Dell PowerConnect B-RX User guide

53-1002253-01

20 May 2011

®

BigIron RX Series

Configuration Guide

Supporting Multi-Service IronWare v02.8.00

Brocade, the B-wing symbol, BigIron, DCFM, DCX, Fabric OS, FastIron, IronView, NetIron, SAN Health, ServerIron, TurboIron, and

Wingspan are registered trademarks, and Brocade Assurance, Brocade NET Health, Brocade One, Extraordinary Networks,

MyBrocade, VCS, and VDX are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other

countries. Other brands, products, or service names mentioned are or may be trademarks or service marks of their respective

owners.

Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning

any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to

this document at any time, without notice, and assumes no responsibility for its use. This informational document describes

features that may not be currently available. Contact a Brocade sales office for information on feature and product availability.

Export of technical data contained in this document may require an export license from the United States government.

The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with

respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that

accompany it.

The product described by this document may contain “open source” software covered by the GNU General Public License or other

open source license agreements. To find-out which open source software is included in Brocade products, view the licensing

terms applicable to the open source software, and obtain a copy of the programming source code, please visit

http://www.brocade.com/support/oscd.

Brocade Communications Systems, Incorporated

Document History

Corporate and Latin American Headquarters

Brocade Communications Systems, Inc.

130 Holger Way

San Jose, CA 95134

Tel: 1-408-333-8000

Fax: 1-408-333-8101

E-mail: inf[email protected]

Asia-Pacific Headquarters

Brocade Communications Systems China HK, Ltd.

No. 1 Guanghua Road

Chao Yang District

Units 2718 and 2818

Beijing 100020, China

Tel: +8610 6588 8888

Fax: +8610 6588 9999

E-mail: [email protected]

European Headquarters

Brocade Communications Switzerland Sàrl

Centre Swissair

Tour B - 4ème étage

29, Route de l'Aéroport

Case Postale 105

CH-1215 Genève 15

Switzerland

Tel: +41 22 799 5640

Fax: +41 22 799 5641

E-mail: emea-i[email protected]

Asia-Pacific Headquarters

Brocade Communications Systems Co., Ltd. (Shenzhen WFOE)

Citic Plaza

No. 233 Tian He Road North

Unit 1308 – 13th Floor

Guangzhou, China

Tel: +8620 3891 2000

Fax: +8620 3891 2111

E-mail: [email protected]

Title Publication number Summary of changes Date

BigIron RX Series Configuration Guide 53-1002253-01 Release 02.8.00 features 20 May 2011

BigIron RX Series Configuration Guide iii

53-1002253-01

Contents

About This Document

Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xli

Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . xli

List of supported features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xli

Unsupported features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xliv

What’s new in this document. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xlv

Enhancements in release 02.8.00. . . . . . . . . . . . . . . . . . . . . . xlvi

Enhancements in release 02.7.03 . . . . . . . . . . . . . . . . . . . . . . xlvii

Enhancements in release 02.7.02 . . . . . . . . . . . . . . . . . . . . . xlviii

Enhancements in release 02.7.00 . . . . . . . . . . . . . . . . . . . . . . . . .l

Enhancements in release 02.6.00. . . . . . . . . . . . . . . . . . . . . . . . li

Enhancements in patch release 02.5.00c . . . . . . . . . . . . . . . . liv

Enhancements in patch release 02.5.00b . . . . . . . . . . . . . . . . .lv

Enhancements in release 02.5.00. . . . . . . . . . . . . . . . . . . . . . . .lv

Enhancements in patch release 02.4.00c . . . . . . . . . . . . . . . . lvii

Enhancements in release 02.4.00. . . . . . . . . . . . . . . . . . . . . . lviii

Enhancements in patch release 02.3.00a . . . . . . . . . . . . . . . . lxii

Enhancements in release 02.3.00. . . . . . . . . . . . . . . . . . . . . . lxiii

Enhancements in release 02.2.01. . . . . . . . . . . . . . . . . . . . . . lxix

Enhancements in release 02.2.00g. . . . . . . . . . . . . . . . . . . . .lxxiii

Enhancements in release 02.2.00. . . . . . . . . . . . . . . . . . . . . .lxxiii

Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .lxxiv

Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .lxxiv

Command syntax conventions . . . . . . . . . . . . . . . . . . . . . . . . .lxxiv

Notes, cautions, and danger notices . . . . . . . . . . . . . . . . . . . . lxxv

Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxxv

Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxxv

Getting technical help or reporting errors . . . . . . . . . . . . . . . . . . . .lxxvi

E-mail and telephone access . . . . . . . . . . . . . . . . . . . . . . . . . .lxxvi

Chapter 1 Getting Started with the Command Line Interface

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Logging on through the CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

On-line help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Command completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Scroll control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Line editing commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

iv BigIron RX Series Configuration Guide

53-1002253-01

EXEC commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Global level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

CONFIG commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Navigating among command levels . . . . . . . . . . . . . . . . . . . . . . . 8

CLI command structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Searching and filtering output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Allowable characters for LAG names . . . . . . . . . . . . . . . . . . . . .13

Syntax shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Saving configuration changes. . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Chapter 2 Getting Familiar With the BigIron RX Series Switch Management

Applications

How to manage BigIron RX Series switch . . . . . . . . . . . . . . . . . . . . . 15

Logging on through the CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

On-line help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Command completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Scroll control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Line editing commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Searching and filtering output from CLI commands . . . . . . . . . 17

Allowable characters for LAG names . . . . . . . . . . . . . . . . . . . . . 21

Logging on through the Web Management Interface. . . . . . . . . . . .22

Web Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Chapter 3 Using a Redundant Management Module

How management module redundancy works . . . . . . . . . . . . . . . . .25

Management module redundancy overview . . . . . . . . . . . . . . .25

Management module switchover . . . . . . . . . . . . . . . . . . . . . . . .26

Switchover implications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Management module redundancy configuration . . . . . . . . . . . . . . .29

Changing the default active slot . . . . . . . . . . . . . . . . . . . . . . . . .29

Managing management module redundancy. . . . . . . . . . . . . . . . . .29

File synchronization between the active and standby

management modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29

Manually switching over to the standby management

module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Rebooting the active and standby management

modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Monitoring management module redundancy . . . . . . . . . . . . . . . . .33

Determining management module status . . . . . . . . . . . . . . . . .33

Displaying temperature information . . . . . . . . . . . . . . . . . . . . . .34

Displaying switchover information . . . . . . . . . . . . . . . . . . . . . . .34

BigIron RX Series Configuration Guide v

53-1002253-01

Flash memory and PCMCIA flash card file management

commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36

Management focus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Flash memory file system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

PCMCIA flash card file system. . . . . . . . . . . . . . . . . . . . . . . . . . .39

Wildcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40

Formatting a flash card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40

Determining the current management focus. . . . . . . . . . . . . . . 41

Switching the management focus . . . . . . . . . . . . . . . . . . . . . . . 41

Displaying a directory of the files . . . . . . . . . . . . . . . . . . . . . . . .42

Displaying the contents of a file . . . . . . . . . . . . . . . . . . . . . . . . . 44

Displaying the hexadecimal output of a file. . . . . . . . . . . . . . . . 45

Creating a subdirectory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Removing a subdirectory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Renaming a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48

Changing the read-write attribute of a file . . . . . . . . . . . . . . . . .48

Deleting a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

Recovering (“undeleting”) a file . . . . . . . . . . . . . . . . . . . . . . . . .50

Appending a file to another file. . . . . . . . . . . . . . . . . . . . . . . . . . 51

Copying files using the copy command . . . . . . . . . . . . . . . . . . . 51

Copying files using the cp command . . . . . . . . . . . . . . . . . . . . .56

Loading the software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Saving configuration changes. . . . . . . . . . . . . . . . . . . . . . . . . . .58

File management messages. . . . . . . . . . . . . . . . . . . . . . . . . . . .59

Chapter 4 Securing Access to Management Functions

Securing access methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Restricting remote access to management functions . . . . . . . . . . .63

Using ACLs to restrict remote access . . . . . . . . . . . . . . . . . . . .63

Restricting remote access to the device to specific

IP addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66

Specifying the maximum number of login attempts for

Telnet access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67

Restricting remote access to the device to specific VLAN IDs .68

Disabling specific access methods. . . . . . . . . . . . . . . . . . . . . . .69

Setting passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Setting a Telnet password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Setting passwords for management privilege levels . . . . . . . . . 71

Recovering from a lost password . . . . . . . . . . . . . . . . . . . . . . . .73

Displaying the SNMP community string . . . . . . . . . . . . . . . . . . . 74

Disabling password encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Specifying a minimum password length. . . . . . . . . . . . . . . . . . . 74

Setting up local user accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Configuring a local user account . . . . . . . . . . . . . . . . . . . . . . . .75

Username, password and login rules . . . . . . . . . . . . . . . . . . . . .77

Configuring the strict password feature . . . . . . . . . . . . . . . . . . .78

Configuring SSL security for the Web Management Interface. . . . . 81

Enabling the SSL server on the device. . . . . . . . . . . . . . . . . . . . 81

Importing digital certificates and RSA private key files. . . . . . . 81

Generating an SSL certificate . . . . . . . . . . . . . . . . . . . . . . . . . . .82

vi BigIron RX Series Configuration Guide

53-1002253-01

Configuring TACACS and TACACS+ security . . . . . . . . . . . . . . . . . . . . 82

How TACACS+ differs from TACACS. . . . . . . . . . . . . . . . . . . . . . .83

TACACS and TACACS+ authentication, authorization,

and accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83

TACACS and TACACS+ configuration considerations . . . . . . . . .86

Enabling SNMP to configure TACACS and TACACS. . . . . . . . . . . 87

Identifying the TACACS and TACACS+ servers . . . . . . . . . . . . . . 88

Specifying different servers for individual AAA functions . . . . .88

Setting optional TACACS and TACACS+ parameters . . . . . . . . .89

Configuring authentication-method lists for TACACS

and TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90

Configuring TACACS+ authorization . . . . . . . . . . . . . . . . . . . . . .92

Configuring TACACS+ accounting . . . . . . . . . . . . . . . . . . . . . . . .95

Configuring an interface as the source for all TACACS

and TACACS+ packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Displaying TACACS and TACACS+ statistics and

configuration information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Configuring RADIUS security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98

RADIUS authentication, authorization, and accounting . . . . . .98

RADIUS configuration considerations. . . . . . . . . . . . . . . . . . . .101

RADIUS configuration procedure . . . . . . . . . . . . . . . . . . . . . . .102

Configuring Brocade-specific attributes on the

RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102

Enabling SNMP to configure RADIUS . . . . . . . . . . . . . . . . . . . .103

Identifying the RADIUS server to the BigIron RX . . . . . . . . . . .104

Specifying different servers for individual AAA functions . . . .104

Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .104

Configuring authentication-method lists for RADIUS. . . . . . . .105

Configuring RADIUS authorization . . . . . . . . . . . . . . . . . . . . . .107

Configuring RADIUS accounting . . . . . . . . . . . . . . . . . . . . . . . .109

Configuring an interface as the source for all RADIUS

packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110

Displaying RADIUS configuration information . . . . . . . . . . . . .110

Configuring authentication-method lists . . . . . . . . . . . . . . . . . . . . .112

Configuration considerations for authentication-

method lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113

Examples of authentication-method lists. . . . . . . . . . . . . . . . .113

Chapter 5 Configuring Basic Parameters

Entering system administration information . . . . . . . . . . . . . . . . . .117

Configuring Simple Network Management Protocol traps . . . . . . .118

Specifying an SNMP trap receiver . . . . . . . . . . . . . . . . . . . . . .118

Specifying a Single trap source. . . . . . . . . . . . . . . . . . . . . . . . .119

Setting the SNMP Trap holddown time. . . . . . . . . . . . . . . . . . .119

Disabling SNMP traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

Disabling Syslog messages and traps for CLI access . . . . . . .121

Configuring an interface as source for all Telnet packets . . . . . . .122

Cancelling an outbound Telnet session . . . . . . . . . . . . . . . . . .123

Configuring an interface as the source for all TFTP packets . . . . .123

BigIron RX Series Configuration Guide vii

53-1002253-01

Configuring an interface as the source for Syslog packets . . . . . .123

Specifying a Simple Network Time Protocol (SNTP) server . . . . . .124

Setting the system clock. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126

New Daylight Saving Time (DST) . . . . . . . . . . . . . . . . . . . . . . . .127

Configuring CLI banners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Setting a message of the day banner. . . . . . . . . . . . . . . . . . . .128

Setting a privileged EXEC CLI level banner . . . . . . . . . . . . . . .128

Displaying a message on the console when an incoming

Telnet session is detected . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129

Configuring terminal display. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129

Checking the length of terminal displays . . . . . . . . . . . . . . . . .129

Enabling or disabling routing protocols . . . . . . . . . . . . . . . . . . . . . .130

Displaying and modifying system parameter default settings . . . .130

Enabling or disabling Layer 2 switching . . . . . . . . . . . . . . . . . . . .133

CAM partitioning for the BigIron RX . . . . . . . . . . . . . . . . . . . . . . . . .134

Re-distributing CAM allocations . . . . . . . . . . . . . . . . . . . . . . . .134

Nexthop table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135

Changing the MAC age time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136

Configuring static ARP entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136

Pinging an IPv4 address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137

Chapter 6 Configuring Interface Parameters

Assigning a port name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

Assigning an IP address to a port . . . . . . . . . . . . . . . . . . . . . . . . . .139

Speed/Duplex negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140

Disabling or re-enabling a port . . . . . . . . . . . . . . . . . . . . . . . . . . . .141

Changing the default Gigabit negotiation mode . . . . . . . . . . . . . . .141

Changing the negotiation mode . . . . . . . . . . . . . . . . . . . . . . . .142

Disabling or re-enabling flow control . . . . . . . . . . . . . . . . . . . . . . . .142

Specifying threshold values for flow control . . . . . . . . . . . . . .142

Locking a port to restrict addresses . . . . . . . . . . . . . . . . . . . . . . . .143

Wait for all cards feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143

Port transition hold timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .144

Port flap dampening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .144

Modifying port priority (QoS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146

Assigning a mirror port and monitor ports . . . . . . . . . . . . . . . . . . .146

Configuration guidelines for monitoring traffic . . . . . . . . . . . .146

Configuring port mirroring and monitoring. . . . . . . . . . . . . . . .146

Monitoring an individual trunk port . . . . . . . . . . . . . . . . . . . . . . . . .148

Mirror ports for Policy-Based Routing (PBR) traffic. . . . . . . . . . . . .149

About hardware-based PBR . . . . . . . . . . . . . . . . . . . . . . . . . . .149

Configuring mirror ports for PBR traffic . . . . . . . . . . . . . . . . . .150

viii BigIron RX Series Configuration Guide

53-1002253-01

Displaying mirror and monitor port configuration. . . . . . . . . . . . . .150

Enabling WAN PHY mode support . . . . . . . . . . . . . . . . . . . . . . . . . .151

Chapter 7 Configuring IP

Overview of configuring IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153

The IP packet flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153

ARP cache table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154

Static ARP table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154

IP Route table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155

IP forwarding cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156

Basic IP parameters and defaults . . . . . . . . . . . . . . . . . . . . . . . . . .156

When parameter changes take effect . . . . . . . . . . . . . . . . . . .157

IP global parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157

IP interface parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160

Configuring IP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161

Configuring IP addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161

Changing the network mask display to prefix format . . . . . . .164

Configuring the default gateway . . . . . . . . . . . . . . . . . . . . . . . .164

GRE IP tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165

IPv6 over IPv4 tunnels in hardware . . . . . . . . . . . . . . . . . . . . .170

Configuring Domain Name Server (DNS) resolver. . . . . . . . . . 174

Adding host names to the DNS cache table . . . . . . . . . . . . . .175

Configuring packet parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . .179

Changing the encapsulation type . . . . . . . . . . . . . . . . . . . . . . .179

Setting maximum frame size per PPCR . . . . . . . . . . . . . . . . . .180

Changing the MTU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181

Changing the router ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .182

Specifying a single source interface for Telnet, TACACS,

TACACS+, or RADIUS packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183

Configuring an interface as the source for Syslog packets . . . . . .185

IP fragmentation protection . . . . . . . . . . . . . . . . . . . . . . . . . . .185

IP option attack protection . . . . . . . . . . . . . . . . . . . . . . . . . . . .186

IP receive access list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186

Configuring ARP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187

How ARP works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187

Rate limiting ARP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . .188

Applying a rate limit to ARP packets on an interface. . . . . . . .188

Clearing the rate limit for ARP packets. . . . . . . . . . . . . . . . . . .190

Changing the ARP aging period. . . . . . . . . . . . . . . . . . . . . . . . .190

Creating a floating static ARP entry . . . . . . . . . . . . . . . . . . . . .192

Static route ARP validation check. . . . . . . . . . . . . . . . . . . . . . .192

BigIron RX Series Configuration Guide ix

53-1002253-01

Configuring forwarding parameters . . . . . . . . . . . . . . . . . . . . . . . . .194

Disabling ICMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . .196

Disabling ICMP redirect messages . . . . . . . . . . . . . . . . . . . . . .198

Configuring static routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198

Static route tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203

Configuring a default network route . . . . . . . . . . . . . . . . . . . . .208

Configuring IP load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . .209

Default route ECMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212

IP receive access list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213

Configuring IRDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214

Configuring UDP broadcast and IP helper parameters . . . . . .216

Configuring BootP/DHCP forwarding parameters . . . . . . . . . .218

Displaying IP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220

Displaying IP interface information. . . . . . . . . . . . . . . . . . . . . .223

Displaying interface name in Syslog. . . . . . . . . . . . . . . . . . . . .224

Displaying ARP entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224

Displaying the forwarding cache. . . . . . . . . . . . . . . . . . . . . . . .226

Displaying the IP route table . . . . . . . . . . . . . . . . . . . . . . . . . . .228

Clearing IP routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231

Displaying IP traffic statistics . . . . . . . . . . . . . . . . . . . . . . . . . .231

Displaying TCP traffic statistics. . . . . . . . . . . . . . . . . . . . . . . . .234

Chapter 8 Link Aggregation

Link aggregation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237

LAG formation rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237

LAG load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240

Configuration of a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

Creating a Link Aggregation Group (LAG) . . . . . . . . . . . . . . . . 241

Deploying a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244

Commands available under LAG once it is deployed . . . . . . .244

Configuring ACL-based mirroring. . . . . . . . . . . . . . . . . . . . . . . .245

Disabling ports within a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . .245

Enabling ports within a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . .245

Monitoring an individual LAG port . . . . . . . . . . . . . . . . . . . . . .246

Assigning a name to a port within a LAG . . . . . . . . . . . . . . . . .246

Enabling sFlow forwarding on a port within a LAG. . . . . . . . . .246

Setting the sFlow sampling rate for a port within a LAG . . . . . 247

Displaying LAG information . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

Displaying LAG statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251

Chapter 9 Configuring LLDP

Terms used in this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253

LLDP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253

Benefits of LLDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254

x BigIron RX Series Configuration Guide

53-1002253-01

General operating principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255

Operating modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255

LLDP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255

TLV support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256

MIB support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259

Syslog messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259

Web Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259

Configuring LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259

Configuration notes and considerations . . . . . . . . . . . . . . . . .260

Enabling and disabling LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . .261

Changing a port’s LLDP operating mode . . . . . . . . . . . . . . . . .261

Specifying the maximum number of LLDP neighbors . . . . . . .262

Enabling LLDP SNMP notifications and Syslog messages . . .263

Specifying the minimum time between SNMP traps and

Syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264

Changing the minimum time between LLDP transmissions. .264

Changing the interval between regular LLDP transmissions .265

Changing the holdtime multiplier for transmit TTL . . . . . . . . .265

Changing the minimum time between port reinitializations. .266

LLDP TLVs advertised by the Brocade device . . . . . . . . . . . . .266

Displaying LLDP statistics and configuration settings. . . . . . .273

LLDP configuration summary . . . . . . . . . . . . . . . . . . . . . . . . . . 274

LLDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274

LLDP neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276

LLDP neighbors detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277

LLDP configuration details . . . . . . . . . . . . . . . . . . . . . . . . . . . .278

Resetting LLDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .279

Chapter 10 Configuring Uni-Directional Link Detection (UDLD)

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282

Configuring UDLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282

Changing the keepalive interval . . . . . . . . . . . . . . . . . . . . . . . .282

Changing the keepalive retries . . . . . . . . . . . . . . . . . . . . . . . . .282

Displaying UDLD information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283

Displaying information for all ports. . . . . . . . . . . . . . . . . . . . . .283

Displaying link-keepalive information . . . . . . . . . . . . . . . . . . . .283

Displaying information for a single port . . . . . . . . . . . . . . . . . .284

Clearing UDLD statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286

Chapter 11 VLANs

Overview of Virtual Local Area Networks (VLANs). . . . . . . . . . . . . .287

Tagged, untagged, and dual-mode ports . . . . . . . . . . . . . . . . .287

Protocol-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289

BigIron RX Series Configuration Guide xi

53-1002253-01

VLAN configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

VLAN ID range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

Tagged VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

VLAN hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

Multiple VLAN membership rules . . . . . . . . . . . . . . . . . . . . . . .290

Layer 2 control protocols on VLANs . . . . . . . . . . . . . . . . . . . . .291

Configuring port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291

VLAN byte accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .292

Strictly or explicitly tagging a port . . . . . . . . . . . . . . . . . . . . . . .294

Assigning or changing a VLAN priority . . . . . . . . . . . . . . . . . . .294

Assigning a different ID to the default VLAN . . . . . . . . . . . . . .294

Configuring protocol-based VLANs. . . . . . . . . . . . . . . . . . . . . . . . . .295

Configuring an MSTP instance . . . . . . . . . . . . . . . . . . . . . . . . .296

Configuring virtual routing interfaces . . . . . . . . . . . . . . . . . . . . . . .296

Bridging and routing the same protocol simultaneously

on the same device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297

Integrated Switch Routing (ISR) . . . . . . . . . . . . . . . . . . . . . . . .298

VLAN groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .299

Configuring a VLAN group . . . . . . . . . . . . . . . . . . . . . . . . . . . . .299

Configuring super aggregated VLANs . . . . . . . . . . . . . . . . . . . . . . .301

Configuring aggregated VLANs . . . . . . . . . . . . . . . . . . . . . . . . .303

Complete CLI examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304

Configuring 802.1q-in-q tagging. . . . . . . . . . . . . . . . . . . . . . . . . . . .307

Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308

Enabling 802.1Q-in-Q tagging . . . . . . . . . . . . . . . . . . . . . . . . . .309

Example configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .309

Configuring 802.1q tag-type translation . . . . . . . . . . . . . . . . . . . . .310

Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312

Enabling 802.1q tag-type translation . . . . . . . . . . . . . . . . . . . .313

Private VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .314

Implementation notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .315

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .315

Configuring a private VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . .316

Enabling broadcast, multicast or unknown unicast traffic to the

private VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318

CLI example for Figure 30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318

Other VLAN features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319

Allocating memory for more VLANs or virtual routing

interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319

Hardware flooding for Layer 2 multicast and broadcast

packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319

Unknown unicast flooding on VLAN ports . . . . . . . . . . . . . . . .320

Flow based MAC learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320

Configuring uplink ports within a port-based VLAN. . . . . . . . .321

Configuring control protocols in VLANs . . . . . . . . . . . . . . . . . .321

Other configuration options . . . . . . . . . . . . . . . . . . . . . . . . . . .321

xii BigIron RX Series Configuration Guide

53-1002253-01

Displaying VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321

Displaying VLAN information. . . . . . . . . . . . . . . . . . . . . . . . . . .322

Displaying VLAN information for specific ports . . . . . . . . . . . .322

Displaying VLAN status and port types. . . . . . . . . . . . . . . . . . .323

Displaying VLAN group information . . . . . . . . . . . . . . . . . . . . .324

Transparent firewall mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325

Enabling a transparent firewall . . . . . . . . . . . . . . . . . . . . . . . .325

Chapter 12 Configuring Spanning Tree Protocol

IEEE 802.1D Spanning Tree Protocol (STP) . . . . . . . . . . . . . . . . . .327

Enabling or disabling STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327

Default STP bridge and port parameters . . . . . . . . . . . . . . . . .328

Changing STP bridge parameters . . . . . . . . . . . . . . . . . . . . . . .329

Changing STP port parameters. . . . . . . . . . . . . . . . . . . . . . . . .330

STP root guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .330

Spanning Tree Protocol (STP) BPDU guard. . . . . . . . . . . . . . . .331

Displaying STP information . . . . . . . . . . . . . . . . . . . . . . . . . . . .332

IEEE Single Spanning Tree (SSTP) . . . . . . . . . . . . . . . . . . . . . . . . . .340

SSTP defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341

Enabling SSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341

Displaying SSTP information . . . . . . . . . . . . . . . . . . . . . . . . . . .342

PVST/PVST+ compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343

Overview of PVST and PVST+ . . . . . . . . . . . . . . . . . . . . . . . . . .343

VLAN tags and dual mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . .343

Enabling PVST+ support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344

Displaying PVST+ support information . . . . . . . . . . . . . . . . . . .344

Configuration examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .345

SuperSpan™ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347

Customer ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .348

BPDU forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .348

Configuring SuperSpan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .353

Chapter 13 Configuring Rapid Spanning Tree Protocol

Overview of Rapid Spanning Tree Protocol . . . . . . . . . . . . . . . . . . .357

Bridges and bridge port roles . . . . . . . . . . . . . . . . . . . . . . . . . .357

Assignment of port roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .358

Ports on Switch 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359

Ports on Switch 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359

Ports on Switch 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359

Ports Switch 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .360

Edge ports and edge port roles . . . . . . . . . . . . . . . . . . . . . . . . . . . .360

Point-to-point ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361

Bridge port states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361

Edge port and non-edge port states . . . . . . . . . . . . . . . . . . . . . . . .362

Changes to port roles and states. . . . . . . . . . . . . . . . . . . . . . . . . . .362

BigIron RX Series Configuration Guide xiii

53-1002253-01

State machines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362

Handshake mechanisms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363

Convergence in a simple topology . . . . . . . . . . . . . . . . . . . . . . . . . .373

Convergence at start up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374

Convergence after a link failure . . . . . . . . . . . . . . . . . . . . . . . . 376

Convergence at link restoration . . . . . . . . . . . . . . . . . . . . . . . .377

Convergence in a complex RSTP topology. . . . . . . . . . . . . . . . . . . .378

Propagation of topology change . . . . . . . . . . . . . . . . . . . . . . . .381

Compatibility of RSTP with 802.1D . . . . . . . . . . . . . . . . . . . . . . . . .384

Configuring RSTP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .385

Enabling or disabling RSTP in a port-based VLAN . . . . . . . . . .385

Enabling or disabling RSTP on a single spanning tree . . . . . .386

Disabling or enabling RSTP on a port. . . . . . . . . . . . . . . . . . . .386

Changing RSTP bridge parameters. . . . . . . . . . . . . . . . . . . . . .386

Changing port parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . .387

Fast port span . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .388

Fast uplink span. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .390

Displaying RSTP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .392

Chapter 14 Metro Ring Protocol (MRP) Phase 1 and 2

Metro Ring Protocol (MRP) phase 1. . . . . . . . . . . . . . . . . . . . . . . . .401

MRP rings without shared interfaces . . . . . . . . . . . . . . . . . . . . . . .402

Ring initialization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .403

How ring breaks are detected and healed . . . . . . . . . . . . . . . . . . .406

Master VLANs and customer VLANs in a topology group . . . . . . . .408

Configuring MRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410

Adding an MRP ring to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . 411

Changing the hello and preforwarding times. . . . . . . . . . . . . .412

MRP phase 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .412

Ring initialization for shared interfaces. . . . . . . . . . . . . . . . . . . . . .414

How ring breaks are detected and healed between

shared interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414

Selection of master node . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415

RHP processing in rings with shared interfaces . . . . . . . . . . .415

Normal flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416

Flow when a link breaks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

Configuring MRP with shared interfaces . . . . . . . . . . . . . . . . . 417

Using MRP diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .418

Enabling MRP diagnostics. . . . . . . . . . . . . . . . . . . . . . . . . . . . .418

Displaying MRP diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . .419

Displaying MRP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .419

Displaying topology group information . . . . . . . . . . . . . . . . . . .419

Displaying ring information . . . . . . . . . . . . . . . . . . . . . . . . . . . .420

xiv BigIron RX Series Configuration Guide

53-1002253-01

MRP CLI example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421

Commands on switch A (master node). . . . . . . . . . . . . . . . . . .422

Commands on switch B. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .422

Commands on switch C. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .423

Commands on switch D. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .423

Chapter 15 Virtual Switch Redundancy Protocol (VSRP)

Overview of Virtual Switch Redundancy Protocol (VSRP) . . . . . . . .425

Layer 2 and Layer 3 redundancy . . . . . . . . . . . . . . . . . . . . . . .426

Master election and failover . . . . . . . . . . . . . . . . . . . . . . . . . . .426

Configuring basic VSRP parameters . . . . . . . . . . . . . . . . . . . . . . . .431

Enabling Layer 3 VSRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .432

Configuring optional VSRP parameters . . . . . . . . . . . . . . . . . . . . . .432

Disabling VSRP on a VRID . . . . . . . . . . . . . . . . . . . . . . . . . . . . .432

Configuring authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . .432

Configuring a VRID IP address . . . . . . . . . . . . . . . . . . . . . . . . .433

VSRP fast start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .434

Changing the backup priority . . . . . . . . . . . . . . . . . . . . . . . . . .435

Saving the timer values received from the master . . . . . . . . .435

VSRP slow start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .436

Changing the Time-To-Live (TTL) . . . . . . . . . . . . . . . . . . . . . . . .436

Changing the hello interval . . . . . . . . . . . . . . . . . . . . . . . . . . . .437

Changing the dead interval . . . . . . . . . . . . . . . . . . . . . . . . . . . .437

Changing the backup hello state and interval . . . . . . . . . . . . .437

Changing the hold-down interval . . . . . . . . . . . . . . . . . . . . . . .438

Changing the default track priority . . . . . . . . . . . . . . . . . . . . . .438

Specifying a track port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .439

Disabling or re-enabling backup pre-emption . . . . . . . . . . . . .439

Port transition hold timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . .439

Clearing VSRP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .440

VSRP and MRP signaling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .440

Displaying VSRP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .442

Displaying VRID information . . . . . . . . . . . . . . . . . . . . . . . . . . .442

Displaying a summary of VSRP information. . . . . . . . . . . . . . .444

Displaying VSRP packet statistics for VSRP . . . . . . . . . . . . . . .445

Displaying the active interfaces for a VRID . . . . . . . . . . . . . . .446

Chapter 16 Topology Groups

Topology overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447

Master VLAN and member VLANs . . . . . . . . . . . . . . . . . . . . . . . . . .447

Master VLANs and customer VLANs in MRP . . . . . . . . . . . . . . . . . .448

Control ports and free ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .448

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .448

Configuring a topology group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .449

BigIron RX Series Configuration Guide xv

53-1002253-01

Displaying topology group information . . . . . . . . . . . . . . . . . . . . . .449

Displaying topology group information . . . . . . . . . . . . . . . . . . .449

Chapter 17 Configuring VRRP and VRRPE

Overview of VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .451

Standard VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .451

Brocade enhancements of VRRP . . . . . . . . . . . . . . . . . . . . . . .453

Overview of VRRPE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .455

VRRP and VRRPE parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .458

Configuring parameters specific to VRRP . . . . . . . . . . . . . . . . . . . .460

Configuring the owner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .460

Configuring basic VRRP parameters. . . . . . . . . . . . . . . . . . . . .460

Configuring the owner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .461

Configuring a backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .461

Configuration rules for VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . .461

Configuring parameters specific to VRRPE . . . . . . . . . . . . . . . . . . .462

Configuration rules for VRRPE . . . . . . . . . . . . . . . . . . . . . . . . .462

Configuring additional VRRP and VRRPE parameters . . . . . . . . . .462

Authentication type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .463

Suppression of RIP advertisements on backup routers

for the backup up interface. . . . . . . . . . . . . . . . . . . . . . . . . . . .464

Hello interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .464

Dead interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .464

Backup hello message state and interval . . . . . . . . . . . . . . . .465

Track port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465

Track priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465

Backup preempt. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .466

Master router abdication and reinstatement. . . . . . . . . . . . . .466

Displaying VRRP and VRRPE information . . . . . . . . . . . . . . . . . . . .467

Displaying summary information . . . . . . . . . . . . . . . . . . . . . . .467

Displaying detailed information . . . . . . . . . . . . . . . . . . . . . . . .469

Displaying statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472

Clearing VRRP or VRRPE statistics . . . . . . . . . . . . . . . . . . . . . .473

Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .473

VRRP example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .473

VRRPE example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .475

Chapter 18 Configuring Quality of Service

Overview of Quality of Service (QoS) . . . . . . . . . . . . . . . . . . . . . . . .477

Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .477

Processing of classified traffic . . . . . . . . . . . . . . . . . . . . . . . . .477

Marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .480

Configuring DSCP classification by interface . . . . . . . . . . . . . .480

Configuring port, MAC, and VLAN-based classification . . . . . .480

xvi BigIron RX Series Configuration Guide

53-1002253-01

Configuring ToS-based QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .482

Enabling ToS-based QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .482

Specifying trust level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .482

Enabling marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .482

Configuring the QoS mappings. . . . . . . . . . . . . . . . . . . . . . . . . . . . .483

Changing the CoS –> DSCP mappings. . . . . . . . . . . . . . . . . . .483

Changing the DSCP –> DSCP mappings . . . . . . . . . . . . . . . . .483

Changing the DSCP –> internal forwarding priority

mappings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .484

Changing the CoS –> internal forwarding priority

mappings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .485

Displaying QoS configuration information . . . . . . . . . . . . . . . . . . . .485

Determining packet drop priority using WRED . . . . . . . . . . . . . . . .487

How WRED Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488

Calculating avg-q-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488

Calculating packets that are dropped . . . . . . . . . . . . . . . . . . .488

Using WRED with rate limiting. . . . . . . . . . . . . . . . . . . . . . . . . .489

Configuring packet drop priority using WRED . . . . . . . . . . . . . . . . .489

Enabling WRED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .489

Setting the averaging-weight (Wq) parameter . . . . . . . . . . . . .489

Displaying the WRED configuration . . . . . . . . . . . . . . . . . . . . .493

Scheduling traffic for forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . .494

Configuring traffic scheduling . . . . . . . . . . . . . . . . . . . . . . . . . .494

Configuring multicast traffic engineering . . . . . . . . . . . . . . . . . . . .498

Displaying the multicast traffic engineering configuration . . .499

Qos profiles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .500

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .501

Calculating the values for WFQ storage mode traffic

scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .501

Egress port shaping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .501

Mirroring ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .502

Supported ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .502

Configuring QoS for the 16 x 10G module . . . . . . . . . . . . . . . .502

Chapter 19 Configuring Traffic Reduction

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .505

Traffic policing on the BigIron RX Series . . . . . . . . . . . . . . . . . . . . .505

Traffic reduction parameters and algorithm . . . . . . . . . . . . . . . . . .506

Requested rate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506

Maximum burst . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506

Actual rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .507

BigIron RX Series Configuration Guide xvii

53-1002253-01

Configuring rate limiting policies . . . . . . . . . . . . . . . . . . . . . . . . . . .508

Configuring a port-based rate limiting policy . . . . . . . . . . . . . .508

Configuring a port-and-priority-based rate limiting policy . . . .509

Configuring a port-and-VLAN-based rate limiting policy . . . . .509

Configuring a VLAN-group-based rate limiting policy. . . . . . . .510

Configuring a port-and-IPv6 ACL-based traffic reduction . . . .512

NP based multicast, broadcast, and unknown-unicast

rate limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .513

Displaying traffic reduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .514

Chapter 20 Layer 2 ACLs

Filtering based on ethertype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

Configuration rules and notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

Configuring Layer 2 ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .518

Creating a Layer 2 ACL table . . . . . . . . . . . . . . . . . . . . . . . . . . .518

Example Layer 2 ACL clauses . . . . . . . . . . . . . . . . . . . . . . . . . .519

Inserting and deleting Layer 2 ACL clauses . . . . . . . . . . . . . . .520

Binding a Layer 2 ACL table to an interface. . . . . . . . . . . . . . .520

Increasing the maximum number of clauses per

Layer 2 ACL table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .520

Viewing Layer 2 ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .520

Example of Layer 2 ACL deny by MAC address . . . . . . . . . . . .521

Chapter 21 Access Control List

How the BigIron RX processes ACLs . . . . . . . . . . . . . . . . . . . . . . . .523

Disabling or re-enabling Access Control Lists (ACLs) . . . . . . . . . . .524

Default ACL action. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .524

Types of IP ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .524

ACL IDs and entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .525

Enabling support for additional ACL statements . . . . . . . . . . . . . .525

ACL-based inbound mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .526

Considerations when configuring ACL-based inbound

mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .526

Configuring ACL-based inbound mirroring . . . . . . . . . . . . . . . .526

Creating an ACL with a mirroring clause . . . . . . . . . . . . . . . . .526

Applying the ACL to an interface . . . . . . . . . . . . . . . . . . . . . . . .527

Specifying the destination mirror port . . . . . . . . . . . . . . . . . . .527

Configuring ACL-based mirroring for ACLs bound to virtual

interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .529

Configuring numbered and named ACLs. . . . . . . . . . . . . . . . . . . . .529

Configuring standard numbered ACLs . . . . . . . . . . . . . . . . . . .529

Configuring extended numbered ACLs . . . . . . . . . . . . . . . . . . .531

Configuring standard or extended named ACLs . . . . . . . . . . .539

Configuring super ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .542

xviii BigIron RX Series Configuration Guide

53-1002253-01

Displaying ACL definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .544

Displaying of TCP/UDP numbers in ACLs . . . . . . . . . . . . . . . . .545

ACL logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .555

Enabling the new logging method. . . . . . . . . . . . . . . . . . . . . . .556

Specifying the wait time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .556

Modifying ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .556

Adding or deleting a comment . . . . . . . . . . . . . . . . . . . . . . . . .558

Deleting ACL entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .560

From numbered ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .560

From named ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .561

Applying ACLs to interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .562

Reapplying modified ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .562

ACL automatic rebind . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .562

Manually setting the ACL rebind . . . . . . . . . . . . . . . . . . . . . . . .562

Applying ACLs to a virtual routing interface . . . . . . . . . . . . . . .562

Configuring the Layer 4 session log timer . . . . . . . . . . . . . . . .563

Displaying ACL log entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . .563

QoS options for IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .564

Enabling ACL duplication check . . . . . . . . . . . . . . . . . . . . . . . . . . . .565

ACL accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .565

Displaying accounting statistics for all ACLs . . . . . . . . . . . . . .565

Displaying statistics for an interface . . . . . . . . . . . . . . . . . . . .566

Clearing the ACL statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . .567

Enabling ACL filtering of fragmented or non-fragmented

packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .568

ACL filtering for traffic switched within a virtual routing

interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .569

ICMP filtering for extended ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . .569

Troubleshooting ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571

Chapter 22 Policy-Based Routing

Policy-Based Routing (PBR) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .573

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .573

Configuring a PBR policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574

Configure the ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574

Configure the route map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .575

Enabling PBR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576

Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .577

Basic example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .577

Setting the next hop. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .578

Setting the output interface to the null interface . . . . . . . . . .579

Trunk formation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .579

BigIron RX Series Configuration Guide xix

53-1002253-01

Chapter 23 Configuring IP Multicast Protocols

Overview of IP multicasting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .581

Multicast terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .581

Changing global IP multicast parameters . . . . . . . . . . . . . . . . . . . .582

Defining the maximum number of DVMRP cache entries. . . .582

Defining the maximum number of PIM cache entries. . . . . . .582

IP multicast boundaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .582

Configuring multicast boundaries. . . . . . . . . . . . . . . . . . . . . . .583

Displaying multicast boundaries. . . . . . . . . . . . . . . . . . . . . . . .583

Passive Multicast Route Insertion (PMRI) . . . . . . . . . . . . . . . . . . . .584

Configuring PMRI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .584

Displaying hardware-drop . . . . . . . . . . . . . . . . . . . . . . . . . . . . .584

Changing IGMP V1 and V2 parameters. . . . . . . . . . . . . . . . . . . . . .585

Modifying IGMP (V1 and V2) query interval period . . . . . . . . .585

Modifying IGMP (V1 and V2) membership time. . . . . . . . . . . .585

Modifying IGMP (V1 and V2) maximum response time. . . . . .586

Adding an interface to a multicast group . . . . . . . . . . . . . . . . . . . .586

IGMP v3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .587

Default IGMP version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .588

Compatibility with IGMP V1 and V2 . . . . . . . . . . . . . . . . . . . . .588

Enabling the IGMP version per interface setting . . . . . . . . . . .589

Enabling the IGMP version on a physical port within a

virtual routing interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .589

Setting the query interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . .591

Setting the group membership time. . . . . . . . . . . . . . . . . . . . .591

Setting the maximum response time . . . . . . . . . . . . . . . . . . . .591

Displaying IGMPv3 information. . . . . . . . . . . . . . . . . . . . . . . . .591

Clearing IGMP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .595

IGMP V3 and source specific multicast protocols . . . . . . . . . .595

Configuring a static multicast route. . . . . . . . . . . . . . . . . . . . . . . . .595

Next hop validation check . . . . . . . . . . . . . . . . . . . . . . . . . . . . .597

PIM dense . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .597

Initiating PIM multicasts on a network . . . . . . . . . . . . . . . . . . .598

Pruning a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .598

Grafts to a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . .600

PIM DM versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .600

Configuring PIM DM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .601

Failover time in a multi-path topology . . . . . . . . . . . . . . . . . . .605

Modifying the TTL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .605

PIM Sparse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .605

PIM Sparse router types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .606

RP paths and SPT paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .607

Configuring PIM Sparse. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .607

Route selection precedence for multicast. . . . . . . . . . . . . . . . . . . .612

Configuring the route precedence by specifying the route types612

Displaying the route selection. . . . . . . . . . . . . . . . . . . . . . . . . .613

xx BigIron RX Series Configuration Guide

53-1002253-01

Changing the Shortest Path Tree (SPT) threshold . . . . . . . . . . . . .614

Changing the PIM join and prune message interval . . . . . . . .615

MLL optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .615

Displaying PIM Sparse configuration information and

statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .615

Displaying basic PIM Sparse configuration information . . . . .616

Displaying a list of multicast groups . . . . . . . . . . . . . . . . . . . . . 617

Displaying BSR information. . . . . . . . . . . . . . . . . . . . . . . . . . . .618

Displaying candidate RP information . . . . . . . . . . . . . . . . . . . .619

Displaying RP-to-group mappings . . . . . . . . . . . . . . . . . . . . . . .620

Displaying RP information for a PIM Sparse group . . . . . . . . .620

Displaying the RP set list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .621

Displaying multicast neighbor information. . . . . . . . . . . . . . . .621

Displaying information about an upstream neighbor device .622

Displaying the PIM multicast cache . . . . . . . . . . . . . . . . . . . . .623

Displaying PIM traffic statistics. . . . . . . . . . . . . . . . . . . . . . . . .625

PIM-SSMv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .625

Enabling SSM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .626

Configuring Multicast Source Discovery Protocol (MSDP) . . . . . . .626

Peer Reverse Path Forwarding (RPF) flooding . . . . . . . . . . . . .628

Source active caching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .628

Configuring MSDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .628

Enabling MSDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .629

Configuring MSDP peers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .629

Designating an interface’s IP address as the RP’s

IP address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .630

Filtering MSDP source-group pairs . . . . . . . . . . . . . . . . . . . . . .630

Filtering incoming source-active messages . . . . . . . . . . . . . . .630

Filtering advertised source-active messages. . . . . . . . . . . . . .632

Displaying the differences before and after the source active

filters are applied . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .633

Configuring MSDP mesh groups . . . . . . . . . . . . . . . . . . . . . . . . . . .635

Configuring MSDP mesh group. . . . . . . . . . . . . . . . . . . . . . . . .636

Displaying summary information . . . . . . . . . . . . . . . . . . . . . . .642

Displaying peer information . . . . . . . . . . . . . . . . . . . . . . . . . . .643

Displaying source active cache information. . . . . . . . . . . . . . .646

Clearing MSDP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .646

Clearing peer information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .646

Clearing the source active cache . . . . . . . . . . . . . . . . . . . . . . .647

Clearing MSDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .647

DVMRP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .647

Initiating DVMRP multicasts on a network . . . . . . . . . . . . . . . .648

Pruning a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .648

Grafts to a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . .650

Page is loading ...

Dell PowerConnect B-RX, PowerConnect B-RX16 User guide

Related papers

Other documents