Allied Telesis C613-16164-00 REV E manual Route Limits, Configuring static route limits

Page 84

Route Limits

Route Limits

In multi-VRF network environment, it may be disastrous if one VRF injects too many routes and fills up the hardware forwarding table (FIB) on a device which can affect other VRFs (as well as the global VRF).

In software version 5.4.2 and later, it is possible to mitigate this risk, as route limits can now be configured on a per VRF basis.

Existing AW+ commands max-static-routes and max-fib-routes have been extended in 5.4.2 to allow configurable static and dynamic route limits on a per VRF instance basis.

Note: The command max-fib-routes only counts dynamic routes (not including static and connected routes).

Note: By default, there is no preset allocation of the number of route table entries available to each VRF instance. When static and/or dynamic VRF instances are configured (without setting limits via the commands max-static-routes and max-fib-routes), the number of route table entries available to each VRF instance are not automatically reserved.

Configuring static route limits

AW+ supports the ability to limit static routes via the max-static-routes command in the global VRF domain, with a default maximum limit of 1000 (routes). This same AW+ command is now also able to be applied on a per VRF basis.

Static route limits can be applied as part of VRF Configuration Mode via the command:

awplus(vrf-config)#max-static-routes <1-1000>

The following example shows how to configure a limit of 200 static routes, applied to VRF red:

awplus(config)# ip vrf red

awplus(config-vrf)#max-static-routes 200

Note: Static routes limits are applied before adding routes to the RIB. Rejected static routes will not be in the running config.

Page 84 Configure VRF-lite

Page 83 Page 85
Image 84
Page 83 Page 85
Contents How To Configure VRF-lite Introduction What is VRF-lite?Software feature licenses Command summaryWho should read this document? Which products and software version does it apply to?Contents Glossary VRFUnderstanding VRF-lite VRF-lite security domains Route table and interface management with VRF-liteInterface management with VRF Vlan5Route management with VRF Adding a VRF-aware static ARPInter-VRF communication Static and dynamic inter-VRF routing VRF-lite features in AW+ For exampleVRF aware services include Route limiting per VRF instanceVRF-aware utilities within AW+  Ping Telnet client  SSH client TCP dump Configuring VRF-lite Awplusconfig# access-list standardAwplusconfig-if#switchportaccess vlanx Family Awplusconfig-route-map#match ip Static inter-VRF routing Ip route 192.168.50.0/24 Ip route vrf green 192.168.1.0/24Dynamic inter-VRF communication explained Forwarding Information Base FIB and routing protocolsBGP Inter-VRF communication via BGP Using the route-target command Route-target import ASNVRFinstance For exampleRoute-target both ASNVRFinstance For example Can be replaced withAlso, if VRF shared configuration includes If VRF red initially includesIf VRF shared initially includes Via BGP IVR, VRF shared will end up with the routesIf VRF shared configuration includes Then via BGP IVR, VRF red will end up with the routesHow VRF-lite security is maintained Viewing source VRF and attribute information for a prefixSimple VRF-lite configuration examples Multiple VRFs without inter-VRF communication26 Configure VRF-lite Vlan 28 Configure VRF-lite Configure VRF-lite 30 Configure VRF-lite Configure VRF-lite 32 Configure VRF-lite Inter-VRF configuration examples with Internet access Configuration Configure VRF-lite Example B Configuration 38 Configure VRF-lite Configure VRF-lite Example C Configuration 42 Configure VRF-lite Configure VRF-lite Configuring a complex inter-VRF solution Network description Each VLANs is associated with a VRF instance VRF communication plan Configuration breakdown Configure VRF-lite Configure Vrfs Configure the hardware ACLs This example, three access groups are attached to port Within the same IP subnet that the switch port is a member192.168.43.0/24 via the shared VRF Configure Vlan Database Configure IP Addresses Configure VRF-lite Configure Dynamic Routing Configure VRF-lite 56 Configure VRF-lite Configure Static Routing Complete show run output from VRF device is below Configure VRF-lite 60 Configure VRF-lite Configure VRF-lite IP route table from VRF device is below VRF blue Hostname Internetrouter Hostname sharedrouter Hostname redospfpeer N1 Ospf NssaHostname greeniBGPpeer Hostname bluerippeer Hostname orangerouter Hostname orangeospfpeer Other features used in this configuration VCStack and VRF-liteStack provisioning GreyX610 VCStack configuration Virtual Chassis IDX900 configuration 74 Configure VRF-lite Sharing VRF routing and double tagging on the same port Communication planGreen PortConfigurations X610 aX610 B Configure VRF-lite Additional notes BGP configuration tips 80 Configure VRF-lite VRF device Red router vlan database Red router Configuring static route limits Route LimitsConfiguring Dynamic route limits Allowed number of fib routes excluding Connect and Static100 No max-fib-routes SyntaxVRF-lite usage guidelines Useful VRF-related diagnostics command list GeneralRouting general Routing protocols IP prefix network, e.g HW platform table commands TCPdump

C613-16164-00 REV E specifications

The Allied Telesis C613-16164-00 REV E is a robust networking device designed to enhance connectivity and communication within enterprise environments. Renowned for its reliability and efficiency, this device serves as an ideal choice for organizations seeking to improve their network infrastructure.

At its core, the C613-16164-00 REV E is a part of Allied Telesis' suite of products that adhere to high-performance standards. One of the main features is its support for both Layer 2 and Layer 3 networking, making it versatile enough to handle a variety of network configurations. This capability allows for seamless integration into different network architectures, whether for simple local area networks (LANs) or more advanced setups with routing capabilities.

Another significant characteristic of the C613-16164-00 REV E is its high-speed data transfer capabilities. With support for Gigabit Ethernet, the device ensures that data can be transmitted quickly and efficiently across the network. This is particularly important for businesses that rely on heavy data usage and need to maintain performance standards even during peak hours.

Additionally, the C613-16164-00 REV E features advanced security measures, including VLAN support and port security configurations, which help protect sensitive information and prevent unauthorized access. This is essential for businesses that handle confidential data and must comply with industry regulations.

In terms of manageability, the device supports SNMP (Simple Network Management Protocol), allowing for easy monitoring and management of network resources. Network administrators can efficiently manage the device and optimize performance with minimal effort, improving overall productivity.

The design of the C613-16164-00 REV E is also noteworthy; it is built for durability, often featuring a compact form factor that makes installation straightforward without compromising on performance. Its compatibility with various Allied Telesis products ensures that organizations can build a cohesive network ecosystem.

In conclusion, the Allied Telesis C613-16164-00 REV E stands out as an excellent networking solution characterized by its support for multiple networking layers, high-speed data transfer, and robust security features. Ideal for both small to medium enterprises and larger organizations, it helps ensure that businesses can maintain efficient and secure operations in a constantly evolving digital landscape.
Top Page Image Contents