLGHVDQHOH.WLRQPH.KDQLVPIRUVHOH.WLQJD%65 IURPWKH.DQGLGDWHSRRO,I bsr off RU bsr noLVVSH.LILHGRULIWKH bsr .ODXVHLVRPLWWHGWKHQWKLVURXWHULVQRWHOLJLEOHWREH.RPHD %65 3,0%65PHVVDJHV.RQWDLQD%65DGGUHVV,I bsr on RU bsr yes LV VSH.LILHGWKHQWKH%65DGGUHVVLV.KRVHQWREHWKHURXWHU
VODUJHVW .RQILJXUHG,3DGGUHVV,IRQHZLVKHVWRVSH.LI\WKHH[D.WDGGUHVVWREH XVHGDVWKH%65DGGUHVVWKHQbsr address VKRXOGEHXVHGZKHUH addressLVWKHGHVLUHG,3DGGUHVV 3,0%65PHVVDJHVDOVR.RQWDLQD%65SULRULW\ZKL.K.DQEHXVHGWR ELDVWKH%65HOH.WLRQSUR.HVV&%65VZLWKKLJKHUSULRULWLHVDUHSUH IHUUHG,IWZR&%65VKDYHWKHVDPHSULRULW\WKHQWKH&%65ZLWKWKH ODUJHUDGGUHVVLVSUHIHUUHG7KHpriority pri sub-clause of the bsr clause optionally specifies this CBSR's priority. If the sub-clause is omitted, the priority defaults to 0.

235

Protocol Independent Multicast (PIM)

crp

( address | on | yes ) 7KH3,0SURWR.RODOORZVIRUPXWOLSOHURXWHUVWRYROXQWHHUWREHWKH 53IRUDJLYHQPXOWL.DVWJURXS6X.KYROXQWHHUVDUH.DOOHG.DQGLGDWH 53V&53V,Icrp off RUcrp noLVVSH.LILHGRULIWKHcrp.ODXVHLV RPPLWWHGHQWLUHO\WKHQWKLV3,0URXWHULVQRWD&53 3,0&DQGLGDWH53$GYHUWLVHPHQWPHVVDJHV.RQWDLQWKHDGGUHVVRI WKH&53,Icrp onRUcrp yesLVVSH.LILHGWKHQWKH&53DGGUHVVLV .KRVHQWREHWKHURXWHU
VODUJHVW.RQILJXUHG,3DGGUHVV,IRQHZLVKHV WRVSH.LI\WKHH[D.WDGGUHVVWREHXVHGDVWKH&53DGGUHVVWKHQcrp addressVKRXOGEHXVHGZKHUHaddressLVWKHGHVLUHG,3DGGUHVV ,IWKHcrp .ODXVHLVVSH.LILHGZLWKRXWQDPLQJJURXSDGGUHVVHVZLWKLQ .XUO\EUD.HVHJ crp onWKHQWKHURXWHUZLOOEHD&53IRUWKH JURXSDGGUHVVUDQJH,IJURXSDGGUHVVHVRUDGGUHVVUDQJHV DUHQDPHGZLWKLQ.XUO\EUD.HVWKHQWKHURXWHUZLOOEHD&53RQO\IRU WKHQDPHGDGGUHVVHVUDQJHV $URXWHULV.KRVHQDVWKH53IRUDPXOWL.DVWJURXSIURPWKHVHWRI &53VYLDDZHOONQRZQKDVKDOJRULWKP$&53
VVXLWDEOLOW\IRUDJLYHQ PXOWL.DVWJURXSPD\EHSUHIHUHQ.HGZLWKDSULRULW\:KHQ.KRRVLQJ DQ53IRUDJURXSIURPWKHVHWRI&53VWKHKDVKDOJRUWKLPLVUXQ RYHUWKHVHWRI&53VZLWKWKHORZHVWSULRULW\IRUWKHJURXS7KH&53 UHVXOWLQJLQWKHKLJKHVWKDVKYDOXHLVVHOH.WHGDVWKH53IRUWKHJURXS 7KH crp .ODXVHDOORZVRQHWRVSH.LI\DQRSWLRQDOGHIDXOWSULRULW\DV ZHOODVDSULRULW\DVVR.LDWHGZLWKLQGLYLGXDOJURXSDGGUHVVHV$GHIDXOW SULRULW\LVVSH.LILHGZLWKWKHpriority pri VXE.ODXVHDVLOOXVWUDWHGLQ WKHIROORZLQJH[DPSOH
crp on priority 2;

,IQRJURXSDGGUHVVHVRUUDQJHVDUHQDPHGLQWKHcrp.ODXVHDVLVWKH .DVHLQWKHDERYHH[DPSOHWKHQWKLVURXWHUZLOOYROXQWHHUWREHDQ53 IRUZLWKWKHQDPHGSULRULW\,IJURXSDGGUHVVHVRUUDQJHVDUH QDPHGLQWKHcrp.ODXVHWKHQWKLVSULRULW\ZLOODSSO\WRDOODGGUHVVHV UDQJHVIRUZKL.KDSULRULW\LVQRWVSH.LILHG7KLVLVLOOXVWUDWHGLQWKH H[DPSOHEHORZ

crp on priority 2 { 224.1.2.3 priority 1; 224.1.2.4; };

,QWKHDERYHH[DPSOHWKHURXWHUZLOOEHD&53IRUZLWKSUL RULW\DQGD&53IRUZLWKSULRULW\ *URXSUDQJHV.DQEHVSH.LILHGZLWKLQWKH.XUO\EUD.HVRIWKH.US .ODXVHYLDWKHgroup-address mask mask or group-address masklen length VWDWHPHQWV,QDGGLWLRQDQ$6&,,QHWZRUNQDPH .DQEHVSH.LILHGZLWKWKH host NH\ZRUG7KHVHIHDWXUHVDUHLOOXVWUDWHG EHORZ
236

Configuring GateD

crp on priority 2 { 224.0.0.0 masklen 30; host dvmrp.mcast.net; };

7KH.ODXVHDERYHVSH.LILHVWKDWWKHURXWHUZLOOEHD&53ZLWK SULRULW\ IRUDOOJURXSVLQWKHUDQJHWRDVZHOODV JURXSGYPUSP.DVWQHW

interface interface-list ( enable | disable )

VSH.LILHVWKHLQWHUID.HRULQWHUID.HVRYHUZKL.K3,0 VKRXOGEHVSRNHQDVZHOODVSURYLGHVWKHDELOLW\WR.RQILJXUH.HUWDLQ RSWLRQVDWDQLQWHUID.HJUDQXODULW\,IWKHinterface.ODXVHLVRPPLW WHGWKH3,0ZLOOQRWEHVSRNHQDWDOO

interface hello-interval sec hello-intervalVSH.LILHVWKDW3,0KHOORPHVVDJHVVKRXOGEHVHQW HYHU\secVH.RQGV7KHGHIDXOWLVVH.RQGV. hello-holdtime sec

3,0KHOORPHVVDJHV.RQWDLQDKROGWLPHWKDWVSH.LILHVKRZORQJQHLJK ERUVVKRXOGZDLWIRUKHOORPHVVDJHVEHIRUHH[SLULQJWKHVHQGHU
V QHLJKERUVWDWHhello-holdtimeVSH.LILHVWKDWDKROGWLPHRI sec VH.RQGVVKRXOGEHDGYHUWLVHG7KHGHIDXOWLVVH.RQGV
hello-priority pri

3,0+HOORPHVVDJHV.RQWDLQD3ULRULW\ILHOGWKDWLVXVHGWRHOH.WD 'HVLJQDWHG)RUZDUGHURQDVKDUHGQHWZRUNIRUDJLYHQ6*SDLU 7KHURXWHUZLWKWKHKLJKHVWSULRULW\ZLQVWKH')HOH.WLRQ,QWKH.DVH RIDWLHWKHURXWHUZLWKWKHODUJHVW,3DGGUHVVZLQV

assert-holdtimesec assert-holdtime VSH.LILHVWKHQXPEHURIVH.RQGVEHWZHHQWKHODVW WLPHDQDVVHUWLVUH.HLYHGDQGWKHWLPHDWZKL.KWKHDVVHUWLVWLPHG RXW7KHGHIDXOWLVVH.RQGV jp-interval sec jp-interval VSH.LILHVWKDW3,0-RLQ3UXQHPHVVDJHVKRXOGEHVHQW HYHU\ sec VH.RQGV7KHGHIDXOWLVVH.RQGV jp-sup-timeout sec jp-sup-timeoutVSH.LILHVWKHPHDQQXPEHURIVH.RQGVEHWZHHQ

UH.HLYLQJD-RLQ3UXQHZLWKDKLJKHUKROGWLPHZLWKWLHVEURNHQE\ KLJKHUQHWZRUNOD\HUDGGUHVVDQGDOORZLQJGXSOL.DWH-RLQ3UXQHVWR EHVHQWDJDLQ jp-sup-timeout VKRXOGEHVHWWRDSSUR[LPDWHO\ [jp-interval]7KHGHIDXOWLVVH.RQGV

237

Protocol Independent Multicast (PIM)

boundary

VSH.LILHVWKDWWKHDVVR.LDWHGLQWHUID.HLVDWD3,0GRPDLQ ERXQGDU\3,0%65DQG&DQGLGDWH53$GYHUWLVHPHQWPHVVDJHVZLOO QRWEHVHQWRUD..HSWHGRYHUWKLVLQWHUID.H3,0-RLQ3UXQHPHVVDJHV KRZHYHUDUHVWLOOH[.KDQJHGRYHUWKLVLQWHUID.Hboundary PDNHVLW SRVVLEOHIRUDGMD.HQW3,0GRPDLQVWREH.RQQH.WHGYLD06'3DQG WKXVIRUPXOWL.DVWJURXSPHPEHUVLQRQHGRPDLQWROHDUQRIDQG UH.HLYHWUDIIL.IURPVRXU.HVLQDQRWKHU

boundary

3.1.2.2 PIM Tracing Options

6HH7UD.H6WDWHPHQWVIRUJHQHUL.WUD.HRSWLRQVDQGWKH3,0VSH.LIL. WUD.LQJRSWLRQVEHORZ Packet tracing options (which may be modified with detail, send or recv):
packets

7UD.HDOO3,0SD.NHWV
hello

7UD.H3,0URXWHUKHOORSD.NHWV
register

7UD.H3,0UHJLVWHUDQGUHJLVWHUVWRSSD.NHWV
bootstrap

7UD.H3,0ERRWVWUDSSD.NHWV
jp

7UD.H3,0-RLQ3UXQHSD.NHWV
assert

7UD.H3,0DVVHUWSD.NHWV 3.1.2.3 PIM Sample Configuration Files

3.1.2.3.1 Sample PIM-SMv2 over RIP configuration

7KLVLVDVDPSOHXVHRI3,060RYHU5,3
rip yes;

import proto rip { all multicast unicast; };

traceoptions "/var/tmp/gated.log" replace all ;

igmp yes { interface le0 { disable }; interface qe0 { enable };

238

Configuring GateD

interface qe1 { enable }; interface qe2 { enable }; interface qe3 { enable }; };

icmp { };

pim yes {

traceoptions "/var/tmp/gated.log" replace packets route;

# hello-interval 35;

sparse "sm0" { interface le0 disable; interface qe0 enable; interface qe1 enable; interface qe2 enable; interface qe3 enable; bsr qe0 priority 1; crp qe0 1; };

dense "dm0" { interface qe2 enable; interface qe3 enable; };

};

rip yes { traceoptions none ; interface le0 noripin noripout ; interface qe ripout ripin version 2; };

239

Protocol Independent Multicast (PIM)

static { default gateway 198.32.4.1 preference 20 retain; # router 10.2.0.0 mask 255.255.255.0 gateway 10.1.0.3 preference 50 multicast unicast; 10.2.1.0 mask 255.255.255.0 gateway 10.1.1.3 preference 50 multicast unicast; 10.2.2.0 mask 255.255.255.0 gateway 10.1.2.3 preference 50 multicast unicast; 10.2.3.0 mask 255.255.255.0 gateway 10.1.3.3 preference 50 multicast unicast; };

import proto rip

0.0.0.0 masklen 0 refines multicast unicast; };

240

Configuring GateD

241

Protocol Independent Multicast (PIM)

242

Configuring GateD

Chapter 3 Section 2
Multicast Inter-Domain Routing Protocols
3.2.0 Multicast Inter-Domain Overview ([WHULRURULQWHUGRPDLQURXWLQJSURWR.ROVDUHXVHGWRH[.KDQJHURXWLQJ LQIRUPDWLRQEHWZHHQDXWRQRPRXVV\VWHPV0XOWL.DVWURXWHUVZLWKLQDQ DXWRQRPRXVV\VWHPUXQDQLQWHULRUURXWLQJSURWR.ROVX.KDV'9053RU 3,02QO\WKRVHJDWHZD\VWKDW.RQQH.WDQDXWRQRPRXVV\VWHPWRDQRWKHU DXWRQRPRXVV\VWHPQHHGWRUXQDQH[WHULRUURXWLQJSURWR.RO%*03LV VXSSRUWHGE\*DWH' 7KH0XOWL3URWR.RO%RUGHU*DWHZD\3URWR.RO03%*3LVDVHWRIH[WHQ VLRQVWR%*3WRPDNHWKHSURWR.RO.DSDEOHRI.DUU\LQJURXWLQJLQIRUPD WLRQIRU0XOWL.DVWURXWHV7KHVHH[WHQVLRQVDUHED.NZDUG.RPSDWLEOH PDNLQJLWSRVVLEOHIRU%*3URXWHUVWRLQWHURSHUDWHZLWK03%*3URXW HUV03%*3ZLOOVXSSRUWWKHXVHRIPXOWLSURWR.ROH[WHQVLRQVIRU%*3 IRUPXOWL.DVWIRU,3YDQG,3Y

3.2.1 MP-BGP

243

Multicast Inter-Domain Routing Protocols

244

Configuring GateD

Chapter 3 Section 2.1

Multi-Protocol - Border Gateway Protocol (MPBGP)
3.2.1.0 MPBGP Overview 7KH0XOWL3URWR.RO%RUGHU*DWHZD\3URWR.RO03%*3LVDVHWRIH[WHQ VLRQVWR%*3WRPDNHWKHSURWR.RO.DSDEOHRI.DUU\LQJURXWLQJLQIRUPD WLRQIRU0XOWL.DVWURXWHV7KHVHH[WHQVLRQVDUHED.NZDUG.RPSDWLEOH PDNLQJLWSRVVLEOHIRU%*3URXWHUVWRLQWHURSHUDWHZLWK03%*3URXWHUV %*3LVDQH[WHULRUURXWLQJRULQWHUGRPDLQURXWLQJSURWR.ROXVHGIRU H[.KDQJLQJURXWLQJLQIRUPDWLRQEHWZHHQDXWRQRPRXVV\VWHPV6HH6H. WLRQ%*3IRUPRUHLQIRUPDWLRQDERXW%*303%*3ZLOOVXSSRUW WKHXVHRIPXOWLSURWR.ROH[WHQVLRQVIRU%*3PXOWL.DVWIRU,3YDQG ,3Y7KH6$),IODJLQGL.DWHVZKHWKHUWKH,3YRU,3YSUHIL[HVDUHXVHG WR.DO.XODWHWKH0XOWL.DVW5,% )RUPRUHGHWDLOVRQWKH0XOWLSOH5,%6DQGWKH0XOWL.DVW5,%SOHDVHVHH 6H.WLRQRQ0XOWLSOH5,%V 1RWH03%*3LVDZRUNLQSURJUHVV 03%*3DGGVWZRQHZDWWULEXWHV0XOWLSURWR.RO5HD.KDEOH1/5, 03B5($&+B1/5,DQG0XOWLSURWR.RO8QUHD.KDEOH1/5, 03B815($&+B1/5,03B5($&+B1/5,.DUULHVWKHVHWRIUHD.K DEOHGHVWLQDWLRQVZLWKQH[WKRSLQIRUPDWLRQ03B815($&+B1/5,.RQ WDLQVWKHVHWRIXQUHD.KDEOHGHVWLQDWLRQV &DSDELOLW\1HJRWLDWLRQLVXVHGWRGHWHUPLQHZKHWKHUWKH0XOWLSURWR.RO ([WHQVLRQVPD\EHXVHGZLWKDSDUWL.XODUSHHU,IDSHHULVIRXQGQRWWR VXSSRUWWKHVHH[WHQVLRQVWKH03%*3URXWHUIDOOVED.NDQGGRHVQRW DGYHUWLVHPXOWLSURWR.ROLQIRUPDWLRQ 3.2.1.1 MPBGP Syntax 1RWH$WWKHWRSRI\RXU.RQILJXUDWLRQILOH\RXPXVWVSH.LI\WKH$6DQG URXWHULGLQRUGHUIRU%*3WRZRUN
mpbgp ( on | off ) [ { preference mpbgppreference ; defaultmetric metric ; traceoptions trace_options ; [ clusterid host ; ] group type (( external peeras autonomous_system [ ascount count ] [ comm ] [ gateway gateway ] [ holdtime time ] [ ignorefirstashop ]

245

Multi-Protocol - Border Gatedway Protocol (MPBGP )

[ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [

indelay time] keep ( all | none ) ] keepalivesalways ] lcladdr local_address ] localas autonomous_system ] med ] metricout metric ] noaggregatorid ] nogendefault ] nexthopself ] nov4asloop ] outdelay time ] passive ] preference grouppreference ] preference2 grouppreference2 ] recvbuffer buffersize ] sendbuffer buffersize ] showwarnings ] v3asloopokay ] version number ]

) { allow { [ network ] ; [ network ] mask [ mask ] ; [ network ] masklen [ number ] ; all; host [ ipnumber ] ; } ; } ; | ( internal peeras autonomous_system [ comm ] [ gateway gateway ] [ holdtime time ] [ ignorefirstashop ] [ indelay time] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address ] [ med ] [ metricout metric ] [ noaggregatorid ] [ nogendefault ] [ nov4asloop ] [ outdelay time ] [ passive ] [ preference grouppreference ]

246

Configuring GateD

[ [ [ [ [ [ [ ) {

preference2 grouppreference2 ] recvbuffer buffersize ] reflector-client [ no-client-reflect ] sendbuffer buffersize ] showwarnings ] v3asloopokay ] version number ]

allow { [ network ] ; [ network ] mask [ mask ] ; [ network ] masklen [ number ] ; all; host [ ipnumber ] ; } ; } ; | ( routing peeras autonomous_system proto protocol [ comm ] [ gateway gateway ] [ holdtime time ] [ ignorefirstashop ] [ indelay time] [ interface interface_list ] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address ] [ logupdown ] [ med ] [ metricout metric ] [ noaggregatorid ] [ nogendefault ] [ nov4asloop ] [ outdelay time ] [ passive ] [ preference grouppreference ] [ preference2 grouppreference2 ] [ recvbuffer buffersize ] [ reflector-client [ no-client-reflect ] ] [ sendbuffer buffersize ] [ setpref metric ] [ showwarnings ] [ traceoptions trace_options ] [ ttl ttl ] [ v3asloopokay ] [ version number ] ) ]

247

Multi-Protocol - Border Gatedway Protocol (MPBGP )

{ allow { [ network ] ; [ network ] mask [ mask ] ; [ network ] masklen [ number ] ; all; host [ ipnumber ] ; } ; } ; | ( test peeras autonomous_system )) { allow { [ network ] ; [ network ] mask [ mask ] ; [ network ] masklen [ number ] ; all; host [ ipnumber ] ; } ; } ; peer host [ ascount count ] [ export-v4-mp ] [ export-v6-mp ] [ gateway gateway ] [ holdtime time ] [ ignorefirstashop ] [ import-v4-mp ] [ import-v6-mp ] [ keep ( all | none ) ] [ keepalivesalways ] [ lcladdr local_address ] [ logupdown ] [ med ] [ metricout metric ] [ nexthopself ] [ noaggregatorid ] [ nogendefault ] [ nov4asloop ] [ passive ] [ preference peerpreference ] [ preference2 peerpreference2 ] [ recvbuffer buffersize ] [ routetopeer ] [ sendbuffer buffersize ] [ showwarnings ] [ traceoptions trace_options ] [ ttl ttl ] [ v3asloopokay ]

248

Configuring GateD

[ version number ] ; } ; } ] ;

7KH mpbgpVWDWHPHQWHQDEOHVRUGLVDEOHV03%*3%\GHIDXOW03%*3LV GLVDEOHG7KHGHIDXOWPHWUL.IRUDQQRXQ.LQJURXWHVYLD03%*3LVQRWWR VHQGDPHWUL.

preference mpbgppreference preference VSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP 03%*3.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQD URXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYH URXWHZLOOEHVHOH.WHGIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHU HQ.H(D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ7KH GHIDXOWSUHIHUHQ.HIRU03%*3LV7KLVSUHIHUHQ.HPD\EH RYHUULGGHQE\DSUHIHUHQ.HVSH.LILHGRQWKHgroup RU peer VWDWH PHQWVRUE\LPSRUWSROL.\ defaultmetric metric defaultmetric GHILQHVWKHPHWUL.XVHGZKHQDGYHUWLVLQJURXWHV YLD03%*3,IQRWVSH.LILHGQRPHWUL.LVSURSDJDWHG7KLVPHWUL. PD\EHRYHUULGGHQE\DPHWUL.VSH.LILHGRQWKHpeer RU group VWDWHPHQWVRULQH[SRUWSROL.\ traceoptions trace_options

VSH.LILHVWKHWUD.LQJRSWLRQVIRU03%*3%\ GHIDXOWWKHVHDUHLQKHULWHGIURPWKHJOREDOWUD.HRSWLRQV7KHVH YDOXHVPD\EHRYHUULGGHQRQD group RU peerEDVLV6HH6H.WLRQ 7UD.H6WDWHPHQWVDQG03%*37UD.LQJ2SWLRQVRQ SDJH 

traceoptions clusterid host clusterid VSH.LILHVWKHURXWHUHIOH.WLRQ.OXVWHU,'IRU03%*3 6HH6H.WLRQIRUPRUHLQIRUPDWLRQDERXWURXWHUHIOH. WLRQ7KH.OXVWHU,'GHIDXOWVWREHWKHVDPHDVWKHURXWHU,'6HH 6H.WLRQIRUPRUHLQIRUPDWLRQDERXWURXWHU,',IDURXWHULV WREHDURXWHUHIOH.WRUWKHQDVLQJOH.OXVWHU,'VKRXOGEHVHOH.WHG DQG.RQILJXUHGRQDOOURXWHUHIOH.WRUVLQWKH.OXVWHU7KHRQO\.RQ VWUDLQWVRQWKH.KRL.HRI.OXVWHU,'LVWKDWD,'VRI.OXVWHUV ZLWKLQDQ$6PXVWEHXQLTXHZLWKLQWKDW$6DQGEWKH.OXVWHU ,'PXVWQRWEH&KRRVLQJWKH.OXVWHU,'WREHWKHURXWHU ,'RIRQHURXWHULQWKH.OXVWHUZLOODOZD\VIXOILOOWKHVH.ULWHULD,I WKHUHLVRQO\RQHURXWHUHIOH.WRULQWKH.OXVWHUWKH clusterid VHW WLQJPD\EHRPLWWHGEH.DXVHWKHGHIDXOWZLOOVXIIL.H

1RWH03%*3SHHUVDUHJURXSHGE\W\SHDQGWKHDXWRQRPRXVV\VWHPRI WKHSHHUV$Q\QXPEHURIJURXSVPD\EHVSH.LILHGEXWHD.KPXVWKDYHD XQLTXH.RPELQDWLRQRIW\SHSHHUDXWRQRPRXVV\VWHPDQG comm RSWLRQV

249

Multi-Protocol - Border Gatedway Protocol (MPBGP )

6HH6H.WLRQIRUPRUHLQIRUPDWLRQDERXW.RPPXQLWLHV7KH 03%*3VWDWHPHQWKDV group .ODXVHVDQGpeer VXE.ODXVHV$Q\QXPEHU RIpeer VXE.ODXVHVPD\EHVSH.LILHGZLWKLQD group.$group .ODXVHXVX DOO\GHILQHVGHIDXOWSDUDPHWHUVIRUDJURXSRISHHUV7KHVHSDUDPHWHUV DSSO\WRDOOVXEVLGLDU\peer VXE.ODXVHV$Q\SDUDPHWHUVIURPWKH peer sXE.ODXVHPD\EHVSH.LILHGRQWKHgroup .ODXVHWRSURYLGHGHIDXOWVIRU WKHZKROHJURXSZKL.KPD\EHRYHUULGGHQIRULQGLYLGXDOSHHUV
group type external peeras autonomous_system

,QWKH.ODVVL.H[WHUQDO03%*3JURXSIXOOSROL.\.KH.NLQJLV DSSOLHGWRDOOLQ.RPLQJDQGRXWJRLQJDGYHUWLVHPHQWV7KHH[WHU QDOSHHUVPXVWEHGLUH.WO\UHD.KDEOHWKURXJKRQHRIWKHPD.KLQH

V OR.DOLQWHUID.HV7KHQH[WKRSWUDQVPLWWHGLV.RPSXWHGZLWK UHVSH.WWRWKHVKDUHGLQWHUID.H
ascount count ascount GHV.ULEHVWKHQXPEHURI WLPHVWKDWWKLVURXWHUZLOOLQVHUW LWVRZQ$6QXPEHUZKHQLWVHQGVWKH$6SDWKWRDQH[WHUQDOSHHU 7KHGHIDXOWLV+LJKHUYDOXHVDUHW\SL.DOO\XVHGWRELDVXSVWUHDP SHHUV
URXWHVHOH.WLRQ$OOWKLQJVEHLQJHTXDOPRVWURXWHUVZLOO SUHIHUWRXVHURXWHVZLWKVKRUWHU$63DWKV8VLQJascountWKH $63DWKWKLVURXWHUVHQGV.DQEHDUWLIL.LDOO\OHQJWKHQHG 1RWH: ascount VXSHUVHGHVWKH nov4asloop RSWLRQ5HJDUGOHVV RIZKHWKHU nov4asloop LVVHWWKLVURXWHUZLOOVWLOOVHQGPXOWLSOH .RSLHVRILWVRZQ$6LIWKH ascount RSWLRQLVVHWWRVRPHWKLQJ JUHDWHUWKDQ $OVRQRWHWKDWLIWKHYDOXHRIascount LV.KDQJHG DQG*DWH'LVUH.RQILJXUHGURXWHVZLOOnot EHVHQWWRUHIOH.WWKH QHZVHWWLQJ,I\RXZDQWWKHVHURXWHVWREHVHQWUHVWDUWWKHSHHU VHVVLRQE\.RPPHQWLQJRXWWKHJURXSascountUH.RQILJXULQJ DQGWKHQXQ.RPPHQWLQJDQGUH.RQILJXULQJDJDLQRUE\UHVWDUWLQJ *DWH' comm

VSH.LILHVWKH.RPPXQLW\DWWULEXWHRULJLQDWHGIRUWKHSHHU 6HH6H.WLRQIRUPRUHLQIRUPDWLRQDERXW.RPPXQL WLHV

comm gateway gateway

LQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKWKLVJURXSgateway VSH.LILHVDURXWHU RQDQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHUIRU URXWHVUH.HLYHGIURPWKLVSHHU7KH gateway SDUDPHWHUPD\DOVR EHXVHGWRVSH.LI\DQH[WKRSIRUJURXSVWKDWDUHRQVKDUHGQHW ZRUNV)RUH[DPSOH\RXPLJKWXVH gatewayWRHQVXUHWKDWWKLUG SDUW\QH[WKRSVDUHQHYHUD..HSWHGIURPDJLYHQJURXSE\VSH.LI\ LQJWKDWJURXS
VDGGUHVVDVLWVRZQJDWHZD\7KHgateway VSH.L
gateway

250

Configuring GateD

ILHGPXVWKDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQWURXWLQJ ORRSV gatewayLVQRWQHHGHGLQPRVW.DVHV

holdtime time

VSH.LILHVWKH03%*3KROGWLPHYDOXHLQVH.RQGVWR XVHZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVJURXS,I*DWH' GRHVQRWUH.HLYHD keepalive, updateRU notification PHV VDJHZLWKLQWKHSHULRGVSH.LILHGLQWKHKROGWLPHILHOGRIWKH 03%*3RSHQPHVVDJHWKHQWKH03%*3.RQQH.WLRQZLOOEH .ORVHG7KHYDOXHPXVWEHDWOHDVW 3. 7KHGHIDXOWYDOXHLV 180.
holdtime ignorefirstashop

6RPHURXWHUVNQRZQDVURXWHVHUYHUVDUH.DSDEOHRISURSDJDW LQJURXWHVZLWKRXWDSSHQGLQJWKHLURZQ$6WRWKH$63DWK%\ GHIDXOW*DWH'ZLOOGURSVX.KURXWHV6SH.LI\LQJignorefirstashopRQWKHgroup.ODXVHDOORZV*DWH'WRNHHSWKHVH URXWHV. ignorefirstashop VKRXOGRQO\EHXVHGLIWKHUHLVQR GRXEWWKDWWKHURXWHUVLQWKLVJURXSDUHURXWHVHUYHUVDQGQRWQRU PDOURXWHUV

indelay time indelay timeLVWKHDPRXQWRIWLPHDQ03%*3URXWHPXVWEH

SUHVHQWEHIRUHLWLVLPSRUWHGLQWRWKH*DWH'URXWLQJGDWDEDVH 7KHGHIDXOWYDOXHLVPHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG
keep ( all | none ) keep all

UHWDLQVURXWHVOHDUQHGIURPDJURXSHYHQLIWKHURXWHV
 $6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6QXPEHUV keep none.DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQLQJWKH URXWHU
VRZQ$6QXPEHUV keep none LVWKHGHIDXOW
keepalivesalways

.DXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV HYHQZKHQDQXSGDWH.RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH keepalivesalways DOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

keepalivesalways lcladdr local_address

8VH lcladdrWRVSH.LI\WKHDGGUHVVWREHXVHGRQWKHOR.DOHQGRI WKH7&3.RQQH.WLRQZLWKWKHJURXS)RUH[WHUQDOSHHUVWKHOR.DO DGGUHVVPXVWEHRQDQLQWHUID.HWKDWLVVKDUHGZLWKWKHSHHURU ZLWKWKHSHHU

VJDWHZD\ZKHQWKHgateway SDUDPHWHULVXVHG$ VHVVLRQZLWKDQH[WHUQDOSHHUZLOORQO\EHRSHQHGZKHQDQLQWHU ID.HZLWKWKHDSSURSULDWHOR.DODGGUHVVWKURXJKZKL.KWKHSHHURU JDWHZD\DGGUHVVLVGLUH.WO\UHD.KDEOHLVRSHUDWLQJ$QLQ.RPLQJ

251

Multi-Protocol - Border Gatedway Protocol (MPBGP )

.RQQH.WLRQZLOORQO\EHUH.RJQL]HGDVDPDW.KIRUD.RQILJXUHG SHHULILWLVDGGUHVVHGWRWKH.RQILJXUHGOR.DODGGUHVV
localas autonomous_system

LGHQWLILHVWKHDXWRQRPRXVV\VWHPWKDW*DWH'LVUHSUH VHQWLQJWRWKLVJURXSRISHHUV7KHGHIDXOWLVWKDWZKL.KKDVEHHQ VHWJOREDOO\LQWKHautonomoussystemVWDWHPHQW6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWWKHautonomoussystemVWDWH PHQW

localas med

%\GHIDXOWDQ\PHWUL.0XOWLB([LWB'LV.UH.HLYHGRQDQ03%*3 .RQQH.WLRQLVLJQRUHG,I0('VDUHXVHGLQURXWLQJ.RPSXWD WLRQVWKH med RSWLRQPXVWEHVSH.LILHGRQWKH group .ODXVH%\ GHIDXOW0('VDUHQRWVHQWRQH[WHUQDO.RQQH.WLRQV6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWmedRSWLRQV7RVHQG 0('VXVHWKH metric RSWLRQRIWKHexport VWDWHPHQWRUWKH metricout SHHUJURXSSDUDPHWHU6HH6H.WLRQIRUPRUH LQIRUPDWLRQDERXWWKHexportVWDWHPHQW
metricout metric metricoutPD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHGJURXS

7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKHPRVWSUH IHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\ 2. SHHUOHYHO metricout 3. JURXSOHYHOmetricout  defaultmetric

noaggregatorid

noaggregatorid.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDVLQVWHDGRIWKH routerid RIWKHURXWHU

LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJDJJUH JDWHURXWHVZLWKGLIIHUHQW$6SDWKV
nogendefault nogendefault

SUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH ZKHQ03%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKH gendefault RSWLRQLVHQDEOHG 6HH6H.WLRQ2SWLRQVIRUPRUHLQIRUPDWLRQDERXWWKHgendefaultRSWLRQ

nexthopself nexthopself VHWVWKLVJURXS
VQH[WKRSWRWKHURXWHU
VRZQ DGGUHVVHYHQLILWZRXOGQRUPDOO\EHSRVVLEOHWRVHQGDWKLUGSDUW\ QH[WKRS nexthopself PD\.DXVHLQHIIL.LHQWURXWHVWREHIRO ORZHGEXWLWPD\EHQHHGHGLQVRPH.DVHVWRGHDOZLWKEURNHQ EULGJHGLQWHU.RQQH.WPHGLDLQ.DVHVZKHUHWKHURXWHUVRQWKH

252

Configuring GateD

VKDUHGPHGLXPGRQRWUHDOO\KDYHIXOO.RQQH.WLYLW\WRHD.K RWKHURUZKHQSROLWL.DOVLWXDWLRQV.DXVHEURNHQOLQNV

nov4asloop

SUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VH nov4asloop WRDYRLG DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV

nov4asloop outdelay time

LV WKHDPRXQWRIWLPHDURXWHPXVWEHSUHVHQWLQWKH*DWH'URXWLQJ GDWDEDVHEHIRUHLWLVH[SRUWHGWR03%*37KHGHIDXOWYDOXHLV PHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG)RUgroup types internal DQG routingVHW outdelayRQWKHgroup .ODXVH
passive passiveSUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQDQ03%*3

outdelayGDPSHQVURXWHIOX.WXDWLRQV7KH outdelay time

.RQQH.WLRQZLWKSHHUVLQWKLVJURXS,QVWHDGLWZLOOZDLWIRUWKH SHHUWRLQLWLDWHD.RQQH.WLRQ passive ZDVLQWURGX.HGWRKDQGOHD SUREOHPLQ%*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKWERWK DWWHPSWWRLQLWLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLVSUREOHPLV IL[HGLQWKH%*3SURWR.ROVRWKHpassive RSWLRQLVQRWQHHGHG ZLWK%*3VHVVLRQV 1RWH: ,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQ passive ZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RUWKLVUHD VRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRI passive LV GLV.RXUDJHG.
preference grouppreference

grouppreference VSH.LILHVWKHpreference XVHGIRUURXWHV

OHDUQHGIURPWKLVJURXS6HH6H.WLRQIRUPRUHLQIRUPDWLRQ DERXWpreference7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW 03%*3SUHIHUHQ.HVHWLQWKH mpbgpVWDWHPHQWVRWKDW*DWH' .DQSUHIHUURXWHVIURPRQHJURXSRYHURWKHUV7KLVSUHIHUHQ.H PD\EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\

preference2 grouppreference2 preference2

EUHDNVD preferenceWLH7KHGHIDXOWYDOXHLV0.

recvbuffer buffer_size

.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHVWKH

recvbuffer

253

Multi-Protocol - Border Gatedway Protocol (MPBGP )

PD[LPXPVXSSRUWHG recvbuffer LVQRWQHHGHGRQQRUPDOO\ IXQ.WLRQLQJV\VWHPV

sendbuffer buffer_size sendbuffer

.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRIWKH NHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJKPDQ\ NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHVWKHPD[ LPXPVXSSRUWHG sendbuffer LVQRWQHHGHGRQQRUPDOO\IXQ. WLRQLQJV\VWHPV

showwarnings

.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ UH.HLYLQJTXHVWLRQDEOH03%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV DUHVLOHQWO\LJQRUHG

showwarnings v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVWKDWKDYH$6SDWKV WKDWDUHORRSHGLHZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKH SDWKWRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKH v3asloopokayIODJ UHPRYHVWKLV.RQVWUDLQW v3asloopokay LVLJQRUHGZKHQVHWRQ LQWHUQDOJURXSV
version number version VSH.LILHVWKHYHUVLRQRIWKH03%*3SURWR.ROWRXVH ZLWKWKLVJURXS,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLV XVHGILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,ILWLVVSH.LILHG RQO\WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLDWLRQ7KH .XUUHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG allow

7KH allow .ODXVHDOORZVSHHU.RQQH.WLRQVIURPDQ\DGGUHVVHVLQ WKHVSH.LILHGUDQJHRIQHWZRUNDQGPDVNSDLUV$OOSDUDPHWHUVIRU WKHVHSHHUVPXVWEH.RQILJXUHGRQWKHgroup .ODXVH7KHLQWHUQDO SHHUVWUX.WXUHVDUH.UHDWHGZKHQDQLQ.RPLQJRSHQUHTXHVWLV UH.HLYHGDQGGHVWUR\HGZKHQWKH.RQQH.WLRQLVEURNHQ)RUPRUH GHWDLOVRQVSH.LI\LQJWKHQHWZRUNPDVNSDLUVVHH6H.WLRQRQ URXWHILOWHULQJ.
group type internal peeras autonomous_system group type internal VSH.LILHVDQLQWHUQDOJURXSRSHUDWLQJ ZKHUHWKHUHLVQR,3OHYHO,*3IRUH[DPSOHDQ60'6QHWZRUNRU 0,/1(7$OOSHHUVLQWKLVJURXSDUHUHTXLUHGWREHGLUH.WO\UHD.K DEOHYLDDVLQJOHLQWHUID.H$OOQH[WKRSLQIRUPDWLRQLV.RPSXWHG ZLWKUHVSH.WWRWKLVLQWHUID.H,PSRUWDQGH[SRUWSROL.\PD\EH DSSOLHGWRJURXSDGYHUWLVHPHQWV5RXWHVUH.HLYHGIURPH[WHUQDO %*3RU(*3SHHUVDUHE\GHIDXOWUHDGYHUWLVHGZLWKWKHUH.HLYHG PHWUL.lcladdroutdelayDQGmetricoutPXVWEHVHWLQWKH group .ODXVHQRWRQDSHUSHHUEDVLVIRUWKH group types internal DQG routing,IWKHVHRSWLRQVDUHVHWRQWKHpeer VXE

254

Configuring GateD

.ODXVHWKH\PXVWHTXDOWKHYDOXHVVHWRQWKH.RUUHVSRQGLQJ group .ODXVH.

comm

VSH.LILHVWKH.RPPXQLW\DWWULEXWHRULJLQDWHGIRUWKHSHHU 6HH6H.WLRQRQ.RPPXQLWLHVIRUPRUHLQIRUPDWLRQ
comm gateway gateway

LQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKDJURXSgateway VSH.LILHVDURXWHURQ DQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHUIRUURXWHV UH.HLYHGIURPWKLVSHHU7KH gatewaySDUDPHWHUPD\DOVREHXVHG WRVSH.LI\DQH[WKRSIRUJURXSVWKDWDUHRQVKDUHGQHWZRUNV)RU H[DPSOH\RXPLJKWXVH gateway WRHQVXUHWKDWWKLUGSDUW\QH[W KRSVDUHQHYHUD..HSWHGIURPDJLYHQJURXSE\VSH.LI\LQJWKDW JURXS
VDGGUHVVDVLWVRZQJDWHZD\7KH gatewayVSH.LILHGPXVW KDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQWURXWLQJORRSV gateway LVQRWQHHGHGLQPRVW.DVHV
gateway holdtime time holdtimeVSH.LILHVWKH03%*3KROGWLPHYDOXHLQVH.RQGVWR XVHZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVJURXS,I*DWH' GRHVQRWUH.HLYHD keepalive, updateRUnotification PHV VDJHZLWKLQWKHSHULRGVSH.LILHGLQWKHKROGWLPHILHOGRIWKH 03%*3RSHQPHVVDJHWKHQWKH03%*3.RQQH.WLRQZLOOEH .ORVHG7KHYDOXHPXVWEHDWOHDVW3. 7KHGHIDXOWYDOXHLV 180. ignorefirstashop

6RPHURXWHUVNQRZQDVURXWHVHUYHUVDUH.DSDEOHRISURSDJDW LQJURXWHVZLWKRXWDSSHQGLQJWKHLURZQ$6WRWKH$63DWK%\ GHIDXOW*DWH'ZLOOGURSVX.KURXWHV6SH.LI\LQJignorefirstashop RQWKHgroup .ODXVHDOORZV*DWH'WRNHHSWKHVH URXWHV ignorefirstashop VKRXOGRQO\EHXVHGLIWKHUHLVQR GRXEWWKDWWKHSHHUVLQWKLVJURXSDUHURXWHVHUYHUVDQGQRWQRU PDOURXWHUV
indelay time indelay time LVWKHDPRXQWRIWLPHDQ03%*3URXWHPXVWEH SUHVHQWEHIRUHLWLVLPSRUWHGLQWRWKH*DWH'URXWLQJGDWDEDVH 7KHGHIDXOWYDOXHLV 0PHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG keep ( all | none ) keep allUHWDLQVURXWHVOHDUQHGIURPDJURXSHYHQLIWKHURXWHV


$6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6QXPEHUV keep none .DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQLQJWKH URXWHU
VRZQ$6QXPEHUV keep none LVWKHGHIDXOW
keepalivesalways keepalivesalways

cDXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV HYHQZKHQDQXSGDWH.RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH

255

Multi-Protocol - Border Gatedway Protocol (MPBGP )

keepalivesalways

DOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

lcladdr local_address

8VH lcladdrWRVSH.LI\WKHDGGUHVVWREHXVHGRQWKHOR.DOHQGRI WKH7&3.RQQH.WLRQZLWKWKHJURXS)RULQWHUQDOURXWLQJDQGWHVW LQJW\SHVRISHHUVDSHHUVHVVLRQZLOOEHPDLQWDLQHGZKHQDQ\ LQWHUID.HZLWKWKHVSH.LILHGOR.DODGGUHVVLVRSHUDWLQJ$QLQ.RP LQJ.RQQH.WLRQZLOORQO\EHUH.RJQL]HGDVDPDW.KWRD.RQILJXUHG JURXSLILWLVDGGUHVVHGWRWKH.RQILJXUHGOR.DODGGUHVV)RUgroup types internal DQG routingVHWlcladdr RQWKHgroup .ODXVH
med

%\GHIDXOWDQ\PHWUL.0XOWLB([LWB'LV.UH.HLYHGRQDQ03%*3 .RQQH.WLRQLVLJQRUHG,I0('VDUHXVHGLQURXWLQJ.RPSXWDWLRQV WKHmed RSWLRQPXVWEHVSH.LILHGRQWKHJURXS6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWWKHmedRSWLRQ%\ GHIDXOW0('VDUHQRWVHQWRQH[WHUQDO.RQQH.WLRQV7RVHQG 0('VXVHWKHPHWUL.RSWLRQRIWKHexport VWDWHPHQWRUWKH metricout SHHUJURXSSDUDPHWHU6HH6H.WLRQIRUPRUH LQIRUPDWLRQDERXWWKHexportVWDWHPHQW
metricout metric metricoutPD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHGJURXS

7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKHPRVWSUH IHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\ 2. peer-level metricout 3. group-level metricout  defaultmetric

noaggregatorid noaggregatorid

.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDV0LQVWHDGRIWKHrouterid RIWKHURXWHU LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJDJJUH JDWHURXWHVZLWKGLIIHUHQW$6SDWKV

nogendefault

SUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH ZKHQ03%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKHgendefaultRSWLRQLV HQDEOHG6HH6H.WLRQ2SWLRQVIRUPRUHLQIRUPDWLRQDERXWWKH gendefaultRSWLRQ

nogendefault nov4asloop nov4asloop

SUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VHnov4asloopWRDYRLG

256

Configuring GateD

DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV
outdelay time

GDPSHQVURXWHIOX.WXDWLRQV7KH outdelay time LV WKHDPRXQWRIWLPHDURXWHPXVWEHSUHVHQWLQWKH*DWH'URXWLQJ GDWDEDVHEHIRUHLWLVH[SRUWHGWR03%*37KHGHIDXOWYDOXHIRU outdelay LV 0PHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG)RU group types internal DQG routingVHW outdelay RQWKHgroup .ODXVH.
outdelay passive passive SUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQDQ03%*3 .RQQH.WLRQZLWKSHHUVLQWKLVJURXS,QVWHDGLWZLOOZDLWIRUWKH SHHUWRLQLWLDWHD.RQQH.WLRQpassive ZDVLQWURGX.HGWRKDQGOHD SUREOHPLQ%*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKWERWK DWWHPSWWRLQLWLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLVSUREOHPLV IL[HGLQWKH%*3SURWR.ROVRWKH passive RSWLRQLVQRWQHHGHG ZLWK%*3VHVVLRQV 1RWH,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQpassive ZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RUWKLVUHD VRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRI passive LV GLV.RXUDJHG preference grouppreference

OHDUQHGIURPWKLVJURXS6HH6H.WLRQIRUPRUHLQIRUPDWLRQ DERXWpreference7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW 03%*3SUHIHUHQ.HVHWLQWKH mpbgp VWDWHPHQWVRWKDW*DWH' .DQSUHIHUURXWHVIURPRQHJURXSRYHURWKHUV7KLVSUHIHUHQ.H PD\EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\

preference2 grouppreference2 preference2

grouppreference VSH.LILHVWKHpreferenceXVHGIRUURXWHV

breaks a preference tie. The default value is 0.

recvbuffer buffer_size

WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHVWKH PD[LPXPVXSSRUWHG recvbufferLVQRWQHHGHGRQQRUPDOO\ IXQ.WLRQLQJV\VWHPV

reflector-client [ no-client-reflect ] reflector-client

recvbuffer.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI

VSH.LILHVWKDW*DWH'ZLOOD.WDVDURXWH UHIOH.WRUIRUWKLVJURXS no-client-reflectVSH.LILHVWKDW

257

Multi-Protocol - Border Gatedway Protocol (MPBGP )

*DWH'ZLOOQRWD.WDVDQLQWUDJURXSUHIOH.WRU6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWURXWHUHIOH.WLRQ

sendbuffer buffer_size sendbuffer.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRIWKH

NHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJKPDQ\ NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHVWKHPD[L PXPVXSSRUWHGsendbuffer LVQRWQHHGHGRQQRUPDOO\IXQ. WLRQLQJV\VWHPV

showwarnings showwarnings

.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ UH.HLYLQJTXHVWLRQDEOH03%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV DUHVLOHQWO\LJQRUHG

v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVWKDWKDYHDQ$6SDWK WKDWLVORRSHGLHZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKH SDWKWRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKH v3asloopokay IODJ UHPRYHVWKLV.RQVWUDLQW v3asloopokay LVLJQRUHGZKHQVHWRQ LQWHUQDOJURXSV
version number version

VSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK WKLVJURXS,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLVXVHG ILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,ILWLVVSH.LILHGRQO\ WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLDWLRQ7KH.XU UHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG 7KH allow .ODXVHDOORZVSHHU.RQQH.WLRQVIURPDQ\DGGUHVVHVLQ WKHVSH.LILHGUDQJHRIQHWZRUNDQGPDVNSDLUV$OOSDUDPHWHUVIRU WKHVHSHHUVPXVWEH.RQILJXUHGRQWKH group.ODXVH7KHLQWHUQDO SHHUVWUX.WXUHVDUH.UHDWHGZKHQDQLQ.RPLQJRSHQUHTXHVWLV UH.HLYHGDQGGHVWUR\HGZKHQWKH.RQQH.WLRQLVEURNHQ)RUPRUH GHWDLOVRQVSH.LI\LQJWKHQHWZRUNPDVNSDLUVVHH6H.WLRQRQ URXWHILOWHULQJ

allow

group type routing peeras autonomous_system proto protocol group type routingLVDQLQWHUQDOJURXSWKDWXVHVWKHURXWHVRI DQLQWHULRUSURWR.ROWRUHVROYHIRUZDUGLQJDGGUHVVHVgroup type routing SURSDJDWHVH[WHUQDOURXWHVEHWZHHQURXWHUVWKDWDUHQRW GLUH.WO\.RQQH.WHGgroup type routing DOVR.RPSXWHVLPPH

GLDWHQH[WKRSVIRUWKRVHH[WHUQDOURXWHVE\XVLQJWKH%*3QH[W KRSWKDWDUULYHGZLWKWKHURXWHDVDIRUZDUGLQJDGGUHVVWREH UHVROYHGYLDDQLQWHUQDOSURWR.RO

VURXWLQJLQIRUPDWLRQ,Q HVVHQ.HLQWHUQDO%*3LVXVHGWR.DUU\$6H[WHUQDO URXWHVDQGWKH

258

Configuring GateD

,*3LVH[SH.WHGWR.DUU\RQO\$6LQWHUQDOURXWHV7KHODWWHULV XVHGWRILQGLPPHGLDWHQH[WKRSVIRUWKHIRUPHU protoQDPHVWKHLQWHULRUSURWR.ROWREHXVHGWRUHVROYH03%*3 URXWHQH[WKRSVDQGPD\EHWKHQDPHRIDQ\,*3LQWKH.RQILJX UDWLRQLQ.OXGLQJVWDWL.%\GHIDXOWWKHQH[WKRSLQ03%*3 URXWHVDGYHUWLVHGWRgroup type routing peers ZLOOEHVHWWR WKHOR.DODGGUHVVRQWKH03%*3.RQQH.WLRQWRWKRVHSHHUV EH.DXVHLWLVDVVXPHGDURXWHWRWKLVDGGUHVVZLOOEHSURSDJDWHG YLDWKH,*37KHinterface .DQRSWLRQDOO\SURYLGHDOLVWRILQWHU ID.HVWKDWKDYHURXWHVWKDWDUH.DUULHGYLDWKH,*3IRUZKL.KWKLUG SDUW\QH[WKRSVPD\EHXVHGLQVWHDG )RU263)*DWH'XVHVWKHtag ILHOGWRSDVV$6LQIRUPDWLRQ 3OHDVHUHIHUWR6H.WLRQ2.1.2.3, 263), for PRUHGHWDLOV )RU group types internal DQG routingVHWWKHlcladdr outdelayDQG metricoutLQWKH group .ODXVHQRWRQDSHUSHHU EDVLV,IWKHVHRSWLRQVDUHVHWRQWKHpeer VXE.ODXVHWKH\PXVW HTXDOWKHYDOXHVVHWRQWKH.RUUHVSRQGLQJ group .ODXVH
comm

specifies the community attribute originated for the peer. 6HH6H.WLRQIRUPRUHLQIRUPDWLRQDERXW.RPPXQLWLHV

comm gateway gateway

LQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKWKLVJURXSgateway VSH.LILHVDURXWHU RQDQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHUIRU URXWHVUH.HLYHGIURPWKLVSHHU7KHgatewaySDUDPHWHUPD\DOVR EHXVHGWRVSH.LI\DQH[WKRSIRUJURXSVWKDWDUHRQVKDUHGQHW ZRUNV)RUH[DPSOH\RXPLJKWXVHgatewayWRHQVXUHWKDWWKLUG SDUW\QH[WKRSVDUHQHYHUD..HSWHGIURPDJLYHQJURXSE\VSH.LI\ LQJWKDWJURXS

VDGGUHVVDVLWVRZQJDWHZD\7KHgatewayVSH.L ILHGPXVWKDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQWURXWLQJ ORRSVgatewayLVQRWQHHGHGLQPRVW.DVHV
gateway holdtime time holdtimeVSH.LILHVWKH%*3KROGWLPHYDOXHLQVH.RQGVWRXVH ZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVJURXS,I*DWH'GRHV QRWUH.HLYHDkeepalive, update, RU notification PHVVDJH ZLWKLQWKHSHULRGVSH.LILHGLQWKHKROGWLPHILHOGRIWKH%*3RSHQ PHVVDJHWKHQWKH%*3.RQQH.WLRQZLOOEH.ORVHG7KHYDOXHPXVW EHDWOHDVW37KHGHIDXOWYDOXHLV180. ignorefirstashop

6RPHURXWHUVNQRZQDVURXWHVHUYHUVDUH.DSDEOHRISURSDJDW LQJURXWHVZLWKRXWDSSHQGLQJWKHLURZQ$6WRWKH$63DWK%\ GHIDXOW*DWH'ZLOOGURSVX.KURXWHV6SH.LI\LQJ ignorefirstashop RQWKHgroup .ODXVHDOORZV*DWH'WRNHHSWKHVH

259

Multi-Protocol - Border Gatedway Protocol (MPBGP )

URXWHV ignorefirstashop VKRXOGRQO\EHXVHGLIWKHUHLVQR GRXEWWKDWWKHSHHUVLQWKLVJURXSDUHURXWHVHUYHUVDQGQRWQRU PDOURXWHUV

indelay time indelaytimeLVWKHDPRXQWRIWLPHD%*3URXWHPXVWEH

SUHVHQWEHIRUHLWLVLPSRUWHGLQWRWKH*DWH'URXWLQJGDWDEDVH 7KHGHIDXOWYDOXHLV0PHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG SURYLGHVDOLVWRILQWHUID.HVWKDWKDYHURXWHVWKDWDUH .DUULHGYLDWKH,*3IRUZKL.KWKLUGSDUW\QH[WKRSVPD\EHXVHG

interface interface

keep ( all | none ) keep all

UHWDLQVURXWHVOHDUQHGIURPDJURXSHYHQLIWKHURXWHV
 $6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6QXPEHUV keep none .DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQLQJWKH URXWHU
VRZQ$6QXPEHUV keep none LVWKHGHIDXOW
keepalivesalways

.DXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV HYHQZKHQDQXSGDWH.RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH keepalivesalways DOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

keepalivesalways lcladdr local_address

8VH lcladdr WRVSH.LI\WKHDGGUHVVWREHXVHGRQWKHOR.DOHQGRI WKH7&3.RQQH.WLRQZLWKWKHJURXS)RULQWHUQDOURXWLQJDQGWHVW LQJW\SHVRISHHUVDSHHUVHVVLRQZLOOEHPDLQWDLQHGZKHQDQ\ LQWHUID.HZLWKWKHVSH.LILHGOR.DODGGUHVVLVRSHUDWLQJ$QLQ.RP LQJ.RQQH.WLRQZLOORQO\EHUH.RJQL]HGDVDPDW.KIRUD.RQILJXUHG SHHULILWLVDGGUHVVHGWRWKH.RQILJXUHGOR.DODGGUHVV)RUgroup types internal DQG routingVHWlcladdr RQWKH group .ODXVH)RUgroup type routingLWLVDGYLVDEOHWRVHWWKH lcladdr WRDQRQSK\VL.DOLQWHUID.HVX.KDVDORRSED.NLQWHUID.H
logupdown logupdown

.DXVHVPHVVDJHVWREHORJJHGYLDWKHV\VORJPH.KD QLVPZKHQHYHUD%*3JURXSHQWHUVRUOHDYHVWKH(VWDEOLVKHG VWDWH

med

%\GHIDXOWDQ\PHWUL.0XOWLB([LWB'LV.UH.HLYHGRQDQ03%*3 .RQQH.WLRQLVLJQRUHG,I0('VDUHXVHGLQURXWLQJ.RPSXWDWLRQV WKH med RSWLRQPXVWEHVSH.LILHGRQWKH group .ODXVH%\GHIDXOW 0('VDUHQRWVHQWRQH[WHUQDO.RQQH.WLRQV6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWmedRSWLRQV7RVHQG 0('VXVHWKH metric RSWLRQRIWKHexport VWDWHPHQWRUWKH

260

Configuring GateD metricout SHHUJURXSSDUDPHWHU6HH6H.WLRQIRUPRUH LQIRUPDWLRQDERXWWKHexportVWDWHPHQW metricout metric metricoutPD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHGJURXS

7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKHPRVWSUH IHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\ 2. SHHUOHYHOmetricout 3. JURXSOHYHO metricout  defaultmetric

noaggregatorid

noaggregatorid .DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDV0LQVWHDGRIWKHrouterid RIWKHURXWHU LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJDJJUH JDWHURXWHVZLWKGLIIHUHQW$6SDWKV nogendefault

SUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH ZKHQ03%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKH gendefault RSWLRQLVHQDEOHG 6HH6H.WLRQ2SWLRQVIRUPRUHLQIRUPDWLRQDERXWWKHgendefaultRSWLRQ

nogendefault nov4asloop

SUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VHnov4asloop WRDYRLG DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV

nov4asloop outdelay time

GDPSHQVURXWHIOX.WXDWLRQV7KH outdelay time LV WKHDPRXQWRIWLPHDURXWHPXVWEHSUHVHQWLQWKH*DWH'URXWLQJ GDWDEDVHEHIRUHLWLVH[SRUWHGWR%*37KHGHIDXOWYDOXHIRUoutdelay LV 0PHDQLQJWKDWWKLVIHDWXUHLVGLVDEOHG)RUgroup types internal DQG routingVHWoutdelay RQWKHgroup .ODXVH
outdelay passive passive SUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQD%*3.RQ QH.WLRQZLWKSHHUVLQWKLVJURXS,QVWHDGLWZLOOZDLWIRUWKHSHHU WRLQLWLDWHD.RQQH.WLRQpassive ZDVLQWURGX.HGWRKDQGOHD SUREOHPLQ%*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKWERWK DWWHPSWWRLQLWLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLVSUREOHPLV

261

Multi-Protocol - Border Gatedway Protocol (MPBGP )

IL[HGLQWKH%*3SURWR.ROVRWKH passive RSWLRQLVQRWQHHGHG ZLWK%*3VHVVLRQV 1RWH:,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQpassive ZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RUWKLVUHD VRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRI passive is GLV.RXUDJHG.

preference grouppreference

grouppreference VSH.LILHVWKH preference XVHGIRUURXWHV

OHDUQHGIURPWKLVJURXS6HH6H.WLRQIRUPRUHLQIRUPDWLRQ DERXWpreference7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW %*3SUHIHUHQ.HVHWLQWKH bgp VWDWHPHQWVRWKDW*DWH'.DQSUH IHUURXWHVIURPRQHJURXSRYHURWKHUV7KLVSUHIHUHQ.HPD\EH H[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\

preference2 grouppreference2 preference2

EUHDNVD preference WLH7KHGHIDXOWYDOXHLV 0.

recvbuffer buffer_size

.RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHVWKH PD[LPXPVXSSRUWHG recvbufferLVQRWQHHGHGRQQRUPDOO\ IXQ.WLRQLQJV\VWHPV

recvbuffer reflector-client [ no-client-reflect ]

VSH.LILHVWKDW*DWH'ZLOOD.WDVDURXWH UHIOH.WRUIRUWKLVJURXS no-client-reflect VSH.LILHVWKDW *DWH'ZLOOQRWD.WDVDQLQWUDJURXSUHIOH.WRU6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWURXWHUHIOH.WLRQ

reflector-client sendbuffer buffer_size sendbuffer

.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRIWKH NHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJKPDQ\ NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHVWKHPD[L PXPVXSSRUWHGsendbuffer LVQRWQHHGHGRQQRUPDOO\IXQ. WLRQLQJV\VWHPV

setpref metric setpref

DOORZV%*3
V Local_Pref DWWULEXWHWREHXVHGWRVHW WKH*DWH'SUHIHUHQ.HRQUH.HSWLRQDQGDOORZV*DWH'SUHIHUHQ.H WRVHWWKH Local_Pref RQWUDQVPLVVLRQ7KH setprefPHWUL. ZRUNVDVDORZHUOLPLWEHORZZKL.KWKHLPSRUWHG Local_Pref PD\QRWVHWWKH*DWH'SUHIHUHQ.H)RUIXOOGHWDLOVVHH6H.WLRQ IRUWKHGLV.XVVLRQRI/R.DOB3UHI
showwarnings showwarnings

.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ UH.HLYLQJTXHVWLRQDEOH%*3XSGDWHVVX.KDVGXSOL.DWHURXWHVDQG

262

Configuring GateD

RUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWVDUH VLOHQWO\LJQRUHG
traceoptions trace_options

VSH.LILHVWKHWUD.LQJRSWLRQVIRU03%*3%\ GHIDXOWWKHVHDUHLQKHULWHGIURPWKHJOREDOWUD.HRSWLRQV7KHVH YDOXHVPD\EHRYHUULGGHQRQD group RU peerEDVLV6HH6H.WLRQ 7UD.H6WDWHPHQWVDQG03%*37UD.LQJ2SWLRQVRQ SDJH 

traceoptions ttl ttl

%\GHIDXOW*DWH'VHWVWKH,377/IRUOR.DOSHHUVWR1DQGWKH 77/IRUQRQOR.DOSHHUVWRWKHGHIDXOWNHUQHOYDOXH7KHttl RSWLRQLVSURYLGHGPDLQO\ZKHQDWWHPSWLQJWR.RPPXQL.DWHZLWK LPSURSHUO\IXQ.WLRQLQJURXWHUVWKDWLJQRUHSD.NHWVVHQWZLWKD 77/RI 1. 1RWDOONHUQHOVDOORZWKH77/WREHVSH.LILHGIRU7&3 .RQQH.WLRQV

v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVWKDWKDYHDQ$6SDWK WKDWLVORRSHGLHZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKH SDWKWRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKH v3asloopokayIODJ UHPRYHVWKLV.RQVWUDLQW v3asloopokayLVLJQRUHGZKHQVHWRQ LQWHUQDOJURXSV

version number

VSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK WKLVJURXS,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLVXVHG ILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,ILWLVVSH.LILHGRQO\ WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLDWLRQ7KH.XU UHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG

version allow

7KH allow.ODXVHDOORZVSHHU.RQQH.WLRQVIURPDQ\DGGUHVVHVLQ WKHVSH.LILHGUDQJHRIQHWZRUNDQGPDVNSDLUV$OOSDUDPHWHUVIRU WKHVHSHHUVPXVWEH.RQILJXUHGRQWKHgroup .ODXVH7KHLQWHUQDO SHHUVWUX.WXUHVDUH.UHDWHGZKHQDQLQ.RPLQJRSHQUHTXHVWLV UH.HLYHGDQGGHVWUR\HGZKHQWKH.RQQH.WLRQLVEURNHQ)RUPRUH GHWDLOVRQVSH.LI\LQJWKHQHWZRUNPDVNSDLUVVHH6H.WLRQRQ URXWHILOWHULQJ

group type test peeras autonomous_system group type testLVDQH[WHQVLRQWRH[WHUQDO%*3WKDWLPSOH

PHQWVDIL[HGSROL.\XVLQJWHVWSHHUV)L[HGSROL.\DQGVSH.LDO.DVH .RGHPDNHWHVWSHHUVUHODWLYHO\LQH[SHQVLYHWRPDLQWDLQ7HVWSHHUV GRQRWQHHGWREHRQDGLUH.WO\DWWD.KHGQHWZRUN,I*DWH'DQG WKHSHHUDUHRQWKHVDPHGLUH.WO\DWWD.KHGVXEQHWWKHDGYHUWLVHG QH[WKRSLV.RPSXWHGZLWKUHVSH.WWRWKDWQHWZRUNRWKHUZLVHWKH QH[WKRSLVWKHOR.DOPD.KLQH

V.XUUHQWQH[WKRS$OOURXWLQJ

263

Multi-Protocol - Border Gatedway Protocol (MPBGP )

LQIRUPDWLRQDGYHUWLVHGE\DQGUH.HLYHGIURPDWHVWSHHULVGLV .DUGHGDQGDOO%*3DGYHUWLVDEOHURXWHVDUHVHQWED.NWRWKHWHVW SHHU0HWUL.VIURP(*3DQG%*3GHULYHGURXWHVDUHIRUZDUGHG LQWKHDGYHUWLVHPHQWRWKHUZLVHQRPHWUL.LVLQ.OXGHG 1RWH:LWKLQDJURXS%*3SHHUVPD\EH.RQILJXUHGLQRQHRI WZRZD\V7KH\PD\EHLPSOL.LWO\.RQILJXUHGZLWKWKHallow VWDWHPHQWRUH[SOL.LWO\.RQILJXUHGZLWKDpeerVWDWHPHQW

allow

7KH allow .ODXVHDOORZVSHHU.RQQH.WLRQVIURPDQ\DGGUHVVHVLQ WKHVSH.LILHGUDQJHRIQHWZRUNDQGPDVNSDLUV$OOSDUDPHWHUVIRU WKHVHSHHUVPXVWEH.RQILJXUHGRQWKHgroup .ODXVH7KHLQWHUQDO SHHUVWUX.WXUHVDUH.UHDWHGZKHQDQLQ.RPLQJRSHQUHTXHVWLV UH.HLYHGDQGGHVWUR\HGZKHQWKH.RQQH.WLRQLVEURNHQ)RUPRUH GHWDLOVRQVSH.LI\LQJWKHQHWZRUNPDVNSDLUVVHH6H.WLRQRQ URXWHILOWHULQJ
peer host

$ peer VXE.ODXVH.RQILJXUHVDQLQGLYLGXDOSHHU(D.KSHHULQKHU LWVDOOSDUDPHWHUVVSH.LILHGRQDgroup DVGHIDXOWV0DQ\GHIDXOWV PD\EHRYHUULGGHQE\SDUDPHWHUVH[SOL.LWO\VSH.LILHGRQWKHpeer VXE.ODXVH :LWKLQHD.K group .ODXVHLQGLYLGXDOSHHUV.DQEHVSH.LILHGRUD JURXSRISRWHQWLDOSHHUV.DQEHVSH.LILHGXVLQJallow. 8VHWKH allow VWDWHPHQWWRVSH.LI\DVHWRIDGGUHVVPDVNV,I*DWH' UH.HLYHVD%*3.RQQH.WLRQUHTXHVWIURPDQ\DGGUHVVLQWKHVHW VSH.LILHGLWZLOOD..HSWLWDQGVHWXSDSHHUUHODWLRQVKLS7KH%*3 peer VXE.ODXVHDOORZVWKHIROORZLQJSDUDPHWHUV$OODUHRSWLRQDO
ascount count ascount GHV.ULEHVWKHQXPEHURI WLPHVWKDWWKLVURXWHUZLOOLQVHUW LWVRZQ$6QXPEHUZKHQLWVHQGVWKH$6SDWKWRDQH[WHUQDOSHHU 7KHGHIDXOWLV 1.+LJKHUYDOXHVDUHW\SL.DOO\XVHGWRELDVXSVWUHDP SHHUV
URXWHVHOH.WLRQ$OOWKLQJVEHLQJHTXDOPRVWURXWHUVZLOO SUHIHUWRXVHURXWHVZLWKVKRUWHU$63DWKV8VLQJascountWKH $63DWKWKLVURXWHUVHQGV.DQEHDUWLIL.LDOO\OHQJWKHQHG 1RWH: ascountVXSHUVHGHVWKHnov4asloop RSWLRQ5HJDUGOHVV RIZKHWKHUnov4asloopLVVHWWKLVURXWHUZLOOVWLOOVHQGPXOWLSOH .RSLHVRILWVRZQ$6LIWKH ascount RSWLRQLVVHWWRVRPHWKLQJ JUHDWHUWKDQ 1.$OVRQRWHWKDWLIWKHYDOXHRI ascount LV.KDQJHG DQG*DWH'LVUH.RQILJXUHGURXWHVZLOOQRWEHVHQWWRUHIOH.WWKH QHZVHWWLQJ,I\RXZDQWWKHVHURXWHVWREHVHQWUHVWDUWWKHSHHU

264

Configuring GateD

VHVVLRQE\.RPPHQWLQJRXWWKHSHHUUH.RQILJXULQJDQGWKHQ XQ.RPPHQWLQJDQGUH.RQILJXULQJDJDLQRUE\UHVWDUWLQJ*DWH' $6SUHSHQGLQJRUVWXIILQJLVPDGHSRVVLEOHE\WKHascount SHHURSWLRQ7KHIROORZLQJH[DPSOHLQVHUWV*DWH'$6QXPEHU WLPHVLQWKH$63DWKRIDQRXWJRLQJURXWH

group type external peeras 201 { peer 192.168.10.32 ascount 6; };

export-v4-mp export-v4-mpVSH.LILHV,3YPXOWLSURWR.ROURXWHVDUHWREH H[SRUWHG,IQHLWKHUimport-v4-mpQRUexport-v4-mpDUHVSH. LILHG*DWH'ZLOOQRWDWWHPSWWRQHJRWLDWHPXOWLSURWR.ROH[WHQ VLRQV*DWH'ZLOOUHWXUQDQDSSURSULDWHXQVXSSRUWHG.DSDELOLW\ PHVVDJHWRSHHUVDWWHPSWLQJWRXVHPXOWLSURWR.ROH[WHQVLRQV export-v6-mp export-v6-mpVSH.LILHV,3YPXOWLSURWR.ROURXWHVDUHWREH

H[SRUWHG

gateway gateway gatewayLQVWUX.WV*DWH'WRXVHDIRUPRIPXOWLKRS(%*3,ID QHWZRUNLVQRWVKDUHGZLWKDSHHUgatewayVSH.LILHVDURXWHURQ

DQDWWD.KHGQHWZRUNWREHXVHGDVWKHQH[WKRSURXWHUIRUURXWHV UH.HLYHGIURPWKLVSHHU7KHgatewaySDUDPHWHUPD\DOVREHXVHG WRVSH.LI\DQH[WKRSIRUSHHUVWKDWDUHRQVKDUHGQHWZRUNV)RU H[DPSOH\RXPLJKWXVHgatewayWRHQVXUHWKDWWKLUGSDUW\QH[W KRSVDUHQHYHUD..HSWHGIURPDJLYHQSHHUE\VSH.LI\LQJWKDW SHHU

VDGGUHVVDVLWVRZQJDWHZD\7KHgatewayVSH.LILHGPXVW KDYH.RQVLVWHQWURXWLQJLQIRUPDWLRQWRSUHYHQWURXWLQJORRSV gatewayLVQRWQHHGHGLQPRVW.DVHV
holdtime time holdtimeVSH.LILHVWKH%*3KROGWLPHYDOXHLQVH.RQGVWRXVH

ZKHQQHJRWLDWLQJWKH.RQQH.WLRQZLWKWKLVSHHU,I*DWH'GRHV QRWUH.HLYHDkeepalive, updateRUnotification PHVVDJH ZLWKLQWKHSHULRGVSH.LILHGLQWKHKROGWLPHILHOGRIWKH%*3RSHQ PHVVDJHWKHQWKH%*3.RQQH.WLRQZLOOEH.ORVHG7KHYDOXHPXVW EHDWOHDVW 37KHGHIDXOWYDOXHLV180.

ignorefirstashop ignorefirstashop GLVDEOHVURXWHGURSSLQJIURPSHHUVWKDWGR QRWLQVHUWWKHLURZQ$6QXPEHULQWRWKH$63DWK. ignore-

265

Multi-Protocol - Border Gatedway Protocol (MPBGP ) firstashop VKRXOGRQO\EHXVHGLI\RXNQRZSRVLWLYHO\WKDWWKH SHHULVDURXWHVHUYHUDQGQRWDQRUPDOURXWHU import-v4-mp

VSH.LILHV,3YPXOWLSURWR.ROURXWHVDUHWREH LPSRUWHG,IQHLWKHU import-v4-mp QRU export-v4-mp DUH VSH.LILHG*DWH'ZLOOQRWDWWHPSWWRQHJRWLDWHPXOWLSURWR.RO H[WHQVLRQV*DWH'ZLOOUHWXUQDQDSSURSULDWHXQVXSSRUWHG.DSD ELOLW\PHVVDJHWRSHHUVDWWHPSWLQJWRXVHPXOWLSURWR.ROH[WHQ VLRQV
import-v4-mp import-v6-mp import-v6-mpVSH.LILHV,3YPXOWLSURWR.ROURXWHVDUHWREH keep ( all | none ) keep all

LPSRUWHG

UHWDLQVURXWHVOHDUQHGIURPDSHHUHYHQLIWKHURXWHV
 $6SDWKV.RQWDLQRQHRIWKHURXWHU
VRZQH[SRUWHG$6QXPEHUV keep none.DXVHV*DWH'WRGLVUHJDUGURXWHV.RQWDLQLQJWKH URXWHU
VRZQ$6QXPEHUVkeep noneLVWKHGHIDXOW
keepalivesalways

.DXVHV*DWH'WRDOZD\VVHQGNHHSDOLYHV HYHQZKHQDQXSGDWH.RXOGKDYH.RUUH.WO\VXEVWLWXWHGIRURQH keepalivesalways DOORZVLQWHURSHUDELOLW\ZLWKURXWHUVWKDWGR QRW.RPSOHWHO\REH\WKHSURWR.ROVSH.LIL.DWLRQVRQWKLVSRLQW

keepalivesalways lcladdr local_address lcladdr VSH.LILHVWKHDGGUHVVWREHXVHGRQWKHOR.DOHQGRIWKH 7&3.RQQH.WLRQZLWKWKHSHHU)RUH[WHUQDOSHHUVWKHOR.DO DGGUHVVPXVWEHRQDQLQWHUID.HWKDWLVVKDUHGZLWKWKHSHHURU ZLWKWKHSHHU
VJDWHZD\ZKHQWKH gateway SDUDPHWHULVXVHG$ VHVVLRQZLWKDQH[WHUQDOSHHUZLOORQO\EHRSHQHGZKHQDQLQWHU ID.HZLWKWKHDSSURSULDWHOR.DODGGUHVVWKURXJKZKL.KWKHSHHURU JDWHZD\DGGUHVVLVGLUH.WO\UHD.KDEOHLVRSHUDWLQJ)RURWKHUW\SHV RISHHUVDSHHUVHVVLRQZLOOEHPDLQWDLQHGZKHQDQ\LQWHUID.H ZLWKWKHVSH.LILHGOR.DODGGUHVVLVRSHUDWLQJ,QHLWKHU.DVHDQ LQ.RPLQJ.RQQH.WLRQZLOORQO\EHUH.RJQL]HGDVDPDW.KIRUD .RQILJXUHGSHHULILWLVDGGUHVVHGWRWKH.RQILJXUHGOR.DODGGUHVV logupdown

cDXVHVPHVVDJHVWREHORJJHGYLDWKHV\VORJPH.KD QLVPZKHQHYHUD%*3SHHUHQWHUVRUOHDYHVWKH(VWDEOLVKHGVWDWH
logupdown med

%\GHIDXOWDQ\PHWUL.0XOWLB([LWB'LV.UH.HLYHGRQDQ03%*3 .RQQH.WLRQLVLJQRUHG,I0('VDUHXVHGLQURXWLQJ.RPSXWD WLRQVWKH med RSWLRQPXVWEHVSH.LILHGRQWKH group .ODXVH%\ GHIDXOW0('VDUHQRWVHQWRQH[WHUQDO.RQQH.WLRQV6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWmedRSWLRQV7RVHQG

266

Configuring GateD

0('VXVHWKH metric RSWLRQRIWKHexport VWDWHPHQWRUWKH metricout SHHUJURXSSDUDPHWHU6HH6H.WLRQIRUPRUH LQIRUPDWLRQDERXWWKHexportVWDWHPHQW

metricout metric metricoutPD\EHXVHGRQDOOURXWHVVHQWWRWKHVSH.LILHGJURXS

7KHPHWUL.KLHUDU.K\LVDVIROORZVVWDUWLQJIURPWKHPRVWSUH IHUUHG  WKHPHWUL.VSH.LILHGE\H[SRUWSROL.\ 2. SHHUOHYHO metricout 3. JURXSOHYHO metricout  defaultmetric

)RU group types internal DQG routingVHWmetricout RQ WKHgroup .ODXVHLQVWHDGRIRQWKH peer VXE.ODXVH.
nexthopself nexthopselfVHWVWKLVSHHU
VQH[WKRSWRWKHURXWHU
VRZQ DGGUHVVHYHQLILWZRXOGQRUPDOO\EHSRVVLEOHWRVHQGDWKLUGSDUW\ QH[WKRS nexthopselfPD\.DXVHLQHIIL.LHQWURXWHVWREHIRO ORZHGEXWLWPD\EHQHHGHGLQVRPH.DVHVWRGHDOZLWKEURNHQ EULGJHGLQWHU.RQQH.WPHGLDLQ.DVHVZKHUHWKHURXWHUVRQWKH VKDUHGPHGLXPGRQRWUHDOO\KDYHIXOO.RQQH.WLYLW\WRHD.K RWKHURUZKHQSROLWL.DOVLWXDWLRQV.DXVHEURNHQOLQNVnexthopself .DQRQO\EHXVHGIRUH[WHUQDOSHHUV noaggregatorid

.DXVHV*DWH'WRVSH.LI\WKHURXWHULGLQWKH DJJUHJDWRUDWWULEXWHDV 0LQVWHDGRIWKH routerid RIWKHURXWHU LQRUGHUWRSUHYHQWGLIIHUHQWURXWHUVLQDQ$6IURP.UHDWLQJDJJUH JDWHURXWHVZLWKGLIIHUHQW$6SDWKV

noaggregatorid nogendefault

SUHYHQWV*DWH'IURPJHQHUDWLQJDGHIDXOWURXWH ZKHQ03%*3UH.HLYHVDYDOLGXSGDWHIURPLWVSHHU7KHGHIDXOW URXWHLVRQO\JHQHUDWHGZKHQWKH gendefault RSWLRQLVHQDEOHG 6HH6H.WLRQ2SWLRQVIRUPRUHLQIRUPDWLRQDERXWWKHgendefaultRSWLRQ

nogendefault nov4asloop nov4asloopSUHYHQWVURXWHVZLWKORRSHG$6SDWKVIURPEHLQJ DGYHUWLVHGWRYHUVLRQH[WHUQDOSHHUV8VHnov4asloop WRDYRLG

267

Multi-Protocol - Border Gatedway Protocol (MPBGP )

DGYHUWLVLQJURXWHVWRSHHUVWKDWZRXOGLQ.RUUH.WO\IRUZDUGWKH URXWHVRQWRYHUVLRQSHHUV
passive

SUHYHQWV*DWH'IURPHYHUWU\LQJWRRSHQD%*3.RQ QH.WLRQZLWKWKLVSHHU,QVWHDGLWZLOOZDLWIRUWKHSHHUWRLQLWLDWHD .RQQH.WLRQ passive ZDVLQWURGX.HGWRKDQGOHDSUREOHPLQ %*3DQGHDUOLHULQZKL.KWZRSHHUVPLJKWERWKDWWHPSWWRLQL WLDWHD.RQQH.WLRQDWWKHVDPHWLPH7KLVSUREOHPLVIL[HGLQWKH %*3SURWR.ROVRWKH passive RSWLRQLVQRWQHHGHGZLWK%*3 VHVVLRQV 1RWH,ILWLVDSSOLHGWRERWKVLGHVRIDSHHULQJVHVVLRQpassive ZLOOSUHYHQWWKHVHVVLRQIURPHYHUEHLQJHVWDEOLVKHG)RUWKLVUHD VRQDQGEH.DXVHLWLVJHQHUDOO\QRWQHHGHGWKHXVHRI passive LV GLV.RXUDJHG.
passive preference peerpreference

peerpreference VSH.LILHVWKHpreferenceXVHGIRUURXWHV

OHDUQHGIURPWKHVHSHHUV6HH6H.WLRQIRUPRUHLQIRUPDWLRQ DERXWpreference7KLVSUHIHUHQ.H.DQGLIIHUIURPWKHGHIDXOW 03%*3SUHIHUHQ.HVHWLQWKH mpbgp VWDWHPHQWVRWKDW*DWH' .DQSUHIHUURXWHVIURPRQHSHHURYHURWKHUV7KLVSUHIHUHQ.HPD\ EHH[SOL.LWO\RYHUULGGHQE\LPSRUWSROL.\

preference2 peerpreference2 preference2

EUHDNVDpreference WLH7KHGHIDXOWYDOXHLV0.

recvbuffer buffer_size recvbuffer .RQWUROVWKHDPRXQWRIUH.HLYHEXIIHULQJDVNHGRI WKHNHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJK PDQ\NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHVWKH PD[LPXPVXSSRUWHGrecvbufferLVQRWQHHGHGRQQRUPDOO\ IXQ.WLRQLQJV\VWHPV routetopeer routetopeer VSH.LILHVWKHD.WXDO77/XVHGRQDVR.NHWLQDOO .DVHV,QSDUWL.XODULI*DWH'UHDOL]HVWKDWWZR%*3VSHDNHUVDUH SHHULQJRYHUDVLQJOHQHWZRUN*DWH'DXWRPDWL.DOO\VHWVWKHdontroute RSWLRQRQWKHLUVR.NHW7KLVLQWXUQ.DXVHVWKH77/RI WKHSD.NHWVWREHVHWWR1. routetopeerSUHYHQWVWKHdontroute RSWLRQIURPEHLQJVHW,I\RXVSH.LI\ routetopeerEXWGRQ
W VSH.LI\D77/DQG\RXDUHGLUH.WO\.RQQH.WHG*DWH'ZLOOVHWWKH 77/RI\RXUVR.NHWWR,I\RXZDQWD77/JUHDWHUWKDQIRU GLUH.WO\.RQQH.WHGSHHUV\RXPXVWVSH.LI\ERWK routetopeer DQGWKH77/WKDW\RXUHTXLUH sendbuffer buffer_size

.RQWUROVWKHDPRXQWRIVHQGEXIIHULQJDVNHGRIWKH NHUQHO7KHPD[LPXPVXSSRUWHGLVE\WHVDOWKRXJKPDQ\ NHUQHOVKDYHDORZHUOLPLW%\GHIDXOW*DWH'.RQILJXUHVWKHPD[

sendbuffer 268

Configuring GateD

LPXPVXSSRUWHGVHQGEXIIHULVQRWQHHGHGRQQRUPDOO\IXQ.WLRQ LQJV\VWHPV
showwarnings

.DXVHV*DWH'WRLVVXHZDUQLQJPHVVDJHVZKHQ UH.HLYLQJTXHVWLRQDEOH%*3XSGDWHVVX.KDVGXSOL.DWHURXWHV DQGRUGHOHWLRQVRIQRQH[LVWLQJURXWHV1RUPDOO\WKHVHHYHQWV DUHVLOHQWO\LJQRUHG

showwarnings traceoptions trace_options

VSH.LILHVWKHWUD.LQJRSWLRQVIRU03%*3%\ GHIDXOWWKHVHDUHLQKHULWHGIURPWKHJOREDOWUD.HRSWLRQV7KHVH YDOXHVPD\EHRYHUULGGHQRQD JURXS RU SHHUEDVLV6HH6H.WLRQ 7UD.H6WDWHPHQWVDQG03%*37UD.LQJ2SWLRQVRQ SDJH 

traceoptions ttl ttl

%\GHIDXOW*DWH'VHWVWKH,377/IRUOR.DOSHHUVWR1DQGWKH 77/IRUQRQOR.DOSHHUVWRWKHGHIDXOWNHUQHOYDOXH7KHttl RSWLRQLVSURYLGHGPDLQO\ZKHQDWWHPSWLQJWR.RPPXQL.DWHZLWK LPSURSHUO\IXQ.WLRQLQJURXWHUVWKDWLJQRUHSD.NHWVVHQWZLWKD 77/RI11RWDOONHUQHOVDOORZWKH77/WREHVSH.LILHGIRU7&3 .RQQH.WLRQV

v3asloopokay

%\GHIDXOW*DWH'ZLOOQRWDGYHUWLVHURXWHVWKDWKDYHDQ$6SDWK WKDWLVORRSHGLHZLWKDQ$6DSSHDULQJPRUHWKDQRQ.HLQWKH SDWKWRYHUVLRQH[WHUQDOSHHUV6HWWLQJWKH v3asloopokayIODJ UHPRYHVWKLV.RQVWUDLQWv3asloopokay LVLJQRUHGZKHQVHWRQ LQWHUQDOSHHUV

version number version

VSH.LILHVWKHYHUVLRQRIWKH%*3SURWR.ROWRXVHZLWK WKLVSHHU,IQRWVSH.LILHGWKHKLJKHVWVXSSRUWHGYHUVLRQLVXVHG ILUVWDQGYHUVLRQQHJRWLDWLRQLVDWWHPSWHG,ILWLVVSH.LILHGRQO\ WKHVSH.LILHGYHUVLRQZLOOEHRIIHUHGGXULQJQHJRWLDWLRQ7KH.XU UHQWO\VXSSRUWHGYHUVLRQVLQ.OXGHDQG

3.2.1.2 MPBGP Tracing Options

1RWH 7KHVWDWHRSWLRQZRUNVZLWK%*3EXWGRHVQRWSURYLGHWUXHVWDWH WUDQVLWLRQLQIRUPDWLRQ Packet tracing options (which may be modified with detail, send, and recv) include the following:

269

Multi-Protocol - Border Gatedway Protocol (MPBGP )

packets

7UD.HDOO03%*3SD.NHWV
open

7UD.H03%*3RSHQSD.NHWVZKL.KDUHXVHGWRHVWDEOLVKDSHHU UHODWLRQVKLS
update

7UD.H03%*3XSGDWHSD.NHWVZKL.KDUHXVHGWRSDVVQHWZRUN UHD.KDELOLW\LQIRUPDWLRQ
keepalive

7UD.H03%*3NHHSDOLYHSD.NHWVZKL.KDUHXVHGWRYHULI\SHHU UHD.KDELOLW\
all

7UD.HDGGLWLRQV.KDQJHVGHOHWLRQVWRWKH*DWH'URXWLQJWDEOH 3.2.1.3 MPBGP Configurable Options 6HHWKHIROORZLQJVH.WLRQVIRUPRUHLQIRUPDWLRQDERXWVSH.LIL.03%*3 RSWLRQV 3.2.1.3.1 Route Reflection 03%*3VXSSRUWVURXWHUHIOH.WLRQIRULQWHUQDOSHHUJURXSVZLWK%*3 YHUVLRQRQO\:KHQXVLQJURXWHUHIOH.WLRQWKHUXOHWKDWDURXWHUPD\ QRWUHDGYHUWLVHURXWHVIURPLQWHUQDOSHHUVWRRWKHULQWHUQDOSHHUVLV UHOD[HGIRUVRPHURXWHUV.DOOHGURXWHUHIOH.WRUV6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWURXWHUHIOH.WLRQ 3.2.1.3.2 Weighted Route Dampening 7KHEDVL.LGHDRIZHLJKWHGURXWHGDPSHQLQJLVWRWUHDWURXWHVWKDWDUH EHLQJDQQRXQ.HGDQGZLWKGUDZQIODSSLQJDWDUDSLGUDWHDVXQUHD.KDEOH 6HH6H.WLRQIRUPRUHLQIRUPDWLRQDERXWZHLJKWHGURXWHGDPS HQLQJ 3.2.1.3.3 Setpref/Local_Pref 7KH setpref RSWLRQDOORZV*DWH'WRVHWWKHLocal_Pref WRUHIOH.W *DWH'
VRZQLQWHUQDOSUHIHUHQ.HIRUWKHURXWHDVJLYHQE\WKHJOREDOSUR WR.ROSUHIHUHQ.HYDOXHLocal_Pref PD\EHXVHGE\D%*3VSHDNHUWR LQIRUPRWKHU%*3VSHDNHUVLQLWVRZQDXWRQRPRXVV\VWHPRIWKHRULJL QDWLQJVSHDNHU
VGHJUHHRISUHIHUHQ.HIRUDQDGYHUWLVHGURXWH6HH6H.WLRQ IRUPRUHLQIRUPDWLRQDERXWsetpref. 3.2.1.3.4 Communities 7KH.RPPXQLWLHVDWWULEXWHDOORZVWKHDGPLQLVWUDWRURIDURXWLQJGRPDLQ WRWDJJURXSVRIURXWHVZLWKD.RPPXQLW\WDJ8VLQJ.RPPXQLWLHVDOORZV WKHDGPLQLVWUDWRUWROLPLWWKHURXWHVWKDW.DQEHLPSRUWHGRUH[SRUWHG
270

Configuring GateD

6HH6H.WLRQIRUPRUHLQIRUPDWLRQDERXW.RPPXQLWLHV 3.2.1.3.5 Multi-Exit Discriminator The Multi Exit Discriminator, or MED, allows the administrator of a routing domain to choose between various exits from a peering AS. See Section 2.2.2.6.3.5 for more information about Multi Exit Discriminator.

271

Multi-Protocol - Border Gatedway Protocol (MPBGP )

272

Configuring GateD

Chapter 3 Section 1.3

Multicast Source Discovery Protocol (MSDP)
7KLVSURWR.ROLVXQGHUGHYHORSPHQWDQGQRW\HWDYDLODEOH 3.1.3.0 MSDP Overview 06'3LVLQWHQGHGWRMRLQDGPLQLVWUDWLYHO\VHSDUDWH3,060UHJLRQVE\ GLVWULEXWLQJLQIRUPDWLRQDERXWPXOWL.DVWVRXU.HVZLWKLQHD.KUHJLRQ 06'3VSHDNHUVSHHURYHU7&3.RQQH.WLRQVDQGDQQRXQ.HRUIRUZDUG LQIRUPDWLRQDERXWVRXU.HVDQGWKHJURXSVWRZKL.KWKH\DUHPXOWL.DVWLQJ :KHQDUHQGH]YRXVSRLQWLQRQH3,060GRPDLQOHDUQVYLD06'3RID PXOWL.DVWVRXU.HLQDQRWKHU3,060GRPDLQWKHQLWDWWHPSWVWRMRLQ WRZDUGVWKHPXOWL.DVWWUHHURRWHGDWWKHVRXU.H 06'3LVGHVLJQHGWRZRUNYHU\.ORVHO\ZLWK3,060)RU06'3WREH .RQILJXUHGLQ*DWH'3,060PXVWEH.RQILJXUHGDVZHOO 3.1.3.1 MSDP Syntax
msdp ( on | off ){ traceoptions trace_options ; ([keepalive-interval sec]; [peer-holdtime sec]; [source-holdtime sec]; [connect-retry-interval sec]; [sa-interval sec]); peer local_host remote_host; }; msdp

7KH msdp VWDWHPHQWHQDEOHVRUGLVDEOHVWKH06'3SURWR.RO,IWKH msdp VWDWHPHQWLVQRWVSH.LILHG06'3ZLOOQRWUXQ,QDGGLWLRQ EH.DXVH06'3LVGHVLJQHGWRZRUNZLWK3,060LI3,060LVQRW .RQILJXUHG06'3ZLOOQRWUXQ

traceoptions trace_options traceoptionsVSH.LILHVWKHWUD.LQJRSWLRQVIRU06'36HH7UD.H

6WDWHPHQWVIRUJHQHUL.WUD.HRSWLRQVDQGWKH06'3VSH.LIL.WUD.LQJ RSWLRQVEHORZ
keepalive-interval sec

PHVVDJHV7KHGHIDXOWLV VH.RQGV
peer-holdtime sec

keepalive-intervalVHWVWKHLQWHUDUULYDOWLPHRI06'3NHHSDOLYH

peer-holdtime VHWVWKHKROGWLPHDIWHUZKL.KDSHHUZLOOEHPDUNHG
VWDOH
7KHGHIDXOWLVVH.RQGV$.RQQH.WLRQWRDVWDOHSHHUZLOOQRW EH.ORVHGXQOHVVWKH7&3.RQQH.WLRQLVEURNHQRU.ORVHGUHPRWHO\RUD

273

MSDP

QHZ.RQQH.WLRQUHTXHVWLVUH.HLYHGIURPWKHSHHU
source-timeout sec source-timeout VHWVWKHQXPEHURIVH.RQGVEHIRUHDQ6*HQWU\ LQWKH06'3.D.KHLVH[SLUHG7KHGHIDXOWLVVH.RQGV connect-retry-interval sec

VHWVWKHWLPHWKDWWKH.DOOHUZDLWVEHIRUH UHWU\LQJWKH.RQQH.WLRQLID.RQQH.WLRQDWWHPSWIDLOV7KHGHIDXOWLV VH.RQGV

connect-retry-interval sa-interval sec

,IWKLVPD.KLQHLVD3,0UHQGH]YRXVSRLQWDQGKDVVRXU.HVWR DQQRXQ.HWKHQ sa-interval VHWVWKHLQWHUDUULYDOWLPHRIWKH06'3 VRXU.HD.WLYHPHVVDJHVWKDWLWJHQHUDWHVDVRSSRVHGWRIRUZDUGV 7KHGHIDXOWLVVH.RQGV 3.1.3.2 MSDP Tracing Options 3D.NHWWUD.LQJPD\EHPRGLILHGZLWK detail, send or recv.6HH 7UD.H6WDWHPHQWVIRUJHQHUL.WUD.HRSWLRQVDQGWKH06'3VSH.LIL.WUD.LQJ RSWLRQVEHORZ 3D.NHWWUD.LQJRSWLRQVLQ.OXGH
packets

7UD.HDOO06'3SD.NHWV
keepalive

7UD.H06'3NHHSDOLYHPHVVDJHV
sa-req

7UD.H06'3VRXU.HD.WLYHUHTXHVWPHVVDJHV
sa

7UD.H06'3VRXU.HD.WLYHPHVVDJHV

274

Configuring GateD

Chapter 3 Section 3
Other Support
3.3.0 Other Multicast Support Overview 3.3.1 IGMP ,QDGGLWLRQWRURXWLQJSURWR.ROV*DWH'SURYLGHVWKHIROORZLQJVXSSRUWIRU 0XOWL.DVW ,QWHUQHW*URXS0DQDJHPHQW3URWR.RO,*03ZDVSULPDULO\GHVLJQHGIRU KRVWVRQPXOWLD..HVVQHWZRUNVWRLQIRUPOR.DOO\DWWD.KHGURXWHUVRIWKHLU JURXSPHPEHUVKLSLQIRUPDWLRQ+RVWVLQIRUPWKHURXWHUVE\PXOWL.DVWLQJ ,*03+RVW0HPEHUVKLS5HSRUWV0XOWL.DVWURXWHUVOLVWHQIRUWKHVHPHV VDJHVDQG.DQWKHQH[.KDQJHJURXSPHPEHUVKLSLQIRUPDWLRQZLWKRWKHU PXOWL.DVWURXWHUV7KLVSUR.HVVDOORZVGLVWULEXWLRQWUHHVWREHIRUPHGWR GHOLYHUPXOWL.DVWGDWDJUDPV 7KH multicastVWDWHPHQWLVXVHGWRVHWLQWHUID.HVSH.LIL.RSWLRQVVX.KDV UDWHOLPLWV77/WKUHVKROGVDQGDGPLQV.RSHERXQGDULHV

3.3.2 Multicast Statement

275

Other Support

276

Configuring GateD

Chapter 3 Section 3.1

Internet Group Management Protocol (IGMP)
3.3.1.0 IGMP Overview IGMP was primarily designed for hosts on multi-access networks to inform locally-attached routers of their group membership information. Hosts inform routers by multicasting IGMP Host Membership Reports. Once multicast routers listen for these reports, they can exchange group membership information with other multicast routers. This reporting system allows distribution trees to be formed to deliver multicast datagrams. The original version of IGMP was defined in+RVW([WHQVLRQV IRU,30XOWL.DVWLQJZKL.K.DQEHIRXQGDW: IWSIWSLVLHGXLQQRWHVUI.W[W ([WHQVLRQVWR,*03KDYHEHHQGHYHORSHGDQGUHOHDVHGLQODWHUUHOHDVHVRI WKH,3PXOWL.DVWGLVWULEXWLRQIURP;HUR[3$5&7KHVHH[WHQVLRQVNQRZQ DV,*03YHUVLRQ LQ.OXGHH[SOL.LWOHDYHPHVVDJHVIRUIDVWHUSUXQLQJDQG PXOWL.DVWWUD.HURXWHPHVVDJHV*DWH'LVDZDUHRIERWK,*039HUVLRQ DQG9HUVLRQPHVVDJHV 3.3.1.1 IGMP Syntax
igmp ( on | off ) [ { [ interface interface_list [ enable | disable ] [ nosend ] [ version [1 | 2]] [ query-interval sec] [ robustness value] ; ] [ traceoptions trace_options ; ] [ query-interval sec ; ] [ max-response-time sec ; ] [ robustness value ; ] } ] ; igmp

7KH igmp VWDWHPHQWHQDEOHVRUGLVDEOHVWKH,*03SURWR.RO,IWKH igmp VWDWHPHQWLVQRWVSH.LILHGWKHGHIDXOWLV igmp off; ,IHQDEOHG,*03ZLOOGHIDXOWWRHQDEOLQJDOOLQWHUID.HVWKDWDUHERWK EURDG.DVWDQGPXOWL.DVW.DSDEOH7KHVHLQWHUID.HVDUHLGHQWLILHGE\WKH IFF_BROADCAST DQG IFF_MULTICASTLQWHUID.HIODJV,*03PXVWEH HQDEOHGEHIRUHRQHRIWKH,30XOWL.DVWURXWLQJSURWR.ROVDUHHQDEOHG
interface interface_list interface

HQDEOHVRUGLVDEOHV,*03RQWKLVLQWHUID.HRUOLVWRILQWHU

277

IGMP

ID.HV
enable | disable enableLVWKHGHIDXOW7KLVDUJXPHQWPD\EHQH.HVVDU\ZKHQ disable LVXVHGRQDZLOG.DUGLQWHUID.HGHV.ULSWRUenable HQDEOHVWKHLQWHUID.HIRU,*03SURWR.RO disable VSH.LILHVWKDW

,*03SD.NHWVUH.HLYHGYLDWKHVSH.LILHGLQWHUID.HZLOOEHLJQRUHG 7KHGHIDXOWLVWROLVWHQWR,*03RQDOOLQWHUID.HV
nosend

nosendDOORZVWKHLQWHUID.HWRUH.HLYHEXWSUHYHQWVLWIURPVHQG LQJDQ\,*03SD.NHWVnosend SHUPLWVWKH.RQVWUX.WLRQRID

NHUQHO9,)9LUWXDO,QWHU)D.HIRUWKH.RQILJXUHGLQWHUID.HDQG WKXVDOORZV*DWH'WRVXEGXHNHUQHOXS.DOOVLH6*.D.KH PLVVHVLQVRPHROGHUNHUQHOV
version [ 1 | 2 ]

version VSH.LILHVWRZKL.KYHUVLRQRIigmp*DWH'VKRXOGH[SH.W

PHVVDJHVWR.RQIRUP

query-interval sec

VHWVWKHQXPEHURIVH.RQGVEHWZHHQJHQHUDO TXHULHVVHQWE\WKHTXHULHU,*03+RVW0HPEHUVKLS4XHULHVDUH VHQWLIWKLVURXWHULVHOH.WHGWKHGHVLJQDWHGTXHULHUIRUWKH/$1,I QRWVSH.LILHGWKHGHIDXOWYDOXHLVVH.RQGV%\YDU\LQJWKH TXHU\LQWHUYDODQDGPLQLVWUDWRU.DQWXQHWKHQXPEHURI,*03 TXHULHVRQWKHVXEQHW$ODUJHUYDOXHRI query-interval.DXVHV ,*03TXHULHVWREHVHQWOHVVRIWHQ

query-interval robustness

DOORZVWXQLQJIRUWKHH[SH.WHGSD.NHWORVVRQDVXE QHW,IDVXEQHWLVH[SH.WHGWREHORVV\WKHrobustness PD\EH LQ.UHDVHG,*03LVUREXVWWRrobustnessSD.NHWORVVHV7KH UREXVWQHVVYDULDEOHPXVWQRWEHVHWWR7KHGHIDXOWYDOXHLV

robustness traceoptions trace_options

6HH7UD.H6WDWHPHQWVDQGWKH,*03VSH.LIL.WUD.LQJRSWLRQV EHORZ
query-interval sec query-intervalVHWVWKHQXPEHURIVH.RQGVEHWZHHQJHQHUDOTXH

ULHVVHQWE\WKHTXHULHU,*03+RVW0HPEHUVKLS4XHULHVDUHVHQWLI WKLVURXWHULVHOH.WHGWKHGHVLJQDWHGTXHULHUIRUWKH/$1,IQRWVSH.L ILHGWKHGHIDXOWYDOXHLVVH.RQGV%\YDU\LQJWKHTXHU\LQWHUYDODQ DGPLQLVWUDWRUPD\WXQHWKHQXPEHURI,*03TXHULHVRQWKHVXEQHW $ODUJHUYDOXHRIquery-interval .DXVHV,*03TXHULHVWREHVHQW OHVVRIWHQ

278

Configuring GateD

max-response-time sec

LQWKHOR.DOJURXSGDWDEDVHZLWKRXWUH.HLYLQJD+RVW0HPEHUVKLS 5HSRUW,IQRWVSH.LILHGWKHGHIDXOWYDOXHLVVH.RQGVPD[ UHVSRQVHWLPHLV.DO.XODWHGDVrobustness query-interval query-response-intervalZKL.KGHIDXOWVWR query-interval7KH query-response-intervalLVIL[HGDWZKL.KLV WKHGHIDXOWD..RUGLQJWRWKH,*035)&ZKL.K.DQEHD..HVVHG DW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOV .RQILJBJXLGHUHIHUHQ.HVKWPO 7KHVH.RQGVLVWKHYDULDWLRQWKDWKRVWVXVHZKHQVHQGLQJ+RVW 0HPEHUVKLS5HSRUWV,IWKHYDOXHRI query-interval LVVSH.LILHG DQGWKHWLPHRXWLQWHUYDOLVQRWVSH.LILHG*DWH'ZLOOXVHWKLVIRUPXOD WR.DO.XODWHDQDSSURSULDWHWLPHRXWLQWHUYDO+RZHYHULIDWLPHRXW LQWHUYDOLVVSH.LILHGLWZLOORYHUULGHDQ\.DO.XODWHGYDOXH
robustness value

max-response-timeLVWKHORQJHVWLQWHUYDOWKDWDJURXSZLOOUHPDLQ

DOORZVWXQLQJIRUWKHH[SH.WHGSD.NHWORVVRQDVXEQHW ,IDVXEQHWLVH[SH.WHGWREHORVV\WKH robustnessPD\EHLQ.UHDVHG ,*03LVUREXVWWRrobustnessSD.NHWORVVHV7KHUREXVWQHVV YDULDEOHPXVWQRWEHVHWWR'HIDXOWYDOXHLV

robustness

3.3.1.2 IGMP Tracing Options

6HH7UD.H6WDWHPHQWVDQGWKH,*03VSH.LIL.WUD.LQJRSWLRQVEHORZ 3D.NHWWUD.LQJRSWLRQVZKL.KPD\EHPRGLILHGZLWKdetail, sendRU recv

packets

7UD.HDOO,*03SD.NHWV
query

7UD.H,*03KRVWPHPEHUVKLSTXHU\SD.NHWV
report

7UD.H,*03KRVWPHPEHUVKLSUHSRUWVDQGQHZKRVWPHPEHUVKLS UHSRUWV
leave

7UD.H,*03KRVWOHDYHPHVVDJHV
mtrace

7UD.H,*03PXOWL.DVWWUD.HURXWHrequest DQG response SD.NHWV SOXV&LV.RPXOWL.DVWWUD.HPHVVDJHV

279

IGMP

3.3.1.3 Sample IGMP Configurations

3.3.1.3.1 IGMP and DVMRPv3 7KLVLVDVLPSOH,*03DQG'9053.RQILJXUDWLRQZLWKSDVVLYHLQWHU ID.HV

interfaces { interface all passive; }; igmp yes; dvmrp yes;

7XUQ,*03DQG'9053RQRQO\WZRLQWHUID.HVXVLQJWKLVV\QWD[
igmp yes { interface le0 { enable }; interface le1 { enable }; }; dvmrp yes { interface le0 enable; interface le1 enable; };

3.3.1.3.2 Sample PIM-SMv2 over RIP configuration 7KLVLVDVDPSOHXVHRI3,060RYHU5,3

rip yes; import proto rip { all multicast unicast; }; traceoptions "/var/tmp/gated.log" replace all ; igmp yes { interface interface interface interface interface }; icmp { }; pim yes { traceoptions "/var/tmp/gated.log" replace packets route;

le0 qe0 qe1 qe2 qe3

{ { { { {

disable }; enable }; enable }; enable }; enable };

280

Configuring GateD

# hello-interval 35; sparse "sm0" { interface le0 disable; interface qe0 enable; interface qe1 enable; interface qe2 enable; interface qe3 enable; bsr qe0 priority 1; crp qe0 1; }; dense "dm0" { interface qe2 enable; interface qe3 enable; }; };

rip yes { traceoptions none ; interface le0 noripin noripout ; interface qe ripout ripin version 2; };

static { default gateway 198.32.4.1 preference 20 retain; # router 10.2.0.0 mask 255.255.255.0 gateway 10.1.0.3 preference 50 multicast unicast; 10.2.1.0 mask 255.255.255.0 gateway 10.1.1.3 preference 50 multicast unicast; 10.2.2.0 mask 255.255.255.0 gateway 10.1.2.3 preference 50 multicast unicast; 10.2.3.0 mask 255.255.255.0 gateway 10.1.3.3 preference 50 multicast unicast; };

import proto rip { 0.0.0.0 masklen 0 refines multicast unicast; };

281

IGMP

3.3.1.3.3 IGMP Only 7KLVLVDVDPSOHXVHRI,*03

interfaces { interface all passive; }; igmp yes;

7KLVLVDVDPSOHRI,*03ZLWKRQO\VRPHRIWKHLQWHUID.HVVHW,I\RXDUH UXQQLQJ3,0LQWKHSUHVHQ.HRIWXQQHOHG'9053DQGWKH*DWH'PXOWL .DVWNHUQHOWKHQ3,0ZLOOWU\WRUXQRYHUWKHWXQQHOSVHXGRLQWHUID.HV 7KH\VKRXOGEHGLVDEOHGDVIROORZV

# igmp yes { interface interface interface interface interface

le0 qe0 qe1 qe2 qe3

{ { { { {

disable }; enable }; enable }; disable }; disable };

};

282

Configuring GateD

Chapter 3 Section 3.2

Multicast Statement
3.3.2.0 Multicast Statement Overview 7KH multicastVWDWHPHQWLVXVHGWRVHWLQWHUID.HVSH.LIL.RSWLRQVVX.KDV UDWHOLPLWV77/WKUHVKROGVDQGDGPLQV.RSHERXQGDULHV *DWH'DOVRVXSSRUWVVWDWL.JURXSPHPEHUVKLSVRQLQWHUID.HV7KHVH .DQEHXVHGWRPDQXDOO\.RQILJXUHWUHHEUDQ.KHVDQG.DQEHXVHGUHJDUG OHVVRIZKHWKHUDPXOWL.DVWURXWLQJSURWR.ROLV.RQILJXUHGRQWKHUHOHYDQW LQWHUID.H  6WDWL.MRLQVDQGV.RSHGERXQGDULHVDUH.RQILJXUHGE\.RPPDQGVLQVLGHWKH multicast {}EOR.N7KHV\QWD[IRUWKHmulticast EOR.NLV
multicast { interface interface_list [ threshold number ] [ ratelimit number ]; join network [ ( mask mask ) | ( masklen number ) ] interface_list; boundary network [ ( mask mask ) | ( masklen number ) ] interface_list; }

3.3.2.1 Multicast Statement Syntax

multicast

7KH multicastVWDWHPHQWQHHGQRWH[LVWIRUPXOWL.DVWURXWLQJWR ZRUNLWLVRQO\XVHGIRURYHUULGLQJGHIDXOWRSWLRQV

interface interface_list [ threshold number ] [ ratelimit number ]

2QPXOWL.DVW.DSDEOHLQWHUID.HVinterfaceLVXVHGWRVSH.LI\77/ WKUHVKROGVZKL.KGHIDXOWWRDQGUDWHOLPLWVZKL.KGHIDXOWWRQRQH

join network [ ( mask mask ) | ( masklen number ) ] interface_list joinLVXVHGWRPDQXDOO\.RQILJXUHWUHHEUDQ.KHVRQWKHLQGL.DWHG LQWHUID.HV%H.DXVH join SUHYHQWVSUXQLQJVWDWL.MRLQVVKRXOGEH XVHGRQO\LQH[.HSWLRQDO.LU.XPVWDQ.HV1RWHWKDWjoin GRHVQRW.DXVH

*DWH'WRMRLQWKHLQGL.DWHGJURXSVLWRQO\.DXVHV*DWH'WRD.WDVLI GRZQVWUHDPPHPEHUVDUHSUHVHQWDQGKDYHMRLQHGWKHJURXS)RU H[DPSOH

multicast { interface le1 threshold 16 ratelimit 500; join 239.1.2.3 le1; };

7KHH[DPSOHDERYH.RQILJXUHVLQWHUID.HOHZLWKD77/WKUHVKROGRI

283

Multicast Statement

DQGDUDWHOLPLWRQPXOWL.DVWWUDIIL.RI.ESVDQGIRU.HV*DWH' WREHOLHYHWKDWGRZQVWUHDPPHPEHUVRIJURXSH[LVWRQWKDW LQWHUID.H

boundary network [ ( mask mask ) | ( masklen number ) ] interface_list boundaryLVXVHGWR.RQILJXUHDGPLQLVWUDWLYHO\V.RSHGJURXSERXQG DULHVRQWKHLQGL.DWHGLQWHUID.HV)RUH[DPSOH multicast { interface le1 threshold 16 ratelimit 500; boundary 239.255.0.0 masklen 16 le1; };

7KHH[DPSOHDERYH.RQILJXUHVLQWHUID.HOHZLWKD77/WKUHVKROGRI DQGDUDWHOLPLWRQPXOWL.DVWWUDIIL.RI.ESVDQGVHWVDERXQG DU\IRURQLW

284

Configuring GateD

Chapter 4 IPv6
4.0 IPv6 Protocol Overview $OOURXWLQJSURWR.ROVGHWHUPLQHWKHEHVWURXWHWRHD.KGHVWLQDWLRQDQG GLVWULEXWHURXWLQJLQIRUPDWLRQDPRQJWKHV\VWHPVRQDQHWZRUN,3Y URXWLQJSURWR.ROVKHOSPHHWWKHQHHGIRULQ.UHDVHGDGGUHVVVSD.H ,3YDGGUHVVHVXVHELWLGHQWLILHUVIRULQWHUID.HVDQGVHWVRILQWHUID.HV ,3YDGGUHVVHVDUHH[SUHVVHGDVHLJKWELWLQWHJHUVVSHDUDWHGE\.RORQV VX.KDVIIH. /HDGLQJ]HURV.DQEHRPLWWHGVX.KDV IIH. 2QHDQGRQO\RQHVHWRI.RQVH.XWLYHQXOOELWQXPEHUV.DQEHUHSOD.HG ZLWKDGRXEOH.RORQVX.KDV IIH. 7KUHHW\SHVRI,3YDGGUHVVHVH[LVW8QL.DVWVHQGWRRQHDGGUHVV0XOWL .DVWVHQGWRDVSH.LILHGVHWRIDGGUHVVHVDQG$Q\.DVWVHQGWRRQHLQWHU ID.HIRUDOODGGUHVVHVLQWKDWJURXS,3YGRHVQRWKDYHEURDG.DVW DGGUHVVHV

285

Static Routes for IPv6

286

Configuring GateD

Chapter 4 Section 1 Static Routes for IPv6 (Preliminary)

4.1.0 IPv6 Static Overview VWDWHPHQWVGHILQHWKHVWDWL.URXWHVXVHGE\*DWH'$VLQJOH VWDWHPHQW.DQVSH.LI\DQ\QXPEHURIURXWHV7KH static VWDWH PHQWVR..XUDIWHUSURWR.ROVWDWHPHQWVDQGEHIRUH.RQWUROVWDWHPHQWVLQWKH JDWHG.RQIILOH$Q\QXPEHURI static VWDWHPHQWVPD\EHVSH.LILHGHD.K .RQWDLQLQJDQ\QXPEHURIVWDWL.URXWHGHILQLWLRQV7KHVHURXWHV.DQEH RYHUULGGHQE\URXWHVZLWKEHWWHUSUHIHUHQ.HYDOXHV
Static static

7KH static VWDWHPHQWV\QWD[UHPDLQVWKHVDPHLQ,3YDVIRUVWDWL. 8QL .DVW7KHRQO\GLIIHUHQ.HLVWKHV\QWD[XVHGIRUWKH,3DGGUHVV )RU,3YWKHIROORZLQJDGGUHVVIRUPDWVDUHD..HSWDEOHIRUDQ\DGGUHVV YDULDEOH

5F00::/8 5F06:: B500:: /32

See Section 4, IPv6 Overview, for more information about IPv6 addresses. 4.1.1 IPv6 Static Syntax
static { ( host host ) | default | ( network [ ( mask mask ) | ( masklen number ) ] ) gateway gateway_list [ interface interface_list ] ; [ inet6 ] [ preference preference ] ; [ retain ] ; [ reject ] ; [ blackhole ] ; [ noinstall ] ; ( network [ ( mask mask ) | ( masklen number ) ] ) interface interface [ preference preference ] ; [ retain ]; [ reject ] ; [ blackhole ] ; [ noinstall ] ; [ unicast ] ; (GateD version 5.x/6.x only) [ multicast ] ; (GateD version 5.x/6.x only) } ; host host | default |

287

Static Routes for IPv6

( network [ ( mask mask ) | ( masklen number ) ] ) gateway gateway_list

LVWKHPRVWJHQHUDOIRUPRIWKHstatic VWDWHPHQW host GHILQHVDVWDWL.URXWHWKURXJKRQHRUPRUHJDWHZD\V6WDWL.URXWHV DUHLQVWDOOHGZKHQRQHRUPRUHRIWKHJDWHZD\VOLVWHGDUHDYDLODEOH RQGLUH.WO\DWWD.KHGLQWHUID.HV,IPRUHWKDQRQHHOLJLEOHJDWHZD\ LVDYDLODEOHgateways DUHOLPLWHGE\WKHQXPEHURIPXOWLSDWK GHVWLQDWLRQVVXSSRUWHGWKLV.RPSLOHWLPHSDUDPHWHULV.XUUHQWO\ DOPRVWDOZD\VRQ81,;
host interface interface_list

:KHQ interface LVVSH.LILHGJDWHZD\VDUHRQO\.RQVLGHUHGYDOLG ZKHQWKH\DUHRQRQHRIWKHVHLQWHUID.HV6HH6H.WLRQ,QWHU ID.H/LVWVIRUWKHGHV.ULSWLRQRIWKHinterface_list.

inet6 inet6

DOORZV,3YDGGUHVVHVWREHXVHG,I inet6 LVQRWVSH.L ILHGRQO\8QL.DVWURXWHVDUHSDVVHG

preference preference

VSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP VWDWL.URXWHV.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQ DURXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYH URXWHZLOOEHVHOH.WHGIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHU HQ.H(D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ7KH GHIDXOWVWDWL.SUHIHUHQ.HLV

preference retain

1RUPDOO\*DWH'UHPRYHVDOOURXWHVH[.HSWLQWHUID.HURXWHVIURP WKHNHUQHOIRUZDUGLQJWDEOHGXULQJDJUD.HIXOVKXWGRZQ7KH retain RSWLRQPD\EHXVHGWRSUHYHQWVSH.LIL.VWDWL.URXWHVIURP EHLQJUHPRYHGretain LQVXUHVWKDWVRPHURXWLQJLVDYDLODEOH ZKHQ*DWH'LVQRWUXQQLQJ

reject

,QVWHDGRIIRUZDUGLQJDSD.NHWDVDQRUPDOURXWHreject URXWHV .DXVHSD.NHWVWREHGURSSHGDQGXQUHD.KDEOHPHVVDJHVWREHVHQW WRWKHSD.NHWRULJLQDWRUV6SH.LI\LQJ reject .DXVHVWKLVURXWHWR EHLQVWDOOHGDVDUHMH.WURXWH1RWDOONHUQHOIRUZDUGLQJHQJLQHV VXSSRUWUHMH.WURXWHV

blackhole

$EOD.NKROHURXWHLVWKHVDPHDVDUHMH.WURXWHH[.HSWWKDW XQUHD.KDEOHPHVVDJHVDUHQRWVXSSRUWHG6SH.LI\LQJ blackhole .DXVHVWKLVURXWHWREHLQVWDOOHGDVDEOD.NKROHURXWH

noinstall

1RUPDOO\WKHURXWHZLWKWKHORZHVWSUHIHUHQ.HLVLQVWDOOHGLQWKH NHUQHOIRUZDUGLQJWDEOHDQGLVWKHURXWHH[SRUWHGWRRWKHUSURWR .ROV:KHQ noinstall LVVSH.LILHGRQDURXWHLWZLOOQRWEH

288

Configuring GateD

LQVWDOOHGLQWKHNHUQHOIRUZDUGLQJWDEOHZKHQLWLVD.WLYHEXWLWZLOO VWLOOEHHOLJLEOHWREHH[SRUWHGWRRWKHUSURWR.ROV.
( network [ ( mask mask ) | ( masklen number ) ] )

7KLVIRUPGHILQHVDVWDWL.LQWHUID.HURXWHWKLVLVXVHGIRUSULPLWLYH VXSSRUWRIPXOWLSOHQHWZRUNDGGUHVVHVRQRQHLQWHUID.H
interface interface_list

:KHQinterface LVVSH.LILHGJDWHZD\VDUHRQO\.RQVLGHUHGYDOLG ZKHQWKH\DUHRQRQHRIWKHVHLQWHUID.HV6HH6H.WLRQ,QWHU ID.H/LVWVIRUWKHGHV.ULSWLRQRIWKHinterface_list.

preference preference preferenceVSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP

VWDWL.URXWHV.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQ DURXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYH URXWHZLOOEHVHOH.WHGIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHU HQ.H(D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ7KH GHIDXOWVWDWL.SUHIHUHQ.HLV

retain

1RUPDOO\*DWH'UHPRYHVDOOURXWHVH[.HSWLQWHUID.HURXWHVIURP WKHNHUQHOIRUZDUGLQJWDEOHGXULQJDJUD.HIXOVKXWGRZQ7KH retain RSWLRQPD\EHXVHGWRSUHYHQWVSH.LIL.VWDWL.URXWHVIURP EHLQJUHPRYHG retainLQVXUHVWKDWVRPHURXWLQJLVDYDLODEOH ZKHQ*DWH'LVQRWUXQQLQJ

reject

,QVWHDGRIIRUZDUGLQJDSD.NHWDVDQRUPDOURXWH rejectURXWHV .DXVHSD.NHWVWREHGURSSHGDQGXQUHD.KDEOHPHVVDJHVWREHVHQW WRWKHSD.NHWRULJLQDWRUV6SH.LI\LQJreject .DXVHVWKLVURXWHWR EHLQVWDOOHGDVDUHMH.WURXWH1RWDOONHUQHOIRUZDUGLQJHQJLQHV VXSSRUWUHMH.WURXWHV

blackhole

$EOD.NKROHURXWHLVWKHVDPHDVDUHMH.WURXWHH[.HSWWKDW XQUHD.KDEOHPHVVDJHVDUHQRWVXSSRUWHG6SH.LI\LQJblackhole .DXVHVWKLVURXWHWREHLQVWDOOHGDVDEOD.NKROHURXWH

noinstall

1RUPDOO\WKHURXWHZLWKWKHORZHVWSUHIHUHQ.HLVLQVWDOOHGLQWKH NHUQHOIRUZDUGLQJWDEOHDQGLVWKHURXWHH[SRUWHGWRRWKHUSURWR .ROV:KHQ noinstall LVVSH.LILHGRQDURXWHLWZLOOQRWEH LQVWDOOHGLQWKHNHUQHOIRUZDUGLQJWDEOHZKHQLWLVD.WLYHEXWLWZLOO VWLOOEHHOLJLEOHWREHH[SRUWHGWRRWKHUSURWR.ROV *DWH'YHUVLRQ[[RQO\

289

Static Routes for IPv6

unicast

7KLVURXWHZLOOEHORDGHGLQWKHXQL.DVWULEV%\GHIDXOWDOOVWDWL. URXWHVDUHORDGHGLQWKHXQL.DVWULE
multicast

7KLVURXWHZLOOEHORDGHGLQWKHPXOWL.DVWULEV6WDWL.URXWHVDUH LQVWDOOHGLQWRWKHPXOWL.DVWULERQO\E\VSH.LIL.DWLRQ

290

Configuring GateD

Chapter 4 Section 2 RIPng

4.2.0 IPv6 Static Overview 5,3QJLVDQLPSOHPHQWDWLRQRIDGLVWDQ.HYH.WRURU%HOOPDQ)RUGURXWLQJ SURWR.ROIRUOR.DOQHWZRUNV5,3QJLVEDVHGRIIRIWKH5,3SURWR.RODQG LQKHULWVWKHOLPLWDWLRQVDQG.RQVWUDLQWVWKDWDUHLQ5,3 $URXWHUUXQQLQJ5,3QJVHQGVDQXSGDWHWRLWVQHLJKERUURXWHUVHYHU\ VH.RQGV(D.KXSGDWH.RQWDLQVSDLUHGYDOXHVZKHUHHD.KSDLU.RQVLVWVRIDQ ,3YQHWZRUNDGGUHVVDQGDQLQWHJHUGLVWDQ.HWRWKDWQHWZRUN5,3QJXVHV DKRS.RXQWPHWUL.WRPHDVXUHWKHGLVWDQ.HWRDGHVWLQDWLRQ,QWKH5,3QJ PHWUL.DURXWHUDGYHUWLVHVGLUH.WO\.RQQH.WHGQHWZRUNVDWDPHWUL.RIE\ GHIDXOW1HWZRUNVWKDWDUHUHD.KDEOHWKURXJKRQHRWKHUJDWHZD\DUHKRSV HW.7KXVWKHQXPEHURIKRSVRUKRS.RXQWDORQJDSDWKIURPDJLYHQ VRXU.HWRDJLYHQGHVWLQDWLRQUHIHUVWRWKHQXPEHURIJDWHZD\VWKDWDGDWD JUDPZRXOGHQ.RXQWHUDORQJWKDWSDWK8VLQJKRS.RXQWVWR.DO.XODWH VKRUWHVWSDWKVGRHVQRWDOZD\VSURGX.HRSWLPDOUHVXOWV)RUH[DPSOHD SDWKZLWKDKRS.RXQWWKDW.URVVHVWKUHH(WKHUQHWVPD\EHVXEVWDQWLDOO\ IDVWHUWKDWDSDWKZLWKDKRS.RXQWWKDW.URVVHVWZRVORZVSHHGVHULDO OLQHV7R.RPSHQVDWHIRUGLIIHUHQ.HVLQWH.KQRORJ\PDQ\URXWHUVDGYHUWLVH DUWLIL.LDOO\KLJKKRS.RXQWVIRUVORZOLQNV $WVWDUWXS5,3QJLVVXHVDUHTXHVWIRUURXWLQJLQIRUPDWLRQDQGWKHQOLVWHQV IRUUHVSRQVHVWRWKHUHTXHVW,IDV\VWHP.RQILJXUHGWRVXSSO\5,3QJKHDUV WKHUHTXHVWLWUHVSRQGVZLWKDUHVSRQVHSD.NHWEDVHGRQLQIRUPDWLRQLQLWV URXWLQJGDWDEDVH7KHUHVSRQVHSD.NHW.RQWDLQVGHVWLQDWLRQQHWZRUN DGGUHVVHVDQGWKHURXWLQJPHWUL.IRUHD.KGHVWLQDWLRQ :KHQD5,3QJUHVSRQVHSD.NHWLVUH.HLYHGWKHURXWLQJGDHPRQWDNHVWKH LQIRUPDWLRQDQGUHEXLOGVWKHURXWLQJGDWDEDVHDGGLQJQHZURXWHVDQG EHWWHUORZHUPHWUL.URXWHVWRGHVWLQDWLRQVDOUHDG\OLVWHGLQWKHGDWDEDVH 5,3QJDOVRGHOHWHVURXWHVIURPWKHGDWDEDVHLIWKHQH[WURXWHUWRWKDWGHVWL QDWLRQUHSRUWVWKDWWKHURXWH.RQWDLQVPRUHWKDQKRSVRULIWKHURXWHLV GHOHWHG$OOURXWHVWKURXJKDJDWHZD\DUHGHOHWHGLIQRXSGDWHVDUHUH.HLYHG IURPWKDWJDWHZD\IRUDVSH.LILHGWLPHSHULRG,QJHQHUDOURXWLQJXSGDWHV DUHLVVXHGHYHU\VH.RQGV,QPDQ\LPSOHPHQWDWLRQVLIDJDWHZD\LVQRW KHDUGIURPIRUVH.RQGVDOOURXWHVIURPWKDWJDWHZD\DUHGHOHWHGIURP WKHURXWLQJGDWDEDVH7KLVVH.RQGLQWHUYDODOVRDSSOLHVWRGHOHWLRQRI VSH.LIL.URXWHV 4.2.1 RIPng Syntax
ripng ( on | off ) [ { preference preference ; defaultmetric metric ; tag tag interface interface_list [ noripin ] | [ ripin ]

291

RIPng

[ noripout ] | [ ripout ] ; traceoptions trace_options ; } ] ;

7KH ripng VWDWHPHQWHQDEOHVRUGLVDEOHV5,3QJ

preference preference preference VSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP 5,3QJ.RPSDUHGWRRWKHUSURWR.ROVZLOOEHVHOH.WHG:KHQD URXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSURWR.ROWKHD.WLYH URXWHZLOOEHVHOH.WHGIURPWKHSURWR.ROZLWKWKHORZHVWSUHIHU HQ.H(D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLVVHOH.WLRQ 5,3QJ
VGHIDXOWLV preference PD\EHXVHGWR.KDQJH GHIDXOWYDOXHIRU5,3QJ preference PD\EHRYHULGGHQE\D preference YDOXHVSH.LILHGLQLPSRUWSROL.\ defaultmetric metric defaultmetric GHILQHVWKHPHWUL.XVHGZKHQDGYHUWLVLQJURXWHV YLD5,3QJWKDWZHUHOHDUQHGIURPRWKHUSURWR.ROV,IQRWVSH.L ILHGWKHGHIDXOWYDOXHLV7KLVPHWUL.PD\EHRYHUULGGHQE\D PHWUL.VSH.LILHGLQH[SRUWSROL.\ tag tag

7KHURXWHtag LVWRSURYLGHDPHWKRGRIVHSDUDWLQJLQWHUQDO 5,3QJURXWHVIURPH[WHUQDO5,3QJURXWHV,QWHUQDOURXWHVDUH URXWHVIURPQHWZRUNVZLWKLQD5,3QJURXWLQJGRPDLQH[WHUQDO URXWHVDUHURXWHVIURPDQRQ5,3QJGRPDLQVX.KDV%*3RU (*3tagLVDQDUELWUDU\YDOXH

interface interface_list interface controls various attributes of sending RIPng on specific interfaces. 6HH6H.WLRQ,QWHUID.H/LVWVIRUWKHGHV.ULS WLRQRIWKHinterface_list.

1RWH:KHQVSH.LI\LQJDOLQNOR.DODGGUHVVDVWKHLQWHUID.HWKH LQWHUID.HLQGH[PXVWEHVWULSSHGIURPWKHLQWHUID.H([DPSOH IIH.EH.RPHVIIH. 1RWH,IWKHUHDUHPXOWLSOHLQWHUID.HV.RQILJXUHGRQWKHVDPHVXE QHW5,3QJXSGDWHVZLOORQO\EHVHQWIURPWKHILUVWRQHIRUZKL.K 5,3QJRXWSXWLV.RQILJXUHG7KLVOLPLWDWLRQLVUHTXLUHGEH.DXVHRI WKHZD\WKH81,;NHUQHORSHUDWHV The possible parameters for interface include:
noripin | ripin

VSH.LILHVWKDW5,3QJSD.NHWVUH.HLYHGYLDWKHVSH.LILHG LQWHUID.HZLOOEHLJQRUHG ripin LVWKHGHIDXOWripin VSH.LILHV

noripin

292

Configuring GateD

WKDW5,3QJSD.NHWVRQDOOQRQORRSED.NLQWHUID.HVZLOOEHOLVWHQHG WR6SH.LI\LQJripinPD\EHQH.HVVDU\ZKHQ noripinLVXVHGRQ DZLOG.DUGLQWHUID.HGHV.ULSWRU

noripout | ripout

VSH.LILHVWKDWQR5,3QJSD.NHWVZLOOEHVHQWRQWKH VSH.LILHGLQWHUID.HV7KHVHQGLQJRI5,3QJRQSRLQWWRSRLQW LQWHUID.HVPXVWEHPDQXDOO\.RQILJXUHG ripout LVWKHGHIDXOW 6SH.LI\LQJ ripout LVQH.HVVDU\WRVHQG5,3QJRQSRLQWWRSRLQW LQWHUID.HVDQGPD\EHQH.HVVDU\ZKHQ noripinLVXVHGRQDZLOG .DUGLQWHUID.HGHV.ULSWRU
noripout traceoptions trace_options traceoptionsVSH.LILHVWKHWUD.LQJRSWLRQVIRU5,3QJ6HH6H.

WLRQ7UD.H6WDWHPHQWVDQGWKH5,3QJVSH.LIL.WUD.LQJRSWLRQV EHORZ 4.2.2 RIPng Tracing Options 7KH policy RSWLRQORJVLQIRUPDWLRQZKHQHYHUDQHZURXWHLV DQQRXQ.HGRUWKHPHWUL.EHLQJDQQRXQ.HG.KDQJHVRUDURXWHJRHVRU OHDYHVKROGGRZQ3D.NHWWUD.LQJRSWLRQVZKL.KPD\EHPRGLILHGZLWK detail send RU recvLQ.OXGH
packets

7UD.HDOO5,3QJSD.NHWV
request pollDQGpollentry. response

7UD.H5,3QJLQIRUPDWLRQUHTXHVWSD.NHWVVX.KDVrequest,

7UD.H5,3QJresponseSD.NHWVZKL.KDUHWKHW\SHRISD.NHWWKDW D.WXDOO\.RQWDLQVURXWLQJLQIRUPDWLRQ
other

7UD.HDQ\RWKHUW\SHRISD.NHW7KHRQO\YDOLGRQHVDUHtrace_on DQG trace_offERWKRIZKL.KDUHLJQRUHG ([DPSOHVRI5,3QJWUD.LQJRSWLRQV

traceoptions none; traceoptions /var/tmp/ripng_peer1 detail packets; traceoptions receive request; traceoptions send response;

293

RIPng

294

Configuring GateD

Chapter 5
RSD Control Statements
5.0 RSD Overview 7KH5RXWH6HUYHU'DHPRQ56GLVURXWLQJVRIWZDUHWKDQ.DQVLPSOLI\WKH DGPLQLVWUDWLRQRIURXWLQJLQIRUPDWLRQH[.KDQJHEHWZHHQ,QWHUQHW6HUYL.H 3URYLGHUV,63VDW,QWHUQHW([.KDQJHV,;V56GLVLQSURGX.WLRQXVHDW VHYHUDO,;VLQ.OXGLQJWKH861DWLRQDO6.LHQ.H)RXQGDWLRQVSRQVRUHG1HW ZRUN$..HVV3RLQWV1$3V )RUWKHSXUSRVHRILQWHU$XWRQRPRXV6\VWHPURXWHH[.KDQJHHD.K,63 URXWHUDWDQ,;XVXDOO\HVWDEOLVKHV%*3SHHULQJVHVVLRQVZLWKVHYHUDO RWKHU,63URXWHUVDWWKDW,;7KHURXWLQJSROL.LHVRIDQ,63ZLWKUHVSH.WWR LWVSHHUVLHWKHURXWHVWKDWWKH,63VHOH.WVIURPRUDGYHUWLVHVWRDUHXVX DOO\.RQILJXUHGLQ,63URXWHUV%DVHGRQWKHVH.RQILJXUHGURXWLQJSROL.LHV DQGG\QDPL.URXWLQJLQIRUPDWLRQKHDUGYLD%*3,63URXWHUV.RPSXWH WKHLUURXWLQJWDEOHV 6X.KDPHVKSHHULQJ.RQILJXUDWLRQ.DQEHGLIIL.XOWWRDGPLQLVWHUDGGLQJDQ ,63WRDQ,;.DQUHTXLUHUH.RQILJXULQJDOO,63URXWHUV :LWKDURXWHVHUYHULWLVSRVVLEOHWR.HQWUDOL]HDQGVLPSOLI\WKH.RQILJXUD WLRQRI,63SHHULQJVDW,;V,QWKHRU\HD.K,63QHHGRQO\HVWDEOLVKDSHHU LQJVHVVLRQZLWKWKHURXWHVHUYHU$OO,63URXWLQJSROL.LHVDUH.RQILJXUHGLQ WKHURXWHVHUYHUZKL.K.RPSXWHVURXWLQJWDEOHVRQEHKDOIRILWV.OLHQW,63 URXWHUV0RGLI\LQJWKHSHHULQJ.RQILJXUDWLRQDW,;VRQO\UHTXLUHVUH.RQILJ XULQJWKHURXWHVHUYHU 56GLVURXWLQJVRIWZDUHWKDWLPSOHPHQWVURXWHVHUYHUIXQ.WLRQDOLW\56G UXQVRQVHYHUDOGLIIHUHQW81,;YDULDQWV56GGRHVQRW.XUUHQWO\LQ.OXGH VXSSRUWIRU,62'(6103

295

RSD View Statement

296

Configuring GateD

Chapter 5 Section 1
RSd View Statements
5.1.0 View Overview $URXWHVHUYHU.RPSXWHVD.ROOH.WLRQRIURXWHVRQEHKDOIRIHD.KRILWV.OL HQWVZH.DOOWKLV.ROOH.WLRQDYLHZ5RXJKO\VSHDNLQJDYLHZLVWKDWSDUW RID.OLHQW
VURXWLQJWDEOHWKDW.RQWDLQVURXWHVKHDUGIURPRWKHU,63URXWHUV DWDQ,; %\GHIDXOW56GGRHVQRWLQVWDOODQ\URXWHVLQWKHURXWHVHUYHU
VNHUQHOIRU ZDUGLQJWDEOH,I\RXZLVKWRLQVWDOOURXWHVEHVXUHWRVWDUW56GZLWKWKH -i IODJ)RUWKLVSXUSRVH56GVXSSRUWVDOR.DOYLHZWKLVYLHZ.RQWDLQVURXWHV LQVWDOOHGLQWKHURXWHVHUYHU
VIRUZDUGLQJWDEOH 7ZRRUPRUH.OLHQWVPD\VKDUHDYLHZ7KH view VWDWHPHQWGHILQHVWKH SHHUVVKDULQJDSDUWL.XODUYLHZDQGWKHURXWHVWKDWVKRXOGEHLQVWDOOHGLQD YLHZ$OOURXWHVLQVWDOOHGLQD.OLHQW
VYLHZDUHSURSDJDWHGWRWKH.OLHQWYLD %*3 5.1.1 View Syntax 5.1.1.1 Peer and Import Statements $ view VWDWHPHQW.RQWDLQVWZRVH.WLRQVDVHTXHQ.HRI peer .ODXVHVIRO ORZHGE\DVHTXHQ.HRI import .ODXVHV
peer ip_address [ preference routepreference ] [ dampen ]

ip_addressLVWKH.RUUHVSRQGLQJ.OLHQW
V,3DGGUHVV7KH.RQILJXUD WLRQILOHPXVW.RQWDLQDbgp SHHU.ODXVH.RUUHVSRQGLQJWRWKLV,3 DGGUHVV7RGHILQHWKHURXWHVHUYHU
VOR.DOYLHZXVHWKH,3ORRSED.N DGGUHVVpreference LVWKHGHIDXOWSUHIHUHQ.HDVVLJQHGWRURXWHV LQVWDOOHGLQWKDWYLHZ,IWKHGHIDXOWSUHIHUHQ.HLVQRWGHILQHG*DWH'
V GHIDXOWSUHIHUHQ.HIRUH[WHUQDO%*3URXWHVLVXVHGdampen LQGL.DWHV WKDWURXWHVLQVWDOOHGLQWKHYLHZPXVWEHVXEMH.WHGWRIODSGDPSHQLQJ (YHQLIWKHdampen-flap VWDWHPHQWLVSUHVHQWLQWKHUXQWLPH.RQILJ XUDWLRQILOHWKLVNH\ZRUGPXVWEHGH.ODUHGLQWKH peer .ODXVHRIWKH view VWDWHPHQWLIURXWHVWRDSHHUDUHWREHVXSSUHVVHGEDVHGRQWKHLU LQVWDELOLW\KLVWRU\,IWKHdampen-flap VWDWHPHQWLVDEVHQWWKLVNH\ ZRUGLVLJQRUHG7KH dampen NH\ZRUGPD\EHSUHVHQWLQRQH peer .ODXVHRIDview VWDWHPHQWDQGQRWSUHVHQWLQDQRWKHUpeer .ODXVHRI WKHVDPHview VWDWHPHQW
import 7KHimport.ODXVHRIWKHviewVWDWHPHQWVSH.LILHVWKH.ROOH.WLRQRI

URXWHVLQVWDOOHGLQDYLHZ56GPDW.KHVHD.KUH.HLYHGURXWHDJDLQVWWKH import.ODXVHVWKDWDUHOLVWHGZLWKLQDYLHZLQRUGHU%HORZZH GHV.ULEHWKHimport.ODXVHDQGGHV.ULEHKRZDURXWHPDW.KHVDQ import.ODXVH 7KHILUVWIRUPRIWKH import.ODXVHLVDVIROORZV

297

RSD View Statement

import proto bgp as AS number [ preference preference ] { route_filter [ restrict | (preference preference) ] [ MED med ] ; };

:KHQPDW.KLQJDURXWHDJDLQVWDQ import .ODXVHRIWKLVIRUP56G ILUVW.RPSDUHVWKH$6QXPEHURIWKHSHHUWKDWDGYHUWLVHGWKHURXWH ZLWKWKHVSH.LILHG$6QXPEHU,IWKHWZRTXDQWLWLHVDUHHTXDO56G PDW.KHVWKHURXWHDJDLQVWWKH]HURRUPRUHroute_filters OLVWHG 7KHV\QWD[RIURXWHILOWHUVDQGWKHVHPDQWL.VRIURXWHPDW.KLQJ DJDLQVWURXWHILOWHUVDUHGHV.ULEHGLQ5RXWH)LOWHULQJRQSDJH ,I WKHURXWHUPDW.KHVDURXWHILOWHUWKHQWKDWURXWHLVDVVLJQHGWKHDVVR.L DWHGSUHIHUHQ.HLIDrestrict LVVSH.LILHGWKHURXWHLVQRWLQVWDOOHG LQWKHYLHZ)XUWKHUPRUHWKHURXWHULVDGYHUWLVHGZLWKWKHDVVR.LDWHG med. 7KHVH.RQGIRUPRIWKHimport .ODXVHLVDVIROORZV
import proto bgp aspath AS Path regular expression origin any | ( egp | igp | incomplete ) [ preference preference ] { route_filter [ restrict | (preference preference) ] [ MED med ] ; };

:KHQPDW.KLQJDURXWHDJDLQVWDQimport .ODXVHRIWKLVIRUP56G SHUIRUPVDUHJXODUH[SUHVVLRQPDW.KEHWZHHQWKHURXWH

V$6SDWKDQG WKHVSH.LILHG$63DWKUHJXODUH[SUHVVLRQ7KHV\QWD[RI$6SDWKUHJX ODUH[SUHVVLRQVLVGHV.ULEHGLQ$63DWK5HJXODU([SUHVVLRQVRQ SDJH ,IWKHPDW.KVX..HHGV56GPDW.KHVWKHURXWHDJDLQVWWKH ]HURRUPRUHroute_filtersOLVWHG7KHV\QWD[RIURXWHILOWHUVDQG WKHVHPDQWL.VRIURXWHPDW.KLQJDJDLQVWURXWHILOWHUVLVGHV.ULEHGLQ 5RXWH)LOWHULQJRQSDJH ,IWKHURXWHPDW.KHVDURXWHILOWHU WKHQWKDWURXWHLVDVVLJQHGWKHDVVR.LDWHGSUHIHUHQ.HLIDrestrictLV VSH.LILHGWKHURXWHLVQRWLQVWDOOHGLQWKHYLHZ)XUWKHUPRUHWKH URXWHLVDGYHUWLVHGZLWKWKHDVVR.LDWHGmed. 7KHWKLUGIRUPRIWKHimportVWDWHPHQWLVDVIROORZV
import proto aggregate as as [ preference preference ] { route_filter [ restrict | (preference preference) ] [ MED med ] ; };

,IDURXWHLV.RQILJXUHGDVDQ aggregate DQGWKDWURXWH

V.RQWULEXWRUV

298

Configuring GateD

DUHURXWHVIURP.OLHQW$656GPDW.KHVWKHURXWHDJDLQVWWKH]HURRU PRUH route_filtersOLVWHG7KHV\QWD[RIURXWHILOWHUVDQGWKH VHPDQWL.VRIURXWHPDW.KLQJDJDLQVWURXWHILOWHUVLVGHV.ULEHGLQ 5RXWH)LOWHULQJRQSDJH ,IWKHURXWHPDW.KHVDURXWHILOWHU WKHQWKDWURXWHLVDVVLJQHGWKHDVVR.LDWHGSUHIHUHQ.HLID restrict LV VSH.LILHGWKHURXWHLVQRWLQVWDOOHGLQWKHYLHZ)XUWKHUPRUHWKDW URXWHLVDGYHUWLVHGZLWKWKHDVVR.LDWHGmed. $ view VWDWHPHQWPXVWKDYHDWOHDVWRQH peer.ODXVH7ZRviews .DQQRWKDYHWKHVDPH peer,ID.OLHQWLVGH.ODUHGLQWKHbgp VWDWH PHQWEXWQRWLQD view VWDWHPHQWQRURXWHVDUHLQVWDOOHGLQWKDW.OL HQW
VYLHZ&OLHQWVPD\EHDUELWUDULO\UH.RQILJXUHGLQWRGLIIHUHQWYLHZV YLHZLPSRUWVWDWHPHQWVPD\EHUH.RQILJXUHGDQGVRRQ ,IWKHviewVWDWHPHQW.RQWDLQVQR import.ODXVHVQRURXWHVDUH LQVWDOOHGLQWKDWYLHZ7RHYHU\URXWHDYLHZ
V import.ODXVHVDUH DSSOLHGLQWKHRUGHULQZKL.KWKH\DUHGH.ODUHG7KHILUVWPDW.KLQJ import .ODXVHLVWKHQXVHGWRGHWHUPLQHWKHSUHIHUHQ.HDQGPHWUL. DVVLJQHGWRWKHURXWHDPDW.KLQJimport .ODXVHLVGHILQHGWREHRQH LQZKL.KWKHVSH.LILHG$6RU$6SDWKUHJXODUH[SUHVVLRQPDW.KHVWKH URXWH
V$6RU$6SDWK 5.1.1.2 Route Filtering 5RXWHVDUHILOWHUHGE\VSH.LI\LQJ.RQILJXUDWLRQODQJXDJHWKDWZLOOPDW.KD .HUWDLQVHWRIURXWHVE\GHVWLQDWLRQRUE\GHVWLQDWLRQDQGPDVN,IDURXWH GRHVQRWPDW.KDQ\RIWKHURXWHILOWHUVVSH.LILHGLQDQimport .ODXVHWKH URXWHLVQRWLQVWDOOHGLQWKHYLHZ56GZLOODWWHPSWWRPDW.KWKHPRVWVSH .LIL.ILOWHUWKDWDSSOLHV6SH.LI\LQJPRUHWKDQRQHILOWHUZLWKWKHVDPHGHV WLQDWLRQPDVNDQGPRGLILHUVZLOOJHQHUDWHDQHUURU 7KHILOWHULQJV\QWD[LVDVIROORZV
network [ exact | refines ] network mask mask [ exact | refines ] network masklen number [ exact | refines ] all default host host

0DW.KLQJXVXDOO\UHTXLUHVERWKDQDGGUHVVDQGDPDVNRUPDVNOHQ DOWKRXJKWKHPDVNLVLPSOLHGLQWKHVKRUWKDQGIRUPVOLVWHGEHORZ

network [ exact | refines all default host host

7KHVHPDQWL.VRIPDW.KLQJDJDLQVWWKHVHURXWHILOWHUVLVGHV.ULEHGEHORZ

299

RSD View Statement [ exact_refines ]

network

exactVSH.LILHVWKDWWKHPDVNRIWKHGHVWLQDWLRQPXVWPDW.KWKHVXS SOLHGPDVNH[D.WO\exactLVXVHGWRPDW.KDQHWZRUNEXWQRVXEQHWV RUKRVWVRIWKDWQHWZRUNrefinesVSH.LILHVWKDWWKHPDVNRIWKHGHV

WLQDWLRQPXVWEHPRUHVSH.LILHGLHORQJHUWKDQWKHILOWHUPDVN7KLV LVXVHGWRPDW.KVXEQHWVDQGRUKRVWVRIDQHWZRUNEXWQRWWKHQHW ZRUN

all allPDW.KHVDQ\WKLQJ,WLVHTXLYDOHQWWR 0.0.0.0 masklen 0.0.0.0 refines default default PDW.KHVWKHdefaultURXWH7RPDW.KWKHDGGUHVVPXVWEH WKHGHIDXOWDGGUHVVDQGWKHPDVNPXVWEHDOO]HURV7KLVLVHTXLYDOHQW WR 0.0.0.0 masklen 0.0.0.0 exact hosthost

$OWHUQDWLYHVDUHGHV.ULEHGEHORZ

PDW.KHVWKHVSH.LIL.KRVW7RPDW.KWKHDGGUHVVPXVWH[D.WO\ PDW.KWKHVSH.LILHGhostDQGWKHQHWZRUNPDVNPXVWEHDKRVWPDVN LHDOORQHV7KLVLVHTXLYDOHQWWR

host

host masklen 255.255.255.255 exact

5.1.1.3 AS Path Regular Expressions 56G

V$63DWKUHJXODUH[SUHVVLRQVDUH326,;.RPSOLDQWUHJXODUH[SUHV VLRQVRYHUWKHDOSKDEHWRI$6QXPEHUV,Q56G$63DWKUHJXODUH[SUHV VLRQVDUHGHOLPLWHGE\DQG7KLVVH.WLRQGHV.ULEHV56G
V$6SDWK UHJXODUH[SUHVVLRQV\QWD[
.

$SHULRGPDW.KHVDVLQJOH$6QXPEHULQDSDWK
[ and ]

7KLVGHOLPLWVDQ$6QXPEHUVHW%HWZHHQWKHVHGHOLPLWHUV\RXPD\ OLVWRQHRUPRUHVSD.HVHSDUDWHG$6QXPEHUVRU$6QXPEHUUDQJHV WZR$6QXPEHUVVHSDUDWHGE\D


:KHQVSH.LILHGLQDUHJXODU H[SUHVVLRQWKLVPDW.KHVDVLQJOH$6QXPEHUIDOOLQJZLWKLQWKLV$6 QXPEHUVHW
[^ and ]

7KLVGHOLPLWVWKH.RPSOHPHQWRIDQ$6QXPEHUVHW%HWZHHQWKHVH GHOLPLWHUV\RXPD\OLVWRQHRUPRUHVSD.HVHSDUDWHG$6QXPEHUVRU

300

Configuring GateD

$6QXPEHUUDQJHVWZR$6QXPEHUVVHSDUDWHGE\D

:KHQVSH.L ILHGLQDUHJXODUH[SUHVVLRQWKLVPDW.KHVDVLQJOH$6QXPEHUWKDW GRHVQRWIDOOZLWKLQWKLV$6QXPEHUVHW 7KHUHDUHWKUHH.ODVVHVRIRSHUDWRUVOLVWHGEHORZLQRUGHURISUH.HGHQ.H $OOWKHVHRSHUDWRUVDUHOHIWDVVR.LDWLYH  Unary postfix operators "*" "+" "?" )RUDUHJXODUH[SUHVVLRQ$$ PDW.KHV]HURRUPRUHR..XUUHQ.HRI $$PDW.KHVRQHRUPRUHR..XUUHQ.HRI$$"PDW.KHV]HURRU RQHR..XUUHQ.HRI$ Binary AND operator " "(space) 7KLVLVDQLPSOL.LWRSHUDWRUDQGH[LVWVEHWZHHQWZRUHJXODUH[SUHV VLRQV$DQG%ZKHQQRRWKHUH[SOL.LWRSHUDWRULVVSH.LILHG7KH UHVXOWLQJH[SUHVVLRQ$%PDW.KHVDQ$6SDWKLI$PDW.KHVVRPH SRUWLRQRIWKHEHJLQQLQJRIWKDW$6SDWKDQG%PDW.KHVWKHUHVWRI WKH$6SDWK Binary OR operator "|" (pipe) )RUUHJXODUH[SUHVVLRQV$DQG%$_%PDW.KHVDQ\$6SDWKWKDWLV PDW.KHGE\$RU% 3DUHQWKHVLV.DQEHXVHGWRRYHUULGHWKHGHIDXOWRUGHURIHYDOXDWLRQ :KLWHVSD.H.KDUD.WHUV.DQEHXVHGWRLQ.UHDVHUHDGDELOLW\7KHIROORZLQJ DUHH[DPSOHVRI$6SDWKUHJXODUH[SUHVVLRQV
<.* 35 .* >

7KLVPDW.KHVDQ\$6SDWK.RQWDLQLQJ$6
< 422 .* >

7KLVPDW.KHVDQ\$6SDWKZKRVHILUVWHOHPHQWLV$6
< .* 543 >

7KLVPDW.KHVDQ\$6SDWKZKRVHODVWHOHPHQWLV$6
< 10 20 >

7KLVPDW.KHVWKH$6SDWK.RQWDLQLQJH[D.WO\WZRHOHPHQWVDQG LQWKDWRUGHU
< .* 55 [30-60]+ 948 .* >

7KLVPDW.KHVDQ$6SDWK.RQWDLQLQJDVXEVWULQJEHJLQQLQJZLWK$6 LPPHGLDWHO\IROORZHGE\RQHRUPRUHR..XUUHQ.HVRI$6QXPEHUV

301

RSD View Statement

LQWKHUDQJHIROORZHGE\$6

302

Configuring GateD

Chapter 5 Section 2
Link-layer Unreachability Control Using RSC
7KHrsc LVDPRGLILHGgdc SURJUDP)XQ.WLRQDOLW\RI rsc ZLOOEHIROGHG LQWR gdc LQWKHIXWXUH 56GLVSULPDULO\GHSOR\HGDWODUJH,QWHUQHWH[.KDQJHV6RPHRIWKHVH H[.KDQJHVDUH.RQVWUX.WHGE\EULGJLQJWRJHWKHUGLIIHUHQWWUDQVPLVVLRQ PHGLD,QWKHVH.LU.XPVWDQ.HVWZR.OLHQWVVD\$DQG%RIWKHURXWHVHUYHU PLJKWQRWKDYHOLQNOD\HU.RQQH.WLYLW\WRHD.KRWKHUEXWHD.KPLJKWEHDEOH WRWDONWRWKHURXWHVHUYHU,QWKLV.DVHLWPD\EHGHVLUDEOHWRDYRLGLQVWDOO LQJ%
VURXWHVLQ$
VYLHZDQGYL.HYHUVD 7RPDNHVXUH$DQG%GRQRWKDYHHD.KRWKHUVURXWHVLQWKHLUYLHZVXVH rsc LQWKHIROORZLQJZD\DVVXPHWKDW$
V,3DGGUHVVLV198.168.25.4 DQG%
V,3DGGUHVVLV198.168.25.10
% rsc -S 198.168.25.4 -D 198.168.25.10 linkdown % rsc -S 198.168.25.10 -D 198.168.25.4 linkdown

7KHILUVW.RPPDQGUHPRYHVDOORI%
VURXWHVIURP$
VYLHZ7KHVH.RQG .RPPDQGUHPRYHV$
VURXWHVIURP%
VYLHZ :KHQOLQNOD\HUUHD.KDELOLW\EHWZHHQ$DQG%.RPHVED.NXS\RX.DQXVH
% rsc -S 198.168.25.4 -D 198.168.25.10 linkup % rsc -S 198.168.25.10 -D 198.168.25.4 linkup

to restore the respective views. Note: RSd does not automatically detect when link-layer connectivity between two clients is down.

303

RSD Other Features

304

Configuring GateD

Chapter 5 Section 3
Sample RIBs/View Statements
In RSd-1.3 and RSd-7.0.1, views are handled in two parts. Interface to ASN is mapped in the bgp statement.
group type external peeras asn holdtime secs [logoptions] { peer interface; };

56GDQG56GYLHZVWDWHPHQW
view { peer interface [preference preference] [dampen] import proto bgp as asn { route_filter ... }; import proto bgp aspath aspath_regexp { <route_filter ... }; }; origin any

305

RSD RIBs/View Syntax

:H.DQVLPSOLI\DQGJHQHUDOL]HWKLVLQ*DWH'.RQWH[W56G )8785(

import proto rip | hello | redirect [(interface interface_list)|(gateway gateway_list)] [preference preference] [rib-opt] [dampen] { route_filter [restrict|(preference preference)] [rib-opt]; }; import proto bgp as asn [aspath-opt] preference [preference] [(interface interface_list)|(gateway gateway_list)] [rib-opt] { route_filter [restrict|(preference preference)] [rib-opt]; }; import proto egp as asn preference [preference] [(interface interface_list)|(gateway gateway_list)] [rib-opt] { route_filter [restrict|(preference preference)] [rib-opt]; }; import proto bgp aspath ( aspath_regexp ) origin any | (igp | egp | incomplete) [aspath-opt] [(interface interface_list)|(gateway gateway_list)] [rib-opt] [dampen] restrict; import proto bgp aspath ( aspath_regexp ) origin any | (igp | egp | incomplete) [aspath-opt] [preference preference] [(interface interface_list) | (gateway gateway_list)] [rib-opt] { route_filter [restrict|(preference preference)] [rib-opt]; }; :KHUH rib-opt LV [ribs] {([multicast] [unicast] [view n])|[rib n]} [dampen];

,IQR5,%VDUHVSH.LILHGWKH8QL.DVW5,%RQO\LVDVVXPHG 7KH5,% DVVLJPHQWVDUHDOZD\VSHUIDPLO\$UDGL[WUHHH[LVWVSHUIDPLO\,62,3Y DQG,3Y 8QL.DVW5,%LVDOZD\Vrib 0. 0XOWL.DVW5,%LVDOZD\V rib 1.5,%DVVLJQ PHQWVVWDUWDW 2. 9LHZYDOXHVVWDUWDW 0EXWUHIHUHQ.H rib 2+view.

306

Configuring GateD

([DPSOHV
import proto bgp as 1234 preference 80 interface 192.41.177.123 ribs 1 { 206.113.0.0 masklen 19 exact preference 100; 206.115.0.0 masklen 19 exact preference 100; 207.113.0.0 masklen 17 exact preference 100; 207.202.0.0 masklen 17 exact preference 100; all restrict; }; import proto bgp as 1234 preference 80 interface 192.41.177.123 ribs 1 { 206.113.0.0 masklen 19 exact preference 100; 206.115.0.0 masklen 19 exact preference 100; 207.113.0.0 masklen 17 exact preference 100; 207.202.0.0 masklen 17 exact preference 100; all restrict; }; import proto bgp aspath 2914 [ 73 93 97 101 685 2497 2568 2702 2905 2914 10289 10430 10487 10708 10732 10763]* origin any interface 192.41.177.123 192.41.177.124 ribs multicast unicast view 1 dampen { 39.9.193.0 masklen 24 exact 54.0.0.0 masklen 8 exact 128.95.0.0 masklen 16 exact 3; 128.112.0.0 masklen 16 exact preference 100 ribs unicast view 3; 128.121.0.0 masklen 16 exact preference 100 ribs multicast view 5; all restrict; }; preference 100; preference 100; preference 100 ribs multicast unicast view

307

RSD RIBs/View Syntax

%H.DXVHZHXVHRQO\5,%EDVHGSROL.\VSH.LIL.DWLRQDVRSSRVHGWRXVLQJLQGLUH.WSRLQWHUVYLD YLHZVZH.DQDOVRDGGED.NLQH[SRUWSROL.\SRLQWLQJWRDVSH.LIL.5,%

export proto <bgp|egp as <asn [(interface <interface_list)|(gateway <gateway_list)] restrict; export proto egp as <asn [(interface <interface_list)|(gateway <gateway_list)] [metric <metric] { <export_list; }; export proto bgp as <asn [mod-aspath-opt] [(interface <interface_list)|(gateway <gateway_list)] [metric <metric] { <export_list; }; export proto <rip|hello [(interface <interface_list)|(gateway <gateway_list)] restrict; export proto <rip|hello [(interface <interface_list)|(gateway <gateway_list)] [metric <metric] { <export_list; }; export_list .RQWDLQV proto <bgp|egp autonomoussystem <asn restrict; proto <bgp|egp autonomoussystem <asn [metric <metric] [rib-opt] { route_filter [restrict|(metric <metric)] [rib-opt]; };

:KHUH

308

Configuring GateD

proto <rip|hello [(interface <interface_list)|(gateway <gateway_list)] [rib-opt] restrict; proto <rip|hello [(interface <interface_list)|(gateway <gateway_list)] [metric <metric] [rib-opt] { route_filter [restrict|(metric <metric)] [rib-opt]; };

:KHUH rib-optLV
[ribs] {([multicast] [unicast] [view <n])|[rib <n]};

,IQR5,%VDUHVSH.LILHGWKHXQL.DVW5,%RQO\LVDVVXPHG7KH5,% DVVLJPHQWVDUHDOZD\VSHUIDPLO\$UDGL[WUHHH[LVWVSHUIDPLO\,62,3Y DQG,3Y 8QL.DVW5,%LVDOZD\VULE00XOWL.DVW5,%LVDOZD\VULE15,% DVVLJQPHQWVVWDUWDW29LHZYDOXHVVWDUWDW0EXWUHIHUHQ.Hrib 2+view ([DPSOH
export proto bgp as 5150 interface 192.41.177.123 192.41.177.124 { proto bgp autonomoussystem 6667 preference 80 ribs multicast unicast view 1 { all; }; };

309

RSD RIBs/View Syntax

310

Configuring GateD

Chapter 6 Section 1
Route Filtering
6.1.0 Route Filtering Overview 5RXWHVDUHILOWHUHGE\VSH.LI\LQJ.RQILJXUDWLRQODQJXDJHWKDWZLOOPDW.KD .HUWDLQVHWRIURXWHVE\GHVWLQDWLRQRUE\GHVWLQDWLRQDQGPDVN$PRQJ RWKHUSOD.HVURXWHILOWHUVDUHXVHGRQ martiansDQGLQimport DQG export VWDWHPHQWV. 7KHD.WLRQWDNHQZKHQQRPDW.KLVIRXQGLVGHSHQGHQWRQWKH.RQWH[W)RU LQVWDQ.H import DQG export URXWHILOWHUVDVVXPHDQall restrict; DW WKHHQGRIDOLVW6HH6H.WLRQDQGIRUPRUHLQIRUPDWLRQDERXW import DQG export $URXWHZLOOPDW.KWKHPRVWVSH.LIL.ILOWHUWKDWDSSOLHV6SH.LI\LQJPRUH WKDQRQHILOWHUZLWKWKHVDPHGHVWLQDWLRQPDVNDQGPRGLILHUVZLOOJHQHUDWH DQHUURU 6.1.1 Route Filtering Syntax
network [ exact | refines | between number and number ] network mask mask [ exact | refines | between number and number ] network masklen number [ exact | refines | between number and number ] all default host host

([DPSOHVRIDOOWKHSRVVLEOHIRUPDWVIRUDURXWHILOWHUIROORZ1RWDOORI WKHVHIRUPDWVDUHDYDLODEOHLQDOOSOD.HV)RULQVWDQ.HWKHhost DQG default IRUPDWVDUHQRWYDOLGIRU martians.

network [ exact | refines | between lownumber and highnumber ] network mask mask [ exact | refines| between lownumber and highnumber ] network masklen number [ exact | refines| between lownumber and highnumber ]

,QPRVW.DVHV\RX.DQVSH.LI\DGGLWLRQDOSDUDPHWHUVUHOHYDQWWRWKH.RQ WH[WRIWKHILOWHU)RUH[DPSOHRQD martian VWDWHPHQW\RX.DQVSH.LI\WKH allowNH\ZRUGRQDQimport VWDWHPHQW\RX.DQVSH.LI\D preference; DQGRQDexport\RX.DQVSH.LI\Dmetric.

311

Route Filtering

7KUHHW\SHVRIPDW.KLQJexact refinesDQGbetweenDUHXVHG WRILOWHUURXWHV

exact exactVSH.LILHVWKDWWKHPDVNRIWKHGHVWLQDWLRQPXVW PDW.KWKHVXSSOLHGPDVNH[D.WO\exactLVXVHGWRPDW.KD

QHWZRUNEXWQRVXEQHWVRUKRVWVRIWKDWQHWZRUN
refines

XVHGWRPDW.KVXEQHWVDQGRUKRVWVRIDQHWZRUNEXWQRW WKHQHWZRUN
between lownumber and highnumber

refinesVSH.LILHVWKDWWKHPDVNRIWKHGHVWLQDWLRQPXVWEH PRUHVSH.LIL.LHORQJHUWKDQWKHILOWHUPDVNrefinesLV

7KLVPRGLILHULVQRWVXSSRUWHGLQSXEOL.*DWH'YHU VLRQVEHIRUHJDWHGSXE betweenVSH.LILHVWKDWWKHPDVNRIWKHGHVWLQDWLRQPXVWEH DVRUPRUHVSH.LIL.LHDVORQJDVRUORQJHUWKDQWKHORZHU OLPLWlownumberDQGQRPRUHVSH.LIL.LHDVORQJDVRU VKRUWHUWKDQWKHXSSHUOLPLWhighnumberlownumber PXVWEHJUHDWHUWKDQWKHPDVNOHQ1RWHWKDWexactDQG refinesDUHERWKVSH.LDO.DVHVRIbetween ,QVWHDGRIVSH.LI\LQJDQ\RIWKHDERYHV\QWD[WKHIROORZLQJDOWHUQD WLYHV.DQEHXVHG
all all default default PDW.KHVWKH default URXWH7RPDW.KWKH DGGUHVVPXVWEHWKHGHIDXOWDGGUHVVDQGWKHPDVNPXVWEH DOO]HURVdefault LVHTXLYDOHQWWR 0.0.0.0 masklen 0.0.0.0 exact host host host PDW.KHVWKHVSH.LIL.KRVW7RPDW.KWKHDGGUHVVPXVW H[D.WO\PDW.KWKHVSH.LILHGhost DQGWKHQHWZRUNPDVN PXVWEHDKRVWPDVNLHDOORQHVhost LVHTXLYDOHQWWR

PDW.KHVDQ\WKLQJall LVHTXLYDOHQWWR

0.0.0.0 masklen 0.0.0.0 refines

host masklen 255.255.255.255 exact

312

Configuring GateD

6.1.2 Route Filtering Sample

7KHIROORZLQJVDPSOHVKRZVKRZWRVHWXSDURXWHILOWHUIRUEJS LPSRUWWKDWDOORZVDOOQHWZRUNVZLWKDPDVNOHQOHVVWKDQWRSDVV
import proto bgp autonmoussystem 12345 { 0.0.0.0 between 0 and 18; };

313

Route Filtering

314

Configuring GateD

Chapter 6 Section 2
Matching AS Paths
6.2.0 AS Path Overview $Q$6SDWKLQ.OXGHVDOLVWRIDXWRQRPRXVV\VWHPVWKDWURXWLQJLQIRUPD WLRQKDVSDVVHGWKURXJKWRJHWWRDVSH.LILHGURXWHUDQGDQLQGL.DWRURIWKH RULJLQRIWKLVOLVW7KLVURXWLQJLQIRUPDWLRQ.DQEHXVHGWRSUHIHURQHSDWK WRDGHVWLQDWLRQQHWZRUNRYHUDQRWKHU7KHSULPDU\PHWKRGIRUSUHIHUULQJ DURXWHZLWK*DWH'LVWRVSH.LI\DOLVWRIILOWHUVWREHDSSOLHGWR$6SDWKV ZKHQLPSRUWLQJDQGH[SRUWLQJURXWHV (D.KDXWRQRPRXVV\VWHPWKURXJKZKL.KDURXWHSDVVHVSUHSHQGVLWV$6 QXPEHUWRWKHEHJLQQLQJRIWKH$6SDWK $6SDWKUHJXODUH[SUHVVLRQVDUHGHILQHGLQ5)&VH.WLRQ)RUPRUH LQIRUPDWLRQDERXW5)&VHH KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOV.RQILJBJXLGHUHI HUHQ.HVKWPO5)& 6.2.1 AS Path Matching Syntax $Q$6SDWKLVPDW.KHGXVLQJWKHIROORZLQJV\QWD[
aspath aspath_regexp origin ( [ any ] | [ igp ] | [ egp ] | [ incomplete ] ) aspath aspath_regexp aspathVSH.LILHVWKDWDQ$6PDW.KLQJWKH aspath_regexpZLWK WKHVSH.LILHGRULJLQLVPDW.KHG origin ( [ any ] | [ igp ] | [ egp ] | [ incomplete ] )

$Q origin RI igp indicates WKHURXWHZDVOHDUQHGIURPDQ,QWUD 'RPDLQ5RXWLQJ3URWR.RODQGLVPRVWOLNHO\.RPSOHWH$Q origin RIegpLQGL.DWHVWKHURXWHZDVOHDUQHGIURPDQ,QWHU'RPDLQ 5RXWLQJ3URWR.ROWKDWGRHVQRWVXSSRUW$6SDWKV(*3IRUH[DP SOHDQGWKHSDWKLVPRVWOLNHO\QRW.RPSOHWH:KHQWKHSDWKLQIRU PDWLRQLVGHILQLWHO\QRW.RPSOHWHDQorigin RI incomplete LV XVHG$Q origin RI any .DQEHXVHGIRUDQ\RULJLQ 6.2.2 AS Path Regular Expressions &XUUHQWO\WZRGLIIHUHQWVW\OHVRIUHJXODUH[SUHVVLRQDUHDYDLODEOHLQ*DWH' *DWHGSXEDQGJDWHGXQLVXSSRUWDQROGHUYHUVLRQRIWKH.RGHIRUUHJXODU H[SUHVVLRQ*DWHG.RPERLQWURGX.HVDPRUHSRZHUIXO326,;.RPSOLDQW YHUVLRQRIWKH.RGH7KHDOSKDEHWVHWRIYDOLGPHPEHUVIRUERWKLPSOH PHQWDWLRQVLVWKHYDOLGUDQJHRI$6QXPEHUVRUPRUHVSH.LIL.DOO\^ `$OVRERWKVXSSRUWWKHIROORZLQJZLOG.DUGVRUH[SUHVVLRQVWKDW .DQEHXVHGWREXLOGDUHJXODUH[SUHVVLRQ([SUHVVLRQV SHULRGUHSUHVHQWVDQ\YDOLGPHPEHURIWKHDOSKDEHW DVWHULVNPDW.KHV]HURRUPRUHRIWKHSUH.HGLQJHOHPHQWH[SUHVVLRQ

315

Matching AS Paths

SOXVVLJQPDW.KHVRQHRUPRUHRIWKHSUH.HGLQJHOHPHQW H[SUHVVLRQ "TXHVWLRQVPDUNPDW.KHV]HURRURQHR..XUUHQ.HRIWKHSUH.HG LQJHOHPHQWH[SUHVVLRQ %LQDU\RSHUDWRUV $1'DQ\VHTXHQ.HRIHOHPHQWVDQGRUH[SUHVVLRQVVHSD UDWHGE\DVSD.H _25DQ\VHTXHQ.HRIHOHPHQWVDQGRUH[SUHVVLRQVVHSDUDWHG E\WKHYHUWL.DOOLQHV\PERO_ Warning *DWH'[.RQWDLQVDEXJLQWKHSDUVLQJRIWKH_ 6LPSOHH[SUHVVLRQVVX.KDV (X | Y | Z) ZRUNILQH0RUH.RPSOL .DWHGH[SUHVVLRQVVX.KDV (X | Y+) ZLOOSURGX.HLQD..XUDWHPDW.K LQJ([SUHVVLRQVVX.KDVWKHODWWHUVKRXOGEHVSOLWLQWRWZRVHSDUDWH aspathVWDWHPHQWVWKDWPDW.KDQHTXLYDOHQWH[SUHVVLRQ([DPSOH
import proto bgp aspath (4 | 1+) origin any { all; };

VKRXOGEHUHSOD.HGE\

import proto bgp aspath (4) origin any { all; }; import proto bgp aspath (1+) origin any { all; };

7KLVEXJLVIL[HGLQ*DWH' 1RWH,QWKHIROORZLQJVH.WLRQV*DWH'KDVDGLIIHUHQWUHJXODU H[SUHVVLRQSDUVHUWKDQ*DWH'[*DWH'[VXSSRUWV{ } *DWH'VXSSRUWV[ ] 6.2.2.1 Examples for GateD 1.0: 6.2.2.1.1 Grouping: 7KHV\PEROV[]DUHXVHGWRGHOLPLWDVHWRI$6QXPEHUV7KHVHW PD\EHDOLVWRI$6QXPEHUVVHSDUDWHGE\DVSD.HRUDUDQJHRI$6 QXPEHUVVHSDUDWHGE\DGDVK- ,IWKHHQWLUHOLVWRIPHPEHUVLV SUHIL[HGZLWKD^.LU.XPIOH[WKHQWKHYDOLGPHPEHUVDUHWKRVH QRWOLVWHGLQWKHVHW%H.DXVHDQXOOVWULQJRUHPSW\VWULQJLVQRWDQ LQVWDQ.HLQWKHDOSKDEHW$6QXPEHUVVX.KDV[^808] ZLOOQRW PDW.KDQHPSW\VWULQJ

316

Configuring GateD

6.2.2.1.2 Examples: 0DW.KDQ\VLQJOH$6QXPEHUDVWKH$6SDWK

(.)

0DW.KDOO$6SDWKV.RPLQJIURPDJLYHQ$6WKDWVWDUWZLWK
(808 .*)

0DW.KDOOSDWKVWKDWGRQRWHQGZLWKWKHJLYHQ$6QXPEHUVEXW PXVWKDYHDWOHDVWRQH$6
(.* [^808 809])

0DW.KDSDWKWKDWKDVRQO\YDOLGH[WHULRU$6QXPEHUV
([1-64999]*)

0DW.KDQGDQ\RWKHU$6QXPEHUH[.HSW
(305 808 [^100])

0DW.KDQGDQ\RWKHU$6QXPEHUH[.HSWRUQRDGGL WLRQDO$6
(305 808 [^100]?)

0DW.KHLWKHURUZLWKQRDGGLWLRQDO$6QXPEHUVLQWKHSDWK
(305|808)

6.2.2.2 Examples for GateD 4.0.x: 6.2.2.2.1 Ranges: 7KHH[SUHVVLRQ^PQ`LVXVHGWRSURYLGHDOLPLWHGVHWRIUHSHDWHG $6QXPEHUVLQWKHUHJXODUH[SUHVVLRQZKHUHPLVWKHPLQLPXP DPRXQWRIHOHPHQWVDQGQLVWKHPD[LPXPDPRXQWRIHOHPHQWV ,Q DGGLWLRQWRWKH^PQ`RQH.DQDOVRXVH^P`WRGHILQHUHSHWLWLRQVRI WKH$6QXPEHU^P`PHDQVWRPDW.KH[D.WO\WKDWQXPEHURIUHSHWL WLRQVRIWKHSUH.HGLQJ$6QXPEHU 6.2.2.2.2 Examples: 0DW.KWZRRUPRUH$6QXPEHUVWKDWDUHLGHQWL.DO
(808{2,})

0DW.KDOO$6SDWKVWKDWVWDUWZLWKRQHRUWZR
VDQGIROORZHGE\ DQ\QXPEHURI$6QXPEHUVRUQRQH

317

Matching AS Paths

(808{1,2} .*)

1RWH7KLVLVHTXLYDOHQWWR
(808 .*)

0DW.KRQO\LIWKH$6SDWKKDVEHWZHHQWZRDQGIRXURIWKHJLYHQ $6QXPEHUVIROORZHGE\DQ\QXPEHURI$6QXPEHUVEXWDWOHDVW RQHPRUH

(808{2,4} .+)

1RWH7KLVLVHTXLYDOHQWWR
(808{2} .+)

0DW.KH[D.WO\WZR
VLQWKH$6SDWK
(808{2})

318

Configuring GateD

Chapter 6 Section 3
AS Path Attributes
6.3.0 AS Path Attributes Overview %*3XSGDWHV.DUU\DQXPEHURISDWKDWWULEXWHV6RPHRIWKHVHOLNHWKHAS pathDUHUHTXLUHG2WKHUVDUHRSWLRQDODQGPD\RUPD\QRWDSSHDULQDQ\ JLYHQ%*3XSGDWH7KHcommDWWULEXWHPD\DOVREHXVHGRQWKHLPSRUW .ODXVHWRDOORZRSWLRQDODWWULEXWHVWREH.RQVLGHUHGZKHQGHWHUPLQLQJ *DWH'
VSUHIHUHQ.HIRUWKHURXWHVLQDSDUWL.XODU%*3XSGDWH&XUUHQWO\ RQO\WKH.RPPXQLWLHVDWWULEXWHLVVXSSRUWHG 7KHV\QWD[RIcommLVDVIROORZV

6.3.1 AS Path Attributes Syntax

comm { [ comm-split autonomous_system community-id ] [ community no-export|no-advertise|no-export-subconfed|none ] } comm-addDQGcomm-deleteDUHXVHGWRDGGDQGGHOHWH.RPPXQLWLHV comm-add { [ comm-split autonomous_system community-id ] [ community no-export|no-advertise|no-export-subconfed ] } comm-delete { [ comm-split autonomous_system community-id ] [ community no-export|no-advertise|no-export-subconfed ] } comm, comm-add and comm-delete are not available in the GateD

public code.

319

AS Path Attributes

320

Configuring GateD

Chapter 6 Section 4
Route Importation
6.4.0 Route Importation Overview 6.4.1 Specifying Preferences VWDWHPHQWV.RQWUROWKH LPSRUWDWLRQRIURXWHVIURPURXWLQJSURWR .ROVDQGWKHLQVWDOODWLRQRIWKHURXWHVLQ*DWH'
VURXWLQJGDWDEDVH7KHIRU PDWRIDQ import VWDWHPHQWYDULHVGHSHQGLQJRQWKHVRXU.HSURWR.RO
import

,QDOO.DVHVVSH.LI\RQHRIWKHIROORZLQJWZRNH\ZRUGVWR.RQWUROKRZ URXWHV.RPSHWHZLWKRWKHUSURWR.ROV
restrict preference preference

restrict

VSH.LILHVWKDWWKHURXWHVDUHQRWGHVLUHGLQWKHURXWLQJ WDEOH,QVRPH.DVHVWKHURXWHVDUHQRWLQVWDOOHGLQWKHURXWLQJ WDEOH,QRWKHU.DVHVWKHURXWHVDUHLQVWDOOHGZLWKDQHJDWLYHSUHIHU HQ.H7KLVSUHYHQWVWKHPIURPEH.RPLQJD.WLYHVRWKH\ZLOOQRWEH LQVWDOOHGLQWKHIRUZDUGLQJWDEOHRUH[SRUWHGWRRWKHUSURWR.ROV

restrict preference preference preference VSH.LILHVWKHSUHIHUHQ.HYDOXHXVHGZKHQ.RPSDULQJ WKLVURXWHWRRWKHUURXWHVIURPRWKHUSURWR.ROV7KHURXWHZLWKWKH ORZHVWSUHIHUHQ.HDYDLODEOHDWDQ\JLYHQWLPHEH.RPHVWKHD.WLYH URXWH7KHD.WLYHURXWHLVLQVWDOOHGLQWKHIRUZDUGLQJWDEOHDQGLVHOL JLEOHWREHH[SRUWHGWRRWKHUSURWR.ROV7KHGHIDXOWSUHIHUHQ.HVDUH .RQILJXUHGE\WKHLQGLYLGXDOSURWR.ROV.

6.4.2 Route Filters

$OOWKHIRUPDWVDOORZURXWHILOWHUVDVVKRZQEHORZ6HH Route Filtering on page 311 IRUDGHWDLOHGH[SODQDWLRQRIKRZWKH\ZRUN:KHQQRURXWH ILOWHULQJLVVSH.LILHGLHZKHQrestrictLVVSH.LILHGRQWKHILUVWOLQHRID VWDWHPHQWDOOURXWHVIURPWKHVSH.LILHGVRXU.HZLOOPDW.KWKDWVWDWHPHQW ,IDQ\ILOWHUVDUHVSH.LILHGRQO\URXWHVWKDWPDW.KWKHVSH.LILHGILOWHUVZLOO EHLPSRUWHG3XWGLIIHUHQWO\LIDQ\ILOWHUVDUHVSH.LILHGDQall restrict LVDVVXPHGDWWKHHQGRIWKHOLVW
network [ exact | refines | between number and number ] network mask mask [exact | refines | between number and number ] network masklen number [ exact | refines | between number and number ] all default host host

321

Route Importation

6.4.3 Importing Routes into Different RIBS

1PN[#XCKNCDNGKP)CVG&8GTUKQPCP. 1RUPDOO\URXWHVIURPXQL.DVWURXWLQJSURWR.ROVDUHRQO\LPSRUWHGLQWR WKHXQL.DVW5,%5RXWHVIURPPXOWL.DVWURXWLQJSURWR.ROVLH'9053 DUHRQO\LPSRUWHGLQWRWKHPXOWL.DVW5,%+RZHYHUPDQ\PXOWL.DVWURXW LQJSURWR.ROVHJ3,060DQG3,0'0GRQRWPDLQWDLQWKHLURZQ URXWLQJWDEOHEXWUHO\RQWKHXQL.DVWURXWLQJSURWR.ROLQVWHDG7RVXSSRUW WKHVHSURWR.ROVXQL.DVWURXWHVPXVWEHLPSRUWHGLQWRWKHPXOWL.DVW5,% ,IWKHURXWHVDUHQRWLPSRUWHGRQO\LQWHUID.HURXWHVZLOOEHDYDLODEOHWR 3,060DQG3,0'0 %H.DXVH%*3LVDEOHWRWDJURXWHVWRLQGL.DWHWRZKL.K5,%VWKH\ DSSO\QRDGGLWLRQDO.RQILJXUDWLRQLVUHTXLUHGIRU%*3URXWHV 7KH5,3DQG5HGLUH.WSURWR.ROVKRZHYHUGRQRWGRWDJURXWHV+HQ.H *DWH'PXVWEH.RQILJXUHGWRLPSRUW5,3RU5HGLUH.WURXWHVLQWRWKH PXOWL.DVW5,%6HH,PSRUWLQJ5RXWHVIURP5,3DQG5HGLUH.WVRQ SDJH WRVHHWKHH[D.WV\QWD[RIWKHWKHLPSRUWSURWR.ROVWDWHPHQW 2QHRUPRUH5,%QDPHVPD\EHVSH.LILHGZKHUHmulticastDQGunicastDSSHDUEHORZDVLQWKHH[DPSOHEHORZ
import proto rip { 0.0.0.0 masklen 0 refines; 198.0.0.0 masklen 8 refines multicast unicast; };

7KLVH[DPSOHNHHSVWKHQRUPDOEHKDYLRURIDOORZLQJDOO5,3URXWHVLQWKH XQL.DVW5,%EXWDOVRLPSRUWVDOOURXWHVIDOOLQJXQGHULQWRWKHPXO WL.DVW5,% ([DPSOHVDUHLQ.OXGHGLQ([DPSOHVRI,PSRUWDWLRQLQWR0XOWL.DVW5,%V RQSDJH  7RLPSRUW263)URXWHVLQWRWKHPXOWL.DVW5,%\RX.XUUHQWO\PXVW LPSRUWDOO263)URXWHVDVIROORZV

ospf yes { defaults { ribs unicast multicast; ... }; ... };

<RX.DQQRWLPSRUW263)URXWHVLQWRRQO\WKHPXOWL.DVW5,%$WWHPSWLQJ WRGRVRZLOOEHIODJJHGDVD.RQILJXUDWLRQHUURU 6.4.4 Importing Routes from BGP and EGP

import proto bgp | egp autonomoussystem autonomous_system [ comm ] restrict ; import proto bgp | egp autonomoussystem autonomous_system [ comm ] [ preference preference ] { route_filter [ restrict | ( preference preference

322

Configuring GateD

) ] ; } ; import proto bgp aspath aspath_regexp origin any | ( [ igp ] [egp ] [ incomplete ] ) [ comm ] restrict ; import proto bgp aspath aspath_regexp origin any | ( [ igp ] [egp ] [ incomplete ] ) [ comm ] [ preference preference ] { route_filter [ restrict | ( preference preference ) ] ; } ;

(*3LPSRUWDWLRQPD\EH.RQWUROOHGE\DXWRQRPRXVV\VWHP%*3DOVR VXSSRUWVSURSDJDWLRQ.RQWUROE\WKHXVHRIDQ$6SDWKUHJXODUH[SUHV VLRQZKL.KLVGR.XPHQWHGLQ0DW.KLQJ$63DWKVRQSDJH 1RWH WKDW(*3DQG%*3YHUVLRQVDQGRQO\VXSSRUWWKHSURSDJDWLRQRIQDW XUDOQHWZRUNVVRWKH host DQG defaultURXWHILOWHUVDUHPHDQLQJOHVV %*3YHUVLRQVXSSRUWVWKHSURSDJDWLRQRIDQ\GHVWLQDWLRQDORQJZLWKD .RQWLJXRXVQHWZRUNPDVN 7KHcomm RSWLRQDOORZVWKHVSH.LIL.DWLRQRILPSRUWSROL.\EDVHGRQWKH SDWKDWWULEXWHVIRXQGLQWKH%*3XSGDWH7KHRSWLRQLVQRWXVDEOHZLWK (*3,IPXOWLSOH.RPPXQLWLHVDUHVSH.LILHGLQWKH comm RSWLRQRQO\ XSGDWHV.DUU\LQJDOORIWKHVSH.LILHG.RPPXQLWLHVZLOOEHPDW.KHG,I none LVVSH.LILHGRQO\XSGDWHVOD.NLQJWKH.RPPXQLW\DWWULEXWHZLOOEH PDW.KHG6HH&RPPXQLWLHV2YHUYLHZDQG([DPSOHVRQSDJH IRU PRUHLQIRUPDWLRQDERXW.RPPXQLWLHV 1RWHWKDWLWLVTXLWHSRVVLEOHIRUVHYHUDO%*3LPSRUW.ODXVHVWRPDW.KD JLYHQXSGDWH,IPRUHWKDQRQH.ODXVHPDW.KHVWKHILUVWPDW.KLQJ.ODXVH ZLOOEHXVHGDOOODWHUPDW.KLQJ.ODXVHVZLOOEHLJQRUHG)RUWKLVUHDVRQLWLV JHQHUDOO\GHVLUDEOHWRRUGHULPSRUW.ODXVHVIURPPRVWWROHDVWVSH.LIL.$Q LPSRUW.ODXVHZLWKRXWD comm RSWLRQZLOOPDW.KDQ\XSGDWHZLWKDQ\RU QR.RPPXQLWLHV  (*3DQG%*3ERWKVWRUHDQ\URXWHVWKDWZHUHUHMH.WHGLPSOL.LWO\E\QRW EHLQJPHQWLRQHGLQDURXWHILOWHURUH[SOL.LWO\ZLWKWKHrestrict NH\ ZRUGLQWKHURXWLQJWDEOHZLWKDQHJDWLYHSUHIHUHQ.H$QHJDWLYHSUHIHU HQ.HSUHYHQWVDURXWHIURPEH.RPLQJD.WLYHZKL.KSUHYHQWVLWIURPEHLQJ LQVWDOOHGLQWKHIRUZDUGLQJWDEOHRUH[SRUWHGWRRWKHUSURWR.ROV7KLV UHVWUL.WLRQDOOHYLDWHVWKHQHHGWREUHDNDQGUHHVWDEOLVKDVHVVLRQXSRQ UH.RQILJXUDWLRQLILPSRUWDWLRQSROL.\LV.KDQJHG

323

Route Importation

6.4.5 Importing Routes from RIP and Redirects

$OO*DWH'YHUVLRQV
import proto rip |redirect [ ( interface interface_list ) | (gateway gateway_list ) ] restrict ;

Versions 3 and 4 only:

import proto rip | redirect [ ( interface interface_list ) | (gateway gateway_list ) ] [ preference preference ] { route_filter [ restrict | ( preference preference ) ] ; } ;

9HUVLRQVDQGRQO\
import proto rip | redirect [ ( interface interface_list ) | (gateway gateway_list ) ] [ preference preference ] [ unicast ] [ multicast ] { route_filter [ restrict | ( preference preference ) ] [ unicast ] [ multicast ] ; } ;

7KHLPSRUWDWLRQRI5,3DQG5HGLUH.WURXWHVPD\EH.RQWUROOHGE\DQ\ SURWR.ROVRXU.HLQWHUID.HDQGVRXU.HJDWHZD\,IPRUHWKDQRQHLVVSH.L ILHGWKH\DUHSUR.HVVHGIURPPRVWJHQHUDOprotocolWRPRVWVSH.LIL. gateway 5,3GRHVQRWVXSSRUWWKHXVHRISUHIHUHQ.HWR.KRRVHEHWZHHQURXWHVRI WKHVDPHSURWR.RO7KDWLVOHIWWRWKHSURWR.ROPHWUL.V7KHVHSURWR.ROV GRQRWVDYHURXWHVWKDWZHUHUHMH.WHGEH.DXVHWKHSURWR.ROVKDYHVKRUW XSGDWHLQWHUYDOV 6.4.6 Importing Routes from OSPF
import proto ospfase import proto ospfase [ preference route_filter ) ] ; } ; [ tag ospf_tag ] restrict ; [ tag ospf_tag ] preference ] { [ restrict | ( preference preference

'XHWRWKHQDWXUHRI263)RQO\WKHLPSRUWDWLRQRI$6(URXWHVPD\EH .RQWUROOHG263)LQWUDDQGLQWHUDUHDURXWHVDUHDOZD\VLPSRUWHGLQWRWKH

324

Configuring GateD

*DWH'URXWLQJWDEOHZLWKDSUHIHUHQ.HRI,IDWDJLVVSH.LILHGWKH import .ODXVHZLOORQO\DSSO\WRURXWHVZLWKWKHVSH.LILHGWDJ ,WLVRQO\SRVVLEOHWRUHVWUL.WWKHLPSRUWDWLRQRI263)$6(URXWHVZKHQD URXWHULVIXQ.WLRQLQJDVDQ$6ERUGHUURXWHU7KLVLVD..RPSOLVKHGE\ VSH.LI\LQJDQH[SRUWRVSIDVH.ODXVH6SH.LIL.DWLRQRIDQHPSW\export .ODXVHPD\EHXVHGWRUHVWUL.WLPSRUWDWLRQRI$6(VZKHQQR$6(VDUH EHLQJH[SRUWHG)RUPRUHLQIRUPDWLRQDERXWH[SRUWLQJ$6(VVHH6H. WLRQ([SRUWLQJWR263)RQSDJH  /LNHWKHRWKHULQWHULRUSURWR.ROVSUHIHUHQ.H.DQQRWEHXVHGWR.KRRVH EHWZHHQ263)$6(URXWHV7KDWLVGRQHE\WKH263).RVWV5RXWHVWKDW DUHUHMH.WHGE\SROL.\DUHVWRUHGLQWKHWDEOHZLWKDQHJDWLYHSUHIHUHQ.H 6.4.7 Examples of Importation into Multicast RIBs ([DPSOH
import proto rip { all; 198.0.0.0 masklen 8 refines multicast unicast; };

([DPSOHNHHSVWKHQRUPDOEHKDYLRURIDOORZLQJDOO5,3URXWHVLQWKH XQL.DVW5,%EXWDOVRLPSRUWVDOOURXWHVIDOOLQJXQGHULQWRWKHPXO WL.DVW5,%  ([DPSOH

import proto rip { all multicast unicast; };

([DPSOHLPSRUWVDOO5,3URXWHVLQWRWKHPXOWL.DVW5,%DVZHOODVWKH XVXDOXQL.DVW5,%7KLVZRXOGEHXVHGIRUH[DPSOHLQD3,060 GRPDLQXVLQJ5,3DVWKHXQL.DVWURXWLQJSURWR.RO  ([DPSOH

import proto rip unicast multicast { all ; };

([DPSOHLPSRUWVDOORI5,3URXWHVLQWRWKHXQL.DVWDQGPXOWL.DVWULEV

([DPSOH263)
ospf yes {

325

Route Importation

defaults { ribs unicast multicast; ... }; ... };

([DPSOHLQVHUWVDOORIWKH263)URXWHVLQWRWKHXQL.DVWDQGPXOWL.DVW ULEV

326

Configuring GateD

Chapter 6 Section 5
Route Exportation
6.5.0 Route Exportation Overview 7KHimport VWDWHPHQW.RQWUROVZKL.KURXWHVWKDWDUHUH.HLYHGIURPRWKHU V\VWHPVDUHXVHGE\*DWH'DQGWKHexport VWDWHPHQW.RQWUROVZKL.K URXWHVDUHDGYHUWLVHGE\*DWH'WRRWKHUV\VWHPV/LNHWKH importVWDWH PHQWWKHV\QWD[RIWKH exportVWDWHPHQWYDULHVVOLJKWO\SHUSURWR.RO7KH V\QWD[RIWKH export VWDWHPHQWLVVLPLODUWRWKHV\QWD[RIWKHimport VWDWHPHQWDQGWKHPHDQLQJVRIPDQ\RIWKHSDUDPHWHUVDUHLGHQWL.DO7KH PDLQGLIIHUHQ.HEHWZHHQWKHWZRLVWKDWZKLOHURXWHLPSRUWDWLRQLVMXVW .RQWUROOHGE\VRXU.HLQIRUPDWLRQURXWHH[SRUWDWLRQLV.RQWUROOHGE\ERWK GHVWLQDWLRQDQGVRXU.H 7KHRXWHUSRUWLRQRIDJLYHQ export VWDWHPHQWVSH.LILHVWKHGHVWLQDWLRQRI WKHURXWLQJLQIRUPDWLRQ\RXDUH.RQWUROOLQJ7KHPLGGOHSRUWLRQUHVWUL.WV WKHVRXU.HVRILPSRUWDWLRQWKDW\RXZLVKWR.RQVLGHU$QGWKHLQQHUPRVW SRUWLRQLVDURXWHILOWHUXVHGWRVHOH.WLQGLYLGXDOURXWHV6HH5RXWH)LOWHUV RQSDJH IRUPRUHLQIRUPDWLRQDERXWURXWHILOWHUV 6.5.1 Specifying M etrics 7KHOHDVWJHQHUDOVSH.LIL.DWLRQRIDPHWUL.LVWKHRQHDSSOLHGWRWKHURXWH EHLQJH[SRUWHG7KHYDOXHVWKDWPD\EHVSH.LILHGIRUDPHWUL.GHSHQGRQ WKHGHVWLQDWLRQSURWR.ROWRZKL.KWKH exportVWDWHPHQWUHIHUV
restrict metric metric restrict

VSH.LILHVWKDWQRWKLQJVKRXOGEHH[SRUWHG,IVSH.LILHG RQWKHGHVWLQDWLRQSRUWLRQRIWKHexportVWDWHPHQW restrict VSH.LILHVWKDWQRWKLQJDWDOOVKRXOGEHH[SRUWHGWRWKLVGHVWLQDWLRQ ,IVSH.LILHGRQWKHVRXU.HSRUWLRQUHVWUL.WVSH.LILHVWKDWQRWKLQJ IURPWKLVVRXU.HVKRXOGEHH[SRUWHGWRWKLVGHVWLQDWLRQ,IVSH.L ILHGDVSDUWRIDURXWHILOWHUrestrict VSH.LILHVWKDWWKHURXWHV PDW.KLQJWKDWILOWHUVKRXOGQRWEHH[SRUWHG

restrict metric metric metric VSH.LILHVWKHPHWUL.WREHXVHGZKHQH[SRUWLQJWRWKHVSH. LILHGGHVWLQDWLRQ

6.5.2 Route Filters

$OOWKHIRUPDWVDOORZURXWHILOWHUVDVVKRZQEHORZ6HH5RXWH)LOWHULQJ RQSDJH IRUDGHWDLOHGH[SODQDWLRQRIKRZWKH\ZRUN:KHQQRURXWH ILOWHULQJLVVSH.LILHGLHZKHQrestrictLVVSH.LILHGRQWKHILUVWOLQHRID VWDWHPHQWDOOURXWHVIURPWKHVSH.LILHGVRXU.HZLOOPDW.KWKDWVWDWHPHQW ,IDQ\ILOWHUVDUHVSH.LILHGRQO\URXWHVWKDWPDW.KWKHVSH.LILHGILOWHUVZLOO EHH[SRUWHG3XWGLIIHUHQWO\LIDQ\ILOWHUVDUHVSH.LILHGDQall restrict LVDVVXPHGDWWKHHQGRIWKHOLVW

327

Route Exportation

network [ exact | refines | between number and number ] network mask mask [exact | refines | between number and number ] network masklen number [ exact | refines | between number and number ] all default host host

6.5.3 Specifying the Destination

$VPHQWLRQHGDERYHWKHV\QWD[RIWKHexportVWDWHPHQWYDULHVGHSHQG LQJRQWKHSURWR.ROWRZKL.KLWLVEHLQJDSSOLHG2QHWKLQJWKDWDSSOLHVLQ DOO.DVHVLVWKHVSH.LIL.DWLRQRIDPHWUL.$OOSURWR.ROVGHILQHDGHIDXOW PHWUL.WREHXVHGIRUURXWHVEHLQJH[SRUWHGLQPRVW.DVHVWKLV.DQEH RYHUULGGHQDWVHYHUDOOHYHOVRIWKHexportVWDWHPHQW 7KHVSH.LIL.DWLRQRIWKHVRXU.HRIWKHURXWLQJLQIRUPDWLRQEHLQJH[SRUWHG WKHH[SRUWBOLVWLVGHV.ULEHGEHORZ

6.5.3.1 Exporting to EGP and BGP

export proto bgp | egp as autonomous system restrict ; export proto bgp | egp as autonomous system [ comm-add ] [ comm-delete ] [ metric metric ] { export_list ; } ;

([SRUWDWLRQWR(*3DQG%*3LV.RQWUROOHGE\DXWRQRPRXVV\VWHPWKH VDPHSROL.\LVDSSOLHGWRDOOURXWHUVLQWKH$6(*3PHWUL.VUDQJHIURP WRLQ.OXVLYHZLWKEHLQJWKHPRVWDWWUD.WLYH %*3PHWUL.VDUHELWXQVLJQHGTXDQWLWLHVLHWKH\UDQJHIURPWR LQ.OXVLYHZLWKEHLQJWKHPRVWDWWUD.WLYH$OWKRXJK%*3YHUVLRQ D.WXDOO\VXSSRUWVELWXQVLJQHGTXDQWLWLHV*DWH'GRHVQRW\HWVXSSRUW WKLV,Q%*3YHUVLRQWKHPHWUL.LVRWKHUZLVHNQRZQDVWKH0XOWL([LW 'LV.ULPLQDWRURU0('6HH&RPPXQLWLHV2YHUYLHZDQG([DPSOHV RQSDJH IRUPRUHLQIRUPDWLRQDERXW0('

,Q%*3WKHcommRSWLRQPD\EHXVHGWRVHQGWKH%*3.RPPXQLW\ DWWULEXWH$Q\.RPPXQLWLHVVSH.LILHGZLWKWKHcommRSWLRQDUHVHQWLQ DGGLWLRQWRDQ\UH.HLYHGZLWKWKHURXWHRUVSH.LILHGLQWKHJURXSVWDWH PHQW6HH&RPPXQLWLHV2YHUYLHZDQG([DPSOHVRQSDJH IRU PRUHLQIRUPDWLRQDERXWWKHcommRSWLRQ ,IQRH[SRUWSROL.\LVVSH.LILHGRQO\URXWHVWRDWWD.KHGLQWHUID.HVZLOOEH H[SRUWHG,IDQ\SROL.\LVVSH.LILHGWKHGHIDXOWVDUHRYHUULGGHQLWLVQH.HV VDU\WRH[SOL.LWO\VSH.LI\HYHU\WKLQJWKDWVKRXOGEHH[SRUWHG 1RWHWKDW(*3DQG%*3YHUVLRQVDQGRQO\VXSSRUWWKHSURSDJDWLRQ RIQDWXUDOQHWZRUNVVRWKH host DQG defaultURXWHILOWHUVDUHPHDQLQJ

328

Configuring GateD

OHVV%*3YHUVLRQVXSSRUWVWKHSURSDJDWLRQRIDQ\GHVWLQDWLRQDORQJ ZLWKD.RQWLJXRXVQHWZRUNPDVN 6.5.3.2 Exporting to RIP

export proto rip [ ( interface interface_list ) | (gateway gateway_list ) ] restrict ; export proto rip [ ( interface interface_list ) | (gateway gateway_list ) ] [ metric metric ] { export_list ; } ;

([SRUWDWLRQWR5,3LV.RQWUROOHGE\DQ\RIproto SURWR.ROinterface RU gateway.,IPRUHWKDQRQHLVVSH.LILHGWKH\DUHSUR.HVVHGIURPPRVW JHQHUDOprotoWRPRVWVSH.LIL.gateway ,WLVQRWSRVVLEOHWRVHWPHWUL.VIRUH[SRUWLQJ5,3URXWHVLQWR5,3 $WWHPSWVWRGRWKLVDUHVLOHQWO\LJQRUHG ,IQRH[SRUWSROL.\LVVSH.LILHG5,3DQGLQWHUID.HURXWHVDUHH[SRUWHGLQWR 5,3,IDQ\SROL.\LVVSH.LILHGWKHGHIDXOWVDUHRYHUULGGHQLWLVQH.HVVDU\ WRH[SOL.LWO\VSH.LI\HYHU\WKLQJWKDWVKRXOGEHH[SRUWHGLQWKH export_list6HH6SH.LI\LQJWKH6RXU.HRQSDJH IRUPRUHLQIRU PDWLRQDERXWWKHexport_list :KHQH[SRUWLQJURXWHVIURPRWKHUSURWR.ROVVSH.LI\DPHWUL.RQWKH exportVWDWHPHQWRULQWKHURXWHILOWHUV8QOHVVWKLVLVGRQHWKHYDOXH VSH.LILHGLQdefaultmetricLVXVHG,IQRWVSH.LILHGWKH defaultmetric YDOXHLVXQUHD.KDEOHZKL.KLVXQOLNHO\WREHWKHGHVLUHGUHVXOW 5,3YHUVLRQDVVXPHVWKDWDOOVXEQHWVRIWKHVKDUHGQHWZRUNKDYHWKH VDPHVXEQHWPDVNVRWKH\DUHRQO\DEOHWRSURSDJDWHVXEQHWVRIWKDWQHW ZRUN5,3YHUVLRQUHPRYHVWKDWUHVWUL.WLRQDQGLV.DSDEOHRISURSDJDW LQJDOOURXWHVZKHQQRWVHQGLQJYHUVLRQ.RPSDWLEOHXSGDWHV 7RDQQRXQ.HURXWHVWKDWVSH.LI\DQH[WKRSRIWKHORRSED.NLQWHUID.HLH VWDWL.DQGLQWHUQDOO\JHQHUDWHGGHIDXOWURXWHVYLD5,3VSH.LI\WKHPHWUL. DWVRPHOHYHOLQWKHexport .ODXVH-XVWVHWWLQJDGHIDXOWPHWUL.IRU5,3LV QRWVXIIL.LHQW7KLVLVDVDIHJXDUGWRYHULI\WKDWWKHDQQRXQ.HPHQWLV LQWHQGHG

329

Route Exportation

6.5.3.3 Exporting to OSPF

export proto ospfase [ type 1 | 2 ] [ tag ospf_tag ] restrict ; export proto ospfase [ type 1 | 2 ] [ tag ospf_tag ] [ metric metric ] { export_list ; } ;

,WLVQRWSRVVLEOHWR.UHDWH263)LQWUDRULQWHUDUHDURXWHVE\H[SRUWLQJ URXWHVIURPWKH*DWH'URXWLQJWDEOHLQWR263),WLVRQO\SRVVLEOHWR H[SRUWIURPWKH*DWH'URXWLQJWDEOHLQWR263)$6(URXWHV,WLVDOVRQRW SRVVLEOHWR.RQWUROWKHSURSDJDWLRQRI263)URXWHVZLWKLQWKH263) SURWR.RO 7KHUHDUHWZRW\SHVRI263)$6(URXWHVW\SHDQGW\SH6HH7KH 263)3URWR.RORQSDJH IRUDGHWDLOHGH[SODQDWLRQRIWKHWZRW\SHV 7KHGHIDXOWW\SHLVVSH.LILHGE\WKHdefaultsVXE.ODXVHRIWKH ospf cODXVH7KLVGHIDXOWPD\EHRYHUULGGHQE\DVSH.LIL.DWLRQRQWKHexport VWDWHPHQW 263)$6(URXWHVDOVRKDYHWKHSURYLVLRQWR.DUU\DWDJ7KLVLVDQDUEL WUDU\ELWQXPEHUWKDW.DQEHXVHGRQ263)URXWHUVWRILOWHUURXWLQJ LQIRUPDWLRQ6HH7KH263)3URWR.RORQSDJH IRUGHWDLOHGLQIRUPD WLRQRQ263)WDJV7KHGHIDXOWWDJVSH.LILHGE\WKHospfdefaults .ODXVH PD\EHRYHUULGGHQE\DWDJVSH.LILHGRQWKH export VWDWHPHQW,IWKH GHIDXOWVDUHRYHUULGGHQLWLVQH.HVVDU\WRH[SOL.LWO\VSH.LI\HYHU\WKLQJWKDW VKRXOGEHH[SRUWHGLQWKHexport_list 6.5.4 Specifying the Source 7KHH[SRUWOLVWVSH.LILHVWKHH[SRUWEDVHGRQWKHRULJLQRIDURXWHDQGWKH V\QWD[YDULHVGHSHQGLQJRQWKHVRXU.H 6.5.4.1 Exporting BGP and EGP routes
proto bgp | egp autonomoussystem autonomous_system [ comm-add ] [ comm-delete ] restrict [ noagg ]; proto bgp | egp autonomoussystem autonomous_system [ metric metric ] { route_filter [ restrict | ( metric metric ) ] ; } ;

BGP and EGP routes may be specified by a source autonomous system. All routes may be exported by an $6SDWK. (See Exporting by AS Path on page 332 for more information about the H[SRUWLQJE\$6SDWK option.) The comm-add and comm-delete options allow communities to be added and deleted. (See Communities Overview and Examples on page 189 for more information about the comm option.) The noagg option specifies that, regardless of how filters are set, routes that have been included in an aggregate will not match the filters.

330

Configuring GateD

6.5.4.2 Exporting RIP Routes

proto rip [ ( interface interface_list ) | (gateway gateway_list ) ] restrict ; proto rip [ ( interface interface_list ) | (gateway gateway_list ) ] [ metric metric ] { route_filter [ restrict | ( metric metric ) ] ; } ;

5,3URXWHVPD\EHH[SRUWHGE\SURWR.ROVRXU.HLQWHUID.HDQGRUVRXU.H JDWHZD\ 6.5.4.3 Exporting OSPF Routes

proto ospf | ospfase restrict ; proto ospf | ospfase [ metric metric ] { route_filter [ restrict | ( metric metric ) ] ; } ;

Both OSPF, and OSPF ASE routes may be exported into other protocols by tag. (See Exporting by Route Tag on page 332.) 6.5.4.4 Exporting Routes from Non-routing Protocols 6.5.4.4.1 Non-routing with Interface
proto direct | static | kernel [ (interface interface_list ) ] restrict ; proto direct | static | kernel [ (interface interface_list ) ] [ metric metric ] { route_filter [ restrict | ( metric metric ) ] ; } ;

7KHVHSURWR.ROVPD\EHH[SRUWHGE\SURWR.RORUE\WKHLQWHUID.HRIWKH QH[WKRS7KHVHSURWR.ROVDUH
direct direct static staticVSH.LILHVVWDWL.URXWHVVSH.LILHGLQD static kernel

VSH.LILHVURXWHVWRGLUH.WO\DWWD.KHGLQWHUID.HV .ODXVH

2QV\VWHPVZLWKWKHURXWLQJVR.NHWURXWHVOHDUQHGIURPWKHURXW LQJVR.NHWDUHLQVWDOOHGLQWKH*DWH'URXWLQJWDEOHZLWKDSURWR.RO RINHUQHO7KHVHURXWHVPD\EHH[SRUWHGE\UHIHUULQJWRWKLVSUR

331

Route Exportation

WR.RO8VHkernel ZKHQ\RXKDYHDV.ULSWLQVWDOOURXWHVZLWKWKH route .RPPDQGDQGSURSDJDWHWKHPWRRWKHUURXWLQJSURWR.ROV 6.5.4.4.2 Non-routing by Protocol

proto default | aggregate restrict ; proto default | aggregate [ metric metric ] { route_filter [ restrict | ( metric metric ) ] ; } ; default default UHIHUVWRURXWHV.UHDWHGE\WKHgendefaultRSWLRQ,WLV

UH.RPPHQGHGWKDWURXWHJHQHUDWLRQEHXVHGLQVWHDG

aggregate aggregate UHIHUVWRURXWHVV\QWKHVL]HGIURPRWKHUURXWHVZKHQ WKHaggregate and generate VWDWHPHQWVDUHXVHG6HH2SWLRQV 6WDWHPHQWVRQSDJH IRUPRUHLQIRUPDWLRQDERXWgenerate DQG5RXWH$JJUHJDWLRQRQSDJH IRUPRUHLQIRUPDWLRQ DERXWaggregate.

6.5.4.5 Exporting by AS Path

proto proto | all aspath aspath_regexp origin any | ( [ igp ] [egp ] [ incomplete ] ) restrict ; proto proto | all aspath aspath_regexp origin any | ( [ igp ] [egp ] [ incomplete ] ) [ metric metric ] { route_filter [ restrict | ( metric metric ) ] ; } ;

:KHQ%*3LV.RQILJXUHGDOOURXWHVDUHDVVLJQHGDQ$6SDWKZKHQWKH\ DUHDGGHGWRWKHURXWLQJWDEOH)RUDOOLQWHULRUURXWHVWKLV$6SDWKVSH.L ILHV,*3DVWKHRULJLQDQGQR$XWRQRPRXV6\VWHPVLQWKH$6SDWKWKH .XUUHQW$6LVDGGHGZKHQWKHURXWHLVH[SRUWHG)RU(*3URXWHVWKLV$6 SDWKVSH.LILHV(*3DVWKHRULJLQDQGWKHVRXU.H$6DVWKH$6SDWK)RU %*3URXWHVWKH$6SDWKLVVWRUHGDVOHDUQHGIURP%*3 $6SDWKUHJXODUH[SUHVVLRQVDUHGR.XPHQWHGLQ0DW.KLQJ$63DWKVRQ SDJH  6.5.4.6 Exporting by Route Tag
proto proto | all tag tag restrict ; proto proto | all tag tag [ metric metric ] { route_filter [ restrict | ( metric metric ) ] ; } ;

332

Configuring GateD

%RWK263)DQG5,3YHUVLRQ.XUUHQWO\VXSSRUWWDJV$OORWKHUSURWR.ROV DOZD\VKDYHDWDJRI]HUR7KHVRXU.HRIH[SRUWHGURXWHVPD\EHVHOH.WHG EDVHGRQWKLVWDJZKL.KLVXVHIXOZKHQURXWHVDUH.ODVVLILHGE\WDJZKHQ WKH\DUHH[SRUWHGLQWRDJLYHQURXWLQJSURWR.RO

333

Route Exportation

334

Configuring GateD

Chapter 6 Section 6
Route Aggregation
6.6.0 Route Aggregation Overview 5RXWHDJJUHJDWLRQLVDPHWKRGRIJHQHUDWLQJDPRUHJHQHUDOURXWHJLYHQ WKHSUHVHQ.HRIDVSH.LIL.URXWH,WLVXVHGIRUH[DPSOHDWDQDXWRQRPRXV V\VWHPERUGHUWRJHQHUDWHDURXWHWRDQHWZRUNWREHDGYHUWLVHGYLD(*3 JLYHQWKHSUHVHQ.HRIRQHRUPRUHVXEQHWVRIWKDWQHWZRUNOHDUQHGYLD5,3 9HUVLRQRI*DWH'DXWRPDWL.DOO\SHUIRUPHGWKLVIXQ.WLRQJHQHUDWLQJ DQDJJUHJDWHURXWHWRDQDWXUDOQHWZRUNXVLQJWKHROG&ODVV$%DQG& .RQ.HSWJLYHQDQLQWHUID.HWRDVXEQHWRIWKDWQDWXUDOQHWZRUN+RZHYHU WKDWZDVQRWDOZD\VWKH.RUUH.WWKLQJWRGRDQGZLWKWKHDGYHQWRI.ODVV OHVVLQWHUGRPDLQURXWLQJLWLVPRUHRIWHQWKHZURQJWKLQJWRGR6RDJJUH JDWLRQPXVWEHH[SOL.LWO\.RQILJXUHG1RDJJUHJDWLRQLVSHUIRUPHGXQOHVV H[SOL.LWO\UHTXHVWHGLQDQ aggregate VWDWHPHQW 5RXWHDJJUHJDWLRQLVDOVRXVHGE\UHJLRQDODQGQDWLRQDOQHWZRUNVWRUHGX.H WKHDPRXQWRIURXWLQJLQIRUPDWLRQSDVVHG:LWK.DUHIXODOOR.DWLRQRIQHW ZRUNDGGUHVVHVWR.OLHQWVUHJLRQDOQHWZRUNV.DQDQQRXQ.HRQHURXWHWR UHJLRQDOQHWZRUNVLQVWHDGRIKXQGUHGV $JJUHJDWHURXWHVDUHQRWD.WXDOO\XVHGIRUSD.NHWIRUZDUGLQJE\WKHRULJL QDWRURIWKHDJJUHJDWHURXWHEXWRQO\E\WKHUH.HLYHULILWZLVKHV$URXWHU LVVXSSRVHGWRUHVSRQGZLWKDQ,&03QHWZRUNXQUHD.KDEOHPHVVDJHLIWKH URXWHUUH.HLYHVDSD.NHWWKDWGRHVQRWPDW.KRQHRIWKH.RPSRQHQWURXWHV WKDWOHGWRWKHJHQHUDWLRQRIDQDJJUHJDWHURXWH7KLVPHVVDJHLVWRSUHYHQW SD.NHWVIRUXQNQRZQ.RPSRQHQWURXWHVIURPIROORZLQJDGHIDXOWURXWH LQWRDQRWKHUQHWZRUNZKHUHWKH\ZRXOGEHIRUZDUGHGED.NWRWKHERUGHU URXWHUDQGDURXQGDQGDURXQGDJDLQDQGDJDLQXQWLOWKHLU77/H[SLUHG 6HQGLQJDQXQUHD.KDEOHPHVVDJHIRUDPLVVLQJSLH.HRIDQDJJUHJDWHLVRQO\ SRVVLEOHRQV\VWHPVZLWKVXSSRUWIRUUHMH.WURXWHV $VOLJKWYDULDWLRQRIDJJUHJDWLRQLVWKHJHQHUDWLRQRIDURXWHEDVHGRQWKH H[LVWHQ.HRI.HUWDLQ.RQGLWLRQV7KLVLVVRPHWLPHVNQRZQDVWKHURXWHRI ODVWUHVRUW7KLVURXWHLQKHULWVWKHQH[WKRSVDQGDVSDWKIURPWKH.RQWULE XWRUVSH.LILHGZLWKWKHORZHVWPRVWIDYRUDEOHSUHIHUHQ.H7KHPRVW.RP PRQXVDJHIRUWKLVLVWRJHQHUDWHDGHIDXOWEDVHGRQWKHSUHVHQ.HRIDURXWH IURPDSHHURQDQHLJKERULQJED.NERQH

335

Route Aggregation

6.6.1 Aggregation and Generation Syntax

aggregate ( default | ( network [ ( mask mask ) | ( masklen number ) ] [ bgp ] ) ) [ preference preference ] [ brief ] [ unicast ] | [ multicast ] { proto [ all | direct | static | kernel | aggregate | protocol ] [ ( as autonomous system ) | ( tag tag ) | ( aspath aspath_regexp ) ] restrict ; proto [ all | direct | static | kernel | aggregate | protocol ] [ ( as autonomous system ) | ( tag tag ) | ( aspath aspath_regexp ) ] [ preference preference ] { route_filter [ restrict | ( preference preference ) ] ; } ; } ; generate ( default | ( network [ ( mask mask ) | ( masklen number ) ] ) ) [ preference preference ] [ brief ] [ unicast ] | [ multicast ] { proto [ all | direct | static | kernel | aggregate | protocol ] [ ( as autonomous system ) | ( tag tag ) | ( aspath aspath_regexp ) ] restrict ; proto [ all | direct | static | kernel | aggregate | protocol ] [ ( as autonomous system ) | ( tag tag ) | ( aspath aspath_regexp ) ] [ preference preference ] { route_filter [ restrict | ( preference preference ) ] ; } ; } ;

5RXWHVWKDWPDW.KWKHURXWHILOWHUVDUH.DOOHG.RQWULEXWLQJURXWHV7KH\ DUHRUGHUHGD..RUGLQJWRWKHDJJUHJDWLRQSUHIHUHQ.HWKDWDSSOLHVWRWKHP ,IPRUHWKDQRQH.RQWULEXWLQJURXWHKDVWKHVDPHDJJUHJDWLQJSUHIHUHQ.H WKHURXWH

VRZQSUHIHUHQ.HVDUHXVHGWRRUGHUWKHURXWHV7KHSUHIHUHQ.H RIWKHDJJUHJDWHURXWHZLOOEHWKDWRI.RQWULEXWLQJURXWHZLWKWKHORZHVW DJJUHJDWHSUHIHUHQ.H7KHRSWLRQbgpVSH.LILHVWKDWWKLVDJJUHJDWHZLOOXVH EJSUXOHVWRGHWHUPLQHZKHWKHURUQRWWRLQ.OXGHHD.KURXWH%*3VSH.L ILHVWKDWURXWHVZLWKGLIIHUHQW0('VQH[WKRSV.DQ
WEHDJJUHJDWHG WRJHWKHU7KHILUVW%*3URXWHWKDWPDW.KHVWKHDJJUHJDWHLVXVHGWRGHWHU PLQHZL.K0('QH[WKRSRWKHUURXWHVQHHGWRKDYHWREHLQ.OXGHG
preference preference

VSH.LILHVKRZD.WLYHURXWHVWKDWDUHOHDUQHGIURP UHVXOWLQJDJJUHJDWHURXWH.RPSDUHGWRRWKHUSURWR.ROVZLOOEH

preference

336

Configuring GateD

VHOH.WHG:KHQDURXWHKDVEHHQOHDUQHGIURPPRUHWKDQRQHSUR WR.ROWKHD.WLYHURXWHZLOOEHVHOH.WHGIURPWKHSURWR.ROZLWKWKH ORZHVWSUHIHUHQ.H(D.KSURWR.ROKDVDGHIDXOWSUHIHUHQ.HLQWKLV VHOH.WLRQ7KHGHIDXOWSUHIHUHQ.HIRUDJJUHJDWHGURXWHVLV

brief

VSH.LILHVWKDWWKH$6SDWKVKRXOGEHWUXQ.DWHGWRWKHORQJ HVW.RPPRQ$6SDWK7KHGHIDXOWLVWREXLOGDQ$6SDWK.RQVLVW LQJRI6(7VDQG6(48(1&(VRIDOO.RQWULEXWLQJ$6SDWKV unicast | multicast 9HUVLRQ[[RQO\ unicast VSH.LILHVWKDWWKHDJJUHJDWHLVUHVWUL.WHGWRWKH8QL.DVW ULE7KHGHIDXOWLVDOOULEV8QL.DVWDQG0XOWL.DVW multicast VSH.LILHVWKDWWKHDJJUHJDWHLVUHVWUL.WHGWRWKH0XOWL.DVWULE
brief proto [ all | direct | static | kernel | aggregate | protocol ] proto

specifies the contributing protocol. In addition to the special protocols listed, the contributing protocol may be chosen from among any of the ones supported (and currently configured into) GateD.

( as autonomous system ) | ( tag tag ) | ( aspath aspath_regexp ) asUHVWUL.WVVHOH.WLRQRIURXWHVWRWKRVHOHDUQHGIURPWKHVSH.LILHG DXWRQRPRXVV\VWHP tag UHVWUL.WVVHOH.WLRQRIURXWHVWRWKRVH ZLWKWKHVSH.LILHGWDJ aspathUHVWUL.WVVHOH.WLRQRIURXWHVWR

WKRVHWKDWPDW.KWKHVSH.LILHG$6SDWK6HH6H.WLRQ$63DWK 5HJXODU([SUHVVLRQVIRUPRUHLQIRUPDWLRQDERXW$63DWK5HJX ODU([SUHVVLRQV

restrict restrict VSH.LILHVURXWHVWKDWDUHQRWWREH.RQVLGHUHGDV.RQ WULEXWRUVRIWKHVSH.LILHGDJJUHJDWH7KHVSH.LILHGSURWR.ROPD\ EHDQ\RIWKHSURWR.ROVVXSSRUWHGE\*DWH'

route_filter

$OOWKHIRUPDWVDOORZURXWHILOWHUVDVVKRZQEHORZ6HH6H.WLRQ 5RXWH)LOWHULQJIRUDGHWDLOHGH[SODQDWLRQRIKRZWKH\ZRUN :KHQQRURXWHILOWHULQJLVVSH.LILHGLHZKHQrestrict LVVSH.L ILHGRQWKHILUVWOLQHRIDVWDWHPHQWDOOURXWHVIURPWKHVSH.LILHG VRXU.HZLOOPDW.KWKDWVWDWHPHQW,IDQ\ILOWHUVDUHVSH.LILHGRQO\ URXWHVWKDWPDW.KWKHVSH.LILHGILOWHUVZLOOEH.RQVLGHUHG.RQWULEX

337

Route Aggregation

WRUV3XWGLIIHUHQWO\LIDQ\ILOWHUVDUHVSH.LILHGDQ all restrict ;LVDVVXPHGDWWKHHQGRIWKHOLVW

network [ exact | refines | between number and number ] network mask mask [exact | refines | between number and number ] network masklen number [ exact | refines | between number and number ] default host host

$URXWHPD\RQO\.RQWULEXWHWRDQDJJUHJDWHURXWHWKDWLVPRUHJHQHUDO WKDQLWVHOILWPXVWPDW.KWKHDJJUHJDWHXQGHULWVPDVN$Q\JLYHQURXWH PD\RQO\.RQWULEXWHWRRQHDJJUHJDWHURXWHZKL.KZLOOEHWKHPRVWVSH .LIL..RQILJXUHGEXWDQDJJUHJDWHURXWHPD\.RQWULEXWHWRDPRUHJHQHUDO DJJUHJDWH 6.6.2 Exporting Generated vs. Aggregated Routes ,I\RX.UHDWHDQDJJUHJDWHDQGH[SRUWLWWKHUHVXOWD.KLHYHGLVWKDWZKL.K LVH[SH.WHGIRUWKHJHQHUDODJJUHJDWHDORRSED.NUHMH.WURXWHLVLQVWDOOHG LQWKHNHUQHODQGWKHURXWHLVDGYHUWLVHGZLWKWKHDJJUHJDWLQJURXWHUDV WKHQH[WKRS&RQVLGHUWKHIROORZLQJWRSRORJ\
------------------------| RTR A | | RTR B | | RTR C | ----+-------+-------+---| | | --------+-----------------+---------------+------

ZKHUHLQURXWHUV$DQG%DUH263)SHHUVDQGURXWHUV%DQG&DUH%*3 /HWURXWHU$DGYHUWLVHDVWDWL.URXWHWR/HWURXWHU%KDYHWKHIRO ORZLQJ.RQILJXUDWLRQ

aggregate 223 masklen 8 { proto ospfase { 223 masklen 8 refines; }; } export bgp peeras 123 { proto aggregate { all; }; };

5RXWHU%ZLOOLQVWDOOLQLWVNHUQHO
223.50 gw RTR A 223/8 gw 127.0.0.1

DQGZLOODGYHUWLVHWR5RXWHU&DURXWHWRJZ5RXWHU%1RZLIWKH H[SRUWLV.KDQJHGWR

338

Configuring GateD

export bgp peeras 123 { proto kernel { all; }; };

WKHQWKHUHVXOWVIRU5RXWHU%ZLOOEHWKHVDPHEXWWKHURXWHZLOOQRWEH DGYHUWLVHGWR5RXWHU&2QWKHRWKHUKDQGLIWKHVDPH.RQILJXUDWLRQLV XVHGEXWZLWKgenerate LQVWHDGRI aggregateVRZHKDYH

generate 223 masklen 8 { proto ospfase { 223 masklen 8 refines; }; };

WKHQWZRWKLQJVKDSSHQ)LUVW5RXWHU%LQVWHDGRILQVWDOOLQJDUHMH.WURXWH IRUSRUWLRQVRIWKHDJJUHJDWHWKDWGRQRWKDYHVSH.LIL.PDW.KHVZLOO LQVWHDGLQVWDOOLQLWVNHUQHO

223/8 gw RTR A

)XUWKHUUHJDUGOHVVRIZKHWKHUH[SRUWDJJUHJDWHRUH[SRUWNHUQHOLVVSH.L ILHGJZ5RXWHU$QRW5RXWHU%ZLOOEHDGYHUWLVHGWR5RXWHU&  <RXPD\DOVR.RQILJXUHDQDJJUHJDWHRQEHKDOIRQDQRWKHU.OLHQW$6 VD\$6

aggregate 10.0.0.0 masklen 7 gateway 198.32.4.22 as 65003 { proto bgp { 10.0.0.0 masklen 8; 11.0.0.0 masklen 8; }; };

6.6.3 Aggregating into Unicast and Multicast RIBs

5,%VQHHGQRWEHVSH.LILHGIRUDJJUHJDWHURXWHV%\GHIDXOWDQDJJUHJDWH DSSOLHVWRDOO5,%VWRZKL.KDQ\.RQWULEXWLQJURXWHDSSOLHV)RUH[DPSOH DQDJJUHJDWHDSSOLHVWRWKH8QL.DVW5,%LIDQGRQO\LIDQ\.RQWULEXWLQJ URXWHDSSOLHVWRWKH8QL.DVW5,% ([DPSOH

aggregate 10.0.0.0 masklen 8 { proto static { 10.0.0.0 masklen 8 refines; }; };

339

Route Aggregation

,IDQ\VWDWL.URXWHLQWKH8QL.DVW5,%PDW.KHVWKHURXWHILOWHUWKHDJJUH JDWHZLOOH[LVWLQWKH8QL.DVW5,%/LNHZLVHIRUWKH0XOWL.DVW5,% 5,%OLPLWVPD\KRZHYHUEHVSH.LILHG%\GHIDXOWWKHOLPLWLVDOOULEVLH DOO5,%VWRZKL.KDQ\.RQWULEXWLQJURXWHDSSOLHV7KLVGHIDXOW.DQEH RYHUULGGHQZLWKDPRUHVSH.LIL.OLPLWDVLQWKHH[DPSOHEHORZ

aggregate 10.0.0.0 masklen 8 unicast { proto static { 10.0.0.0 masklen 8 refines; }; };

7KHDERYHDJJUHJDWHDSSOLHVRQO\WRWKH8QL.DVW5,%DQGRQO\LID.RQ WULEXWLQJURXWHLVLQWKH8QL.DVW5,%&RQWULEXWLQJURXWHVLQRWKHU5,%V DUHLJQRUHG

340

Configuring GateD

Chapter 6 Section 7
Route Flap Dampening
6.7.0 Route Flap Dampening Overview 56G.DQEH.RQILJXUHGWRVXSSUHVVSURSDJDWLRQRIXQVWDEOH%*3URXWHV 7KLVIHDWXUHLV.RPPRQO\UHIHUUHGWRDVURXWHIODSGDPSHQLQJ)RUHD.K URXWHWRDGHVWLQDWLRQIURPHD.KSHHU56GPDLQWDLQVDQLQVWDELOLW\PHWUL. :KHQHYHUWKHSHHUGHOHWHVRU.KDQJHVLWVURXWHWRWKHGHVWLQDWLRQ56G LQ.UHPHQWVWKHDVVR.LDWHGLQVWDELOLW\PHWUL.7KHPHWUL.GH.D\VH[SRQHQ WLDOO\ZLWKWLPHZLWKD.RQILJXUDEOHKDOIOLIHWLPHWKHGH.D\UDWHV.DQEH .RQILJXUHGGLIIHUHQWO\ZKHQWKHGHVWLQDWLRQLVUHD.KDEOHRUXQUHD.KDEOH :KHQDURXWH
VLQVWDELOLW\PHWUL..URVVHVDVSH.LILHGXSSHUWKUHVKROG56G VXSSUHVVHVWKHURXWH7KDWURXWH.DQQRWEHLQVWDOOHGLQDQ\YLHZIRUZKL.K IODSGDPSHQLQJLVHQDEOHG6HH6H.WLRQ56G9LHZ6WDWHPHQWVIRU PRUHLQIRUPDWLRQDERXWYLHZV56GZLOOUHXVHWKHURXWHRQO\ZKHQWKH LQVWDELOLW\PHWUL.JRHVEHORZDQRWKHU.RQILJXUDEOHORZHUWKUHVKROG56G VXSSUHVVHVXVDJHRIURXWHVWKDWKDYHVWDELOLW\KLVWRU\WKDW.URVVDJLYHQ .RQILJXUDEOHWKUHVKROG 6.7.1 Route Flap Dampening Syntax 7KHV\QWD[IRUWKH dampen-flap .ODXVHLVDVIROORZV
dampen-flap{ suppress-above suppress-above ; reuse-below reuse-below ; max-flap max-flap ; reach-decay reach-decay ; unreach-decay unreach-decay ; keep-history keep-history ; }; suppress-above suppress-aboveLVWKHYDOXHVSH.LILHGLQEDVHH[SRQHQWIRUPRI

DURXWH
VLQVWDELOLW\DERYHZKL.KWKHURXWHLVVXSSUHVVHG7KH GHIDXOWIRU suppress-above LV 0.3e1

reuse-below reuse-below LVWKHYDOXHVSH.LILHGLQEDVHH[SRQHQWIRUPRID URXWH

VLQVWDELOLW\EHORZZKL.KDVXSSUHVVHGURXWHLVUHXVHG7KLV SDUDPHWHUPXVWEHOHVVWKDQWKH suppress-aboveWKUHVKROG7KH GHIDXOWIRU reuse-below LV0.2e1 max-flap max-flapLVWKHPD[LPXPYDOXHRIDURXWH
VLQVWDELOLW\KLVWRU\ max-flap, ZKL.KPXVWEHJUHDWHUWKDQWKH suppress-above

341

Route Flap Dampening

WKUHVKROGGHWHUPLQHVWKHORQJHVWWLPHWKDWDURXWHPD\EHVXS SUHVVHG7KHGHIDXOWIRU max-flap LV0.16e2

reach-decay

LVWKHWLPHLQVH.RQGVDIWHUZKL.KDUHD.KDEOH URXWH

VLQVWDELOLW\KLVWRU\GH.D\VWRKDOILWV.XUUHQWYDOXH7KH GHIDXOWIRUreach-decayLV300VH.RQGV
reach-decay unreach-decay unreach-decay

is the time (in seconds) after which an unreachable route's instability history decays to half its current value. (The default for unreach-decay is 900 seconds.)
keep-history LVWKHWLPHLQVH.RQGVIRUZKL.KDQ\KLVWRU\RI DURXWH
VLQVWDELOLW\LVPDLQWDLQHGE\56G7KHGHIDXOWIRUkeephistory LV1600VH.RQGV

keep-history

7KH dampen-flap VWDWHPHQWIROORZVWKHbgp VWDWHPHQWDQGSUH.HGHVWKH SROL.\VWDWHPHQWVLQWKH56GUXQWLPH.RQILJXUDWLRQILOH,IWKH dampenflap VWDWHPHQWLVDEVHQW56GZLOOQRWPDLQWDLQDURXWHLQVWDELOLW\KLVWRU\ ,IDdampen-flap VWDWHPHQWLVSUHVHQWEXWZLWKRXWDQ\SDUDPHWHUVWKH GHIDXOWYDOXHRIWKHSDUDPHWHUVDUHXVHG,IDUH.RQILJXUDWLRQ.KDQJHVWKH YDOXHVRIDQ\SDUDPHWHU56GHUDVHVDOOSUHYLRXVURXWHLQVWDELOLW\KLVWRU\ 

342

Configuring GateD

Chapter 7 Section 1
SNMP
7.1.0 SNMP Overview 7KHHPEHGGHG6103DJHQWDYDLODEOHLQHDUO\VQDSVKRWVKDVEHHQ UHPRYHG,WLVVWLOODYDLODEOHDVDQXQVXSSRUWHGSDW.K3OHDVHPDLO JDWHG#GMLQHV\V.RPIRULQIRUPDWLRQDERXWREWDLQLQJWKHSDW.K *DWH'QRZXVHVWKH608;SURWR.ROIRU6103VXSSRUW6HH6H. WLRQ608;IRUPRUHLQIRUPDWLRQDERXWWKH608;SURWR.RO 7KH6LPSOH1HWZRUN0DQDJHPHQW3URWR.RO6103LVQRWDURXWLQJSUR WR.ROEXWDQHWZRUNPDQDJHPHQWSURWR.RO:KHQWKH snmp VWDWHPHQWLV XVHGWKH&08EDVHGHPEHGGHG6103DJHQWLVHQDEOHG7KLVRSWLRQ.DQ QRWEHXVHGLQ.RQMXQ.WLRQZLWKWKH smux .ODXVHZKL.KHQDEOHVWKH608; 61030XOWLSOH[LQJSURWR.ROLQ*DWH'6HH6H.WLRQ608;IRU PRUHLQIRUPDWLRQDERXW608; 7KH.XUUHQWHPEHGGHG6103DJHQWVXSSRUWLVEDVHGRQWKH8&'DYLV OLEUDU\UHOHDVH,WLPSOHPHQWVPRVWRI0,%,,DVZHOODVWKHURXWLQJ 0,%V1RWHWKDWLIWKHDJHQWLVHQDEOHG*DWH'PXVWEHWKHRQO\SURJUDP OLVWHQLQJWR8'3SRUW 'LIIHUHQWYHUVLRQVRI*DWH'XVHGLIIHUHQWYHUVLRQVRI6103RU608; 9HUVLRQV[XVH,62'(608;.RQILJXUHGZLWKDQROGHUYHUVLRQRI 6103WKDWLVGR.XPHQWHGLQWKH*DWH'GR.XPHQWDWLRQZKL.K.DQEH IRXQGDW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOVROGBGR. .RQILJBJXLGHVQPSBVWPWKWPO 9HUVLRQV[DQG[XVH0HULW608;ZKL.KLV.RQILJXUHGZLWKWKHVPX[ VWDWHPHQW 7.1.1 SNMP Syntax
snmp ( on | off) [ { traceoptions snmptraceoptions ; port snmpport ; snmp-config-file string ; testmib [ on | off ]; debug ; } ] ; snmp

5HSRUWLQJLVHQDEOHGE\VSH.LI\LQJ on DQGGLVDEOHGZLWK off. 7KHGHIDXOWGHSHQGVRQZKHWKHU smuxLVHQDEOHG%RWKsnmp DQG smux .DQQRWEHRQDSDUVHHUURUUHVXOWV7KHIROORZLQJWDEOHVKRZVWKHGHIDXOWV

343

SNMP

snmpYDOXH

smuxYDOXH

snmpVWDWH

smuxVWDWH

QRQH QRQH RQ RII

RQ RII QRQH QRQH

RII RII RQ RII

RQ RII RII RQ

traceoptions snmptraceoptions traceoptionsVSH.LILHVWKHWUD.LQJRSWLRQVIRU61036HH6H.

WLRQ7UD.H6WDWHPHQWVDQGWKH6103VSH.LIL.WUD.LQJRSWLRQV EHORZ %\GHIDXOWWKH6103DJHQWOLVWHQVIRUUHTXHVWVRQSRUWSRUW .RQILJXUHV*DWH'WROLVWHQRQDGLIIHUHQWSRUW

port snmpport

snmp-config-file string

XVHIRUWKH0,%.RQILJXUDWLRQILOH
testmib [ on | off ] testmib debug

snmp-config-file string VSH.LILHVWKHILOHWKHVQPSPRGXOHV

GXPSVWKHHQWLUH0,%ZLWKLQVWDQ.HVDQGH[LWV

HQDEOHVGHEXJJLQJRIWKH6103.RGH7KHGHIDXOWLV GHEXJJLQJdisabled.
debug

7.1.2 SNMP Tracing Options

7KHUHDUHQR6103VSH.LIL.WUD.HRSWLRQV6103UHTXHVWVUH.HLYHGYLD WKH608;SURWR.ROIURPWKH6103GDHPRQDUHQRWKDQGOHGTXLWHOLNH SD.NHWV7KH detail, send, DQG recv RSWLRQVDUHQRWVXSSRUWHG

receive

7UD.H6103UHTXHVWVUH.HLYHGIURPWKHPDQDJHPHQWVWDWLRQDQG WKHDVVR.LDWHGUHVSRQVHV
trap

7UD.H6103WUDSUHTXHVWVIURPSURWR.ROV

344

Configuring GateD

345

SNMP

346

Configuring GateD

Chapter 7 Section 2
SMUX
7.2.0 SMUX Overview :KHQWKH smux .ODXVHLVXVHG*DWH'ZLOODWWHPSWWR.RQWD.WDQ6103 PDVWHUDJHQWRQWKHOR.DOKRVWYLDWKH608;61030XOWLSOH[LQJSURWR .RORYHU7&37KH608;SURWR.ROLVGHV.ULEHGLQ5)& RFC1227 can be found at: (http://www.gated.org/gated-web/code/doc/manuals/ config_guide/references.html#RFC1227) 608;.DQQRWEHXVHGLQ.RQMXQ.WLRQZLWKWKH snmp .ODXVH*DWH'ZLOOIDLO WRSDUVHWKH.RQILJXUDWLRQILOHLIWKLVLVDWWHPSWHG9HUVLRQ[RI*DWH' XVHV0HULW608;ZKL.KLVNQRZQWRZRUNZLWKWKHX.GVQPSPDVWHU DJHQW6HHWKHIROORZLQJ85/IRUPRUHLQIRUPDWLRQDERXWX.GVQPS KWWSX.GVQPSX.GDYLVHGX 9HUVLRQV[RI*DWH'XVHD608;LPSOHPHQWDWLRQEDVHGRQ,62'( ZKL.KLVGR.XPHQWHGLQWKH*DWH'GR.XPHQWDWLRQIRXQGDW KWWSZZZJDWHGRUJJDWHGZHE.RGHGR.PDQXDOVROGBGR. .RQILJBJXLGHVQPSBVWPWKWPO 8SRQ.RQWD.WLQJWKHPDVWHUDJHQWDVWULQJSDVVZRUGDQG61032EMH.W ,GHQWLILHULGHQWLW\DUHSDVVHGIRUDXWKHQWL.DWLRQSXUSRVHV,IWKHDXWKHQWL.D WLRQVX..HHGV*DWH'ZLOOUHJLVWHUWKHURXWLQJ0,%VXEWUHHVDQGUHTXHVW WKDWLWEH.RQWD.WHGZKHQWKHPDVWHUDJHQWUH.HLYHVTXHULHVIRUWKHVHVXE WUHHV:KHQWKHPDVWHUDJHQWUH.HLYHVVX.KDTXHU\IURPDPDQDJHPHQW VWDWLRQLWZLOOEHSDVVHGWR*DWH' 7KH*(7DQG*(71(;7RSHUDWLRQVDUHERWKVXSSRUWHG7KHUHLV.XU UHQWO\QRVXSSRUWIRUWKH6(7RSHUDWLRQ *DWH'XVHVDKDUG.RGHGLGHQWLW\RI  $IWHU*DWH'KDVEHHQVWDUWHGDQGKDV.RQQH.WHGWRDPDVWHUDJHQWLWZLOO UHVSRQGWRTXHULHVWKDWIDOOZLWKLQLWVVXSSRUWHG0,%V)RUH[DPSOHXVLQJ WKHX.GVQPSsnmpgetXWLOLW\WKHIROORZLQJ.RPPDQGZRXOGUHWULHYHWKH YDULDEOHbgp.bgpLocalAsLIERWK*DWH'DQGWKHPDVWHUDJHQWZHUHUXQ QLQJRQWKHOR.DOPD.KLQHXVLQJYHUVLRQ6103
snmpget -v 1 localhost public 15.2.0

7KLVVHQGVDQ6103*(7WRWKHOR.DOPDVWHUDJHQWZKL.KLQWXUQTXHULHV *DWH'IRUWKHYDOXH)RU6103WDEOHVWKHsnmpwalkXWLOLW\.DQEHXVHGWR ZDONDQHQWLUHWDEOHXVLQJ*(71(;7V+HUHLVDQH[DPSOH.RPPDQGWR ZDONWKHHQWLUH%*33HHU7DEOHIRUWKHSHHUDGGUHVV

snmpwalk -v 1 localhost public 15.3.1.1.192.168.10.1

347

SMUX

7.2.1 SMUX Syntax

smux ( on | off ) [ { traceoptions smuxtraceoptions ; port smuxport ; password string ; } ] ; smux

5HSRUWLQJLVHQDEOHGE\VSH.LI\LQJ on DQGGLVDEOHGZLWKoff. 7KHGHIDXOWGHSHQGVRQZKHWKHUsnmp LVHQDEOHG%RWK snmp DQG smux .DQQRWEHRQDSDUVHHUURUUHVXOWV7KHIROORZLQJWDEOHVKRZVWKH GHIDXOWV

snmpYDOXH

smuxYDOXH

snmpVWDWH

smuxVWDWH

QRQH QRQH RQ RII

RQ RII QRQH QRQH

RII RII RQ RII

RQ RII RII RQ

traceoptions smuxtrace_options traceoptions VSH.LILHVWKHWUD.LQJRSWLRQVIRU608;6HH6H. WLRQ7UD.H6WDWHPHQWVDQGWKH608;VSH.LIL.WUD.LQJRSWLRQV EHORZ port smuxport

7KH7&3SRUWVSH.LILHGE\WKH,$1$IRUWKH608;VHUYL.HLV  port IRU.HV*DWH'WRDWWHPSWWR.RQWD.WWKHPDVWHUDJHQW RQDGLIIHUHQWSRUW 7.2.2 SMUX Tracing Options 7KHIROORZLQJWUD.HRSWLRQVDUHVXSSRUWHGIRUWKLVSURWR.ROsend, receive, DQG packets.
send

7UD.H6103UHTXHVWVVHQWWRWKHPDVWHUDJHQW
receive

7UD.H6103UHTXHVWVUH.HLYHGIURPWKHPDVWHUDJHQW
packets

7UD.HHD.KGDWDSD.NHWUH.HLYHGDQGVHQWLQWKHWUD.HILOH

348

Configuring GateD

349

SMUX

350

Configuring GateD

Chapter 8 Section 1
Sample Host Configurations
8.1.0 Overview :HQHHGPRUHH[DPSOHV ,I\RXGRQ
WVHHZKDW\RXQHHGKHUHDQG\RX.UHDWHDZRUNLQJ.RQILJILOH WKDW\RX
UHZLOOLQJWRVKDUHSOHDVHVHQGLWWRXV$OVRLI\RXILQGPLVWDNHV LQWKHH[DPSOHVKHUHMXVWOHWXVNQRZDQGZH
OOIL[WKHP 8.1.1 RIP (QGV\VWHP.RQILJXUDWLRQLVVLPSOHXVXDOO\.RQWDLQLQJRQO\WZR.RQILJXUD WLRQVWDWHPHQWV7KH.RQILJXUDWLRQVKRZQKHUHHPXODWHVrouted,WUXQV 5,3DQGLWRQO\VHQGVXSGDWHVLIWKHUHLVPRUHWKDQRQHLQWHUID.HXSDQG,3 IRUZDUGLQJLVHQDEOHGLQWKHNHUQHO
# rip on ; #

1RWH5,3ZLOOQRWUXQLI8'3.KH.NVXPVDUHGLVDEOHGLQWKHNHUQHO 7KHIROORZLQJ.RQILJXUDWLRQUXQV5,3LQTXLHWPRGHLWRQO\OLVWHQVWR SD.NHWVQRPDWWHUKRZPDQ\LQWHUID.HVDUH.RQILJXUHG

# rip on ; { nobroadcast ; } ; #

7KHIROORZLQJ.RQILJXUDWLRQVKRXOGZRUNIRUDQ\V\VWHPWKDWUXQV5,3DQG KDVRQO\RQHQHWZRUNLQWHUID.H
# # don't time-out the network interface # interface 136.66.12.2 passive ; # # enable rip # rip on ; #

7KHNH\ZRUG passive SUHYHQWV*DWH'IURP.KDQJLQJWKHSUHIHUHQ.HRI WKHURXWHWRWKLVLQWHUID.HLILWLVEHOLHYHGWREHGRZQGXHWROD.NRI

351

Sample Host Configurations

UH.HLYHGURXWLQJLQIRUPDWLRQ7KHSXUSRVHRIWKH interface passive VWDWHPHQWLVWRLGHQWLI\DURXWHUZLWKDJXHVWKRVWRQDQ(WKHUQHW,QWKLV H[DPSOHWKHURXWHLVWKURXJKWKHGLUH.WO\DWWD.KHGQHWZRUNLQWHUID.H 1RUPDOO\ZKHQ*DWH'WKLQNVDQLQWHUID.HLVGRZQLWUHPRYHVLWIURPWKH URXWLQJGDWDEDVHWRSUHYHQWDJDWHZD\IURPDQQRXQ.LQJWKDWLW.DQURXWH GDWDWKURXJKDQRQRSHUDWLRQDOLQWHUID.H,IWKHKRVWKDVRQO\RQHLQWHU ID.HWKHLQWHUID.HVKRXOGQRWEHUHPRYHGIURPWKHURXWLQJGDWDEDVHHYHQ LIWKHLQWHUID.HLVGRZQLHWKHVWDWHPHQW interface 136.66.12.2 passive LQWKLV.RQILJXUDWLRQ5,3LVHQDEOHGZLWKD rip on VWDWHPHQW 7KLVVWDWHPHQWLVQRWUHTXLUHGLWLVWKHGHIDXOW,Q.OXGLQJWKH rip on VWDWHPHQWH[SOL.LWO\LQWKHgated.conf ILOHVHUYHVWRGR.XPHQWWKH.RQ ILJXUDWLRQZKL.KSUHYHQWVIXWXUH.RQIXVLRQ

352

Configuring GateD

Chapter 8 Section 2
Sample Interior Gateway (Intra-Domain) Configurations
8.2.0 Overview :HQHHGPRUHH[DPSOHV ,I\RXGRQ
WVHHZKDW\RXQHHGKHUHDQG\RX.UHDWHDZRUNLQJ.RQILJXUD WLRQILOHWKDW\RX
UHZLOOLQJWRVKDUHSOHDVHVHQGLWWRXV$OVRLI\RXILQG PLVWDNHVLQWKHH[DPSOHVKHUHMXVWOHWXVNQRZDQGZH
OOIL[WKHP 8.2.1 RIP 8.2.1.1 RIP Only, Subnet to Backbone *DWHZD\.RQILJXUDWLRQVDUHPRUH.RPSOL.DWHGWKDQDVLPSOHKRVW.RQILJX UDWLRQEH.DXVHJDWHZD\VKDYHPXOWLSOHLQWHUID.HVDQGPD\UXQPXOWLSOHSUR WR.ROV7KLVVDPSOH.RQILJXUDWLRQILOH.RQQH.WVWZRQHWVZLWKLQDQ DXWRQRPRXVV\VWHP7KLV.RQILJXUDWLRQ.DQEHXVHGIRUDQ\JDWHZD\WKDW XVHVRQO\5,3DQGWKDW.RQQH.WVDVLQJOHVXEQHWWRDODUJHUQHWZRUN
# # enable rip # rip yes ; # # using rip, announce subnet 3 via interface 136.66.1.2 # export proto rip interface 136.66.1.2 { proto direct { 136.66.3.0 metric 0 ; } ; } ; # # using rip, announce all routes learned from interface 136.66.1.2 # export proto rip interface 136.66.3.1 { proto rip interface 136.66.1.2 { all ; } ; } ;

7KHDERYH.RQILJXUDWLRQ.RQWDLQVWZR export VWDWHPHQWV7KHILUVWRQH WHOOV*DWH'WRDQQRXQ.HYLDWKH5,3SURWR.RODQGLQWHUID.HD

353

Sample Interior Gateway (Intra-Domain) Configurations

GLUH.WURXWHWRVXEQHW7KHVH.RQGWHOOV*DWH'WRDQQRXQ.H YLDWKH5,3SURWR.RODQGWKHLQWHUID.HDOOURXWHVOHDUQHGYLD 5,3IURPWKHLQWHUID.H7KHVHURXWHVLQ.OXGHVXEQHWURXWHV DQGDQ\URXWHVWRWKHUHVWRIWKHZRUOGLQ.OXGLQJGHIDXOWURXWHV 7KHILUVWexport VWDWHPHQWZDVQRWUHTXLUHGEH.DXVHE\GHIDXOW*DWH' DQQRXQ.HVHYHU\QHWZRUNWKDWLVGLUH.WO\.RQQH.WHGWRWKHJDWHZD\7KH ILUVWexportVWDWHPHQWZDVH[SOL.LWO\HQWHUHGIRUWZRUHDVRQVWRGR.X PHQWWKHLQWHQGHGVWUX.WXUHDQGWRDYRLGUHO\LQJRQGHIDXOWVWKDWPD\EH .KDQJHGLQIXWXUHUHOHDVHV,QDQ\ export VWDWHPHQWWKHPDLQ proto .ODXVHDQGWKHPDLQinterface .ODXVHPD\GHILQHWKHSURWR.RODQGLQWHU ID.HWKURXJKZKL.KWKHURXWHVDUHDGYHUWLVHG6XEVLGLDU\ proto DQG interface .ODXVHVGHILQHWKHSURWR.ROVDQGWKHLQWHUID.HVIURPZKL.K WKHURXWHVPXVWEHOHDUQHG 8.2.1.2 RIP with Default Announcement ,IWKHJDWHZD\RQO\UXQV5,3DQG.RQQH.WVDOR.DOED.NERQHWRDVXEQHW ZKL.KLQWXUQSURYLGHVDJDWHZD\WRWKHRXWVLGHZRUOGWKHILOHLV.RQILJ XUHGGLIIHUHQWO\,QWKHH[DPSOHEHORZWKHJDWHZD\DQQRXQ.HVDGHIDXOW URXWHWRWKHED.NERQHDQGDQQRXQ.HVDOORIWKHLQGLYLGXDOVXEQHWURXWHV WRWKHRXWVLGHZRUOG
# # Enable rip # rip yes ; # # using rip, announce all local subnets via 136.66.12.3 # export proto rip interface 136.66.12.3 metric 3 { proto rip interface 136.66.1.5 { all ; } ; }; # # using rip, announce default to the local backbone via 136.66.1.5 # export proto rip interface 136.66.3.1 { proto rip interface 136.66.12.3 { 0.0.0.0 ; } ; } ;

354

Configuring GateD

7KHILUVWVWDWHPHQWH[SOL.LWO\GLUH.WV*DWH'WRDQQRXQ.HDOORIWKHURXWHV LWOHDUQVIURPLQWHUID.HRXWWKURXJKLQWHUID.H7KH H[SOL.LWall LVQRWUHTXLUHG7KHPHWUL.YDOXHLVVSH.LILHGLQWKHPDLQ VWDWHPHQWDQGDSSOLHVWRHYHU\URXWHDQQRXQ.HGYLDWKLVSURWR.RODQG LQWHUID.H:KHQWKHPHWUL.LVVSH.LILHGLQWKHexport .ODXVHLWRQO\ DSSOLHVWRWKHURXWHVVSH.LILHGLQWKDW.ODXVH,QWKLVH[DPSOH metric 3 DSSOLHVWRHYHU\URXWHDQQRXQ.HGRYHULQWHUID.HYLD5,3 8.2.1.3 Direct Routes ,IDJDWHZD\KDVLQWHUID.HVRQVHYHUDOQHWZRUNVWKHIROORZLQJ.RQILJXUD WLRQZRXOGSURYLGHIRUDQQRXQ.LQJURXWHVOHDUQHGYLDWKH5,3SURWR.RO DQGURXWHVWRWKHGLUH.WO\.RQQH.WHGQHWZRUNV
# # Enable rip # rip yes; # # using rip announce all directly connected networks with a metric of 0 # and all routes learned via the rip protocol # export proto rip { proto direct { all metric 0; }; proto rip { all; }; };

8.2.1.4 Static Routes ,I\RXZDQWWRVWDWL.DOO\.RQILJXUH.HUWDLQURXWHVWRSRLQWWRDSDUWL.XODU JDWHZD\WKHIROORZLQJ.RQILJXUDWLRQGHPRQVWUDWHVKRZWRD..RPSOLVK WKLV2QO\URXWHVOHDUQHGYLDWKH5,3SURWR.RODQGWKHVWDWL.DOO\.RQILJ XUHGURXWHVDUHDQQRXQ.HG

# # Enable rip # rip yes; # # these networks and host are reachable via gateway 192.168.12.1 #

355

Sample Interior Gateway (Intra-Domain) Configurations

static { host 192.168.2.1 gateway 192.168.12.1; 192.168.10.0 mask 255.255.255.0 gateway 192.168.12.1; 192.168.11.0 masklen 24 gateway 192.168.12.1; }; # # export via RIP all the statically configured routes # and all routes learned via RIP # the metric only applies to the static routes # export proto rip metric 1 { proto static { all; }; proto rip { all; }; };

8.2.1.5 Importing Routes 6RPHWLPHV\RXRQO\ZDQWWRLPSRUWURXWHVLIWKH\PHHW.HUWDLQUHTXLUH PHQWVVXSSOLHGE\DURXWHILOWHU:LWKWKHIROORZLQJ.RQILJXUDWLRQURXWHV DUHRQO\LPSRUWHGIURPWKHVSH.LILHGJDWHZD\V

# # Enable rip # rip yes; # # import via RIP routes only from these hosts (gateways) # import proto rip { host 192.168.10.1; host 192.168.11.1; host 192.168.12.1; };

356

Configuring GateD

8.2.1.6 Exporting Routes 7KHIROORZLQJ.RQILJXUDWLRQGHPRQVWUDWHVKRZWRILOWHURXW.HUWDLQURXWHV IURPEHLQJDQQRXQ.HG

# # Enable rip # rip yes; # # use the export statement # networks and announce # export proto rip { 192.168.14.0 masklen 192.168.15.0 masklen 192.168.16.0 masklen all; }

to block out the 14, 15, and 16 all others

24 restrict; 24 restrict; 24 restrict;

8.2.1.7 CIDR %H.DXVH5,3YHUVLRQGRHVQRW.DUU\QHWPDVNLQIRUPDWLRQLQLWVSD.NHWV &,'5LVGLIIL.XOWLIQRWLPSRVVLEOHWR.RQYH\LQ5,3YHUVLRQSD.NHWV :LWKWKHIROORZLQJ.RQILJXUDWLRQ5,3YHUVLRQLVXVHGWRPXOWL.DVWLWV URXWHV5,3YHUVLRQLQ5,3YHUVLRQ.RPSDWLELOLW\PRGHLVQRWHQRXJK :KLOHWKHQHWPDVNLQIRUPDWLRQLVSURYLGHGLQ5,3YHUVLRQ.RPSDWLEOH SD.NHWVURXWHVWKDWPLJKWEHLPSURSHUO\LQWHUSUHWHGE\5,3YHUVLRQZLOO QRWEHEURDG.DVWHGE\5,3YHUVLRQ

# # enable rip # turn on broadcast (RIPv2 will not multicast or broadcast without this) # turn on version 2 multicast on each interface # rip yes { broadcast; interface 192.168.10.1 version 2 multicast; interface 192.168.11.1 version 2 multicast; };

8.2.1.8 Source and Trusted Gateways 6RPHWLPHV\RXGRQ

WZDQWD5,3URXWHUWREURDG.DVWRUPXOWL.DVWLQWKH .DVHRI5,3YHUVLRQLWVURXWHDQQRXQ.HPHQWV7KHIROORZLQJ.RQILJXUD

357

Sample Interior Gateway (Intra-Domain) Configurations

WLRQGHPRQVWUDWHVKRZWRXVHWKH sourcegateways RSWLRQWRXQL.DVWWKH SD.NHWV,WDOVRGHPRQVWUDWHVKRZWRXVHWKH trustedgateways RSWLRQ.

# # Enable rip # Send to 10.1, 11.1, and 12.1 but only accept from 10.1 and 11.1 # rip yes { nobroadcast; sourcegateways 192.168.10.1 192.168.11.1 192.168.12.1; trustedgateways 192.168.10.1 192.168.11.1; };

8.2.2 OSPF

8.2.2.1 OSPF Using NBMA Mode ,QWKLVVDPSOH.RQILJXUDWLRQDQ+3VHUYHULV.RQILJXUHGWREHERWKWKH DUHDERUGHUURXWHUDQGWKHED.NERQHURXWHU

traceoptions parse ; routerid 195.1.1.2 ; RIP no ; OSPF yes { defaults { preference 10 ; cost 5 ; type 1 ; } ; area 0.0.0.1 { networks { 195.1.1.0 ; } ; interface 195.1.1.2 nonbroadcast { routers { 195.1.1.1 eligible ; 195.1.1.2 eligible ; } ; priority 15 ; enable ; hellointerval 30 ; routerdeadinterval 30 ; pollinterval 30 ; } ; } ; area 0.0.0.2 { networks { 193.2.1.0 ; 194.1.1.0 ;

358

Configuring GateD

} ; interface 194.1.1.3 nonbroadcast { routers { 194.1.1.2 eligible ; 194.1.1.3 eligible ; 194.1.1.1 ; } ; priority 15 ; enable ; hellointerval 30 ; routerdeadinterval 30 ; retransmitinterval 30 ; pollinterval 30 ; } ; } ; backbone { interface 15.13.115.156 nonbroadcast { enable ; transitdelay 20 ; priority 10 ; hellointerval 30 ; routerdeadinterval 30 ; retransmitinterval 30 ; pollinterval 30 ; } ; } ; } ;

7KLVH[DPSOHKDVWZRDUHDVDQGDQGWKH263)ED.NERQH DUHD,QDUHDRQHRWKHUURXWHULQWHUID.HDWLVHOLJLEOH D.URVVWKH10%$QHWZRUNWREHSROOHGHYHU\VH.RQGV,QDUHD WZRRWKHUURXWHUVDUHOLVWHGDQGRQO\RQHRWKHU URXWHU.DQHQJDJHLQ263)SD.NHWVZLWKWKLVURXWHU ,QWKHED.NERQHDUHDDOOURXWHUVDUHHOLJLEOHE\GHIDXOWWREHSROOHGDW LQWHUYDO

359

Sample Interior Gateway (Intra-Domain) Configurations

8.2.3 RIP and OSPF

7KHIROORZLQJ.RQILJXUDWLRQIRU$6HQDEOHVERWK5,3DQG263)SUR WR.ROVDQG.DQEHXVHGIRUWHVWLQJ5,3DQG263)
#options noinstall ; interfaces { interface le0 passive ; } ; autonomoussystem 283 ; snmp yes ; rip yes { broadcast ; defaultmetric 5 ; interface le version 2 multicast ; } ; ospf yes { traceoptions lsabuild protocol ; monauthkey "ZZZZZZZZ" ; backbone { interface all { priority 2 ; } ; interface le { auth simple "YYYYYYYY" ; } ; } ; static { default gateway 132.236.200.200 preference 140 retain ; }

,QWKH5,3YHUVLRQ.DVHPXOWL.DVWSD.NHWVDUHJHQHUDWHGRQDOOHWKHUQHW LQWHUID.HVOHOH7KLVJHQHUDWLRQLVDVDIHZD\WRWHVW5,3EH.DXVHWKH SURGX.WLRQJDWHZD\VRQWKLVQHWZRUNGRQRWVXSSRUW5,3YHUVLRQ,Q WKH263).DVHDOOLQWHUID.HVDUH.RQILJXUHGWREHSULRULW\VRWKH3UR WHRQURXWHUVSULRULW\ZLOOEH.RPHGHVLJQDWHGURXWHUV$VLPSOHSDVV ZRUGLVVSH.LILHG<<<<<<<<IRUDXWKHQWL.DWLRQRIDOO(WKHUQHW LQWHUID.HVZKL.KDUHWKHRQO\NLQGRILQWHUID.HVLQWKLV.RQILJXUDWLRQ

360

Configuring GateD

Chapter 8 Section 3
Sample Exterior Gateway (Inter-Domain) Configurations
8.3.0 Overview :HQHHGPRUHH[DPSOHV ,I\RXGRQ
WVHHZKDW\RXQHHGKHUHDQG\RX.UHDWHDZRUNLQJ.RQILJILOH WKDW\RX
UHZLOOLQJWRVKDUHSOHDVHVHQGLWWRXV$OVRLI\RXILQGPLVWDNHV LQWKHH[DPSOHVKHUHMXVWOHWXVNQRZDQGZH
OOIL[WKHP 8.3.1 RIP/EGP Configuration 7KLV.RQILJXUDWLRQHQDEOHVERWKDQLQWHULRU5,3DQGDQH[WHULRU(*3 SURWR.RODQGVHWV.HUWDLQSURWR.ROVSH.LIL.SDUDPHWHUV
# generate a default route if an EGP neighbor is acquired # options gendefault ; # # define the autonomous system number for EGP # autonomoussystem 303 ; # # enable RIP # rip on ; # # enable EGP with hello interval 1 1/2 minute, poll # interval 10 minutes, neighbors 26.6.0.103 and 26.20.0.72 # egp on { packetsize 24488 ; group minhello 1:30 minpoll 10:00 { neighbor 26.6.0.103 ; neighbor 26.20.0.72 ; } ; } ; # # announce 136.66 to AS 183 # export proto egp as 183 { proto direct { 136.66 metric 0 ; } ; } ; # # announce default via RIP with a metric of 3

361

Sample Exterior Gateway (Inter-Domain) Configurations

# export proto rip interface 136.66.12.1 { proto default { announce 0.0.0.0 metric 3 ; } ; } ;

7KH$6QXPEHULVGHILQHGHDUO\EH.DXVHLWLVDGHILQLWLRQVWDWHPHQW DQGGHILQLWLRQVWDWHPHQWVPXVWR..XUEHIRUHWKHILUVWSURWR.ROVWDWHPHQW (*3LVHQDEOHGE\WKHonLQWKH(*3VWDWHPHQWZKL.KGHILQHVDGGLWLRQDO (*3SDUDPHWHUV7KH(*3SDUDPHWHUVLQ.OXGHWKHpacketsizeSDUDPH WHUZKL.KGHILQHVWKHLQLWLDOVL]HRIXSGDWHSD.NHWVD..HSWHGWKHgroup .ODXVHZKL.KVHWVSDUDPHWHUVIRUDOORIWKH(*3QHLJKERUVLQWKHJURXS DQGminhelloDQGminpollZKL.KDUHXVHGWRVHWWKHSURWR.ROWLPHUV 7KHILUVWexportVWDWHPHQWGLUH.WV*DWH'WRXVH(*3WRDGYHUWLVHWKH QHWZRUNWRWKH,QWHUQHW7KLVLVWKHDGGUHVVRIWKHQHWZRUN QRWRIDJDWHZD\7KHVH.RQGexportVWDWHPHQWLVXVHGWRDQQRXQ.HWKH GHIDXOWURXWHWRVXEQHWZLWKDPHWUL.RI 8.3.2 BGP/OSPF Configuration
P2P | Router ID = 19.1.1.18 | OSPF Backbone (area 0.0.0.0) | AS Number = 1019 | | BGP IGP | Network: 119.2.128.18 | 09.1.1.19 | 119.2.128 ______|______ EN ---------------------------| | OSPF area 0.0.0.2 | | BGP External to AS 2021 | | | Router A |---------------- FR Network: | | 21.1.1.21 | | 119.4.128 | | EN ---------------------------|_____________| OSPF area 0.0.0.2 119.4.128.18

,QWKLVVDPSOH.RQILJXUDWLRQ*DWH'LPSOHPHQWVWKHWUDQVIRUPDWLRQRI GLVWDQ.HPHWUL.VEHWZHHQWKHLQWHUQDO263)DQGH[WHUQDO%*3SURWR .ROV$XWRQRPRXVV\VWHPRIZKL.K*DWH'LVDPHPEHU.RQWDLQV QHWZRUN7KH*DWH'PD.KLQHKDVVHYHUDOLQWHUID.HVLQWRWKLV

362

Configuring GateD

DXWRQRPRXVV\VWHP*DWH'LVXVLQJ%*3WRSHHUZLWK$6QHLJKERU 
interfaces {options all passive; }; autonomoussystem 1019; routerid 19.1.1.18; rip off; egp off; bgp on { preference 50 ; group type External peeras 2021 { peer 21.5.1.21; } ; group type IGP peeras 1019 { peer 19.1.1.19; } ; } ; ospf on { area 0.0.0.2 { authtype none; networks { 119.0.0.0 mask 255.0.0.0 ; } ; interface 119.2.128.18 cost 1 { retransmitinterval 5; transitdelay 1; priority 1; hello interval 10; routerdeadinterval 40; } ; interface 119.4.128.18 cost 1 { retransmitinterval 5; transitdelay 1; priority 1; hellointerval 60; routerdeadinterval 180; } ; } ; backbone { authtype none; interface 19.1.1.19 cost 1 {

363

Sample Exterior Gateway (Inter-Domain) Configurations

retransmitinterval 5; transitdelay 1; priority 1; hellointerval 60; routerdeadinterval 180; } ; } ; } ; export proto ospfase type 1 { proto bgp as 2021 { ALL metric 1; }; proto direct { ALL metric 1; }; } ; export proto bgp as 2021 { proto direct { ALL metric 1; } ; proto ospfase { ALL metric 1; } ; } ;

,QWKLV.RQILJXUDWLRQWZRDXWRQRPRXVV\VWHPVRQHLQWHUQDORQHH[WHU QDODUHGLUH.WO\.RQQH.WHGWKURXJKDURXWHUWKDWLVDWWD.KHGWRDED.NERQH VSHDNLQJ263) 7KH$6QXPEHULVGHILQHGHDUO\EH.DXVHLWLVDdefinitionVWDWH PHQWWKDWR..XUVDJDLQLQWKHILUVWSURWR.ROVWDWHPHQWWKDWHQDEOHV%*3 7KHILUVWexportVWDWHPHQWGLUH.WV*DWH'WRDGYHUWLVHURXWHVWRWKH$6 WRWKH263)DV263)$6([WHUQDOURXWHVWKHURXWLQJLQIRUPDWLRQ JDWKHUHGIURP$6YLD%*3DQGWKHGLUH.WURXWHV'LUH.WURXWHVIURP WZROR.DO(WKHUQHWVLQ$6LGHQWLILHGDVDQG PDVNDUHDGYHUWLVHGDORQJZLWKWKH 263)ED.NERQH 7KHVH.RQGexportVWDWHPHQWDQQRXQ.HVWKHGHIDXOWURXWHWR$6 ZLWKDPHWUL.RIDQGDOOURXWHVOHDUQHGIURPWKH263)DV$6H[WHUQDO URXWHV 

364

Configuring GateD

Chapter 8 Section 4
Sample Multicast Router Configurations
8.4.0 Overview :HQHHGPRUHH[DPSOHV ,I\RXGRQ
WVHHZKDW\RXQHHGKHUHDQG\RX.UHDWHDZRUNLQJ.RQILJILOH WKDW\RX
UHZLOOLQJWRVKDUHSOHDVHVHQGLWWRXV$OVRLI\RXILQGPLVWDNHV LQWKHH[DPSOHVKHUHMXVWOHWXVNQRZDQGZH
OOIL[WKHP 8.4.1 IGMP and DVMRPv3 $VLPSOH,*03DQG'9053.RQILJXUDWLRQZLWKSDVVLYHLQWHUID.HVIRO ORZV
interfaces { interface all passive; }; igmp on; dvmrp on;

7XUQ,*03DQG'9053RQRQO\WZRLQWHUID.HVXVLQJWKLVV\QWD[
igmp on { interface le0 { enable }; interface le1 { enable }; }; dvmrp on { interface le0 enable; interface le1 enable; };

365

Sample Multicast Router Configurations

8.4.2 Sample PIMSMv2 over RIP configuration

$VDPSOHXVHRI3,060RYHU5,3IROORZV

rip on; import proto rip { all multicast unicast; }; traceoptions "/var/tmp/gated.log" replace all ; igmp on { interface interface interface interface interface }; icmp { }; pim on { traceoptions "/var/tmp/gated.log" replace packets route; # hello-interval 35; sparse "sm0" { interface le0 disable; interface qe0 enable; interface qe1 enable; interface qe2 enable; interface qe3 enable; bsr qe0 priority 1; crp qe0 1; }; dense "dm0" { interface qe2 enable; interface qe3 enable; }; };

le0 qe0 qe1 qe2 qe3

{ { { { {

disable }; enable }; enable }; enable }; enable };

366

Configuring GateD

rip on { traceoptions none ; interface le0 noripin noripout ; interface qe ripout ripin version 2; };

static { default gateway 198.32.4.1 preference 20 retain; # router 10.2.0.0 mask 255.255.255.0 gateway 10.1.0.3 preference 50 10.2.1.0 mask 255.255.255.0 gateway 10.1.1.3 preference 50 10.2.2.0 mask 255.255.255.0 gateway 10.1.2.3 preference 50 10.2.3.0 mask 255.255.255.0 gateway 10.1.3.3 preference 50 };

multicast multicast multicast multicast

unicast; unicast; unicast; unicast;

import proto rip { 0.0.0.0 masklen 0 refines multicast unicast; };

8.4.3 IGMP Only

$VDPSOHXVHRI,*03IROORZV
interfaces { interface all passive; }; igmp on;

367

Sample Multicast Router Configurations

$VDPSOHRI,*03ZLWKRQO\VRPHRIWKHLQWHUID.HVVHWIROORZV,I\RX DUHUXQQLQJ3,0LQWKHSUHVHQ.HRIWXQQHOHG'9053DQGWKH*DWH' PXOWL.DVWNHUQHOWKHQ3,0ZLOOWU\WRUXQRYHUWKHWXQQHOSVHXGRLQWHU ID.HV7KH\VKRXOGEHGLVDEOHGDVIROORZV

# igmp on { interface interface interface interface interface };

le0 qe0 qe1 qe2 qe3

{ { { { {

disable }; enable }; enable }; disable }; disable };

368

Configuring GateD

8.4.4 PIM Dense Mode over OSPF

$VDPSOHXVHRI3,0'0RYHU263)IROORZV

traceoptions "/var/log/gated.log" replace size 2m files 2 all; icmp {}; igmp on { traceoptions "/var/log/gated.igmp.log" replace size 2m files 2 all; interface lo0 { disable }; interface ep0 { enable }; interface ep1 { enable }; }; ospf on { defaults { ribs unicast multicast; }; traceoptions "/var/log/gated.ospf.log" replace size 2m files 2 all; area 128.223.163.0 { interface lo0 { enable; }; interface ep { enable; }; }; }; pim on { traceoptions "/var/log/gated.pim.log" replace size 2m files 2 all; dense "dm0" { interface lo0 disable; interface ep0 enable; interface ep1 enable; }; };

369

Sample Multicast Router Configurations

370

Configuring GateD

Chapter 8 Section 5
Sample RSd Configurations
8.5.0 Overview :HQHHGPRUHH[DPSOHV ,I\RXGRQ
WVHHZKDW\RXQHHGKHUHDQG\RX.UHDWHDZRUNLQJ.RQILJXUD WLRQILOHWKDW\RX
UHZLOOLQJWRVKDUHSOHDVHVHQGLWWRXV$OVRLI\RXILQG PLVWDNHVLQWKHH[DPSOHVKHUHMXVWOHWXVNQRZDQGZH
OOIL[WKHP 8.5.1 Route Server/Four Clients 7KHIROORZLQJGHV.ULEHVDURXWHVHUYHU$6VHUYLQJIRXU.OLHQWV $6>@
traceoptions nostamp normal route parse adv; autonomoussystem 65000; routerid 192.168.25.10;

7KHILUVWOLQHHVWDEOLVKHVZKDWZLOOEHWUD.HG,QWKH autonomoussystem VWDWHPHQW\RXPXVWVSH.LI\DQ$6QXPEHUIRUWKH5RXWH6HUYHU7KH routerid LVRSWLRQDO 8.5.2 BGP Statement )RUHD.KURXWHVHUYHU.OLHQW\RXVKRXOGLQ.OXGHDJURXSVWDWHPHQWDV VKRZQEHORZ
bgp on { traceoptions packets open update keepalive; preference 100;

group type external peeras 65001 { peer 192.168.25.15 holdtime 180 transparent; };

group type external peeras 65002 { peer 192.168.25.19 holdtime 180 transparent 192.168.25.32; }; group type external peeras 65003 { peer 192.168.25.26 holdtime 180; }; group type external peeras 65004 { peer 192.168.25.32 holdtime 180; }; };

,QWKHDERYHH[DPSOHZHGRQRWZDQWWKHURXWHVHUYHUWRSUHSHQGLWV$6 QXPEHULQ$63DWKVDGYHUWLVHGWR$6VRZHLQ.OXGHWKHWUDQVSDU

371

Sample RSd Configurations

HQW.ODXVH:HDOVRGRQRWZDQWWKHURXWHVHUYHUWRSUHSHQGLWV$6QXP EHULQ$63DWKVDGYHUWLVHGWR$6DQGKHDUGIURP$6VRZH LQ.OXGHWKHWUDQVSDUHQW.ODXVH 8.5.3 Static Routes 'HV.ULEHVWDWL.DOO\LQVWDOOHGURXWHVLQWKH static VWDWHPHQW7KHVHURXWHV DUHDXWRPDWL.DOO\LQVWDOOHGLQWKHURXWHVHUYHU
VOR.DOYLHZ
static { default gateway 198.168.25.1 retain; };

8.5.4 Route Flap Dampening

,IDWOHDVWRQH.OLHQWZRXOGOLNHWKHURXWHVHUYHUWRGDPSHQURXWHIODSVRQ LWVEHKDOILQ.OXGHWKH dampen-flapVWDWHPHQW

dampen-flap { suppress-above 0.25e+1; reuse-below 0.18e+1; };

# Upper threshold # Lower threshold

8.5.5 Views

)ROORZLQJWKH view VWDWHPHQW\RXZRXOG.RQILJXUHWKHYLHZVIRU GLIIHUHQW .OLHQWVDQGWKHOR.DOYLHZ7KHYLHZGHV.ULSWLRQVDUHQRWUHTXLUHG WREHLQDQ\SDUWL.XODURUGHU+RZHYHUWKHimport VWDWHPHQWVZLWKLQD YLHZDUHVHQVLWLYHWRRUGHURIVSH.LIL.DWLRQURXWHVDUHPDW.KHGDJDLQVW import VWDWHPHQWVLQWKHRUGHUVSH.LILHG 8.5.5.1 The Local View 7KHOR.DOYLHZLVVSH.LILHGXVLQJWKHORRSED.NDGGUHVV ,QPRVW.DVHV\RX PD\QRWZDQWWRLQVWDOODQ\URXWHVLQWKLVYLHZUHPHPEHUWKDWWKHURXWH VHUYHUGRHVQRWIRUZDUGGDWDSD.NHWV,IVR\RX.DQ.RPSOHWHO\RPLWWKLV VWDWHPHQW
view { peer 127.0.0.1 preference 180; };

1RH[WHULRUURXWHVDUHLQVWDOOHGLQWKLVYLHZ

372

Configuring GateD

8.5.5.2 View for client AS 65001: ,QWKLVYLHZZHLQVWDOODQ\URXWHWKDWPDW.KHVWKHWZR import VWDWHPHQWV VKRZQ

view { peer 192.168.25.15 preference 60 dampen;

7KLV.OLHQWKDVDVNHGWKDWWKHURXWHVHUYHUGDPSHQURXWHIODSVRQLWV EHKDOI,QWKLVYLHZLQVWDOOWKRVHURXWHVWRDQGZKRVH$6 SDWKVPDW.KWKHUHJXODUH[SUHVVLRQVKRZQEHORZDOOSDWKVZLWKHLWKHUD RUDIROORZHGE\D:KHQSURSDJDWLQJWKH URXWHVHWLWV0('WR:KHQSURSDJDWLQJWKHVHWLWV0('WR  

import proto bgp aspath <.* [32001 32006] .* 38465 .* origin any { 10 masklen 8 preference 30 MED 5; 172.16 masklen 16 MED 6; };

,PSRUWDOOURXWHVKHDUGIURP$6LQWRWKLVYLHZ
import proto bgp as 65002 { all; }; };

8.5.5.3 View for clients AS 65002 and AS 65004: 7ZR.OLHQWVVKDUHWKHVDPHYLHZKHUH

view {

+RZHYHUWKHURXWHVHUYHUGDPSHQVURXWHIODSVRQO\RQEHKDOIRI$6 DQG127RQEHKDOIRI$6
peer 192.168.25.19 dampen; peer 192.168.25.32 preference 180;

7KLVVWDWHPHQWLQGL.DWHV*DWH'VKRXOGQHYHULQ.OXGHDQ\URXWHDGYHU WLVHGE\$6LQWKLVYLHZ

373

Sample RSd Configurations

import proto bgp as 65003 { all restrict; };

7KLVVWDWHPHQWLQGL.DWHV*DWH'VKRXOGLQ.OXGHWKRVHQRQ$6 URXWHVWKDW.RQWDLQ$6LQWKHLU$6SDWKLQWKLVYLHZ
import proto bgp aspath <.* 32000 .* origin egp { all; }; };

1RWHWKDWZHGRQRWVSH.LI\DYLHZIRU$67KLVPHDQVWKDWQR URXWHVDUHHYHUSURSDJDWHGE\WKHURXWHVHUYHUWR$6

374

Configuring GateD

Chapter 9 Section 1
Glossary of Terms
7HUPVXVHGLQGHV.ULSWLRQVWKURXJKRXWWKLVGR.XPHQWDUHGHILQHGEHORZ DGMD.HQ.\ DGMD.HQ.\LVDUHODWLRQVKLSIRUPHGEHWZHHQVHOH.WHGQHLJKERULQJ URXWHUVIRUWKHSXUSRVHRIH[.KDQJLQJURXWLQJLQIRUPDWLRQ1RW HYHU\SDLURIQHLJKERULQJURXWHUVEH.RPHVDGMD.HQW DXWRQRPRXVV\VWHP $QDXWRQRPRXVV\VWHPLVDVHWRIURXWHUVXQGHUDVLQJOHWH.KQL.DO DGPLQLVWUDWLRQXVLQJDQLQWHULRUJDWHZD\SURWR.RODQG.RPPRQ PHWUL.VWRURXWHSD.NHWVZLWKLQWKHDXWRQRPRXVV\VWHPDQGXVLQJ DQH[WHULRUJDWHZD\SURWR.ROWRURXWHSD.NHWVWRRWKHUDXWRQRPRXV V\VWHPV6LQ.HWKLV.ODVVL.GHILQLWLRQZDVGHYHORSHGLWKDVEH.RPH .RPPRQIRUDVLQJOHDXWRQRPRXVV\VWHPWRXVHVHYHUDOLQWHULRU JDWHZD\SURWR.ROVDQGVRPHWLPHVVHYHUDOVHWVRIPHWUL.VZLWKLQDQ DXWRQRPRXVV\VWHP7KHXVHRIWKHWHUPDXWRQRPRXVV\VWHP VWUHVVHVWKDWHYHQZKHQPXOWLSOH,*3VDQGPHWUL.VDUHXVHGWKH DGPLQLVWUDWLRQRIDQDXWRQRPRXVV\VWHPDSSHDUVWRRWKHUDXWRQR PRXVV\VWHPVWRKDYHDVLQJOH.RKHUHQWLQWHULRUURXWLQJSODQDQGWR SUHVHQWD.RQVLVWHQWSL.WXUHRIZKDWQHWZRUNVDUHUHD.KDEOH WKURXJKLW7KHDXWRQRPRXVV\VWHPLVUHSUHVHQWHGE\DQXPEHU EHWZHHQDQGDVVLJQHGE\WKH,QWHUQHW$VVLJQHG1XPEHUV $XWKRULW\ %*3 %RUGHU*DWHZD\3URWR.RO 7KH%RUGHU*DWHZD\3URWR.RO%*3LVDQH[WHULRU6HH8QL.DVW 3URWR.RO6WDWHPHQWVRQSDJH RULQWHUGRPDLQURXWLQJSURWR .ROXVHGIRUH[.KDQJLQJURXWLQJLQIRUPDWLRQEHWZHHQDXWRQRPRXV V\VWHPV%*3XVHVSDWKDWWULEXWHVWRSURYLGHPRUHLQIRUPDWLRQ DERXWHD.KURXWHDVDQDLGLQVHOH.WLQJWKHEHVWURXWH3DWK DWWULEXWHVPD\LQ.OXGHIRUH[DPSOHDGPLQLVWUDWLYHSUHIHUHQ.HV EDVHGRQSROLWL.DORUJDQL]DWLRQDORUVH.XULW\SROL.\.RQVLGHU DWLRQVLQWKHURXWLQJGH.LVLRQ%*3LVGHV.ULEHGLQPRUHGHWDLOLQ WKH%*33URWR.DOVH.WLRQ6HH7KH%RUGHU*DWHZD\3URWR.RO RQSDJH 
cost costLVDQ263)PHWUL.6HHPHWUL.RQSDJH 

GHVLJQDWHGURXWHU $GHVLJQDWHGURXWHULQ263)LVDURXWHUWKDWJHQHUDWHVDOLQNVWDWH DGYHUWLVHPHQWIRUWKHPXOWLD..HVVQHWZRUNDQGDVVLVWVLQUXQQLQJ WKHSURWR.RO(D.KPXOWLD..HVVQHWZRUNWKDWKDVDWOHDVWWZR DWWD.KHGURXWHUVKDVDGHVLJQDWHGURXWHU

375

Glossary

destination $GHVWLQDWLRQLVDQ\QHWZRUNRUDQ\KRVW YDOXHVDUHIURP]HURWRLQ.OXVLYH '9053 '9053LVWKHRULJLQDO,3PXOWL.DVWURXWLQJSURWR.RO'9053 ZDVGHVLJQHGWRUXQRYHUERWKPXOWL.DVW.DSDEOH/$1VOLNH (WKHUQHWDVZHOODVWKURXJKQRQPXOWL.DVW.DSDEOHURXWHUV,QWKH .DVHRIQRQPXOWL.DVW.DSDEOHURXWHUVWKH,3PXOWL.DVWSD.NHWVDUH WXQQHOHGWKURXJKWKHURXWHUVDVXQL.DVWSD.NHWV HJS(*3 H[WHULRUJDWHZD\SURWR.RO([WHULRU*DWHZD\3URWR.RO H[WHULRUURXWLQJSURWR.RO (*3LVD.ODVVRIURXWLQJSURWR.ROVXVHGWRH[.KDQJHURXWLQJ LQIRUPDWLRQEHWZHHQDXWRQRPRXVV\VWHPV$GHWDLOHGH[SODQD WLRQRIH[WHULRUJDWHZD\SURWR.DOVLVDYDLODEOHLQ7KH([WHULRU *DWHZD\3URWR.RO(*3RQSDJH 6HHDOVRLQWHUGRPDLQ URXWLQJRQSDJH  IRUZDUGLQJWDEOH 7KHIRUZDUGLQJWDEOHLVWKHWDEOHLQWKHNHUQHOWKDW.RQWUROVWKH IRUZDUGLQJRISD.NHWV7KHIRUZDUGLQJWDEOHLVDOVRNQRZQLQ,62 WHUPVDVDIRUZDUGLQJLQIRUPDWLRQEDVHRU),%7KHIRUZDUGLQJWDEOH .RQWDLQVWXSOHVWKDWDUHXVHGWRGHWHUPLQHKRZSD.NHWVDUHIRU ZDUGHG7KHVHWXSOHV.RQVLVWRIWKHIROORZLQJILHOGV QHWZRUNRU&,'5SUHIL[ QH[WKRSV WKHLQWHUID.HWKHSD.NHWJRHVRXW 7KHWDEOHWKDW*DWH'XVHVLQWHUQDOO\WRVWRUHURXWLQJLQIRUPDWLRQ LWOHDUQVIURPURXWLQJSURWR.ROVLVDURXWLQJWDEOHNQRZQLQ,62 WHUPVDVDURXWLQJLQIRUPDWLRQEDVHRU5,%
gateway distance distanceLVDQ(*3PHWUL.6HHPHWUL.RQSDJH 9DOLG

$ gatewayLVDQLQWHUPHGLDWHGHVWLQDWLRQE\ZKL.KSD.NHWVDUH GHOLYHUHGWRWKHLUXOWLPDWHGHVWLQDWLRQ$JDWHZD\LVWKH,3DGGUHVV RIDQ\KRVW$JDWHZD\LVXVXDOO\VSH.LILHGDVDTXDGIRXUYDOXHV LQWKHUDQJHRIWRLQ.OXVLYHVHSDUDWHGE\GRWVIRUH[DP SOH132.236.199.63 or 10.0.0.51. ,WPD\DOVREHVSH.LILHGDV DQHLJKWGLJLWKH[DGH.LPDOVWULQJSUH.HGHGE\0x; IRUH[DPSOH 0x???????? RU 0x0a000043. ,I options noresolv LVQRWVSH. LILHGDJDWHZD\.DQEHDV\PEROL.KRVWQDPHIRUH[DPSOH gated.cornell.edu RU nic.ddn.mil. 7KHQXPHUL.IRUPVDUH PX.KSUHIHUUHGRYHUWKHV\PEROL.IRUP

376

Configuring GateD

gateway_list $ gateway_listLVDOLVWRIRQHRUPRUHJDWHZD\VVHSDUDWHGE\

ZKLWHVSD.H

,*03

,*03ZDVSULPDULO\GHVLJQHGIRUKRVWVRQPXOWLD..HVVQHWZRUNV WRLQIRUPOR.DOO\DWWD.KHGURXWHUVRIWKHLUJURXSPHPEHUVKLS LQIRUPDWLRQ+RVWVLQIRUPURXWHUVE\PXOWL.DVWLQJ,*03+RVW 0HPEHUVKLS5HSRUWV2Q.HPXOWL.DVWURXWHUVOLVWHQIRUWKHVH UHSRUWVWKH\.DQH[.KDQJHJURXSPHPEHUVKLSLQIRUPDWLRQZLWK RWKHUPXOWL.DVWURXWHUV7KLVUHSRUWLQJV\VWHPDOORZVGLVWULEXWLRQ WUHHVWREHIRUPHGWRGHOLYHUPXOWL.DVWGDWDJUDPV LJS,*3 LQWHULRUJDWHZD\SURWR.RO,QWHULRU*DWHZD\3URWR.RO LQWHULRUURXWLQJSURWR.RO ,*3LVRQHRID.ODVVRIURXWLQJSURWR.ROVXVHGWRH[.KDQJHURXW LQJLQIRUPDWLRQZLWKLQDQDXWRQRPRXVV\VWHP$GHWDLOHGH[SOD QDWLRQRILQWHULRUJDWHZD\SURWR.DOVLVDYDLODEOHLQWKH,QWHUQHW *URXS0DQDJHPHQW3URWR.RO,*03RQSDJH 6HHDOVR LQWUDGRPDLQURXWLQJRQSDJH  LQWHUGRPDLQURXWLQJ ,QWHUGRPDLQURXWLQJSURWR.ROVDUHXVHGWRH[.KDQJHURXWLQJ LQIRUPDWLRQEHWZHHQDXWRQRPRXVV\VWHPV6HHDOVRHJS(*3 RQSDJH 
interface

7KHinterfaceLVWKHKRVWDGGUHVVRIDQDWWD.KHGLQWHUID.H7KLV LVWKHDGGUHVVRIDEURDG.DVWQEPDRUORRSED.NLQWHUID.HDQGWKH UHPRWHDGGUHVVRIDSRLQWWRSRLQWLQWHUID.H$VZLWKDQ\KRVW DGGUHVVLWPD\EHVSH.LILHGV\PEROL.DOO\ LQWHUID.H 7KHLQWHUID.HLVWKH.RQQH.WLRQEHWZHHQDURXWHUDQGRQHRILWV DWWD.KHGQHWZRUNV$SK\VL.DOLQWHUID.HPD\EHVSH.LILHGE\DVLQ JOH,3DGGUHVVGRPDLQQDPHRULQWHUID.HQDPHXQOHVVWKHQHW ZRUNLVDQXQQXPEHUHGSRLQWWRSRLQWQHWZRUN0XOWLSOHOHYHOV RIUHIHUHQ.HLQWKH.RQILJXUDWLRQODQJXDJHDOORZLGHQWLIL.DWLRQRI LQWHUID.HVXVLQJZLOG.DUGLQWHUID.HW\SHQDPHRUGHOHWHZRUG DGGUHVV%H.DUHIXOZLWKWKHXVHRILQWHUID.HQDPHVEH.DXVHIXWXUH 81,;RSHUDWLQJV\VWHPVPD\DOORZPRUHWKDQRQHDGGUHVVSHU LQWHUID.H'\QDPL.LQWHUID.HV.DQEHDGGHGRUGHOHWHGDQGLQGL .DWHGDVXSRUGRZQDVZHOODV.KDQJHGWRDGGUHVVQHWPDVNDQG PHWUL.SDUDPHWHUV
interface_list $Q interface_listLVDOLVWRIRQHRUPRUHLQWHUID.HQDPHV

LQ.OXGLQJZLOG.DUGQDPHVQDPHVZLWKRXWDQXPEHUDQGQDPHV WKDWPD\VSH.LI\PRUHWKDQRQHLQWHUID.HRUDGGUHVVRUWKHWRNHQ

377

Glossary

DOOIRUDOOLQWHUID.HV6HHWKHVH.WLRQRQLQWHUID.HOLVWVLQWHUID.H LQWHUID.HBOLVWRQSDJH IRUPRUHLQIRUPDWLRQ intra-domain routing LQWUDGRPDLQURXWLQJSURWR.ROVDUHXVHGWRH[.KDQJHUHD.KDELO LW\LQIRUPDWLRQZLWKLQDQDXWRQRPRXVV\VWHP$66HHDOVRLJS ,*3LQWHULRUJDWHZD\SURWR.RO,QWHULRU*DWHZD\3URWR.ROLQWHULRU URXWLQJSURWR.RORQSDJH  IS-IS ,6,6LVRQHRID.ODVVRILQWHULRUJDWHZD\SURWR.ROV6HHDOVRLJS ,*3LQWHULRUJDWHZD\SURWR.RO,QWHULRU*DWHZD\3URWR.ROLQWHULRU URXWLQJSURWR.RORQSDJH ,6,6,QWHUPHGLDWH6\VWHPWR ,QWHUPHGLDWH6\VWHPLVDOLQNVWDWHLQWHULRUJDWHZD\SURWR.RORULJ LQDOO\GHYHORSHGIRUURXWLQJ,62&/13,QWHUQDWLRQDO2UJDQL]D WLRQIRU6WDQGDUGL]DWLRQ&RQQH.WLRQOHVV1HWZRUN3URWR.RO SD.NHWV,6,6LVGHV.ULEHGLQPRUHGHWDLOLQ7KH,6,6,QWUD 'RPDLQ3URWR.RORQSDJH 
local_address

7KHXQL.DVWSURWR.RO6HHDOVR8QL.DVW3URWR.RO6WDWHPHQWVRQ SDJH local_addressLVWKHKRVWDGGUHVVRIDQDWWD.KHGLQWHU ID.H7KLVLVWKHDGGUHVVRIDEURDG.DVWQEPDRUORRSED.NLQWHU ID.HDQGWKHOR.DODGGUHVVRIDSRLQWWRSRLQWLQWHUID.H$VZLWK DQ\KRVWDGGUHVVLWPD\EHVSH.LILHGV\PEROL.DOO\

mask

$maskLVDPHDQVRIVXEGLYLGLQJQHWZRUNVXVLQJDGGUHVVPRGLIL .DWLRQ$PDVNLVDGRWWHGTXDGVSH.LI\LQJZKL.KELWVRIWKHGHVWL QDWLRQDUHVLJQLIL.DQW([.HSWZKHQXVHGLQDURXWHILOWHUVHH URXWHILOWHURQSDJH *DWH'RQO\VXSSRUWV.RQWLJXRXV PDVNV PDVNOHQJWK 7KHPDVNOHQJWKLVWKHQXPEHURI.RQWLJXRXVRQHELWVDWWKH EHJLQQLQJRIWKHPDVN PHWUL. $PHWUL.LVRQHRIWKHXQLWVXVHGWRKHOSDV\VWHPGHWHUPLQHWKH EHVWURXWH0HWUL.VPD\EHEDVHGRQKRS.RXQWURXWLQJGHOD\RU DQDUELWUDU\YDOXHVHWE\WKHDGPLQLVWUDWRUGHSHQGLQJRQWKHW\SH RIURXWLQJSURWR.RO5RXWLQJPHWUL.VPD\LQIOXHQ.HWKHYDOXHRI DVVLJQHGLQWHUQDOSUHIHUHQ.HV6HH3UHIHUHQ.HVDQG5RXWH6HOH. WLRQRQSDJH 

378

Configuring GateD

Protocol RIP OSPF IS-IS EGP BGP

Metric Represents distance (hop-count) cost of path cost of path distance (unused) unspecified

Range 0-15 0-??? 0-254 0-65535 0-65534

Unreachable 16 Delete Delete 255 65535

7KLVVDPSOHWDEOHVKRZVWKHUDQJHRISRVVLEOHYDOXHVIRUHD.K URXWLQJSURWR.ROPHWUL.DQGWKHYDOXHXVHGE\HD.KSURWR.ROWR UHD.KDGHVWLQDWLRQ 06'3LVLQWHQGHGWRMRLQDGPLQLVWUDWLYHO\VHSDUDWH3,060 UHJLRQVE\GLVWULEXWLQJLQIRUPDWLRQDERXWPXOWL.DVWVRXU.HV ZLWKLQHD.KUHJLRQ06'3URXWHUVSHHURYHU7&3.RQQH.WLRQV DQGDQQRXQ.HRUIRUZDUGLQIRUPDWLRQDERXWVRXU.HVDQGWKH JURXSVWRZKL.KWKH\DUHPXOWL.DVWLQJ PXOWLD..HVVQHWZRUNV PXOWLD..HVVQHWZRUNVDUHWKRVHSK\VL.DOQHWZRUNVWKDWVXSSRUW WKHDWWD.KPHQWRIPXOWLSOHPRUHWKDQWZRURXWHUV(D.KSDLURI URXWHUVRQVX.KDQHWZRUNLVDVVXPHGWREHDEOHWR.RPPXQL.DWH GLUH.WO\ PXOWL.DVW 0XOWL.DVWURXWLQJSURWR.ROVDOORZSD.NHWVWREHURXWHGWRDVHOH.W VHWRIGHVWLQDWLRQV QDWXUDOPDVN $QDWXUDOPDVNLVDPDVNRIDQ,3DGGUHVVWKDWLVGHWHUPLQHGE\ ORRNLQJDWWKHILUVWWZRELWVRIWKHDGGUHVV&ODVVIXODGGUHVVLQJ XVHVRQO\QDWXUDOPDVNV [  11 - 255.255.255.0 QDWXUDOQHWZRUN $QDWXUDOQHWZRUNLVDQ\QHWZRUNWKDWKDVWKHVDPHD.WXDODQG QDWXUDOPDVNV QHLJKERU $QHLJKERUIRURQHURXWHULVDQRWKHUURXWHUZLWKZKL.KLPSOL.LW RUH[SOL.LW.RPPXQL.DWLRQLVHVWDEOLVKHGE\DURXWLQJSURWR.RO 1HLJKERUVDUHXVXDOO\RQDVKDUHGQHWZRUNEXWQRWDOZD\V7KLV 06'3

379

Glossary

WHUPLVPRVWO\XVHGLQ263)DQG(*37KHWHUPQHLJKERULV XVXDOO\V\QRQ\PRXVZLWKSHHU6HHSHHURQSDJH  QHLJKERULQJURXWHUV QHLJKERULQJURXWHUVDUHWZRURXWHUVWKDWKDYHLQWHUID.HVWRD .RPPRQQHWZRUN2QPXOWLD..HVVQHWZRUNVURXWHUVDUHG\QDPL .DOO\GLV.RYHUHGE\263)

V+(//2SURWR.RO QHWZRUN QHWZRUNUHIHUVWRDQ\SD.NHWVZLW.KHGQHWZRUN$QHWZRUNPD\ EHVSH.LILHGE\LWV,3DGGUHVVRUQHWZRUNQDPH7KHKRVWELWVLQD QHWZRUNVSH.LIL.DWLRQPXVWEH]HUR'HIDXOWPD\EHXVHGWRVSH.LI\ WKHGHIDXOWQHWZRUN
network network LVWKH,3DGGUHVVRIDQHWZRUNQHWZRUNLVXVXDOO\VSH.L


ILHGDVDTXDGRQHWRIRXUYDOXHVLQWKHUDQJHWRLQ.OXVLYH VHSDUDWHGE\GRWV IRUH[DPSOH 132.236.199, 132.236 RU 10.,WPD\DOVREHVSH.LILHGDVDKH[DGH.LPDOVWULQJSUH.HGHGE\ 0x ZLWKDQHYHQQXPEHURIGLJLWVRIOHQJWKEHWZHHQWZRDQG HLJKWIRUH[DPSOH 0xnnnnnn, 0xnnnn,RU 0x0n.$OVRDOORZHGLV WKHV\PEROL.YDOXHGHIDXOWZKL.KKDVWKHGLVWLQJXLVKHGYDOXH 0.0.0.0, WKHGHIDXOWQHWZRUN,Ioptions noresolv LVQRW VSH.LILHGDV\PEROL.QHWZRUNQDPHLVXVHGIRUH[DPSOH nrtech-prod, cornellu-net DQG arpanet. 7KHQXPHUL.IRUPV DUHPX.KSUHIHUUHGRYHUWKHV\PEROL.IRUP

number

$numberLVDSRVLWLYHLQWHJHU OSPF, Open Shortest Path First 263)LVRQHRID.ODVVRILQWHULRUJDWHZD\SURWR.ROV6HH8QL.DVW 3URWR.RO6WDWHPHQWVRQSDJH 263)2SHQ6KRUWHVW3DWK )LUVWLVDOLQNVWDWHSURWR.RO263)SURYLGHVHTXDO.RVWPXOWLSDWK URXWLQJ263)LVGHV.ULEHGLQPRUHGHWDLOLQWKH7KH263)3UR WR.RORQSDJH  peer $SHHUIRUDURXWHULVDQRWKHUURXWHUZLWKZKL.KLPSOL.LWRU H[SOL.LW.RPPXQL.DWLRQLVHVWDEOLVKHGE\DURXWLQJSURWR.RO3HHUV DUHXVXDOO\RQDVKDUHGQHWZRUNEXWQRWDOZD\V7KLVWHUPLV PRVWO\XVHGE\%*38VXDOO\V\QRQ\PRXVZLWKQHLJKERU6HHDOVR QHLJKERURQSDJH  3,0 3,0'0 3,060 3,0LVPDGHRIWZRSURWR.ROVRQHIRUHD.KW\SHRIJURXSGLVWUL EXWLRQ3,06SDUVH0RGH3,060SURYLGHVHIIL.LHQWURXWLQJIRU DJURXSGLVWULEXWHGVSDUVHO\D.URVVDZLGHDUHD3,0'HQVH0RGH 3,0'0SURYLGHVPXOWL.DVWURXWLQJIRUDGHQVHO\SRSXODWHG

380

Configuring GateD

JURXS0XOWL.DVWLQJSURWR.ROVUHTXLUHWZRGLIIHUHQWIXQ.WLRQVLQ RUGHUWR.UHDWHVRXU.HEDVHGWUHHVRUJURXSEDVHGWUHHVDVHWRI URXWHVXVHGWR.DO.XODWHWKHUHYHUVHSDWKIRUZDUGLQJDQGDPH.KD QLVPE\ZKL.KWREXLOGWUHHV

port

$portLVD8'3RU7&3SRUWQXPEHU9DOLGYDOXHVDUHIURP WKURXJKLQ.OXVLYH preference preferenceLVDYDOXHEHWZHHQ]HURDQGXVHGWRVHOH.W EHWZHHQPDQ\URXWHVWRWKHVDPHGHVWLQDWLRQ7KHURXWHZLWKWKH EHVWQXPHUL.DOO\ORZHVWSUHIHUHQ.HLVWKHD.WLYHURXWH7KHD.WLYH URXWHLVWKHRQHLQVWDOOHGLQWKHNHUQHOIRUZDUGLQJWDEOHDQG H[SRUWHGWRRWKHUSURWR.ROV3UHIHUHQ.H]HURLVXVXDOO\UHVHUYHG IRUURXWHVWRGLUH.WO\DWWD.KHGLQWHUID.HV$GHIDXOWSUHIHUHQ.HLV DVVLJQHGWRHD.KVRXU.HIURPZKL.K*DWH'UH.HLYHVURXWHV6HH 3UHIHUHQ.HVDQG5RXWH6HOH.WLRQRQSDJH  SUHIL[ $SUHIL[LVD.RQWLJXRXVPDVN.RYHULQJWKHPRVWVLJQLIL.DQWELWV RIDQDGGUHVV7KHSUHIL[OHQJWKVSH.LILHVKRZPDQ\ELWVDUH.RY HUHG 4R6TXDOLW\RIVHUYL.H 4R6LVWKHOHYHORIVHUYL.HSURYLGHGLQWHUPVRIGHOD\WKURXJKSXW UHOLDELOLW\DQG.RVW4R6LVWKH26,HTXLYDOHQWRI7266HHDOVR 726W\SHRIVHUYL.HRQSDJH  RIP, Routing Information Protocol 5,3LVRQHRID.ODVVRILQWHULRUJDWHZD\SURWR.ROV5,35RXWLQJ ,QIRUPDWLRQ3URWR.ROLVWKHPRVW.RPPRQO\XVHGLQWHULRUSURWR .RO5,3VHOH.WVWKHURXWHZLWKWKHORZHVWPHWUL.DVWKHEHVWURXWH 5,3DVVXPHVWKDWWKHEHVWURXWHLVWKHRQHWKDWXVHVWKHIHZHVW JDWHZD\VLHWKHVKRUWHVWSDWKQRWWDNLQJLQWRD..RXQW.RQJHV WLRQRUGHOD\RQURXWH6HH5RXWLQJ,QIRUPDWLRQ3URWR.RO 5,3RQSDJH IRUPRUHLQIRUPDWLRQDERXW5,3 UHMH.WURXWH $UHMH.WURXWHLVDURXWHZLWKWKH.KDUD.WHULVWL.WKDWDOOSD.NHWV VHQWDORQJLWDUHGLV.DUGHG)RUHD.KVX.KGLV.DUGHGSD.NHWDQ ,&03QHWZRUNXQUHD.KDEOHPHVVDJHLVVHQWWRWKHSD.NHWRULJLQD WRU URXWHILOWHU $URXWHILOWHULVDGHV.ULSWLRQRIWKH.KDUD.WHULVWL.VRIDVHWRIQHW ZRUNDGGUHVVHV5RXWHILOWHUVDUHXVHGWRJURXSURXWHVWKDWUHTXLUH WKHVDPHSROL.\

381

Glossary

URXWHULG $URXWHULGLVDELWQXPEHUDVVLJQHGWRHD.KURXWHUUXQQLQJ WKH263)SURWR.RO7KLVQXPEHUXQLTXHO\LGHQWLILHVWKHURXWHU ZLWKLQWKHDXWRQRPRXVV\VWHP

router_id $router_idLVDQ,3DGGUHVVXVHGDVXQLTXHLGHQWLILHUDVVLJQHG

WRUHSUHVHQWDVSH.LIL.URXWHU,WLVXVXDOO\WKHDGGUHVVRIDQ DWWD.KHGLQWHUID.H

5,% URXWLQJLQIRUPDWLRQEDVH URXWLQJGDWDEDVH URXWLQJWDEOH 7KH5,%LVWKHUHSRVLWRU\RIDOORI*DWH'

VUHWDLQHGURXWLQJ LQIRUPDWLRQXVHGWRPDNHGH.LVLRQVDQGDVDVRXU.HIRUURXWLQJ LQIRUPDWLRQWKDWLVSURSDJDWHG VLPSOH[ $VLPSOH[LQWHUID.HLVDQLQWHUID.HRQDEURDG.DVWPHGLDWKDWLV QRW.DSDEOHRIUH.HLYLQJSD.NHWVWKDWLWEURDG.DVWV$QLQWHUID.H PD\EHPDUNHGDVVLPSOH[HLWKHUE\WKHNHUQHORUE\LQWHUID.H .RQILJXUDWLRQ *DWH'WDNHVDGYDQWDJHRILQWHUID.HVWKDWDUH.DSDEOHRIUH.HLYLQJ WKHLURZQEURDG.DVWSD.NHWVWRPRQLWRUZKHWKHUDQLQWHUID.H DSSHDUVWREHIXQ.WLRQLQJSURSHUO\
time

LILHGLQDQ\RQHRIWKHIROORZLQJIRUPV SOHRU

timeUHIHUVWRDWLPHYDOXHXVXDOO\DWLPHLQWHUYDO,WPD\EHVSH.

number numberLVDQRQQHJDWLYHGH.LPDOQXPEHURIVH.RQGV)RUH[DP number:number number:numberLVDQRQQHJDWLYHGH.LPDOQXPEHURIPLQXWHV

IROORZHGE\DVH.RQGVYDOXHLQWKHUDQJHRI]HURWRLQ.OX VLYH)RUH[DPSOHRU KRXUVIROORZHGE\DPLQXWHVYDOXHLQWKHUDQJHRI]HURWR LQ.OXVLYHIROORZHGE\DVH.RQGVYDOXHLQWKHUDQJHRI]HURWR LQ.OXVLYH)RUH[DPSOHRU PDNH9DOLGYDOXHVDUHIURPWKURXJKLQ.OXVLYH TOS (type of service) 7KH726LVIRU,QWHUQHWVHUYL.HTXDOLW\VHOH.WLRQ7KHW\SHRIVHU YL.HLVVSH.LILHGDORQJWKHDEVWUD.WSDUDPHWHUVRISUH.HGHQ.H GHOD\WKURXJKSXWUHOLDELOLW\DQG.RVW7KHVHDEVWUD.WSDUDPHWHUV
382

number:number:number number:number:number LVDQRQQHJDWLYHGH.LPDOQXPEHURI

time to live (ttl) 7KHtime to live RIDQ,3SD.NHWLVKRZPDQ\KRSVLW.DQ

Configuring GateD

DUHWREHPDSSHGLQWRWKHD.WXDOVHUYL.HSDUDPHWHUVRIWKHSDUWL. XODUQHWZRUNVWKHGDWDJUDPWUDYHUVHV7KHYDVWPDMRULW\RI,3WUDI IL.WRGD\XVHVWKHGHIDXOWW\SHRIVHUYL.H6HHDOVR4R6TXDOLW\ RIVHUYL.HRQSDJH  XQL.DVW 8QL.DVWURXWLQJSURWR.ROVDOORZSD.NHWVWREHURXWHGWRRQHGHVWL QDWLRQUDWKHUWKDQWRVHYHUDORUDOOSRVVLEOHGHVWLQDWLRQV

383

Glossary

384

Configuring GateD

Chapter 9 Section 2
References
6HOH.WHG5HTXHVWIRU&RPPHQWVE\SURWR.ROWDEOHIRUPDWDUHDYDLODEOHDW JDWHGZHEUHIHUHQ.HUI.VVKWPO 6HOH.WHG,QWHUQHW'UDIWVE\SURWR.ROWDEOHIRUPDWDUHDYDLODEOHDW JDWHGZHEUHIHUHQ.HGUDIWVGUDIWVVKWPO 9.1.2 Request for Comments (RFCs) by Number The following is an index of selected RFCs that are of interest to the GateD community. 5)&IWSIWSLVLHGXLQQRWHVUI.W[W (5RVHQ([WHULRU*DWHZD\3URWR.RO(*3 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '0LOOV'&1/R.DOQHWZRUN3URWR.ROV 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '0LOOV([WHULRU*DWHZD\3URWR.RO)RUPDO6SH.LIL.DWLRQ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W &+HGUL.N5RXWLQJ,QIRUPDWLRQ3URWR.RO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W ./RXJKHHG<5HNKWHU%RUGHU*DWHZD\3URWR.RO%*3 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 6'HHULQJ+RVW([WHQVLRQVIRU,30XOWL.DVWLQJ$XJXVW2EVR OHWHV5)&2EVROHWHV5)& 5)&IWSIWSLVLHGXLQQRWHVUI.W[W ./RXJKHHG<5HNKWHU$%RUGHU*DWHZD\3URWR.RO%*3 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -+RQLJ'.DW]00DWKLV<5HNKWHU-<X$SSOL.DWLRQRIWKH%RU GHU*DWHZD\3URWR.ROLQWKH,QWHUQHW 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 5&DOORQ8VHRI26,,6,6IRU5RXWLQJLQ7&3,3DQG'XDO(QYLURQ PHQWV 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 05RVH610308;3URWR.RODQG0,% 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\263)3URWR.RO$QDO\VLV 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\([SHULHQ.HZLWKWKH263)3URWR.RO

385

References

5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\263)9HUVLRQ2EVROHWHV5)&-XO\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W )%DNHU5&ROWXQ263)9HUVLRQ0DQDJHPHQW,QIRUPDWLRQ%DVH 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 6'HHULQJ,&035RXWHU'LV.RYHU\0HVVDJHV 5)&IWSIWSLVLHGXLQQRWHVUI.W[W <5HNKWHU%*33URWR.RO$QDO\VLV 5)&IWSIWSLVLHGXLQQRWHVUI.W[W <5HNKWHU([SHULHQ.HZLWKWKH%*33URWR.RO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W ./RXJKHHG<5HNKWHU$%RUGHU*DWHZD\3URWR.RO%*3 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 3*URVV<5HNKWHU$SSOL.DWLRQRIWKH%RUGHU*DWHZD\3URWR.ROLQWKH ,QWHUQHW 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -%XUUXVV6:LOOLV'HILQLWLRQVRI0DQDJHG2EMH.WVIRUWKH%RUGHU*DWH ZD\3URWR.RO9HUVLRQ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 55LYHVW7KH0'0HVVDJH'LJHVW$OJRULWKP 5)&IWSIWSLVLHGXLQQRWHVUI.W[W ,QWHUQHW$U.KLWH.WXUH%RDUG$SSOL.DELOLW\6WDWHPHQWIRU263) 5)&IWSIWSLVLHGXLQQRWHVUI.W[W *0DONLQ5,39HUVLRQ&DUU\LQJ$GGLWLRQDO,QIRUPDWLRQ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '+DVNLQ'HIDXOW5RXWH$GYHUWLVHPHQW,Q%*3$QG%*39HUVLRQV 2I7KH%RUGHU*DWHZD\3URWR.RO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W .9DUDGKDQ%*3263),QWHUD.WLRQ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\263)9HUVLRQ0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\0XOWL.DVW([WHQVLRQVWR263)0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\ 0263)$QDO\VLVDQG([SHULHQ.H0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 2GH6RX]D 05RGULTXHV*XLGHOLQHVIRU5XQQLQJ263)2YHU )UDPH5HOD\1HWZRUNV 0DU.K
386

Configuring GateD

5)&IWSIWSLVLHGXLQQRWHVUI.W[W 5&ROWXQ9)XOOHU7KH263)166$2SWLRQ0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 37UDLQD%*33URWR.RO'R.XPHQW5RDGPDSDQG,PSOHPHQWDWLRQ ([SHULHQ.H-XO\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 6:LOOLV-%XUUXVV'HILQLWLRQVRI0DQDJHG2EMH.WVIRUWKH%RUGHU*DWH ZD\3URWR.RO%*3-XO\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W *0DONLQ5,39HUVLRQ&DUU\LQJ$GGLWLRQDO,QIRUPDWLRQ1RYHPEHU  5)&IWSIWSLVLHGXLQQRWHVUI.W[W .9DUDGKDQ6+DUHV<5HNKWHU%*3,'53IRU,3263),QWHU D.WLRQ'H.HPEHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\263)'DWDEDVH2YHUIORZ0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W <5HNKWHU7/L$%RUGHU*DWHZD\3URWR.RO%*30DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W <5HNKWHU3*URVV$SSOL.DWLRQRID%RUGHU*DWHZD\3URWR.ROLQWKH ,QWHUQHW0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 37UDLQD([SHULHQ.HZLWKWKH%*33URWR.RO0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 37UDLQD%*33URWR.RO$QDO\VLV0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\([WHQGLQJ263)WR6XSSRUW'HPDQG&LU.XLWV$SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W )%DNHU263)9HUVLRQ0DQDJHPHQW,QIRUPDWLRQ%DVH1RYHPEHU  5)&IWSIWSLVLHGXLQQRWHVUI.W[W '+DVNLQ%*3,'535RXWH6HUYHU$OWHUQDWLYHWRD)XOO0HVK5RXWLQJ 2.WREHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 6103Y:RUNLQJ*URXS-&DVH.0.&ORJKULH05RVH 6 :DOGEXVVHU&RH[LVWHQ.HEHWZHHQ9HUVLRQDQG9HUVLRQRIWKH,QWHUQHW VWDQGDUG1HWZRUN0DQDJHPHQW)UDPHZRUN-DQXDU\

387

References

5)&IWSIWSLVLHGXLQQRWHVUI.W[W -+DOSHUQ6%UDGQHU5,3Y$SSOL.DELOLW\6WDWHPHQWIRU+LVWRUL.6WD WXV0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -+DZNLQVRQ*XLGHOLQHVIRU&UHDWLRQ6HOH.WLRQDQG5HJLVWUDWLRQRIDQ $XWRQRPRXV6\VWHP$60DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 5*LOOLJDQ (1RUGPDUN7UDQVLWLRQ0H.KDQLVPVIRU,3Y+RVWV DQG5RXWHUV$SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 6-D.NRZVNL1DWLYH$706XSSRUWIRU670D\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 37UDLQD$XWRQRPRXV6\VWHP&RQIHGHUDWLRQVIRU%*3-XQH 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 7%DWHV5&KDQGUD%*35RXWH5HIOH.WLRQ$Q$OWHUQDWLYHWR)XOO 0HVK,%*3-XQH 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 5&KDQGUD37UDLQD%*3&RPPXQLWLHV$WWULEXWH$XJXVW 5)&IWSIWSLVLHGXLQQRWHVUI.W[W (&KHQ7%DWHV$Q$SSOL.DWLRQRIWKH%*3&RPPXQLW\$WWULEXWHLQ 0XOWLKRPH5RXWLQJ$XJXVW 5)&IWSIWSLVLHGXLQQRWHVUI.W[W &3HUNLQV,3(Q.DSVXODWLRQZLWKLQ,32.WREHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '&KHQ3*D\HN61L['HILQLWLRQVRI0DQDJHG2EMH.WVIRU'DWD /LQN6ZLW.KLQJXVLQJ60,Y2.WREHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[W *0DONLQ50LQQHDU5,3QJIRU,3Y-DQXDU\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W *0DONLQ5,3QJ3URWR.RO$SSOL.DELOLW\6WDWHPHQW-DQXDU\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W *0H\HU66KHUU\7ULJJHUHG([WHQVLRQVWR5,3WR6XSSRUW'HPDQG &LU.XLWV-DQXDU\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 66KHUU\*0H\HU3URWR.RO$QDO\VLVIRU7ULJJHUHG5,3-DQXDU\  5)&IWSIWSLVLHGXLQQRWHVUI.W[W )%DNHU,3)RUZDUGLQJ7DEOH0,%-DQXDU\

388

Configuring GateD

5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\263)9HUVLRQ2EVROHWHV5)&-XO\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 5&DOORQ'+DVNLQ5RXWLQJ$VSH.WV2I,3Y7UDQVLWLRQ6HSWHPEHU  5)&IWSIWSLVLHGXLQQRWHVUI.W[W $%DOODUGLH65HHYH 1-DLQ&RUH%DVHG7UHHV&%7YHUVLRQ 0XOWL.DVW5RXWLQJ3URWR.RO6SH.LIL.DWLRQ6HSWHPEHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[W $%DOODUGLH&RUH%DVHG7UHH&%70XOWL.DVW$U.KLWH.WXUH-XO\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W :)HQQHU,QWHUQHW*URXS0DQDJHPHQW3URWR.RO9HUVLRQ1RYHPEHU  5)&IWSIWSLVLHGXLQQRWHVUI.W[W 0'DQLHOH%:LMQHQ')UDQ.LV.R$JHQW([WHQVLELOLW\$JHQW; 3URWR.RO9HUVLRQ-DQXDU\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -6WHZDUW7%DWHV5&KDQGUD(&KHQ8VLQJD'HGL.DWHG$6IRU 6LWHV+RPHGWRD6LQJOH3URYLGHU-DQXDU\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 7%DWHV5&KDQGUD'.DW]<5HNKWHU0XOWLSURWR.RO([WHQVLRQV IRU%*3)HEUXDU\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\263)9HUVLRQ$SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -0R\263)6WDQGDUGL]DWLRQ5HSRUW$SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '(VWULQ')DULQD..L$+HOP\'7KDOHU6'HHULQJ0+DQ GOH\9-D.REVRQ&/LX36KDUPD/:HL3URWR.RO,QGHSHQGHQW 0XOWL.DVW6SDUVH0RGH3,0603URWR.RO6SH.LIL.DWLRQ-XQH 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 5&ROWXQ7KH263)2SDTXH/6$2SWLRQ-XO\ 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 7/L<5HNKWHU$3URYLGHU$U.KLWH.WXUHIRU'LIIHUHQWLDWHG6HUYL.HVDQG 7UDIIL.(QJLQHHULQJ3$67(2.WREHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 30DUTXHV)'XSRQW8VHRI%*30XOWLSURWR.RO([WHQVLRQVIRU ,3Y,QWHU'RPDLQ5RXWLQJ0DU.K

389

References

5)&IWSIWSLVLHGXLQQRWHVUI.W[W $'XUDQG%%X.OLQ%RQH5RXWLQJ3UD.WL.H0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W (5RVHQ<5HNKWHU%*303/6931V0DU.K 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -&DVH50XQG\'3DUWDLQ%6WHZDUW,QWURGX.WLRQWR9HUVLRQRI WKH,QWHUQHWVWDQGDUG1HWZRUN0DQDJHPHQW)UDPHZRUN$SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '+DUULQJWRQ53UHVXKQ%:LMQHQ$Q$U.KLWH.WXUHIRU'HV.ULELQJ 61030DQDJHPHQW)UDPHZRUNV$SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W -&DVH'+DUULQJWRQ53UHVXKQ%:LMQHQ0HVVDJH3UR.HVVLQJ DQG'LVSDW.KLQJIRUWKH6LPSOH1HWZRUN0DQDJHPHQW3URWR.RO6103 $SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '/HYL30H\HU%6WHZDUW6103$SSOL.DWLRQV$SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 8%OXPHQWKDO%:LMQHQ8VHUEDVHG6H.XULW\0RGHO860IRU9HU VLRQRIWKH6LPSOH1HWZRUN0DQDJHPHQW3URWR.RO6103Y$SULO  5)&IWSIWSLVLHGXLQQRWHVUI.W[W %:LMQHQ53UHVXKQ.0.&ORJKULH9LHZEDVHG$..HVV&RQWURO 0RGHO9$&0IRUWKH6LPSOH1HWZRUN0DQDJHPHQW3URWR.RO6103 $SULO 5)&IWSIWSLVLHGXLQQRWHVUI.W[W &$ODHWWLQRJOX&9LOODPL]DU(*HUL.K'.HVVHQV'0H\HU7 %DWHV'.DUUHQEHUJ07HUSVWUD5RXWLQJ3ROL.\6SH.LIL.DWLRQ/DQ JXDJH536/-XQH 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '0H\HU-6.KPLW]&2UDQJH03ULRU&$ODHWWLQRJOX8VLQJ 536/LQ3UD.WL.H$XJXVW 5)&IWSIWSLVLHGXLQQRWHVUI.W[W *$SRVWRORSRXORV':LOOLDPV6.DPDW5*XHULQ$2UGD7 3U]\JLHQGD4R65RXWLQJ0H.KDQLVPVDQG263)([WHQVLRQV$XJXVW  5)&IWSIWSLVLHGXLQQRWHVUI.W[W '$ZGX.KH-0DO.ROP-$JRJEXD02
'HOO-0.0DQXV 5HTXLUHPHQWVIRU7UDIIL.(QJLQHHULQJ2YHU03/66HSWHPEHU

390

Configuring GateD

5)&IWSIWSLVLHGXLQQRWHVUI.W[W 6'HHULQJ:)HQQHU%+DEHUPDQ0XOWL.DVW/LVWHQHU'LV.RYHU\ 0/'IRU,3Y2.WREHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[W '7KDOHU,QWHURSHUDELOLW\5XOHVIRU0XOWL.DVW5RXWLQJ3URWR.ROV2.WR EHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[W 5&ROWXQ')HUJXVRQ-0R\263)IRU,3Y'H.HPEHU 5)&IWSIWSLVLHGXLQQRWHVUI.W[WV &9LOODPL]DU&$ODHWWLQRJOX'0H\HU60XUSK\5RXWLQJ3ROL.\ 6\VWHP6H.XULW\'H.HPEHU

391

References

392

Configuring GateD

Chapter 9 Section 3
Deprecated Features
9.3.1 Protocols 9.3.1.1 The HELLO Protocol 7KH+(//2SURWR.ROZDVDQLQWHULRUSURWR.ROWKDWXVHGDURXWLQJPHWUL. EDVHGRQWKHOHQJWKRIWLPHLWWDNHVDSD.NHWWRPDNHWKHWULSEHWZHHQWKH VRXU.HDQGWKHGHVWLQDWLRQ+(//2LVQRW<..RPSOLDQWLVQRWGR.X PHQWHGDQGVKRXOGQRWEHXVHG 9.3.1.2 The CBT Protocol &RUH%DVHG7UHHV&%7SURYLGHGDPH.KDQLVPIRU.UHDWLQJVKDUHGGHOLY HU\WUHHVIRUPXOWL.DVWJURXSV3,060SURYLGHVWKLVVDPHPH.KDQLVP)RU PRUHLQIRUPDWLRQRQ3,060VHH6H.WLRQ3,0 9.3.2 Keywords 9.3.2.1 OSPF
authtype 0 | 1 | none | simple authtypeZDVXVHGWRVHWWKHDUHDZLGHDXWKHQWL.DWLRQPHWKRG 7KHYDOLGYDOXHVIRUDXWKW\SHDUHnone0IRUQRDXWKHQWL.DWLRQRU simple1IRUVLPSOHSDVVZRUGDXWKHQWL.DWLRQ:KHQsimple1 LVVSH.LILHGauthkeyVKRXOGEHXVHGWRVSH.LI\WKHSDVVZRUGIRU

HD.KLQWHUID.H7KLVPHWKRGZDVXVHGWRLPSOHPHQW5)&DQG SUHYLRXVYHUVLRQVRI263)
VDXWKHQWL.DWLRQ1HZHUYHUVLRQVRIWKH 263)VWDQGDUGDOORZDXWKHQWL.DWLRQW\SHWREHVSH.LILHGRQDSHU LQWHUID.HEDVLV7KXV\RXVKRXOGQRZXVHWKHauth NH\ZRUGWR VSH.LI\DXWKHQWL.DWLRQ6HH6H.WLRQIRUPRUHLQIRUPDWLRQ DERXW263)

authkey auth_key authkeyZDVXVHGWRVSH.LI\WKHSDVVZRUGIRUDQLQWHUID.HZKHQ XVLQJWKHDUHDZLGH authtype simpleDXWKHQWL.DWLRQPHWKRG

6HH6H.WLRQIRUPRUHLQIRUPDWLRQDERXW263)

393

Deprecated Features

394

Configuring GateD

Chapter 9 Section 4
Frequently Asked Questions
9.4.1 Kernel Interactions  :K\GRHV*DWH'IDLOWRQRWL.HURXWHVWKDW,
YHDGGHGH[WHUQDOO\ HJZLWKWKHroute.RPPDQG" %H.DXVH.HUWDLQRSHUDWLQJV\VWHPVVX.KDV+38;/LQX[SULRUWRDQG 6RODULVSULRUWRGRQRWVXSSRUWWKLVIHDWXUHWKHNHUQHOGRHVQ
WQRWLI\ *DWH'7RDGGURXWHVXVHWKH static VWDWHPHQWLQgated.conf DQGWKHQ LVVXHDreconfig. See Section 2.4.4, Static Routes, for more information about the static statement. 9.4.2 Protocols 9.4.2.1 OSPF  :KHQVZLW.KLQJIURP5,3WR263)KRZ.DQ,.UHDWHD3DVVLYH 263)WROHDUQRWKHUURXWHU
VDQQRXQ.HPHQWV" 7ROHDUQDERXWURXWHVLI\RXUKRVWLV.RQQH.WHGWRDVLQJOHQHWZRUNRQ ZKL.KWKHUHDUHPXOWLSOHURXWHUVXVH5RXWHU'LV.RYHU\.RPELQHGZLWK ,&03UHGLUH.WVWROHDUQDGHIDXOWURXWHDQGWKHEHVWURXWHSee Section 5RXWHU'LV.RYHU\, for more information about the 5RXWHU'LV.RYHU\ ,IWKHRWKHUURXWHUVDOVRXVH5RXWHU'LV.RYHU\\RXZLOOEHDEOHWRPRQLWRU WKHLUURXWHV<RX.DQDOVRXVHstaticGHIDXOWVEXWRQO\ZKHQ\RXUGHIDXOW URXWHUVDUHZRUNLQJSee Section 2.4.4, Static Routes, for more information about the static statement. If your host is connected directly to multiple networks, this method might not produce the best routes.  ,QDQHWZRUNZLWKWKHIROORZLQJWRSRORJ\ 5JDWHGRVSI  ,__SSSOLQNVEHWZHHQ5DQG5 ,__  5JDWHGRVSI _ ? ? 11VXEQHWZRUNV WKHUHDUHWZRSRLQWWRSRLQWOLQNV,DQG,EHWZHHQURXWHUV5 DQG55LV.RQQH.WHGWRQHWZRUNV1DQG1%RWKURXWHUV DUHUXQQLQJJDWHGRVSI+RZ.DQ,URXWHWKHWUDIIL.IURP5WR5 RQ,RQO\LILWLVGHVWLQHGWR1DQGRQ,RQO\LILWLVGHVWLQHGWR 1" 3XW,DQG1LQRQHDUHDDQG,DQG1LQDQRWKHUDUHD263)SUHIHUV LQWUDDUHDURXWHVRYHULQWHUDUHD$QH[DPSOH.RQILJXUDWLRQZRXOGEH
395

Frequently Asked Questions

)RU5 
rip no; ospf yes { priority 1; backbone { interface I1; }; area 0.0.0.1 { interface I2; }; };

 )RU5 
rip no; ospf yes { priority 1; backbone { interface I1; interface N1; }; area 0.0.0.1 { interface I2; interface N2; }; };

396

Configuring GateD

 )RUWKHIROORZLQJQHWZRUNKRZ.DQ,KDYHERWKWKHLQWHUID.HVLQ DVLQJOHDUHDLQ5EXWGLIIHUHQWDUHDVLQ5DQGVWLOOURXWHWKH WUDIIL.IURP5WR5RQ,RQO\LILWLVGHVWLQHGWR1DQGRQ, RQO\LILWLVGHVWLQHGWR1" $UHD 5JDWHGRVSI  ,__SSSOLQNVEHWZHHQ5DQG5 ,__  5JDWHGRVSI _ ? ? 11VXEQHWZRUNV _$UHD_$UHD_ %H.DXVHDQHWZRUNPXVWH[LVWLQRQHDUHDWKLVVRUWRI.RQILJXUDWLRQZLOO QRWZRUN  :KDWGRHVWKLVPHVVDJHPHDQDSSHDUVZKHQ*DWH'LV UHVWDUWHG"
gated[28100]: task_get_proto: getprotobyname("ospf") failed, using proto 89

7KH/etc/protocolILOHGRHVQ
W.RQWDLQDQRVSIHQWU\7KHHQWU\ VKRXOGORRNVRPHWKLQJOLNHWKLV
ospf 89 OSPFIGP # Open Shortest Path First IGP

7KHLVWKHDVVLJQHG,QWHUQHWSURWR.ROQXPEHUVSH.LILHGLQ5)& 9.4.2.2 BGP  +RZ.DQ,LQ.UHDVHWKHQXPEHURI%*3SHHUV*DWH'ZLOODOORZ" Specify a value for RTBIT_SIZE in your config file and recompile GateD. Each increment of RTBIT_SIZE provides 32 additional bits for 32 additional peers. Example: options RTBIT_SIZE=4 will allow up to 128 peers. The default value of RTBIT_SIZE is 1.  :K\LV*DWH'.KDQJLQJWKH1(;7B+23DWWULEXWHZKHQDGYHU WLVLQJDURXWHWRDQLQWHUQDOSHHU" 7KH%*35)&VWDWHV:KHQD%*3VSHDNHUDGYHUWLVHVWKHURXWHWR DQRWKHU%*3VSHDNHUOR.DWHGLQLWVRZQDXWRQRPRXVV\VWHPWKHDGYHU WLVLQJVSHDNHUVKDOOQRWPRGLI\WKH1(;7B+23DWWULEXWHDVVR.LDWHGZLWK

397

Frequently Asked Questions

WKHURXWHSee Section 2.2.2, BGP, for more information about the bgp statement. %DVL.DOO\*DWH'LVGHVLJQHGQRWWRPRGLI\WKH1(;7B+23LILWEHOLHYHV WKDWLWV,%*3SHHUZLOOEHDEOHWRILJXUHRXWKRZWRUHD.KWKHDGGUHVVLW GHSL.WV*DWH'ZLOOJRDKHDGDQGUHZULWHWKH1(;7B+23LILWEHOLHYHV WKDWWKHSHHUZLOOQRWNQRZKRZWRUHD.KWKHGHSL.WHGDGGUHVV ,QWKH.DVHRIJURXSW\SHLQWHUQDO*DWH'NQRZVEH.DXVH\RXKDYHVR .RQILJXUHGLWWKDWLWVSHHUVGRQRWGR%*3,*3QH[WKRSUHVROXWLRQ  *DWH'DOVRNQRZVWKDWDOORILWVSHHUVDUH/DGMD.HQWVRLWUHZULWHVWKH 1(;7B+23WRVRPHWKLQJLWNQRZVLWVSHHUZLOOEHDEOHWRUHD.KDW/ ,I\RXZLVKWRPDNH*DWH'.RQIRUPWRWKH5)&LQVWHDGRIDOORZLQJWKLV EHKDYLRU\RX.DQXVHJURXSW\SHURXWLQJZLWKinterface all VSH.LILHG ,QWKH.DVHRIgroup type routing ... interface all,*DWH' NQRZVWKDWDLWVSHHUVDUHUHVROYLQJ%*3,*3WKLVLVDSURSHUW\RI JURXSW\SHURXWLQJDQGE1(;7B+23VYLDDQ\LQWHUID.HDUHNQRZQ YLDWKH,*3WKLVLVZKDWinterface allPHDQV6RLWZRQ
WUHZULWH DQ\1(;7B+23V 0X.KRIWKLVWH[W.RXUWHV\RI-RKQ6.XGGHU  ,keep seeing error messages about an unsupported optional parameter when trying to peer with a Cisco. What is the problem? 6RPHYHUVLRQVRI&LV.R,26KDYHD.DSDELOLWLHVQHJRWLDWLRQEXJ7KH LQWHQGHGEHKDYLRURI.DSDELOLWLHVQHJRWLDWLRQLVWRUHVHQGD%*3RSHQ PHVVDJHZLWKRXWWKHRSWLRQDOSDUDPHWHURQ.HLWUH.HLYHVDQRWLIL.DWLRQ IURP*DWH'VWDWLQJWKDWWKHSDUDPHWHULVXQVXSSRUWHG<RXVKRXOG XSJUDGH\RXU&LV.RRUDSSO\WKLVZRUNDURXQGneighbor x.x.x.x dont-capability-negotiate. )RUPRUHLQIRUPDWLRQDERXW.DSDELOL WLHVQHJRWLDWLRQUHIHUWR draft-ietf-idr-bgp4-cap-neg03.txt  How can I configure a peer that is not on the same network? Use the gateway keyword on the peer statement:
group type external peeras 65000 { peer a.b.c.d gateway w.x.y.z; }; ZKHUH a.b.c.d LV\RXUSHHU
V,3DGGUHVVDQG w.x.y.z LVWKHQH[WKRSWKDW *DWH'VKRXOGXVHWRILQGa.b.c.d.

 :K\GRHVQW*DWH'V25,*,1.RGHPDW.K5)&" 7KLVLVDKD.NWRGHDOZLWKDKLVWRUL.DOSUREOHP,QWKHSDVWSHRSOHW\SL .DOO\OHDNHGDOOVRUWVRIURXWHVDURXQGLQWKHLU,*3DQGLWZDVIDLUO\.RP PRQWKDWIRONVZRXOGOHDN1/5,LQWKDWWKH\PLJKWQRWKDYHLQWHQGHG 7KLV.KDQJHWR25,*,1DOORZHGWKHQHWZRUNWKDWZDVPRUH.HUWDLQ

398

Configuring GateD

DERXWWKHURXWHVWKH\ZHUHOHDNLQJLQWRJHWDOLWWOHERRVWLQSULRULW\E\ GH.ODULQJWKHLUSDWKV.RPSOHWH 7KHVHGD\VSHRSOHDUHH[SH.WHGWRQRWUHGLVWULEXWHWKHLUHQWLUH,*3LQWR %*3$GGLWLRQDOO\WKHWZRPRVW.RPPRQ%*3LPSOHPHQWDWLRQVRXW WKHUHERWKKDYHSROL.\.RQWUROVWKDWDOORZ\RXWRVHWWKHRULJLQDV\RXEHVW VHHILW  Why isn't BGP advertising my static routes? ,IQRH[SRUWSROL.\LVVSH.LILHG%*3ZLOODGYHUWLVHRQO\GLUH.WLQWHUID.H URXWHV7RH[SRUWVWDWL.URXWHV\RXZLOOQHHGDQH[SRUWVWDWHPHQWOLNHWKLV
export proto bgp as 65500 { proto static { all; }; };

1RWHWKDWRQ.HH[SRUWSROL.\KDVEHHQGHILQHGIRU%*3*DWH'QHHGVWR EHH[SOL.LWO\.RQILJXUHGLQRUGHUWRH[SRUWGLUH.WLQWHUID.HURXWHV8VH SURWRGLUH.WWRGRWKLV6HH([SRUWLQJWR(*3DQG%*3DQG([SRUWLQJ E\$6SDWKIRUPRUHLQIRUPDWLRQRQ.RQILJXULQJ%*3H[SRUWSROL.\  :K\LV*DWH'LJQRULQJP\0('V" ,I\RXZDQW*DWH'WRSD\DWWHQWLRQWRLQ.RPLQJPHWUL.V\RXQHHGWR VSH.LI\WKHPHGNH\ZRUGRQWKHJURXSVWDWHPHQW

group type external peeras 65530 med { peer 192.168.10.2; };

7KHGHIDXOWEHKDYLRULVIRU*DWH'WRLJQRUHLQ.RPLQJPHWUL.V  :KDWLV%*3
VGHIDXOWLPSRUWDQGH[SRUWEHKDYLRU" GateD will import all routes from a configured peer unless otherwise configured. If no export policy is specified, BGP will advertise only direct (interface) routes. Refer to Exporting to EGP and BGP and Importing from EGP and BGP for more information on configuring BGP policy.  ,IRQD&LV.RURXWHUDURXWHLVUHGLVWULEXWHGH[SRUWHGIURP DQRWKHUSURWR.ROVX.KDVVWDWL.RU263)LQWR%*3ZKDWVKRXOG WKHRULJLQRIWKHURXWHEH" ,I\RXUHGLVWULEXWHXVLQJWKHQHWZRUN[[[[.RPPDQG\RXU&LV.R URXWHUZLOODXWRPDWL.DOO\VHWWKHRULJLQWR,*3,I\RXXVHUHGLVWULEXWH

399

Frequently Asked Questions

\RXU&LV.RURXWHUZLOOXVHRULJLQLQ.RPSOHWH(LWKHUZLOOZRUN$ GHV.ULSWLRQRIWKHRULJLQSDWKDWWULEXWHIROORZV 25,*,17\SH&RGH 25,*,1LVDZHOONQRZQPDQGDWRU\DWWULEXWHWKDWGHILQHVWKHRULJLQRI WKHSDWKLQIRUPDWLRQ7KHGDWDR.WHW.DQDVVXPHWKHIROORZLQJYDOXHV 9DOXH    0HDQLQJ ,*31HWZRUNOD\HU5HD.KDELOLW\,QIRUPDLWRQLVLQWH ULRUWRWKHRULJLQDWLQJ$6 (*31HWZRUN/D\HU5HD.KDELOLW\,QIRUPDWLRQ OHDUQHGYLD(*3 ,1&203/(7(1HWZRUN/D\HU5HD.KDELOLW\,QIRU PDWLRQOHDUQHGE\VRPHRWKHUPHDQV

400

Configuring GateD

401