Cisco Systems SMC-127 manual DSDRSCs in a Cisco XR 12000 Series Router section on, SMC-146

Page 20

Configuring Secure Domain Routers on Cisco IOS XR Software

How to Configure Secure Domain Routers

 

Command or Action

Purpose

Step 3

 

 

sdr sdr-name

Enters the Administration configuration mode for the specified

 

 

SDR.

 

Example:

If this SDR does not yet exist, it is created when you add a

 

RP/0/0/CPU0:router(admin-config)# sdr rname

node as described in the following step.

 

 

If this SDR existed previously, complete the following

 

 

steps to add additional nodes.

 

 

Note For the Cisco XR 12000 Series Router, we recommend

 

 

a maximum of four SDRs, including one owner SDR

 

 

and up to three non-owner SDRs.

Step 4

 

 

location partially-qualified-nodeid

Assigns an RP node as the DSDRSC for the non-owner SDR.

 

 

On a Cisco XR 12000 Series Router, you can assign a single

 

Example:

RP or a redundant RP pair as the DSDRSC.

 

 

 

RP/0/0/CPU0:router(admin-config-sdr:rname)#

The first RP you assign to the SDR becomes the DSDRSC.

 

location 0/0/*

To add a redundant standby RP to the configuration, a

 

 

 

 

second RP must be installed in the adjacent redundancy

 

 

slot and added to the SDR configuration. See the “DSC and

 

 

DSDRSCs in a Cisco XR 12000 Series Router” section on

 

 

page SMC-133for information on redundancy slots. See

 

 

Step 5 for instructions to add an additional RP to the

 

 

configuration.

 

 

The value of the partially-qualified-nodeidargument is

 

 

entered in the rack/slot/* notation. The node ID is specified

 

 

at the slot level, so the wildcard (*) is used to specify the

 

 

CPU.

 

 

DRPs are not supported in

 

 

Cisco XR 12000 Series Routers.

Step 5

 

 

location partially-qualified-nodeid

(Optional) Assigns a second RP to act as the standby DSDRSC.

 

 

If an RP is in an adjacent redundancy slot to the DSDRSC, then

 

Example:

the RP automatically becomes the standby DSDRSC.

 

 

 

RP/0/0/CPU0:router(admin-config-sdr:rname)#

See the “DSC and DSDRSCs in a

 

location 0/1/*

Cisco XR 12000 Series Router” section on page SMC-133

 

 

for more information.

 

 

The value of the partially-qualified-nodeidargument is

 

 

entered in the rack/slot/* notation. The node ID is specified

 

 

at the slot level, so the wildcard (*) is used to specify the

 

 

CPU.

 

 

Although single RPs are supported in

 

 

Cisco XR 12000 Series Routers, we recommend the use of

 

 

a redundant RP pair: one to act as the DSDRSC and the

 

 

second to act as a standby DSDRSC.

 

 

 

Cisco IOS XR System Management Configuration Guide

SMC-146

Page 19 Page 21
Image 20
Page 19 Page 21
Contents Configuring Secure Domain Routers on Cisco IOS XR Software ContentsPrerequisites for Configuring Secure Domain Routers SMC-128Information About Configuring Secure Domain Routers What Is a Secure Domain Router?Owner SDR and Administration Configuration Mode SMC-129SDR Access Privileges Non-Owner SDRsRoot-System Users SMC-130SMC-131 Root-lr UsersOther SDR Users SMC-132 Designated Secure Domain Router System Controller DsdrscDSCs and DSDRSCs in a Cisco CRS-1 Router DSC and DSDRSCs in a Cisco XR 12000 Series Router SMC-133SMC-134 Default Configuration for New Non-Owner SDRs Removing a Dsdrsc ConfigurationDefault Software Profile for SDRs SMC-135Fault Isolation Rebooting an SDRHigh Availability Implications Dsdrsc RedundancyCisco IOS XR Software Package Management SMC-137DSC Migration on Cisco CRS-1 Multishelf Systems SMC-138Caveats SMC-139Creating SDRs How to Configure Secure Domain RoutersContents Summary Steps SMC-141SMC-142 Command or Action PurposeExample To assign a DRP pair as the Dsdrsc To assign a single DRP node as the DsdrscTo assign an RP pair as the Dsdrsc SMC-143To add a single node To add a DRP pairTo add an RP pair SMC-144Creating SDRs in a 12000 Series Router SMC-145DSDRSCs in a Cisco XR 12000 Series Router section on See the DSC and DSDRSCs in aCisco XR 12000 Series Router section on page SMC-133 SMC-146Refer to the Adding Nodes to a Non-Owner SDR section SMC-147SMC-148 Adding Nodes to a Non-Owner SDRAdding Nodes to an SDR in a Cisco CRS-1 Router Creating SDRs in a Cisco CRS-1 Router SMC-149Adding Nodes to an SDR in a Cisco XR 12000 Series Router SMC-150SMC-151 Removing Nodes and SDRsA Cisco XR 12000 Series Router section on SMC-152 To remove a Dsdrsc To remove a single nodeTo remove a DRP pair To remove an RP pairSMC-154 SMC-155 Nodes to an SDR in a Cisco XR 12000 Series RouterSection on page SMC-150 Removing a Secure Domain Router SMC-156Configuring a Username and Password for a Non-Owner SDR SMC-157Group root-lr End or commit Exit SMC-158System Security Configuration Guide for more SMC-159SMC-160 SMC-161 Disabling Remote Login for SDRsSee Disabling Remote Login for SDRs, page SMC-161for Configuration Examples for Secure Domain Routers Creating a New SDR on a Cisco CRS-1 RouterCreating an SDR on a Cisco XR 12000 Series Router SMC-162SMC-163 Additional References Related DocumentsStandards MIBsRFCs Technical AssistanceRFCs Title Description LinkSMC-166
Top Page Image Contents