Siemens RUGGEDCOM ROX II User Manual page 365

RUGGEDCOM ROX II
CLI User Guide
1. Make sure the CLI is in Configuration mode.
2. To configure Layer 3 Switching , type:
switch layer3-switching
Configure the following parameter(s) as required:
Parameter
unicast-mode { unicast-mode }
multicast-mode { multicast-mode }
learn-mode { learn-mode }
aging-time { aging-time }
Type commit and press Enter to save the changes, or type revert and press Enter to abort.
3.
Configuring Layer 3 Switching
Synopsis: { disabled, auto, static }
Default: auto
• Disabled: Layer 3 switching is disabled. The ability to disable routing hardware
acceleration may be desired, for example, in a system with sophisticated firewall
rules, which could not be supported by the Layer 3 switching ASIC and would require
software processing.
• Static: Only statically configured Layer 3 switching rules will be used. This mode may
be useful, for example, in a system with complex configuration where static routes
do not conflict with a firewall, while traffic flows following dynamic routes have to be
subject to sophisticated firewall filtering.
• Auto: Both statically configured and dynamically learned Layer 3 switching rules will
be used. In this mode, maximum routing hardware acceleration is utilized.
Synopsis: { disabled, auto, static }
Default: auto
• Disabled: Layer 3 switching is disabled. The ability to disable routing hardware
acceleration may be desired, for example, in a system with sophisticated firewall
rules, which could not be supported by the Layer 3 switching ASIC and would require
software processing.
• Static: Only statically configured Layer 3 switching rules will be used. This mode may
be useful, for example, in a system with complex configuration where static routes
do not conflict with a firewall, while traffic flows following dynamic routes have to be
subject to sophisticated firewall filtering.
• Auto: Both statically configured and dynamically learned Layer 3 switching rules will
be used. In this mode, maximum routing hardware acceleration is utilized.
Synopsis: { flow-oriented, host-oriented }
Default: flow-oriented
Defines how dynamically learned traffic flows are identified:
• Flow-oriented: Traffic flows are identified by a 5-tuple signature:
Src IP address Dst IP address Protocol Src TCP/UDP port Dst
TCP/UDP port
This mode should be used, if fine-granularity firewall filtering is configured in the
device (i.e. some flows between two hosts should be forwarded, while other flows
between the same two hosts should be filtered). However, this mode utilizes more
Layer 3 switching ASIC resources and is not recommended if fine-granularity firewall
filtering is not required.
• Host-oriented: Traffic flows are identified by a 2-tuple signature:
Src IP address Dst IP address
All traffic between two IP hosts is hardware-accelerated regardless of the protocol and
TCP/UDP ports. This mode potentially controls multiple flows with a single rule and
hence is more efficient in utilizing Layer3 switching ASIC resources.
Synopsis: A 32-bit signed integer between 16 and 600
Default: 32
This parameter configures the time a dynamically learned rule for a traffic flow, which
has become inactive, is held before being removed from the Layer 3 switch forwarding
table.
Description
Chapter 9
Layer 3
319