Configuring an IP Router with CLI

This section provides information to configure an IP router.

Topics in this section include:

  1. Router Configuration Overview
  2. Basic Configuration
  3. Common Configuration Tasks
  4. Service Management Tasks

Router Configuration Overview

On a 7705 SAR, an interface is a logical named entity. An interface is created by specifying an interface name under the config>router context, the global router configuration context where objects like static routes and dynamic routing are defined. An IP interface name can be up to 32 alphanumeric characters long, must start with a letter, and is case-sensitive; for example, the interface name “1.1.1.1” is not allowed, but “int-1.1.1.1” is allowed.

To create an interface on an Alcatel-Lucent 7705 SAR, the basic configuration tasks that must be performed are:

  1. assign a name to the interface
  2. associate an IP address with the interface
  3. associate the interface with a network interface or the system interface
  4. configure appropriate routing protocols

A system interface and network interface should be configured.

System Interface

A system interface is a virtual interface similar to other interfaces but with only some operational parameters. The IP address, shutdown and no shutdown attributes are the only operational parameters for the system interface.

The system interface must have an IP address with a 32-bit subnet mask. The system interface is associated with the node (such as a specific 7705 SAR), not a specific interface. The system interface is also referred to as the loopback interface. The system interface is associated during the configuration of the following entities:

  1. LSP creation (next hop) — when configuring MPLS paths and LSPs
  2. the addresses on a target router — to set up an LDP or OSPF session between neighbors and to configure SDPs (the system interface is the service tunnel endpoint)

The system interface is used to preserve connectivity (when alternate routes exist) and to decouple physical connectivity and reachability. If an interface carrying peering traffic fails, and there are alternative routes to the same peer system interface, peering could be either unaffected or re-established over the alternate routes. The system interface IP address is also used for pseudowire/VLL signaling (via targeted LDP).

The system interface is used as the router identifier if a router ID has not been explicitly configured.

Network Interface

A network interface can be configured on a physical or logical port.

On the 2-port 10GigE (Ethernet) Adapter card/module, the network interface can only be created on the v-port (not the ring ports).

Basic Configuration

Note:

Refer to Filter Policies and Route Policies for information on configuring these policies.

The most basic router configuration must have the following:

  1. system name
  2. system address

The following example displays a router configuration.

A:ALU-A> config# info
. . .
#------------------------------------------
# Router Configuration
#------------------------------------------
    router
        interface "system"
            address 10.10.10.103/32
        exit
        interface "to-104"
            address 10.0.0.103/24
            port 1/1/1
            exit
        exit
#------------------------------------------
A:ALU-A> config#

Common Configuration Tasks

The following sections describe basic system tasks:

  1. Configuring a System Name
  2. Configuring Interfaces
  3. Configuring IPv6 Parameters
  4. Configuring Router Advertisement
  5. Configuring ECMP
  6. Configuring Static Routes
  7. Configuring or Deriving a Router ID
  8. Configuring an Autonomous System
  9. Configuring ICMP and ICMPv6
  10. Configuring a DHCP Relay Agent
  11. Configuring Proxy ARP
  12. Configuring a NAT Zone

Configuring a System Name

Use the system command to configure a name for the device. The name is used in the prompt string. Only one system name can be configured. If multiple system names are configured, the last one configured will overwrite the previous entry.

If special characters are included in the system name string, such as spaces, #, or ?, the entire string must be enclosed within double quotes.

Use the following CLI syntax to configure the system name:

CLI Syntax:
config# system
name system-name
Example:
config# system
config>system# name ALU-A
ALU-A>config>system# exit all
ALU-A#

The following example displays the system name output.

A:ALU-A>config>system# info
#------------------------------------------
# System Configuration
#------------------------------------------
        name "ALU-A"
        location "Kanata, ON, Canada"
        snmp
        exit
        . . . 
        exit
----------------------------------------------

Configuring Interfaces

The following command sequences create a system interface and a logical IP interface. The system interface assigns an IP address to the interface, and then associates the IP interface with a physical port. The logical interface can associate attributes like an IP address or port.

The system interface cannot be deleted.

Configuring a System Interface

Use the following CLI syntax to configure a system interface:

CLI Syntax:
config>router
interface ip-int-name
address {ip-addr/mask-length}| {ip-addr/netmask}
Example:
config>router# interface system
config>router>if# address 10.10.10.104/32
config>router>if# exit

Configuring a Network Interface

On the 2-port 10GigE (Ethernet) Adapter card/module, a network address is assigned to the v-port only.

Use the following CLI syntax to configure a network interface:

CLI Syntax:
config>router
interface ip-int-name
address {ip-addr/mask-length | ip-addr/netmask | dhcp} [client-identifier [ascii-value | interface-name]] [vendor-class-id vendor-class-id]
egress
agg-rate-limit agg-rate [cir cir-rate]
filter ip ip-filter-id
queue-policy name
ingress
filter ip ip-filter-id
port port-name
Example:
config>router> interface "to-ALU-2"
config>router>if# address 10.10.24.4/24
config>router>if# port 1/1/1
config>router>if# egress
config>router>if>egress# filter ip 12
config>router>if>egress# exit
config>router>if# ingress
config>router>if>ingress# filter ip 10
config>router>if>ingress# exit
config>router>if# exit

The preceding syntax example shows a configuration where the address is entered manually. To have the interface enabled for dynamic address assignment, use the dhcp keyword and, optionally, assign client ID and vendor class ID.

In addition, to apply and configure a per-VLAN network egress aggregate shaper, use the queue-policy and agg-rate-limit commands.

The following example displays the IP configuration output showing the interface information.

A:ALU-A>config>router# info 
#------------------------------------------
# IP Configuration
#------------------------------------------
        interface "system"
            address 10.10.0.4/32
        exit
        interface "to-ALU-2"
            address 10.10.24.4/24
            port 1/1/1
            ingress
                filter ip 10
            exit

Creating an IPv6 Network Interface

When configuring an IPv6 interface, a link-local address (FE80::x:x:x:x:x:x:x/64) is automatically generated after the CLI command ipv6 is given. If the port is already assigned to the interface when IPv6 is enabled, the link-local address is derived from the port MAC address. Otherwise, the link-local address is derived from the system MAC address.

In either case, if the configuration file is saved and the node is rebooted, the port will be assigned to the interface before IPv6 is enabled and the link-local address will be derived from the port MAC address. This means that the link-local address will change after the node is rebooted if it was derived from the system MAC address before the reboot.

To avoid having the link-local address change after a reboot, IPv6 on the interface should be configured in the following order. This will ensure that the link-local address is derived from the port MAC address and will therefore not change after a reboot.

CLI Syntax:
config>port
config>router
interface ip-int-name
port port-name
ipv6
address ipv6-address/prefix-length [eui-64]

Configuring IPv6 Parameters

IP version 6 (IPv6) addresses are supported on:

  1. access ports (IES only); for a complete list of cards and ports that support IES IPv6 SAPs, refer to the 7705 SAR OS Services Guide, “IES for Customer Traffic”
  2. network ports (null or dot1q encapsulation) on:
    1. 2-port 10GigE (Ethernet) Adapter card (v-port only)
    2. 8-port Ethernet Adapter card, version 2
    3. 6-port Ethernet 10Gbps Adapter card
    4. 8-port Gigabit Ethernet Adapter card
    5. 10-port 1GigE/1-port 10GigE X-Adapter card
    6. Packet Microwave Adapter card
    7. Ethernet ports on the 7705 SAR-F
    8. Ethernet ports on the 7705 SAR-M (all variants)
    9. Ethernet ports on the 7705 SAR-A (all variants)
    10. Ethernet ports on the 7705 SAR-W
    11. Ethernet ports on the 7705 SAR-Wx (all variants)
    12. Ethernet ports on the 7705 SAR-H
    13. Ethernet ports on the 7705 SAR-Hc
    14. Ethernet management port
    15. DSL module ports when the module is installed in the 7705 SAR-M (variants with module slots)
    16. GPON module ports when the module is installed in the 7705 SAR-M (variants with module slots)
    17. 2-port 10GigE (Ethernet) module (v-port only) when the module is installed in the 7705 SAR-M (variants with module slots)
    18. GPON interface via SFP in the 7705 SAR-W
  3. network ports on the 4-port OC3/STM1 Clear Channel Adapter card (POS encapsulation)

Use the following CLI syntax to configure IPv6 parameters:

CLI Syntax:
config>router
interface ip-int-name
ipv6
address ipv6-address/prefix-length [eui-64]
neighbor ipv6-address mac-address
Example:
config>router# interface “ipv6-interface”
config>router>if# ipv6
config>router>if>ipv6# address 1080:6809:8086:6502::1/64

Configuring Router Advertisement

To configure the router to originate router advertisement messages, the router-advertisement command must be enabled. All other router advertisement configuration parameters are optional. Router advertisement on all IPv6-enabled interfaces will be enabled.

Use the following CLI syntax to enable router advertisement and configure router advertisement parameters:

CLI Syntax:
config>router
router-advertisement
interface ip-int-name
current-hop-limit number
managed-configuration
max-advertisement-interval seconds
min-advertisement-interval seconds
mtu mtu-bytes
other-stateful-configuration
prefix ipv6-prefix/prefix-length
autonomous
on-link
preferred-lifetime {seconds | infinite}
valid-lifetime {seconds | infinite}
reachable-time milli-seconds
retransmit-time milli-seconds
router-lifetime seconds
no shutdown
Example:
config>router# router-advertisement
config>router>router-advert# interface “n1”
config>router>router-advert>if# prefix 3::/64
config>router>router-advert>if>prefix# autonomous
config>router>router-advert>if>prefix# on-link
config>router>router-advert>if>prefix# preferred-lifetime 604800
config>router>router-advert>if>prefix# valid-lifetime 2592000

The following example displays a router advertisement configuration:

A:ALU-A>config>router>router-advert# info 
------------------------------------------
            interface “n1”
                prefix 3::/64
                exit
                no shutdown
------------------------------------------
A:ALU-A>config>router>router-advert# interface n1
A:ALU-A>config>router>router-advert>if# prefix 3::/64
A:ALU-A>config>router>router-advert>if>prefix# into detail
------------------------------------------
                      
                      autonomous
                      on-link
                      preferred-lifetime 604800
                      valid-lifetime 2592000
------------------------------------------
A:ALU-A>config>router>router-advert>if>prefix#

Configuring ECMP

ECMP (Equal-Cost Multipath Protocol) refers to the distribution of packets over two or more outgoing links that share the same routing cost. The 7705 SAR load-balances traffic over multiple equal-cost links with a hashing algorithm that uses header fields from incoming packets to calculate which link to use. By adding additional fields to the algorithm, you can increase the randomness of the results and ensure a more even distribution of packets across available links. ECMP is supported on static routes and dynamic (OSPF, IS-IS, and BGP) routes. The 7705 SAR supports ECMP for LDP and IP traffic.

If multiple routes are learned with an identical preference using the same protocol, the lowest-cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the configuration of ECMP in the config>router context.

Use the following CLI syntax to configure ECMP, enable it and specify the maximum number of routes to be used for route sharing (up to 8):

CLI Syntax:
config>router
ecmp max-ecmp-routes
Example:
config>router# ecmp 7
config>router# exit

Configuring Static Routes

The 7705 SAR supports both static routes and dynamic routing to next-hop addresses.

For information on configuring OSPF, RIP, IS-IS, and BGP routing, refer to the 7705 SAR OS Routing Protocols Guide.

Only one next-hop IP address can be specified per IP interface for static routes.

Use the following CLI syntax to create static route entries:

CLI Syntax:
config>router
static-route {ip-prefix/prefix-length} | {ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] next-hop {ip-address} [bfd-enable] [ldp-sync]
Example:
config>router# static-route 192.168.250.0/24 preference 5 metric 1 enable next-hop 10.200.10.3 ldp-sync
config>router# exit
Note:

If ldp-sync is enabled on a static route, the ldp synchronization timer must also be configured on the associated interface, using the config>router>if>ldp-sync-timer command.

Configuring or Deriving a Router ID

The router ID defaults to the address specified in the system interface command. If the system interface is not configured with an IP address, the router ID inherits the last 4 bytes of the MAC address. Alternatively, the router ID can be explicitly configured with the config>router>router-id command.

When configuring a new router ID, protocols are not automatically restarted with the new router ID. The next time a protocol is initialized, the new router ID is used. To force the new router ID, issue the shutdown and no shutdown commands for OSPF, IS-IS, or BGP, or restart the entire router.

Use the following CLI syntax to configure a router ID:

CLI Syntax:
config>router
router-id ip-address
interface ip-int-name
address {ip-address/mask | ip-address netmask}

The following example displays a router ID configuration:

A:ALU-B>config>router# info
#------------------------------------------
# IP Configuration
#------------------------------------------
        interface "system"
            address 10.10.10.104/32
        exit
        interface "to-103"
            address 10.0.0.104/24
            port 1/1/1
        exit
        router-id 10.10.10.104
...
#------------------------------------------
A:ALU-B>config>router# 

Configuring an Autonomous System

Configuring an autonomous system is optional.

Use the following CLI syntax to configure an autonomous system:

CLI Syntax:
config>router
autonomous-system as-number

The following displays an autonomous system configuration example:

A;ALU-B>config>router# info
#------------------------------------------
# IP Configuration
#------------------------------------------
     interface "system"
          address 10.10.10.103/32
     exit
     interface "to-104"
          address 10.0.0.103/24
          port 1/1/1
     exit
     exit
     autonomous-system 100
     router-id 10.10.10.103
#------------------------------------------
A:ALU-B>config>router#

Configuring ICMP and ICMPv6

Use the following CLI syntax to configure ICMP for the router:

CLI Syntax:
config>router
interface ip-int-name
icmp
mask-reply
ttl-expired number seconds
unreachables number seconds

The number and seconds parameters represent how many of each of these types of ICMP errors the node will generate in the specified interval on the specified interface.

Example:
config>router>if# icmp
config>router>if>icmp# mask-reply
config>router>if>icmp# ttl-expired 100 20
config>router>if>icmp# unreachables 100 20

Use the following CLI syntax to configure ICMPv6 for the router:

CLI Syntax:
config>router
interface ip-int-name
ipv6
icmp6
packet-too-big number seconds
param-problem number seconds
time-exceeded number seconds
unreachables number seconds

The number and seconds parameters represent how many of each of these types of ICMPv6 errors the node will generate in the specified interval on the specified interface.

Example:
config>router>if>ipv6# icmp6
config>router>if>ipv6>icmp6# packet-too-big 100 20
config>router>if>ipv6>icmp6# param-problem 100 20
config>router>if>ipv6>icmp6# time-exceeded 100 20
config>router>if>ipv6>icmp6# unreachables 100 20

Configuring a DHCP Relay Agent

Use the following CLI syntax to configure the router as a DHCP Relay agent:

CLI Syntax:
config>router
interface ip-int-name
dhcp
description description-string
option
action {replace | drop | keep}
circuit-id [ascii-tuple | port-id | if-name]
copy-82
remote-id [mac | string string]
server server1 [server2...(up to 8 max)]
no shutdown
no shutdown
Example:
A:ALU-41>config>router# interface “DHCP_interface”
A:ALU-41>config>router>if$ dhcp option
A:ALU-41>config>router>if>dhcp>option$ circuit-id ascii-tuple
A:ALU-41>config>router>if>dhcp>option$ exit

The following example displays the router DHCP Relay agent creation output.

A:ALU-41>config>router>if# info detail
-------------------------------------------
...
             dhcp
                  shutdown
                  no description
                  option
                      action keep
                      circuit-id ascii-tuple
                      no remote-id
                      no copy-82
                  exit
                  no server
             no shutdown...
-------------------------------------

Configuring Proxy ARP

To configure proxy ARP, you must first:

  1. configure a prefix list in the config>router>policy-options>prefix-list context
  2. configure a route policy statement in the config>router>policy-options>policy-statement context and apply the prefix list
    1. in the config>router>policy-options>policy-statement>entry>to context, specify the host source address(es) for which ARP requests can or cannot be forwarded to non-local networks, depending on the specified action
    2. in the config>router>policy-options>policy-statement>entry>from context, specify the network prefixes that ARP requests will or will not be forwarded to, depending on the specified action if a match is found
CLI Syntax:
config>router>policy-options
begin
commit
abort
prefix-list name
prefix ip-prefix/mask [exact | longer | through length | prefix-length-range length1-length2]
policy-statement name
default-action {accept | next-entry | next-policy | reject}
entry entry-id
action {accept | next-entry | next-policy | reject}
from
prefix-list name [name...(up to 5 max)]
to
prefix-list name [name...(up to 5 max)]

The following example displays the proxy ARP configuration output.

A:ALU-B>config>router>policy-options# info
----------------------------------------------
            prefix-list "prefixlist1"
                prefix 2.2.2.0/24 exact
            exit
            policy-statement "proxyARPpolicy"
                entry 1
                    from 
                         prefix-list “prefix-list1” 
                    exit 
                    to 
                         prefix-list “prefix-list1” 
                    exit 
                    action accept 
                    exit 
                exit
                default-action reject
                exit
            exit
----------------------------------------------
A:ALU-B>config>router>policy-options#

For more information on route policies, see Route Policies.

Apply the policy statement to the proxy ARP policy in the config>router>if> proxy-arp-policy context.

CLI Syntax:
config>router
interface ip-int-name
proxy-arp-policy policy-name [policy-name...(up to 5 max)]

The following example displays the router interface proxy ARP configuration.

A:ALU-41>config>router>if# info 
-------------------------------------------
...
             address 128.251.10.59/24
             remote-proxy-arp
             proxy-arp-policy “proxyARPpolicy”
-------------------------------------------

Configuring a NAT Zone

To configure NAT, you must first:

  1. configure a NAT security profile and policy in the config>security context
    1. in the config>security>profile context, specify the timeouts for the tcp/udp/icmp protocols. This step is optional. If you do not configure the profile, a default profile is assigned.
    2. in the config>security>policy context, configure a NAT security policy, and specify the match criteria and the action to be applied to a packet if a match is found
  2. then configure a NAT zone and apply the policy ID to the zone
CLI Syntax:
config>router
abort
begin
commit
zone zone-id [create]
description description-string
interface ip-int-name [create]
name zone-name
nat
pool pool-id [create]
description description-string
direction {zone-outbound | zone-inbound | both}
entry entry-id [create]
ip-address ip-address [to ip-address] interface ip-int-name
port port [to port] interface ip-int-name
name pool-name
policy policy-id | policy-name
shutdown

The following example displays the NAT zone configuration output.

A:ALU-B>config>router# info
----------------------------------------------
        configure
            router
                zone 1 create
                begin
                    name “GRT zone”
                    description “uplink zone to public” 
                    nat 
                        pool 1 create 
                            description "pool 1" 
                            direction zone-outbound 
                            entry 1 create 
                                ip-addr 68.193.0.1 
                                port 5000 to 6000 
                            exit 
                        exit 
                    exit 
                    policy 1  
                    commit 
                exit
                no-shutdown
----------------------------------------------
A:ALU-B>config>router#

Service Management Tasks

This section discusses the following service management tasks:

  1. Changing the System Name
  2. Modifying Interface Parameters
  3. Deleting a Logical IP Interface

Changing the System Name

The system command sets the name of the device and is used in the prompt string. Only one system name can be configured. If multiple system names are configured, the last one configured will overwrite the previous entry.

Use the following CLI syntax to change the system name:

CLI Syntax:
config# system
name system-name
Example:
A:ALU-A>config>system# name tgif
A:TGIF>config>system#

The following example displays the system name change.

A:ALU-A>config>system# name TGIF
A:TGIF>config>system# info
#------------------------------------------
# System Configuration
#------------------------------------------
        name "TGIF"
     location "Kanata, ON, Canada"
     snmp
        exit
        security
            snmp
                community "private" rwa version both
            exit
        exit
        . . .
----------------------------------------------
A:TGIF>config>system#

Modifying Interface Parameters

Starting at the config>router level, navigate down to the router interface context.

To modify an IP address, perform the following steps:

Example:
A:ALU-A>config>router# interface "to-sr1"
A:ALU-A>config>router>if# shutdown
A:ALU-A>config>router>if# no address
A:ALU-A>config>router>if# address 10.0.0.25/24
A:ALU-A>config>router>if# no shutdown

To modify a port, perform the following steps:

Example:
A:ALU-A>config>router# interface "to-sr1"
A:ALU-A>config>router>if# shutdown
A:ALU-A>config>router>if# no port
A:ALU-A>config>router>if# port 1/1/2
A:ALU-A>config>router>if# no shutdown

The following example displays the interface configuration.

A:ALU-A>config>router# info
#------------------------------------------
# IP Configuration
#------------------------------------------
        interface "system"
            address 10.0.0.103/32
        exit
        interface "to-sr1"
            address 10.0.0.25/24
            port 1/1/2
        exit
        router-id 10.10.10.104
 
#------------------------------------------
A:ALU-A>config>router# 

Deleting a Logical IP Interface

The no form of the interface command typically removes the entry, but all entity associations must be shut down and/or deleted before an interface can be deleted.

  1. Before an IP interface can be deleted, it must first be administratively disabled with the shutdown command.
  2. After the interface has been shut down, it can then be deleted with the no interface command.
CLI Syntax:
config>router
no interface ip-int-name
Example:
config>router# interface test-interface
config>router>if# shutdown
config>router>if# exit
config>router# no interface test-interface
config>router#