foundry fastiron user guide

814
Foundry FastIron X-Series Configuration Guide FastIron Edge Switch X-Series FastIron Workgroup Switch X-Series FastIron SuperX Switch 2100 Gold Street P.O. Box 649100 San Jose, CA 95164-9100 Tel 408.586.1700 Fax 408.586.1900 December 2005

Upload: kam-bing-oei

Post on 26-Aug-2014

217 views

Category:

Documents


2 download

TRANSCRIPT

Foundry FastIron X-Series Configuration GuideFastIron Edge Switch X-Series FastIron Workgroup Switch X-Series FastIron SuperX Switch

2100 Gold Street P.O. Box 649100 San Jose, CA 95164-9100 Tel 408.586.1700 Fax 408.586.1900 December 2005

Copyright Foundry Networks, Inc. All rights reserved. No part of this work may be reproduced in any form or by any means graphic, electronic or mechanical, including photocopying, recording, taping or storage in an information retrieval system without prior written permission of the copyright owner. The trademarks, logos and service marks ("Marks") displayed herein are the property of Foundry or other third parties. You are not permitted to use these Marks without the prior written consent of Foundry or such appropriate third party. Foundry Networks, BigIron, FastIron, IronView, JetCore, NetIron, ServerIron, TurboIron, IronWare, EdgeIron, IronPoint, the Iron family of marks and the Foundry Logo are trademarks or registered trademarks of Foundry Networks, Inc. in the United States and other countries. F-Secure is a trademark of F-Secure Corporation. All other trademarks mentioned in this document are the property of their respective owners.

Contents

CHAPTER 1 ABOUT THIS GUIDE..................................................................................... 1-1INTRODUCTION ...........................................................................................................................................1-1 WHATS INCLUDED IN THIS EDITION? ...........................................................................................................1-2 AUDIENCE ..................................................................................................................................................1-3 NOMENCLATURE .........................................................................................................................................1-3 RELATED PUBLICATIONS .............................................................................................................................1-3 HOW TO GET HELP .....................................................................................................................................1-4 WEB ACCESS .......................................................................................................................................1-4 EMAIL ACCESS .....................................................................................................................................1-4 TELEPHONE ACCESS ............................................................................................................................1-4 WARRANTY COVERAGE ...............................................................................................................................1-4

CHAPTER 2 GETTING FAMILIAR WITH MANAGEMENT APPLICATIONS ................................ 2-1LOGGING ON THROUGH THE CLI .................................................................................................................2-1 ON-LINE HELP .....................................................................................................................................2-2 COMMAND COMPLETION .......................................................................................................................2-2 SCROLL CONTROL ................................................................................................................................2-2 LINE EDITING COMMANDS .....................................................................................................................2-3 USING SLOT AND PORT NUMBERS WITH CLI COMMANDS ......................................................................2-3 SEARCHING AND FILTERING OUTPUT FROM CLI COMMANDS ..................................................................2-4 USING SPECIAL CHARACTERS IN REGULAR EXPRESSIONS .....................................................................2-6 LOGGING ON THROUGH THE WEB MANAGEMENT INTERFACE .......................................................................2-8 NAVIGATING THE WEB MANAGEMENT INTERFACE ..................................................................................2-9 LOGGING ON THROUGH IRONVIEW NETWORK MANAGER ............................................................................2-11

CHAPTER 3 CONFIGURING BASIC SOFTWARE FEATURES ................................................ 3-1CONFIGURING BASIC SYSTEM PARAMETERS ................................................................................................3-2December 2005 Foundry Networks, Inc. iii

Foundry Configuration Guide for the FESX, FSX, and FWSX

ENTERING SYSTEM ADMINISTRATION INFORMATION ...............................................................................3-2 CONFIGURING SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP) PARAMETERS ...............................3-3 CONFIGURING AN INTERFACE AS THE SOURCE FOR ALL TELNET PACKETS .............................................3-7 CANCELLING AN OUTBOUND TELNET SESSION ......................................................................................3-7 CONFIGURING AN INTERFACE AS THE SOURCE FOR ALL TFTP PACKETS ................................................3-7 SPECIFYING A SIMPLE NETWORK TIME PROTOCOL (SNTP) SERVER ......................................................3-8 SETTING THE SYSTEM CLOCK .............................................................................................................3-10 LIMITING BROADCAST, MULTICAST, AND UNKNOWN UNICAST TRAFFIC .................................................3-11 CONFIGURING CLI BANNERS ..............................................................................................................3-11 CONFIGURING BASIC PORT PARAMETERS ..................................................................................................3-13 ASSIGNING A PORT NAME ..................................................................................................................3-13 MODIFYING PORT SPEED ...................................................................................................................3-13 ENABLING AUTO-NEGOTIATION MAXIMUM PORT SPEED ADVERTISEMENT AND PORT SPEED DOWN-SHIFT ...........................................................................................................3-14 MODIFYING PORT DUPLEX MODE .......................................................................................................3-15 CONFIGURING MDI/MDIX ...................................................................................................................3-16 DISABLING OR RE-ENABLING A PORT ..................................................................................................3-16 DISABLING OR RE-ENABLING FLOW CONTROL .....................................................................................3-17 ENABLING AND DISABLING SUPPORT FOR 100BASEFX ........................................................................3-17 CHANGING THE GIGABIT FIBER NEGOTIATION MODE ............................................................................3-18 MODIFYING PORT PRIORITY (QOS) .....................................................................................................3-18 ENABLING DYNAMIC CONFIGURATION OF VOICE OVER IP (VOIP) PHONES ............................................3-18

CHAPTER 4 CONFIGURING BASIC LAYER 2 FEATURES ................................................... 4-1ABOUT PORT REGIONS ...............................................................................................................................4-2 ENABLING OR DISABLING THE SPANNING TREE PROTOCOL (STP) ................................................................4-2 MODIFYING STP BRIDGE AND PORT PARAMETERS ................................................................................4-3 CHANGING THE MAC AGE TIME ..................................................................................................................4-3 CONFIGURING STATIC MAC ENTRIES ..........................................................................................................4-4 ENABLING PORT-BASED VLANS .................................................................................................................4-4 ASSIGNING IEEE 802.1Q TAGGING TO A PORT .....................................................................................4-5 DEFINING MAC ADDRESS FILTERS ..............................................................................................................4-5 CONFIGURATION NOTES .......................................................................................................................4-6 COMMAND SYNTAX ..............................................................................................................................4-6 ENABLING LOGGING OF PACKETS DENIED BY MAC FILTERS ..................................................................4-7 LOCKING A PORT TO RESTRICT ADDRESSES ...............................................................................................4-8 CONFIGURATION NOTES .......................................................................................................................4-8 COMMAND SYNTAX ..............................................................................................................................4-8 DISPLAYING AND MODIFYING SYSTEM PARAMETER DEFAULT SETTINGS ........................................................4-8 CONFIGURING PORT MIRRORING AND MONITORING ...................................................................................4-12 CONFIGURATION CONSIDERATIONS .....................................................................................................4-12 COMMAND SYNTAX ............................................................................................................................4-12

iv

Foundry Networks, Inc.

December 2005

Contents

CHAPTER 5 CONFIGURING BASE LAYER 3 AND ENABLING ROUTING PROTOCOLS ......................................................... 5-1ADDING A STATIC IP ROUTE .......................................................................................................................5-2 ADDING A STATIC ARP ENTRY ....................................................................................................................5-2 MODIFYING AND DISPLAYING LAYER 3 SYSTEM PARAMETER LIMITS ..............................................................5-3 CONFIGURATION NOTE .........................................................................................................................5-3 MODIFYING LAYER 3 SYSTEM PARAMETER LIMITS .................................................................................5-3 DISPLAYING LAYER 3 SYSTEM PARAMETER LIMITS ................................................................................5-4 CONFIGURING RIP ......................................................................................................................................5-4 ENABLING RIP .....................................................................................................................................5-4 ENABLING REDISTRIBUTION OF IP STATIC ROUTES INTO RIP .................................................................5-5 ENABLING REDISTRIBUTION ..................................................................................................................5-6 ENABLING LEARNING OF DEFAULT ROUTES ...........................................................................................5-6 CHANGING THE ROUTE LOOP PREVENTION METHOD .............................................................................5-6 OTHER LAYER 3 PROTOCOLS ......................................................................................................................5-7 ENABLING OR DISABLING ROUTING PROTOCOLS ..........................................................................................5-7 ENABLING OR DISABLING LAYER 2 SWITCHING .............................................................................................5-7 CONFIGURATION NOTES .......................................................................................................................5-7 COMMAND SYNTAX ..............................................................................................................................5-8

CHAPTER 6 CONFIGURING POWER OVER ETHERNET ...................................................... 6-1POWER OVER ETHERNET OVERVIEW ...........................................................................................................6-1 TERMS USED IN THIS SECTION .............................................................................................................6-2 METHODS FOR DELIVERING POE .........................................................................................................6-2 AUTODISCOVERY ..................................................................................................................................6-4 POWER CLASS .....................................................................................................................................6-4 POWER SPECIFICATIONS ......................................................................................................................6-4 CABLING REQUIREMENTS .....................................................................................................................6-5 SUPPORTED POWERED DEVICES ..........................................................................................................6-5 ENABLING OR DISABLING POWER OVER ETHERNET ......................................................................................6-5 ENABLING THE DETECTION OF POE POWER REQUIREMENTS ADVERTISED VIA CDP ..........................................................................................................................6-6 CONFIGURATION CONSIDERATIONS .......................................................................................................6-6 COMMAND SYNTAX ..............................................................................................................................6-6 SETTING THE MAXIMUM POWER LEVEL FOR A POE POWER CONSUMING DEVICE .........................................6-6 CONFIGURATION NOTES .......................................................................................................................6-6 COMMAND SYNTAX ..............................................................................................................................6-7 SETTING THE POWER CLASS FOR A POE POWER CONSUMING DEVICE ........................................................6-7 CONFIGURATION NOTES .......................................................................................................................6-7 COMMAND SYNTAX ..............................................................................................................................6-8 SETTING THE IN-LINE POWER PRIORITY FOR A POE PORT ...........................................................................6-8 COMMAND SYNTAX ..............................................................................................................................6-9 RESETTING POE PARAMETERS ...................................................................................................................6-9

December 2005

Foundry Networks, Inc.

v

Foundry Configuration Guide for the FESX, FSX, and FWSX

DISPLAYING POWER OVER ETHERNET INFORMATION ..................................................................................6-10 DISPLAYING POE OPERATIONAL STATUS ............................................................................................6-10 DISPLAYING DETAILED INFORMATION ABOUT POE POWER SUPPLIES ..................................................6-13

CHAPTER 7 CONFIGURING SPANNING TREE PROTOCOL (STP) AND IRONSPAN FEATURES ......................................................................... 7-1STP OVERVIEW ..........................................................................................................................................7-2 CONFIGURING STANDARD STP PARAMETERS ..............................................................................................7-2 STP PARAMETERS AND DEFAULTS .......................................................................................................7-2 ENABLING OR DISABLING THE SPANNING TREE PROTOCOL (STP) .........................................................7-4 CHANGING STP BRIDGE AND PORT PARAMETERS .................................................................................7-5 STP PROTECTION ENHANCEMENT ........................................................................................................7-6 DISPLAYING STP INFORMATION ............................................................................................................7-8 CONFIGURING IRONSPAN FEATURES .........................................................................................................7-16 FAST PORT SPAN ...............................................................................................................................7-16 802.1W RAPID SPANNING TREE (RSTP) ............................................................................................7-18 802.1W DRAFT 3 ...............................................................................................................................7-53 SINGLE SPANNING TREE (SSTP) ........................................................................................................7-56 STP PER VLAN GROUP .....................................................................................................................7-58 PVST/PVST+ COMPATIBILITY ..................................................................................................................7-61 OVERVIEW OF PVST AND PVST+ ......................................................................................................7-62 VLAN TAGS AND DUAL MODE ............................................................................................................7-62 CONFIGURING PVST+ SUPPORT ........................................................................................................7-63 DISPLAYING PVST+ SUPPORT INFORMATION ......................................................................................7-64 CONFIGURATION EXAMPLES ...............................................................................................................7-64

CHAPTER 8 CONFIGURING METRO FEATURES ................................................................ 8-1TOPOLOGY GROUPS ...................................................................................................................................8-1 MASTER VLAN AND MEMBER VLANS ...................................................................................................8-2 CONTROL PORTS AND FREE PORTS ......................................................................................................8-2 CONFIGURATION CONSIDERATIONS .......................................................................................................8-2 CONFIGURING A TOPOLOGY GROUP ......................................................................................................8-3 DISPLAYING TOPOLOGY GROUP INFORMATION ......................................................................................8-3 METRO RING PROTOCOL (MRP) .................................................................................................................8-5 CONFIGURATION NOTES .......................................................................................................................8-6 MRP RINGS WITHOUT SHARED INTERFACES (MRP PHASE 1) ...............................................................8-6 RING INITIALIZATION ............................................................................................................................8-7 HOW RING BREAKS ARE DETECTED AND HEALED .................................................................................8-8 MASTER VLANS AND CUSTOMER VLANS .............................................................................................8-9 CONFIGURING MRP ...........................................................................................................................8-11 USING MRP DIAGNOSTICS .................................................................................................................8-12 DISPLAYING MRP INFORMATION .........................................................................................................8-13 MRP CLI EXAMPLE ...........................................................................................................................8-16

vi

Foundry Networks, Inc.

December 2005

Contents

VIRTUAL SWITCH REDUNDANCY PROTOCOL (VSRP) .................................................................................8-18 LAYER 2 AND LAYER 3 REDUNDANCY ..................................................................................................8-19 MASTER ELECTION AND FAILOVER ......................................................................................................8-20 VSRP-AWARE SECURITY FEATURES ..................................................................................................8-24 VSRP PARAMETERS ..........................................................................................................................8-24 CONFIGURING BASIC VSRP PARAMETERS ..........................................................................................8-27 CONFIGURING OPTIONAL VSRP PARAMETERS ....................................................................................8-28 DISPLAYING VSRP INFORMATION .......................................................................................................8-34 VSRP FAST START ............................................................................................................................8-37 VSRP AND MRP SIGNALING ..............................................................................................................8-38

CHAPTER 9 CONFIGURING UNI-DIRECTIONAL LINK DETECTION (UDLD) ......................... 9-1UDLD OVERVIEW .......................................................................................................................................9-1 CONFIGURATION CONSIDERATIONS ..............................................................................................................9-2 ENABLING UDLD ........................................................................................................................................9-2 CHANGING THE KEEPALIVE INTERVAL ..........................................................................................................9-3 CHANGING THE KEEPALIVE RETRIES ...........................................................................................................9-3 UDLD FOR TAGGED PORTS ........................................................................................................................9-3 DISPLAYING UDLD INFORMATION ................................................................................................................9-4 DISPLAYING INFORMATION FOR ALL PORTS ...........................................................................................9-4 DISPLAYING INFORMATION FOR A SINGLE PORT ....................................................................................9-5 CLEARING UDLD STATISTICS .....................................................................................................................9-6

CHAPTER 10 CONFIGURING TRUNK GROUPS AND DYNAMIC LINK AGGREGATION .......................................................... 10-1TRUNK GROUP OVERVIEW ........................................................................................................................10-1 TRUNK GROUP CONNECTIVITY TO A SERVER ......................................................................................10-2 TRUNK GROUP RULES ........................................................................................................................10-3 TRUNK GROUP CONFIGURATION EXAMPLES ........................................................................................10-4 TRUNK GROUP LOAD SHARING ...........................................................................................................10-6 CONFIGURING A TRUNK GROUP ................................................................................................................10-7 EXAMPLE 1: CONFIGURING THE TRUNK GROUPS SHOWN IN FIGURE 10.1 ...........................................10-8 EXAMPLE 2: CONFIGURING A TRUNK GROUP THAT SPANS MULTIPLE GIGABIT ETHERNET MODULES IN A CHASSIS DEVICE ....................................................................10-8 CLI SYNTAX .......................................................................................................................................10-9 ADDITIONAL TRUNKING OPTIONS ........................................................................................................10-9 DISPLAYING TRUNK GROUP CONFIGURATION INFORMATION .....................................................................10-11 DYNAMIC LINK AGGREGATION .................................................................................................................10-13 CONFIGURATION EXAMPLE ...............................................................................................................10-13 CONFIGURATION NOTES ...................................................................................................................10-15 ADAPTATION TO TRUNK DISAPPEARANCE ..........................................................................................10-15 FLEXIBLE TRUNK ELIGIBILITY ............................................................................................................10-16 COMMAND SYNTAX ..........................................................................................................................10-17

December 2005

Foundry Networks, Inc.

vii

Foundry Configuration Guide for the FESX, FSX, and FWSX

LINK AGGREGATION PARAMETERS ....................................................................................................10-18 DISPLAYING AND DETERMINING THE STATUS OF AGGREGATE LINKS .........................................................10-22 ABOUT BLOCKED PORTS ..................................................................................................................10-23 DISPLAYING LINK AGGREGATION AND PORT STATUS INFORMATION ....................................................10-23 DISPLAYING TRUNK GROUP AND LACP STATUS INFORMATION ..........................................................10-26 CLEARING THE NEGOTIATED AGGREGATE LINKS TABLE ...........................................................................10-26

CHAPTER 11 CONFIGURING VIRTUAL LANS (VLANS).................................................... 11-1VLAN OVERVIEW ....................................................................................................................................11-2 TYPES OF VLANS ..............................................................................................................................11-2 DEFAULT VLAN .................................................................................................................................11-6 802.1Q TAGGING ...............................................................................................................................11-7 SPANNING TREE PROTOCOL (STP) ....................................................................................................11-8 VIRTUAL ROUTING INTERFACES ..........................................................................................................11-9 VLAN AND VIRTUAL ROUTING INTERFACE GROUPS ...........................................................................11-10 DYNAMIC, STATIC, AND EXCLUDED PORT MEMBERSHIP .....................................................................11-10 SUPER AGGREGATED VLANS ...........................................................................................................11-13 TRUNK GROUP PORTS AND VLAN MEMBERSHIP ...............................................................................11-13 SUMMARY OF VLAN CONFIGURATION RULES ....................................................................................11-13 ROUTING BETWEEN VLANS ....................................................................................................................11-14 VIRTUAL ROUTING INTERFACES (LAYER 3 SWITCHES ONLY) ..............................................................11-14 BRIDGING AND ROUTING THE SAME PROTOCOL SIMULTANEOUSLY ON THE SAME DEVICE (LAYER 3 SWITCHES ONLY) .....................................................................11-14 ROUTING BETWEEN VLANS USING VIRTUAL ROUTING INTERFACES (LAYER 3 SWITCHES ONLY) .........11-14 DYNAMIC PORT ASSIGNMENT (LAYER 2 SWITCHES AND LAYER 3 SWITCHES) .....................................11-15 ASSIGNING A DIFFERENT VLAN ID TO THE DEFAULT VLAN ..............................................................11-15 ASSIGNING TRUNK GROUP PORTS ....................................................................................................11-15 CONFIGURING PORT-BASED VLANS .................................................................................................11-15 MODIFYING A PORT-BASED VLAN ....................................................................................................11-18 CONFIGURING IP SUB-NET, IPX NETWORK AND PROTOCOL-BASED VLANS .............................................11-21 CONFIGURATION EXAMPLE ...............................................................................................................11-21 CONFIGURING IP SUB-NET, IPX NETWORK, AND PROTOCOL-BASED VLANS WITHIN PORT-BASED VLANS ..................................................................11-23 CONFIGURING AN IPV6 PROTOCOL VLAN ...............................................................................................11-26 ROUTING BETWEEN VLANS USING VIRTUAL ROUTING INTERFACES (LAYER 3 SWITCHES ONLY) ...............11-27 CONFIGURING PROTOCOL VLANS WITH DYNAMIC PORTS .......................................................................11-33 AGING OF DYNAMIC PORTS ..............................................................................................................11-33 CONFIGURATION GUIDELINES ...........................................................................................................11-33 CONFIGURING AN IP, IPX, OR APPLETALK PROTOCOL VLAN WITH DYNAMIC PORTS ..........................11-33 CONFIGURING AN IP SUB-NET VLAN WITH DYNAMIC PORTS .............................................................11-34 CONFIGURING AN IPX NETWORK VLAN WITH DYNAMIC PORTS .........................................................11-34 CONFIGURING UPLINK PORTS WITHIN A PORT-BASED VLAN ...................................................................11-35 CONFIGURING THE SAME IP SUB-NET ADDRESS ON MULTIPLE PORT-BASED VLANS ...............................11-35 USING SEPARATE ACLS ON IP FOLLOWER VIRTUAL ROUTING INTERFACES ........................................11-39 CONFIGURING VLAN GROUPS AND VIRTUAL ROUTING INTERFACE GROUPS .............................................11-40viii Foundry Networks, Inc. December 2005

Contents

CONFIGURING A VLAN GROUP .........................................................................................................11-40 CONFIGURING A VIRTUAL ROUTING INTERFACE GROUP .....................................................................11-41 DISPLAYING THE VLAN GROUP AND VIRTUAL ROUTING INTERFACE GROUP INFORMATION ..................11-42 ALLOCATING MEMORY FOR MORE VLANS OR VIRTUAL ROUTING INTERFACES ...................................11-42 CONFIGURING SUPER AGGREGATED VLANS ...........................................................................................11-43 CONFIGURING AGGREGATED VLANS ................................................................................................11-45 VERIFYING THE CONFIGURATION .......................................................................................................11-47 COMPLETE CLI EXAMPLES ...............................................................................................................11-47 CONFIGURING 802.1Q-IN-Q TAGGING .....................................................................................................11-49 CONFIGURATION RULES ...................................................................................................................11-51 ENABLING 802.1Q-IN-Q TAGGING ....................................................................................................11-51 EXAMPLE CONFIGURATION ...............................................................................................................11-52 CONFIGURING PRIVATE VLANS ..............................................................................................................11-52 IMPLEMENTATION NOTES ..................................................................................................................11-54 COMMAND SYNTAX ..........................................................................................................................11-54 ENABLING BROADCAST OR UNKNOWN UNICAST TRAFFIC TO THE PRIVATE VLAN ...............................11-55 CLI EXAMPLE FOR FIGURE 11.21 .....................................................................................................11-56 DUAL-MODE VLAN PORTS .....................................................................................................................11-56 DISPLAYING VLAN INFORMATION ............................................................................................................11-59 DISPLAYING SYSTEM-WIDE VLAN INFORMATION ...............................................................................11-59 DISPLAYING VLAN INFORMATION FOR SPECIFIC PORTS ....................................................................11-60

CHAPTER 12 RULE-BASED IP ACCESS CONTROL LISTS (ACLS) .................................... 12-1ACL OVERVIEW ........................................................................................................................................12-2 TYPES OF IP ACLS ............................................................................................................................12-2 ACL IDS AND ENTRIES .......................................................................................................................12-2 NUMBERED AND NAMED ACLS ...........................................................................................................12-3 DEFAULT ACL ACTION .......................................................................................................................12-3 HOW HARDWARE-BASED ACLS WORK ......................................................................................................12-3 HOW FRAGMENTED PACKETS ARE PROCESSED ...................................................................................12-3 HARDWARE AGING OF LAYER 4 CAM ENTRIES ...................................................................................12-4 CONFIGURATION CONSIDERATIONS ............................................................................................................12-4 CONFIGURING STANDARD NUMBERED ACLS .............................................................................................12-4 STANDARD NUMBERED ACL SYNTAX ..................................................................................................12-5 CONFIGURATION EXAMPLE FOR STANDARD NUMBERED ACLS .............................................................12-6 CONFIGURING STANDARD NAMED ACLS ...................................................................................................12-6 STANDARD NAMED ACL SYNTAX ........................................................................................................12-6 CONFIGURATION EXAMPLE FOR STANDARD NAMED ACLS ...................................................................12-8 CONFIGURING EXTENDED NUMBERED ACLS ..............................................................................................12-8 EXTENDED NUMBERED ACL SYNTAX ..................................................................................................12-8 CONFIGURATION EXAMPLES FOR EXTENDED NUMBERED ACLS .........................................................12-12 CONFIGURING EXTENDED NAMED ACLS ..................................................................................................12-13 EXTENDED NAMED ACL SYNTAX ......................................................................................................12-15 CONFIGURATION EXAMPLE FOR EXTENDED NAMED ACLS .................................................................12-18 ADDING A COMMENT TO AN ACL ENTRY .................................................................................................12-18December 2005 Foundry Networks, Inc. ix

Foundry Configuration Guide for the FESX, FSX, and FWSX

ENABLING STRICT CONTROL OF ACL FILTERING OF FRAGMENTED PACKETS ............................................12-20 ENABLING ACL FILTERING BASED ON VLAN MEMBERSHIP OR VE PORT MEMBERSHIP ....................................................................................................................12-20 APPLYING AN ACL TO SPECIFIC VLAN MEMBERS ON A PORT (LAYER 2 DEVICES ONLY) ...................12-21 APPLYING AN ACL TO A SUBSET OF PORTS ON A VIRTUAL INTERFACE (LAYER 3 DEVICES ONLY) .......12-21 FILTERING ON IP PRECEDENCE AND TOS VALUES ...................................................................................12-22 QOS OPTIONS FOR IP ACLS ..................................................................................................................12-23 USING AN ACL TO MAP THE DSCP VALUE (DSCP COS MAPPING) ..................................................12-23 USING AN IP ACL TO MARK DSCP VALUES (DSCP MARKING) .........................................................12-23 DSCP MATCHING ............................................................................................................................12-24 ACL-BASED RATE LIMITING ....................................................................................................................12-24 ACL COUNTING ......................................................................................................................................12-25 USING ACLS TO CONTROL MULTICAST FEATURES ...................................................................................12-25 DISPLAYING ACL INFORMATION ..............................................................................................................12-25 TROUBLESHOOTING ACLS ......................................................................................................................12-25

CHAPTER 13 CONFIGURING QUALITY OF SERVICE .......................................................... 13-1CLASSIFICATION .......................................................................................................................................13-1 PROCESSING OF CLASSIFIED TRAFFIC .................................................................................................13-2 QOS QUEUES ..........................................................................................................................................13-6 ASSIGNING QOS PRIORITIES TO TRAFFIC ............................................................................................13-7 MARKING ..................................................................................................................................................13-8 CONFIGURING DSCP-BASED QOS ............................................................................................................13-8 APPLICATION NOTES ..........................................................................................................................13-8 USING ACLS TO HONOR DSCP-BASED QOS ......................................................................................13-8 CONFIGURING THE QOS MAPPINGS ...........................................................................................................13-8 DEFAULT DSCP > INTERNAL FORWARDING PRIORITY MAPPINGS .......................................................13-9 CHANGING THE DSCP > INTERNAL FORWARDING PRIORITY MAPPINGS ............................................13-10 CHANGING THE INTERNAL FORWARDING PRIORITY > HARDWARE FORWARDING QUEUE MAPPINGS ...13-10 SCHEDULING ..........................................................................................................................................13-11 QOS QUEUING METHODS .................................................................................................................13-11 SELECTING THE QOS QUEUING METHOD ..........................................................................................13-12 CONFIGURING THE QOS QUEUES .....................................................................................................13-12 VIEWING QOS SETTINGS ........................................................................................................................13-15 VIEWING DSCP-BASED QOS SETTINGS ..................................................................................................13-16

CHAPTER 14 CONFIGURING RATE LIMITING.................................................................... 14-1OVERVIEW ................................................................................................................................................14-1 RATE LIMITING IN HARDWARE .............................................................................................................14-1 HOW FIXED RATE LIMITING WORKS ....................................................................................................14-2 CONFIGURATION NOTES .....................................................................................................................14-2 CONFIGURING A PORT-BASED RATE LIMITING POLICY ................................................................................14-3 CONFIGURING AN ACL-BASED RATE LIMITING POLICY ...............................................................................14-3 OPTIMIZING RATE LIMITING .......................................................................................................................14-3x Foundry Networks, Inc. December 2005

Contents

DISPLAYING THE FIXED RATE LIMITING CONFIGURATION ............................................................................14-4

CHAPTER 15 TRAFFIC POLICIES .................................................................................... 15-1ABOUT TRAFFIC POLICIES .........................................................................................................................15-1 CONFIGURATION NOTES AND FEATURE LIMITATIONS ..................................................................................15-2 MAXIMUM NUMBER OF TRAFFIC POLICIES SUPPORTED ON A DEVICE ..........................................................15-3 SETTING THE MAXIMUM NUMBER OF TRAFFIC POLICIES SUPPORTED ON A LAYER 3 DEVICE .................15-3 ACL-BASED RATE LIMITING VIA TRAFFIC POLICIES ....................................................................................15-4 SUPPORT FOR FIXED RATE LIMITING AND ADAPTIVE RATE LIMITING .....................................................15-4 CONFIGURING ACL-BASED FIXED RATE LIMITING ................................................................................15-4 CONFIGURING ACL-BASED ADAPTIVE RATE LIMITING ..........................................................................15-5 SPECIFYING THE ACTION TO BE TAKEN FOR PACKETS THAT ARE OVER THE LIMIT .................................15-7 ACL AND RATE LIMIT COUNTING ...............................................................................................................15-8 ENABLING ACL COUNTING .................................................................................................................15-8 ENABLING ACL COUNTING WITH RATE LIMITING TRAFFIC POLICIES .....................................................15-9 VIEWING ACL AND RATE LIMIT COUNTERS .........................................................................................15-9 CLEARING ACL AND RATE LIMIT COUNTERS .....................................................................................15-10 VIEWING TRAFFIC POLICIES ....................................................................................................................15-11

CHAPTER 16 CONFIGURING IP....................................................................................... 16-1BASIC CONFIGURATION .............................................................................................................................16-1 OVERVIEW ................................................................................................................................................16-2 IP INTERFACES ..................................................................................................................................16-2 IP PACKET FLOW THROUGH A LAYER 3 SWITCH .................................................................................16-3 IP ROUTE EXCHANGE PROTOCOLS .....................................................................................................16-7 IP MULTICAST PROTOCOLS ................................................................................................................16-7 IP INTERFACE REDUNDANCY PROTOCOLS ...........................................................................................16-8 ACCESS CONTROL LISTS AND IP ACCESS POLICIES ............................................................................16-8 BASIC IP PARAMETERS AND DEFAULTS LAYER 3 SWITCHES ....................................................................16-8 WHEN PARAMETER CHANGES TAKE EFFECT .......................................................................................16-9 IP GLOBAL PARAMETERS LAYER 3 SWITCHES ..................................................................................16-9 IP INTERFACE PARAMETERS LAYER 3 SWITCHES ...........................................................................16-13 BASIC IP PARAMETERS AND DEFAULTS LAYER 2 SWITCHES ..................................................................16-15 IP GLOBAL PARAMETERS LAYER 2 SWITCHES ................................................................................16-15 INTERFACE IP PARAMETERS LAYER 2 SWITCHES ...........................................................................16-17 CONFIGURING IP PARAMETERS LAYER 3 SWITCHES .............................................................................16-17 CONFIGURING IP ADDRESSES ..........................................................................................................16-17 CONFIGURING DOMAIN NAME SERVER (DNS) RESOLVER ..................................................................16-19 CONFIGURING PACKET PARAMETERS ................................................................................................16-20 CHANGING THE ROUTER ID ..............................................................................................................16-23 SPECIFYING A SINGLE SOURCE INTERFACE FOR TELNET, TACACS/TACACS+, OR RADIUS PACKETS ...............................................................................................................16-24 CONFIGURING ARP PARAMETERS ....................................................................................................16-25 CONFIGURING FORWARDING PARAMETERS .......................................................................................16-29December 2005 Foundry Networks, Inc. xi

Foundry Configuration Guide for the FESX, FSX, and FWSX

DISABLING ICMP MESSAGES ...........................................................................................................16-31 CONFIGURING STATIC ROUTES .........................................................................................................16-32 CONFIGURING A DEFAULT NETWORK ROUTE .....................................................................................16-39 CONFIGURING IP LOAD SHARING ......................................................................................................16-41 CONFIGURING IRDP .........................................................................................................................16-44 CONFIGURING RARP .......................................................................................................................16-45 CONFIGURING UDP BROADCAST AND IP HELPER PARAMETERS ........................................................16-47 CONFIGURING BOOTP/DHCP FORWARDING PARAMETERS ................................................................16-49 CONFIGURING IP PARAMETERS LAYER 2 SWITCHES .............................................................................16-51 CONFIGURING THE MANAGEMENT IP ADDRESS AND SPECIFYING THE DEFAULT GATEWAY ..................16-51 CONFIGURING DOMAIN NAME SERVER (DNS) RESOLVER ..................................................................16-51 CHANGING THE TTL THRESHOLD ......................................................................................................16-53 CONFIGURING DHCP ASSIST ...........................................................................................................16-53 DISPLAYING IP CONFIGURATION INFORMATION AND STATISTICS ...............................................................16-57 CHANGING THE NETWORK MASK DISPLAY TO PREFIX FORMAT ..........................................................16-57 DISPLAYING IP INFORMATION LAYER 3 SWITCHES ..........................................................................16-57 DISPLAYING IP INFORMATION LAYER 2 SWITCHES ..........................................................................16-73

CHAPTER 17 CONFIGURING RIP .................................................................................... 17-1RIP OVERVIEW .........................................................................................................................................17-1 ICMP HOST UNREACHABLE MESSAGE FOR UNDELIVERABLE ARPS .....................................................17-2 RIP PARAMETERS AND DEFAULTS .............................................................................................................17-2 RIP GLOBAL PARAMETERS .................................................................................................................17-2 RIP INTERFACE PARAMETERS ............................................................................................................17-3 CONFIGURING RIP PARAMETERS ..............................................................................................................17-4 ENABLING RIP ...................................................................................................................................17-4 CONFIGURING METRIC PARAMETERS ..................................................................................................17-4 CHANGING THE ADMINISTRATIVE DISTANCE ........................................................................................17-5 CONFIGURING REDISTRIBUTION ..........................................................................................................17-6 CONFIGURING ROUTE LEARNING AND ADVERTISING PARAMETERS .......................................................17-7 CHANGING THE ROUTE LOOP PREVENTION METHOD ...........................................................................17-8 SUPPRESSING RIP ROUTE ADVERTISEMENT ON A VRRP OR VRRPE BACKUP INTERFACE ...................17-9 CONFIGURING RIP ROUTE FILTERS ....................................................................................................17-9 DISPLAYING RIP FILTERS ........................................................................................................................17-10 DISPLAYING CPU UTILIZATION STATISTICS ..............................................................................................17-11

CHAPTER 18 CONFIGURING IP MULTICAST TRAFFIC REDUCTION .................................... 18-1OVERVIEW ................................................................................................................................................18-1 SUPPORT FOR IGMP V2 SNOOPING ..........................................................................................................18-2 CONFIGURING IP MULTICAST TRAFFIC REDUCTION ....................................................................................18-2 ENABLING IP MULTICAST TRAFFIC REDUCTION ....................................................................................18-2 CHANGING THE IGMP MODE ..............................................................................................................18-3 DISABLING IGMP ON INDIVIDUAL PORTS .............................................................................................18-3 MODIFYING THE QUERY INTERVAL ......................................................................................................18-4xii Foundry Networks, Inc. December 2005

Contents

MODIFYING THE AGE INTERVAL ...........................................................................................................18-4 FILTERING MULTICAST GROUPS ..........................................................................................................18-4 PIM SM TRAFFIC SNOOPING ....................................................................................................................18-5 CONFIGURATION NOTES .....................................................................................................................18-5 APPLICATION EXAMPLES .....................................................................................................................18-5 CONFIGURATION REQUIREMENTS ........................................................................................................18-7 ENABLING PIM SM TRAFFIC SNOOPING ..............................................................................................18-8 DISPLAYING IP MULTICAST INFORMATION ..................................................................................................18-8 DISPLAYING MULTICAST INFORMATION ON LAYER 2 SWITCHES ............................................................18-8 DISPLAYING IP MULTICAST STATISTICS .............................................................................................18-16 CLEARING IP MULTICAST STATISTICS ...............................................................................................18-16 CLEARING IGMP GROUP FLOWS ......................................................................................................18-16

CHAPTER 19 CONFIGURING IP MULTICAST PROTOCOLS ................................................. 19-1OVERVIEW OF IP MULTICASTING ...............................................................................................................19-2 MULTICAST TERMS .............................................................................................................................19-2 CHANGING GLOBAL IP MULTICAST PARAMETERS .......................................................................................19-3 CHANGING DYNAMIC MEMORY ALLOCATION FOR IP MULTICAST GROUPS .............................................19-3 CHANGING IGMP V1 AND V2 PARAMETERS ........................................................................................19-5 ADDING AN INTERFACE TO A MULTICAST GROUP .......................................................................................19-6 PIM DENSE .............................................................................................................................................19-6 INITIATING PIM MULTICASTS ON A NETWORK ......................................................................................19-6 PRUNING A MULTICAST TREE .............................................................................................................19-7 GRAFTS TO A MULTICAST TREE ..........................................................................................................19-8 PIM DM VERSIONS ............................................................................................................................19-8 CONFIGURING PIM DM .....................................................................................................................19-9 FAILOVER TIME IN A MULTI-PATH TOPOLOGY ....................................................................................19-13 MODIFYING THE TTL ........................................................................................................................19-13 PIM SPARSE .........................................................................................................................................19-13 PIM SPARSE ROUTER TYPES ...........................................................................................................19-14 RP PATHS AND SPT PATHS .............................................................................................................19-15 CONFIGURING PIM SPARSE ..............................................................................................................19-15 DISPLAYING PIM SPARSE CONFIGURATION INFORMATION AND STATISTICS .........................................19-20 PASSIVE MULTICAST ROUTE INSERTION ..................................................................................................19-31 DVMRP OVERVIEW ................................................................................................................................19-32 INITIATING DVMRP MULTICASTS ON A NETWORK .............................................................................19-32 PRUNING A MULTICAST TREE ...........................................................................................................19-32 GRAFTS TO A MULTICAST TREE ........................................................................................................19-34 CONFIGURING DVMRP ...........................................................................................................................19-34 ENABLING DVMRP ON THE LAYER 3 SWITCH AND INTERFACE ...........................................................19-34 MODIFYING DVMRP GLOBAL PARAMETERS ......................................................................................19-35 MODIFYING DVMRP INTERFACE PARAMETERS .................................................................................19-37 DISPLAYING INFORMATION ABOUT AN UPSTREAM NEIGHBOR DEVICE .................................................19-38 CONFIGURING AN IP TUNNEL ..................................................................................................................19-38 USING ACLS TO CONTROL MULTICAST FEATURES ...................................................................................19-39December 2005 Foundry Networks, Inc. xiii

Foundry Configuration Guide for the FESX, FSX, and FWSX

USING ACLS TO LIMIT STATIC RP GROUPS ......................................................................................19-39 USING ACLS TO LIMIT PIM RP CANDIDATE ADVERTISEMENT ............................................................19-40 USING ACLS TO CONTROL MULTICAST TRAFFIC BOUNDARIES ...........................................................19-41 CONFIGURING A STATIC MULTICAST ROUTE ............................................................................................19-42 TRACING A MULTICAST ROUTE ................................................................................................................19-43 DISPLAYING ANOTHER MULTICAST ROUTERS MULTICAST CONFIGURATION ..............................................19-45 IGMP V3 ...............................................................................................................................................19-46 DEFAULT IGMP VERSION .................................................................................................................19-46 COMPATIBILITY WITH IGMP V1 AND V2 ..........................................................................................19-47 GLOBALLY ENABLING THE IGMP VERSION ........................................................................................19-47 ENABLING THE IGMP VERSION PER INTERFACE SETTING ..................................................................19-47 ENABLING THE IGMP VERSION ON A PHYSICAL PORT WITHIN A VIRTUAL ROUTING INTERFACE ...........19-48 ENABLING MEMBERSHIP TRACKING AND FAST LEAVE ........................................................................19-48 SETTING THE QUERY INTERVAL ........................................................................................................19-49 SETTING THE GROUP MEMBERSHIP TIME ..........................................................................................19-49 SETTING THE MAXIMUM RESPONSE TIME ..........................................................................................19-49 IGMP V3 AND SOURCE SPECIFIC MULTICAST PROTOCOLS ...............................................................19-50 DISPLAYING IGMP V3 STATISTICS ....................................................................................................19-50 CLEARING IGMP STATISTICS ............................................................................................................19-54

CHAPTER 20 CONFIGURING OSPF ................................................................................ 20-1OVERVIEW OF OSPF ................................................................................................................................20-1 OSPF POINT-TO-POINT LINKS ............................................................................................................20-3 DESIGNATED ROUTERS IN MULTI-ACCESS NETWORKS .........................................................................20-4 DESIGNATED ROUTER ELECTION IN MULTI-ACCESS NETWORKS ...........................................................20-4 OSPF RFC 1583 AND 2178 COMPLIANCE .........................................................................................20-5 REDUCTION OF EQUIVALENT AS EXTERNAL LSAS ...............................................................................20-5 SUPPORT FOR OSPF RFC 2328 APPENDIX E ....................................................................................20-7 DYNAMIC OSPF ACTIVATION AND CONFIGURATION .............................................................................20-8 DYNAMIC OSPF MEMORY ..................................................................................................................20-8 CONFIGURING OSPF ................................................................................................................................20-8 CONFIGURATION RULES .....................................................................................................................20-9 OSPF PARAMETERS ..........................................................................................................................20-9 ENABLE OSPF ON THE ROUTER .......................................................................................................20-10 ASSIGN OSPF AREAS ......................................................................................................................20-11 ASSIGNING AN AREA RANGE (OPTIONAL) ..........................................................................................20-14 ASSIGNING INTERFACES TO AN AREA ................................................................................................20-15 MODIFY INTERFACE DEFAULTS .........................................................................................................20-15 CHANGE THE TIMER FOR OSPF AUTHENTICATION CHANGES .............................................................20-17 BLOCK FLOODING OF OUTBOUND LSAS ON SPECIFIC OSPF INTERFACES .........................................20-17 CONFIGURING AN OSPF NON-BROADCAST INTERFACE .....................................................................20-18 ASSIGN VIRTUAL LINKS ....................................................................................................................20-19 MODIFY VIRTUAL LINK PARAMETERS .................................................................................................20-21 CHANGING THE REFERENCE BANDWIDTH FOR THE COST ON OSPF INTERFACES ...............................20-22 DEFINE REDISTRIBUTION FILTERS .....................................................................................................20-23xiv Foundry Networks, Inc. December 2005

Contents

PREVENT SPECIFIC OSPF ROUTES FROM BEING INSTALLED IN THE IP ROUTE TABLE ........................20-25 MODIFY DEFAULT METRIC FOR REDISTRIBUTION ...............................................................................20-28 ENABLE ROUTE REDISTRIBUTION ......................................................................................................20-28 DISABLE OR RE-ENABLE LOAD SHARING ...........................................................................................20-30 CONFIGURE EXTERNAL ROUTE SUMMARIZATION ...............................................................................20-31 CONFIGURE DEFAULT ROUTE ORIGINATION .......................................................................................20-32 MODIFY SPF TIMERS .......................................................................................................................20-33 MODIFY REDISTRIBUTION METRIC TYPE ............................................................................................20-33 MODIFY ADMINISTRATIVE DISTANCE ..................................................................................................20-34 CONFIGURE OSPF GROUP LINK STATE ADVERTISEMENT (LSA) PACING ...........................................20-34 MODIFY OSPF TRAPS GENERATED ..................................................................................................20-35 MODIFY OSPF STANDARD COMPLIANCE SETTING .............................................................................20-36 MODIFY EXIT OVERFLOW INTERVAL ..................................................................................................20-36 CONFIGURING AN OSPF POINT-TO-POINT LINK .................................................................................20-36 SPECIFY TYPES OF OSPF SYSLOG MESSAGES TO LOG ....................................................................20-37 DISPLAYING OSPF INFORMATION ............................................................................................................20-37 DISPLAYING GENERAL OSPF CONFIGURATION INFORMATION ............................................................20-38 DISPLAYING CPU UTILIZATION STATISTICS ........................................................................................20-39 DISPLAYING OSPF AREA INFORMATION ............................................................................................20-40 DISPLAYING OSPF NEIGHBOR INFORMATION ....................................................................................20-41 DISPLAYING OSPF INTERFACE INFORMATION ....................................................................................20-43 DISPLAYING OSPF ROUTE INFORMATION ..........................................................................................20-44 DISPLAYING OSPF EXTERNAL LINK STATE INFORMATION ..................................................................20-46 DISPLAYING OSPF LINK STATE INFORMATION ...................................................................................20-47 DISPLAYING THE DATA IN AN LSA .....................................................................................................20-48 DISPLAYING OSPF VIRTUAL NEIGHBOR INFORMATION .......................................................................20-49 DISPLAYING OSPF VIRTUAL LINK INFORMATION ................................................................................20-49 DISPLAYING OSPF ABR AND ASBR INFORMATION ...........................................................................20-49 DISPLAYING OSPF TRAP STATUS .....................................................................................................20-49

CHAPTER 21 CONFIGURING BGP4 ................................................................................ 21-1OVERVIEW OF BGP4 ................................................................................................................................21-2 RELATIONSHIP BETWEEN THE BGP4 ROUTE TABLE AND THE IP ROUTE TABLE ....................................21-3 HOW BGP4 SELECTS A PATH FOR A ROUTE .......................................................................................21-4 BGP4 MESSAGE TYPES .....................................................................................................................21-5 BASIC CONFIGURATION AND ACTIVATION FOR BGP4 .................................................................................21-6 NOTE REGARDING DISABLING BGP4 ..................................................................................................21-7 BGP4 PARAMETERS .................................................................................................................................21-7 WHEN PARAMETER CHANGES TAKE EFFECT .......................................................................................21-8 MEMORY CONSIDERATIONS .......................................................................................................................21-9 MEMORY CONFIGURATION OPTIONS OBSOLETED BY DYNAMIC MEMORY ............................................21-10 BASIC CONFIGURATION TASKS ................................................................................................................21-10 ENABLING BGP4 ON THE ROUTER ....................................................................................................21-10 CHANGING THE ROUTER ID ..............................................................................................................21-11 SETTING THE LOCAL AS NUMBER .....................................................................................................21-11December 2005 Foundry Networks, Inc. xv

Foundry Configuration Guide for the FESX, FSX, and FWSX

ADDING A LOOPBACK INTERFACE ......................................................................................................21-11 ADDING BGP4 NEIGHBORS ..............................................................................................................21-12 ADDING A BGP4 PEER GROUP ........................................................................................................21-17 OPTIONAL CONFIGURATION TASKS ..........................................................................................................21-21 CHANGING THE KEEP ALIVE TIME AND HOLD TIME ............................................................................21-21 CHANGING THE BGP4 NEXT-HOP UPDATE TIMER .............................................................................21-21 ENABLING FAST EXTERNAL FALLOVER ..............................................................................................21-22 CHANGING THE MAXIMUM NUMBER OF PATHS FOR BGP4 LOAD SHARING .........................................21-22 CUSTOMIZING BGP4 LOAD SHARING ................................................................................................21-23 SPECIFYING A LIST OF NETWORKS TO ADVERTISE .............................................................................21-24 CHANGING THE DEFAULT LOCAL PREFERENCE ..................................................................................21-25 USING THE IP DEFAULT ROUTE AS A VALID NEXT HOP FOR A BGP4 ROUTE .....................................21-25 ADVERTISING THE DEFAULT ROUTE ..................................................................................................21-26 CHANGING THE DEFAULT MED (METRIC) USED FOR ROUTE REDISTRIBUTION ....................................21-26 ENABLING NEXT-HOP RECURSION ....................................................................................................21-26 CHANGING ADMINISTRATIVE DISTANCES ...........................................................................................21-29 REQUIRING THE FIRST AS TO BE THE NEIGHBORS AS ......................................................................21-30 DISABLING OR RE-ENABLING COMPARISON OF THE AS-PATH LENGTH ...............................................21-30 ENABLING OR DISABLING COMPARISON OF THE ROUTER IDS .............................................................21-30 CONFIGURING THE LAYER 3 SWITCH TO ALWAYS COMPARE MULTI-EXIT DISCRIMINATORS (MEDS) ....21-31 TREATING MISSING MEDS AS THE WORST MEDS .............................................................................21-32 CONFIGURING ROUTE REFLECTION PARAMETERS .............................................................................21-32 CONFIGURING CONFEDERATIONS ......................................................................................................21-34 AGGREGATING ROUTES ADVERTISED TO BGP4 NEIGHBORS .............................................................21-37 MODIFYING REDISTRIBUTION PARAMETERS ..............................................................................................21-37 REDISTRIBUTING CONNECTED ROUTES .............................................................................................21-38 REDISTRIBUTING RIP ROUTES ..........................................................................................................21-38 REDISTRIBUTING OSPF EXTERNAL ROUTES .....................................................................................21-39 REDISTRIBUTING STATIC ROUTES .....................................................................................................21-39 DISABLING OR RE-ENABLING RE-ADVERTISEMENT OF ALL LEARNED BGP4 ROUTES TO ALL BGP4 NEIGHBORS .................................................................................21-39 REDISTRIBUTING IBGP ROUTES INTO RIP AND OSPF ......................................................................21-40 FILTERING ..............................................................................................................................................21-40 FILTERING SPECIFIC IP ADDRESSES .................................................................................................21-40 FILTERING AS-PATHS .......................................................................................................................21-41 FILTERING COMMUNITIES ..................................................................................................................21-45 DEFINING IP PREFIX LISTS ...............................................................................................................21-47 DEFINING NEIGHBOR DISTRIBUTE LISTS ............................................................................................21-47 DEFINING ROUTE MAPS ...................................................................................................................21-48 USING A TABLE MAP TO SET THE TAG VALUE ...................................................................................21-55 CONFIGURING COOPERATIVE BGP4 ROUTE FILTERING .....................................................................21-55 CONFIGURING ROUTE FLAP DAMPENING .................................................................................................21-58 GLOBALLY CONFIGURING ROUTE FLAP DAMPENING ..........................................................................21-59 USING A ROUTE MAP TO CONFIGURE ROUTE FLAP DAMPENING FOR SPECIFIC ROUTES ....................21-60 USING A ROUTE MAP TO CONFIGURE ROUTE FLAP DAMPENING FOR A SPECIFIC NEIGHBOR ..............21-60 REMOVING ROUTE DAMPENING FROM A ROUTE ................................................................................21-61

xvi

Foundry Networks, Inc.

December 2005

Contents

REMOVING ROUTE DAMPENING FROM A NEIGHBORS ROUTES SUPPRESSED DUE TO AGGREGATION ..21-61 DISPLAYING AND CLEARING ROUTE FLAP DAMPENING STATISTICS .....................................................21-63 GENERATING TRAPS FOR BGP ...............................................................................................................21-64 DISPLAYING BGP4 INFORMATION ............................................................................................................21-65 DISPLAYING SUMMARY BGP4 INFORMATION .....................................................................................21-65 DISPLAYING THE ACTIVE BGP4 CONFIGURATION ..............................................................................21-68 DISPLAYING CPU UTILIZATION STATISTICS ........................................................................................21-68 DISPLAYING SUMMARY NEIGHBOR INFORMATION ...............................................................................21-70 DISPLAYING BGP4 NEIGHBOR INFORMATION .....................................................................................21-73 DISPLAYING PEER GROUP INFORMATION ...........................................................................................21-86 DISPLAYING SUMMARY ROUTE INFORMATION ....................................................................................21-87 DISPLAYING THE BGP4 ROUTE TABLE ..............................................................................................21-88 DISPLAYING BGP4 ROUTE-ATTRIBUTE ENTRIES ................................................................................21-96 DISPLAYING THE ROUTES BGP4 HAS PLACED IN THE IP ROUTE TABLE .............................................21-97 DISPLAYING ROUTE FLAP DAMPENING STATISTICS ............................................................................21-98 DISPLAYING THE ACTIVE ROUTE MAP CONFIGURATION ......................................................................21-99 UPDATING ROUTE INFORMATION AND RESETTING A NEIGHBOR SESSION ................................................21-100 USING SOFT RECONFIGURATION .....................................................................................................21-100 DYNAMICALLY REQUESTING A ROUTE REFRESH FROM A BGP4 NEIGHBOR ......................................21-102 CLOSING OR RESETTING A NEIGHBOR SESSION ..............................................................................21-105 CLEARING AND RESETTING BGP4 ROUTES IN THE IP ROUTE TABLE ................................................21-106 CLEARING TRAFFIC COUNTERS .............................................................................................................21-106 CLEARING ROUTE FLAP DAMPENING STATISTICS ...................................................................................21-106 REMOVING ROUTE FLAP DAMPENING ....................................................................................................21-107 CLEARING DIAGNOSTIC BUFFERS ..........................................................................................................21-107

CHAPTER 22 CONFIGURING VRRP AND VRRPE ........................................................... 22-1OVERVIEW ................................................................................................................................................22-2 CONFIGURATION NOTE .......................................................................................................................22-2 OVERVIEW OF VRRP .........................................................................................................................22-2 OVERVIEW OF VRRPE .......................................................................................................................22-6 CONFIGURATION NOTE .......................................................................................................................22-7 COMPARISON OF VRRP AND VRRPE .......................................................................................................22-8 VRRP ...............................................................................................................................................22-8 VRRPE .............................................................................................................................................22-8 ARCHITECTURAL DIFFERENCES ...........................................................................................................22-8 VRRP AND VRRPE PARAMETERS ............................................................................................................22-9 CONFIGURING BASIC VRRP PARAMETERS ..............................................................................................22-11 CONFIGURING THE OWNER ...............................................................................................................22-11 CONFIGURING A BACKUP ..................................................................................................................22-12 CONFIGURATION RULES FOR VRRP .................................................................................................22-12 CONFIGURING BASIC VRRPE PARAMETERS ............................................................................................22-12 CONFIGURATION RULES FOR VRRPE ...............................................................................................22-12 NOTE REGARDING DISABLING VRRP OR VRRPE ....................................................................................22-12 CONFIGURING ADDITIONAL VRRP AND VRRPE PARAMETERS .................................................................22-13December 2005 Foundry Networks, Inc. xvii

Foundry Configuration Guide for the FESX, FSX, and FWSX

FORCING A MASTER ROUTER TO ABDICATE TO A STANDBY ROUTER ........................................................22-18 DISPLAYING VRRP AND VRRPE INFORMATION .......................................................................................22-19 DISPLAYING SUMMARY INFORMATION ................................................................................................22-19 DISPLAYING DETAILED INFORMATION ................................................................................................22-20 DISPLAYING STATISTICS ...................................................................................................................22-26 CLEARING VRRP OR VRRPE STATISTICS ........................................................................................22-27 DISPLAYING CPU UTILIZATION STATISTICS ........................................................................................22-28 CONFIGURATION EXAMPLES ....................................................................................................................22-29 VRRP EXAMPLE ..............................................................................................................................22-29 VRRPE EXAMPLE ............................................................................................................................22-30

CHAPTER 23 UPDATING SOFTWARE IMAGES AND CONFIGURATION FILES.............................................................................. 23-1OVERVIEW ................................................................................................................................................23-1 DETERMINING THE SOFTWARE VERSIONS INSTALLED AND RUNNING ON A DEVICE .......................................23-2 DETERMINING THE FLASH IMAGE VERSION RUNNING ON THE DEVICE ...................................................23-2 DETERMINING THE BOOT IMAGE VERSION RUNNING ON THE DEVICE ....................................................23-3 DETERMINING THE IMAGE VERSIONS INSTALLED IN FLASH MEMORY .....................................................23-4 IMAGE FILE TYPES ....................................................................................................................................23-4 UPGRADING SOFTWARE ............................................................................................................................23-4 MIGRATING TO THE NEW RELEASE .....................................................................................................23-4 UPGRADING THE BOOT CODE .............................................................................................................23-5 UPGRADING THE FLASH CODE ............................................................................................................23-5 USING SNMP TO UPGRADE SOFTWARE ....................................................................................................23-6 CHANGING THE BLOCK SIZE FOR TFTP FILE TRANSFERS ..........................................................................23-7 REBOOTING ..............................................................................................................................................23-7 LOADING AND SAVING CONFIGURATION FILES ............................................................................................23-7 REPLACING THE STARTUP CONFIGURATION WITH THE RUNNING CONFIGURATION .................................23-8 REPLACING THE RUNNING CONFIGURATION WITH THE STARTUP CONFIGURATION .................................23-8 LOGGING CHANGES TO THE STARTUP-CONFIG FILE ............................................................................23-8 COPYING A CONFIGURATION FILE TO OR FROM A TFTP SERVER .........................................................23-8 DYNAMIC CONFIGURATION LOADING ...................................................................................................23-9 MAXIMUM FILE SIZES FOR STARTUP-CONFIG FILE AND RUNNING-CONFIG ..........................................23-10 USING SNMP TO SAVE AND LOAD CONFIGURATION INFORMATION .....................................................23-11 ERASING IMAGE AND CONFIGURATION FILES .....................................................................................23-12 SCHEDULING A SYSTEM RELOAD .............................................................................................................23-12 RELOADING AT A SPECIFIC TIME .......................................................................................................23-12 RELOADING AFTER A SPECIFIC AMOUNT OF TIME ..............................................................................23-12 DISPLAYING THE AMOUNT OF TIME REMAINING BEFORE A SCHEDULED RELOAD .................................23-13 CANCELING A SCHEDULED RELOAD ..................................................................................................23-13 DIAGNOSTIC ERROR CODES AND REMEDIES FOR TFTP TRANSFERS ........................................................23-13

xviii

Foundry Networks, Inc.

December 2005

Contents

APPENDIX A USING SYSLOG ...........................................................................................A-1OVERVIEW ................................................................................................................................................. A-1 DISPLAYING SYSLOG MESSAGES ................................................................................................................ A-2 CONFIGURING THE SYSLOG SERVICE ......................................................................................................... A-3 DISPLAYING THE SYSLOG CONFIGURATION ........................................................................................... A-4 DISABLING OR RE-ENABLING SYSLOG .................................................................................................. A-7 SPECIFYING A SYSLOG SERVER ..................