IP Routing Manager

The IRM (also known as Zebra), is a daemon responsible for managing the routing table and communicating with the dataplane to install and withdraw routes and other routing/interface options.

The IP Routing Manager provides a unified interface for different routing protocols and allows for dynamic route updates based on protocol-specific events. It supports a variety of routing protocols such as OSPF, BGP, RIP, and IS-IS, as well as other features like route filtering, and route redistribution.

Interface Commands

Standard Commands

interface IFNAME

The interface command is used to enter interface configuration mode for a specific network interface.

  • IFNAME: Specifies the name of the interface to be configured.

Example:

soodar(config)# interface ge0
soodar(config-if)#

This command allows the user to configure the settings for the ge0 interface, such as IP address and interface features like Quality of Service (QoS), MPLS, and so on. The specific commands available in interface configuration mode depend on the type of interface being configured.

shutdown

The command is used to disable a specific interface on a network device. When an interface is shut down, it stops transmitting and receiving traffic. To re-enable the interface, use the no shutdown command in interface configuration mode.

Note

It is important to note that shutting down an interface will cause any routes that depend on that interface to be removed from the routing table. Additionally, any neighbor relationships established on that interface will also be lost. Therefore, it is recommended to use the shutdown command with caution and only when necessary.

ip address ADDRESS/PREFIX

The command is used to assign an IP address and subnet mask to an interface in a device.

  • ADDRESS/PREFIX: specifies the IP address and subnet mask for the interface in CIDR notation.

Here’s an example of how to assign an IP address to an interface:

soodar(config)# interface ge0
soodar(config-if)# ip address 192.168.1.1/24

This would assign the IP address 192.168.1.1 with a prefix length of 24 to the ge0 interface.

ipv6 address ADDRESS/PREFIX [eui-64]

The command is used to assign an IPv6 address and subnet mask to an interface in a device.

  • ADDRESS/PREFIX: specifies the IPv6 address and subnet mask for the interface in CIDR notation.

  • eui-64: (Optional) This keyword enables the automatic configuration of the interface ID using the EUI-64 method. This method uses the MAC address of the device to construct the interface ID portion of the IPv6 address.

ip address LOCAL-ADDR peer PEER-ADDR/PREFIX

The command is used in a point-to-point link configuration to specify the IP addresses for the local and remote ends of the link. (The concept of PtP addressing does not exist for IPv6). The command is used on the local device to assign an IP address to the local interface of the link, and to specify the IP address of the remote end of the link.

  • LOCAL-ADDR: the IP address to assign to the local interface of the link.

  • peer PEER-ADDR/PREFIX: specifies the IP address of the remote end of the link. PEER-ADDR is the IP address of the remote end and PREFIX specifies the length of the prefix in bits.

Note

local address has no subnet mask since the local side in PtP addressing is

always a single (/32) address.

Note

peer address and prefix can be an arbitrary subnet behind the other end of the link (or even on the link in Point-to-Multipoint setups), though generally /32s are used.

Note

This command is commonly used in point-to-point links such as tunnels.

Example:

soodar(config)# interface tunnel10
soodar(config-if)#tunnel source 200.1.2.1
soodar(config-if)#tunnel destination 200.1.2.2
soodar(config-if)#ip address 10.1.1.1 peer 10.1.1.2/32

For example, these commands would create a GRE tunnel and assign the IP address 10.1.1.1/32 to the local interface and specify that the remote end of the link has the IP address 10.1.1.2/32.

mac-address X:X:X:X:X:X

The command is used to configure the Media Access Control (MAC) address for that interface. The no form of this command reset the interface MAC address to the original one.

  • X:X:X:X:X:X: Represents the MAC address you want to assign to the interface. A MAC address consists of six pairs of hexadecimal digits separated by colons (e.g., 00:1A:2B:3C:4D:5E).

Note

This MAC address can’t be multicast or zero address.

Note

Manually changing a MAC address should be done with caution, as MAC addresses are typically unique and play a role in device identification on a network. Changing a MAC address can have network-related consequences.

description DESCRIPTION ...

The command is used to add a description to an interface. This command allows the network administrator to add a human-readable description to the interface configuration, which can help identify the interface’s purpose or its location.

  • DESCRIPTION: is the description text, which can be up to 240 characters long

For example, the following command sets a description for interface ge0:

soodar(config)# interface ge0
soodar(config-if)# description Main office LAN

This will set the description for ge0 to “Main office LAN”. The description will appear in the output of commands like “show interface” and can be used to help identify the interface’s function.

multicast

Enable or disables multicast flag for the interface.

bandwidth (1-10000000)

The bandwidth command is used to manually set the bandwidth value for an interface. The bandwidth value is a measure of the speed of the interface and is used by routing protocols to calculate the best path for traffic. By default, the bandwidth of an interface is calculated based on its physical characteristics, but the bandwidth command can be used to manually set the value.

  • (1-10000000): is the bandwidth value to be set in kilobits per second (kbps). The valid range is 1 to 10,000,000 kbps.

Note

Setting the bandwidth manually may affect the routing decisions made by the router and should be used with caution. It is recommended to leave the bandwidth value to be calculated automatically unless there is a specific reason to override it.

Note

This command does not affect the actual device configuration.

The command enables the automatic detection of the physical link state changes on an interface. When this command is enabled, the device will monitor the status of the physical link and take appropriate action when changes are detected. This command can be useful for monitoring and managing the connectivity between devices and for quickly identifying and troubleshooting link failures.

Note

the “link-detect” command is automatically enabled by default on all interfaces. It can be disabled using the “no link-detect” command.

URPF

URPF is a security mechanism used to validate the source address of incoming traffic to a network. It helps to prevent attacks where an attacker spoofs the source IP address of their traffic to make it appear to come from a trusted source. URPF filters out traffic that is not from a valid source IP address, thereby reducing the possibility of network attacks.

URPF works by comparing the source IP address of incoming traffic to the routing table of the network. If the source IP address is not found in the routing table, the traffic is discarded. URPF can be configured in two modes: strict mode and loose mode. In strict mode, only traffic with a source IP address that is reachable through the receiving interface is allowed. In loose mode, traffic with a source IP address that can be reached through any interface is allowed.

ip verify unicast source reachable-via [rx | any]

The ip verify unicast command is used to enable Unicast Reverse Path Forwarding (uRPF) on an interface.

  • rx: This option specifies that the source IP address should be reachable through the received interface( Strict mode).

  • any: This option specifies that the source IP address should be reachable( Loose mode).

Administrative Distance

Administrative distance allows IRM to make decisions about what routes should be installed in the rib based on the originating protocol. The lowest Admin Distance is the route selected. This is purely a subjective decision about ordering and care has been taken to choose the same distances that other routing suites have chosen.

Protocol

Distance

System

0

Connect

0

Static

1

Wireguard

1

EBGP

20

EIGRP

90

OSPF

110

ISIS

115

RIP

120

IBGP

200

An admin distance of 255 indicates to IRM that the route should not be installed into the Data Plane. Additionally routes with an admin distance of 255 will not be redistributed.

Virtual Routing and Forwarding

See also

VRF

show ip route vrf VRF

The command is used to display the IP routing table for a specific VRF (Virtual Routing and Forwarding) instance. This command is useful when troubleshooting network connectivity issues or verifying the routing table on a particular VRF.

  • VRF: Specifies the name of the VRF for which the routing table is to be displayed.

When this command is executed, the output will display all the routes that are installed in the routing table of the specified VRF, along with the next-hop address, the metric, the administrative distance, and the route type.

show <ip|ipv6> route summary [vrf VRF] [prefix]

The command displays a summary of the routing table entries.

  • vrf VRF: This parameter is optional and specifies the VRF table to display the summary for.

  • prefix: This parameter is also optional and limits the summary to the specified IP prefix.

ECMP

Soodar supports ECMP as part of normal operations and is generally compiled with a limit of 64 way ECMP. Individual protocols each have their way of dictating ECMP policy and their respective documentation should be read.

ECMP can be inspected in IRM by doing a show ip route X command.

soodar# show ip route 4.4.4.4/32
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

S>* 4.4.4.4/32 [150/0] via 192.168.161.1, ge0, weight 1, 00:00:02
  *                    via 192.168.161.2, ge0, weight 1, 00:00:02
  *                    via 192.168.161.3, ge0, weight 1, 00:00:02
  *                    via 192.168.161.4, ge0, weight 1, 00:00:02
  *                    via 192.168.161.5, ge0, weight 1, 00:00:02
  *                    via 192.168.161.6, ge0, weight 1, 00:00:02
  *                    via 192.168.161.7, ge0, weight 1, 00:00:02
  *                    via 192.168.161.8, ge0, weight 1, 00:00:02
  *                    via 192.168.161.9, ge0, weight 1, 00:00:02
  *                    via 192.168.161.10, ge0, weight 1, 00:00:02
  *                    via 192.168.161.11, ge0, weight 1, 00:00:02
  *                    via 192.168.161.12, ge0, weight 1, 00:00:02
  *                    via 192.168.161.13, ge0, weight 1, 00:00:02
  *                    via 192.168.161.14, ge0, weight 1, 00:00:02
  *                    via 192.168.161.15, ge0, weight 1, 00:00:02
  *                    via 192.168.161.16, ge0, weight 1, 00:00:02

In this example, we have a 16-way ECMP for the 4.4.4.4/32 route. The * character tells us that the route is installed in the Data Plane or FIB.

MPLS Commands

You can configure static MPLS entries in IRM. Handling MPLS consists of popping, swapping or pushing labels to IP packets.

MPLS Acronyms

LSR

Networking devices handling labels used to forward traffic between and through them.

LER

A Labeled edge router is located at the edge of an MPLS network, generally between an IP network and an MPLS network.

MPLS Push Action

The push action is generally used for LER devices, which want to encapsulate all traffic for a wished destination into an MPLS label. This action is stored in routing entry, and can be configured like a route:

ip route NETWORK/PREFIX GATEWAY|INTERFACE label LABEL

This command is used to add a MPLS label to an IP route.

  • NETWORK/PREFIX: The destination network for this route in IPv4 CIDR notation.

  • GATEWAY: The IP address of the next-hop router for this route.

  • INTERFACE: The interface name for this route. This is used when the next-hop router is directly connected to the local router.

  • LABEL: is the MPLS label to use to reach the prefix abovementioned.

You can check that the static entry is stored in the IRM RIB database, by looking at the presence of the entry.

soodar(config)# ip route 1.1.1.1/32 10.0.1.1 label 777
soodar# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route

S>* 1.1.1.1/32 [1/0] via 10.0.1.1, ge1, label 777, 00:39:42

MPLS Swap and Pop Action

The swap action is generally used for LSR devices, which swap a packet with a label, with an other label. The Pop action is used on LER devices, at the termination of the MPLS traffic; this is used to remove the MPLS header.

You can check that the MPLS actions are stored in the IRM MPLS table, by looking at the presence of the entry.

show mpls table

The command is used to display the MPLS forwarding table or label-switching table (LSP). The MPLS forwarding table contains information about the incoming and outgoing labels for a given destination prefix or network.

soodar(confi)# mpls lsp 18 10.125.0.2 implicit-null
soodar(confi)# mpls lsp 19 10.125.0.2 20
soodar(confi)# mpls lsp 21 10.125.0.2 explicit-null
soodar# show mpls table
Inbound                            Outbound
Label     Type          Nexthop     Label
--------  -------  ---------------  --------
18     Static       10.125.0.2  implicit-null
19     Static       10.125.0.2  20
21     Static       10.125.0.2  IPv4 Explicit Null

IRM Route Filtering

IRM supports prefix-list s and Route Maps s to match routes received from other Soodar components. The permit/deny facilities provided by these commands can be used to filter which routes IRM will install in the Data plane.

ip protocol PROTOCOL route-map ROUTEMAP

Apply a route-map filter to routes for the specified protocol. PROTOCOL can be:

  • any,

  • bgp,

  • connected,

  • eigrp,

  • isis,

  • ospf,

  • ospf6,

  • rip,

  • static,

  • ripng

If you choose any as the option that will cause all protocols that are sending routes to IRM. You can specify a ip protocol PROTOCOL route-map ROUTEMAP on a per vrf basis, by entering this command under vrf mode for the vrf you want to apply the route-map against.

set src ADDRESS

Within a route-map, set the preferred source address for matching routes when installing in the data plane.

The following creates a prefix-list that matches all addresses, a route-map that sets the preferred source address, and applies the route-map to all rip routes.

soodar(config)# ip prefix-list ANY permit 0.0.0.0/0 le 32
soodar(config)# route-map RM1 permit 10
soodar(config-route-map)# match ip address prefix-list ANY
soodar(config-route-map)# set src 10.0.0.1
soodar(config)# ip protocol rip route-map RM1

IPv6 example for OSPFv3.

soodar(config)# ipv6 prefix-list ANY seq 10 permit any
soodar(config)# route-map RM6 permit 10
soodar(config-route-map)# match ipv6 address prefix-list ANY
soodar(config-route-map)# set src 2001:db8:425:1000::3
soodar(config)# ipv6 protocol ospf6 route-map RM6
zebra route-map delay-timer (0-600)

Set the delay before any route-maps are processed in IRM. The default time for this is 5 seconds.

IRM Terminal Mode Commands

show ip route

Display current routes which IRM holds in its database.

Router# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
 B - BGP * - FIB route.

S* 0.0.0.0/0        203.181.89.1
C* 127.0.0.0/8      loopback0
C* 203.181.89.240/28      ge0
show ipv6 route
show [ip|ipv6] route [PREFIX] [nexthop-group]

Display detailed information about a route. If [nexthop-group] is included, it will display the nexthop group ID the route is using as well.

show interface [NAME] [{vrf VRF|brief}] [json]
show interface [NAME] [{vrf all|brief}] [json]
show interface [NAME] [{vrf VRF|brief}] [nexthop-group]
show interface [NAME] [{vrf all|brief}] [nexthop-group]

Display interface information. If no extra information is added, it will dump information on all interfaces. If [NAME] is specified, it will display detailed information about that single interface. If [nexthop-group] is specified, it will display nexthop groups pointing out that interface.

If the json option is specified, output is displayed in JSON format.

show ip prefix-list [NAME]
show route-map [NAME]
show zebra

Display various statistics related to the installation and deletion of routes, neighbor updates, and LSP’s into the kernel.

show zebra client [summary]

Display statistics about clients that are connected to IRM. This is useful for debugging and seeing how much data is being passed between IRM and it’s clients. If the summary form of the command is choosen a table is displayed with shortened information.

show zebra router table summary

Display summarized data about tables created, their afi/safi/tableid and how many routes each table contains. Please note this is the total number of route nodes in the table. Which will be higher than the actual number of routes that are held.

Router-id

Many routing protocols require a router-id to be configured. To have a consistent router-id across all daemons, the following commands are available to configure and display the router-id:

[ip] router-id A.B.C.D

Allow entering of the router-id. This command also works under the vrf subnode, to allow router-id’s per vrf.

[ip] router-id A.B.C.D vrf NAME

Configure the router-id of this router from the configure NODE. A show run of this command will display the router-id command under the vrf sub node. This command is deprecated and will be removed at some point in time in the future.

show [ip] router-id [vrf NAME]

Display the user configured router-id.

For protocols requiring an IPv6 router-id, the following commands are available:

ipv6 router-id X:X::X:X

Configure the IPv6 router-id of this router. Like its IPv4 counterpart, this command works under the vrf subnode, to allow router-id’s per vrf.

show ipv6 router-id [vrf NAME]

Display the user configured IPv6 router-id.

Debugging

debug zebra mpls [detailed]

MPLS-related events and information.

debug zebra events

IRM events

debug zebra pseudowires

Pseudowire events.

debug zebra packet [<recv|send>] [detail]

ZAPI message and packet details

debug zebra kernel

Kernel / OS events.

debug zebra kernel msgdump [<recv|send>]

Raw OS (netlink) message details.

debug zebra rib [detailed]

RIB events.

debug zebra dplane [detailed]

Dataplane / FIB events.