Professional Documents
Culture Documents
Core Configuration
Core Configuration
Version 7.5.1
Publication Date
This document was published on April 15, 2013.
Legal Notices
Copyright
Copyright 2001-2013, F5 Networks, Inc. All rights reserved.
F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5
assumes no responsibility for the use of this information, nor any infringement of patents or other rights of
third parties which may result from its use. No license is granted by implication or otherwise under any
patent, copyright, or other intellectual property right of F5 except as specifically described by applicable
user licenses. F5 reserves the right to change specifications at any time without notice.
Trademarks
3DNS, Access Policy Manager, Acopia, Acopia Networks, Advanced Client Authentication, Advanced
Routing, APM, Application Security Manager, ARX, AskF5, ASM, BIG-IP, Cloud Extender,
CloudFucious, CMP, Data Manager, DevCentral, DevCentral [DESIGN], DNS Express, DSC, DSI, Edge
Client, Edge Gateway, Edge Portal, EM, Enterprise Manager, F5, F5 [DESIGN], F5 Management Pack, F5
Networks, F5 World, Fast Application Proxy, Fast Cache, FirePass, Global Traffic Manager, GTM, IBR,
Intelligent Browser Referencing, Intelligent Compression, IPv6 Gateway, iApps, iControl, iHealth,
iQuery, iRules, iRules OnDemand, iSession, IT agility. Your way., L7 Rate Shaping, LC, Link Controller,
Local Traffic Manager, LTM, Message Security Module, MSM, Netcelera, OneConnect, Packet Velocity,
Protocol Security Module, PSM, Real Traffic Policy Builder, ScaleN, SSL Acceleration, StrongBox,
SuperVIP, SYN Check, TCP Express, TDR, TMOS, Traffic Management Operating System,
TrafficShield, Transparent Data Reduction, VIPRION, vCMP, WA, WAN Optimization Manager,
WANJet, WebAccelerator, WOM, and ZoneRunner, are trademarks or service marks of F5 Networks, Inc.,
in the U.S. and other countries, and may not be used without F5's express written consent.
All other product and company names herein may be trademarks of their respective owners.
Patents
This product may be protected by U.S. Patents 6,327,242; 6,374,300; 6,473,802; 6,970,733; 7,051,126;
7,102,996; 7,197,661; 7,287,084; 7,916,728; 7,916,730; 7,783,781; 7,774,484; 7,975,025; 7,996,886;
8,004,971; 8,010,668. This list is believed to be current as of November 15, 2011.
RF Interference Warning
This is a Class A product. In a domestic environment this product may cause radio interference, in which
case the user may be required to take adequate measures.
FCC Compliance
This equipment has been tested and found to comply with the limits for a Class A digital device pursuant
to Part 15 of FCC rules. These limits are designed to provide reasonable protection against harmful
interference when the equipment is operated in a commercial environment. This unit generates, uses, and
can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual,
may cause harmful interference to radio communications. Operation of this equipment in a residential area
is likely to cause harmful interference, in which case the user, at his own expense, will be required to take
whatever measures may be required to correct the interference.
Any modifications to this device, unless expressly approved by the manufacturer, can void the user's
authority to operate this equipment under part 15 of the FCC rules.
i
Canadian Regulatory Compliance
This Class A digital apparatus complies with Canadian ICES-003.
Standards Compliance
This product conforms to the IEC, European Union, ANSI/UL and Canadian CSA standards applicable to
Information Technology products at the time of manufacture.
Acknowledgments
This product includes software developed by Bill Paul.
This product includes software developed by Jonathan Stone.
This product includes software developed by Manuel Bouyer.
This product includes software developed by Paul Richards.
This product includes software developed by the NetBSD Foundation, Inc. and its contributors.
This product includes software developed by the Politecnico di Torino, and its contributors.
This product includes software developed by the Swedish Institute of Computer Science and its
contributors.
This product includes software developed by the University of California, Berkeley and its contributors.
This product includes software developed by the Computer Systems Engineering Group at the Lawrence
Berkeley Laboratory.
This product includes software developed by Christopher G. Demetriou for the NetBSD Project.
This product includes software developed by Adam Glass.
This product includes software developed by Christian E. Hopps.
This product includes software developed by Dean Huxley.
This product includes software developed by John Kohl.
This product includes software developed by Paul Kranenburg.
This product includes software developed by Terrence R. Lambert.
This product includes software developed by Philip A. Nelson.
This product includes software developed by Herb Peyerl.
This product includes software developed by Jochen Pohl for the NetBSD Project.
This product includes software developed by Chris Provenzano.
This product includes software developed by Theo de Raadt.
This product includes software developed by David Muir Sharnoff.
This product includes software developed by SigmaSoft, Th. Lockert.
This product includes software developed for the NetBSD Project by Jason R. Thorpe.
This product includes software developed by Jason R. Thorpe for And Communications,
http://www.and.com.
This product includes software developed for the NetBSD Project by Frank Van der Linden.
This product includes software developed for the NetBSD Project by John M. Vinopal.
This product includes software developed by Christos Zoulas.
This product includes software developed by the University of Vermont and State Agricultural College and
Garrett A. Wollman.
This product includes software developed by Balazs Scheidler (bazsi@balabit.hu), which is protected
under the GNU Public License.
This product includes software developed by Niels Mueller (nisse@lysator.liu.se), which is protected
under the GNU Public License.
In the following statement, This software refers to the Mitsumi CD-ROM driver: This software was
developed by Holger Veit and Brian Moore for use with 386BSD and similar operating systems. Similar
operating systems includes mainly non-profit oriented systems for research and education, including but
not restricted to NetBSD, FreeBSD, Mach (by CMU).
This product includes software developed by the Apache Group for use in the Apache HTTP server project
(http://www.apache.org/).
This product includes software licensed from Richard H. Porter under the GNU Library General Public
License (© 1998, Red Hat Software), www.gnu.org/copyleft/lgpl.html.
ii
This product includes the standard version of Perl software licensed under the Perl Artistic License (©
1997,
1998 Tom Christiansen and Nathan Torkington). All rights reserved. You may find the most current
standard version of Perl at http://www.perl.com.
This product includes software developed by Jared Minch.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit
(http://www.openssl.org/).
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
This product contains software based on oprofile, which is protected under the GNU Public License.
This product includes RRDtool software developed by Tobi Oetiker (http://www.rrdtool.com/index.html)
and licensed under the GNU General Public License.
This product contains software licensed from Dr. Brian Gladman under the GNU General Public License
(GPL).
This product includes software developed by the Apache Software Foundation (http://www.apache.org/).
This product includes Hypersonic SQL
This product contains software developed by the Regents of the University of California, Sun
Microsystems,
Inc., Scriptics Corporation, and others.
This product includes software developed by the Internet Software Consortium.
This product includes software developed by Nominum, Inc. (http://www.nominum.com).
This product contains software developed by Broadcom Corporation, which is protected under the GNU
Public License.
This product contains software developed by MaxMind LLC, and is protected under the GNU Lesser
General Public License, as published by the Free Software Foundation.
This product includes software developed by the Computer Systems Engineering Group at Lawrence
Berkeley Laboratory. Copyright ©1990-1994 Regents of the University of California. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided
that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the
following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software must display the following
acknowledgement:
This product includes software developed by the Computer Systems Engineering Group at Lawrence
Berkeley Laboratory.
4. Neither the name of the University nor of the Laboratory may be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
This product includes software developed by Sony Computer Science Laboratories Inc. Copyright ©
1997-2003 Sony Computer Science Laboratories Inc. All rights reserved. Redistribution and use in source
and binary forms, with or without modification, are permitted provided that the following conditions are
met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the
following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.
iii
THIS SOFTWARE IS PROVIDED BY SONY CSL AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL SONY CSL OR CONTRIBUTORS BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
This product includes the GeoPoint Database developed by Quova, Inc. and its contributors.
This product includes software developed by Ian Gulliver ©2006, which is protected under the GNU
General Public License, as published by the Free Software Foundation.
A portion of this reference guide is copyrighted by IP Infusion, Inc.
ZebOS is a registered trademark, and IP Infusion and the ipinfusion logo are trademarks of IP Infusion.
All other trademarks are trademarks of their respective companies.
This documentation is subject to change without notice. The software described in this document and this
documentation are furnished under a license agreement or nondisclosure agreement. The software and
documentation may be used or copied only in accordance with the terms of the applicable agreement. No
part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or any
means electronic or mechanical, including photocopying and recording for any purpose other than the
purchaser's internal use without the written permission of IP Infusion Inc.
F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5
assumes no responsibility for the use of this information, nor any infringement of patents or other rights of
third parties which may result from its use. No license is granted by implication or otherwise under any
patent, copyright, or other intellectual property right of F5 except as specifically described by applicable
user licenses. F5 reserves the right to change specifications at any time without notice.
All other product and company names herein may be trademarks of their respective owners.
iv
Table of Contents
CHAPTER 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
About This Publication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Conventions Used in this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Format used in the Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
Enabling RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
Command Line Interface Primer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
Command Line Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
Syntax Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
Daemon Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Modes Common to Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Modes Specific to Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Illustration
This section includes the illustration of the
complete topology used in the example. The figure
uses the exact IP addresses and names of routers eth1 eth2 eth1 eth2
R1 R2
used in the example. 10.10.10.10 10.10.11.10 10.10.11.50 10.10.12.10
Configuration
Includes the complete configuration of the routers
involved in the example. The prompt shows the
execution modes of the commands. Each example
begins from the Privileged Exec mode. The
method to reach every command mode is R1
illustrated in the Daemon Command Modes ZebOS# configure terminal Enter the Configure mode.
section. For modes specific to different protocols, ZebOS(config)# router rip Define the RIP process...
please refer to the corresponding Command ZebOS(config-router)# net.. Associate networks with....
Reference (for OSPF command modes, refer to
ZebOS(config-router)# net..
the OSPF Command Reference).
Explanation
This is the grey section next to the configuration
statements and is not to be typed in the CLI. It
provides step-by-step explanation of the actions
performed by the configuration.
Syntax Help
The ZebOS CLI can complete the spelling of command or parameter keywords. Begin typing the command or
parameter then press TAB. At the CLI command prompt type sh:
Router> sh
Press TAB. The CLI shows:
Router> show
If the command or parameter partial spelling is ambiguous, the ZebOS CLI displays the choices that match the
abbreviation. Type show i. Press TAB. The CLI shows:
Router> show i
interface ip
Router> show i
The interface displays the interface and ip keywords. Type n to select interface and press TAB. The CLI shows:
Router> show in
Router> show interface
Type ? and the CLI shows the list of parameters for the show interface command.
[IFNAME] Interface name
Router> show interface
This command has but one positional parameter, an interface name. Supply a value for the IFNAME parameter.
Command Abbreviations
The ZebOS CLI accepts abbreviations for commands. For example,
sh in 7
is the abbreviation for the show interface command.
Startup Router
in EXEC mode Command Mode
(View mode)
Privileged
EXEC mode
(Enable mode)
configure terminal
Configure
mode
Interface Line
mode mode
This chapter contains basic NSM configuration examples. To see details on the commands used in these examples, or
to see the outputs of the validation commands, refer to the NSM Command Reference. To avoid repetition, some
Common commands, like configure terminal, have not been listed under the Commands Used section. The NSM
Command Reference explains these common commands.
R1
R2
ZebOS(config-if)# ip address 192.168.0.2/32 Configure the IP address on this interface and specify a 32-
bit mask, making it a host address.
ZebOS(config-if)# exit Exit the Interface mode and return to Configure
mode.
ZebOS(config)# ip route 192.168.0.1/32 Specify the destination and mask for the network for which
10.10.10.1 gateway is required and add a gateway for each of them.
ZebOS(config)# ip route 192.168.0.3/32
10.10.12.3
R3
Validation Commands
show ip route, show running-config
This chapter contains basic RIP configuration examples. To see details on the commands used in these examples, or
to see the outputs of the Validation commands, refer to the RIP Command Reference. To avoid repetition, some
Common commands, like configure terminal, have not been listed under the Commands Used section. These
Common commands are explained in the NSM Command Reference.
Enabling RIP
This example shows the minimum configuration required for enabling RIP on an interface. R1 and R2 are two routers
connecting to network 10.10.11.0/24. R1 and R2 are also connected to networks 10.10.10.0/24 and 10.10.12.0/24
respectively. To enable RIP, first define the RIP routing process and then associated a network with the routing
process.
R1
R2
Validation Commands
show ip rip, show run, show ip protocols rip, show ip rip interface, show ip route
V1/V2
R2
Validation Commands
show ip rip, show run, show ip protocols rip, show ip rip interface, show ip route
R1
R2
ZebOS(config-if)# ip rip authentication string Specify the authentication string (IPI) on this
IPI interface.
ZebOS(config-if)# ip rip authentication mode md5 Specify the authentication mode to be MD5.
Validation Commands
show run, show ip rip, show ip protocol rip, show ip rip interface, show ip route
R1
ZebOS(config-keychain)# key 20 Add another authentication key (20) to the key chain
SUN.
ZebOS(config-keychain-key)# key-string Earth Specify a password (Earth) to be used by the
specified key.
ZebOS(config-keychain-key)# accept-lifetime Specify the time period during which authentication key
12:00:00 Mar 7 2003 14:00:00 Mar 12 2003 string Earth can be received. In this case, key string
Earth can be received from noon of March 7 to 2 pm
March 12, 2003.
ZebOS(config-keychain-key)# send-lifetime Specify the time period during which authentication key
12:00:00 Mar 7 2003 12:00:00 Mar 12 2003 string Earth can be send. In this case, key string IPI
can be received from noon of March 7 to noon of March
12, 2003.
ZebOS(config-keychain-key)# end Enter Privileged Exec mode.
ZebOS# configure terminal Enter the Configure mode.
ZebOS(config)# interface eth1 Specify interface eth1 as the interface you want to
configure.
ZebOS(config-if)# ip rip authentication key Enable RIPv2 authentication on eth1 interface and
chain SUN specify the key chain SUN to be used for
authentication.
ZebOS(config-if)# ip rip authentication mode Specify text authentication mode to be used for RIP
text packets. This step is optional, as text is the default
mode.
R2
Validation Commands
show run, show ip rip, show ip protocol rip, show ip rip interface, show ip route
R1
ZebOS(config-keychain)# key 2 Add another authentication key (2) to the key chain
SUN.
ZebOS(config-keychain-key)# key-string Earth Specify a password (Earth) to be used by the
specified key.
ZebOS(config-keychain-key)# accept-lifetime Specify the time period during which authentication key
12:00:00 Mar 7 2003 14:00:00 Mar 12 2003 string Earth can be received. In this case, key string
Earth can be received from noon of March 7 to 2 pm
March 12, 2003.
ZebOS(config-keychain-key)# send-lifetime Specify the time period during which authentication key
12:00:00 Mar 7 2003 12:00:00 Mar 12 2003 string Earth can be send. In this case, key string IPI
can be received from noon of March 7 to noon of March
12, 2003.
ZebOS(config-keychain-key)# end Enter Privileged Exec mode.
ZebOS# configure terminal Enter the Configure mode.
ZebOS(config)# interface eth1 Specify interface eth1 as the interface you want to
configure.
ZebOS(config-if)# ip rip authentication key Enable RIPv2 authentication on eth1 interface and
chain SUN specify the key chain SUN to be used for
authentication.
ZebOS(config-if)# ip rip authentication mode md5 Specify md5 authentication mode to be used for RIP
packets.
R2
ZebOS(config-keychain-key)# accept-lifetime Specify the time period during which authentication key
12:00:00 Mar 7 2003 14:00:00 Mar 12 2003 string Earth can be received. In this case, key string
Earth can be received from noon of March 7 to 2 pm
March 12, 2003.
ZebOS(config-keychain-key)# send-lifetime Specify the time period during which authentication key
12:00:00 Mar 7 2003 12:00:00 Mar 12 2003 string Earth can be send. In this case, key string IPI
can be received from noon of March 7 to noon of
March 12, 2003.
ZebOS(config-keychain-key)# end Enter Privileged Exec mode.
ZebOS# configure terminal Enter the Configure mode.
ZebOS(config)# interface eth0 Specify interface eth0 as the interface you want to
configure.
ZebOS(config-if)# ip rip authentication key Enable RIPv2 authentication on eth1 interface and
chain MARS specify the key chain MARS to be used for
authentication.
ZebOS(config-if)# ip rip authentication mode md5 Specify authentication mode to be used for RIP
packets.
Validation Commands
show run, show ip rip, show ip protocol rip, show ip rip interface
This chapter contains basic OSPF configuration examples. To see details on the commands used in these examples,
or to see the outputs of the Validation commands, refer to the OSPF Command Reference. To avoid repetition, some
Common commands, such as configure terminal, have not been listed under the Commands Used section.
These Common commands are explained in the NSM Command Reference.
AS1
Area 0
R2
.11 eth1
10.10.10.0/24
.10 eth0
R1
R1
R2
Validation Commands
show ip ospf, show ip ospf interface, show ip ospf neighbor, show ip ospf route
Setting priority
This example shows the configuration for setting the priority for an interface. You can set a high priority for a router to
make it the Designated Router (DR). Router R3 is configured to have a priority of 10, which is higher than the default
priority (default priority is 1) of R1 and R2; making it the DR.
AS 1
R2
Area 0
.11 eth1
10.10.10.0/24
R1 R3
DR
R3
R1
R2
ZebOS(config)# router ospf 200 Configure the Routing process and specify the Process ID
(200). The Process ID should be a unique positive integer
identifying the routing process.
ZebOS(config-router)# network 10.10.10.0/24 Define the interface (10.10.10.0/24) on which OSPF
area 0 runs and associate the area ID (0) with the interface.
Validation Commands
show ip ospf neighbor, show ip ospf interface
Area 1
eth2
R4
10.10.11.13/24
Area 0
eth1
10.10.10.0/24
R1 R3
DR
R2
Validation Commands
show ip ospf, show ip ospf interface
AS1
Area 0 .11
R2
OSPF
.11
10.10.10.0/24
.10 .12
AS 2
Area 2
R5
BGP
R1
Validation Commands
show ip ospf database external
OSPF Cost
You can make a route the preferred route by changing its cost. In this example, cost has been configured to make R2
the next hop for R1.
The default cost on each interface is 10. Interface eth2 on R2 has a cost of 100 and interface eth2 on R3 has a cost
of 150. The total cost to reach 10.10.14.0/24 (R4) through R2 and R3:
R2: 10+100 = 110
R3: 10+150 = 160
Therefore, R1 chooses R2 as its next hop for destination 10.10.14.0/24.
eth1 R2 eth2
AS1
0
=1 0 10
Co
st
o st 0. .1 =1
C 0 .1 0. 00
11.
eth0 0 . 1 0 eth0
1
eth2 eth2
R1 R4
10.10.9.0/24 10 10.10.14.0/24
.1 .0 eth1
eth1 0 13
Co .1 2 10. 50
st .0 10. 1
=
= st
10 Co
eth1 R3 eth2
Area 0
R1
R2
ZebOS(config)# router ospf 100 Configure the Routing process and specify the Process ID
(100). The Process ID should be a unique positive integer
identifying the routing process.
ZebOS(config-router)# network 10.10.10.0/24 Define interfaces on which OSPF runs and associate the
area 0 area ID (0) with the interface.
ZebOS(config-router)# network 10.10.11.0/24
area 0
R3
R4
ZebOS(config)# router ospf 100 Configure the Routing process and specify the Process ID
(100). The Process ID should be a unique positive integer
identifying the routing process.
ZebOS(config-router)# network 10.10.11.0/24 Define interfaces on which OSPF runs and associate the
area 0 area ID (0) with the interface.
ZebOS(config-router)# network 10.10.13.0/24
area 0
ZebOS(config-router)# network 10.10.14.0/24
area 0
Validation Commands
show ip ospf route 10.10.14.0/24
ABR
lo = 192.168.1.62/32
Area 0 Area 1
10.10.22.62/24
R6 R1 R4
10.10.21.62/24 10.10.22.10/24
10.10.23.10/24
Vi rt
ual
link
10.10.23.63/24
DOWN
R3 R2
Area 2
4
3/2
. 24.6
10
10. lo = 192.168.2.63
ABR
R5
R1
R2
Validation Commands
show ip ospf virtual link, show ip ospf neighbor, show ip ospf, show ip ospf route
OSPF Authentication
In the ZebOS implementation there are three types of OSPF authentications--Null authentication (Type 0), Simple Text
(Type 1) authentication and MD5 (Type 2) authentication. With null authentication, routing exchanges over the network
are not authenticated. In Simple Text authentication, the authentication type is the same for all routers that
communicate using OSPF in a network. For MD5 authentication, you configure a key and a key-id on each router. The
router generates a message digest on the basis of the key, key ID and the OSPF packet and adds it to the OSPF
packet.
The Authentication type can be configured on a per-interface basis or a per-area basis. Additionally, Interface and Area
authentication can be used together. Area authentication is used for an area and interface authentication is used for a
specific interface in the area. If the Interface authentication type is different from Area authentication type, Interface
authentication type overrides the Area authentication type. If the Authentication type is not specified for an interface,
the Authentication type for the area is used. The authentication command descriptions contain details of each type of
authentication. Refer to the OSPF Command Reference for OSPF authentication commands.
In the example below, R1 and R2 are configured for both the interface and area authentications.The authentication type
of interface eth1 on R1 and interface eth0 on R2 is md5 mode and is defined by the area authentication
command; however, the authentication type of interface eth2 on R1 and interface eth1 on R2 is plain text mode and is
defined by the ip ospf authentication command. This interface command overrides the area authentication
command.
AS1
Area 0 10.10.11.50
R2
eth1
.50 eth0
10.10.10.0/24
.10 eth1
10.10.11.10
R1
eth2
R1
ZebOS(config-if)# ip ospf message-digest-key Register MD5 key test for OSPF authentication. The Key
1 md5 test ID is 1.
ZebOS(config-if)# exit Exit the Interface mode and return to Configure
mode
ZebOS(config)# interface eth2 Specify the interface (eth2)to be configured.
ZebOS(config-if)# ip ospf authentication Enable OSPF packet to use text authentication on the
current interface (eth2).
ZebOS(config-if)# ip ospf authentication-key Specify an OSPF authentication password test for the
test neighboring routers.
R2
Validation Commands
show run, show ip ospf neighbor
This chapter contains basic IS-IS configuration examples. To see details on the commands used in these examples, or
to see the outputs of the Validation commands, refer to the IS-IS Command Reference. To avoid repetition, some
Common commands, like configure terminal, have not been listed under the Commands Used section. The NSM
Command Reference explains these Common Commands.
AS 1
net 49.0000.0000.0002.00
Level-2-only R2
eth1 .11
10.10.10.0/24
eth0 .10
R1
net 49.0000.0000.0001.00
R1
R2
Validation Commands
show clns neighbors, show isis database, show isis topology
Setting priority
This example shows the configuration for setting the priority for an interface. Set a high priority for a router to make it
the Designated IS (DIS). Router R3 is configured to have a priority of 70, this is higher than the default priority (default
priority is 64) of R1 and R2. This makes R3 the DIS.
AS 1
net 49.0000.0000.0002.00
Level-2-only R2
eth0 .11
10.10.10.0/24
R1 R3
R3
R1
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis ipi Enable IS-IS routing on an interface for area 49 (ipi).
ZebOS(config-if)# exit Exit the Interface mode and return to the Configure
mode.
ZebOS(config)# router isis ipi Create an IS-IS routing instance for area 49 (ipi).
R2
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis ipi Enable IS-IS routing on an interface for area 49 (ipi).
ZebOS(config-if)# exit Exit the Interface mode and return to the Configure
mode.
ZebOS(config)# router isis ipi Create an IS-IS routing instance for area 49 (ipi).
ZebOS(config-router)# is-type level-2-only
Configure instance ipi as Level-2-only routing.
ZebOS(config-router)# net Establish a Network Entity Title for this instance, specifying the
49.0000.0000.0002.00 area address and the system ID.
Validation Commands
show clns neighbors, show isis database, show isis topology
AS 1
R2
Level-2-only net 49.0000.0000.0002.00
.11
10.10.10.0/24
.10 .12
R1 R3
net 49.0000.0000.0003.00
net 49.0000.0000.0001.00 DIS
R5
R1
Validation Commands
show clns neighbors, show isis database, show isis topology, show ip isis route, show ip route
Configuring Metric
You can make a route the preferred route by changing its metric. In this example, the cost has been configured to make
R3 the next hop for R1.
The default metric on each interface is 10. Interface eth2 on R2 has a metric of 20 and Interface eth2 on R3 has a
metric of 30. The total cost to reach 10.10.14.0/24 (R4) through R2 and R3:
R2: 10+20 = 30
R3: 10+30 = 40
In this topology, R1 chooses R2 as its next hop for destination 10.10.14.0/24.
AS 1
net 49.0000.0000.0002.00
eth1 eth2
R2 met
ric =
eth0 20 eth0
eth2 Level-2-only eth2
R1 R4
= 30
eth1 ric eth1
met
net 49.0000.0000.0001 .00 net 49.0000.0000.0004.00
eth1 R3 eth2
net 49.0000.0000.0003.00
R1
R2
R3
R4
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter
the Interface mode.
ZebOS(config-if)# ip router isis ipi Enable IS-IS routing on an interface for area 49
(ipi).
Validation Commands
show clns neighbors, show isis database, show isis topology, show ip isis route, show ip route
AS 1
L2 Backbone Area
eth0 eth0
R1 R2
eth1 eth1
eth0 eth0
L1 Area 52 L1 Area 50
R3 R4
R1
R2
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis bb Enable IS-IS routing on the interface eth0 for area bb.
ZebOS(config-if)# isis circuit-type level-2- Set the circuit type for the interface eth0.
only
ZebOS(config-if)# exit Exit Interface mode and return to Configure mode.
ZebOS(config)# interface eth1 Specify the interface (eth1)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis bb Enable IS-IS routing on the interface eth1 for area bb.
ZebOS(config-if)# isis circuit-type level-1 Set the circuit type for the interface eth1.
ZebOS(config-if)# exit Exit Interface mode and return to Configure mode.
ZebOS(config)# router isis bb Create an IS-IS routing instance for area bb.
ZebOS(config-router)# net Establish a Network Entity Title for this instance, specifying
50.0000.0000.0002.00 the area address and the system ID.
R3
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis xyz Enable IS-IS routing on the interface eth0 for area xyz.
ZebOS(config-if)# exit Exit Interface mode and return to Configure mode.
ZebOS(config)# router isis xyz Create an IS-IS routing instance for area xyz.
ZebOS(config-router)# is-type level-1 Establish the IS level for this area (xyz) as Level-1.
ZebOS(config-router)# net Establish a Network Entity Title for this instance, specifying
52.0000.0000.0003.00 the area address and the system ID.
R4
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis aa Enable IS-IS routing on the interface eth0 for area aa.
ZebOS(config-if)# exit Exit Interface mode and return to Configure mode.
ZebOS(config)# router isis aa Create an IS-IS routing instance for area aa.
ZebOS(config-router)# is-type level-1 Establish the IS level for this area (aa) as Level-1.
ZebOS(config-router)# net Establish a Network Entity Title for this instance, specifying
50.0000.0000.0004.00 the area address and the system ID.
Validation Commands
show ip isis route, show ip route
AS 1
L2 Backbone Area
eth0 eth0
R1 R2
eth1 eth1
eth0 eth0
L1 Area 52 L1 Area 50
R3 R4
R1
R2
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis bb Enable IS-IS routing on the interface eth0 for area bb.
R3
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis xyz Enable IS-IS routing on the interface eth0 for area xyz.
ZebOS(config-if)# exit Exit Interface mode and return to Configure mode.
ZebOS(config)# router isis xyz Create an IS-IS routing instance for area xyz.
ZebOS(config-router)# is-type level-1 Establish the IS level for this area (xyz) as Level-1.
ZebOS(config-router)# net Establish a Network Entity Title for this instance, specifying
52.0000.0000.0003.00 the area address and the system ID.
R4
ZebOS(config)# interface eth0 Specify the interface (eth0)to be configured and enter the
Interface mode.
ZebOS(config-if)# ip router isis aa Enable IS-IS routing on the interface eth0 for area aa.
ZebOS(config-if)# exit Exit Interface mode and return to Configure mode.
ZebOS(config)# router isis aa Create an IS-IS routing instance for area aa.
ZebOS(config-router)# is-type level-1 Establish the IS level for this area (aa) as Level-1.
ZebOS(config-router)# net Establish a Network Entity Title for this instance, specifying
52.0000.0000.0004.00 the area address and the system ID.
Validation Commands
show ip isis route, show ip route
This chapter contains basic BGP configuration examples. To see details on the commands used in these examples, or
to see the outputs of the Validation commands, refer to the BGP Command Reference. To avoid repetition, some
Common commands, such as configure terminal, have not been listed under the Commands Used section.
These common Commands are explained in the NSM Command Reference.
AS200
10.10.10.10 10.10.10.11
R1 R2
R1
R2
Validation Commands
show ip bgp summary, show ip bgp neighbors
AS200 AS300
10.10.10.10 10.10.10.11
R1 R2
R1
R2
Validation Commands
show ip bgp summary, show ip bgp neighbors
Route-Map
Use route-maps to filter incoming updates from a BGP peer. In this example, a prefix-list ipi on R1 is configured to
deny entry of any routes with the IP address 1.1.1.0/M (M = 26,27,28). To test the filter, R2 is configured to
generate network addresses 1.1.1.0/27 and 1.1.2.0/24. To verify, use the show ip bgp command on R1; it
displays R1 receiving updates from only 1.1.2.0/24.
AS10 AS11
192.168.10.10 192.168.10.11
R1 R2
R1
R2
ZebOS(config)# router bgp 11 Define the routing process and establish a TCP session.
The number 11 specifies the AS number of R2.
ZebOS(config-router)# neighbor 192.168.10.10 Define BGP neighbors and establish a TCP session.
remote-as 10 192.168.10.10 is the IP address of the neighbor (R1)
and 10 is the neighbor’s AS number.
ZebOS(config-router)# network 1.1.1.0/27 Specify the network to be advertised by the BGP routing
process.
ZebOS(config-router)# network 1.1.2.0/24 Specify the network to be advertised by the BGP routing
process.
Validation Commands
show ip bgp
Route Reflector
Use Route Reflectors to reduce the IBGP mesh inside an AS. In this example, R2, R5 and R4 would have to maintain
a full mesh among themselves but by making R5 the Route Reflector, R2 (Client1) has IBGP session with RR only and
not with R4 (Client 2). The routes learned from R2 are advertised to the other clients and to IBGP peers outside the
cluster; the IBGP routes learned from IBGP peers outside the cluster are advertised to the R2. This reduces the IBGP
peer connections in AS1.
R3
RR Client 1
R2
10 RR Client 2
.1
0.
R4
1
0.
50
R1
50
1 1.
0.
10
.1
10 10
.1
1.
0.
.1
10
10
.
AS1 10
.
10
R6
R5
RR
RR (R5)
RR Client 1 (R2)
ZebOS(config)# router bgp 1 Define the routing process. The number 1 specifies the AS
number of R2.
ZebOS(config-router)# neighbor 10.10.10.10 Define BGP neighbor and establish a TCP session.
remote-as 1 10.10.10.10 is the IP address of the neighbor (R5) and
1 is the neighbor’s AS number.
RR Client 2 (R4)
ZebOS(config)# router bgp 1 Define the routing process. The number 1 specifies the AS
number of R4.
ZebOS(config-router)# neighbor 10.10.11.10 Define BGP neighbor and establish a TCP session.
remote-as 1 10.10.11.10 is the IP address of the neighbor (R5) and
1 is the neighbor’s AS number.
Validation Commands
show ip bgp, show ip bgp neighbors
Confederations
In this example, AS1 contains three Confederation Autonomous Systems--AS 1000, AS 1001 and AS 1002. To any
outside AS, the Confederation is a single Autonomous System AS1. Confederation eIBGP is run between R2 and R5,
and between R5 and R7. R2 is configured so that its local AS is 1000. Its peer connection to R5 is set up like any other
eBGP session. The bgp confederation identifier command tells the router that it is a member of a
Confederation and the Confederation ID. The bgp confederation peers command lists the member autonomous
system to which R2 is connected. The command tells the BGP process that the eBGP connection is a Confederation
eBGP rather than normal eBGP.
Confederations
AS1
AS 1000
R3
10.10.7.3 R8
R1 2
7.
10. 10.10.15.8
1 0. .
10 . 1 0.1 0 10 10.10.15.7
9 .1 . 9. 2
R2 .7 R7
. 11
0
10.10.10.2 .1
10 AS 1002
10 5
eIBGP
.1
0. 1. eIBGP
10 .1
10
. 5 R5 10
.
10.10.12.5
10
.4
.
12
10
0.
.1
.1
3.6
10
R4
R6
AS 1001
R2
R5
ZebOS(config)# router bgp 1001 Define the routing process. The number 1001 specifies the
AS number of R5.
ZebOS(config-router)# bgp confederation Specify BGP Confederation Identifier, to others the group
identifier 1 will appear as a single AS and the identifier as its AS
number.
ZebOS(config-router)# bgp confederation peers Specify AS 1000 and 1002 to become members of the
1000 1002 Confederation.
ZebOS(config-router)# neighbor 10.10.10.2 Define BGP neighbors for R5 and establish a TCP session
remote-as 1000 by specifying the IP addresses and the AS numbers of
ZebOS(config-router)# neighbor 10.10.11.7 neighbors.
remote-as 1002
ZebOS(config-router)# neighbor 10.10.13.6
remote-as 1001
ZebOS(config-router)# neighbor 10.10.12.4
remote-as 1001
R7
ZebOS(config)# router bgp 1002 Define the routing process. The number 1001 specifies the
AS number of R5.
ZebOS(config-router)# bgp confederation Specify BGP Confederation Identifier, to others the group
identifier 1 will appear as a single AS and the identifier as its AS
number.
ZebOS(config-router)# bgp confederation peers Specify AS 1000 and 1001 to become members of the
1000 1001 Confederation.
ZebOS(config-router)# neighbor 10.10.11.5 Define BGP neighbors for R7 and establish a TCP session
remote-as 1001 by specifying the IP addresses and the AS numbers of
ZebOS(config-router)# neighbor 10.10.15.8 neighbors.
remote-as 1002
Validation Commands
show ip bgp, show ip bgp neighbors
BGP Authentication
BGP authentication allows users to receive selected routing information, enhancing security of their network traffic.
When BGP authentication is enabled on a router, the router verifies routing packet it receives by exchanging a
password that is configured on both the sending and the receiving routers.
Note: To enable BGP authentication on TCP/IP you need to apply a kernel patch and specific MD5 libraries. Refer to
the Installation Guide for detailed information on how to apply the MD5 authentication patch and the required
libraries.
In this example, both R1 and R2 have ipi as the password. Configure the same password on all routers that are to
communicate using BGP in a network
AS200 AS300
10.10.10.10 10.10.10.11
R1 R2
R1
R2
Validation Commands
show ip bgp, show ip bgp neighbors
The ZebOS implementation leverages the Forwarding Plane Load Balancing, when the underlying kernel supports
ECMP (Equal Cost Multipath).
ZebOS installs the maximum number of ECMP routes supported by a kernel. This allows for load balancing to be
performed with more than one nexthop to reach a destination. In case the router receives and installs multiple paths
with the same administrative distance and cost to a destination, load-balancing is possible.
Ideally, multiple nexthops have different interfaces to the destination, but this is not mandatory. The algorithm for
distributing traffic across ECMP routes is dependant on the kernel and typically based on the protocol, source address,
destination address and the port.
The following example illustrates how you can enable Equal Cost Multipath (ECMP) and configure a routing protocol
(OSPF is used in this example) for load balancing. However this example will not work if your kernel does not support
load balancing. In this setup, R1, R2 and R3 are three Linux routers connected to each other. R1 can reach R3 through
two links available to R2.
N1
N3
R1 .1 .2 R2 R3
.2 .3
N2
N1 10.10.10.0/24
N2 10.10.11.0/24
N3 20.10.10.0/24
R1 - NSM
• Enable multipath support in ZebOS and set the maximum number of paths to be installed in the FIB (Forward
Information Base):
ZebOS# configure terminal
ZebOS(config)# maximum-paths 2
R1 - OSPF
• Configure OSPF on all interfaces on R1, R2 and R3.
R1 learns about R3 through 2 nexthops (both networks N1 and N2)
R1- Kernel
• Run the ip route command on R1 kernel. The kernel routing table (FIB) displays that R1 can reach R3 through
both the nexthops.
# ip route
20.10.10.0/24 proto zebra metric 20
nexthop via 10.10.10.2 dev eth1 weight 1
nexthop via 10.10.11.2 dev eth2 weight 1
10.70.0.0/24 dev eth0 scope link
10.10.0.0/24 via 10.70.0.1 dev eth0
10.10.10.0/24 dev eth1 proto kernel scope link src 10.10.10.1
10.10.11.0/24 dev eth2 proto kernel scope link src 10.10.11.1
This chapter describes configuring VLAN interfaces and using them with the ZebOS routing software. Several Virtual
LAN (VLAN) interfaces can be configured on a single ethernet interface. Once created, a VLAN interface functions the
same as any physical interface.
Note: For VLAN support, enable the configuration option 802.1Q VLAN Support under Networking Options
before compiling the kernel. If you have installed the kernel RPM provided by IPI, this option is enabled
automatically.
The ZebOS NSM recognizes VLAN interfaces like physical interfaces. Once VLAN interfaces are created in the kernel
and an IP address is assigned to them, the ZebOS commands can be used to configure and display VLAN interfaces
like any physical interface. The ZebOS routing protocols, such as, RIP, OSPF and BGP can run across networks using
VLAN interfaces.
Two systems having physical connectivity (either directly connected or connected through a switch) can communicate
with each other through VLAN interfaces that have the same VLAN IDs and belong to the same network.
If the physical interfaces are connected to a switch and not directly, the corresponding ports on the switch have to be
configured as trunks and should not be put in any VLANs in the switch. The commands to configure switch ports as
trunks depend on the make/type of the switch and hence are beyond the scope of this document.
An example is used here to describe the VLAN interface configuration. In this example, there are two routers R1 and
R2 and the interface eth1 of R1 is connected directly to eth2 using a crossover ethernet cable.
R1 R2
VLAN connection
eth1.10 eth2.10
VLAN interface eth1.10 is created on R1 and eth2.10 is created on R2. The VLAN interfaces are configured to be in
the same network. Now R1 and R2 can reach each other using the VLAN connection.
Note that the VLAN ID of both VLAN interfaces is the same (10). Two systems with different VLAN IDs are unable to
communicate even if they are in the same network (the VLAN ID is used to tag packets sent on the VLAN interface).
Configuring an IP address
Once a VLAN interface is created, configure an IP address on it. Use the ipconfig command to configure the IP address
of the VLAN interface and then use the same command to display information about the VLAN interface.
[root]# ifconfig eth1.10 inet 1.1.1.145 netmask 255.255.255.0 broadcast 1.1.1.255 up
[root]# ifconfig eth1.10
eth1.10 Link encap:Ethernet HWaddr 00:0E:0C:01:48:4D
inet addr:1.1.1.145 Bcast:1.1.1.255 Mask:255.255.255.0
inet6 addr: fe80::20e:cff:fe01:484d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:172 (172.0 b)
This chapter contains basic IPv4 and IPv6 Transition Tunneling configuration examples. To see details on the
commands used in these examples, or to see the outputs of the Validation commands, refer to the NSM Command
Reference. To avoid repetition, some Common commands, like configure terminal, have not been listed under
the Commands Used section. These Common commands are explained in the NSM Command Reference. For
commands used to enter each command mode see the Command Modes section in the Introduction chapter.
Typically, tunneling is used to transmit private data over a public network, such as the Internet. Tunnels enable carrying
of incompatible data over an existing network. For example, IPv6 data can be transmitted over IPv4 networks. Secure
tunneling protocols (such as IPSec) can be used for transfering sensitive data over public networks.
Tunneling is acheived by encapsulating IP packets of private networks within IP packets of public networks. This allows
packets destined for one IP address to be wrapped and redirected to another IP address. To encapsulate an IP packet,
an outer IP header is inserted before the packet’s existing header. The source and destination addresses in the inner
IP header, specify the original sender and recipient of the packet.
eth1 .1 .2 eth1
eth1 eth2
R2
10.100.1.0/24 .2 .1 10.200.1.0/24
R1
ZebOS(config-if)# tunnel source 10.100.1.1 Define the IPv4 address to be used as the source address
for the tunnel interface.
ZebOS(config-if)# tunnel destination Specifies the destination IPv4 address of the tunnel
10.200.1.2 interface.
ZebOS(config-if)# ip address 9.1.2.1/24 Set the IP address of the tunnel interface.
ZebOS(config-if)# exit Exit Interface mode and enter Configure mode.
ZebOS(config)# router ospf Create an OSPF routing instance.
ZebOS(config-router)# router-id 10.70.0.57 Specify a Router ID for the OSPF routing process.
ZebOS(config-router)# network 10.100.1.0/24 Define the interface on which OSPF runs and associate the
area 0 area ID (0) with the interface (area ID 0 specifies the
backbone area).
ZebOS(config-router)# exit Exit the Router mode and enter Configure mode.
ZebOS(config)# ip route 9.3.0.0/24 Tunnel100 Configure a static route for the tunnel interface.
R2
R3
ZebOS(config-router)# router-id 10.70.0.59 Specify a Router ID for the OSPF routing process.
ZebOS(config-router)# network 10.200.1.0/24 Define the interface on which OSPF runs and associate the
area 0 area ID (0) with the interface (area ID 0 specifies the
backbone area).
ZebOS(config-router)# exit Exit the Router mode and enter Configure mode.
ZebOS(config)# ip route 9.1.0.0/24 Tunnel100 Configure a static route for the tunnel interface.
Validation Commands
show interface, show ip route
2001:420:ffff:a::2/64 3ffe:b00:ffff:a::2/64
eth1 eth2
R2
192.168.1.2 192.168.2.1
IPv4 Network
3ffe:b00:ffff:2::1/64 3ffe:b00:ffff:2::2/64
R1
R3
ZebOS(config-router)# router-id 10.70.0.57 Specify a Router ID for the OSPF routing process.
ZebOS(config-router)# network 192.168.2.0/24 Define the interface on which OSPF runs and associate the
area 0 area ID (0) with the interface (area ID 0 specifies the
backbone area).
Validation Commands
show interface, show ipv6 route
2001:420:ffff::/48 3ffe:b00:ffff::/48
GRE Tunnel
IPv6 eth2 Tunnel100 Tunnel100 eth2 IPv6
Network R1 R3
Network
2001:420:ffff:a::2/64 3ffe:b00:ffff:a::2/64
eth1 eth2
R2
192.168.1.2 192.168.2.1
IPv4 Network
3ffe:b00:ffff:2::1/64 3ffe:b00:ffff:2::2/64
R1
R3
Validation Commands
show interface, show ipv6 route
2002:coa8:101::/48 2002:coa8:202::/48
6to4 Tunnel
IPv6 eth2 Tunnel100 Tunnel100 eth2 IPv6
Site R1 R3
Site
eth1 .1 .2 eth1
2002:coa8:101:1::10/64 2002:coa8:202:2::10/64
eth1 eth2
R2
192.168.1.0/24 .2 .1 192.168.2.0/24
R1
R2
Validation Commands
show interface, show ipv6 route
eth1 .1 .2 eth1
2002:coa8:101:1::10/64 3ffe:b00:ffff:a::1/64
eth1 eth2
R2
192.168.1.0/24 .2 .1 192.168.2.0/24
R1
R2
R3
Validation Commands
show interface, show ipv6 route
R1
H1
ZebOS(config-if)# tunnel destination Specifies the destination IPv4 address of the tunnel
10.100.1.1 interface.
ZebOS(config-if)# tunnel source 10.100.1.2 Define the IPv4 address to be used as the source address
for the tunnel interface.
Validation Commands
show interface, show ipv6 route
C H
command abbreviation 5 how to configure a route-reflector 49
command abbreviations 5 how to configure an area border router 25
command line errors 5 how to configure cost in OSPF 27
command line help 4 how to configure route-map 47
command line interface how to configure virtual links 29
syntax 4 how to configure VLAN interface 59
Command Modes how to enable authentication on an area 31
address family 7 how to enable authentication on an interface 31
key chain 7 how to enable BGP 45
path 7 how to enable IS-IS 33
route-map 7 how to enable OSPF on an interface 21
router 6 how to enable rip 11
command modes how to enable static routing 9
definitions 6 how to redistribute routes into OSPF 26
command nodes how to set priority in OSPF 23
I P
Interface, command mode definition 6 parenthesis not part of command 1
intra-site automatic tunnel address protocol 76 path command mode 7
IP-IP tunneling 63 Privileged Exec, command mode definition 6
IPv4 and IPv6 transition tunneling 63
IPv4 Tunneling 63 Q
IPv6 transition
6to4 automatic tunnel 72 question mark 1
6to4 relay 74
configured tunnel 66
GRE tunnel 69 R
ISATAP automatic tunnel 76 redistribute routes 26
ISATAP automatic tunnel 76 redistributing routes into IS-IS 37
IS-IS configuration 33 redistributing routes into OSPF 26
configuring metric 38 RIP Configuration
enabling IS-IS on an interface 33 RIPv2 authentication 13
L1 L2 area routing with multiple instances 43 RIP configuration 11
L1 L2 area routing with single instance 41 enabling rip 11
redistributing routes into IS-IS 37 RIPv2 md5 authentication 18
setting priority 35 RIPv2 text authentication-multiple keys 15
specifying the RIP version 12
K RIP configurations 11
RIP version 12
kernel patch MD5 authentication 53 route-map command mode 7
key chain command mode 7 route-map configure 47
Router Advertisement 76
L router command mode 6
route-reflector 49
L1L2 area routing 41, 43
Line, command mode definition 6 S
lowercase, meaning in command syntax notation 1
setting-priority 35
M Square brackets 1
static routes 9
manual syntax conventions 1
conventions, procedures and syntax 1 syntax help 4
MD5 authentication on BGP 53
MD5 libraries 53 T
metric in IS-IS 38
tunnel destination 76
N tunneling 63
NBMA 76 U
NSM configuration 9, 55
enabling static routing 9 UPPERCASE, meaning in command syntax notation 1
O V
OSPF configuration 21 vertical bar 1
configuring an area border router 25 virtual links 29
configuring virtual links 29 vlan interface 59
enabling authentication 31
enabling OSPF on an interface 21