Foundry networks Switch and router Operator's manual

Foundry Switch and Router

Installation and Configuration Guide

2100 Gold Street

P.O. Box 649100

San Jose, CA 95164-9100

Tel 408.586.1700

Fax 408.586.1900

www.foundrynetworks.com

December 2000

December 2000 iii

Contents

CHAPTER 1

GETTING STARTED...................................................................................... 1-1

INTRODUCTION ...........................................................................................................................................1-1

AUDIENCE ..................................................................................................................................................1-1

NOMENCLATURE .........................................................................................................................................1-1

RELATED PUBLICATIONS .............................................................................................................................1-2

WHAT’SNEW INTHIS EDITION? ..................................................................................................................1-2

NEW HARDWARE ..................................................................................................................................1-2

LAYER 3 ENHANCEMENTS .....................................................................................................................1-2

SYSTEM LEVEL ENHANCEMENTS ...........................................................................................................1-3

HOW TO GET HELP .....................................................................................................................................1-4

WEB ACCESS .......................................................................................................................................1-4

EMAIL ACCESS .....................................................................................................................................1-4

TELEPHONE ACCESS ............................................................................................................................1-4

WARRANTY COVERAGE ...............................................................................................................................1-4

CHAPTER 2

INSTALLING AFOUNDRY LAYER 2 SWITCH OR LAYER 3 SWITCH .................. 2-1

UNPACKING ASYSTEM ................................................................................................................................2-1

PACKAGE CONTENTS ...........................................................................................................................2-1

GENERAL REQUIREMENTS ....................................................................................................................2-1

SUMMARY OF INSTALLATION PROCEDURES ..................................................................................................2-1

INSTALLATION PRECAUTIONS .......................................................................................................................2-3

PREPARING THE INSTALLATION SITE ............................................................................................................2-3

CABLING INFRASTRUCTURE ..................................................................................................................2-3

INSTALLATION LOCATION ......................................................................................................................2-3

INSTALLING OR REMOVING OPTIONAL MODULES (CHASSIS DEVICES ONLY) ..................................................2-4

INSTALLING MODULES ..........................................................................................................................2-4

REMOVING MODULES ...........................................................................................................................2-5

INSTALLING OR REMOVING REDUNDANT POWER SUPPLIES (CHASSIS DEVICES ONLY) ...................................2-6

Foundry Switch and Router Installation and Configuration Guide

iv December 2000

DETERMINING POWER SUPPLY STATUS ................................................................................................2-6

INSTALLING POWER SUPPLIES ..............................................................................................................2-6

REMOVING POWER SUPPLIES ...............................................................................................................2-7

REPLACING FANS (4-SLOT AND 8-SLOT CHASSIS DEVICES ONLY) ..............................................................2-10

REQUIRED TOOLS ..............................................................................................................................2-10

DETERMINING WHICH FAN HAS FAILED ...............................................................................................2-10

FOUR-SLOT CHASSIS .........................................................................................................................2-11

EIGHT-SLOT CHASSIS ........................................................................................................................2-12

REPLACING AFAN TRAY (15-SLOT CHASSIS DEVICES ONLY) .....................................................................2-13

VERIFYING PROPER OPERATION ...............................................................................................................2-13

ATTACHING APC OR TERMINAL ................................................................................................................2-14

ASSIGNING PERMANENT PASSWORDS .......................................................................................................2-16

CONFIGURING IP ADDRESSES ...................................................................................................................2-17

LAYER 3 SWITCHES ............................................................................................................................2-17

LAYER 2 SWITCHES ............................................................................................................................2-18

MOUNTING THE CHASSIS OR STACKABLE DEVICE ......................................................................................2-19

DESKTOP INSTALLATION .....................................................................................................................2-19

RACK MOUNT INSTALLATION –CHASSIS DEVICES ...............................................................................2-19

RACK MOUNT INSTALLATION –STACKABLE DEVICES ...........................................................................2-20

POWERING ONASYSTEM .........................................................................................................................2-21

CONNECTING NETWORK DEVICES .............................................................................................................2-22

CONNECTORS ....................................................................................................................................2-22

CABLE LENGTH ..................................................................................................................................2-22

CONNECTING TO ETHERNET OR FAST ETHERNET HUBS .......................................................................2-24

CONNECTING TO WORKSTATIONS, SERVERS, OR ROUTERS .................................................................2-24

INSTALLING OR REMOVING AGBIC .....................................................................................................2-25

TROUBLESHOOTING NETWORK CONNECTIONS .....................................................................................2-26

TESTING CONNECTIVITY ............................................................................................................................2-26

PINGING AN IP ADDRESS ....................................................................................................................2-26

TRACING AROUTE .............................................................................................................................2-26

MANAGING THE DEVICE ............................................................................................................................2-27

LOGGING ON THROUGH THE CLI .........................................................................................................2-27

LOGGING ONTHROUGH THE WEB MANAGEMENT INTERFACE ...............................................................2-29

LOGGING ON THROUGH IRONVIEW ......................................................................................................2-31

SWAPPING MODULES (CHASSIS DEVICES ONLY) .........................................................................................2-31

CHAPTER 3

SECURING ACCESS TO MANAGEMENT FUNCTIONS ....................................... 3-1

SECURING ACCESS METHODS .....................................................................................................................3-1

RESTRICTING REMOTE ACCESS TO MANAGEMENT FUNCTIONS .....................................................................3-3

USING ACLSTO RESTRICT REMOTE ACCESS .......................................................................................3-4

RESTRICTING REMOTE ACCESS TO THE DEVICE TO SPECIFIC IP ADDRESSES .........................................3-5

RESTRICTING REMOTE ACCESS TO THE DEVICE TO SPECIFIC VLAN IDS...............................................3-6

DISABLING SPECIFIC ACCESS METHODS ...............................................................................................3-7

SETTING PASSWORDS ................................................................................................................................3-9

December 2000 v

SETTING ATELNET PASSWORD ...........................................................................................................3-9

SETTING PASSWORDS FOR MANAGEMENT PRIVILEGE LEVELS ..............................................................3-10

RECOVERING FROM ALOST PASSWORD ..............................................................................................3-11

DISPLAYING THE SNMP COMMUNITY STRING ......................................................................................3-12

DISABLING PASSWORD ENCRYPTION ...................................................................................................3-12

SETTING UPLOCAL USER ACCOUNTS .......................................................................................................3-12

CONFIGURING ALOCAL USER ACCOUNT .............................................................................................3-13

ESTABLISHING SNMP COMMUNITY STRINGS .............................................................................................3-14

ENCRYPTION OF SNMP COMMUNITY STRINGS ...................................................................................3-15

ADDING AN SNMP COMMUNITY STRING .............................................................................................3-15

DISPLAYING THE SNMP COMMUNITY STRINGS ....................................................................................3-16

CONFIGURING TACACS/TACACS+ SECURITY .........................................................................................3-18

HOW TACACS+ DIFFERS FROM TACACS .........................................................................................3-18

TACACS/TACACS+ AUTHENTICATION, AUTHORIZATION, AND ACCOUNTING .......................................3-18

TACACS/TACACS+ CONFIGURATION CONSIDERATIONS ....................................................................3-22

IDENTIFYING THE TACACS/TACACS+ SERVERS ...............................................................................3-22

SETTING OPTIONAL TACACS/TACACS+ PARAMETERS .....................................................................3-23

CONFIGURING AUTHENTICATION-METHOD LISTS FOR TACACS/TACACS+ .........................................3-24

CONFIGURING TACACS+ AUTHORIZATION .........................................................................................3-25

CONFIGURING TACACS+ ACCOUNTING ..............................................................................................3-27

CONFIGURING AN INTERFACE AS THE SOURCE FOR ALL TACACS/TACACS+ PACKETS ......................3-27

DISPLAYING TACACS/TACACS+ STATISTICS AND CONFIGURATION INFORMATION ..............................3-28

CONFIGURING RADIUS SECURITY ............................................................................................................3-33

RADIUS AUTHENTICATION, AUTHORIZATION, AND ACCOUNTING ..........................................................3-33

RADIUS CONFIGURATION CONSIDERATIONS ......................................................................................3-36

RADIUS CONFIGURATION PROCEDURE ..............................................................................................3-36

CONFIGURING FOUNDRY-SPECIFIC ATTRIBUTES ON THE RADIUS SERVER ..........................................3-36

IDENTIFYING THE RADIUS SERVER TO THE FOUNDRY DEVICE ............................................................3-37

SETTING RADIUS PARAMETERS ........................................................................................................3-38

CONFIGURING AUTHENTICATION-METHOD LISTS FOR RADIUS ............................................................3-38

CONFIGURING RADIUS AUTHORIZATION .............................................................................................3-40

CONFIGURING RADIUS ACCOUNTING .................................................................................................3-40

CONFIGURING AN INTERFACE AS THE SOURCE FOR ALL RADIUS PACKETS .........................................3-41

DISPLAYING RADIUS CONFIGURATION INFORMATION ..........................................................................3-42

CONFIGURING AUTHENTICATION-METHOD LISTS ........................................................................................3-47

CONFIGURATION CONSIDERATIONS FOR AUTHENTICATION-METHOD LISTS ............................................3-48

EXAMPLES OF AUTHENTICATION-METHOD LISTS ..................................................................................3-48

CHAPTER 4

CONFIGURING SECURE SHELL..................................................................... 4-1

SETTING THE HOST NAME AND DOMAIN NAME .............................................................................................4-2

GENERATING AHOST RSA KEY PAIR ..........................................................................................................4-2

PROVIDING THE PUBLIC KEY TO CLIENTS ..............................................................................................4-2

CONFIGURING RSA CHALLENGE-RESPONSE AUTHENTICATION .....................................................................4-3

IMPORTING AUTHORIZED PUBLIC KEYS INTO THE FOUNDRY DEVICE .......................................................4-3

Foundry Switch and Router Installation and Configuration Guide

vi December 2000

ENABLING RSA CHALLENGE-RESPONSE AUTHENTICATION ....................................................................4-5

SETTING OPTIONAL PARAMETERS ...............................................................................................................4-5

SETTING THE NUMBER OF SSH AUTHENTICATION RETRIES ...................................................................4-5

SETTING THE SERVER RSA KEY SIZE ...................................................................................................4-5

DEACTIVATING USER AUTHENTICATION .................................................................................................4-6

ENABLING EMPTY PASSWORD LOGINS ..................................................................................................4-6

SETTING THE SSH PORT NUMBER ........................................................................................................4-6

SETTING THE SSH LOGIN TIMEOUT VALUE ...........................................................................................4-6

DESIGNATING AN INTERFACE AS THE SOURCE FOR ALL SSH PACKETS ..................................................4-7

VIEWING SSH CONNECTION INFORMATION ..................................................................................................4-7

SAMPLE SSH CONFIGURATION ...................................................................................................................4-9

USING SECURE COPY .................................................................................................................................4-9

CHAPTER 5

USING REDUNDANT MANAGEMENT MODULES .............................................. 5-1

CONFIGURATION CONSIDERATIONS ..............................................................................................................5-2

TEMPERATURE SENSOR ..............................................................................................................................5-2

SWITCHOVER ..............................................................................................................................................5-2

MANAGEMENT SESSIONS ......................................................................................................................5-2

SYSLOG AND SNMP TRAPS .................................................................................................................5-3

MAC ADDRESS CHANGES ....................................................................................................................5-3

CONFIGURING THE REDUNDANT MANAGEMENT PARAMETERS .......................................................................5-3

INSTALLING REDUNDANT MANAGEMENT MODULES ................................................................................5-3

DETERMINING REDUNDANT MANAGEMENT MODULE STATUS ..................................................................5-8

DISPLAYING SWITCHOVER MESSAGES .................................................................................................5-10

FILE SYNCHRONIZATION BETWEEN THE ACTIVE AND STANDBY REDUNDANT MANAGEMENT MODULES ..........5-11

DISPLAYING THE SYNCHRONIZATION SETTINGS ...................................................................................5-12

IMMEDIATELY SYNCHRONIZING SOFTWARE ..........................................................................................5-13

AUTOMATING SYNCHRONIZATION OF SOFTWARE .................................................................................5-14

SWITCHING OVER TO THE STANDBY REDUNDANT MANAGEMENT MODULE ..................................................5-16

PCMCIA FLASH CARD FILE MANAGEMENT COMMANDS .............................................................................5-17

PCMCIA SLOTS ................................................................................................................................5-18

SUBDIRECTORIES ...............................................................................................................................5-18

FILE AND SUBDIRECTORY NAMING CONVENTIONS ................................................................................5-19

WILDCARDS .......................................................................................................................................5-19

FORMATTING AFLASH CARD ..............................................................................................................5-20

DETERMINING THE FLASH CARD SLOT AND SUBDIRECTORY PATH THAT CURRENTLY HAVE THE MANAGEMENT

FOCUS ........................................................................................................................................5-20

SWITCHING THE MANAGEMENT FOCUS ................................................................................................5-21

DISPLAYING ADIRECTORY OF THE FILES ON AFLASH CARD ................................................................5-21

DISPLAYING THE CONTENTS OF AFILE ................................................................................................5-23

DISPLAY AHEXADECIMAL DUMP OF THE DATA IN AFILE ......................................................................5-23

CREATING ASUBDIRECTORY ..............................................................................................................5-24

REMOVING ASUBDIRECTORY ..............................................................................................................5-25

RENAMING AFILE ...............................................................................................................................5-25

December 2000 vii

CHANGING THE READ-WRITE ATTRIBUTE OF AFILE .............................................................................5-25

DELETING AFILE FROM AFLASH CARD ...............................................................................................5-26

RECOVERING (“UNDELETING”) AFILE ..................................................................................................5-26

APPENDING AFILE TO ANOTHER FILE .................................................................................................5-27

COPYING FILES ..................................................................................................................................5-27

LOADING THE STARTUP-CONFIG FILE FROM APCMCIA FLASH CARD DURING SYSTEM LOAD .............5-30

FILE MANAGEMENT MESSAGES ...........................................................................................................5-32

TEMPERATURE SENSOR ............................................................................................................................5-33

DISPLAYING THE TEMPERATURE .........................................................................................................5-33

DISPLAYING TEMPERATURE MESSAGES ..............................................................................................5-34

CHANGING TEMPERATURE WARNING AND SHUTDOWN LEVELS .............................................................5-35

CHANGING THE CHASSIS POLLING INTERVAL .......................................................................................5-36

CHAPTER 6

USING PACKET OVER SONET (POS) MODULES ......................................... 6-1

INSTALLING APOS MODULE .......................................................................................................................6-2

UPGRADING POS SOFTWARE FROM ATFTP SERVER ..................................................................................6-3

UPGRADING THE BOOT CODE ...............................................................................................................6-3

UPGRADING THE FLASH CODE ..............................................................................................................6-3

CONFIGURING POS BOOT PARAMETERS .....................................................................................................6-3

CHANGING THE BOOT SOURCE .............................................................................................................6-4

BOOTING THE MODULE FROM TFTP .....................................................................................................6-4

COPYING APOS IMAGE FILE FROM AFLASH CARD TO APOS MODULE’SFLASH MEMORY .....................6-4

CONFIGURING POS INTERFACES .................................................................................................................6-5

ADDING AN IP ADDRESS .......................................................................................................................6-5

CHANGING THE INTERFACE STATE ........................................................................................................6-6

CHANGING THE ENCAPSULATION TYPE ..................................................................................................6-6

CHANGING THE CLOCK SOURCE ...........................................................................................................6-6

CHANGING THE LOOPBACK PATH ..........................................................................................................6-7

CHANGING THE MTU ............................................................................................................................6-7

CHANGING THE CRC LENGTH ..............................................................................................................6-7

DISABLING OR REENABLING KEEPALIVE MESSAGES ...............................................................................6-8

CHANGING THE BANDWIDTH .................................................................................................................6-8

CHANGING THE POS FLAGS .................................................................................................................6-8

CHANGING THE FRAME TYPE ................................................................................................................6-9

ENABLING OR DISABLING ATM SCRAMBLING .........................................................................................6-9

CONFIGURING POS FOR FRAME RELAY ....................................................................................................6-10

CHANGING THE ENCAPSULATION TYPE ................................................................................................6-10

SPECIFYING THE FRAME RELAY INTERFACE TYPE ................................................................................6-10

SPECIFYING THE DLCI .......................................................................................................................6-10

SPECIFYING THE LMI TYPE ................................................................................................................6-11

VERIFYING THE CONFIGURATION .........................................................................................................6-11

CONFIGURING POS FOR LAYER 2 SWITCHING ...........................................................................................6-11

LINK REDUNDANCY AND LOAD BALANCING ..........................................................................................6-14

CONFIGURATION PROCEDURES ...........................................................................................................6-16

Foundry Switch and Router Installation and Configuration Guide

viii December 2000

CONFIGURING APOS PORT FOR LAYER 2 SWITCHING ........................................................................6-16

CONFIGURING STP PARAMETERS .......................................................................................................6-17

CONFIGURING THE POS PORTS INTO ATRUNK GROUP .......................................................................6-19

DISPLAYING LAYER 2 POS PORT INFORMATION ..................................................................................6-20

DISPLAYING POS INFORMATION ................................................................................................................6-21

DISPLAYING THE SOFTWARE VERSION RUNNING ON THE MODULE .......................................................6-21

DISPLAYING GENERAL MODULE INFORMATION .....................................................................................6-22

DETERMINING POS MODULE STATUS .................................................................................................6-22

DISPLAYING INTERFACE PARAMETERS .................................................................................................6-23

DISPLAYING POS STATISTICS .............................................................................................................6-26

CONFIGURING AUTOMATIC PROTECTION SWITCHING (APS) .......................................................................6-27

BASIC POS APS CONFIGURATION ......................................................................................................6-27

MULTI-GROUP APS CONFIGURATION ..................................................................................................6-28

SINGLE-DEVICE APS CONFIGURATION ................................................................................................6-30

CONFIGURING OPTIONAL PARAMETERS ...............................................................................................6-30

DISPLAYING POS APS INFORMATION .................................................................................................6-33

FOUNDRY POS INTERFACE SPECIFICATIONS .......................................................................................6-33

CHAPTER 7

UPDATING SOFTWARE IMAGES AND

CONFIGURATION FILES................................................................................ 7-1

DOWNLOADING AND UPLOADING ASOFTWARE IMAGE ON ATFTP SERVER ...................................................7-1

UPGRADING THE BOOT CODE ...............................................................................................................7-2

UPGRADING THE FLASH CODE ..............................................................................................................7-2

CHANGING THE BLOCK SIZE FOR TFTP FILE TRANSFERS ......................................................................7-3

USING THE EXECUTABLE BOOT COMMAND ............................................................................................7-4

LOADING AND SAVING CONFIGURATION FILES ..............................................................................................7-5

REPLACING THE STARTUP CONFIGURATION WITH THE RUNNING CONFIGURATION ...................................7-6

REPLACING THE RUNNING CONFIGURATION WITH THE STARTUP CONFIGURATION ...................................7-6

LOGGING CHANGES TO THE STARTUP-CONFIG FILE ..............................................................................7-6

COPYING ACONFIGURATION FILE TO OR FROM ATFTP SERVER ...........................................................7-7

MAXIMUM FILE SIZES FOR STARTUP-CONFIG FILE AND RUNNING-CONFIG ..............................................7-8

DIAGNOSTIC ERROR CODES AND REMEDIES FOR TFTP TRANSFERS .....................................................7-9

SAVING OR ERASING IMAGE AND CONFIGURATION FILES ............................................................................7-10

SCHEDULING ASYSTEM RELOAD ...............................................................................................................7-10

RELOADING AT ASPECIFIC TIME .........................................................................................................7-10

RELOADING AFTER ASPECIFIC AMOUNT OF TIME ................................................................................7-10

DISPLAYING THE AMOUNT OF TIME REMAINING BEFORE ASCHEDULED RELOAD ...................................7-11

CANCELING ASCHEDULED RELOAD ....................................................................................................7-11

CHAPTER 8

SOFTWARE OVERVIEW ................................................................................ 8-1

SOFTWARE FEATURE SUMMARY ..................................................................................................................8-1

FLASH IMAGES .....................................................................................................................................8-2

DETERMINING THE FLASH VERSION ADEVICE ISRUNNING .....................................................................8-3

December 2000 ix

FEATURE LIST ......................................................................................................................................8-3

SHOWING SYSTEM DEFAULTS ...............................................................................................................8-6

ACCESS AND MANAGEMENT FEATURES .......................................................................................................8-7

SECURE SHELL (SSH) .........................................................................................................................8-7

MANAGEMENT INTERFACES ..................................................................................................................8-8

MULTIPLE LEVELS OF ACCESS CONTROL ............................................................................................8-10

ACCESS CONTROL LISTS (ACLS) .......................................................................................................8-11

DYNAMIC CONFIGURATION ..................................................................................................................8-11

SOFT REBOOT ...................................................................................................................................8-11

SCHEDULED SYSTEM RELOAD ............................................................................................................8-11

TELNET ..............................................................................................................................................8-11

TRIVIAL FILE TRANSFER PROTOCOL (TFTP) .......................................................................................8-11

SIMPLE NETWORK TIME PROTOCOL (SNTP) .......................................................................................8-12

DOMAIN NAME SERVER (DNS) RESOLVER ..........................................................................................8-12

SNMPV2CSUPPORT .........................................................................................................................8-12

REMOTE MONITORING (RMON) STATISTICS .......................................................................................8-13

SYSLOG LOGGING ..............................................................................................................................8-13

PING AND TRACEROUTE FACILITIES ....................................................................................................8-13

PORT MIRRORING ..............................................................................................................................8-14

IRONCLAD QUALITY OF SERVICE (QOS) ....................................................................................................8-14

IP TYPE OF SERVICE (TOS) MAPPING ................................................................................................8-14

SELECTABLE QUEUING METHOD .........................................................................................................8-14

CONFIGURABLE BANDWIDTH PERCENTAGES ........................................................................................8-14

802.1QPRIORITY MAPPING ................................................................................................................8-15

QUEUE ASSIGNMENT BY TRAFFIC TYPE ..............................................................................................8-15

LAYER 2 SWITCHING FEATURES ................................................................................................................8-15

MAC SWITCHING ...............................................................................................................................8-15

STATIC MAC ENTRIES .......................................................................................................................8-15

STANDARD SPANNING TREE PROTOCOL (STP) ...................................................................................8-16

IRONSPAN STP ENHANCEMENTS ........................................................................................................8-16

TRUNK GROUPS .................................................................................................................................8-16

PORT-BASED VIRTUAL LANS(VLANS) ...............................................................................................8-17

VLAN TAGGING .................................................................................................................................8-17

MAC FILTERS ....................................................................................................................................8-17

ADDRESS-LOCK FILTERS ....................................................................................................................8-17

DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) ASSIST .............................................................8-18

IP MULTICAST CONTAINMENT .............................................................................................................8-18

LAYER 3 SWITCHING FEATURES ................................................................................................................8-18

PROTOCOL-BASED VIRTUAL LANS(VLANS) .......................................................................................8-18

IP ROUTER ACCELERATION ................................................................................................................8-19

IPX ROUTER ACCELERATION ..............................................................................................................8-20

IP AND IPX ROUTER ACCELERATION POLICIES ....................................................................................8-20

LAYER 3 ROUTING FEATURES ...................................................................................................................8-20

MULTI-NETTING ..................................................................................................................................8-20

MULTIPLE IP SUB-NETS PER INTERFACE .............................................................................................8-21

MULTIPLE IPX FRAME TYPE SUPPORT PER INTERFACE .......................................................................8-21

Foundry Switch and Router Installation and Configuration Guide

xDecember 2000

MULTI-PORT SUBNETS (INTEGRATED SWITCH-ROUTING) .....................................................................8-21

STATIC IP ROUTES, ADDRESS RESOLUTION PROTOCOL (ARP) ENTRIES, AND REVERSE ARP (RARP)

ENTRIES ......................................................................................................................................8-21

IP/RIP ROUTING ................................................................................................................................8-21

BORDER GATEWAY PROTOCOL (BGP4) ROUTING ...............................................................................8-22

IP ACCESS AND QOS FILTERS ............................................................................................................8-22

IP ROUTE FILTERS .............................................................................................................................8-23

IPX ROUTING .....................................................................................................................................8-23

IPX FORWARD FILTERS ......................................................................................................................8-23

IPX/RIP AND IPX/SAP FILTERS .........................................................................................................8-23

APPLETALK ROUTING .........................................................................................................................8-23

APPLETALK ZONE AND NETWORK FILTERS ..........................................................................................8-24

IP MULTICAST ROUTING (PIM AND DVMRP) ......................................................................................8-24

REDISTRIBUTION FILTERS ...................................................................................................................8-24

USER DATAGRAM PROTOCOL (UDP) HELPER .....................................................................................8-24

LAYER 4 SWITCHING FEATURES ................................................................................................................8-25

SESSION SWITCHING ..........................................................................................................................8-25

TCP/UDP ACCESS POLICIES .............................................................................................................8-25

LAYER 4 CACHING FEATURES ...................................................................................................................8-25

TRANSPARENT CACHE SWITCHING (TCS) ...........................................................................................8-25

TCS POLICY FILTERS .........................................................................................................................8-25

LOAD BALANCING AND REDUNDANCY FEATURES ........................................................................................8-26

SERVER LOAD BALANCING (SLB) .......................................................................................................8-26

ROUTER SUPPORT FOR GLOBALLY-DISTRIBUTED SLB .........................................................................8-26

FIREWALL LOAD BALANCING ...............................................................................................................8-26

VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP) ..........................................................................8-26

FOUNDRY SERVER REDUNDANCY PROTOCOL (FSRP) .........................................................................8-27

LAYER 4 SWITCH REDUNDANCY ..........................................................................................................8-27

CHAPTER 9

HARDWARE OVERVIEW ............................................................................... 9-1

CHASSIS SYSTEMS .....................................................................................................................................9-1

BIGIRON ..............................................................................................................................................9-1

NETIRON INTERNET BACKBONE ROUTER ...............................................................................................9-3

FASTIRON II FAMILY .............................................................................................................................9-5

NETIRON AND BIGIRON REDUNDANT MANAGEMENT MODULES ...............................................................9-6

BIGIRON STANDARD MANAGEMENT MODULES .......................................................................................9-9

NETIRON AND BIGIRON FORWARDING MODULES .................................................................................9-10

STACKABLE DEVICES ...............................................................................................................................9-12

FASTIRON WORKGROUP LAYER 2 SWITCH ..........................................................................................9-12

SERVERIRON SWITCH .........................................................................................................................9-12

NETIRON LAYER 3 SWITCH ................................................................................................................9-13

TURBOIRON LAYER 2 AND LAYER 3 SWITCHES ....................................................................................9-13

SYSTEM ARCHITECTURE ...........................................................................................................................9-13

CHASSIS ARCHITECTURE ....................................................................................................................9-13

December 2000 xi

STACKABLE ARCHITECTURE ................................................................................................................9-13

PHYSICAL VIEW ........................................................................................................................................9-15

SLOT AND PORT NUMBERS .................................................................................................................9-16

AC POWER CONNECTOR ....................................................................................................................9-17

BUFFERING ........................................................................................................................................9-17

FANS .................................................................................................................................................9-17

LEDS................................................................................................................................................9-17

PORTS ...............................................................................................................................................9-19

EXPANSION PORT MODULES (STACKABLE DEVICES ONLY) ...................................................................9-20

AC POWER SUPPLY ...........................................................................................................................9-20

STANDARD AND REDUNDANT POWER OPTIONS ...................................................................................9-20

DC POWER SUPPLY ...........................................................................................................................9-21

TEMPERATURE SENSOR .....................................................................................................................9-21

RESET BUTTON ..................................................................................................................................9-21

CHAPTER 10

CONFIGURING BASIC FEATURES................................................................ 10-1

USING THE WEB MANAGEMENT INTERFACE FOR BASIC CONFIGURATION CHANGES .....................................10-2

CONFIGURING BASIC SYSTEM PARAMETERS ..............................................................................................10-3

ENTERING SYSTEM ADMINISTRATION INFORMATION .............................................................................10-4

CONFIGURING SIMPLE NETWORK MANAGEMENT (SNMP) PARAMETERS ...............................................10-5

CONFIGURING AN INTERFACE AS THE SOURCE FOR ALL TELNET PACKETS .........................................10-10

SPECIFYING ASIMPLE NETWORK TIME PROTOCOL (SNTP) SERVER ..................................................10-10

SETTING THE SYSTEM CLOCK ...........................................................................................................10-12

CONFIGURING THE SYSLOG SERVICE ................................................................................................10-14

CHANGING THE DEFAULT GIGABIT NEGOTIATION MODE .....................................................................10-22

LIMITING BROADCAST, MULTICAST, OR UNKNOWN-UNICAST RATES ...................................................10-24

CONFIGURING CLI BANNERS ............................................................................................................10-25

CONFIGURING BASIC PORT PARAMETERS ................................................................................................10-26

ASSIGNING APORT NAME ................................................................................................................10-28

MODIFYING PORT SPEED .................................................................................................................10-29

MODIFYING PORT MODE ..................................................................................................................10-30

DISABLING OR RE-ENABLING APORT ................................................................................................10-30

DISABLING OR RE-ENABLING FLOW CONTROL ...................................................................................10-31

CHANGING THE 802.3XGIGABIT NEGOTIATION MODE ........................................................................10-32

MODIFYING PORT PRIORITY (QOS) ...................................................................................................10-33

CONFIGURING BASIC LAYER 2 PARAMETERS ...........................................................................................10-33

ENABLING OR DISABLING THE SPANNING TREE PROTOCOL (STP) .....................................................10-34

ENABLING OR DISABLING LAYER 2 SWITCHING (LAYER 3 SWITCHES ONLY) ........................................10-36

CHANGING THE MAC AGE TIME .......................................................................................................10-38

CONFIGURING STATIC MAC ENTRIES ...............................................................................................10-38

ENABLING PORT-BASED VLANS.......................................................................................................10-40

CONFIGURING TRUNK GROUPS .........................................................................................................10-41

CONFIGURING IP MULTICAST TRAFFIC REDUCTION (LAYER 2 SWITCHES ONLY) ..................................10-56

DEFINING MAC ADDRESS FILTERS ...................................................................................................10-61

DEFINING BROADCAST AND MULTICAST FILTERS ...............................................................................10-66

Foundry Switch and Router Installation and Configuration Guide

xii December 2000

LOCKING APORT TORESTRICT ADDRESSES .....................................................................................10-68

CONFIGURING BASIC LAYER 3 PARAMETERS ...........................................................................................10-68

ENABLING OR DISABLING ROUTING PROTOCOLS ................................................................................10-68

ENABLING IP OR IPX ROUTER ACCELERATION ..................................................................................10-69

DISPLAYING AND MODIFYING SYSTEM PARAMETER DEFAULT SETTINGS ....................................................10-70

ASSIGNING AMIRROR PORT AND MONITOR PORTS ..................................................................................10-73

DISPLAYING THE CURRENT MIRROR AND MONITOR PORT CONFIGURATION ........................................10-74

CHAPTER 11

IRONCLAD QUALITY OF SERVICE (QOS) .................................................... 11-1

THE QUEUES ............................................................................................................................................11-1

AUTOMATIC QUEUE MAPPING FOR IP TYPE OFSERVICE (TOS) VALUES .............................................11-2

QUEUING METHODS ..................................................................................................................................11-3

SELECTING THE QUEUING METHOD .....................................................................................................11-3

CONFIGURING THE QUEUES ................................................................................................................11-3

DISPLAYING THE IRONCLAD QOS PROFILE CONFIGURATION .....................................................................11-10

ASSIGNING QOS PRIORITIES TO TRAFFIC ................................................................................................11-11

CHANGING APORT’SPRIORITY .........................................................................................................11-11

CHANGING ALAYER 2 PORT-BASED VLAN’SPRIORITY .....................................................................11-12

REASSIGNING 802.1PPRIORITIES TO DIFFERENT QUEUES .................................................................11-14

ASSIGNING STATIC MAC ENTRIES TO PRIORITY QUEUES ..................................................................11-16

ASSIGNING IP AND LAYER 4 SESSIONS TO PRIORITY QUEUES ...........................................................11-18

ASSIGNING APPLETALK SOCKETS TO PRIORITY QUEUES ...................................................................11-26

CONFIGURING AUTILIZATION LIST FOR AN UPLINK PORT ..........................................................................11-27

DISPLAYING UTILIZATION PERCENTAGES FOR AN UPLINK .........................................................................11-28

CHAPTER 12

CONFIGURING SPANNING TREE PROTOCOL (STP) AND IRONSPAN ............. 12-1

CONFIGURING STANDARD STP PARAMETERS ............................................................................................12-1

STP PARAMETERS AND DEFAULTS .....................................................................................................12-2

ENABLING OR DISABLING THE SPANNING TREE PROTOCOL (STP) .......................................................12-3

CHANGING STP BRIDGE AND PORT PARAMETERS ...............................................................................12-4

DISPLAYING STP INFORMATION ..........................................................................................................12-7

CONFIGURING IRONSPAN FEATURES .......................................................................................................12-16

FAST PORT SPAN .............................................................................................................................12-16

FAST UPLINK SPAN ..........................................................................................................................12-18

SINGLE SPANNING TREE ..................................................................................................................12-19

PVST/PVST+ COMPATIBILITY ..........................................................................................................12-23

ENABLING PVST/PVST+ STATICALLY ..............................................................................................12-24

DISPLAYING PVST INFORMATION ......................................................................................................12-25

December 2000 xiii

CHAPTER 13

USING ACCESS CONTROL LISTS (ACLS)................................................... 13-1

OVERVIEW ................................................................................................................................................13-1

USAGE GUIDELINES FOR ACCESS CONTROL LISTS (ACLS) ........................................................................13-2

ACL SUPPORT ON THE FOUNDRY PRODUCTS .....................................................................................13-2

ACL IDSAND ENTRIES .......................................................................................................................13-3

DEFAULT ACL ACTION .......................................................................................................................13-3

CONTROLLING MANAGEMENT ACCESS TO THE DEVICE ........................................................................13-4

ACL LOGGING ...................................................................................................................................13-4

SUPPORT FOR UP TO 4096 ACCESS CONTROL LISTS (ACLS) ..............................................................13-4

DISABLING OR RE-ENABLING ACCESS CONTROL LISTS (ACLS) ..................................................................13-5

ENABLING ACL MODE ........................................................................................................................13-5

DISABLING ACL MODE .......................................................................................................................13-6

CONFIGURING STANDARD ACLS...............................................................................................................13-6

STANDARD ACL SYNTAX ....................................................................................................................13-7

CONFIGURING EXTENDED ACLS..............................................................................................................13-10

FILTERING ON IP PRECEDENCE AND TOS VALUES ............................................................................13-11

EXTENDED ACL SYNTAX ..................................................................................................................13-12

CONFIGURING NAMED ACLS...................................................................................................................13-19

MODIFYING ACLS...................................................................................................................................13-20

APPLYING AN ACL TO ASUBSET OF PORTS ON AVIRTUAL INTERFACE .....................................................13-22

ENABLING STRICT TCP OR UDP MODE ..................................................................................................13-22

ENABLING STRICT TCP MODE ..........................................................................................................13-23

ENABLING STRICT UDP MODE .........................................................................................................13-23

DISPLAYING ACLS..................................................................................................................................13-24

DISPLAYING THE LOG ENTRIES ................................................................................................................13-24

POLICY-BASED ROUTING (PBR) ..............................................................................................................13-25

CONFIGURING PBR ..........................................................................................................................13-26

ENABLING PBR ................................................................................................................................13-28

CONFIGURATION EXAMPLES .............................................................................................................13-28

CHAPTER 14

IRONCLAD RATE LIMITING......................................................................... 14-1

FIXED RATE LIMITING ................................................................................................................................14-2

HOW FIXED RATE LIMITING WORKS ....................................................................................................14-2

CONFIGURING FIXED RATE LIMITING ...................................................................................................14-3

DISPLAYING FIXED RATE LIMITING INFORMATION .................................................................................14-3

ADAPTIVE RATE LIMITING ..........................................................................................................................14-5

EXAMPLES OF ADAPTIVE RATE LIMITING APPLICATIONS .......................................................................14-6

ADAPTIVE RATE LIMITING PARAMETERS ..............................................................................................14-9

HOW ADAPTIVE RATE LIMITING WORKS ............................................................................................14-11

CONFIGURING ADAPTIVE RATE LIMITING ...........................................................................................14-14

COMPLETE CLI EXAMPLES ...............................................................................................................14-19

DISABLING RATE LIMITING EXEMPTION FOR CONTROL PACKETS ........................................................14-21

Foundry Switch and Router Installation and Configuration Guide

xiv December 2000

CHAPTER 15

CONFIGURING IP....................................................................................... 15-1

BASIC CONFIGURATION .............................................................................................................................15-1

OVERVIEW ................................................................................................................................................15-2

IP INTERFACES ..................................................................................................................................15-2

IP PACKET FLOW THROUGH ALAYER 3 SWITCH .................................................................................15-3

IP ROUTE EXCHANGE PROTOCOLS .....................................................................................................15-7

IP MULTICAST PROTOCOLS ................................................................................................................15-7

IP INTERFACE REDUNDANCY PROTOCOLS ...........................................................................................15-8

NETWORK ADDRESS TRANSLATION .....................................................................................................15-8

ACCESS CONTROL LISTS AND IP ACCESS POLICIES ............................................................................15-8

BASIC IP PARAMETERS AND DEFAULTS –LAYER 3 SWITCHES ....................................................................15-9

WHEN PARAMETER CHANGES TAKE EFFECT .......................................................................................15-9

IP GLOBAL PARAMETERS –LAYER 3 SWITCHES ................................................................................15-10

IP INTERFACE PARAMETERS –LAYER 3 SWITCHES ...........................................................................15-14

BASIC IP PARAMETERS AND DEFAULTS –LAYER 2 SWITCHES ..................................................................15-16

IP GLOBAL PARAMETERS –LAYER 2 SWITCHES ................................................................................15-16

INTERFACE IP PARAMETERS –LAYER 2 SWITCHES ...........................................................................15-18

CONFIGURING IP PARAMETERS –LAYER 3 SWITCHES .............................................................................15-19

CONFIGURING IP ADDRESSES ..........................................................................................................15-19

CONFIGURING DOMAIN NAME SERVER (DNS) RESOLVER ..................................................................15-23

CONFIGURING PACKET PARAMETERS ................................................................................................15-24

CHANGING THE ROUTER ID ..............................................................................................................15-26

SPECIFYING ASINGLE SOURCE INTERFACE FOR TELNET, TACACS/TACACS+, OR RADIUS PACKETS ......

15-27

CONFIGURING ARP PARAMETERS ....................................................................................................15-29

RATE LIMITING ARP PACKETS ..........................................................................................................15-30

CONFIGURING FORWARDING PARAMETERS .......................................................................................15-35

DISABLING ICMP MESSAGES ...........................................................................................................15-37

DISABLING ICMP REDIRECTS ...........................................................................................................15-39

CONFIGURING STATIC ROUTES .........................................................................................................15-39

CONFIGURING ADEFAULT NETWORK ROUTE .....................................................................................15-49

CONFIGURING IP LOAD SHARING ......................................................................................................15-51

OPTIMIZING THE IP FORWARDING CACHE ..........................................................................................15-63

CONFIGURING IRDP .........................................................................................................................15-66

CONFIGURING RARP .......................................................................................................................15-68

CONFIGURING UDP BROADCAST AND IP HELPER PARAMETERS ........................................................15-70

CONFIGURING BOOTP/DHCP FORWARDING PARAMETERS ................................................................15-73

CONFIGURING IP PARAMETERS –LAYER 2 SWITCHES .............................................................................15-76

CONFIGURING THE MANAGEMENT IP ADDRESS AND SPECIFYING THE DEFAULT GATEWAY ..................15-76

CONFIGURING DOMAIN NAME SERVER (DNS) RESOLVER ..................................................................15-77

CHANGING THE TTL THRESHOLD ......................................................................................................15-79

CONFIGURING DHCP ASSIST ...........................................................................................................15-79

DISPLAYING IP CONFIGURATION INFORMATION AND STATISTICS ...............................................................15-83

CHANGING THE NETWORK MASK DISPLAY TO PREFIX FORMAT ..........................................................15-83

December 2000 xv

DISPLAYING IP INFORMATION –LAYER 3 SWITCHES ..........................................................................15-83

DISPLAYING IP INFORMATION –LAYER 2 SWITCHES ........................................................................15-104

CHAPTER 16

CONFIGURING RIP .................................................................................... 16-1

ICMP HOST UNREACHABLE MESSAGE FOR UNDELIVERABLE ARPS.....................................................16-1

RIP PARAMETERS AND DEFAULTS .............................................................................................................16-1

RIP GLOBAL PARAMETERS .................................................................................................................16-1

RIP INTERFACE PARAMETERS ............................................................................................................16-3

CONFIGURING RIP PARAMETERS ..............................................................................................................16-3

ENABLING RIP ...................................................................................................................................16-3

CHANGING THE RIP TYPE ON APORT .................................................................................................16-4

CONFIGURING METRIC PARAMETERS ..................................................................................................16-5

CHANGING THE ADMINISTRATIVE DISTANCE ........................................................................................16-6

CONFIGURING REDISTRIBUTION ..........................................................................................................16-7

CONFIGURING ROUTE LEARNING AND ADVERTISING PARAMETERS .......................................................16-9

CHANGING THE ROUTE LOOP PREVENTION METHOD .........................................................................16-12

SUPPRESSING RIP ROUTE ADVERTISEMENT ON AVRRP OR VRRPE BACKUP INTERFACE .................16-13

CONFIGURING RIP ROUTE FILTERS ..................................................................................................16-13

DISPLAYING RIP FILTERS ........................................................................................................................16-16

DISPLAYING CPU UTILIZATION STATISTICS ..............................................................................................16-18

CHAPTER 17

CONFIGURING OSPF ................................................................................ 17-1

OVERVIEW OF OSPF ................................................................................................................................17-1

DESIGNATED ROUTERS IN MULTI-ACCESS NETWORKS .........................................................................17-2

DESIGNATED ROUTER ELECTION ........................................................................................................17-3

OSPF RFC 1583 AND 2178 COMPLIANCE .........................................................................................17-4

REDUCTION OF EQUIVALENT AS EXTERNAL LSAS...............................................................................17-4

DYNAMIC OSPF ACTIVATION AND CONFIGURATION .............................................................................17-6

DYNAMIC OSPF MEMORY ..................................................................................................................17-6

CONFIGURING OSPF ................................................................................................................................17-7

CONFIGURATION RULES .....................................................................................................................17-7

OSPF PARAMETERS ..........................................................................................................................17-7

ENABLE OSPF ON THE ROUTER .........................................................................................................17-8

ASSIGN OSPF AREAS ........................................................................................................................17-9

ASSIGNING AN AREA RANGE (OPTIONAL) ..........................................................................................17-15

ASSIGNING INTERFACES TO AN AREA ................................................................................................17-16

MODIFY INTERFACE DEFAULTS .........................................................................................................17-18

BLOCK FLOODING OF OUTBOUND LSASON SPECIFIC OSPF INTERFACES .........................................17-20

ASSIGN VIRTUAL LINKS ....................................................................................................................17-21

MODIFY VIRTUAL LINK PARAMETERS .................................................................................................17-24

DEFINE REDISTRIBUTION FILTERS .....................................................................................................17-26

MODIFY DEFAULT METRIC FOR REDISTRIBUTION ...............................................................................17-29

ENABLE ROUTE REDISTRIBUTION ......................................................................................................17-30

Foundry Switch and Router Installation and Configuration Guide

xvi December 2000

DISABLE OR RE-ENABLE LOAD SHARING ...........................................................................................17-32

CONFIGURE EXTERNAL ROUTE SUMMARIZATION ...............................................................................17-33

CONFIGURE DEFAULT ROUTE ORIGINATION .......................................................................................17-34

MODIFY SPF TIMERS .......................................................................................................................17-35

MODIFY REDISTRIBUTION METRIC TYPE ............................................................................................17-35

MODIFY ADMINISTRATIVE DISTANCE ..................................................................................................17-36

CONFIGURE OSPF GROUP LINK STATE ADVERTISEMENT (LSA) PACING ...........................................17-36

MODIFY OSPF TRAPS GENERATED ..................................................................................................17-37

MODIFY OSPF STANDARD COMPLIANCE SETTING .............................................................................17-38

MODIFY EXIT OVERFLOW INTERVAL ..................................................................................................17-39

MODIFY THE MAXIMUM NUMBER OF ROUTES .....................................................................................17-39

MODIFY LSDB LIMITS ......................................................................................................................17-40

DISPLAYING OSPF INFORMATION ............................................................................................................17-41

DISPLAYING GENERAL OSPF CONFIGURATION INFORMATION ............................................................17-41

DISPLAYING CPU UTILIZATION STATISTICS ........................................................................................17-42

DISPLAYING OSPF AREA INFORMATION ............................................................................................17-43

DISPLAYING OSPF NEIGHBOR INFORMATION ....................................................................................17-44

DISPLAYING OSPF INTERFACE INFORMATION ....................................................................................17-46

DISPLAYING OSPF ROUTE INFORMATION ..........................................................................................17-46

DISPLAYING OSPF EXTERNAL LINK STATE INFORMATION ..................................................................17-48

DISPLAYING OSPF LINK STATE INFORMATION ...................................................................................17-49

DISPLAYING THE DATA IN AN LSA .....................................................................................................17-49

DISPLAYING OSPF VIRTUAL NEIGHBOR INFORMATION .......................................................................17-50

DISPLAYING OSPF VIRTUAL LINK INFORMATION ................................................................................17-50

DISPLAYING OSPF ABR AND ASBR INFORMATION ...........................................................................17-51

DISPLAYING OSPF TRAP STATUS .....................................................................................................17-51

CHAPTER 18

CONFIGURING IP MULTICAST PROTOCOLS................................................. 18-1

OVERVIEW OF IP MULTICASTING ...............................................................................................................18-1

MULTICAST TERMS .............................................................................................................................18-1

CHANGING GLOBAL IP MULTICAST PARAMETERS .......................................................................................18-2

CHANGING IGMP PARAMETERS ..........................................................................................................18-2

ENABLING HARDWARE FORWARDING FOR ALL FRAGMENTS OF IP MULTICAST PACKETS .......................18-4

PIM DENSE OVERVIEW .............................................................................................................................18-4

INITIATING PIM MULTICASTS ON ANETWORK ......................................................................................18-4

PRUNING AMULTICAST TREE .............................................................................................................18-4

GRAFTS TO AMULTICAST TREE ..........................................................................................................18-6

CONFIGURING PIM ...................................................................................................................................18-7

ENABLING PIM ON THE ROUTER AND AN INTERFACE ...........................................................................18-7

MODIFYING PIM GLOBAL PARAMETERS ..............................................................................................18-8

MODIFYING PIM INTERFACE PARAMETERS ........................................................................................18-11

PIM SPARSE OVERVIEW .........................................................................................................................18-12

PIM SPARSE ROUTER TYPES ...........................................................................................................18-12

RP PATHS AND SPT PATHS .............................................................................................................18-13

December 2000 xvii

CONFIGURING PIM SPARSE ....................................................................................................................18-13

LIMITATIONS IN THIS RELEASE ..........................................................................................................18-13

CONFIGURING GLOBAL PARAMETERS ................................................................................................18-14

CONFIGURING PIM INTERFACE PARAMETERS ....................................................................................18-14

CONFIGURING PIM SPARSE GLOBAL PARAMETERS ...........................................................................18-15

STATICALLY SPECIFYING THE RP ......................................................................................................18-16

CHANGING THE SHORTEST PATH TREE (SPT) THRESHOLD ...............................................................18-17

CHANGING THE PIM JOIN AND PRUNE MESSAGE INTERVAL ...............................................................18-17

DISPLAYING PIM SPARSE CONFIGURATION INFORMATION AND STATISTICS .........................................18-18

CONFIGURING MULTICAST SOURCE DISCOVERY PROTOCOL (MSDP) .......................................................18-30

PEER REVERSE PATH FORWARDING (RPF) FLOODING ......................................................................18-31

SOURCE ACTIVE CACHING ................................................................................................................18-31

CONFIGURING MSDP .......................................................................................................................18-31

DISPLAYING MSDP INFORMATION .....................................................................................................18-32

CLEARING MSDP INFORMATION .......................................................................................................18-38

DVMRP OVERVIEW ................................................................................................................................18-39

INITIATING DVMRP MULTICASTS ON ANETWORK .............................................................................18-39

PRUNING AMULTICAST TREE ...........................................................................................................18-39

GRAFTS TO AMULTICAST TREE ........................................................................................................18-41

CONFIGURING DVMRP ...........................................................................................................................18-42

ENABLING DVMRP ON THE ROUTER AND INTERFACE ........................................................................18-42

MODIFYING DVMRP GLOBAL PARAMETERS ......................................................................................18-43

MODIFYING DVMRP INTERFACE PARAMETERS .................................................................................18-47

CONFIGURING AN IP TUNNEL ..................................................................................................................18-50

CONFIGURING ASTATIC MULTICAST ROUTE ............................................................................................18-52

TRACING AMULTICAST ROUTE ................................................................................................................18-53

DISPLAYING ANOTHER MULTICAST ROUTER’SMULTICAST CONFIGURATION ..............................................18-55

CHAPTER 19

CONFIGURING BGP4 ................................................................................ 19-1

OVERVIEW OF BGP4 ................................................................................................................................19-2

RELATIONSHIP BETWEEN THE BGP4 ROUTE TABLE AND THE IP ROUTE TABLE ....................................19-2

HOW BGP4 SELECTS APATH FOR AROUTE .......................................................................................19-3

BGP4 MESSAGE TYPES .....................................................................................................................19-4

BASIC CONFIGURATION AND ACTIVATION FOR BGP4 .................................................................................19-6

NOTE REGARDING DISABLING BGP4 ..................................................................................................19-6

BGP4 PARAMETERS .................................................................................................................................19-7

WHEN PARAMETER CHANGES TAKE EFFECT .......................................................................................19-9

MEMORY CONSIDERATIONS .......................................................................................................................19-9

MEMORY CONFIGURATION OPTIONS OBSOLETED BY DYNAMIC MEMORY ............................................19-10

CONFIGURING BGP4 ..............................................................................................................................19-10

BASIC CONFIGURATION TASKS ................................................................................................................19-11

ENABLING BGP4 ON THE ROUTER ....................................................................................................19-11

CHANGING THE ROUTER ID ..............................................................................................................19-12

SETTING THE LOCAL AS NUMBER .....................................................................................................19-13

Foundry Switch and Router Installation and Configuration Guide

xviii December 2000

ADDING ALOOPBACK INTERFACE ......................................................................................................19-13

ADDING BGP4 NEIGHBORS ..............................................................................................................19-14

ADDING ABGP4 PEER GROUP ........................................................................................................19-21

OPTIONAL CONFIGURATION TASKS ..........................................................................................................19-27

CHANGING THE KEEP ALIVE TIME AND HOLD TIME ............................................................................19-27

ENABLING FAST EXTERNAL FALLOVER ..............................................................................................19-27

CHANGING THE MAXIMUM NUMBER OF PATHS FOR BGP4 LOAD SHARING .........................................19-28

SPECIFYING ALIST OF NETWORKS TO ADVERTISE .............................................................................19-30

CHANGING THE DEFAULT LOCAL PREFERENCE ..................................................................................19-32

ADVERTISING THE DEFAULT INFORMATION ORIGINATE .......................................................................19-32

CHANGING THE DEFAULT MED (METRIC) USED FOR ROUTE REDISTRIBUTION ....................................19-33

CHANGING ADMINISTRATIVE DISTANCES ...........................................................................................19-33

CONFIGURING THE LAYER 3 SWITCH TOALWAYS COMPARE MULTI-EXIT DISCRIMINATORS (MEDS) ....19-35

SYNCHRONIZING ROUTES .................................................................................................................19-36

AUTOMATICALLY SUMMARIZING SUBNET ROUTES INTO CLASS A, B, OR C NETWORKS .......................19-36

CONFIGURING ROUTE REFLECTION PARAMETERS .............................................................................19-37

CONFIGURING CONFEDERATIONS ......................................................................................................19-40

AGGREGATING ROUTES ADVERTISED TO BGP4 NEIGHBORS .............................................................19-43

MODIFYING REDISTRIBUTION PARAMETERS .......................................................................................19-45

FILTERING SPECIFIC IP ADDRESSES .................................................................................................19-48

FILTERING AS-PATHS .......................................................................................................................19-50

FILTERING COMMUNITIES ..................................................................................................................19-55

DEFINING IP PREFIX LISTS ...............................................................................................................19-58

DEFINING NEIGHBOR DISTRIBUTE LISTS ............................................................................................19-61

DEFINING ROUTE MAPS ...................................................................................................................19-63

USING ATABLE MAP TOSET THE TAG VALUE ...................................................................................19-72

CONFIGURING ROUTE FLAP DAMPENING .................................................................................................19-73

GLOBALLY CONFIGURING ROUTE FLAP DAMPENING ..........................................................................19-73

USING AROUTE MAP TOCONFIGURE ROUTE FLAP DAMPENING FOR SPECIFIC ROUTES ....................19-75

USING AROUTE MAP TOCONFIGURE ROUTE FLAP DAMPENING FOR ASPECIFIC NEIGHBOR ..............19-80

REMOVING ROUTE DAMPENING FROM AROUTE ................................................................................19-82

DISPLAYING AND CLEARING ROUTE FLAP DAMPENING STATISTICS .....................................................19-83

STATICALLY ALLOCATING MEMORY IN EARLIER SOFTWARE RELEASES .....................................................19-84

CHANGING THE MAXIMUM NUMBER OF NEIGHBORS ...........................................................................19-84

CHANGING THE MAXIMUM NUMBER OF ROUTES ................................................................................19-85

CHANGING THE MAXIMUM NUMBER OF ROUTE-ATTRIBUTE ENTRIES ...................................................19-86

DISPLAYING BGP4 INFORMATION ............................................................................................................19-88

DISPLAYING SUMMARY BGP4 INFORMATION .....................................................................................19-88

DISPLAYING THE ACTIVE BGP4 CONFIGURATION ..............................................................................19-91

DISPLAYING CPU UTILIZATION STATISTICS ........................................................................................19-91

DISPLAYING SUMMARY NEIGHBOR INFORMATION ...............................................................................19-92

DISPLAYING BGP4 NEIGHBOR INFORMATION .....................................................................................19-95

DISPLAYING SUMMARY ROUTE INFORMATION ..................................................................................19-107

DISPLAYING THE BGP4 ROUTE TABLE ............................................................................................19-107

DISPLAYING BGP4 ROUTE-ATTRIBUTE ENTRIES ..............................................................................19-114

DISPLAYING THE ROUTES BGP4 HAS PLACED IN THE IP ROUTE TABLE ...........................................19-116

December 2000 xix

DISPLAYING ROUTE FLAP DAMPENING STATISTICS ..........................................................................19-116

DISPLAYING THE ACTIVE ROUTE MAP CONFIGURATION ....................................................................19-118

CLEARING TRAFFIC COUNTERS .............................................................................................................19-118

CLEARING ROUTE FLAP DAMPENING STATISTICS ...................................................................................19-119

UPDATING ROUTE INFORMATION AND RESETTING ANEIGHBOR SESSION ................................................19-119

DYNAMICALLY REQUESTING AROUTE REFRESH FROM ABGP4 NEIGHBOR ......................................19-119

CLOSING OR RESETTING ANEIGHBOR SESSION ..............................................................................19-121

REMOVING ROUTE FLAP DAMPENING ....................................................................................................19-122

CLEARING DIAGNOSTIC BUFFERS ..........................................................................................................19-123

CHAPTER 20

NETWORK ADDRESS TRANSLATION ........................................................... 20-1

PORT ADDRESS TRANSLATION ..................................................................................................................20-3

MAXIMUM NUMBER OF ADDRESSES ....................................................................................................20-4

PROTOCOLS SUPPORTED FOR NAT ..........................................................................................................20-4

CONFIGURING NAT ..................................................................................................................................20-4

CONFIGURING STATIC ADDRESS TRANSLATIONS ..................................................................................20-5

CONFIGURING DYNAMIC NAT PARAMETERS ........................................................................................20-5

ENABLING NAT ..................................................................................................................................20-7

CHANGING TRANSLATION TABLE TIMEOUTS .........................................................................................20-7

DISPLAYING THE ACTIVE NAT TRANSLATIONS ...........................................................................................20-8

DISPLAYING NAT STATISTICS ...................................................................................................................20-9

CLEARING TRANSLATION TABLE ENTRIES ................................................................................................20-11

NAT DEBUG COMMANDS ........................................................................................................................20-12

CONFIGURATION EXAMPLES ....................................................................................................................20-14

PRIVATE NAT CLIENTS CONNECTED TO THE LAYER 3 SWITCH BY ALAYER 2 SWITCH ........................20-14

PRIVATE NAT CLIENTS CONNECTED DIRECTLY TO THE LAYER 3 SWITCH ...........................................20-16

CHAPTER 21

CONFIGURING VRRP AND VRRPE ........................................................... 21-1

OVERVIEW ................................................................................................................................................21-2

OVERVIEW OF VRRP .........................................................................................................................21-2

OVERVIEW OF VRRPE .......................................................................................................................21-6

COMPARISON OF VRRP, VRRPE, AND FSRP ..........................................................................................21-8

VRRP ...............................................................................................................................................21-8

VRRPE .............................................................................................................................................21-8

FSRP ................................................................................................................................................21-8

ARCHITECTURAL DIFFERENCES ...........................................................................................................21-8

VRRP AND VRRPE PARAMETERS ............................................................................................................21-9

CONFIGURING BASIC VRRP PARAMETERS ..............................................................................................21-12

CONFIGURING THE OWNER ...............................................................................................................21-12

CONFIGURING ABACKUP ..................................................................................................................21-12

CONFIGURATION RULES FOR VRRP .................................................................................................21-12

CONFIGURING BASIC VRRPE PARAMETERS ............................................................................................21-13

CONFIGURATION RULES FOR VRRPE ...............................................................................................21-13

Foundry Switch and Router Installation and Configuration Guide

xx December 2000

NOTE REGARDING DISABLING VRRP OR VRRPE ....................................................................................21-13

CONFIGURING ADDITIONAL VRRP AND VRRPE PARAMETERS .................................................................21-13

FORCING AMASTER ROUTER TOABDICATE TO ASTANDBY ROUTER ........................................................21-18

DISPLAYING VRRP AND VRRPE INFORMATION .......................................................................................21-19

DISPLAYING SUMMARY INFORMATION ................................................................................................21-19

DISPLAYING DETAILED INFORMATION ................................................................................................21-21

DISPLAYING STATISTICS ...................................................................................................................21-27

CLEARING VRRP OR VRRPE STATISTICS ........................................................................................21-30

DISPLAYING CPU UTILIZATION STATISTICS ........................................................................................21-30

CONFIGURATION EXAMPLES ....................................................................................................................21-31

VRRP EXAMPLE ..............................................................................................................................21-31

VRRPE EXAMPLE ............................................................................................................................21-35

CHAPTER 22

CONFIGURING FSRP ................................................................................ 22-1

OVERVIEW OF FOUNDRY STANDBY ROUTER PROTOCOL (FSRP) ...............................................................22-1

FSRP SUPPORT ON VIRTUAL INTERFACES ..........................................................................................22-3

ACTIVE AND STANDBY ROUTERS .........................................................................................................22-3

TRACK PORTS ....................................................................................................................................22-3

INDEPENDENT OPERATION OF RIP AND OSPF ....................................................................................22-5

DYNAMIC FSRP CONFIGURATION .......................................................................................................22-5

DIFFERENCES BETWEEN FSRP AND VRRP ..............................................................................................22-5

CONFIGURING FSRP ................................................................................................................................22-6

CONFIGURATION RULES FOR FSRP ....................................................................................................22-6

ENABLE FSRP ON THE ROUTER .........................................................................................................22-6

ASSIGN VIRTUAL ROUTER IP ADDRESSES ...........................................................................................22-7

ASSIGN THE TRACK PORT(S) ..............................................................................................................22-8

ASSIGNING THE ACTIVE ROUTER ........................................................................................................22-8

MODIFY PORT PARAMETERS (OPTIONAL) .............................................................................................22-9

CONFIGURING FSRP ON VIRTUAL INTERFACES .................................................................................22-11

CHAPTER 23

CONFIGURING IPX .................................................................................... 23-1

OVERVIEW OF IPX ....................................................................................................................................23-1

MULTIPLE IPX FRAME TYPE SUPPORT PER INTERFACE .......................................................................23-1

CONFIGURING IPX ....................................................................................................................................23-1

DYNAMIC IPX CONFIGURATION ...........................................................................................................23-2

ENABLE IPX ......................................................................................................................................23-2

ENABLE NETBIOS .............................................................................................................................23-3

ASSIGN IPX NETWORK NUMBER, FRAME TYPE, ENABLE NETBIOS ON AN INTERFACE ...........................23-3

DEFINE AND ASSIGN AFORWARD FILTER AND GROUP .........................................................................23-5

DEFINE AND ASSIGN AN IPX/RIP FILTER AND GROUP .........................................................................23-7

CONFIGURING IPX SAP ACCESS CONTROL LISTS (ACLS) ...................................................................23-9

ENABLE ROUND-ROBIN GNS REPLIES ..............................................................................................23-10

FILTER GNS REPLIES ......................................................................................................................23-10

Table of contents

Other Foundry Networks Switch manuals

Foundry Networks

Foundry Networks FESX User manual

Foundry Networks

Foundry Networks OSI User manual

Foundry Networks

Foundry Networks FES User manual

Foundry Networks

Foundry Networks FastIron LS 648 Manual

Foundry Networks

Foundry Networks NetIron M2404C User manual

Foundry Networks

Foundry Networks EdgeIron 2402CF User manual

Foundry Networks

Foundry Networks ServerIron 4G-SSL User manual

Foundry Networks

Foundry Networks NetIron M2404C User manual

Foundry Networks

Foundry Networks FES2402 User manual

Popular Switch manuals by other brands

INTERTECHNO

INTERTECHNO ITLM-1000 Operating and installation instructions

Dell

Dell PowerConnect 3548 Getting started guide

Horstmann

Horstmann 425 Coronet User operating instructions

D+H

D+H GE 650 Set Original instructions

ONV

ONV ONV-IPS31008PF user guide

Micas

Micas M2-W6920-4S Hardware installation and reference guide

Panduit

Panduit Atlona AT-HDVS-210H-TX-WP manual

Lütze

Lütze LCOS Series operating instructions

Techlogix

Techlogix TL-NS24R2S-POE manual

VigilLink

VigilLink VLML-16X1H13 user manual

Operative Experience

Operative Experience TCCS Plus manual

Sitecom

Sitecom CN-5011 user manual

BEP

BEP Pro Installer MARINCO 770-EZ manual

IBM

IBM ThinkPad 600 Product overview

Eminent

Eminent e-Domotica EM65X0 manual

ATEN

ATEN CS1944DP user manual

Syba

Syba KVM02-002 user manual

H3C

H3C S6825-54HF manual

Foundry Networks Switch and Router Operator's manual

Popular Switch manuals by other brands