1. Manuals
  2. Brands
  3. Cabletron Systems Manuals
  4. Network Router
  5. SmartSwitch Router
  6. User's reference manual

Cabletron Systems SmartSwitch Router User's Reference Manual

Cabletron smartswitch router user reference manual
Hide thumbs Also See for SmartSwitch Router:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Reference Manual
SmartSwitch Router
User Reference Manual
9032578-04

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SmartSwitch Router and is the answer not in the manual?

Questions and answers

Related Manuals for Cabletron Systems SmartSwitch Router

Summary of Contents for Cabletron Systems SmartSwitch Router

  • Page 1 SmartSwitch Router User Reference Manual 9032578-04...
  • Page 2 Printed in the United States of America Order Number: 9032578-04 LANVIEW is a registered trademark, and SmartSwitch is a trademark of Cabletron Systems, Inc. CompuServe is a registered trademark of CompuServe, Inc. i960 microprocessor is a registered trademark of Intel Corp.

  • Page 3: Industry Canada Notice

    This is a Class A product based on the standard of the Voluntary Control Council for Interference by Information Technology Equipment (VCCI). If this equipment is used in a domestic environment, radio disturbance may arise. When such trouble occurs, the user may be required to take corrective actions. SmartSwitch Router User Reference Manual...

  • Page 4: Program License Agreement

    BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This document is an agreement (“Agreement”) between You, the end user, and Cabletron Systems, Inc. (“Cabletron”) that sets forth your rights and obligations with respect to the Cabletron software program (“Program”) in the package.
  • Page 5 POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, OR IN THE DURATION OR LIMITATION OF IMPLIED WARRANTIES IN SOME INSTANCES, THE ABOVE LIMITATION AND EXCLUSIONS MAY NOT APPLY TO YOU. SmartSwitch Router User Reference Manual Notice...
  • Page 6 BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This document is an agreement (“Agreement”) between You, the end user, and Cabletron Systems Sales and Service, Inc. (“Cabletron”) that sets forth your rights and obligations with respect to the Cabletron software program (“Program”) in the package.
  • Page 7 ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, OR IN THE DURATION OR LIMITATION OF IMPLIED WARRANTIES IN SOME INSTANCES, THE ABOVE LIMITATION AND EXCLUSIONS MAY NOT APPLY TO YOU. SmartSwitch Router User Reference Manual Notice...
  • Page 8 BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This document is an agreement (“Agreement”) between You, the end user, and Cabletron Systems Limited (“Cabletron”) that sets forth your rights and obligations with respect to the Cabletron software program (“Program”) in the package.
  • Page 9 POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, OR IN THE DURATION OR LIMITATION OF IMPLIED WARRANTIES IN SOME INSTANCES, THE ABOVE LIMITATION AND EXCLUSIONS MAY NOT APPLY TO YOU. SmartSwitch Router User Reference Manual Notice...

  • Page 10: Safety Information

    Do not use optical instruments to view the laser output. The use of optical instruments to view laser output increases eye hazard. When viewing the output optical port, power must be removed from the network adapter. SAFETY INFORMATION CLASS 1 LASER TRANSCEIVERS Laser Radiation and Connectors SmartSwitch Router User Reference Manual watts.

  • Page 11: Declaration Of Conformity Addendum

    _to the above directives. Manufacturer Mr. Ronald Fotino Full Name Principal Compliance Engineer Title Rochester, NH, USA Location SmartSwitch Router User Reference Manual ADDENDUM 89/336/EEC 73/23/EEC Cabletron Systems, Inc. 35 Industrial Way PO Box 5005 Rochester, NH 03867 Mr.
  • Page 12 Notice SmartSwitch Router User Reference Manual...

  • Page 13: Table Of Contents

    Setting the SSR Name ...44 Setting SSR Date and Time ...44 Configuring NTP ...44 Configuring the SSR CLI...45 Configuring SNMP Services...45 Configuring DNS ...45 Connecting Between the SSR and Other Systems ...46 Configuring Logging ...46 Monitoring Configuration ...47 SmartSwitch Router User Reference Manual Contents...
  • Page 14 Adding Ports to a VLAN ... 65 Configuring VLAN Trunk Ports... 65 Configuring VLANs for Bridging... 65 Configuring Layer-2 Filters ... 66 Monitoring Bridging ... 66 Configuration Examples... 67 Creating an IP or IPX VLAN ... 67 SmartSwitch Router User Reference Manual...
  • Page 15 Specifying IP Interfaces for RARP...89 Defining MAC-to-IP Address Mappings ...89 Monitoring RARP ...90 Configuring DNS Parameters ...90 Configuring IP Services (ICMP) ...90 Configuring IP Helper...91 Configuring Direct Broadcast ...91 Configuring Denial of Service (DOS)...91 SmartSwitch Router User Reference Manual Contents...
  • Page 16 Enabling OSPF ... 116 Configuring OSPF Interface Parameters... 117 Configuring an OSPF Area ... 118 Configuring OSPF Area Parameters ... 119 Creating Virtual Links ... 119 Configuring Autonomous System External (ASE) Link Advertisements ... 120 SmartSwitch Router User Reference Manual...
  • Page 17 Route Import and Export Policy Overview...163 Preference...164 Import Policies...165 Import-Source...165 Route-Filter ...166 Export Policies ...166 Export-Destination ...166 Export-Source ...166 Route-Filter ...167 Specifying a Route Filter ...167 Aggregates and Generates...168 Aggregate-Destination ...169 Aggregate-Source ...169 Route-Filter ...170 SmartSwitch Router User Reference Manual Contents...
  • Page 18 Exporting All Interface & Static Routes to OSPF ... 195 Exporting All RIP, Interface & Static Routes to OSPF ... 196 Chapter 12: Multicast Routing Configuration Guide... 199 IP Multicast Overview ... 199 a Certain Interface ... 185 RIP-Interface... 192 SmartSwitch Router User Reference Manual...
  • Page 19 Setting Inside and Outside Interfaces ...224 Setting NAT Rules ...225 Static...225 Dynamic ...225 Managing Dynamic Bindings...225 NAT and FTP ...226 Monitoring NAT...226 Configuration Examples ...226 Static Configuration...226 Using Static NAT ...227 Dynamic Configuration ...228 SmartSwitch Router User Reference Manual Contents...
  • Page 20 IPX Addresses... 247 Configuring IPX Interfaces and Parameters... 248 Configuring IPX Addresses to Ports ... 248 Configuring IPX Interfaces for a VLAN ... 248 Specifying IPX Encapsulation Method ... 248 Configuring IPX Routing ... 249 SmartSwitch Router User Reference Manual...
  • Page 21 Configuring SSR Access Security...272 Configuring RADIUS ...272 Monitoring RADIUS...273 Configuring TACACS ...273 Monitoring TACACS...273 Configuring TACACS Plus...274 Monitoring TACACS Plus ...274 Configuring Passwords...275 Layer-2 Security Filters...275 Configuring Layer-2 Address Filters ...276 Configuring Layer-2 Port-to-Address Lock Filters ...276 SmartSwitch Router User Reference Manual Contents...
  • Page 22 Chapter 21: RMON Configuration Guide... 299 RMON Overview ... 299 Configuring and Enabling RMON... 299 Example of RMON Configuration Commands ... 300 RMON Groups ... 301 Lite RMON Groups ... 301 Standard RMON Groups ... 302 Professional RMON Groups... 302 SmartSwitch Router User Reference Manual...
  • Page 23 Configuring PPP Interfaces ...327 Defining the Type and Location of a PPP Interface ...328 Setting up a PPP Service Profile...328 Applying a Service Profile to an Active PPP Port ...329 Configuring Multilink PPP Bundles ...329 SmartSwitch Router User Reference Manual Contents...
  • Page 24 Router R1 Configuration File ... 334 Router R2 Configuration File ... 334 Router R3 Configuration File ... 335 Router R4 Configuration File ... 335 Router R5 Configuration File ... 336 Router R6 Configuration File ... 336 SmartSwitch Router User Reference Manual...

  • Page 25: Preface

    About This Manual This manual provides detailed information and procedures for configuring the SmartSwitch Router (SSR) software. If you have not yet installed the SSR, use the instructions in the SmartSwitch Router Getting Started Guide to install the chassis and perform basic setup tasks, then return to this manual for more detailed configuration information.
  • Page 26 Chapter “Security Configuration Guide” on page 271 Chapter “QoS Configuration Guide” on page 283 Chapter “Performance Monitoring Guide” on page 295 Chapter “RMON Configuration Guide” on page 299 Chapter “WAN Configuration Guide” on page 315 SmartSwitch Router User Reference Manual...

  • Page 27: Related Documentation

    Related Documentation The SmartSwitch Router documentation set includes the following items. Refer to these other documents to learn more about your product. For Information About Installing and setting up the SSR Managing the SSR using Cabletron’s element management application The complete syntax for all CLI commands...
  • Page 28 Preface SmartSwitch Router User Reference Manual...

  • Page 29: Chapter 1: Ssr Product Overview

    The SmartSwitch Router (SSR) provides non-blocking, wire-speed Layer-2 (switching), Layer-3 (routing) and Layer-4 (application) switching. The hardware provides wire-speed performance regardless of the performance monitoring, filtering, and Quality of Service (QoS) features enabled by the software. You do not need to accept performance compromises to run QoS or access control lists (ACLs).
  • Page 30 IP: RIP v1/v2, OSPF, BGP 2, 3 ,4 • IPX: RIP, SAP • Multicast: IGMP, DVMRP • 802.1d Spanning Tree • 802.1Q (VLAN trunking) • 802.3 (10Base-T) • 802.3u (100Base-TX, 100Base-FX) • 802.3x (1000Base-SX, 1000Base-LX) • 802.3z (1000Base-SX, 1000Base-LX) SmartSwitch Router User Reference Manual...

  • Page 31: Supported Media (Encapsulation Type)

    The SSR supports many routing protocols based on open standards. The SSR can receive and forward packets concurrently from any combination of the following: • Interior gateway protocols: – Open Shortest Path First (OSPF) Version 2 SmartSwitch Router User Reference Manual Specification • Layer-2 prioritization (802.1p) • Layer-3 source-destination flows •...

  • Page 32: Configuring The Smartswitch Router

    (CLI). The SSR can also be configured using the CoreWatch Java-based management application. Using CoreWatch is described in the CoreWatch User’s Manual. describes these protocols in describes this protocol in detail. describes these protocols SmartSwitch Router User Reference Manual...

  • Page 33: Basic Line Editing Commands

    Boot – This mode appears when the SSR the external flash card or the system image is not found during bootup. You should enter the reboot command to reset the SSR. If the SSR still fails to bootup, please call Cabletron Technical Support. SmartSwitch Router User Reference Manual Command Move cursor to beginning of line...

  • Page 34: User Mode

    Chapter 1: SSR Product Overview Note: The command prompt will show the name of the SmartSwitch Router in front of the mode character(s). The default name is “ssr”. When you are in Configure or Enable mode, enter the exit command or press Ctrl+Z to exit to the previous access mode.

  • Page 35: Enable Mode

    SmartSwitch Router User Reference Manual - Configure Multicast related parameters - Ping utility - Show Per Vlan Spanning Tree Protocol (PVST) parameters - Show SecureFast Switching (SFS) parameters - Show or clear SSR statistics...
  • Page 36 - Show STP status - Show system-wide parameters - Show TACACS related parameters - Show TACACS+ related parameters - Telnet utility - Traceroute utility - Show VLAN-related parameters - Configure web caching parameters exit Ctrl+Z SmartSwitch Router User Reference Manual...

  • Page 37: Configure Mode

    SmartSwitch Router User Reference Manual Chapter 1: SSR Product Overview - Configure L3 Access Control List - Edit an ACL in the ACL Editor - Configure ACL policy - Configure L2 and L3 Aging...

  • Page 38: Boot Prom Mode

    (PROM) mode. You should then reboot the SSR at the boot PROM to restart the system. If the system fails to reboot successfully, please call Cabletron Systems Technical Support to resolve the problem. To reboot the SSR from the ROM monitor mode, enter the following command.

  • Page 39: Disabling A Function Or Feature

    “disable” a feature or function which has been enabled. For example, Spanning Tree Protocol is disabled by default. If after enabling Spanning Tree Protocol on the SmartSwitch Router, you want to disable STP, you must specify the negate command on the line of the active configuration containing the Loading System Images and Configuration Files The SSR contains an internal flash on the Control Module and an external PC flash.

  • Page 40: Loading System Image Software

    Here is an example: ssr# system image choose img2100 Making image img2100 the active image for next reboot : 2.1 : Copyright (c) 1996-1998 Cabletron Systems , : Version 2.1.0.0 built on Wed Jan 20 19:28:49 1999 SmartSwitch Router User Reference Manual Inc.

  • Page 41: Loading Boot Prom Software

    Use the following procedure to activate the configuration commands in the scratchpad. SmartSwitch Router User Reference Manual : 2.1 : Copyright (c) 1996-1999 Cabletron Systems , : Version 2.1.0.0 , built on Wed Jan 2022:49:07 1999 : prom-1.0 Chapter 1: SSR Product Overview Inc.

  • Page 42: Copying The Configuration To The Startup Configuration File

    You also can save active changes to the Startup configuration file from within Configure mode by entering the save startup command: The new configuration changes are added to the Startup configuration file stored in the Control Module’s boot flash. SmartSwitch Router User Reference Manual...

  • Page 43: Displaying Configuration Changes

    Setting the SSR name • Setting the SSR date and time • Configuring NTP • Configuring the CLI • Configuring SNMP services SmartSwitch Router User Reference Manual Chapter 1: SSR Product Overview show system show active-config system set show-config alphabetical diff <filename>|startup...

  • Page 44: Setting The Ssr Name

    Instruct SSR’s NTP server to periodically synchronize clock system set name <year> system set date year <day> <hour> hour <host> ntp set server <ipaddr> [source SmartSwitch Router User Reference Manual <system-name> <month> month <min> <sec> second <minutes> [interval <num> ] [version...

  • Page 45: Configuring The Ssr Cli

    The SSR allows you to configure up to three Domain Name Service (DNS) servers. To configure the DNS, enter the following command in Configure mode: Configure DNS. SmartSwitch Router User Reference Manual cli set terminal rows <num> snmp set community...

  • Page 46: Connecting Between The Ssr And Other Systems

    <hostname-or-IPaddr> packets <num> size <num> wait ping <num> [flood] [dontroute] <hostname-or-IPaddr> [socket <socket-number>] telnet system show users system kill telnet-session < system set syslog [server <hostname-or- IPaddr>][level <level-type>][facility <facility- type>][source <source-IPaddr>][buffer-size <size>] describes ACL logging. SmartSwitch Router User Reference Manual session-id > Chapter...

  • Page 47: Monitoring Configuration

    Show the IP addresses and domain names for DNS servers. Show environmental information, such as temperature and power supply status. Show SSR hardware information. SmartSwitch Router User Reference Manual Task cli show history cli show terminal snmp show access snmp show all...
  • Page 48 SmartSwitch Router User Reference Manual Command...

  • Page 49: Chapter 2: Hot Swapping Line Cards And Control Modules

    The procedure for hot swapping a line card consists of deactivating the line card, removing it from its slot in the SSR chassis, and installing a new line card in the slot. SmartSwitch Router User Reference Manual Chapter 2 Hot Swapping...

  • Page 50: Deactivating The Line Card

    7 Removing the Line Card To remove a line card from the SSR: Make sure the Offline LED on the line card is lit. Tx Link Offline SmartSwitch Router User Reference Manual Figure 1 shows the 1000BASE-SX Tx Link Swap...

  • Page 51: Installing A New Line Card

    Hot Swapping a Secondary Control Module If you have a secondary control module installed on the SSR, you can hot swap it with another Control Module or line card. SmartSwitch Router User Reference Manual Chapter 2: Hot Swapping Line Cards and Control Modules...

  • Page 52: Deactivating The Control Module

    Loosen the captive screws on each side of the Control Module. Carefully remove the Control Module from its slot in the SSR chassis. Figure 2 shows the location of the Offline LED and CONTROL MODULE ERR DIAG Hot Swap Button SmartSwitch Router User Reference Manual Offline LED Online Offline Swap...

  • Page 53: Installing The Control Module

    You cannot deactivate the Switching Fabric Module with the system hotswap command. To deactivate the Switching Fabric Module: Press the Hot Swap button on the Switching Fabric Module you want to deactivate. SmartSwitch Router User Reference Manual Chapter 2: Hot Swapping Line Cards and Control Modules...
  • Page 54 Check both the upper and lower tracks. Tighten the captive screws on each side of the Switching Fabric Module to secure it to the chassis. Figure 3 shows the location of the Module SmartSwitch Router User Reference Manual Switching Fabric...

  • Page 55: Chapter 3: Bridging Configuration Guide

    Bridging Overview The SmartSwitch Router provides the following bridging functions: • Compliance with the IEEE 802.1d standard • Compliance with the IGMP multicast bridging standard • Wire-speed address-based bridging or flow-based bridging • Ability to logically segment a transparently bridged network into virtual local-area...

  • Page 56: Bridging Modes (Flow-Based And Address-Based)

    The type of VLAN depends upon one criterion: how a received frame is classified as belonging to a particular VLAN. VLANs can be categorized into the following types: • Port based • MAC address based • Protocol based • Subnet based SmartSwitch Router User Reference Manual...

  • Page 57: Port-Based Vlans

    To do this, the switch must look into the network layer header of the incoming frame. This type of VLAN behaves similar to a router by segregating different subnets into different broadcast domains. SmartSwitch Router User Reference Manual Chapter 3: Bridging Configuration Guide...

  • Page 58: Multicast-Based Vlans

    The SSR can also be used purely as a router, i.e., each physical port of the SSR is a separate routing interface. Packets received at any interface are routed and not bridged. In this case, no VLAN configuration is required. Note that VLANs are still created implicitly by SmartSwitch Router User Reference Manual...

  • Page 59: Ports, Vlans, And L3 Interfaces

    Untagged frames are classified as belonging to a particular VLAN based on the protocol of the frame and the VLAN configured on the receiving port for that protocol. SmartSwitch Router User Reference Manual Chapter 3: Bridging Configuration Guide...

  • Page 60: Explicit And Implicit Vlans

    For example, the following illustration shows an SSR with traffic being sent from port A to port B, port B to port A, port B to port C, and port A to port C. SmartSwitch Router User Reference Manual...

  • Page 61: Configuring Spanning Tree

    Configuring Spanning Tree Note: Some commands in this facility require updated SSR hardware. Please refer to the Release Notes for details. SmartSwitch Router User Reference Manual Chapter 3: Bridging Configuration Guide Flow-Based Bridge Table port flow-bridging <line-number of active config containing command>...

  • Page 62: Adjusting Spanning-Tree Parameters

    The lower the bridge's priority, the more likely the bridge will be selected as the root bridge. This priority is determined by default; however, you can change it. pvst create spanningtree vlan-name <string> <port-list> stp enable port <port-list> pvst enable port <string> SmartSwitch Router User Reference Manual spanning-tree...

  • Page 63: Setting A Port Priority

    You can adjust BPDU intervals as described in the following sections: • Adjust the Interval between Hello BPDUs • Define the Forward Delay Interval SmartSwitch Router User Reference Manual Chapter 3: Bridging Configuration Guide stp set bridging priority pvst set bridging spanning-tree <num>...

  • Page 64: Adjusting The Interval Between Hello Times

    <num> hello-time stp set bridging forward-delay pvst set bridging spanning-tree <num> forward-delay stp set bridging max-age pvst set bridging spanning-tree <string> <num> max-age SmartSwitch Router User Reference Manual <num> <string> <num> <string> <num>...

  • Page 65: Configuring A Port Or Protocol Based Vlan

    SNA and IP traffic. Note: Some commands in this facility require updated SSR hardware. Please refer to the Release Notes for details. SmartSwitch Router User Reference Manual Chapter 3: Bridging Configuration Guide <vlan-name> <type> vlan create <port-list>...

  • Page 66: Configuring Layer-2 Filters

    Show l2 table information on a specific port. Show information the master MAC table. Show information on a specific MAC address. ip show routes l2-tables show all-macs l2-tables show port-macs l2-tables show mac-table-stats l2-tables show mac SmartSwitch Router User Reference Manual...

  • Page 67: Configuration Examples

    First, create a VLAN named ‘RED’ ssr(config)# vlan create RED sna dec appletalk id 5 Next, assign ports to the ‘RED’ VLAN. ssr(config)# vlan add ports et.1.1 , SmartSwitch Router User Reference Manual Chapter 3: Bridging Configuration Guide l2-table show bridge-management vlan show...
  • Page 68 Chapter 3: Bridging Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 69: Chapter 4: Smarttrunk Configuration Guide

    Overview This chapter explains how to configure and monitor SmartTRUNKs on the SSR. A SmartTRUNK is Cabletron Systems’ technology for load balancing and load sharing. For a description of the SmartTRUNK commands, see the “smarttrunk commands” section of the SSR Command Line Interface Manual.

  • Page 70: Configuring Smarttrunks

    • If you are connecting the SmartTRUNK to another SSR, other Cabletron devices (such as the SmartSwitch 6000 or SmartSwitch 9000), or Digital GIGAswitch/Router, specify the DEC Hunt Group control protocol. The Hunt Group protocol is useful in detecting errors like transmit/receive failures, misconfiguration, etc.

  • Page 71: Specify Traffic Distribution Policy (Optional)

    To clear statistics for SmartTRUNK ports, enter the following command in Enable mode:. Clear load distribution statistics for SmartTRUNK ports. SmartSwitch Router User Reference Manual Chapter 4: SmartTRUNK Configuration Guide smarttrunk add ports <smartrunk> smarttrunk set load-policy on list>...

  • Page 72: Example Configurations

    1 The following is the configuration for the Cisco Catalyst 5K switch: set port channel 3/1-2 on st.2 Router 11.1.1.2/24 to-s1 12.1.1.2/24 to-s2 st.3 Switch st.5 Cisco Catalyst 5K Switch SmartSwitch Router User Reference Manual st.4 Switch Server...
  • Page 73 The following is the SmartTRUNK configuration for the SSR labeled ‘S2’ in the diagram: smarttrunk create st.3 protocol huntgroup smarttrunk create st.5 protocol no-protocol smarttrunk add ports et.1(1-2) to st.3 smarttrunk add ports et.2(1-2) to st.5 SmartSwitch Router User Reference Manual Chapter 4: SmartTRUNK Configuration Guide...
  • Page 74 Chapter 4: SmartTRUNK Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 75: Chapter 5: Dhcp Configuration Guide

    IP address assignment or reassignment. A standalone DHCP server with a redundant backup server may be more suitable for this enterprise environment. SmartSwitch Router User Reference Manual Chapter 5 Configuration...

  • Page 76: Configuring Dhcp

    Broadcast address Client boot file name DNS domain name IP address of DNS server IP address of default gateway Amount of time the assigned IP address is valid for the system SmartSwitch Router User Reference Manual <ip-range>...

  • Page 77: Configuring A Static Ip Address

    “superscope.” To attach a scope to a superscope, enter the following command in Configure mode: Attach a scope to a superscope. SmartSwitch Router User Reference Manual Chapter 5: DHCP Configuration Guide Value IP address of NetBIOS Name Server (WINS server)

  • Page 78: Configuring Dhcp Server Parameters

    To display the number of allocated bindings for the DHCP server and the maximum number allowed:: Show the number of allocated bindings for the DHCP server. dhcp global set lease-database dhcp global set commit-interval dhcp flush dhcp show binding [active|expired|static] dhcp show num-clients SmartSwitch Router User Reference Manual <url> <hours>...

  • Page 79: Dhcp Configuration Examples

    10.1.7.5 mac-address 08:00:20:11:22:33 Define another static IP address for 10.1.7.7. and give it a specific gateway address of 10.1.1.2. dhcp scope1 define static-ip 10.1.7.7 mac-address 08:00:20:aa:bb:cc:dd gateway 10.1.1.2 SmartSwitch Router User Reference Manual Chapter 5: DHCP Configuration Guide...

  • Page 80: Configuring Secondary Subnets

    10.2.0.0/16 gateway 10.2.1.1 dns-domain acme.com dns-server 10.1.77.88 Define the address pool for ‘scope2’. dhcp scope2 define pool 10.2.1.40-10.2.1.50 Create a superscope ‘super1’ that includes ‘scope1’. dhcp scope1 attach superscope super1 SmartSwitch Router User Reference Manual...

  • Page 81: Secondary Subnets And Directly-Connected Clients

    Define the address pool for ‘scope1’. dhcp scope1 define pool 10.1.1.10-10.1.1.20 Define the network parameters for ‘scope2’ with the default gateway 10.2.1.1. dhcp scope2 define parameters address-netmask 10.2.0.0/16 gateway 10.2.1.1 dns-domain acme.com dns-server 10.1.77.88 SmartSwitch Router User Reference Manual Chapter 5: DHCP Configuration Guide...

  • Page 82: Interacting With Relay Agents

    DHCP server how to send packets to the client on the 10.5.x.x subnet. ip add route 10.5.0.0/16 gateway 10.1.7.10 Define the network parameters for ‘scope1’ with the default gateway 10.5.1.1 (the relay agent for the client). dhcp scope1 define parameters address-netmask 10.5.0.0/16 gateway 10.5.1.1 dns-domain acme.com SmartSwitch Router User Reference Manual...
  • Page 83 Chapter 5: DHCP Configuration Guide Define the address pool for ‘scope1’. dhcp scope1 define pool 10.5.1.10-10.5.1.20 SmartSwitch Router User Reference Manual...
  • Page 84 Chapter 5: DHCP Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 85: Chapter 6: Ip Routing Configuration Guide

    TCP and UDP also specify “ports,” which identify the application which is using TCP/UDP. For example, a web server would typically use TCP/UDP port 80, which specifies HTTP-type traffic. SmartSwitch Router User Reference Manual Chapter 6 IP Routing Configuration...

  • Page 86: Ip Routing Protocols

    Distance Vector Multicast Routing Protocol (DVMRP) RFC 1075 • Internet Group Management Protocol (IGMP) as described in RFC 2236 The SSR also supports the latest DVMRP Version 3.0 draft specification, which includes mtrace, Generation ID and Pruning/Grafting. SmartSwitch Router User Reference Manual...

  • Page 87: Configuring Ip Interfaces And Parameters

    Configure a secondary address to an existing VLAN. Specifying Ethernet Encapsulation Method The SmartSwitch Router supports two encapsulation types for IP. You can configure encapsulation type on a per-interface basis. • Ethernet II: The standard ARPA Ethernet Version 2.0 encapsulation, which uses a 16-...

  • Page 88: Configuring Address Resolution Protocol (Arp)

    Disable Proxy ARP on an interface. <InterfaceName> interface create ip encapsulation ethernet_II <InterfaceName> interface create ip encapsulation ethernet_snap <host> arp add mac-addr <port> exit-port <host> arp clear ip disable-proxy-arp interface SmartSwitch Router User Reference Manual output-mac- output-mac- <MAC-addr> <InterfaceName> |all...

  • Page 89: Configuring Reverse Address Resolution Protocol (Rarp)

    Then place the text file on a TFTP server that the SSR can access and enter the following command in Enable mode: ssr# copy tftp-server to ethers <IPaddr-of-TFTP-server> TFTP server? Source filename? SmartSwitch Router User Reference Manual Chapter 6: IP Routing Configuration Guide rarpd set interface rarpd add hardware-address <IPaddr> ip-address <filename>...

  • Page 90: Monitoring Rarp

    <hostname-or-IPaddr> ping packets <num> wait [flood] [dontroute] <host> <num> traceroute [max-ttl <num> <secs> [size ] [source <secs> [wait-time ] [verbose] [noroute] SmartSwitch Router User Reference Manual <InterfaceName> |all <IPaddr> <name> <num> <num> size <num> ] [probes <num> ] [tos...

  • Page 91: Configuring Ip Helper

    You can disable this feature, causing directed broadcast SmartSwitch Router User Reference Manual Chapter 6: IP Routing Configuration Guide ip helper-address interface <helper-address>|...

  • Page 92: Monitoring Ip Parameters

    When router advertisements are sent to the all-hosts multicast ip dos disable directed-broadcast-protection ip dos disable port-attack-protection arp show all interface show ip ip show connections [no-lookup] <interface-name> ip show interfaces [ ip show routes ip show routes show-arps system show dns SmartSwitch Router User Reference Manual...

  • Page 93: Configuration Examples

    To enable routing on the SSR, you must assign an IP or IPX interface to a VLAN. To assign an IP or IPX interface named ‘RED’ to the ‘BLUE’ VLAN, enter the following command: ssr(config)# interface create ip RED address-netmask 10.50.0.1/255.255.0.0 vlan BLUE SmartSwitch Router User Reference Manual Chapter 6: IP Routing Configuration Guide rdisc start rdisc stop <hostname-or-ipaddr>...
  • Page 94 You can also assign an IP or IPX interface directly to a physical port. For example, to assign an IP interface ‘RED’ to physical port et.3.4, perform the following: ssr(config)# interface create ip RED address-netmask 10.50.0.0/255.255.0.0 port et.3.4 SmartSwitch Router User Reference Manual...

  • Page 95: Chapter 7: Vrrp Configuration Guide

    This section presents three sample VRRP configurations: • A basic VRRP configuration with one virtual router • A symmetrical VRRP configuration with two virtual routers • A multi-backup VRRP configuration with three virtual routers SmartSwitch Router User Reference Manual Chapter 7 Configuration VRRP Guide...

  • Page 96: Basic Vrrp Configuration

    Default Route = 10.0.0.1/16 Figure 4. Basic VRRP Configuration on interface test. Line 3 associates IP address VRID=1 . Line 4 starts VRRP on interface test. VRID=1 SmartSwitch Router User Reference Manual VRID=1 Backup Interface Addr. = 10.0.0.2/16 VRID=1; Addr. = 10.0.0.1/16 VRID=1...

  • Page 97: Configuration For Router R2

    This configuration allows you to load-balance traffic coming from the hosts on the 10.0.0.0/16 subnet and provides a redundant path to either virtual router. Note: This is the recommended configuration on a network using VRRP. SmartSwitch Router User Reference Manual Chapter 7: VRRP Configuration Guide because it owns VRID=1...

  • Page 98: Configuration Of Router R1

    Figure 5. Symmetrical VRRP Configuration VRID=2 , goes down, Router R2 would take over VRID=1 , so Router R1 is the Master for virtual router SmartSwitch Router User Reference Manual Master for VRID=2 Backup for VRID=1 Interface Addr. = 10.0.0.2/16 VRID=1; Addr. = 10.0.0.1/16 VRID=2;...

  • Page 99: Configuration Of Router R2

    In a VRRP configuration where more than one router is backing up a Master, you can specify which Backup router takes over when the Master goes down by setting the priority for the Backup routers. SmartSwitch Router User Reference Manual Chapter 7: VRRP Configuration Guide Figure...
  • Page 100 Figure 6. Multi-Backup VRRP Configuration . If Router R2 or R3 were to go down, VRID=2 VRID=3 , the primary backup for virtual router VRID=2 SmartSwitch Router User Reference Manual Master for VRID=3 2nd Backup for VRID=1 2nd Backup for VRID=2 VRID=3 10.0.0.3/16 Default Route = 10.0.0.3/16...

  • Page 101: Configuration Of Router R1

    Router R1 will take over as Master for virtual routers VRID=2 VRID=3 SmartSwitch Router User Reference Manual is the same as the interface’s IP address VRID=1 VRID=1 at 200. If no other routers in the VRRP...

  • Page 102: Configuration Of Router R2

    VRID=1 , Router R2 is the VRID=1 is set to 100. Since Router R1’s VRID=3 VRID=3 Default Priority Configured Priority 200 (see line 8) 255 (address owner) 255 (address owner) 100 (see line 9) SmartSwitch Router User Reference Manual VRID=1...

  • Page 103: Configuration Of Router R3

    They are included for illustration purposes only. Additional Configuration This section covers settings you can modify in a VRRP configuration, including backup priority, advertisement interval, pre-empt mode, and authentication key. SmartSwitch Router User Reference Manual Chapter 7: VRRP Configuration Guide Figure , Router R3 is the...

  • Page 104: Setting The Backup Priority

    99, you can specify which Backup <vrid> ip-redundancy set vrrp <interface> <number> priority <vrid> ip-redundancy set vrrp <interface> adv-interval <vrid> ip-redundancy set vrrp <interface> preempt-mode disabled SmartSwitch Router User Reference Manual interface interface <seconds> interface...

  • Page 105: Setting An Authentication Key

    Backup to Master. (Enabled by default.) Display a message when a VRRP packet error is detected. (Enabled by default.) Enable all VRRP tracing. SmartSwitch Router User Reference Manual Chapter 7: VRRP Configuration Guide <vrid> ip-redundancy set vrrp <interface> auth-type text auth-key...

  • Page 106: Ip-Redundancy Show

    If a Master router is manually rebooted, or if its interface is manually brought down, it will send a special keep-alive advertisement that lets the Backup routers know that a new Master is needed immediately. ip-redundancy show vrrp ip-redundancy show vrrp interface <vrid> ip-redundancy show vrrp <interface> verbose SmartSwitch Router User Reference Manual <interface> interface...
  • Page 107 SNMP requests directed at the virtual router's IP address. Not responding allows network management to notice that the original Master router (i.e., the IP address owner) is down. SmartSwitch Router User Reference Manual Chapter 7: VRRP Configuration Guide...
  • Page 108 Chapter 7: VRRP Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 109: Chapter 8: Rip Configuration Guide

    RIP uses a hop count metric to measure the distance to a destination. The SmartSwitch Router provides support for RIP Version 1 and 2. The SSR implements plain text and MD5 authentication methods for RIP Version 2.

  • Page 110: Enabling And Disabling Rip

    Whether RIP packets should be broadcast Preference for RIP routes Metric for incoming routes Metric for outgoing routes rip start rip stop <interfacename-or-IPaddr> rip add interface <interfacename-or-IPaddr> rip add trusted-gateway <interfacename-or-IPaddr> rip add source-gateway Default Value RIP v1 Enabled Choose SmartSwitch Router User Reference Manual...
  • Page 111 Specify broadcast of RIP packets regardless of number of interfaces present. Check that reserved fields in incoming RIP V1 packets are zero. SmartSwitch Router User Reference Manual Chapter 8: RIP Configuration Guide Default Value None 30 seconds <interfacename-or-IPaddr> rip set interface version 1 <interfacename-or-IPaddr>...

  • Page 112: Configuring Rip Route Preference

    Show RIP global information. Show RIP import policies. rip set check-zero-metric disable|enable rip set poison-reverse disable|enable rip set preference rip set default-metric rip show all rip show export-policy rip show globals rip show import-policy SmartSwitch Router User Reference Manual <num> <num>...

  • Page 113: Configuration Example

    ! Set authentication method to md5 rip set interface SSR1-if1 authentication-method md5 Change default metric-in rip set interface SSR1-if1 metric-in 2 SmartSwitch Router User Reference Manual rip show interface rip show interface-policy rip trace packets detail rip trace packets receive...
  • Page 114 Chapter 8: RIP Configuration Guide ! Change default metric-out rip set interface SSR1-if1 metric-out 3 SmartSwitch Router User Reference Manual...

  • Page 115: Chapter 9: Ospf Configuration Guide

    OSPF. OSPF routes can be redistributed into RIP or BGP. • Interface Parameters: Parameters that can be configured include interface output cost, retransmission interval, interface transmit delay, router priority, router dead and hello intervals, and authentication key. SmartSwitch Router User Reference Manual Chapter 9 Configuration OSPF Guide...

  • Page 116: Ospf Multipath

    Create virtual links, if necessary. Enabling OSPF OSPF is disabled by default on the SSR. To enable or disable OSPF, enter one of the following commands in Configure mode. Enable OSPF. Disable OSPF. ospf start ospf stop SmartSwitch Router User Reference Manual...

  • Page 117: Configuring Ospf Interface Parameters

    OSPF interface. Configure the retransmission interval between link state advertisements for adjacencies belonging to an OSPF interface. SmartSwitch Router User Reference Manual Chapter 9: OSPF Configuration Guide Default Value Enable (except for virtual links) Default is using multicast mechanism.

  • Page 118: Configuring An Ospf Area

    <num> poll-interval <name-or-IPaddr> ospf set interface <num-or-string> key-chain <name-or-IPaddr> ospf set interface authentication-method none|simple|md5 <area-num> ospf create area <name-or-IPaddr> ospf add interface <area-addr> [to-area |backbone] [type broadcast|non-broadcast] SmartSwitch Router User Reference Manual |all |all |all |all |all |all |backbone...

  • Page 119: Configuring Ospf Area Parameters

    To create a redundant backbone connection via another area Each Area Border Router must be configured with the same virtual link. Note that virtual links cannot be configured through a stub area. SmartSwitch Router User Reference Manual Chapter 9: OSPF Configuration Guide ospf add stub-host [to-area addr>...

  • Page 120: Configuring Autonomous System External (Ase) Link Advertisements

    <num> [priority ] [hello-interval [router-dead-interval ospf set export-interval ospf set export-limit ospf set ase-defaults [preference <num> [cost [inherit-metric] ospf add nbma-neighbor to-interface SmartSwitch Router User Reference Manual <IPaddr> [neighbor <num> <num> ] [transit-delay <num> <num> <num> ] [poll-interval <num> <num>...

  • Page 121: Monitoring Ospf

    Shows routes redistributed into OSPF. Show all OSPF global parameters. Show information about OSPF import policies. SmartSwitch Router User Reference Manual Chapter 9: OSPF Configuration Guide ip show table routing ospf monitor errors destination <hostname-or-IPaddr> ospf monitor interfaces destination <hostname-or-IPaddr>...

  • Page 122: Ospf Configuration Examples

    120.190.1.1/16 port et.1.2 address-netmask 130.1.1.1/16 port et.1.3 140.1.1.1/24 port et.1.4 140.1.2.1/24 port et.1.5 address-netmask 140.1.3.1/24 port et.1.6 SmartSwitch Router User Reference Manual Figure 7 on page 126.

  • Page 123: Exporting All Interface & Static Routes To Ospf

    100 with them. Router R1 would also like to redistribute its static routes as type 2 OSPF routes. The interface routes would redistributed as type 1 OSPF routes. SmartSwitch Router User Reference Manual Chapter 9: OSPF Configuration Guide Figure 7 on page...
  • Page 124 Create the Export-Policy for redistributing all interface, RIP and static routes into OSPF. ip-router policy export destination ospfExpDstType1 source directExpSrc network all ip-router policy export destination ospfExpDstType2 source statExpSrc network all ip-router policy export destination ospfExpDstType2t100 source ripExpSrc network all SmartSwitch Router User Reference Manual...
  • Page 125 SmartSwitch Router User Reference Manual Chapter 9: OSPF Configuration Guide...
  • Page 126 Chapter 9: OSPF Configuration Guide (RIP V2) SmartSwitch Router User Reference Manual...

  • Page 127: Chapter 10: Bgp Configuration Guide

    AS topologies. BGP also provides the ability to create and enforce policies at the AS level, such as selectively determining which AS routes are to be accepted or what routes are to be advertised to BGP peers. SmartSwitch Router User Reference Manual Chapter 10 BGP Configuration...

  • Page 128: The Ssr Bgp Implementation

    Setting the autonomous system number • Setting the router ID • Creating a BGP peer group • Adding and removing a BGP peer host • Starting BGP • Using AS path regular expressions • Using AS path prepend SmartSwitch Router User Reference Manual...

  • Page 129: Setting The Autonomous System Number

    A BGP peer group is a group of neighbor routers that have the same update policies. To configure a BGP peer group, enter the following command in Configure mode: Configure a BGP peer group. SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide ip-router global set autonomous-system <num1>...
  • Page 130 <name-or-IPaddr> | all Interfaces whose routes are carried via the IGP for which third-party next hops may be used instead. Use only for type Routing group. Specify the interface or all for all interfaces. SmartSwitch Router User Reference Manual...

  • Page 131: Adding And Removing A Bgp Peer

    Is any valid autonomous system number, from one through 65534 inclusive. . (dot) Matches any autonomous system number. SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide bgp add peer-host <ipaddr> group <number-or-string> bgp add network <ip-addr-mask>|all group <number- or-string>...
  • Page 132 (. * 1104|1125|1888|1135 .*) Means anything containing 1104 or 1125 or 1888 or 1135. AS-path regular expressions are used as one of the parameters for determining which routes are accepted and which routes are advertised. SmartSwitch Router User Reference Manual...

  • Page 133: As-Path Regular Expression Examples

    On the SSR, the number of instances of an AS that are put in the route advertisement is controlled by the as-count option of the bgp set peer-host command. SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide...

  • Page 134: Notes On Using The As Path Prepend Feature

    This section presents sample configurations illustrating BGP features. The following features are demonstrated: • BGP peering • Internal BGP (IBGP) • External BGP (EBGP) multihop • BGP community attribute • BGP local preference (local_pref) attribute SmartSwitch Router User Reference Manual...

  • Page 135: Bgp Peering Session Example

    BGP “keepalive” messages are sent between peers periodically to ensure that the peers stay connected. If one of the routers encounters a fatal error condition, a BGP notification message is sent to its BGP peer, and the TCP connection is closed. SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide...
  • Page 136 2 # Add peer host 10.0.0.2 to group pg1w2 bgp add peer-host 10.0.0.2 group pg1w2 bgp start Legend: Figure 8. Sample BGP Peering Session SmartSwitch Router User Reference Manual AS-2 SSR2 10.0.0.2/16 Physical Link Peering Relationship...

  • Page 137: Ibgp Configuration Example

    IBGP requires a full-mesh configuration; all EBGP speaking routers must have an IBGP peering session with every other EBGP speaking router in the AS. SmartSwitch Router User Reference Manual group type external peeras 2 peer 10.0.0.2 group type external peeras 1 peer 10.0.0.1...

  • Page 138: Ibgp Routing Group Example

    Note that for running IBGP using group-type Routing you must run an IGP such as OSPF to resolve the next hops that come with external routes. You could also use protocol any so that all protocols are eligible to resolve the BGP forwarding address. SmartSwitch Router User Reference Manual...
  • Page 139 BGP configuration that uses the Routing group type. AS-64801 10.12.1.1/30 10.12.1.6/30 Cisco lo0 172.23.1.25/30 OSPF 10.12.1.5/30 10.12.1.2/30 SSR4 SSR1 IBGP 172.23.1.10/30 172.23.1.5/30 lo0 172.23.1.26/30 SSR6 172.23.1.6/30 172.23.1.9/30 Figure 9. Sample IBGP Configuration (Routing Group Type) SmartSwitch Router User Reference Manual...
  • Page 140 172.23.1.25 group ibgp1 # Set our local address. This line is necessary because we want CISCO to # peer with our loopback bgp set peer-group ibgp1 local-address 172.23.1.26 # Start BGP bgp start SmartSwitch Router User Reference Manual...

  • Page 141: Ibgp Internal Group Example

    The IBGP Internal group expects all peers to be directly attached to a shared subnet so that, like external peers, the next hops received in BGP advertisements may be used directly for forwarding. All Internal group peers should be L2 adjacent. SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide...
  • Page 142 1 bgp add peer-host 16.122.128.2 group int-ibgp-1 bgp add peer-host 16.122.128.8 group int-ibgp-1 bgp add peer-host 16.122.128.9 group int-ibgp-1 16.122.128.9/24 16.122.128.1/24 SSR2 17.122.128.2/24 Legend: Physical Link Peering Relationship SmartSwitch Router User Reference Manual...
  • Page 143 The gated.conf file for router SSR2 is as follows: autonomoussystem 1 ; routerid 16.122.128.2 ; bgp yes { traceoptions aspath detail packets detail open detail update ; group type internal peeras 1 SmartSwitch Router User Reference Manual peer 16.122.128.2 peer 16.122.128.8 peer 16.122.128.9 peer 16.122.128.1 peer 16.122.128.8 peer 16.122.128.9...

  • Page 144: Ebgp Multihop Configuration Example

    Such neighbors are logically, but not physically connected. For example, BGP can be run between external neighbors across non-BGP routers. Some additional configuration is required to indicate that the external peers are not physically attached. SmartSwitch Router User Reference Manual...
  • Page 145 ! Specify the gateway option , ! gateway option to the address of the router that has a route to the ! peer. bgp set peer-host 18.122.128.2 gateway 16.122.128.3 group ebgp_multihop SmartSwitch Router User Reference Manual 16.122.128.3/16 SSR2 Physical Link Peering Relationship which indicates EBGP multihop.
  • Page 146 The CLI configuration for router SSR3 is as follows: interface create ip to-R2 address-netmask 17.122.128.4/16 port et.4.2 interface create ip to-R4 address-netmask 18.122.128.4/16 port et.4.4 ip add route 16.122.0.0/16 gateway 17.122.128.3 peer 18.122.128.2 gateway 16.122.128.3 gateway 16.122.128.3 gateway 17.122.128.4 SmartSwitch Router User Reference Manual...

  • Page 147: Community Attribute Example

    Figure 11 shows a BGP configuration where the specific community attribute is used. Figure 12 shows a BGP configuration where the well-known community attribute is used. SmartSwitch Router User Reference Manual gateway 17.122.128.3 which indicates EBGP multihop. Set the peer 18.122.128.2 gateway 16.122.128.3...
  • Page 148 Chapter 10: BGP Configuration Guide AS-64901 ISP1 AS-64900 100.200.12.1/24 100.200.13.1/24 Figure 11. Sample BGP Configuration (Specific Community) AS-64902 172.25.1.1/16 172.25.1.2/16 192.168.20.2/16 AS-64899 192.168.20.1/16 192.169.20.1/16 192.169.20.2/16 SmartSwitch Router User Reference Manual ISP2 172.26.1.2/16 172.26.1.1/16 10.200.14.1/24 10.200.15.1/24 Legend: Physical Link Peering Relationship Information Flow...
  • Page 149 For this reason, it is generally desirable to order import clauses from most to least specific. An import clause without an optional- attributes-list option will match any update with any (or no) communities. SmartSwitch Router User Reference Manual AS-64902 SSR11 172.25.1.1/16...
  • Page 150 901color1 network all preference 160 ip-router policy import source 901color2 network all preference 155 ip-router policy import source 901color3 network all preference 160 ip-router policy import source 901color4 network all preference 155 SmartSwitch Router User Reference Manual...
  • Page 151 BGP community attribute. Any communities specified with the optional-attributes-list option are sent in addition to any received in the route or specified with the group. SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide...
  • Page 152 899to900dest source 899toanydir network all ip-router policy export destination 899to902dest source 899toanydir network all Any communities specified with the optional-attributes-list option are sent in addition to any received with the route or associated with a BGP export destination. SmartSwitch Router User Reference Manual...
  • Page 153 This is not actually a community, but rather a keyword that specifies that a received BGP update is only to be matched if no communities are present. It has no effect when originating communities. SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide Figure 12...

  • Page 154: Notes On Using Communities

    Local_Pref values that are greater than 254. When operating a mixed network of this type, you should make sure that all routers are restricted to sending Local_Pref values in the range metric to 254. SmartSwitch Router User Reference Manual...
  • Page 155 SSR13 and router SSR11. This is accomplished by setting the Local_Pref attribute. 10.200.12.1/24 SSR10 SSR12 Figure 13. Sample BGP Configuration (Local_Pref Attribute) SmartSwitch Router User Reference Manual Figure 13, all the traffic exits Autonomous System 64901 through 10.200.13.1/24 10.200.14.1/24 192.169.20.1/16 192.169.20.2/16...

  • Page 156: Notes On Using The Local_Pref Attribute

    BGP speakers in neighboring autonomous systems. Figure 14 shows a sample BGP configuration where the MED attribute has been used. Figure 13, routers SSR12, SSR13, and SSR14 have the following line in SmartSwitch Router User Reference Manual...
  • Page 157 20 Router SSR6 has the following CLI configuration: bgp create peer-group pg752to751 type external autonomous-system 64751 bgp add peer-host 10.200.12.15 group pg752to751 bgp set peer-group pg752to751 metric-out 10 SmartSwitch Router User Reference Manual 10.200.12.4/24 10.200.12.6/24 10.200.12.0/24 10.200.12.15/24...

  • Page 158: Ebgp Aggregation Example

    212.19.192.0/19 ip-router policy redistribute from-proto aggregate to-proto bgp target- as 64901 network 212.19.192.0/19 ip-router policy redistribute from-proto direct to-proto bgp target-as 64901 network all restrict 194.109.86.6 SSR8 Legend: SmartSwitch Router User Reference Manual AS-64901 194.109.86.5 SSR9 Physical Link Peering Relationship...

  • Page 159: Route Reflection Example

    All peers of the route reflector that are not part of the cluster are non-clients. The SSR supports client peers as well as non-client peers of a route reflector. SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide...
  • Page 160 The following line in router SSR10’s configuration file causes it to be a route reflector. bgp set peer-group SSR9 reflector-client AS-64902 SSR14 192.68.20.2 192.68.20.1 SSR12 172.16.30.2 IBGP Cluster Client SSR11 IBGP Non-Cluster Client SmartSwitch Router User Reference Manual 192.68.222.1 EBGP Peer SSR13 IBGP Cluster Client...
  • Page 161 ********************************************************** rtr-14# ip show routes Destination ----------- 10.50.0.0/16 127.0.0.0/8 127.0.0.1 172.16.20.0/24 172.16.30.0/24 172.16.90.0/24 192.68.11.0/24 192.68.20.0/24 192.68.222.0/24 SmartSwitch Router User Reference Manual Chapter 10: BGP Configuration Guide Gateway ------- directly connected 127.0.0.1 127.0.0.1 directly connected 172.16.20.2 172.16.20.2 directly connected 172.16.20.2 172.16.20.2...

  • Page 162: Notes On Using Route Reflection

    To accomplish this, routers SSR10 and SSR11 have the following line in their configuration files: ip-router policy redistribute from-proto bgp source-as 64901 to- proto bgp target-as 64901 • If the cluster ID is changed, all BGP sessions with reflector clients will be dropped and restarted. SmartSwitch Router User Reference Manual...

  • Page 163: Chapter 11: Routing Policy Configuration Guide

    The SSR also provides the ability to create advanced and simple routing policies. Simple routing policies provide a quick route redistribution between various routing protocols (RIP and OSPF). Advanced routing policies provide more control over route redistribution. SmartSwitch Router User Reference Manual Chapter 11 Routing Policy Configuration...

  • Page 164: Preference

    OSPF AS external routes BGP routes Defined by CLI Command ip-router global set interface ospf ip add route rip set preference ip-router global set interface down-preference aggr-gen ospf set ase-defaults preference bgp set preference SmartSwitch Router User Reference Manual Default...

  • Page 165: Import Policies

    10. If a tag is specified with the import policy, routes with the specified tag will only be imported. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...

  • Page 166: Route-Filter

    The metric, type, tag, and AS-Path are a few examples of attributes associated with the exported routes. Export-Source This component specifies the source of the exported routes. It can also specify the metric to be associated with the routes exported from this source. SmartSwitch Router User Reference Manual...

  • Page 167: Route-Filter

    The action taken when no match is found is dependent on the context. For instance, a route that does match any of the route-filters associated with the specified import or export policies is rejected. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...

  • Page 168: Aggregates And Generates

    OSPF. The routing process does not perform any aggregation unless explicitly requested. [ exact | refines | between number,number] [ exact | refines | between number,number] [ exact | refines | between number,number] SmartSwitch Router User Reference Manual...

  • Page 169: Aggregate-Destination

    Tag associated with a route. Both OSPF and RIP version 2 currently support tags. All other protocols have a tag of zero. In some cases, a combination of the associated attributes can be specified to identify the routes contributing to an aggregate. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...

  • Page 170: Route-Filter

    In addition, a sequence number is maintained to prevent the replay of older packets. This method provides a much stronger assurance that routing data originated from a router with a valid authentication key. SmartSwitch Router User Reference Manual...

  • Page 171: Authentication Keys And Key Management

    Export Policies. The general syntax of the redistribute command is as follows: ip-router policy redistribute from-proto <protocol> to-proto <protocol> [network <ipAddr- mask> [exact|refines|between <low-high>]] [metric <number>|restrict] [source-as <number>] [target-as <number>] SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...

  • Page 172: Redistributing Static Routes

    SmartSwitch Router User Reference Manual...

  • Page 173: Redistributing Rip Into Rip

    The aggregate route must first be created using the aggr-gen command. This command creates a specified aggregate route for routes that match the aggregate. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide ip-router policy redistribute from-proto rip...

  • Page 174: Simple Route Redistribution Examples

    OSPF address-netmask 120.190.1.1/16 port et.1.2 address-netmask 130.1.1.1/16 port et.1.3 140.1.1.1/24 port et.1.4 140.1.2.1/24 port et.1.5 address-netmask 160.1.1.1/16 port et.1.6 address-netmask 170.1.1.1/16 port et.1.7 SmartSwitch Router User Reference Manual Figure 17 on...

  • Page 175: Exporting All Static Routes Except The Default Route To All Rip Interfaces

    For all examples given in this section, refer to the configurations shown in page 187. The following configuration commands for router R1: • Determine the IP address for each interface SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide multicast). version 2 type multicast and set Figure 18 on...

  • Page 176: Exporting All Interface & Static Routes To Ospf

    Exporting All RIP, Interface & Static Routes to OSPF Note: Also export interface, static, RIP, OSPF, and OSPF-ASE routes into RIP. address-netmask 120.190.1.1/16 port address-netmask 130.1.1.1/16 port et.1.3 140.1.1.1/24 port et.1.4 140.1.2.1/24 port et.1.5 address-netmask 140.1.3.1/24 port et.1.6 SmartSwitch Router User Reference Manual...

  • Page 177: Configuring Advanced Routing Policies

    Export Sources - This component specifies the source of the exported routes. It can also specify the metric to be associated with the routes exported from this source. The SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...
  • Page 178 If there is more than one route-filter for any export-destination and export-source combination, then the ip-router policy export destination <exp-dest-id> source <exp-src-id> command should be repeated for each <filter-id>. ip-router policy export destination <exp-src-id> [source [filter <ipAddr-mask> [exact|refines|between <number> [metric |restrict]]]] SmartSwitch Router User Reference Manual <exp-dest-id> <filter-id> |[network <low-high>...

  • Page 179: Creating An Export Destination

    After you create one or more building blocks, they are tied together by the ip-router policy import command. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide ip-router policy create rip-export- <name>...

  • Page 180: Creating An Import Source

    Aggregate-routes can be constructed from one or more of the following building blocks: ip-router policy import source <filter-id> [filter |[network [exact|refines|between <number> [preference ip-router policy create rip-import-source ip-router policy create ospf-import-source ip-router policy create filter <IP-address/mask> SmartSwitch Router User Reference Manual <imp-src-id> <ipAddr-mask> <low-high> |restrict]]] <name> <name> <name-id> network...
  • Page 181 <aggr-dest-id> source <aggr- src-id> command should be repeated for each <filter-id>. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide ip-router policy aggr-gen destination [source <aggr-src-id>...

  • Page 182: Creating An Aggregate Destination

    That is left to the protocol metrics. For all examples in this section, refer to the configuration shown in ip-router policy create aggr-gen-dest <ipAddr-mask> network ip-router policy create aggr-gen-source <protocol-name> protocol SmartSwitch Router User Reference Manual <name> <name> Figure 17 on page 183.
  • Page 183 The following configuration commands for router R1 • Determine the IP address for each interface. • Specify the static routes configured on the router. • Determine its RIP configuration. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide RIP V2...

  • Page 184: Importing A Selected Subset Of Routes From One Rip Trusted Gateway

    10.51.0.0/16 route from its peer R41. address-netmask 120.190.1.1/16 port et.1.2 address-netmask 130.1.1.1/16 port et.1.3 140.1.1.1/24 port et.1.4 140.1.2.1/24 port et.1.5 address-netmask 160.1.1.1/16 port et.1.6 address-netmask 170.1.1.1/16 port et.1.7 multicast). version 2 type multicast SmartSwitch Router User Reference Manual and set...

  • Page 185: Importing A Selected Subset Of Routes From All Rip Peers Accessible Over A Certain Interface

    SSR routing table with a preference of 10. If a tag is specified, the import clause will only apply to routes with the specified tag. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...
  • Page 186 That is done by the OSPF costs. Routes that are rejected by policy are stored in the table with a negative preference. For all examples in this section, refer to the configuration shown in Figure 18 on page SmartSwitch Router User Reference Manual 187.
  • Page 187 Chapter 11: Routing Policy Configuration Guide (RIP V2) SmartSwitch Router User Reference Manual...

  • Page 188: Importing A Selected Subset Of Ospf-Ase Routes

    ASE route. ip-router policy import source ospfImpSrct100 network all ip-router policy import source ospfImpSrct100 network default restrict address-netmask 120.190.1.1/16 port et.1.2 address-netmask 130.1.1.1/16 port et.1.3 140.1.1.1/24 port et.1.4 140.1.2.1/24 port et.1.5 address-netmask 140.1.3.1/24 port et.1.6 SmartSwitch Router User Reference Manual...

  • Page 189: Examples Of Export Policies

    ! Configure a default route through 170.1.1.7 !++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ip add route default gateway 170.1.1.7 !+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ! Configure default routes to the 135.3.0.0 subnets reachable through ! R3. SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide address-netmask 120.190.1.1/16 port et.1.2 address-netmask 130.1.1.1/16 port et.1.3 140.1.1.1/24 port et.1.4...

  • Page 190: Exporting A Given Static Route To All Rip Interfaces

    Since we would also like to export/redistribute RIP and direct routes into RIP, we would also create export-sources for those protocols. Create a RIP export source since we would like to export RIP routes. ip-router policy create rip-export-source ripExpSrc multicast). version 2 type multicast SmartSwitch Router User Reference Manual and set...

  • Page 191: Exporting A Given Static Route To A Specific Rip Interface

    (RIP, Direct) routes into RIP. ip-router policy export destination ripExpDst141 source statExpSrc network default ip-router policy export destination ripExpDst141 source ripExpSrc network all ip-router policy export destination ripExpDst141 source directExpSrc network all SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...

  • Page 192: Exporting All Static Routes Reachable Over A Given Interface To A Specific Rip-Interface

    Thus it would not be possible to announce the subnets (140.1.1.0/24 and 140.1.2.0/24) into RIP Version 1 without aggregating them. Figure 17 on page 183, suppose you decide to run RIP SmartSwitch Router User Reference Manual...
  • Page 193 Create a RIP export source since we would like to export RIP routes. ip-router policy create rip-export-source ripExpSrc Create a Direct export source since we would like to export Direct routes. ip-router policy create direct-export-source directExpSrc SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...

  • Page 194: Example 2: Exporting To Ospf

    For all examples in this section, refer to the configuration shown in The following configuration commands for router R1: • Determine the IP address for each interface • Specify the static routes configured on the router • Determine its OSPF configuration Figure 18 on page SmartSwitch Router User Reference Manual 187.

  • Page 195: Exporting All Interface & Static Routes To Ospf

    2 metric 4 Create a Static export source since we would like to export static routes. ip-router policy create static-export-source statExpSrc SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide address-netmask 120.190.1.1/16 port et.1.2 address-netmask 130.1.1.1/16 port et.1.3...

  • Page 196: Exporting All Rip, Interface & Static Routes To Ospf

    Create a OSPF export destination for type-2 routes with a tag of 100. ip-router policy create ospf-export-destination ospfExpDstType2t100 type 2 tag 100 metric 4 Figure 18 on page 187, suppose we decide to run RIP SmartSwitch Router User Reference Manual...
  • Page 197 10. Create OSPF export source. ip-router policy create ospf-export-source ospfExpSrc type OSPF 11. Create OSPF-ASE export source. ip-router policy create ospf-export-source ospfAseExpSrc type OSPF-ASE SmartSwitch Router User Reference Manual Chapter 11: Routing Policy Configuration Guide...
  • Page 198 SmartSwitch Router User Reference Manual...

  • Page 199: Chapter 12: Multicast Routing Configuration Guide

    (VLANs) can be configured with the same IP interface on the SSR, IGMP keeps track of multicast host members on a per-port basis. Ports belonging to an IP VLAN without any IGMP membership will not be forwarded any multicast traffic. SmartSwitch Router User Reference Manual Chapter 12 Multicast Routing...

  • Page 200: Dvmrp Overview

    Tunnel traffic is not optimized on a per-port basis, and it goes to all ports on an interface, even though IGMP keeps per-port membership information. This is done to minimize CPU overload for tunneled traffic. SmartSwitch Router User Reference Manual...

  • Page 201: Configuring Igmp

    You can configure the SSR with a wait time for IGMP Host Membership responses which is different from the default. The wait time you set then applies to all ports on the SSR. The default response time is 10 seconds. SmartSwitch Router User Reference Manual Chapter 12: Multicast Routing Configuration Guide <ipAddr>...

  • Page 202: Configuring Per-Interface Control Of Igmp Membership

    Defining DVMRP tunnels, which IP uses to send multicast traffic between two end points Starting and Stopping DVMRP DVMRP is disabled by default on the SSR. igmp set responsetime <ip-addr> igmp set interface <ip-addr/subnet mask> <ip-addr> igmp set interface <ip-addr/subnet mask> groups SmartSwitch Router User Reference Manual <num> allowed-groups not-allowed-...

  • Page 203: Configuring Dvmrp On An Interface

    DVMRP reports. The default metric is 1. To configure the DVMRP routing metric, enter the following command in Configure mode: Configure the DVMRP routing metric. SmartSwitch Router User Reference Manual Chapter 12: Multicast Routing Configuration Guide dvmrp start no dvmrp start <ipAddr>|<interface-name>...

  • Page 204: Configuring Dvmrp Ttl & Scope

    CPU-intensive; they are not switched directly through the SSR’s multitasking ASICs. Application restricted to subnet Application restricted to a site Application restricted to a region Application not restricted <ip-addr> dvmrp set interface <number> <ip-addr> dvmrp set interface <ip-addr/mask> SmartSwitch Router User Reference Manual threshold scope...

  • Page 205: Monitoring Igmp & Dvmrp

    Show all IGMP timers. Show information about multicasts registered by IGMP. Show IGMP status on a VLAN. Show all multicast Source, Group entries. SmartSwitch Router User Reference Manual Chapter 12: Multicast Routing Configuration Guide <string> dvmrp create tunnel <ip-addr> <ip-addr>...

  • Page 206: Configuration Examples

    172.1.1.10 dvmrp enable interface 207.135.122.11 dvmrp enable interface 207.135.89.64 dvmrp enable interface 10.40.1.10 ! Set DVMRP parameters dvmrp set interface 172.1.1.10 neighbor-timeout 200 ! Start DVMRP dvmrp start multicast show interfaces multicast show mroutes SmartSwitch Router User Reference Manual...
  • Page 207 Chapter 12: Multicast Routing Configuration Guide SmartSwitch Router User Reference Manual...
  • Page 208 Chapter 12: Multicast Routing Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 209: Chapter 13: Ip Policy-Based Forwarding Configuration Guide

    For example, you can set up an IP policy to send packets originating from a certain network through a firewall, while letting other packets bypass the firewall. Using IP policies, sites that have multiple Internet service providers can cause user groups to use SmartSwitch Router User Reference Manual Chapter 13 IP Policy-Based...

  • Page 210: Configuring Ip Policies

    For example, the following acl command creates a profile called “prof1” for telnet packets going from network 9.1.1.5 to network 15.1.1.2: ssr(config)# acl prof1 permit ip 9.1.0.0/16 15.1.0.0/16 any any telnet 0 See the SmartSwitch Router Command Line Interface Reference Manual for complete syntax information for the acl command. Note: ACLs for non-IP protocols cannot be used for IP policy routing.

  • Page 211: Creating Multi-Statement Ip Policies

    For example, the following commands create an IP policy called “p3”, which consists of two IP policy statements. The ip policy permit statement has a sequence number of 1, SmartSwitch Router User Reference Manual Chapter 13: IP Policy-Based Forwarding Configuration Guide <name>...

  • Page 212: Setting Load Distribution For Next-Hop Gateways

    IP policy route; or drop the packets if the next-hop gateway specified in the IP policy is unavailable. <name> ip-policy set load-policy first-available <name> ip-policy set load-policy round-robin <name> ip-policy set load-policy ip- hash sip|dip|both SmartSwitch Router User Reference Manual...

  • Page 213: Checking The Availability Of Next-Hop Gateways

    After you define the IP policy, it must be applied to an inbound IP interface. Once the IP policy is applied to the interface, packets start being forwarded according to the IP policy. SmartSwitch Router User Reference Manual Chapter 13: IP Policy-Based Forwarding Configuration Guide <name>...

  • Page 214: Applying An Ip Policy To Locally Generated Packets

    ISPs. You can also create IP policies to select service providers based on various traffic types. <name> ip-policy apply interface <name> ip-policy apply interface all <name> ip-policy apply local SmartSwitch Router User Reference Manual <InterfaceName>...
  • Page 215 200.1.1.1 action policy- first ip-policy net-b apply interface user-b SmartSwitch Router User Reference Manual Chapter 13: IP Policy-Based Forwarding Configuration Guide Figure 19, the policy router is configured to divide traffic et.1.1...

  • Page 216: Prioritizing Service To Customers

    Traffic from the standard customer always uses one gateway (200.1.1.1). If for some reason that gateway is not available, packets from the standard customer are dropped. Figure 20 High-Cost, High Availability Network 100.1.1.1 et.1.1 Policy Router et.1.2 Low-Cost Network SmartSwitch Router User Reference Manual shows an SSR using 200.1.1.1...

  • Page 217: Authenticating Users Through A Firewall

    Packets from users defined in the “full-timers” group do not have to go through the firewall. SmartSwitch Router User Reference Manual Chapter 13: IP Policy-Based Forwarding Configuration Guide permit ip 11.50.0.0/16 any any any 0 Figure 21 illustrates this kind of configuration.

  • Page 218: Firewall Load Balancing

    Figure 22. Selecting Next Hop Gateway from IP Packet Information One session should always go to a particular firewall for persistence. Firewalls 1.1.1.1 2.2.2.1 2.2.2.2 1.1.1.2 Policy Router 2 1.1.1.3 2.2.2.3 2.2.2.5 2.2.2.4 1.1.1.4 SmartSwitch Router User Reference Manual Figure Figure 22 illustrates this Internet mls2...

  • Page 219: Monitoring Ip Policies

    To display IP policy information, enter the following commands in Enable mode. Display information about all IP policies. Display statistics about a specific IP policy. SmartSwitch Router User Reference Manual Chapter 13: IP Policy-Based Forwarding Configuration Guide Figure Figure ip-policy show all...
  • Page 220 Dest. IP/Mask ------------- 15.1.1.2 anywhere anywhere Cnt Action --- ----------- Policy Only Policy Last Policy Only SmartSwitch Router User Reference Manual <interface> <name> SrcPort DstPort TOS Prot --------- --------- --- ---- 0 IP 0 IP 0 IP Next Hop Information...
  • Page 221 N/A. 19. Implicit deny rule that is always exaluated last, causing all packets that do not match one of the profiles to be forwarded normally (with dynamic routes). SmartSwitch Router User Reference Manual Chapter 13: IP Policy-Based Forwarding Configuration Guide...
  • Page 222 Chapter 13: IP Policy-Based Forwarding Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 223: Chapter 14: Network Address Translation Configuration Guide

    In addition, the SSR supports Port Address Translation (PAT) for either static or dynamic address bindings. The SSR allows you to create the following NAT address bindings: SmartSwitch Router User Reference Manual Chapter 14 Network Address...

  • Page 224: Configuring Nat

    To specify an interface as inside (local) or outside (global), enter the following command in Configure mode. Define an interface as inside or outside for NAT. <InterfaceName> nat set interface inside|outside SmartSwitch Router User Reference Manual...

  • Page 225: Setting Nat Rules

    Set timeout for dynamic address bindings. To flush dynamic address bindings, enter the following command in Enable mode. Flush dynamic address bindings. SmartSwitch Router User Reference Manual Chapter 14: Network Address Translation Configuration Guide nat create static protocol ip|tcp|udp <local-ip-add/address range>...

  • Page 226: Nat And Ftp

    Inbound: Translate destination 192.50.20.2 to 10.1.1.2 IP network 10.1.1.0/24 10.1.1.2 (10.1.1.1/24) nat set ftp-control-port nat set ftp-session-timeout nat show [translations all| [timeouts] [statistics] Router et.2.1 et.2.2 interface 10-net interface 192-net (192.50.20.1/24) SmartSwitch Router User Reference Manual <port number> <minutes> <type> Global Internet...

  • Page 227: Using Static Nat

    10.1.1.2 global-ip 192.50.20.2 local-port 80 global-port 80 This server, 10.1.1.2, is advertised as 192.50.20.2 to the external network. SmartSwitch Router User Reference Manual Chapter 14: Network Address Translation Configuration Guide...

  • Page 228: Dynamic Configuration

    SSR automatically chooses a free global IP from the global pool for the local IP. Router et.2.1 et.2.2 interface 10-net interface 192-net (10.1.1.1/24) (192.50.20.1/24) SmartSwitch Router User Reference Manual Global Internet...

  • Page 229: Dynamic Nat With Ip Overload (Pat) Configuration

    Then, define the NAT dynamic rules by first creating the source ACL pool and then configuring the dynamic bindings: acl lcl permit ip 10.1.1.0/24 nat create dynamic local-acl-pool lcl global-pool 192.50.20.1-192.50.20.3 SmartSwitch Router User Reference Manual Chapter 14: Network Address Translation Configuration Guide Router et.2.1 et.2.2...

  • Page 230: Using Dynamic Nat With Ip Overload

    10-net address-netmask 10.1.1.1/24 port et.2.1 interface create ip 192-net address-netmask 192.50.20.0/24 port et.2.2 interface create ip 201-net address-netmask 201.50.20.0/24 port et.2.3 interface 192-net (192.50.20.0/24) Router et.2.2 et.2.1 et.2.3 interface 10-net interface 201-net (10.1.1.1/24) (201.50.20.0/24) SmartSwitch Router User Reference Manual Global Internet...

  • Page 231: Using Dynamic Nat With Matching Interface Redundancy

    Hence, you can specify two different global pools with the same local ACL pool on two different interfaces. SmartSwitch Router User Reference Manual Chapter 14: Network Address Translation Configuration Guide...
  • Page 232 Chapter 14: Network Address Translation Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 233: Chapter 15: Web Hosting Configuration Guide

    Note: Load balancing and web caching can be performed using application software, however, the SSR can perform these functtion much faster as the redirection is handled at lower levels. SmartSwitch Router User Reference Manual Chapter 15 Web Hosting Configuration Guide...

  • Page 234: Load Balancing

    <ipaddr> virtual-ip <port number> protocol tcp|udp load-balance create vip-range-name name> <range> vip-range <port number> protocol tcp|udp SmartSwitch Router User Reference Manual <group virtual-port <range virtual-port...

  • Page 235: Adding Servers To The Load Balancing Group

    “up.” To set the status of a load balancing server, enter the following command in Enable mode. Set status of load balancing server. SmartSwitch Router User Reference Manual Chapter 15: Web Hosting Configuration Guide load-balance set policy-for-group name>...

  • Page 236: Load Balancing And Ftp

    To specify the timeout for load balancing mappings, enter the following command in Configure mode. Specify the timeout for source- destination mappings. load-balance set ftp-control-port number> load-balance allow access-to-servers <ipaddr/range> client-ip <group name> load-balance set mappings-age-timer <timer> SmartSwitch Router User Reference Manual <port group-name...

  • Page 237: Displaying Load Balancing Information

    The system administrator configures the networks so that the SSR forwards web requests among four separate servers, as shown below. 10.1.1.1 10.1.1.2 10.1.1.3 www.ctron.com SmartSwitch Router User Reference Manual Chapter 15: Web Hosting Configuration Guide load-balance show virtual-hosts group- <group name> name virtual-port load-balance show source-mappings client- <ipaddr/range>...

  • Page 238: Web Hosting With Multiple Virtual Groups And Multiple Destination Servers

    Virtual IP TCP Port Web requests forwarded to the server Router www.quick.com Virtual IP TCP Port 207.135.89.16 207.135.89.16 SmartSwitch Router User Reference Manual Real Server TCP Port 10.1.1.1 10.1.1.2 10.1.1.3 10.1.1.4 Internet User Queries: ftp.quick.com Real Server TCP Port 10.1.1.1...

  • Page 239: Virtual Ip Address Ranges

    10.1.1.50 www.toys.com 10.1.2.16 www.computers.com 10.1.2.17 www.dvd.com 10.1.2.18 www.vcr.com 10.1.2.50 www.toys.com Group Name www.computers.com www.dvd.com www.vcr.com SmartSwitch Router User Reference Manual Chapter 15: Web Hosting Configuration Guide Router Web requests: 207.135.89.16 www.computers.com 207.135.89.17 www.dvd.com 207.135.89.18 www.vcr.com 207.135.89.50 www.toys.com Virtual IP TCP Port 207.135.89.16...

  • Page 240: Web Caching

    HTTP requests are redirected. Apply the caching policy to an outbound interface to redirect HTTP traffic on that interface to the cache servers. Virtual IP TCP Port 207.135.89.50 SmartSwitch Router User Reference Manual Destination TCP Port Server IP S1: 10.1.1.50 S2: 10.1.2.50...

  • Page 241: Creating The Cache Group

    SSR. To redirect outbound HTTP traffic to the cache servers, enter the following command in Configure mode: Apply caching policy to outbound interface. SmartSwitch Router User Reference Manual Chapter 15: Web Hosting Configuration Guide <cache-name> web-cache create server-list <server-list-name>...

  • Page 242: Configuration Example

    Bypassing Cache Servers Some Web sites require source IP address authentication for user access, therefore HTTP requests for these sites cannot be redirected to the cache servers. To specify the sites for Router Global Internet Users SmartSwitch Router User Reference Manual...

  • Page 243: Proxy Server Redundancy

    Monitoring Web-Caching To display Web-caching information, enter the following commands in Enable mode. Show information for all caching policies and all server lists. SmartSwitch Router User Reference Manual Chapter 15: Web Hosting Configuration Guide <cache-name> web-cache create bypass-list <ipaddr-range>|...
  • Page 244 Chapter 15: Web Hosting Configuration Guide Show caching policy information. Show cache server information. web-cache show cache-name web-cache show servers cache |all SmartSwitch Router User Reference Manual <cache-name> |all <cache-name>...

  • Page 245: Chapter 16: Ipx Routing Configuration Guide

    IPX routers use RIP to create and dynamically maintain a database of internetwork routing information. RIP allows a router to exchange routing information with a neighboring router. As a router becomes aware of any change in the internetwork layout, SmartSwitch Router User Reference Manual Chapter 16 IPX Routing...

  • Page 246: Sap (Service Advertising Protocol)

    Servers respond to the workstation’s or router’s request • Routers make periodic broadcasts to make sure all other routers are aware of the internetwork configuration • Routers perform broadcasting whenever they detect a change in the internetwork configurations SmartSwitch Router User Reference Manual...

  • Page 247: Configuring Ipx Rip & Sap

    The IPX address is a 12-byte number divided into three parts. The first part is the 4-byte (8-character) IPX external network number. The second part is the 6-byte (12-character) node number. The third part is the 2-byte (4-character) socket number. SmartSwitch Router User Reference Manual Chapter 16: IPX Routing Configuration Guide...

  • Page 248: Configuring Ipx Interfaces And Parameters

    Create an IPX interface for a VLAN. Specifying IPX Encapsulation Method The SmartSwitch Router supports two encapsulation types for IPX. You can configure encapsulation type on a per-interface basis. • Ethernet II: The standard ARPA Ethernet Version 2.0 encapsulation, which uses a 16- bit protocol type code (the default encapsulation method) •...

  • Page 249: Configuring Ipx Routing

    IPX. However, you can add static RIP routes to RIP routing table to explicitly specify a route. To add a static RIP route, enter the following command in Configure mode: Add a static RIP route. SmartSwitch Router User Reference Manual Chapter 16: IPX Routing Configuration Guide <Interface Name> interface create ipx output-mac-encapsulation ethernet_II <Interface Name>...

  • Page 250: Configuring Static Sap Table Entries

    Apply an IPX access control list. <service type> <SrvcName> <node> ipx add sap <socket> <metric> <interface-network> acl <name> permit|deny ipx <SrcNetwork Node> <DstNetworkNode> <SrcSocket> <SrcNetMask> <DstSocket> <DstNetMask> l <name> apply interface input|output [logging [on|off]] SmartSwitch Router User Reference Manual <Interface Name>...

  • Page 251: Creating An Ipx Type 20 Access Control List

    IPX interface. To apply an IPX GNS access control list, enter the following command in Configure mode: Apply an IPX GNS access control list. SmartSwitch Router User Reference Manual Chapter 16: IPX Routing Configuration Guide <name> permit|deny ipxtype20 <name>...

  • Page 252: Creating An Ipx Rip Access Control List

    <Interface Name> input|output [logging [on|off]] <DstNetwork> ipx find rip <type> <ServiceType> ipx find sap <ServiceName> <ServerNetwork> <interface-name> ipx show interfaces ipx show tables rip ipx show tables routing ipx show tables sap ipx show tables summary SmartSwitch Router User Reference Manual...
  • Page 253 !IPX type 20 inbound filter to interface ipx2 acl 300 apply interface ipx2 input !GNS Access List acl 300 deny ipxgns A.01:03:05:07:02:03 0004 FILESERVER2 acl 200 apply interface ipx2 output SmartSwitch Router User Reference Manual Chapter 16: IPX Routing Configuration Guide...
  • Page 254 Chapter 16: IPX Routing Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 255: Chapter 17: Access Control List Configuration Guide

    ACL. • “Monitoring ACLs” on page 269 information about ACLs active on the SSR. SmartSwitch Router User Reference Manual Chapter 17 Access Control List Configuration explains how ACLs are defined and how the SSR evaluates...

  • Page 256: Chapter 17: Access Control List Configuration Guide

    <name> permit|deny ip Note: The acl permit|deny ip command restricts traffic for all IP-based protocols, such as TCP, UDP, ICMP, and IGMP. Variants of the acl permit|deny ip command exist <SrcAddr/Mask> <DstAddr/Mask> <SrcPort> <DstPort> <tos> SmartSwitch Router User Reference Manual...

  • Page 257: How Acl Rules Are Evaluated

    The SSR simply goes down the list, one rule at a time, until there is a match. Consequently, rules that are more specific (that is, with more selection criteria) should SmartSwitch Router User Reference Manual Chapter 17: Access Control List Configuration Guide...

  • Page 258: Implicit Deny Rule

    101 deny any any any any any If a packet comes in and doesn't match the first two rules, the packet is dropped. This is because the third rule (the implicit deny rule) matches all packets. SmartSwitch Router User Reference Manual...

  • Page 259: Allowing External Responses To Established Tcp Connections

    To address this problem, the SSR can be configured to accept outside TCP responses into the internal network, provided that the TCP connection was initiated internally. SmartSwitch Router User Reference Manual Chapter 17: Access Control List Configuration Guide...

  • Page 260: Creating And Modifying Acls

    This tells the SSR to remove the application and the definition of any ACL. You can be more selective if you want to remove only ACL commands related to, for instance, ACL <name> permit tcp established SmartSwitch Router User Reference Manual...

  • Page 261: Maintaining Acls Using The Acl Editor

    There is no need to remove the ACL from the interface before making changes and reapply it after changes are made. The process is automatic. SmartSwitch Router User Reference Manual Chapter 17: Access Control List Configuration Guide...

  • Page 262: Using Acls

    In some cases, however, it may not be simple or possible for the administrator to know ahead of time that a packet should be dropped at the inbound SmartSwitch Router User Reference Manual...

  • Page 263: Applying Acls To Services

    For example, the Network Address Translation (NAT) feature on the SSR allows you to create address pools for dynamic bindings. You use ACL profiles to represent the appropriate pools of IP addresses. SmartSwitch Router User Reference Manual Chapter 17: Access Control List Configuration Guide <name>...

  • Page 264: Using Profile Acls With The Ip Policy Facility

    Specifies the incoming traffic flow to which rate limiting is applied. Specifies which HTTP traffic should always (or never) be redirected to the cache servers. Specifies characteristics of Web objects that should not be cached. SmartSwitch Router User Reference Manual...

  • Page 265: Using Profile Acls With The Traffic Rate Limiting Facility

    When the rate limit definition is applied to an interface (with the rate-limit apply interface command), packets in flows originating from source address 1.2.2.2 are dropped if their bandwidth usage exceeds 10 Mbps. SmartSwitch Router User Reference Manual Chapter 17: Access Control List Configuration Guide for more information...

  • Page 266: Using Profile Acls With Dynamic Nat

    (in this example, all IGMP traffic). Then you use a port mirroring command to copy packets that match the selection criteria to a specified mirror port. The following commands illustrate this example. for more information on using the rate-limit for more SmartSwitch Router User Reference Manual...

  • Page 267: Using Profile Acls With The Web Caching Facility

    The following command creates a Web caching policy that prevents packets matching Profile ACL prof4’s selection criteria (that is, packets with a source address of 10.10.10.10 SmartSwitch Router User Reference Manual Chapter 17: Access Control List Configuration Guide for more information on using...

  • Page 268: Preventing Web Objects From Being Cached

    1200 baud. Furthermore, if a Syslog server is configured, then a Syslog packet must also be sent to the Syslog server, for more information on using the web-cache command. SmartSwitch Router User Reference Manual...

  • Page 269: Monitoring Acls

    Show an ACL on a specific interface. Show ACLs on all IP interfaces. Show ACLs on all IPX interfaces. Show static entry filters. SmartSwitch Router User Reference Manual Chapter 17: Access Control List Configuration Guide acl show all <name> acl show aclname <name>...
  • Page 270 Chapter 17: Access Control List Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 271: Chapter 18: Security Configuration Guide

    Perform access control to services provided on the SSR, for example, Telnet server and HTTP server. Note: Currently, Source Filtering is available on SSR WAN cards; however, application must take place on the entire WAN card. SmartSwitch Router User Reference Manual Chapter 18 Security Configuration Guide...

  • Page 272: Configuring Ssr Access Security

    <hostname or IP-addr> <number> radius set timeout radius set last-resort password|succeed radius enable radius authentication login|enable radius accounting command level < radius accounting shell start|stop|all radius accounting snmp active|startup radius accounting system fatal|error|warning|info SmartSwitch Router User Reference Manual level >...

  • Page 273: Monitoring Radius

    You can monitor TACACS configuration and statistics within the SSR. To monitor TACACS, enter the following commands in Enable mode: Show TACACS server statistics. Show all TACACS parameters. SmartSwitch Router User Reference Manual Chapter 18: Security Configuration Guide radius show stats radius show all tacacs set server <hostname or IP-addr>...

  • Page 274: Configuring Tacacs Plus

    <number> tacacs-plus set timeout tacacs-plus set last-resort password|succeed tacacs-plus enable tacacs-plus authentication login|enable tacacs-plus authentication login|enable tacacs-plus accounting command level level < > tacacs-plus accounting shell start|stop|all tacacs-plus accounting snmp active|startup tacacs-plus accounting system fatal|error|warning|info SmartSwitch Router User Reference Manual...

  • Page 275: Configuring Passwords

    When combined with static entries, however, these filters can be used to drop all received traffic but allow some frames to go through. SmartSwitch Router User Reference Manual Chapter 18: Security Configuration Guide tacacs-plus show stats...

  • Page 276: Configuring Layer-2 Address Filters

    <MACaddr> dest-mac vlan num> <port-list> in-port-list filters add address-filter name <MACaddr> source-mac <MACaddr> <VLAN-num> vlan <port-list> port-list filters add port-address-lock name <name> <MACaddr> source-mac <VLAN-num> in-port-list SmartSwitch Router User Reference Manual <name> <VLAN- vlan <name> <VLAN- <name> dest-mac vlan <port-list>...

  • Page 277: Configuring Layer-2 Static Entry Filters

    Combine a destination secure port with a destination static entry to drop all received traffic but allow any frame destined to specific destination MAC address go through SmartSwitch Router User Reference Manual Chapter 18: Security Configuration Guide filters add static-entry name restriction allow|disallow|force source- <MACaddr>...

  • Page 278: Monitoring Layer-2 Security Filters

    ] [vlan filters show port-address-lock ports <port-list> [ports ] [vlan <MACaddr> [source-mac filters show secure-port filters show static-entry [all-source|all-destination|all-flow] <port-list> <VLAN-num> ports vlan <MACaddr> [source-mac SmartSwitch Router User Reference Manual <name> <VLAN-num> <name> <VLAN-num> <MACaddr> dest-mac <VLAN-num> <VLAN-num> <MACaddr> dest-mac...

  • Page 279: Layer-2 Filter Examples

    Source static entry: The consultant is only allowed to access the engineering file servers on port et.1.2. filters add static-entry name consultant source-mac 001122:334455 vlan 1 in-port-list et.1.1 out-port-list et.1.2 restriction allow SmartSwitch Router User Reference Manual Chapter 18: Security Configuration Guide et.1.1 et.1.2...

  • Page 280: Port-To-Address Lock Examples

    "punch" a hole through the secure-port wall. A "source static-entry" overrides a "source secure port". filters add static-entry name eng-mgr source-mac 080060:123456 vlan 1 in-port-list et.1.1 out-port-list et.1.2 restriction allow dest-mac 010000:334455 vlan 1 in-port-list et.1.1 SmartSwitch Router User Reference Manual...

  • Page 281: Layer-3 Access Control Lists (Acls)

    For information about defining and using ACLs on the SSR, see Configuration Guide” on page SmartSwitch Router User Reference Manual Chapter 18: Security Configuration Guide 255. “Access Control List...
  • Page 282 Chapter 18: Security Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 283: Chapter 19: Qos Configuration Guide

    Layer-3 or Layer-4 information. Traffic that exceeds the upper limit of the profile can either be dropped or re prioritized into another priority queue. Within the SSR, QoS policies are used to classify Layer-2, Layer-3, and Layer-4 traffic into the following priorities: SmartSwitch Router User Reference Manual Chapter 19 Guide...

  • Page 284: Layer-2 And Layer-3 & Layer-4 Flow Specification

    IPX: destination network (1), source network (2), destination node (3), source node (4), destination port (5), source port (6), interface (7) Use the qos precedence ip and qos precedence ipx commands to change the default precedence. SmartSwitch Router User Reference Manual...

  • Page 285: Ssr Queuing Policies

    In flow mode, you can also ignore the source MAC address and configure the priority based on the destination MAC address only. Configuring Layer-2 QoS When applying QoS to a layer-2 flow, priority can be assigned as follows: SmartSwitch Router User Reference Manual Chapter 19: QoS Configuration Guide...

  • Page 286: Traffic Prioritization For Layer-3 & Layer-4 Flows

    Identify the Layer-3 or 4 flow and set the IP QoS policy. Specify the precedence for the fields within an IP flow. <name> qos set l2 name source-mac <MACaddr> dest-mac vlan <port-list> in-port-list control|high|medium|low| SmartSwitch Router User Reference Manual <MACaddr> <vlanID> priority <trunk-priority>...

  • Page 287: Setting An Ip Qos Policy

    Setting an IPX QoS Policy To set a QoS policy on an IPX traffic flow, enter the following command in Configure mode: Set an IPX QoS policy. SmartSwitch Router User Reference Manual Chapter 19: QoS Configuration Guide <name> <priority> <srcaddr/mask> qos set ip <dstaddr/mask>...

  • Page 288: Specifying Precedence For An Ipx Qos Policy

    <port list> |all-ports <line within active-configuration containing qos negate set queuing-policy weighted-fair> qos set weighted-fair control <percentage> high medium <percentage> <port list> port SmartSwitch Router User Reference Manual <num> <num> <num> <num> <percentage> <percentage> |all-ports...

  • Page 289: Configuring Tos Rewrite For Ip Packets

    ANDed value of <tos> and <tos-mask> of the QoS policy. If the values are equal, the values of the <tos-rewrite> and <tos-precedence- rewrite> parameters will be written into the packet. SmartSwitch Router User Reference Manual Chapter 19: QoS Configuration Guide Least Significant Bit...
  • Page 290 The following example will rewrite the ToS Precedence and the ToS fields to 5 and 30 if the incoming packet is from the 10.10.10.0/24 network with the ToS Precedence field set to 2 <tos-rewrite> 0-31 SmartSwitch Router User Reference Manual...

  • Page 291: Monitoring Qos

    Traffic rate limiting provides the ability to control the usage of a fundamental network resource, bandwidth. It allows you to limit the rate of traffic that flows through the specified interfaces, thus reserving bandwidth for critical applications. Unlike traffic SmartSwitch Router User Reference Manual ToS = 7 ToS = 30...

  • Page 292: Example Configuration

    The following is an example of configuring rate limiting on the SSR. Backbone et.1.8 2.2.2.2/8 <name> rate-limit input acl <rate-limit> exceed-action drop-packets|set- priority-low|set-priority-medium|set- priority-high [sequence <name> rate-limit apply interface <interface> |all 1.1.1.1/8 et.1.1 Router et.1.2 3.3.3.3/8 SmartSwitch Router User Reference Manual <acl list> rate <number> ipclient1 ipclient2...

  • Page 293: Displaying Rate Limit Information

    Displaying Rate Limit Information To show information about rate limit policies, enter the following command in Enable mode: Show rate limit policy information. SmartSwitch Router User Reference Manual Chapter 19: QoS Configuration Guide rate-limit show all| policy-name <interface> interface <name>...
  • Page 294 Chapter 19: QoS Configuration Guide SmartSwitch Router User Reference Manual...

  • Page 295: Chapter 20: Performance Monitoring Guide

    RMON/RMON2 and can be displayed by using the statistics show command in the CLI. In addition to the monitoring commands listed, you can find more monitoring commands listed in each chapter of the SmartSwitch Router Command Line Interface Reference Manual. To access statistics on the SSR, enter the following commands in Enable mode: Show DVMRP routes.
  • Page 296 [config][detail][port <port list>][stats] vlan list SmartSwitch Router User Reference Manual...

  • Page 297: Configuring The Ssr For Port Mirroring

    Configure mode: Configure monitoring of broadcast traffic. SmartSwitch Router User Reference Manual Chapter 20: Performance Monitoring Guide port mirroring monitor-port <port list>...
  • Page 298 Chapter 20: Performance Monitoring Guide SmartSwitch Router User Reference Manual...

  • Page 299: Chapter 21: Rmon Configuration Guide

    RMON 1; on the SSR, you can configure both RMON 1 and RMON 2 statistics collection. Configuring and Enabling RMON By default, RMON is disabled on the SSR. To configure and enable RMON on the SSR, follow these steps: SmartSwitch Router User Reference Manual Chapter 21 RMON Configuration Guide...

  • Page 300: Example Of Rmon Configuration Commands

    1 : port flow-bridging et.5.(3-8) 2 : interface add ip en0 address-netmask 10.50.6.9/16 3 : system set contact "usama" 4 : system set location Cabletron Systems 5 : system set name "ssr" 6 : rmon set ports all-ports 7 : rmon set lite default-tables yes...

  • Page 301: Rmon Groups

    The Lite RMON groups are shown in the table below. Table 6. Lite RMON Groups Group EtherStats Event Alarm History SmartSwitch Router User Reference Manual Chapter 21: RMON Configuration Guide rmon set lite|standard|professional default- tables yes|no <port list> rmon set ports Function Records Ethernet statistics (for example, packets dropped, packets sent, etc.) for specified ports.

  • Page 302: Standard Rmon Groups

    Contains a list of protocols supported by the SSR and monitored by RMON. See the RMON 2 Protocol Directory appendix in the SmartSwitch Router Command Line Interface Reference Manual. Records the packets and octets for specified ports on a per protocol basis.

  • Page 303: Control Tables

    SSR for the following groups: Lite groups: Standard groups: Professional groups: SmartSwitch Router User Reference Manual Chapter 21: RMON Configuration Guide Function Monitors traffic at the application layer for protocols defined in the Protocol Directory. Top N gathers the top n application layer matrix entries.

  • Page 304: Using Rmon

    In the example output above, only HTTP and ICMP traffic is being received on this port. To find out which host or user is using these applications/protocols on this port, use the Owner: monitor Octets Protocol ------ -------- 1586 ether2 1586 ether2.ip-v4 1586 *ether2.ip-v4 *ether2.ip-v4.icmp 1394 *ether2.ip-v4.tcp 1394 *ether2.ip-v4.tcp.www-http SmartSwitch Router User Reference Manual...

  • Page 305: Configuring Rmon Groups

    To configure the Address Map group. To configure the Application Layer Matrix top n entries. To configure the Alarm group. To configure the Packet Capture group. SmartSwitch Router User Reference Manual Inserts: 4 , Deletes: 0 , Owner: monitor Packets Octets ------- ------...
  • Page 306 <number> [base <statistics>] [duration <time>] [size <size>] [owner <string>] [status enable|disable] rmon matrix index <index-number> [port <port>] [owner <string>] [status enable|disable] rmon nl-matrix-top-n index <index-number> matrix- index <number> ratebase terminal-packets|terminal- octets|all-packets|all-octets duration <number> size <number> [owner <string>] [status enable|disable] SmartSwitch Router User Reference Manual...

  • Page 307: Configuration Examples

    Index number 20 to identify this entry in the Alarm control table. • The OID 1.3.6.1.2.1.31.1.5.0 identifies the attribute to be monitored. SmartSwitch Router User Reference Manual Chapter 21: RMON Configuration Guide rmon protocol-distribution index <index-number> port <port> [owner <string>] [status enable|disable] rmon user-history-control index <index-number>...

  • Page 308: Displaying Rmon Information

    <port-list>|all-ports rmon show hosts <port-list>|all-ports [summary] rmon show host-top-n rmon show matrix <port-list>|all-ports rmon show channels rmon show filters rmon show packet-capture rmon show protocol-directory rmon show protocol-distribution <port-list>|all- ports SmartSwitch Router User Reference Manual...

  • Page 309: Rmon Cli Filters

    CLI filters to limit the amount of information displayed with the rmon show commands. An RMON CLI filter can only be applied to a current Telnet or Console session. SmartSwitch Router User Reference Manual Chapter 21: RMON Configuration Guide rmon show address-map <port-list>|all-ports rmon show nl-host<port-list>|all-ports [summary]...

  • Page 310: Protocol Distribution

    114387 1128 1519 1354 281497 InPkts InOctets ------ -------- 1204 80110 2389 740514 1540 98560 121061 1372 285105 SmartSwitch Router User Reference Manual OutOctets Bcst Mcst --------- ---- ---- 7140 114387 7140 199960 3264 678372 89818 19382 75196 97216 OutPkts...

  • Page 311: Creating Rmon Cli Filters

    Then, use the rmon show status command to check the RMON configuration on the SSR. SmartSwitch Router User Reference Manual Chapter 21: RMON Configuration Guide <filter-id> <parameter>...
  • Page 312 SSR and that no ACLs prevent you from using SNMP to access the SSR. Make sure that RMON has not run out of memory. et.5.2 , et.5.3 , et.5.4 , et.5.5 , 48530436 4000000 2637872 1362128 SmartSwitch Router User Reference Manual et.5.6 , et.5.7 , et.5.8...

  • Page 313: Allocating Memory To Rmon

    , et.5.8 RMON Memory Utilization ----------------------- Total Bytes Available: Total Bytes Allocated to RMON: Total Bytes Used: Total Bytes Free: SmartSwitch Router User Reference Manual rmon show status On | Yes | On | Yes | On | Yes | et.5.2 ,...
  • Page 314 Chapter 21: RMON Configuration Guide To set the amount of memory allocated to RMON, use the following CLI command in User or Enable mode: Specifies the total amount of Mbytes of memory allocated to RMON. <number> rmon set memory SmartSwitch Router User Reference Manual...

  • Page 315: Chapter 22: Wan Configuration Guide

    WAN Overview On the SmartSwitch Router, Wide Area Network (WAN) routing is performed over a serial interface using two basic protocols: Frame Relay and point-to-point protocol (PPP). Both protocols have their own set of configuration and monitoring CLI commands described in the SmartSwitch Router Command Line Interface Reference Manual.

  • Page 316: Configuring Wan Interfaces

    IP Control Protocol (IPCP) or IPX Control Protocol (IPXCP) negotiations will be ignored. The following command line displays an example for a port: interface create ip IPWAN address-netmask 10.50.1.1/16 peer-address 10.50.1.2 port hs.3.1 “Configuring IP “Configuring IPX Interfaces and Parameters” SmartSwitch Router User Reference Manual...

  • Page 317: Mapped Addresses

    IPCP/IPXCP negotiation in a PPP environment. The following command lines display examples for a port and a VC: interface create ip IPWAN address-netmask 10.50.1.1/16 port hs.3.1 interface create ip IPWAN address-netmask 10.50.1.1/16 port hs.5.2.19 SmartSwitch Router User Reference Manual Chapter 22: WAN Configuration Guide...

  • Page 318: Forcing Bridged Encapsulation

    “no history” option. If the compression statistics do not improve or show a ration of less than 1, then compression should be disabled altogether. SmartSwitch Router User Reference Manual...

  • Page 319: Average Packet Size

    Since the compression ratio will vary, the amount of latency will also vary. Example Configurations The following command line displays an example for Frame Relay: frame-relay set payload-compress ports se.3.1.300 SmartSwitch Router User Reference Manual Chapter 22: WAN Configuration Guide...

  • Page 320: Packet Encryption

    CIR. By applying some of the following sorts of attributes to interfaces on your network, you can begin to shape your network’s QoS configuration to use existing bandwidth more effectively. mp.1 SmartSwitch Router User Reference Manual...

  • Page 321: Source Filtering And Acls

    WAN interface(s). Meanwhile, the remaining bandwidth is distributed for “lower-priority” WAN packets according to the user’s percentage-of-bandwidth specifications. Please refer to Chapter 35: “qos Commands” in the SmartSwitch Router Command Line Interface Reference Manual for more detailed configuration information.

  • Page 322: Adaptive Shaping

    (sometimes scarce) bandwidth. You can set up frame relay ports on your SSR with the commands described in Chapter 15: “frame-relay Commands” in the SmartSwitch Router Command Line Interface Reference Manual. Virtual Circuits You can think of a Virtual Circuit (VC) as a “virtual interface”...

  • Page 323: Permanent Virtual Circuits (Pvcs)

    Then, you must set up a frame relay virtual circuit (VC). The following command line displays a simplified example of a VC definition: Define the type and location of a frame relay VC. SmartSwitch Router User Reference Manual Chapter 22: WAN Configuration Guide “Frame Relay Port Configuration” on page <port>...

  • Page 324: Setting Up A Frame Relay Service Profile

    ] [red-maxTh-low-prio-traffic <number> ] [red-maxTh-med-prio-traffic [red-minTh-high-prio-traffic <number> low-prio-traffic <number> traffic ] [rmon on|off] frame-relay apply service <port list> SmartSwitch Router User Reference Manual <service name> <number> <number> ] [cir <number> ] [low- ] [med-priority-queue- <number> <number> ] [red-minTh- ] [red-minTh-med-prio- <service name>...

  • Page 325: Monitoring Frame Relay Wan Ports

    • Committed burst value of 2 million and excessive burst value of 1 million • BECN active shaping at 65 frames SmartSwitch Router User Reference Manual Chapter 22: WAN Configuration Guide <service name> frame-relay show service frame-relay show service all...
  • Page 326 Bc 2000000 Be 10000000 becn-adaptive-shaping 65 cir 20000000 red off rmon on To assign the above service profile to the VC interface created earlier (slot 4, port 1): ssr(config)# frame-relay apply service profile1 ports hs.4.1.100 SmartSwitch Router User Reference Manual...

  • Page 327: Point-To-Point Protocol (Ppp) Overview

    You can set up PPP ports on your SSR with the commands described in Chapter 32: “port Commands” in the SmartSwitch Router Command Line Interface Reference Manual. Use of LCP Magic Numbers LCP magic numbers enable you to detect situations where PPP LCP packets are looped back from the remote system, resulting in an error message.

  • Page 328: Defining The Type And Location Of A Ppp Interface

    <number> ] [med-priority-queue-depth on|off] [red-maxTh-high-prio-traffic [red-maxTh-low-prio-traffic <number> med-prio-traffic <number> traffic ] [red-minTh-low-prio-traffic <number> ] [red-minTh-med-prio-traffic <number> [retry-interval SmartSwitch Router User Reference Manual 330. wan-encapsulation ppp speed [bridging <number> ] [max-configure <number> ] [max-terminate <number> ] [red <number> <number> ] [red-maxTh- ] [red-minTh-high-prio- <number>...

  • Page 329: Applying A Service Profile To An Active Ppp Port

    Compression can be applied on either a bundle or link basis if MLP is enabled on PPP links. If compression is enabled on a bundle, the packets will be compressed before SmartSwitch Router User Reference Manual Chapter 22: WAN Configuration Guide <service name>...

  • Page 330: Monitoring Ppp Wan Ports

    <port name> ppp show stats port <port name> ppp show stats port <port name> ppp show stats port status <mlp list> ppp show mlp |all-ports SmartSwitch Router User Reference Manual bridge- ip-ncp link-...
  • Page 331 4 red off retry-interval 25 rmon on To assign the above service profile to the active PPP WAN port defined earlier (slot 5, port 1): ssr(config)# ppp apply service profile2 ports hs.5.1 SmartSwitch Router User Reference Manual Chapter 22: WAN Configuration Guide...

  • Page 332: Wan Configuration Examples

    10.20.1.1/16 port et.1.1 interface create ip lan2 address-netmask 10.30.1.1/16 port et.1.2 ip add route 10.10.0.0/16 gateway 10.1.1.2 ip add route 10.40.0.0/16 gateway 10.2.1.2 For a broader, more application-oriented WAN configuration example, see WAN Configuration” next. SmartSwitch Router User Reference Manual “Multi-Router...

  • Page 333: Multi-Router Wan Configuration

    100.100.100.1 hs.7.1 Frame Relay wan-encaps. subnet S1 VC = 106 100.100.100.6 hs.3.1 100.100.100.6 et.15.2 et.15.1 100.100.100.100 Video Server Win NT SmartSwitch Router User Reference Manual et.1.1 50.50.50.5 100.100.100.5 se.4.1 100.100.100.4 se.6.3 100.100.100.4 se.6.1 100.100.100.3 se.2.1 et.1.1 30.30.30.3 100.100.100.3 hs.4.1 hs.4.2 Frame Relay wan-encaps.

  • Page 334: Router R1 Configuration File

    120.120.120.2/16 vlan s2 interface create ip VideoClient address-netmask 200.200.200.1/16 port et.1.2 qos set ip VideoFromNT high 100.100.100.100 200.200.200.200 any any qos set ip VideoFrom95 high 200.200.200.200 100.100.100.100 any any SmartSwitch Router User Reference Manual...

  • Page 335: Router R3 Configuration File

    Router R4 Configuration File The following configuration file applies to Router R4. ---------------------------------------------------------------------- Configuration for ROUTER R4 ---------------------------------------------------------------------- port set se.6.1 wan-encapsulation frame-relay speed 1500000 port set se.6.3 wan-encapsulation ppp speed 1500000 SmartSwitch Router User Reference Manual Chapter 22: WAN Configuration Guide...

  • Page 336: Router R5 Configuration File

    R5 arp add 50.50.50.15 mac-addr 000505:050500 exit-port et.1.1 Router R6 Configuration File The following configuration file applies to Router R6. ---------------------------------------------------------------------- Configuration for ROUTER R6 ---------------------------------------------------------------------- port set et.15.* duplex full SmartSwitch Router User Reference Manual...
  • Page 337 VideoFrom95 high 200.200.200.200 100.100.100.100 any any rip add interface all rip set interface all version 2 rip set auto-summary enable rip start system set name R6 arp add 60.60.60.16 mac-addr 000606:060600 exit-port et.15.1 SmartSwitch Router User Reference Manual...
  • Page 338 Chapter 22: WAN Configuration Guide SmartSwitch Router User Reference Manual...

Table of Contents

Save PDF