IPv4 unicast routing configuration

This chapter describes how to configure routing functions for IPv4. It requires only some knowledge of the basic principles of IPv4 features.

Routing is more the art to advertise how to be reachedrather than the art to learn how to reach.

Routing configuration overview

You can configure routing functions via static routes or any dynamic routing protocol. The IPv4 routing protocols that are provided within the Turbo IPsec software are:

  • BGP 4
  • OSPF v2
  • RIP v1 and RIP v2

Displaying routing configuration

Routing configuration such as IPv4 or IPv6 static routes are stored into the rtg context.

  • Display routing configuration:

    router{}edit conf myconfig
    router{conf:myconfig}rtg
    router{conf:myconfig-rtg}display
    

    or

    router{conf:myconfig}display rtg
    

Example

router{conf:myconfig-rtg}display
    # DYNAMIC ROUTING PROTOCOLS
       dynamic
         router rip
           default-information originate
           network 10.0.1.0/24
       #
       router ripng
       network 3ffe:1000::/64
       network eth1_0
       #
       exit
    # DEFAULT ROUTE
      route default-ipv4 10.18.8.19
      route default-ipv6 3ffe:0:0:1808::19
    # IPV4 ROUTE
      route 10.20.1.0/24 10.20.0.1
    # IPV6 ROUTE
      route 3ffe:304:107:1800::/64 1111::2

Showing the unicast routing tables (RIBs and router’s FIB)

The FIB contains the aggregated information from all the RIBs that have been discovered by the dynamic routing protocols or that have been set statically. There is one RIB for each routing protocol: a RIP RIB, an OSPF v2 RIB, and an IPv4 BGP 4 RIB.

You can monitor IPv4 unicast FIBs via the show routing ip route command.

Displaying the IPv4 unicast routes

The show routing ip route command displays the IPv4 unicast routes (the IPv4 FIB) currently used by the routers. Routes can be statically configured or automatically learnt by a routing protocol.

router{}show routing ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
       B - BGP, D - DEP, > - selected route, * - FIB route

C>* 10.1.1.0/28 is directly connected, eth0_0
C>* 10.16.0.0/24 is directly connected, eth1_0
C>* 127.0.0.0/8 is directly connected, lo0
C>* 192.168.1.0/24 is directly connected, eth1_0
R>* 192.168.2.0/24 [120/2] via 10.1.1.2, eth0_0, 17:21:48
R>* 192.168.3.0/24 [120/2] via 10.1.1.3, eth0_0, 1d00h47m

Displaying the dynamic routing protocols’s RIBs

  1. Display the RIBs of the dynamic routing protocols:

    router{}show routing ip {rip|bgp|ospf}
    
    rip

    Displays the RIP RIB

    bgp

    Displays the BGP 4 RIB

    ospf

    Displays the OSPF v2 RIB

IPv4 static routes

Overview

Once the IPv4 addresses have been configured, communication is possible between the nodes (hosts or routers) directly connected to the same IPv4 sub-network. It is a one hop communication. To communicate with other nodes that are connected to a different sub-network, a dedicated node, the router, requires routes. For example, you can define static IPv4 routes to link sub-networks.

Static routes do not scale and are not error-free. They should be used only when dynamic routing protocols cannot be deployed, or in case of very simple topologies.

You can implement static routing by directly manipulating the equipment routing table. It may be used with any dynamic routing protocol. When both static and dynamic routes are set, the FIB prefers the static ones because their administrative distance is 1.

Configuring static routes

IPv4 static default route

Configuring the static default-route [1] provides output information to Turbo IPsec to forward a packet that cannot be processed locally.

For example, the default route of a CPE is usually the way through the public interface.

router{conf:myconfig-rtg}route default-ipv4 {gwaddress|iface} [distance]
gwaddress
Directly connected address. It means that it can be joined without any recursive routing lookup. If the gateway address is not directly connected, this route is down.
iface
An interface. This route is up when the interface is up. It will be redistributed into the routing protocols only when this point-to-point interface is up.
[1]An IPv4 default route is noted 0.0.0.0/0. An IPv6 default route is noted 0::0/0, or ::0/0.

Regular static routes

  • Add a static IPv4 route:

    router{}edit conf myconfig
    
    router{conf:myconfig-rtg}route network/M gwaddress [blackhole|reject] [distance] [mark <value>/<mask>]
    

    or

    router{conf:myconfig-rtg}route network/M IFACE-PtP [distance] [mark <value>/<mask>]
    

    or

    router{conf:myconfig-rtg}route network/M IFACE-BROADCAST [distance] [mark <value>/<mask>]
    
    network/M

    The IPv4 prefix and prefix length.

    gwaddress

    Next-hop address to which packets should be forwarded. This next-hop MUST be directly connected. If the gwaddress is down, the route is down.

    IFACE-PtP

    A logical or physical point-to-point interface. The packet will be routed into the interface and naturally be sent to the remote endpoint.

    IFACE-BROADCAST A broadcast interface. This will result in a connected route,

    which means that packet that need to be routed through this interface will be subject to ARP.

    blackhole

    The packet sent through that route will be silently dropped.

    reject

    An ICMP unreachable is emitted when a packet is sent through that route.

    Distance

    Optional. Specifies the administrative distance (1-255). If unspecified, it is set to 1.

    mark optional 6WIND next hop marking instead of Netfilter marking. Value can be between 1 and (2 32 -1). If nexthop mark field is 0, it means that we do not add a mark. The mark and mask are unsigned 32-bit integers.

    Note

    The gateway address is the next-hop address of a remote router. This router must be directly connected to one of the router’s interfaces, otherwise the route remains inactive.

  • Delete a static route:

    router{conf:myconfig-rtg}delete route network/M gwaddress
    

    or

    router{conf:myconfig-rtg}delete route network/M IFACE-PtP
    

    or

    router{conf:myconfig-rtg}delete route network/M IFACE-BROADCAST
    

ECMP

ECMP is supported. This feature allows defining several paths which have the same cost. It is mainly used for load balancing.

It is assumed the Operating System has been compiled with the appropriate enable-multipath option.

Virtual routers

By default, static routes are configured in VRF 0. To handle virtual routers, you can specify another VRF. The route will be stored in the corresponding forwarding table.

router{conf:myconfig-rtg}route network/M gwaddress [blackhole|reject] [mark <value>/<mask>] vrf-id VR
router{conf:myconfig-rtg}route network/M IFACE-PtP [mark <value>/<mask>] vrf-id VR
router{conf:myconfig-rtg}route network/M IFACE-BROADCAST [mark <value>/<mask>] vrf-id VR
VR
VR identifier.