Support Center > Search Results > SecureKnowledge Details
How to configure and troubleshoot Dynamic Routing on VSX running on SecurePlatform Pro Technical Level
Solution

Notes:

  • Enabling Dynamic Routing protocols in VSX environment does not have any impact on the machine and does not cause problems such as high CPU load, high memory consumption, etc.

  • Dynamic Routing is not supported on the VSX itself (VS0). Dynamic Routing must be configured only on Virtual Systems and Virtual Routers.

  • Default policy of Virtual Router does not allow any form of Dynamic Routing (it drops all traffic destined to Virtual Router). A new policy must be configured and installed on the Virtual Router to allow Dynamic Routing traffic. Refer to sk32247.

 

Step 1 - Enabling SecurePlatform Pro on the VSX machine:

  • Configuring Dynamic Routing protocols on VSX requires that the SecurePlatform OS is configured to run as SecurePlatform Pro.

  • You can do this when you first install the VSX by selecting SecurePlatform Pro, or if the VSX is already installed, enable it with the following command:

    [Expert@HostName:0]# pro enable

    Then reboot the machine for this change to take effect.

 

Step 2 - Enabling/Disabling (or Starting/Stopping) the Advanced Routing on the VSX machine:

Dynamic routing is implemented in the following way:

  • Each Virtual Device (Virtual System or Virtual Router) has its own routing daemon.

  • Each Virtual Device (Virtual System or Virtual Router) on the VSX gateway has to be configured separately.

  • For a VSX cluster, each Virtual Device (Virtual System or Virtual Router) on the cluster members has to be configured separately. This means if you have two physical machines combined to a single cluster, the Virtual Devices on each physical machine have to be configured independently.

Procedure:

  1. Enable and start the Advanced Routing on each relevant Virtual Device:

    [Expert@HostName:0]# drouter enable <VSID>
    If Advanced Routing is enabled but stopped on this Virtual Device, then to start the Advanced Routing on this Virtual Device:
    [Expert@HostName:0]# drouter start <VSID>
  2. If you want to stop and disable the Advanced Routing on the relevant Virtual Device:

    [Expert@HostName:0]# drouter disable <VSID>
    If you want only to stop but not disable the Advanced Routing on this Virtual Device:
    [Expert@HostName:0]# drouter stop <VSID>

 

Step 3 - Configuring Dynamic Routing protocols on the VSX machine:

  1. On VSX, the Dynamic Routing protocols, configured per Virtual Device, and not on the VSX itself.

  2. Check the list of Virtual Systems and their VSID:

    [Expert@HostName:0]# vsx stat -v

  3. Use the router shell to configure Dynamic Routing protocols:

    [Expert@HostName:0]# router
    (localhost.localdomain)> vrf-connect <VSID>
    localhost.localdomain- VRF-VSID>

  4. Start the configuration:

    localhost.localdomain- VRF-VSID> enable
    localhost.localdomain- VRF-VSID# configure terminal

  5. Configure the required Dynamic Routing protocol (OSPF/BGP/RIP,etc) based on the relevant guide:



  6. Save the Dynamic Routing configuration:

    Note: this step is crucial.

    localhost.localdomain- VRF-VSID# write memory

  7. Review the current configuration:

    localhost.localdomain- VRF-VSID# show running-configuration

  8. Exit from the 'router' shell back to the SecurePlatform shell:

    localhost.localdomain- VRF-VSID# exit

 

Step 4 - Troubleshooting Dynamic Routing issues:

Refer to:

In addition, search for specific errors/symptoms in SecureKnowledge.

 

Related Documentation:

 This solution is about products that are no longer supported and it will not be updated

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment 

SECURE YOUR EVERYTHING

©

Copyright | Privacy Policy
Follow Us