2. Computers & electronics
  3. Software
  4. Dell
  5. PowerConnect B-RX

Dell PowerConnect B-RX User guide

  • Hello! I am an AI chatbot trained to assist you with the Dell PowerConnect B-RX User guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
53-1001986-01
31 August 2010
®
BigIron RX Series
Configuration Guide
Supporting Multi-Service IronWare v02.7.03
Copyright © 2010 Brocade Communications Systems, Inc. All Rights Reserved.
Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron,
SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and SAN Health
are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. All other brands,
products, or service names are or may be trademarks or service marks of, and are used to identify, products or services of their
respective owners.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning
any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to
this document at any time, without notice, and assumes no responsibility for its use. This informational document describes
features that may not be currently available. Contact a Brocade sales office for information on feature and product availability.
Export of technical data contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with
respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that
accompany it.
The product described by this document may contain “open source” software covered by the GNU General Public License or other
open source license agreements. To find-out which open source software is included in Brocade products, view the licensing
terms applicable to the open source software, and obtain a copy of the programming source code, please visit
http://www.brocade.com/support/oscd.
Brocade Communications Systems, Incorporated
Document History
Corporate and Latin American Headquarters
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
Tel: 1-408-333-8000
Fax: 1-408-333-8101
E-mail: info@brocade.com
Asia-Pacific Headquarters
Brocade Communications Systems China HK, Ltd.
No. 1 Guanghua Road
Chao Yang District
Units 2718 and 2818
Beijing 100020, China
Tel: +8610 6588 8888
Fax: +8610 6588 9999
E-mail: [email protected]
European Headquarters
Brocade Communications Switzerland Sàrl
Centre Swissair
Tour B - 4ème étage
29, Route de l'Aéroport
Case Postale 105
CH-1215 Genève 15
Switzerland
Tel: +41 22 799 5640
Fax: +41 22 799 5641
E-mail: emea-i[email protected]
Asia-Pacific Headquarters
Brocade Communications Systems Co., Ltd. (Shenzhen WFOE)
Citic Plaza
No. 233 Tian He Road North
Unit 1308 – 13th Floor
Guangzhou, China
Tel: +8620 3891 2000
Fax: +8620 3891 2111
E-mail: [email protected]
Title Publication number Summary of changes Date
BigIron RX Series Configuration Guide 53-1001986-01 Release 02.7.03 features Aug 2010
BigIron RX Series Configuration Guide iii
53-1001986-01
Contents
About This Document
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xli
Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . xli
List of supported features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xli
Unsupported features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xliv
What’s new in this document. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xlv
Enhancements in release 02.7.03 . . . . . . . . . . . . . . . . . . . . . . . xlv
Enhancements in release 02.7.02 . . . . . . . . . . . . . . . . . . . . . . xlvi
Enhancements in release 02.7.00 . . . . . . . . . . . . . . . . . . . . . . xlvii
Enhancements in release 02.6.00. . . . . . . . . . . . . . . . . . . . . xlviii
Enhancements in patch release 02.5.00c . . . . . . . . . . . . . . . . . li
Enhancements in patch release 02.5.00b . . . . . . . . . . . . . . . . . li
Enhancements in release 02.5.00. . . . . . . . . . . . . . . . . . . . . . . . li
Enhancements in patch release 02.4.00c . . . . . . . . . . . . . . . . .lii
Enhancements in release 02.4.00. . . . . . . . . . . . . . . . . . . . . . . liii
Enhancements in patch release 02.3.00a . . . . . . . . . . . . . . . . lvii
Enhancements in release 02.3.00. . . . . . . . . . . . . . . . . . . . . . lviii
Enhancements in release 02.2.01. . . . . . . . . . . . . . . . . . . . . . lxiii
Enhancements in release 02.2.00g. . . . . . . . . . . . . . . . . . . . . lxvii
Enhancements in release 02.2.00. . . . . . . . . . . . . . . . . . . . . lxviii
Document conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .lxix
Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxix
Command syntax conventions . . . . . . . . . . . . . . . . . . . . . . . . . lxix
Notes, cautions, and danger notices . . . . . . . . . . . . . . . . . . . . lxix
Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxx
Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxx
Getting technical help or reporting errors . . . . . . . . . . . . . . . . . . . . . lxx
Web access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxxi
E-mail and telephone access . . . . . . . . . . . . . . . . . . . . . . . . . . lxxi
Chapter 1 Getting Started with the Command Line Interface
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Logging on through the CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
On-line help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Command completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Scroll control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Line editing commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
EXEC commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Global level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
iv BigIron RX Series Configuration Guide
53-1001986-01
CONFIG commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Navigating among command levels . . . . . . . . . . . . . . . . . . . . . . . 8
CLI command structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Searching and filtering output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Allowable characters for LAG names . . . . . . . . . . . . . . . . . . . . . 13
Syntax shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Saving configuration changes. . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Chapter 2 Getting Familiar With the BigIron RX Series Switch Management
Applications
How to manage BigIron RX Series switch . . . . . . . . . . . . . . . . . . . . .15
Logging on through the CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
On-line help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Command completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Scroll control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Line editing commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Searching and filtering output from CLI commands . . . . . . . . . 17
Allowable characters for LAG names . . . . . . . . . . . . . . . . . . . . . 21
Logging on through the Web Management Interface . . . . . . . . . . . .22
Web Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Logging on through IronView Network Manager . . . . . . . . . . . . . . . . 24
Chapter 3 Using a Redundant Management Module
How management module redundancy works . . . . . . . . . . . . . . . . .25
Management module redundancy overview . . . . . . . . . . . . . . .25
Management module switchover . . . . . . . . . . . . . . . . . . . . . . . .26
Switchover implications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Management module redundancy configuration . . . . . . . . . . . . . . .29
Changing the default active Chassis slot . . . . . . . . . . . . . . . . . .29
Managing management module redundancy. . . . . . . . . . . . . . . . . .29
File synchronization between the active and standby
management modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Manually switching over to the standby management
module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Rebooting the active and standby management
modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Monitoring management module redundancy . . . . . . . . . . . . . . . . . 33
Determining management module status . . . . . . . . . . . . . . . . . 33
Displaying temperature information . . . . . . . . . . . . . . . . . . . . . .34
Displaying switchover information . . . . . . . . . . . . . . . . . . . . . . .34
BigIron RX Series Configuration Guide v
53-1001986-01
Flash memory and PCMCIA flash card file management
commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Management focus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Flash memory file system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
PCMCIA flash card file system. . . . . . . . . . . . . . . . . . . . . . . . . . .39
Wildcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Formatting a flash card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Determining the current management focus. . . . . . . . . . . . . . . 41
Switching the management focus . . . . . . . . . . . . . . . . . . . . . . . 41
Displaying a directory of the files . . . . . . . . . . . . . . . . . . . . . . . .42
Displaying the contents of a file . . . . . . . . . . . . . . . . . . . . . . . . . 44
Displaying the hexadecimal output of a file. . . . . . . . . . . . . . . .45
Creating a subdirectory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Removing a subdirectory. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Renaming a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
Changing the read-write attribute of a file . . . . . . . . . . . . . . . . .48
Deleting a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Recovering (“undeleting”) a file . . . . . . . . . . . . . . . . . . . . . . . . .50
Appending a file to another file. . . . . . . . . . . . . . . . . . . . . . . . . . 51
Copying files using the copy command . . . . . . . . . . . . . . . . . . . 51
Copying files using the cp command . . . . . . . . . . . . . . . . . . . . . 55
Loading the software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Saving configuration changes. . . . . . . . . . . . . . . . . . . . . . . . . . .58
File management messages. . . . . . . . . . . . . . . . . . . . . . . . . . . .59
System Monitoring Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Chapter 4 Securing Access to Management Functions
Securing access methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63
Restricting remote access to management functions . . . . . . . . . . . 65
Using ACLs to restrict remote access . . . . . . . . . . . . . . . . . . . .65
Restricting remote access to the device to specific
IP addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
Specifying the maximum number of login attempts for
Telnet access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
Restricting remote access to the device to specific VLAN IDs . 69
Disabling specific access methods. . . . . . . . . . . . . . . . . . . . . . . 71
Setting passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72
Setting a Telnet password . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72
Setting passwords for management privilege levels. . . . . . . . . 73
Recovering from a lost password . . . . . . . . . . . . . . . . . . . . . . . . 75
Displaying the SNMP community string . . . . . . . . . . . . . . . . . . .75
Disabling password encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Specifying a minimum password length. . . . . . . . . . . . . . . . . . . 76
Setting up local user accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Configuring a local user account . . . . . . . . . . . . . . . . . . . . . . . .77
Username, password and login rules . . . . . . . . . . . . . . . . . . . . .79
Configuring the strict password feature . . . . . . . . . . . . . . . . . . .80
vi BigIron RX Series Configuration Guide
53-1001986-01
Configuring SSL security for the Web Management Interface. . . . .82
Enabling the SSL server on the device. . . . . . . . . . . . . . . . . . . . 83
Importing digital certificates and RSA private key files. . . . . . .83
Generating an SSL certificate . . . . . . . . . . . . . . . . . . . . . . . . . . .84
Configuring TACACS and TACACS+ security . . . . . . . . . . . . . . . . . . . . 84
How TACACS+ differs from TACACS . . . . . . . . . . . . . . . . . . . . . . .84
TACACS and TACACS+ authentication, authorization,
and accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
TACACS and TACACS+ configuration considerations . . . . . . . . .88
Enabling SNMP to configure TACACS and TACACS. . . . . . . . . . .89
Identifying the TACACS and TACACS+ servers . . . . . . . . . . . . . .89
Specifying different servers for individual AAA functions . . . . .90
Setting optional TACACS and TACACS+ parameters . . . . . . . . . 90
Configuring authentication-method lists for TACACS
and TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
Configuring TACACS+ authorization . . . . . . . . . . . . . . . . . . . . . . 94
Configuring TACACS+ accounting . . . . . . . . . . . . . . . . . . . . . . . . 97
Configuring an interface as the source for all TACACS
and TACACS+ packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
Displaying TACACS and TACACS+ statistics and
configuration information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
Configuring RADIUS security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100
RADIUS authentication, authorization, and accounting . . . . .100
RADIUS configuration considerations. . . . . . . . . . . . . . . . . . . .103
RADIUS configuration procedure . . . . . . . . . . . . . . . . . . . . . . .103
Configuring Brocade-specific attributes on the
RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104
Enabling SNMP to configure RADIUS . . . . . . . . . . . . . . . . . . . .105
Identifying the RADIUS server to the BigIron RX . . . . . . . . . . .105
Specifying different servers for individual AAA functions . . . .106
Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .106
Configuring authentication-method lists for RADIUS. . . . . . . . 107
Configuring RADIUS authorization . . . . . . . . . . . . . . . . . . . . . .108
Configuring RADIUS accounting . . . . . . . . . . . . . . . . . . . . . . . .110
Configuring an interface as the source for all RADIUS
packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
Displaying RADIUS configuration information . . . . . . . . . . . . .112
Configuring authentication-method lists . . . . . . . . . . . . . . . . . . . . .113
Configuration considerations for authentication-
method lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114
Examples of authentication-method lists. . . . . . . . . . . . . . . . .115
Chapter 5 Configuring Basic Parameters
Entering system administration information. . . . . . . . . . . . . . . . . . 117
Configuring Simple Network Management Protocol traps . . . . . . .118
Specifying an SNMP trap receiver . . . . . . . . . . . . . . . . . . . . . .118
Specifying a Single trap source. . . . . . . . . . . . . . . . . . . . . . . . .119
Setting the SNMP Trap holddown time. . . . . . . . . . . . . . . . . . .119
Disabling SNMP traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
Disabling Syslog messages and traps for CLI access . . . . . . .121
BigIron RX Series Configuration Guide vii
53-1001986-01
Configuring an interface as source for all Telnet packets . . . . . . .122
Cancelling an outbound Telnet session . . . . . . . . . . . . . . . . . .123
Configuring an interface as the source for all TFTP packets . . . . .123
Configuring an interface as the source for Syslog packets . . . . . .123
Specifying a Simple Network Time Protocol (SNTP) server . . . . . .124
Setting the system clock. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126
New Daylight Saving Time (DST) . . . . . . . . . . . . . . . . . . . . . . . .127
Configuring CLI banners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128
Setting a message of the day banner. . . . . . . . . . . . . . . . . . . .128
Setting a privileged EXEC CLI level banner . . . . . . . . . . . . . . .129
Displaying a message on the console when an incoming
Telnet session is detected . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129
Configuring terminal display. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Checking the length of terminal displays . . . . . . . . . . . . . . . . .130
Enabling or disabling routing protocols . . . . . . . . . . . . . . . . . . . . . .130
Displaying and modifying system parameter default settings . . . .131
Enabling or disabling Layer 2 switching . . . . . . . . . . . . . . . . . . . .133
CAM partitioning for the BigIron RX . . . . . . . . . . . . . . . . . . . . . . . . .134
Re-distributing CAM allocations . . . . . . . . . . . . . . . . . . . . . . . .134
Nexthop table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135
Changing the MAC age time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136
Configuring static ARP entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136
Pinging an IPv4 address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
Chapter 6 Configuring Interface Parameters
Assigning a port name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139
Assigning an IP address to a port . . . . . . . . . . . . . . . . . . . . . . . . . .139
Speed/Duplex negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140
Disabling or re-enabling a port . . . . . . . . . . . . . . . . . . . . . . . . . . . .141
Changing the default Gigabit negotiation mode . . . . . . . . . . . . . . . 141
Changing the negotiation mode . . . . . . . . . . . . . . . . . . . . . . . .142
Disabling or re-enabling flow control . . . . . . . . . . . . . . . . . . . . . . . .142
Specifying threshold values for flow control . . . . . . . . . . . . . .142
Locking a port to restrict addresses . . . . . . . . . . . . . . . . . . . . . . . .143
Wait for all cards feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143
Port transition hold timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .144
Port flap dampening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .144
Modifying port priority (QoS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145
Assigning a mirror port and monitor ports . . . . . . . . . . . . . . . . . . .146
Configuration guidelines for monitoring traffic . . . . . . . . . . . .146
Configuring port mirroring and monitoring. . . . . . . . . . . . . . . .146
viii BigIron RX Series Configuration Guide
53-1001986-01
Monitoring an individual trunk port . . . . . . . . . . . . . . . . . . . . . . . . .147
Mirror ports for Policy-Based Routing (PBR) traffic. . . . . . . . . . . . .148
About hardware-based PBR . . . . . . . . . . . . . . . . . . . . . . . . . . .148
Configuring mirror ports for PBR traffic . . . . . . . . . . . . . . . . . .149
Displaying mirror and monitor port configuration. . . . . . . . . . . . . .149
Enabling WAN PHY mode support . . . . . . . . . . . . . . . . . . . . . . . . . .150
Chapter 7 Configuring IP
Overview of configuring IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .151
The IP packet flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .151
ARP cache table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152
Static ARP table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152
IP Route table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153
IP forwarding cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154
Basic IP parameters and defaults . . . . . . . . . . . . . . . . . . . . . . . . . .154
When parameter changes take effect . . . . . . . . . . . . . . . . . . .155
IP global parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155
IP interface parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158
Configuring IP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159
Configuring IP addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159
Changing the network mask display to prefix format . . . . . . .162
Configuring the default gateway . . . . . . . . . . . . . . . . . . . . . . . .162
GRE IP tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
IPv6 over IPv4 tunnels in hardware . . . . . . . . . . . . . . . . . . . . .168
Configuring Domain Name Server (DNS) resolver. . . . . . . . . .172
Adding host names to the DNS cache table . . . . . . . . . . . . . .173
Configuring packet parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . .177
Changing the encapsulation type . . . . . . . . . . . . . . . . . . . . . . . 177
Setting maximum frame size per PPCR . . . . . . . . . . . . . . . . . .178
Changing the MTU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179
Changing the router ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180
Specifying a single source interface for Telnet, TACACS,
TACACS+, or RADIUS packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181
Configuring an interface as the source for Syslog packets . . . . . .183
IP fragmentation protection . . . . . . . . . . . . . . . . . . . . . . . . . . .184
IP option attack protection . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
IP receive access list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
Configuring ARP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185
How ARP works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185
Rate limiting ARP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186
Applying a rate limit to ARP packets on an interface. . . . . . . .187
Clearing the rate limit for ARP packets. . . . . . . . . . . . . . . . . . .188
Changing the ARP aging period. . . . . . . . . . . . . . . . . . . . . . . . .188
Creating a floating static ARP entry . . . . . . . . . . . . . . . . . . . . .190
Static route ARP validation check. . . . . . . . . . . . . . . . . . . . . . .191
BigIron RX Series Configuration Guide ix
53-1001986-01
Configuring forwarding parameters . . . . . . . . . . . . . . . . . . . . . . . . .192
Disabling ICMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194
Disabling ICMP redirect messages . . . . . . . . . . . . . . . . . . . . . .196
Configuring static routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197
Static route tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .201
Configuring a default network route . . . . . . . . . . . . . . . . . . . . .206
Configuring IP load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . .207
Default route ECMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210
IP receive access list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211
Configuring IRDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212
Configuring UDP broadcast and IP helper parameters . . . . . .214
Configuring BootP/DHCP forwarding parameters . . . . . . . . . .216
Displaying IP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218
Displaying IP interface information. . . . . . . . . . . . . . . . . . . . . .221
Displaying interface name in Syslog. . . . . . . . . . . . . . . . . . . . .222
Displaying ARP entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222
Displaying the forwarding cache. . . . . . . . . . . . . . . . . . . . . . . .224
Displaying the IP route table . . . . . . . . . . . . . . . . . . . . . . . . . . .226
Clearing IP routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229
Displaying IP traffic statistics . . . . . . . . . . . . . . . . . . . . . . . . . .229
Displaying TCP traffic statistics. . . . . . . . . . . . . . . . . . . . . . . . .232
Chapter 8 Link Aggregation
Link aggregation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235
LAG formation rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235
LAG load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238
Migration from a pre-02.6.00 trunk or LACP configuration . . . . . .239
Configuration of a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240
Creating a Link Aggregation Group (LAG) . . . . . . . . . . . . . . . .240
Deploying a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243
Commands available under LAG once it is deployed . . . . . . .244
Configuring ACL-based mirroring. . . . . . . . . . . . . . . . . . . . . . . .244
Disabling ports within a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . .244
Enabling ports within a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . .245
Monitoring an individual LAG port . . . . . . . . . . . . . . . . . . . . . .245
Assigning a name to a port within a LAG . . . . . . . . . . . . . . . . .246
Enabling sFlow forwarding on a port within a LAG. . . . . . . . . .246
Setting the sFlow sampling rate for a port within a LAG . . . . .246
Displaying LAG information . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Displaying LAG statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250
Chapter 9 Configuring LLDP
Terms used in this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253
LLDP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253
Benefits of LLDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254
x BigIron RX Series Configuration Guide
53-1001986-01
General operating principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255
Operating modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255
LLDP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255
TLV support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256
MIB support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259
Syslog messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259
Configuring LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259
Configuration notes and considerations . . . . . . . . . . . . . . . . .260
Enabling and disabling LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . .260
Changing a port’s LLDP operating mode . . . . . . . . . . . . . . . . .261
Specifying the maximum number of LLDP neighbors . . . . . . .262
Enabling LLDP SNMP notifications and Syslog messages . . .263
Specifying the minimum time between SNMP traps and
Syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263
Changing the minimum time between LLDP transmissions . .264
Changing the interval between regular LLDP transmissions .264
Changing the holdtime multiplier for transmit TTL . . . . . . . . .265
Changing the minimum time between port reinitializations. .265
LLDP TLVs advertised by the Brocade device . . . . . . . . . . . . .266
Displaying LLDP statistics and configuration settings. . . . . . .272
LLDP configuration summary . . . . . . . . . . . . . . . . . . . . . . . . . .272
LLDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
LLDP neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
LLDP neighbors detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275
LLDP configuration details . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
Resetting LLDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
Chapter 10 Configuring Uni-Directional Link Detection (UDLD)
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280
Configuring UDLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280
Changing the keepalive interval . . . . . . . . . . . . . . . . . . . . . . . .280
Changing the keepalive retries . . . . . . . . . . . . . . . . . . . . . . . . .280
Displaying UDLD information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281
Displaying information for all ports. . . . . . . . . . . . . . . . . . . . . .281
Displaying link-keepalive information. . . . . . . . . . . . . . . . . . . .281
Displaying information for a single port . . . . . . . . . . . . . . . . . .282
Clearing UDLD statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284
Chapter 11 VLANs
Overview of Virtual Local Area Networks (VLANs). . . . . . . . . . . . . .285
Tagged, untagged, and dual-mode ports . . . . . . . . . . . . . . . . .285
Protocol-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287
BigIron RX Series Configuration Guide xi
53-1001986-01
VLAN configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
VLAN ID range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
Tagged VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
VLAN hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
Multiple VLAN membership rules . . . . . . . . . . . . . . . . . . . . . . .288
Layer 2 control protocols on VLANs . . . . . . . . . . . . . . . . . . . . .289
Configuring port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289
VLAN byte accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290
Strictly or explicitly tagging a port . . . . . . . . . . . . . . . . . . . . . . .292
Assigning or changing a VLAN priority . . . . . . . . . . . . . . . . . . .292
Assigning a different ID to the default VLAN . . . . . . . . . . . . . .292
Configuring protocol-based VLANs. . . . . . . . . . . . . . . . . . . . . . . . . .293
Configuring an MSTP instance . . . . . . . . . . . . . . . . . . . . . . . . .294
Configuring virtual routing interfaces . . . . . . . . . . . . . . . . . . . . . . .294
Bridging and routing the same protocol simultaneously
on the same device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295
Integrated Switch Routing (ISR) . . . . . . . . . . . . . . . . . . . . . . . .296
VLAN groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297
Configuring a VLAN group . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297
Configuring super aggregated VLANs . . . . . . . . . . . . . . . . . . . . . . .299
Configuring aggregated VLANs . . . . . . . . . . . . . . . . . . . . . . . . .301
Complete CLI examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302
Configuring 802.1q-in-q tagging. . . . . . . . . . . . . . . . . . . . . . . . . . . .305
Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306
Enabling 802.1Q-in-Q tagging . . . . . . . . . . . . . . . . . . . . . . . . . .307
Example configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .307
Configuring 802.1q tag-type translation . . . . . . . . . . . . . . . . . . . . .308
Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .310
Enabling 802.1q tag-type translation. . . . . . . . . . . . . . . . . . . .311
Private VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312
Implementation notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313
Configuring a private VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . .314
Enabling broadcast, multicast or unknown unicast traffic to the
private VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316
CLI example for Figure 30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316
Other VLAN features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Allocating memory for more VLANs or virtual routing
interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Hardware flooding for Layer 2 multicast and broadcast
packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Unknown unicast flooding on VLAN ports . . . . . . . . . . . . . . . .318
Flow based MAC learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318
Configuring uplink ports within a port-based VLAN. . . . . . . . .319
Configuring control protocols in VLANs . . . . . . . . . . . . . . . . . .319
Other configuration options . . . . . . . . . . . . . . . . . . . . . . . . . . .320
xii BigIron RX Series Configuration Guide
53-1001986-01
Displaying VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320
Displaying VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . .320
Displaying VLAN information for specific ports . . . . . . . . . . . .321
Displaying VLAN status and port types. . . . . . . . . . . . . . . . . . .321
Displaying VLAN group information . . . . . . . . . . . . . . . . . . . . .323
Transparent firewall mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .323
Enabling a transparent firewall . . . . . . . . . . . . . . . . . . . . . . . .323
Chapter 12 Configuring Spanning Tree Protocol
IEEE 802.1D Spanning Tree Protocol (STP) . . . . . . . . . . . . . . . . . .325
Enabling or disabling STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325
Default STP bridge and port parameters . . . . . . . . . . . . . . . . .326
Changing STP bridge parameters . . . . . . . . . . . . . . . . . . . . . . .327
Changing STP port parameters. . . . . . . . . . . . . . . . . . . . . . . . .328
STP root guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328
Spanning Tree Protocol (STP) BPDU guard. . . . . . . . . . . . . . . .329
Displaying STP information . . . . . . . . . . . . . . . . . . . . . . . . . . . .330
IEEE Single Spanning Tree (SSTP) . . . . . . . . . . . . . . . . . . . . . . . . . .336
SSTP defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
Enabling SSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .337
Displaying SSTP information . . . . . . . . . . . . . . . . . . . . . . . . . . .338
PVST/PVST+ compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
Overview of PVST and PVST+ . . . . . . . . . . . . . . . . . . . . . . . . . .339
VLAN tags and dual mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . .339
Enabling PVST+ support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .340
Displaying PVST+ support information. . . . . . . . . . . . . . . . . . .340
Configuration examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341
SuperSpan™ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343
Customer ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344
BPDU forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344
Configuring SuperSpan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .349
Chapter 13 Configuring Rapid Spanning Tree Protocol
Overview of Rapid Spanning Tree Protocol . . . . . . . . . . . . . . . . . . .353
Bridges and bridge port roles . . . . . . . . . . . . . . . . . . . . . . . . . .353
Assignment of port roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
Ports on Switch 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355
Ports on Switch 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355
Ports on Switch 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355
Ports Switch 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .356
Edge ports and edge port roles . . . . . . . . . . . . . . . . . . . . . . . . . . . .356
Point-to-point ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357
Bridge port states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357
Edge port and non-edge port states . . . . . . . . . . . . . . . . . . . . . . . .358
Changes to port roles and states. . . . . . . . . . . . . . . . . . . . . . . . . . .358
BigIron RX Series Configuration Guide xiii
53-1001986-01
State machines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .358
Handshake mechanisms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359
Convergence in a simple topology . . . . . . . . . . . . . . . . . . . . . . . . . .369
Convergence at start up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .370
Convergence after a link failure . . . . . . . . . . . . . . . . . . . . . . . .372
Convergence at link restoration . . . . . . . . . . . . . . . . . . . . . . . .373
Convergence in a complex RSTP topology. . . . . . . . . . . . . . . . . . . . 374
Propagation of topology change . . . . . . . . . . . . . . . . . . . . . . . .377
Compatibility of RSTP with 802.1D . . . . . . . . . . . . . . . . . . . . . . . . .380
Configuring RSTP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .381
Enabling or disabling RSTP in a port-based VLAN . . . . . . . . . .381
Enabling or disabling RSTP on a single spanning tree . . . . . .382
Disabling or enabling RSTP on a port. . . . . . . . . . . . . . . . . . . .382
Changing RSTP bridge parameters. . . . . . . . . . . . . . . . . . . . . .382
Changing port parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . .383
Fast port span . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384
Fast uplink span. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .386
Displaying RSTP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .388
Chapter 14 Metro Ring Protocol (MRP) Phase 1 and 2
Metro Ring Protocol (MRP) phase 1. . . . . . . . . . . . . . . . . . . . . . . . .393
MRP rings without shared interfaces . . . . . . . . . . . . . . . . . . . . . . .394
Ring initialization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .395
How ring breaks are detected and healed . . . . . . . . . . . . . . . . . . .398
Master VLANs and customer VLANs in a topology group . . . . . . . .400
Configuring MRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402
Adding an MRP ring to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . .403
Changing the hello and preforwarding times . . . . . . . . . . . . . .404
MRP phase 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404
Ring initialization for shared interfaces. . . . . . . . . . . . . . . . . . . . . .406
How ring breaks are detected and healed between
shared interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .406
Selection of master node . . . . . . . . . . . . . . . . . . . . . . . . . . . . .407
RHP processing in rings with shared interfaces . . . . . . . . . . .407
Normal flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .408
Flow when a link breaks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .409
Configuring MRP with shared interfaces . . . . . . . . . . . . . . . . .409
Using MRP diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Enabling MRP diagnostics. . . . . . . . . . . . . . . . . . . . . . . . . . . . .410
Displaying MRP diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
Displaying MRP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .411
Displaying topology group information . . . . . . . . . . . . . . . . . . .411
Displaying ring information . . . . . . . . . . . . . . . . . . . . . . . . . . . .412
xiv BigIron RX Series Configuration Guide
53-1001986-01
MRP CLI example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .413
Commands on switch A (master node). . . . . . . . . . . . . . . . . . .414
Commands on switch B. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
Commands on switch C. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415
Commands on switch D. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415
Chapter 15 Virtual Switch Redundancy Protocol (VSRP)
Overview of Virtual Switch Redundancy Protocol (VSRP) . . . . . . . . 417
Layer 2 and Layer 3 redundancy . . . . . . . . . . . . . . . . . . . . . . .418
Master election and failover . . . . . . . . . . . . . . . . . . . . . . . . . . .418
Configuring basic VSRP parameters . . . . . . . . . . . . . . . . . . . . . . . .423
Enabling Layer 3 VSRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .424
Configuring optional VSRP parameters . . . . . . . . . . . . . . . . . . . . . .424
Disabling VSRP on a VRID . . . . . . . . . . . . . . . . . . . . . . . . . . . . .424
Configuring authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . .424
Configuring a VRID IP address . . . . . . . . . . . . . . . . . . . . . . . . .425
VSRP fast start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .426
Changing the backup priority . . . . . . . . . . . . . . . . . . . . . . . . . .427
Saving the timer values received from the master . . . . . . . . .427
VSRP slow start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .428
Changing the Time-To-Live (TTL) . . . . . . . . . . . . . . . . . . . . . . . .428
Changing the hello interval . . . . . . . . . . . . . . . . . . . . . . . . . . . .429
Changing the dead interval . . . . . . . . . . . . . . . . . . . . . . . . . . . .429
Changing the backup hello state and interval . . . . . . . . . . . . .429
Changing the hold-down interval . . . . . . . . . . . . . . . . . . . . . . .430
Changing the default track priority . . . . . . . . . . . . . . . . . . . . . .430
Specifying a track port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431
Disabling or re-enabling backup pre-emption . . . . . . . . . . . . .431
Port transition hold timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431
Clearing VSRP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .432
VSRP and MRP signaling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .432
Displaying VSRP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .434
Displaying VRID information . . . . . . . . . . . . . . . . . . . . . . . . . . .434
Displaying a summary of VSRP information. . . . . . . . . . . . . . .436
Displaying VSRP packet statistics for VSRP . . . . . . . . . . . . . . .437
Displaying the active interfaces for a VRID . . . . . . . . . . . . . . .438
Chapter 16 Topology Groups
Topology overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .439
Master VLAN and member VLANs . . . . . . . . . . . . . . . . . . . . . . . . . .439
Master VLANs and customer VLANs in MRP . . . . . . . . . . . . . . . . . .440
Control ports and free ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .440
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .440
Configuring a topology group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .441
BigIron RX Series Configuration Guide xv
53-1001986-01
Displaying topology group information . . . . . . . . . . . . . . . . . . . . . .441
Displaying topology group information . . . . . . . . . . . . . . . . . . .441
Chapter 17 Configuring VRRP and VRRPE
Overview of VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .443
Standard VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .443
Brocade enhancements of VRRP . . . . . . . . . . . . . . . . . . . . . . .445
Overview of VRRPE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447
VRRP and VRRPE parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .450
Configuring parameters specific to VRRP . . . . . . . . . . . . . . . . . . . .452
Configuring the owner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .452
Configuring basic VRRP parameters. . . . . . . . . . . . . . . . . . . . .452
Configuring the owner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .453
Configuring a backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .453
Configuration rules for VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . .453
Configuring parameters specific to VRRPE . . . . . . . . . . . . . . . . . . .454
Configuration rules for VRRPE . . . . . . . . . . . . . . . . . . . . . . . . .454
Configuring additional VRRP and VRRPE parameters . . . . . . . . . .454
Authentication type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .455
Suppression of RIP advertisements on backup routers
for the backup up interface. . . . . . . . . . . . . . . . . . . . . . . . . . . .456
Hello interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .456
Dead interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .456
Backup hello message state and interval . . . . . . . . . . . . . . . .457
Track port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .457
Track priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .457
Backup preempt. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .458
Master router abdication and reinstatement. . . . . . . . . . . . . .458
Displaying VRRP and VRRPE information . . . . . . . . . . . . . . . . . . . .459
Displaying summary information . . . . . . . . . . . . . . . . . . . . . . .459
Displaying detailed information . . . . . . . . . . . . . . . . . . . . . . . .461
Displaying statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .464
Clearing VRRP or VRRPE statistics . . . . . . . . . . . . . . . . . . . . . .465
Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465
VRRP example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465
VRRPE example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .467
Chapter 18 Configuring Quality of Service
Overview of Quality of Service (QoS) . . . . . . . . . . . . . . . . . . . . . . . .469
Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .469
Processing of classified traffic . . . . . . . . . . . . . . . . . . . . . . . . .469
Marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472
Configuring DSCP classification by interface . . . . . . . . . . . . . .472
Configuring port, MAC, and VLAN-based classification . . . . . .472
xvi BigIron RX Series Configuration Guide
53-1001986-01
Configuring ToS-based QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Enabling ToS-based QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Specifying trust level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Enabling marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Configuring the QoS mappings. . . . . . . . . . . . . . . . . . . . . . . . . . . . .475
Changing the CoS –> DSCP mappings. . . . . . . . . . . . . . . . . . .475
Changing the DSCP –> DSCP mappings . . . . . . . . . . . . . . . . .475
Changing the DSCP –> internal forwarding priority
mappings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476
Changing the CoS –> internal forwarding priority
mappings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .477
Displaying QoS configuration information . . . . . . . . . . . . . . . . . . . .477
Determining packet drop priority using WRED . . . . . . . . . . . . . . . .479
How WRED Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .480
Calculating avg-q-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .480
Calculating packets that are dropped . . . . . . . . . . . . . . . . . . .480
Using WRED with rate limiting. . . . . . . . . . . . . . . . . . . . . . . . . .481
Configuring packet drop priority using WRED . . . . . . . . . . . . . . . . .481
Enabling WRED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .481
Setting the averaging-weight (Wq) parameter . . . . . . . . . . . . .481
Displaying the WRED configuration . . . . . . . . . . . . . . . . . . . . .485
Scheduling traffic for forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . .486
Configuring traffic scheduling . . . . . . . . . . . . . . . . . . . . . . . . . .486
Configuring multicast traffic engineering . . . . . . . . . . . . . . . . . . . .490
Displaying the multicast traffic engineering configuration . . .491
QoS for the oversubscribed 16 x 10GE modules . . . . . . . . . . . . . .492
Aggregation NP QOS modes . . . . . . . . . . . . . . . . . . . . . . . . . . .492
Port group assignments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .492
Setting the server and storage modes . . . . . . . . . . . . . . . . . . .492
Switching between server and storage modes . . . . . . . . . . . .493
Qos profiles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .493
Setting the group port weights . . . . . . . . . . . . . . . . . . . . . . . . .494
Calculating the values for WFQ storage mode traffic
scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .494
Egress port shaping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .495
Mirroring ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .495
Supported ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .495
Configuring QoS for the 16 x 10G module . . . . . . . . . . . . . . . .496
Chapter 19 Configuring Traffic Reduction
Traffic policing on the BigIron RX Series . . . . . . . . . . . . . . . . . . . . .499
Traffic reduction parameters and algorithm . . . . . . . . . . . . . . . . . .499
Requested rate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .499
Maximum burst . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .500
Actual rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .500
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .501
BigIron RX Series Configuration Guide xvii
53-1001986-01
Configuring rate limiting policies . . . . . . . . . . . . . . . . . . . . . . . . . . .502
Configuring a port-based rate limiting policy . . . . . . . . . . . . . .502
Configuring a port-and-priority-based rate limiting policy . . . .503
Configuring a port-and-VLAN-based rate limiting policy . . . . .503
Configuring a VLAN-group-based rate limiting policy. . . . . . . .504
Configuring a port-and-IPv6 ACL-based traffic reduction . . . .506
NP based multicast, broadcast, and unknown-unicast
rate limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .507
Displaying traffic reduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .507
Chapter 20 Layer 2 ACLs
Filtering based on ethertype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .509
Configuration rules and notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . .509
Configuring Layer 2 ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510
Creating a Layer 2 ACL table . . . . . . . . . . . . . . . . . . . . . . . . . . .510
Example Layer 2 ACL clauses . . . . . . . . . . . . . . . . . . . . . . . . . .511
Inserting and deleting Layer 2 ACL clauses . . . . . . . . . . . . . . .512
Binding a Layer 2 ACL table to an interface. . . . . . . . . . . . . . .512
Increasing the maximum number of clauses per
Layer 2 ACL table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .512
Viewing Layer 2 ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .512
Example of Layer 2 ACL deny by MAC address . . . . . . . . . . . .513
Chapter 21 Access Control List
How the BigIron RX processes ACLs . . . . . . . . . . . . . . . . . . . . . . . .515
Disabling or re-enabling Access Control Lists (ACLs) . . . . . . . . . . .516
Default ACL action. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .516
Types of IP ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .516
ACL IDs and entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517
Enabling support for additional ACL statements . . . . . . . . . . . . . . 517
ACL-based inbound mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .518
Considerations when configuring ACL-based inbound
mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .518
Configuring ACL-based inbound mirroring . . . . . . . . . . . . . . . .518
Creating an ACL with a mirroring clause . . . . . . . . . . . . . . . . .518
Applying the ACL to an interface . . . . . . . . . . . . . . . . . . . . . . . .519
Specifying the destination mirror port . . . . . . . . . . . . . . . . . . .519
Configuring ACL-based mirroring for ACLs bound to virtual
interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .521
Configuring numbered and named ACLs. . . . . . . . . . . . . . . . . . . . .521
Configuring standard numbered ACLs . . . . . . . . . . . . . . . . . . .521
Configuring extended numbered ACLs . . . . . . . . . . . . . . . . . . .523
Configuring standard or extended named ACLs . . . . . . . . . . .531
Configuring super ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .534
xviii BigIron RX Series Configuration Guide
53-1001986-01
Displaying ACL definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .536
Displaying of TCP/UDP numbers in ACLs . . . . . . . . . . . . . . . . .537
ACL logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .547
Enabling the new logging method. . . . . . . . . . . . . . . . . . . . . . .548
Specifying the wait time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .548
Modifying ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .548
Adding or deleting a comment . . . . . . . . . . . . . . . . . . . . . . . . .550
Deleting ACL entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .552
From numbered ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .552
From named ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .553
Applying ACLs to interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .554
Reapplying modified ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . .554
ACL automatic rebind . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .554
Manually setting the ACL rebind . . . . . . . . . . . . . . . . . . . . . . . .554
Applying ACLs to a virtual routing interface . . . . . . . . . . . . . . .554
Configuring the Layer 4 session log timer . . . . . . . . . . . . . . . .555
Displaying ACL log entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . .555
QoS options for IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .556
Enabling ACL duplication check . . . . . . . . . . . . . . . . . . . . . . . . . . . .557
ACL accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .557
Displaying accounting statistics for all ACLs . . . . . . . . . . . . . .557
Displaying statistics for an interface . . . . . . . . . . . . . . . . . . . .558
Clearing the ACL statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . .559
Enabling ACL filtering of fragmented or non-fragmented
packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .560
ACL filtering for traffic switched within a virtual routing
interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .561
ICMP filtering for extended ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . .561
Troubleshooting ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .563
Chapter 22 Policy-Based Routing
Policy-Based Routing (PBR) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .565
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .565
Configuring a PBR policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .566
Configure the ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .566
Configure the route map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .567
Enabling PBR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .568
Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .569
Basic example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .569
Setting the next hop. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .570
Setting the output interface to the null interface . . . . . . . . . . 571
Trunk formation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571
BigIron RX Series Configuration Guide xix
53-1001986-01
Chapter 23 Configuring IP Multicast Protocols
Overview of IP multicasting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .573
Multicast terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .573
Changing global IP multicast parameters . . . . . . . . . . . . . . . . . . . . 574
Defining the maximum number of DVMRP cache entries. . . . 574
Defining the maximum number of PIM cache entries. . . . . . . 574
IP multicast boundaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574
Configuring multicast boundaries. . . . . . . . . . . . . . . . . . . . . . .575
Displaying multicast boundaries. . . . . . . . . . . . . . . . . . . . . . . .575
Passive Multicast Route Insertion (PMRI) . . . . . . . . . . . . . . . . . . . . 576
Configuring PMRI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576
Displaying hardware-drop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576
Changing IGMP V1 and V2 parameters. . . . . . . . . . . . . . . . . . . . . .577
Modifying IGMP (V1 and V2) query interval period . . . . . . . . .577
Modifying IGMP (V1 and V2) membership time. . . . . . . . . . . .577
Modifying IGMP (V1 and V2) maximum response time. . . . . .578
Adding an interface to a multicast group . . . . . . . . . . . . . . . . . . . .578
IGMP v3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .579
Default IGMP version. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .580
Compatibility with IGMP V1 and V2 . . . . . . . . . . . . . . . . . . . . .580
Enabling the IGMP version per interface setting . . . . . . . . . . .581
Enabling the IGMP version on a physical port within a
virtual routing interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .581
Setting the query interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . .583
Setting the group membership time. . . . . . . . . . . . . . . . . . . . .583
Setting the maximum response time . . . . . . . . . . . . . . . . . . . .583
Displaying IGMPv3 information. . . . . . . . . . . . . . . . . . . . . . . . .583
Clearing IGMP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .587
IGMP V3 and source specific multicast protocols . . . . . . . . . .587
Configuring a static multicast route. . . . . . . . . . . . . . . . . . . . . . . . .587
Next hop validation check . . . . . . . . . . . . . . . . . . . . . . . . . . . . .589
PIM dense . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .589
Initiating PIM multicasts on a network . . . . . . . . . . . . . . . . . . .590
Pruning a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .590
Grafts to a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . .592
PIM DM versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .592
Configuring PIM DM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .593
Failover time in a multi-path topology . . . . . . . . . . . . . . . . . . .597
Modifying the TTL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .597
PIM Sparse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .597
PIM Sparse router types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .598
RP paths and SPT paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .599
Configuring PIM Sparse. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .599
Route selection precedence for multicast. . . . . . . . . . . . . . . . . . . .604
Configuring the route precedence by specifying the route types604
Displaying the route selection. . . . . . . . . . . . . . . . . . . . . . . . . .605
xx BigIron RX Series Configuration Guide
53-1001986-01
Changing the Shortest Path Tree (SPT) threshold . . . . . . . . . . . . .606
Changing the PIM join and prune message interval . . . . . . . .607
MLL optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .607
Displaying PIM Sparse configuration information and
statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .607
Displaying basic PIM Sparse configuration information . . . . .608
Displaying a list of multicast groups. . . . . . . . . . . . . . . . . . . . .609
Displaying BSR information. . . . . . . . . . . . . . . . . . . . . . . . . . . .610
Displaying candidate RP information . . . . . . . . . . . . . . . . . . . .611
Displaying RP-to-group mappings . . . . . . . . . . . . . . . . . . . . . . .612
Displaying RP information for a PIM Sparse group . . . . . . . . .612
Displaying the RP set list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .613
Displaying multicast neighbor information. . . . . . . . . . . . . . . .613
Displaying information about an upstream neighbor device .614
Displaying the PIM multicast cache . . . . . . . . . . . . . . . . . . . . .615
Displaying PIM traffic statistics. . . . . . . . . . . . . . . . . . . . . . . . . 617
PIM-SSMv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 617
Enabling SSM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .618
Configuring Multicast Source Discovery Protocol (MSDP) . . . . . . .618
Peer Reverse Path Forwarding (RPF) flooding . . . . . . . . . . . . .620
Source active caching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .620
Configuring MSDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .620
Enabling MSDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .621
Configuring MSDP peers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .621
Designating an interface’s IP address as the RP’s
IP address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .622
Filtering MSDP source-group pairs . . . . . . . . . . . . . . . . . . . . . .622
Filtering incoming source-active messages . . . . . . . . . . . . . . .622
Filtering advertised source-active messages. . . . . . . . . . . . . .624
Displaying the differences before and after the source active
filters are applied . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .625
Configuring MSDP mesh groups . . . . . . . . . . . . . . . . . . . . . . . . . . .627
Configuring MSDP mesh group. . . . . . . . . . . . . . . . . . . . . . . . .628
Displaying summary information . . . . . . . . . . . . . . . . . . . . . . .634
Displaying peer information . . . . . . . . . . . . . . . . . . . . . . . . . . .635
Displaying source active cache information. . . . . . . . . . . . . . .638
Clearing MSDP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .638
Clearing peer information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .638
Clearing the source active cache . . . . . . . . . . . . . . . . . . . . . . .639
Clearing MSDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .639
DVMRP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .639
Initiating DVMRP multicasts on a network . . . . . . . . . . . . . . . .640
Pruning a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .640
Grafts to a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . .642
/