Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring Settings on Host OS

This chapter provides information on tuning of settings on host OS to enable advanced features or to increase the scale of cRPD functionality.

Configuring ARP Scaling

cRPD uses a static route to forward traffic for routes destined to interfaces. You need to create a static route and specify the next-hop address.

To configure the cRPD container in static routing mode:

  1. Launch the cRPD container:

    root@crpd-ubuntu3:~/crpd# docker exec -it crpd01 -- /bin/bash

  2. Log in and configure static routes.

    root@crpd# cli

    root@crpd> configure

  3. View the forwarding table to verify the static routes.

    root@crpd> show route forwarding-table

  4. The maximum ARP entry number is controlled by the Linux host kernel. If there are a large number of neighbors, you might need to adjust the ARP entry limitations on the Linux host. There are options in the sysctl command on the Linux host to adjust the ARP or NDP entry limits.

    For example, to adjust the maximum ARP entries using IPv4:

    root@host:~# sysctl -w net.ipv4.neigh.default.gc_thresh1=4096

    root@host:~# sysctl -w net.ipv4.neigh.default.gc_thresh2=8192

    root@host:~# sysctl -w net.ipv4.neigh.default.gc_thresh3=8192

    For example, to adjust the maximum ND entries using IPv6:

    root@host:~# sysctl -w net.ipv6.neigh.default.gc_thresh1=4096

    root@host:~# sysctl -w net.ipv6.neigh.default.gc_thresh2=8192

    root@host:~#sysctl -w net.ipv6.neigh.default.gc_thresh3=8192

Configuring OSPFv2/v3

To allow more number of OSPFv2/v3 adjacencies on cRPD:

Increase the IGMP membership limit.

root@host:~# sysctl -w net.ipv4.igmp_max_memberships=1000

Configuring MPLS

To configure MPLS:

  1. Load the MPLS modules in the container using modprobe or insmod :

    root@crpd-ubuntu3:~# modprobe mpls_iptunnel

    root@crpd-ubuntu3:~# modprobe mpls_router

    root@crpd-ubuntu3:~# modprobe iptunnel

  2. Verify the MPLS modules loaded in host OS.
  3. After loading the mpls_router on the host, configure the following commands to activate MPLS on the interface.

    root@host:~#sudo sysctl -w net.mpls.platform_labels=1048575

Adding MPLS Routes

To add MPLS routes to host using the iproute2 utility:

  1. Run the following command to add the mpls routes to the host OS.

    root@host:~#ip -f mpls route add 100 as 200/300 via inet 192.0.2.2 dev swp1

  2. Run the following command to view the mpls routes.

    root@host:~#ip -f mpls route show

Adding Routes with MPLS label

To add routes to host by encapsulating the packets with MPLS label using the iproute2 utility:

  1. Run the following command to encapsulate the packets to host OS.

    root@host:~#ip route add 192.0.2.1/30 encap mpls 200 via inet 192.1.1.1 dev swp1

  2. Run the following command to view the mpls routes.

    root@host:~#ip route show

Creating a VRF device

To instantiate a VRF device and associate it with a table:

  1. Run the following command to create a VRF device.

    root@host:~#ip link add dev NAME type vrf table ID

  2. Run the following command to view the created VRFs.

    root@host:~#ip [-d] link show type vrf

  3. Run the following command to view the list of VRFs in the host OS.

    root@host:~#ip vrf show

Assigning a Network Interface to a VRF

Network interfaces are assigned to a VRF by enslaving the netdevice to a VRF device. On enslavement, connected and local routes are automatically moved to the table associated with the VRF device.

To assign a network interface to a VRF:

Run the following command to assign a interface.

root@host:~#ip link set dev <name> master <name>

root@host:~#ip link set dev eth0 master mgmt

Viewing the Devices assigned to VRF

To view the devices:

Run the following command to view the devices assigned to a VRF.

root@host:~#ip link show vrf <name>

root@host:~#ip link show vrf red

root@host:~#ip link show master <NAME>

Viewing Neighbor Entries to VRF

To list the neighbor entries associated with devices enslaved to a VRF device:

Run the following command to add the primary option to the ip command:

root@host:~#ip [-6] neigh show vrf <NAME>

root@host:~#ip neigh show vrf red

root@host:~#ip -6 neigh show vrf red

root@host:~#ip [-6] neigh show master <NAME>

Viewing Addresses for a VRF

To show addresses for interfaces associated with a VRF:

Run the following command to add the primary option to the ip command:

root@host:~#ip addr show vrf <NAME>

root@host:~#ip addr show vrf red

root@host:~#ip addr show master <NAME>

Viewing Routes for a VRF

To view routes for a VRF:

  1. Run the following command to view the IPv6 routes table associated with the VRF device:

    root@host:~# ip [-6] route show vrf NAME

    root@host:~# ip [-6] route show table ID

  2. Run the following command to do a route lookup for a VRF device:

    root@host:~# ip [-6] route get vrf <NAME> <ADDRESS>

    root@host:~# ip route get 192.0.2.1 vrf red

    root@host:~# ip [-6] route get oif <NAME> <ADDRESS>

    root@host:~# ip -6 route get 2001:db8::32 vrf red

  3. Run the following command to view the IPv4 routes in a VRF device:

    root@host:~# Ip route list table <table-id>

    root@host:~# Ip route list table <table-id>

Removing Network Interface from a VRF

Network interfaces are removed from a VRF by breaking the enslavement to the VRF device

Run the following command to remove the network interface:

root@host:~# ip link set dev NAME nomaster

After removing the network interface, connected routes are moved to the default table and local entries are moved to the local table.