Routing Options
This chapter describes routing options that apply to all dynamic routing protocols.
Routing Options (Apply, Reset and Reload) - WebUI
In the page of the WebUI, clicking these buttons has this effect:
- - Save changes in this page.
- - Discard unsaved changes. This is the same as navigating away from the page, discarding changes, and returning to the page.
- - Restart the
routed routing daemon on the Gaia appliance or computer.
Equal Cost Path Splitting
You can configure the maximum number of equal‑cost paths that will be used when there is more than one equal‑cost path to a destination. You can specify a value for the maximum number of equal‑cost paths that will be used when there is more than one equal‑cost path to a destination. Only OSPF routes and Static routes are able to use more than one "next hop"
The "next hop" algorithm that is used for forwarding when there is more than one "next hop" to a destination is Source/destination hash: A hash function is performed on the source and destination IP address of each packet that is forwarded to a multipath destination. This result is used to determine which next hop to use.
|
Important - Changing this option causes all routes to be reinstalled.
|
Configuring Equal Cost Path Splitting - WebUI
To configure equal cost path splitting using the WebUI:
- In the tree view, click .
- In the section, select the .
- Click .
Configuring Equal Cost Path Splitting - CLI (max-path-splits)
To configure equal cost path splitting using the CLI:
- Run:
set max‑path‑splits <1—8>For example: set max‑path‑splits 2
- Run:
save config
Kernel Options- Kernel Routes
Route Injection Mechanism (RIM) enables a Security Gateway to use dynamic routing protocols to propagate the encryption domain of a VPN peer Security Gateway to the internal network and then initiate back connections. When a VPN tunnel is created, RIM updates the local routing table of the Security Gateway to include the encryption domain of the VPN peer.
In Gaia, the Route Injection Mechanism adds routes directly to the kernel. For the routes to remain in the Kernel, you must configure this option.
For more about configuring RIM, see the VPN Administration Guide.
Configuring Kernel Routes - WebUI
To set kernel routes using the WebUI:
- In the tree view, click .
- In the area, select the option.
- Click .
Configuring Kernel Routes - CLI (kernel-routes)
To set kernel routes using the CLI:
- Run:
set kernel-routes on. - Run:
save config.
Protocol Rank
The protocol rank is the value that the routing daemon uses to order routes from different protocols to the same destination. It is an arbitrarily assigned value used to determine the order of routes to the same destination. Each route has only one rank associated with it, even though rank can be set at many places in the configuration. The route derives its rank from the most specific route match among all configurations.
The active route is the route installed into the kernel forwarding table by the routing daemon. In the case where the same route is contributed by more than one protocol, the one with the lowest rank becomes the active route.
Rank cannot be used to control the selection of routes within a dynamic interior gateway protocol (IGP); this is accomplished automatically by the protocol and is based on the protocol metric. Instead, rank is used to select routes from the same external gateway protocol (EGP) learned from different peers or autonomous systems.
Some protocols—BGP and aggregates—allow for routes with the same rank. To choose the active route in these cases, a separate tie breaker is used. This tie breaker is called LocalPref for BGP and weight for aggregates.
Default Ranks
A default rank is assigned to each protocol. Rank values range from 0 to 255, with the lowest number indicating the most preferred route.
The default rank values are:
Preference of
|
Default
|
Interface routes
|
0
|
OSPF routes
|
10
|
Static routes
|
60
|
RIP routes
|
100
|
Aggregate routes
|
130
|
OSPF AS external routes
|
150
|
BGP routes
|
170
|
These numbers do not generally need to be changed from their defaults. Use caution when modifying the default route ranks. Rank affects the route selection process, so unexpected consequences may occur throughout the network. Such a change should be planned carefully and take into account both the protocols being used and the location of the router in the network.
Configuring Protocol Rank - WebUI
To set route rank:
- Open the page of the WebUI.
- In the section, enter the route rank for each protocol.
- Click .
Configuring Protocol Rank - CLI (protocol-rank)
Rank is used by the routing system when there are routes from different protocols to the same destination. For each route, the route from the protocol with lowest rank number is used.
Syntax
set protocol‑rank protocol
bgp rank <0—255>
bgp rank default
rip rank <0—255>
rip rank default
ospf rank <0—255>
ospf rank default
ospfase rank <0—255>
ospfase rank default
|
Parameter
|
Description
|
rank <0—255>
|
The protocol rank value.
|
ospf rank default
|
The default rank value for OSPF is 10.
|
rip rank default
|
The default rank value for RIP is 100.
|
bgp rank default
|
The default rank value for BGP is 170.
|
ospfase rank default
|
The default rank value for OSPF ASE routes is 150.
|
Router Options - Wait for Clustering
In a clustering environment, Wait for Clustering has this effect on RIP, PIM and OSPF routing:
|
|
|
|
|
WebUI
|
CLI
|
The routed routing daemon
|
Selected
|
on
|
- Does not start the routing protocols if the cluster state is down.
- Turns on the routing protocols after the cluster goes up.
|
Cleared
|
off
|
Ignores the state of the cluster. The state of the routing protocols does not depend on the state of the cluster.
This is the default.
|
|
Important - Changing the setting of this option restarts the routed routing daemon. Do not change it unless instructed by Support
|
Configuring Wait for Clustering - WebUI
To set the Wait for Clustering routing option:
- In the tree view, click .
- In the area, select .
- Click .
Configuring Wait for clustering - CLI (router-options)
To turn on Wait for Clustering:
- Run:
set router-options wait for clustering on - Run:
save config
To turn off Wait for Clustering:
- Run:
set router-options wait for clustering off - Run:
save config
To show the state of the Wait for Clustering option:
show router-options
Trace Options
The routing system can optionally log information about errors and events. Logging is configured for each protocol or globally. Logging is not generally turned on during normal operations, as it can decrease performance. Log messages are saved in /var/log/routed.log
Trace Options - WebUI
To Enable Trace options:
- In the tree view, click .
- In the tab, in the area, configure:
- In the option variables area, do one of:
- Double-click an option.
- Select an option (to select multiple options, use Shift-Click) and click
- Click at the top of the page
Trace Options
Parameter
|
Description
|
|
|
Limit the maximum size of the trace file to the specified size. When the trace file reaches the specified size, it is renamed to file.0, then file1, file.2.
- Range: Integer 1-4095 (in megabytes).
- Default 1
|
|
|
- Limit the number of trace files.
- Range 1-4294967295.
- Default: 10
|
|
|
Select a table to show only that table.
|
Tips for Enabling Trace Options
You can enable
|
For example, to enable the BGP Normal option, select
|
An option.
|
|
All options for a protocol.
|
|
An option for all protocols.
|
|
All options for all protocols
|
|
For an explanation of each trace option, see the Trace Options - CLI.
To monitor an Option:
You can see the most recent trace log messages in the /var/log/routed.log log file.
- In the tree view, click .
- In the tab, enable the trace options you need.
- Click the tab.
- Configure the that you want to show at the end (the "tail") of the log file.
The minimum number of lines is 5. The maximum is 100, regardless of value entered.
- Click .
The log messages show.
Trace Options - CLI
Use the following commands to configure the log file options for trace routing.
set tracefile
size <1—4095>
size default
maxnum <1—4294967295>
maxnum default
|
Parameter
|
Description
|
size <1—4095>
|
Limits the maximum size of the trace file to the specified size, in megabytes.
|
size default
|
The default maximum trace file size is 1 MB.
|
maxnum <1—4294967295>
|
When the trace file reaches the specified size, it is renamed to file.0, then file.1, file.2, up to the maximum number of files.
|
maxnum default
|
The default maximum number of trace files is 10.
|
Global Trace options
Use the following command to turn global trace options on or off.
set trace global
adv <on | off>
parse <on | off>
traceoptions <on | off>
|
While there are trace options specific to each protocol, many protocols share a set of options. These common trace options are specified in the traceoptions variable. The following table lists the traceoption parameters.
Parameter
|
Description
|
traceoptions
|
One or more of these values:
<all | adv| general | normal | parse | policy | route | state | task | timer>
|
all
|
Trace all of the options in traceoptions.
|
adv
|
Trace the allocation of and freeing of policy blocks.
|
general
|
Trace both normal and route.
|
normal
|
Trace normal protocol occurrences. Abnormal protocol occurrences are always traced.
|
parse
|
Trace the lexical analyzer and parser.
|
policy
|
Trace the application of protocol‑ and user‑specified policy to routes being imported and exported.
|
route
|
Trace routing table changes for routes installed by this protocol or peer.
|
state
|
Trace state machine transitions in the protocols.
|
task
|
Trace system interface and processing associated with this protocol or peer.
|
timer
|
Trace timer usage by this protocol or peer.
|
BGP Trace Options
Use the following command to turn BGP trace options on or off.
set trace bgp
keepalive <on | off>
open <on | off>
update <on | off>
packets <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
keepalive
|
Trace BGP keepalive messages
|
open
|
Trace BGP open packets. These packets are sent between peers when they are establishing a connection.
|
update
|
Trace update packets. These packets provide routing updates to BGP systems.
|
packets
|
Trace all BGP protocol packets.
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
ICMP Trace Options
Use the following command to turn ICMP trace options on or off.
set trace icmp
error <on | off>
info <on | off>
routerdiscovery <on | off>
packets <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
error
|
Trace only ICMP error packets, which include:
- time exceeded
- parameter problem
- unreachable
- source quench
|
info
|
Trace only ICMP informational packets, which include:
- mask request/response
- info request/response
- echo request/response
- time stamp request/response
|
routerdiscovery
|
Trace only ICMP router discovery packets.
|
packets
|
Trace all ICMP packets.
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
IGMP Trace Options
Use the following command to turn IGMP trace options on or off.
set trace igmp
group <on | off>
leave <on | off>
mtrace <on | off>
query <on | off>
report <on | off>
request <on | off>
packets <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
group
|
Trace multicast group add, delete, refresh and accelerated leave.
|
leave
|
Trace IGMP "leave group" messages.
|
mtrace
|
Trace details of IGMP multicast traceroute request processing.
|
query
|
Trace IGMP membership query packets (both general and group‑specific).
|
report
|
Trace IGMP membership report packets (both IGMPv1 and IGMPv2).
|
request
|
Trace IGMP multicast traceroute request packets.
|
packets
|
Trace all IGMP packets.
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
IP Broadcast Helper Trace Options
Use the following command to turn IP broadcast helper trace options on or off.
set trace iphelper
packets <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
packets
|
Trace all IP broadcast helper packets.
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
Kernel Trace Options
Use the following command to turn kernel trace options on or off.
set trace kernel
iflist <on | off>
interface <on | off>
packets <on | off>
remnants <on | off>
request <on | off>
routes <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
iflist
|
Trace iflist, the interface list scan.
|
interface
|
Trace interface status messages that are received from the kernel.
|
packets
|
Trace packets that are read from the kernel
|
remnants
|
Trace remnants, which specify routes read from the kernel when the routing daemon starts.
|
request
|
Trace requests, which specify to add, delete, or change routes in the kernel forwarding table.
|
routes
|
Trace routes that are exchanged with the kernel, including add, delete, or change messages and add, delete, or change messages received from other processes.
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
MFC Trace Options
Use the following command to turn MFC trace options on or off.
set trace mfc
alerts <on | off>
cache <on | off>
interface <on | off>
mcastdist <on | off>
packets <on | off>
resolve <on | off>
wrongif <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
alerts
|
Trace multicast protocol alert callback functions.
|
cache
|
Trace log details of cache maintenance. These include:
- addition or deletion of orphan entries (in other words, entries with no route to source).
- addition or deletion of normal entries.
- cache state aging and refresh.
|
interface
|
Trace log changes requested by external routed modules (IGMP and multicast routing protocols) affecting the forwarding dependencies on an interface. These include:
- addition or deletion of a forwarding interface due to routing changes.
- changing of the parent (reverse path forwarding) interface due to routing changes.
|
mcastdist
|
Trace kernel multicast distribution entries. Both generic and PIM register encapsulation and decapsulation types.
|
packets
|
Trace all MFC related packets.
|
resolve
|
Trace kernel external resolve requests (both normal and PIM register types).
|
wrongif
|
Trace kernel multicast incoming interface violation notifications (both physical interface and PIM register types).
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
OSPF Trace Options
Use the following command to turn OSPF trace options on or off.
set trace ospf
ack <on | off>
dd <on | off>
dr <on | off>
hello <on | off>
lsa <on | off>
packets <on | off>
request <on | off>
spf <on | off>
trap <on | off>
update <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
ack
|
Trace link‑state acknowledgment packets.
|
dd
|
Trace all database description packets.
|
dr
|
Trace designated router packets.
|
hello
|
Trace hello packets.
|
lsa
|
Trace link‑state announcement packets.
|
packets
|
Trace OSPF packets.
|
request
|
Trace link‑state request packets.
|
spf
|
Trace shortest‑path‑first (SPF) calculations.
|
trap
|
Traces OSPF trap packets.
|
update
|
Trace link‑state updates packets.
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
PIM Trace Options
Use the following command to turn PIM trace options on or off.
set trace pim
assert <on | off>
bootstrap <on | off>
crp <on | off>
graft <on | off>
hello <on | off>
join <on | off>
mfc <on | off>
mrt <on | off>
packets <on | off>
rp <on | off>
register <on | off>
trap <on | off>
traceoptions <on | off>
|
The following trace options apply both to dense-mode and sparse-mode implementations:
Parameter
|
Description
|
assert
|
Trace PIM assert messages.
|
hello
|
Trace PIM router hello messages.
|
join
|
Trace PIM join/prune messages.
|
mfc
|
Trace calls to or from the multicast forwarding cache
|
mrt
|
Trace PIM multicast routing table events.
|
packets
|
Trace all PIM packets.
|
trap
|
Trace PIM trap messages.
|
all
|
Trace all PIM events and packets.
|
The following trace options apply to sparse-mode implementations only:
Parameter
|
Description
|
bootstrap
|
Trace bootstrap messages.
|
crp
|
Trace candidate‑RP‑advertisements.
|
rp
|
Trace RP‑specific events, including RP set‑specific and bootstrap‑specific events.
|
register
|
Trace register and register‑stop packets.
|
The following trace option applies to dense-mode implementations only:
Parameter
|
Description
|
graft
|
Trace graft and graft acknowledgment packets.
|
Other Trace Parameters
Parameter
|
Description
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
RIP Trace Options
Use the following command to turn BGP trace options on or off.
set trace rip
packets <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
packets
|
Trace all RIP packets.
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
Router Discovery Trace Options
Use the following command to turn ICMP router discovery trace options on or off.
set trace router‑discovery option <on | off>
traceoptions
|
Parameter
|
Description
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
VRRP Trace Options
Use the following command to turn VRRP trace options on or off.
set trace vrrp
advertise <on | off>
traceoptions <on | off>
|
Parameter
|
Description
|
advertise
|
Trace all VRRP packets.
|
traceoptions
|
<all | general | normal | policy | route | state | task | timer>
|
|
