foundry enterprise configuration and management...

Foundry EnterpriseConfiguration and Management Guide

2100 Gold Street

P.O. Box 649100San Jose, CA 95164-9100

Tel 408.586.1700

Fax 408.586.1900

January 2006

™

Copyright © 2006 Foundry Networks, Inc. All rights reserved.

No part of this work may be reproduced in any form or by any means – graphic, electronic or mechanical, including photocopying, recording, taping or storage in an information retrieval system – without prior written permission of the copyright owner.

The trademarks, logos and service marks ("Marks") displayed herein are the property of Foundry or other third parties. You are not permitted to use these Marks without the prior written consent of Foundry or such appropriate third party.

Foundry Networks, BigIron, FastIron, IronView, JetCore, NetIron, ServerIron, TurboIron, IronWare, EdgeIron, IronPoint, the Iron family of marks and the Foundry Logo are trademarks or registered trademarks of Foundry Networks, Inc. in the United States and other countries.

F-Secure is a trademark of F-Secure Corporation. All other trademarks mentioned in this document are the property of their respective owners.

Contents

CHAPTER 1GETTING STARTED...................................................................................... 1-1AUDIENCE ..................................................................................................................................................1-2NOMENCLATURE .........................................................................................................................................1-2RELATED PUBLICATIONS .............................................................................................................................1-3HOW TO GET HELP .....................................................................................................................................1-3

WEB ACCESS .......................................................................................................................................1-3EMAIL ACCESS .....................................................................................................................................1-3TELEPHONE ACCESS ............................................................................................................................1-4

WARRANTY COVERAGE ...............................................................................................................................1-4

CHAPTER 2CONFIGURING BASIC QUALITY OF SERVICE ................................................. 2-1THE QUEUES ..............................................................................................................................................2-1

AUTOMATIC QUEUE MAPPING FOR IP TYPE OF SERVICE (TOS) VALUES ...............................................2-2QUEUING METHODS ....................................................................................................................................2-3

SELECTING THE QUEUING METHOD .......................................................................................................2-3CONFIGURING THE QUEUES ..................................................................................................................2-4

DISPLAYING THE IRONCLAD QOS PROFILE CONFIGURATION .......................................................................2-10ASSIGNING QOS PRIORITIES TO TRAFFIC ..................................................................................................2-11

CHANGING A PORT’S PRIORITY ...........................................................................................................2-12CHANGING A LAYER 2 PORT-BASED VLAN’S PRIORITY .......................................................................2-13REASSIGNING 802.1P PRIORITIES TO DIFFERENT QUEUES ...................................................................2-14ASSIGNING STATIC MAC ENTRIES TO PRIORITY QUEUES ....................................................................2-17ASSIGNING IP AND LAYER 4 SESSIONS TO PRIORITY QUEUES .............................................................2-18ASSIGNING APPLETALK SOCKETS TO PRIORITY QUEUES ....................................................................2-27

IP TOS-BASED QOS ................................................................................................................................2-28CONFIGURING A UTILIZATION LIST FOR AN UPLINK PORT ............................................................................2-35

DISPLAYING UTILIZATION PERCENTAGES FOR AN UPLINK .....................................................................2-37

January 2006 © 2006 Foundry Networks, Inc. iii

Foundry Enterprise Configuration and Management Guide

CHAPTER 3CONFIGURING QUALITY OF SERVICE ON A FASTIRON EDGE SWITCH AND FASTIRON EDGE SWITCH X-SERIES............................................................. 3-1QOS ON A FASTIRON EDGE DEVICE ............................................................................................................3-1

THE QUEUES .......................................................................................................................................3-1QUEUING METHODS .............................................................................................................................3-2802.1P SUPPORT .................................................................................................................................3-4802.1Q MARKING ................................................................................................................................3-4ASSIGNING QOS PRIORITIES TO TRAFFIC ..............................................................................................3-5VIEWING QOS SETTINGS ......................................................................................................................3-5TYPE OF SERVICE (TOS) BASED QOS ..................................................................................................3-5

QOS ON A FASTIRON EDGE SWITCH X-SERIES ............................................................................................3-8THE QUEUES .......................................................................................................................................3-8QUEUING METHODS .............................................................................................................................3-8802.1P SUPPORT ...............................................................................................................................3-10802.1Q MARKING ..............................................................................................................................3-11ASSIGNING QOS PRIORITIES TO TRAFFIC ............................................................................................3-11VIEWING QOS SETTINGS ....................................................................................................................3-12TYPE OF SERVICE (TOS) BASED QOS ................................................................................................3-12

CHAPTER 4CONFIGURING ENHANCED QUALITY OF SERVICE .......................................... 4-1BASIC AND ADVANCED TOS-BASED QOS ....................................................................................................4-1QOS SUPPORT WHEN IP TOS-BASED QOS IS DISABLED .............................................................................4-2CLASSIFICATION, MARKING, AND SCHEDULING .............................................................................................4-2

CLASSIFICATION ...................................................................................................................................4-2MARKING .............................................................................................................................................4-2SCHEDULING ........................................................................................................................................4-3DEFAULT QOS MAPPINGS ....................................................................................................................4-3

LAYER 4 CAM USAGE ................................................................................................................................4-5USING ACLS, PBR, OR NAT AND IP TOS-BASED QOS ...............................................................................4-5DSCP PROCESSING FOR TRAFFIC FORWARDED BY THE CPU ......................................................................4-5ALTERNATIVE QOS METHODS .....................................................................................................................4-5CONFIGURING TOS-BASED QOS .................................................................................................................4-6

ENABLING BASIC TOS-BASED QOS ......................................................................................................4-7ENABLING ADVANCED TOS-BASED QOS ...............................................................................................4-7SPECIFYING THE TRUST LEVEL .............................................................................................................4-7ENABLING MARKING .............................................................................................................................4-8CHANGING THE QOS MAPPINGS ...........................................................................................................4-8

DISPLAYING CONFIGURATION INFORMATION ...............................................................................................4-11

CHAPTER 5LAYER 2 ACLS .......................................................................................... 5-1FILTERING BASED ON ETHERTYPE ...............................................................................................................5-1

FOR JETCORE DEVICES: .......................................................................................................................5-1

iv © 2006 Foundry Networks, Inc. January 2006

Contents

FOR THE BIGIRON MG8 AND NETIRON 40G: .........................................................................................5-2FOR THE NETIRON IMR 640 .................................................................................................................5-2

CONFIGURATION RULES AND NOTES ...........................................................................................................5-2FOR JETCORE DEVICES .......................................................................................................................5-2FOR THE BIGIRON MG8 AND NETIRON 40G ..........................................................................................5-2

CONFIGURING LAYER 2 ACLS .....................................................................................................................5-3CONFIGURATION CONSIDERATIONS .......................................................................................................5-3CREATING A LAYER 2 ACL TABLE ........................................................................................................5-3EXAMPLE LAYER 2 ACL CLAUSES ........................................................................................................5-5INSERTING AND DELETING LAYER 2 ACL CLAUSES ...............................................................................5-5BINDING A LAYER 2 ACL TABLE TO AN INTERFACE ................................................................................5-5INCREASING THE MAXIMUM NUMBER OF CLAUSES PER LAYER 2 ACL TABLE .........................................5-5

VIEWING LAYER 2 ACLS .............................................................................................................................5-6EXAMPLE OF LAYER 2 ACL DENY BY MAC ADDRESS (RELEASE 02.1.00 FOR THE BIGIRON MG8 AND

NETIRON 40G) ..............................................................................................................................5-6

CHAPTER 6ACCESS CONTROL LIST .............................................................................. 6-1HOW FOUNDRY DEVICES PROCESS ACLS ...................................................................................................6-2

FLOW-BASED ACLS .............................................................................................................................6-2RULE-BASED ACLS ..............................................................................................................................6-3HOW FRAGMENTED PACKETS ARE PROCESSED .....................................................................................6-6

DISABLING OR RE-ENABLING ACCESS CONTROL LISTS (ACLS) ....................................................................6-7FOR FLOW-BASED ACLS .....................................................................................................................6-7DISABLING OR RE-ENABLING RULE-BASED ACLS ..................................................................................6-8

DEFAULT ACL ACTION ................................................................................................................................6-9TYPES OF IP ACLS ....................................................................................................................................6-9ACL IDS AND ENTRIES ...............................................................................................................................6-9

ENABLING SUPPORT FOR ADDITIONAL ACL STATEMENTS ....................................................................6-10SUPPORT FOR UP TO 8192 ACL ENTRIES ...........................................................................................6-11

ACL ENTRIES AND THE LAYER 4 CAM ......................................................................................................6-11FLOW-BASED ACLS AND RULE-BASED ACLS BOTH USE LAYER 4 CAM ENTRIES. ..................................6-11AGING OUT OF ENTRIES IN THE LAYER 4 CAM ...................................................................................6-11DISPLAYING THE NUMBER OF LAYER 4 CAM ENTRIES .........................................................................6-12SPECIFYING THE MAXIMUM NUMBER OF CAM ENTRIES FOR ACLS (RULE-BASED ACLS) .....................6-12ACL CAM SHARING FOR INBOUND ACLS ...........................................................................................6-13

CONFIGURING NUMBERED AND NAMED ACLS ............................................................................................6-14CONFIGURING STANDARD NUMBERED ACLS .......................................................................................6-14CONFIGURING EXTENDED NUMBERED ACLS .......................................................................................6-17EXTENDED ACL SYNTAX ....................................................................................................................6-20CONFIGURING STANDARD OR EXTENDED NAMED ACLS .......................................................................6-24DISPLAYING ACL DEFINITIONS ............................................................................................................6-25DISPLAYING OF TCP/UDP NUMBERS IN ACLS ....................................................................................6-26DISPLAYING ACLS USING KEYWORDS .................................................................................................6-26

MODIFYING ACLS .....................................................................................................................................6-29ADDING, INSERTING, REPLACING, OR DELETING A COMMENT ...............................................................6-30

January 2006 © 2006 Foundry Networks, Inc. v


INSERTING, DELETING, AND REPLACING ACL ENTRIES .......................................................................6-33DISPLAYING A LIST OF ACL ENTRIES ..................................................................................................6-33INSERTING AN ACL ENTRY .................................................................................................................6-34DELETING AN ACL ENTRY FROM WITHIN A LIST ..................................................................................6-35

SPECIFYING A HOST NAME IN AN ACL STATEMENT ....................................................................................6-37REPLACING AN ACL ENTRY ................................................................................................................6-37

APPLYING AN ACLS TO INTERFACES .........................................................................................................6-39REAPPLYING MODIFIED ACLS .............................................................................................................6-39APPLYING AN ACL TO OUTGOING TRAFFIC ON A PORT ........................................................................6-39APPLYING ACLS TO A VIRTUAL ROUTING INTERFACE ..........................................................................6-40

ACL LOGGING ..........................................................................................................................................6-40ACL LOGGING FOR FLOW-BASED ACLS .............................................................................................6-40ACL LOGGING FOR RULE-BASED ACLS ..............................................................................................6-41DISPLAYING ACL LOG ENTRIES ..........................................................................................................6-42DISPLAYING ACL STATISTICS FOR FLOW-BASED ACLS .......................................................................6-43CLEARING FLOW-BASED ACL STATISTICS ...........................................................................................6-44

QOS OPTIONS FOR IP ACLS (RULE-BASED ACLS) ...................................................................................6-44USING AN ACL TO CHANGE THE FORWARDING QUEUE ........................................................................6-45MATCHING ON A PACKET’S 802.1P VALUE ..........................................................................................6-46MATCHING ON A PACKET’S DSCP VALUE ...........................................................................................6-47USING AN IP ACL TO MARK TOS VALUES ...........................................................................................6-47USING AN IP ACL TO MAP THE DSCP VALUE .....................................................................................6-48

DROPPING ALL FRAGMENTS THAT EXACTLY MATCH A FLOW-BASED ACL ..................................................6-48ENABLING ACL DUPLICATION CHECK ON TERATHON DEVICES ...................................................................6-48ACL ACCOUNTING FOR THE NETIRON IMR 640 .........................................................................................6-48

ENABLING ACCOUNTING STATISTICS FOR ALL ACLS ............................................................................6-49DISPLAYING ACCOUNTING STATISTICS FOR ALL ACLS .........................................................................6-49DISPLAYING STATISTICS FOR AN INTERFACE ........................................................................................6-50CLEARING THE ACL STATISTICS .........................................................................................................6-51

ENABLING ACL FILTERING OF FRAGMENTED PACKETS ...............................................................................6-51FILTERING FRAGMENTED PACKETS FOR RULE-BASED ACLS (JETCORE) ..............................................6-51FILTERING FRAGMENTED OR NON-FRAGMENTED PACKETS ON THE NETIRON IMR 640 .........................6-53

ENABLING HARDWARE FILTERING FOR PACKETS DENIED BY FLOW-BASED ACLS .......................................6-54ENABLING STRICT TCP OR UDP MODE FOR FLOW-BASED ACLS ..............................................................6-55

ENABLING STRICT TCP MODE ............................................................................................................6-55ENABLING STRICT UDP MODE ...........................................................................................................6-56CONFIGURING ACL PACKET AND FLOW COUNTERS .............................................................................6-56

FILTERING ON IP PRECEDENCE AND TOS VALUES OF FLOW-BASED ACLS .................................................6-58ACL FILTERING FOR TRAFFIC SWITCHED WITHIN A VIRTUAL ROUTING INTERFACE ......................................6-58USING FLOW-BASED ACLS TO FILTER ARP PACKETS ...............................................................................6-59

CONFIGURING ACLS FOR ARP FILTERING ..........................................................................................6-60DISPLAYING ACL FILTERS FOR ARP ...................................................................................................6-61CLEARING ARP FILTER COUNT ..........................................................................................................6-61

ACLS AND ICMP ......................................................................................................................................6-61USING FLOW-BASED ACLS TO FILTER ICMP PACKETS BASED ON THE IP PACKET LENGTH .................6-61ICMP FILTERING WITH FLOW-BASED ACLS ........................................................................................6-61

vi © 2006 Foundry Networks, Inc. January 2006

Contents

ENABLING ICMP UNREACHABLE MESSAGES FOR TRAFFIC DENIED BY FLOW-BASED ACLS ..................6-64ICMP FILTERING FOR EXTENDED ACLS ON THE NETIRON IMR 640 ....................................................6-65

USING ACLS AND NAT ON THE SAME INTERFACE (FLOW-BASED ACLS) ...................................................6-65TROUBLESHOOTING RULE-BASED ACLS ....................................................................................................6-66USING IP RECEIVE ACCESS LIST TO FILTER PACKETS ...............................................................................6-67

CONFIGURING IP RECEIVE ACCESS LIST .............................................................................................6-67DISPLAYING IP RECEIVE ACCESS LIST ................................................................................................6-67

CHAPTER 7HARDWARE-BASED POLICY-BASED ROUTING.............................................. 7-1CONFIGURATION CONSIDERATIONS ..............................................................................................................7-1CONFIGURING A PBR POLICY .....................................................................................................................7-2

CONFIGURATION EXAMPLES .................................................................................................................7-2NEXT HOP SELECTION .........................................................................................................................7-2USING THE MOST DIRECT ROUTE .........................................................................................................7-2ENABLING PBR FOR FRAGMENTED PACKETS ........................................................................................7-2CREATING A ROUTE MAP .....................................................................................................................7-3CREATING ACLS ..................................................................................................................................7-3EXTENDED ACL ...................................................................................................................................7-4CREATING A PBR POLICY ....................................................................................................................7-4

CHAPTER 8CONFIGURING IRONCLAD RATE LIMITING (IRONCORE) ............................................................................................. 8-1FIXED RATE LIMITING ..................................................................................................................................8-2

HOW FIXED RATE LIMITING WORKS ......................................................................................................8-2CONFIGURING FIXED RATE LIMITING .....................................................................................................8-3DISPLAYING FIXED RATE LIMITING INFORMATION ...................................................................................8-4

ADAPTIVE RATE LIMITING ............................................................................................................................8-4EXAMPLES OF ADAPTIVE RATE LIMITING APPLICATIONS .........................................................................8-5ADAPTIVE RATE LIMITING PARAMETERS ................................................................................................8-8HOW ADAPTIVE RATE LIMITING WORKS ..............................................................................................8-10CONFIGURING ADAPTIVE RATE LIMITING .............................................................................................8-13CONFIGURING PORT-, VLAN- AND DIRECTION-BASED RATE LIMITING (VM1 ONLY) ..............................8-18DISPLAYING CONFIGURATION INFORMATION AND STATISTICS ...............................................................8-20CLEARING ADAPTIVE RATE LIMITING STATISTICS .................................................................................8-20COMPLETE CLI EXAMPLES .................................................................................................................8-21DISABLING RATE LIMITING EXEMPTION FOR CONTROL PACKETS ..........................................................8-22USING A RATE LIMITING ACL TO DENY TRAFFIC .................................................................................8-23

CHAPTER 9CONFIGURING JETCORE RATE LIMITING (JETCORE) .................................... 9-1ADAPTIVE RATE LIMITING ............................................................................................................................9-1

JETCORE RATE LIMITING SUPPORT FOR RELEASE 07.6.01 ..................................................................9-2RATE LIMITING ALGORITHM AND PARAMETERS ......................................................................................9-3

January 2006 © 2006 Foundry Networks, Inc. vii


RATE LIMITING OF CONTROL PACKETS ..................................................................................................9-4CONFIGURATION CONSIDERATIONS .......................................................................................................9-4CONFIGURING JETCORE ADAPTIVE RATE LIMITING ................................................................................9-5LAYER 2 ACL-BASED RATE LIMITING ....................................................................................................9-8USING ACLS FOR FILTERING IN ADDITION TO RATE LIMITING .................................................................9-9RATE LIMITING FOR IP INTERFACE TRAFFIC ON JETCORE DEVICES ........................................................9-9

DISPLAYING RATE LIMITING INFORMATION .................................................................................................9-10DISPLAYING THE POLICIES ..................................................................................................................9-11DISPLAYING ADJUSTED AVERAGE RATES ............................................................................................9-13

FIXED RATE LIMITING ................................................................................................................................9-15

CHAPTER 10 CONFIGURING RATE LIMITING ON NETIRON IMR 640 ................................ 10-1RATE LIMITING ON NETIRON IMR 640 IN RELEASE 02.0.02 .......................................................................10-1

APPLYING RATE LIMITING PARAMETERS DIRECTLY TO A PORT .............................................................10-2APPLYING RATE LIMITING PARAMETERS USING A POLICY MAP ............................................................10-3CONFIGURATION CONSIDERATIONS .....................................................................................................10-3

CONFIGURING RATE LIMITING ON NETIRON IMR 640 DEVICES ...................................................................10-4CONFIGURING A POLICY MAP .............................................................................................................10-4CONFIGURING PORT-BASED RATE LIMITING FOR INBOUND AND OUTBOUND PORTS ..............................10-4CONFIGURING A PORT AND PRIORITY-BASED RATE LIMITING POLICY FOR INBOUND AND OUTBOUND PORTS

10-5CONFIGURING A PORT-AND-VLAN-BASED RATE LIMITING POLICY .......................................................10-5CONFIGURING A PORT-AND-VLAN GROUP-BASED RATE LIMITING POLICY ...........................................10-6CONFIGURING A PORT-AND-ACL-BASED RATE LIMITING POLICY ..........................................................10-7CONFIGURING FOR NO PRIORITY-BASED RATE LIMITING ......................................................................10-8CONFIGURING EGRESS PRIORITY MERGING ........................................................................................10-8

DISPLAYING RATE LIMITING POLICIES ........................................................................................................10-9DISPLAYING ACCOUNTING INFORMATION FOR RATE LIMIT USAGE .........................................................10-9RESETTING THE RATE LIMIT COUNTERS ............................................................................................10-10DISPLAYING INFORMATION ABOUT RATE LIMIT VLAN GROUPS ............................................................10-10DISPLAYING RATE LIMIT POLICIES PER INTERFACE ............................................................................10-10DISPLAYING RATE LIMIT POLICIES CONFIGURED IN POLICY MAPS ......................................................10-11

CHAPTER 11CONFIGURING RATE LIMITING ON OTHER FOUNDRY DEVICES..................... 11-1FIXED RATE LIMITING ON A FASTIRON EDGE SWITCH (FES) ......................................................................11-1

CONFIGURING RATE LIMITING .............................................................................................................11-1DISPLAYING THE FIXED RATE LIMITING CONFIGURATION ......................................................................11-2

RATE LIMITING ON TERATHON DEVICES .....................................................................................................11-2RATE LIMITING PARAMETERS AND ALGORITHM ....................................................................................11-3CONFIGURATION CONSIDERATIONS .....................................................................................................11-4CONFIGURING RATE LIMITING ON TERATHON DEVICES ........................................................................11-5DISPLAYING RATE LIMITING POLICIES ...............................................................................................11-10CHANGES TO RATE LIMITING COUNTERS IN TERATHON IRONWARE RELEASE 02.2.00 ........................11-12

viii © 2006 Foundry Networks, Inc. January 2006

Contents

CHAPTER 12CONFIGURING IP....................................................................................... 12-1BASIC CONFIGURATION .............................................................................................................................12-1OVERVIEW ................................................................................................................................................12-2

IP INTERFACES ..................................................................................................................................12-2IP PACKET FLOW THROUGH A LAYER 3 SWITCH .................................................................................12-3IP ROUTE EXCHANGE PROTOCOLS .....................................................................................................12-7IP MULTICAST PROTOCOLS ................................................................................................................12-8IP INTERFACE REDUNDANCY PROTOCOLS ...........................................................................................12-8NETWORK ADDRESS TRANSLATION ....................................................................................................12-8ACCESS CONTROL LISTS AND IP ACCESS POLICIES ............................................................................12-8

BASIC IP PARAMETERS AND DEFAULTS – LAYER 3 SWITCHES ....................................................................12-9WHEN PARAMETER CHANGES TAKE EFFECT .......................................................................................12-9IP GLOBAL PARAMETERS – LAYER 3 SWITCHES ................................................................................12-10IP INTERFACE PARAMETERS – LAYER 3 SWITCHES ...........................................................................12-14

BASIC IP PARAMETERS AND DEFAULTS – LAYER 2 SWITCHES ..................................................................12-17IP GLOBAL PARAMETERS – LAYER 2 SWITCHES ................................................................................12-17INTERFACE IP PARAMETERS – LAYER 2 SWITCHES ...........................................................................12-19

CONFIGURING IP PARAMETERS – LAYER 3 SWITCHES .............................................................................12-19CONFIGURING IP ADDRESSES ..........................................................................................................12-19CONFIGURING DOMAIN NAME SERVER (DNS) RESOLVER ..................................................................12-23CONFIGURING PACKET PARAMETERS ................................................................................................12-31ENABLING IP OPTION ATTACK PROTECTION ......................................................................................12-39SETTING MAXIMUM FRAME SIZE PER PPCR (TERATHON DEVICES) ...................................................12-39CHANGING THE ROUTER ID ..............................................................................................................12-40SPECIFYING A SINGLE SOURCE INTERFACE FOR TELNET, TACACS/TACACS+,

OR RADIUS PACKETS ...............................................................................................................12-41CONFIGURING ARP PARAMETERS ....................................................................................................12-43RATE LIMITING ARP PACKETS ..........................................................................................................12-44CONFIGURING FORWARDING PARAMETERS .......................................................................................12-50DISABLING ICMP MESSAGES ...........................................................................................................12-52DISABLING ICMP REDIRECT MESSAGES ...........................................................................................12-54CONFIGURING STATIC ROUTES .........................................................................................................12-54ADDING A TAG TO A STATIC ROUTE ..................................................................................................12-64CONFIGURING A DEFAULT NETWORK ROUTE .....................................................................................12-65CONFIGURING IP LOAD SHARING ......................................................................................................12-66IP LOAD SHARING FOR RIPV2 ROUTES ............................................................................................12-79OPTIMIZING THE IP FORWARDING CACHE ..........................................................................................12-79CONFIGURING IRDP .........................................................................................................................12-87CONFIGURING RARP .......................................................................................................................12-89CONFIGURING UDP BROADCAST AND IP HELPER PARAMETERS ........................................................12-91CONFIGURING BOOTP/DHCP FORWARDING PARAMETERS ................................................................12-95

CONFIGURING IP PARAMETERS – LAYER 2 SWITCHES .............................................................................12-97CONFIGURING THE MANAGEMENT IP ADDRESS AND SPECIFYING THE DEFAULT GATEWAY ..................12-97CONFIGURING DOMAIN NAME SERVER (DNS) RESOLVER ..................................................................12-98CHANGING THE TTL THRESHOLD ....................................................................................................12-100

January 2006 © 2006 Foundry Networks, Inc. ix


CONFIGURING DHCP ASSIST .........................................................................................................12-101DISPLAYING IP CONFIGURATION INFORMATION AND STATISTICS .............................................................12-104

CHANGING THE NETWORK MASK DISPLAY TO PREFIX FORMAT ........................................................12-104DISPLAYING IP INFORMATION – LAYER 3 SWITCHES ........................................................................12-105DISPLAYING IP INFORMATION – LAYER 2 SWITCHES ........................................................................12-129

CHAPTER 13CONFIGURING RIP .................................................................................... 13-1

ICMP HOST UNREACHABLE MESSAGE FOR UNDELIVERABLE ARPS .....................................................13-1RIP PARAMETERS AND DEFAULTS .............................................................................................................13-2

RIP GLOBAL PARAMETERS .................................................................................................................13-2RIP INTERFACE PARAMETERS ............................................................................................................13-3

CONFIGURING RIP PARAMETERS ..............................................................................................................13-3ENABLING RIP ...................................................................................................................................13-3CONFIGURING METRIC PARAMETERS ..................................................................................................13-4CHANGING THE ADMINISTRATIVE DISTANCE ........................................................................................13-6CONFIGURING REDISTRIBUTION ..........................................................................................................13-6CONFIGURING ROUTE LEARNING AND ADVERTISING PARAMETERS .....................................................13-10CHANGING THE ROUTE LOOP PREVENTION METHOD .........................................................................13-13SUPPRESSING RIP ROUTE ADVERTISEMENT ON A VRRP OR VRRPE BACKUP INTERFACE .................13-14CONFIGURING RIP ROUTE FILTERS ..................................................................................................13-14SETTING RIP TIMERS .......................................................................................................................13-17

DISPLAYING RIP FILTERS ........................................................................................................................13-17DISPLAYING CPU UTILIZATION STATISTICS ..............................................................................................13-19

CHAPTER 14CONFIGURING IP MULTICAST PROTOCOLS................................................. 14-1OVERVIEW OF IP MULTICASTING ...............................................................................................................14-1

MULTICAST TERMS .............................................................................................................................14-2CHANGING GLOBAL IP MULTICAST PARAMETERS .......................................................................................14-2

CHANGING DYNAMIC MEMORY ALLOCATION FOR IP MULTICAST GROUPS .............................................14-2CHANGING IGMP V1 AND V2 PARAMETERS ........................................................................................14-4ADDING AN INTERFACE TO A MULTICAST GROUP .................................................................................14-6ENABLING HARDWARE FORWARDING OF MULTICAST TRAFFIC ON TAGGED PORTS (JETCORE ONLY) ....14-6ENABLING HARDWARE FORWARDING FOR ALL FRAGMENTS OF IP MULTICAST PACKETS .......................14-9JETCORE HARDWARE FORWARDING OF MULTICAST TRAFFIC ON TAGGED AND UNTAGGED PORTS .......14-9SPECIFYING A DESIGNATED ROUTER ELECTION PRIORITY FOR PIM V2 ..............................................14-12

PIM DENSE ...........................................................................................................................................14-13INITIATING PIM MULTICASTS ON A NETWORK ....................................................................................14-13PRUNING A MULTICAST TREE ...........................................................................................................14-13GRAFTS TO A MULTICAST TREE ........................................................................................................14-15PIM DM VERSIONS ..........................................................................................................................14-15CONFIGURING PIM DM ...................................................................................................................14-16FAILOVER TIME IN A MULTI-PATH TOPOLOGY ....................................................................................14-22MODIFYING THE TTL ........................................................................................................................14-23DROPPING PIM TRAFFIC IN HARDWARE ............................................................................................14-23

x © 2006 Foundry Networks, Inc. January 2006

Contents

PIM SPARSE .........................................................................................................................................14-24PIM SPARSE ROUTER TYPES ...........................................................................................................14-25RP PATHS AND SPT PATHS .............................................................................................................14-25CONFIGURING PIM SPARSE ..............................................................................................................14-25DROPPING PIM TRAFFIC IN HARDWARE ............................................................................................14-31DISPLAYING PIM SPARSE CONFIGURATION INFORMATION AND STATISTICS .........................................14-31

CONFIGURING MULTICAST SOURCE DISCOVERY PROTOCOL (MSDP) .......................................................14-45PEER REVERSE PATH FORWARDING (RPF) FLOODING ......................................................................14-47SOURCE ACTIVE CACHING ................................................................................................................14-47CONFIGURING MSDP .......................................................................................................................14-47DESIGNATING AN INTERFACE’S IP ADDRESS AS THE RP’S IP ADDRESS ..............................................14-48FILTERING MSDP SOURCE-GROUP PAIRS ........................................................................................14-49CONFIGURING MSDP MESH GROUPS ...............................................................................................14-52DISPLAYING MSDP INFORMATION .....................................................................................................14-59CLEARING MSDP INFORMATION .......................................................................................................14-65

DVMRP OVERVIEW ................................................................................................................................14-65INITIATING DVMRP MULTICASTS ON A NETWORK .............................................................................14-66PRUNING A MULTICAST TREE ...........................................................................................................14-66GRAFTS TO A MULTICAST TREE ........................................................................................................14-68

CONFIGURING DVMRP ...........................................................................................................................14-68ENABLING DVMRP ON THE LAYER 3 SWITCH AND INTERFACE ...........................................................14-68MODIFYING DVMRP GLOBAL PARAMETERS ......................................................................................14-70MODIFYING DVMRP INTERFACE PARAMETERS .................................................................................14-74DISPLAYING INFORMATION ABOUT AN UPSTREAM NEIGHBOR DEVICE .................................................14-76

CONFIGURING AN IP TUNNEL ..................................................................................................................14-77USING ACLS TO CONTROL MULTICAST FEATURES ...................................................................................14-78

USING ACLS TO LIMIT STATIC RP GROUPS ......................................................................................14-78USING ACLS TO LIMIT PIM RP CANDIDATE ADVERTISEMENT ............................................................14-80USING ACLS TO CONTROL MULTICAST TRAFFIC BOUNDARIES ...........................................................14-81

CONFIGURING A STATIC MULTICAST ROUTE ............................................................................................14-81TRACING A MULTICAST ROUTE ................................................................................................................14-83DISPLAYING ANOTHER MULTICAST ROUTER’S MULTICAST CONFIGURATION ..............................................14-85IGMP V3 ...............................................................................................................................................14-86

DEFAULT IGMP VERSION .................................................................................................................14-86COMPATIBILITY WITH IGMP V1 AND V2 ..........................................................................................14-87GLOBALLY ENABLING THE IGMP VERSION ........................................................................................14-87ENABLING THE IGMP VERSION PER INTERFACE SETTING ..................................................................14-87ENABLING THE IGMP VERSION ON A PHYSICAL PORT WITHIN A VIRTUAL ROUTING INTERFACE ...........14-88ENABLING MEMBERSHIP TRACKING AND FAST LEAVE ........................................................................14-88SETTING THE QUERY INTERVAL ........................................................................................................14-89SETTING THE GROUP MEMBERSHIP TIME ..........................................................................................14-89SETTING THE MAXIMUM RESPONSE TIME ..........................................................................................14-89IGMP V3 AND SOURCE SPECIFIC MULTICAST PROTOCOLS ...............................................................14-90DISPLAYING IGMP V3 INFORMATION ................................................................................................14-90CLEARING IGMP STATISTICS ............................................................................................................14-94

IGMP V3 SNOOPING ..............................................................................................................................14-94

January 2006 © 2006 Foundry Networks, Inc. xi


IGMP V3 SNOOPING OVERVIEW ......................................................................................................14-94IGMP SNOOPING SUPPORT ON FOUNDRY DEVICES ..........................................................................14-95CONFIGURING IGMP V3 SNOOPING ..................................................................................................14-96ENABLING MEMBERSHIP TRACKING AND FAST LEAVE FOR THE VLAN ................................................14-99DISPLAYING IGMP V3 SNOOPING INFORMATION .............................................................................14-100

CHAPTER 15CONFIGURING OSPF ................................................................................ 15-1OVERVIEW OF OSPF ................................................................................................................................15-1

OSPF POINT-TO-POINT LINKS ............................................................................................................15-2DESIGNATED ROUTERS IN MULTI-ACCESS NETWORKS .........................................................................15-3DESIGNATED ROUTER ELECTION IN MULTI-ACCESS NETWORKS ...........................................................15-3OSPF RFC 1583 AND 2178 COMPLIANCE .........................................................................................15-4REDUCTION OF EQUIVALENT AS EXTERNAL LSAS ...............................................................................15-4SUPPORT FOR OSPF RFC 2328 APPENDIX E ....................................................................................15-6DYNAMIC OSPF ACTIVATION AND CONFIGURATION .............................................................................15-7DYNAMIC OSPF MEMORY ..................................................................................................................15-7

CONFIGURING OSPF ................................................................................................................................15-8CONFIGURATION RULES .....................................................................................................................15-8OSPF PARAMETERS ..........................................................................................................................15-8ENABLE OSPF ON THE ROUTER .........................................................................................................15-9ASSIGN OSPF AREAS ......................................................................................................................15-10ASSIGNING AN AREA RANGE (OPTIONAL) ..........................................................................................15-16ASSIGNING INTERFACES TO AN AREA ................................................................................................15-17MODIFY INTERFACE DEFAULTS .........................................................................................................15-18CHANGE THE TIMER FOR OSPF AUTHENTICATION CHANGES .............................................................15-21BLOCK FLOODING OF OUTBOUND LSAS ON SPECIFIC OSPF INTERFACES .........................................15-22CONFIGURING AN OSPF NON-BROADCAST INTERFACE .....................................................................15-22ASSIGN VIRTUAL LINKS ....................................................................................................................15-23MODIFY VIRTUAL LINK PARAMETERS .................................................................................................15-26CHANGING THE REFERENCE BANDWIDTH FOR THE COST ON OSPF INTERFACES ...............................15-28DEFINE REDISTRIBUTION FILTERS .....................................................................................................15-29PREVENT SPECIFIC OSPF ROUTES FROM BEING INSTALLED IN THE IP ROUTE TABLE ........................15-32MODIFY DEFAULT METRIC FOR REDISTRIBUTION ...............................................................................15-35ENABLE ROUTE REDISTRIBUTION ......................................................................................................15-35DISABLE OR RE-ENABLE LOAD SHARING ...........................................................................................15-38CONFIGURE EXTERNAL ROUTE SUMMARIZATION ...............................................................................15-39CONFIGURE DEFAULT ROUTE ORIGINATION .......................................................................................15-40MODIFY SPF TIMERS .......................................................................................................................15-41MODIFY REDISTRIBUTION METRIC TYPE ............................................................................................15-41MODIFY ADMINISTRATIVE DISTANCE ..................................................................................................15-42CONFIGURE OSPF GROUP LINK STATE ADVERTISEMENT (LSA) PACING ...........................................15-43MODIFY OSPF TRAPS GENERATED ..................................................................................................15-43MODIFY OSPF STANDARD COMPLIANCE SETTING .............................................................................15-44MODIFY EXIT OVERFLOW INTERVAL ..................................................................................................15-45MODIFY THE MAXIMUM NUMBER OF ROUTES .....................................................................................15-45

xii © 2006 Foundry Networks, Inc. January 2006

Contents

MODIFY LSDB LIMITS ......................................................................................................................15-46CONFIGURING AN OSPF POINT-TO-POINT LINK .................................................................................15-47SPECIFYING TYPES OF OSPF SYSLOG MESSAGES TO LOG ...............................................................15-47CONFIGURING GRACEFUL RESTART ..................................................................................................15-48

DISPLAYING OSPF INFORMATION ............................................................................................................15-49DISPLAYING GENERAL OSPF CONFIGURATION INFORMATION ............................................................15-51DISPLAYING CPU UTILIZATION STATISTICS ........................................................................................15-52DISPLAYING OSPF AREA INFORMATION ............................................................................................15-53DISPLAYING OSPF NEIGHBOR INFORMATION ....................................................................................15-54DISPLAYING OSPF INTERFACE INFORMATION ....................................................................................15-56DISPLAYING OSPF ROUTE INFORMATION ..........................................................................................15-58DISPLAYING OSPF EXTERNAL LINK STATE INFORMATION ..................................................................15-60DISPLAYING OSPF LINK STATE INFORMATION ...................................................................................15-61DISPLAYING THE DATA IN AN LSA .....................................................................................................15-62DISPLAYING OSPF VIRTUAL NEIGHBOR INFORMATION .......................................................................15-63DISPLAYING OSPF VIRTUAL LINK INFORMATION ................................................................................15-63DISPLAYING OSPF ABR AND ASBR INFORMATION ...........................................................................15-63DISPLAYING OSPF TRAP STATUS .....................................................................................................15-64DISPLAYING OSPF GRACEFUL RESTART INFORMATION .....................................................................15-64

CLEARING OSPF INFORMATION FROM THE FOUNDRY DEVICE ..................................................................15-65CLEARING OSPF NEIGHBOR INFORMATION .......................................................................................15-66CLEARING OSPF TOPOLOGY INFORMATION ......................................................................................15-66CLEARING REDISTRIBUTED ROUTES FROM THE OSPF ROUTING TABLE .............................................15-66CLEARING INFORMATION FOR OSPF AREAS .....................................................................................15-66

CHAPTER 16CONFIGURING BGP4 ................................................................................ 16-1OVERVIEW OF BGP4 ................................................................................................................................16-2

RELATIONSHIP BETWEEN THE BGP4 ROUTE TABLE AND THE IP ROUTE TABLE ....................................16-2HOW BGP4 SELECTS A PATH FOR A ROUTE .......................................................................................16-3BGP4 MESSAGE TYPES .....................................................................................................................16-4

BASIC CONFIGURATION AND ACTIVATION FOR BGP4 .................................................................................16-6NOTE REGARDING DISABLING BGP4 ..................................................................................................16-7

BGP4 PARAMETERS .................................................................................................................................16-7WHEN PARAMETER CHANGES TAKE EFFECT .......................................................................................16-9

MEMORY CONSIDERATIONS .....................................................................................................................16-10MEMORY CONFIGURATION OPTIONS OBSOLETED BY DYNAMIC MEMORY ............................................16-11

BASIC CONFIGURATION TASKS ................................................................................................................16-11ENABLING BGP4 ON THE ROUTER ....................................................................................................16-12CHANGING THE ROUTER ID ..............................................................................................................16-12SETTING THE LOCAL AS NUMBER .....................................................................................................16-13ADDING A LOOPBACK INTERFACE ......................................................................................................16-13ADDING BGP4 NEIGHBORS ..............................................................................................................16-14ADDING A BGP4 PEER GROUP ........................................................................................................16-23

OPTIONAL CONFIGURATION TASKS ..........................................................................................................16-27CHANGING THE KEEP ALIVE TIME AND HOLD TIME ............................................................................16-27

January 2006 © 2006 Foundry Networks, Inc. xiii


CHANGING THE BGP4 NEXT-HOP UPDATE TIMER .............................................................................16-28ENABLING FAST EXTERNAL FALLOVER ..............................................................................................16-28CHANGING THE MAXIMUM NUMBER OF PATHS FOR BGP4 LOAD SHARING .........................................16-29CUSTOMIZING BGP4 LOAD SHARING ................................................................................................16-30SPECIFYING A LIST OF NETWORKS TO ADVERTISE .............................................................................16-31CHANGING THE DEFAULT LOCAL PREFERENCE ..................................................................................16-33USING THE IP DEFAULT ROUTE AS A VALID NEXT HOP FOR A BGP4 ROUTE .....................................16-33ADVERTISING THE DEFAULT ROUTE ..................................................................................................16-34CHANGING THE DEFAULT MED (METRIC) USED FOR ROUTE REDISTRIBUTION ....................................16-34ENABLING NEXT-HOP RECURSION ....................................................................................................16-35CHANGING ADMINISTRATIVE DISTANCES ...........................................................................................16-38REQUIRING THE FIRST AS TO BE THE NEIGHBOR’S AS ......................................................................16-40DISABLING OR RE-ENABLING COMPARISON OF THE AS-PATH LENGTH ...............................................16-40ENABLING OR DISABLING COMPARISON OF THE ROUTER IDS .............................................................16-40CONFIGURING THE LAYER 3 SWITCH TO ALWAYS COMPARE MULTI-EXIT DISCRIMINATORS (MEDS) ....16-40TREATING MISSING MEDS AS THE WORST MEDS .............................................................................16-41AUTOMATICALLY SUMMARIZING SUBNET ROUTES INTO CLASS A, B, OR C NETWORKS .......................16-42CONFIGURING ROUTE REFLECTION PARAMETERS .............................................................................16-42CONFIGURING CONFEDERATIONS ......................................................................................................16-45AGGREGATING ROUTES ADVERTISED TO BGP4 NEIGHBORS .............................................................16-48GRACEFUL RESTART ........................................................................................................................16-50

MODIFYING REDISTRIBUTION PARAMETERS ..............................................................................................16-53REDISTRIBUTING CONNECTED ROUTES .............................................................................................16-55REDISTRIBUTING RIP ROUTES ..........................................................................................................16-55REDISTRIBUTING OSPF EXTERNAL ROUTES .....................................................................................16-56REDISTRIBUTING STATIC ROUTES .....................................................................................................16-56DISABLING OR RE-ENABLING RE-ADVERTISEMENT OF ALL LEARNED

BGP4 ROUTES TO ALL BGP4 NEIGHBORS .................................................................................16-56REDISTRIBUTING IBGP ROUTES INTO RIP AND OSPF ......................................................................16-57REDISTRIBUTING FILTER REBINDING .................................................................................................16-57

FILTERING ..............................................................................................................................................16-58FILTERING SPECIFIC IP ADDRESSES .................................................................................................16-58FILTERING AS-PATHS .......................................................................................................................16-60FILTERING COMMUNITIES ..................................................................................................................16-65DEFINING IP PREFIX LISTS ...............................................................................................................16-69DEFINING NEIGHBOR DISTRIBUTE LISTS ............................................................................................16-72DEFINING ROUTE MAPS ...................................................................................................................16-73USING A TABLE MAP TO SET THE TAG VALUE ...................................................................................16-85CONFIGURING COOPERATIVE BGP4 ROUTE FILTERING .....................................................................16-86ADVERTISING AN IBGP NEXT HOP AS A NULL0 ROUTE AS A DEFENSE AGAINST DDOS ATTACKS .......16-89RESOLVING BGP NEXT HOP USING NULL0 ROUTING ........................................................................16-90

CONFIGURING ROUTE FLAP DAMPENING .................................................................................................16-94GLOBALLY CONFIGURING ROUTE FLAP DAMPENING ..........................................................................16-95USING A ROUTE MAP TO CONFIGURE ROUTE FLAP DAMPENING FOR SPECIFIC ROUTES ....................16-96USING A ROUTE MAP TO CONFIGURE ROUTE FLAP DAMPENING FOR A SPECIFIC NEIGHBOR ............16-102REMOVING ROUTE DAMPENING FROM A ROUTE ..............................................................................16-104

xiv © 2006 Foundry Networks, Inc. January 2006

Contents

REMOVING ROUTE DAMPENING FROM A NEIGHBOR’S ROUTES SUPPRESSED DUE TO AGGREGATION 16-105DISPLAYING AND CLEARING ROUTE FLAP DAMPENING STATISTICS ...................................................16-106

STATICALLY ALLOCATING MEMORY IN EARLIER SOFTWARE RELEASES ...................................................16-108CHANGING THE MAXIMUM NUMBER OF NEIGHBORS .........................................................................16-108CHANGING THE MAXIMUM NUMBER OF ROUTES ..............................................................................16-109CHANGING THE MAXIMUM NUMBER OF ROUTE-ATTRIBUTE ENTRIES .................................................16-109

GENERATING TRAPS FOR BGP .............................................................................................................16-110DISPLAYING BGP4 INFORMATION ..........................................................................................................16-111

DISPLAYING SUMMARY BGP4 INFORMATION ...................................................................................16-111DISPLAYING THE ACTIVE BGP4 CONFIGURATION ............................................................................16-114DISPLAYING CPU UTILIZATION STATISTICS ......................................................................................16-115DISPLAYING SUMMARY NEIGHBOR INFORMATION .............................................................................16-116DISPLAYING BGP4 NEIGHBOR INFORMATION ...................................................................................16-118DISPLAYING PEER GROUP INFORMATION .........................................................................................16-132DISPLAYING SUMMARY ROUTE INFORMATION ..................................................................................16-133DISPLAYING THE BGP4 ROUTE TABLE ............................................................................................16-134DISPLAYING BGP4 ROUTE-ATTRIBUTE ENTRIES ..............................................................................16-142DISPLAYING THE ROUTES BGP4 HAS PLACED IN THE IP ROUTE TABLE ...........................................16-143DISPLAYING ROUTE FLAP DAMPENING STATISTICS ..........................................................................16-144DISPLAYING THE ACTIVE ROUTE MAP CONFIGURATION ....................................................................16-146

UPDATING ROUTE INFORMATION AND RESETTING A NEIGHBOR SESSION ................................................16-146USING SOFT RECONFIGURATION .....................................................................................................16-147DYNAMICALLY REQUESTING A ROUTE REFRESH FROM A BGP4 NEIGHBOR ......................................16-149CLOSING OR RESETTING A NEIGHBOR SESSION ..............................................................................16-152CLEARING AND RESETTING BGP4 ROUTES IN THE IP ROUTE TABLE ................................................16-153

CLEARING TRAFFIC COUNTERS .............................................................................................................16-153CLEARING ROUTE FLAP DAMPENING STATISTICS ...................................................................................16-154REMOVING ROUTE FLAP DAMPENING ....................................................................................................16-154CLEARING DIAGNOSTIC BUFFERS ..........................................................................................................16-155

CHAPTER 17CONFIGURING MBGP ............................................................................... 17-1OVERVIEW ................................................................................................................................................17-1CONFIGURATION CONSIDERATIONS ............................................................................................................17-2CONFIGURING MBGP ...............................................................................................................................17-2

SETTING THE MAXIMUM NUMBER OF MULTICAST ROUTES SUPPORTED ................................................17-3ENABLING MBGP ..............................................................................................................................17-3ADDING MBGP NEIGHBORS ...............................................................................................................17-4OPTIONAL CONFIGURATION TASKS .....................................................................................................17-5

DISPLAYING MBGP INFORMATION .............................................................................................................17-8DISPLAYING SUMMARY MBGP INFORMATION ......................................................................................17-9DISPLAYING THE ACTIVE MBGP CONFIGURATION .............................................................................17-10DISPLAYING MBGP NEIGHBORS .......................................................................................................17-10DISPLAYING MBGP ROUTES ............................................................................................................17-12DISPLAYING THE IP MULTICAST ROUTE TABLE ..................................................................................17-13

January 2006 © 2006 Foundry Networks, Inc. xv


CHAPTER 18NETWORK ADDRESS TRANSLATION ........................................................... 18-1PROTOCOLS SUPPORTED FOR NAT ..........................................................................................................18-1PORT ADDRESS TRANSLATION ..................................................................................................................18-2

MAXIMUM NUMBER OF ADDRESSES ....................................................................................................18-3INSIDE SOURCE NAT ................................................................................................................................18-3

CONFIGURING SOURCE NAT ..............................................................................................................18-5CONFIGURATION EXAMPLES ...............................................................................................................18-8

INSIDE DESTINATION NAT .......................................................................................................................18-13CONFIGURING INSIDE DESTINATION NAT ..........................................................................................18-14

CHANGING TRANSLATION TABLE TIMEOUTS .............................................................................................18-16CHANGING THE TIME A SESSION TABLE ENTRY STAYS IN THE DELETE QUEUE .........................................18-17DISPLAYING THE ACTIVE NAT TRANSLATIONS .........................................................................................18-17DISPLAYING NAT STATISTICS .................................................................................................................18-19CLEARING TRANSLATION TABLE ENTRIES ................................................................................................18-21NAT DEBUG COMMANDS ........................................................................................................................18-21

CHAPTER 19CONFIGURING VRRP AND VRRPE ........................................................... 19-1OVERVIEW ................................................................................................................................................19-1

OVERVIEW OF VRRP .........................................................................................................................19-1OVERVIEW OF VRRPE .......................................................................................................................19-6

COMPARISON OF VRRP, VRRPE, AND FSRP ..........................................................................................19-8VRRP ...............................................................................................................................................19-8VRRPE .............................................................................................................................................19-8FSRP ................................................................................................................................................19-8ARCHITECTURAL DIFFERENCES ...........................................................................................................19-8

VRRP AND VRRPE PARAMETERS ............................................................................................................19-9CONFIGURING BASIC VRRP PARAMETERS ..............................................................................................19-12

CONFIGURING THE OWNER ...............................................................................................................19-12CONFIGURING A BACKUP ..................................................................................................................19-12CONFIGURATION RULES FOR VRRP .................................................................................................19-12

CONFIGURING BASIC VRRPE PARAMETERS ............................................................................................19-13CONFIGURATION RULES FOR VRRPE ...............................................................................................19-13

NOTE REGARDING DISABLING VRRP OR VRRPE ....................................................................................19-13CONFIGURING ADDITIONAL VRRP AND VRRPE PARAMETERS .................................................................19-13

VRRPE SLOW START TIMER ...........................................................................................................19-19FORCING A MASTER ROUTER TO ABDICATE TO A STANDBY ROUTER ........................................................19-19DISPLAYING VRRP AND VRRPE INFORMATION .......................................................................................19-20

DISPLAYING SUMMARY INFORMATION ................................................................................................19-20DISPLAYING DETAILED INFORMATION ................................................................................................19-22DISPLAYING STATISTICS ...................................................................................................................19-29CLEARING VRRP OR VRRPE STATISTICS ........................................................................................19-34DISPLAYING CPU UTILIZATION STATISTICS ........................................................................................19-34

CONFIGURATION EXAMPLES ....................................................................................................................19-35

xvi © 2006 Foundry Networks, Inc. January 2006

Contents

VRRP EXAMPLE ..............................................................................................................................19-35VRRPE EXAMPLE ............................................................................................................................19-40

CHAPTER 20ROUTE HEALTH INJECTION ....................................................................... 20-1CONFIGURATION EXAMPLE ........................................................................................................................20-2HTTP HEALTH CHECK ALGORITHM ...........................................................................................................20-4CONFIGURATION CONSIDERATIONS ............................................................................................................20-5CLI SYNTAX .............................................................................................................................................20-5

GLOBAL CONFIG LEVEL ....................................................................................................................20-5REAL SERVER LEVEL .........................................................................................................................20-5INTERFACE LEVEL ..............................................................................................................................20-6

CONFIGURING THE HTTP HEALTH CHECK ON THE LAYER 3 SWITCH ..........................................................20-6CLI COMMANDS FOR NETIRON N1 ......................................................................................................20-7CLI COMMANDS FOR BIGIRON B1 .......................................................................................................20-7CLI COMMANDS FOR NETIRON N2 ......................................................................................................20-8

DISPLAYING SERVER AND APPLICATION PORT INFORMATION ......................................................................20-8DISPLAYING SERVER INFORMATION .....................................................................................................20-8DISPLAYING KEEPALIVE INFORMATION .................................................................................................20-9

CHAPTER 21CONFIGURING FSRP ................................................................................ 21-1OVERVIEW OF FOUNDRY STANDBY ROUTER PROTOCOL (FSRP) ...............................................................21-1

FSRP SUPPORT ON VIRTUAL INTERFACES ..........................................................................................21-2ACTIVE AND STANDBY ROUTERS .........................................................................................................21-3TRACK PORTS ....................................................................................................................................21-3INDEPENDENT OPERATION OF RIP AND OSPF ....................................................................................21-5DYNAMIC FSRP CONFIGURATION .......................................................................................................21-5

DIFFERENCES BETWEEN FSRP AND VRRP ..............................................................................................21-5CONFIGURING FSRP ................................................................................................................................21-5

CONFIGURATION RULES FOR FSRP ....................................................................................................21-6ENABLE FSRP ON THE ROUTER .........................................................................................................21-6ASSIGN VIRTUAL ROUTER IP ADDRESSES ...........................................................................................21-6ASSIGN THE TRACK PORT(S) ..............................................................................................................21-8ASSIGNING THE ACTIVE ROUTER ........................................................................................................21-8MODIFY PORT PARAMETERS (OPTIONAL) .............................................................................................21-8CONFIGURING FSRP ON VIRTUAL INTERFACES .................................................................................21-11

CHAPTER 22CONFIGURING IPX .................................................................................. 22-1OVERVIEW OF IPX ....................................................................................................................................22-1

MULTIPLE IPX FRAME TYPE SUPPORT PER INTERFACE .......................................................................22-1CONFIGURING IPX ....................................................................................................................................22-1

DYNAMIC IPX CONFIGURATION ...........................................................................................................22-2ENABLE IPX ......................................................................................................................................22-2

January 2006 © 2006 Foundry Networks, Inc. xvii


ENABLE NETBIOS .............................................................................................................................22-3ASSIGN IPX NETWORK NUMBER, FRAME TYPE, ENABLE NETBIOS ON AN INTERFACE ...........................22-3DEFINE AND ASSIGN A FORWARD FILTER AND GROUP .........................................................................22-5DEFINE AND ASSIGN AN IPX/RIP FILTER AND GROUP .........................................................................22-7CONFIGURING IPX SAP ACCESS CONTROL LISTS (ACLS) ...................................................................22-9ENABLE ROUND-ROBIN GNS REPLIES ..............................................................................................22-10FILTER GNS REPLIES ......................................................................................................................22-10DISABLE GNS REPLIES ....................................................................................................................22-11MODIFY MAXIMUM SAP AND RIP ROUTE ENTRIES ............................................................................22-11MODIFY RIP AND SAP HOP COUNT INCREMENT ...............................................................................22-12MODIFY THE RIP ADVERTISEMENT PACKET SIZE ...............................................................................22-13MODIFY THE SAP ADVERTISEMENT PACKET SIZE ..............................................................................22-13MODIFY THE RIP ADVERTISEMENT INTERVAL ....................................................................................22-14MODIFY THE SAP ADVERTISEMENT INTERVAL ...................................................................................22-14MODIFY THE AGE TIMER FOR LEARNED IPX ROUTES ........................................................................22-15MODIFY THE AGE TIMER FOR LEARNED SAP ENTRIES ......................................................................22-15

VERIFYING CONNECTIVITY ......................................................................................................................22-16DISPLAYING IPX CONFIGURATION INFORMATION AND STATISTICS .............................................................22-17

DISPLAYING GLOBAL IPX CONFIGURATION INFORMATION ..................................................................22-17DISPLAYING IPX INTERFACE INFORMATION ........................................................................................22-19DISPLAYING THE IPX FORWARDING CACHE .......................................................................................22-21DISPLAYING THE IPX ROUTE TABLE ..................................................................................................22-22DISPLAYING THE IPX SERVER TABLE ................................................................................................22-23DISPLAYING IPX TRAFFIC STATISTICS ...............................................................................................22-24

CHAPTER 23CONFIGURING APPLETALK ....................................................................... 23-1OVERVIEW OF APPLETALK ........................................................................................................................23-1

ADDRESS ASSIGNMENT ......................................................................................................................23-1NETWORK COMPONENTS ....................................................................................................................23-1ZONE FILTERING ................................................................................................................................23-2NETWORK FILTERING .........................................................................................................................23-3SEED AND NON-SEED ROUTERS .........................................................................................................23-3

APPLETALK COMPONENTS SUPPORTED ON FOUNDRY LAYER 3 SWITCHES .................................................23-3SESSION LAYER SUPPORT ..................................................................................................................23-3TRANSPORT LAYER SUPPORT .............................................................................................................23-3NETWORK LAYER SUPPORT ................................................................................................................23-4DATA LINK SUPPORT ..........................................................................................................................23-4DYNAMIC APPLETALK ACTIVATION AND CONFIGURATION .....................................................................23-4

CONFIGURING APPLETALK ROUTING .........................................................................................................23-4ENABLE APPLETALK ...........................................................................................................................23-4CONFIGURING A SEED APPLETALK ROUTER ........................................................................................23-5CONFIGURING A NON-SEED APPLETALK ROUTER .

foundry enterprise configuration and management...

Documents