Nexthop Groups

These sections describe the Nexthop groups:

Nexthop Group Description

Each routing table entry provides the next hop address to its specified destination. A nexthop address is the address of the next device on the path to the entry’s specified destination.

A nexthop group is a data structure that defines a list of nexthop addresses and a tunnel type for packets routed to the specified address. When an IP route statement specifies a nexthop group as the nexthop address, the switch configures a static route with a nexthop group member as the nexthop address and encapsulates packets forwarded to that address as required by the group’s tunnel type.

The nexthop group size is a configurable parameter that specifies the number of entries that the group contains. Group entries that are not explicitly configured are filled with drop routes. The switch uses ECMP hashing to select the address within the nexthop group when forwarding packets. When a packet’s hash selects a drop route, the packet is dropped.

Nexthop groups are supported on Trident platform switches and subject to the following restrictions:
  • Each switch can support 512 IPv4 or IPv6 Tunnels
  • Nexthop groups can contain 256 nexthops.
  • The switch supports 1024 nexthop groups.
  • Multiple routes can share a tunnel.
  • Tunnels do not support IP multicast packets.

Nexthop groups support IP-in-IP tunnels. The entry IP address family within a particular nexthop group cannot be mixed, i.e. either they are all IPv4 or they are all IPv6 entries.

Nexthop Group Configuration

Nexthop groups are configured and modified in nexthop-group configuration mode. After a group is created, it is associated to a static route through an ip route nexthop-group statement.

These tasks are required to configure a nexthop group and apply it to a static route.

Creating and Editing Nexthop Groups

Nexthop groups are created by a nexthop-group command that specifies a group that isn't already configured. The switch enters nexthop-group configuration mode for the new group. Nexthop-group mode is also accessible for modifying existing groups. When in nexthop-group configuration mode, the show active command displays the group’s configuration.

  • This command creates a nexthop group named NH-1.
    switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)#
  • These commands enter nexthop-group configuration mode for the group named NH3, then displays the previously configured group parameters.
    switch(config)# nexthop-group NH3
switch(config-nexthop-group-NH3)#show active
 nexthop-group NH3
   size 4
   ttl 10
   entry 0 tunnel-destination 10.14.21.3
   entry 1 tunnel-destination 10.14.21.5
   entry 2 tunnel-destination 10.14.22.5
   entry 3 tunnel-destination 10.14.22.6
switch(config-nexthop-group-NH3)#

Configuring a Group’s Encapsulation Parameters

Packets in static routes that are associated with the nexthop group are encapsulated to support the group’s tunnel type. Nexthop groups support IP-in-IP tunnels. The group also defines the source IP address and TTL field contents that are included in the packet encapsulation.

  • This command configures the TTL setting to 32 for nexthop group NH-1 encapsulation packets.
    switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)# ttl 32
switch(config-nexthop-group-NH-1)# show active
 nexthop-group NH-1
   size 128
   ttl 32
switch(config-nexthop-group-NH-1)#

    The address is inserted in the encapsulation source IP fields is specified by tunnel-source (Nexthop Group).

  • These commands create interface loopback 100, assign an IP address to the interface, then specifies that address as the tunnel source for packets designated by nexthop-group NH-1.
    switch(config)# interface loopback 100
switch(config-if-Lo100)# ip address 10.1.1.1/32
switch(config-if-Lo100)# exit
switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)# tunnel-source intf loopback 100
switch(config-nexthop-group-NH-1)# show active
 nexthop-group NH-1
   size 256
   ttl 32
   tunnel-source intf Loopback100
switch(config-nexthop-group-NH-1)#

Configuring IP-in-IP Encapsulation

Through IP-in-IP encapsulation, IP packets matching a static Nexthop-Group route are encapsulated within an IP-in-IP tunnel and forwarded.

This command configures a static Nexthop-Group route and an IP-in-IP Nexthop-Group for IP-in-IP encapsulation.
switch(config)# ip route 124.0.0.1/32 nexthop-group abc
switch(config)# nexthop-group abc type ip-in-ip
switch(config-nexthop-group-abc)# size 512
switch(config-nexthop-group-abc)# tunnel-source 1.1.1.1
switch(config-nexthop-group-abc)# entry 0 tunnel-destination 1.1.1.2
switch(config-nexthop-group-abc)# entry 1 tunnel-destination 10.1.1.1
switch(config-nexthop-group-abc)# ttl 64
switch(config-nexthop-group-abc)#

Configuring the Group’s Size

The group’s size specifies the number of entries in the group. A group can contain up to 256 entries, which is the default size. The group’s size is specified by size (Nexthop Group).

This command configures the nexthop group NH-1 to contain 128 entries.
switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)# size 128
switch(config-nexthop-group-NH-1)# show active
 nexthop-group NH-1
   size 128
   ttl 64
switch(config-nexthop-group-NH-1)#

Creating Nexthop Group Entries

Each entry specifies a nexthop address that is used to forward packets. A nexthop group contains one entry statement for each nexthop address. The group’s size specifies the number of entry statements the group may contain. Each entry statement is assigned an index number to distinguish it from other entries within the group; entry index numbers range from zero to the group size minus one.

Nexthop group entries are configured by entry (Nexthop Group).

  • These commands set the nexthop group size at four entries, then create three entries. Packets that are hashed to the fourth entry are dropped.
    switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)# size 4
switch(config-nexthop-group-NH-1)# entry 0 tunnel-destination 10.13.4.4
switch(config-nexthop-group-NH-1)# entry 1 tunnel-destination 10.15.4.22
switch(config-nexthop-group-NH-1)# entry 2 tunnel-destination 10.15.5.37
switch(config-nexthop-group-NH-1)# show active
 nexthop-group NH-1
   size 4
   ttl 64
   entry 0 tunnel-destination 10.13.4.4
   entry 1 tunnel-destination 10.15.4.22
   entry 2 tunnel-destination 10.15.5.37
switch(config-nexthop-group-NH-1)#
  • These commands configure a nexthop group with three IPv6 nexthop entries.
    switch(config)# nexthop-group nhg-v6-mpls type ip
switch(config-nhg-v6-mpls)# size 3
switch(config-nhg-v6-mpls)# entry 0 nexthop 2002::6401:1
switch(config-nhg-v6-mpls)# entry 1 nexthop 2002::6404:1
switch(config-nhg-v6-mpls)# entry 2 nexthop 2002::6404:2
switch(config-nhg-v6-mpls)#
  • These commands configure an IPv4 route to point to the nexthop group nhg-v6-mpls. (Both IPv4 routes and IPv6 routes can point to this nexthop group.)
    switch# ip route 100.5.0.0/16 Nexthop-Group nhg-v6-mplsp
switch#

Displaying Nexthop Groups

The show nexthop-group command displays a group’s configured parameters.

This command displays the properties of the nexthop group named NH-1.
switch> show nexthop-group NH-1
Name             Id       type     size   ttl    sourceIp
NH-1             4        ipInIp   256    64     0.0.0.0
switch>

Applying a Nexthop Group to a Static Route

The ip route nexthop-group associates a nexthop group with a specified destination address and configures the encapsulation method for packets tunneled to that address.

This command creates a static route in the default VRF, using the nexthop group of NH-1 to determine the next hop address.
switch(config)# ip route 10.17.252.0/24 nexthop-group NH-1
switch(config)#

The show ip route command displays the routing table for a specified VRF. Routes that utilize a nexthop group entry are noted with a route type code of NG.

This command displays a routing table that contains a static route with its nexthop specified by a nexthop group.

switch> show ip route
Codes: C - connected, S - static, K - kernel,
       O - OSPF, IA - OSPF inter area, E1 - OSPF external type 1,
       E2 - OSPF external type 2, N1 - OSPF NSSA external type 1,
       N2 - OSPF NSSA external type2, B I - iBGP, B E - eBGP,
       R - RIP, I - ISIS, A B - BGP Aggregate, A O - OSPF Summary,
       NG - Nexthop Group Static Route

Gateway of last resort is not set

 C      10.3.3.1/32 is directly connected, Loopback0
 C      10.9.1.0/24 is directly connected, Ethernet51/3
 C      10.10.10.0/24 is directly connected, Ethernet51/1
 S      10.20.0.0/16 [20/0] via 10.10.10.13, Ethernet51/1
 C      10.10.11.0/24 is directly connected, Ethernet3
 NG     10.10.3.0/24 [1/0] via ng-test1, 5
 C      10.17.0.0/20 is directly connected, Management1
 S      10.17.0.0/16 [1/0] via 10.17.0.1, Management1
 S      10.18.0.0/16 [1/0] via 10.17.0.1, Management1
 S      10.19.0.0/16 [1/0] via 10.17.0.1, Management1
 S      10.20.0.0/16 [1/0] via 10.17.0.1, Management1
 S      10.22.0.0/16 [1/0] via 10.17.0.1, Management1

switch>

Support for IPv6 Link-Local Addresses in Nexthop Groups Entries

IPv6 Link-local addresses in Nexthop Groups entries support IPv6 link-local nexthops belonging to a Nexthop Group. Only the MPLS Nexthop Group supports IPv6 and because of this, IPv6 is limited to getting support only by the Nexthop Group of MPLS. An advantage is that you can use these devices even when they are not configured with globally routable IPv4 or IPv6 addresses.

Configuration

An MPLS next-hop group with IPv6 address now accepts an interface if the IPv6 address is a link-local. Note the use of percentages between the IPv6 address and the interface.
switch(config)# nexthop-group nhg1 type mpls
switch(config-nexthop-group-nhg1)# entry 0 push label-stack 606789 nexthop fe80::fe80:2%Ethernet2
switch(config-nexthop-group-nhg1)# entry 1 push label-stack 204164 nexthop fe80::fe80:2%Ethernet3

Show Commands

Use the show nexthop-group command to display the current status of the nexthop-groups.
switch# show nexthop-group
nhg1
  Id                1
  Type              mpls
  Size              12
  Entries (left most label is the top of the stack)
    0  push label-stack 606789   nexthop fe80::fe80:2
         Tunnel destination directly connected, Ethernet2
         00:d4:27:77:e9:77, Ethernet2
    1  push label-stack 204164   nexthop fe80::fe80:2
         Tunnel destination directly connected, Ethernet3
         00:79:21:32:0f:32, Ethernet3

Limitations

Review the following limitations for the support of IPv6 link-local address in nexthop group entries:
  • Only the nexthop-group of MPLS supports an IPv6 address. Therefore, link-local IPv6 addresses are only supported for this type of nexthop-group.
  • Nexthop-groups are configured and exist in the default VRF. The link-local IPv6 addresses for nexthop-group entries can only be resolved for interfaces in the default VRF.

Nexthop Group Commands

Nexthop Commands
Nexthop Show Command

entry (Nexthop Group)

The entry command defines a nexthop entry in the nexthop group configuration mode . Each nexthop entry specifies a nexthop IP address for static routes to which the nexthop group is assigned. The group size (size (Nexthop Group)) specifies the quantity of entries a group contains. Each entry is created by an individual command. Entries within a group are distinguished by an index number.

The no entry and default entry commands delete the specified nexthop group entry, as referenced by index number, by removing the corresponding entry statement from running-config.

Command Mode

Nexthop-group Configuration

Command Syntax

entry index tunnel-destination ipv4_address

no entry index

default entry index

Parameters
  • index      Entry index. Values range from 0 to group-size – 1.
  • ipv4_address     Nexthop IPv4 address.

group-size is the group’s entry capacity, as specified by the size (Nexthop Group) command.

Example

These commands sets the nexthop group size at four entries, then creates three nexthop entries. Packets that are hashed to the fourth entry are dropped.
switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)# size 4
switch(config-nexthop-group-NH-1)# entry 0 tunnel-destination 10.13.4.4
switch(config-nexthop-group-NH-1)# entry 1 tunnel-destination 10.15.4.22
switch(config-nexthop-group-NH-1)# entry 2 tunnel-destination 10.15.5.37
switch(config-nexthop-group-NH-1)# show active
 nexthop-group NH-1
   size 4
   ttl 64
   entry 0 tunnel-destination 10.13.4.4
   entry 1 tunnel-destination 10.15.4.22
   entry 2 tunnel-destination 10.15.5.37
switch(config-nexthop-group-NH-1)#

ip route nexthop-group

The ip route nexthop-group command creates a static route. The destination is a network segment. The nexthop address is one of the IP addresses that comprise the specified nexthop group. Packets forwarded as a result of this command are encapsulated as specified by the tunnel-type parameter of the specified nexthop group.

When multiple routes exist to a destination prefix, the route with the lowest administrative distance takes precedence. When a route created through this command has the same administrative distance as another static route (ECMP), the route that was created earliest has preference; running-config stores static routes in the order that they are created.

By default, the administrative distance assigned to static routes is 1. Assigning a higher administrative distance to a static route configures it to be overridden by dynamic routing data. For example, a static route with a distance value of 200 is overridden by OSPF intra-area routes, which have a default distance of 110.

The no ip route nexthop-group and default ip route nexthop-group commands delete the specified route by removing the corresponding ip route nexthop-group command from running-config. Ip route nexthop-group statements for an IP address in multiple VRFs must be removed separately.

A no ip route or default ip route command without a nexthop parameter deletes all corresponding ip route nexthop-group statements. Deleting a user-defined VRF also deletes its static routes.

Command Mode

Global Configuration

Command Syntax

ip route [VRF_INST dest_net nexthop-group nhgp_name [dist][TAG_OPTION][RT_NAME]

no ip route [VRF_INST] dest_net [nexthop-group nhgroup_name][distance]

default ip route [VRF_INST] dest_net [nexthop-group nhgroup_name][distance]

Parameters
  • VRF_INST      Specifies the VRF instance being modified.
    • no parameter      Changes are made to the default VRF.
    • vrf vrf_name      Changes are made to the specified VRF.
  • dest_net      Destination IPv4 subnet (CIDR or address-mask notation).
  • nhgp_name      Name of nexthop group.
  • dist  Administrative distance assigned to route. Options include:
    • no parameter      Route assigned default administrative distance of one.
    • 1-255      The administrative distance assigned to route.
  • TAG_OPTION      Static route tag. Options include:
    • no parameter      Assigns default static route tag of 0.
    • tag t_value       Static route tag value. t_value ranges from 0 to 4294967295.
  • RT_NAME       Associates descriptive text to the route. Options include:
    • no parameter       No text is associated with the route.
    • name descriptive_text      The specified text is assigned to the route.

Related Commands

The ip route command creates a static route that specifies the nexthop address without using nexthop groups.

Example

This command creates a static route in the default VRF, using the nexthop group of NH-1 to determine the next hop address.
switch(config)# ip route 10.17.252.0/24 nexthop-group NH-1
switch(config)#

nexthop-group

The nexthop-group command places the switch in nexthop-group configuration mode, through which nexthop groups are created or modified. The command also specifies the tunnel protocol for extracting payload from encapsulated packets that arrive through an IP address upon which the group is applied.

A nexthop group is a data structure that defines a list of nexthop addresses and the encapsulation process for packets routed to the specified address. The command either accesses an existing nexthop group configuration or creates a new group if it specifies a non-existent group. Supported tunnel protocols include IP ECMP and IP-in-IP.

The nexthop-group configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting the nexthop-group configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.

The no nexthop-group and default nexthop-groupcommands delete previously configured commands in the specified nexthop-group mode. When the command does not specify a group, it removes all nexthop-groups. When the command specifies a tunnel type without naming a group, it removes all nexthop-groups of the specified type.

Command Mode

Global Configuration

Command Syntax

nexthop-group group_name type TUNNEL_TYPE

no nexthop-group [group_name][type TUNNEL_TYPE]

default nexthop-group [group_name][typeTUNNEL_TYPE]

Parameters
  • group_name Nexthop group name.
  • TUNNEL_TYPE Tunnel protocol of the nexthop-group. Options include:
    • ip ECMP nexthop.
    • ip-in-ip IP in IP tunnel.
    • gre Encapsules the Layer 3 protocols overs IP networks.
    • mpls-over-gre Tunnels MPLS over a non-MPLS network.
      • entry Nexthop Group Entry Configuration.
      • size Nexthop Group Entry Size.
      • tos Tunnel encapsulation IP type of service.
      • ttl Tunnel encapsulation TTL value.
      • tunnel-source Source Interface or Address.
Commands Available in Nexthop-group Configuration Mode

Restrictions

Tunnel type availability varies by switch platform.

Examples

  • This command creates a nexthop group named NH-1 that specifies ECMP nexthops.
    switch(config)# nexthop-group NH-1 type ip
switch(config-nexthop-group-NH-1)#
  • This command exits nexthop-group mode for the NH-1 nexthop group.
    switch(config-nexthop-group-NH-1)# exit
switch(config)#
  • These commands creates a nexthop group NH-2 of type MPLS over GRE.
    switch(config)# nexthop-group NH-2 type mpls-over-gre
switch(config-nexthop-group-NH-2)# tunnel-source 11.1.1.1
switch(config-nexthop-group-NH-2)# ttl 32
switch(config-nexthop-group-NH-2)# tos 20
switch(config-nexthop-group-NH-2)# entry 0 push label-stack 16000 tunnel-destination 11.1.1.2
switch(config)# ip route 100.1.1.1/32 Nexthop-Group NH-2

Counters for nexthop group may be enabled using the following command
switch(config)# hardware counter feature nexthop

show nexthop-group

The show nexthop-group command displays properties of the specified nexthop group.

Command Mode

EXEC

Command Syntax

show nexthop-group nhgroup_name [VRF_INST]

Parameters
  • nhgroup_name Name of the group displayed by command.
  • VRF_INST Specifies the VRF instance for which data is displayed.
    • no parameter     Context-active VRF.
    • vrf vrf_name Specifies the name of VRF instance. System default VRF is specified by default.

Related Commands

The show nexthop-group command places the switch in the nexthop-group configuration mode to create a new group or modify an existing group.

Example

This command displays the nexthop group information.
switch(config)# show nexthop-group
  Id         107
  Type       mplsOverGre
  Size       1  (auto size enabled, programmed size 1)
  TTL        32
  Source IP  11.1.1.1
  Entries (left most label is the top of the stack)
    0  push label-stack 16000   tunnel-destination 11.1.1.2
         Tunnel destination directly connected, Ethernet1
         00:00:aa:aa:aa:aa, Ethernet1

With nexthop group counter enabled
switch(config)# show nexthop-group
  Id         1
  Type       mplsOverGre
  Size       1  (auto size enabled, programmed size 1)
  TTL        64
  Source IP  0.0.0.0
  Entries (left most label is the top of the stack)
    0  push label-stack 16000   tunnel-destination 1.1.1.2
         Tunnel destination directly connected, Ethernet1
         00:00:aa:aa:aa:aa, Ethernet1
         0 packets, 0 bytes

switch(config)#show nexthop-group summary
Number of Nexthop Groups configured: 1
Number of unprogrammed Nexthop Groups: 0

  Nexthop Group Type   Configured
-------------------- ------------
       MPLS over GRE            1

  Nexthop Group Size   Configured
-------------------- ------------
                   1            1

size (Nexthop Group)

The size command configures the quantity of nexthop entries in the nexthop groupconfiguration mode . Each entry specifies a nexthop IP address for static routes to which the group is assigned. Entries are configured with the entry (Nexthop Group) command. The default size is 256 entries.

The no size and default size commands restore the size of the configuration mode nexthop group to its default of 256 by removing the corresponding size command from running-config.

Command Mode

Nexthop-group Configuration

Command Syntax

size entry_size

no size entry_size

default size entry_size

Parameter

entry_size Group size (entries). Value ranges from 1 to 255. Default value is 256.

Example

This command configures the nexthop group NH-1 to contain 128 entries.
switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)# size 128
switch(config-nexthop-group-NH-1)# show active
 nexthop-group NH-1
   size 128
   ttl 64
switch(config-nexthop-group-NH-1)#

ttl (Nexthop Group)

The ttl command specifies the number entered into the TTL (time to live) encapsulation field of packets that are transmitted to the address designated by the configuration mode nexthop group. The default TTL value is 64.

The no ttl and default ttl commands restore the default TTL value written into TTL fields for the nexthop group configuration mode by deleting the corresponding ttl command from running-config.

Command Mode

Nexthop-group Configuration

Command Syntax

ttl hop_expiry

no ttl hop_expiry

default ttl hop_expiry

Parameters

hop_expiry     Period that the packet remains valid (seconds or hops) Value ranges from 1 to 64.

Restrictions

This command is available only to Nexthop groups for tunnels of type IP-in-IP, GRE, MPLS, and MPLS over GRE.

Related Commands

The nexthop-group command places the switch in the nexthop-group configuration mode.

Examples

  • This command configures the ttl setting to 32 for nexthop group NH-1 packets.
    switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)# ttl 32
switch(config-nexthop-group-NH-1)# show active
 nexthop-group NH-1
   size 128
   ttl 32
switch(config-nexthop-group-NH-1)#
  • This command restores the no ttl setting for nexthop group NH-1 packets.
    switch(config-nexthop-group-NH-1)# no ttl
switch(config-nexthop-group-NH-1)# show active nexthop-group NH-1
   size 128
   ttl 64
switch(config-nexthop-group-NH-1)#

tunnel-source (Nexthop Group)

The tunnel-source command specifies the address that is entered into the source IP address encapsulation field of packets that are transmitted as designated by the nexthop group configuration mode . The command may directly specify an IP address or specify an interface from which an IP address is derived. The default source address IP address is 0.0.0.0.

The no tunnel-source and default tunnel-source commands remove the source IP address setting from the configuration mode nexthop group by deleting the tunnel-source command from running-config.

Command Mode

Nexthop-group Configuration

Command Syntax

tunnel-source SOURCE

no tunnel-source SOURCE

default tunnel-source SOURCE

Parameters

SOURCE IP address or derivation interface. Options include:
  • ipv4_addr      An IPv4 address.
  • intf ethernet e_num     Ethernet interface specified by e_num.
  • intf loopback l_num     Loopback interface specified by l_num.
  • intf management m_num     Management interface specified by m_num.
  • intf port-channel p_num     Port-channel interface specified by p_num.
  • intf vlan v_num     VLAN interface specified by v_num.

Restrictions

This command is available only to Nexthop groups for tunnels of type ip-in-ip.

Related Commands

The nexthop-group command places the switch in the nexthop-group configuration mode.

Example

These commands create interface loopback 100, assign an IP address to the interface, then specifies that address as the tunnel source for packets designated by nexthop-group NH-1.
switch(config)# interface loopback 100
switch(config-if-Lo100)# ip address 10.1.1.1/32
switch(config-if-Lo100)# exit

switch(config)# nexthop-group NH-1
switch(config-nexthop-group-NH-1)# tunnel-source intf loopback 100
switch(config-nexthop-group-NH-1)# show active nexthop-group NH-1
   size 256
   ttl 64
   tunnel-source intf Loopback100
switch(config-nexthop-group-NH-1)# show nexthop-group NH-1
Name             Id       type     size   ttl    sourceIp
NH-1             2        ipInIp   256    64     10.1.1.1

switch(config-nexthop-group-NH-1)#