Manuals / Cabletron Systems / Computer Equipment / Network Router

Cabletron Systems 9032578-05 manual Configuring Denial of Service DOS, Monitoring IP Parameters

Models: 9032578-05

1 398

Download 398 pages 17.39 Kb

Page 112

Chapter 8: IP Routing Configuration Guide

Configuring Denial of Service (DOS)

By default, the SSR installs flows in the hardware so that packets sent as directed broadcasts are dropped in hardware, if directed broadcast is not enabled on the interface where the packet is received. You can disable this feature, causing directed broadcast packets to be processed on the SSR even if directed broadcast is not enabled on the interface receiving the packet.

Similarly, the SSR installs flows to drop packets destined for the SSR for which service is not provided by the SSR. This prevents packets for unknown services from slowing the CPU. You can disable this behavior, causing these packets to be processed by the CPU.

To cause directed broadcast packets to be processed on the SSR, even if directed broadcast is not enabled on the interface receiving the packet:

ssr(config)# ip dos disable directed-broadcast-protection

To allow packets destined for the SSR, but do not have a service defined for them on the SSR, to be processed by the SSR’s CPU:

ssr(config)# ip dos disable port-attack-protection

Monitoring IP Parameters

The SSR provides display of IP statistics and configurations contained in the routing table. Information displayed provides routing and performance information.

The ip show commands display IP information, such as routing tables, TCP/UDP connections, and IP interface configuration, on the SSR. The following example displays all established connections and services of the SSR.

ssr# ip show connections

Active Internet connections (including servers)

Proto Recv-Q Send-Q			Local Address	Foreign Address
(state)
tcp	0	0	*:gated-gii	:	LISTEN
tcp	0	0	*:http	:	LISTEN
tcp	0	0	*:telnet	:	LISTEN
udp	0	0	127.0.0.1:1025	127.0.0.1:162
udp	0	0	*:snmp	:
udp	0	0	*:snmp-trap	:
udp	0	0	*:bootp-relay	:
udp	0	0	*:route	:
udp	0	0	:	:

86	SmartSwitch Router User Reference Manual

Image 112

Cabletron Systems 9032578-05 manual Configuring Denial of Service DOS, Monitoring IP Parameters

Contents

SmartSwitch Router User Reference Manual 9032578-05Copyright ChangesDisclaimer TrademarksRegulatory Compliance Information Regulatory Compliance StatementsIndustry Canada Compliance Statement Vcci Compliance StatementSafety Information Class 1 Laser Transceivers Laser Radiation and ConnectorsCabletron Systems, Inc Program License Agreement SmartSwitch Router User Reference Manual Vii Viii SmartSwitch Router User Reference Manual SmartSwitch Router User Reference Manual Cabletron Systems Limited Program License Agreement Cabletron Systems Limited Program License Agreement Declaration of Conformity Addendum Contents SmartTRUNK Configuration Guide Dhcp Configuration Guide Vrrp Configuration Guide 111 Routing Policy Configuration Guide 161 160197 Network Address Translation Configuration Guide Firewall Load Balancing 214 Monitoring IP Policies 215249 Security Configuration Guide 275 QoS & Layer-2/Layer-3/Layer-4 Flow Overview 291309 Lfap Configuration Guide 329 357 Contents Xxvi SmartSwitch Router User Reference Manual About This Manual Related DocumentationDocument Conventions For Information About SeeKeywords and arguments within a set of square brackets are OptionalKeywords or arguments separated by vertical bars indicate a Choice. Select one keyword or argumentConfiguration Files Chapter IntroductionUsing the Command Line Interface Command ModesUser Mode Enable ModeConfigure Mode Getting Help with CLI CommandsBoot Prom Mode CLI completes the command as follows Line Editing Commands CLI Line Editing CommandsNext command from history buffer Previous command from history bufferWord-backward command Show all commands currently stored in the history bufferDisplaying and Changing Configuration Information Commands to Display and Change Configuration InformationTask Command Erase scratchpadErase startup Save activePort Names Each port in the SSR is referred to in the following mannerPort Numbers for Line Cards Line Card Port Number Arrangement Left to RightBase LLX Quad Serial WAN Hssi WANChapter Hot Swapping Line Cards Control Modules Hot Swapping OverviewHot Swapping Line Cards Deactivating the Line CardRemoving the Line Card Installing a New Line CardHot Swapping One Type of Line Card With Another Hot Swapping a Secondary Control Module Deactivating the Control ModuleInstalling a Control Module Removing the Control ModuleHot Swapping a Switching Fabric Module SSR 8600 only Removing the Switching Fabric Module Installing a Switching Fabric ModulePage Bridging Overview Chapter Bridging Configuration GuideSpanning Tree Ieee 802.1d Vlan Overview Bridging Modes Flow-Based and Address-BasedPort-based VLANs MAC-address-based VLANsProtocol-based VLANs Subnet-based VLANsSSR Vlan Support Multicast-based VLANsPolicy-based VLANs VLANs and the SSRAccess Ports and Trunk Ports 802.1Q support Ports, VLANs, and L3 InterfacesConfiguring Address-based or Flow-based Bridging Configuring SSR Bridging FunctionsExplicit and Implicit VLANs SSR Address-Based Bridge Table Flow-Based Bridge TableAdjusting Spanning-Tree Parameters Configuring Spanning TreeMore ports for a particular Vlan Setting a Port Priority Setting the Bridge PriorityAssigning Port Costs Adjusting Bridge Protocol Data Unit Bpdu Intervals Adjusting the Interval between Hello TimesDefining the Forward Delay Interval Defining the Maximum AgeConfiguring a Port- or Protocol-Based Vlan Configuring Vlan Trunk PortsCreating a Port or Protocol Based Vlan Adding Ports to a VlanConfiguring VLANs for Bridging Configuring Layer-2 FiltersMonitoring Bridging Configuration ExamplesCreating an IP or IPX Vlan Creating a non-IP/non-IPX Vlan Next, assign ports to the ‘RED’ VlanChapter SmartTRUNK Configuration Guide OverviewCreating a SmartTRUNK Configuring SmartTRUNKsAdd Physical Ports to the SmartTRUNK Monitoring SmartTRUNKs Specify Traffic Distribution Policy OptionalExample Configurations St.2 St.4 Router Switch ServerSmartTRUNK Configuration Guide Page ATM Overview Chapter ATM Configuration GuideVirtual Channels Creating a Virtual Channel Service Class DefinitionAtm create vcl port port list Creating a Service Class Definition Applying a Service Class Definition Enabling Cell Scrambling Cell ScramblingAtm set port port list pdh-cell-scramble on off Cell Mapping Selecting the Cell Mapping FormatPdh-cell-scramble onoff Atm set port port list cell-mapping direct plcpCreating a Non-Zero VPI Setting the Bit Allocation for VPIAtm set port port list vpi-bits num Displaying ATM Port Information Atm show vpl port port list all-portsAtm show serviceall Atm show port-settings port list all-ports B3ZSEsf indicates extended super frame and is used For T1 framingG832 is used for E3 framing G751 is used for E3 framingATM Sample Configuration Consider the following network configurationConfiguring an Interface on an Ethernet Port Defining an ATM Service ClassConfiguring an Interface on an ATM Port Applying an ATM Service ClassConfiguring an IP Route Ssr1config# ip add route 11.1.2.0/24 gateway ATM Sample Configuration Chapter Packet-over-SONET Configuration Guide Configuring Packet-over-SONET Links Configuring IP Interfaces for PoS LinksConfiguring Automatic Protection Switching Configuring Working and Protecting Ports Specifying Bit Error Rate Thresholds Specify signal degrade BER Threshold Specify signal failure BERMonitoring PoS Ports ThresholdThis section shows example configurations for PoS links Following is the configuration for router aFollowing is the configuration for router B APS PoS Links Between SSRsPoS Link Between the SSR and a Cisco Router Router So.6.1 So-1 40.1.1.1/16Bridging and Routing Traffic Over a PoS Link Router So.6.1Page Chapter Configuration GuideDhcp Overview Configuring Dhcp Configuring an IP Address PoolConfiguring Client Parameters Client ParametersConfiguring a Static IP Address Grouping Scopes with a Common InterfaceUpdating the Lease Database Configuring Dhcp Server ParametersMonitoring the Dhcp Server Dhcp Configuration Examples Define Dhcp network parameters for the scope ‘scope1’Define an IP address pool for addresses 10.1.1.10 through Define a static IP address forConfiguring Secondary Subnets Secondary Subnets and Directly-Connected Clients Include ‘scope2’ in the superscope ‘super1’Interacting with Relay Agents Define the address pool for ‘scope1’ Page IP Routing Protocols Chapter IP Routing Configuration GuideUnicast Routing Protocols Configuring IP Interfaces and Parameters Multicast Routing ProtocolsConfiguring IP Interfaces for a Vlan Configuring IP Interfaces to PortsSpecifying Ethernet Encapsulation Method Configuring Jumbo Frames Configuring Address Resolution Protocol ARP Configuring ARP Cache EntriesTo clear the entire ARP table Unresolved MAC Addresses for ARP EntriesConfiguring Reverse Address Resolution Protocol Rarp Configuring Proxy ARPSpecifying IP Interfaces for Rarp Defining MAC-to-IP Address MappingsConfiguring DNS Parameters Configuring IP Services IcmpConfiguring IP Helper Monitoring RarpConfiguring Direct Broadcast Configuring Denial of Service DOS Monitoring IP ParametersConfiguring Router Discovery Arp show allInterface show ip System show dnsSsrconfig# rdisc add address To display router discovery information Ssr# rdisc show allAssigning IP/IPX Interfaces Configuring Vrrp Vrrp OverviewBasic Vrrp Configuration BackupConfiguration of Router R1 Following is the configuration file for Router R1 in FigureConfiguration for Router R2 Symmetrical ConfigurationFollowing is the configuration file for Router R2 in Figure Master for VRID=1 Master for VRID=2 Backup for VRID=2 Symmetrical Vrrp ConfigurationMulti-Backup Configuration Configuration of Router R2Multi-Backup Vrrp Configuration Configuration of Router R1 Virtual Router Default Priority Configured Priority Configuration of Router R3 Additional ConfigurationFollowing is the configuration file for Router R3 in Figure Setting the Advertisement Interval Setting the Backup PrioritySetting Pre-empt Mode Monitoring Vrrp Setting an Authentication KeyIp-redundancy trace Ip-redundancy show Ssr# ip-redundancy show vrrp interface int1Vrrp Configuration Notes Ssr# ip-redundancy show vrrp 1 interface int1 verbose104 Configuring RIP Chapter RIP Configuration GuideRIP Overview Configuring RIP Parameters Configuring RIP InterfacesEnabling and Disabling RIP Set the authentication method Characters Set the authentication methodTo RIP Specify that RIP V2 packetsConfiguring RIP Route Default-Metric Configuring RIP Route PreferenceMonitoring RIP Configuration Example 110 Ospf Ospf OverviewConfiguring Ospf Ospf MultipathEnabling Ospf Configuring Ospf Interface ParametersOspf Interface Parameters Ospf Default Cost Per Port Type Default Cost of an Ospf InterfacePort Media Type Speed Ospf Default Cost Create an Ospf area Configuring an Ospf AreaAdd an interface to an Ospf area Configuring Ospf Area Parameters Creating Virtual LinksAdd a stub host to an Ospf area Add a network to an Ospf area forConfiguring Ospf for Different Types of Interfaces Create a virtualLink Set virtual linkMonitoring Ospf Monitor Ospf error conditions Configured for OspfShow Ospf errors Show information about all interfacesOspf Configuration Examples Routes Show Ospf timersShows information about all valid next Shows information about Ospf BorderExporting All Interface & Static Routes to Ospf Exporting All RIP, Interface & Static Routes to OspfCreate a Ospf export destination for type-1 routes Create a Ospf export destination for type-2 routesCreate a RIP export source Create a Static export sourceCreate Ospf export source Create a RIP export destinationCreate OSPF-ASE export source R10 Chapter BGP Configuration Guide BGP OverviewBasic BGP Tasks SSR BGP ImplementationSetting the Autonomous System Number Setting the Router IDConfiguring a BGP Peer Group Ip-router global set autonomous-system num1 loops num2Where Autonomous-system numberAdding and Removing a BGP Peer Using AS-Path Regular ExpressionsStarting BGP 130 AS-Path Regular Expression Examples Using the AS Path Prepend FeatureTo import MCI routes with a preference BGP Configuration Examples Following is an exampleBGP Peering Session Example AS-1 AS-2 CLI configuration for router SSR1 is as followsPhysical Link Peering Relationship Ibgp Configuration Example CLI configuration for router SSR2 is as followsGated.conf file for router SSR1 is as follows Gated.conf file for router SSR2 is as followsIbgp Routing Group Example Sample Ibgp Configuration Routing Group Type AS-64801Following lines in the Cisco router configure Ospf Ibgp Internal Group Example Illustrates a sample Ibgp Internal group configuration Sample Ibgp Configuration Internal Group TypeSmartSwitch Router User Reference Manual 141 Configuration for router C1 a Cisco router is as follows Ebgp Multihop Configuration ExampleConfiguration for router C2 a Cisco router is as follows AS-64800 Physical LinkCLI configuration for router SSR3 is as follows CLI configuration for router SSR4 is as follows Community Attribute ExampleGated.conf file for router SSR3 is as follows Gated.conf file for router SSR4 is as followsSample BGP Configuration Specific Community Sample BGP Configuration Well-Known Community , router SSR11 has the following configuration , router SSR13 has the following configuration , router SSR10 has the following configuration , router SSR14 has the following configurationSmartSwitch Router User Reference Manual 151 Local Preference Examples Sample BGP Configuration Local Preference Using the set-pref Option Using the local-pref OptionFor router SSR13, local-prefis set to Sample BGP Configuration MED Attribute Multi-Exit Discriminator Attribute ExampleRouter SSR6 has the following CLI configuration Ebgp Aggregation ExampleAS-64900 AS-64901Router SSR9 has the following CLI configuration Router SSR8 has the following CLI configurationRoute Reflection Example Shows a sample configuration that uses route reflection AS-64902SmartSwitch Router User Reference Manual 159 160 Chapter Routing Policy Configuration Guide Route Import and Export Policy OverviewPreference Defined by CLI Command Default Default Preference ValuesPreference Import Policies Import-SourceExport Policies Route-FilterExport-Destination Export-SourceSpecifying a Route Filter Aggregates and Generates Aggregate-Destination Aggregate-SourceAuthentication Authentication MethodsConfiguring Simple Routing Policies Authentication Keys and Key ManagementRedistributing Static Routes Redistributing Directly Attached NetworksRedistributing RIP into RIP Redistributing RIP into OspfRedistributing Ospf to RIP Redistributing Aggregate RoutesSimple Route Redistribution Examples To redistribute aggregateRoutes into Ospf Example 1 Redistribution into RIPExporting All Static Routes to All RIP Interfaces Exporting a Given Static Route to All RIP InterfacesExample 2 Redistribution into Ospf 174 Configuring Advanced Routing Policies 176 Creating an Export Destination Creating an Export SourceCreating an Import Source Creating a Route FilterCreate a RIP import Destination Create an Ospf importCreating an Aggregate Route Creating an Aggregate Destination Creating an Aggregate SourceExamples of Import Policies Example 1 Importing from RIPR41 182 Rip add source-gateways 140.1.1.41 rip add trusted-gateways Example 2 Importing from Ospf 185 Routing Policy Configuration Importing a Selected Subset of OSPF-ASE Routes Examples of Export Policies Example 1 Exporting to RIP188 Exporting a Given Static Route to a Specific RIP Interface 190 Exporting Aggregate-Routes into RIP Example 2 Exporting to Ospf SmartSwitch Router User Reference Manual 193 194 SmartSwitch Router User Reference Manual 195 196 IP Multicast Overview Chapter Multicast Routing Configuration GuideIgmp Overview Dvmrp Overview Configuring Igmp Configuring Igmp on an IP InterfaceConfiguring Igmp Query Interval Configuring Igmp Response Wait TimeConfiguring Dvmrp Configuring Per-Interface Control of Igmp MembershipConfiguring Static Igmp Groups Ship to a specific groupConfiguring Dvmrp Parameters Configuring Dvmrp on an InterfaceStarting and Stopping Dvmrp Configuring the Dvmrp Routing Metric Configuring Dvmrp TTL & ScopeConfiguring a Dvmrp Tunnel Monitoring Igmp & DvmrpShows all the interfaces Membership details running IgmpMemberships on a port basis Show all Igmp timers Shows all Igmp groupShow information about multicasts Registered by Igmp Show Igmp status on a VlanSmartSwitch Router User Reference Manual 205 206 Chapter IP Policy-Based Forwarding Configuration Guide Defining an ACL Profile Configuring IP PoliciesAssociating the Profile with an IP Policy Setting the IP Policy Action Creating Multi-Statement IP PoliciesApplying an IP Policy to an Interface Setting Load Distribution for Next-Hop GatewaysApplying an IP Policy to Locally Generated Packets IP Policy Configuration Examples Routing Traffic to Different ISPsPrioritizing Service to Customers Using an IP Policy to Prioritize Service to CustomersAuthenticating Users through a Firewall Using an IP Policy to Authenticate Users Through a FirewallFirewall Load Balancing Selecting Next Hop Gateway from IP Packet InformationFollowing is the configuration for Policy Router 1 in Figure Monitoring IP PoliciesSsr# ip-policy show policy-name p1 SmartSwitch Router User Reference Manual 217 218 Chapter Network Address Translation Configuration Guide Configuring NAT Setting Inside and Outside InterfacesSetting NAT Rules Forcing Flows through NATStatic DynamicManaging Dynamic Bindings NAT and DNSSpecify the FTP session timeout NAT and Icmp PacketsNAT and FTP Specify the FTP control portStatic Configuration This section shows examples of NAT configurationsMonitoring NAT Next, define the interfaces to be NAT inside or outsideDynamic Configuration Using Static NATUsing Dynamic NAT Dynamic NAT with IP Overload PAT Configuration Using Dynamic NAT with IP OverloadDynamic NAT with DNS DNSUsing Dynamic NAT with DNS Dynamic NAT with Outside Interface RedundancyUsing Dynamic NAT with Matching Interface Redundancy Chapter Web Hosting Configuration Guide Configuring Load Balancing Load BalancingCreating the Server Group Adding Servers to the Load Balancing GroupSession Persistence Persistence Default Binding Level Timeout Sticky MinutesSpecifying Load Balancing Policy Optional Group or Server Operating ParametersSpecifying a Connection Threshold Verifying Servers and Applications Verifying Extended Content Setting Server StatusSpecify application verification Setting Timeouts for Load Balancing Mappings Allowing Access to Load Balancing ServersLoad Balancing and FTP Configuration Examples Displaying Load Balancing InformationWeb requests forwarded to One of the servers Router 10.1.1.4 Internet Web requestsDomain Name Virtual IP TCP Port Real Server Virtual IP Address Ranges 207.135.89.16 207.135.89.17 207.135.89.18 207.135.89.50Session and Netmask Persistence Web Caching Configuring Web CachingCreating the Cache Group Specifying the Clients for the Cache Group Optional Redirected to cache serversNot redirected to cache servers Redirecting Http Traffic on an InterfaceOther Configurations Configuration ExampleBypassing Cache Servers Monitoring Web-Caching Distributing Frequently-Accessed Sites Across Cache ServersProxy Server Redundancy Show caching policy information Show cache server informationIPX Routing Overview Chapter IPX Routing Configuration GuideRIP Routing Information Protocol SAP Service Advertising Protocol Creating IPX Interfaces Configuring IPX RIP & SAPIPX Addresses Configuring IPX Interfaces and Parameters Configuring IPX Addresses to PortsConfiguring Secondary Addresses on an IPX Interface Configuring IPX Interfaces for a VlanConfiguring IPX Routing Specifying IPX Encapsulation MethodEnabling IPX RIP Enabling SAPConfiguring Static Routes Configuring Static SAP Table EntriesControlling Access to IPX Networks Creating an IPX Access Control ListCreating an IPX Type 20 Access Control List Creating an IPX SAP Access Control ListCreating an IPX GNS Access Control List Creating an IPX RIP Access Control ListMonitoring an IPX Network 258 Chapter Access Control List Configuration Guide ACL Basics Defining Selection Criteria in ACL RulesSmartSwitch Router User Reference Manual 261 How ACL Rules are Evaluated Implicit Deny RuleAllowing External Responses to Established TCP Connections Creating and Modifying ACLs Following ACL illustrates this featureEditing ACLs Offline Maintaining ACLs Using the ACL Editor Applying ACLs to Interfaces Using ACLsThese uses of ACLs are described in the following sections Applying ACLs to Services Applying ACLs to Layer-4 Bridging PortsUsing ACLs as Profiles SSR Feature ACL Profile UsageUsing Profile ACLs with the IP Policy Facility Using Profile ACLs with the Traffic Rate Limiting FacilityUsing Profile ACLs with Dynamic NAT Using Profile ACLs with the Port Mirroring Facility Using Profile ACLs with the Web Caching FacilityRedirecting Http Traffic to Cache Servers Preventing Web Objects From Being CachedEnabling ACL Logging Monitoring ACLs Chapter Security Configuration Guide Security OverviewConfiguring SSR Access Security Configuring RadiusMonitoring Radius Configuring TacacsMonitoring Tacacs Configuring Tacacs Plus Layer-2 Security Filters Configuring PasswordsMonitoring Tacacs Plus Configuring Layer-2 Address Filters Configuring Layer-2 Port-to-Address Lock Filters Configuring Layer-2 Static Entry FiltersConfigure a source static Configure a destination staticConfiguring Layer-2 Secure Port Filters Configure a source secure portConfigure a destination secure Port filterMonitoring Layer-2 Security Filters Layer-2 Filter ExamplesStatic Entries Example Port-to-Address Lock ExamplesLayer-3 Access Control Lists ACLs Example 2 Secure PortsLayer-4 Bridging and Filtering Sample Vlan for Layer-4 bridgingFor example, to enable Layer-4 Bridging on the blue Vlan Creating a Port-Based Vlan for Layer-4 BridgingPlacing the Ports on the Same Vlan Enabling Layer-4 Bridging on the VlanApplying a Layer-4 Bridging ACL to a Port SmartSwitch Router User Reference Manual 289 290 Chapter QoS Configuration Guide QoS & Layer-2/Layer-3/Layer-4 Flow OverviewLayer-2 and Layer-3 & Layer-4 Flow Specification Precedence for Layer-3 Flows Traffic Prioritization for Layer-2 FlowsSSR Queuing Policies 802.1p Priority Mapping Configuring Layer-2 QoSControl Creating and Applying a New Priority Map Removing or Disabling Per-Port Priority MapTraffic Prioritization for Layer-3 & Layer-4 Flows Configuring IP QoS PoliciesDisplaying Priority Map Information Configuring IPX QoS Policies Setting an IP QoS PolicySetting an IPX QoS Policy Specifying Precedence for an IP QoS PolicyAllocating Bandwidth for a Weighted-Fair Queuing Policy Configuring SSR Queueing PolicySpecifying Precedence for an IPX QoS Policy Weighted Random Early Detection Wred ToS RewriteConfiguring ToS Rewrite for IP Packets Tos-rewriteTos-precedence-rewrite = 5 tos-rewrite = Monitoring QoS Limiting Traffic Rate Rate Limiting ModesPer-Flow Rate Limiting Port Rate LimitingPolicy Apply a per-flow rate limitAggregate Rate Limiting Define a port rate limit policy toLimit incoming traffic on a port Limit outgoing traffic on a portExample Configurations Per-Flow Rate LimitingAggregate Rate Limiting Displaying Rate Limit Information Chapter Performance Monitoring Guide Performance Monitoring OverviewShow port error statistics Show information about the masterMAC table Show information about a Particular MAC address Show info about multicastsMonitoring Broadcast Traffic Configuring the SSR for Port MirroringOnly IP ACLs can be specified for port mirroring 312 Rmon Rmon OverviewConfiguring and Enabling Rmon Example of Rmon Configuration CommandsRmon Groups Lite Rmon GroupsStandard Rmon Groups Professional Rmon GroupsControl Tables Using Rmon Configuring Rmon Groups Enabledisable Num status enabledisableString status enabledisable Size owner string status enabledisablePort port owner string status enabledisable Oid type absolutedelta status enabledisableRmon protocol-distribution index index-number Rmon user-history-control index index-numberDisplaying Rmon Information Rmon CLI Filters Following shows Host table output without a CLI filter 01000CCCCCCCUsing Rmon CLI Filters Troubleshooting RmonCreating Rmon CLI Filters 326 Allocating Memory to Rmon Ssr# rmon show statusRmon set memory number Lfap Cabletron’s Traffic Accounting Services Configuring the Lfap Agent on the SSRStart the Lfap protocol on the SSR Allow external ACL policy controlCommand Displays Monitoring the Lfap Agent on the SSRWAN WAN OverviewConfiguring WAN Interfaces Primary and Secondary AddressesStatic, Mapped, and Dynamic Peer IP/IPX Addresses Static AddressesFollowing command line displays an example for a Vlan Following command line displays two examples for PPPMapped Addresses Dynamic AddressesForcing Bridged Encapsulation Following command line displays an example for PPPPacket Compression Example Configurations Average Packet SizeNature of the Data Link IntegrityWAN Quality of Service Packet EncryptionWeighted-Fair Queueing Source Filtering and ACLsCongestion Management Random Early Discard REDVirtual Circuits Frame Relay OverviewAdaptive Shaping Configuring Frame Relay Interfaces for the SSR Permanent Virtual Circuits PVCsSetting up a Frame Relay Service Profile Applying a Service Profile to an Active Frame Relay WAN PortFrame Relay Port Configuration Monitoring Frame Relay WAN Ports344 Point-to-Point Protocol PPP Overview Configuring PPP InterfacesUse of LCP Magic Numbers Setting up a PPP Service Profile Defining the Type and Location of a PPP InterfaceConfiguring Multilink PPP Bundles Applying a Service Profile to an Active PPP PortCompression on MLP Bundles or Links PPP Port Configuration Monitoring PPP WAN PortsSsrconfig# ppp apply service profile2 ports hs.5.1 WAN Configuration Examples Simple Configuration FileMulti-Router WAN Configuration Multi-router WAN configurationRouter R1 Configuration File Following configuration file applies to Router R1Router R2 Configuration File Following configuration file applies to Router R2Router R3 Configuration File Following configuration file applies to Router R3Router R4 Configuration File Following configuration file applies to Router R4Router R5 Configuration File Following configuration file applies to Router R5Router R6 Configuration File Following configuration file applies to Router R6SmartSwitch Router User Reference Manual 355 356 Appendix a New Features Supported on Line Cards IntroductionSSR 8000/8600 Line Cards Line Cards Available Prior to the 3.0 Firmware ReleasePre-3.0 SSR Firmware Line Card Part Number Features WFQLine Card Part Firmware Number Features Listed 3.0 FeaturesLine Cards Introduced at the 3.1 Firmware Release T-Series Pre-3.0Routing Table on Pre-3.0 Line card POS OC-12cSMF SSR-ATM29-02 ATM OC-3c SSR-ATM31-02 ATM OC-12cSSR 2000 Line Cards SSR-2-LX70AAs -- Chassis AAs Line CardsNetwork Address Translation New Features that Require Specific Line CardsSSR-2-LX70-AA Page Load Balancing Lsnat Layer 4 Bridging Per-Protocol Vlan QoS Rate Limiting Port Rate LimitingEstablished Bit ACL ToS RewriteMultiple IPX Encapsulation Weighted Random Early Detection Wred Port Interface Ingress Port Egress Port Features BaseSummary Jumbo FramesMultiple IPX Encapsulation Interface AA/T-series Identifying a Line CardExample Non -AA Line Card 372