Configuring BGP, OSPF, Static Routing, and Route retraction on SteelHead SD
This topic describes how to configuring SteelHead SD 2.0 Border Gateway Protocol (BGP), open shortest path first (OSPF) with an area border router (ABR), static routing, and route retraction. It includes these sections:
Configuring BGP on SteelHead SD
Configuring OSPF with ABR on SteelHead SD
Defining static routing on SteelHead SD
Route retraction for SteelHead SD
Before you begin configuring BGP and OSPF for SteelHead SD, we recommend you read Dynamic routing overview in the SteelConnect Manager User Guide. The procedures here provide the basic steps for configuring SteelHead SD appliances.
Configuring BGP on SteelHead SD
This section describes how to configuring BGP on SteelHead SD. It includes these sections:
Introducing BGP on SteelHead SD
Configuring BGP on SteelHead SD
Configuring inbound and outbound prefixes, AS paths, and route maps for BGP neighbors
Configuring BGP route redistribution
Configuring BGP route summarization
Viewing BGP status
Introducing BGP on SteelHead SD
SteelHead SD provides full BGP support for local autonomous system (AS) numbers and neighbor configurations (including router ID, password, keepalive time, and hold time) for SteelHead SD 570-SD, 770-SD, 3070-SD appliances and the SteelConnect SDI-2030 gateway located at the branch.
SteelHead SD 2.0 provides support for both exterior Border Gateway Protocol (eBGP) and interior Border Gateway Protocol (iBGP). SteelHead SD doesn’t restrict BGP to the LAN or the WAN; it can communicate with its associated neighbors regardless of whether it is on the LAN or WAN.
You can configure BGP regardless of whether it is a zone or an uplink.
Before you begin configuring BGP for SteelHead SD, we recommend you consult BGP in the SteelConnect Manager User Guide.
Configuring BGP on SteelHead SD
This section describes how to enable BGP and configure BGP neighbors on branch SteelHead SD appliances. By default, BGP is disabled.
For SteelHead SD appliances, you can only add BGP neighbors under the Appliances > BGP tab. You can’t add BGP neighbors from the Routing > BGP page.
To enable BGP and configure a BGP neighbor
1. Choose Appliances and select the appliance to expand the pane.
2. Select the BGP tab.
Enabling BGP
3. Specify an AS number in Local AS to start a BGP session. The range is from 1 to 4294967295.
4. Under BGP neighbors, click Add BGP Neighbor.
5. Specify a name for the BGP neighbor.
6. Specify the IP address of the BGP neighbor.
7. Specify the remote AS number that the BGP peer belongs to: for example, 200. The range is from 1 to 4294967295.
8. The remainder of the BGP attributes are provided by default. They can be changed based on your administrator settings. Optionally, fill out these BGP neighbor attributes:
Password - Optionally, type a password to enable MD5 authentication. You must use the same password on both BGP neighbors. If you do not require MD5 authentication, you can leave this field blank.
Click the eye icon to see the password as you type. The view persists until you click the eye icon again to hide the password.
Keep Alive Time - Optionally, specify the amount of time, in seconds, that the eBGP neighbors exchange keepalive messages to determine whether a link has failed or is no longer available. The neighbors exchange keepalive messages often enough so that the hold time doesn’t expire. The default setting is 60.
Hold Time - Optionally, specify the amount of time, in seconds, that a gateway neighbor waits for an incoming keepalive, update, or notification message from a neighbor before it assumes its neighbor is down. If the gateway doesn’t receive a keepalive, update, or notification message from its neighbor within the period specified, it closes the connection and routing through that neighbor becomes unavailable.
A 0 value means that no keepalive messages are sent and the connection will never close. The hold-time range is from 0 to 65535. The default setting is 180.
The hold-time value is three times the interval at which keepalive messages are sent. Using the default values for the keepalive time of 60 and the hold time of 180, the settings work together like this: after two neighbors establish an eBGP session, 60 seconds later they’ll each send a keepalive message. When a gateway receives a keepalive message from its neighbor, that gateway’s hold time for the session will have counted down from 180 to 120, but it’s then reset to 180. This process continues every 60 seconds. However, should neighbor A lose power, then neighbor B won’t receive any keepalives. So after 180 seconds, neighbor B determines that neighbor A is down and closes the session.
Weight - When multiple routes to the same destination exist, BGP will prefer the route with the highest weight. The default value is 0 and the range is from 0 to 65535.
Click On to distribute the default route (0.0.0.0/0) to the specified BGP neighbor. The default setting is Off.
Route map - Click the search selector and select the route use case. The routing policies defined by the selected route map are applied while accepting routes to the BGP neighbor.
9. Click Submit.
10. Repeat Step 4 through Step 9 if you have two MPLS providers that need to do BGP peering with the current appliance. You need to create a BGP configuration for each one.
11. Repeat this process for other SteelHead SDs behind other routers.
BGP redistribution and summarization can only be configured after you have defined route maps and prefixes.
Configuring inbound and outbound prefixes, AS paths,
and route maps for BGP neighbors
Optionally, you can configure inbound and outbound prefixes, AS paths, and route policies for BGP neighbors. By specifying these options, you can define what inbound and outbound routes are allowed or denied for BGP neighbors.
We recommend you define route policies, AS lists, and prefix lists before you configure the inbound and outbound settings. For details on configuring routing policies, see What are routing policies?.
Outbound fields are disabled if a cluster site is selected as a transit hub for SteelHead SD 570-SD, 770-SD, and 3070-SD appliances. For details on configuring transit hubs, see Defining an organization in the SteelConnect Manager User Guide.
To configure inbound and outbound BGP route settings
1. Choose Appliances and select the appliance to expand the pane.
2. Select the BGP tab.
Configuring inbound and outbound settings
3. Under Inbound, fill out these attributes:
Prefix list - Specify the prefixes to be allowed or denied for route advertisements from the BGP neighbor to the appliance.
AS list - Specify the AS paths. The route from the neighbor is permitted if the AS path matches the regular expression in the AS path list.
Routemap - Specify route policy for the BGP neighbor. The routing policies defined by the selected route map are applied while accepting routes from the BGP neighbor.
4. Under outbound, fill out these attributes:
Prefix list - Specify the prefixes to be allowed or denied for route advertisements to the BGP neighbor from the appliance.
AS list - Specify the AS paths. The route to the neighbor is permitted if the AS path matches the regular expression in the AS path list.
Routemap - Specify the route policy for the BGP neighbor. The routing policies defined by the selected route map are applied while accepting routes to the BGP neighbor.
5. Click Submit.
Configuring BGP route redistribution
SteelHead SD includes options to globally configure:
redistribution of OSPF routes into BGP.
redistribution of static and overlay routes into BGP.
redistribution of traffic using the route map with the use case for static and connected route injection in BGP.
We recommend you define route policies, AS lists, and prefix lists before you configure BGP route redistribution. For details on configuring routing policies, see Creating routing IPv4 prefix lists.
To configure BGP route redistribution
1. Choose Appliances and select the appliance to expand the pane.
2. Select the BGP tab.
Configuring BGP route redistribution
3. Specify an AS number in Local AS. The range is from 1 to 4294967295.
4. Specify your BGP redistribution settings:
OSPF to BGP - Click On to enable redistribution of OSPF routes into BGP. By default, redistribution is disabled.
Static and Overlay BGP - Click On enable redistribution of static and overlay routes into BGP. By default, redistribution is disabled.
Connected to BGP - Click On or Off to enable redistribution of connected routes into BGP. By default, redistribution is disabled.
5. Click the search selector to select the route map. This option only applies to those route maps with the use case of static and connected route injection in BGP. This option redistributes static and connected routes in BGP using a list of IPv4 prefixes.
6. Click Submit.
Configuring BGP route summarization
With route summarization, a new network prefix with a shorter prefix length is advertised into BGP. Summarizing prefixes conserves router resources and accelerates best path calculation by reducing the size of the BGP table. Summarization also provides increased stability by reducing routing loops.
You can configure BGP route summarization using one of these modes:
Manual - Creates a static route and advertises the network via a network statement. The summary route will always be advertised even if the networks are not available.
Automatic - Creates a network range. When viable routes that match the network range enter the BGP table, an aggregate route is created. On the originating router, the aggregated prefix sets the next hop to Null 0. The route to Null 0 is automatically created by BGP to prevent routing loops.
When configured, the routing policy advertises a summary address only and not the individual prefixes to a BGP neighbor.
Routing policies only impact the underlay routing. They do not impact the overlay routing orchestrated by SCM.
To configure BGP route summarization
1. Choose Appliances and select the appliance to expand the pane.
2. Select the BGP tab.
3. Under Summarization, click Add Prefix.
You can configure one or more summary addresses matching the individual addresses to advertise to a BGP neighbor. You can also advertise individual addresses. By default, only summary addresses are advertised.
Adding AS summarization prefixes
The system default is to calculate the prefix manually.
4. Click Automatic to have the system calculate the prefixes automatically, or click Manual to specify the prefix.
For automatic prefix calculation, specify a starting and an ending address, and SteelConnect provides the summarized prefix. For example, entering the starting address 160.0.1.0 and the ending address 160.0.2.0 results in the automatic prefix 160.0.0.0/22.
For manual prefix calculation, after Summarized Prefix, enter a static IP address with a netmask.
5. Specify the prefix starting and ending point.
6. Specify an IP address with the netmask in the Summarized Prefix text box.
7. Specify your summary and AS-set settings:
Summary Only - Click On to advertise both summary and individual prefix advertisements to an eBGP peer.
AS-set - Click On to provide an AS-set to use to detect and avoid routing loops. An AS-set summarizes the path attributes of all the BGP individual routes that the aggregate summarizes to help detect and avoid BGP routing loops.
8. Click Submit.
Viewing BGP status
SCM displays the advertised and learned network routes and peering session state information. To filter the list, type a search filter in the search box; for example, type IPv6 to narrow the search to all IPv6 networks.
To view BGP neighbors
1. Choose Appliances and select the appliance you want to view.
2. Click the BGP tab to view the BGP neighbors state, received prefixes, remote AS, keep-alive value, hold time, and last error. You can edit BGP values as well.
To view BGP routing tables
1. Choose Health Check > Routing Tables.
2. Select the BGP tab and select the appliance to display the BGP learned and advertised routes.
Configuring OSPF with ABR on SteelHead SD
This section describes how to configure OSPF with ABR on SteelHead SD. It includes these sections:
Introducing OSPF with ABR
Creating an OSPF network
Configuring OSPF interfaces
Creating OSPF areas
Redistributing OSPF settings
Configuring OSPF route summarization
Viewing OSPF status
Introducing OSPF with ABR
SteelHead SD 2.0 provides single and multiple area OSPF with ABR and route redistribution between OSPF zone interfaces and ABRs on the LAN side of the network. You can configure OSPF regardless of whether it is a zone or an uplink.
SteelHead SD supports OSPF for a branch site with one or two MPLS providers, where each provider is connected to a customer edge (CE) router. A SteelConnect branch gateway is deployed in front of the CE routers. The provider edge (PE) routers on the MPLS WAN side are using BGP and the CE routers on the LAN side are using OSPF.
OSPF single area
 
OSPF multiple area
Before you begin configuring OSPF for SteelHead SD, we recommend you consult OSPF in the SteelConnect Manager User Guide.
Creating an OSPF network
You create OSPF networks at the site level. Before configuring OSPF, make sure the appliance is registered in SCM and that OSPF is enabled on any routing device that will peer with the appliance. You create an OSPF network based on a site location that includes one area and then you attach one or more interfaces to the OSPF area.
To create an OSPF network
1. Deploy the SteelHead SD and assign a zone and uplink to a port.
2. Choose Routing > OSPF.
3. Click New OSPF Network.
4. Select the site for the new OSPF network.
After you select a site for an OSPF network, the system automatically populates all the remaining fields based on the default settings. You can simply click Submit to create a network using the default settings. You do not have to explicitly configure the settings.
Creating an OSPF network on the branch SteelHead SD
5. Manually fill out the network attributes that you do not want to inherit:
Site - Select the site where the OSPF network is located. Optionally, leave the site selection blank to select the first site in the list shown on the Network Designs > Sites page. Use this method to save time by quickly creating OSPF networks based on the order in which the sites appear in the site list. Creating another network and leaving the site selection blank again selects the second site in the list, and so on.
Name - Specify a network name.
Default Area Name - Specify a name for the area.
Default Area ID - Specify the area in which the zone resides. This ID will typically be one of the already existing areas in the branch. If not, either specify a 32-bit unsigned number from 0 to 4294967295 or an IPv4 address in dotted decimal notation (x.x.x.x). The default setting is the backbone area ID 0; however, you can change the value to your existing area ID. For small LANs, area 0 might be all you need, but as a network grows, you will need more than one area connecting to area 0.
For a routing device to become an OSPF neighbor with another device, both devices must belong to the same area ID and their passwords and authentication methods must match.
Inherit Org Defaults - Click On to allow the OSPF network and area to automatically inherit the settings when an organization’s default network settings are updated. This OSPF network’s settings will change to match the new values.
Click Off to define unique settings for the network and to lock the network configuration so any changes do not overwrite the settings.
Password - Specify a password. The authentication methods appear when typing a password. All OSPFv2 exchanges between routing devices can be authenticated using one of these methods:
MD5 - Select this tab to use the Message Digest 5 algorithm as the authentication method. MD5 authentication enables routing devices to securely identify one another before they establish adjacency. MD5 is a cryptographic hash function with a 128-bit hash value derived from the contents of the OSPF packet and a key and key ID. This method doesn’t send the password but instead calculates and includes an encoded MD5 checksum in the transmitted packet. The receiving routing device uses the key and key ID to verify the packet.
The MD5 key doesn’t have to be the same within the area, but it must be exactly the same between two OSPF neighbors.
Click the eye icon to see the password as you type. The view persists until you click the eye icon again to hide the password.
Simple - Select this tab to include an unencrypted plain text password with the packet. The receiving routing device uses the password to verify the packet. The simple password can be from one to eight characters and can include ASCII strings. If you include spaces, enclose the password in quotation marks. Use this authentication method when devices within an area do not support the more secure MD5 authentication, as Simple is the least secure setting.
MD5 Key ID - (Appears when you select MD5.) Specify a value to associate with the MD5 key. The ID is used by the receiver of the OSPF packet to determine which key to use for authentication.
To change your MD5 key, specify a new key and key ID. When both OSPF neighbors have a new key and key ID, the old key is deleted and the current MD5 key and key ID become active.
Hello Interval - Specify how often, in seconds, to send a hello packet. Initially the gateway sends a hello packet to all OSPF-enabled interfaces to form an adjacency as a neighbor. The routing devices become neighbors and exchange link-state advertisements. After the gateway learns the common network topology, it sends the hello to check if an OSPF neighbor is alive. The range is from 1 to 65535. The default is 10. The hello interval must be exactly the same between two OSPF neighbors.
Dead Interval - Specify how many seconds to wait for a hello packet before declaring an OSPF neighbor out of service, triggering a refresh of the link-state database and routing information. The range is from 1 to 65535. The default is 40. The dead interval must be exactly the same between two OSPF neighbors.
Priority - Specify the priority for becoming the network’s designated routing device. The designated router originates network link advertisements on behalf of the network, and it establishes adjacencies with all routing devices on the network.
The routing device that has the highest priority value on the logical IP network or subnet is elected as the designated router. A priority value of 0 means that the routing device never becomes the designated router; it doesn’t even participate in the election process. A value of 1 means that the routing device participates in the election process but has the least chance of becoming a designated router. A priority of 255 means the routing device is always the designated router.
To ensure that a routing device is elected as the designated routing device, configure the priority value to a higher value than any other interface on the Ethernet network. The range is from 0 to 255. The default value is 1.
Cost - Specify a routing metric used in the link-state calculation. OSPF selects ideal routes by locating destination routes with the least cost. Routes with lower total path metrics are preferred to those with higher path metrics. This setting controls the cost calculation of OSPF network segments. The default formula to calculate the cost for the OSPF metric is dividing the reference bandwidth (100 Mbps by default) by the interface bandwidth. For example, in the case of Ethernet, it is 100 Mbps / 10 Mbps = 10.
You can manipulate the cost by specifying a number within the range of 1 to 65535. 10 is the default setting.
The OSPF network needs a zone and, optionally, one or more uplinks to report OSPF learned routes to SCM.
If you modify the Default Area settings, keep in mind the impact the changes will have on new and existing OSPF networks. Changes to the Default Area Name, Default Area ID, and Inherit Org Defaults impact only new OSPF networks. Changes to the Password, Hello Interval, Dead Interval, Priority, and Cost impact new OSPF networks as well as existing OSPF networks with Inherit Org Defaults enabled. For details on editing OSPF networks, see OSPF“in the SteelConnect Manager User Guide.
6. Click Submit. The OSPF network appears with the available interfaces listed.
Created OSPF network
Configuring OSPF interfaces
After you define your OSPF network, you must attach interfaces on which you want to run OSPF.
To configure OSPF interfaces
1. Choose Routing and select the OSPF network for which you want to attach an interface.
2. Select the OSPF Interfaces tab.
3. Click Attach Interface.
Attaching an OSPF interface
4. Fill out these interface attributes:
Zone Uplink - Select the zone or uplink to attach to the OSPF area.
OSPF Area - Select the OSPF area associated with the interface from the drop-down list.
Inherit Area Values - Click On to allow the interface to automatically inherit the area settings. When enabled and this interface area is updated, this interface settings will change to match the containing OSPF area.
Click Off to define unique settings for the area. This option locks the interface configuration so any changes to the area do not overwrite the interface parameters.
5. Click Submit.
After you attach the interface to the OSPF area, the gateway configures the zone or zones to run OSPF and establishes OSPF neighbors with LAN routers in the same network segment.
Creating OSPF areas
All of the networks learned from an OSPF zone interfaces are mapped to the OSPF area that the interface is connected to. For details on dynamic routing with OSPF, we recommend you consult Dynamic routing overview in the SteelConnect Manager User Guide.
A large OSPF domain is broken into separate areas to restrict the multiplication of routes and reduce the resources required by each router to maintain its link state database. Each area is connected to a central backbone, typically called area 0. OSPF uses different types of Link State Advertisements (LSAs) to communicate link state information between neighbors.
SteelHead SD supports these LSA types:
Standard - Routers in this area accept default and autonomous system boundary router (ASBR) injected external routes. The backbone is considered a standard area.
Stub - Routers in this area accept inter-area routes and the default route from their ABR. They do not accept ASBR injected external routes. A stub type can contain type 1, 2, and 3 LSAs.
Totally Stub - This type of router is similar to a stub router. They accept inter-area routes and the default route from their ABR. They do not accept ASBR injected external routes. A totally stub type can only contain type 1 and 2 LSAs, and a single type 3 LSA. The type 3 LSA describes a default route, substituted for all external and inter-area routes.
To create an OSPF area
1. Choose Routing > OSPF and select the OSPF network for which you want to create an area.
2. Select the Areas tab and click New Area.
Creating OSPF areas
3. Fill out the attributes for the OSPF area:
Name - Specify a descriptive name for the OSPF area.
Area ID - Specify a valid area ID as either a 32-bit unsigned number from 0 to 4294967295 or an IPv4 address in dotted decimal notation (x.x.x.x). The default setting is the backbone area ID 0; however, you can change the value to your existing area ID. For small LANs, area 0 might be all you need, but as a network grows, you will need more than one area connecting to area 0.
Type - Specify the OSPF LSA type:
Standard - Routers in this area accept default and autonomous system boundary router (ASBR) injected external routes. The backbone is considered a standard area.
Stub - Routers in this area accept inter-area routes and the default route from their ABR. They do not accept ASBR injected external routes. A stub type can contain type 1, 2, and 3 LSAs.
Totally Stub - This type of router is similar to a stub router. They accept inter-area routes and the default route from their ABR. They do not accept ASBR injected external routes. A totally stub type can only contain type 1 and 2 LSAs, and a single type 3 LSA. The type 3 LSA describes a default route, substituted for all external and inter-area routes.
Inherit OSPF Network Values - Click On to allow the OSPF network to inherit the OSPF network values previously configured, such as password, hello interval, dead interval, priority, and cost.
Click Off to define unique settings for the network and to lock the network configuration so any changes do not overwrite the settings. This OSPF network’s settings will change to match the new values.
OSPF Zone - Select the zone from the list. These are the zones that are participating in OSPF for the area that is configured on this page. Only one zone interface per area is allowed.
OSPF Uplinks - Select the uplinks from the list. These are the uplinks that will be participating in OSPF in the area that is configure on this page.
Inbound prefix - Optionally, specify the inbound prefix. Any prefixes defined in this prefix list are used to filter networks sent to this area.
Outbound prefix - Optionally, specify the outbound prefix. Any prefixes defined in this prefix list are used to filter networks advertised from this area.
Area ranges advertised - Specify a set of advertised routes to be advertised. In order to aggregate routing information at area boundaries, area address ranges can be employed. Each address range is specified by an [address, mask] pair.
Area ranges not advertised - Specify the set routes that will not be advertised. In order to aggregate routing information at area boundaries, area address ranges can be employed. Each address range is specified by an [address, mask] pair. In this case, Type 3 summary-LSA is suppressed and the component networks remain hidden from other areas.
Click Submit.
Redistributing OSPF settings
The LAN/WAN routing interworking solution bridges eBGP and OSPF to redistribute underlay routing information between the protocols on a gateway.
For details on how redistribution works, see Redistributing underlay routing in the SteelConnect Manager User Guide.
To redistribute OSPF settings
1. Choose Routing and select the OSPF network.
2. Select the Redistribute Settings tab.
Redistributing OSPF settings
3. Optionally, specify the default metric with a range of 1 to 16777214. The ABR generates a default route with a specified metric into the stub area. The default route matches any destination that is not explicitly reachable from within the area. Routing protocols use default metrics to calculate the best path to a specified destination. The routes that are redistributed carry the specific value.
4. Specify whether you want the default route (0.0.0.0/0) injected in OSPF:
Default Route Origination - Click On to enable default route origination. Enabling this option injects a default route into the participating areas in OSPF.
5. Specify your OSPF redistribution settings:
BGP to OSPF - Click On to redistribute the routes learned from BGP into the OSPF protocol.
Static and Overlay to OSPF - Click On to redistribute static and overlay routes into OSPF.
Connected to OSPF - Click On to redistribute connected routes into OSPF.
6. Optionally, specify these settings if any of the above OSPF redistribution settings is enabled:
Metric - Optionally, enter the cost metric that you want the route to be injected with into OSPF. The range is 0 to 4294967295. When a metric value in a route matches this value, the route qualifies for distribution by the router.
Metric type - The type of external route that you want the routes to be injected as. When the type matches the value specified, then that route is qualified to be distributed:
Type 1 (EI)- This type includes the external cost to the destination as well as the cost (metric) to reach the AS boundary router.
Type 2 (E2) - This type uses only the external cost to the destination and ignores the cost (metric) to reach the AS boundary router.
Tag - Optionally, enter a value 32 bit value from 0 to 4294967295 that will be attached to the routes. When a tag in route matches this value, the route qualifies for distribution by the router.
Route map - Click the search selector and select the route map. This option applies a routing policy based on which routes will be redistributed into OSPF.
7. Click Submit.
Configuring OSPF route summarization
For an OSPF area, you can filter intra-area prefixes. All routes that match the specified area range are filtered.
To add summarization for OSPF
1. Choose Routing > OSPF.
2. Select the OSPF network.
3. Select the OSPF Summarization tab.
4. Click Add Prefix to add prefixes.
You can configure one or more summary addresses matching the individual addresses to advertise to a OSPF peer. You can also advertise individual addresses. By default, only summary addresses are advertised.
Summarizing routes for OSPF
5. Click Automatic to have SCM calculate the prefixes automatically, or click Manual to specify the summarized prefix.
For automatic prefix calculation, specify a starting and an ending IP address. The system provides the summarized prefix. For example, entering the starting address 160.0.1.0 and the ending address 160.0.2.0 results in the automatic prefix 160.0.0.0/22.
6. Fill out the these attributes for automatic or manual:
Summarized Prefix - Specify the IP prefix designated for the range of addresses, including the prefix length.
Advertise - Click On to advertise the summary prefix. Click Off to stop advertisements of the summary address.
Tag - Specify a 32-bit value attached to the summary route. The specified value will be tagged to the advertised summary routes.
7. Click Submit.
Viewing OSPF status
There are multiple places where SCM provides visibility to OSPF and the state of routes.
To view OSPF routing tables
1. Choose Health Check > Routing Tables.
2. Select the OSPF tab and select the appliance to display the OSPF neighbors and learned routes.
To view the Forward Information Base (FIB) routing table
1. Choose Health Check > Routing Tables.
2. Select the FIB tab and select the appliance to display the FIB information, including destination, next hop, metric value, route type, and subroute type. This table is very useful and should be the first step in debugging if the expected routes are learned by the appliance.
Defining static routing on SteelHead SD
SteelHead SD provides static routing at the appliance level where it is essentially acting as a router. The static route is not tied to a particular zone. Static routes:
can only be defined on SteelHead SD 570-SD, 770-SD, 3070-SD appliances and the SteelConnect SDI-2030 gateway located at the branch.
support IPv4 destination networks and gateways.
To define static routes
1. Choose Routing > Static Routes.
2. Click Add Static Route.
Adding static routes
3. Select the Appliance to which you want to add the static route. Only SteelHead SD appliances are listed. Static routes can only be applied to SteelHead SD models; other non-SteelHead SD appliances are not listed.
4. Specify the IPv4 destination mask address.
5. Specify the IPv4 address for the gateway.
6. Specify the destination metric to prioritize the routing protocol where two routes provide the same route destination. The default value is 1.
7. Optionally, include any notes that will help you identify this static route.
8. Click Submit.
Route retraction for SteelHead SD
SteelHead SD advertises available routes and doesn’t advertise unavailable routes. If a route becomes unavailable, route retraction withdraws this route and ensures it is no longer advertised.
The behavior of route attraction and retraction is the same across all SteelConnect appliances.
To benefit from route retraction on a SteelHead SD, you need to meet the following requirements:
You need to redistribute the overlay network into the internet gateway protocol on the LAN.
For SteelHead SD appliances deployed in HA mode, you need to redistribute the overlay network and connected routes into iBGP.
Here are the detailed steps.
To redistribute the overlay into the internet gateway protocol on the LAN
1. In SCM, choose Routing > OSPF.
2. Select your OSPF network to edit the settings.
3. In the Redistribute settings tab, click On for Static to OSPF, and click On for Connected to OSPF.
4. Click Submit.
To redistribute the overlay and connected routes into iBGP for HA pairs
1. In SCM, choose Appliances > Overview.
2. Select an HA site.
3. Open the BGP tab and click On for Static and Overlay to BGP and click On for Connected to BGP.
4. Click Submit.