Cisco Systems SMC-127 manual Command or Action Purpose, Example, SMC-142

Page 16

Configuring Secure Domain Routers on Cisco IOS XR Software

How to Configure Secure Domain Routers

DETAILED STEPS

 

Command or Action

Purpose

Step 1

 

 

admin

Enters Administration EXEC mode.

 

Example:

 

 

RP/0/RP0/CPU0:router# admin

 

Step 2

 

 

configure

Enters Administration configuration mode.

 

Example:

 

 

RP/0/RP0/CPU0:router(admin)# configure

 

Step 3

 

 

pairing pair-name

(Optional) Enter DRP pairing configuration mode. If the DRP

 

 

name does not exist, the DRP pair is created when you add

 

Example:

nodes, as described in the following step.

 

 

 

RP/0/RP0/CPU0:router(admin-config)# pairing

pair-namecan be between 1 and 32 alphanumeric

 

drp1

characters. The characters '_' or '-' are also allowed. All

 

 

other characters are invalid.

 

 

DRP pairs are used as the DSDRSC for a non-owner SDR, as

 

 

described in the “DSCs and DSDRSCs in a Cisco CRS-1

 

 

Router” section on page SMC-132.

 

 

Note Although a single DRP can be used as the DSDRSC in

 

 

a non-owner SDR, Cisco systems recommends that two

 

 

redundant DRPs be installed and assigned to the SDR.

 

 

Note DRPs can also be added to an SDR to provide

 

 

additional processing capacity. See the “Related

 

 

Documents” section on page SMC-164for more

 

 

information on DRP installation and configuration.

Step 4

 

 

location partially-qualified-nodeid

(Optional) Specifies the location of the DRPs in a DRP pair.

 

partially-qualified-nodeid

The partially-qualified-nodeidargument is entered in the

 

 

 

Example:

rack/slot/* notation. Node IDs are always specified at the slot

 

level, so the wildcard (*) is used to specify the CPU.

 

RP/0/RP0/CPU0:router(admin-config-pairing:d

 

 

rp1)#

 

 

location 0/3/* 0/4/*

 

Step 5

 

 

exit

(Optional) Exits the DRP pairing configuration mode and

 

 

returns to Administration configuration mode.

 

Example:

Complete this step only if you created a DRP pair.

 

RP/0/RP0/CPU0:router(admin-config-pairing:d

 

 

rp1)#

 

 

exit

 

Step 6

 

 

sdr sdr-name

Enters the SDR configuration sub-mode for the specified SDR.

 

 

If this SDR does not yet exist, it is created when you add a

 

Example:

node, as described in step 7.

 

RP/0/RP0/CPU0:router(admin-config)# sdr

If this SDR existed previously, you can add additional slots

 

rname2

 

as described in step 7 and step 8.

 

 

 

 

 

Cisco IOS XR System Management Configuration Guide

SMC-142

Page 15 Page 17
Image 16
Page 15 Page 17
Contents Configuring Secure Domain Routers on Cisco IOS XR Software ContentsPrerequisites for Configuring Secure Domain Routers SMC-128Information About Configuring Secure Domain Routers What Is a Secure Domain Router?Owner SDR and Administration Configuration Mode SMC-129SDR Access Privileges Non-Owner SDRsRoot-System Users SMC-130Other SDR Users Root-lr UsersSMC-131 DSCs and DSDRSCs in a Cisco CRS-1 Router Designated Secure Domain Router System Controller DsdrscSMC-132 DSC and DSDRSCs in a Cisco XR 12000 Series Router SMC-133SMC-134 Default Configuration for New Non-Owner SDRs Removing a Dsdrsc ConfigurationDefault Software Profile for SDRs SMC-135Fault Isolation Rebooting an SDRHigh Availability Implications Dsdrsc RedundancyCisco IOS XR Software Package Management SMC-137DSC Migration on Cisco CRS-1 Multishelf Systems SMC-138Caveats SMC-139Contents How to Configure Secure Domain RoutersCreating SDRs Summary Steps SMC-141Example Command or Action PurposeSMC-142 To assign a DRP pair as the Dsdrsc To assign a single DRP node as the DsdrscTo assign an RP pair as the Dsdrsc SMC-143To add a single node To add a DRP pairTo add an RP pair SMC-144Creating SDRs in a 12000 Series Router SMC-145DSDRSCs in a Cisco XR 12000 Series Router section on See the DSC and DSDRSCs in aCisco XR 12000 Series Router section on page SMC-133 SMC-146Refer to the Adding Nodes to a Non-Owner SDR section SMC-147Adding Nodes to an SDR in a Cisco CRS-1 Router Adding Nodes to a Non-Owner SDRSMC-148 Creating SDRs in a Cisco CRS-1 Router SMC-149Adding Nodes to an SDR in a Cisco XR 12000 Series Router SMC-150A Cisco XR 12000 Series Router section on Removing Nodes and SDRsSMC-151 SMC-152 To remove a Dsdrsc To remove a single nodeTo remove a DRP pair To remove an RP pairSMC-154 Section on page SMC-150 Nodes to an SDR in a Cisco XR 12000 Series RouterSMC-155 Removing a Secure Domain Router SMC-156Configuring a Username and Password for a Non-Owner SDR SMC-157Group root-lr End or commit Exit SMC-158System Security Configuration Guide for more SMC-159SMC-160 See Disabling Remote Login for SDRs, page SMC-161for Disabling Remote Login for SDRsSMC-161 Configuration Examples for Secure Domain Routers Creating a New SDR on a Cisco CRS-1 RouterCreating an SDR on a Cisco XR 12000 Series Router SMC-162SMC-163 Additional References Related DocumentsStandards MIBsRFCs Technical AssistanceRFCs Title Description LinkSMC-166
Top Page Image Contents