Cisco Systems SMC-127 manual Default Configuration for New Non-Owner SDRs, SMC-135

Page 9

Configuring Secure Domain Routers on Cisco IOS XR Software

Information About Configuring Secure Domain Routers

Removing a DSDRSC Configuration

There are two ways to remove a DSDRSC from an SDR:

First remove all other nodes from the SDR configuration, and then remove the DSDRSC node. You cannot remove the DSDRSC node when other nodes are in the SDR configuration.

Remove the entire SDR. Removing an SDR name deletes the SDR and moves all nodes back to the owner SDR inventory.

See the “Removing Nodes and SDRs” section on page SMC-151for more information.

Default Configuration for New Non-Owner SDRs

Be default, the configuration of a new SDR is blank. The first configuration step after creating an SDR is to log in to the new non-owner SDR using admin plane authentication and create a username and password. You can then log out of the SDR and log back in using the new username and password. See the “Configuring a Username and Password for a Non-Owner SDR” section on page SMC-157for more information.

Note When logged in to a non-owner SDR using admin plane authentication, the admin configuration will be displayed. However, admin plane authentication should only be used to configure a username and password for the non-owner SDR. To perform additional configuration tasks, log in with the username for the non-owner SDR, as described in the “Configuring a Username and Password for a Non-Owner SDR” section on page SMC-157.

Default Software Profile for SDRs

When a new non-owner SDR is created, the nodes assigned to that SDR are activated with the default software package profile. In Release 3.4.0, the default software profile is defined by the last install operation that did not specify an SDR.

To view the default software profile, use the show install active summary command in Administration EXEC mode. Any new nodes that are configured to become a part of an SDR will boot with the default software profile listed in the output of this command.

RP/0/0/CPU0:router(admin)# show install active summary

Default Profile: SDRs:

Owner sdr1

Active Packages: disk0:c12k-sbc-3.3.0 disk0:c12k-diags-3.3.0 disk0:c12k-mgbl-3.3.0 disk0:c12k-mcast-3.3.0 disk0:c12k-mpls-3.3.0 disk0:c12k-k9sec-3.3.0 disk0:c12k-mini-3.3.0

Note For detailed instructions to add and activate software packages, see the “Managing Cisco IOS XR Software Packages” module of the Cisco IOS XR Getting Started Guide. See also the Software Package Management Commands on Cisco IOS XR Software module of the Cisco IOS XR System Management Command Reference.

Cisco IOS XR System Management Configuration Guide

SMC-135

Page 8 Page 10
Image 9
Page 8 Page 10
Contents Contents Configuring Secure Domain Routers on Cisco IOS XR SoftwareSMC-128 Prerequisites for Configuring Secure Domain RoutersWhat Is a Secure Domain Router? Information About Configuring Secure Domain RoutersOwner SDR and Administration Configuration Mode SMC-129Non-Owner SDRs SDR Access PrivilegesRoot-System Users SMC-130Root-lr Users Other SDR UsersSMC-131 Designated Secure Domain Router System Controller Dsdrsc DSCs and DSDRSCs in a Cisco CRS-1 RouterSMC-132 SMC-133 DSC and DSDRSCs in a Cisco XR 12000 Series RouterSMC-134 Removing a Dsdrsc Configuration Default Configuration for New Non-Owner SDRsDefault Software Profile for SDRs SMC-135Rebooting an SDR Fault IsolationHigh Availability Implications Dsdrsc RedundancySMC-137 Cisco IOS XR Software Package ManagementSMC-138 DSC Migration on Cisco CRS-1 Multishelf SystemsSMC-139 CaveatsHow to Configure Secure Domain Routers ContentsCreating SDRs SMC-141 Summary StepsCommand or Action Purpose ExampleSMC-142 To assign a single DRP node as the Dsdrsc To assign a DRP pair as the DsdrscTo assign an RP pair as the Dsdrsc SMC-143To add a DRP pair To add a single nodeTo add an RP pair SMC-144SMC-145 Creating SDRs in a 12000 Series RouterSee the DSC and DSDRSCs in a DSDRSCs in a Cisco XR 12000 Series Router section onCisco XR 12000 Series Router section on page SMC-133 SMC-146SMC-147 Refer to the Adding Nodes to a Non-Owner SDR sectionAdding Nodes to a Non-Owner SDR Adding Nodes to an SDR in a Cisco CRS-1 RouterSMC-148 SMC-149 Creating SDRs in a Cisco CRS-1 RouterSMC-150 Adding Nodes to an SDR in a Cisco XR 12000 Series RouterRemoving Nodes and SDRs A Cisco XR 12000 Series Router section onSMC-151 SMC-152 To remove a single node To remove a DsdrscTo remove a DRP pair To remove an RP pairSMC-154 Nodes to an SDR in a Cisco XR 12000 Series Router Section on page SMC-150SMC-155 SMC-156 Removing a Secure Domain RouterSMC-157 Configuring a Username and Password for a Non-Owner SDRSMC-158 Group root-lr End or commit ExitSMC-159 System Security Configuration Guide for moreSMC-160 Disabling Remote Login for SDRs See Disabling Remote Login for SDRs, page SMC-161forSMC-161 Creating a New SDR on a Cisco CRS-1 Router Configuration Examples for Secure Domain RoutersCreating an SDR on a Cisco XR 12000 Series Router SMC-162SMC-163 Related Documents Additional ReferencesStandards MIBsTechnical Assistance RFCsRFCs Title Description LinkSMC-166
Top Page Image Contents