1. Manuals
  2. Brands
  3. Cabletron Systems Manuals
  4. Software
  5. SSR-GLX19-02
  6. User manual

Cabletron Systems SSR-GLX19-02 User Manual

Hide thumbs Also See for SSR-GLX19-02:
1
2
3
4
5
6
7
8
Table Of Contents
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
Table of Contents

Advertisement

Quick Links

Download this manual
CoreWatch User's Manual
9032564-04

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SSR-GLX19-02 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Cabletron Systems SSR-GLX19-02

Summary of Contents for Cabletron Systems SSR-GLX19-02

  • Page 1 CoreWatch User’s Manual 9032564-04...
  • Page 2 Notice CoreWatch User’s Manual...
  • Page 3 Notice Notice Cabletron Systems reserves the right to make changes in specifications and other information contained in this document without prior notice. The reader should in all cases consult Cabletron Systems to determine whether any such changes have been made. The hardware, firmware, or software described in this manual is subject to change without notice.

  • Page 4: Fcc Notice

    Notice FCC Notice This device complies with Part 15 of the FCC rules. Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. NOTE: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC rules.
  • Page 5 Notice Cabletron Systems, Inc. Program License Agreement IMPORTANT: Before utilizing this product, carefully read this License Agreement. This document is an agreement between you, the end user, and Cabletron Systems, Inc. (“Cabletron”) that sets forth your rights and obligations with respect to the Cabletron software program (the “Program”) contained in this package.
  • Page 6 Notice United States Government Restricted Rights The enclosed product (a) was developed solely at private expense; (b) contains “restricted computer software” submitted with restricted rights in accordance with Section 52227-19 (a) through (d) of the Commercial Computer Software - Restricted Rights Clause and its successors, and (c) in all respects is proprietary data belonging to Cabletron and/or its suppliers.

  • Page 7: Safety Information

    Notice SAFETY INFORMATION CLASS 1 LASER TRANSCEIVERS The SSR-HFX11-08 100Base-FX Module, SSR-GSX11-02 1000BASE-LX Module, SSR-GLX19-02 1000BASE-LX Module, SSR-HFX29-08 100BASE-FX SMF Module, and SSR-GLX70-01 1000BASE-LLX Module use Class 1 Laser transceivers. Read the following safety information before installing or operating these modules. The Class 1 laser transceivers use an optical feedback loop to maintain Class 1 operation limits.

  • Page 8: Declaration Of Conformity

    Notice DECLARATION OF CONFORMITY ADDENDUM Application of Council Directive(s): 89/336/EEC 73/23/EEC Manufacturer’s Name: Cabletron Systems, Inc. Manufacturer’s Address: 35 Industrial Way PO Box 5005 Rochester, NH 03867 European Representative Name: Mr. J. Solari European Representative Address: Cabletron Systems Limited Nexus House, Newbury Business Park London Road, Newbury Berkshire RG13 2PZ, England...

  • Page 9: Table Of Contents

    Contents Preface ..................... 17 About This Manual ........................17 Who Should Read This Manual? ..................17 How to Use This Manual ......................17 Related Documentation......................19 Chapter 1: A Look at CoreWatch ............21 What Are CoreWatch’s Features?..................21 System Requirements ......................22 CoreWatch Capabilities......................22 A Look at the Modes of CoreWatch ..................23 Which MIBs Does the SSR Support? ...................23 Chapter 2: CoreWatch Installation ............
  • Page 10 Contents Chapter 4: Learning Configuration Expert Basics ......... 37 What Is Configuration Expert?.................... 37 Starting Configuration Expert ..................... 38 Starting Configuration Expert from the Front Panel View ........38 Starting Configuration Expert in Solaris..............38 Starting Configuration Expert in Windows NT, Windows 95, or Windows 98 ... 39 A Look at the Configuration Expert Window..............
  • Page 11 Contents Chapter 7: Configuring VLANs on the SSR..........87 A Look at VLANs on the SSR....................87 VLAN Configuration Tips ....................88 Defining Access Ports and Trunk Ports ................89 Creating a Protocol-Based VLAN ..................91 Creating a Port-Based VLAN ....................96 Modifying VLANs .......................100 Changing a Port-Based VLAN’s Name or ID ............101 Changing a Protocol-Based VLAN’s Name, ID, or Protocol Binding ....102 Replacing an Interface’s VLAN..................103...
  • Page 12 Contents Enabling or Disabling DVMRP on Tunnels ............. 153 What Is IGMP?........................154 Configuring IGMP Interfaces on the SSR ................ 155 Setting IGMP Global Parameters ................155 Enabling or Disabling IGMP on Interfaces............... 156 What to Do Next........................158 Chapter 11: Configuring the SSR for IPX Routes ........ 159 What Is IPX? .........................
  • Page 13 Contents Configuring Layer-2 Secure Port Filters ..............238 Modifying the SSR’s Security Settings ................241 Changing an ACL’s Name...................242 Adding or Modifying ACL Rules ................243 Modifying Layer-2 Security Filters................243 Modifying a Filter’s Settings ................243 Modifying a Filter’s Port Bindings ..............244 Chapter 14: Configuring OSPF on the SSR .......... 247 A Look at OSPF Routing on the SSR .................247 Setting OSPF Global Parameters..................248 Configuring OSPF Area Tables...................249...
  • Page 14 Contents IP Route Filter Building Blocks .................. 330 Configuring IP Route Filters ................331 Modifying IP Route Filters .................. 333 Configuring and Modifying Optional Attribute Building Blocks ......334 Export Policies ........................335 Configuring Export Policies ..................336 Modifying Export Policies ..................341 Import Policies ........................
  • Page 15 Contents Chapter 20: Checking the Status of Routing Tables......397 Checking IP Routing Status ....................397 Obtaining IP Interface Information ................398 Obtaining IP Forwarding Information ..............399 Checking IPX Routing Status .....................400 Obtaining IPX Interface Information .................401 Obtaining IPX Forwarding Information..............403 Checking OSPF Routing Status ..................405 Obtaining OSPF Interface Information ..............405 Obtaining OSPF Area Information................409 Obtaining OSPF Neighbor Information ..............410...
  • Page 16 Contents Performance State Submenu..................448 System State Submenu ....................450 Bridging State Submenu....................450 Routing State Submenu....................451 QoS State Submenu...................... 453 Window Menu ........................454 Help Menu..........................454 Appendix C: Supported Regular Expressions........457 Appendix D: Error Messages ..............461 Missing or Invalid Field Error Messages .................

  • Page 17: Preface

    Preface About This Manual This manual provides a general overview of CoreWatch and provides procedures for using that application to configure and monitor a SmartSwitch Router (SSR). For product information not available in this manual, see the manuals listed in “Related Documentation”...
  • Page 18 Preface If You Want To Configure the SSR for the Distance Vector Multicast Chapter 10 on page 147 Routing Protocol (DVMRP) and Internet Group Management Protocol (IGMP), which IP uses to perform multicast routing Configure Internet Packet Exchange (IPX) routes on the Chapter 11 on page 159 Configure Quality of Service (QoS) policies Chapter 12 on page 179...

  • Page 19: Related Documentation

    Preface Related Documentation The Cabletron Systems documentation set includes the following items. Refer to these other documents to learn more about your product. For Information About See the The SmartSwitch Router (SSR) features and the SmartSwitch Router Getting procedures for installing the SSR and setting it up Started Guide for management using CoreWatch software.
  • Page 20 Preface CoreWatch User’s Manual...

  • Page 21: Chapter 1: A Look At Corewatch

    Chapter 1 A Look at CoreWatch Cabletron Systems’ CoreWatch is a comprehensive, easy-to-use, device management and configuration application for SmartSwitch Routers (SSRs). Based on Java Programming Language, CoreWatch provides configuration, monitoring, and reporting capabilities with the assistance of wizards, dialog boxes, and drag-and-drop operations. CoreWatch provides access to Configuration Expert, a utility that makes tasks such as configuring routers, virtual local area networks (VLANs), application-level Quality of Service (QoS) policies, and security filters simple and easy.

  • Page 22: System Requirements

    Chapter 1: A Look at CoreWatch • Simplified routing configuration • Quality of Service (QoS) policy management QoS is a set of parameters that assign priorities to different types of traffic, define flows for Internet Protocol (IP) and Internetwork Packet Exchange (IPX) packet fields, assign a precedence to the fields of the flows you define, and establish queuing policies •...

  • Page 23: A Look At The Modes Of Corewatch

    Chapter 1: A Look at CoreWatch – Check the status of each bridge table, routing table, and QoS table. These tables contain information that CoreWatch obtains from MIBs it supports. (For a list of these MIBS, see “Which MIBs Does the SSR Support?” on page 23.) –...
  • Page 24 Chapter 1: A Look at CoreWatch – BGP4-MIB/RFC 1657 – RIPv2-MIB/RFC 1724 – EtherLike-MIB/RFC 1643 – BRIDGE-MIB/RFC 1493 • IETF Proposed Standard MIBS: – IF-MIB/RFC 1573 – IP-Group IPCIDRTable-MIB/RFC 2096 • Experimental/Enterprise MIBs: – DOT1Q-VLAN-MIB/draft-jeya-vlan-8021q-mib-00.txt – IGMP/draft-ietf-idmr-igmp-mib-05.txt – DVMRP/draft-thaler-dvmrp-mib-04.txt – NOVELL RIP-SAP MIB –...

  • Page 25: Chapter 2: Corewatch Installation

    Chapter 2 CoreWatch Installation Installing CoreWatch You can install CoreWatch on a Solaris 2.5.1 or Solaris 2.6 running CDE, Windows NT, Windows 95, or Windows 98 system. The method you use to install CoreWatch depends on your environment. Separate discussions on installing CoreWatch in the Solaris or Windows environments follow.

  • Page 26: Installing On A Windows Nt, Windows 95, Or Windows 98 System

    Chapter 2: CoreWatch Installation Run the CoreWatch installation script by entering the following command: install.sh CoreWatch is installed in on your system in the /opt/CScw directory. Add /opt/CScw/bin to your environment path. For details on adding items to a path, see your Solaris documentation. Installing on a Windows NT, Windows 95, or Windows 98 System Note: You must have Admin privileges to install CoreWatch on a Windows NT system.

  • Page 27: Chapter 3: Learning Corewatch Basics

    Chapter 3 Learning CoreWatch Basics Before using CoreWatch, you should be familiar with some basic CoreWatch tasks and be familiar with the application’s interface. This chapter • discusses starting CoreWatch. • provides an overview of the CoreWatch interface. • discusses changing CoreWatch passwords. •...

  • Page 28: Starting Corewatch In Solaris

    Chapter 3: Learning CoreWatch Basics Starting CoreWatch in Solaris Note: CoreWatch requires CDE to run properly on Solaris 2.5.1 and 2.6 operating systems. Ensure that your Solaris system includes CDE before attempting to run CoreWatch. To start CoreWatch in the Solaris 2.5.1 or 2.6 environment: Enter the following command at the Solaris prompt: CoreWatch The Login Dialog dialog box appears.

  • Page 29: Starting Corewatch From Within Hp Openview 5.X

    Chapter 3: Learning CoreWatch Basics manually created in a SPECTRUM Topology View and then copied to an Organization and/or Location View. To Start CoreWatch from within SPECTRUM: Start SPECTRUM. If you know the topology location for your SmartSwRtr model, proceed to that location.

  • Page 30: Front Panel View

    Chapter 3: Learning CoreWatch Basics Front Panel View After you start CoreWatch, a Front Panel view similar to the following appears: Legend Figure 1. Front Panel view (SSR 8000) The Front Panel view is a graphical representation of an SSR 8000's front-panel chassis. You can use this view to do the following: •...

  • Page 31: A Look At The Modules

    Chapter 3: Learning CoreWatch Basics Table 2. Legend abbreviations (Continued) Abbreviation Description Indicates the location of slot 5 of the SSR chassis. Indicates the location of slot 6 of the SSR chassis. Indicates the location of slot 7 of the SSR chassis. A Look at the Modules In the Front Panel view, an SSR’s modules appear similar to the following figure.

  • Page 32: Schematic View

    Chapter 3: Learning CoreWatch Basics Schematic View The Schematic view, which looks similar to the following figure, is a graphical representation of an SSR's functions (such as bridging, switching, and routing services) and data objects (such as QoS flows). It also indicates which functions are active, inactive, or in error.

  • Page 33: Using The Schematic View

    Chapter 3: Learning CoreWatch Basics Using the Schematic View You can use the Schematic view to display the CoreWatch tables and dials discussed later in this manual, and configure QoS flows and security filters. To do so, perform one of the following operations: •...

  • Page 34: Changing The Login Password

    Chapter 3: Learning CoreWatch Basics • Privileged Password, which is the password you are prompted for when you start Configuration Expert. This password logs you in to Configuration Expert so that you can then use that utility to configure your SSR. Changing the Login Password If you can access Configuration Expert, you can change your CoreWatch Login password.

  • Page 35: Accessing Help

    Chapter 3: Learning CoreWatch Basics Accessing Help When using CoreWatch, you can access online help by choosing commands from the Help menu or clicking the Help button. If you click the Help button, CoreWatch displays help specific to the form, dialog box, or other item you are currently using. The following table describes the commands you can choose from the Help menu.

  • Page 36: Exiting Corewatch

    Chapter 3: Learning CoreWatch Basics Exiting CoreWatch To exit CoreWatch, select the File menu and choose Exit. CoreWatch prompts you to verify that you want to exit. Click the Quit button. CoreWatch User’s Manual...

  • Page 37: Chapter 4: Learning Configuration Expert Basics

    Chapter 4 Learning Configuration Expert Basics You can use Cabletron’s Configuration Expert to produce configuration files for an SSR. Once you have set up a configuration file, you can load it into the SSR. This chapter: • provides an overview of Configuration Expert. •...

  • Page 38: Starting Configuration Expert

    Chapter 4: Learning Configuration Expert Basics • Configure VLANs • Configure IP and IPX routing • Configure multicast routing • Set QoS policies • Set ACLs and security filters • Configure multiple configuration files on the SSR Like CoreWatch, Configuration Expert is a Java-based GUI. This GUI offers drag-and- drop setup and administration for VLANs and ACLs.

  • Page 39: Starting Configuration Expert In Windows Nt, Windows 95, Or Windows 98

    Chapter 4: Learning Configuration Expert Basics The Configuration Expert window appears. Note: If the ConfigExpert command is not found, you can locate it in /opt/CScw/bin. For details on this window, see “A Look at the Configuration Expert Window” on this page.

  • Page 40: Configuration Tree

    Chapter 4: Learning Configuration Expert Basics Configuration tree Content of this pane changes depending on which task you are performing Figure 7. Configuration Expert window The left pane of the Configuration Expert window includes the configuration tree, which you use to navigate to the objects (modules, ports, system, bridging, routing, and so on) you want to create, edit, or delete while configuring the SSR.
  • Page 41 Chapter 4: Learning Configuration Expert Basics routing, QoS, and security configuration objects. There are separate subtrees for each configuration file. Double-clicking a configuration file displays that file’s subtree Figure 8. Configuration tree You navigate a subtree by double-clicking its objects or clicking the plus sign (+) of objects.
  • Page 42 Chapter 4: Learning Configuration Expert Basics Minus sign (-) indicates an object cannot be expanded further Display the contents of an object by double-clicking it to expand the subtree Plus sign (+) indicates an object can be expanded to display its contents Figure 9.

  • Page 43: A Look At The Configuration Tree Icons

    Chapter 4: Learning Configuration Expert Basics A Look at the Configuration Tree Icons The configuration tree uses the icons described in the following table to represent configuration tree objects, to indicate that there is a wizard or dialog box associated with an object, and to identify configuration file changes and errors: Table 4.

  • Page 44: Copying Configuration Settings With Drag-And-Drop

    Chapter 4: Learning Configuration Expert Basics Copying Configuration Settings with Drag-and-Drop You can drag objects to copy their configuration settings. When using this method to copy ACLs or QoS profiles, you should remember that you drag ACLs to interfaces, but you drag interfaces to QoS profiles.

  • Page 45: Deleting Objects

    Chapter 4: Learning Configuration Expert Basics If you wish to limit the range of your search to encompass only the immediate subtree, turn on the Search only subtree option. Click the Find Next button. Configuration Expert searches the current configuration file (or the specified portion of it) for the text string you entered in step Deleting Objects...

  • Page 46: Saving And Applying Your Configuration Changes

    Chapter 4: Learning Configuration Expert Basics Saving and Applying Your Configuration Changes When you finish working in Configuration Expert you will have to save your changes in the form of a configuration file, then load them into the SSR. Saving Changes to a Configuration File: To save your configuration changes: Select the File menu and choose Save As.

  • Page 47: Retrieving A Configuration File From An Ssr

    Chapter 4: Learning Configuration Expert Basics To load a configuration file into the SSR: Select the File menu and choose Apply Config. An Apply Configuration dialog box similar to the following appears: Figure 12. Apply Configuration dialog box Do one of the following: –...

  • Page 48: Exiting Configuration Expert

    Chapter 4: Learning Configuration Expert Basics Figure 13. Retrieve Configuration dialog box Enter the name of the configuration file you wish to retrieve from the SSR in the Configuration file box. Enter the IP address and community string for the SSR in the Switch Name/IP box and Community String boxes, respectively.

  • Page 49: Chapter 5: Changing System Settings

    Chapter 5 Changing System Settings You change system settings through the System Configuration object of a configuration file. This chapter discusses using Configuration Expert to perform the following tasks: • Providing system information to set the SSR’s name, identify who users should contact regarding the SSR, and indicate the SSR’s location.

  • Page 50: Configuring An Ssr Chassis

    Chapter 5: Changing System Settings A System ID dialog box similar to the following appears: Figure 14. System ID dialog box Enter the SSR’s name, the name of the SSR administrator, and the location of the SSR in the appropriate text boxes. Click OK.
  • Page 51 Chapter 5: Changing System Settings Figure 15. Chassis Configuration dialog box Specify whether you are setting up a configuration file for a 2-slot, 8-slot, or 16-slot router by selecting the appropriate option. Specify which type of module you want to configure for a given slot by taking the following steps: Click on one of the router's empty (blank) slots to select it.

  • Page 52: Configuring Ports

    Chapter 5: Changing System Settings Configuring Ports Configuration Expert lets you enable and disable ports as well as configure the following characteristics: • Operating mode (half-duplex or full-duplex). In half-duplex mode, a port can transmit data in only one direction at a time between two stations.
  • Page 53 Chapter 5: Changing System Settings Figure 16. Global Attributes of Ports dialog box If you want all Gigabit Ethernet ports to detect and then use the operating mode and speed of the network segment to which those ports are connected, select the Auto Negotiate Port Speed and Mode check box.

  • Page 54: Configuring An Individual Port

    Chapter 5: Changing System Settings Set the Layer 2 hash mode for all ports. The hash mode controls the distribution of flow entries in Layer-2 and Layer-3 lookup tables. Assuming a MAC address of the value 0011:2233:4455, the following list describes the various hash modes. –...
  • Page 55 Chapter 5: Changing System Settings Double-click the module on which the port you want to configure is located. The module’s port list appears. The number of ports in the list depends on the module type. Figure 18. Sample port list Select the port you want to configure.
  • Page 56 Chapter 5: Changing System Settings A Physical Attributes of Port dialog box similar to the following appears: Figure 19. Physical Attributes of Port dialog box Specify whether you want to enable or disable the port by selecting the appropriate option button. Disabled ports do not send or receive any traffic.

  • Page 57: Configuring The Ssr For A Syslog Server

    Chapter 5: Changing System Settings Set the Layer 2 hash mode for the port. The hash mode controls the distribution of flow entries in Layer-2 and Layer-3 lookup tables. Assuming a MAC address of the value 0011:2233:4455, the following list describes the various hash modes: –...
  • Page 58 Chapter 5: Changing System Settings A System Log dialog box similar to the following appears: Figure 20. System Log dialog box Enter the host name or IP address of the SYSLOG server. Select the level of messages you want the SSR to log. You may select one of the levels described in the following table: Table 5.

  • Page 59: Configuring For Dns

    Chapter 5: Changing System Settings Configuring for DNS As an alternative to a host table on every system, some networks use a centralized Domain Naming System (DNS) server to maintain name-to-IP-address mappings. You may configure the SSR to reach up to three DNS servers. When doing so, you can also specify the domain name the SSR uses for each DNS query and the order in which the SSR searches for the specified DNS servers.

  • Page 60: Configuring The Ssr For Snmp

    Chapter 5: Changing System Settings b. In the Name Server Search Order text box, enter the IP address of the DNS server you want to add. Then click the Add button. You can specify the address in dotted-decimal notation. After you click the Add button, Configuration Expert adds the specified server to the list.
  • Page 61 Chapter 5: Changing System Settings Double-click the SNMP Trap Target object. Do one of the following: – If you are configuring a new trap target, select the Configure New Trap Target object from the list of trap targets. – If you are modifying an existing trap target, select it from the list that appeared after you expanded the SNMP Trap Target object.

  • Page 62: Establishing Community Strings

    Chapter 5: Changing System Settings Establishing Community Strings SNMP management stations that want to access the SSR must supply a community string that you establish on the SSR. You can establish an SSR community string by specifying the string’s name and selecting the access privileges for that string. To establish community strings on the SSR: Start Configuration Expert if you have not already done so.
  • Page 63 Chapter 5: Changing System Settings In the Community String text box, enter a character string for the community string. Set the level of access to the SSR by selecting one of the options described in the following table: Table 6. Level-of-access options Option Description Read-only...
  • Page 64 Chapter 5: Changing System Settings CoreWatch User’s Manual...

  • Page 65: Chapter 6: Configuring Ssr Bridging

    Chapter 6 Configuring SSR Bridging The SSR provides bridging functions. This chapter • provides an overview of bridging on an SSR. • discusses configuring the bridging mode of ports. A port’s bridging mode determines the contents of that port’s Layer-2 lookup table. •...

  • Page 66: Configuring The Bridging Mode Of Ports

    Chapter 6: Configuring SSR Bridging Configuring the Bridging Mode of Ports You can configure ports to use either of the following bridging modes. Each port has a Layer-2 lookup table where MAC address or flows are stored. A port’s bridging mode determines the contents of each Layer-2 table entry.

  • Page 67: Configuring A Port For Flow-Based Bridging

    Chapter 6: Configuring SSR Bridging Configuring a Port for Flow-Based Bridging To configure a port for flow-based bridging: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.

  • Page 68: Configuring A Port For Address-Based Bridging

    Chapter 6: Configuring SSR Bridging Note: Clicking a module in the Address Mode list rather than double-clicking it selects all of the module’s ports that are currently using address-based bridging. Use this method if you are configuring all the ports on a module to use flow-based bridging.
  • Page 69 Chapter 6: Configuring SSR Bridging Figure 25. Bridging Mode dialog box (address-based bridging) In the Flow Mode list, double-click the module on which the port you want to configure is located. Configuration Expert displays the module’s ports that are currently using flow-based bridging. From the list of ports that appears, select the port that you want to configure.

  • Page 70: Controlling The Aging State Of Ssr Bridging

    Chapter 6: Configuring SSR Bridging this method if you are configuring all the ports on a module to use address- based bridging. Click the Remove button. Configuration Expert moves the selected port from the Flow Mode list to the corresponding module in the Address Mode list box. Click OK.

  • Page 71: Overriding The Default Timeout Interval On A Port

    Chapter 6: Configuring SSR Bridging A Default Aging Timeout dialog box similar to the following appears: Figure 26. Default Aging Timeout dialog box Enter the number of seconds that the SSR is to allow a learned MAC address to remain in the Layer-2 lookup table. You can specify from 15 to 1,000,000 seconds.

  • Page 72: Disabling Aging On A Port

    Chapter 6: Configuring SSR Bridging Figure 27. Set Aging Timeout dialog box From the Module drop-down list, select the module containing the port you want to configure. From the Port drop-down list, select the port you want to configure. In the Timeout box, enter the number of seconds that the SSR is to allow a learned MAC address to remain in the Layer-2 lookup table for the specified port.
  • Page 73 Chapter 6: Configuring SSR Bridging In the list of aging objects that appears, select the Aging State object. A Bridge Aging State dialog box similar to the following appears: Figure 28. Bridge Aging State dialog box In the Aging State Enabled list, double-click the module on which the port you want to disable is located.

  • Page 74: Enabling Aging On A Port

    Chapter 6: Configuring SSR Bridging Note: Clicking a module in the Aging State Enabled list rather than double-clicking it selects all of the module’s ports on which aging is currently enabled. Use this method if you want to disable aging on all of those ports. Click the Add button.
  • Page 75 Chapter 6: Configuring SSR Bridging Figure 29. Bridge Aging State dialog box In the Aging State Disabled list, double-click the module on which the port you want to enable is located. Configuration Expert displays the module’s ports on which aging is disabled.

  • Page 76: Setting Up Stp On The Ssr

    Chapter 6: Configuring SSR Bridging Click the Remove button. Configuration Expert moves the selected port from the Aging State Disabled list to the corresponding module in the Aging State Enabled list. Click OK. Configuration Expert adds the port to those found in the Aging Enabled Ports object, which is located in the Aging State object.

  • Page 77: Defining Stp Settings For Ssr Bridging

    Chapter 6: Configuring SSR Bridging Defining STP Settings for SSR Bridging You can define global STP settings that the SSR uses for bridging. To define global STP settings: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.

  • Page 78: Defining Stp Attributes On An Individual Port

    Chapter 6: Configuring SSR Bridging The maximum age is the length of time the SSR keeps the STP-protocol information it receives. You can specify a number from 6 to 40. The default is 20. In the Forward Delay box, enter the number of seconds you want to elapse between the transitions of the different STP states.

  • Page 79: Enabling Stp On A Port

    Chapter 6: Configuring SSR Bridging A Set STP Port Specific Settings dialog box similar to the following appears: Figure 31. Set STP Port Specific Settings dialog box From the Module drop-down list, select the module containing the port you want to configure.
  • Page 80 Chapter 6: Configuring SSR Bridging In the list of STP objects that appears, select the STP Port State object. A Bridging STP dialog box similar to the following appears: Figure 32. Bridging STP dialog box (enabling STP) In the STP Disabled Ports list, double-click the module containing the port you want to configure.

  • Page 81: Disabling Stp On A Port

    Chapter 6: Configuring SSR Bridging Note: Clicking a module in the STP Disabled Ports list rather than double-clicking it selects all of the module’s ports on which STP is currently disabled. Use this method if you want to enable STP on all of those ports. Click the Add button.

  • Page 82: Configuring Smarttrunk Behavior On The Ssr

    Chapter 6: Configuring SSR Bridging In the STP Enabled Ports list, double-click the module containing the port you want to configure. Configuration Expert displays the module’s ports on which STP is enabled. From the list of ports that appears, select the port on which you want to disable STP.

  • Page 83: Defining Smarttrunk Settings For Ssr Bridging

    Chapter 6: Configuring SSR Bridging Defining SmartTRUNK Settings for SSR Bridging To set up the SSR to perform SmartTRUNKing: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.
  • Page 84 Chapter 6: Configuring SSR Bridging you must also specify whether you wish to use the Hunt Group or no protocol by selecting the appropriate option from the drop-down list. Click Next. The Bound Port list panel appears: Figure 35. Bound Port list panel Add a port to the SmartTRUNK by doing the following: In the Available Port list, double-click the module on which the port you want to add is located.
  • Page 85 Chapter 6: Configuring SSR Bridging Figure 36. Expanded Bound Port list panel b. Click the Add button. Configuration Expert moves the selected port from the Available Port list to the corresponding module in the Selected Port list. If you accidentally add a port that you do not want to include in the SmartTRUNK, you may remove it by double-clicking that port’s module in the Selected Port list.
  • Page 86 Chapter 6: Configuring SSR Bridging CoreWatch User’s Manual...

  • Page 87: Chapter 7: Configuring Vlans On The Ssr

    Chapter 7 Configuring VLANs on the SSR You can configure VLANs to limit the scope of traffic on the SSR. This chapter • provides an overview of VLANs on the SSR. • lists tips that make VLAN configuration easy. • discusses defining ports for VLANs.

  • Page 88: Vlan Configuration Tips

    Chapter 7: Configuring VLANs on the SSR • Protocol-based VLAN, which divides the physical network into logical VLANs based on one or more of the following protocols: – IP VLAN, which is a VLAN used for IP traffic. – IPX VLAN, which is a VLAN used for IPX traffic. –...

  • Page 89: Defining Access Ports And Trunk Ports

    Chapter 7: Configuring VLANs on the SSR • When removing ports from a VLAN, you can remove all of a module’s ports at one time rather than removing them individually.To do so, click rather than double-clock the module in the Selected Port List box of the dialog box you use to add ports. Then click the Remove button.
  • Page 90 Chapter 7: Configuring VLANs on the SSR Figure 37. Bridging VLAN Mode dialog box Do one of the following: – Define an access port by double-clicking that port’s module in the Trunk Ports list. From the list of trunk ports that appears, select the port that you want to define as an access port.

  • Page 91: Creating A Protocol-Based Vlan

    Chapter 7: Configuring VLANs on the SSR – Define a trunk port by double-clicking that port’s module in the Access Ports list. From the list of access ports that appears, select the port that you want to define as a trunk port. Then click the Add button. After you click the Add button, Configuration Expert moves the selected port from the Access Ports list to the corresponding module in the Trunk Ports list.
  • Page 92 Chapter 7: Configuring VLANs on the SSR Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object. Double-click the VLAN Configuration object. Click the Configure New VLAN object. Configuration Expert opens the VLAN wizard. Figure 38.
  • Page 93 Chapter 7: Configuring VLANs on the SSR Figure 39. VLAN Type panel (protocol-based) Select the Protocol-Based VLAN option and then click Next. In the wizard panel that appears, define the VLAN by taking the following steps: In the VLAN Name box, enter a name for the VLAN. The VLAN name is a string up to 32 characters long.
  • Page 94 Chapter 7: Configuring VLANs on the SSR or more of the options described in the following table: Table 8. VLAN traffic types Option Description Specifies that the VLAN is for IP traffic. Specifies that the VLAN is for IPX traffic. Other Specifies that the VLAN is for bridged protocols.
  • Page 95 Chapter 7: Configuring VLANs on the SSR Figure 41. Update Port list panel (protocol-based) Add a port to the VLAN by doing the following: In the Available Port list, double-click the module on which the port you want to add is located. From the list of available ports that appears, select the port that you want to add.

  • Page 96: Creating A Port-Based Vlan

    Chapter 7: Configuring VLANs on the SSR b. Click the Add button. Configuration Expert moves the selected port from the Available Port list to the corresponding module in the Selected Port list. If you accidentally add a port that you do not want to include in the VLAN, you may remove it by double-clicking that port’s module in the Selected Port list.
  • Page 97 Chapter 7: Configuring VLANs on the SSR Figure 43. VLAN wizard (port-based) Click Next. Configuration Expert prompts you to specify which type of VLAN you want to configure. Figure 44. VLAN Type panel (port-based) Select the Port-Based VLAN option, then click Next. CoreWatch User’s Manual...
  • Page 98 Chapter 7: Configuring VLANs on the SSR In the wizard panel that appears, define the VLAN by taking the following steps: In the VLAN Name box, enter a name for the VLAN. The VLAN name is a string up to 32 characters long. You cannot begin a VLAN name with an underscore ( _ ) or the prefix “SYS_.”...
  • Page 99 Chapter 7: Configuring VLANs on the SSR Because port-based VLANs are used for all the different types of protocol traffic, Configuration Expert automatically selects all the Protocol Binding options described in the following table. You cannot change these selections. Table 9. Protocol binding options Option Description Specifies that the VLAN is for IP traffic.

  • Page 100: Modifying Vlans

    Chapter 7: Configuring VLANs on the SSR Figure 47. Expanded Update Port list panel (port-based) b. Click the Add button. Configuration Expert moves the selected port from the Available Port list to the corresponding module in the Selected Port list. If you accidentally add a port that you do not want to include in the VLAN, you may remove it by double-clicking that port’s module in the Selected Port list.

  • Page 101: Changing A Port-Based Vlan's Name Or Id

    Chapter 7: Configuring VLANs on the SSR discussions on modifying the different types of VLANs and changing which ports are included in a VLAN follow. Changing a Port-Based VLAN’s Name or ID To change the name of a port-based VLAN: Start Configuration Expert if you have not already done so.

  • Page 102: Changing A Protocol-Based Vlan's Name, Id, Or Protocol Binding

    Chapter 7: Configuring VLANs on the SSR Changing a Protocol-Based VLAN’s Name, ID, or Protocol Binding To modify the name, ID, or protocol binding of a protocol-based VLAN: Start Configuration Expert if you have not already done so. Note: If you start Configuration Expert from the Schematic view choosing the Configure VLAN command, Configuration Expert automatically expands the Active Configuration file’s tree to the VLAN Configuration object.

  • Page 103: Replacing An Interface's Vlan

    Chapter 7: Configuring VLANs on the SSR Replacing an Interface’s VLAN You can quickly replace an interface’s VLAN with another VLAN. To do so, you either drag an IP VLAN to an IP interface or an IPX VLAN to an IPX interface. To replace an interface’s VLAN by dragging a VLAN to the interface: Start Configuration Expert if you have not already done so.

  • Page 104: Adding And Removing A Vlan's Ports Through A Dialog Box

    Chapter 7: Configuring VLANs on the SSR Note: If you start Configuration Expert from the Schematic view using the Configure VLAN command, Configuration Expert automatically expands the Active Configuration file’s tree to the VLAN Configuration object. If you are adding a VLAN to the Active Configuration file, go to step 3. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.
  • Page 105 Chapter 7: Configuring VLANs on the SSR – If you want to change the ports of a protocol-based VLAN, double-click the Protocol Based VLANs object. From the list of VLANs that appears, double-click the VLAN you want to modify and then click that VLAN’s Bound Port List object.
  • Page 106 Chapter 7: Configuring VLANs on the SSR CoreWatch User’s Manual...

  • Page 107: Chapter 8: Configuring Ip Interfaces For The Ssr

    Chapter 8 Configuring IP Interfaces for the Configure IP interfaces for the SSR if you want to use the SSR for IP-based unicast or multicast traffic. This chapter • provides an overview of IP. • describes creating and modifying IP interfaces. •...

  • Page 108: A Look At Ip Addresses

    Chapter 8: Configuring IP Interfaces for the SSR on network 11.0.0.0, has a network address of 11.0.0.2. The router has two interfaces and connects to both networks. (You can say the router is “well connected.”) 10.0.0.0 11.0.0.0 Host A Router Host B 10.0.0.2 10.0.0.1...
  • Page 109 Chapter 8: Configuring IP Interfaces for the SSR number is assigned by the Internet Network Information Center (InterNIC). Host numbers are assigned by you or another local network administrator. The 32-bits of an IP address are grouped into four eight-bit octets, which are separated by decimal points.

  • Page 110: Creating Ip Interfaces

    Chapter 8: Configuring IP Interfaces for the SSR Creating IP Interfaces Create IP interfaces if you plan to configure the SSR for IP-based unicast or multicast network traffic. When you create IP interfaces on the SSR, you provide information about the interface (such as its name, IP address, netmask, broadcast address, and so on).
  • Page 111 Chapter 8: Configuring IP Interfaces for the SSR Configuration Expert opens the IP Interface wizard. Figure 51. IP Interface wizard (single port) Click Next. An IP Interface Definition panel similar to the following appears: Figure 52. Interface Definition panel (single port) CoreWatch User’s Manual...
  • Page 112 Chapter 8: Configuring IP Interfaces for the SSR Enter the name of the interface in the Interface Name box. Then either select Up to enable the interface or select Down to disable it. Enter the number of bytes you want to specify for the Maximum Transmission Unit (MTU).
  • Page 113 Chapter 8: Configuring IP Interfaces for the SSR Figure 54. Bind to VLAN or Port panel (single port) 11. Click Next. Configuration Expert displays a Bound Port List panel. Figure 55. Bound Port List panel (single port) 12. Bind the interface to a single port by doing the following: CoreWatch User’s Manual...
  • Page 114 Chapter 8: Configuring IP Interfaces for the SSR In the Available Port list, double-click the module containing the desired port. From the list of available ports that appears, select the port that you want to bind to the interface. b. Click the Add button. Note: You can bind only a single port to an interface.
  • Page 115 Chapter 8: Configuring IP Interfaces for the SSR desired ACL and apply it as discussed in “Applying ACLs to IP or IPX Interfaces” on page 224. 15. If you specified you wanted to apply an ACL, use the Apply IP ACL panel that appears to apply an ACL to the interface.

  • Page 116: Creating Ip Interfaces Bound To A Vlan

    Chapter 8: Configuring IP Interfaces for the SSR go through, you must explicitly define a rule to permit all traffic. To do so, make sure the last rule of the ACL permits all traffic. Creating IP Interfaces Bound to a VLAN If you have created an IP VLAN, you can bind that VLAN to an IP interface while creating the interface.
  • Page 117 Chapter 8: Configuring IP Interfaces for the SSR Figure 59. Interface Definition panel (VLAN) Enter the name of the interface in the Interface Name box, then either select Up to enable the interface or select Down to disable it. Enter the number of bytes you want to specify for the Maximum Transmission Unit (MTU).
  • Page 118 Chapter 8: Configuring IP Interfaces for the SSR Figure 60. Bound IP Address panel (VLAN) 10. Click Next and then click the Bind the interface to VLAN option in the panel that appears. That option is available only if there are existing IP VLANs. Figure 61.
  • Page 119 Chapter 8: Configuring IP Interfaces for the SSR Figure 62. Interface Definition panel (VLAN) 12. Click Next. The Apply ACLs panel appears. Figure 63. Apply ACLs panel (VLAN) CoreWatch User’s Manual...
  • Page 120 Chapter 8: Configuring IP Interfaces for the SSR 13. Specify whether you want to apply an ACL to the interface by doing one of the following: – To not apply an ACL, select No and then click Finish. This completes the configuration of the interface but does not apply any ACL to that interface.

  • Page 121: Modifying Ip Interface Definitions

    Chapter 8: Configuring IP Interfaces for the SSR Inbound traffic is packets coming into the interface while outbound traffic is packets going out of that interface. Select Input to filter inbound traffic and select Output to filter outbound traffic. Selecting both check boxes filters both inbound and outbound traffic. Click Finish.
  • Page 122 Chapter 8: Configuring IP Interfaces for the SSR In the list of interfaces that appears, double-click the one you want to modify. Configuration Expert displays the contents of the object and the Interface Definition dialog box of the interface. Figure 65. Interface Definition dialog box If you want to edit the name, interface state, MTU, or MAC encapsulation fields, specify values as you do when creating an IP interface.
  • Page 123 Chapter 8: Configuring IP Interfaces for the SSR Figure 66. Update ACL List dialog box You can add an ACL by selecting it in the Available IP ACLs list and then clicking Add. You can remove an ACL by selecting it in the Selected ACLs list and then clicking Remove.

  • Page 124: Configuring The Ssr For Vrrp

    Chapter 8: Configuring IP Interfaces for the SSR Figure 67. Edit ACL dialog box 12. Select or clear the Filter State check boxes to specify whether you want the ACL to filter inbound traffic (Input), outbound traffic (Output), or both input and outbound traffic.

  • Page 125: Specifying Vrrp Trace Options

    Chapter 8: Configuring IP Interfaces for the SSR Specifying VRRP Trace Options To specify VRRP Trace options: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object.

  • Page 126: Configuring A New Vrrp Router

    Chapter 8: Configuring IP Interfaces for the SSR Configuring a New VRRP Router To set up your SSR for VRRP: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object.
  • Page 127 Chapter 8: Configuring IP Interfaces for the SSR The VRRP Interface Definition panel appears: Figure 70. VRRP Interface Definition panel Select the name of your VRRP interface from the Interface Name drop-down list, then click Next. The VRRP Router panel appears: Figure 71.
  • Page 128 Chapter 8: Configuring IP Interfaces for the SSR Specify a router identification number in the Virtual Router ID box. You must specify a router identification number in order to complete VRRP configuration. Note: The identification you enter must consist of digits only. No other characters are allowed in the identification name.

  • Page 129: Modifying An Existing Vrrp Router

    Chapter 8: Configuring IP Interfaces for the SSR Modifying an Existing VRRP Router To modify an existing virtual router on the SSR: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object.

  • Page 130: What To Do Next

    Chapter 8: Configuring IP Interfaces for the SSR Figure 74. VRRP Router dialog box (Advanced tab) If you wish, specify the following options on the Advanced tab of the VRRP Router dialog box: Specify values in the Priority and Advertise Interval boxes. You can specify a number between 1 and 254, inclusive, for the priority, and a number between 1 and 255, inclusive, for the advertise interval.

  • Page 131: Chapter 9: Configuring Unicast Routing On The Ssr

    Chapter 9 Configuring Unicast Routing on the SSR IP can perform unicast routing using RIP. Configuration Expert lets you configure the SSR for RIP. This chapter • discusses configuring unicast parameters and static entries that can be used by RIP. •...

  • Page 132: Setting Global Parameters For Unicast Routing

    Chapter 9: Configuring Unicast Routing on the SSR Setting Global Parameters for Unicast Routing Configuration Expert lets you configure global unicast routing parameters for RIP. To configure these global parameters: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object.

  • Page 133: Defining Static Arp Entries

    Chapter 9: Configuring Unicast Routing on the SSR then the router ID is set to the address of the first interface which is in the up state that the SSR encounters. The address of a non-point-to-point interface is preferred over the local address of a point-to-point interface.
  • Page 134 Chapter 9: Configuring Unicast Routing on the SSR Figure 77. Static ARP Entry panel Enter the IP address and MAC address of the host’s ARP entry in the appropriate text boxes, then click Next. Configuration Expert displays a Bound Port List panel. Figure 78.

  • Page 135: Defining Static Route Entries

    Chapter 9: Configuring Unicast Routing on the SSR Bind the entry to a port that the host is connected to by doing the following: In the Available Port list, double-click the module containing the desired port. From the list of available ports that appears, select the port that you want to bind to the entry.
  • Page 136 Chapter 9: Configuring Unicast Routing on the SSR Figure 79. IP Static Route Definition dialog box Enter the route’s IP address and network mask in the appropriate text boxes. In the Gateway IP Address box, enter the IP address of the next-hop gateway associated with the route.

  • Page 137: A Look At Rip Routing In The Ip Environment

    Chapter 9: Configuring Unicast Routing on the SSR 11. Specify whether you want to cause packets to be dropped and unreachable messages to be sent to packet originators by selecting Yes or No for both the Reject packets to this Host and Send Route Unreachable Msg on Rejection options.

  • Page 138: What Is Preference

    Chapter 9: Configuring Unicast Routing on the SSR the SSR's subnetwork. You could also configure the SSR to not accept RIP data from the subnetwork but to accept RIP packets from the other RIP router. In the IP environment, RIP bases routing on a hop count. RIP only supports routes that have 0 to 15 hops.

  • Page 139: Configuring The Ssr For Rip

    Chapter 9: Configuring Unicast Routing on the SSR Table 12. Preferences and default values (Continued) Preference Default Aggregate/generate routes OSPF AS external routes BGP routes Note: Do not change the default preference values unless you fully understand the implications of doing so. Even though you can set preference in several places, each route has only one preference value associated with it.
  • Page 140 Chapter 9: Configuring Unicast Routing on the SSR Double-click the IP Routing Configuration object. Double-click the IP Unicast Routing object. Then double-click the RIP Routing object and click the RIP Global Parameters object. A RIP Global Parameters dialog box similar to the following appears: Figure 80.

  • Page 141: Defining Ip Rip Interfaces

    Chapter 9: Configuring Unicast Routing on the SSR Note: The metric 16 (the default) is equivalent in RIP to “infinite” and makes a route unreachable. You must set the default metric to a value other than 16 in order to allow the SSR to export routes from other protocols such as OSPF into RIP. You can specify values for the default route preference and default metric in the RIP Global Parameters dialog box just as in the RIP Policy Defaults dialog box.
  • Page 142 Chapter 9: Configuring Unicast Routing on the SSR – If you are modifying the settings of an interface on which RIP is enabled, select the interface you want to change. – If you are configuring a new IP RIP interface, click the Configure New RIP Enabled Interface object.
  • Page 143 Chapter 9: Configuring Unicast Routing on the SSR Set the RIP parameters described in the following table: Table 13. RIP parameters Parameter Description RIP Packet Receipt Specify whether the interface can receive RIP updates. Select Enabled if you want to receive RIP updates on the interface.

  • Page 144: Adding Trusted Gateways

    Chapter 9: Configuring Unicast Routing on the SSR Table 13. RIP parameters (Continued) Parameter Description Outgoing Route Metric Enter the metric to be added to routes that are sent via this interface. The default is 0. This option is used to make other routers prefer other sources of RIP routes over the SSR.

  • Page 145: Adding Source Gateways

    Chapter 9: Configuring Unicast Routing on the SSR Configuration Expert adds the trusted gateway to the list of those found in the RIP Trusted Gateways object. The SSR will accept RIP updates only from the sources you include in this list. Repeat step 5 through...
  • Page 146 Chapter 9: Configuring Unicast Routing on the SSR also set up security as discussed in Chapter 13: “Configuring Security on the SSR” on page 207. Both tasks are optional. CoreWatch User’s Manual...

  • Page 147: Chapter 10: Configuring Multicast Routing On The Ssr

    Chapter 10 Configuring Multicast Routing on the SSR Multicast routing on the SSR is supported through the Distance Vector Multicast Routing Protocol (DVMRP) and Internet Group Management Protocol (IGMP). DVMRP is used to determine forwarding of multicast traffic between SSRs. IGMP is used to determine host membership on directly attached subnets.

  • Page 148: Configuring Dvmrp Routing On The Ssr

    Chapter 10: Configuring Multicast Routing on the SSR Task Force (IETF) document. The SSR’s implementation of DVMRP supports the following: • mtrace, which is a utility that tracks the multicast path from a source to a receiver. • Generation identifiers, which are assigned to DVMRP whenever that protocol is started on a router.

  • Page 149: Setting Dvmrp Global Parameters On The Ssr

    Chapter 10: Configuring Multicast Routing on the SSR • Enabling or disabling DVMRP on tunnels. Setting DVMRP Global Parameters on the SSR Set DVMRP global parameters to enable or disable multicast routing on the SSR and to specify whether or not the SSR performs pruning to exclude interfaces not in the shortest path tree.

  • Page 150: Configuring Dvmrp Interfaces

    Chapter 10: Configuring Multicast Routing on the SSR Configuring DVMRP Interfaces When configuring the SSR for DVMRP, you can enable or disable that protocol on IP interfaces. If you enable DVMRP on an interface, you can set DVMRP parameters on that interface.

  • Page 151: Defining Dvmrp Tunnels

    Chapter 10: Configuring Multicast Routing on the SSR If you are defining a new DVMRP interface, select the IP address or host name of the interface on which you are enabling or disabling DVMRP. You will not be able to change the IP address if you are modifying an existing DVMRP interface.
  • Page 152 Chapter 10: Configuring Multicast Routing on the SSR – If you are modifying an existing tunnel, select that tunnel. – If you are creating a new tunnel, select the Configure New IP Tunnel option. An IP Tunnel Definition dialog box similar to the following appears: Figure 84.

  • Page 153: Enabling Or Disabling Dvmrp On Tunnels

    Chapter 10: Configuring Multicast Routing on the SSR Set the DVMRP parameters as discussed in the following table: Table 15. DVMRP parameters Field Description Metric Enter a number from 1 to 16 in the Metric box to specify the metric (cost) of the interface. Rate Enter the speed at which you want outgoing traffic to pass through the interface.

  • Page 154: What Is Igmp

    Chapter 10: Configuring Multicast Routing on the SSR Figure 85. DVMRP Tunnel dialog box Enable and disable DVMRP on tunnels. To enable DVMRP on a tunnel, select that tunnel from the Available Tunnels list and click the Add button. To disable DVMRP on a tunnel, select that tunnel from the DVMRP Tunnels list and click the Remove button.

  • Page 155: Configuring Igmp Interfaces On The Ssr

    Chapter 10: Configuring Multicast Routing on the SSR On the SSR, IGMP can be configured on a per interface basis. You can configure an SSR interface to support IGMP only or both IGMP and DVMRP. If an interface is configured for both IGMP and DVMRP, IGMP starts and stops automatically with DVMRP.

  • Page 156: Enabling Or Disabling Igmp On Interfaces

    Chapter 10: Configuring Multicast Routing on the SSR Open the configuration file you want to modify and then double-click that file’s Routing Configuration object. Double-click the IP Routing Configuration object. Double-click the IP Multicast Routing object. Then double-click the IGMP Protocol object and click the IGMP Global Parameters object.
  • Page 157 Chapter 10: Configuring Multicast Routing on the SSR Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object. Double-click the IP Routing Configuration object. Double-click the IP Multicast Routing object and then double-click the IGMP Protocol object.

  • Page 158: What To Do Next

    Chapter 10: Configuring Multicast Routing on the SSR Specify whether you want to enable or disable IGMP on the interface by selecting the appropriate options. Click OK. Repeat step 5 through step 8 until you configure all the IGMP interfaces necessary for your network environment.

  • Page 159: Chapter 11: Configuring The Ssr For Ipx Routes

    Chapter 11 Configuring the SSR for IPX Routes The Internetwork Packet Exchange (IPX) is a datagram connectionless protocol for the Novell NetWare environment. You can configure the SSR for IPX routing and SAP. This chapter • provides an overview of IPX on the SSR. •...
  • Page 160 Chapter 11: Configuring the SSR for IPX Routes The SSR uses IPX RIP to create and maintain a database of internetwork routing information. The SSR's implementation of RIP allows the following exchanges of information: • Workstations locate the fastest route to a network number by broadcasting a route request.

  • Page 161: Creating Ipx Interfaces

    Chapter 11: Configuring the SSR for IPX Routes Creating IPX Interfaces When you create IPX interfaces on the SSR, you provide information about the interface (such as its name, output MAC encapsulation, and IPX address). You also enable or disable the interface and bind the interface to a single port or VLAN. If you want to apply an existing ACL to an interface, Configuration Expert lets you do so either when you create the interface or afterwards.
  • Page 162 Chapter 11: Configuring the SSR for IPX Routes Figure 88. IPX Interface wizard (single port) Click Next. An IPX Interface Definition panel similar to the following appears: Figure 89. Interface Definition panel (single port) CoreWatch User’s Manual...
  • Page 163 Chapter 11: Configuring the SSR for IPX Routes Enter the name of the interface in the Interface Name box. Then either select Up to enable the interface or select Down to disable it. Set the output MAC encapsulation you want associated with the interface by selecting one of the following from the Output MAC Encapsulation drop-down list: –...
  • Page 164 Chapter 11: Configuring the SSR for IPX Routes Figure 91. Bind to VLAN or Port panel (single port) 10. Click Next. Configuration Expert displays a Bound Port List panel similar to the following: Figure 92. Bound Port List panel (single port) 11.
  • Page 165 Chapter 11: Configuring the SSR for IPX Routes In the Available Port list, double-click the module containing the desired port. From the list of available ports that appears, select the port that you want to bind to the interface. b. Click the Add button. Note: You can bind only a single port to an interface.
  • Page 166 Chapter 11: Configuring the SSR for IPX Routes desired ACL and apply it as discussed in “Applying ACLs to IP or IPX Interfaces” on page 224. 14. If you specified you wanted to apply an ACL, use the Apply IPX ACL panel that appears to apply an ACL to the interface.

  • Page 167: Creating Ipx Interfaces Bound To A Vlan

    Chapter 11: Configuring the SSR for IPX Routes Configuration Expert adds the new interface to those found in the IPX interfaces bound to Ports object. Note: When you apply an ACL to an interface, the SSR appends an implicit deny rule to that ACL. The implicit deny rule denies all traffic. If you intend to allow all traffic that does not match your specified ACL rules to go through, you must explicitly define a rule to permit all traffic.
  • Page 168 Chapter 11: Configuring the SSR for IPX Routes An IPX Interface Definition panel similar to the following appears: Figure 96. Interface Defintion panel (VLAN) Enter the name of the interface in the Interface Name box. Then either select Up to enable the interface or select Down to disable it.
  • Page 169 Chapter 11: Configuring the SSR for IPX Routes Figure 97. Bound IPX Address panel (VLAN) Click Next and then select the Bind the interface to VLAN option in the panel that appears. This option is available only if there are existing IPX VLANs. Figure 98.
  • Page 170 Chapter 11: Configuring the SSR for IPX Routes Figure 99. Interface Defintion panel (VLAN) 11. Click Next. The Apply ACLs panel appears. Figure 100. Apply ACLs panel CoreWatch User’s Manual...
  • Page 171 Chapter 11: Configuring the SSR for IPX Routes 12. Specify whether you want to apply an ACL to the interface by doing one of the following. – To not apply an ACL, select No. Then click Finish, which completes the configuration of the interface but does not apply any ACL to that interface.

  • Page 172: Modifying Ipx Interface Definitions

    Chapter 11: Configuring the SSR for IPX Routes traffic, outbound traffic, or both inbound and outbound traffic. Inbound traffic is packets coming into the interface while outbound traffic is packets going out of that interface. Select Input to filter inbound traffic. Select Output to filter outbound traffic. Selecting both check boxes filters both inbound and outbound traffic.
  • Page 173 Chapter 11: Configuring the SSR for IPX Routes Double-click the IPX Interface Configuration object. Then do one of the following: – If the interface you want to modify is bound to a port, double-click the IPX Interfaces bound to Ports object. –...
  • Page 174 Chapter 11: Configuring the SSR for IPX Routes – If you are modifying a VLAN-bound interface, click the interface’s VLAN object, select a new VLAN from the VLAN Name drop-down list that appears in the Interface Definition dialog box, and click OK. If you want to change which ACLs are applied to the interface, double-click the Bound IPX Security object.

  • Page 175: Configuring Static Ipx Sap Entries

    Chapter 11: Configuring the SSR for IPX Routes Figure 104. Edit ACL dialog box 12. Select or clear the Filter State check boxes to specify whether you want the ACL to filter inbound traffic (Input), outbound traffic (Output), or both input and outbound traffic.
  • Page 176 Chapter 11: Configuring the SSR for IPX Routes • A router request for the names and addresses of either all the servers or all the servers of a certain type on the internetwork • A response to either a workstation or router request •...
  • Page 177 Chapter 11: Configuring the SSR for IPX Routes Figure 105. SAP Entry dialog box Configure the IPX SAP entry as discussed in the following table: Table 16. IPX SAP fields Field Description Server Name Name of the IPX server. You can use any characters in the name except the following: "...

  • Page 178: What To Do Next

    Chapter 11: Configuring the SSR for IPX Routes What to Do Next After configuring the SSR for IPX, you may perform the following tasks. Both tasks are optional. • Control traffic as discussed in Chapter 12: “Configuring QoS on the SSR” on page 179.

  • Page 179: Chapter 12: Configuring Qos On The Ssr

    Chapter 12 Configuring QoS on the SSR After you define interfaces on the SSR, you can configure QoS policies to control traffic. This chapter • provides an overview of QoS. • lists the order in which you perform the various QoS-configuration tasks. •...

  • Page 180: Establishing The Ssr's Queuing Policy

    Chapter 12: Configuring QoS on the SSR – medium – Setting priorities for network traffic helps ensure that critical traffic will reach its destination even if the exit ports for the traffic are experiencing greater than maximum utilization. Note: Control priority is reserved for system control traffic. Assign that priority only when necessary.

  • Page 181: Associating Precedences To Layer-3/Layer-4 Flows

    Chapter 12: Configuring QoS on the SSR Figure 106. Queuing Discipline Configuration dialog box Specify whether you want to use strict priority or weighted-fair queuing by selecting the appropriate option. If you selected the Use Weighted-Fair Queuing option, set the amount of bandwidth you want allocated to each of the control, high, medium, and low priorities.
  • Page 182 Chapter 12: Configuring QoS on the SSR • Destination TCP or UDP port • Destination IP address • Source TCP or UDP port • Source IP address • Type of Service (TOS) for the packet • Incoming interface • Protocol (TCP or UDP) To assign the IP QoS precedence: Start Configuration Expert if you have not already done so.

  • Page 183: Assigning Ipx Qos Precedence

    Chapter 12: Configuring QoS on the SSR select that field and then click the Up and Down buttons until the field is listed next to the desired precedence value. You may assign a precedence value from 1 to 7, where 1 is the highest precedence value.

  • Page 184: Creating Qos Profiles

    Chapter 12: Configuring QoS on the SSR Figure 108. IPX QoS Precedence dialog box Assign one of the precedence values shown in the Order list to each of the IP-flow fields shown in the Flow Components list. To assign a precedence value to a field, select that field and then click the Up and Down buttons until the field is listed next to the desired precedence value.

  • Page 185: Creating A Qos Profile For An Ip Flow

    Chapter 12: Configuring QoS on the SSR • Specifying to what you want the flow to apply. You apply IP and IPX flows to one or more interfaces. You apply Layer-2 flows to one or more ports. The method you use to create a QoS profile depends on whether you are defining an IP, IPX, or Layer-2 flow.
  • Page 186 Chapter 12: Configuring QoS on the SSR Figure 110. QoS - Flow Types panel (IP flow) Click Next. A QoS L3/L4 Flow Priority panel similar to the following appears: Figure 111. QoS - L3/L4 Flow Priority panel (IP flow) Enter the flow’s name in the Flow Name box. CoreWatch User’s Manual...
  • Page 187 Chapter 12: Configuring QoS on the SSR From the Flow Priority drop-down list, select the priority you want to assign to the fields listed in the Flow Definition section of the panel. The following table describes the priorities you may set: Table 17.
  • Page 188 Chapter 12: Configuring QoS on the SSR Table 18. L3/L4 flow fields (Continued) Field Description Source Mask Enter the network mask for which you are assigning a priority. You can specify the mask using the traditional IP address format (“255.255.0.0”). If you want to use the Classless Inter- Domain Routing (CIDR) format (“/16”), you may do so as discussed in the SmartSwitch Router Command Line Interface Reference Manual.
  • Page 189 Chapter 12: Configuring QoS on the SSR Figure 112. Apply to IP Interfaces panel (IP flow) 10. Do one of the following: – If you selected No, click Finish. Configuration Expert adds the QoS Profile to those included in the IP QoS Profiles object.

  • Page 190: Creating A Qos Profile For An Ipx Flow

    Chapter 12: Configuring QoS on the SSR Figure 113. Policy Input Interface List panel (IP flow) If you accidentally add a wrong interface, remove it by selecting it in the Selected Interfaces list and clicking the Delete button. After you click Finish, Configuration Expert adds the QoS Profile to those included in the IP QoS Profiles object.
  • Page 191 Chapter 12: Configuring QoS on the SSR Figure 114. QoS wizard (IPX flow) Click Next. Configuration Expert prompts you to specify which type of flow you want to define. Figure 115. Qos - Flow Types panel (IPX flow) Select IPX Flow and click Next. CoreWatch User’s Manual...
  • Page 192 Chapter 12: Configuring QoS on the SSR An IPX Policy Definition panel similar to the following appears: Figure 116. IPX Policy Definition panel (IPX flow) Specify the flow’s name in the Name box. From the Flow Priority drop-down list, select the priority you want to assign to the fields listed in the Flow Definition section of the panel.
  • Page 193 Chapter 12: Configuring QoS on the SSR Define each flow field as discussed in the following table. You can enter ANY in a flow field to specify a wildcard (“don’t care”) condition. Table 20. IPX flow fields Field Description Source Network Enter the IPX source network address.
  • Page 194 Chapter 12: Configuring QoS on the SSR Figure 117. Apply to IPX Interfaces panel (IPX flow) 10. Do one of the following: – If you selected No, click Finish. Configuration Expert adds the QoS Profile to those included in the IPX QoS Profiles object.

  • Page 195: Creating A Qos Profile For A Layer-2 Flow

    Chapter 12: Configuring QoS on the SSR Figure 118. Policy Input Interface List panel (IPX flow) If you accidentally add a wrong interface, remove it by selecting it in the Selected Interfaces list and clicking the Delete button. After you click Finish, Configuration Expert adds the QoS Profile to those included in the IPX QoS Profiles object.
  • Page 196 Chapter 12: Configuring QoS on the SSR Figure 119. QoS wizard (Layer-2 flow) Click Next. Configuration Expert prompts you to specify which type of flow you want to define. Figure 120. QoS - Flow Types panel (Layer-2 flow) Select L2 Flow and click Next. CoreWatch User’s Manual...
  • Page 197 Chapter 12: Configuring QoS on the SSR An L2 Flow Priority Definition panel similar to the following appears: Figure 121. L2 Flow Priority Definition panel (Layer-2 flow) Specify the flow’s name in the Name box. From the Flow Priority drop-down list, select the priority you want to assign to the fields listed in the Flow Definition section of the panel.
  • Page 198 Chapter 12: Configuring QoS on the SSR Define each flow field as discussed in the following table: Table 22. L2 flow fields Field Description Source MAC Addr Enter the Layer-2 source MAC address. Specify the MAC address in the format. xx:xx:xx:xx:xx:xx Destination MAC Addr Enter the Layer-2 destination MAC address.

  • Page 199: Modifying Qos Profiles

    Chapter 12: Configuring QoS on the SSR To specify a port, double-click that port’s module in the Update Port list, select the port from the port list that appears, and click the Add button. Figure 123. Update Port List panel (Layer-2 flow) Clicking a module rather than double-clicking it selects all of that module’s ports.

  • Page 200: Redefining An Ipx Flow Definition

    Chapter 12: Configuring QoS on the SSR Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s QoS Configuration object. Double-click the IP QoS Profiles object. From the list of IP QoS profiles that appears, click the one you want to edit. A QoS L3/L4 Flow Priority dialog box similar to the following appears: Figure 124.

  • Page 201: Redefining A Layer-2 Flow Definition

    Chapter 12: Configuring QoS on the SSR Open the configuration file you want to modify and then double-click that file’s QoS Configuration object. Double-click the IPX QoS Profiles object. From the list of IPX QoS profiles that appears, click the one you want to edit. An IPX Policy Definition dialog box similar to the following appears: Figure 125.

  • Page 202: Changing An Ip Or Ipx Flow's Interface List

    Chapter 12: Configuring QoS on the SSR Double-click the Layer-2 QoS Profiles object. From the list of Layer-2 QoS profiles that appears, click the one you want to edit. An L2 Flow Priority Definition dialog box similar to the following appears: Figure 126.

  • Page 203: Adding Or Deleting A Flow's Interfaces Through A Dialog Box

    Chapter 12: Configuring QoS on the SSR Adding or Deleting a Flow’s Interfaces through a Dialog Box To use a dialog box to add an interface to a flow’s list of interfaces or delete one from the list: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and double-click the QoS Configuration object.

  • Page 204: Dragging An Interface To Apply A Flow To The Interface

    Chapter 12: Configuring QoS on the SSR – To delete interfaces, select them in the Selected Interfaces list and click the Delete button. Click OK. Dragging an Interface to Apply a Flow to the Interface You can add an interface to a QoS profile’s list of interfaces by dragging the interface to the flow.
  • Page 205 Chapter 12: Configuring QoS on the SSR From the list of flows that appears, double-click the flow associated with the port list you want to change. Click the flow’s Bound Port List object. A Bound Port List dialog box similar to the following appears: Figure 128.
  • Page 206 Chapter 12: Configuring QoS on the SSR CoreWatch User’s Manual...

  • Page 207: Chapter 13: Configuring Security On The Ssr

    Chapter 13 Configuring Security on the SSR You can configure security on the SSR by defining Access Control Lists (ACLs) for IP and IPX interfaces, applying those ACLs to interfaces, and setting Layer-2 filters. This chapter • provides an overview that briefly describes ACLs. •...

  • Page 208: Setting Ip Security

    Chapter 13: Configuring Security on the SSR Setting IP Security You can set security on an IP network by configuring ACLs that you will apply to IP interfaces. To set security: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Security Configuration object.
  • Page 209 Chapter 13: Configuring Security on the SSR Figure 130. IP ACL Name panel Enter the ACL’s name in the ACL Name box and click Next. An IP ACL Rule panel similar to the following appears: Figure 131. IP ACL Rule panel CoreWatch User’s Manual...
  • Page 210 Chapter 13: Configuring Security on the SSR If you want to permit traffic that meets the rule’s criteria, select the Permit option. Otherwise, block such traffic by selecting the Deny option. Specify the protocol to which the rule applies by selecting the appropriate option (IP, UDP, or TCP).
  • Page 211 Chapter 13: Configuring Security on the SSR Table 23. IP/TCP/UDP ACL rule criteria fields (Continued) Field Description Source Port For TCP or UDP, enter the number of the source TCP or UDP port. This field applies only to TCP or UDP traffic. If the incoming packet is ICMP or another non-TCP or non-UDP packet and you specified a source or destination port, the SSR does not check the port value.

  • Page 212: Setting Ipx Security

    Chapter 13: Configuring Security on the SSR After you finish defining all of an ACL’s rules, Configuration Expert adds the ACL to the IP Security object. Configuration Expert also adds a separate object for each rule and places this list of rules in the ACL object. The rule numbers displayed in an ACL’s list of rules, are automatically assigned by Configuration Expert.
  • Page 213 Chapter 13: Configuring Security on the SSR Figure 132. IPX Security wizard Click Next. Configuration Expert prompts you for the ACL’s name. Figure 133. IPX ACL Name panel Enter the ACL’s name in the ACL Name box. CoreWatch User’s Manual...
  • Page 214 Chapter 13: Configuring Security on the SSR You can use a string of characters or a number. Click Next. An IPX ACL Type panel similar to the following appears: Figure 134. IPX ACL Type panel Click Next. An IPX ACL Rule panel similar to the following appears: CoreWatch User’s Manual...
  • Page 215 Chapter 13: Configuring Security on the SSR Figure 135. IPX ACL Rule panel If you want to permit IPX traffic that meets the rule’s criteria, select the Permit option. Otherwise, block such traffic by selecting the Deny option. 10. Define the rule’s criteria by specifying values for the fields described in the following table: Table 24.
  • Page 216 Chapter 13: Configuring Security on the SSR Table 24. IPX ACL rule criteria fields (Continued) Field Description Source MAC Addr Enter the source’s MAC address. You can enter ANY to specify a wildcard (“don’t care”) condition. The SSR will interpret this number in hexadecimal format.

  • Page 217: Setting Up Ipx Rip Filters

    Chapter 13: Configuring Security on the SSR After you finish defining all of an ACL’s rules, Configuration Expert adds the ACL to the IPX ACLs object. Configuration Expert also adds a separate object for each rule and places this list of rules in the ACL object. The rule numbers displayed in an ACL’s list of rules, are automatically assigned by Configuration Expert.
  • Page 218 Chapter 13: Configuring Security on the SSR Figure 137. IPX ACL Name panel (RIP) Enter the ACL’s name in the ACL Name box. You can use a string of characters or a number. Click Next. An IPX ACL Type panel similar to the following appears: Figure 138.
  • Page 219 Chapter 13: Configuring Security on the SSR Select IPX RIP and click Next. An IPX RIP ACL Rule panel similar to the following appears: Figure 139. IPX ACL Rule panel (RIP) If you want to permit IPX RIP network advertisements that meet the rule’s criteria, select the Permit option.
  • Page 220 Chapter 13: Configuring Security on the SSR 10. Define the rule’s criteria by specifying values for the fields described in the following table: Table 25. IPX RIP ACL rule criteria fields Field Description Source Network Enter the source’s network address. You can enter ANY to specify a wildcard (“don’t care”) condition.

  • Page 221: Setting Up Ipx Sap Filters

    Chapter 13: Configuring Security on the SSR Setting Up IPX SAP Filters Set up IPX SAP filters to permit or deny IPX SAP service advertisements. You set up such filters by configuring an ACL for IPX SAP interfaces. To do so, take the following steps: Start Configuration Expert if you have not already done so.
  • Page 222 Chapter 13: Configuring Security on the SSR Figure 141. IPX ACL Name panel (SAP) Enter the ACL’s name in the ACL Name box. You can use a string of characters or a number. Click Next. An IPX ACL Type panel similar to the following appears: Figure 142.
  • Page 223 Chapter 13: Configuring Security on the SSR Select IPX SAP and click Next. An IPX SAP ACL Rule panel similar to the following appears: Figure 143. IPX ACL Rule panel (SAP) If you want to permit IPX SAP service advertisements that meet the rule’s criteria, select the Permit option.

  • Page 224: Applying Acls To Ip Or Ipx Interfaces

    Chapter 13: Configuring Security on the SSR Table 26. IPX SAP ACL rule criteria fields (Continued) Field Description Service Type Enter the SAP service type. You may enter the service type as hexadecimal or select one of the choices from the Service Type drop-down list. You do not need to use a “0x”...

  • Page 225: Copying An Acl To Apply It To An Interface

    Chapter 13: Configuring Security on the SSR administrator to know ahead of time that a packet should be dropped at the inbound interface. Nonetheless, for performance reasons, whenever possible, one should create and apply an ACL to the inbound interface. When a packet comes into a router at an interface where an inbound ACL is applied, the router compares the packet with the rules specified by that ACL.

  • Page 226: Applying An Acl By Editing An Interface's Definition

    Chapter 13: Configuring Security on the SSR Do one of the following: – If you are applying the ACL to an IP interface, double-click the interface’s Applied IP ACLs object. – If you are applying the ACL to an IPX interface, double-click the interface’s Bound IPX Security object and then its Applied IPX ACLs object.
  • Page 227 Chapter 13: Configuring Security on the SSR Do one of the following: – If the interface you want to modify is bound to a port, double-click the bound to ports object of the interface to which you are applying the ACL. –...

  • Page 228: Setting Layer-2 Security

    Chapter 13: Configuring Security on the SSR If you are applying multiple ACLs to an interface, configure those ACLs to govern either inbound traffic or outbound traffic. To do so, take the following steps: Click an ACL that you want to apply to inbound traffic. In the Access Control List: Edit ACL dialog box that appears, select the Input check box and ensure that the Output check box is not selected.

  • Page 229: Configuring Layer-2 Address Filters

    Chapter 13: Configuring Security on the SSR Configuring Layer-2 Address Filters If you want to control access to a source or destination on a per-MAC address basis, you can configure address filters. Address filters are always configured and applied to the input port.
  • Page 230 Chapter 13: Configuring Security on the SSR Configuration Expert prompts you to select a filter type. Figure 146. L2 Filter Type panel (address filter) Click Next. An L2 Address Filter panel similar to the following appears: Figure 147. L2 Address Filter panel (address filter) CoreWatch User’s Manual...

  • Page 231: Configuring Layer-2 Port-To-Address Lock Filters

    Chapter 13: Configuring Security on the SSR Enter the filter’s name, source MAC address, destination MAC address, and VLAN ID in the appropriate text boxes. Use the source MAC address for source or flow address filters. Use the Destination MAC Address for destination or flow static entries. Click Next.
  • Page 232 Chapter 13: Configuring Security on the SSR allowed to connect to the “locked” port and the specified source MAC address is not allowed to connect to any other ports. To configure a port-to-address lock filter: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Security Configuration object.
  • Page 233 Chapter 13: Configuring Security on the SSR Figure 150. L2 Filter Type panel (lock filter) Select L2 Port Address Lock Filters and click Next. An L2 Port Address Lock Filter panel similar to the following appears: Figure 151. L2 Port Address Lock Filter panel CoreWatch User’s Manual...

  • Page 234: Configuring Layer-2 Static-Entry Filters

    Chapter 13: Configuring Security on the SSR Enter the filter’s name, source MAC address, and VLAN ID in the appropriate text boxes. Click Next. In the Bind to Port panel that appears, specify to which ports you want to apply the filter. If you apply a port address lock filter to a port, you can use a static- entry filter to allow packets from a specific source to use that port even though it is locked.
  • Page 235 Chapter 13: Configuring Security on the SSR MAC addresses in flow bridging mode. Static entries are always configured and applied at the input port. You can set the following static-entry filters: • Source static entry, which specifies that any frame coming from a specific source MAC address will be allowed or disallowed to go to a set of ports.
  • Page 236 Chapter 13: Configuring Security on the SSR Figure 154. L2 Filter Type panel (static-entry filter) Select L2 Static Filters and click Next. An L2 Static Filter panel similar to the following appears: Figure 155. L2 Static Filter panel Enter the filter’s name in the Name box. CoreWatch User’s Manual...
  • Page 237 Chapter 13: Configuring Security on the SSR Specify the forwarding behavior of the static entry by doing one of the following: – Select ALLOW to allow packets to go to a specific set of ports. – Select DISALLOW to prohibit packets from going to a specific set of ports. –...

  • Page 238: Configuring Layer-2 Secure Port Filters

    Chapter 13: Configuring Security on the SSR 11. Click Next. In the second Bind to Port panel that appears, specify the ports to which you are allowing, disallowing, or forcing packets. Then click Finish. Configuration Expert adds the filter to those found in the L2 Static Entries object. The ports to which the filter applies are included in that filter’s Bound Port List object.
  • Page 239 Chapter 13: Configuring Security on the SSR Figure 157. L2 Security wizard (secure port filter) Click Next. Configuration Expert prompts you to select a filter type. Figure 158. L2 Filter Type panel (secure port filter) Select L2 Secure Port Filters and click Next. CoreWatch User’s Manual...
  • Page 240 Chapter 13: Configuring Security on the SSR An L2 Port Filter panel similar to the following appears: Figure 159. L2 Port Filter panel (secure port filter) Enter the filter’s name in the Name box. Select either the Source or Destination option to specify whether the filter is to secure a source port or a destination port.

  • Page 241: Modifying The Ssr's Security Settings

    Chapter 13: Configuring Security on the SSR Figure 160. Bound Port List panel (secure port filter) If you want to apply the filter to a port, double-click that port’s module in the Available Port list, select the port from the port list that appears, and click the Add button.

  • Page 242: Changing An Acl's Name

    Chapter 13: Configuring Security on the SSR Changing an ACL’s Name To change an ACL’s name: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Security Configuration object. Do one of the following: –...

  • Page 243: Adding Or Modifying Acl Rules

    Chapter 13: Configuring Security on the SSR Adding or Modifying ACL Rules To add a rule to an existing ACL or modify an ACL’s rule: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Security Configuration object.

  • Page 244: Modifying A Filter's Port Bindings

    Chapter 13: Configuring Security on the SSR In the list of filters that appears, click the one you want to modify. Configuration Expert displays the selected filter’s dialog box. Edit the dialog box. The options of a filter’s dialog box are the same as those you specify when creating such a filter.
  • Page 245 Chapter 13: Configuring Security on the SSR Figure 162. Bound Port List dialog box Specify which port’s you want to bind to the filter by adding and removing ports in the port list. – To add a port, double-click its module in the Available Port list, select the port from the list of ports that appears, and click the Add button.
  • Page 246 Chapter 13: Configuring Security on the SSR CoreWatch User’s Manual...

  • Page 247: Chapter 14: Configuring Ospf On The Ssr

    Chapter 14 Configuring OSPF on the SSR A Look at OSPF Routing on the SSR The Open Shortest Path Routing (OSPF) protocol is a link-state protocol. It is an Interior Gateway Protocol (IGP) that distributes routing information between routers in a single autonomous system.

  • Page 248: Setting Ospf Global Parameters

    Chapter 14: Configuring OSPF on the SSR OSPF will add the internal cost to the autonomous system border router to the external metric. Type 2 ASEs are used for Exterior Gateway Protocols (EGP) that have metrics not comparable to OSPF metrics. In this case, only the internal OSPF cost to the autonomous system border router is used in the routing decision.

  • Page 249: Configuring Ospf Area Tables

    Chapter 14: Configuring OSPF on the SSR Double-click the IP Unicast Routing object. Then double-click the OSPF object and click the OSPF Global Parameters object. An OSPF Global Parameters dialog box similar to the following appears: Figure 163. OSPF Global Parameters dialog box Set the OSPF Facility State option to Start or Stop.

  • Page 250: Creating Ospf Area Tables

    Chapter 14: Configuring OSPF on the SSR Creating OSPF Area Tables To create OSPF area tables: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object. Double-click the IP Routing Configuration object.
  • Page 251 Chapter 14: Configuring OSPF on the SSR The OSPF Area Definition panel appears. Figure 165. OSPF Area Definition panel Create an area by either selecting the Backbone option to add the backbone area or selecting the Other option and then entering an ID number in the Area ID box. Specify whether the area you are adding is a stub by selecting the appropriate option.
  • Page 252 Chapter 14: Configuring OSPF on the SSR Figure 166. Add Network Ranges panel 10. If you selected Yes to specify you want to associate a network with the area, use the OSPF Network Definition panel that appears to specify which network you want to associate with the area.
  • Page 253 Chapter 14: Configuring OSPF on the SSR b. If the specified network is a host network, then check the host-network box. If you do not want to advertise the network or host network in the Summary Network link-state advertisements, select Restrict Network Advertisement. d.
  • Page 254 Chapter 14: Configuring OSPF on the SSR Figure 169. OSPF Area Broadcast Interface panel (Definition tab) To add a broadcast interface, take the following steps: From the Interface/Name Address drop-down list, select the IP interface you want to configure as a broadcast interface. b.
  • Page 255 Chapter 14: Configuring OSPF on the SSR d. Enter the interface cost and designated router priority for the broadcast interface in the appropriate text boxes. See the following table for more detailed information: Table 27. Broadcast interface cost and designated router priority description Option Description Interface Cost...
  • Page 256 Chapter 14: Configuring OSPF on the SSR g. Set the advanced options on the interface as discussed in the following table: Table 28. Broadcast interface options Option Description LSA Retransmission Interval Enter the number of seconds between link-state advertisement retransmissions for adjacencies belonging to the interface.
  • Page 257 Chapter 14: Configuring OSPF on the SSR Figure 171. Add Non-Broadcast Interface panel 14. If you selected Yes to specify you want to add a non-broadcast interface, add the interface. Otherwise, skip to step Figure 172. OSPF Area Non-Broadcast Interface panel (Definition tab) To add a non-broadcast interface, take the following steps: CoreWatch User’s Manual...
  • Page 258 Chapter 14: Configuring OSPF on the SSR From the Interface/Name Address drop-down list, select the IP interface you want to configure as a non-broadcast interface. b. Select the appropriate Interface State option to enable or disable the interface. Select or clear the Disallow Multicast Packets to Neighbors check box to specify whether the SSR is to send multicast packets to neighbors on point-to-point interfaces.
  • Page 259 Chapter 14: Configuring OSPF on the SSR Figure 173. OSPF Area Non-Broadcast Interface panel (Advanced tab) Set the advanced options on the interface as discussed in the following table: Table 30. Non-broadcast interface options Option Description LSA Retransmission Interval Enter the number of seconds between link-state advertisement retransmissions for adjacencies belonging to the interface.
  • Page 260 Chapter 14: Configuring OSPF on the SSR Table 30. Non-broadcast interface options (Continued) Option Description Hello Interval Enter an integer value from 0 to 255 to specify the estimated number of seconds between Hello packets that the router sends on the interface. The default is 10 seconds for broadcast networks and 30 seconds for both point-to-point and non-broadcast interfaces.
  • Page 261 Chapter 14: Configuring OSPF on the SSR Figure 174. OSPF Area Interface Neighbor panel h. Add a neighbor to the interface by taking the following steps: Specify the IP address of the NBMA neighbor you want to add to the interface.
  • Page 262 Chapter 14: Configuring OSPF on the SSR Figure 175. Add Non-Broadcast Interface panel Do one of the following: – If you select Yes, click Next and then add another non-broadcast interface specifying options as you did when you added the other non-broadcast interface.
  • Page 263 Chapter 14: Configuring OSPF on the SSR Configuration Expert prompts you to specify whether you want to add a stub host. Figure 176. Add Stub Host panel 15. Do one of the following: – If you do not want to add a stub host, select No. –...
  • Page 264 Chapter 14: Configuring OSPF on the SSR Figure 177. OSPF Area Stub Host panel To add a stub host, take the following steps: Enter the address of the stub host. b. Enter an integer value from 0 to 65535 to specify the cost that should be advertised for the directly attached stub host.
  • Page 265 Chapter 14: Configuring OSPF on the SSR Figure 178. Add Virtual Links panel b. Select Yes and then click Next. A Virtual Link panel similar to the following appears: Figure 179. OSPF Area Virtual Link panel (Definition tab) Enter a virtual link name, then enter an IP address of an OSPF virtual link CoreWatch User’s Manual...
  • Page 266 Chapter 14: Configuring OSPF on the SSR neighbor and the Area ID of the transit area in the appropriate text boxes. d. Enable or disable the interfaces Select or clear the Disallow Multicast Packets to Neighbor check box to specify whether the SSR is to send multicast packets to neighbors on point-to-point interfaces.

  • Page 267: Modifying Area Tables

    Chapter 14: Configuring OSPF on the SSR Table 31. Virtual link options (Continued) Option Description LSA Retransmission Enter the number of seconds between link-state Interval advertisement retransmissions for adjacencies belonging to the virtual link. Specify a number equal to or greater than 1.
  • Page 268 Chapter 14: Configuring OSPF on the SSR The options of the dialog box are the same as those you specified while creating the area table. For details on specifying these options, see “Creating OSPF Area Tables” on page 250. CoreWatch User’s Manual...

  • Page 269: Chapter 15: Configuring Bgp On The Ssr

    Chapter 15 Configuring BGP on the SSR BGP Overview The Border Gateway Protocol (BGP) is an exterior gateway protocol that allows IP routers to exchange network connectivity information. BGP became an internet standard in 1989 (RFC 1105) and the current version, BGP-4, was published in 1994 (RFC 1771). BGP is typically run between Internet Service Providers.

  • Page 270: Configuring Your Ssr For Bgp

    Chapter 15: Configuring BGP on the SSR Configuring Your SSR for BGP The following sections describe how to use CoreWatch to set up global BGP parameters on the SSR, configure new BGP peer groups for the SSR, and modify existing peer groups on the SSR.

  • Page 271: Configuring A New Bgp Peer Group

    Chapter 15: Configuring BGP on the SSR Enter global values for the following options: Table 32. BGP global options Option Description Preference Defines the preference value for BGP hosts/networks. You can specify a value between 0 and 255, inclusive. Metric Defines the default-metric value for BGP hosts/networks.
  • Page 272 Chapter 15: Configuring BGP on the SSR Configuration Expert opens the BGP wizard: Figure 182. BGP wizard Click Next. The BGP Peer-Group Definition panel appears: Figure 183. BGP Peer-Group Definition panel (Definition tab) CoreWatch User’s Manual...
  • Page 273 Chapter 15: Configuring BGP on the SSR Specify the general BGP options for your SSR according to the following: Specify an associated peer group for your SSR in the Peer Group box. You must specify a peer group to successfully configure BGP on your SSR. b.
  • Page 274 Chapter 15: Configuring BGP on the SSR Figure 184. BGP Peer-Group Definition panel (Options tab) CoreWatch User’s Manual...
  • Page 275 Chapter 15: Configuring BGP on the SSR 10. If you wish, activate or deactivate one or more of the options on the Options tab by checking or unchecking their respective boxes. Checked options are activated; unchecked options remain inactive. Refer to the following table for a list of the available options and their descriptions: Table 33.
  • Page 276 Chapter 15: Configuring BGP on the SSR Table 33. BGP Peer-Group options (Continued) Option Description Ignore First AS Hop Specifying this option (here or on the Advanced tab of either the BGP Peer Group Definition panel or Add Host to Peer Group panel) tells GateD not to drop routes from Route Servers (servers that are able to propagate route without appending their own autonomous system to the path).
  • Page 277 Chapter 15: Configuring BGP on the SSR Table 33. BGP Peer-Group options (Continued) Option Description Advertise Routes with Looped This option instructs GateD to advertise routes AS Path to ver 3 Peers whose autonomous system paths are looped (i.e. with an autonomous system appearing more than once in the path) to version 3 external peers.
  • Page 278 Chapter 15: Configuring BGP on the SSR 12. If you wish, specify appropriate values for the options on the Advanced tab according to the guidelines in the following table: Table 34. BGP Peer-Group advanced options Option Description Metric Out Specifies the primary metric used on all routes sent to the specified peer group.
  • Page 279 Chapter 15: Configuring BGP on the SSR Table 34. BGP Peer-Group advanced options (Continued) Option Description Hold Time Specifies the Hold Time value (in seconds) when negotiating peer connections. If BGP does not receive a Keep-Alive, update, or notification message from a peer within the Hold Time period specified, then the BGP connection will be closed.
  • Page 280 Chapter 15: Configuring BGP on the SSR Table 34. BGP Peer-Group advanced options (Continued) Option Description AS Count This option determines how many times GateD will insert our own autonomous system number when we send the autonomous system path to an external neighbor. The default value for this option is 1.
  • Page 281 Chapter 15: Configuring BGP on the SSR Figure 186. Add Host or Network panel 14. Select either the Add Peer Hosts to the BGP Group or Add Peer Networks to the BGP Group option and click Next. 15. If you specified that you want to add peer hosts to the BGP, use the Add Host to BGP Group panel that appears to add a peer host to your BGP.
  • Page 282 Chapter 15: Configuring BGP on the SSR 16. To add peer hosts to the BGP, go through the following steps: Specify the address of the peer host you wish to add to the BGP in the Peer Host box. b. Enter a BGP gateway for your SSR in the Gateway box. Select either or both of the Generate Default Route and Retain All Routes options by checking their respective boxes.
  • Page 283 Chapter 15: Configuring BGP on the SSR available options and their descriptions: Table 35. Add Host to BGP Group options Option Description Ignore First AS Hop Specifying this option (here or on the Advanced tab of either the BGP Peer Group Definition panel or Add Host to Peer Group panel) tells GateD not to drop routes from Route Servers (servers that are able to propagate route without appending their...
  • Page 284 Chapter 15: Configuring BGP on the SSR Table 35. Add Host to BGP Group options (Continued) Option Description Advertise Routes with Looped This option instructs GateD to advertise routes AS Path to ver 3 Peers whose autonomous system paths are looped (i.e. with an autonomous system appearing more than once in the path) to version 3 external peers.
  • Page 285 Chapter 15: Configuring BGP on the SSR Click the Advanced tab: Figure 189. Add Host to BGP Group panel (Advanced tab) If you wish, specify appropriate values for the options on the Advanced tab according to the guidelines in the following table: Table 36.
  • Page 286 Chapter 15: Configuring BGP on the SSR Table 36. Add Host to BGP Group advanced options (Continued) Option Description Gated Preference Allows GateD to use the LOCAL_PREF attribute to set preference on reception, and allows the GateD preference to set the LOCAL_PREF on transmission. The set-pref metric works as a lower limit, below which the imported LOCAL_PREF may not set the GateD preference.
  • Page 287 Chapter 15: Configuring BGP on the SSR Table 36. Add Host to BGP Group advanced options (Continued) Option Description Route Out-Delay Used to dampen route fluctuations. The Out-Delay option is the amount of time (in seconds) a route must remain included in the routing table before it is exported to BGP.

  • Page 288: Modifying An Existing Bgp Peer Group

    Chapter 15: Configuring BGP on the SSR 17. Use the Add Networks to BGP panel that appears to add peer networks to the BGP: Figure 190. Add Network to BGP Group panel 18. Specify whether to add all associated networks or a specific network to the BGP by selecting either the All Networks or IP Network/Host option.
  • Page 289 Chapter 15: Configuring BGP on the SSR Open the configuration file you want to modify and then double-click that file’s Routing Configuration object. Double-click the IP Routing Configuration object. Double-click the IP Unicast Routing object. Double-click the BGP Routing object. Double-click the BGP Groups object and click on the object you wish to modify.
  • Page 290 Chapter 15: Configuring BGP on the SSR Select either or both of the Generate Default Route and Retain All Routes options by checking their respective boxes. Click the Options tab. Figure 192. BGP Peer Group Definition dialog box (Options tab) If you wish, activate or deactivate one or more of the options on the Options tab by checking or unchecking their respective boxes.
  • Page 291 Chapter 15: Configuring BGP on the SSR unchecked options remain inactive. Refer to the following table for a list of the available options and their descriptions: Table 37. BGP Peer-Group options Option Description Enable MED in Routing Specifies that the Multi_Exit_Disc (MED) metric is to Computations be used in routing computations.
  • Page 292 Chapter 15: Configuring BGP on the SSR Table 37. BGP Peer-Group options (Continued) Option Description Ignore First AS Hop Specifies that the next hop in route advertisements for this peer or group of peers is to be this SSR, even if it would normally be possible to send a third- party next hop.
  • Page 293 Chapter 15: Configuring BGP on the SSR Table 37. BGP Peer-Group options (Continued) Option Description Advertise Routes with Looped Prevents routes with looped autonomous system AS Path to ver 3 Peers paths from being advertised to version 4 external peers. This can be useful when trying to avoid advertising routes to peers that would automatically (and erroneously) forward routes on to version 3 neighbors.
  • Page 294 Chapter 15: Configuring BGP on the SSR 11. If you wish, specify appropriate values for the options on the Advanced tab according to the guidelines in the following table: Table 38. BGP Peer-Group advanced options Option Description Metric Out Specifies the primary metric used on all routes sent to the specified peer group.
  • Page 295 Chapter 15: Configuring BGP on the SSR Table 38. BGP Peer-Group advanced options (Continued) Option Description Hold Time Specifies the Hold Time value (in seconds) when negotiating peer connections. If BGP does not receive a Keep-Alive, update, or notification message from a peer within the Hold Time period specified, then the BGP connection will be closed.
  • Page 296 Chapter 15: Configuring BGP on the SSR Table 38. BGP Peer-Group advanced options (Continued) Option Description IP TTL By default, BGP sets the IP TTL for local peers to 1 and the TTL for non-local peers to 255. This option is provided when attempting to communicate with improperly functioning routers that ignore packets sent with a TTL of 1.

  • Page 297: Chapter 16: Configuring Routing Policies On The Ssr

    Chapter 16 Configuring Routing Policies on the SSR Routing Policies on the SSR You can use CoreWatch to configure the following types of routing policies on the SSR: • Export Policies • Import Policies • Aggregate Policies • Redistribute Policies •...

  • Page 298: Setting Rip Routing Policy Defaults

    Chapter 16: Configuring Routing Policies on the SSR Setting RIP Routing Policy Defaults To set default values for RIP’s metric and preference that will be used for RIP across all routing policies: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object.

  • Page 299: Setting Ospf Routing Policy Defaults

    Chapter 16: Configuring Routing Policies on the SSR The preference you specify applies to all IP RIP interfaces on the SSR. The default value for route preference is 100. Set the metric for routes advertised through RIP by entering a number from 1 to 16 in the Default Metric box.

  • Page 300: A Look At The Building Blocks Of Routing Policies

    Chapter 16: Configuring Routing Policies on the SSR A OSPF Policy ASE Defaults dialog box similar to the following appears: Figure 195. OSPF Policy ASE Defaults dialog box Assign a preference for the routes learned by OSPF. To do so, enter a number from 0 to 255 in the Preference box.

  • Page 301: Export Destination Building Blocks

    Chapter 16: Configuring Routing Policies on the SSR • Export destinations and export sources, which you will include in your export policies. A destination can be a particular interface or gateway. A source can be a particular interface, gateway, autonomous system, or aggregate route. •...
  • Page 302 Chapter 16: Configuring Routing Policies on the SSR A RIP Export Destination dialog box similar to the following appears: Figure 196. RIP Export Destination dialog box Specify a name for the export destination in the Destination Name box. 10. Under RIP Routes, specify whether you want to export the routes to a specific interface or a gateway by doing one of the following: –...

  • Page 303: Configuring And Modifying Ospf Export Destinations

    Chapter 16: Configuring Routing Policies on the SSR Configuring and Modifying OSPF Export Destinations An OSPF export destination building block specifies an export destination for OSPF routes. Note: You can export OSPF routes only into OSPF ASE routes. To define OSPF export destination building blocks: Start Configuration Expert if you have not already done so.

  • Page 304: Configuring And Modifying Bgp Export Destinations

    Chapter 16: Configuring Routing Policies on the SSR Specify a name for the new export destination in the Destination Name box. 10. Specify the tag you wish to associate with OSPF routes in the Tag box. 11. Specify whether the routes are to be exported as type 1 or type 2 autonomous system external (ASE) routes by selecting the appropriate option.
  • Page 305 Chapter 16: Configuring Routing Policies on the SSR A BGP Export Destination dialog box similar to the following appears: Figure 198. BGP Export Destination dialog box Specify a name for the new export destination in the Destination Name box. 10. Specify the autonomous system for the new export destination in the Autonomous System box.

  • Page 306: Aggregate Destination Building Blocks

    Chapter 16: Configuring Routing Policies on the SSR Aggregate Destination Building Blocks Define an aggregate destination to create or modify an aggregate generation destination and control the export of routes from a source with routes to directly attached interfaces. The procedure for defining an aggregate destination depends on whether you are creating a new destination or modifying an existing one.
  • Page 307 Chapter 16: Configuring Routing Policies on the SSR An Aggregate Destination panel similar to the following appears: Figure 199. Aggregate Destination panel Specify a name for the aggregate destination in the Destination Name box. 10. Under Destination Type, specify whether the destination is an aggregate or a generate by selecting the appropriate option.

  • Page 308: Modifying Aggregate Destinations

    Chapter 16: Configuring Routing Policies on the SSR An Aggregate Network panel similar to the following appears: Figure 200. Aggregate Network panel 14. Specify the aggregate network by entering the appropriate IP address and subnetwork mask in the Aggregate Network and Network Mask boxes, respectively. 15.

  • Page 309: Export Source Building Blocks

    Chapter 16: Configuring Routing Policies on the SSR Modify the destination by editing the fields of the Aggregate Destination Definition dialog box that appears. The dialog box includes some of the same fields you specified when creating the destination. For more information on these fields, see “Configuring Aggregate Destinations”...
  • Page 310 Chapter 16: Configuring Routing Policies on the SSR Double-click the Routing Policy Configuration object. Double-click the Building Blocks object. Double-click the Export Source object. Double-click the RIP object, and then do one of the following: – If you are creating a new export source, click the Configure New RIP Export Source object.

  • Page 311: Configuring And Modifying Ospf Export Sources

    Chapter 16: Configuring Routing Policies on the SSR 11. Click OK. 12. Repeat step 8 through step 11 until you create all of the RIP export sources you plan to include in your export policies. Configuring and Modifying OSPF Export Sources An OSPF export source building block specifies a source for exporting OSPF routes into other protocols.

  • Page 312: Configuring And Modifying Bgp Export Sources

    Chapter 16: Configuring Routing Policies on the SSR An OSPF Export Source dialog box similar to the following appears: Figure 202. OSPF Export Source dialog box Specify the name you wish to assign to the export source in the Source Name box. 10.
  • Page 313 Chapter 16: Configuring Routing Policies on the SSR Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object. Double-click the IP Routing Configuration object. Double-click the IP Unicast Routing object.

  • Page 314: Configuring And Modifying Autonomous System Path Export Sources

    Chapter 16: Configuring Routing Policies on the SSR 11. Specify whether the SSR restricts the export or associates a metric with the exported route by doing one of the following: – If you do not want the SSR to export any routes from the source, select the Restrict export to the specified BGP source option.
  • Page 315 Chapter 16: Configuring Routing Policies on the SSR An Autonomous System Path Export Source dialog box similar to the following appears: Figure 204. Autonomous System Path Export Source dialog box Specify the name you wish to assign to the AS path export source in the Source Name box.

  • Page 316: Configuring And Modifying Tag Export Sources

    Chapter 16: Configuring Routing Policies on the SSR Specify the origin for your AS export source by selecting the appropriate type from the Origin drop-down list. You can select one of the following four options: – – – – incomplete 11.
  • Page 317 Chapter 16: Configuring Routing Policies on the SSR A Tag Export Source dialog box similar to the following appears: Figure 205. Tag Export Source dialog box Specify the name you wish to assign to the tag export source in the Source Name box. 10.

  • Page 318: Configuring And Modifying Direct Export Sources

    Chapter 16: Configuring Routing Policies on the SSR – If you do not want the SSR to export any routes from the source, select the Restrict export to the specified Tag source option. – If you want the SSR to associate a metric with the exported route, select a metric from the Route Metric drop-down list.

  • Page 319: Configuring And Modifying Static Export Sources

    Chapter 16: Configuring Routing Policies on the SSR Figure 206. Direct Export Source dialog box Specify the name you wish to assign to the direct export source in the Destination Name box. 10. Select the interface associated with the direct routes from the Interface Name/Address drop-down list.
  • Page 320 Chapter 16: Configuring Routing Policies on the SSR Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object. Double-click the IP Routing Configuration object. Double-click the IP Unicast Routing object.

  • Page 321: Configuring And Modifying Aggregate Export Sources

    Chapter 16: Configuring Routing Policies on the SSR 11. Specify whether the SSR restricts the export or associates a metric with the exported routes by doing one of the following: – If you do not want the SSR to export any routes from the source, select the Restrict export from the specified Static Source option.

  • Page 322: Import Source Building Blocks

    Chapter 16: Configuring Routing Policies on the SSR An Aggregate Export Source dialog box similar to the following appears: Figure 208. Aggregate Export Source dialog box Specify the tag name you wish to assign to the export source in the Source Name Tag box.

  • Page 323: Configuring And Modifying Rip Import Sources

    Chapter 16: Configuring Routing Policies on the SSR SSR’s import routing policies to control which routes are added to the SSR’s routing table and to specify the SSR’s preference of routes from one protocol or peer over another. The method you use to create import source building blocks depends on whether you are defining one for RIP, OSPF, or BGP.
  • Page 324 Chapter 16: Configuring Routing Policies on the SSR A RIP Import Source dialog box similar to the following appears: Figure 209. RIP Import Source dialog box Specify the name you wish to assign to the import source in the Source Name box. 10.

  • Page 325: Configuring And Modifying Ospf Import Sources

    Chapter 16: Configuring Routing Policies on the SSR 12. Click OK. 13. Repeat step 8 through step 12 until you create all of the RIP import sources you plan to include in your import policies. Configuring and Modifying OSPF Import Sources To define OSPF import source building blocks: Start Configuration Expert if you have not already done so.
  • Page 326 Chapter 16: Configuring Routing Policies on the SSR An OSPF Import Source dialog box similar to the following appears: Figure 210. OSPF Import Source dialog box Specify the name you wish to assign to the import source in the Source Name box. 10.

  • Page 327: Configuring And Modifying Bgp Import Sources

    Chapter 16: Configuring Routing Policies on the SSR Configuring and Modifying BGP Import Sources To define BGP import source building blocks: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object.
  • Page 328 Chapter 16: Configuring Routing Policies on the SSR Under Import BGP Routes based on, specify the source of your BGP routes by doing one of the following: – To specify the source of your BGP routes as a particular autonomous system, select the Autonomous System option and specify the autonomous system identity in the associated text box.

  • Page 329: Configuring And Modifying Aggregate Source Building Blocks

    Chapter 16: Configuring Routing Policies on the SSR Configuring and Modifying Aggregate Source Building Blocks You can define an aggregate source to specify the source’s protocol, restrict the source’s routes, specify whether the routes are considered contributors, and set the route’s preference.

  • Page 330: Ip Route Filter Building Blocks

    Chapter 16: Configuring Routing Policies on the SSR Specify a name four your aggregate source in the Aggregate Source box. From the Route Protocol drop-down list, select the protocol of the contributing aggregate source. 10. Do one of the following to specify which method of route restriction you wish to use: –...

  • Page 331: Configuring Ip Route Filters

    Chapter 16: Configuring Routing Policies on the SSR Configuring IP Route Filters The SSR uses IP route filters to match a certain set of routes by destination or by destination and mask. Note: A route will match the most specific filter that applies. Specifying more than one filter with the same destination, mask, and modifiers will generate an error.
  • Page 332 Chapter 16: Configuring Routing Policies on the SSR Specify the name you wish to assign to the filter in the Filter Name box. 10. Click Next. A Filter Network Specification panel similar to the following appears: Figure 214. Filter Network Specification panel 11.

  • Page 333: Modifying Ip Route Filters

    Chapter 16: Configuring Routing Policies on the SSR – More Specific than Supplied Mask – Match Length Between <number> and <number> Note: If you select the Match Length Between <number> and <number> option, you must specify values defining the acceptable range to justify a match to your network mask.

  • Page 334: Configuring And Modifying Optional Attribute Building Blocks

    Chapter 16: Configuring Routing Policies on the SSR Configuring and Modifying Optional Attribute Building Blocks You can configure optional attributes to include with your export destinations and BGP input sources. To define optional path attribute building blocks: Start Configuration Expert if you have not already done so. Open the configuration file you want to modify and then double-click that file’s Routing Configuration object.

  • Page 335: Export Policies

    Chapter 16: Configuring Routing Policies on the SSR Specify a tag for your optional path attribute in the Tag box. Specify the community type by doing one of the following: – To define specific community attributes for your optional path, select the Community Attributes option and specify the relative community identification and autonomous system in the Community ID and Autonomous System boxes, respectively.

  • Page 336: Configuring Export Policies

    Chapter 16: Configuring Routing Policies on the SSR Router 6 Router 5 (RIP) (RIP) Router 1 Router 4 (OSPF) (RIP) Router 2 Router 3 (RIP) (OSPF) Configuring Export Policies After you create export destinations and sources and IP route filters as discussed earlier in this chapter, you can configure export routing policies by going through the following procedure.
  • Page 337 Chapter 16: Configuring Routing Policies on the SSR A Routing Policy: Destination panel similar to the following appears: Figure 216. Routing Policy: Destination panel Specify a destination name for your export policy by selecting it from the Destination Name drop-down list. The available destinations in this drop-down list are a collection of any pre-defined export destinations you may have previously configured, as described in “Export Destination Building Blocks”...
  • Page 338 Chapter 16: Configuring Routing Policies on the SSR An Export Policy Destination Source panel similar to the following appears: Figure 217. Export Policy Destination Source panel 11. Specify the source for your export policy by selecting it from the Export Source drop- down list.
  • Page 339 Chapter 16: Configuring Routing Policies on the SSR options under Specify the Type of the Export Destination Policy would remain inactive (dimmed). 13. Click Next. A Filter Specification panel similar to the following appears: Figure 218. Filter Specification panel 14. Specify whether you wish to use an existing filter or create a new filter for your export policy by selecting the appropriate option.
  • Page 340 Chapter 16: Configuring Routing Policies on the SSR A Filter Network Specification panel similar to the following appears: Figure 219. Filter Network Specification panel 16. Specify the level of route access by selecting the All Routes option, the Default Route option, or the IP Network/Host option.

  • Page 341: Modifying Export Policies

    Chapter 16: Configuring Routing Policies on the SSR Note: If you select the Match Length Between <number> and <number> option, you must specify values defining the acceptable range to justify a match to your network mask. You can specify values between 0 and 32 for the acceptable length.

  • Page 342: Import Policies

    Chapter 16: Configuring Routing Policies on the SSR 10. Click OK. Import Policies An SSR’s import routing policies control which routes are added to the SSR’s routing table. Import routing policies also determine the SSR’s preference of routes from one protocol or peer over another.
  • Page 343 Chapter 16: Configuring Routing Policies on the SSR An Import Source panel similar to the following appears: Figure 220. Import Source panel Specify a source name for your import policy by selecting it from the Source Name drop-down list. The available sources in this drop-down list are a collection of any pre-defined import sources you may have previously configured, as described in “Import Source Building Blocks”...
  • Page 344 Chapter 16: Configuring Routing Policies on the SSR A Filter Specification panel similar to the following appears: Figure 221. Filter Specification panel 11. Specify whether you wish to use an existing filter or create a new filter for your import policy by selecting the appropriate option. Note: The Select a filter from predefined filter list option will remain inactive (dimmed) unless you have previously defined one or more filter building blocks as...
  • Page 345 Chapter 16: Configuring Routing Policies on the SSR A Filter Network Specification panel similar to the following appears: Figure 222. Filter Network Specification panel 13. Specify the level of route access by selecting the All Routes option, the Default Route option, or the IP Network/Host option.

  • Page 346: Modifying Import Policies

    Chapter 16: Configuring Routing Policies on the SSR Note: If you select the Match Length Between <number> and <number> option, you must specify values defining the acceptable range to justify a match to your network mask. You can specify values between 0 and 32 for the acceptable length.

  • Page 347: Aggregate Policies

    Chapter 16: Configuring Routing Policies on the SSR Aggregate Policies Configuration Expert lets you create aggregates to restrict the selection of routes, to specify whether the routes are considered to be contributors, and if the routes are considered to be contributors to specify route preference. An aggregate route is a general route composed of two or more contributing routes.
  • Page 348 Chapter 16: Configuring Routing Policies on the SSR An Aggregate Generate panel similar to the following appears: Figure 223. Aggregate Generate panel Specify the destination name for your aggregate policy by selecting it from the Destination Name drop-down list. The available destinations in this drop-down list are a collection of any pre-defined aggregate destinations you may have previously configured, as described in “Aggregate Destination Building Blocks”...
  • Page 349 Chapter 16: Configuring Routing Policies on the SSR An Aggregate Policy Source panel similar to the following appears: Figure 224. Aggregate Policy Source panel 10. Specify the source for your aggregate policy by selecting it from the Aggregate Source drop-down list. The available sources in this drop-down list are a collection of any pre-defined aggregate sources you may have previously configured, as described in “Configuring and Modifying Aggregate Source Building Blocks”...
  • Page 350 Chapter 16: Configuring Routing Policies on the SSR A Filter Specification panel similar to the following appears: Figure 225. Filter Specification panel 12. Specify whether you wish to use an existing filter or create a new filter for your aggregate policy by selecting the appropriate option. Note: The Select a filter from predefined filter list option will be inactive (dimmed) unless you have previously defined one or more filter building blocks as...
  • Page 351 Chapter 16: Configuring Routing Policies on the SSR A Filter Network Specification panel similar to the following appears: Figure 226. Filter Network Specification panel 14. Specify the level of route access by selecting the All Routes option, the Default Route option, or the IP Network/Host option.

  • Page 352: Modifying Aggregate Policies

    Chapter 16: Configuring Routing Policies on the SSR Note: If you select the Match Length Between <number> and <number> option, you must specify values defining the acceptable range to justify a match to your network mask. You can specify values between 0 and 32 for the acceptable length.

  • Page 353: Redistribute Policies

    Chapter 16: Configuring Routing Policies on the SSR These dialog boxes include some of the same fields you specified when configuring the aggregate policy. For more information on these fields, see “Aggregate Policies” on page 347. 10. Click OK. Redistribute Policies You can use Configuration Expert to create redistribute policies for the SSR.
  • Page 354 Chapter 16: Configuring Routing Policies on the SSR A Source Protocol panel similar to the following appears: Figure 227. Source Protocol panel Specify the source protocol for your redistribute policy by selecting one of the available options from the Source Protocol drop-down list. You can select from the following seven options: –...
  • Page 355 Chapter 16: Configuring Routing Policies on the SSR A Target Protocol panel similar to the following appears: Figure 228. Target Protocol panel 10. Specify the destination protocol for your redistribute policy by selecting one of the available options from the Destination Protocol drop-down list. You can select from the following three options: –...
  • Page 356 Chapter 16: Configuring Routing Policies on the SSR A Filter Network Specification panel similar to the following appears: Figure 229. Filter Network Specification panel 12. Specify the level of route access by selecting the All Routes option, the Default Route option, or the IP Network/Host option.

  • Page 357: Modifying Redistribute Policies

    Chapter 16: Configuring Routing Policies on the SSR Note: If you select the Match Length Between <number> and <number> option, you must specify values defining the acceptable range to justify a match to your network mask. You can specify values between 0 and 32 for the acceptable length.

  • Page 358: Summarize Routes

    Chapter 16: Configuring Routing Policies on the SSR Summarize Routes You can use Configuration Expert to configure summarize routes for the SSR. Summarize routes are a simple form of aggregate configuration. When you define aggregates, you must expressly specify which routes will become continuing routes. However, summarize routes simplify the process by treating all routes as continuing routes.
  • Page 359 Chapter 16: Configuring Routing Policies on the SSR Figure 230. Summarize Network panel Specify whether the new summarize network is to be a default network or an associated IP network by selecting the appropriate option. If you selected the IP Network option, proceed with the following step. If you selected the Default Network option, skip to step Under Summarized Network, specify the IP address and network mask for the...
  • Page 360 Chapter 16: Configuring Routing Policies on the SSR A Source Protocol panel similar to the following appears: Figure 231. Source Protocol panel 12. Specify the source protocol for the summarize network by selecting one of the six available options from the Source Protocol drop-down list. You can select from the following six options: –...
  • Page 361 Chapter 16: Configuring Routing Policies on the SSR A Filter Network Specification panel similar to the following appears: Figure 232. Filter Network Specification panel 14. Under Network/Host Options, define the following characteristics: Specify the network or host IP address and the network mask for your summarize network in the Network/Host Address and Network Mask boxes, respectively.

  • Page 362: Modifying Summarize Routes

    Chapter 16: Configuring Routing Policies on the SSR 16. If you wish, you can specify a level of preference for the filter network by entering any numerical value in the Preference box. 17. If you wish to specify additional filter networks, be sure to activate the Add more filters option, click Next, and repeat step 14 through...
  • Page 363 Chapter 16: Configuring Routing Policies on the SSR Click OK. CoreWatch User’s Manual...
  • Page 364 Chapter 16: Configuring Routing Policies on the SSR CoreWatch User’s Manual...

  • Page 365: Chapter 17: Checking System Status

    Chapter 17 Checking System Status CoreWatch can display the following system information: • Details about which modules are installed in the SSR chassis and the number of ports available on those modules. • Details about individual ports. This includes data about which module each port is on, a port’s bridging status, information about the VLAN associated with each port, and IP address information of a port.

  • Page 366: Obtaining Port Information

    Chapter 17: Checking System Status Figure 233. Chassis Info table The following table describes the fields of the Chassis Info table’s upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...

  • Page 367: Bound Ip Interface

    Chapter 17: Checking System Status If you are not currently in the Front Panel view, switch to it by clicking the CoreWatch main window. Select the Monitor menu, choose System State, and then choose Port Table. A Port table similar to the following appears: Figure 234.

  • Page 368: Obtaining Trap Information

    Chapter 17: Checking System Status Obtaining Trap Information Obtain trap information if you want to know what traps are currently configured for the SSR, to which community they are associated, and to which IP address(es) they will be sent. To access such information: If you are not currently in the Front Panel view, switch to it by clicking the CoreWatch main window.

  • Page 369: Obtaining Smarttrunk Information

    Chapter 17: Checking System Status Obtaining SmartTRUNK Information Obtain SmartTRUNK information if you want to know which SmartTRUNKs have been configured for the SSR, what type of ports they are, and at what locations. To access such information: If you are not currently in the Front Panel view, switch to it by clicking the CoreWatch main window.
  • Page 370 Chapter 17: Checking System Status CoreWatch User’s Manual...

  • Page 371: Chapter 18: Monitoring Real-Time Performance

    Chapter 18 Monitoring Real- Time Performance You may obtain current statistics about the following: • System performance, which indicates the speed at which the SSR is transmitting and receiving bytes and packets. • Overall use of all the ports of an SSR. •...
  • Page 372 Chapter 18: Monitoring Real-Time Performance Do one of the following: – Select the Monitor menu, choose Performance, and then choose System Dashboard. – Click the System Dashboard button on the CoreWatch toolbar. A Select Dials to be Displayed dialog box similar to the following appears: Figure 237.

  • Page 373: Setting The Scaling Of Dials

    Chapter 18: Monitoring Real-Time Performance If you selected multiple dials, specify how you want CoreWatch to display the dials by selecting one of the options described in the following table: Select To display the dials Horizontal In a single row. Vertical In a single column.

  • Page 374: Monitoring Port Utilization

    Chapter 18: Monitoring Real-Time Performance In the Dial Options dialog box that appears, select the check boxes of each dial you want to scale and also select the desired scale for those dials. Figure 239. Dial Options dialog box If you selected multiple dials, specify the manner in which you want CoreWatch to display the dials by selecting one of the options described in the following table: Select To display the dials...
  • Page 375 Chapter 18: Monitoring Real-Time Performance – Click the Port Utilization Summary button on the CoreWatch toolbar. – Select the Monitor menu, choose Performance, and then choose Port Utilization Summary. A Port Utilization Summary dialog box similar to the one described in the following figure appears: Port Status Button Traffic Pattern Bar...

  • Page 376: Obtaining Statistics About An Individual Port

    Chapter 18: Monitoring Real-Time Performance The following table describes the different items of the Port Utilization Summary dialog box: Table 43. Port Utilization Summary items Item Description Module Identifier Indicates which of the following Ethernet modules are installed in an SSR slot: •...

  • Page 377: Obtaining Packet Statistics

    Chapter 18: Monitoring Real-Time Performance Obtaining Packet Statistics You can obtain statistics about a port's incoming and outgoing unicast, multicast, and broadcast packets. To display such information: In the Front Panel view, click the port that you want to monitor. Do one of the following: –...

  • Page 378: Obtaining Port Byte Statistics

    Chapter 18: Monitoring Real-Time Performance gathering of statistics by using the Graph toolbar as discussed in “Using the Graph Toolbar” on page 389. Table 44. Port Packet Statistics graph abbreviations Abbreviation Description InUniPkts Incoming unicast packets. OutUniPkts Outgoing unicast packets. InMultiPkts Incoming multicast packets.

  • Page 379: Obtaining Port Error Statistics

    Chapter 18: Monitoring Real-Time Performance Figure 242. Port Byte Statistics graph The following table describes the abbreviations used in the legend located at the bottom of the graph. You can control the graph's appearance and pause or resume the gathering of statistics by using the Graph toolbar as discussed in “Using the Graph Toolbar”...
  • Page 380 Chapter 18: Monitoring Real-Time Performance A Port Error Statistics graph similar to the following appears. By examining the graph, you can determine how many of the different errors a port is experiencing and the time at which those errors occurred. Figure 243.

  • Page 381: Monitoring Ip Interface Statistics

    Chapter 18: Monitoring Real-Time Performance Monitoring IP Interface Statistics CoreWatch lets you obtain current statistics for • the number of unicast, multicast, and broadcast packets being sent and received on the IP interfaces of an SSR. • reassembly and fragmentation activities on the IP interfaces of an SSR. •...

  • Page 382: Obtaining Ip Reassembly Statistics

    Chapter 18: Monitoring Real-Time Performance The following table describes the abbreviations used in the legend located at the bottom of the graph. You can control the graph's appearance and pause or resume the gathering of statistics by using the Graph toolbar as discussed in “Using the Graph Toolbar”...
  • Page 383 Chapter 18: Monitoring Real-Time Performance Figure 245. IP Reassembly Statistics graph The following table describes the abbreviations used in the legend located at the bottom of the graph. You can control the graph's appearance and pause or resume the gathering of statistics by using the Graph toolbar as discussed in “Using the Graph Toolbar”...

  • Page 384: Obtaining Ip Error Statistics

    Chapter 18: Monitoring Real-Time Performance Obtaining IP Error Statistics Obtain IP error statistics for an SSR if you want to determine how many datagrams that SSR discarded because there was not enough buffer space or there were problems that prevented the processing of datagrams. To display such information: If you are not currently in the Front Panel view, switch to it by clicking the CoreWatch main window.

  • Page 385: Monitoring Ipx Interface Statistics

    Chapter 18: Monitoring Real-Time Performance gathering of statistics by using the Graph toolbar as discussed in “Using the Graph Toolbar” on page 389. Table 49. IP Error Statistics graph abbreviations Abbreviation Description InHdrErr Incoming IP datagrams the SSR discarded because of problems in their headers (such as bad checksums, version number mismatching and other formatting errors, and problems in processing IP options).

  • Page 386: Obtaining Ipx Packet Statistics

    Chapter 18: Monitoring Real-Time Performance Obtaining IPX Packet Statistics Obtain IPX packet statistics if you want to determine the following: • How many IPX packets the SSR received and how many of those packets were delivered on the SSR. • How many times the SSR was requested to send IPX information and how many IPX packets the SSR actually sent.

  • Page 387: Obtaining Ipx Error Statistics

    Chapter 18: Monitoring Real-Time Performance gathering of statistics by using the Graph toolbar as discussed in “Using the Graph Toolbar” on page 389. Table 50. IPX Packet Statistics graph abbreviations Abbreviation Description InReceives Total of all IPX packets the SSR received. This includes packets that have errors.
  • Page 388 Chapter 18: Monitoring Real-Time Performance Figure 248. IPX Error Statistics graph The following table describes the abbreviations used in the legend located at the bottom of the graph. You can control the graph's appearance and pause or resume the gathering of statistics by using the Graph toolbar as discussed in “Using the Graph Toolbar”...

  • Page 389: Using The Graph Toolbar

    Chapter 18: Monitoring Real-Time Performance Using the Graph Toolbar A toolbar is located at the top of each port-statistics graph. Use this toolbar to control a graph’s appearance and stop or start the gathering of statistics as summarized in the following figure: Magnifies Displays or hides...
  • Page 390 Chapter 18: Monitoring Real-Time Performance CoreWatch User’s Manual...

  • Page 391: Chapter 19: Checking The Status Of Bridge Tables

    Chapter 19 Checking the Status of Bridge Tables CoreWatch lets you obtain tables that contain the following: • Information about which ports are associated with which VLANs and the type of module on which those ports are located. • Information about the ports on which STP is enabled. Obtaining VLAN Information Obtain VLAN information to display information about which ports and modules are associated with the VLANs configured on an SSR.

  • Page 392: Obtaining Stp Port Information

    Chapter 19: Checking the Status of Bridge Tables Figure 250. VLAN table The following table describes the fields of the VLAN table’s upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...
  • Page 393 Chapter 19: Checking the Status of Bridge Tables Figure 251. STP Port table The following table describes the fields of the STP Port table’s upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...

  • Page 394: Obtaining L2 Interface Information

    Chapter 19: Checking the Status of Bridge Tables Table 53. STP Port table fields Field Description State Indicates whether or not the port is functioning. If the port is functioning, this field identifies the port's state as one of the following: •...
  • Page 395 Chapter 19: Checking the Status of Bridge Tables An L2 Interface table similar to the following appears: Figure 252. L2 Interface table The following table describes the fields of the L2 Interface table’s upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...
  • Page 396 Chapter 19: Checking the Status of Bridge Tables CoreWatch User’s Manual...

  • Page 397: Chapter 20: Checking The Status Of Routing Tables

    Chapter 20 Checking the Status of Routing Tables CoreWatch can display tables that include the following routing data: • Details about IP, IPX, OSPF, RIP, DVMRP, and IGMP interfaces. • Information about the routing of IP and IPX packets the SSR forwarded. •...

  • Page 398: Obtaining Ip Interface Information

    Chapter 20: Checking the Status of Routing Tables Obtaining IP Interface Information Obtain IP interface information to display details about the ports and addresses of each IP interface of an SSR. To access such information, do one of the following: –...

  • Page 399: Obtaining Ip Forwarding Information

    Chapter 20: Checking the Status of Routing Tables Table 55. IP Interface table fields (Continued) Field Description Broadcast IP Address Identifies the destination address the interface uses when sending broadcast packets. Port ID Identifies the number of the port the interface uses. Module ID Identifies the slot number of the interface’s port.

  • Page 400: Checking Ipx Routing Status

    Chapter 20: Checking the Status of Routing Tables The following table describes the fields of the IP Forwarding table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...

  • Page 401: Obtaining Ipx Interface Information

    Chapter 20: Checking the Status of Routing Tables • Details about the packets sent from each IPX interface including information which WAN router an interface uses. • Routing information of an SSR’s IPX interfaces. This includes a list of each IPX destination and provides details about the routes IPX interfaces use to reach those destinations.
  • Page 402 Chapter 20: Checking the Status of Routing Tables upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables” on page 443. Table 57. IPX Interface table fields Field Description IPX Identifier Indicates which instance of IPX the interface is using. Index Indicates the number IPX uses to identify the interface.

  • Page 403: Obtaining Ipx Forwarding Information

    Chapter 20: Checking the Status of Routing Tables Table 57. IPX Interface table fields (Continued) Field Description Uncompressed Tx Indicates how many packets were sent without being compressed even though compression was turned on for the interface. Compressed Rx Indicates how many compressed packets were received. Compressed Init Rx Indicates how many compression initialization packets were received.
  • Page 404 Chapter 20: Checking the Status of Routing Tables An IPX Forwarding table similar to the following appears: Figure 256. IPX Forwarding table The following table describes the fields of the IPX Forwarding table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame.

  • Page 405: Checking Ospf Routing Status

    Chapter 20: Checking the Status of Routing Tables Checking OSPF Routing Status CoreWatch can display the following information for OSPF routes that can be configured through CLI commands: • The OSPF interfaces configured on an SSR. • The areas that the SSR can communicate with. •...
  • Page 406 Chapter 20: Checking the Status of Routing Tables Figure 257. OSPF Interface table The following table describes the fields of the OSPF Interface table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...
  • Page 407 Chapter 20: Checking the Status of Routing Tables Table 59. OSPF Interface table fields (Continued) Field Description Priority Indicates the interface's priority. In multi-access networks, this field is used in the designated router election algorithm. The value 0 signifies that the router is not eligible to become the designated router on this particular network.
  • Page 408 Chapter 20: Checking the Status of Routing Tables Table 59. OSPF Interface table fields (Continued) Field Description Backup Designated Lists the IP address of the backup designated router. Router Number of Events Indicates how many times the SPF interface has changed its state or that an error has occurred.

  • Page 409: Obtaining Ospf Area Information

    Chapter 20: Checking the Status of Routing Tables Obtaining OSPF Area Information Obtain OSPF area information if you want details about the configuration and cumulative statistics of the SSR's attached areas. To access such information: If you are not in the Front Panel view, switch to it by clicking the CoreWatch main window.

  • Page 410: Obtaining Ospf Neighbor Information

    Chapter 20: Checking the Status of Routing Tables Table 60. OSPF Area table fields (Continued) Field Description Area Border Routers Indicates how many area border routers are reachable within the area. The value of this field is initially zero (0), and is calculated in each SPF run.
  • Page 411 Chapter 20: Checking the Status of Routing Tables An OSPF Neighbor table similar to the following appears: Figure 259. OSPF Neighbor table The following table describes the fields of the OSPF Neighbor table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame.

  • Page 412: Obtaining Ospf Link-State Database Information

    Chapter 20: Checking the Status of Routing Tables Table 61. OSPF Neighbor table fields (Continued) Field Description State Indicates the state of the relationship with the neighbor. Nbr. Events Indicates how many times the neighbor relationship has changed state or an error has occurred. Retransmission Q Indicates the current length of the retransmission queue.
  • Page 413 Chapter 20: Checking the Status of Routing Tables Figure 260. OSPF Link State DB table The following table describes the fields of the OSPF Link State DB table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame.

  • Page 414: Obtaining Ospf Area Aggregate Information

    Chapter 20: Checking the Status of Routing Tables Table 62. OSPF Link State DB table fields Field Description Sequence Indicates the sequence number of the link-state advertisement. This field is used to detect old and duplicate link state advertisements. The larger the number the more recent the link-state advertisement.
  • Page 415 Chapter 20: Checking the Status of Routing Tables Figure 261. OSPF Area Aggregate table The following table describes the fields of the OSPF Area Aggregate table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...

  • Page 416: Checking Rip Routing Status

    Chapter 20: Checking the Status of Routing Tables Checking RIP Routing Status CoreWatch can display information about the following: • RIP interfaces configured on an SSR. This includes details about how many packets were discarded on each interface, how many route entries of valid RIP packets were ignored on each interface, how many RIP updates were sent on the interface, and whether a RIP interface is functioning.

  • Page 417: Obtaining Rip Peer Information

    Chapter 20: Checking the Status of Routing Tables The following table describes the fields of the RIP Interface table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...
  • Page 418 Chapter 20: Checking the Status of Routing Tables A RIP Peer table similar to the following appears: Figure 263. RIP Peer table The following table describes the fields of the RIP Peer table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...

  • Page 419: Checking Dvmrp Routing Status

    Chapter 20: Checking the Status of Routing Tables Checking DVMRP Routing Status CoreWatch can display information about the following: • The DVMRP interfaces configured on an SSR. This includes details about the configuration of DVMRP interfaces, whether a DVMRP interface is functioning, how many packets were discarded on each interface, and how many route entries of valid DVMRP packets were ignored.
  • Page 420 Chapter 20: Checking the Status of Routing Tables Figure 264. DVMRP Interface table The following table describes the fields of the DVMRP Interface table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...

  • Page 421: Obtaining Dvmrp Neighbor Information

    Chapter 20: Checking the Status of Routing Tables Obtaining DVMRP Neighbor Information Obtain DVMRP Neighbor information if you want to examine details about DVMRP neighboring routers. This includes information about the length of time those routers have been neighbors to the SSR, the capabilities of those routers, and the traffic the SSR receives from those neighbors.
  • Page 422 Chapter 20: Checking the Status of Routing Tables the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables” on page 443. Table 67. DVMRP Neighbor table fields Field Description Index Identifies the value of the virtual interface index used to reach the neighbor.

  • Page 423: Obtaining Dvmrp Routing Information

    Chapter 20: Checking the Status of Routing Tables Obtaining DVMRP Routing Information Obtain DVMRP routing information if you want details about the multicast routes DVMRP uses instead of unicast routes. This routing information includes such things as the identity of a route's source and upstream neighbor, the route's hop count, and an indication of how long ago the SSR learned of the route.

  • Page 424: Obtaining Dvmrp Next Hop Information

    Chapter 20: Checking the Status of Routing Tables the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables” on page 443. Table 68. DVMRP Routing table fields Field Description Source IP Address Indicates the network address of the source for which the table entry contains multicast routing information.

  • Page 425: Checking Igmp Status

    Chapter 20: Checking the Status of Routing Tables Figure 267. DVMRP Next Hop table The following table describes the fields of the DVMRP Next Hop table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame.

  • Page 426: Obtaining Igmp Interface Information

    Chapter 20: Checking the Status of Routing Tables Obtaining IGMP Interface Information Obtain IGMP Interface information if you want to learn on which interfaces IGMP is enabled or examine details about the IGMP configuration of those interfaces. To access such information, do one of the following: •...
  • Page 427 Chapter 20: Checking the Status of Routing Tables upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables” on page 443. Table 70. IGMP Interface table fields Field Description Index Identifies an IP interface on which IGMP is enabled. Query Interval Indicates how often the SSR sends IGMP Host-Query packets on the interface.

  • Page 428: Obtaining Igmp Cache Information

    Chapter 20: Checking the Status of Routing Tables Table 70. IGMP Interface table fields (Continued) Field Description Joins Indicates how many times a group membership has been added on the interface. By examining this field, you can determine the amount of IGMP activity over time. Groups Indicates how many groups are on the interface.
  • Page 429 Chapter 20: Checking the Status of Routing Tables The following table describes the fields of the IGMP Cache table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...
  • Page 430 Chapter 20: Checking the Status of Routing Tables CoreWatch User’s Manual...

  • Page 431: Chapter 21: Checking The Status Of Qos Tables

    Chapter 21 Checking the Status of QoS Tables Examining Quality of Service (QoS) information in tables, you can identify historical trends. You can obtain the following QoS information in CoreWatch: • Details about QoS priorities of Layer-3/ Layer-4 flows. • Information about the routing of any Layer-2, Layer-3, or Layer-4 data sent to a port rather than being sent to the Control Module for further processing.
  • Page 432 Chapter 21: Checking the Status of QoS Tables Figure 270. L2 Priority table The following table describes the fields of the L2 Priority table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...

  • Page 433: Obtaining Flow Priority Information

    Chapter 21: Checking the Status of QoS Tables Obtaining Flow Priority Information Obtain flow priority information if you want to examine the QoS priorities of Layer-3 and Layer-4 flows. CoreWatch indicates a flow's priority and provides information about the fields for which that priority applies. To access such information: If you are not currently in the Front Panel view, switch to it by clicking the CoreWatch main window.
  • Page 434 Chapter 21: Checking the Status of QoS Tables upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables” on page 443. Table 73. Flow Priority table fields Field Description Flow Name Identifies which flow is assigned the traffic priority shown in the IP flow's Priority field.

  • Page 435: Obtaining Layer-2 Switching Information

    Chapter 21: Checking the Status of QoS Tables Obtaining Layer-2 Switching Information Obtain Layer-2 switching information to examine details about the routing of Layer-2 data sent directly to a port rather than being sent to the Control Module for further processing. To access this information: In the Front Panel view, select the Monitor menu, choose QoS State, and then choose L2 Flows.

  • Page 436: Obtaining Layer-3 And Layer-4 Switching Information

    Chapter 21: Checking the Status of QoS Tables Table 74. L2 Forward table fields (Continued) Field Description VLAN ID Identifies the VLAN that is combined with a MAC address to uniquely identify the entry. The same MAC address may be learned on different VLANs. MAC addresses are combined with VLAN names to create unique identifiers for each entry.
  • Page 437 Chapter 21: Checking the Status of QoS Tables Figure 273. Flow Table Filter dialog box Do the following to restrict the amount of data CoreWatch receives from Layer 3 and Layer 4: – To include an item and not limit which values are accepted for that item, leave its box blank.
  • Page 438 Chapter 21: Checking the Status of QoS Tables Figure 274. Flow table The following table describes the fields of the Flow table's upper frame. The Selection Details frame displays information about the item currently selected in the upper frame. For details on using the Table toolbar, see Appendix A: “Working with Tables”...

  • Page 439: Chapter 22: Obtaining Reports

    Chapter 22 Obtaining Reports While monitoring an SSR, you may want to keep a record of the information found in the SSR boot log or any CoreWatch table. You may keep such records by saving CoreWatch table information to a CoreWatch report, which is an HTML file. This chapter discusses obtaining reports that include boot log information or data from multiple CoreWatch tables.
  • Page 440 Chapter 22: Obtaining Reports Figure 275. Report Selection dialog box In the Please select reports list, select one or more items that you want the report to include. If you want the report to include information from all CoreWatch tables, click the Select All button.

  • Page 441: Saving A Single Table As A Report

    Chapter 22: Obtaining Reports Saving a Single Table as a Report While monitoring an SSR, you may want to keep a record of the information found in a CoreWatch table. You may do so by saving the table’s data to a CoreWatch report, which is an HTML file.
  • Page 442 Chapter 22: Obtaining Reports CoreWatch User’s Manual...

  • Page 443: Appendix A: Working With Tables

    Appendix A Working with Tables You can perform the following operations in any CoreWatch table: • Find text in a table • Control the contents of tables • Refresh table information • Restore table information • Obtain additional records • Save a table as a report •...

  • Page 444: Controlling The Contents Of Tables

    Appendix A: Working with Tables Controlling the Contents of Tables You can control which fields are included in a CoreWatch table and also limit which values are displayed in each of the table's fields. To control the contents of a CoreWatch table: Click the Filter button on the Table toolbar.

  • Page 445: Refreshing A Table

    Appendix A: Working with Tables Select one of the options discussed in the following table: Select If the table is to include items matching All the selection criteria specified in each of the form's text boxes and check boxes. Any of the selection criteria specified in each of the form's text boxes and check boxes.

  • Page 446: Exporting Data From A Table

    Appendix A: Working with Tables Open the table that you want to include in the report. Click the Report button on the Table toolbar. The Save As dialog box appears. Enter a name for the report in the File Name box. If necessary, browse to the folder in which you want to save the report.

  • Page 447: Appendix B: Corewatch Menus

    Appendix B CoreWatch Menus This appendix describes the following CoreWatch menus that are located at the top of the CoreWatch main window. Use the commands available on these menus to perform tasks in CoreWatch. • File • Monitor • Window •...

  • Page 448: Monitor Menu

    Appendix B: CoreWatch Menus Table 76. File menu commands (Continued) Command Description Properties Lets you change CoreWatch properties. Cabletron Systems has configured the CoreWatch properties to their optimal settings. Changing some of these properties may affect system performance. SSR name or IP address Opens the CoreWatch main window for the SSR represented by the name or IP address you select.
  • Page 449 Appendix B: CoreWatch Menus Utilization Summary commands directly from the Performance submenu, but you choose the other commands from another submenu. Table 78. Performance State submenu commands Submenu Command Description System Dashboard Lets you select and then display the dials that permit you to monitor incoming and outgoing data.

  • Page 450: System State Submenu

    Appendix B: CoreWatch Menus System State Submenu If you select the Monitor menu and then choose System State, a submenu that includes the following commands appears: Table 79. System State submenu commands Command Description Chassis Table Displays information about which modules are installed in the SSR, the slot number of each module, and the number of ports on each module.

  • Page 451: Routing State Submenu

    Appendix B: CoreWatch Menus Routing State Submenu If you select the Monitor menu and then choose Routing State, the Routing State submenu appears. That submenu provides access to the additional submenus listed in the following table. The table describes the commands available on these additional submenus. Table 81.
  • Page 452 Appendix B: CoreWatch Menus Table 81. Routing State submenu commands (Continued) Submenu Command Description RIP Peer Table Displays information about RIP peers. DVMRP DVMRP Interface Table Displays information about the State configuration of an SSR's DVMRP interfaces, whether those interfaces are functioning, how many packets were discarded on those interfaces, and how many route entries of valid DVMRP...

  • Page 453: Qos State Submenu

    Appendix B: CoreWatch Menus Table 81. Routing State submenu commands (Continued) Submenu Command Description IGMP State IGMP Interface Table Displays information about the configuration of the interfaces on which IGMP is enabled. IGMP Cache Table Displays information about the multicast groups of IGMP interfaces.

  • Page 454: Window Menu

    Appendix B: CoreWatch Menus Window Menu The CoreWatch Window menu includes the commands described in the following table: Table 83. Window menu commands Command Description Tile Horizontally Arranges all open windows in rows so that you can view them all at the same time. Tile Vertically Arranges all open windows in columns so that you can view them all at the same time.
  • Page 455 Appendix B: CoreWatch Menus Table 84. Help menu commands Submenu Command Description Frequently Asked Provides technical support for some Questions issues or concerns that you may have while using CoreWatch. Technical Support Displays information about how to contact Cabletron Systems technical support.
  • Page 456 Appendix B: CoreWatch Menus CoreWatch User’s Manual...

  • Page 457: Appendix C: Supported Regular Expressions

    Appendix C Supported Regular Expressions When controlling the contents of a CoreWatch table, you may find it useful to enter a regular expression that CoreWatch will use as a wildcard. CoreWatch will then filter entries in the table based on the specified regular expression. CoreWatch supports the following Perl5 regular expressions: •...
  • Page 458 Appendix C: Supported Regular Expressions • The following atoms: – Regular expression within parentheses – A . matches everything except \n – Character classes [such as (abcd) and ranges (such as (a-z)] You may include special backslashed characters within a character class (except for back-references and boundaries).
  • Page 459 Appendix C: Supported Regular Expressions Table 86. Supported special (backslashed) characters (Continued) Character Description Matches the corresponding control character \nn or \nnn Octal representation of character unless a back-reference. \1, \2, \3, A back-reference, which matches whatever the first, second, third, and and so on so on parenthesized group matched.
  • Page 460 Appendix C: Supported Regular Expressions • CoreWatch also supports all of the Perl5 extended regular expressions, which are described in the following table: Table 88. Supported Perl5 extended regular expressions Expression Description (?#text) An embedded comment that you enter if you want text to be ignored.

  • Page 461: Appendix D: Error Messages

    Appendix D Error Messages This appendix describes error messages you may encounter while using CoreWatch and Configuration Expert. This appendix also includes possible solutions to the errors. The error messages are presented alphabetically within the following categories: • Missing or invalid field error messages •...

  • Page 462: Ip Subnet Mask

    Appendix D: Error Messages ‘Autonomous System Patch Matching’ field is missing or invalid. Specify a regular expression for the ‘Autonomous System Path Matching’ to continue. ‘Broadcast Address’ is missing or invalid. Specify a valid ‘Broadcast Address’ to continue. ‘Broadcast Interface Address’ is missing or invalid. Specify a valid ‘Broadcast Interface Address’...

  • Page 463: Interface Name

    Appendix D: Error Messages ‘Having Tag’ field is missing or invalid. Specify a valid value for ‘Having Tag’ field to continue. ‘Interface Name’ is missing or invalid. Specify a valid ‘Interface Name’ to continue. IP Address entered is missing or invalid. Specify a valid IP address to continue. IP Address of 0.0.0.0 is invalid.
  • Page 464 Appendix D: Error Messages ‘Priority’ value is missing or invalid. Specify a valid ‘Priority’ value to continue. ‘Protocol’ name is missing or invalid. Specify a valid ‘Protocol’ name to continue. Range value entered is incorrect. The first value in the range should be less than the second value.

  • Page 465: Duplicate Objects Error Messages

    Appendix D: Error Messages ‘VLAN Name’ is missing or invalid. Specify a valid ‘VLAN Name’ to continue. Duplicate Objects Error Messages The following error messages are generated when you attempt to create or modify names of objects that conflict with another existing object. Solution: To resolve any of the following error messages, provide a unique name of that object to continue.

  • Page 466: Unavailable Objects Error Messages

    Appendix D: Error Messages A ‘L2 Flow’ by this name already exists. Specify a unique ‘L2 Flow’ name to continue. An ACL by this name already exists. Select a unique ‘ACL Name’ to continue. An ‘IP Flow’ by this name already exists. Specify a unique ‘IP Flow’ name to continue. An ‘IPX Flow’...

  • Page 467: Miscellaneous Error Messages

    Appendix D: Error Messages Existing DVMRP interfaces may have used up existing IP addresses. Solution: Try to assign a new IP address to configure a new DVMPR interface. No more IP addresses available to configure new IGMP Interface. Existing IGMP interfaces may have used up all existing IP addresses. Solution: Try to assign a new IP address to configure a new DVMPR interface.
  • Page 468 Appendix D: Error Messages This error message is generally indicative of some network problem or other error that puts CoreWatch in the wrong state. CoreWatch sometimes displays this message if you try to log in and the SSR did not clean up an earlier session because it was busy. Normally, however, this should not occur.
  • Page 469 Appendix D: Error Messages Cannot Delete Selected Object. This object is being referenced by at least one other configuration object. To delete this object, all associated references to this object must be deleted first. The selected object is being referenced by other objects and requires you to first delete these references before attempting to delete the object to ensure consistency.
  • Page 470 Appendix D: Error Messages Solution: Try exporting the table data again. Incorrect Total Percentage - the sum of percentage values of all fields should be equal to 100%. In configuring QoS Global Queuing Discipline, which uses the weighted fair queuing method, the total bandwidth reservation for each of the priority levels (control, high, medium and low) should add up to 100 percent.
  • Page 471 Appendix D: Error Messages Solution: Enter the correct password. If you are changing the CoreWatch Login password, enter the one you were prompted for when you last started CoreWatch. If you are changing the Privileged password, enter the one that currently provides access to Configuration Expert. Password Re-entered and New Passwords do not match Different passwords were entered in the New Password and the New Password Re-entry text boxes of the Change Login Password form or Change Privileged Password form.
  • Page 472 Appendix D: Error Messages WARNING – REVIEW BEFORE YOU DELETE: The object you are about to delete could be referenced by other configuration objects. To ensure consistency, remove 'all' references to this object before you delete it. Refer to CoreWatch documentation for more information.

  • Page 473: Glossary

    Glossary Access Control List (ACL) List the SSR keeps to restrict Layer 3/4 traffic going through the router. Each ACL or each list consists of one or more rules describing a particular type of IP or IPX traffic. An ACL can be simple and consist of only one rule or complicated with many rules.
  • Page 474 Glossary Autonomous System A set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the autonomous system, and using an exterior gateway protocol to route packets to other autonomous systems. Since this classic definition was developed, it has become common for a single autonomous system to use several interior gateway protocols and sometimes several sets of metrics within an autonomous system.
  • Page 475 Glossary Broadcast Network Network supporting two or more attached routers and is capable of addressing a single physical message to all of those routers. Neighboring routers are discovered dynamically on broadcast networks using OSPF’s Hello Protocol. The Hello Protocol takes advantage of the broadcast capability. The protocol also makes use of existing multicast capabilities.
  • Page 476 Glossary OSPF interface state that indicates the router itself is the designated router on the network to which the router is attached. DR Other OSPF interface state that indicates that the interface's router is neither the designated router nor the backup designated router. The interface's router forms adjacencies to both the designated router and the backup designated router (if applicable).
  • Page 477 Glossary Internet Control Message Protocol (ICMP) Protocol that reports IP packet errors and provides other information about the processing of IP packets. Internet Group Management Protocol (IGMP) Protocol IP hosts use to report their host group memberships to any multicast routers to which the IP hosts are connected.
  • Page 478 Glossary Lossy Trait of a network likely to lose data when it becomes heavily loaded. MAC Address Address of a port or computer that other devices use to locate those ports or computers. These addresses are also used to create and update routing tables. Management Information Base (MIB) Network management information stored in a database.
  • Page 479 Glossary Nonbroadcast Multiaccess (NBMA) Networks Network that supports two or more attached routers but does not have broadcast capability. Open Shortest Path First (OSPF) OSPF is a link-state routing protocol that supports the distribution of routing information between routers belonging to a single autonomous system. Path Cost A number from 1 to 65535.
  • Page 480 Glossary • Define flows that act as templates for some IP and IPX packet fields. • Assign a precedence to the fields of the flows you define. • Establish queuing policies to specify how the SSR handles the different traffic priorities.
  • Page 481 Glossary SmartSwitch Router (SSR) Cabletron Systems product that is capable of switching traffic at Layer-2, Layer-3, and Layer-4. The SSRs provide full-function routing at Gigabit speeds, pinpoint control over application usage, and can handle enterprise and ISP backbone traffic. Spanning Tree Protocol (STP) Protocol that enables a bridge to create a spanning tree so that the bridge can dynamically work around loops.
  • Page 482 Glossary uses both the destination address and type of service fields in an IP header to choose a route. Unicast Packet Packet sent to a single destination. The packet is going from one point to another point. Unicast Routing Routing method in which a packet is sent to a single host. This differs from multicast routing in which individual packets are sent to many destinations.

  • Page 483: Index

    Index of SSR bridging 70–76 overriding default 71–72 About CoreWatch command 455 applying Access Control Lists. See ACLs ACLs 114, 119, 165, 170, 224–228 access ports flows to interfaces 204 defining 89–91 area aggregate information, OSPF 414–415 in VLANs 88 area information, OSPF 409–410 accessing online help 35 ARP entries, defining 133–135...
  • Page 484 Index changes, committing 46 Open Schematic view 447 changing OSPF Area Aggregate 451 OSPF Area Table 451 ACL name 242 interface list of flows 202–204 OSPF Interface Table 451 port list of flows 204 OSPF Link State DB 451 QoS profiles 199–205 OSPF Neighbor Table 451 system settings 49–63 Packet Statistics 449...
  • Page 485 Index loading 46 interface 29–33 retrieving 47 linking with HP OpenView 29 linking with SPECTRUM Enterprise subtree 40 viewing contents 40 Manager 28 configuration tasks, order 45 menus 447–455 configuration tree online help 35 copying objects 44 overview 21–24 deleting objects 45 requirements 22 description 40–42 starting...
  • Page 486 Index Bridging STP 80, 81 Static Export Source 320 Bridging VLAN Mode 89 STP Global Settings 77 System Configuration DNS 59 Default Aging Timeout 71 Dial Options 374 System ID 50 Direct Export Source 318 System Log 58 DVMRP Global Parameters Configuration Tag Export Source 317 Update ACL List 122, 174 DVMRP Tunnel 153...
  • Page 487 Index SmartTRUNK information 369 SSR queuing policy 180 STP Port information 392–394 Exit command 448 trap information 368 exiting VLAN information 391 Configuration Expert 48 Distance Vector Multicast Routing Protocol. See CoreWatch 36 DVMRP exporting DNS. See Domain Naming System table data 446 Domain Naming System, configuring 59 dragging...
  • Page 488 Index description 30–31 IGMP Cache Table command 453 legend 30–31 IGMP Global Parameters Configuration dialog modules 31 box 156 starting Configuration Expert 38 IGMP Interface Definition dialog box 157 full-duplex 52 IGMP Interface table 426 IGMP Interface Table command 453 IGMP interfaces obtaining information 426–428 gathering...
  • Page 489 Index enabling IGMP 156–158 modifying 121–124 L2 Flow Priority Definition dialog box 202 monitoring 381–385 L2 Flows command 453 obtaining information 398 L2 Forward table 435 IP Packet Statistics graph 381 L2 interface IP QoS Precedence dialog box 182 information 394–395 IP Reassembly Statistics graph 382 L2 Interface table 395 IP Security wizard 208...
  • Page 490 Index ACL name 242 IPX interface information 401 ACL rules 243 IPX packet statistics 386 filter port bindings 244 L2 interface information 394–395 interface list of flows 202–204 Layer-2 priority information 431 IP interfaces 121–124 Layer-2 switching information 435–436 IPX interfaces 172–175 Layer-3/4 flow priority information 433–434 port list of flows 204 Layer-3/4 switching information 436–438...
  • Page 491 Index OSPF Interface Table command 451 individual 54–57 OSPF interfaces, obtaining information 405 cost 78 defining STP attributes 78–79 OSPF Link State DB table 412 OSPF Link State DB Table command 451 disabling 56 OSPF Neighbor table 411 disabling aging 72–74 OSPF Neighbor Table command 451 disabling STP 81–82 OSPF Policy ASE Defaults dialog box 300...
  • Page 492 Index QoS profiles creating 184–199 configuring 139–145 defining interfaces 141–144 for IP 185–190 for IPX 190–195 disabling 140 for Layer-2 195–199 enabling 140 modifying 199–205 filters 212 QoS State submenu 453 global parameters 139, 141 QoS tables, checking status 431–438 overview 137–139 QoS wizard 185, 195 peer information 417–418...
  • Page 493 Index description 32–33 sorting table information 446 opening 32 source gateways, adding 145 Spanning Tree Protocol. See STP using 33 secure port filters specifying combining with static entries 238 VRRP Trace options 125 configuring 238–241 defined 228 administrator 50 security aging state 70–76 configuring 207–245 and STP 76–82...
  • Page 494 Index enabling on ports 79–81 finding text 443 port information 392–394 Flow 437 setting up 76–82 Flow Priority 433 STP Global Settings dialog box 77 IGMP Cache 428 STP Port table 392 IGMP Interface 426 STP settings, defining 77–78 IP Forwarding 399 STP Table command 450 IP Interface 398 strict priority 180...
  • Page 495 Index trusted gateways, adding 144–145 tunnels weighted-fair queuing 180 defining DVMRP 151–153 White Papers command 454 disabling DVMRP 153 Window menu 454 DVMRP 151–154 Windows 95/98 enabling DVMRP 153 CoreWatch requirements 22 installing CoreWatch 26 starting Configuration Expert 39 starting CoreWatch 28 unicast routing Windows NT description 131–146...

This manual is also suitable for:

Ssr-hfx11-08Ssr-hfx29-08Ssr-glx70-01Ssr-gsx11-02Corewatch

Table of Contents