Foundry Networks FastIron Edge Switch X424 Скачать руководство пользователя

Страница: 1 / 820

Foundry FastIron X-Series

Configuration Guide

FastIron Edge Switch X-Series

FastIron Workgroup Switch X-Series

FastIron SuperX Switch

2100 Gold Street

P.O. Box 649100

San Jose, CA 95164-9100

Tel 408.586.1700

Fax 408.586.1900

December 2005

™

Содержание FastIron Edge Switch X424

Страница 1: ...Series Configuration Guide FastIron Edge Switch X Series FastIron Workgroup Switch X Series FastIron SuperX Switch 2100 Gold Street P O Box 649100 San Jose CA 95164 9100 Tel 408 586 1700 Fax 408 586...

Страница 2: ...e property of Foundry or other third parties You are not permitted to use these Marks without the prior written consent of Foundry or such appropriate third party Foundry Networks BigIron FastIron Iro...

Страница 3: ...APPLICATIONS 2 1 LOGGING ON THROUGH THE CLI 2 1 ON LINE HELP 2 2 COMMAND COMPLETION 2 2 SCROLL CONTROL 2 2 LINE EDITING COMMANDS 2 3 USING SLOT AND PORT NUMBERS WITH CLI COMMANDS 2 3 SEARCHING AND FI...

Страница 4: ...LEX MODE 3 15 CONFIGURING MDI MDIX 3 16 DISABLING OR RE ENABLING A PORT 3 16 DISABLING OR RE ENABLING FLOW CONTROL 3 17 CHANGING THE GIGABIT FIBER NEGOTIATION MODE 3 17 MODIFYING PORT PRIORITY QOS 3 1...

Страница 5: ...ENABLING OR DISABLING LAYER 2 SWITCHING 5 7 CONFIGURATION NOTES 5 7 COMMAND SYNTAX 5 8 CHAPTER 6 CONFIGURING POWER OVER ETHERNET 6 1 POWER OVER ETHERNET OVERVIEW 6 1 TERMS USED IN THIS SECTION 6 2 ME...

Страница 6: ...SPAN 7 16 802 1W RAPID SPANNING TREE RSTP 7 18 802 1W DRAFT 3 7 53 SINGLE SPANNING TREE SSTP 7 56 STP PER VLAN GROUP 7 58 PVST PVST COMPATIBILITY 7 61 OVERVIEW OF PVST AND PVST 7 62 VLAN TAGS AND DUA...

Страница 7: ...ALL PORTS 9 4 DISPLAYING INFORMATION FOR A SINGLE PORT 9 5 CLEARING UDLD STATISTICS 9 6 CHAPTER 10 CONFIGURING TRUNK GROUPS AND DYNAMIC LINK AGGREGATION 10 1 TRUNK GROUP OVERVIEW 10 1 TRUNK GROUP CON...

Страница 8: ...OUTING INTERFACES LAYER 3 SWITCHES ONLY 11 14 DYNAMIC PORT ASSIGNMENT LAYER 2 SWITCHES AND LAYER 3 SWITCHES 11 15 ASSIGNING A DIFFERENT VLAN ID TO THE DEFAULT VLAN 11 15 ASSIGNING TRUNK GROUP PORTS 11...

Страница 9: ...ION 11 59 DISPLAYING VLAN INFORMATION FOR SPECIFIC PORTS 11 60 CHAPTER 12 RULE BASED IP ACCESS CONTROL LISTS ACLS 12 1 ACL OVERVIEW 12 2 TYPES OF IP ACLS 12 2 ACL IDS AND ENTRIES 12 2 NUMBERED AND NAM...

Страница 10: ...ON 13 1 PROCESSING OF CLASSIFIED TRAFFIC 13 2 QOS QUEUES 13 6 ASSIGNING QOS PRIORITIES TO TRAFFIC 13 7 MARKING 13 8 CONFIGURING DSCP BASED QOS 13 8 APPLICATION NOTES 13 8 USING ACLS TO HONOR DSCP BASE...

Страница 11: ...LICIES 15 10 CHAPTER 16 CONFIGURING IP 16 1 BASIC CONFIGURATION 16 1 OVERVIEW 16 2 IP INTERFACES 16 2 IP PACKET FLOW THROUGH A LAYER 3 SWITCH 16 3 IP ROUTE EXCHANGE PROTOCOLS 16 7 IP MULTICAST PROTOCO...

Страница 12: ...4 CHAPTER 17 CONFIGURING RIP 17 1 RIP OVERVIEW 17 1 ICMP HOST UNREACHABLE MESSAGE FOR UNDELIVERABLE ARPS 17 2 RIP PARAMETERS AND DEFAULTS 17 2 RIP GLOBAL PARAMETERS 17 2 RIP INTERFACE PARAMETERS 17 3...

Страница 13: ...MULTICAST GROUP 19 6 PIM DENSE 19 6 INITIATING PIM MULTICASTS ON A NETWORK 19 6 PRUNING A MULTICAST TREE 19 7 GRAFTS TO A MULTICAST TREE 19 8 PIM DM VERSIONS 19 8 CONFIGURING PIM DM 19 9 FAILOVER TIME...

Страница 14: ...1 OVERVIEW OF OSPF 20 1 OSPF POINT TO POINT LINKS 20 3 DESIGNATED ROUTERS IN MULTI ACCESS NETWORKS 20 4 DESIGNATED ROUTER ELECTION IN MULTI ACCESS NETWORKS 20 4 OSPF RFC 1583 AND 2178 COMPLIANCE 20 5...

Страница 15: ...YING OSPF INTERFACE INFORMATION 20 42 DISPLAYING OSPF ROUTE INFORMATION 20 43 DISPLAYING OSPF EXTERNAL LINK STATE INFORMATION 20 45 DISPLAYING OSPF LINK STATE INFORMATION 20 46 DISPLAYING THE DATA IN...

Страница 16: ...RST MEDS 21 32 CONFIGURING ROUTE REFLECTION PARAMETERS 21 32 CONFIGURING CONFEDERATIONS 21 34 AGGREGATING ROUTES ADVERTISED TO BGP4 NEIGHBORS 21 37 MODIFYING REDISTRIBUTION PARAMETERS 21 37 REDISTRIBU...

Страница 17: ...FRESH FROM A BGP4 NEIGHBOR 21 102 CLOSING OR RESETTING A NEIGHBOR SESSION 21 105 CLEARING AND RESETTING BGP4 ROUTES IN THE IP ROUTE TABLE 21 106 CLEARING TRAFFIC COUNTERS 21 106 CLEARING ROUTE FLAP DA...

Страница 18: ...NG THE BLOCK SIZE FOR TFTP FILE TRANSFERS 23 7 REBOOTING 23 7 LOADING AND SAVING CONFIGURATION FILES 23 7 REPLACING THE STARTUP CONFIGURATION WITH THE RUNNING CONFIGURATION 23 8 REPLACING THE RUNNING...

Страница 19: ...ONFIGURATION INFORMATION B 2 VIEWING PORT STATISTICS B 2 VIEWING STP STATISTICS B 5 CLEARING STATISTICS B 5 RMON SUPPORT B 5 STATISTICS RMON GROUP 1 B 6 HISTORY RMON GROUP 2 B 8 ALARM RMON GROUP 3 B 9...

Страница 20: ...tworks Inc December 2005 APPENDIX D SOFTWARE FEATURES AND SPECIFICATIONS D 1 FEATURE HIGHLIGHTS D 1 SUPPORTED FEATURES D 2 UNSUPPORTED FEATURES D 7 IEEE COMPLIANCE D 8 RFC SUPPORT D 9 INTERNET DRAFTS...

Страница 21: ...Layer 3 switch This guide includes procedures for configuring the software The software procedures show how to perform tasks using the CLI This guide also describes how to monitor Foundry products us...

Страница 22: ...elease 02 3 01 combined FESX FSX FWSX release 02 2 00 combined FESX FWSX release 02 1 01 02 0 00 01 1 00 01 0 00 For the FastIron SuperX Switch 02 2 01 02 2 00 02 1 00 02 0 01 NOTE Software releases f...

Страница 23: ...re Installation Guide provides hardware installation procedures for the FastIron chassis devices FSX Foundry FastIron Stackable Hardware Installation Guide provides hardware installation procedures fo...

Страница 24: ...technical support will ensure that the fast and easy access that you have come to expect from your Foundry Networks products will be maintained Web Access http www foundrynetworks com Email Access Tec...

Страница 25: ...mmands in the CLI are organized into the following levels User EXEC Lets you display information and perform basic tasks such as pings and traceroutes Privileged EXEC Lets you use the same commands as...

Страница 26: ...nvalid command followed by a message appears indicating the command was unrecognized For example FESX424 Router config rooter ip Unrecognized command Command Completion The CLI supports command comple...

Страница 27: ...y only to Chassis devices Here is an example The following commands change the CLI from the global CONFIG level to the configuration level for the first port on the device FSX commands FastIron SuperX...

Страница 28: ...filters the output of the show interface command for port 3 11 so it displays only lines containing the word Internet This command can be used to display the IP address of the interface FastIron Supe...

Страница 29: ...e Foundry device displays output starting from the first line that contains the search string similar to the begin option for show commands For example To display lines containing only a specified sea...

Страница 30: ...hes the output against the search string These special characters are listed in the following table Table 2 3 Special Characters for Regular Expressions Character Operation The period matches on any s...

Страница 31: ...sion matches output that ends with deg deg _ An underscore matches on one or more of the following comma left curly brace right curly brace left parenthesis right parenthesis The beginning of the inpu...

Страница 32: ...igure 2 1 Web Management Interface Login Panel NOTE If you are unable to connect with the device through a Web browser due to a proxy problem it may be necessary to set your Web browser to direct Inte...

Страница 33: ...curity Guide Navigating the Web Management Interface When you log into a device the System configuration panel is displayed This panel allows you to enable or disable major system features You can ret...

Страница 34: ...ace by using one of the following methods Using the CLI you can modify the appearance of the Web management interface with the web management command To cause the Web management interface to display t...

Страница 35: ...oes not include an option to display the tree view 6 When you have finished click the Apply button on the panel then click the Refresh button on your browser to activate the changes 7 To save the conf...

Страница 36: ...Foundry Configuration Guide for the FESX FSX and FWSX 2 12 Foundry Networks Inc December 2005...

Страница 37: ...ese system level parameters at the Global CONFIG level of the CLI This chapter contains procedures for configuring the following parameters NOTE Before assigning or modifying any router parameters you...

Страница 38: ...e zappa zappa config snmp server contact Support Services zappa config snmp server location Centerville zappa config end zappa write memory Syntax hostname string Syntax snmp server contact string Syn...

Страница 39: ...receiver and encrypt the display of the community string enter commands such as the following To specify an SNMP trap receiver and change the UDP port that will be used to receive traps enter a comma...

Страница 40: ...trap source ethernet 4 FESX424 Switch config write memory Syntax snmp server trap source loopback num ethernet slotnum portnum ve num The num parameter is a loopback interface or virtual interface num...

Страница 41: ...devices running Layer 2 software SNMP authentication keys Power supply failure Fan failure Cold start Link up Link down Bridge new root Bridge topology change Locked address violation Layer 3 Traps Th...

Страница 42: ...level apply to access through the serial connection or Telnet The following examples show login and logout messages for the User EXEC and Privileged EXEC levels of the CLI Syntax show logging The fir...

Страница 43: ...bered IP address configured on a virtual interface as the device s source for all Telnet packets enter commands such as the following FESX424 Switch config int loopback 2 FESX424 Switch config lbif 2...

Страница 44: ...d date NOTE Foundry devices do not retain time and date information across power cycles Unless you want to reconfigure the system time counter each time the system is reset Foundry Networks recommends...

Страница 45: ...t was received from the peer poll Poll interval in seconds delay Round trip delay in milliseconds disp Dispersion in seconds Table 3 4 Output from the show sntp status command This Field Indicates uns...

Страница 46: ...05 on October 15 2003 enter the following command FESX424 Switch clock set 10 15 05 10 15 2003 Syntax no clock set hh mm ss mm dd yy mm dd yyyy By default Foundry switches and routers do not change t...

Страница 47: ...Command Syntax To enable broadcast limiting on a group of ports enter commands such as the following FESX424 Switch config interface ethernet 1 to 8 FESX424 Switch config mif e1000 1 8 broadcast limit...

Страница 48: ...er command When you access the Web management interface the banner is displayed Setting a Privileged EXEC CLI Level Banner You can configure the Foundry device to display a message when a user enters...

Страница 49: ...name text The text parameter is an alphanumeric string The name can be up to 64 characters long The name can contain blanks You do not need to use quotation marks around the string even when it contai...

Страница 50: ...ort will advertise 10 Mbps capability to the connected device The port speed down shift and maximum port speed advertisement features operate dynamically at the physical link layer between two connect...

Страница 51: ...nfig link config gig copper autoneg control 10m e 1 To configure a maximum port speed advertisement of 100 Mbps on a port that has auto negotiation enabled enter the following command at the Global CO...

Страница 52: ...hus these commands work whether auto negotiation is turned ON or OFF Do not use the mdi mdix commands on ports that are manually configured with a speed duplex of 100 full In this case make sure the o...

Страница 53: ...to perform a handshake with the other port to exchange capability information Negotiation off The port does not try to perform a handshake Instead the port uses configuration information manually con...

Страница 54: ...packets cdp run command Some VoIP phones may require a reboot after configuring or re configuring a voice VLAN ID For example if your VoIP phone queries for VLAN information only once upon boot up you...

Страница 55: ...have a configured voice VLAN To view the voice VLAN for all ports use the show voice vlan command The following example shows the command output results Syntax show voice vlan port num FESX424 Switch...

Страница 56: ...Foundry Configuration Guide for the FESX FSX and FWSX 3 20 Foundry Networks Inc December 2005...

Страница 57: ...the Global CONFIG level of the CLI This chapter contains the topics listed in Table 4 1 NOTE Before assigning or modifying any router parameters you must assign the IP subnet interface addresses for...

Страница 58: ...7 48 Port 49 Port 50 FastIron SuperX Management Module Ports 1 12 24 port Gigabit Ethernet Copper Interface Module Ports 1 12 Ports 13 24 24 port Gigabit Ethernet Fiber Interface Module Ports 1 12 Por...

Страница 59: ...in 60 second intervals If you set the MAC age time to 0 aging is disabled NOTE The actual age time is from one to two times the configured value For example if you set the MAC age time to 60 seconds...

Страница 60: ...does not have more than one port based VLAN VLAN 1 which is the default VLAN that contains all the ports the static mac address command is at the global CONFIG level of the CLI If the device has more...

Страница 61: ...lly then apply them to individual interfaces To apply MAC filters to an interface you add the filters to that interface s MAC filter group The device takes the action associated with the first matchin...

Страница 62: ...r on the port Syntax mac filter filter num permit deny any H H H any H H H The permit deny argument determines the action the software takes when a match occurs The src mac mask any parameter specifie...

Страница 63: ...rst log entry the software generates another log entry and SNMP trap for denied packets Configuration Notes MAC filter logging is supported in the following FastIron configurations FESX devices runnin...

Страница 64: ...maximum number of entries the tables can hold You can adjust individual table sizes to accommodate your configuration needs The tables you can configure as well the defaults and valid ranges for each...

Страница 65: ...0 System Parameters Default Maximum Current ip arp 4000 64000 4000 ip static arp 512 1024 512 atalk route 1024 1536 1024 atalk zone port 64 255 64 atalk zone sys 768 2048 768 multicast route 64 8192 6...

Страница 66: ...mum Current ip arp 4000 64000 4000 ip static arp 512 1024 512 atalk route 1024 1536 1024 atalk zone port 64 255 64 atalk zone sys 768 2048 768 multicast route 64 8192 64 dvmrp route 2048 32000 2048 dv...

Страница 67: ...o 64 then increase the total number of IP interfaces you can configure on the device from 256 to 512 enter the following commands Syntax system max subnet per interface num The num parameter specifies...

Страница 68: ...ports 1 and 13 can Each 10 Gigabit port can have one ingress mirror port and one egress mirror port You can configure up to eight egress monitored ports You can configure any number of ingress monito...

Страница 69: ...This parameter configures the mirror port exclusively for ingress or egress traffic If you do not specify one both types of traffic apply The both in out parameters specify the traffic direction you w...

Страница 70: ...Foundry Configuration Guide for the FESX FSX and FWSX 4 14 Foundry Networks Inc December 2005...

Страница 71: ...network since incoming traffic can learn directly connected routes advertised by the Foundry device but outgoing traffic to other devices must use statically configured or default routes The Base Lay...

Страница 72: ...you want to pre configure an entry for a device that is not connected to the Foundry device or you want to prevent a particular entry from aging out The software removes a dynamic entry from the ARP c...

Страница 73: ...increase the limit for one of the parameters you must first decrease one or both of the other parameters limits If you enter a value that exceeds the memory limit the CLI will display an error message...

Страница 74: ...must enable the protocol globally then enable RIP on individual ports When you enable RIP on a port you also must specify the version version 1 only version 2 only or version 1 compatible with versio...

Страница 75: ...licable to static routes Enable redistribution NOTE If you plan to configure redistribution filters do not enable redistribution until you have configured the filters When you enable redistribution al...

Страница 76: ...parameters you need to enable redistribution To enable RIP redistribution enter the following command FESX424 Router config rip router redistribution Syntax no redistribution Enabling Learning of Def...

Страница 77: ...e a system reset before the protocol will be active on the system PIM DVMRP and RIP To reset a system enter the reload command at the privileged level of the CLI To enable a protocol on a device runni...

Страница 78: ...X424 Router reload To re enable Layer 2 switching on a Layer 3 Switch enter the following FESX424 Router config no route only FESX424 Router config exit FESX424 Router write memory FESX424 Router relo...

Страница 79: ...rements for delivering power over the LAN as defined by the Institute of Electrical and Electronics Engineers Inc IEEE in the 802 3af specification Table 6 1 Chapter Contents Description See Page Over...

Страница 80: ...ng equipment Methods for Delivering POE There are two methods for delivering power over the network as defined in the 802 3af specification Endspan Power is supplied through the Ethernet ports on a po...

Страница 81: ...E Endspan Delivery Method IP phone Power and data signals travel along the same pairs of wires at different frequencies CONSOLE POWER PS1 PS2 ACT LINK 49F 50F FastIron Edge 4802 POE 37 38 39 40 41 42...

Страница 82: ...zero Table 6 3 shows the different power classes and their respective power consumption needs Power Specifications The actual implementation of the 802 3af standard limits power to 15 4W 44V to 57V f...

Страница 83: ...IronPoint Access Point allows wireless clients to connect to your enterprise network It is a full featured access point that can be managed as a single device or by IronView Network Manager a network...

Страница 84: ...evice the power level or power class takes precedence over the CDP power requirement Therefore if you want the device to adhere to the CDP power requirement do not configure a power level or power cla...

Страница 85: ...E power level to 14 000 milliwatts 14 watts Syntax inline power power limit power level where power level is the number of milliwatts between 1000 and 15400 The default is 15400 For information about...

Страница 86: ...or power than the POE power supply or supplies can provide the FSX must place the POE ports that it cannot power in standby or denied mode waiting for power until the available power increases The ava...

Страница 87: ...ty power class and maximum power level you must specify each POE parameter in the CLI command line This section provides some examples EXAMPLE To change a POE port s power priority from high to low th...

Страница 88: ...D Class Pri Fault State State Consumed Allocated Error 4 1 On On 5070 9500 802 3af n a 3 n a 4 2 On On 1784 9500 Legacy n a 3 n a 4 3 On On 2347 9500 802 3af n a 3 n a 4 4 On On 2441 9500 Legacy n a 3...

Страница 89: ...owing ON The POE power supply is delivering in line power to the powered device OFF The POE power supply is not delivering in line power to the powered device DENIED The port is in standby mode waitin...

Страница 90: ...while in standby mode waiting for power Ports with a higher priority will receive power before ports with a low priority This value can be one of the following 3 low priority 2 high priority 1 critic...

Страница 91: ...e following command FastIron SuperX Switch show inline power detail Power Supply Data Power Supply 1 Firmware Ver 0 2 Date 3 15 5 H W Status 807 Max Curr 26 5 Amps Voltage 50 0 Volts Capacity 1325 Wat...

Страница 92: ...0 2 24 0 24 0 0 0 0 3 24 0 23 1 0 1 0 4 24 0 23 1 0 1 1 5 24 0 24 0 0 0 0 6 24 0 24 0 0 0 0 7 24 0 24 0 0 0 0 8 24 0 24 0 0 0 0 Total 192 0 190 2 0 2 1 Cumulative Port Power Data Slot Ports Ports Port...

Страница 93: ...dule s slot number s firmware version Cumulative Port State Data Slot The Interface module slot number Ports Admin On The number of ports on the Interface module on which the inline power command was...

Страница 94: ...l number of watts consumed by both POE power consuming devices and the POE module daughter card attached to the Interface module Power Allocation The number of watts allocated to the Interface module...

Страница 95: ...s Chapter Contents Table 7 1 Chapter Contents Description See Page Overview of STP 7 2 Configuring standard STP parameters 7 2 STP Parameters and defaults 7 2 Enabling and disabling STP 7 4 Changing S...

Страница 96: ...device s ports Thus by default each Foundry device has one spanning tree However if you configure additional port based VLANs on a Foundry device then each of those VLANs on which STP is enabled and V...

Страница 97: ...forwarding state respectively The forward delay value is also used for the age time of dynamic entries in the filtering database when a topology change occurs 15 seconds Possible values 4 30 seconds M...

Страница 98: ...ing STP Globally Use the following method to enable or disable STP on a device on which you have not configured port based VLANs NOTE When you configure a VLAN the VLAN inherits the global STP setting...

Страница 99: ...n this example changes the priority on a device on which you have not configured port based VLANs The change applies to the default VLAN If you have configured a port based VLAN on the device you can...

Страница 100: ...iority is 8 NOTE If you are upgrading a device that has a configuration saved under an earlier software release and the configuration contains a value from 0 7 for a port s STP priority the software c...

Страница 101: ...ect statistics To clear the BPDU drop counter for a specific port that has STP Protection enabled enter the following command at the Global CONFIG level of the CLI FESX424 Switch config clear stp prot...

Страница 102: ...g to VLAN number in ascending order The entry number is not the same as the VLAN number For example if you have port based VLANs 1 10 and 2024 then the command output has three STP entries To display...

Страница 103: ...ee Changing STP Bridge Parameters on page 7 5 Max age sec The number of seconds this device or VLAN waits for a configuration BPDU from the root bridge before deciding the root has become unavailable...

Страница 104: ...ted or received during this state LEARNING The port has passed through the LISTENING state and will change to the FORWARDING state depending on the results of STP s reconvergence The port does not tra...

Страница 105: ...nd can be from 1 900 If you use this parameter the command lists the usage statistics only for the specified number of seconds If you do not use this parameter the command lists the usage statistics f...

Страница 106: ...port is disabled the only information shown by this command is DISABLED If a port is enabled this display shows the following information FastIron SuperX Router config show vlans Total PORT VLAN entr...

Страница 107: ...it is a member VLAN To list all the member VLANs within a VLAN group enter the show vlan group group id command The show span detail command shows the following information Table 7 6 CLI Display of De...

Страница 108: ...er frames are transmitted or received during this state LEARNING The port has passed through the LISTENING state and will change to the BLOCKING or FORWARDING state depending on the results of STP s r...

Страница 109: ...ansmission of the last Configuration BPDU BPDUs Sent and Received The number of BPDUs sent and received on this port since the software was reloaded Table 7 6 CLI Display of Detailed STP Information f...

Страница 110: ...ate in four seconds Specifically Fast Port Span allows faster convergence on ports that are attached to end stations and thus do not present the potential to cause Layer 2 forwarding loops Because the...

Страница 111: ...t is 802 1Q tagged The port is a member of a trunk group The port has learned more than one active MAC address An STP Configuration BPDU has been received on the port thus indicating the presence of a...

Страница 112: ...undry devices for backward compatibility However customers who are currently using RSTP Draft 3 should migrate to 802 1W The 802 1W feature provides rapid traffic reconvergence for point to point link...

Страница 113: ...which it is connected Alternate Provides an alternate path to the root bridge when the root port goes down Backup Provides a backup to the LAN when the Designated port goes down Disabled Has no role...

Страница 114: ...mitted by Port7 are superior to those Port8 transmits Therefore Port8 is the Backup port and Port7 is the Designated port Ports on Switch 3 Port2 on Switch 3 directly connects to the Designated port o...

Страница 115: ...edge port is part of the active RSTP topology The 802 1W protocol can auto detect an Edge port and a non edge port An administrator can also configure a port to be an Edge port using the CLI It is re...

Страница 116: ...ole 802 1W quickly places it into a forwarding state However if the Designated port is an Edge port then the port starts and stays in a forwarding state and it cannot be elected as a Root port A port...

Страница 117: ...ng state and performs any necessary processing associated with the state changes Port Timers This state machine is responsible for triggering any of the state machines described above based on expirat...

Страница 118: ...ort continues to send this flag in its RST BPDU until it is placed in a forwarding state Figure 7 7 or is forced to operate in 802 1D mode See Compatibility of 802 1W with 802 1D on page 43 Proposed W...

Страница 119: ...nize their roles and states Figure 7 5 Ports that are non edge ports with a role of Designated port change into a discarding state These ports have to negotiate with their peer ports to establish thei...

Страница 120: ...s and Backup ports are synced The Root port monitors the synced signals from all the bridge ports Once all bridge ports asserts a synced signal the Root port asserts its own synced signal Figure 7 6 F...

Страница 121: ...waiting for the hello timers to expire on them This process starts the handshake with the downstream bridges For example Port2 Switch 200 sends an RST BPDU to Port2 Switch 300 that contains a proposal...

Страница 122: ...ready has a Root port 802 1W uses a different type of handshake For example in Figure 7 8 a new root bridge is added to the topology Figure 7 8 Addition of a New Root Bridge Switch 400 Switch 300 Port...

Страница 123: ...e Proposing and Proposed The Designated port on the new root bridge Port4 Switch 60 sends an RST BPDU that contains a proposing signal to Port4 Switch 200 to inform the port that it is ready to put it...

Страница 124: ...r ports on the bridge assert their sync and reroot signals Information about the old Root port is discarded from all ports Designated ports change into discarding states Figure 7 10 Figure 7 10 Sync a...

Страница 125: ...ng states They also continue to negotiate their roles and states with their peer ports Figure 7 11 Figure 7 11 Sync and Rerooted Switch 200 Switch 400 Switch 300 Port1 Port1 Designated port Sync Reroo...

Страница 126: ...old Root port on Switch 200 becomes an Alternate Port Figure 7 13 Other ports on that bridge are elected to appropriate roles The Designated port on Switch 60 goes into a forwarding state once it rece...

Страница 127: ...g state instantly It waits until two instances of the forward delay timer expires on the port before it goes into forwarding state At this point the handshake between the Switch 60 and Switch 200 is c...

Страница 128: ...h a Designated role transmits an RST BPDU with a proposal flag to Port3 Switch 3 A ports with a Designated role sends the proposal flag in its RST BPDU when they are ready to move to a forwarding stat...

Страница 129: ...BPDUs that are superior to any that any port on Switch 2 can transmit therefore Port2 Switch 2 assumes the role of a Root port The new Root port then signals all ports on the bridge to start synchron...

Страница 130: ...not go directly into a forwarding state It waits until the forward delay time expires twice on that port before it can proceed to the forwarding state Once convergence is achieved the active Layer 2 f...

Страница 131: ...thm determines that it is superior to the RST BPDU that it can transmit therefore Port3 Switch 2 receives a new role that of a Root port Port3 Switch 2 then sends an RST BPDU with an agreed flag to Po...

Страница 132: ...nectivity in the topology has already been established When fully restored the topology is the same as that shown on Figure 7 15 Convergence in a Complex 802 1W Topology The following is an example of...

Страница 133: ...2 transmits an RST BPDU with a proposal flag to Port2 Switch 1 Port2 Switch 1 becomes the Root port All other ports on Switch 1 are given Designated port roles with discarding states Port2 Switch 1 s...

Страница 134: ...e notice TCN to all the bridges in the topology to propagate the topology change NOTE Edge ports Alternate ports or Backup ports do not need to propagate a topology change The TCN is sent in the RST B...

Страница 135: ...ports on that bridge with a Designated role Then Port3 Switch 4 sends RST BPDU with the TCN to Port4 Switch 2 Note the new active Layer 2 path in Figure 7 20 Figure 7 20 Beginning of Topology Change N...

Страница 136: ...sends the TCN to Port4 Switch 6 Port2 Switch 2 sends the TCN to Port2 Switch 1 Figure 7 21 Sending TCN to Bridges Connected to Switch 2 Port2 Port2 Port7 Port8 Port3 Port3 Port4 Port4 Port3 Port2 Port...

Страница 137: ...format when one of the following events occur The port receives a legacy BPDU A legacy BPDU is an STP BPDU or a BPDU in an 802 1D format The port that receives the legacy BPDU automatically configures...

Страница 138: ...t cases path costs for 802 1W bridges need to be changed Configuring 802 1W Parameters on a Foundry Device The remaining 802 1W sections explain how to configure the 802 1W protocol in a Foundry devic...

Страница 139: ...802 1w priority 0 To make this change in the default VLAN enter the following commands FESX424 Router config vlan 1 FESX424 Router config vlan 1 spanning tree 802 1w priority 0 Syntax spanning tree 80...

Страница 140: ...ble 7 7 shows the recommended path cost values from the IEEE standards The priority value parameter specifies the preference that 802 1W gives to this port relative to other ports for forwarding traff...

Страница 141: ...and shows the information listed in Table 7 8 Table 7 8 CLI Display of 802 1W Summary This Field Displays VLAN ID The port based VLAN that owns the STP instance VLAN 1 is the default VLAN If you have...

Страница 142: ...formation was received It can be from the root bridge itself but it could also be from another bridge Root Port The port on which the root information was received This is the port that is connected t...

Страница 143: ...o The hello value derived from the Root port It is the number of seconds between two Hello packets Port IEEE 802 1W Parameters Port Num The port number shown in a slot port format Pri The configured p...

Страница 144: ...ys VLAN ID ID of the VLAN that owns the instance of 802 1W and whether or not it is active Table 7 8 CLI Display of 802 1W Summary Continued This Field Displays FESX424 Router config show 802 1w detai...

Страница 145: ...he port s current 802 1W state A port can have one of the following states Forwarding Discarding Learning Disabled Refer to Bridge Port States on page 7 22 and Edge Port and Non Edge Port States on pa...

Страница 146: ...s tcWhile Topology change timer The value shown is the interval when topology change notices can be propagated on this port fdWhile Forward delay timer See the explanation for Fwd Dly on page 49 mdela...

Страница 147: ...ptimal STP topology In this topology all the non root bridges have at least two paths to the root bridge Switch 1 in this example One of the paths is through the root port The other path is a backup a...

Страница 148: ...ost to the root bridge and thus is selected by STP as the root port Port 3 4 has the next best cost to the root bridge and thus is selected by 802 1W Draft 3 as the alternate path to the root bridge O...

Страница 149: ...oot bridge to a value lower than the default 15 seconds Foundry recommends a value from 3 10 seconds The lower forwarding delay helps reduce reconvergence delays in cases where 802 1W Draft 3 is not a...

Страница 150: ...Foundry device to third party devices that run a single spanning tree in accordance with the 802 1Q specification SSTP uses the same parameters with the same value ranges and defaults as the default S...

Страница 151: ...ameters Syntax no spanning tree single forward delay value hello time value maximum age time priority value Here is the syntax for the STP port parameters Syntax no spanning tree single ethernet slotn...

Страница 152: ...Ns in STP group 1 all share the same spanning tree The VLANs in STP group 2 share a different spanning tree All the ports in the VLANs are tagged The ports must be tagged so that they can be in both a...

Страница 153: ...nfig stp group 1 FastIron SuperX Router config stp group 1 master vlan 2 FastIron SuperX Router config stp group 1 member vlan 3 to 4 FastIron SuperX Router config stp group 1 exit FastIron SuperX Rou...

Страница 154: ...ANs are tagged The ports must be tagged so that they can be in both a member VLAN and the member s master VLAN For example port 1 1 and ports 5 1 5 2 and 5 3 are in member VLAN 2 and master VLAN 1 sin...

Страница 155: ...an group 20 tag ethernet 1 20 ethernet 5 1 to 5 3 FastIron SuperX Router config vlan group 20 exit The following group of commands configures the STP groups Each STP group in this configuration contai...

Страница 156: ...vices but cannot interoperate with IEEE 802 1Q devices An IEEE 802 1Q device has all its ports running a single spanning tree PVST is an extension of PVST that allows a Cisco device to also interopera...

Страница 157: ...the port receives a PVST BPDU You can manually enable the support at any time or disable the support if desired If you want a tagged port to also support IEEE 802 1Q BPDUs you need to enable the dual...

Страница 158: ...by auto detect Syntax show span pvst mode This command displays the following information Configuration Examples The following examples show configuration examples for two common configurations Untagg...

Страница 159: ...ration leaves the default VLAN and the port s Port Native VLAN unchanged The default VLAN is 1 and the port s Port Native VLAN also is 1 The dual mode feature supports untagged frames on the default V...

Страница 160: ...onfiguration is incorrect FastIron SuperX Router config default vlan id 1000 FastIron SuperX Router config vlan 1 FastIron SuperX Router config vlan 1 tagged ethernet 1 1 to 1 2 FastIron SuperX Router...

Страница 161: ...e scalability by enabling you to use the same instance of a Layer 2 protocol for multiple VLANs For example if a Foundry device is deployed in a Metro network and provides forwarding for two MRP rings...

Страница 162: ...ame change is applied to that port in all the member VLANs that contain the port For example if you configure a topology group whose master VLAN contains ports 1 1 and 1 2 a Layer 2 state change on po...

Страница 163: ...e new master VLAN For example if you remove master VLAN 2 from the example above the CLI converts member VLAN 3 into the new master VLAN The new master VLAN inherits the Layer 2 protocol settings of t...

Страница 164: ...ports ethernet 2 3 Vlan 2 ethernet 2 4 Vlan 2 ethernet 2 11 Vlan 2 ethernet 2 12 Vlan 2 Syntax show topology group group id This display shows the following information Table 8 2 CLI Display of Topol...

Страница 165: ...th the ring Each node also is connected to a separate customer network The nodes forward Layer 2 traffic to and from the customer networks through the ring The ring interfaces are all in one port base...

Страница 166: ...ions are capable of being configured as MRP masters or MRP members for different rings MRP Rings Without Shared Interfaces MRP Phase 1 MRP Phase 1 allows you to configure multiple MRP rings as shown i...

Страница 167: ...warding F The interface can forward data as well as RHPs An interface changes from Preforwarding to Forwarding when the port s preforwarding time expires This occurs if the port does not receive an RH...

Страница 168: ...rding as their preforwarding timers expire The ring is not intact but data can still travel among the nodes using the links that are up Figure 8 4 shows an example Figure 8 4 Metro ring from Preforwar...

Страница 169: ...s interfaces come up in the Preforwarding state which allows RHPs to travel through the restored interfaces and reach the secondary interface on the Master node If an RHP reaches the Master node s se...

Страница 170: ...VLAN and contains the MRP configuration parameters for ring 1 VLAN 30 and VLAN 40 the customer VLANs are member VLANs in the topology group Since a topology group is used a single instance of MRP prov...

Страница 171: ...er commands such as the following NOTE If you plan to use a topology group to add VLANs to the ring make sure you configure MRP on the topology group s master VLAN FastIron SuperX Router config vlan 2...

Страница 172: ...me to 200 ms and change the preforwarding time to 400 ms NOTE The preforwarding time must be at least twice the value of the hello time and must be a multiple of the hello time Syntax no hello time ms...

Страница 173: ...Group Information on page 8 3 for more information Table 8 3 CLI Display of MRP Ring Diagnostic Information This Field Displays Ring id The ring ID Diag state The state of ring diagnostics RHP averag...

Страница 174: ...ring If a topology group is used by MRP the master VLAN controls the MRP settings for all VLANs in the topology group Note The topology group ID is 0 if the MRP VLAN is not the master VLAN in a topol...

Страница 175: ...es RHPs Member node The interface forwards RHPs received on the other interface the secondary interface secondary The interface does not generate RHPs Master node The interface listens for RHPs Member...

Страница 176: ...X Router config vlan 30 tag ethernet 1 1 to 1 2 FastIron SuperX Router config vlan 30 tag ethernet 2 1 FastIron SuperX Router config vlan 30 exit FastIron SuperX Router config vlan 40 FastIron SuperX...

Страница 177: ...onfig topology group 1 FastIron SuperX Router config topo group 1 master vlan 2 FastIron SuperX Router config topo group 1 member vlan 30 FastIron SuperX Router config topo group 1 member vlan 40 Comm...

Страница 178: ...up 1 member vlan 40 Virtual Switch Redundancy Protocol VSRP Virtual Switch Redundancy Protocol VSRP is a Foundry proprietary protocol that provides redundancy and sub second failover in Layer 2 and La...

Страница 179: ...is connected to a Foundry device that is configured for VSRP is VSRP aware In this example the three Foundry devices connected to the VSRP devices are VSRP aware A Foundry device that is VSRP aware ca...

Страница 180: ...the Backup does not receive a Hello message from the Master by the time the Dead Interval expires the Backup sends a Hello message of its own which includes the Backup s VSRP priority to advertise the...

Страница 181: ...r example you can increase the configured priority of the VSRP device on the left in Figure 8 9 to 150 In this case failure of a single link does not cause failover The link failure caused the priorit...

Страница 182: ...rack port s priority value from the configured VSRP priority For example if the you configure a track port with priority 20 and the configured VSRP priority is 100 the software subtracts 20 from 100 i...

Страница 183: ...if the VSRP aware device becomes disconnected from the Master The VSRP aware device will wait for a Hello message for the period of time equal to the following VRID Age Dead Interval Hold down Interv...

Страница 184: ...8 5 lists the VSRP parameters Table 8 5 VSRP Parameters Parameter Description Default See page Protocol VSRP state Note On a Layer 3 Switch you must disable VSRP to use VRRPE or VRRP Enabled 8 28 Virt...

Страница 185: ...edundancy The VRID IP address must be in the same subnet as a real IP address configured on the VSRP interface but cannot be the same as a real IP address configured on the interface Note This paramet...

Страница 186: ...en enabled 8 32 Hold down interval The amount of time a Backup that has sent a Hello packet announcing its intent to become Master waits before beginning to forward traffic for the VRID The hold down...

Страница 187: ...ig vlan 200 vrid 1 backup FastIron SuperX Router config vlan 200 vrid 1 activate Syntax no vsrp vrid num The num parameter specifies the VRID and can be from 1 255 Syntax no backup priority value trac...

Страница 188: ...le is a value used by the software to calculate the timers By default the scale value is 1 If you increase the timer scale each timer s value is divided by the scale value Using the timer scale to adj...

Страница 189: ...The authentication parameters that you define will not age out Define a list of ports that have authentic VSRP backup switch connections For ports included in the list the VSRP aware switch will proce...

Страница 190: ...ssis device specify the slot number as well as the port number slotnum portnum Configuring a VRID IP Address If you are configuring a Layer 3 Switch for VSRP you can specify an IP address to back up W...

Страница 191: ...onsistent timer usage for all the VRID s devices NOTE The Backups always use the value of the timer scale received from the Master regardless of whether the timer values that are saved in the configur...

Страница 192: ...e the timer scale the change affects the actual number of seconds Changing the Backup Hello State and Interval By default Backups do not send Hello messages to advertise themselves to the Master You c...

Страница 193: ...ability is useful for tracking the state of the exit interface for the path for which the VRID is providing redundancy See VSRP Priority Calculation on page 8 20 To configure a VRID to track an interf...

Страница 194: ...lid only on Layer 3 Switches To suppress RIP advertisements enter the following commands Router2 config router rip Router2 config rip router use vrrp path Syntax no use vrrp path Displaying VSRP Infor...

Страница 195: ...on the other routers and that the routers can communicate with each other Note If the state is initialize and the mode is incomplete make sure you have specified the IP address for the VRID standby T...

Страница 196: ...or the dead interval The dead interval is the number of seconds a Backup waits for a Hello message from the Master for the VRID before determining that the Master is no longer active If the Master doe...

Страница 197: ...n on page 8 34 Member ports The ports in the VRID Operational ports The member ports that are currently up Forwarding ports The member ports that are currently in the Forwarding state Ports that are f...

Страница 198: ...Foundry Configuration Guide for the FESX FSX and FWSX 8 38 Foundry Networks Inc December 2005...

Страница 199: ...Link Detection UDLD monitors a link between two Foundry devices and brings the ports on both ends of the link down if the link goes down at any point between the two devices This feature is useful fo...

Страница 200: ...s This feature is supported only on Ethernet ports To configure UDLD on a trunk group you must enable and configure the feature on each port of the group individually Configuring UDLD on a trunk group...

Страница 201: ...of times the port will try the health check You can specify a value from 3 10 The default is 5 UDLD for Tagged Ports The default implementation of UDLD sends the packets untagged even across tagged p...

Страница 202: ...link is down Keepalive Interval The number of seconds between health check packets Port The port number Physical Link The state of the physical link This is the link between the Foundry port and the d...

Страница 203: ...s Foundry device The ID can be used by Foundry technical support for troubleshooting Remote System ID A unique value that identifies the Foundry device at the remote end of the link Packets sent The n...

Страница 204: ...chnical support for troubleshooting Table 9 3 CLI Display of Detailed UDLD Information Continued This Field Displays FastIron SuperX Router config show interface ethernet 1 1 FastEthernet1 1 is down l...

Страница 205: ...pter contains the following information Trunk Group Overview The Trunk Group feature allows you to manually configure multiple high speed load sharing links between two Foundry Layer 2 Switches or Lay...

Страница 206: ...up must be connected to the same device at the other end Trunk Group Connectivity to a Server To support termination of a trunk group the server must have either multiple network interface cards NICs...

Страница 207: ...maximum number of trunk groups you can configure on a FESX FSX and FWSX and the valid number of ports in a trunk group Multi slot trunk groups are supported only on FSX devices Although the FESX FSX a...

Страница 208: ...t of the trunk group with respect to the following parameters port tag type untagged or tagged port statically configured port speed and duplex QoS priority To change port parameters you must change t...

Страница 209: ...8X 12GM 4 Console Pwr Lnk Odd Even Odd Even Lnk 424F 424C 42XG 424C 424C 424C 424F 424C FastIron SuperX Odd Even Lnk Lnk Odd Even POE 424C 424F SYS EJECT SYS EJECT SYS EJECT SYS EJECT Lnk Act Lnk Act...

Страница 210: ...ation can now use IPv6 addresses to make the load sharing decision Load sharing occurs as described in Table 10 4 or Table 10 3 How Trunk Load Sharing Works Load balancing procedures differ depending...

Страница 211: ...owing 1 Disconnect the cables from those ports on both systems that will be connected by the trunk group Do not configure the trunk groups with the cables connected Table 10 3 Trunk Group Load Sharing...

Страница 212: ...d on multiple devices To configure the trunk group link between FSX1 and the FESX NOTE The text shown in italics in the CLI example below shows messages echoed to the screen in answer to the CLI comma...

Страница 213: ...roup To configure a trunk group consisting of two groups of two ports each enter commands such as the following FastIron SuperX Router config trunk ethernet 1 1 to 1 2 ethernet 3 3 to 3 4 FastIron Sup...

Страница 214: ...portname To enable an individual port in a trunk group enter commands such as the following at the trunk group configuration level FastIron SuperX Router config trunk 4 1 4 4 config trunk ind FastIron...

Страница 215: ...trunk group is one that has been configured in the software but has not been placed into operation by a reset or reboot An operational trunk group is one that has been placed into operation by a reset...

Страница 216: ...t speed is 1000 Mbps Tag Indicates whether the ports have 802 1Q VLAN tagging The value can be Yes or No Priority Indicates the Quality of Service QoS priority of the ports The priority can be a value...

Страница 217: ...k aggregate link without the need for manual configuration of the ports into trunk groups When you enable link aggregation on a group of Foundry ports the Foundry ports can negotiate with the ports at...

Страница 218: ...y devices The Foundry rules apply to a Foundry device even if the device at the other end is from another vendor and uses different rules See Trunk Group Rules on page 10 3 The link aggregation featur...

Страница 219: ...he dynamic link aggregation 802 3ad implementation on the FESX FSX and FWSX allow any number of ports up to four to be aggregated into a link The feature does not require the aggregate link to consist...

Страница 220: ...enabled Based on the states of the ports some or all of them will be eligible to be used in an aggregate link Figure 10 6 Two port groups used to determine aggregation eligibility Table 10 6 shows exa...

Страница 221: ...ports with different physical capabilities will not be able to form a trunk Assigning a Unique Key FastIron SuperX Router config interface ethernet 1 1 FastIron SuperX Router config if e1000 1 1 link...

Страница 222: ...NOTE This parameter is not supported in the current software release The primary port in the port group becomes the default active port The primary port is the lowest numbered port in a valid trunk p...

Страница 223: ...However the link aggregation keys for the groups of ports on each module must match For example if you want to allow link aggregation to form an aggregate link containing ports 1 1 1 4 and 3 5 3 8 you...

Страница 224: ...agged or untagged If it finds a match the port whose VLAN membership you are changing gets the matching port s key If it does not find a match the port gets a new key NOTE For multi slot trunk groups...

Страница 225: ...ng Link Aggregation Parameters You can configure one or more parameters on the same command line and you can enter the parameters in any order NOTE For key configuration only configuration commands di...

Страница 226: ...command in this example enables ports 1 1 1 4 and 3 5 3 8 to form a multi slot aggregate link Syntax no link aggregate configure system priority num port priority num key num type server switch The sy...

Страница 227: ...rmation for a specific port enter a command such as the following at any level of the CLI The command in this example shows the link aggregation information for port 1 1 To display the link aggregatio...

Страница 228: ...ate link initiated by another port but cannot search for a link aggregation port or initiate negotiation of an aggregate link Yes The mode is active The port can send and receive LACPDU messages Tio I...

Страница 229: ...nk Def Indicates whether the port is using default link aggregation values The port uses default values if it has not received link aggregation information through LACP from the port at the remote end...

Страница 230: ...matically updates the link aggregation configuration based on LACPDU messages However clearing the link aggregation information can be useful if you are troubleshooting a configuration To clear the li...

Страница 231: ...Ns Layer 3 Switches Only 11 14 IP subnet IPX network and protocol based VLANs 11 21 IP subnet IPX network and protocol based VLANs within Port Based VLANs 11 23 IPv6 protocol VLANs 11 26 Routing betwe...

Страница 232: ...3 packet but cannot be forwarded as described above but the port is a member of a Layer 3 protocol VLAN for the packet s protocol the device forwards the packet on all the Layer 3 protocol VLAN s port...

Страница 233: ...3 VLANs Since each port based VLAN is a separate Layer 2 broadcast domain by default each VLAN runs a separate instance of the Spanning Tree Protocol STP Layer 2 traffic is bridged within a port base...

Страница 234: ...etBIOS broadcasts to all ports within the NetBIOS protocol VLAN Other The device sends broadcasts for all protocol types other than those listed above to all ports within the VLAN Figure 11 2 shows an...

Страница 235: ...interface allows the Layer 3 Switch to internally route traffic between the protocol based VLANs without using physical interfaces All the ports within a protocol based VLAN must be in the same port b...

Страница 236: ...nd is VLAN number 1 Foundry devices do not contain any protocol VLANs or IP sub net IPX network or AppleTalk cable VLANs by default Figure 11 3 shows an example of the default Layer 2 port based VLAN...

Страница 237: ...cross multiple devices make sure all the devices support the same tag format Figure 11 4 Packet containing Foundry s 802 1QVLAN tag If you configure a VLAN that spans multiple devices you need to use...

Страница 238: ...runs a separate spanning tree You can enable or disable STP on the following levels Globally Affects all ports on the device NOTE If you configure a port based VLAN on the device the VLAN has the sam...

Страница 239: ...nd IronSpan Features on page 7 1 Virtual Routing Interfaces A virtual routing interface is a logical routing interface that Foundry Layer 3 Switches use to route Layer 3 protocol traffic between proto...

Страница 240: ...same ID as the VLAN group For configuration information see Configuring VLAN Groups and Virtual Routing Interface Groups on page 11 40 Dynamic Static and Excluded Port Membership When you add ports t...

Страница 241: ...At this point the port can remain in the VLAN up to 20 minutes without receiving traffic for the VLAN s protocol and so on Unless you explicitly add a port statically or exclude a port the port is a d...

Страница 242: ...ynamic port becomes a member of a Layer 3 protocol VLAN when traffic from the VLAN s protocol is received on the port After this point the port remains an active member of the protocol VLAN unless the...

Страница 243: ...otocol VLAN and an IP sub net VLAN in the same port based VLAN nor can you have an IPX protocol VLAN and an IPX network VLAN in the same port based VLAN As a Foundry device receives packets the VLAN c...

Страница 244: ...VLAN and not assign a virtual routing interface to the VLAN Packets for these protocols are bridged or switched at Layer 2 across ports on the router that are included in the Layer 3 VLAN If these VLA...

Страница 245: ...xplicitly exclude the ports that you do not want to participate in a particular Layer 3 VLAN Assigning a Different VLAN ID to the Default VLAN When you enable port based VLANs all ports in the system...

Страница 246: ...um ethernet slotnum portnum EXAMPLE 2 Figure 11 10 shows a more complex port based VLAN configuration using multiple Layer 2 Switches and IEEE 802 1Q VLAN tagging The backbone link connecting the thre...

Страница 247: ...4 spanning tree priority 500 FESX424 Switch A config vlan 4 vlan 5 name RED FESX424 Switch A config vlan 5 untag ethernet 13 to 16 ethernet 20 FESX424 Switch A config vlan 5 tag ethernet 25 to 26 FESX...

Страница 248: ...te memory Configuring FESX C Enter the following commands to configure FESX C FESX424 Switch en FESX424 Switch configure terminal FESX424 Switch config hostname FESX C FESX424 Switch C config vlan 2 n...

Страница 249: ...A shown in Figure 11 10 To do so use the following procedure 1 Access the global CONFIG level of the CLI on FESX424 Switch A by entering the following command FESX424 Switch A enable No password has...

Страница 250: ...n 3 spanning tree FESX424 Switch B config vlan 3 4 Enter the following commands to exit the VLAN CONFIG mode and save the configuration to the system config file on flash memory FESX424 Switch B confi...

Страница 251: ...Sub net IPX Network and Protocol Based VLANs Protocol based VLANs provide the ability to define separate broadcast domains for several unique Layer 3 protocols within a single Layer 2 broadcast domain...

Страница 252: ...VLAN 1 1 2 0 enter the following commands FESX424 Switch config ip subnet ip subnet 1 1 2 0 24 name Yellow FESX424 Switch config ip subnet no dynamic FESX424 Switch config ip subnet static ethernet 9...

Страница 253: ...rise campus backbone The first STP domain VLAN 2 requires a set of ports at each Layer 2 Switch location to be statically mapped to IP only No other protocols can enter the switches on this set of por...

Страница 254: ...oot bridge for VLAN 2 FESX424 Switch A config vlan 2 spanning tree FESX424 Switch A config vlan 2 spanning tree priority 500 FESX424 Switch A config vlan 2 3 Create the IP and IPX protocol based VLANs...

Страница 255: ...13 to 16 e25 to 26 FESX424 Switch A config vlan ipx network exclude e10 to 12 FESX424 Switch A config vlan ipx network other proto name Block_other_proto FESX424 Switch A config vlan other proto no dy...

Страница 256: ...FESX424 Switch C config vlan ip proto no dynamic FESX424 Switch C config vlan ip proto static e1 to 4 e25 to 26 FESX424 Switch C config vlan ip proto exclude e5 to 8 FESX424 Switch C config vlan ip pr...

Страница 257: ...ipv6 proto name string Routing Between VLANs Using Virtual Routing Interfaces Layer 3 Switches Only Foundry Layer 3 Switches offer the ability to create a virtual routing interface within a Layer 2 ST...

Страница 258: ...ual routing interface and unique IP or IPX address within VLAN 2 on each FESX In this example this is the configuration used for VLAN 3 The second way is to split VLAN 2 into two separate port based V...

Страница 259: ...o 16 FESX424 Router A config vlan 3 no spanning tree FESX424 Router A config vlan 3 ip subnet 1 1 1 0 24 FESX424 Router A config vlan ip subnet static e 9 to 12 FESX424 Router A config vlan ip subnet...

Страница 260: ...A config vif 6 int ve7 FESX424 Router A config vif 7 ip addr 1 1 5 1 24 FESX424 Router A config vif 7 ip ospf area 0 0 0 0 FESX424 Router A config vif 7 ipx network 5 ethernet_802 3 FESX424 Router A...

Страница 261: ...nfig vif 3 ip ospf area 0 0 0 0 FESX424 Router B config vif 3 int ve4 FESX424 Router B config vif 4 ipx network 7 ethernet_802 3 FESX424 Router B config vif 4 vlan 4 name Bridged_ALL_Protocols FESX424...

Страница 262: ...C config vlan ip subnet ipx network 10 ethernet_802 3 FESX424 Router C config vlan ipx network static e 13 to 16 FESX424 Router C config vlan ipx network router interface ve4 FESX424 Router C config...

Страница 263: ...s if no member protocol traffic is received on a port within the VLAN The aged out port however remains as a candidate dynamic port for that VLAN The port becomes active in the VLAN again if member pr...

Страница 264: ...t vlan 10 FastIron SuperX Router config vlan 10 ip subnet 1 1 1 0 24 name Mktg LAN FastIron SuperX Router config vlan 10 dynamic FastIron SuperX Router config write memory These commands create a port...

Страница 265: ...etwork as uplink ports In this configuration broadcast and unknown unicast traffic in the VLAN does not go to all ports in the VLAN The traffic goes only to the uplink ports The clients on the network...

Страница 266: ...ethods in that section instead Figure 11 14 shows an example of this type of configuration Figure 11 14 Multiple port based VLANs with separate protocol addresses As shown in this example each VLAN ha...

Страница 267: ...Virtual Router Redundancy Protocol The Foundry device performs proxy Address Resolution Protocol ARP for hosts that want to send IP traffic to hosts in other VLANs that are sharing the same IP sub net...

Страница 268: ...the port to be in multiple VLANs You can configure VLANs to share a Layer 3 protocol interface regardless of tagging A combination of tagged and untagged ports is shown in this example to demonstrate...

Страница 269: ...interfaces 2 and 3 have been configured to share the IP address of virtual routing interface 1 but also have been configured to use their own ACLs instead of virtual routing interface 1 s ACLs FastIro...

Страница 270: ...you configure a VLAN group with the same ID The virtual routing interface group automatically applies to the VLANs in the VLAN group that has the same ID and cannot be applied to other VLAN groups or...

Страница 271: ...to vlan id Syntax remove vlan vlan id to vlan id Displaying Information about VLAN Groups To display VLAN group configuration information enter the following command FastIron SuperX Router show vlan g...

Страница 272: ...e ID The syntax and usage for the ip address command is the same as when you use the command at the interface level to add an IP interface Displaying the VLAN Group and Virtual Routing Interface Group...

Страница 273: ...able 11 2 Increasing the Number of Virtual Routing Interfaces You Can Configure To increase the maximum number of virtual routing interfaces you can configure enter commands such as the following at t...

Страница 274: ...the Super Aggregated VLAN Application Each client connected to the edge device is in its own port based VLAN which is like an ATM channel All the clients VLANs are aggregated by the edge device into...

Страница 275: ...a single link between the core devices However you can use a trunk group to add link level redundancy Configuring Aggregated VLANs To configure aggregated VLANs perform the following tasks On each edg...

Страница 276: ...lan 101 by port FastIron SuperX Router config vlan 101 tagged ethernet 2 1 FastIron SuperX Router config vlan 101 untagged ethernet 1 1 FastIron SuperX Router config vlan 101 exit FastIron SuperX Rout...

Страница 277: ...of the edge and core devices on one side must be symmetrical in fact a mirror image to the configurations of the devices on the other side For simplicity the example in Figure 11 17 on page 11 45 is s...

Страница 278: ...et 1 5 FastIron SuperX RouterB config vlan 105 exit FastIron SuperX RouterB config write memory Commands for Device C Since device C is aggregating channel VLANs from devices A and B into a single pat...

Страница 279: ...e identical to the commands for configuring device E In this example since the port numbers on each side of the configuration in Figure 11 17 on page 11 45 are symmetrical the configuration of device...

Страница 280: ...ot properly handle the packets FESX releases 01 1 00 and later and all FSX and FWSX releases provide finer granularity for configuring 802 1Q tagging enabling you to configure 802 1Q tag types on a gr...

Страница 281: ...stomer ports to any value other than the 802 1Q tag for incoming traffic For example in Figure 11 20 the 802 1Q tag on the untagged edge links ports 11 and 12 is 9100 whereas the 802 1Q tag for incomi...

Страница 282: ...of an application using a private VLAN Port 6 Tagged Port 11 Untagged Port 6 Tagged Ports 1 5 Untagged Port 17 Tagged Port 12 Untagged Port 11 Untagged Port 12 Untagged Port 17 Tagged Port 6 Tagged Ta...

Страница 283: ...vior for broadcast packets unknown unicast packets or both See Enabling Broadcast or Unknown Unicast Traffic to the Private VLAN on page 11 55 You can configure a combination of the following types of...

Страница 284: ...ntax To configure a private VLAN configure each of the component VLANs isolated community and public as a separate port based VLAN Use standard VLAN configuration commands to create the VLAN and add p...

Страница 285: ...lan mapping command identifies the other private VLANs for which this VLAN is the primary The command also specifies the primary VLAN ports to which you are mapping the other private VLANs The vlan id...

Страница 286: ...perX Router config vlan 902 pvlan type isolated FastIron SuperX Router config vlan 902 exit FastIron SuperX Router config vlan 903 FastIron SuperX Router config vlan 903 untagged ethernet 3 5 to 3 6 F...

Страница 287: ...itting traffic for other VLANs as tagged Figure 11 23 illustrates this enhancement Figure 11 23 Specifying a default VLAN ID for a dual mode port In Figure 11 23 tagged port 2 11 is a dual mode port b...

Страница 288: ...onfig vlan 20 exit FastIron SuperX Router config int e 2 11 FastIron SuperX Router config if e1000 2 11 dual mode 10 FastIron SuperX Router config if e1000 2 11 exit Syntax no dual mode vlan id Notes...

Страница 289: ...VLAN for which you want to display the configuration information The slotnum parameter is required on chassis devices The portnum parameter specifies a port If you use this parameter the command list...

Страница 290: ...eter specifies a VLAN for which you want to display the configuration information The slotnum parameter is required on chassis devices The portnum parameter specifies a port If you use this parameter...

Страница 291: ...ny packets in the hardware without sending the packets to the CPU for processing Rule based ACLs are supported on physical interfaces trunk groups and virtual routing interfaces NOTE The FESX FSX and...

Страница 292: ...um number of ACL rules you can configure is a system wide parameter and depends on the device you are configuring You can configure up to the maximum number of entries in any combination in different...

Страница 293: ...permit all access to the end of each ACL The software permits packets that are not denied by the deny entries NOTE Do not apply an empty ACL an ACL ID without any corresponding entries to an interface...

Страница 294: ...ort up to 1024 ACL rules ACLs on the FSX are affected by port regions Multiple ACL groups share 1016 ACL rules per port region Each ACL group must contain one entry for the implicit deny all IP traffi...

Страница 295: ...sk where zeros instead of ones are the significant bits and changes the non significant portion of the IP address into ones For example if you specify 209 157 22 26 24 or 209 157 22 26 0 0 0 255 then...

Страница 296: ...a device see ACL IDs and Entries on page 12 2 The commands for configuring named ACL entries are different from the commands for configuring numbered ACL entries The command to configure a numbered A...

Страница 297: ...e changes to the startup config file the value appears as 209 157 22 0 24 if you have enabled display of subnet lengths or 209 157 22 0 0 0 0 255 in the startup config file If you enable the software...

Страница 298: ...name Source TCP or UDP port if the IP protocol is TCP or UDP Destination TCP or UDP port if the IP protocol is TCP or UDP The IP protocol can be one of the following well known names or any IP protoc...

Страница 299: ...t of 209 157 22 26 0 0 0 255 as 209 157 22 26 24 The CLI automatically converts the CIDR number into the appropriate ACL mask where zeros instead of ones are the significant bits and changes the non s...

Страница 300: ...after neq range The policy applies to all TCP or UDP port numbers that are between the first TCP or UDP port name or number and the second one you enter following the range parameter The range includ...

Страница 301: ...This value is not supported on 10 Gigabit Ethernet modules normal or 0 The ACL matches packets that have the normal ToS The decimal value for this option is 0 num A number from 0 15 that is the sum o...

Страница 302: ...ackets that are denied by this entry The fifth entry denies all OSPF traffic and generates Syslog entries for denied traffic The sixth entry permits all packets that are not explicitly denied by the o...

Страница 303: ...when you configure a numbered ACL entry you specify all the command parameters on the same command When you configure a named ACL you specify the ACL type standard or extended and the ACL number with...

Страница 304: ...pen Shortest Path First OSPF Transmission Control Protocol TCP User Datagram Protocol UDP For TCP and UDP you also can specify a comparison operator and port name or number For example you can configu...

Страница 305: ...you prefer to specify the wildcard mask value in Classless Interdomain Routing CIDR format you can enter a forward slash after the IP address then enter the number of significant bits in the mask For...

Страница 306: ...orts gt The policy applies to TCP or UDP port numbers greater than the port number or the numeric equivalent of the port name you enter after gt lt The policy applies to TCP or UDP port numbers that a...

Страница 307: ...he option number instead of the name specify number 1 routine or 0 The ACL matches packets that have the routine precedence If you specify the option number instead of the name specify number 0 The to...

Страница 308: ...cies on page 15 1 Configuration Example for Extended Named ACLs To configure an extended named ACL enter commands such as the following The options at the ACL configuration level and the syntax for th...

Страница 309: ...he following line permits TCP packets FESX424 Router config access list TCP UDP permit tcp 192 168 4 40 24 2 2 2 2 24 FESX424 Router config access list TCP UDP remark The following permits UDP packets...

Страница 310: ...erX Router config interface ethernet 1 1 FastIron SuperX Router config if 1 1 ip access group frag deny This option begins dropping all fragments received by the port as soon as you enter the command...

Страница 311: ...23 per vlan 12 FESX424 Switch config if e1000 23 vlan 12 ip access group 10 in The commands in this example configure port based VLAN 12 and add ports e 5 8 as untagged ports and ports e 23 24 as tagg...

Страница 312: ...if the traffic has the IP precedence option internet equivalent to 6 The second entry denies all FTP traffic from the 209 157 21 x network to the 209 157 22 x network if the traffic has the IP precede...

Страница 313: ...the packet Using an ACL to Map the DSCP Value DSCP CoS Mapping The dscp cos mapping option on the FESX and FSX maps the DSCP value in incoming packets to a hardware table that provides mapping of eac...

Страница 314: ...on page 12 8 and Configuring Extended Named ACLs on page 12 13 The following shows the syntax specific to these features Syntax dscp marking 0 63 802 1p priority marking 0 7 internal priority marking...

Страница 315: ...eld lists the number of CAM entries used by the ACL or entry The number of CAM entries listed for the ACL itself is the total of the CAM entries used by the ACL s entries For flow based ACLs the Total...

Страница 316: ...Foundry Configuration Guide for the FESX FSX and FWSX 12 26 Foundry Networks Inc December 2005...

Страница 317: ...nd assigning a priority to the packets The classification process assigns a priority to packets as they enter the switch These priorities can be determined on the basis of information contained within...

Страница 318: ...frame It can be a value from 0 7 The 802 1p priority is also called the Class of Service Layer 3 Differentiated Service codepoint DSCP This is the value in the six most significant bits of the IP pack...

Страница 319: ...he packet match an ACL that defines a priority Is the packet tagged Trust the DSCP CoS mapping or the DSCP marking Trust the 802 1p CoS value Trust the priority of the static MAC entry Trust the port...

Страница 320: ...fied based on the static MAC address ingress port default priority or the default priority of zero 0 Once a packet is classified by one of the procedures mentioned it is mapped to an internal forwardi...

Страница 321: ...s 16 to 31 DSCP value 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 802 1p COS Value 2 2 2 2 2 2 2 2 3 3 3 3 3 3 3 3 DSCP value 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Internal Forwarding Pr...

Страница 322: ...rent hardware forwarding queue See Changing the Internal Forwarding Priority Hardware Forwarding Queue Mappings on page 13 10 QoS Queues Foundry devices support the eight QoS queues qosp0 qosp7 listed...

Страница 323: ...net 1 FESX424 Router config if e1000 1 priority 7 The device will assign priority 7 to untagged switched traffic received on port 1 Syntax no priority num The num parameter can be from 0 7 and specifi...

Страница 324: ...queue for the packet based on the information The software interprets the value in the six most significant bits of the IP packet header s 8 bit ToS field as a Diffserv Control Point DSCP value and m...

Страница 325: ...8 15 maps to priority 1 After performing this mapping the device maps the internal forwarding priority value to one of the hardware forwarding queues Table 13 8 list the default mappings of internal f...

Страница 326: ...ect the second part of the DSCP value from the d2 row For example to read the DSCP to forwarding priority mapping for DSCP value 24 select 2 from the d1 column and select 4 from the d2 row The mapping...

Страница 327: ...erts the percentages you specify into weights for the queues NOTE Queue cycles on the FESX FSX and FWSX are based on bytes These devices service a given number of bytes based on the weight in each que...

Страница 328: ...t To change the method back to weighted round robin enter the following command FESX424 Router config qos mechanism weighted Syntax no qos mechanism strict weighted NOTE The following combined method...

Страница 329: ...he percentages into weights The weight associated with each queue controls how many packets are processed for the queue at a given stage of a cycle through the weighted round robin algorithm NOTE Queu...

Страница 330: ...percentages for the queues when the device is configured to use the combined SP and WRR queuing mechanism enter commands such as the following Note that this example uses the default queue names FESX4...

Страница 331: ...splay the QoS settings for all the queues enter the show qos profiles command as shown in the following examples The following shows an example display output on a FESX Syntax show qos profiles all na...

Страница 332: ...y map d1 and d2 The DSCP to forwarding priority mappings that are currently in effect Note The example above shows the default mappings If you change the mappings the command displays the changed mapp...

Страница 333: ...ffic Class and 802 1p Priority The traffic class to 802 1p Priority mappings that are currently in effect Note The example above shows the default mappings If you change the mappings the command displ...

Страница 334: ...Foundry Configuration Guide for the FESX FSX and FWSX 13 18 Foundry Networks Inc December 22 2005...

Страница 335: ...cy but drops additional bytes Unused bandwidth is not carried over from one interval to the next NOTE Foundry recommends that you do not use Fixed Rate Limiting on ports that send or receive route con...

Страница 336: ...bits 62500 bytes a second During the first two one second intervals the port receives less than 500000 bits in each interval However the port receives more than 500000 bits during the third and fourth...

Страница 337: ...e limiting on an X Series device you create individual traffic policies then reference the traffic policies in one or more ACL entries also called clauses or statements The traffic policies become eff...

Страница 338: ...lowing command Syntax show rate limit fixed The command lists the ports on which fixed rate limiting is configured and provides the information listed in Table 14 2 for each of the ports Table 14 2 CL...

Страница 339: ...that identifies individual traffic policy definitions Traffic policy definition TPD This is the command filter associated with a traffic policy name A TPD can define any one of the following Rate lim...

Страница 340: ...m wide parameter and depends on the device you are configuring The total number of active TPDs cannot exceed the system maximum See Maximum Number of Traffic Policies Supported on a Device on page 15...

Страница 341: ...g message on the console NOTE Foundry does not recommend setting the system max for traffic policies to 0 zero since this renders traffic policies ineffective ACL Based Rate Limiting via Traffic Polic...

Страница 342: ...policy Enter a command such as the following FESX424 Switch config traffic policy TPD1 rate limit fixed 100 exceed action drop 2 Create an extended ACL entry or modify an existing extended ACL entry...

Страница 343: ...y For example FESX424 Switch config access list 104 permit ip host 210 10 12 2 any traffic policy TPDAfour 3 Bind the ACL to an interface FESX424 Switch config int e 7 FESX424 Switch config if e7 ip a...

Страница 344: ...e is the peak burst size in bytes See Table 1 exceed action action specifies the action to be taken when packets exceed the configured values See Specifying the Action to be Taken for Packets that are...

Страница 345: ...0000 pbs 4000 exceed action permit at low pri The above commands configure an adaptive rate limiting policy that enforces a guaranteed committed rate of 10000 kbps on port e7 and allows bursts of up t...

Страница 346: ...n the port that were permitted or denied by ACL filters Syntax no traffic policy TPD name count Syntax access list num permit deny traffic policy TPD name Syntax no ip access group num in out NOTES Fo...

Страница 347: ...automatically enabled for active rate limiting traffic policies Use either the show access list accounting command or the show statistics traffic policy command to display ACL and traffic policy coun...

Страница 348: ...y definition for which you want to clear traffic policy counters Viewing Traffic Policies To view traffic policies that are currently defined on the Foundry device enter the show traffic policy comman...

Страница 349: ...ir The committed information rate in kbps for the adaptive rate limiting policy cbs The committed burst size in bytes per second for the adaptive rate limiting policy pir The peak information rate in...

Страница 350: ...Foundry Configuration Guide for the FESX FSX and FWSX 15 12 Foundry Networks Inc December 2005...

Страница 351: ...ol RIP If you are configuring a Layer 3 Switch see Configuring IP Addresses on page 16 17 to add IP addresses then see one or more of the following to enable and configure the route exchange protocols...

Страница 352: ...SM Distance Vector Multicast Routing Protocol DVMRP Router redundancy protocols Virtual Router Redundancy Protocol Extended VRRPE Virtual Router Redundancy Protocol VRRP IP Interfaces Foundry Layer 3...

Страница 353: ...Switches You can configure an IP address on a Foundry Layer 2 Switch for management access to the Layer 2 Switch An IP address is required for Telnet access Web management access and SNMP access You...

Страница 354: ...cket the Layer 3 Switch checks the IP route table for a route to the packet s destination If the IP route table has a route the Layer 3 Switch makes an entry in the session table or the forwarding cac...

Страница 355: ...tch To configure other ARP parameters see the following Configuring ARP Parameters on page 16 25 Layer 3 Switch only To increase the size of the ARP cache and static ARP table see the following For dy...

Страница 356: ...The IP forwarding cache provides a fast path mechanism for forwarding IP packets The cache contains entries for IP destinations When a Foundry Layer 3 Switch has completed processing and addressing fo...

Страница 357: ...es Layer 4 Quality of Service QoS policies IP access policies To increase the size of the session table see the section Displaying and Modifying System Parameter Default Settings on page 4 8 The ip qo...

Страница 358: ...ies Foundry Layer 3 Switches provide two mechanisms for filtering IP traffic Access Control Lists ACLs IP access policies Both methods allow you to filter packets based on Layer 3 and Layer 4 source a...

Страница 359: ...y command from the Privileged EXEC level of any configuration level of the CLI To save the configuration changes using the Web management interface select the Save link at the bottom of the dialog Sel...

Страница 360: ...l accept each second If the device receives more ARP packets than you specify the device drops additional ARP packets for the remainder of the one second interval Disabled 16 26 ARP age The amount of...

Страница 361: ...Control Message Protocol ICMP messages The Foundry Layer 3 Switch can send the following types of ICMP messages Echo messages ping messages Destination Unreachable messages Enabled 16 31 ICMP Router...

Страница 362: ...qual cost paths across which the Layer 3 Switch is allowed to distribute traffic Four 16 43 Origination of default routes You can enable a router to originate default routes for the following route ex...

Страница 363: ...ed packets 16 22 ARP age Locally overrides the global setting See Table 16 2 on page 16 9 Ten minutes 16 27 Metric A numeric cost the router adds to RIP routes learned on the interface This parameter...

Страница 364: ...next row The router helps forward broadcasts for the following UDP application protocols bootps dns netbios dgm netbios ns tacacs tftp time 16 48 IP helper address The IP address of a UDP application...

Страница 365: ...s in either format regardless of the display setting 16 57 IP address A Layer 3 network interface address Note Layer 2 Switches have a single IP address used for management access to the entire device...

Страница 366: ...he router The Layer 2 Switch uses its management IP address as the source address for these packets The management IP address of the Layer 2 Switch Note This parameter is not configurable on Layer 2 S...

Страница 367: ...VLAN you cannot configure Layer 3 interface parameters on individual ports in the VLAN Instead you must configure the parameters on the virtual routing interface itself Foundry devices support both cl...

Страница 368: ...he interface NOTE When you configure more than one address in the same sub net all but the first address are secondary addresses and do not form OSPF adjacencies Assigning an IP Address to a Loopback...

Страница 369: ...AN The last two commands change to the interface configuration level for the virtual interface and assign an IP address to the interface Syntax router interface ve num Syntax interface ve num See the...

Страница 370: ...ntax traceroute host ip addr maxttl value minttl value numeric timeout value source ip ip addr The only required parameter is the IP address of the host at the other end of the route See the Foundry S...

Страница 371: ...apsulation snap ethernet_ii Changing the Maximum Transmission Unit MTU The Maximum Transmission Unit MTU is the maximum length of IP packet that a Layer 2 packet can contain IP packets that are longer...

Страница 372: ...l ports of an X Series device enter commands such as the following FESX424 Router config jumbo FESX424 Router config write memory FESX424 Router config end FESX424 Router reload Syntax no jumbo The ab...

Страница 373: ...ch by just one of the IP addresses configured on the Layer 3 Switch regardless of the interfaces that connect the Layer 3 Switches This IP address is the router ID NOTE Routing Information Protocol RI...

Страница 374: ...specifying the source interface for Telnet TACACS TACACS or RADIUS packets You can configure a source interface for one or more of these types of packets separately To specify an Ethernet or a loopba...

Страница 375: ...ss Resolution Protocol ARP is a standard IP protocol that enables an IP Layer 3 Switch to obtain the MAC address of another device s interface when the Layer 3 Switch knows the IP address of the inter...

Страница 376: ...only to devices that are directly attached to the Layer 3 Switch A MAC broadcast is not routed to other networks However some routers including Foundry Layer 3 Switches can be configured to reply to...

Страница 377: ...globally configured value which is 10 minutes by default If you specify 0 aging is disabled Enabling Proxy ARP Proxy ARP allows a Layer 3 Switch to answer ARP requests from devices on one network on...

Страница 378: ...entry from the ARP cache if the ARP aging interval expires before the entry is refreshed Static entries do not age out regardless of whether the Foundry device receives an ARP request from the device...

Страница 379: ...itches Time To Live TTL threshold Forwarding of directed broadcasts Forwarding of source routed packets Ones based and zero based broadcasts All these parameters are global and thus affect all IP inte...

Страница 380: ...ay to the destination The Layer 3 Switch supports both types of IP source routing Strict source routing requires the packet to pass through only the listed routers If the Layer 3 Switch receives a str...

Страница 381: ...ached by the Layer 3 Switch Disabling Replies to Broadcast Ping Requests By default Foundry devices are enabled to respond to broadcast ICMP echo packets which are ping requests To disable response to...

Страница 382: ...nreachable messages The protocol parameter disables ICMP Protocol Unreachable messages The source route fail parameter disables ICMP Unreachable caused by Source Route Failure messages To disable ICMP...

Страница 383: ...ric applies only to routes that the Layer 3 Switch has already placed in the IP route table The default metric for static IP routes is 1 The route s administrative distance The value that the Layer 3...

Страница 384: ...and also assumes that local interfaces within that sub net are on the same port Router A deduces that IP interface 207 95 7 188 is also on port 1 2 The software automatically removes a static IP route...

Страница 385: ...E If you specify 16 RIP considers the metric to be infinite and thus also considers the route to be unreachable The distance num parameter specifies the administrative distance of the route When compa...

Страница 386: ...e Layer 3 Switch alternates between the two routes For information about IP load balancing see Configuring IP Load Sharing on page 16 41 Backup Routes If you configure multiple static IP routes to the...

Страница 387: ...t the only allowed configurations but they are typical uses of this enhancement When you want to ensure that if a given destination network is unavailable the Layer 3 Switch drops forwards to the null...

Страница 388: ...ed route when the route is available However if the interface based route becomes unavailable the Layer 3 Switch still forwards the traffic toward the destination using an alternate route through gate...

Страница 389: ...ommands such as the following FastIron SuperX Router config ip route 192 168 6 0 24 ethernet 1 1 1 FastIron SuperX Router config ip route 192 168 6 0 24 192 168 8 11 24 3 The first command configured...

Страница 390: ...rative distance 2 If the administrative distances are equal Are the routes from different routing protocols RIP OSPF or BGP4 If so use the route with the lowest IP address If the routes are from the s...

Страница 391: ...erm path is used in this section to refer to an individual next hop router to a destination while the term route refers collectively to the multiple paths to the destination Load sharing applies when...

Страница 392: ...ng from among multiple paths to a given destination Each path in the IP route table has a cost When the IP route table contains multiple paths to a destination the Layer 3 Switch chooses the path with...

Страница 393: ...a path from among the available equal cost paths to the destination then creates a forwarding entry in the cache based on the calculation Subsequent traffic for the same destination uses the forwardin...

Страница 394: ...ean that the Layer 3 Switch is the default gateway If another router is actually the default gateway for these clients leave IRDP disabled on the Foundry Layer 3 Switch IRDP uses the following paramet...

Страница 395: ...oncluding that the router interface that sent the advertisement is no longer available The value must be greater than the value of the maxadvertinterval parameter and cannot be greater than 9000 The d...

Страница 396: ...n different routers so long as the routers are configured to forward help the host s boot request to the boot server You can centrally configure other host parameters on the BootP DHCP server in addit...

Страница 397: ...es of a router the client s request cannot reach the server You can configure the Layer 3 Switch to forward clients requests to UDP application servers To do so Enable forwarding support for the UDP a...

Страница 398: ...ss on page 16 50 To enable the forwarding of SNMP trap broadcasts enter the following command FastIron SuperX Router config ip forward protocol udp snmp trap Syntax no ip forward protocol udp udp port...

Страница 399: ...ver does not receive the client s request because the Layer 3 Switch does not forward the request You can configure the Layer 3 Switch to forward BootP DHCP requests To do so configure a helper addres...

Страница 400: ...nds change the CLI to the configuration level for port 1 1 then change the BootP DHCP stamp address for requests received on port 1 1 to 192 157 22 26 The Layer 3 Switch will place this IP address in...

Страница 401: ...x format See Changing the Network Mask Display to Prefix Format on page 16 57 To assign an IP address to a Foundry Layer 2 Switch enter a command such as the following at the global CONFIG level FESX4...

Страница 402: ...dress listed it is also the last address consulted to resolve a query Using a DNS Name To Initiate a Trace Route EXAMPLE Suppose you want to trace the route from a Foundry Layer 2 Switch to a remote s...

Страница 403: ...undry Layer 2 Switch to assist a router that is performing multi netting on its interfaces as part of its DHCP relay function DHCP Assist ensures that a DHCP server that manages multiple IP sub nets c...

Страница 404: ...rrect assignments are made because the Layer 2 Switch provides the stamping service How DHCP Assist Works Upon initiation of a DHCP session the client sends out a DHCP discovery packet for an address...

Страница 405: ...request NOTE The DHCP relay function of the connecting router needs to be turned on Server Server DHCP Server 207 95 7 6 Host 1 200 95 6 x Host 2 192 95 5 x Sub net 1 Host 3 Host 4 Router 202 95 1 x S...

Страница 406: ...teway lists can be defined for each Layer 2 Switch EXAMPLE To create the configuration indicated in Figure 16 7 and Figure 16 8 FESX424 Switch config dhcp gateway list 1 192 95 5 1 FESX424 Switch conf...

Страница 407: ...tatistics on Layer 3 Switches Global IP parameter settings and IP access policies see Displaying Global IP Configuration Information on page 16 58 CPU utilization statistics see Displaying CPU Utiliza...

Страница 408: ...er sections in this guide including the sections below this one FESX424 Router show ip Global Settings ttl 64 arp age 10 bootp relay max hops 4 router id 207 95 11 128 enabled UDP Broadcast Forwarding...

Страница 409: ...hange this value see Changing the Maximum Number of Hops to a BootP Relay Server on page 16 50 router id The 32 bit number that uniquely identifies the Foundry router By default the router ID is the n...

Страница 410: ...the following deny The router drops packets that match this policy permit The router forwards packets that match this policy Source The source IP address the policy matches Destination The destinatio...

Страница 411: ...0 01 714 BGP 0 00 0 00 0 00 0 00 0 DOT1X 0 00 0 00 0 00 0 00 0 GVRP 0 00 0 00 0 00 0 00 0 ICMP 0 00 0 00 0 00 0 00 161 IP 0 00 0 00 0 00 0 00 229 L2VLAN 0 01 0 00 0 00 0 01 673 OSPF 0 00 0 00 0 00 0 0...

Страница 412: ...e Information To display IP interface information enter the following command at any CLI level Syntax show ip interface ethernet slotnum portnum loopback num ve num This display shows the following in...

Страница 413: ...en saved in NVRAM If you have set the IP address for the interface in the CLI or Web Management interface but have not saved the configuration the entry for the interface in the Method field is manual...

Страница 414: ...meters let you restrict the display to entries for a specific IP address and network mask Specify the IP address masks in standard decimal mask format for example 255 255 0 0 NOTE The ip mask paramete...

Страница 415: ...display to entries for a specific MAC address The mask parameter lets you specify a mask for the mac address xxxx xxxx xxxx parameter to display entries for multiple MAC addresses Specify the MAC add...

Страница 416: ...he number you enter For example to begin displaying the cache at row 10 enter the following command show ip cache 9 Table 16 11 CLI Display of Static ARP Table This Field Displays Static ARP table siz...

Страница 417: ...oundry device For example the next hop for loopback addresses and broadcast addresses is shown as DIRECT MAC The MAC address of the destination Note If the entry is type U indicating that the destinat...

Страница 418: ...tes The direct option displays only the IP routes that are directly attached to the Layer 3 Switch The ospf option displays the OSPF routes The rip option displays the RIP routes The static option dis...

Страница 419: ...28 are static routes and 1 route was calculated through OSPF One of the routes has a zero bit mask this is the default route 27 have a 22 bit mask 5 have a 24 bit mask and 1 has a 32 bit mask The fol...

Страница 420: ...ation Cost The route s cost Type The route type which can be one of the following B The route was learned from BGP D The destination is directly connected to this Layer 3 Switch R The route was learne...

Страница 421: ...rded 0 filtered 0 fragmented 0 reassembled 0 bad header 0 no route 0 unknown proto 0 no buffer 0 other errors ICMP Statistics Received 0 total 0 errors 0 unreachable 0 time exceed 0 parameter 0 source...

Страница 422: ...ent or received by the device errors This information is used by Foundry customer support unreachable The number of Destination Unreachable messages sent or received by the device time exceed The numb...

Страница 423: ...at the other end of the connection sent a TCP RESET message input errors This information is used by Foundry customer support in segments The number of TCP segments received by the device out segment...

Страница 424: ...or is not supported by this device bad addr family The number of RIP packets dropped because the value in the Address Family Identifier field of the packet s header was invalid bad req format The num...

Страница 425: ...Layer 2 Switch has contacted a TFTP server since the last time the software was reloaded or the Layer 2 Switch was rebooted Configuration filename The name under which the Layer 2 Switch s startup co...

Страница 426: ...Table 16 16 CLI Display of ARP Cache Continued This Field Displays FESX424 Switch show ip traffic IP Statistics 27 received 24 sent 0 fragmented 0 reassembled 0 bad header 0 no route 0 unknown proto 0...

Страница 427: ...essages Statistics are organized into Sent and Received The field descriptions below apply to each total The total number of ICMP messages sent or received by the device errors This information is use...

Страница 428: ...Foundry customer support active opens The number of TCP connections opened by this device by sending a TCP SYN to another device passive opens The number of TCP connections opened by this device in re...

Страница 429: ...er that contains a path with fewer hops than the path stored in the Foundry Layer 3 Switch s route table the Layer 3 Switch replaces the older route with the newer one The Layer 3 Switch then includes...

Страница 430: ...nabling the protocol does not allow interfaces to send and receive RIP information See Table 17 3 on page 17 3 Disabled 17 4 Administrative distance The administrative distance is a numeric value assi...

Страница 431: ...d version The state of the protocol and the version that is supported on the interface The version can be one of the following Version 1 only Version 2 only Version 1 but also compatible with version...

Страница 432: ...increases the cost of a RIP route that is learned on the port by one You can configure individual ports to add more than one to a learned route s cost In addition you can configure a RIP offset list t...

Страница 433: ...to 24 RIP offset lists on each interface To configure a global RIP offset list enter commands such as the following FastIron SuperX Router config access list 21 deny 160 1 0 0 0 0 255 255 FastIron Su...

Страница 434: ...virtual routing interface If you want to tightly control redistribution apply a filter to deny all routes as the last filter the filter with the highest ID then apply filters with lower filter IDs to...

Страница 435: ...gns a RIP metric of 10 to each route that is redistributed into RIP Syntax no default metric 1 15 Enabling Redistribution After you configure redistribution parameters you need to enable redistributio...

Страница 436: ...h to learn routes from all neighbors except 192 168 1 170 Once you define a RIP neighbor filter the default action changes from learning all routes from all neighbors to denying all routes from all ne...

Страница 437: ...ning or advertising of specific routes Configure the filters globally then apply them to individual interfaces When you apply a RIP route filter to an interface you specify whether the filter applies...

Страница 438: ...ed in RIP Route Filter Table Index The filter number You assign this number when you configure the filter Action The action the router takes if a RIP route packet matches the IP address and sub net ma...

Страница 439: ...nterface s outbound filter group the filter prevents the router from advertising RIP routes to the specified neighbor on that interface If the filter is applied to an interface s inbound filter group...

Страница 440: ...yntax show process cpu num The num parameter specifies the number of seconds and can be from 1 900 If you use this parameter the command lists the usage statistics only for the specified number of sec...

Страница 441: ...her groups out all ports When you enable IP Multicast Traffic Reduction you also can configure the following features IGMP mode When you enable IP Multicast Traffic Reduction the device passively list...

Страница 442: ...ng IP Multicast Traffic Reduction By default Foundry devices forward all IP multicast traffic out all ports except the port on which the traffic was received To reduce multicast traffic through the de...

Страница 443: ...th no external IP multicast router attachments In this case enable the active IGMP mode on only one of the devices and leave the other devices configured for passive IGMP mode Passive When passive IGM...

Страница 444: ...queries You can specify a value from 10 600 seconds The default is 60 seconds Modifying the Age Interval When the device receives a Group Membership report the device makes an entry in the IGMP group...

Страница 445: ...rom one PIM SM router to another through the device Configuration Notes This feature applies only to PIM SM version 2 PIM V2 This feature is supported in the Layer 2 switch code only This feature is s...

Страница 446: ...since IP multicast traffic reduction also is enabled the device uses the IGMP group membership report from the client to select the port for forwarding traffic to group 239 255 162 69 receivers The I...

Страница 447: ...sages on behalf of receivers The active mode configures the device to send group membership queries All the device ports connected to the source and receivers or routers must be in the same port based...

Страница 448: ...on a Layer 3 Switch PINM SM traffic snooping will not be supported Enabling PIM SM Traffic Snooping To enable PIM SM traffic snooping you must enable IP multicast traffic reduction then enable snoopin...

Страница 449: ...that are connected to routers that support IP multicast Total Number of Multicast Group in VLAN The total number of groups for which the VLAN s ports have received IGMP group membership reports join...

Страница 450: ...cates how many seconds the device will wait for a hello message from the neighbor before determining that the neighbor is no longer present and removing the neighbor from the list Multicast Group The...

Страница 451: ...ased VLAN to which the information listed applies Active The IP address of the device that actively sends IGMP queries Router Ports The ports that are connected to routers that support IP multicast Gr...

Страница 452: ...mmand Line Interface Reference for information on this command This Field Displays VLAN ID The port based VLAN to which the information listed below applies Total number of HW resource in VLAN The num...

Страница 453: ...ent out Router Ports The ports that are connected to a switch that support IP multicast Total Number of Multicast Group in VLAN The total number of groups for which the VLAN s ports have received IGMP...

Страница 454: ...addresses then the router assumes that you are requesting a report for that group FastIron SuperX Switch show ip pimsm snooping vlan 100 VLAN ID 100 total 3 entries PIMSM Neighbor list 1 100 100 12 3...

Страница 455: ...that are attached to the Layer 2 Switch s ports in the VLAN The value following expires indicates how many seconds the Layer 2 Switch will wait for a hello message from the neighbor before determinin...

Страница 456: ...d 2 Others Received 0 General Queries Sent 0 Group Specific Queries Sent 0 The command in this example shows statistics for two port based VLANs Syntax show ip multicast statistics Clearing IP Multica...

Страница 457: ...lears the flows for the specified group but does not clear the flows for other groups FastIron SuperX Switch show ip multicast IP multicast is enabled Active VLAN ID 1 Active 192 168 2 30 Router Ports...

Страница 458: ...Foundry Configuration Guide for the FESX FSX and FWSX 18 18 Foundry Networks Inc December 2005...

Страница 459: ...ent Protocol IGMP V1 and V2 PIM Dense mode PIM DM V1 draft ietf pim dm 05 and V2 draft ietf pim v2 dm 03 PIM Sparse mode PIM SM V2 RFC 2362 DVMRP V2 RFC 1075 NOTE Each of the multicast protocols uses...

Страница 460: ...t delivery trees to reach all group members DVMRP and PIM build a different multicast tree for each source and destination host group NOTE Both DVMRP and PIM can concurrently operate on different port...

Страница 461: ...IP Multicast Groups Layer 3 Switches support up to 1024 PIM groups and 1024 DVMRP groups by default Memory for the groups is allocated dynamically as needed For each protocol previous releases support...

Страница 462: ...r the Multicast Flow table enter a command such as the following FastIron SuperX Router config system max multicast flow 2048 Syntax system max multicast flow num The num parameter specifies the maxim...

Страница 463: ...enter the ip multicast routing command before changing the global IP Multicast parameters Otherwise the changes do not take effect and the software uses the default values Modifying IGMP V1 and V2 Qu...

Страница 464: ...virtual routing interface and you are entering this command at the configuration level for the virtual routing interface Manually added groups are included in the group information displayed by the f...

Страница 465: ...lticast packets to the group 229 225 0 1 If a PIM router receives any groups other than that group the router discards the group and sends a prune message to the upstream PIM router In Figure 19 2 Rou...

Страница 466: ...ast delivery tree No configuration is required on your part PIM DM Versions Foundry devices support PIM DM V1 and V2 The default is V2 You can specify the version on an individual interface basis The...

Страница 467: ...nt to initiate the use of desktop video for fellow users on a sprawling campus network All destination workstations have the appropriate hardware and software but the Foundry routers that connect the...

Страница 468: ...Global Parameters PIM global parameters come with preset values The defaults work well in most networks but you can modify the following parameters if you need to Neighbor timeout Hello timer Prune ti...

Страница 469: ...there are two or more neighbors on the physical port then the prune wait command should not be used because one neighbor may send a prune message while the other sends a join message at the during tim...

Страница 470: ...est path back to the source is based on which Reverse Path Forwarding RPF neighbor in the IP routing table has the highest IP address if the cost of the routes are the same For example in the table ab...

Страница 471: ...ith a TTL value of 1 are switched within the same VLAN These packets cannot be routed between different VLANs Configuration Syntax To configure a TTL of 24 enter the following FastIron SuperX Router c...

Страница 472: ...s a candidate BSR RP The RP is the meeting point for PIM Sparse sources and receivers A PIM Sparse domain can have multiple RPs but each PIM Sparse multicast group address can have only one active RP...

Страница 473: ...e RP Router B then sends the packet to router C For the second and all future packets that router A receives from the source for the receiver router A forwards them directly to router C using the SPT...

Страница 474: ...Configuring BSRs on page 19 17 The behavior of the no router pim command is as follows Entering no router pim command to disable PIM or DVMRP does not require a software reload Entering a no router p...

Страница 475: ...Syntax no bsr candidate ethernet slotnum portnum loopback num ve num hash mask length priority The slotnum parameter is required on chassis devices The portnum loopback num ve num parameter specifies...

Страница 476: ...ke changes to your static RP configuration the entries in the PIM Sparse multicast forwarding table continue to use the old RP configuration until they are aged out The clear pim rp map command allows...

Страница 477: ...recommendation the timer is 210 seconds and is not configurable The counter is reset to zero each time the Layer 3 Switch receives a packet for the source group pair You can change the number of pack...

Страница 478: ...el Syntax show ip pim sparse This example shows the PIM Sparse configuration information on PIM Sparse router A in Figure 19 3 This display shows the following information This Field Displays Global P...

Страница 479: ...mber of seconds between Join Prune messages The Layer 3 Switch sends Join Prune messages on behalf of multicast receivers who want to join or leave a PIM Sparse group When forwarding packets from PIM...

Страница 480: ...information This Field Displays Total number of Groups Lists the total number of IP multicast groups the Layer 3 Switch is forwarding Note This list can include groups that are not PIM Sparse groups...

Страница 481: ...ask length The number of significant bits in the IP multicast group comparison mask This mask determines the IP multicast group numbers for which the Layer 3 Switch can be a BSR The default is 32 bits...

Страница 482: ...9 255 163 1 99 99 99 5 2 239 255 163 2 99 99 99 5 3 239 255 163 3 99 99 99 5 4 239 255 162 1 99 99 99 5 5 239 255 162 2 43 43 43 1 This Field Displays Candidate RP advertisement in Indicates how many...

Страница 483: ...ss Indicates the IP address of the Rendezvous Point RP for the listed PIM Sparse group This Field Displays RP Indicates the IP address of the Rendezvous Point RP for the specified PIM Sparse group Fol...

Страница 484: ...ected and received in the latest Bootstrap message RP num Indicates the RP number If there are multiple RPs in the PIM Sparse domain a line of information for each of them is listed and they are numbe...

Страница 485: ...playing the PIM Flow Cache To display the PIM flow cache enter the following command at any CLI level Syntax show ip pim flowcache Holdtime sec Indicates how many seconds the neighbor wants this Layer...

Страница 486: ...used by Foundry technical support for troubleshooting CamIndex This field is used by Foundry technical support for troubleshooting Fid This field is used by Foundry technical support for troubleshooti...

Страница 487: ...n have one of the following values 0 The entry is not for PIM Sparse and is therefore for the dense mode of PIM 1 The entry is for PIM Sparse RPT Indicates whether the cache entry uses the RP path or...

Страница 488: ...r the group virtual prune ports Indicates the virtual interfaces ports on which the Layer 3 Switch has received a prune notification in a Join Prune message to remove the receiver from the list of rec...

Страница 489: ...00 In release 02 2 00 when a multicast stream has no output interfaces the Layer 3 Switch can drop packets in hardware if the multicast traffic meets either of the following conditions The input port...

Страница 490: ...y Protocol Independent Multicast PIM Sparse routers to exchange routing information for PIM Sparse multicast groups across PIM Sparse domains Routers running MSDP can discover PIM Sparse sources that...

Страница 491: ...e contains the following information Source address 206 251 14 22 Group address 232 1 0 95 RP address 206 251 17 41 Figure 19 4 shows only one peer for the MSDP router which is also the RP here in dom...

Страница 492: ...dvertised in the Source Active message the DR sends a Join message for that receiver back to the DR in the domain from which the Source Active message came Usually the DR is also the MSDP router that...

Страница 493: ...config interface loopback 1 FastIron SuperX Router config lbif 1 ip address 9 9 9 9 32 FastIron SuperX Router config lbif 1 interface ethernet 3 1 FastIron SuperX Router config if 3 1 msdp peer 2 2 2...

Страница 494: ...3 1 FastIron SuperX Router config if 3 1 ip address 2 2 2 98 24 FastIron SuperX Router config if 3 1 exit The following commands configure a loopback interface The Layer 3 Switch will use this interfa...

Страница 495: ...er specifies a route map to use for filtering based on Rendezvous Point RP address Use this parameter if you want to filter Source Active messages based on their origin If you use the route map parame...

Страница 496: ...uter config interface ethernet 3 1 FastIron SuperX Router config if 3 1 msdp peer 2 2 2 99 connect source loopback 1 FastIron SuperX Router config if 3 1 msdp peer 2 2 2 97 connect source loopback 1 F...

Страница 497: ...s The process continues until all RPs within the network receive the SA message RPs send join and prune messages to appropriate points on the multicast tree towards the originating RP Configuring MSDP...

Страница 498: ...be used as the source for sessions with the neighbor Next place the MSDP peers within a domain into a mesh group Use the mesh group command There are no default mesh groups The group name parameter id...

Страница 499: ...back 1 FastIron SuperX Router config msdp router msdp peer 1 1 4 1 connect source loopback 1 FastIron SuperX Router config msdp router msdp peer 1 1 2 1 connect source loopback 1 FastIron SuperX Route...

Страница 500: ...ck 1 FastIron SuperX Router config router pim exit FastIron SuperX Router config router bgp FastIron SuperX Router config bgp router local as 111 FastIron SuperX Router config bgp router neighbor 31 3...

Страница 501: ...ter config if 8 1 ip pim sparse FastIron SuperX Router config if 1 24 exit FastIron SuperX Router config router pim FastIron SuperX Router config router pim bsr candidate loopback 1 2 32 FastIron Supe...

Страница 502: ...terface ethernet 12 2 FastIron SuperX Router config if 12 1 ip address 34 34 34 3 255 255 255 0 FastIron SuperX Router config if 12 1 ip pim sparse FastIron SuperX Router config if 12 1 exit FastIron...

Страница 503: ...1 FastIron SuperX Router config if ip address 24 24 24 4 255 255 255 0 FastIron SuperX Router config if ip pim sparse FastIron SuperX Router config if exit FastIron SuperX Router config interface ethe...

Страница 504: ...can display the following MSDP information Summary information the IP addresses of the peers the state of the Layer 3 Switch s MSDP session with each peer and statistics for Keepalive Source Active a...

Страница 505: ...s sent to the peer Table 19 2 MSDP Summary Information Continued This Field Displays FastIron SuperX Router config msdp router show ip msdp peer Total number of MSDP Peers 2 IP Address State 1 206 251...

Страница 506: ...ive time is 60 seconds and is not configurable Hold Time The hold time which specifies how many seconds the MSDP router will wait for a KEEPALIVE or UPDATE message from an MSDP neighbor before decidin...

Страница 507: ...ssage SA Response Error 4 Hold Timer Expired 5 Finite State Machine Error 6 Notification 7 Cease For information about these error codes see section 17 in the Internet draft describing MSDP draft ietf...

Страница 508: ...t acknowledgment from the remote TCP LAST ACK Waiting for an acknowledgment of the connection termination request previously sent to the remote TCP which includes an acknowledgment of its connection t...

Страница 509: ...er of additional entries for which the cache has room Index The cache entry number SourceAddr The IP address of the multicast source GroupAddr The IP multicast group to which the source is sending inf...

Страница 510: ...group Clearing MSDP Statistics To clear MSDP statistics enter the following command at the Privileged EXEC level of the CLI FastIron SuperX Router clear ip msdp statistics Syntax clear ip msdp statist...

Страница 511: ...multicast packet and sends a prune message back upstream This process is known as reverse path forwarding In Figure 19 7 the root node R1 is forwarding multicast packets for group 229 225 0 2 that it...

Страница 512: ...lticast packets from source host Group Member Group Member Leaf Node No Group Members R5 R3 R4 R6 R1 R2 Leaf Node Leaf Node Video Conferencing Server 207 95 5 1 229 225 0 1 Source Group Group Member G...

Страница 513: ...n the tree Configuring DVMRP Enabling DVMRP on the Layer 3 Switch and Interface Suppose you want to initiate the use of desktop video for fellow users on a sprawling campus network All destination wor...

Страница 514: ...version of the command to re enable DVMRP Enabling DVMRP on an Interface After globally enabling DVMRP on a Layer 3 Switch enable it on each interface that will support the protocol To enable DVMRP o...

Страница 515: ...aft Retransmit Time The Graft Retransmit Time defines the initial period of time that a router sending a graft message will wait for a graft acknowledgement from an upstream router before re transmitt...

Страница 516: ...ket in order for the packet to be forwarded out the interface For example if the TTL for an interface is set at 10 it means that only those packets with a TTL value of 10 or more are forwarded Likewis...

Страница 517: ...ry Switch and Router Command Line Interface Reference Configuring an IP Tunnel IP tunnels are used to send traffic through routers that do not support IP multicasting IP Multicast datagrams are encaps...

Страница 518: ...covers multicast groups in the 239 255 162 x range except the 239 255 162 2 group enter commands such as the following FastIron SuperX Router config access list 5 deny host 239 255 162 2 FastIron Supe...

Страница 519: ...ddress of the RP for the listed multicast group In the example above you see the following The first three lines show the multicast group addresses that are covered by the RP candidate The last three...

Страница 520: ...terface loopback 1 FastIron SuperX Router config lbif 1 ip address 88 88 88 8 255 255 255 0 FastIron SuperX Router config lbif 1 ip pim sparse FastIron SuperX Router config lbif 1 exit FastIron SuperX...

Страница 521: ...ast source address Thus if you want to configure a multicast static route for a specific multicast source and also configure another multicast static route for all other sources you can configure two...

Страница 522: ...istance This parameter is used by the software to determine the best path for the route Thus to ensure that the Layer 3 Switch uses the default static route assign a low administrative distance value...

Страница 523: ...the PIM group the source IP address is in Figure 19 11 shows an example of an IP multicast group The command example shown above is entered on PIM router A Figure 19 11 Example PIM Group The command e...

Страница 524: ...rrow following an interface in the display points to a router address this is the address of the next hop PIM router on that interface In this example PIM interface 207 95 8 1 on PIM router 207 95 8 1...

Страница 525: ...routing protocol The protocol uses link state advertisements LSA to update neighboring routers regarding its interfaces and information on those interfaces The router floods these LSAs to all neighbo...

Страница 526: ...IP addresses This aggregate value becomes the address that is advertised instead all of the individual addresses it represents being advertised You can assign up to 32 ranges in an OSPF area An OSPF...

Страница 527: ...point of contact thereby improving convergence time within a multi access segment In an OSPF point to point network where a direct Layer 3 connection exists between a single pair of OSPF routers ther...

Страница 528: ...the highest priority is elected as the DR and the router with the next largest priority is elected as the BDR as shown in Figure 20 2 Figure 20 2 Designated and backup router election If the DR goes...

Страница 529: ...figure the system to operate with the RFC 2178 see Modify OSPF Standard Compliance Setting on page 20 35 Reduction of Equivalent AS External LSAs An OSPF ASBR uses AS External link advertisements AS E...

Страница 530: ...the highest router ID floods the AS External LSAs for the external domain into the OSPF AS while the other ASBRs flush the equivalent AS External LSAs from their databases As a result the overall vol...

Страница 531: ...annot be disabled No user configuration is required Normally an OSPF router uses the network address alone for the link state ID of the link state advertisement LSA for the network For example if the...

Страница 532: ...without a system reset by first disabling and then re enabling OSPF operation changes to address ranges changes to global values for redistribution addition of new virtual links You also can change th...

Страница 533: ...or re enable load sharing Enable or disable default information originate Modify Shortest Path First SPF timers Define external route summarization Define redistribution metric type Define deny redist...

Страница 534: ...on is gone If you are testing an OSPF configuration and are likely to disable and re enable the protocol you might want to make a backup copy of the startup config file containing the protocol s confi...

Страница 535: ...l accepts summary LSAs from OSPF neighbors and floods them to other neighbors The Layer 3 Switch can form adjacencies with other routers regardless of whether summarization is enabled or disabled for...

Страница 536: ...es that the NSSA s ABR exports into other areas The Foundry implementation of NSSA is based on RFC 1587 Figure 20 5 shows an example of an OSPF network containing an NSSA Figure 20 5 OSPF network cont...

Страница 537: ...ses represented by the aggregate You can configure up to 32 ranges in an OSPF area To configure an address range in NSSA 1 1 1 1 enter the following commands This example assumes that you have already...

Страница 538: ...X Router config if 1 8 write memory Modify Interface Defaults OSPF has interface parameters that you can configure For simplicity each of these parameters has a default value No change to these defaul...

Страница 539: ...n MD5 key The key ID is a number from 1 255 and identifies the MD5 key that is being used The MD5 key consists of up to 16 alphanumeric characters The MD5 is encrypted and included in each OSPF packet...

Страница 540: ...e current authentication change interval After this the software uses the new authentication for sending packets Inbound OSPF packets The software accepts packets containing the new authentication and...

Страница 541: ...c is not feasible for example when a firewall does not allow multicast packets On a non broadcast interface the routers at the other end of this interface must also be configured as non broadcast and...

Страница 542: ...ckbone the ABR can configure a virtual link to another router within the same area which has a physical connection to the area backbone The path for a virtual link is through an area shared by the nei...

Страница 543: ...a 1 virtual link 209 157 22 1 FESX424 RouterA config ospf router write memory Enter the following commands to configure the virtual link on FastIronC FESX424 RouterC config ospf router area 1 virtual...

Страница 544: ...password of up to 16 characters that is later encrypted and included in each OSPF packet transmitted You must enter a password in this field when the system is configured to operate with either simple...

Страница 545: ...ill not match the value you intended to use Changing the Reference Bandwidth for the Cost on OSPF Interfaces Each interface on which OSPF is enabled has a cost associated with it The Layer 3 Switch ad...

Страница 546: ...hich is rounded up to 1 The costs for 10 Mbps 100 Mbps and 155 Mbps ports change as a result of the changed reference bandwidth Costs for higher speed interfaces remain the same Syntax no auto cost re...

Страница 547: ...n filters If you enable redistribution before you configure the redistribution filters the filters will not take affect and all routes will be distributed Figure 20 7 Redistributing OSPF and static ro...

Страница 548: ...For example to enable redistribution of RIP and static IP routes into OSPF enter the following commands FESX424 Router config router ospf FESX424 Router config ospf router redistribution rip FESX424...

Страница 549: ...network from entering the IP route table The distribution list does not prevent the routes from entering the OSPF database Syntax no distribute list acl name acl id in interface type interface number...

Страница 550: ...no ip access list extended acl name acl id Syntax deny permit ip protocol source ip wildcard destination ip wildcard The acl name acl id parameter specifies the ACL name or ID The deny permit paramete...

Страница 551: ...the policy to match on all network masks enter any any Modify Default Metric for Redistribution The default metric is a global parameter that specifies the cost applied to all OSPF routes by default...

Страница 552: ...n filter Since only one of the static IP routes configured above matches the route map only one route is redistributed Notice that the route s metric is 5 before redistribution but is 8 after redistri...

Страница 553: ...hat is redistributed without using a route map For a route redistributed without using a route map the metric is set by the default metric num command Disable or Re enable Load Sharing Foundry routers...

Страница 554: ...ch advertises the aggregate route If an imported route that falls with in a configured address range is removed by the Layer 3 Switch no action is taken if there are other imported route s that fall w...

Страница 555: ...lt route regardless of other configuration parameters unless you explicitly enable default route origination using the following method If the Layer 3 Switch is an ASBR you can use the always option w...

Страница 556: ...t wait between consecutive SPF calculations You can set the delay and hold time to lower values to cause the Layer 3 Switch to change to alternate paths more quickly in the event of a route failure No...

Страница 557: ...r inter area routes intra area routes and external routes enter the following command FESX424 Router config ospf router distance external 100 FESX424 Router config ospf router distance inter area 90 F...

Страница 558: ...mmary of OSPF traps supported on Foundry routers their corresponding CLI commands and their associated MIB objects from RFC 1850 interface state change trap MIB object OspfIfstateChange virtual interf...

Страница 559: ...config ospf router data base overflow interval 60 Syntax database overflow interval value The value can be from 0 86400 seconds The default is 0 seconds Configuring an OSPF Point to Point Link In an...

Страница 560: ...option is enabled by default The bad_packet option logs all other bad OSPF packets This option is disabled by default The database option logs OSPF LSA related information This option is disabled by...

Страница 561: ...p Enabled Virtual Neighbor State Change Trap Enabled Interface Configuration Error Trap Enabled Virtual Interface Configuration Error Trap Enabled Interface Authentication Failure Trap Enabled Virtual...

Страница 562: ...seconds and can be from 1 900 If you use this parameter the command lists the usage statistics only for the specified number of seconds If you do not use this parameter the command lists the usage sta...

Страница 563: ...ea Information This Field Displays Indx The row number of the entry in the router s OSPF area table Area The area number Type The area type which can be one of the following nssa normal stub Cost The...

Страница 564: ...cription Port The port through which the Layer 3 Switch is connected to the neighbor The port on which an OSPF point to point link is configured Address The IP address of this Layer 3 Switch s interfa...

Страница 565: ...ption packets to the neighbor Each Database Description packet has a DD sequence number and is explicitly acknowledged Only one Database Description packet can be outstanding at any time In this state...

Страница 566: ...tr point to point Pri The link ID as defined in the router LSA This value can be one of the following 1 point to point link 3 point to point link with an assigned subnet Cost The configured output cos...

Страница 567: ...Unloop_Indication 0x05 Interface_Down 0x06 Interface_Passive 0x07 Adjacent Neighbor Count The number of adjacent neighbor routers Neighbor The neighbor router s ID Table 20 4 Output of the show ip osp...

Страница 568: ...within the local area External1 The path to the destination is a type 1 external route External2 The path to the destination is a type 2 external route Adv_Router The OSPF router that advertised the...

Страница 569: ...num extensive link state id ip addr router id ip addr sequence number num Hex status num Type The route type which can be one of the following OSPF Static Replaced by OSPF Arp_Index The index position...

Страница 570: ...ter show ip ospf database link state Syntax show ip ospf database link state advertise num asbr extensive link state id ip addr network nssa opaque area router router id ip addr sequence number num He...

Страница 571: ...nk state id ip addr router id ip addr sequence number num Hex status num To determine an external LSA s or other type of LSA s index number enter one of the following commands to display the appropria...

Страница 572: ...splaying OSPF Trap Status All traps are enabled by default when you enable OSPF To disable or re enable an OSPF trap see Modify OSPF Traps Generated on page 20 34 To display the state of each OSPF tra...

Страница 573: ...hapter contains the following information Table 21 1 Chapter Contents Description See Page Overview of BGP4 21 2 Configuring and activating BGP4 21 6 BGP4 parameters 21 7 Memory considerations 21 9 Ba...

Страница 574: ...collection of networks that share the same routing and administration characteristics For example a corporate intranet consisting of several networks under common administrative control might be consi...

Страница 575: ...8 bits applied to the IP address 192 215 129 0 When a BGP4 Layer 3 Switch advertises a route to one of its neighbors the route is expressed in this format AS path A list of the other ASs through which...

Страница 576: ...INCOMPLETE INCOMPLETE is highest 7 If the routes have the same origin type prefer the route with the lowest MED For a definition of MED see Configuring the Layer 3 Switch To Always Compare Multi Exit...

Страница 577: ...messages to update route information and maintain communication If BGP4 neighbors are using different Hold Times the lowest Hold Time is used by the neighbors If the Hold Time expires the BGP4 router...

Страница 578: ...lar interval the Keep Alive Time The default Keep Alive Time on Foundry Layer 3 Switches is 60 seconds A parameter related to the Keep Alive Time is the Hold Time A BGP4 router s Hold Time determines...

Страница 579: ...fter disabling the protocol all the configuration information for the disabled protocol is removed from the startup config file The CLI displays a warning message such as the following FESX424 Router...

Страница 580: ...SPF Optional Change the parameters for RIP OSPF or static routes redistributed into BGP4 Optional Change the number of paths for BGP4 load sharing Optional Change other load sharing parameters Optiona...

Страница 581: ...tting Neighbor Sessions The following parameter changes take effect only after the router s BGP4 sessions are cleared or reset using the soft clear option See Closing or Resetting a Neighbor Session o...

Страница 582: ...llion incoming routes the capacity for outgoing routes decreases by around two million Memory Configuration Options Obsoleted by Dynamic Memory Devices that support dynamic BGP4 memory allocation do n...

Страница 583: ...t to use the router ID that is already in use on the router rather than set a new one To display the router ID enter the show ip CLI command at any CLI level To change the router ID enter a command su...

Страница 584: ...value can be from 1 4 on the NetIron Stackable Layer 3 Switch Adding BGP4 Neighbors The BGP4 protocol does not contain a peer discovery process Therefore for each of the router s BGP4 neighbors peers...

Страница 585: ...ing initial updates to a BGP4 neighbor As a result the Layer 3 Switch sends the updates one immediately after another without waiting for the advertisement interval capability orf prefixlist send rece...

Страница 586: ...configured See Filtering AS Paths on page 21 41 maximum prefix num specifies the maximum number of IP network prefixes routes that can be learned from the specified neighbor or peer group You can spe...

Страница 587: ...s whether the list is applied on updates received from the neighbor or sent to the neighbor NOTE The route map must already be configured See Defining Route Maps on page 21 48 route reflector client s...

Страница 588: ...ion to the startup config file the file contains the new BGP4 command syntax and encrypted passwords or strings NOTE Foundry recommends that you save a copy of the startup config file for each Layer 3...

Страница 589: ...ion string In this case the software decrypts the password or string you enter before using the value for authentication If you accidentally enter option 1 followed by the clear text version of the pa...

Страница 590: ...ty to the Layer 3 Switch Once you add a neighbor to a peer group you cannot configure the following outbound parameters the parameters governing outbound traffic for the neighbor Default information o...

Страница 591: ...Group1 peer group FESX424 Router config bgp router neighbor PeerGroup1 description EastCoast Neighbors FESX424 Router config bgp router neighbor PeerGroup1 remote as 100 FESX424 Router config bgp rout...

Страница 592: ...pplying all the neighbor attributes specified in the peer group to the neighbor To add neighbors to a peer group enter commands such as the following FESX424 Router config bgp router neighbor 192 168...

Страница 593: ...ollowing sections describe how to perform optional BGP4 configuration tasks Changing the Keep Alive Time and Hold Time The Keep Alive Time specifies how frequently the router will send KEEPALIVE messa...

Страница 594: ...plies only to directly attached EBGP neighbors The feature does not apply to IBGP neighbors If you want to enable the router to immediately close the BGP4 session and TCP connection to locally attache...

Страница 595: ...BGP4 next hop goes down the software removes this path from the BGP4 route table and the IP route table Similarly if an additional OSPF path becomes available to reach the BGP4 next hop router for a p...

Страница 596: ...st route map map name weight num backdoor The ip addr is the network number and the ip mask specifies the network mask The nlri multicast unicast multicast unicast parameter specifies whether the neig...

Страница 597: ...cal preference value as an attribute of a route in an UPDATE message Local preference applies only to routes within the local AS BGP4 routers can exchange local preference information with neighbors w...

Страница 598: ...r 3 Switch performs a route lookup to obtain the IP address of the route s next hop A BGP4 route becomes eligible for installation into the IP route table only if the following conditions are true The...

Страница 599: ...and thus is considered unreachable by the Layer 3 Switch Here is the IP route table entry for the BGP route s next hop gateway 102 0 0 1 24 The route to the next hop gateway is a BGP route not an IGP...

Страница 600: ...ber of BGP Routes 5 Status A AGGREGATE B BEST b NOT INSTALLED BEST C CONFED_EBGP D DAMPED H HISTORY I IBGP L LOCAL M MULTIPATH S SUPPRESSED Prefix Next Hop Metric LocPrf Weight Status 1 0 0 0 0 0 10 1...

Страница 601: ...learned best BGP4 route to the Layer 3 Switch s neighbors even when the software does not also select that route for installation in the IP route table The best BGP4 routes is the BGP4 path that the...

Страница 602: ...a value from 1 255 The local distance sets the Local BGP distance and can be a value from 1 255 Requiring the First AS to be the Neighbor s AS By default the Foundry device does not require the first...

Страница 603: ...havior is called deterministic MED 0Deterministic MED is always enabled and cannot be disabled In addition you can enable the Layer 3 Switch to always compare the MEDs regardless of the AS information...

Страница 604: ...configuration for route reflection takes place on the route reflectors The clients are unaware that they are members of a route reflection cluster All members of the cluster must be in the same AS Th...

Страница 605: ...e that has its own cluster ID the router discards the advertisement and does not forward it The Foundry device handles the attributes as follows The Layer 3 Switch adds the attributes only if it is a...

Страница 606: ...to configure the same cluster ID on all the route reflectors in the cluster The cluster ID helps route reflectors avoid loops within the cluster To add an IBGP neighbor to the cluster enter the follo...

Страница 607: ...two sub ASs each containing two of the routers The sub ASs are members of confederation 10 Routers within a sub AS must be fully meshed and communicate using IBGP In this example routers A and B use I...

Страница 608: ...nds that you use a number within the range of well known private ASs 64512 65535 Syntax confederation identifier num The num parameter with the confederation identifier command indicates the confedera...

Страница 609: ...55 0 0 The as set parameter causes the router to aggregate AS path information for all the routes in the aggregate address into a single AS path The nlri multicast unicast multicast unicast parameter...

Страница 610: ...ly connected routes enter the following command FESX424 Router config bgp router redistribute connected Syntax redistribute connected metric num route map map name The connected parameter indicates th...

Страница 611: ...h internal external1 external2 command the software uses only the route map for filtering Redistributing Static Routes To configure the Layer 3 Switch to redistribute static routes enter the following...

Страница 612: ...page 21 47 Defining Neighbor Distribute Lists on page 21 47 Defining Route Maps on page 21 48 Using a Table Map To Set the Tag Value on page 21 55 Configuring Cooperative BGP4 Route Filtering on page...

Страница 613: ...he significant bits and changes the non significant portion of the IP address into zeros For example if you specify 209 157 22 26 24 or 209 157 22 26 0 0 0 255 then save the changes to the startup con...

Страница 614: ...er 3 Switch permits from neighbor 10 10 10 1 are those whose AS paths contain AS path number 100 Syntax ip as path access list string seq seq value deny permit regular expression The string parameter...

Страница 615: ...egular Expressions Character Operation The period matches on any single character including a blank space For example the following regular expression matches for aa ab ac and so on but not just a a T...

Страница 616: ...You can use the following expression symbols within the brackets These symbols are allowed only inside the brackets The caret matches on any characters except the ones in the brackets For example the...

Страница 617: ...configure the last filter or ACL entry as permit any any Community filters or ACLs can be referred to by match statements in a route map Defining a Community Filter To define filter 3 to permit route...

Страница 618: ...ies whether you are configuring a standard community ACL or an extended one A standard community ACL does not support regular expressions whereas an extended one does This is the only difference betwe...

Страница 619: ...software numbers them in increments of 5 beginning with prefix list entry 5 The software interprets the prefix list entries in numerical order beginning with the lowest sequence number The deny permit...

Страница 620: ...ter stops evaluating the route against the route map instances Route maps can contain match statements and set statements Each route map contains a permit or deny action for routes that match the matc...

Страница 621: ...instance 1 of a route map named GET_ONE with a permit action enter the following command FESX424 Router config route map GET_ONE permit 1 FESX424 Router config routemap GET_ONE Syntax no route map ma...

Страница 622: ...or AS path ACL see Filtering AS Paths on page 21 41 To configure a community filter or community ACL see Filtering Communities on page 21 45 You can enter up to six community names on the same command...

Страница 623: ...d on Destination Network To construct match statements for a route map that match based on destination network use the following method You can use the results of an IP ACL or an IP prefix list as the...

Страница 624: ...export FESX424 Router config route map bgp2 permit 1 FESX424 Router config routemap bgp2 match community std_1 exact match The first command configures a community ACL that contains community number...

Страница 625: ...see Configuring Route Flap Dampening on page 21 58 The default interface null0 parameter redirects the traffic to the specified interface You can send the traffic to the null0 interface which is the s...

Страница 626: ...a neighbor enter commands such as the following FESX424 Router config access list 1 permit 192 168 9 0 0 0 0 255 FESX424 Router config route map bgp4 permit 1 FESX424 Router config routemap bgp4 matc...

Страница 627: ...uration You create it simply by calling an existing route map a table map You can have one table map NOTE Use table maps only for setting the tag value Do not use table maps to set other attributes To...

Страница 628: ...2 3 4 prefix list Routesfrom1234 in FESX424 Router config bgp router neighbor 1 2 3 4 capability orf prefixlist send The first two commands configure statements for the IP prefix list Routesfrom1234...

Страница 629: ...4 This command resets the BGP4 session with neighbor 1 2 3 4 and sends the ORFs to the neighbor If the neighbor sends ORFs to the Layer 3 Switch the Layer 3 Switch accepts them if the send capability...

Страница 630: ...efault You can enable the feature globally or on an individual route basis using route maps NOTE The Layer 3 Switch applies route flap dampening only to routes learned from EBGP neighbors The route fl...

Страница 631: ...efaults to 60 minutes You can configure route flap dampening globally or for individual routes using route maps If you configure route flap dampening parameters globally and also use route maps the se...

Страница 632: ...You can use a route map to configure route flap dampening for a specific neighbor by performing the following tasks Configure an empty route map with no match or set statements This route map does not...

Страница 633: ...g the first route map is still required The second route map enables dampening for the neighbors to which the route map is applied However unless dampening is already enabled globally by the first rou...

Страница 634: ...ise the unsuppressed route Syntax no neighbor ip addr peer group name unsuppress map map name FESX424 Router config bgp router aggregate address 209 1 0 0 255 255 0 0 summary only FESX424 Router confi...

Страница 635: ...p dampening statistics only for routes learned from the specified neighbor You also can display route flap statistics for routes learned from a neighbor by entering the following command show ip bgp n...

Страница 636: ...the routes See Displaying Route Flap Dampening Statistics on page 21 63 Generating Traps for BGP You can enable and disable SNMP traps for BGP BGP traps are enabled by default To enable BGP traps aft...

Страница 637: ...um number of routes and neighbors supported and some BGP4 statistics To view summary BGP4 information for the router enter the following command at any CLI prompt FESX424 Router show ip bgp summary BG...

Страница 638: ...me destination The feature is enabled by default but the default number of paths is 1 You can increase the number from 2 4 paths See Changing the Maximum Number of Paths for BGP4 Load Sharing on page...

Страница 639: ...neighbor Note If the state frequently changes between CONNECT and ACTIVE there may be a problem with the TCP connection OPEN SENT BGP4 is waiting for an Open message from the neighbor OPEN CONFIRM BG...

Страница 640: ...soft reconfiguration is not enabled this field shows the number of BGP4 routes that have been filtered out Sent The number of BGP4 routes that the Layer 3 Switch has sent to the neighbor ToSend The nu...

Страница 641: ...from 1 900 If you use this parameter the command lists the usage statistics only for the specified number of seconds If you do not use this parameter the command lists the usage statistics for the pr...

Страница 642: ...Routes The number of routes that the Layer 3 Switch selected as the best routes to their destinations BEST Routes not Installed in IP Forwarding Table The number of routes received from the neighbor t...

Страница 643: ...loop occurs when the BGP4 AS path attribute contains the local AS number Invalid Nexthop The next hop value was not acceptable Duplicated Originator_ID The originator ID was the same as the local rout...

Страница 644: ...was no memory for attribute entries Accepting Routes NLRI The number of NLRIs discarded because there was no memory for NLRI entries This count is not included in the Receiving Update Messages count...

Страница 645: ...rs ip addr advertised routes detail ip addr mask bits attribute entries detail flap statistics last packet with error received prefix filter received routes routes best detail best not installed best...

Страница 646: ...ghbor that the Layer 3 Switch selected as the best routes to their destinations not installed best Displays the routes received from the neighbor that are the best BGP4 routes to their destinations bu...

Страница 647: ...session EBGP The neighbor is in another AS EBGP_Confed The neighbor is a member of another sub AS in the same confederation IBGP The neighbor is in the same AS RouterID The neighbor s router ID Descri...

Страница 648: ...with the TCP connection OPEN SENT BGP4 is waiting for an Open message from the neighbor OPEN CONFIRM BGP4 has received an OPEN message from the neighbor and is now waiting for either a KEEPALIVE or NO...

Страница 649: ...the dynamic refresh capability CooperativeFilteringCapability Whether the neighbor is enabled for cooperative route filtering Distribute list Lists the distribute list parameters if configured Filter...

Страница 650: ...Unsupported Version Number Bad Peer AS Number Bad BGP Identifier Unsupported Optional Parameter Authentication Failure Unacceptable Hold Time Unsupported Capability UPDATE Message Error Malformed Att...

Страница 651: ...y implementation Reset All Peer Sessions User Reset Peer Session Port State Down Peer Removed Peer Shutdown Peer AS Number Change Peer AS Confederation Change TCP Connection KeepAlive Timeout TCP Conn...

Страница 652: ...Synchronized Bad Message Length Bad Message Type Unspecified Open Message Error Unsupported Version Bad Peer As Bad BGP Identifier Unsupported Optional Parameter Authentication Failure Unacceptable Ho...

Страница 653: ...request acknowledgment from the remote TCP LAST ACK Waiting for an acknowledgment of the connection termination request previously sent to the remote TCP which includes an acknowledgment of its conne...

Страница 654: ...eighbor The Routing Information Base RIB for a specific network advertised to the neighbor You can display the RIB regardless of whether the Layer 3 Switch has already sent it to the neighbor To displ...

Страница 655: ...were nonetheless not installed in the IP route table because the Layer 3 Switch received better routes from other sources such as OSPF RIP or static IP routes Unreachable Routes The number of routes...

Страница 656: ...le Duplicated Originator_ID The originator ID was the same as the local router ID Cluster_ID The cluster list contained the local cluster ID or contained the local router ID see above if the cluster I...

Страница 657: ...Layer 3 Switch has run out of BGP4 memory for the neighbor during the current BGP4 session Receiving Update Messages The number of times UPDATE messages were discarded because there was no memory for...

Страница 658: ...outer show ip bgp neighbor 192 168 4 211 routes unreachable Syntax show ip bgp neighbor ip addr routes unreachable For information about the fields in this display see Table 21 10 on page 21 91 The fi...

Страница 659: ...routes in the BGP4 route table that this Layer 3 Switch originated Routes selected as BEST routes The number of routes in the BGP4 route table that this Layer 3 Switch has selected as the best routes...

Страница 660: ...path ACL The best parameter displays the routes received from the neighbor that the Layer 3 Switch selected as the best routes to their destinations The cidr only option lists only the routes whose ne...

Страница 661: ...ve a valid RIP OSPF or static route to the next hop Displaying the Best BGP4 Routes To display all the BGP4 routes in the Layer 3 Switch s BGP4 route table that are the best routes to their destinatio...

Страница 662: ...outes and installed in the IP route table display the IP route table using the show ip route command Displaying BGP4 Routes Whose Destinations Are Unreachable To display BGP4 routes whose destinations...

Страница 663: ...route option Prefix The network address and prefix Next Hop The next hop router for reaching the network from the Layer 3 Switch Metric The value of the route s MED attribute If the route does not hav...

Страница 664: ...h routes from a specific neighbor For example if the router receives routes to the same destination from two BGP4 neighbors the router prefers the route from the neighbor with the larger weight Path T...

Страница 665: ...dampened by the route dampening feature and is currently unusable H HISTORY Route dampening is configured for this route and the route has a history of flapping and is unreachable now I INTERNAL The...

Страница 666: ...eless not installed in the IP route table because the Layer 3 Switch received better routes from other sources such as OSPF RIP or static IP routes C CONFED_EBGP The route was learned from a neighbor...

Страница 667: ...he router receives routes to the same destination from two BGP4 neighbors the router prefers the route from the neighbor with the larger weight Atomic Whether network information in this route has bee...

Страница 668: ...outer for routes that have this set of attributes Metric The cost of the routes that have this set of attributes Origin The source of the route information The origin can be one of the following EGP T...

Страница 669: ...s and is otherwise 0 Router ID shows the router that originated this aggregator Atomic Whether the network information in this set of attributes has been aggregated and this aggregation has resulted i...

Страница 670: ...o can display route flap statistics for routes learned from a neighbor by entering the following command show ip bgp neighbor ip addr flap statistics The filter list num parameter specifies one or mor...

Страница 671: ...nd set statements within each route map are listed beneath the command for the route map itself In this simplified example each route map contains only one match or set statement Table 21 13 Route Fla...

Страница 672: ...vices re establish their BGP4 sessions You also can clear and reset the BGP4 routes that have been installed in the IP route table See Clearing and Resetting BGP4 Routes in the IP Route Table on page...

Страница 673: ...en you enable soft reconfiguration the Layer 3 Switch saves all updates received from the specified neighbor or peer group This includes updates that contain routes that are filtered out by the BGP4 r...

Страница 674: ...utes Dynamically Requesting a Route Refresh from a BGP4 Neighbor You can easily apply changes to filters that control BGP4 routes received from or advertised to a neighbor without resetting the BGP4 s...

Страница 675: ...nterface with the Layer 3 Switch The peer group name specifies all neighbors in a specific peer group The as num parameter specifies all neighbors within the specified AS The all parameter specifies a...

Страница 676: ...place a new or changed outbound policy or filter into effect you must enter a clear ip bgp neighbor command regardless of whether the neighbor session is up or down You can enter the command without...

Страница 677: ...updates to advertise change or even withdraw routes on the neighbor as needed This ensures that the neighbor receives only the routes you want it to contain Even if the neighbor already contains a ro...

Страница 678: ...clear ip route command but applies only to routes that come from BGP4 Clearing Traffic Counters You can clear the counters reset them to 0 for BGP4 messages To do so use one of the following methods T...

Страница 679: ...packet that contained an error The last NOTIFICATION message either sent or received by the Layer 3 Switch To display these buffers use options with the show ip bgp neighbors command See Displaying BG...

Страница 680: ...onfiguration Guide for the FESX FSX and FWSX 21 108 Foundry Networks Inc December 2005 peer group The as num parameter specifies all neighbors within the specified AS The all parameter specifies all n...

Страница 681: ...ocol This chapter contains the following information NOTE VRRP and VRRPE are separate protocols You cannot use them together Table 22 1 Chapter Contents Description See Page Overview of VRRP and VRRPE...

Страница 682: ...e host knows its gateway Consider the situation shown in Figure 22 1 Figure 22 1 Router1 is Host1 s default gateway but is a single point of failure As shown in this example Host1 uses 192 53 5 1 on R...

Страница 683: ...Master router becomes unavailable Virtual Router MAC Address Notice the MAC address associated with VRID1 The first five octets of the address are the standard MAC prefix for VRRP packets as described...

Страница 684: ...mine which router becomes the Master When you configure the VRID on a router interface you specify whether the router is the Owner of the IP address es you plan to associate with the VRID or a Backup...

Страница 685: ...ges the Master router sends to its Backups is the Master router s priority If the track port feature results in a change in the Master router s priority the Backup routers quickly become aware of the...

Страница 686: ...the VRID The Master owns the Virtual MAC address VRRPE uses the interface s actual MAC address as the source MAC address The MAC address is 02 E0 52 hash value vrid where hash value is a two octet has...

Страница 687: ...20 so that all traffic destined to the Internet is sent through RouterB instead Similarly RouterB is the master for VRID 2 backup priority 110 and RouterA is the backup for VRID 2 backup priority 100...

Страница 688: ...protocol does not have an Owner as VRRP does There is no restriction on which router can be the default master router In VRRP the Owner the Layer 3 Switch on which the IP interface that is used for th...

Страница 689: ...you are creating by configuring multiple routers to back up an IP interface You must configure the same VRID on each router that you want to use to back up the address No default None 22 3 22 11 22 1...

Страница 690: ...IP address used by the VRID All other routers for the VRID are Backups VRRPE All routers for the VRID are Backups 22 14 Backup priority A numeric value that determines a Backup s preferability for be...

Страница 691: ...terval can be from 60 3600 seconds You must enable the Backup to send the messages The messages are disabled by default on Backups The current Master whether the VRRP Owner or a Backup sends Hello mes...

Страница 692: ...all the default values enter commands such as the following on each Layer 3 Switch Router2 config router vrrp extended Router2 config inter e 1 5 Router2 config if 1 5 ip address 192 53 5 3 Router2 c...

Страница 693: ...ou configure the VRID use authentication Router type Owner or Backup NOTE For VRRP change the router type only if you have moved the real IP address from one router to another or you accidentally conf...

Страница 694: ...e configured for simple password authentication and use the same password VRRPE Syntax Syntax ip vrrp extended auth type no auth simple text auth auth data The parameter values are the same as for VRR...

Страница 695: ...his interface and VRID from the default 2 to a value from 1 254 Syntax backup priority value track priority value The priority value parameter specifies the VRRP priority for this interface and VRID Y...

Страница 696: ...with the highest priority becomes the new Master The Dead interval can be from 1 84 seconds The default is 3 5 seconds This is three times the default Hello interval 1 second plus one half second adde...

Страница 697: ...nd a tracked interface with track priority 60 goes down the software changes the VRRPE interface s priority to 40 If another tracked interface goes down the software reduces the VRID s priority again...

Страница 698: ...perX Router config if 1 6 vrid 1 owner priority 99 Syntax no owner priority track priority num The num parameter specifies the new priority and can be a number from 1 254 When you press Enter the soft...

Страница 699: ...s parameter the command displays VRRP or VRRPE information only for the specified virtual interface The stat parameter displays statistics See Displaying Statistics on page 22 26 This display shows th...

Страница 700: ...ivate the VRID make sure that the VRID is also configured on the other routers and that the routers can communicate with each other Note If the state is Init and the mode is incomplete make sure you h...

Страница 701: ...e The stat parameter displays statistics See Displaying Statistics on page 22 26 FastIron SuperX Router config show ip vrrp Total number of VRRP routers defined 1 Interface ethernet 1 5 auth type no a...

Страница 702: ...RRPE state for the VRID The state can be one of the following initialize The VRID is not enabled activated If the state remains initialize after you activate the VRID make sure that the VRID is also c...

Страница 703: ...he dead interval is the number of seconds a Backup waits for a Hello message from the Master for the VRID before determining that the Master is no longer active If the Master does not send a Hello mes...

Страница 704: ...e This field applies only when this Layer 3 Switch is the Master and the Backup is configured to send Hello messages the advertise backup option is enabled master router ip addr expires in time The IP...

Страница 705: ...cate with each other Note If the state is Init and the mode is incomplete make sure you have specified the IP address for the VRID Backup This Layer 3 Switch is a Backup for the VRID Master This Layer...

Страница 706: ...e statistic parameter displays statistics This parameter is required for displaying the statistics This display shows the following information Table 22 6 CLI Display of VRRP or VRRPE Statistics This...

Страница 707: ...number of IP packets addressed to the VRID that were dropped rxed vrrp port mismatch count The number of packets received that did not match the configuration for the receiving interface rxed vrrp ip...

Страница 708: ...previous 1 second plus 80 milliseconds Syntax show process cpu num The num parameter specifies the number of seconds and can be from 1 900 If you use this parameter the command lists the usage statis...

Страница 709: ...ip address command is the same IP address as the one entered when configuring Router1 In this case the IP address cannot also exist on Router2 but the interface on which you are configuring the VRID B...

Страница 710: ...24 Router1 config if 1 6 ip vrrp extended vrid 1 Router1 config if 1 6 vrid 1 backup priority 110 track priority 20 Router1 config if 1 6 vrid 1 track port ethernet 2 4 Router1 config if 1 6 vrid 1 i...

Страница 711: ...back up the address but you are not duplicating the address NOTE When you configure a Backup router the router interface on which you are configuring the VRID must have a real IP address that is in th...

Страница 712: ...Foundry Configuration Guide for the FESX FSX and FWSX 22 32 Foundry Networks Inc December 2005...

Страница 713: ...ault local storage device for image files and configuration files Secondary flash A second flash storage device You can use the secondary flash to store redundant images for additional booting reliabi...

Страница 714: ...h Image Version Running on the Device To determine the flash image version running on a device enter the show version command at any level of the CLI Some examples are shown below FESX and FWSX Device...

Страница 715: ...s shown in bold type FastIron SuperX Switch show version SW Version 02 0 00T2e1 Copyright c 1996 2004 Foundry Networks Inc Compiled on Dec 20 2004 at 16 08 06 labeled as SXS02000 2294152 bytes from Pr...

Страница 716: ...lease Beginning with release 02 3 01 FESX and FSX devices share the same flash images In releases prior to 02 3 01 FESX and FSX flash images were separate and were issued via separate software release...

Страница 717: ...presented in Upgrading the Flash Code on page 23 5 Upgrading from FSX 02 2 01a or later to the New Release 1 Upgrade the boot code to the new version SXZ0xxxx bin using the steps presented in Upgradin...

Страница 718: ...igure a read write community string enter the following command from the global CONFIG level of the CLI snmp server community string ro rw where string is the community string and can be up to 32 char...

Страница 719: ...m a BootP or TFTP server You can test new versions of code on a Foundry device or choose the preferred boot source from the console boot prompt without requiring a system reset NOTE It is very importa...

Страница 720: ...n enter the following command at any Enable or CONFIG command prompt FESX424 Switch write memory Replacing the Running Configuration with the Startup Configuration If you want to back out of the chang...

Страница 721: ...device creates The configuration file is a script containing CLI configuration commands The CLI reacts to each command entered from the file in the same way the CLI reacts to the command if you enter...

Страница 722: ...ig already has a command to add an address to port 11 so the CLI responds like this FESX424 Switch config interface ethernet 11 FESX424 Switch config if e1000 11 ip add 10 10 10 69 24 Error can only a...

Страница 723: ...the following command from the global CONFIG level of the CLI snmp server community string ro rw where string is the community string and can be up to 32 characters long 2 On the Foundry device enter...

Страница 724: ...passed NOTE The scheduled reload feature requires the system clock You can use a Simple Network Time Protocol SNTP server to set the clock or you can set the device clock manually See Specifying a Si...

Страница 725: ...t customer support 2 Flash read failed 3 Flash write preparation failed 4 Flash write failed 5 TFTP session timeout TFTP failed because of a time out Check IP connectivity and make sure the TFTP serve...

Страница 726: ...error The specific error message describes the error Correct the error then retry the transfer 17 TFTP remote no such file 18 TFTP remote access violation 19 TFTP remote disk full 20 TFTP remote ille...

Страница 727: ...option is enabled This chapter contains the topics listed in Table A 1 Overview A Foundry device s software can write syslog messages to provide information at the following severity levels Emergencie...

Страница 728: ...ny level of the CLI For information about the Syslog configuration information time stamps and dynamic and static buffers see Displaying the Syslog Configuration on page A 4 Enabling Real Time Display...

Страница 729: ...Router Power supply 2 power supply on left connector failed SYSLOG 14 FESX424 Router Interface ethernet 6 state down SYSLOG 14 FESX424 Router Interface ethernet 2 state up Configuring the Syslog Serv...

Страница 730: ...agement interface option See Clearing the Syslog Messages from the Local Buffer on page A 9 overruns The number of times the dynamic log buffer has filled up and been cleared to hold new entries For e...

Страница 731: ...sage The software does not overwrite the message for fan 2 unless the software sends a newer message for fan 2 When you clear log entries you can selectively clear the static or dynamic buffer or you...

Страница 732: ...system time when the most recent message the one at the top was generated was October 15 at 5 38 PM and 3 seconds Example of Syslog Messages on a Device Whose Onboard Clock Is Not Set The example sho...

Страница 733: ...10 0 0 99 Syntax logging host ip addr server name Specifying an Additional Syslog Server To specify an additional Syslog server enter the logging host ip addr command again as in the following exampl...

Страница 734: ...efault number of messages is 50 The value can be from 1 1000 on Layer 2 Switches and Layer 3 Switches The change takes effect immediately and does not require you to reload the software NOTE If you de...

Страница 735: ...er config ip show portname This command is applied globally to all interfaces on Layer 2 Switches and Layer 3 Switches Syntax no Ip show portname When you display the messages in the Syslog you see th...

Страница 736: ...in syslog messages by entering the following command FESX424 Router config ip show service number in log Syntax no ip show service number in log Syslog Messages Table A 3 lists all of the Syslog mess...

Страница 737: ...is treated as an authentication failure Alert MAC Authentication failed for mac address on portnum Port is already in another radius given vlan RADIUS authentication was successful for the specified...

Страница 738: ...the following 1 Router 2 Network 3 Summary 4 Summary 5 External Alert OSPF Memory Overflow OSPF has run out of memory Alert Power supply num location failed A power supply has failed The num is the p...

Страница 739: ...BGP4 session with the neighbor Informational user name login to PRIVILEGED mode A user has logged into the Privileged EXEC mode of the CLI The user name is the user name Informational user name login...

Страница 740: ...IP ACL or MAC address filter but the port is a member of a virtual routing interface VE Informational DOT1X port portnum mac mac address cannot remove inbound ACL An error occurred while removing the...

Страница 741: ...is not enough or the invalid information to set the dynamic assigned IP ACLs or MAC address filters 802 1X authentication could not take place on the port This happened because strict security mode wa...

Страница 742: ...port s priority has changed Informational Port portnum srcip security max ipaddr per int reached Last IP ipaddr The address limit specified by the srcip security max ipaddr per interface command has...

Страница 743: ...entered a user ID to log in Informational Syslog server IP address deleted added modified from console telnet ssh web snmp OR Syslog operation enabled disabled from console telnet ssh web snmp A user...

Страница 744: ...erface portnum STP state state DOT1wTransition 802 1W changed the state of a port to a new state forwarding learning blocking If the port changes to blocking the bridge port is in discarding state Inf...

Страница 745: ...dr is the IP address of the neighbor s BGP4 interface with the Foundry device Notification BGP Peer ip addr UP ESTABLISHED Indicates that a BGP4 neighbor has come up The ip addr is the IP address of t...

Страница 746: ...rcuit id The Layer 3 Switch s adjacency with this Level 2 IS has come up The system id is the system ID of the IS The circuit id is the ID of the circuit over which the adjacency was established Notif...

Страница 747: ...le was inserted to slot slot num Indicates that a module was inserted into a chassis slot The slot num is the number of the chassis slot into which the module was inserted Notification Module was remo...

Страница 748: ...e Foundry device The src ip addr is the IP address of the interface from which the Foundry device received the authentication failure The error type can be one of the following bad version area mismat...

Страница 749: ...he src ip addr is the IP address of the interface from which the Foundry device received the error packet The error type can be one of the following bad version area mismatch unknown NBMA neighbor unk...

Страница 750: ...unknown Notification OSPF intf rcvd bad pkt Bad Checksum rid ip addr intf addr ip addr pkt size num checksum num pkt src addr ip addr pkt type type The device received an OSPF packet that had an inva...

Страница 751: ...packet is not on the Foundry device s list of OSPF neighbors The parameters are the same as for the Bad Checksum message Notification OSPF intf retransmit rid router id intf addr ip addr nbr rid nbr...

Страница 752: ...e area id is the OSPF area The lsa type is the type of LSA The lsa id is the LSA ID The lsa router id is the LSA router ID Notification OSPF nbr state changed rid router id nbr addr ip addr nbr rid nb...

Страница 753: ...routing interface authentication failure has occurred The router id is the router ID of the Foundry device The ip addr is the IP address of the interface on the Foundry device The src ip addr is the...

Страница 754: ...nterface on the Foundry device The src ip addr is the IP address of the interface from which the Foundry device received the error packet The error type can be one of the following bad version area mi...

Страница 755: ...te link state ack unknown Notification OSPF virtual intf retransmit rid router id intf addr ip addr nbr rid nbr router id pkt type is pkt type LSA type lsa type LSA id lsa id LSA rid lsa router id An...

Страница 756: ...of the following down loopback waiting point to point designated router backup designated router other designated router unknown Notification OSPF virtual nbr state changed rid router id nbr addr ip a...

Страница 757: ...igured on an interface and the maximum burst size for TCP packets on the interface has been exceeded The portnum is the port number The first num is the maximum burst size maximum number of packets al...

Страница 758: ...of the denied packets The src ip addr is the source IP address of the denied packets The src tcp udp port is the source TCP or UDP port if applicable of the denied packets The portnum indicates the p...

Страница 759: ...of 100 prefixes and 75 percent as the warning threshold this message is generated if the Layer 3 Switch receives a 76th prefix from the neighbor Warning NTP server ip addr failed to respond Indicates...

Страница 760: ...Foundry Configuration Guide for the FESX FSX and FWSX A 34 Foundry Networks Inc December 2005...

Страница 761: ...ow version command FESX424 Router show version Syntax show version Table B 1 Chapter Contents Description See Page Basic Management All Foundry products support basic management tasks such as viewing...

Страница 762: ...tatistics Port statistics are polled by default every 10 seconds You can view statistics for ports by entering the following show commands show interfaces show configuration show statistics To display...

Страница 763: ...eceived The count includes rejected and local packets that are not sent to the switching core for transmission OutPkts The total number of good packets sent The count includes unicast multicast and br...

Страница 764: ...ad Alignment errors or phy errors LateCollisions The total number of packets received in which a Collision event was detected but for which a receive error Rx Error event was not detected InGiantPkts...

Страница 765: ...lear commands are found at the Privileged EXEC level RMON Support The Foundry RMON agent supports the following groups The group numbers come from the RMON specification RFC 1757 Statistics RMON Group...

Страница 766: ...NMP numbers of the ports start at 1 and increase sequentially For example if you are using a Chassis device and slot 1 contains an 8 port module the SNMP number of the first port in slot 2 is 9 The ph...

Страница 767: ...ber of packets received that were less than 64 octets long and had either a bad FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error It is...

Страница 768: ...ming bits but does include FCS octets 65 to 127 octets pkts The total number of packets received that were 65 127 octets long This number includes bad packets This number does not include framing bits...

Страница 769: ...time sample type threshold type threshold value event number threshold type threshold value event number owner text string Event RMON Group 9 There are two elements to the Event Group the event contro...

Страница 770: ...enable sFlow the feature uses the source address 0 0 0 0 To display the agent_address enable sFlow then enter the show sflow command See Enabling sFlow Forwarding on page B 14 and Displaying sFlow Inf...

Страница 771: ...ng sFlow To configure sFlow Specify collector information The collector is the external device to which you are exporting the sFlow data You can specify up to four collectors Optional Change the polli...

Страница 772: ...ations The sampling rate is a fraction in the form 1 N meaning that on average one out of every N packets will be sampled The sflow sample command at the global level or port level specifies N the den...

Страница 773: ...s the valid sampling rates In addition the software will round the value you enter up to the nearest value listed You can display the rates you entered the configured rates as well as the rates rounde...

Страница 774: ...er of 2 The actual sampling rate becomes one of the values listed in Changing the Default Sampling Rate Enabling sFlow Forwarding sFlow exports data only for the interfaces on which you enable sFlow f...

Страница 775: ...12 actual rate 512 Subsampling factor 1 Port 5 17 configured rate 1500 actual rate 2048 Subsampling factor 4 Port 5 16 configured rate 1500 actual rate 2048 Subsampling factor 4 Port 5 15 configured r...

Страница 776: ...gured default sampling rate The configured global sampling rate If you changed the global sampling rate the value you entered is shown here The actual rate calculated by the software based on the valu...

Страница 777: ...four bandwidth utilization lists Command Syntax To configure an uplink utilization list enter commands such as the following The commands in this example configure a link utilization list with port 1...

Страница 778: ...eason the percentages for the two downlink ports equal 100 In some cases the percentages do not always equal 100 This is true in cases where the ports exchange some traffic with other ports in the sys...

Страница 779: ...LANs and static MAC entries Configure protocol based VLANs IP sub net VLANs and IPX network VLANs within standard 802 1d port based VLANs Learn or drop RIP routes on incoming traffic based on network...

Страница 780: ...l ports The following table lists the scope for each type of policy and filter Default Filter Actions By default no policies or filters are defined on Foundry devices The following table lists the def...

Страница 781: ...t use Layer 2 filters to filter for Layer 4 information To filter for Layer 4 information use IP access policies filters Table C 3 Default Policy and Filter Actions Policy or Filter Type Default actio...

Страница 782: ...the order in which you list them in a port s inbound or outbound filter list For example if you apply three filters 3 2 and 1024 to port 1 1 s outbound filter list the filters are applied in the foll...

Страница 783: ...are merged However the resulting priority is never lower than the highest priority Syntax Use the following CLI commands to configure QoS policies Layer 3 Policies Layer 3 policies are rules that cont...

Страница 784: ...device drops the packet See the chapter Configuring Virtual LANs VLANs on page 11 1 for configuration rules and examples Actions A Foundry device forwards a packet if its Layer 3 protocol information...

Страница 785: ...then apply it to an interface The filter applies only to incoming traffic on the interface NOTE MAC filters do not block management access to the Foundry device For example if you apply a filter to bl...

Страница 786: ...ed by the port Figure B 6 shows an example of an address lock filter In this example the Foundry device is configured to learn only two MAC addresses on port 3 1 After the device learns two addresses...

Страница 787: ...Layer 3 Filters Layer 3 filters control a Foundry device s transmission and receipt of packets based on routing protocol information in the packets Foundry devices provide the following types of Laye...

Страница 788: ...d IP access policies See IP Access Policies on page B 10 RIP Route Filters RIP route filters control the routes that a Foundry device learns and advertises Figure B 7 shows an example of a port with R...

Страница 789: ...ter does not affect advertisements received by the Foundry device from 192 99 26 1 24 The Foundry device can still learn RIP routes from this neighbor Figure C 3 RIP neighbor filters Actions A RIP nei...

Страница 790: ...etwork address in BGP4 updates the Foundry device sends to a BGP4 neighbor Scope You define BGP4 address filters globally then apply them as part of a BGP4 neighbor s distribute list or as part of a m...

Страница 791: ...You define BGP4 AS path filters globally then apply them as part of a BGP4 neighbor s distribute list or as part of a match statement in a route map Syntax Use the following CLI commands to configure...

Страница 792: ...metric To configure redistribution you configure redistribution filters in the protocol that will receive the routes Redistribution is disabled by default in RIP and OSPF and enabled by default in BG...

Страница 793: ...tch or you can set the metric on redistributed routes By setting the metric you can cause the router to prefer RIP routes or redistributed routes to the specified network Actions RIP redistribution fi...

Страница 794: ...ribution filters globally Syntax Use the following CLI commands to configure OSPF redistribution filters BGP4 Redistribution Filters BGP4 redistribution filters control redistribution of routes from o...

Страница 795: ...onfigure BGP4 redistribution filters NOTE The optional match internal external1 external2 argument applies only to OSPF Table C 18 BGP4 Redistribution Filters CLI syntax FESX424 Router config bgp rout...

Страница 796: ...Foundry Configuration Guide for the FESX FSX and FWSX C 18 Foundry Networks Inc December 2005...

Страница 797: ...he FESX and FSX support many of the applicable system level Layer 2 and Layer 3 features supported on the BigIron Chassis devices The FWSX supports system level and Layer 2 features only It does not s...

Страница 798: ...FSX PREM Full Layer 3 Layer 2 FWSX424 FWSX448 Layer 2 Layer 2 Table D 2 List of Supported Features Category Description and Configuration Notes Supported on FSX FESX FWSX Management Features Access Co...

Страница 799: ...r statically configured trunk groups X X X Auto MDI MDIX X X X Broadcast multicast and unknown unicast rate limiting X X X DiffServ support X X X Foundry Discovery Protocol FDP Cisco Discovery Protoco...

Страница 800: ...t up to 4 port trunk groups trunk groups on these devices can have 2 3 or 4 ports X X X Layer 2 Features 802 1d Spanning Tree Support Enhanced IronSpan support includes Fast Port Span and Single insta...

Страница 801: ...ivate VLANS Protocol VLANs IPv4 and dynamic IPv6 X X X Layer 3 Subnet VLANs IP subnet network X X Super Aggregated VLANs X X X Virtual routing interfaces X X X VLAN groups X X X Wire speed Layer 2 Swi...

Страница 802: ...SX support starts in release 02 0 00 X X RIP V1 and V2 FESX support starts in release 02 0 00 X X Route only support FSX devices support disabling Layer 2 Switching at the CLI Interface level as well...

Страница 803: ...filters X X X Jumbo frames on all models except FES12GCF X NetFlow X X X Outbound ACLs X X X Outbound rate limiting X X X Protected link groups X X X Server trunk groups for Layer 3 traffic Server tr...

Страница 804: ...g Tree X X X 802 1x Port based Authentication Dynamic VLAN ACL and MAC Filter Group Assignment X X X 802 3 10Base T X X X 802 3 Ethernet Like MIB X X X 802 3ab 1000Base T X 802 3ad Link Aggregation Dy...

Страница 805: ...X X 826 Ethernet Address Resolution Protocol ARP X X 854 855 and 857 Telnet X X X 894 IP over Ethernet frames X X 903 Reverse ARP RARP X X 906 Bootstrap loading using TFTP X X 919 Broadcast Internet...

Страница 806: ...ts X X X 1516 Repeater MIB X X 1519 Classless Inter Domain Routing CIDR an Address Assignment and Aggregation Strategy X X 1541 and 1542 Dynamic Host Configuration Protocol DHCP X X X 1573 SNMP MIB II...

Страница 807: ...ormation Base for the User Datagram Protocol using SMIv2 X X 2030 Simple Network Time Protocol SNTP version 4 X X 2068 HTTP X X X 2096 IP Forwarding MIB X X 2131 BootP DHCP Relay X X 2138 Remote Authe...

Страница 808: ...X X X 2576 Coexistence between Version 1 Version 2 and Version 3 of the Internet standard Network Management Framework X X 2578 Structure of Management Information Version 2 SMIv2 X X 2579 Textual Co...

Страница 809: ...rmation Base MIB for the Simple Network Management Protocol SNMP X X X AAA X X X Bi level access mode standard and EXEC level X X X DVMRP V3 07 X X HTTP and HTTPS X X X IGMP Snooping versions 1 2 and...

Страница 810: ...owing Internet drafts ietf idmr dvmrp version 3 05 obsoletes RFC 1075 draft ietf pim dm 05 V1 draft ietf pim v2 dm 03 V2 draft katz yeung ospf traffic 03 txt MSDP TACACS Protocol version 1 78 NOTE Fou...

Страница 811: ...chen F hrungen an jeder Seite des Netzteils das ordnungegem in die F hrungen gesteckt werden muss Das Netzteil darf niemals umgedreht eingesteckt werden MISE EN GARDE Suivez attentivement les rep res...

Страница 812: ...HT Stellen Sie sicher dass an der Vorderseite den Seiten und an der R ckseite der Luftstrom nicht behindert wird MISE EN GARDE V rifiez que rien ne restreint la circulation d air devant derri re et su...

Страница 813: ...gspersonal mit Spezialwerkzeug Schl ssel oder anderen Sicherheitsvorrichtungen Zugang hat Dieser Zugang wird von f r den Bereich zust ndigen Personen berwacht MISE EN GARDE Tous les dispositifs avec b...

Страница 814: ...ue este no se conectar con el enchufe posterior de esta forma El suministro de potencia estar con la cara correcta hacia arriba cuando el conector de corriente quede a la izquierda y la abertura del v...

Страница 815: ...du slot en place Si vous faites fonctionner le ch ssis avec un slot d couvert le syst me surchauffera PRECAUCI N Si no instala un m dulo en la ranura deber mantener el panel de ranuras en su lugar Si...

Страница 816: ...interfaces de fibra ptica utilizan l ser de clase 1 WARNING Make sure the rack or cabinet housing the device is adequately secured to prevent it from becoming unstable or falling over ACHTUNG Stellen...

Страница 817: ...s poign es des unit s de bloc d alimentation pour soulever ou porter un dispositif en ch ssis ADVERTENCIA No use las asas de las unidades de suministro de corriente para alzar o transportar un instrum...

Страница 818: ...istro El instrumento puede estar activado cuando se est instalando o retirando un suministro de corriente pero el suministro de corriente en s no deber estar conectado a la fuente de corriente De no h...

Страница 819: ...dispositivo de circuito apropiado dependiendo del n mero de suministros de CA instalados en el chasis La llamada de corriente m xima para el sistema es de un suministro de CA WARNING Be careful not to...

Страница 820: ...Foundry Configuration Guide for the FESX FSX and FWSX E 10 Foundry Networks Inc December 2005...

Результаты поиска

Содержание FastIron Edge Switch X424

Отзывы:

Похожие инструкции для FastIron Edge Switch X424

Бренды по названию

Популярные бренды

Foundry Networks FastIron Edge Switch X424, Руководство пользователя

Результаты поиска

Содержание FastIron Edge Switch X424

Отзывы:

Похожие инструкции для FastIron Edge Switch X424

Бренды по названию

Популярные бренды