Nexthop Groups

Nexthop Group Description

Each routing table entry provides the next hop address to its specified destination. A nexthop address is the address of the next device on the path to the entry’s specified destination.

A nexthop group is a data structure that defines a list of nexthop addresses and a tunnel type for packets routed to the specified address. When an IP route statement specifies a nexthop group as the nexthop address, the switch configures a static route with a nexthop group member as the nexthop address and encapsulates packets forwarded to that address as required by the group’s tunnel type.

The nexthop group size is a configurable parameter that specifies the number of entries that the group contains. Group entries that are not explicitly configured are filled with drop routes. The switch uses ECMP hashing to select the address within the nexthop group when forwarding packets. When a packet’s hash selects a drop route, the packet is dropped.

Nexthop groups are supported on Trident platform switches and subject to the following restrictions:

  • Each switch can support 512 IPv4 or IPv6 Tunnels
  • Nexthop groups can contain 256 nexthops.
  • The switch supports 1024 nexthop groups.
  • Multiple routes can share a tunnel.
  • Tunnels do not support IP multicast packets.

Nexthop groups support IP-in-IP tunnels. The entry IP address family within a particular nexthop group cannot be mixed, i.e. either they are all IPv4 or they are all IPv6 entries.

Nexthop Group Configuration

Nexthop groups are configured and modified in nexthop-group configuration mode. After a group is created, it is associated to a static route through an ip route nexthop-groupstatement.

These tasks are required to configure a nexthop group and apply it to a static route.

Creating and Editing Nexthop Groups

Nexthop groups are created by a nexthop-group command that specifies a group that isn't already configured. The switch enters nexthop-group configuration mode for the new group. Nexthop-group mode is also accessible for modifying existing groups. When in nexthop-group configuration mode, the show active command displays the group’s configuration.

  • This command creates a nexthop group named NH-1.
    switch(config)#nexthop-group NH-1
    switch(config-nexthop-group-NH-1)#
    
  • These commands enter nexthop-group configuration mode for the group named NH3, then displays the previously configured group parameters.
    switch(config)#nexthop-group NH3
    switch(config-nexthop-group-NH3)#show active
     nexthop-group NH3
     size 4
     ttl 10
     entry 0 tunnel-destination 10.14.21.3
     entry 1 tunnel-destination 10.14.21.5
     entry 2 tunnel-destination 10.14.22.5
     entry 3 tunnel-destination 10.14.22.6
    switch(config-nexthop-group-NH3)#
    

Configuring a Group’s Encapsulation Parameters

Packets in static routes that are associated with the nexthop group are encapsulated to support the group’s tunnel type. Nexthop groups support IP-in-IP tunnels. The group also defines the source IP address and TTL field contents that are included in the packet encapsulation.

  • This command configures the TTL setting to 32 for nexthop group NH-1 encapsulation packets.
    switch(config)#nexthop-group NH-1
    switch(config-nexthop-group-NH-1)#ttl 32
    switch(config-nexthop-group-NH-1)#show active
     nexthop-group NH-1
     size 128
     ttl 32
    switch(config-nexthop-group-NH-1)#
    

    The address is inserted in the encapsulation source IP fields is specified by tunnel-source (Nexthop Group).

  • These commands create loopback interface 100, assign an IP address to the interface, then specifies that address as the tunnel source for packets designated by nexthop-group NH-1.
    switch(config)#interface loopback 100
    switch(config-if-Lo100)#ip address 10.1.1.1/32
    switch(config-if-Lo100)#exit
    switch(config)#nexthop-group NH-1
    switch(config-nexthop-group-NH-1)#tunnel-source intf loopback 100
    switch(config-nexthop-group-NH-1)#show active
     nexthop-group NH-1
     size 256
     ttl 32
     tunnel-source intf Loopback100
    switch(config-nexthop-group-NH-1)#
    

Configuring IP-in-IP Encapsulation

Through IP-in-IP encapsulation, IP packets matching a static Nexthop-Group route are encapsulated within an IP-in-IP tunnel and forwarded.

  • This command configures a static Nexthop-Group route and an IP-in-IP Nexthop-Group for IP-in-IP encapsulation.
    switch(config)#ip route 124.0.0.1/32 nexthop-group abc
    switch(config)#nexthop-group abc type ip-in-ip
    switch(config-nexthop-group-abc)#size 512
    switch(config-nexthop-group-abc)#tunnel-source 1.1.1.1
    switch(config-nexthop-group-abc)#entry 0 tunnel-destination 1.1.1.2
    switch(config-nexthop-group-abc)#entry 1 tunnel-destination 10.1.1.1
    switch(config-nexthop-group-abc)#ttl 64
    switch(config-nexthop-group-abc)#
    

Configuring the Group’s Size

The group’s size specifies the number of entries in the group. A group can contain up to 256 entries, which is the default size. The group’s size is specified bysize (Nexthop Group).

  • This command configures the nexthop group NH-1 to contain 128 entries.
    switch(config)#nexthop-group NH-1
    switch(config-nexthop-group-NH-1)#size 128
    switch(config-nexthop-group-NH-1)#show active
     nexthop-group NH-1
     size 128
     ttl 64
    switch(config-nexthop-group-NH-1)#
    

Creating Nexthop Group Entries

Each entry specifies a nexthop address that is used to forward packets. A nexthop group contains one entry statement for each nexthop address. The group’s size specifies the number of entry statements the group may contain. Each entry statement is assigned an index number to distinguish it from other entries within the group; entry index numbers range from zero to the group size minus one.

Nexthop group entries are configured byentry (Nexthop Group).

  • These commands set the nexthop group size at four entries, then create three entries. Packets that are hashed to the fourth entry are dropped.
    switch(config)#nexthop-group NH-1
    switch(config-nexthop-group-NH-1)#size 4
    switch(config-nexthop-group-NH-1)#entry 0 tunnel-destination 10.13.4.4
    switch(config-nexthop-group-NH-1)#entry 1 tunnel-destination 10.15.4.22
    switch(config-nexthop-group-NH-1)#entry 2 tunnel-destination 10.15.5.37
    switch(config-nexthop-group-NH-1)#show active
     nexthop-group NH-1
     size 4
     ttl 64
     entry 0 tunnel-destination 10.13.4.4
     entry 1 tunnel-destination 10.15.4.22
     entry 2 tunnel-destination 10.15.5.37
    switch(config-nexthop-group-NH-1)#
    
  • These commands configure a nexthop group with three IPv6 nexthop entries.
    switch(config)#nexthop-group nhg-v6-mpls type ip
    switch(config-nhg-v6-mpls)#size 3
    switch(config-nhg-v6-mpls)#entry 0 nexthop 2002::6401:1
    switch(config-nhg-v6-mpls)#entry 1 nexthop 2002::6404:1
    switch(config-nhg-v6-mpls)#entry 2 nexthop 2002::6404:2
    switch(config-nhg-v6-mpls)#
    
  • These commands configure an IPv4 route to point to the nexthop group nhg-v6-mpls. (Both IPv4 routes and IPv6 routes can point to this nexthop group.)
    switch#ip route 100.5.0.0/16 Nexthop-Group nhg-v6-mplsp
    switch#
    

Displaying Nexthop Groups

Theshow nexthop-group command displays a group’s configured parameters.

  • This command displays the properties of the nexthop group named NH-1.
    switch>show nexthop-group NH-1
    Name Id type size ttlsourceIp
    NH-1 4ipInIp 25664 0.0.0.0
    switch>
    

Applying a Nexthop Group to a Static Route

Theip route nexthop-group associates a nexthop group with a specified destination address and configures the encapsulation method for packets tunneled to that address.

This command creates a static route in the default VRF, using the nexthop group of NH-1 to determine the next hop address.
switch(config)#ip route 10.17.252.0/24 nexthop-group NH-1
switch(config)#

The show ip route command displays the routing table for a specified VRF. Routes that utilize a nexthop group entry are noted with a route type code of NG.

This command displays a routing table that contains a static route with its nexthop specified by a nexthop group.

switch>show ip route
Codes: C - connected, S - static, K - kernel,
 O - OSPF, IA - OSPF inter area, E1 - OSPF external type 1,
 E2 - OSPF external type 2, N1 - OSPF NSSA external type 1,
 N2 - OSPF NSSA external type2, B I - iBGP, B E - eBGP,
 R - RIP, I - ISIS, A B - BGP Aggregate, A O - OSPF Summary,
 NG - Nexthop Group Static Route

Gateway of last resort is not set

 C10.3.3.1/32 is directly connected, Loopback0
 C10.9.1.0/24 is directly connected, Ethernet51/3
 C10.10.10.0/24 is directly connected, Ethernet51/1
 S10.20.0.0/16 [20/0] via 10.10.10.13, Ethernet51/1
 C10.10.11.0/24 is directly connected, Ethernet3
 NG 10.10.3.0/24 [1/0] via ng-test1, 5
 C10.17.0.0/20 is directly connected, Management1
 S10.17.0.0/16 [1/0] via 10.17.0.1, Management1
 S10.18.0.0/16 [1/0] via 10.17.0.1, Management1
 S10.19.0.0/16 [1/0] via 10.17.0.1, Management1
 S10.20.0.0/16 [1/0] via 10.17.0.1, Management1
 S10.22.0.0/16 [1/0] via 10.17.0.1, Management1

switch>

Nexthop Group Commands

entry (Nexthop Group)

The entry command defines a nexthop entry in the configuration mode nexthop group. Each nexthop entry specifies a nexthop IP address for static routes to which the nexthop group is assigned. The group size (size (Nexthop Group)) specifies the quantity of entries a group contains. Each entry is created by an individual command. Entries within a group are distinguished by an index number.

The no entry and default entry commands delete the specified nexthop group entry, as referenced by index number, by removing the corresponding entry statement from running-config.

Command Mode

Nexthop-group Configuration

Command Syntax

entry index tunnel-destination ipv4_address

no entry index

default entry index

Parameters

  • index Entry index. Values range from 0 to group-size – 1.
  • ipv4_address Nexthop IPv4 address.

group-size is the group’s entry capacity, as specified by the size (Nexthop Group) command.

Example:

  • These commands sets the nexthop group size at 4 entries, then creates three nexthop entries. Packets that are hashed to the fourth entry are dropped.

    switch(config)#nexthop-group NH-1
    switch(config-nexthop-group-NH-1)#size 4
    switch(config-nexthop-group-NH-1)#entry 0 tunnel-destination 10.13.4.4
    switch(config-nexthop-group-NH-1)#entry 1 tunnel-destination 10.15.4.22
    switch(config-nexthop-group-NH-1)#entry 2 tunnel-destination 10.15.5.37
    switch(config-nexthop-group-NH-1)#show active
     nexthop-group NH-1
     size 4
     ttl 64
     entry 0 tunnel-destination 10.13.4.4
     entry 1 tunnel-destination 10.15.4.22
     entry 2 tunnel-destination 10.15.5.37
    switch(config-nexthop-group-NH-1)#

ip route nexthop-group

The ip route nexthop-group command creates a static route. The destination is a network segment. The nexthop address is one of the IP addresses that comprise the specified nexthop group. Packets forwarded as a result of this command are encapsulated as specified by the tunnel-type parameter of the specified nexthop group.

When multiple routes exist to a destination prefix, the route with the lowest administrative distance takes precedence. When a route created through this command has the same administrative distance as another static route (ECMP), the route that was created earliest has preference; running-config stores static routes in the order that they are created.

By default, the administrative distance assigned to static routes is 1. Assigning a higher administrative distance to a static route configures it to be overridden by dynamic routing data. For example, a static route with a distance value of 200 is overridden by OSPF intra-area routes, which have a default distance of 110.

The no ip route nexthop-group and default ip route nexthop-group commands delete the specified route by removing the corresponding ip route nexthop-group command from running-config. Ip route nexthop-group statements for an IP address in multiple VRFs must be removed separately.

A no ip route or default ip route command without a nexthop parameter deletes all corresponding ip route nexthop-group statements. Deleting a user-defined VRF also deletes its static routes.

Command Mode

Global Configuration

Command Syntax

ip route [VRF_INST dest_net nexthop-group nhgp_name [dist][TAG_OPTION][RT_NAME]

no ip route [VRF_INST] dest_net [nexthop-group nhgroup_name][distance]

default ip route [VRF_INST] dest_net [nexthop-group nhgroup_name][distance]

Parameters

  • VRF_INST Specifies the VRF instance being modified.

    • <no parameter> Changes are made to the default VRF.
    • vrf vrf_name Changes are made to the specified VRF.
  • dest_net Destination IPv4 subnet (CIDR or address-mask notation).
  • nhgp_name Name of nexthop group.
  • dist Administrative distance assigned to route. Options include:

    • <no parameter> Route assigned default administrative distance of one.
    • <1-255> The administrative distance assigned to route.
  • TAG_OPTION Static route tag. Options include:

    • <no parameter> Assigns default static route tag of 0.
    • tag t_value Static route tag value. t_value ranges from o to 4294967295.
  • RT_NAME Associates descriptive text to the route. Options include:

    • <no parameter> No text is associated with the route.
    • name descriptive_text The specified text is assigned to the route.

Related Commands
  • ip route creates a static route that specifies the nexthop address without using nexthop groups.

Example:

This command creates a static route in the default VRF, using the nexthop group of NH-1 to determine the next hop address.

  • switch(config)#ip route 10.17.252.0/24 nexthop-group NH-1
    switch(config)#

nexthop-group

The nexthop-group command places the switch in nexthop-group configuration mode, through which nexthop groups are created or modified. The command also specifies the tunnel protocol for extracting payload from encapsulated packets that arrive through an IP address upon which the group is applied.

A nexthop group is a data structure that defines a list of nexthop addresses and the encapsulation process for packets routed to the specified address. The command either accesses an existing nexthop group configuration or creates a new group if it specifies a non-existent group. Supported tunnel protocols include IP ECMP and IP-in-IP.

Nexthop-group configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting nexthop-group configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.

The no nexthop-group and default nexthop-groupcommands delete previously configured commands in the specified nexthop-group mode. When the command does not specify a group, it removes all nexthop-groups. When the command specifies a tunnel type without naming a group, it removes all nexthop-groups of the specified type.

Command Mode

Global Configuration

Command Syntax

nexthop-group group_name type TUNNEL_TYPE

no nexthop-group [ [group_name ] [type TUNNEL_TYPE]

default nexthop-group [ group_name] [typeTUNNEL_TYPE]

Parameters

  • group_name Nexthop group name.
  • TUNNEL_TYPE Tunnel protocol of the nexthop-group. Options include:

    • ip ECMP nexthop.
    • ip-in-ipIP in IP tunnel.
    • gre Encapsules the Layer 3 protocols overs IP networks.
    • mpls-over-gre Tunnels MPLS over a non-MPLS network.

Restrictions

Tunnel type availability varies by switch platform.

Examples:

  • This command creates a nexthop group named NH-1 that specifies ECMP nexthops.
    switch(config)#nexthop-group NH-1 type ip
    switch(config-nexthop-group-NH-1)#
  • This command exits nexthop-group mode for the NH-1 nexthop group.
    switch(config-nexthop-group-NH-1)#exit
    switch(config)#

show nexthop-group

The show nexthop-group command displays properties of the specified nexthop group.

Command Mode

EXEC

Command Syntax

show nhgroup_name[VRF_INST]

Parameters
  • nhgroup_name Name of the group displayed by command.
  • VRF_INST Specifies the VRF instance for which data is displayed.
    • <no parameter> Context-active VRF.
    • vrf vrf_nameSpecifies the name of VRF instance. System default VRF is specified by default.
Related Commands
  • show nexthop-group Places the switch in the nexthop-group configuration mode to create a new group or modify an existing group.

Example:

This command displays the properties of the nexthop group named NH-1.
switch>show nexthop-group NH-1
Name Id type size ttlsourceIp
NH-1 4ipInIp 25664 0.0.0.0
switch>

size (Nexthop Group)

The size command configures the quantity of nexthop entries in the configuration mode nexthop group. Each entry specifies a nexthop IP address for static routes to which the group is assigned. Entries are configured with the entry (Nexthop Group) command. The default size is 256 entries.

The no size and default size commands restore the size of the configuration mode nexthop group to its default of 256 by removing the corresponding size command from running-config.

Command Mode

Nexthop-group Configuration

Command Syntax

size entry_size

no size entry_size

default size entry_size

Parameters
  • entry_size Group size (entries). Value ranges from 1 to 255. Default value is 256.

Example:

This command configures the nexthop group NH-1 to contain 128 entries.
switch(config)#nexthop-group NH-1
switch(config-nexthop-group-NH-1)#size 128
switch(config-nexthop-group-NH-1)#show active
 nexthop-group NH-1
 size 128
 ttl 64
switch(config-nexthop-group-NH-1)#

ttl (Nexthop Group)

The ttl command specifies the number entered into the TTL (time to live) encapsulation field of packets that are transmitted to the address designated by the configuration mode nexthop group. The default TTL value is 64.

The no ttl and default ttl commands restore the default TTL value written into TTL fields for the configuration mode nexthop group by deleting the corresponding ttl command from running-config.

Command Mode

Nexthop-group Configuration

Command Syntax

ttl hop_expiry

no ttl hop_expiry

default ttl hop_expiry

Parameters
  • hop_expiry Period that the packet remains valid (seconds or hops) Value ranges from 1 to 64.

Restrictions

This command is available only to Nexthop groups for tunnels of type IP-in-IP, GRE, MPLS, and MPLS over GRE.

Related Commands
  • nexthop-group places the switch in Nexthop-group configuration mode.

Examples:

  • This command configures the ttl setting to 32 for nexthop group NH-1 packets.
    switch(config)#nexthop-group NH-1
    switch(config-nexthop-group-NH-1)#ttl 32
    switch(config-nexthop-group-NH-1)#show active
     nexthop-group NH-1
     size 128
     ttl 32
    switch(config-nexthop-group-NH-1)#
  • This command restores the default ttl setting for nexthop group NH-1 packets.
    switch(config-nexthop-group-NH-1)#no ttl
    switch(config-nexthop-group-NH-1)#show active nexthop-group NH-1
     size 128
     ttl 64
    switch(config-nexthop-group-NH-1)#

tunnel-source (Nexthop Group)

The tunnel-source command specifies the address that is entered into the source IP address encapsulation field of packets that are transmitted as designated by the configuration mode nexthop group. The command may directly specify an IP address or specify an interface from which an IP address is derived. The default source address IP address is 0.0.0.0.

The no tunnel-source and default tunnel-source commands remove the source IP address setting from the configuration mode nexthop group by deleting the tunnel-source command from running-config.

Command Mode

Nexthop-group Configuration

Command Syntax

tunnel-source SOURCE

no tunnel-source SOURCE

default tunnel-source SOURCE

Parameters
  • SOURCEIP address or derivation interface. Options include:
    • ipv4_addr An IPv4 address.
    • intf ethernet e_num Ethernet interface specified by e_num.
    • intf loopback l_num Loopback interface specified by l_num.
    • intf management m_num Management interface specified by m_num.
    • intf port-channel p_num Port-channel interface specified by p_num.
    • intf vlan v_num VLAN interface specified by v_num.

Restrictions

This command is available only to Nexthop groups for tunnels of type ip-in-ip.

Related Commands
  • nexthop-group Places the switch in Nexthop-group configuration mode.

Example:

These commands create loopback interface 100, assign an IP address to the interface, then specifies that address as the tunnel source for packets designated by nexthop-group NH-1.
switch(config)#interface loopback 100
switch(config-if-Lo100)#ip address 10.1.1.1/32
switch(config-if-Lo100)#exit

switch(config)#nexthop-group NH-1
switch(config-nexthop-group-NH-1)#tunnel-source intf loopback 100
switch(config-nexthop-group-NH-1)#show active nexthop-group NH-1
 size 256
 ttl 64
 tunnel-source intf Loopback100
switch(config-nexthop-group-NH-1)#show nexthop-group NH-1
Name Id type size ttlsourceIp
NH-1 2ipInIp 25664 10.1.1.1

switch(config-nexthop-group-NH-1)#