manualshive.com logo in svg

Foundry Networks FastIron Edge Switch X424, Manual

The Foundry Networks FastIron Edge Switch X424 is a high-performance networking switch, ideal for businesses looking for reliable connectivity. For easy setup and maintenance, download the free user manual from our website and get started with your new switch today. manualshive.com is the place to go for the manual.

Share
Download
background image

Foundry FastIron X-Series

Configuration Guide

FastIron Edge Switch X-Series

FastIron Workgroup Switch X-Series

FastIron SuperX Switch

2100 Gold Street

P.O. Box 649100

San Jose, CA 95164-9100

Tel 408.586.1700

Fax 408.586.1900

December 2005

Summary of Contents for FastIron Edge Switch X424

Page 1: ...Series Configuration Guide FastIron Edge Switch X Series FastIron Workgroup Switch X Series FastIron SuperX Switch 2100 Gold Street P O Box 649100 San Jose CA 95164 9100 Tel 408 586 1700 Fax 408 586...

Page 2: ...e property of Foundry or other third parties You are not permitted to use these Marks without the prior written consent of Foundry or such appropriate third party Foundry Networks BigIron FastIron Iro...

Page 3: ...APPLICATIONS 2 1 LOGGING ON THROUGH THE CLI 2 1 ON LINE HELP 2 2 COMMAND COMPLETION 2 2 SCROLL CONTROL 2 2 LINE EDITING COMMANDS 2 3 USING SLOT AND PORT NUMBERS WITH CLI COMMANDS 2 3 SEARCHING AND FI...

Page 4: ...LEX MODE 3 15 CONFIGURING MDI MDIX 3 16 DISABLING OR RE ENABLING A PORT 3 16 DISABLING OR RE ENABLING FLOW CONTROL 3 17 CHANGING THE GIGABIT FIBER NEGOTIATION MODE 3 17 MODIFYING PORT PRIORITY QOS 3 1...

Page 5: ...ENABLING OR DISABLING LAYER 2 SWITCHING 5 7 CONFIGURATION NOTES 5 7 COMMAND SYNTAX 5 8 CHAPTER 6 CONFIGURING POWER OVER ETHERNET 6 1 POWER OVER ETHERNET OVERVIEW 6 1 TERMS USED IN THIS SECTION 6 2 ME...

Page 6: ...SPAN 7 16 802 1W RAPID SPANNING TREE RSTP 7 18 802 1W DRAFT 3 7 53 SINGLE SPANNING TREE SSTP 7 56 STP PER VLAN GROUP 7 58 PVST PVST COMPATIBILITY 7 61 OVERVIEW OF PVST AND PVST 7 62 VLAN TAGS AND DUA...

Page 7: ...ALL PORTS 9 4 DISPLAYING INFORMATION FOR A SINGLE PORT 9 5 CLEARING UDLD STATISTICS 9 6 CHAPTER 10 CONFIGURING TRUNK GROUPS AND DYNAMIC LINK AGGREGATION 10 1 TRUNK GROUP OVERVIEW 10 1 TRUNK GROUP CON...

Page 8: ...OUTING INTERFACES LAYER 3 SWITCHES ONLY 11 14 DYNAMIC PORT ASSIGNMENT LAYER 2 SWITCHES AND LAYER 3 SWITCHES 11 15 ASSIGNING A DIFFERENT VLAN ID TO THE DEFAULT VLAN 11 15 ASSIGNING TRUNK GROUP PORTS 11...

Page 9: ...ION 11 59 DISPLAYING VLAN INFORMATION FOR SPECIFIC PORTS 11 60 CHAPTER 12 RULE BASED IP ACCESS CONTROL LISTS ACLS 12 1 ACL OVERVIEW 12 2 TYPES OF IP ACLS 12 2 ACL IDS AND ENTRIES 12 2 NUMBERED AND NAM...

Page 10: ...ON 13 1 PROCESSING OF CLASSIFIED TRAFFIC 13 2 QOS QUEUES 13 6 ASSIGNING QOS PRIORITIES TO TRAFFIC 13 7 MARKING 13 8 CONFIGURING DSCP BASED QOS 13 8 APPLICATION NOTES 13 8 USING ACLS TO HONOR DSCP BASE...

Page 11: ...LICIES 15 10 CHAPTER 16 CONFIGURING IP 16 1 BASIC CONFIGURATION 16 1 OVERVIEW 16 2 IP INTERFACES 16 2 IP PACKET FLOW THROUGH A LAYER 3 SWITCH 16 3 IP ROUTE EXCHANGE PROTOCOLS 16 7 IP MULTICAST PROTOCO...

Page 12: ...4 CHAPTER 17 CONFIGURING RIP 17 1 RIP OVERVIEW 17 1 ICMP HOST UNREACHABLE MESSAGE FOR UNDELIVERABLE ARPS 17 2 RIP PARAMETERS AND DEFAULTS 17 2 RIP GLOBAL PARAMETERS 17 2 RIP INTERFACE PARAMETERS 17 3...

Page 13: ...MULTICAST GROUP 19 6 PIM DENSE 19 6 INITIATING PIM MULTICASTS ON A NETWORK 19 6 PRUNING A MULTICAST TREE 19 7 GRAFTS TO A MULTICAST TREE 19 8 PIM DM VERSIONS 19 8 CONFIGURING PIM DM 19 9 FAILOVER TIME...

Page 14: ...1 OVERVIEW OF OSPF 20 1 OSPF POINT TO POINT LINKS 20 3 DESIGNATED ROUTERS IN MULTI ACCESS NETWORKS 20 4 DESIGNATED ROUTER ELECTION IN MULTI ACCESS NETWORKS 20 4 OSPF RFC 1583 AND 2178 COMPLIANCE 20 5...

Page 15: ...YING OSPF INTERFACE INFORMATION 20 42 DISPLAYING OSPF ROUTE INFORMATION 20 43 DISPLAYING OSPF EXTERNAL LINK STATE INFORMATION 20 45 DISPLAYING OSPF LINK STATE INFORMATION 20 46 DISPLAYING THE DATA IN...

Page 16: ...RST MEDS 21 32 CONFIGURING ROUTE REFLECTION PARAMETERS 21 32 CONFIGURING CONFEDERATIONS 21 34 AGGREGATING ROUTES ADVERTISED TO BGP4 NEIGHBORS 21 37 MODIFYING REDISTRIBUTION PARAMETERS 21 37 REDISTRIBU...

Page 17: ...FRESH FROM A BGP4 NEIGHBOR 21 102 CLOSING OR RESETTING A NEIGHBOR SESSION 21 105 CLEARING AND RESETTING BGP4 ROUTES IN THE IP ROUTE TABLE 21 106 CLEARING TRAFFIC COUNTERS 21 106 CLEARING ROUTE FLAP DA...

Page 18: ...NG THE BLOCK SIZE FOR TFTP FILE TRANSFERS 23 7 REBOOTING 23 7 LOADING AND SAVING CONFIGURATION FILES 23 7 REPLACING THE STARTUP CONFIGURATION WITH THE RUNNING CONFIGURATION 23 8 REPLACING THE RUNNING...

Page 19: ...ONFIGURATION INFORMATION B 2 VIEWING PORT STATISTICS B 2 VIEWING STP STATISTICS B 5 CLEARING STATISTICS B 5 RMON SUPPORT B 5 STATISTICS RMON GROUP 1 B 6 HISTORY RMON GROUP 2 B 8 ALARM RMON GROUP 3 B 9...

Page 20: ...tworks Inc December 2005 APPENDIX D SOFTWARE FEATURES AND SPECIFICATIONS D 1 FEATURE HIGHLIGHTS D 1 SUPPORTED FEATURES D 2 UNSUPPORTED FEATURES D 7 IEEE COMPLIANCE D 8 RFC SUPPORT D 9 INTERNET DRAFTS...

Page 21: ...Layer 3 switch This guide includes procedures for configuring the software The software procedures show how to perform tasks using the CLI This guide also describes how to monitor Foundry products us...

Page 22: ...elease 02 3 01 combined FESX FSX FWSX release 02 2 00 combined FESX FWSX release 02 1 01 02 0 00 01 1 00 01 0 00 For the FastIron SuperX Switch 02 2 01 02 2 00 02 1 00 02 0 01 NOTE Software releases f...

Page 23: ...re Installation Guide provides hardware installation procedures for the FastIron chassis devices FSX Foundry FastIron Stackable Hardware Installation Guide provides hardware installation procedures fo...

Page 24: ...technical support will ensure that the fast and easy access that you have come to expect from your Foundry Networks products will be maintained Web Access http www foundrynetworks com Email Access Tec...

Page 25: ...mmands in the CLI are organized into the following levels User EXEC Lets you display information and perform basic tasks such as pings and traceroutes Privileged EXEC Lets you use the same commands as...

Page 26: ...nvalid command followed by a message appears indicating the command was unrecognized For example FESX424 Router config rooter ip Unrecognized command Command Completion The CLI supports command comple...

Page 27: ...y only to Chassis devices Here is an example The following commands change the CLI from the global CONFIG level to the configuration level for the first port on the device FSX commands FastIron SuperX...

Page 28: ...filters the output of the show interface command for port 3 11 so it displays only lines containing the word Internet This command can be used to display the IP address of the interface FastIron Supe...

Page 29: ...e Foundry device displays output starting from the first line that contains the search string similar to the begin option for show commands For example To display lines containing only a specified sea...

Page 30: ...hes the output against the search string These special characters are listed in the following table Table 2 3 Special Characters for Regular Expressions Character Operation The period matches on any s...

Page 31: ...sion matches output that ends with deg deg _ An underscore matches on one or more of the following comma left curly brace right curly brace left parenthesis right parenthesis The beginning of the inpu...

Page 32: ...igure 2 1 Web Management Interface Login Panel NOTE If you are unable to connect with the device through a Web browser due to a proxy problem it may be necessary to set your Web browser to direct Inte...

Page 33: ...curity Guide Navigating the Web Management Interface When you log into a device the System configuration panel is displayed This panel allows you to enable or disable major system features You can ret...

Page 34: ...ace by using one of the following methods Using the CLI you can modify the appearance of the Web management interface with the web management command To cause the Web management interface to display t...

Page 35: ...oes not include an option to display the tree view 6 When you have finished click the Apply button on the panel then click the Refresh button on your browser to activate the changes 7 To save the conf...

Page 36: ...Foundry Configuration Guide for the FESX FSX and FWSX 2 12 Foundry Networks Inc December 2005...

Page 37: ...ese system level parameters at the Global CONFIG level of the CLI This chapter contains procedures for configuring the following parameters NOTE Before assigning or modifying any router parameters you...

Page 38: ...e zappa zappa config snmp server contact Support Services zappa config snmp server location Centerville zappa config end zappa write memory Syntax hostname string Syntax snmp server contact string Syn...

Page 39: ...receiver and encrypt the display of the community string enter commands such as the following To specify an SNMP trap receiver and change the UDP port that will be used to receive traps enter a comma...

Page 40: ...trap source ethernet 4 FESX424 Switch config write memory Syntax snmp server trap source loopback num ethernet slotnum portnum ve num The num parameter is a loopback interface or virtual interface num...

Page 41: ...devices running Layer 2 software SNMP authentication keys Power supply failure Fan failure Cold start Link up Link down Bridge new root Bridge topology change Locked address violation Layer 3 Traps Th...

Page 42: ...level apply to access through the serial connection or Telnet The following examples show login and logout messages for the User EXEC and Privileged EXEC levels of the CLI Syntax show logging The fir...

Page 43: ...bered IP address configured on a virtual interface as the device s source for all Telnet packets enter commands such as the following FESX424 Switch config int loopback 2 FESX424 Switch config lbif 2...

Page 44: ...d date NOTE Foundry devices do not retain time and date information across power cycles Unless you want to reconfigure the system time counter each time the system is reset Foundry Networks recommends...

Page 45: ...t was received from the peer poll Poll interval in seconds delay Round trip delay in milliseconds disp Dispersion in seconds Table 3 4 Output from the show sntp status command This Field Indicates uns...

Page 46: ...05 on October 15 2003 enter the following command FESX424 Switch clock set 10 15 05 10 15 2003 Syntax no clock set hh mm ss mm dd yy mm dd yyyy By default Foundry switches and routers do not change t...

Page 47: ...Command Syntax To enable broadcast limiting on a group of ports enter commands such as the following FESX424 Switch config interface ethernet 1 to 8 FESX424 Switch config mif e1000 1 8 broadcast limit...

Page 48: ...er command When you access the Web management interface the banner is displayed Setting a Privileged EXEC CLI Level Banner You can configure the Foundry device to display a message when a user enters...

Page 49: ...name text The text parameter is an alphanumeric string The name can be up to 64 characters long The name can contain blanks You do not need to use quotation marks around the string even when it contai...

Page 50: ...ort will advertise 10 Mbps capability to the connected device The port speed down shift and maximum port speed advertisement features operate dynamically at the physical link layer between two connect...

Page 51: ...nfig link config gig copper autoneg control 10m e 1 To configure a maximum port speed advertisement of 100 Mbps on a port that has auto negotiation enabled enter the following command at the Global CO...

Page 52: ...hus these commands work whether auto negotiation is turned ON or OFF Do not use the mdi mdix commands on ports that are manually configured with a speed duplex of 100 full In this case make sure the o...

Page 53: ...to perform a handshake with the other port to exchange capability information Negotiation off The port does not try to perform a handshake Instead the port uses configuration information manually con...

Page 54: ...packets cdp run command Some VoIP phones may require a reboot after configuring or re configuring a voice VLAN ID For example if your VoIP phone queries for VLAN information only once upon boot up you...

Page 55: ...have a configured voice VLAN To view the voice VLAN for all ports use the show voice vlan command The following example shows the command output results Syntax show voice vlan port num FESX424 Switch...

Page 56: ...Foundry Configuration Guide for the FESX FSX and FWSX 3 20 Foundry Networks Inc December 2005...

Page 57: ...the Global CONFIG level of the CLI This chapter contains the topics listed in Table 4 1 NOTE Before assigning or modifying any router parameters you must assign the IP subnet interface addresses for...

Page 58: ...7 48 Port 49 Port 50 FastIron SuperX Management Module Ports 1 12 24 port Gigabit Ethernet Copper Interface Module Ports 1 12 Ports 13 24 24 port Gigabit Ethernet Fiber Interface Module Ports 1 12 Por...

Page 59: ...in 60 second intervals If you set the MAC age time to 0 aging is disabled NOTE The actual age time is from one to two times the configured value For example if you set the MAC age time to 60 seconds...

Page 60: ...does not have more than one port based VLAN VLAN 1 which is the default VLAN that contains all the ports the static mac address command is at the global CONFIG level of the CLI If the device has more...

Page 61: ...lly then apply them to individual interfaces To apply MAC filters to an interface you add the filters to that interface s MAC filter group The device takes the action associated with the first matchin...

Page 62: ...r on the port Syntax mac filter filter num permit deny any H H H any H H H The permit deny argument determines the action the software takes when a match occurs The src mac mask any parameter specifie...

Page 63: ...rst log entry the software generates another log entry and SNMP trap for denied packets Configuration Notes MAC filter logging is supported in the following FastIron configurations FESX devices runnin...

Page 64: ...maximum number of entries the tables can hold You can adjust individual table sizes to accommodate your configuration needs The tables you can configure as well the defaults and valid ranges for each...

Page 65: ...0 System Parameters Default Maximum Current ip arp 4000 64000 4000 ip static arp 512 1024 512 atalk route 1024 1536 1024 atalk zone port 64 255 64 atalk zone sys 768 2048 768 multicast route 64 8192 6...

Page 66: ...mum Current ip arp 4000 64000 4000 ip static arp 512 1024 512 atalk route 1024 1536 1024 atalk zone port 64 255 64 atalk zone sys 768 2048 768 multicast route 64 8192 64 dvmrp route 2048 32000 2048 dv...

Page 67: ...o 64 then increase the total number of IP interfaces you can configure on the device from 256 to 512 enter the following commands Syntax system max subnet per interface num The num parameter specifies...

Page 68: ...ports 1 and 13 can Each 10 Gigabit port can have one ingress mirror port and one egress mirror port You can configure up to eight egress monitored ports You can configure any number of ingress monito...

Page 69: ...This parameter configures the mirror port exclusively for ingress or egress traffic If you do not specify one both types of traffic apply The both in out parameters specify the traffic direction you w...

Page 70: ...Foundry Configuration Guide for the FESX FSX and FWSX 4 14 Foundry Networks Inc December 2005...

Page 71: ...network since incoming traffic can learn directly connected routes advertised by the Foundry device but outgoing traffic to other devices must use statically configured or default routes The Base Lay...

Page 72: ...you want to pre configure an entry for a device that is not connected to the Foundry device or you want to prevent a particular entry from aging out The software removes a dynamic entry from the ARP c...

Page 73: ...increase the limit for one of the parameters you must first decrease one or both of the other parameters limits If you enter a value that exceeds the memory limit the CLI will display an error message...

Page 74: ...must enable the protocol globally then enable RIP on individual ports When you enable RIP on a port you also must specify the version version 1 only version 2 only or version 1 compatible with versio...

Page 75: ...licable to static routes Enable redistribution NOTE If you plan to configure redistribution filters do not enable redistribution until you have configured the filters When you enable redistribution al...

Page 76: ...parameters you need to enable redistribution To enable RIP redistribution enter the following command FESX424 Router config rip router redistribution Syntax no redistribution Enabling Learning of Def...

Page 77: ...e a system reset before the protocol will be active on the system PIM DVMRP and RIP To reset a system enter the reload command at the privileged level of the CLI To enable a protocol on a device runni...

Page 78: ...X424 Router reload To re enable Layer 2 switching on a Layer 3 Switch enter the following FESX424 Router config no route only FESX424 Router config exit FESX424 Router write memory FESX424 Router relo...

Page 79: ...rements for delivering power over the LAN as defined by the Institute of Electrical and Electronics Engineers Inc IEEE in the 802 3af specification Table 6 1 Chapter Contents Description See Page Over...

Page 80: ...ng equipment Methods for Delivering POE There are two methods for delivering power over the network as defined in the 802 3af specification Endspan Power is supplied through the Ethernet ports on a po...

Page 81: ...E Endspan Delivery Method IP phone Power and data signals travel along the same pairs of wires at different frequencies CONSOLE POWER PS1 PS2 ACT LINK 49F 50F FastIron Edge 4802 POE 37 38 39 40 41 42...

Page 82: ...zero Table 6 3 shows the different power classes and their respective power consumption needs Power Specifications The actual implementation of the 802 3af standard limits power to 15 4W 44V to 57V f...

Page 83: ...IronPoint Access Point allows wireless clients to connect to your enterprise network It is a full featured access point that can be managed as a single device or by IronView Network Manager a network...

Page 84: ...evice the power level or power class takes precedence over the CDP power requirement Therefore if you want the device to adhere to the CDP power requirement do not configure a power level or power cla...

Page 85: ...E power level to 14 000 milliwatts 14 watts Syntax inline power power limit power level where power level is the number of milliwatts between 1000 and 15400 The default is 15400 For information about...

Page 86: ...or power than the POE power supply or supplies can provide the FSX must place the POE ports that it cannot power in standby or denied mode waiting for power until the available power increases The ava...

Page 87: ...ty power class and maximum power level you must specify each POE parameter in the CLI command line This section provides some examples EXAMPLE To change a POE port s power priority from high to low th...

Page 88: ...D Class Pri Fault State State Consumed Allocated Error 4 1 On On 5070 9500 802 3af n a 3 n a 4 2 On On 1784 9500 Legacy n a 3 n a 4 3 On On 2347 9500 802 3af n a 3 n a 4 4 On On 2441 9500 Legacy n a 3...

Page 89: ...owing ON The POE power supply is delivering in line power to the powered device OFF The POE power supply is not delivering in line power to the powered device DENIED The port is in standby mode waitin...

Page 90: ...while in standby mode waiting for power Ports with a higher priority will receive power before ports with a low priority This value can be one of the following 3 low priority 2 high priority 1 critic...

Page 91: ...e following command FastIron SuperX Switch show inline power detail Power Supply Data Power Supply 1 Firmware Ver 0 2 Date 3 15 5 H W Status 807 Max Curr 26 5 Amps Voltage 50 0 Volts Capacity 1325 Wat...

Page 92: ...0 2 24 0 24 0 0 0 0 3 24 0 23 1 0 1 0 4 24 0 23 1 0 1 1 5 24 0 24 0 0 0 0 6 24 0 24 0 0 0 0 7 24 0 24 0 0 0 0 8 24 0 24 0 0 0 0 Total 192 0 190 2 0 2 1 Cumulative Port Power Data Slot Ports Ports Port...

Page 93: ...dule s slot number s firmware version Cumulative Port State Data Slot The Interface module slot number Ports Admin On The number of ports on the Interface module on which the inline power command was...

Page 94: ...l number of watts consumed by both POE power consuming devices and the POE module daughter card attached to the Interface module Power Allocation The number of watts allocated to the Interface module...

Page 95: ...s Chapter Contents Table 7 1 Chapter Contents Description See Page Overview of STP 7 2 Configuring standard STP parameters 7 2 STP Parameters and defaults 7 2 Enabling and disabling STP 7 4 Changing S...

Page 96: ...device s ports Thus by default each Foundry device has one spanning tree However if you configure additional port based VLANs on a Foundry device then each of those VLANs on which STP is enabled and V...

Page 97: ...forwarding state respectively The forward delay value is also used for the age time of dynamic entries in the filtering database when a topology change occurs 15 seconds Possible values 4 30 seconds M...

Page 98: ...ing STP Globally Use the following method to enable or disable STP on a device on which you have not configured port based VLANs NOTE When you configure a VLAN the VLAN inherits the global STP setting...

Page 99: ...n this example changes the priority on a device on which you have not configured port based VLANs The change applies to the default VLAN If you have configured a port based VLAN on the device you can...

Page 100: ...iority is 8 NOTE If you are upgrading a device that has a configuration saved under an earlier software release and the configuration contains a value from 0 7 for a port s STP priority the software c...

Page 101: ...ect statistics To clear the BPDU drop counter for a specific port that has STP Protection enabled enter the following command at the Global CONFIG level of the CLI FESX424 Switch config clear stp prot...

Page 102: ...g to VLAN number in ascending order The entry number is not the same as the VLAN number For example if you have port based VLANs 1 10 and 2024 then the command output has three STP entries To display...

Page 103: ...ee Changing STP Bridge Parameters on page 7 5 Max age sec The number of seconds this device or VLAN waits for a configuration BPDU from the root bridge before deciding the root has become unavailable...

Page 104: ...ted or received during this state LEARNING The port has passed through the LISTENING state and will change to the FORWARDING state depending on the results of STP s reconvergence The port does not tra...

Page 105: ...nd can be from 1 900 If you use this parameter the command lists the usage statistics only for the specified number of seconds If you do not use this parameter the command lists the usage statistics f...

Page 106: ...port is disabled the only information shown by this command is DISABLED If a port is enabled this display shows the following information FastIron SuperX Router config show vlans Total PORT VLAN entr...

Page 107: ...it is a member VLAN To list all the member VLANs within a VLAN group enter the show vlan group group id command The show span detail command shows the following information Table 7 6 CLI Display of De...

Page 108: ...er frames are transmitted or received during this state LEARNING The port has passed through the LISTENING state and will change to the BLOCKING or FORWARDING state depending on the results of STP s r...

Page 109: ...ansmission of the last Configuration BPDU BPDUs Sent and Received The number of BPDUs sent and received on this port since the software was reloaded Table 7 6 CLI Display of Detailed STP Information f...

Page 110: ...ate in four seconds Specifically Fast Port Span allows faster convergence on ports that are attached to end stations and thus do not present the potential to cause Layer 2 forwarding loops Because the...

Page 111: ...t is 802 1Q tagged The port is a member of a trunk group The port has learned more than one active MAC address An STP Configuration BPDU has been received on the port thus indicating the presence of a...

Page 112: ...undry devices for backward compatibility However customers who are currently using RSTP Draft 3 should migrate to 802 1W The 802 1W feature provides rapid traffic reconvergence for point to point link...

Page 113: ...which it is connected Alternate Provides an alternate path to the root bridge when the root port goes down Backup Provides a backup to the LAN when the Designated port goes down Disabled Has no role...

Page 114: ...mitted by Port7 are superior to those Port8 transmits Therefore Port8 is the Backup port and Port7 is the Designated port Ports on Switch 3 Port2 on Switch 3 directly connects to the Designated port o...

Page 115: ...edge port is part of the active RSTP topology The 802 1W protocol can auto detect an Edge port and a non edge port An administrator can also configure a port to be an Edge port using the CLI It is re...

Page 116: ...ole 802 1W quickly places it into a forwarding state However if the Designated port is an Edge port then the port starts and stays in a forwarding state and it cannot be elected as a Root port A port...

Page 117: ...ng state and performs any necessary processing associated with the state changes Port Timers This state machine is responsible for triggering any of the state machines described above based on expirat...

Page 118: ...ort continues to send this flag in its RST BPDU until it is placed in a forwarding state Figure 7 7 or is forced to operate in 802 1D mode See Compatibility of 802 1W with 802 1D on page 43 Proposed W...

Page 119: ...nize their roles and states Figure 7 5 Ports that are non edge ports with a role of Designated port change into a discarding state These ports have to negotiate with their peer ports to establish thei...

Page 120: ...s and Backup ports are synced The Root port monitors the synced signals from all the bridge ports Once all bridge ports asserts a synced signal the Root port asserts its own synced signal Figure 7 6 F...

Page 121: ...waiting for the hello timers to expire on them This process starts the handshake with the downstream bridges For example Port2 Switch 200 sends an RST BPDU to Port2 Switch 300 that contains a proposal...

Page 122: ...ready has a Root port 802 1W uses a different type of handshake For example in Figure 7 8 a new root bridge is added to the topology Figure 7 8 Addition of a New Root Bridge Switch 400 Switch 300 Port...

Page 123: ...e Proposing and Proposed The Designated port on the new root bridge Port4 Switch 60 sends an RST BPDU that contains a proposing signal to Port4 Switch 200 to inform the port that it is ready to put it...

Page 124: ...r ports on the bridge assert their sync and reroot signals Information about the old Root port is discarded from all ports Designated ports change into discarding states Figure 7 10 Figure 7 10 Sync a...

Page 125: ...ng states They also continue to negotiate their roles and states with their peer ports Figure 7 11 Figure 7 11 Sync and Rerooted Switch 200 Switch 400 Switch 300 Port1 Port1 Designated port Sync Reroo...

Page 126: ...old Root port on Switch 200 becomes an Alternate Port Figure 7 13 Other ports on that bridge are elected to appropriate roles The Designated port on Switch 60 goes into a forwarding state once it rece...

Page 127: ...g state instantly It waits until two instances of the forward delay timer expires on the port before it goes into forwarding state At this point the handshake between the Switch 60 and Switch 200 is c...

Page 128: ...h a Designated role transmits an RST BPDU with a proposal flag to Port3 Switch 3 A ports with a Designated role sends the proposal flag in its RST BPDU when they are ready to move to a forwarding stat...

Page 129: ...BPDUs that are superior to any that any port on Switch 2 can transmit therefore Port2 Switch 2 assumes the role of a Root port The new Root port then signals all ports on the bridge to start synchron...

Page 130: ...not go directly into a forwarding state It waits until the forward delay time expires twice on that port before it can proceed to the forwarding state Once convergence is achieved the active Layer 2 f...

Page 131: ...thm determines that it is superior to the RST BPDU that it can transmit therefore Port3 Switch 2 receives a new role that of a Root port Port3 Switch 2 then sends an RST BPDU with an agreed flag to Po...

Page 132: ...nectivity in the topology has already been established When fully restored the topology is the same as that shown on Figure 7 15 Convergence in a Complex 802 1W Topology The following is an example of...

Page 133: ...2 transmits an RST BPDU with a proposal flag to Port2 Switch 1 Port2 Switch 1 becomes the Root port All other ports on Switch 1 are given Designated port roles with discarding states Port2 Switch 1 s...

Page 134: ...e notice TCN to all the bridges in the topology to propagate the topology change NOTE Edge ports Alternate ports or Backup ports do not need to propagate a topology change The TCN is sent in the RST B...

Page 135: ...ports on that bridge with a Designated role Then Port3 Switch 4 sends RST BPDU with the TCN to Port4 Switch 2 Note the new active Layer 2 path in Figure 7 20 Figure 7 20 Beginning of Topology Change N...

Page 136: ...sends the TCN to Port4 Switch 6 Port2 Switch 2 sends the TCN to Port2 Switch 1 Figure 7 21 Sending TCN to Bridges Connected to Switch 2 Port2 Port2 Port7 Port8 Port3 Port3 Port4 Port4 Port3 Port2 Port...

Page 137: ...format when one of the following events occur The port receives a legacy BPDU A legacy BPDU is an STP BPDU or a BPDU in an 802 1D format The port that receives the legacy BPDU automatically configures...

Page 138: ...t cases path costs for 802 1W bridges need to be changed Configuring 802 1W Parameters on a Foundry Device The remaining 802 1W sections explain how to configure the 802 1W protocol in a Foundry devic...

Page 139: ...802 1w priority 0 To make this change in the default VLAN enter the following commands FESX424 Router config vlan 1 FESX424 Router config vlan 1 spanning tree 802 1w priority 0 Syntax spanning tree 80...

Page 140: ...ble 7 7 shows the recommended path cost values from the IEEE standards The priority value parameter specifies the preference that 802 1W gives to this port relative to other ports for forwarding traff...

Page 141: ...and shows the information listed in Table 7 8 Table 7 8 CLI Display of 802 1W Summary This Field Displays VLAN ID The port based VLAN that owns the STP instance VLAN 1 is the default VLAN If you have...

Page 142: ...formation was received It can be from the root bridge itself but it could also be from another bridge Root Port The port on which the root information was received This is the port that is connected t...

Page 143: ...o The hello value derived from the Root port It is the number of seconds between two Hello packets Port IEEE 802 1W Parameters Port Num The port number shown in a slot port format Pri The configured p...

Page 144: ...ys VLAN ID ID of the VLAN that owns the instance of 802 1W and whether or not it is active Table 7 8 CLI Display of 802 1W Summary Continued This Field Displays FESX424 Router config show 802 1w detai...

Page 145: ...he port s current 802 1W state A port can have one of the following states Forwarding Discarding Learning Disabled Refer to Bridge Port States on page 7 22 and Edge Port and Non Edge Port States on pa...

Page 146: ...s tcWhile Topology change timer The value shown is the interval when topology change notices can be propagated on this port fdWhile Forward delay timer See the explanation for Fwd Dly on page 49 mdela...

Page 147: ...ptimal STP topology In this topology all the non root bridges have at least two paths to the root bridge Switch 1 in this example One of the paths is through the root port The other path is a backup a...

Page 148: ...ost to the root bridge and thus is selected by STP as the root port Port 3 4 has the next best cost to the root bridge and thus is selected by 802 1W Draft 3 as the alternate path to the root bridge O...

Page 149: ...oot bridge to a value lower than the default 15 seconds Foundry recommends a value from 3 10 seconds The lower forwarding delay helps reduce reconvergence delays in cases where 802 1W Draft 3 is not a...

Page 150: ...Foundry device to third party devices that run a single spanning tree in accordance with the 802 1Q specification SSTP uses the same parameters with the same value ranges and defaults as the default S...

Page 151: ...ameters Syntax no spanning tree single forward delay value hello time value maximum age time priority value Here is the syntax for the STP port parameters Syntax no spanning tree single ethernet slotn...

Page 152: ...Ns in STP group 1 all share the same spanning tree The VLANs in STP group 2 share a different spanning tree All the ports in the VLANs are tagged The ports must be tagged so that they can be in both a...

Page 153: ...nfig stp group 1 FastIron SuperX Router config stp group 1 master vlan 2 FastIron SuperX Router config stp group 1 member vlan 3 to 4 FastIron SuperX Router config stp group 1 exit FastIron SuperX Rou...

Page 154: ...ANs are tagged The ports must be tagged so that they can be in both a member VLAN and the member s master VLAN For example port 1 1 and ports 5 1 5 2 and 5 3 are in member VLAN 2 and master VLAN 1 sin...

Page 155: ...an group 20 tag ethernet 1 20 ethernet 5 1 to 5 3 FastIron SuperX Router config vlan group 20 exit The following group of commands configures the STP groups Each STP group in this configuration contai...

Page 156: ...vices but cannot interoperate with IEEE 802 1Q devices An IEEE 802 1Q device has all its ports running a single spanning tree PVST is an extension of PVST that allows a Cisco device to also interopera...

Page 157: ...the port receives a PVST BPDU You can manually enable the support at any time or disable the support if desired If you want a tagged port to also support IEEE 802 1Q BPDUs you need to enable the dual...

Page 158: ...by auto detect Syntax show span pvst mode This command displays the following information Configuration Examples The following examples show configuration examples for two common configurations Untagg...

Page 159: ...ration leaves the default VLAN and the port s Port Native VLAN unchanged The default VLAN is 1 and the port s Port Native VLAN also is 1 The dual mode feature supports untagged frames on the default V...

Page 160: ...onfiguration is incorrect FastIron SuperX Router config default vlan id 1000 FastIron SuperX Router config vlan 1 FastIron SuperX Router config vlan 1 tagged ethernet 1 1 to 1 2 FastIron SuperX Router...

Page 161: ...e scalability by enabling you to use the same instance of a Layer 2 protocol for multiple VLANs For example if a Foundry device is deployed in a Metro network and provides forwarding for two MRP rings...

Page 162: ...ame change is applied to that port in all the member VLANs that contain the port For example if you configure a topology group whose master VLAN contains ports 1 1 and 1 2 a Layer 2 state change on po...

Page 163: ...e new master VLAN For example if you remove master VLAN 2 from the example above the CLI converts member VLAN 3 into the new master VLAN The new master VLAN inherits the Layer 2 protocol settings of t...

Page 164: ...ports ethernet 2 3 Vlan 2 ethernet 2 4 Vlan 2 ethernet 2 11 Vlan 2 ethernet 2 12 Vlan 2 Syntax show topology group group id This display shows the following information Table 8 2 CLI Display of Topol...

Page 165: ...th the ring Each node also is connected to a separate customer network The nodes forward Layer 2 traffic to and from the customer networks through the ring The ring interfaces are all in one port base...

Page 166: ...ions are capable of being configured as MRP masters or MRP members for different rings MRP Rings Without Shared Interfaces MRP Phase 1 MRP Phase 1 allows you to configure multiple MRP rings as shown i...

Page 167: ...warding F The interface can forward data as well as RHPs An interface changes from Preforwarding to Forwarding when the port s preforwarding time expires This occurs if the port does not receive an RH...

Page 168: ...rding as their preforwarding timers expire The ring is not intact but data can still travel among the nodes using the links that are up Figure 8 4 shows an example Figure 8 4 Metro ring from Preforwar...

Page 169: ...s interfaces come up in the Preforwarding state which allows RHPs to travel through the restored interfaces and reach the secondary interface on the Master node If an RHP reaches the Master node s se...

Page 170: ...VLAN and contains the MRP configuration parameters for ring 1 VLAN 30 and VLAN 40 the customer VLANs are member VLANs in the topology group Since a topology group is used a single instance of MRP prov...

Page 171: ...er commands such as the following NOTE If you plan to use a topology group to add VLANs to the ring make sure you configure MRP on the topology group s master VLAN FastIron SuperX Router config vlan 2...

Page 172: ...me to 200 ms and change the preforwarding time to 400 ms NOTE The preforwarding time must be at least twice the value of the hello time and must be a multiple of the hello time Syntax no hello time ms...

Page 173: ...Group Information on page 8 3 for more information Table 8 3 CLI Display of MRP Ring Diagnostic Information This Field Displays Ring id The ring ID Diag state The state of ring diagnostics RHP averag...

Page 174: ...ring If a topology group is used by MRP the master VLAN controls the MRP settings for all VLANs in the topology group Note The topology group ID is 0 if the MRP VLAN is not the master VLAN in a topol...

Page 175: ...es RHPs Member node The interface forwards RHPs received on the other interface the secondary interface secondary The interface does not generate RHPs Master node The interface listens for RHPs Member...

Page 176: ...X Router config vlan 30 tag ethernet 1 1 to 1 2 FastIron SuperX Router config vlan 30 tag ethernet 2 1 FastIron SuperX Router config vlan 30 exit FastIron SuperX Router config vlan 40 FastIron SuperX...

Page 177: ...onfig topology group 1 FastIron SuperX Router config topo group 1 master vlan 2 FastIron SuperX Router config topo group 1 member vlan 30 FastIron SuperX Router config topo group 1 member vlan 40 Comm...

Page 178: ...up 1 member vlan 40 Virtual Switch Redundancy Protocol VSRP Virtual Switch Redundancy Protocol VSRP is a Foundry proprietary protocol that provides redundancy and sub second failover in Layer 2 and La...

Page 179: ...is connected to a Foundry device that is configured for VSRP is VSRP aware In this example the three Foundry devices connected to the VSRP devices are VSRP aware A Foundry device that is VSRP aware ca...

Page 180: ...the Backup does not receive a Hello message from the Master by the time the Dead Interval expires the Backup sends a Hello message of its own which includes the Backup s VSRP priority to advertise the...

Page 181: ...r example you can increase the configured priority of the VSRP device on the left in Figure 8 9 to 150 In this case failure of a single link does not cause failover The link failure caused the priorit...

Page 182: ...rack port s priority value from the configured VSRP priority For example if the you configure a track port with priority 20 and the configured VSRP priority is 100 the software subtracts 20 from 100 i...

Page 183: ...if the VSRP aware device becomes disconnected from the Master The VSRP aware device will wait for a Hello message for the period of time equal to the following VRID Age Dead Interval Hold down Interv...

Page 184: ...8 5 lists the VSRP parameters Table 8 5 VSRP Parameters Parameter Description Default See page Protocol VSRP state Note On a Layer 3 Switch you must disable VSRP to use VRRPE or VRRP Enabled 8 28 Virt...

Page 185: ...edundancy The VRID IP address must be in the same subnet as a real IP address configured on the VSRP interface but cannot be the same as a real IP address configured on the interface Note This paramet...

Page 186: ...en enabled 8 32 Hold down interval The amount of time a Backup that has sent a Hello packet announcing its intent to become Master waits before beginning to forward traffic for the VRID The hold down...

Page 187: ...ig vlan 200 vrid 1 backup FastIron SuperX Router config vlan 200 vrid 1 activate Syntax no vsrp vrid num The num parameter specifies the VRID and can be from 1 255 Syntax no backup priority value trac...

Page 188: ...le is a value used by the software to calculate the timers By default the scale value is 1 If you increase the timer scale each timer s value is divided by the scale value Using the timer scale to adj...

Page 189: ...The authentication parameters that you define will not age out Define a list of ports that have authentic VSRP backup switch connections For ports included in the list the VSRP aware switch will proce...

Page 190: ...ssis device specify the slot number as well as the port number slotnum portnum Configuring a VRID IP Address If you are configuring a Layer 3 Switch for VSRP you can specify an IP address to back up W...

Page 191: ...onsistent timer usage for all the VRID s devices NOTE The Backups always use the value of the timer scale received from the Master regardless of whether the timer values that are saved in the configur...

Page 192: ...e the timer scale the change affects the actual number of seconds Changing the Backup Hello State and Interval By default Backups do not send Hello messages to advertise themselves to the Master You c...

Page 193: ...ability is useful for tracking the state of the exit interface for the path for which the VRID is providing redundancy See VSRP Priority Calculation on page 8 20 To configure a VRID to track an interf...

Page 194: ...lid only on Layer 3 Switches To suppress RIP advertisements enter the following commands Router2 config router rip Router2 config rip router use vrrp path Syntax no use vrrp path Displaying VSRP Infor...

Page 195: ...on the other routers and that the routers can communicate with each other Note If the state is initialize and the mode is incomplete make sure you have specified the IP address for the VRID standby T...

Page 196: ...or the dead interval The dead interval is the number of seconds a Backup waits for a Hello message from the Master for the VRID before determining that the Master is no longer active If the Master doe...

Page 197: ...n on page 8 34 Member ports The ports in the VRID Operational ports The member ports that are currently up Forwarding ports The member ports that are currently in the Forwarding state Ports that are f...

Page 198: ...Foundry Configuration Guide for the FESX FSX and FWSX 8 38 Foundry Networks Inc December 2005...

Page 199: ...Link Detection UDLD monitors a link between two Foundry devices and brings the ports on both ends of the link down if the link goes down at any point between the two devices This feature is useful fo...

Page 200: ...s This feature is supported only on Ethernet ports To configure UDLD on a trunk group you must enable and configure the feature on each port of the group individually Configuring UDLD on a trunk group...

Page 201: ...of times the port will try the health check You can specify a value from 3 10 The default is 5 UDLD for Tagged Ports The default implementation of UDLD sends the packets untagged even across tagged p...

Page 202: ...link is down Keepalive Interval The number of seconds between health check packets Port The port number Physical Link The state of the physical link This is the link between the Foundry port and the d...

Page 203: ...s Foundry device The ID can be used by Foundry technical support for troubleshooting Remote System ID A unique value that identifies the Foundry device at the remote end of the link Packets sent The n...

Page 204: ...chnical support for troubleshooting Table 9 3 CLI Display of Detailed UDLD Information Continued This Field Displays FastIron SuperX Router config show interface ethernet 1 1 FastEthernet1 1 is down l...

Page 205: ...pter contains the following information Trunk Group Overview The Trunk Group feature allows you to manually configure multiple high speed load sharing links between two Foundry Layer 2 Switches or Lay...

Page 206: ...up must be connected to the same device at the other end Trunk Group Connectivity to a Server To support termination of a trunk group the server must have either multiple network interface cards NICs...

Page 207: ...maximum number of trunk groups you can configure on a FESX FSX and FWSX and the valid number of ports in a trunk group Multi slot trunk groups are supported only on FSX devices Although the FESX FSX a...

Page 208: ...t of the trunk group with respect to the following parameters port tag type untagged or tagged port statically configured port speed and duplex QoS priority To change port parameters you must change t...

Page 209: ...8X 12GM 4 Console Pwr Lnk Odd Even Odd Even Lnk 424F 424C 42XG 424C 424C 424C 424F 424C FastIron SuperX Odd Even Lnk Lnk Odd Even POE 424C 424F SYS EJECT SYS EJECT SYS EJECT SYS EJECT Lnk Act Lnk Act...

Page 210: ...ation can now use IPv6 addresses to make the load sharing decision Load sharing occurs as described in Table 10 4 or Table 10 3 How Trunk Load Sharing Works Load balancing procedures differ depending...

Page 211: ...owing 1 Disconnect the cables from those ports on both systems that will be connected by the trunk group Do not configure the trunk groups with the cables connected Table 10 3 Trunk Group Load Sharing...

Page 212: ...d on multiple devices To configure the trunk group link between FSX1 and the FESX NOTE The text shown in italics in the CLI example below shows messages echoed to the screen in answer to the CLI comma...

Page 213: ...roup To configure a trunk group consisting of two groups of two ports each enter commands such as the following FastIron SuperX Router config trunk ethernet 1 1 to 1 2 ethernet 3 3 to 3 4 FastIron Sup...

Page 214: ...portname To enable an individual port in a trunk group enter commands such as the following at the trunk group configuration level FastIron SuperX Router config trunk 4 1 4 4 config trunk ind FastIron...

Page 215: ...trunk group is one that has been configured in the software but has not been placed into operation by a reset or reboot An operational trunk group is one that has been placed into operation by a reset...

Page 216: ...t speed is 1000 Mbps Tag Indicates whether the ports have 802 1Q VLAN tagging The value can be Yes or No Priority Indicates the Quality of Service QoS priority of the ports The priority can be a value...

Page 217: ...k aggregate link without the need for manual configuration of the ports into trunk groups When you enable link aggregation on a group of Foundry ports the Foundry ports can negotiate with the ports at...

Page 218: ...y devices The Foundry rules apply to a Foundry device even if the device at the other end is from another vendor and uses different rules See Trunk Group Rules on page 10 3 The link aggregation featur...

Page 219: ...he dynamic link aggregation 802 3ad implementation on the FESX FSX and FWSX allow any number of ports up to four to be aggregated into a link The feature does not require the aggregate link to consist...

Page 220: ...enabled Based on the states of the ports some or all of them will be eligible to be used in an aggregate link Figure 10 6 Two port groups used to determine aggregation eligibility Table 10 6 shows exa...

Page 221: ...ports with different physical capabilities will not be able to form a trunk Assigning a Unique Key FastIron SuperX Router config interface ethernet 1 1 FastIron SuperX Router config if e1000 1 1 link...

Page 222: ...NOTE This parameter is not supported in the current software release The primary port in the port group becomes the default active port The primary port is the lowest numbered port in a valid trunk p...

Page 223: ...However the link aggregation keys for the groups of ports on each module must match For example if you want to allow link aggregation to form an aggregate link containing ports 1 1 1 4 and 3 5 3 8 you...

Page 224: ...agged or untagged If it finds a match the port whose VLAN membership you are changing gets the matching port s key If it does not find a match the port gets a new key NOTE For multi slot trunk groups...

Page 225: ...ng Link Aggregation Parameters You can configure one or more parameters on the same command line and you can enter the parameters in any order NOTE For key configuration only configuration commands di...

Page 226: ...command in this example enables ports 1 1 1 4 and 3 5 3 8 to form a multi slot aggregate link Syntax no link aggregate configure system priority num port priority num key num type server switch The sy...

Page 227: ...rmation for a specific port enter a command such as the following at any level of the CLI The command in this example shows the link aggregation information for port 1 1 To display the link aggregatio...

Page 228: ...ate link initiated by another port but cannot search for a link aggregation port or initiate negotiation of an aggregate link Yes The mode is active The port can send and receive LACPDU messages Tio I...

Page 229: ...nk Def Indicates whether the port is using default link aggregation values The port uses default values if it has not received link aggregation information through LACP from the port at the remote end...

Page 230: ...matically updates the link aggregation configuration based on LACPDU messages However clearing the link aggregation information can be useful if you are troubleshooting a configuration To clear the li...

Page 231: ...Ns Layer 3 Switches Only 11 14 IP subnet IPX network and protocol based VLANs 11 21 IP subnet IPX network and protocol based VLANs within Port Based VLANs 11 23 IPv6 protocol VLANs 11 26 Routing betwe...

Page 232: ...3 packet but cannot be forwarded as described above but the port is a member of a Layer 3 protocol VLAN for the packet s protocol the device forwards the packet on all the Layer 3 protocol VLAN s port...

Page 233: ...3 VLANs Since each port based VLAN is a separate Layer 2 broadcast domain by default each VLAN runs a separate instance of the Spanning Tree Protocol STP Layer 2 traffic is bridged within a port base...

Page 234: ...etBIOS broadcasts to all ports within the NetBIOS protocol VLAN Other The device sends broadcasts for all protocol types other than those listed above to all ports within the VLAN Figure 11 2 shows an...

Page 235: ...interface allows the Layer 3 Switch to internally route traffic between the protocol based VLANs without using physical interfaces All the ports within a protocol based VLAN must be in the same port b...

Page 236: ...nd is VLAN number 1 Foundry devices do not contain any protocol VLANs or IP sub net IPX network or AppleTalk cable VLANs by default Figure 11 3 shows an example of the default Layer 2 port based VLAN...

Page 237: ...cross multiple devices make sure all the devices support the same tag format Figure 11 4 Packet containing Foundry s 802 1QVLAN tag If you configure a VLAN that spans multiple devices you need to use...

Page 238: ...runs a separate spanning tree You can enable or disable STP on the following levels Globally Affects all ports on the device NOTE If you configure a port based VLAN on the device the VLAN has the sam...

Page 239: ...nd IronSpan Features on page 7 1 Virtual Routing Interfaces A virtual routing interface is a logical routing interface that Foundry Layer 3 Switches use to route Layer 3 protocol traffic between proto...

Page 240: ...same ID as the VLAN group For configuration information see Configuring VLAN Groups and Virtual Routing Interface Groups on page 11 40 Dynamic Static and Excluded Port Membership When you add ports t...

Page 241: ...At this point the port can remain in the VLAN up to 20 minutes without receiving traffic for the VLAN s protocol and so on Unless you explicitly add a port statically or exclude a port the port is a d...

Page 242: ...ynamic port becomes a member of a Layer 3 protocol VLAN when traffic from the VLAN s protocol is received on the port After this point the port remains an active member of the protocol VLAN unless the...

Page 243: ...otocol VLAN and an IP sub net VLAN in the same port based VLAN nor can you have an IPX protocol VLAN and an IPX network VLAN in the same port based VLAN As a Foundry device receives packets the VLAN c...

Page 244: ...VLAN and not assign a virtual routing interface to the VLAN Packets for these protocols are bridged or switched at Layer 2 across ports on the router that are included in the Layer 3 VLAN If these VLA...

Page 245: ...xplicitly exclude the ports that you do not want to participate in a particular Layer 3 VLAN Assigning a Different VLAN ID to the Default VLAN When you enable port based VLANs all ports in the system...

Page 246: ...um ethernet slotnum portnum EXAMPLE 2 Figure 11 10 shows a more complex port based VLAN configuration using multiple Layer 2 Switches and IEEE 802 1Q VLAN tagging The backbone link connecting the thre...

Page 247: ...4 spanning tree priority 500 FESX424 Switch A config vlan 4 vlan 5 name RED FESX424 Switch A config vlan 5 untag ethernet 13 to 16 ethernet 20 FESX424 Switch A config vlan 5 tag ethernet 25 to 26 FESX...

Page 248: ...te memory Configuring FESX C Enter the following commands to configure FESX C FESX424 Switch en FESX424 Switch configure terminal FESX424 Switch config hostname FESX C FESX424 Switch C config vlan 2 n...

Page 249: ...A shown in Figure 11 10 To do so use the following procedure 1 Access the global CONFIG level of the CLI on FESX424 Switch A by entering the following command FESX424 Switch A enable No password has...

Page 250: ...n 3 spanning tree FESX424 Switch B config vlan 3 4 Enter the following commands to exit the VLAN CONFIG mode and save the configuration to the system config file on flash memory FESX424 Switch B confi...

Page 251: ...Sub net IPX Network and Protocol Based VLANs Protocol based VLANs provide the ability to define separate broadcast domains for several unique Layer 3 protocols within a single Layer 2 broadcast domain...

Page 252: ...VLAN 1 1 2 0 enter the following commands FESX424 Switch config ip subnet ip subnet 1 1 2 0 24 name Yellow FESX424 Switch config ip subnet no dynamic FESX424 Switch config ip subnet static ethernet 9...

Page 253: ...rise campus backbone The first STP domain VLAN 2 requires a set of ports at each Layer 2 Switch location to be statically mapped to IP only No other protocols can enter the switches on this set of por...

Page 254: ...oot bridge for VLAN 2 FESX424 Switch A config vlan 2 spanning tree FESX424 Switch A config vlan 2 spanning tree priority 500 FESX424 Switch A config vlan 2 3 Create the IP and IPX protocol based VLANs...

Page 255: ...13 to 16 e25 to 26 FESX424 Switch A config vlan ipx network exclude e10 to 12 FESX424 Switch A config vlan ipx network other proto name Block_other_proto FESX424 Switch A config vlan other proto no dy...

Page 256: ...FESX424 Switch C config vlan ip proto no dynamic FESX424 Switch C config vlan ip proto static e1 to 4 e25 to 26 FESX424 Switch C config vlan ip proto exclude e5 to 8 FESX424 Switch C config vlan ip pr...

Page 257: ...ipv6 proto name string Routing Between VLANs Using Virtual Routing Interfaces Layer 3 Switches Only Foundry Layer 3 Switches offer the ability to create a virtual routing interface within a Layer 2 ST...

Page 258: ...ual routing interface and unique IP or IPX address within VLAN 2 on each FESX In this example this is the configuration used for VLAN 3 The second way is to split VLAN 2 into two separate port based V...

Page 259: ...o 16 FESX424 Router A config vlan 3 no spanning tree FESX424 Router A config vlan 3 ip subnet 1 1 1 0 24 FESX424 Router A config vlan ip subnet static e 9 to 12 FESX424 Router A config vlan ip subnet...

Page 260: ...A config vif 6 int ve7 FESX424 Router A config vif 7 ip addr 1 1 5 1 24 FESX424 Router A config vif 7 ip ospf area 0 0 0 0 FESX424 Router A config vif 7 ipx network 5 ethernet_802 3 FESX424 Router A...

Page 261: ...nfig vif 3 ip ospf area 0 0 0 0 FESX424 Router B config vif 3 int ve4 FESX424 Router B config vif 4 ipx network 7 ethernet_802 3 FESX424 Router B config vif 4 vlan 4 name Bridged_ALL_Protocols FESX424...

Page 262: ...C config vlan ip subnet ipx network 10 ethernet_802 3 FESX424 Router C config vlan ipx network static e 13 to 16 FESX424 Router C config vlan ipx network router interface ve4 FESX424 Router C config...

Page 263: ...s if no member protocol traffic is received on a port within the VLAN The aged out port however remains as a candidate dynamic port for that VLAN The port becomes active in the VLAN again if member pr...

Page 264: ...t vlan 10 FastIron SuperX Router config vlan 10 ip subnet 1 1 1 0 24 name Mktg LAN FastIron SuperX Router config vlan 10 dynamic FastIron SuperX Router config write memory These commands create a port...

Page 265: ...etwork as uplink ports In this configuration broadcast and unknown unicast traffic in the VLAN does not go to all ports in the VLAN The traffic goes only to the uplink ports The clients on the network...

Page 266: ...ethods in that section instead Figure 11 14 shows an example of this type of configuration Figure 11 14 Multiple port based VLANs with separate protocol addresses As shown in this example each VLAN ha...

Page 267: ...Virtual Router Redundancy Protocol The Foundry device performs proxy Address Resolution Protocol ARP for hosts that want to send IP traffic to hosts in other VLANs that are sharing the same IP sub net...

Page 268: ...the port to be in multiple VLANs You can configure VLANs to share a Layer 3 protocol interface regardless of tagging A combination of tagged and untagged ports is shown in this example to demonstrate...

Page 269: ...interfaces 2 and 3 have been configured to share the IP address of virtual routing interface 1 but also have been configured to use their own ACLs instead of virtual routing interface 1 s ACLs FastIro...

Page 270: ...you configure a VLAN group with the same ID The virtual routing interface group automatically applies to the VLANs in the VLAN group that has the same ID and cannot be applied to other VLAN groups or...

Page 271: ...to vlan id Syntax remove vlan vlan id to vlan id Displaying Information about VLAN Groups To display VLAN group configuration information enter the following command FastIron SuperX Router show vlan g...

Page 272: ...e ID The syntax and usage for the ip address command is the same as when you use the command at the interface level to add an IP interface Displaying the VLAN Group and Virtual Routing Interface Group...

Page 273: ...able 11 2 Increasing the Number of Virtual Routing Interfaces You Can Configure To increase the maximum number of virtual routing interfaces you can configure enter commands such as the following at t...

Page 274: ...the Super Aggregated VLAN Application Each client connected to the edge device is in its own port based VLAN which is like an ATM channel All the clients VLANs are aggregated by the edge device into...

Page 275: ...a single link between the core devices However you can use a trunk group to add link level redundancy Configuring Aggregated VLANs To configure aggregated VLANs perform the following tasks On each edg...

Page 276: ...lan 101 by port FastIron SuperX Router config vlan 101 tagged ethernet 2 1 FastIron SuperX Router config vlan 101 untagged ethernet 1 1 FastIron SuperX Router config vlan 101 exit FastIron SuperX Rout...

Page 277: ...of the edge and core devices on one side must be symmetrical in fact a mirror image to the configurations of the devices on the other side For simplicity the example in Figure 11 17 on page 11 45 is s...

Page 278: ...et 1 5 FastIron SuperX RouterB config vlan 105 exit FastIron SuperX RouterB config write memory Commands for Device C Since device C is aggregating channel VLANs from devices A and B into a single pat...

Page 279: ...e identical to the commands for configuring device E In this example since the port numbers on each side of the configuration in Figure 11 17 on page 11 45 are symmetrical the configuration of device...

Page 280: ...ot properly handle the packets FESX releases 01 1 00 and later and all FSX and FWSX releases provide finer granularity for configuring 802 1Q tagging enabling you to configure 802 1Q tag types on a gr...

Page 281: ...stomer ports to any value other than the 802 1Q tag for incoming traffic For example in Figure 11 20 the 802 1Q tag on the untagged edge links ports 11 and 12 is 9100 whereas the 802 1Q tag for incomi...

Page 282: ...of an application using a private VLAN Port 6 Tagged Port 11 Untagged Port 6 Tagged Ports 1 5 Untagged Port 17 Tagged Port 12 Untagged Port 11 Untagged Port 12 Untagged Port 17 Tagged Port 6 Tagged Ta...

Page 283: ...vior for broadcast packets unknown unicast packets or both See Enabling Broadcast or Unknown Unicast Traffic to the Private VLAN on page 11 55 You can configure a combination of the following types of...

Page 284: ...ntax To configure a private VLAN configure each of the component VLANs isolated community and public as a separate port based VLAN Use standard VLAN configuration commands to create the VLAN and add p...

Page 285: ...lan mapping command identifies the other private VLANs for which this VLAN is the primary The command also specifies the primary VLAN ports to which you are mapping the other private VLANs The vlan id...

Page 286: ...perX Router config vlan 902 pvlan type isolated FastIron SuperX Router config vlan 902 exit FastIron SuperX Router config vlan 903 FastIron SuperX Router config vlan 903 untagged ethernet 3 5 to 3 6 F...

Page 287: ...itting traffic for other VLANs as tagged Figure 11 23 illustrates this enhancement Figure 11 23 Specifying a default VLAN ID for a dual mode port In Figure 11 23 tagged port 2 11 is a dual mode port b...

Page 288: ...onfig vlan 20 exit FastIron SuperX Router config int e 2 11 FastIron SuperX Router config if e1000 2 11 dual mode 10 FastIron SuperX Router config if e1000 2 11 exit Syntax no dual mode vlan id Notes...

Page 289: ...VLAN for which you want to display the configuration information The slotnum parameter is required on chassis devices The portnum parameter specifies a port If you use this parameter the command list...

Page 290: ...eter specifies a VLAN for which you want to display the configuration information The slotnum parameter is required on chassis devices The portnum parameter specifies a port If you use this parameter...

Page 291: ...ny packets in the hardware without sending the packets to the CPU for processing Rule based ACLs are supported on physical interfaces trunk groups and virtual routing interfaces NOTE The FESX FSX and...

Page 292: ...um number of ACL rules you can configure is a system wide parameter and depends on the device you are configuring You can configure up to the maximum number of entries in any combination in different...

Page 293: ...permit all access to the end of each ACL The software permits packets that are not denied by the deny entries NOTE Do not apply an empty ACL an ACL ID without any corresponding entries to an interface...

Page 294: ...ort up to 1024 ACL rules ACLs on the FSX are affected by port regions Multiple ACL groups share 1016 ACL rules per port region Each ACL group must contain one entry for the implicit deny all IP traffi...

Page 295: ...sk where zeros instead of ones are the significant bits and changes the non significant portion of the IP address into ones For example if you specify 209 157 22 26 24 or 209 157 22 26 0 0 0 255 then...

Page 296: ...a device see ACL IDs and Entries on page 12 2 The commands for configuring named ACL entries are different from the commands for configuring numbered ACL entries The command to configure a numbered A...

Page 297: ...e changes to the startup config file the value appears as 209 157 22 0 24 if you have enabled display of subnet lengths or 209 157 22 0 0 0 0 255 in the startup config file If you enable the software...

Page 298: ...name Source TCP or UDP port if the IP protocol is TCP or UDP Destination TCP or UDP port if the IP protocol is TCP or UDP The IP protocol can be one of the following well known names or any IP protoc...

Page 299: ...t of 209 157 22 26 0 0 0 255 as 209 157 22 26 24 The CLI automatically converts the CIDR number into the appropriate ACL mask where zeros instead of ones are the significant bits and changes the non s...

Page 300: ...after neq range The policy applies to all TCP or UDP port numbers that are between the first TCP or UDP port name or number and the second one you enter following the range parameter The range includ...

Page 301: ...This value is not supported on 10 Gigabit Ethernet modules normal or 0 The ACL matches packets that have the normal ToS The decimal value for this option is 0 num A number from 0 15 that is the sum o...

Page 302: ...ackets that are denied by this entry The fifth entry denies all OSPF traffic and generates Syslog entries for denied traffic The sixth entry permits all packets that are not explicitly denied by the o...

Page 303: ...when you configure a numbered ACL entry you specify all the command parameters on the same command When you configure a named ACL you specify the ACL type standard or extended and the ACL number with...

Page 304: ...pen Shortest Path First OSPF Transmission Control Protocol TCP User Datagram Protocol UDP For TCP and UDP you also can specify a comparison operator and port name or number For example you can configu...

Page 305: ...you prefer to specify the wildcard mask value in Classless Interdomain Routing CIDR format you can enter a forward slash after the IP address then enter the number of significant bits in the mask For...

Page 306: ...orts gt The policy applies to TCP or UDP port numbers greater than the port number or the numeric equivalent of the port name you enter after gt lt The policy applies to TCP or UDP port numbers that a...

Page 307: ...he option number instead of the name specify number 1 routine or 0 The ACL matches packets that have the routine precedence If you specify the option number instead of the name specify number 0 The to...

Page 308: ...cies on page 15 1 Configuration Example for Extended Named ACLs To configure an extended named ACL enter commands such as the following The options at the ACL configuration level and the syntax for th...

Page 309: ...he following line permits TCP packets FESX424 Router config access list TCP UDP permit tcp 192 168 4 40 24 2 2 2 2 24 FESX424 Router config access list TCP UDP remark The following permits UDP packets...

Page 310: ...erX Router config interface ethernet 1 1 FastIron SuperX Router config if 1 1 ip access group frag deny This option begins dropping all fragments received by the port as soon as you enter the command...

Page 311: ...23 per vlan 12 FESX424 Switch config if e1000 23 vlan 12 ip access group 10 in The commands in this example configure port based VLAN 12 and add ports e 5 8 as untagged ports and ports e 23 24 as tagg...

Page 312: ...if the traffic has the IP precedence option internet equivalent to 6 The second entry denies all FTP traffic from the 209 157 21 x network to the 209 157 22 x network if the traffic has the IP precede...

Page 313: ...the packet Using an ACL to Map the DSCP Value DSCP CoS Mapping The dscp cos mapping option on the FESX and FSX maps the DSCP value in incoming packets to a hardware table that provides mapping of eac...

Page 314: ...on page 12 8 and Configuring Extended Named ACLs on page 12 13 The following shows the syntax specific to these features Syntax dscp marking 0 63 802 1p priority marking 0 7 internal priority marking...

Page 315: ...eld lists the number of CAM entries used by the ACL or entry The number of CAM entries listed for the ACL itself is the total of the CAM entries used by the ACL s entries For flow based ACLs the Total...

Page 316: ...Foundry Configuration Guide for the FESX FSX and FWSX 12 26 Foundry Networks Inc December 2005...

Page 317: ...nd assigning a priority to the packets The classification process assigns a priority to packets as they enter the switch These priorities can be determined on the basis of information contained within...

Page 318: ...frame It can be a value from 0 7 The 802 1p priority is also called the Class of Service Layer 3 Differentiated Service codepoint DSCP This is the value in the six most significant bits of the IP pack...

Page 319: ...he packet match an ACL that defines a priority Is the packet tagged Trust the DSCP CoS mapping or the DSCP marking Trust the 802 1p CoS value Trust the priority of the static MAC entry Trust the port...

Page 320: ...fied based on the static MAC address ingress port default priority or the default priority of zero 0 Once a packet is classified by one of the procedures mentioned it is mapped to an internal forwardi...

Page 321: ...s 16 to 31 DSCP value 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 802 1p COS Value 2 2 2 2 2 2 2 2 3 3 3 3 3 3 3 3 DSCP value 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Internal Forwarding Pr...

Page 322: ...rent hardware forwarding queue See Changing the Internal Forwarding Priority Hardware Forwarding Queue Mappings on page 13 10 QoS Queues Foundry devices support the eight QoS queues qosp0 qosp7 listed...

Page 323: ...net 1 FESX424 Router config if e1000 1 priority 7 The device will assign priority 7 to untagged switched traffic received on port 1 Syntax no priority num The num parameter can be from 0 7 and specifi...

Page 324: ...queue for the packet based on the information The software interprets the value in the six most significant bits of the IP packet header s 8 bit ToS field as a Diffserv Control Point DSCP value and m...

Page 325: ...8 15 maps to priority 1 After performing this mapping the device maps the internal forwarding priority value to one of the hardware forwarding queues Table 13 8 list the default mappings of internal f...

Page 326: ...ect the second part of the DSCP value from the d2 row For example to read the DSCP to forwarding priority mapping for DSCP value 24 select 2 from the d1 column and select 4 from the d2 row The mapping...

Page 327: ...erts the percentages you specify into weights for the queues NOTE Queue cycles on the FESX FSX and FWSX are based on bytes These devices service a given number of bytes based on the weight in each que...

Page 328: ...t To change the method back to weighted round robin enter the following command FESX424 Router config qos mechanism weighted Syntax no qos mechanism strict weighted NOTE The following combined method...

Page 329: ...he percentages into weights The weight associated with each queue controls how many packets are processed for the queue at a given stage of a cycle through the weighted round robin algorithm NOTE Queu...

Page 330: ...percentages for the queues when the device is configured to use the combined SP and WRR queuing mechanism enter commands such as the following Note that this example uses the default queue names FESX4...

Page 331: ...splay the QoS settings for all the queues enter the show qos profiles command as shown in the following examples The following shows an example display output on a FESX Syntax show qos profiles all na...

Page 332: ...y map d1 and d2 The DSCP to forwarding priority mappings that are currently in effect Note The example above shows the default mappings If you change the mappings the command displays the changed mapp...

Page 333: ...ffic Class and 802 1p Priority The traffic class to 802 1p Priority mappings that are currently in effect Note The example above shows the default mappings If you change the mappings the command displ...

Page 334: ...Foundry Configuration Guide for the FESX FSX and FWSX 13 18 Foundry Networks Inc December 22 2005...

Page 335: ...cy but drops additional bytes Unused bandwidth is not carried over from one interval to the next NOTE Foundry recommends that you do not use Fixed Rate Limiting on ports that send or receive route con...

Page 336: ...bits 62500 bytes a second During the first two one second intervals the port receives less than 500000 bits in each interval However the port receives more than 500000 bits during the third and fourth...

Page 337: ...e limiting on an X Series device you create individual traffic policies then reference the traffic policies in one or more ACL entries also called clauses or statements The traffic policies become eff...

Page 338: ...lowing command Syntax show rate limit fixed The command lists the ports on which fixed rate limiting is configured and provides the information listed in Table 14 2 for each of the ports Table 14 2 CL...

Page 339: ...that identifies individual traffic policy definitions Traffic policy definition TPD This is the command filter associated with a traffic policy name A TPD can define any one of the following Rate lim...

Page 340: ...m wide parameter and depends on the device you are configuring The total number of active TPDs cannot exceed the system maximum See Maximum Number of Traffic Policies Supported on a Device on page 15...

Page 341: ...g message on the console NOTE Foundry does not recommend setting the system max for traffic policies to 0 zero since this renders traffic policies ineffective ACL Based Rate Limiting via Traffic Polic...

Page 342: ...policy Enter a command such as the following FESX424 Switch config traffic policy TPD1 rate limit fixed 100 exceed action drop 2 Create an extended ACL entry or modify an existing extended ACL entry...

Page 343: ...y For example FESX424 Switch config access list 104 permit ip host 210 10 12 2 any traffic policy TPDAfour 3 Bind the ACL to an interface FESX424 Switch config int e 7 FESX424 Switch config if e7 ip a...

Page 344: ...e is the peak burst size in bytes See Table 1 exceed action action specifies the action to be taken when packets exceed the configured values See Specifying the Action to be Taken for Packets that are...

Page 345: ...0000 pbs 4000 exceed action permit at low pri The above commands configure an adaptive rate limiting policy that enforces a guaranteed committed rate of 10000 kbps on port e7 and allows bursts of up t...

Page 346: ...n the port that were permitted or denied by ACL filters Syntax no traffic policy TPD name count Syntax access list num permit deny traffic policy TPD name Syntax no ip access group num in out NOTES Fo...

Page 347: ...automatically enabled for active rate limiting traffic policies Use either the show access list accounting command or the show statistics traffic policy command to display ACL and traffic policy coun...

Page 348: ...y definition for which you want to clear traffic policy counters Viewing Traffic Policies To view traffic policies that are currently defined on the Foundry device enter the show traffic policy comman...

Page 349: ...ir The committed information rate in kbps for the adaptive rate limiting policy cbs The committed burst size in bytes per second for the adaptive rate limiting policy pir The peak information rate in...

Page 350: ...Foundry Configuration Guide for the FESX FSX and FWSX 15 12 Foundry Networks Inc December 2005...

Page 351: ...ol RIP If you are configuring a Layer 3 Switch see Configuring IP Addresses on page 16 17 to add IP addresses then see one or more of the following to enable and configure the route exchange protocols...

Page 352: ...SM Distance Vector Multicast Routing Protocol DVMRP Router redundancy protocols Virtual Router Redundancy Protocol Extended VRRPE Virtual Router Redundancy Protocol VRRP IP Interfaces Foundry Layer 3...

Page 353: ...Switches You can configure an IP address on a Foundry Layer 2 Switch for management access to the Layer 2 Switch An IP address is required for Telnet access Web management access and SNMP access You...

Page 354: ...cket the Layer 3 Switch checks the IP route table for a route to the packet s destination If the IP route table has a route the Layer 3 Switch makes an entry in the session table or the forwarding cac...

Page 355: ...tch To configure other ARP parameters see the following Configuring ARP Parameters on page 16 25 Layer 3 Switch only To increase the size of the ARP cache and static ARP table see the following For dy...

Page 356: ...The IP forwarding cache provides a fast path mechanism for forwarding IP packets The cache contains entries for IP destinations When a Foundry Layer 3 Switch has completed processing and addressing fo...

Page 357: ...es Layer 4 Quality of Service QoS policies IP access policies To increase the size of the session table see the section Displaying and Modifying System Parameter Default Settings on page 4 8 The ip qo...

Page 358: ...ies Foundry Layer 3 Switches provide two mechanisms for filtering IP traffic Access Control Lists ACLs IP access policies Both methods allow you to filter packets based on Layer 3 and Layer 4 source a...

Page 359: ...y command from the Privileged EXEC level of any configuration level of the CLI To save the configuration changes using the Web management interface select the Save link at the bottom of the dialog Sel...

Page 360: ...l accept each second If the device receives more ARP packets than you specify the device drops additional ARP packets for the remainder of the one second interval Disabled 16 26 ARP age The amount of...

Page 361: ...Control Message Protocol ICMP messages The Foundry Layer 3 Switch can send the following types of ICMP messages Echo messages ping messages Destination Unreachable messages Enabled 16 31 ICMP Router...

Page 362: ...qual cost paths across which the Layer 3 Switch is allowed to distribute traffic Four 16 43 Origination of default routes You can enable a router to originate default routes for the following route ex...

Page 363: ...ed packets 16 22 ARP age Locally overrides the global setting See Table 16 2 on page 16 9 Ten minutes 16 27 Metric A numeric cost the router adds to RIP routes learned on the interface This parameter...

Page 364: ...next row The router helps forward broadcasts for the following UDP application protocols bootps dns netbios dgm netbios ns tacacs tftp time 16 48 IP helper address The IP address of a UDP application...

Page 365: ...s in either format regardless of the display setting 16 57 IP address A Layer 3 network interface address Note Layer 2 Switches have a single IP address used for management access to the entire device...

Page 366: ...he router The Layer 2 Switch uses its management IP address as the source address for these packets The management IP address of the Layer 2 Switch Note This parameter is not configurable on Layer 2 S...

Page 367: ...VLAN you cannot configure Layer 3 interface parameters on individual ports in the VLAN Instead you must configure the parameters on the virtual routing interface itself Foundry devices support both cl...

Page 368: ...he interface NOTE When you configure more than one address in the same sub net all but the first address are secondary addresses and do not form OSPF adjacencies Assigning an IP Address to a Loopback...

Page 369: ...AN The last two commands change to the interface configuration level for the virtual interface and assign an IP address to the interface Syntax router interface ve num Syntax interface ve num See the...

Page 370: ...ntax traceroute host ip addr maxttl value minttl value numeric timeout value source ip ip addr The only required parameter is the IP address of the host at the other end of the route See the Foundry S...

Page 371: ...apsulation snap ethernet_ii Changing the Maximum Transmission Unit MTU The Maximum Transmission Unit MTU is the maximum length of IP packet that a Layer 2 packet can contain IP packets that are longer...

Page 372: ...l ports of an X Series device enter commands such as the following FESX424 Router config jumbo FESX424 Router config write memory FESX424 Router config end FESX424 Router reload Syntax no jumbo The ab...

Page 373: ...ch by just one of the IP addresses configured on the Layer 3 Switch regardless of the interfaces that connect the Layer 3 Switches This IP address is the router ID NOTE Routing Information Protocol RI...

Page 374: ...specifying the source interface for Telnet TACACS TACACS or RADIUS packets You can configure a source interface for one or more of these types of packets separately To specify an Ethernet or a loopba...

Page 375: ...ss Resolution Protocol ARP is a standard IP protocol that enables an IP Layer 3 Switch to obtain the MAC address of another device s interface when the Layer 3 Switch knows the IP address of the inter...

Page 376: ...only to devices that are directly attached to the Layer 3 Switch A MAC broadcast is not routed to other networks However some routers including Foundry Layer 3 Switches can be configured to reply to...

Page 377: ...globally configured value which is 10 minutes by default If you specify 0 aging is disabled Enabling Proxy ARP Proxy ARP allows a Layer 3 Switch to answer ARP requests from devices on one network on...

Page 378: ...entry from the ARP cache if the ARP aging interval expires before the entry is refreshed Static entries do not age out regardless of whether the Foundry device receives an ARP request from the device...

Page 379: ...itches Time To Live TTL threshold Forwarding of directed broadcasts Forwarding of source routed packets Ones based and zero based broadcasts All these parameters are global and thus affect all IP inte...

Page 380: ...ay to the destination The Layer 3 Switch supports both types of IP source routing Strict source routing requires the packet to pass through only the listed routers If the Layer 3 Switch receives a str...

Page 381: ...ached by the Layer 3 Switch Disabling Replies to Broadcast Ping Requests By default Foundry devices are enabled to respond to broadcast ICMP echo packets which are ping requests To disable response to...

Page 382: ...nreachable messages The protocol parameter disables ICMP Protocol Unreachable messages The source route fail parameter disables ICMP Unreachable caused by Source Route Failure messages To disable ICMP...

Page 383: ...ric applies only to routes that the Layer 3 Switch has already placed in the IP route table The default metric for static IP routes is 1 The route s administrative distance The value that the Layer 3...

Page 384: ...and also assumes that local interfaces within that sub net are on the same port Router A deduces that IP interface 207 95 7 188 is also on port 1 2 The software automatically removes a static IP route...

Page 385: ...E If you specify 16 RIP considers the metric to be infinite and thus also considers the route to be unreachable The distance num parameter specifies the administrative distance of the route When compa...

Page 386: ...e Layer 3 Switch alternates between the two routes For information about IP load balancing see Configuring IP Load Sharing on page 16 41 Backup Routes If you configure multiple static IP routes to the...

Page 387: ...t the only allowed configurations but they are typical uses of this enhancement When you want to ensure that if a given destination network is unavailable the Layer 3 Switch drops forwards to the null...

Page 388: ...ed route when the route is available However if the interface based route becomes unavailable the Layer 3 Switch still forwards the traffic toward the destination using an alternate route through gate...

Page 389: ...ommands such as the following FastIron SuperX Router config ip route 192 168 6 0 24 ethernet 1 1 1 FastIron SuperX Router config ip route 192 168 6 0 24 192 168 8 11 24 3 The first command configured...

Page 390: ...rative distance 2 If the administrative distances are equal Are the routes from different routing protocols RIP OSPF or BGP4 If so use the route with the lowest IP address If the routes are from the s...

Page 391: ...erm path is used in this section to refer to an individual next hop router to a destination while the term route refers collectively to the multiple paths to the destination Load sharing applies when...

Page 392: ...ng from among multiple paths to a given destination Each path in the IP route table has a cost When the IP route table contains multiple paths to a destination the Layer 3 Switch chooses the path with...

Page 393: ...a path from among the available equal cost paths to the destination then creates a forwarding entry in the cache based on the calculation Subsequent traffic for the same destination uses the forwardin...

Page 394: ...ean that the Layer 3 Switch is the default gateway If another router is actually the default gateway for these clients leave IRDP disabled on the Foundry Layer 3 Switch IRDP uses the following paramet...

Page 395: ...oncluding that the router interface that sent the advertisement is no longer available The value must be greater than the value of the maxadvertinterval parameter and cannot be greater than 9000 The d...

Page 396: ...n different routers so long as the routers are configured to forward help the host s boot request to the boot server You can centrally configure other host parameters on the BootP DHCP server in addit...

Page 397: ...es of a router the client s request cannot reach the server You can configure the Layer 3 Switch to forward clients requests to UDP application servers To do so Enable forwarding support for the UDP a...

Page 398: ...ss on page 16 50 To enable the forwarding of SNMP trap broadcasts enter the following command FastIron SuperX Router config ip forward protocol udp snmp trap Syntax no ip forward protocol udp udp port...

Page 399: ...ver does not receive the client s request because the Layer 3 Switch does not forward the request You can configure the Layer 3 Switch to forward BootP DHCP requests To do so configure a helper addres...

Page 400: ...nds change the CLI to the configuration level for port 1 1 then change the BootP DHCP stamp address for requests received on port 1 1 to 192 157 22 26 The Layer 3 Switch will place this IP address in...

Page 401: ...x format See Changing the Network Mask Display to Prefix Format on page 16 57 To assign an IP address to a Foundry Layer 2 Switch enter a command such as the following at the global CONFIG level FESX4...

Page 402: ...dress listed it is also the last address consulted to resolve a query Using a DNS Name To Initiate a Trace Route EXAMPLE Suppose you want to trace the route from a Foundry Layer 2 Switch to a remote s...

Page 403: ...undry Layer 2 Switch to assist a router that is performing multi netting on its interfaces as part of its DHCP relay function DHCP Assist ensures that a DHCP server that manages multiple IP sub nets c...

Page 404: ...rrect assignments are made because the Layer 2 Switch provides the stamping service How DHCP Assist Works Upon initiation of a DHCP session the client sends out a DHCP discovery packet for an address...

Page 405: ...request NOTE The DHCP relay function of the connecting router needs to be turned on Server Server DHCP Server 207 95 7 6 Host 1 200 95 6 x Host 2 192 95 5 x Sub net 1 Host 3 Host 4 Router 202 95 1 x S...

Page 406: ...teway lists can be defined for each Layer 2 Switch EXAMPLE To create the configuration indicated in Figure 16 7 and Figure 16 8 FESX424 Switch config dhcp gateway list 1 192 95 5 1 FESX424 Switch conf...

Page 407: ...tatistics on Layer 3 Switches Global IP parameter settings and IP access policies see Displaying Global IP Configuration Information on page 16 58 CPU utilization statistics see Displaying CPU Utiliza...

Page 408: ...er sections in this guide including the sections below this one FESX424 Router show ip Global Settings ttl 64 arp age 10 bootp relay max hops 4 router id 207 95 11 128 enabled UDP Broadcast Forwarding...

Page 409: ...hange this value see Changing the Maximum Number of Hops to a BootP Relay Server on page 16 50 router id The 32 bit number that uniquely identifies the Foundry router By default the router ID is the n...

Page 410: ...the following deny The router drops packets that match this policy permit The router forwards packets that match this policy Source The source IP address the policy matches Destination The destinatio...

Page 411: ...0 01 714 BGP 0 00 0 00 0 00 0 00 0 DOT1X 0 00 0 00 0 00 0 00 0 GVRP 0 00 0 00 0 00 0 00 0 ICMP 0 00 0 00 0 00 0 00 161 IP 0 00 0 00 0 00 0 00 229 L2VLAN 0 01 0 00 0 00 0 01 673 OSPF 0 00 0 00 0 00 0 0...

Page 412: ...e Information To display IP interface information enter the following command at any CLI level Syntax show ip interface ethernet slotnum portnum loopback num ve num This display shows the following in...

Page 413: ...en saved in NVRAM If you have set the IP address for the interface in the CLI or Web Management interface but have not saved the configuration the entry for the interface in the Method field is manual...

Page 414: ...meters let you restrict the display to entries for a specific IP address and network mask Specify the IP address masks in standard decimal mask format for example 255 255 0 0 NOTE The ip mask paramete...

Page 415: ...display to entries for a specific MAC address The mask parameter lets you specify a mask for the mac address xxxx xxxx xxxx parameter to display entries for multiple MAC addresses Specify the MAC add...

Page 416: ...he number you enter For example to begin displaying the cache at row 10 enter the following command show ip cache 9 Table 16 11 CLI Display of Static ARP Table This Field Displays Static ARP table siz...

Page 417: ...oundry device For example the next hop for loopback addresses and broadcast addresses is shown as DIRECT MAC The MAC address of the destination Note If the entry is type U indicating that the destinat...

Page 418: ...tes The direct option displays only the IP routes that are directly attached to the Layer 3 Switch The ospf option displays the OSPF routes The rip option displays the RIP routes The static option dis...

Page 419: ...28 are static routes and 1 route was calculated through OSPF One of the routes has a zero bit mask this is the default route 27 have a 22 bit mask 5 have a 24 bit mask and 1 has a 32 bit mask The fol...

Page 420: ...ation Cost The route s cost Type The route type which can be one of the following B The route was learned from BGP D The destination is directly connected to this Layer 3 Switch R The route was learne...

Page 421: ...rded 0 filtered 0 fragmented 0 reassembled 0 bad header 0 no route 0 unknown proto 0 no buffer 0 other errors ICMP Statistics Received 0 total 0 errors 0 unreachable 0 time exceed 0 parameter 0 source...

Page 422: ...ent or received by the device errors This information is used by Foundry customer support unreachable The number of Destination Unreachable messages sent or received by the device time exceed The numb...

Page 423: ...at the other end of the connection sent a TCP RESET message input errors This information is used by Foundry customer support in segments The number of TCP segments received by the device out segment...

Page 424: ...or is not supported by this device bad addr family The number of RIP packets dropped because the value in the Address Family Identifier field of the packet s header was invalid bad req format The num...

Page 425: ...Layer 2 Switch has contacted a TFTP server since the last time the software was reloaded or the Layer 2 Switch was rebooted Configuration filename The name under which the Layer 2 Switch s startup co...

Page 426: ...Table 16 16 CLI Display of ARP Cache Continued This Field Displays FESX424 Switch show ip traffic IP Statistics 27 received 24 sent 0 fragmented 0 reassembled 0 bad header 0 no route 0 unknown proto 0...

Page 427: ...essages Statistics are organized into Sent and Received The field descriptions below apply to each total The total number of ICMP messages sent or received by the device errors This information is use...

Page 428: ...Foundry customer support active opens The number of TCP connections opened by this device by sending a TCP SYN to another device passive opens The number of TCP connections opened by this device in re...

Page 429: ...er that contains a path with fewer hops than the path stored in the Foundry Layer 3 Switch s route table the Layer 3 Switch replaces the older route with the newer one The Layer 3 Switch then includes...

Page 430: ...nabling the protocol does not allow interfaces to send and receive RIP information See Table 17 3 on page 17 3 Disabled 17 4 Administrative distance The administrative distance is a numeric value assi...

Page 431: ...d version The state of the protocol and the version that is supported on the interface The version can be one of the following Version 1 only Version 2 only Version 1 but also compatible with version...

Page 432: ...increases the cost of a RIP route that is learned on the port by one You can configure individual ports to add more than one to a learned route s cost In addition you can configure a RIP offset list t...

Page 433: ...to 24 RIP offset lists on each interface To configure a global RIP offset list enter commands such as the following FastIron SuperX Router config access list 21 deny 160 1 0 0 0 0 255 255 FastIron Su...

Page 434: ...virtual routing interface If you want to tightly control redistribution apply a filter to deny all routes as the last filter the filter with the highest ID then apply filters with lower filter IDs to...

Page 435: ...gns a RIP metric of 10 to each route that is redistributed into RIP Syntax no default metric 1 15 Enabling Redistribution After you configure redistribution parameters you need to enable redistributio...

Page 436: ...h to learn routes from all neighbors except 192 168 1 170 Once you define a RIP neighbor filter the default action changes from learning all routes from all neighbors to denying all routes from all ne...

Page 437: ...ning or advertising of specific routes Configure the filters globally then apply them to individual interfaces When you apply a RIP route filter to an interface you specify whether the filter applies...

Page 438: ...ed in RIP Route Filter Table Index The filter number You assign this number when you configure the filter Action The action the router takes if a RIP route packet matches the IP address and sub net ma...

Page 439: ...nterface s outbound filter group the filter prevents the router from advertising RIP routes to the specified neighbor on that interface If the filter is applied to an interface s inbound filter group...

Page 440: ...yntax show process cpu num The num parameter specifies the number of seconds and can be from 1 900 If you use this parameter the command lists the usage statistics only for the specified number of sec...

Page 441: ...her groups out all ports When you enable IP Multicast Traffic Reduction you also can configure the following features IGMP mode When you enable IP Multicast Traffic Reduction the device passively list...

Page 442: ...ng IP Multicast Traffic Reduction By default Foundry devices forward all IP multicast traffic out all ports except the port on which the traffic was received To reduce multicast traffic through the de...

Page 443: ...th no external IP multicast router attachments In this case enable the active IGMP mode on only one of the devices and leave the other devices configured for passive IGMP mode Passive When passive IGM...

Page 444: ...queries You can specify a value from 10 600 seconds The default is 60 seconds Modifying the Age Interval When the device receives a Group Membership report the device makes an entry in the IGMP group...

Page 445: ...rom one PIM SM router to another through the device Configuration Notes This feature applies only to PIM SM version 2 PIM V2 This feature is supported in the Layer 2 switch code only This feature is s...

Page 446: ...since IP multicast traffic reduction also is enabled the device uses the IGMP group membership report from the client to select the port for forwarding traffic to group 239 255 162 69 receivers The I...

Page 447: ...sages on behalf of receivers The active mode configures the device to send group membership queries All the device ports connected to the source and receivers or routers must be in the same port based...

Page 448: ...on a Layer 3 Switch PINM SM traffic snooping will not be supported Enabling PIM SM Traffic Snooping To enable PIM SM traffic snooping you must enable IP multicast traffic reduction then enable snoopin...

Page 449: ...that are connected to routers that support IP multicast Total Number of Multicast Group in VLAN The total number of groups for which the VLAN s ports have received IGMP group membership reports join...

Page 450: ...cates how many seconds the device will wait for a hello message from the neighbor before determining that the neighbor is no longer present and removing the neighbor from the list Multicast Group The...

Page 451: ...ased VLAN to which the information listed applies Active The IP address of the device that actively sends IGMP queries Router Ports The ports that are connected to routers that support IP multicast Gr...

Page 452: ...mmand Line Interface Reference for information on this command This Field Displays VLAN ID The port based VLAN to which the information listed below applies Total number of HW resource in VLAN The num...

Page 453: ...ent out Router Ports The ports that are connected to a switch that support IP multicast Total Number of Multicast Group in VLAN The total number of groups for which the VLAN s ports have received IGMP...

Page 454: ...addresses then the router assumes that you are requesting a report for that group FastIron SuperX Switch show ip pimsm snooping vlan 100 VLAN ID 100 total 3 entries PIMSM Neighbor list 1 100 100 12 3...

Page 455: ...that are attached to the Layer 2 Switch s ports in the VLAN The value following expires indicates how many seconds the Layer 2 Switch will wait for a hello message from the neighbor before determinin...

Page 456: ...d 2 Others Received 0 General Queries Sent 0 Group Specific Queries Sent 0 The command in this example shows statistics for two port based VLANs Syntax show ip multicast statistics Clearing IP Multica...

Page 457: ...lears the flows for the specified group but does not clear the flows for other groups FastIron SuperX Switch show ip multicast IP multicast is enabled Active VLAN ID 1 Active 192 168 2 30 Router Ports...

Page 458: ...Foundry Configuration Guide for the FESX FSX and FWSX 18 18 Foundry Networks Inc December 2005...

Page 459: ...ent Protocol IGMP V1 and V2 PIM Dense mode PIM DM V1 draft ietf pim dm 05 and V2 draft ietf pim v2 dm 03 PIM Sparse mode PIM SM V2 RFC 2362 DVMRP V2 RFC 1075 NOTE Each of the multicast protocols uses...

Page 460: ...t delivery trees to reach all group members DVMRP and PIM build a different multicast tree for each source and destination host group NOTE Both DVMRP and PIM can concurrently operate on different port...

Page 461: ...IP Multicast Groups Layer 3 Switches support up to 1024 PIM groups and 1024 DVMRP groups by default Memory for the groups is allocated dynamically as needed For each protocol previous releases support...

Page 462: ...r the Multicast Flow table enter a command such as the following FastIron SuperX Router config system max multicast flow 2048 Syntax system max multicast flow num The num parameter specifies the maxim...

Page 463: ...enter the ip multicast routing command before changing the global IP Multicast parameters Otherwise the changes do not take effect and the software uses the default values Modifying IGMP V1 and V2 Qu...

Page 464: ...virtual routing interface and you are entering this command at the configuration level for the virtual routing interface Manually added groups are included in the group information displayed by the f...

Page 465: ...lticast packets to the group 229 225 0 1 If a PIM router receives any groups other than that group the router discards the group and sends a prune message to the upstream PIM router In Figure 19 2 Rou...

Page 466: ...ast delivery tree No configuration is required on your part PIM DM Versions Foundry devices support PIM DM V1 and V2 The default is V2 You can specify the version on an individual interface basis The...

Page 467: ...nt to initiate the use of desktop video for fellow users on a sprawling campus network All destination workstations have the appropriate hardware and software but the Foundry routers that connect the...

Page 468: ...Global Parameters PIM global parameters come with preset values The defaults work well in most networks but you can modify the following parameters if you need to Neighbor timeout Hello timer Prune ti...

Page 469: ...there are two or more neighbors on the physical port then the prune wait command should not be used because one neighbor may send a prune message while the other sends a join message at the during tim...

Page 470: ...est path back to the source is based on which Reverse Path Forwarding RPF neighbor in the IP routing table has the highest IP address if the cost of the routes are the same For example in the table ab...

Page 471: ...ith a TTL value of 1 are switched within the same VLAN These packets cannot be routed between different VLANs Configuration Syntax To configure a TTL of 24 enter the following FastIron SuperX Router c...

Page 472: ...s a candidate BSR RP The RP is the meeting point for PIM Sparse sources and receivers A PIM Sparse domain can have multiple RPs but each PIM Sparse multicast group address can have only one active RP...

Page 473: ...e RP Router B then sends the packet to router C For the second and all future packets that router A receives from the source for the receiver router A forwards them directly to router C using the SPT...

Page 474: ...Configuring BSRs on page 19 17 The behavior of the no router pim command is as follows Entering no router pim command to disable PIM or DVMRP does not require a software reload Entering a no router p...

Page 475: ...Syntax no bsr candidate ethernet slotnum portnum loopback num ve num hash mask length priority The slotnum parameter is required on chassis devices The portnum loopback num ve num parameter specifies...

Page 476: ...ke changes to your static RP configuration the entries in the PIM Sparse multicast forwarding table continue to use the old RP configuration until they are aged out The clear pim rp map command allows...

Page 477: ...recommendation the timer is 210 seconds and is not configurable The counter is reset to zero each time the Layer 3 Switch receives a packet for the source group pair You can change the number of pack...

Page 478: ...el Syntax show ip pim sparse This example shows the PIM Sparse configuration information on PIM Sparse router A in Figure 19 3 This display shows the following information This Field Displays Global P...

Page 479: ...mber of seconds between Join Prune messages The Layer 3 Switch sends Join Prune messages on behalf of multicast receivers who want to join or leave a PIM Sparse group When forwarding packets from PIM...

Page 480: ...information This Field Displays Total number of Groups Lists the total number of IP multicast groups the Layer 3 Switch is forwarding Note This list can include groups that are not PIM Sparse groups...

Page 481: ...ask length The number of significant bits in the IP multicast group comparison mask This mask determines the IP multicast group numbers for which the Layer 3 Switch can be a BSR The default is 32 bits...

Page 482: ...9 255 163 1 99 99 99 5 2 239 255 163 2 99 99 99 5 3 239 255 163 3 99 99 99 5 4 239 255 162 1 99 99 99 5 5 239 255 162 2 43 43 43 1 This Field Displays Candidate RP advertisement in Indicates how many...

Page 483: ...ss Indicates the IP address of the Rendezvous Point RP for the listed PIM Sparse group This Field Displays RP Indicates the IP address of the Rendezvous Point RP for the specified PIM Sparse group Fol...

Page 484: ...ected and received in the latest Bootstrap message RP num Indicates the RP number If there are multiple RPs in the PIM Sparse domain a line of information for each of them is listed and they are numbe...

Page 485: ...playing the PIM Flow Cache To display the PIM flow cache enter the following command at any CLI level Syntax show ip pim flowcache Holdtime sec Indicates how many seconds the neighbor wants this Layer...

Page 486: ...used by Foundry technical support for troubleshooting CamIndex This field is used by Foundry technical support for troubleshooting Fid This field is used by Foundry technical support for troubleshooti...

Page 487: ...n have one of the following values 0 The entry is not for PIM Sparse and is therefore for the dense mode of PIM 1 The entry is for PIM Sparse RPT Indicates whether the cache entry uses the RP path or...

Page 488: ...r the group virtual prune ports Indicates the virtual interfaces ports on which the Layer 3 Switch has received a prune notification in a Join Prune message to remove the receiver from the list of rec...

Page 489: ...00 In release 02 2 00 when a multicast stream has no output interfaces the Layer 3 Switch can drop packets in hardware if the multicast traffic meets either of the following conditions The input port...

Page 490: ...y Protocol Independent Multicast PIM Sparse routers to exchange routing information for PIM Sparse multicast groups across PIM Sparse domains Routers running MSDP can discover PIM Sparse sources that...

Page 491: ...e contains the following information Source address 206 251 14 22 Group address 232 1 0 95 RP address 206 251 17 41 Figure 19 4 shows only one peer for the MSDP router which is also the RP here in dom...

Page 492: ...dvertised in the Source Active message the DR sends a Join message for that receiver back to the DR in the domain from which the Source Active message came Usually the DR is also the MSDP router that...

Page 493: ...config interface loopback 1 FastIron SuperX Router config lbif 1 ip address 9 9 9 9 32 FastIron SuperX Router config lbif 1 interface ethernet 3 1 FastIron SuperX Router config if 3 1 msdp peer 2 2 2...

Page 494: ...3 1 FastIron SuperX Router config if 3 1 ip address 2 2 2 98 24 FastIron SuperX Router config if 3 1 exit The following commands configure a loopback interface The Layer 3 Switch will use this interfa...

Page 495: ...er specifies a route map to use for filtering based on Rendezvous Point RP address Use this parameter if you want to filter Source Active messages based on their origin If you use the route map parame...

Page 496: ...uter config interface ethernet 3 1 FastIron SuperX Router config if 3 1 msdp peer 2 2 2 99 connect source loopback 1 FastIron SuperX Router config if 3 1 msdp peer 2 2 2 97 connect source loopback 1 F...

Page 497: ...s The process continues until all RPs within the network receive the SA message RPs send join and prune messages to appropriate points on the multicast tree towards the originating RP Configuring MSDP...

Page 498: ...be used as the source for sessions with the neighbor Next place the MSDP peers within a domain into a mesh group Use the mesh group command There are no default mesh groups The group name parameter id...

Page 499: ...back 1 FastIron SuperX Router config msdp router msdp peer 1 1 4 1 connect source loopback 1 FastIron SuperX Router config msdp router msdp peer 1 1 2 1 connect source loopback 1 FastIron SuperX Route...

Page 500: ...ck 1 FastIron SuperX Router config router pim exit FastIron SuperX Router config router bgp FastIron SuperX Router config bgp router local as 111 FastIron SuperX Router config bgp router neighbor 31 3...

Page 501: ...ter config if 8 1 ip pim sparse FastIron SuperX Router config if 1 24 exit FastIron SuperX Router config router pim FastIron SuperX Router config router pim bsr candidate loopback 1 2 32 FastIron Supe...

Page 502: ...terface ethernet 12 2 FastIron SuperX Router config if 12 1 ip address 34 34 34 3 255 255 255 0 FastIron SuperX Router config if 12 1 ip pim sparse FastIron SuperX Router config if 12 1 exit FastIron...

Page 503: ...1 FastIron SuperX Router config if ip address 24 24 24 4 255 255 255 0 FastIron SuperX Router config if ip pim sparse FastIron SuperX Router config if exit FastIron SuperX Router config interface ethe...

Page 504: ...can display the following MSDP information Summary information the IP addresses of the peers the state of the Layer 3 Switch s MSDP session with each peer and statistics for Keepalive Source Active a...

Page 505: ...s sent to the peer Table 19 2 MSDP Summary Information Continued This Field Displays FastIron SuperX Router config msdp router show ip msdp peer Total number of MSDP Peers 2 IP Address State 1 206 251...

Page 506: ...ive time is 60 seconds and is not configurable Hold Time The hold time which specifies how many seconds the MSDP router will wait for a KEEPALIVE or UPDATE message from an MSDP neighbor before decidin...

Page 507: ...ssage SA Response Error 4 Hold Timer Expired 5 Finite State Machine Error 6 Notification 7 Cease For information about these error codes see section 17 in the Internet draft describing MSDP draft ietf...

Page 508: ...t acknowledgment from the remote TCP LAST ACK Waiting for an acknowledgment of the connection termination request previously sent to the remote TCP which includes an acknowledgment of its connection t...

Page 509: ...er of additional entries for which the cache has room Index The cache entry number SourceAddr The IP address of the multicast source GroupAddr The IP multicast group to which the source is sending inf...

Page 510: ...group Clearing MSDP Statistics To clear MSDP statistics enter the following command at the Privileged EXEC level of the CLI FastIron SuperX Router clear ip msdp statistics Syntax clear ip msdp statist...

Page 511: ...multicast packet and sends a prune message back upstream This process is known as reverse path forwarding In Figure 19 7 the root node R1 is forwarding multicast packets for group 229 225 0 2 that it...

Page 512: ...lticast packets from source host Group Member Group Member Leaf Node No Group Members R5 R3 R4 R6 R1 R2 Leaf Node Leaf Node Video Conferencing Server 207 95 5 1 229 225 0 1 Source Group Group Member G...

Page 513: ...n the tree Configuring DVMRP Enabling DVMRP on the Layer 3 Switch and Interface Suppose you want to initiate the use of desktop video for fellow users on a sprawling campus network All destination wor...

Page 514: ...version of the command to re enable DVMRP Enabling DVMRP on an Interface After globally enabling DVMRP on a Layer 3 Switch enable it on each interface that will support the protocol To enable DVMRP o...

Page 515: ...aft Retransmit Time The Graft Retransmit Time defines the initial period of time that a router sending a graft message will wait for a graft acknowledgement from an upstream router before re transmitt...

Page 516: ...ket in order for the packet to be forwarded out the interface For example if the TTL for an interface is set at 10 it means that only those packets with a TTL value of 10 or more are forwarded Likewis...

Page 517: ...ry Switch and Router Command Line Interface Reference Configuring an IP Tunnel IP tunnels are used to send traffic through routers that do not support IP multicasting IP Multicast datagrams are encaps...

Page 518: ...covers multicast groups in the 239 255 162 x range except the 239 255 162 2 group enter commands such as the following FastIron SuperX Router config access list 5 deny host 239 255 162 2 FastIron Supe...

Page 519: ...ddress of the RP for the listed multicast group In the example above you see the following The first three lines show the multicast group addresses that are covered by the RP candidate The last three...

Page 520: ...terface loopback 1 FastIron SuperX Router config lbif 1 ip address 88 88 88 8 255 255 255 0 FastIron SuperX Router config lbif 1 ip pim sparse FastIron SuperX Router config lbif 1 exit FastIron SuperX...

Page 521: ...ast source address Thus if you want to configure a multicast static route for a specific multicast source and also configure another multicast static route for all other sources you can configure two...

Page 522: ...istance This parameter is used by the software to determine the best path for the route Thus to ensure that the Layer 3 Switch uses the default static route assign a low administrative distance value...

Page 523: ...the PIM group the source IP address is in Figure 19 11 shows an example of an IP multicast group The command example shown above is entered on PIM router A Figure 19 11 Example PIM Group The command e...

Page 524: ...rrow following an interface in the display points to a router address this is the address of the next hop PIM router on that interface In this example PIM interface 207 95 8 1 on PIM router 207 95 8 1...

Page 525: ...routing protocol The protocol uses link state advertisements LSA to update neighboring routers regarding its interfaces and information on those interfaces The router floods these LSAs to all neighbo...

Page 526: ...IP addresses This aggregate value becomes the address that is advertised instead all of the individual addresses it represents being advertised You can assign up to 32 ranges in an OSPF area An OSPF...

Page 527: ...point of contact thereby improving convergence time within a multi access segment In an OSPF point to point network where a direct Layer 3 connection exists between a single pair of OSPF routers ther...

Page 528: ...the highest priority is elected as the DR and the router with the next largest priority is elected as the BDR as shown in Figure 20 2 Figure 20 2 Designated and backup router election If the DR goes...

Page 529: ...figure the system to operate with the RFC 2178 see Modify OSPF Standard Compliance Setting on page 20 35 Reduction of Equivalent AS External LSAs An OSPF ASBR uses AS External link advertisements AS E...

Page 530: ...the highest router ID floods the AS External LSAs for the external domain into the OSPF AS while the other ASBRs flush the equivalent AS External LSAs from their databases As a result the overall vol...

Page 531: ...annot be disabled No user configuration is required Normally an OSPF router uses the network address alone for the link state ID of the link state advertisement LSA for the network For example if the...

Page 532: ...without a system reset by first disabling and then re enabling OSPF operation changes to address ranges changes to global values for redistribution addition of new virtual links You also can change th...

Page 533: ...or re enable load sharing Enable or disable default information originate Modify Shortest Path First SPF timers Define external route summarization Define redistribution metric type Define deny redist...

Page 534: ...on is gone If you are testing an OSPF configuration and are likely to disable and re enable the protocol you might want to make a backup copy of the startup config file containing the protocol s confi...

Page 535: ...l accepts summary LSAs from OSPF neighbors and floods them to other neighbors The Layer 3 Switch can form adjacencies with other routers regardless of whether summarization is enabled or disabled for...

Page 536: ...es that the NSSA s ABR exports into other areas The Foundry implementation of NSSA is based on RFC 1587 Figure 20 5 shows an example of an OSPF network containing an NSSA Figure 20 5 OSPF network cont...

Page 537: ...ses represented by the aggregate You can configure up to 32 ranges in an OSPF area To configure an address range in NSSA 1 1 1 1 enter the following commands This example assumes that you have already...

Page 538: ...X Router config if 1 8 write memory Modify Interface Defaults OSPF has interface parameters that you can configure For simplicity each of these parameters has a default value No change to these defaul...

Page 539: ...n MD5 key The key ID is a number from 1 255 and identifies the MD5 key that is being used The MD5 key consists of up to 16 alphanumeric characters The MD5 is encrypted and included in each OSPF packet...

Page 540: ...e current authentication change interval After this the software uses the new authentication for sending packets Inbound OSPF packets The software accepts packets containing the new authentication and...

Page 541: ...c is not feasible for example when a firewall does not allow multicast packets On a non broadcast interface the routers at the other end of this interface must also be configured as non broadcast and...

Page 542: ...ckbone the ABR can configure a virtual link to another router within the same area which has a physical connection to the area backbone The path for a virtual link is through an area shared by the nei...

Page 543: ...a 1 virtual link 209 157 22 1 FESX424 RouterA config ospf router write memory Enter the following commands to configure the virtual link on FastIronC FESX424 RouterC config ospf router area 1 virtual...

Page 544: ...password of up to 16 characters that is later encrypted and included in each OSPF packet transmitted You must enter a password in this field when the system is configured to operate with either simple...

Page 545: ...ill not match the value you intended to use Changing the Reference Bandwidth for the Cost on OSPF Interfaces Each interface on which OSPF is enabled has a cost associated with it The Layer 3 Switch ad...

Page 546: ...hich is rounded up to 1 The costs for 10 Mbps 100 Mbps and 155 Mbps ports change as a result of the changed reference bandwidth Costs for higher speed interfaces remain the same Syntax no auto cost re...

Page 547: ...n filters If you enable redistribution before you configure the redistribution filters the filters will not take affect and all routes will be distributed Figure 20 7 Redistributing OSPF and static ro...

Page 548: ...For example to enable redistribution of RIP and static IP routes into OSPF enter the following commands FESX424 Router config router ospf FESX424 Router config ospf router redistribution rip FESX424...

Page 549: ...network from entering the IP route table The distribution list does not prevent the routes from entering the OSPF database Syntax no distribute list acl name acl id in interface type interface number...

Page 550: ...no ip access list extended acl name acl id Syntax deny permit ip protocol source ip wildcard destination ip wildcard The acl name acl id parameter specifies the ACL name or ID The deny permit paramete...

Page 551: ...the policy to match on all network masks enter any any Modify Default Metric for Redistribution The default metric is a global parameter that specifies the cost applied to all OSPF routes by default...

Page 552: ...n filter Since only one of the static IP routes configured above matches the route map only one route is redistributed Notice that the route s metric is 5 before redistribution but is 8 after redistri...

Page 553: ...hat is redistributed without using a route map For a route redistributed without using a route map the metric is set by the default metric num command Disable or Re enable Load Sharing Foundry routers...

Page 554: ...ch advertises the aggregate route If an imported route that falls with in a configured address range is removed by the Layer 3 Switch no action is taken if there are other imported route s that fall w...

Page 555: ...lt route regardless of other configuration parameters unless you explicitly enable default route origination using the following method If the Layer 3 Switch is an ASBR you can use the always option w...

Page 556: ...t wait between consecutive SPF calculations You can set the delay and hold time to lower values to cause the Layer 3 Switch to change to alternate paths more quickly in the event of a route failure No...

Page 557: ...r inter area routes intra area routes and external routes enter the following command FESX424 Router config ospf router distance external 100 FESX424 Router config ospf router distance inter area 90 F...

Page 558: ...mmary of OSPF traps supported on Foundry routers their corresponding CLI commands and their associated MIB objects from RFC 1850 interface state change trap MIB object OspfIfstateChange virtual interf...

Page 559: ...config ospf router data base overflow interval 60 Syntax database overflow interval value The value can be from 0 86400 seconds The default is 0 seconds Configuring an OSPF Point to Point Link In an...

Page 560: ...option is enabled by default The bad_packet option logs all other bad OSPF packets This option is disabled by default The database option logs OSPF LSA related information This option is disabled by...

Page 561: ...p Enabled Virtual Neighbor State Change Trap Enabled Interface Configuration Error Trap Enabled Virtual Interface Configuration Error Trap Enabled Interface Authentication Failure Trap Enabled Virtual...

Page 562: ...seconds and can be from 1 900 If you use this parameter the command lists the usage statistics only for the specified number of seconds If you do not use this parameter the command lists the usage sta...

Page 563: ...ea Information This Field Displays Indx The row number of the entry in the router s OSPF area table Area The area number Type The area type which can be one of the following nssa normal stub Cost The...

Page 564: ...cription Port The port through which the Layer 3 Switch is connected to the neighbor The port on which an OSPF point to point link is configured Address The IP address of this Layer 3 Switch s interfa...

Page 565: ...ption packets to the neighbor Each Database Description packet has a DD sequence number and is explicitly acknowledged Only one Database Description packet can be outstanding at any time In this state...

Page 566: ...tr point to point Pri The link ID as defined in the router LSA This value can be one of the following 1 point to point link 3 point to point link with an assigned subnet Cost The configured output cos...

Page 567: ...Unloop_Indication 0x05 Interface_Down 0x06 Interface_Passive 0x07 Adjacent Neighbor Count The number of adjacent neighbor routers Neighbor The neighbor router s ID Table 20 4 Output of the show ip osp...

Page 568: ...within the local area External1 The path to the destination is a type 1 external route External2 The path to the destination is a type 2 external route Adv_Router The OSPF router that advertised the...

Page 569: ...num extensive link state id ip addr router id ip addr sequence number num Hex status num Type The route type which can be one of the following OSPF Static Replaced by OSPF Arp_Index The index position...

Page 570: ...ter show ip ospf database link state Syntax show ip ospf database link state advertise num asbr extensive link state id ip addr network nssa opaque area router router id ip addr sequence number num He...

Page 571: ...nk state id ip addr router id ip addr sequence number num Hex status num To determine an external LSA s or other type of LSA s index number enter one of the following commands to display the appropria...

Page 572: ...splaying OSPF Trap Status All traps are enabled by default when you enable OSPF To disable or re enable an OSPF trap see Modify OSPF Traps Generated on page 20 34 To display the state of each OSPF tra...

Page 573: ...hapter contains the following information Table 21 1 Chapter Contents Description See Page Overview of BGP4 21 2 Configuring and activating BGP4 21 6 BGP4 parameters 21 7 Memory considerations 21 9 Ba...

Page 574: ...collection of networks that share the same routing and administration characteristics For example a corporate intranet consisting of several networks under common administrative control might be consi...

Page 575: ...8 bits applied to the IP address 192 215 129 0 When a BGP4 Layer 3 Switch advertises a route to one of its neighbors the route is expressed in this format AS path A list of the other ASs through which...

Page 576: ...INCOMPLETE INCOMPLETE is highest 7 If the routes have the same origin type prefer the route with the lowest MED For a definition of MED see Configuring the Layer 3 Switch To Always Compare Multi Exit...

Page 577: ...messages to update route information and maintain communication If BGP4 neighbors are using different Hold Times the lowest Hold Time is used by the neighbors If the Hold Time expires the BGP4 router...

Page 578: ...lar interval the Keep Alive Time The default Keep Alive Time on Foundry Layer 3 Switches is 60 seconds A parameter related to the Keep Alive Time is the Hold Time A BGP4 router s Hold Time determines...

Page 579: ...fter disabling the protocol all the configuration information for the disabled protocol is removed from the startup config file The CLI displays a warning message such as the following FESX424 Router...

Page 580: ...SPF Optional Change the parameters for RIP OSPF or static routes redistributed into BGP4 Optional Change the number of paths for BGP4 load sharing Optional Change other load sharing parameters Optiona...

Page 581: ...tting Neighbor Sessions The following parameter changes take effect only after the router s BGP4 sessions are cleared or reset using the soft clear option See Closing or Resetting a Neighbor Session o...

Page 582: ...llion incoming routes the capacity for outgoing routes decreases by around two million Memory Configuration Options Obsoleted by Dynamic Memory Devices that support dynamic BGP4 memory allocation do n...

Page 583: ...t to use the router ID that is already in use on the router rather than set a new one To display the router ID enter the show ip CLI command at any CLI level To change the router ID enter a command su...

Page 584: ...value can be from 1 4 on the NetIron Stackable Layer 3 Switch Adding BGP4 Neighbors The BGP4 protocol does not contain a peer discovery process Therefore for each of the router s BGP4 neighbors peers...

Page 585: ...ing initial updates to a BGP4 neighbor As a result the Layer 3 Switch sends the updates one immediately after another without waiting for the advertisement interval capability orf prefixlist send rece...

Page 586: ...configured See Filtering AS Paths on page 21 41 maximum prefix num specifies the maximum number of IP network prefixes routes that can be learned from the specified neighbor or peer group You can spe...

Page 587: ...s whether the list is applied on updates received from the neighbor or sent to the neighbor NOTE The route map must already be configured See Defining Route Maps on page 21 48 route reflector client s...

Page 588: ...ion to the startup config file the file contains the new BGP4 command syntax and encrypted passwords or strings NOTE Foundry recommends that you save a copy of the startup config file for each Layer 3...

Page 589: ...ion string In this case the software decrypts the password or string you enter before using the value for authentication If you accidentally enter option 1 followed by the clear text version of the pa...

Page 590: ...ty to the Layer 3 Switch Once you add a neighbor to a peer group you cannot configure the following outbound parameters the parameters governing outbound traffic for the neighbor Default information o...

Page 591: ...Group1 peer group FESX424 Router config bgp router neighbor PeerGroup1 description EastCoast Neighbors FESX424 Router config bgp router neighbor PeerGroup1 remote as 100 FESX424 Router config bgp rout...

Page 592: ...pplying all the neighbor attributes specified in the peer group to the neighbor To add neighbors to a peer group enter commands such as the following FESX424 Router config bgp router neighbor 192 168...

Page 593: ...ollowing sections describe how to perform optional BGP4 configuration tasks Changing the Keep Alive Time and Hold Time The Keep Alive Time specifies how frequently the router will send KEEPALIVE messa...

Page 594: ...plies only to directly attached EBGP neighbors The feature does not apply to IBGP neighbors If you want to enable the router to immediately close the BGP4 session and TCP connection to locally attache...

Page 595: ...BGP4 next hop goes down the software removes this path from the BGP4 route table and the IP route table Similarly if an additional OSPF path becomes available to reach the BGP4 next hop router for a p...

Page 596: ...st route map map name weight num backdoor The ip addr is the network number and the ip mask specifies the network mask The nlri multicast unicast multicast unicast parameter specifies whether the neig...

Page 597: ...cal preference value as an attribute of a route in an UPDATE message Local preference applies only to routes within the local AS BGP4 routers can exchange local preference information with neighbors w...

Page 598: ...r 3 Switch performs a route lookup to obtain the IP address of the route s next hop A BGP4 route becomes eligible for installation into the IP route table only if the following conditions are true The...

Page 599: ...and thus is considered unreachable by the Layer 3 Switch Here is the IP route table entry for the BGP route s next hop gateway 102 0 0 1 24 The route to the next hop gateway is a BGP route not an IGP...

Page 600: ...ber of BGP Routes 5 Status A AGGREGATE B BEST b NOT INSTALLED BEST C CONFED_EBGP D DAMPED H HISTORY I IBGP L LOCAL M MULTIPATH S SUPPRESSED Prefix Next Hop Metric LocPrf Weight Status 1 0 0 0 0 0 10 1...

Page 601: ...learned best BGP4 route to the Layer 3 Switch s neighbors even when the software does not also select that route for installation in the IP route table The best BGP4 routes is the BGP4 path that the...

Page 602: ...a value from 1 255 The local distance sets the Local BGP distance and can be a value from 1 255 Requiring the First AS to be the Neighbor s AS By default the Foundry device does not require the first...

Page 603: ...havior is called deterministic MED 0Deterministic MED is always enabled and cannot be disabled In addition you can enable the Layer 3 Switch to always compare the MEDs regardless of the AS information...

Page 604: ...configuration for route reflection takes place on the route reflectors The clients are unaware that they are members of a route reflection cluster All members of the cluster must be in the same AS Th...

Page 605: ...e that has its own cluster ID the router discards the advertisement and does not forward it The Foundry device handles the attributes as follows The Layer 3 Switch adds the attributes only if it is a...

Page 606: ...to configure the same cluster ID on all the route reflectors in the cluster The cluster ID helps route reflectors avoid loops within the cluster To add an IBGP neighbor to the cluster enter the follo...

Page 607: ...two sub ASs each containing two of the routers The sub ASs are members of confederation 10 Routers within a sub AS must be fully meshed and communicate using IBGP In this example routers A and B use I...

Page 608: ...nds that you use a number within the range of well known private ASs 64512 65535 Syntax confederation identifier num The num parameter with the confederation identifier command indicates the confedera...

Page 609: ...55 0 0 The as set parameter causes the router to aggregate AS path information for all the routes in the aggregate address into a single AS path The nlri multicast unicast multicast unicast parameter...

Page 610: ...ly connected routes enter the following command FESX424 Router config bgp router redistribute connected Syntax redistribute connected metric num route map map name The connected parameter indicates th...

Page 611: ...h internal external1 external2 command the software uses only the route map for filtering Redistributing Static Routes To configure the Layer 3 Switch to redistribute static routes enter the following...

Page 612: ...page 21 47 Defining Neighbor Distribute Lists on page 21 47 Defining Route Maps on page 21 48 Using a Table Map To Set the Tag Value on page 21 55 Configuring Cooperative BGP4 Route Filtering on page...

Page 613: ...he significant bits and changes the non significant portion of the IP address into zeros For example if you specify 209 157 22 26 24 or 209 157 22 26 0 0 0 255 then save the changes to the startup con...

Page 614: ...er 3 Switch permits from neighbor 10 10 10 1 are those whose AS paths contain AS path number 100 Syntax ip as path access list string seq seq value deny permit regular expression The string parameter...

Page 615: ...egular Expressions Character Operation The period matches on any single character including a blank space For example the following regular expression matches for aa ab ac and so on but not just a a T...

Page 616: ...You can use the following expression symbols within the brackets These symbols are allowed only inside the brackets The caret matches on any characters except the ones in the brackets For example the...

Page 617: ...configure the last filter or ACL entry as permit any any Community filters or ACLs can be referred to by match statements in a route map Defining a Community Filter To define filter 3 to permit route...

Page 618: ...ies whether you are configuring a standard community ACL or an extended one A standard community ACL does not support regular expressions whereas an extended one does This is the only difference betwe...

Page 619: ...software numbers them in increments of 5 beginning with prefix list entry 5 The software interprets the prefix list entries in numerical order beginning with the lowest sequence number The deny permit...

Page 620: ...ter stops evaluating the route against the route map instances Route maps can contain match statements and set statements Each route map contains a permit or deny action for routes that match the matc...

Page 621: ...instance 1 of a route map named GET_ONE with a permit action enter the following command FESX424 Router config route map GET_ONE permit 1 FESX424 Router config routemap GET_ONE Syntax no route map ma...

Page 622: ...or AS path ACL see Filtering AS Paths on page 21 41 To configure a community filter or community ACL see Filtering Communities on page 21 45 You can enter up to six community names on the same command...

Page 623: ...d on Destination Network To construct match statements for a route map that match based on destination network use the following method You can use the results of an IP ACL or an IP prefix list as the...

Page 624: ...export FESX424 Router config route map bgp2 permit 1 FESX424 Router config routemap bgp2 match community std_1 exact match The first command configures a community ACL that contains community number...

Page 625: ...see Configuring Route Flap Dampening on page 21 58 The default interface null0 parameter redirects the traffic to the specified interface You can send the traffic to the null0 interface which is the s...

Page 626: ...a neighbor enter commands such as the following FESX424 Router config access list 1 permit 192 168 9 0 0 0 0 255 FESX424 Router config route map bgp4 permit 1 FESX424 Router config routemap bgp4 matc...

Page 627: ...uration You create it simply by calling an existing route map a table map You can have one table map NOTE Use table maps only for setting the tag value Do not use table maps to set other attributes To...

Page 628: ...2 3 4 prefix list Routesfrom1234 in FESX424 Router config bgp router neighbor 1 2 3 4 capability orf prefixlist send The first two commands configure statements for the IP prefix list Routesfrom1234...

Page 629: ...4 This command resets the BGP4 session with neighbor 1 2 3 4 and sends the ORFs to the neighbor If the neighbor sends ORFs to the Layer 3 Switch the Layer 3 Switch accepts them if the send capability...

Page 630: ...efault You can enable the feature globally or on an individual route basis using route maps NOTE The Layer 3 Switch applies route flap dampening only to routes learned from EBGP neighbors The route fl...

Page 631: ...efaults to 60 minutes You can configure route flap dampening globally or for individual routes using route maps If you configure route flap dampening parameters globally and also use route maps the se...

Page 632: ...You can use a route map to configure route flap dampening for a specific neighbor by performing the following tasks Configure an empty route map with no match or set statements This route map does not...

Page 633: ...g the first route map is still required The second route map enables dampening for the neighbors to which the route map is applied However unless dampening is already enabled globally by the first rou...

Page 634: ...ise the unsuppressed route Syntax no neighbor ip addr peer group name unsuppress map map name FESX424 Router config bgp router aggregate address 209 1 0 0 255 255 0 0 summary only FESX424 Router confi...

Page 635: ...p dampening statistics only for routes learned from the specified neighbor You also can display route flap statistics for routes learned from a neighbor by entering the following command show ip bgp n...

Page 636: ...the routes See Displaying Route Flap Dampening Statistics on page 21 63 Generating Traps for BGP You can enable and disable SNMP traps for BGP BGP traps are enabled by default To enable BGP traps aft...

Page 637: ...um number of routes and neighbors supported and some BGP4 statistics To view summary BGP4 information for the router enter the following command at any CLI prompt FESX424 Router show ip bgp summary BG...

Page 638: ...me destination The feature is enabled by default but the default number of paths is 1 You can increase the number from 2 4 paths See Changing the Maximum Number of Paths for BGP4 Load Sharing on page...

Page 639: ...neighbor Note If the state frequently changes between CONNECT and ACTIVE there may be a problem with the TCP connection OPEN SENT BGP4 is waiting for an Open message from the neighbor OPEN CONFIRM BG...

Page 640: ...soft reconfiguration is not enabled this field shows the number of BGP4 routes that have been filtered out Sent The number of BGP4 routes that the Layer 3 Switch has sent to the neighbor ToSend The nu...

Page 641: ...from 1 900 If you use this parameter the command lists the usage statistics only for the specified number of seconds If you do not use this parameter the command lists the usage statistics for the pr...

Page 642: ...Routes The number of routes that the Layer 3 Switch selected as the best routes to their destinations BEST Routes not Installed in IP Forwarding Table The number of routes received from the neighbor t...

Page 643: ...loop occurs when the BGP4 AS path attribute contains the local AS number Invalid Nexthop The next hop value was not acceptable Duplicated Originator_ID The originator ID was the same as the local rout...

Page 644: ...was no memory for attribute entries Accepting Routes NLRI The number of NLRIs discarded because there was no memory for NLRI entries This count is not included in the Receiving Update Messages count...

Page 645: ...rs ip addr advertised routes detail ip addr mask bits attribute entries detail flap statistics last packet with error received prefix filter received routes routes best detail best not installed best...

Page 646: ...ghbor that the Layer 3 Switch selected as the best routes to their destinations not installed best Displays the routes received from the neighbor that are the best BGP4 routes to their destinations bu...

Page 647: ...session EBGP The neighbor is in another AS EBGP_Confed The neighbor is a member of another sub AS in the same confederation IBGP The neighbor is in the same AS RouterID The neighbor s router ID Descri...

Page 648: ...with the TCP connection OPEN SENT BGP4 is waiting for an Open message from the neighbor OPEN CONFIRM BGP4 has received an OPEN message from the neighbor and is now waiting for either a KEEPALIVE or NO...

Page 649: ...the dynamic refresh capability CooperativeFilteringCapability Whether the neighbor is enabled for cooperative route filtering Distribute list Lists the distribute list parameters if configured Filter...

Page 650: ...Unsupported Version Number Bad Peer AS Number Bad BGP Identifier Unsupported Optional Parameter Authentication Failure Unacceptable Hold Time Unsupported Capability UPDATE Message Error Malformed Att...

Page 651: ...y implementation Reset All Peer Sessions User Reset Peer Session Port State Down Peer Removed Peer Shutdown Peer AS Number Change Peer AS Confederation Change TCP Connection KeepAlive Timeout TCP Conn...

Page 652: ...Synchronized Bad Message Length Bad Message Type Unspecified Open Message Error Unsupported Version Bad Peer As Bad BGP Identifier Unsupported Optional Parameter Authentication Failure Unacceptable Ho...

Page 653: ...request acknowledgment from the remote TCP LAST ACK Waiting for an acknowledgment of the connection termination request previously sent to the remote TCP which includes an acknowledgment of its conne...

Page 654: ...eighbor The Routing Information Base RIB for a specific network advertised to the neighbor You can display the RIB regardless of whether the Layer 3 Switch has already sent it to the neighbor To displ...

Page 655: ...were nonetheless not installed in the IP route table because the Layer 3 Switch received better routes from other sources such as OSPF RIP or static IP routes Unreachable Routes The number of routes...

Page 656: ...le Duplicated Originator_ID The originator ID was the same as the local router ID Cluster_ID The cluster list contained the local cluster ID or contained the local router ID see above if the cluster I...

Page 657: ...Layer 3 Switch has run out of BGP4 memory for the neighbor during the current BGP4 session Receiving Update Messages The number of times UPDATE messages were discarded because there was no memory for...

Page 658: ...outer show ip bgp neighbor 192 168 4 211 routes unreachable Syntax show ip bgp neighbor ip addr routes unreachable For information about the fields in this display see Table 21 10 on page 21 91 The fi...

Page 659: ...routes in the BGP4 route table that this Layer 3 Switch originated Routes selected as BEST routes The number of routes in the BGP4 route table that this Layer 3 Switch has selected as the best routes...

Page 660: ...path ACL The best parameter displays the routes received from the neighbor that the Layer 3 Switch selected as the best routes to their destinations The cidr only option lists only the routes whose ne...

Page 661: ...ve a valid RIP OSPF or static route to the next hop Displaying the Best BGP4 Routes To display all the BGP4 routes in the Layer 3 Switch s BGP4 route table that are the best routes to their destinatio...

Page 662: ...outes and installed in the IP route table display the IP route table using the show ip route command Displaying BGP4 Routes Whose Destinations Are Unreachable To display BGP4 routes whose destinations...

Page 663: ...route option Prefix The network address and prefix Next Hop The next hop router for reaching the network from the Layer 3 Switch Metric The value of the route s MED attribute If the route does not hav...

Page 664: ...h routes from a specific neighbor For example if the router receives routes to the same destination from two BGP4 neighbors the router prefers the route from the neighbor with the larger weight Path T...

Page 665: ...dampened by the route dampening feature and is currently unusable H HISTORY Route dampening is configured for this route and the route has a history of flapping and is unreachable now I INTERNAL The...

Page 666: ...eless not installed in the IP route table because the Layer 3 Switch received better routes from other sources such as OSPF RIP or static IP routes C CONFED_EBGP The route was learned from a neighbor...

Page 667: ...he router receives routes to the same destination from two BGP4 neighbors the router prefers the route from the neighbor with the larger weight Atomic Whether network information in this route has bee...

Page 668: ...outer for routes that have this set of attributes Metric The cost of the routes that have this set of attributes Origin The source of the route information The origin can be one of the following EGP T...

Page 669: ...s and is otherwise 0 Router ID shows the router that originated this aggregator Atomic Whether the network information in this set of attributes has been aggregated and this aggregation has resulted i...

Page 670: ...o can display route flap statistics for routes learned from a neighbor by entering the following command show ip bgp neighbor ip addr flap statistics The filter list num parameter specifies one or mor...

Page 671: ...nd set statements within each route map are listed beneath the command for the route map itself In this simplified example each route map contains only one match or set statement Table 21 13 Route Fla...

Page 672: ...vices re establish their BGP4 sessions You also can clear and reset the BGP4 routes that have been installed in the IP route table See Clearing and Resetting BGP4 Routes in the IP Route Table on page...

Page 673: ...en you enable soft reconfiguration the Layer 3 Switch saves all updates received from the specified neighbor or peer group This includes updates that contain routes that are filtered out by the BGP4 r...

Page 674: ...utes Dynamically Requesting a Route Refresh from a BGP4 Neighbor You can easily apply changes to filters that control BGP4 routes received from or advertised to a neighbor without resetting the BGP4 s...

Page 675: ...nterface with the Layer 3 Switch The peer group name specifies all neighbors in a specific peer group The as num parameter specifies all neighbors within the specified AS The all parameter specifies a...

Page 676: ...place a new or changed outbound policy or filter into effect you must enter a clear ip bgp neighbor command regardless of whether the neighbor session is up or down You can enter the command without...

Page 677: ...updates to advertise change or even withdraw routes on the neighbor as needed This ensures that the neighbor receives only the routes you want it to contain Even if the neighbor already contains a ro...

Page 678: ...clear ip route command but applies only to routes that come from BGP4 Clearing Traffic Counters You can clear the counters reset them to 0 for BGP4 messages To do so use one of the following methods T...

Page 679: ...packet that contained an error The last NOTIFICATION message either sent or received by the Layer 3 Switch To display these buffers use options with the show ip bgp neighbors command See Displaying BG...

Page 680: ...onfiguration Guide for the FESX FSX and FWSX 21 108 Foundry Networks Inc December 2005 peer group The as num parameter specifies all neighbors within the specified AS The all parameter specifies all n...

Page 681: ...ocol This chapter contains the following information NOTE VRRP and VRRPE are separate protocols You cannot use them together Table 22 1 Chapter Contents Description See Page Overview of VRRP and VRRPE...

Page 682: ...e host knows its gateway Consider the situation shown in Figure 22 1 Figure 22 1 Router1 is Host1 s default gateway but is a single point of failure As shown in this example Host1 uses 192 53 5 1 on R...

Page 683: ...Master router becomes unavailable Virtual Router MAC Address Notice the MAC address associated with VRID1 The first five octets of the address are the standard MAC prefix for VRRP packets as described...

Page 684: ...mine which router becomes the Master When you configure the VRID on a router interface you specify whether the router is the Owner of the IP address es you plan to associate with the VRID or a Backup...

Page 685: ...ges the Master router sends to its Backups is the Master router s priority If the track port feature results in a change in the Master router s priority the Backup routers quickly become aware of the...

Page 686: ...the VRID The Master owns the Virtual MAC address VRRPE uses the interface s actual MAC address as the source MAC address The MAC address is 02 E0 52 hash value vrid where hash value is a two octet has...

Page 687: ...20 so that all traffic destined to the Internet is sent through RouterB instead Similarly RouterB is the master for VRID 2 backup priority 110 and RouterA is the backup for VRID 2 backup priority 100...

Page 688: ...protocol does not have an Owner as VRRP does There is no restriction on which router can be the default master router In VRRP the Owner the Layer 3 Switch on which the IP interface that is used for th...

Page 689: ...you are creating by configuring multiple routers to back up an IP interface You must configure the same VRID on each router that you want to use to back up the address No default None 22 3 22 11 22 1...

Page 690: ...IP address used by the VRID All other routers for the VRID are Backups VRRPE All routers for the VRID are Backups 22 14 Backup priority A numeric value that determines a Backup s preferability for be...

Page 691: ...terval can be from 60 3600 seconds You must enable the Backup to send the messages The messages are disabled by default on Backups The current Master whether the VRRP Owner or a Backup sends Hello mes...

Page 692: ...all the default values enter commands such as the following on each Layer 3 Switch Router2 config router vrrp extended Router2 config inter e 1 5 Router2 config if 1 5 ip address 192 53 5 3 Router2 c...

Page 693: ...ou configure the VRID use authentication Router type Owner or Backup NOTE For VRRP change the router type only if you have moved the real IP address from one router to another or you accidentally conf...

Page 694: ...e configured for simple password authentication and use the same password VRRPE Syntax Syntax ip vrrp extended auth type no auth simple text auth auth data The parameter values are the same as for VRR...

Page 695: ...his interface and VRID from the default 2 to a value from 1 254 Syntax backup priority value track priority value The priority value parameter specifies the VRRP priority for this interface and VRID Y...

Page 696: ...with the highest priority becomes the new Master The Dead interval can be from 1 84 seconds The default is 3 5 seconds This is three times the default Hello interval 1 second plus one half second adde...

Page 697: ...nd a tracked interface with track priority 60 goes down the software changes the VRRPE interface s priority to 40 If another tracked interface goes down the software reduces the VRID s priority again...

Page 698: ...perX Router config if 1 6 vrid 1 owner priority 99 Syntax no owner priority track priority num The num parameter specifies the new priority and can be a number from 1 254 When you press Enter the soft...

Page 699: ...s parameter the command displays VRRP or VRRPE information only for the specified virtual interface The stat parameter displays statistics See Displaying Statistics on page 22 26 This display shows th...

Page 700: ...ivate the VRID make sure that the VRID is also configured on the other routers and that the routers can communicate with each other Note If the state is Init and the mode is incomplete make sure you h...

Page 701: ...e The stat parameter displays statistics See Displaying Statistics on page 22 26 FastIron SuperX Router config show ip vrrp Total number of VRRP routers defined 1 Interface ethernet 1 5 auth type no a...

Page 702: ...RRPE state for the VRID The state can be one of the following initialize The VRID is not enabled activated If the state remains initialize after you activate the VRID make sure that the VRID is also c...

Page 703: ...he dead interval is the number of seconds a Backup waits for a Hello message from the Master for the VRID before determining that the Master is no longer active If the Master does not send a Hello mes...

Page 704: ...e This field applies only when this Layer 3 Switch is the Master and the Backup is configured to send Hello messages the advertise backup option is enabled master router ip addr expires in time The IP...

Page 705: ...cate with each other Note If the state is Init and the mode is incomplete make sure you have specified the IP address for the VRID Backup This Layer 3 Switch is a Backup for the VRID Master This Layer...

Page 706: ...e statistic parameter displays statistics This parameter is required for displaying the statistics This display shows the following information Table 22 6 CLI Display of VRRP or VRRPE Statistics This...

Page 707: ...number of IP packets addressed to the VRID that were dropped rxed vrrp port mismatch count The number of packets received that did not match the configuration for the receiving interface rxed vrrp ip...

Page 708: ...previous 1 second plus 80 milliseconds Syntax show process cpu num The num parameter specifies the number of seconds and can be from 1 900 If you use this parameter the command lists the usage statis...

Page 709: ...ip address command is the same IP address as the one entered when configuring Router1 In this case the IP address cannot also exist on Router2 but the interface on which you are configuring the VRID B...

Page 710: ...24 Router1 config if 1 6 ip vrrp extended vrid 1 Router1 config if 1 6 vrid 1 backup priority 110 track priority 20 Router1 config if 1 6 vrid 1 track port ethernet 2 4 Router1 config if 1 6 vrid 1 i...

Page 711: ...back up the address but you are not duplicating the address NOTE When you configure a Backup router the router interface on which you are configuring the VRID must have a real IP address that is in th...

Page 712: ...Foundry Configuration Guide for the FESX FSX and FWSX 22 32 Foundry Networks Inc December 2005...

Page 713: ...ault local storage device for image files and configuration files Secondary flash A second flash storage device You can use the secondary flash to store redundant images for additional booting reliabi...

Page 714: ...h Image Version Running on the Device To determine the flash image version running on a device enter the show version command at any level of the CLI Some examples are shown below FESX and FWSX Device...

Page 715: ...s shown in bold type FastIron SuperX Switch show version SW Version 02 0 00T2e1 Copyright c 1996 2004 Foundry Networks Inc Compiled on Dec 20 2004 at 16 08 06 labeled as SXS02000 2294152 bytes from Pr...

Page 716: ...lease Beginning with release 02 3 01 FESX and FSX devices share the same flash images In releases prior to 02 3 01 FESX and FSX flash images were separate and were issued via separate software release...

Page 717: ...presented in Upgrading the Flash Code on page 23 5 Upgrading from FSX 02 2 01a or later to the New Release 1 Upgrade the boot code to the new version SXZ0xxxx bin using the steps presented in Upgradin...

Page 718: ...igure a read write community string enter the following command from the global CONFIG level of the CLI snmp server community string ro rw where string is the community string and can be up to 32 char...

Page 719: ...m a BootP or TFTP server You can test new versions of code on a Foundry device or choose the preferred boot source from the console boot prompt without requiring a system reset NOTE It is very importa...

Page 720: ...n enter the following command at any Enable or CONFIG command prompt FESX424 Switch write memory Replacing the Running Configuration with the Startup Configuration If you want to back out of the chang...

Page 721: ...device creates The configuration file is a script containing CLI configuration commands The CLI reacts to each command entered from the file in the same way the CLI reacts to the command if you enter...

Page 722: ...ig already has a command to add an address to port 11 so the CLI responds like this FESX424 Switch config interface ethernet 11 FESX424 Switch config if e1000 11 ip add 10 10 10 69 24 Error can only a...

Page 723: ...the following command from the global CONFIG level of the CLI snmp server community string ro rw where string is the community string and can be up to 32 characters long 2 On the Foundry device enter...

Page 724: ...passed NOTE The scheduled reload feature requires the system clock You can use a Simple Network Time Protocol SNTP server to set the clock or you can set the device clock manually See Specifying a Si...

Page 725: ...t customer support 2 Flash read failed 3 Flash write preparation failed 4 Flash write failed 5 TFTP session timeout TFTP failed because of a time out Check IP connectivity and make sure the TFTP serve...

Page 726: ...error The specific error message describes the error Correct the error then retry the transfer 17 TFTP remote no such file 18 TFTP remote access violation 19 TFTP remote disk full 20 TFTP remote ille...

Page 727: ...option is enabled This chapter contains the topics listed in Table A 1 Overview A Foundry device s software can write syslog messages to provide information at the following severity levels Emergencie...

Page 728: ...ny level of the CLI For information about the Syslog configuration information time stamps and dynamic and static buffers see Displaying the Syslog Configuration on page A 4 Enabling Real Time Display...

Page 729: ...Router Power supply 2 power supply on left connector failed SYSLOG 14 FESX424 Router Interface ethernet 6 state down SYSLOG 14 FESX424 Router Interface ethernet 2 state up Configuring the Syslog Serv...

Page 730: ...agement interface option See Clearing the Syslog Messages from the Local Buffer on page A 9 overruns The number of times the dynamic log buffer has filled up and been cleared to hold new entries For e...

Page 731: ...sage The software does not overwrite the message for fan 2 unless the software sends a newer message for fan 2 When you clear log entries you can selectively clear the static or dynamic buffer or you...

Page 732: ...system time when the most recent message the one at the top was generated was October 15 at 5 38 PM and 3 seconds Example of Syslog Messages on a Device Whose Onboard Clock Is Not Set The example sho...

Page 733: ...10 0 0 99 Syntax logging host ip addr server name Specifying an Additional Syslog Server To specify an additional Syslog server enter the logging host ip addr command again as in the following exampl...

Page 734: ...efault number of messages is 50 The value can be from 1 1000 on Layer 2 Switches and Layer 3 Switches The change takes effect immediately and does not require you to reload the software NOTE If you de...

Page 735: ...er config ip show portname This command is applied globally to all interfaces on Layer 2 Switches and Layer 3 Switches Syntax no Ip show portname When you display the messages in the Syslog you see th...

Page 736: ...in syslog messages by entering the following command FESX424 Router config ip show service number in log Syntax no ip show service number in log Syslog Messages Table A 3 lists all of the Syslog mess...

Page 737: ...is treated as an authentication failure Alert MAC Authentication failed for mac address on portnum Port is already in another radius given vlan RADIUS authentication was successful for the specified...

Page 738: ...the following 1 Router 2 Network 3 Summary 4 Summary 5 External Alert OSPF Memory Overflow OSPF has run out of memory Alert Power supply num location failed A power supply has failed The num is the p...

Page 739: ...BGP4 session with the neighbor Informational user name login to PRIVILEGED mode A user has logged into the Privileged EXEC mode of the CLI The user name is the user name Informational user name login...

Page 740: ...IP ACL or MAC address filter but the port is a member of a virtual routing interface VE Informational DOT1X port portnum mac mac address cannot remove inbound ACL An error occurred while removing the...

Page 741: ...is not enough or the invalid information to set the dynamic assigned IP ACLs or MAC address filters 802 1X authentication could not take place on the port This happened because strict security mode wa...

Page 742: ...port s priority has changed Informational Port portnum srcip security max ipaddr per int reached Last IP ipaddr The address limit specified by the srcip security max ipaddr per interface command has...

Page 743: ...entered a user ID to log in Informational Syslog server IP address deleted added modified from console telnet ssh web snmp OR Syslog operation enabled disabled from console telnet ssh web snmp A user...

Page 744: ...erface portnum STP state state DOT1wTransition 802 1W changed the state of a port to a new state forwarding learning blocking If the port changes to blocking the bridge port is in discarding state Inf...

Page 745: ...dr is the IP address of the neighbor s BGP4 interface with the Foundry device Notification BGP Peer ip addr UP ESTABLISHED Indicates that a BGP4 neighbor has come up The ip addr is the IP address of t...

Page 746: ...rcuit id The Layer 3 Switch s adjacency with this Level 2 IS has come up The system id is the system ID of the IS The circuit id is the ID of the circuit over which the adjacency was established Notif...

Page 747: ...le was inserted to slot slot num Indicates that a module was inserted into a chassis slot The slot num is the number of the chassis slot into which the module was inserted Notification Module was remo...

Page 748: ...e Foundry device The src ip addr is the IP address of the interface from which the Foundry device received the authentication failure The error type can be one of the following bad version area mismat...

Page 749: ...he src ip addr is the IP address of the interface from which the Foundry device received the error packet The error type can be one of the following bad version area mismatch unknown NBMA neighbor unk...

Page 750: ...unknown Notification OSPF intf rcvd bad pkt Bad Checksum rid ip addr intf addr ip addr pkt size num checksum num pkt src addr ip addr pkt type type The device received an OSPF packet that had an inva...

Page 751: ...packet is not on the Foundry device s list of OSPF neighbors The parameters are the same as for the Bad Checksum message Notification OSPF intf retransmit rid router id intf addr ip addr nbr rid nbr...

Page 752: ...e area id is the OSPF area The lsa type is the type of LSA The lsa id is the LSA ID The lsa router id is the LSA router ID Notification OSPF nbr state changed rid router id nbr addr ip addr nbr rid nb...

Page 753: ...routing interface authentication failure has occurred The router id is the router ID of the Foundry device The ip addr is the IP address of the interface on the Foundry device The src ip addr is the...

Page 754: ...nterface on the Foundry device The src ip addr is the IP address of the interface from which the Foundry device received the error packet The error type can be one of the following bad version area mi...

Page 755: ...te link state ack unknown Notification OSPF virtual intf retransmit rid router id intf addr ip addr nbr rid nbr router id pkt type is pkt type LSA type lsa type LSA id lsa id LSA rid lsa router id An...

Page 756: ...of the following down loopback waiting point to point designated router backup designated router other designated router unknown Notification OSPF virtual nbr state changed rid router id nbr addr ip a...

Page 757: ...igured on an interface and the maximum burst size for TCP packets on the interface has been exceeded The portnum is the port number The first num is the maximum burst size maximum number of packets al...

Page 758: ...of the denied packets The src ip addr is the source IP address of the denied packets The src tcp udp port is the source TCP or UDP port if applicable of the denied packets The portnum indicates the p...

Page 759: ...of 100 prefixes and 75 percent as the warning threshold this message is generated if the Layer 3 Switch receives a 76th prefix from the neighbor Warning NTP server ip addr failed to respond Indicates...

Page 760: ...Foundry Configuration Guide for the FESX FSX and FWSX A 34 Foundry Networks Inc December 2005...

Page 761: ...ow version command FESX424 Router show version Syntax show version Table B 1 Chapter Contents Description See Page Basic Management All Foundry products support basic management tasks such as viewing...

Page 762: ...tatistics Port statistics are polled by default every 10 seconds You can view statistics for ports by entering the following show commands show interfaces show configuration show statistics To display...

Page 763: ...eceived The count includes rejected and local packets that are not sent to the switching core for transmission OutPkts The total number of good packets sent The count includes unicast multicast and br...

Page 764: ...ad Alignment errors or phy errors LateCollisions The total number of packets received in which a Collision event was detected but for which a receive error Rx Error event was not detected InGiantPkts...

Page 765: ...lear commands are found at the Privileged EXEC level RMON Support The Foundry RMON agent supports the following groups The group numbers come from the RMON specification RFC 1757 Statistics RMON Group...

Page 766: ...NMP numbers of the ports start at 1 and increase sequentially For example if you are using a Chassis device and slot 1 contains an 8 port module the SNMP number of the first port in slot 2 is 9 The ph...

Page 767: ...ber of packets received that were less than 64 octets long and had either a bad FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error It is...

Page 768: ...ming bits but does include FCS octets 65 to 127 octets pkts The total number of packets received that were 65 127 octets long This number includes bad packets This number does not include framing bits...

Page 769: ...time sample type threshold type threshold value event number threshold type threshold value event number owner text string Event RMON Group 9 There are two elements to the Event Group the event contro...

Page 770: ...enable sFlow the feature uses the source address 0 0 0 0 To display the agent_address enable sFlow then enter the show sflow command See Enabling sFlow Forwarding on page B 14 and Displaying sFlow Inf...

Page 771: ...ng sFlow To configure sFlow Specify collector information The collector is the external device to which you are exporting the sFlow data You can specify up to four collectors Optional Change the polli...

Page 772: ...ations The sampling rate is a fraction in the form 1 N meaning that on average one out of every N packets will be sampled The sflow sample command at the global level or port level specifies N the den...

Page 773: ...s the valid sampling rates In addition the software will round the value you enter up to the nearest value listed You can display the rates you entered the configured rates as well as the rates rounde...

Page 774: ...er of 2 The actual sampling rate becomes one of the values listed in Changing the Default Sampling Rate Enabling sFlow Forwarding sFlow exports data only for the interfaces on which you enable sFlow f...

Page 775: ...12 actual rate 512 Subsampling factor 1 Port 5 17 configured rate 1500 actual rate 2048 Subsampling factor 4 Port 5 16 configured rate 1500 actual rate 2048 Subsampling factor 4 Port 5 15 configured r...

Page 776: ...gured default sampling rate The configured global sampling rate If you changed the global sampling rate the value you entered is shown here The actual rate calculated by the software based on the valu...

Page 777: ...four bandwidth utilization lists Command Syntax To configure an uplink utilization list enter commands such as the following The commands in this example configure a link utilization list with port 1...

Page 778: ...eason the percentages for the two downlink ports equal 100 In some cases the percentages do not always equal 100 This is true in cases where the ports exchange some traffic with other ports in the sys...

Page 779: ...LANs and static MAC entries Configure protocol based VLANs IP sub net VLANs and IPX network VLANs within standard 802 1d port based VLANs Learn or drop RIP routes on incoming traffic based on network...

Page 780: ...l ports The following table lists the scope for each type of policy and filter Default Filter Actions By default no policies or filters are defined on Foundry devices The following table lists the def...

Page 781: ...t use Layer 2 filters to filter for Layer 4 information To filter for Layer 4 information use IP access policies filters Table C 3 Default Policy and Filter Actions Policy or Filter Type Default actio...

Page 782: ...the order in which you list them in a port s inbound or outbound filter list For example if you apply three filters 3 2 and 1024 to port 1 1 s outbound filter list the filters are applied in the foll...

Page 783: ...are merged However the resulting priority is never lower than the highest priority Syntax Use the following CLI commands to configure QoS policies Layer 3 Policies Layer 3 policies are rules that cont...

Page 784: ...device drops the packet See the chapter Configuring Virtual LANs VLANs on page 11 1 for configuration rules and examples Actions A Foundry device forwards a packet if its Layer 3 protocol information...

Page 785: ...then apply it to an interface The filter applies only to incoming traffic on the interface NOTE MAC filters do not block management access to the Foundry device For example if you apply a filter to bl...

Page 786: ...ed by the port Figure B 6 shows an example of an address lock filter In this example the Foundry device is configured to learn only two MAC addresses on port 3 1 After the device learns two addresses...

Page 787: ...Layer 3 Filters Layer 3 filters control a Foundry device s transmission and receipt of packets based on routing protocol information in the packets Foundry devices provide the following types of Laye...

Page 788: ...d IP access policies See IP Access Policies on page B 10 RIP Route Filters RIP route filters control the routes that a Foundry device learns and advertises Figure B 7 shows an example of a port with R...

Page 789: ...ter does not affect advertisements received by the Foundry device from 192 99 26 1 24 The Foundry device can still learn RIP routes from this neighbor Figure C 3 RIP neighbor filters Actions A RIP nei...

Page 790: ...etwork address in BGP4 updates the Foundry device sends to a BGP4 neighbor Scope You define BGP4 address filters globally then apply them as part of a BGP4 neighbor s distribute list or as part of a m...

Page 791: ...You define BGP4 AS path filters globally then apply them as part of a BGP4 neighbor s distribute list or as part of a match statement in a route map Syntax Use the following CLI commands to configure...

Page 792: ...metric To configure redistribution you configure redistribution filters in the protocol that will receive the routes Redistribution is disabled by default in RIP and OSPF and enabled by default in BG...

Page 793: ...tch or you can set the metric on redistributed routes By setting the metric you can cause the router to prefer RIP routes or redistributed routes to the specified network Actions RIP redistribution fi...

Page 794: ...ribution filters globally Syntax Use the following CLI commands to configure OSPF redistribution filters BGP4 Redistribution Filters BGP4 redistribution filters control redistribution of routes from o...

Page 795: ...onfigure BGP4 redistribution filters NOTE The optional match internal external1 external2 argument applies only to OSPF Table C 18 BGP4 Redistribution Filters CLI syntax FESX424 Router config bgp rout...

Page 796: ...Foundry Configuration Guide for the FESX FSX and FWSX C 18 Foundry Networks Inc December 2005...

Page 797: ...he FESX and FSX support many of the applicable system level Layer 2 and Layer 3 features supported on the BigIron Chassis devices The FWSX supports system level and Layer 2 features only It does not s...

Page 798: ...FSX PREM Full Layer 3 Layer 2 FWSX424 FWSX448 Layer 2 Layer 2 Table D 2 List of Supported Features Category Description and Configuration Notes Supported on FSX FESX FWSX Management Features Access Co...

Page 799: ...r statically configured trunk groups X X X Auto MDI MDIX X X X Broadcast multicast and unknown unicast rate limiting X X X DiffServ support X X X Foundry Discovery Protocol FDP Cisco Discovery Protoco...

Page 800: ...t up to 4 port trunk groups trunk groups on these devices can have 2 3 or 4 ports X X X Layer 2 Features 802 1d Spanning Tree Support Enhanced IronSpan support includes Fast Port Span and Single insta...

Page 801: ...ivate VLANS Protocol VLANs IPv4 and dynamic IPv6 X X X Layer 3 Subnet VLANs IP subnet network X X Super Aggregated VLANs X X X Virtual routing interfaces X X X VLAN groups X X X Wire speed Layer 2 Swi...

Page 802: ...SX support starts in release 02 0 00 X X RIP V1 and V2 FESX support starts in release 02 0 00 X X Route only support FSX devices support disabling Layer 2 Switching at the CLI Interface level as well...

Page 803: ...filters X X X Jumbo frames on all models except FES12GCF X NetFlow X X X Outbound ACLs X X X Outbound rate limiting X X X Protected link groups X X X Server trunk groups for Layer 3 traffic Server tr...

Page 804: ...g Tree X X X 802 1x Port based Authentication Dynamic VLAN ACL and MAC Filter Group Assignment X X X 802 3 10Base T X X X 802 3 Ethernet Like MIB X X X 802 3ab 1000Base T X 802 3ad Link Aggregation Dy...

Page 805: ...X X 826 Ethernet Address Resolution Protocol ARP X X 854 855 and 857 Telnet X X X 894 IP over Ethernet frames X X 903 Reverse ARP RARP X X 906 Bootstrap loading using TFTP X X 919 Broadcast Internet...

Page 806: ...ts X X X 1516 Repeater MIB X X 1519 Classless Inter Domain Routing CIDR an Address Assignment and Aggregation Strategy X X 1541 and 1542 Dynamic Host Configuration Protocol DHCP X X X 1573 SNMP MIB II...

Page 807: ...ormation Base for the User Datagram Protocol using SMIv2 X X 2030 Simple Network Time Protocol SNTP version 4 X X 2068 HTTP X X X 2096 IP Forwarding MIB X X 2131 BootP DHCP Relay X X 2138 Remote Authe...

Page 808: ...X X X 2576 Coexistence between Version 1 Version 2 and Version 3 of the Internet standard Network Management Framework X X 2578 Structure of Management Information Version 2 SMIv2 X X 2579 Textual Co...

Page 809: ...rmation Base MIB for the Simple Network Management Protocol SNMP X X X AAA X X X Bi level access mode standard and EXEC level X X X DVMRP V3 07 X X HTTP and HTTPS X X X IGMP Snooping versions 1 2 and...

Page 810: ...owing Internet drafts ietf idmr dvmrp version 3 05 obsoletes RFC 1075 draft ietf pim dm 05 V1 draft ietf pim v2 dm 03 V2 draft katz yeung ospf traffic 03 txt MSDP TACACS Protocol version 1 78 NOTE Fou...

Page 811: ...chen F hrungen an jeder Seite des Netzteils das ordnungegem in die F hrungen gesteckt werden muss Das Netzteil darf niemals umgedreht eingesteckt werden MISE EN GARDE Suivez attentivement les rep res...

Page 812: ...HT Stellen Sie sicher dass an der Vorderseite den Seiten und an der R ckseite der Luftstrom nicht behindert wird MISE EN GARDE V rifiez que rien ne restreint la circulation d air devant derri re et su...

Page 813: ...gspersonal mit Spezialwerkzeug Schl ssel oder anderen Sicherheitsvorrichtungen Zugang hat Dieser Zugang wird von f r den Bereich zust ndigen Personen berwacht MISE EN GARDE Tous les dispositifs avec b...

Page 814: ...ue este no se conectar con el enchufe posterior de esta forma El suministro de potencia estar con la cara correcta hacia arriba cuando el conector de corriente quede a la izquierda y la abertura del v...

Page 815: ...du slot en place Si vous faites fonctionner le ch ssis avec un slot d couvert le syst me surchauffera PRECAUCI N Si no instala un m dulo en la ranura deber mantener el panel de ranuras en su lugar Si...

Page 816: ...interfaces de fibra ptica utilizan l ser de clase 1 WARNING Make sure the rack or cabinet housing the device is adequately secured to prevent it from becoming unstable or falling over ACHTUNG Stellen...

Page 817: ...s poign es des unit s de bloc d alimentation pour soulever ou porter un dispositif en ch ssis ADVERTENCIA No use las asas de las unidades de suministro de corriente para alzar o transportar un instrum...

Page 818: ...istro El instrumento puede estar activado cuando se est instalando o retirando un suministro de corriente pero el suministro de corriente en s no deber estar conectado a la fuente de corriente De no h...

Page 819: ...dispositivo de circuito apropiado dependiendo del n mero de suministros de CA instalados en el chasis La llamada de corriente m xima para el sistema es de un suministro de CA WARNING Be careful not to...

Page 820: ...Foundry Configuration Guide for the FESX FSX and FWSX E 10 Foundry Networks Inc December 2005...

Reviews:

No comments

Related manuals for FastIron Edge Switch X424

ABB EDS500 Series Operating Instruction preview
EDS500 Series
Brand: ABB Pages: 7
ABB Sense7 Series Original Instructions Manual preview
Sense7 Series
Brand: ABB Pages: 15
ABB NAL Series Mounting And Operation Manual preview
NAL Series
Brand: ABB Pages: 32
ABB VUBB User Manual preview
VUBB
Brand: ABB Pages: 44
N-Tron 100 Series User Manual & Installation Manual preview
100 Series
Brand: N-Tron Pages: 20
Barksdale 9000 Series Operating Instructions preview
9000 Series
Brand: Barksdale Pages: 5
Barksdale 8000 Series Operating Instructions Manual preview
8000 Series
Brand: Barksdale Pages: 6
S&C 2000 series Instructions For Field Assembly And Installation preview
2000 series
Brand: S&C Pages: 26
S&C 2000 series Installation Manual preview
2000 series
Brand: S&C Pages: 28
S&C 2000 series Installation And Operation Manual preview
2000 series
Brand: S&C Pages: 37
D-Link DKVM-IP1 Manual preview
DKVM-IP1
Brand: D-Link Pages: 73
La Toulousaine 1400 Installation Manual preview
1400
Brand: La Toulousaine Pages: 6
JDS Uniphase SB Series User Manual preview
SB Series
Brand: JDS Uniphase Pages: 40
Magnetrol T20 Series Instruction Manual And Replacement Parts List preview
T20 Series
Brand: Magnetrol Pages: 12
Magnetrol T20 Series Installation And Operating Manual preview
T20 Series
Brand: Magnetrol Pages: 24
ABLE 6 Series Installation & Maintenance Instructions preview
6 Series
Brand: ABLE Pages: 5
TAMS 1800 Series Installation & Operation Manual preview
1800 Series
Brand: TAMS Pages: 28
D-Link DFE-550TX Datasheet preview
DFE-550TX
Brand: D-Link Pages: 2

Brands by name

Popular brands

Load more brands