Cisco Systems SMC-127 manual To add a single node, To add a DRP pair, To add an RP pair, SMC-144

Page 18

Configuring Secure Domain Routers on Cisco IOS XR Software

How to Configure Secure Domain Routers

Step 8

Step 9 Step 10

Step 11 Step 12

Step 13

Command or Action

Purpose

 

 

location partially-qualified-nodeid

Adds additional nodes, DRP pairs, or RP pairs to the SDR.

or

 

location pair-name

To add a single node

 

Example:

Enter the location partially-qualified-nodeid command. The

value of the partially-qualified-nodeidargument is entered in

RP/0/RP0/CPU0:router(admin-config-sdr:rname

the rack/slot/* notation. Node IDs are always specified at the

2)# location 0/0/*

or

slot level, so the wildcard (*) is used to specify the CPU.

RP/0/RP0/CPU0:router(admin-config-sdr:rname

 

2)# location drp1

To add a DRP pair

or

You must first create a pair, as described in step 3 and step 4.

RP/0/RP0/CPU0:router(admin-config-sdr:rname

2)# location 0/RP*/*

After the DRP pair is created, enter the location pair-name

 

command.

 

To add an RP pair

 

Enter the location partially-qualified-nodeid command. The

 

value of the partially-qualified-nodeidargument for RPs is

 

entered in the rack/RP*/* notation. This command assigns the

 

redundant RP pair to the SDR. You cannot assign single RPs to

 

an SDR in the Cisco CRS-1.

 

Note See the “Adding Nodes to a Non-Owner SDR” section

 

on page SMC-148for more information.

 

 

Repeat Step 8 as needed to add nodes to an SDR

Adds additional nodes to the SDR.

 

 

exit

(Optional) Exits the SDR configuration submode and returns to

 

Administration configuration mode.

 

Note Complete this step only if you need to create additional

 

SDRs.

 

 

Repeat Step 3 through Step 10 as needed.

Creates additional SDRs.

 

 

end

Saves configuration changes.

or

When you issue the end command, the system prompts you

 

commit

to commit changes:

 

Uncommitted changes found. Commit them?

Example:

Entering yes saves configuration changes to the

RP/0/RP0/CPU0:router

running configuration file, exits the configuration

(admin-config-sdr:rname2)# end

session, and returns the router to EXEC mode.

or

Entering no exits the configuration session and returns

RP/0/RP0/CPU0:router(admin-config-sdr:rname

the router to EXEC mode without committing the

)# commit

configuration changes.

 

 

Entering cancel leaves the user in the same command

 

mode without committing the configuration changes.

 

Use the commit command to save the configuration

 

changes to the running configuration file and remain within

 

the configuration session.

 

 

Create a username and password for the new SDR.

(Optional) Refer to the “Configuring a Username and Password

 

for a Non-Owner SDR” section on page SMC-157.

 

 

Cisco IOS XR System Management Configuration Guide

SMC-144

Page 17 Page 19
Image 18
Page 17 Page 19
Contents Configuring Secure Domain Routers on Cisco IOS XR Software ContentsPrerequisites for Configuring Secure Domain Routers SMC-128Owner SDR and Administration Configuration Mode Information About Configuring Secure Domain RoutersWhat Is a Secure Domain Router? SMC-129Root-System Users SDR Access PrivilegesNon-Owner SDRs SMC-130Root-lr Users Other SDR UsersSMC-131 Designated Secure Domain Router System Controller Dsdrsc DSCs and DSDRSCs in a Cisco CRS-1 RouterSMC-132 DSC and DSDRSCs in a Cisco XR 12000 Series Router SMC-133SMC-134 Default Software Profile for SDRs Default Configuration for New Non-Owner SDRsRemoving a Dsdrsc Configuration SMC-135High Availability Implications Fault IsolationRebooting an SDR Dsdrsc RedundancyCisco IOS XR Software Package Management SMC-137DSC Migration on Cisco CRS-1 Multishelf Systems SMC-138Caveats SMC-139How to Configure Secure Domain Routers ContentsCreating SDRs Summary Steps SMC-141Command or Action Purpose ExampleSMC-142 To assign an RP pair as the Dsdrsc To assign a DRP pair as the DsdrscTo assign a single DRP node as the Dsdrsc SMC-143To add an RP pair To add a single nodeTo add a DRP pair SMC-144Creating SDRs in a 12000 Series Router SMC-145Cisco XR 12000 Series Router section on page SMC-133 DSDRSCs in a Cisco XR 12000 Series Router section onSee the DSC and DSDRSCs in a SMC-146Refer to the Adding Nodes to a Non-Owner SDR section SMC-147Adding Nodes to a Non-Owner SDR Adding Nodes to an SDR in a Cisco CRS-1 RouterSMC-148 Creating SDRs in a Cisco CRS-1 Router SMC-149Adding Nodes to an SDR in a Cisco XR 12000 Series Router SMC-150Removing Nodes and SDRs A Cisco XR 12000 Series Router section onSMC-151 SMC-152 To remove a DRP pair To remove a DsdrscTo remove a single node To remove an RP pairSMC-154 Nodes to an SDR in a Cisco XR 12000 Series Router Section on page SMC-150SMC-155 Removing a Secure Domain Router SMC-156Configuring a Username and Password for a Non-Owner SDR SMC-157Group root-lr End or commit Exit SMC-158System Security Configuration Guide for more SMC-159SMC-160 Disabling Remote Login for SDRs See Disabling Remote Login for SDRs, page SMC-161forSMC-161 Creating an SDR on a Cisco XR 12000 Series Router Configuration Examples for Secure Domain RoutersCreating a New SDR on a Cisco CRS-1 Router SMC-162SMC-163 Standards Additional ReferencesRelated Documents MIBsRFCs Title RFCsTechnical Assistance Description LinkSMC-166
Top Page Image Contents