Main
COPYRIGHT NOTICES
Page
INDUSTRY CANADA COMPLIANCE STATEMENT
Page
SAFETY INFORMATION: WICT1-12 T1 CARD
CONSUMER INFORMATION AND FCC REQUIREMENTS
EQUIPMENT ATTACHMENT LIMITATIONS NOTICE
Page
Page
Page
Page
Page
DECLARATION OF CONFORMITY ADDENDUM
TABLE OF CONTENTS
4 Hot Swapping Line Cards and Control Modules. . . . . . . . . . . . . . . . . . . . . .4-1
6 SmartTRUNK Configuration Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1
9 Packet-over-SONET Configuration Guide . . . . . . . . . . . . . . . . . . . . . . . . . .9-1
Page
Page
Page
Page
20 IP Policy-Based Forwarding Configuration. . . . . . . . . . . . . . . . . . . . . . . . . 20-1
21 Network Address Translation Configuration . . . . . . . . . . . . . . . . . . . . . . . .21-1
Page
Page
Page
Page
LIST OF FIGURES
Page
Page
Page
LIST OF TABLES
Page
1 INTRODUCTION
1.1 RELATED DOCUMENTATION
1.2 DOCUMENT CONVENTIONS
2 MAINTAINING CONFIGURATION FILES
2.1 CONFIGURATION FILES
2.1.1 Changing Configuration Information
2.1.2 Displaying Configuration Information
2.1.3 Activating the Configuration Commands in the Scratchpad
2.1.4 Saving the Active Configuration to the Startup Configuration File
2.1.5 Viewing the Current Configuration
- -
-
2.1.6 Backing Up and Restoring Configuration Files
2.2 BACKING UP AND RESTORING SYSTEM IMAGE FILES
2.3 CONFIGURING SYSTEM SETTINGS
2.3.1 Setting Daylight Saving Time
2.3.2 Configuring a Log-in Banner
3 CLI AND RS BASICS
3.1 STARTING THE CLI
3.2 UNDERSTANDING CLI COMMAND MODES
3.2.3 Configure Mode
3.2.4 BootPROM Mode
3.3 UNDERSTANDING CLI COMMANDS
3.4 USING LINE EDITING COMMANDS
Page
3.5 GETTING HELP WITH CLI COMMANDS
Invoking Help While Entering a Command
Invoking Help Option by Option
3.6 SETTING CLI PARAMETERS
Command Completion
Command History
3.7 NAMING RS PORTS
3.7.1 Port Type
3.7.2 Slot Number
3.7.3 Port Number
Page
3.7.4 Channel Number
3.8 CLI AND RS CONFIGURATION EXAMPLE
Page
Page
4 HOT SWAPPING LINE CARDS AND CONTROL MODULES
4.1 HOT SWAPPING OVERVIEW
4.2 HOT SWAPPING LINE CARDS
4.2.1 Deactivating the Line Card
4.2.2 Removing the Line Card
4.2.3 Installing a New Line Card
4.3 HOT SWAPPING ONE TYPE OF LINE CARD WITH ANOTHER
4.4 HOT SWAPPING A SECONDARY CONTROL MODULE
4.4.1 Deactivating the Control Module
G8M-CM2-128 CONTROL MODULE
4.4.2 Removing the Control Module
4.4.3 Installing a Control Module
- -
4.5 HOT SWAPPING A SWITCHING FABRIC MODULE (RS 8600 ONLY)
4.5.1 Removing the Switching Fabric Module
4.5.2 Installing a Switching Fabric Module
4.6 HOT SWAPPING A GBIC (RS 32000 AND RS 38000 ONLY)
4.6.1 Removing a GBIC from the Line Card
4.6.2 Installing a GBIC into the Line Card
4.7 HOT SWAPPING A WIC
5 BRIDGING CONFIGURATION GUIDE
5.1 SPANNING TREE (IEEE 802.1D)
5.2 BRIDGING MODES (FLOW-BASED AND ADDRESS-BASED)
5.3 VLAN OVERVIEW
Port-based VLANs
MAC-address-based VLANs
Protocol-based VLANs
5.3.1 RS VLAN Support
VLANs and the RS
Ports, VLANs, and L3 Interfaces
5.3.2 Configuration Examples
Creating an IP or IPX VLAN
Creating a non-IP/non-IPX VLAN
5.4 ACCESS PORTS AND TRUNK PORTS (802.1P AND 802.1Q SUPPORT)
Explicit and Implicit VLANs
5.5 CONFIGURING RS BRIDGING FUNCTIONS
5.5.1 Configuring Address-based or Flow-based Bridging
5.6 CONFIGURING SPANNING TREE
5.6.1 Using Rapid STP
5.6.2 Adjusting Spanning-Tree Parameters
Setting the Bridge Priority
Setting a Port Priority
Assigning Port Costs
Adjusting Bridge Protocol Data Unit (BPDU) Intervals
Adjusting the Interval between Hello Times
Defining the Forward Delay Interval
Defining the Maximum Age
5.6.3 STP Dampening
5.7 CONFIGURING A PORT- OR PROTOCOL-BASED VLAN
5.7.1 Creating a Port or Protocol Based VLAN
5.7.2 Adding Ports to a VLAN
5.7.3 Configuring VLAN Trunk Ports
5.8 CONFIGURING VLANS FOR BRIDGING
5.9 CONFIGURING LAYER-2 FILTERS
5.10 MONITORING BRIDGING
5.11 GARP/GVRP
5.11.1 Running GARP/GVRP with STP
Page
5.11.3 Configuration Example
Page
5.12 TUNNELING VLAN PACKETS ACROSS MANS
5.12.1 Stackable VLAN Components
5.12.2 Configuration Examples
Multiple Customer VLANs
Page
Multiple Customers with Common VLANs
Page
R3 R4
Page
Single VLAN with Multiple Tunnel Entry Ports
Page
R3 R4
Page
STP/GVRP in Customer VLANs Tunneled over Backbone VLAN
R2R1
C1R1 C1R2
Page
Multiple VLANs on a Single Tunnel Entry Port
Page
Page
5.12.3 Displaying Stackable VLAN Information
Page
6 SMARTTRUNK CONFIGURATION GUIDE
6.1 CONFIGURING SMARTTRUNKS
- -
6.1.1 Creating a SmartTRUNK
6.1.2 Adding Physical Ports to the SmartTRUNK
SmartTRUNK Port Limitations
6.1.3 Specifying Traffic Load Policy
6.2 SMARTTRUNK EXAMPLE CONFIGURATION
Page
6.3 CONFIGURING THE LINK AGGREGATION CONTROL PROTOCOL (LACP)
6.3.1 Configuring SmartTRUNKs for LACP
6.3.2 LACP Configuration Example
st.12
R3 R4
st.14 st.23
st.24
Page
Configuration for R2:
Configuration for R3:
Configuration for R4:
the corresponding ports on the RS at the other end of the SmartTRUNK.
6.4 SMARTTRUNK LOAD REDISTRIBUTION
6.4.1 SLR Water-marks
6.4.2 Polling intervals
Creating an SLR Enabled SmartTRUNK
6.4.3 Additional Controls Provided by SLR
Redistribution of IP Flows
Using Low Water-Mark Events
7 CMTS CONFIGURATION GUIDE
7.1 HFC CABLE NETWORK ARCHITECTURE
7.2 CMTS MODULE DESCRIPTION
7.3 PROVISIONING THE HEADEND
7.3.1 Headend Certification
7.3.2 IF-RF-Upconverter
7.3.3 Diplex Filters
7-4 Riverstone Networks RS Switch Router User Guide Release 8.0
Provisioning the Headend CMTS Configuration Guide
Figure 7-2 CMTS Connection Overview
Test setup for transmission
Node 1 Node 2 Node n
Test setup for transmission
7.3.4 DHCP Servers
7.4 CONNECTING AND CONFIGURING THE DOWNSTREAM
7.4.1 Installing and Configuring the Upconverter
7.4.2 Setting the Upconverter Input Level
7.4.3 Setting the Upconverter Output Level
7.4.4 Setting the Upconverter Output Frequency
7.4.5 Completing the Downstream Configuration
7.5 CONNECTING THE UPSTREAM TO THE LASER RECEIVER
7.6 CONFIGURING THE CMTS MODULE
7.6.1 Configuring the CMTS Module in a Bridged Network
7.6.2 Configuring the CMTS Module in a Routed Network
7.7 CMTS CONFIGURATION EXAMPLES
7.7.1 Example One: Multiple ISPs Share a Single DHCP Server
Page
Following, is the configuration for the DHCP server:
Page
7.7.2 Example Two: Multiple ISPs with multiple DHCP servers
Following, is the AMERILINK DHCP configuration:
Following, is the MOONLINK DHCP configuration:
7.7.3 Example Three: Overlapping VLANs with Multiple DHCP Servers and Client-VLAN Bindings
TFTP Configuration Files
7.8 ANTI-SPOOFING
7.8.1 Anti-DHCP Spoofing
7.8.2 Anti-IP-spoofing
Static and Dynamic Anti-IP Spoofing
Static Anti-IP Spoofing
Dynamic Configuration of Anti-IP Spoofing
8 ATM CONFIGURATION GUIDE
8.1 CONFIGURING ATM PORTS
8.1.1 Configuring SONET Parameters
Configuring Automatic Protection Switching (APS) on the ATM OC-12 Line Card
8.1.2 Setting Parameters for the Multi-Rate Line Card
Cell Scrambling
Cell Mapping
VPI Bit Allocation
8.1.3 Displaying Port Information
8.2 CONFIGURING VIRTUAL CHANNELS
8.2.1 Gathering Traffic Statistics (OC-12)
8.3 TRAFFIC SHAPING
Page
8.4 TRAFFIC MANAGEMENT
8.4.1 Configuring QoS (Multi-Rate Line Card)
Relative Latency
Controlling Buffers for Each VC
8.4.2 Configuring Virtual Channel Groups (OC-12)
Creating a Virtual Channel Group
Applying Service Profiles to VC Groups
8.4.3 Traffic Management Configuration Example
Configuring QoS Policies (Multi-Rate Line Card)
Page
Configuring Virtual Channels Groups (OC-12)
Page
8.5 BRIDGING ATM TRAFFIC
Page
8.5.1 Enabling Forced Bridging on a Virtual Channel
8.5.2 Configuring Cross-Connects
8.5.3 Limiting MAC Addresses Learned on a VC
8.6 ROUTING ATM TRAFFIC
Page
Page
8.6.1 Peer Address Mapping
ATM Cloud
8.7 CONFIGURING PPP (OC-12)
Page
Page
Page
9 PACKET-OVER-SONET CONFIGURATION GUIDE
9.1 CONFIGURING IP INTERFACES FOR POS LINKS
9.2 CONFIGURING PACKET-OVER-SONET LINKS
9.3 CONFIGURING AUTOMATIC PROTECTION SWITCHING
9.3.1 Configuring Working and Protecting Ports
9.4 SPECIFYING BIT ERROR RATE THRESHOLDS
9.5 MONITORING POS PORTS
9.6 EXAMPLE CONFIGURATIONS
9.6.1 APS PoS Links Between RSs
9.6.2 PoS Link Between the RS and a Cisco Router
9.6.3 PoS Link Between the RS and a Juniper Router
9.6.4 Bridging and Routing Traffic Over a PoS Link
9.6.5 PoS Link Through a Layer 2 Cloud
Page
10 DHCP CONFIGURATION GUIDE
10.1 CONFIGURING DHCP
10.1.1 Configuring an IP Address Pool
10.1.2 Configuring Client Parameters
10.1.3 Configuring a Static IP Address
10.1.4 Grouping Scopes with a Common Interface
10.1.5 Configuring DHCP Server Parameters
10.2 UPDATING THE LEASE DATABASE
10.3 MONITORING THE DHCP SERVER
10.4 DHCP CONFIGURATION EXAMPLES
10.5 CONFIGURING SECONDARY SUBNETS
10.6 SECONDARY SUBNETS AND DIRECTLY-CONNECTED CLIENTS
10.7 INTERACTING WITH RELAY AGENTS
Page
11 IP ROUTING CONFIGURATION GUIDE
11.1 IP ROUTING PROTOCOLS
11.2 CONFIGURING IP INTERFACES AND
11.2.1 Configuring IP Interfaces to Ports
11.2.2 Configuring IP Interfaces for a VLAN
11.2.3 Specifying Ethernet Encapsulation Method
11.2.4 Unnumbered Interfaces
11.3 CONFIGURING JUMBO FRAMES
11.4 CONFIGURING ADDRESS RESOLUTION PROTOCOL (ARP)
11.4.1 Configuring ARP Cache En tries
11.4.2 Unresolved MAC Addresses for ARP Entries
11.4.3 Configuring Proxy ARP
11.5 CONFIGURING REVERSE ADDRESS RESOLUTION PROTOCOL (RARP)
11.5.1 Specifying IP Interfaces for RARP
11.5.2 Defining MAC-to-IP Address Mappings
11.5.3 Monitoring RARP
11.6 CONFIGURING DNS PARAMETERS
11.7 CONFIGURING IP SERVICES (ICMP)
11.8 CONFIGURING IP HELPER
11.9 CONFIGURING DIRECT BROADCAST
11.10 CONFIGURING DENIAL OF SERVICE (DOS)
11.11 MONITORING IP PARAMETERS
To display additional IP information, enter the following command in Enable mode:
Show ARP table entries. Show IP interface configuration. Show DNS parameters.
11.12 CONFIGURING IP FORWARDING
11.13 HARDWARE ROUTING TABLE
11.14 CONFIGURING ICMP REDIRECT
11.15 FORWARDING MODE
Defining a Profile
Applying a Profile
Enabling a Port
11.15.3 Monitoring Custom Forwarding Profiles
11.16 CONFIGURING ROUTER DISCOVERY
Page
11.17 SETTING MEMORY THRESHOLDS
Page
11.18 CONFIGURATION EXAMPLES
11.18.1 Assigning IP/IPX Interfaces
12 VRRP CONFIGURATION GUIDE
12.1 CONFIGURING VRRP
12.1.1 Basic VRRP Configuration
Configuration for Router R2
12.1.2 Symmetrical Configuration
Page
Configuration of Router R2
12.1.3 Multi-Backup Configuration
Configuration of Router R2
Configuration of Router R3
12.2 ADDITIONAL CONFIGURATION
12.2.1 Setting the Backup Priority
12.2.2 Setting the Warmup Period
12.2.3 Setting the Advertisement Interval
12.2.4 Setting Pre-empt Mode
12.3 MONITORING VRRP
12.3.1 ip-redundancy trace
12.3.2 ip-redundancy show
To display information about all virtual routers on interface int1:
12.4 VRRP CONFIGURATION NOTES
Page
13 RIP CONFIGURATION GUIDE
13.1 CONFIGURING RIP
13.1.1 Enabling and Disabling RIP
13.1.2 Configuring RIP Interfaces
13.2 CONFIGURING RIP PARAMETERS
Configuring RIP Route Preference
13.2.1 Configuring RIP Route Default-Metric
13.3 MONITORING RIP
13.4 CONFIGURATION EXAMPLE
Show detailed information of request packets sent by the router. Show RIP timer information.
Page
14 OSPF CONFIGURATION GUIDE
14.1 OSPF MULTIPATH
14.2 CONFIGURING OSPF
14.3 SETTING THE ROUTER ID
14.4 ENABLING OSPF
14.5 CONFIGURING OSPF AREAS
14.5.1 Configuring Summary Ranges
14.5.2 Configuring Stub Areas
14.5.3 Configuring Not-So-Stubby Areas (NSSA)
14.6 CONFIGURING OSPF INTERFACES
14.6.1 Configuring Interfaces for NBMA Networks
14.6.2 Configuring Interfaces for Point-to-Multipoint Networks
14.6.3 Configuring Interfaces for Point-to-Point Networks
14.7 CONFIGURING OSPF INTERFACE PARAMETERS
14.7.1 Setting the Interface State
14.7.2 Setting the Default Cost of an OSPF Interface
14.8 CREATING VIRTUAL LINKS
14.9 CONFIGURING OSPF PARAMETERS
14.9.1 Configuring OSPF Global Parameters
Configuring the Routing Table Recalculation
Configuring Autonomous System External (ASE) Link Advertisements
Configuring Support for Opaque LSAs
Setting Route Preference
Setting the Reference Bandwidth
14.10 MONITORING OSPF
Following is an example of the ospf show virtual-links command:
14.11 OSPF CONFIGURATION EXAMPLES
14.11.1 Exporting All Interface & Static Routes to OSPF
14.11.2 Exporting All RIP, Interface & Static Routes to OSPF
Page
into RIP.
Page
15 IS-IS CONFIGURATION GUIDE
15.1 DEFINING AN IS-IS AREA
15.2 CONFIGURING IS-IS INTERFACES
15.3 ENABLING IS-IS ON THE RS
15.4 SETTING IS-IS GLOBAL PARAMETERS
15.4.1 Setting the IS Operating Level
15.4.2 Setting the PSN Interval
15.4.3 Setting the System ID
15.4.4 Setting the SPF Interval
15.4.5 Setting the Overload Bit
15.4.6 Setting IS-IS Authentication
Authentication Between Neighbors
Authentication Within an Area
Authentication Within a Routing Domain
SNP Authentication
15.5 SETTING IS-IS INTERFACE PARAMETERS
15.5.1 Setting the Interface Operating Level
Page
15.6 DISPLAYING IS-IS INFORMATION
15.6.1 IS-IS Sample Configuration
Network Topology Overview
R2
R1
IS-IS Area 1
R3
R4
R5
R6
Area 49.da02
R7
IS-IS Area 2
R8
R9
IS-IS Area 3
C10 R11
Area 49.da04
IS-IS Area 4
R1 Configuration
R2 Configuration
The following is the configuration for router R2 in Area 1:
R3 Configuration
The following is the configuration for router R3 in Area 1:
R4 Configuration
The following is the configuration for R4 in Area 1:
R5 Configuration
The following is the configuration for R5 in Area 2:
R6 Configuration
The following is the configuration for R6 in Area 2:
R7 Configuration
The following is the configuration for R7 in Area 2:
The following is the configuration for R8 in Area 3:
R8 Configuration
R9 Configuration
The following is the configuration for R9 in Area 3:
C10 Configuration
The following is the configuration for the C10 Cisco router in Area 4:
C10 Configuration (continued)
R11 Configuration
The following is the configuration for R11 in Area 4:
Page
16 BGP CONFIGURATION GUIDE
16.1 THE RS BGP IMPLEMENTATION
16.2 BASIC BGP TASKS
16.2.3 Configuring a BGP Peer Group
16.2.4 Adding a BGP Peer
16.2.5 Starting BGP
16.2.6 Using AS-Path Regular Expressions
AS Path Regular Expression Examples
16.2.7 Using the AS Path Prepend Feature
Notes on Using the AS Path Prepend Feature
16.2.8 Creating BGP Confederations
BGP Confederation
16.2.9 Creating Community Lists
16.2.10 Using Route Maps
Defining Match Criteria in Route Map Conditions
Page
Displaying BGP Accounting Information
16.3 BGP CONFIGURATION EXAMPLES
16.3.1 BGP Peering Session Example
Page
16.3.2 IBGP Configuration Example
IBGP Routing Group Example
The following lines in the Cisco router configure OSPF:
The following lines in the R6 set up peering with the Cisco router using the routing group type.
16.3.3 EBGP Multihop Configuration Example
The CLI configuration for router R1 is as follows:
The gated.conf file for router R1 is as follows:
The CLI configuration for router R2 is as follows:
The gated.conf file for router R2 is as follows:
The CLI configuration for router R3 is as follows:
The CLI configuration for router R4 is as follows:
The gated.conf file for router R3 is as follows:
16.3.4 Community Attribute Example
Riverstone Networks RS Switch Router User Guide Release 8.0 16-23
BGP Configuration Guide BGP Configuration Examples
Figure 16-5 Sample BGP configuration (specific community)
AS-64902
Physical Link
CS1 CS2
AS-64900 AS-64899
Page
In Figure 16-5, router R11 has the following configuration:
Page
In Figure16-5, router R10 has the following configuration:
In Figure16-5, router R14 has the following configuration:
Notes on Using Communities
16.3.5 Local Preference Examples
Page
Using the local-pref Option
Using the set-pref Option
16.3.6 Multi-Exit Discriminator Attribute Example
16.3.7 EBGP Aggregation Example
16.3.8 Route Reflection Example
Page
Page
Page
R10 has the following CLI configuration:
R12 has the following CLI configuration:
R13 has the following CLI configuration:
R8 has the following CLI configuration:
Page
16.3.10 Route Map Example
16.3.11 BGP Accounting Examples
EBGP Accounting Example
Page
IBGP Accounting Example
R1 has the following configuration:
R2 has the following configuration:
BGP DSCP Accounting
Router R2 has the following CLI configuration:
Router R8 has the following CLI configuration:
To enable BGP accounting on the interface int1 on R8:
To view the BGP accounting information collected on R8:
Page
17 MPLS CONFIGURATION
17.1 MPLS ARCHITECTURE OVERVIEW
17.1.1 Labels
- -
Experimental
Bottom of Stack
-
Page
Label Distribution Protocols
2 1
34
Label Advertising Mode
17.1.6 MPLS Table Information
Output Tag Table (OTT)
R1 R2 R4R3 RC
Tunnel LSP
RA RB
Page
17.2 ENABLING AND STARTING MPLS ON THE RS
Page
17.3 RSVP CONFIGURATION
17.3.1 Establishing RSVP Sessions
1 2
17.3.2 RSVP Refresh Intervals
17.3.3 RSVP Hello Packets
17.3.4 Authentication
17.3.5 Blockade Aging Interval
17.3.6 RSVP Refresh Reduction
RSVP Message Aggregation
Message ID Extensions
17.3.7 Displaying RSVP Information
17.4 LDP CONFIGURATION
17.4.1 Establishing LDP Sessions
17.4.2 Monitoring LDP Sessions
17.4.3 Remote Peers
17.4.4 Loop Detection
17.4.5 MD5 Password Protection
17.4.6 Using LDP Filters
Page
17.4.7 Displaying LDP Information
17.5 CONFIGURING L3 LABEL SWITCHED PATHS
PHP LSR Configuration
L3 Static Path Configuration Example
Page
Page
17.5.2 Configuring L3 Dynamic LSPs
17.5.3 Configuring an Explicit LSP
Configuring an Explicit Path
Configuring the LSP
Page
Adaptive LSP
Bandwidth
CoS Value
Hop Limit
LSP Metric
Disabling CSPF
Disabling TTL Decrementing
Disabling Path Route Recording
Preference
Connection Retries
Standby
Policies
Dynamic L3 LSP Configuration Example
R7
secondary path
primary path
Page
Page
Page
Page
Page
Page
Page
The secondary path dp2l is now used for the LSP, as shown by the
configured secondary path dp2l is now both up and active.
Page
Page
Page
Page
Page
Page
MPLS with CMTS for Multiple ISPs Configuration Example
Page
Page
Page
DHCP Configuration
Configuring Shared Networks with Cisco Network Registrar
Page
17.6 CONFIGURING L2 TUNNELS
17.6.1 Configuring L2 Static Labels
Ingress LSR Configuration
- - - -
Page
R2 R3
Page
17.6.2 Configuring Dynamic L2 Labels
Virtual Circuit Signaling
Tunnel LSP Signaling
FEC-Label Bindings
Ingress and Egress LSR Configuration for L2 Dynamic Labels
-
Transit LSR Configuration for L2 Dynamic Labels
L2 Tunneling Based on VLAN ID Configuration Examples
Page
Page
Page
Page
Page
Page
! Configure RSVP
! Configure VLANs and interfaces
! Configure OSPF
Page
Page
Page
Page
L2 Tunneling Based on Ports Configuration Examples
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
L2 Tunneling Based on VLAN ID and Port Configuration Examples
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
17.7 TRAFFIC ENGINEERING
17.7.1 Administrative Groups
Page
17.7.2 Constrained Shortest Path First
Constrained Path Selection Configuration Example for OSPF Traffic Engineering
Page
Page
Page
Page
The following is the configuration for R2:
The following is the configuration for R3:
The following is the configuration for R4:
The following is the configuration for R5:
! Configure RSVP
Page
Page
The following command shows the IS-IS adjacencies on R1:
The following command shows the IS-IS traffic engineering database on R1:
Page
Page
17.7.3 IGP Shortcuts
IS-IS IGP Shortcuts Example
To enable IGP shortcuts on the router R1, enter the following command:
R1(config)# ip-router global set install-lsp-routes on R1(config)# isis set igp-shortcuts enable
Page
Advertising IGP Shortcuts
18 ROUTING POLICY CONFIGURATION
18.1 PREFERENCE
18.1.1 Import Policies
Import-Source
18.1.2 Export Policies
Export-Destination
Export-Source
18.1.3 Specifying a Route Filter
18.1.4 Aggr egates and Generates
Aggregate-Destination
Aggregate-Source
18.1.5 Authentication
Authentication Methods
Authentication Keys and Key Management
18.2 CONFIGURING SIMPLE ROUTING POLICIES
18.2.1 Redistributing Static Routes
18.2.2 Redistributing Directly Attached Networks
18.2.3 Redistributing RIP into RIP
18.2.4 Redistributing RIP into OSPF
18.2.5 Redistributing OSPF to RIP
18.2.6 Redistributing Aggregate Routes
18.2.7 Simple Route Redistribution Example: Redistribution into RIP
Exporting a Given Static Route to All RIP Interfaces
Exporting All Static Routes to All RIP Interfaces
Router R1 has several static routes. We would export these routes over all RIP interfaces.
Exporting All Static Routes Except the Default Route to All RIP Interfaces
18.2.8 Simple Route Redistribution Example: Redistribution into OSPF
Exporting All Interface & Static Routes to OSPF
Exporting All RIP, Interface & Static Routes to OSPF
18.3 CONFIGURING ADVANCED ROUTING POLICIES
18.3.1 Export Policies
-
18.3.2 Creating an Export Destination
18.3.3 Creating an Export Source
18.3.4 Import Policies
-
18.3.5 Creating an Import Source
18.3.6 Creating a Route Filter
18.3.7 Creating an Aggregate Route
-
-
Page
Page
Importing a Selected Subset of Routes from One RIP Trusted Gateway
Importing a Selected Subset of Routes from All RIP Peers Accessible Over a Certain Interface
18.3.11 Import Policies Example: Importing from OSPF
Page
Importing a Selected Subset of OSPF-ASE Routes
importation.
route.
18.3.12 Export Policies Example: Exporting to RIP
Exporting a Given Static Route to All RIP Interfaces
Exporting a Given Static Route to a Specific RIP Interface
Exporting All Static Routes Reachable Over a Given Interface to a Specific RIP Interface
Exporting Aggregate-Routes into RIP
18.3.13 Export Policies Example: Exporting to OSPF
Exporting All Interface & Static Routes to OSPF
Page
Page
Page
Page
19 MULTICAST ROUTING
19.1 IGMP OVERVIEW
19.2 DVMRP OVERVIEW
19.3 CONFIGURING IGMP
19.3.1 Configuring IGMP on an IP Interface
19.3.2 Configuring IGMP Query Interval
19.3.3 Configuring IGMP Response Wait Time
19.3.4 Configuring Per-Interface Control of IGMP Membership
19.3.5 Configuring Static IGMP Groups
19.4 CONFIGURING DVMRP
19.4.4 Configuring the DVMRP Routing Metric
19.4.5 Configuring DVMRP TTL & Scope
19.4.6 Configuring a DVMRP Tunnel
19.5 MONITORING IGMP & DVMRP
19.6 CONFIGURATION EXAMPLE
Page
20 IP POLICY-BASED FORWARDING
20.1 CONFIGURING IP POLICIES
20.1.1 Defining an ACL Profile
20.1.2 Associating the Profile with an IP Policy
Creating Multi-Statement IP Policies
Setting the IP Policy Action
Setting Load Distribution for Next-Hop Gateways
Verifying Next-Hop Gateways
20.1.3 Applying an IP Policy to an Interface
20.2 IP POLICY CONFIGURATION EXAMPLES
20.2.1 Routing Traffic to Different ISPs
20.2.2 Prioritizing Service to Customers
20.2.3 Authenticating Users through a Firewall
20.2.4 Firewall Load Balancing
Page
20.3 MONITORING IP POLICIES
Page
Page
Page
21 NETWORK ADDRESS TRANSLATION CONFIGURATION
21.1 CONFIGURING NAT
21.1.1 Setting Inside and Outside Interfaces
21.1.2 Setting NAT Rules
Static
21.2 FORCING FLOWS THROUGH NAT
21.3 MANAGING DYNAMIC BINDINGS
21.4 NAT AND DNS
21.5 NAT AND ICMP PACKETS
21.6 NAT AND FTP
21.7 MONITORING NAT
21.8 CONFIGURATION EXAMPLES
21.8.1 Static Configuration
Using Static NAT
21.8.2 Dynamic Configuration
Using Dynamic NAT
21.8.3 Dynamic NAT with IP Overload (PAT) Configuration
Using Dynamic NAT with IP Overload
21.8.4 Dynamic NAT with DNS
Using Dynamic NAT with DNS
21.8.5 Dynamic NAT with Outside Interface Redundancy
Using Dynamic NAT with Matching Interface Redundancy
22 WEB HOSTING CONFIGURATION
22.1 LOAD BALANCING
22.1.1 Creating the Server Group
Specifying a Protocol
Intrinsic Persistence Checking
22.1.2 Adding Servers to the Load Balancing Group
22.1.3 Setting Timeouts for Load Balancing Mappings
22.1.4 Optional Group or Server Operating Parameters
Specifying a Load Balancing Policy
Specifying a Connection Threshold
Checking Servers and Applications
22.1.7 Load Balancing and FTP
22.1.8 Allowing Load Balancing Servers to Ac cess the Internet
22.1.9 Allowing Access to Load Balancing Se rvers
22.1.10 Virtual State Replication Protocol (VSRP)
VSRP Example
www.fast.net
RS B
RS A
22.1.11 Displaying Load Balancing Information
22.1.12 Configuration Examples
Web Hosting with One Virtual Group and Multiple Destination Servers
Web Hosting with Multiple Virtual Groups and Multiple Destination Servers
Virtual IP Address Ranges
Page
Session and Netmask Persistence
Load Balancing with NAT
22.2 WEB CACHING
22.2.1 Configuring Web Cachi ng
Creating the Cache Group
Specifying the Client(s) for the Cache Group (Optional)
Redirecting HTTP Traffic on an Interface or Port
22.2.2 Configuration Example
22.2.3 Other Web-Cache Options
Bypassing Cache Servers
Proxy Server Redundancy
Disabling Redirection on an Inbound Interface or Port
Specifying Protocol for Redirected Traffic
Distributing Frequently-Accessed Sites Across Cache Servers
Specifying a Connection Threshold
22.2.4 Monitoring Web-Caching
23 IPX ROUTING CONFIGURATION
23.1 RIP (ROUTING INFORMATION PROTOCOL)
23.2 SAP (SERVICE ADVERTISING PROTOCOL)
23.3 CONFIGURING IPX RIP & SAP
23.3.4 IPX Addresses
23.4 CONFIGURING IPX INTERFACES AND
23.4.1 Configuring IPX Addresses to Ports
23.4.2 Configuring Secondary Addresses on an IPX Interface
23.4.3 Configuring IPX Interfaces for a VLAN
23.4.4 Specifying IPX Encapsulation Method
23.5 CONFIGURING IPX ROUTING
23.5.1 Enabling IPX RIP
23.5.2 Enabling SAP
23.5.3 Configuring Static Routes
23.5.4 Configuring Static SAP Table Entries
23.5.5 Controlling Access to IPX Networks
Creating an IPX Access Control List
Creating an IPX Type 20 Access Control List
Creating an IPX SAP Access Control List
Creating an IPX GNS Access Control List
Creating an IPX RIP Access Control List
23.6 MONITORING AN IPX NETWORK
23.7 CONFIGURATION EXAMPLES
Page
24 ACCESS CONTROL LIST
24.1 ACL BASICS
24.1.1 Defining Selection Criteria in ACL Rules
24.1.2 How ACL Rules are Evaluated
24.1.3 Implicit Deny Rule
24.1.4 Allowing External Responses to Established TCP Connections
24.2 CREATING AND MODIFYING ACLS
24.2.1 Editing ACLs Offline
24.2.2 Maintaining ACLs Using the ACL Editor
24.3 USING ACLS
24.3.1 Applying ACLs to Interfaces
24.3.2 Applying ACLs to Services
24.3.3 Applying ACLs to Layer-4 Bridging Ports
24.3.4 Using ACLs as Profiles
Using Profile ACLs with the IP Policy Facility
Using Profile ACLs with the Traffic Rate Limiting Fa cility
Using Profile ACLs with Dynamic NAT
Using Profile ACLs with the Port Mirroring Facility
Using Profile ACLs with the Web Caching Facility
24.4 ENABLING ACL LOGGING
24.5 MONITORING ACLS
Page
25 SECURITY CONFIGURATION
25.1 CONFIGURING RS ACCESS SECURITY
Monitoring RADIUS
25.1.2 Configuring TACACS
Monitoring TACACS
25.1.3 Configuring TACACS+
Monitoring TACACS+
25.1.4 Configuring Passwords
25.1.5 Configuring SSH
Establishing SSH Sessions
Monitoring SSH Sessions
25.2 LAYER-2 SECURITY FILTERS
25.2.1 Configuring Layer-2 Address Filters
25.2.2 Configuring Layer-2 Port-to-Address Lock Filters
25.2.3 Configuring Layer-2 Static Entry Filters
25.2.4 Configuring Layer-2 Secure Port Filters
25.2.5 Monitoring Layer-2 Security Filters
25.2.6 Layer-2 Filter Examples
Example 1: Address Filters
Static Entries Example
Port-to-Address Lock Examples
Example 2 : Secure Ports
25.3 LAYER-3 ACCESS CONTROL LISTS (ACLS)
25.4 LAYER-4 BRIDGING AND FILTERING
25.4.1 Creating an IP or IPX VLAN for Layer-4 Bridging
25.4.2 Placing the Ports on the Same VLAN
25.4.3 Enabling Layer-4 Bridging on th e VLAN
25.4.4 Creating ACLs to Specify Selection Criteria for Layer-4 Bridging
25.4.5 Applying a Layer-4 Bridging ACL to a Port
25.4.6 Notes
Page
26 QOS CONFIGURATION
26.1 LAYER-2, LAYER-3 AND LAYER-4 FLOW SPECIFICATION
26.2 PRECEDENCE FOR LAYER-3 FLOWS
26.3 RS QUEUING POLICIES
26.4 TRAFFIC PRIORITIZATION FOR LAYER-2 FLOWS
26.4.1 Configuring Layer-2 QoS
26.4.2 802.1p Class of Service Priority Mapping
Creating and Applying a New Priority Map
Removing or Disabling Per-Port Priority Map
Displaying Priority Map Information
26.5 TRAFFIC PRIORITIZATION FOR LAYER-3 & LAYER-4 FLOWS
26.5.1 Configuring IP QoS Policies
Setting an IP QoS Policy
Specifying Precedence for an IP QoS Policy
26.5.2 Configuring IPX QoS Policies
26.6 CONFIGURING RS QUEUEING POLICY
26.6.1 Allocating Bandwidth for a Weighted-Fair Queuing Policy
26.7 WEIGHTED RANDOM EARLY DETECTION (WRED)
26.7.1 WREDs Effect on the Network
26.7.2 Weighting Algorithms in WRED
Queue Time
26.8 TOS REWRITE
26.8.1 Configuring ToS Rewrite for IP Packets
26.9 MONITORING QOS
26.10 LIMITING TRAFFIC RATE
26.10.1 Rate Limiting Modes
26.10.2 Per-Flow Rate Limiting
26.10.3 Software-Based Flow-Aggregate Rate Limiting
26.10.4 Port Rate Limiting
26.10.5 Aggregate Rate Limiting
Page
26.10.6 Example Configurations
This section includes examples of rate limiting policy configurations.
Per-Flow Rate Limiting
The following is an example of configuring per-flow rate limiting on the RS.
Flow-Aggregate Rate Limiting
26.10.7 Displaying Rate Limit Information
Page
27 PERFORMANCE MONITORING
27.1 CONFIGURING THE RS FOR PORT MIRRORING
27.2 MONITORING BROADCAST TRAFFIC
Page
28 RMON CONFIGURATION
28.1 CONFIGURING AND ENABLING RMON
28.1.1 Example of RMON Configuration Commands
28.1.2 RMON Groups
Lite RMON Groups
Standard RMON Groups
Professional RMON Groups
28.1.3 Control Tables
28.2 USING RMON
28.3 CONFIGURING RMON GROUPS
Page
28.3.1 Configuration Examples
28.4 DISPLAYING RMON INFORMATION
28.4.1 RMON CLI Filters
Creating RMON CLI Filters
Using RMON CLI Filters
28.5 TROUBLESHOOTING RMON
28.6 ALLOCATING MEMORY TO RMON
Page
29 LFAP CONFIGURATION GUIDE
29.1 OVERVIEW
29.2 REQUIREMENTS
29.3 TRAFFIC ACCOUNTING SERVICES
29.4 CONFIGURING THE LFAP AGENT ON THE RS
29.5 MONITORING THE LFAP AGENT ON THE RS
Page
30 WAN CONFIGURATION
30.1 HIGH-SPEED SERIAL INTERFACE (HSSI) AND STANDARD SERIAL INTERFACES
30.2 CONFIGURING WAN INTERFACES
30.2.1 Primary and Secondary Addresses
30.2.2 Static, Mapped, and Dynamic Peer IP/IPX Addresses
Static Addresses
Mapped Addresses
Dynamic Addresses
30.2.3 Forcing Bridged Encapsulation
30.2.4 Packet Compression
Average Packet Size
Nature of the Data
30.2.5 Packet Encryption
30.2.6 WAN Quality of Service
Source Filtering and ACLs
Weighted-Fair Queueing
Congestion Management
Random Early Discard (RED)
Adaptive Shaping
30.3 FRAME RELAY OVERVIEW
30.3.1 Virtual Circuits
30.3.2 Permanent Virtual Circuits (PVCs)
30.4 CONFIGURING FRAME RELAY INTERFACES FOR THE RS
30.4.1 Defining the Type and Location of a Frame Relay and VC Interface
30.4.2 Setting up a Frame Relay Service Profile
30.4.3 Applying a Service Profile to an Active Frame Relay WAN Port
30.5 MONITORING FRAME RELAY WAN PORTS
30.6 FRAME RELAY PORT CONFIGURATION
30.7 POINT-TO-POINT PROTOCOL (PPP) OVERVIEW
30.7.1 Use of LCP Magic Numbers
30.8 CONFIGURING PPP INTERFACES
30.8.1 Defining the Type and Location of a PPP Interface
30.8.2 Setting up a PPP Service Profile
30.8.3 Applying a Service Profile to an Active PPP Port
30.8.4 Configuring Multilink PPP Bundles
Compression on MLP Bundles or Links
30.9 MONITORING PPP WAN PORTS
30.10 PPP PORT CONFIGURATION
30.11 CISCO HDLC WAN PORT CONFIGURATION
30.11.3 Assigning IP Addresses to a Cisco HDLC WAN Port
30.11.4 Monitoring Cisco HDLC Port Configuration
30.12 CISCO HDLC CONFIGURATION EXAMPLE
30.13 WAN RATE SHAPING
30.13.2 The WAN Rate Shaping Algorithm
1
2
4 5
6 7
3
30.13.3 WAN Rate Shaping Example
Page
30.13.4 Using WAN Rate Shaping
Using Multiple Rate Shaping Templates
Rate Shaping by Best Effort
Page
30.14 INVERSE MULTIPLEXER OVERVIEW
30.14.1 Bit Error Rate Testing an IMUX Group
30.15 WAN CONFIGURATION EXAMPLES
30.15.1 Simple Configuration File
30.15.2 Multi-Router WAN Configuration
30-26 Riverstone Networks RS Switch Router User Guide Release 8.0
WAN Configuration Examples WAN Configuration
R5
R3
R4
R2 R1 R6
Legend
Router R1 Configuration File
The following configuration file applies to Router R1.
The following configuration file applies to Router R2.
Router R2 Configuration File
Router R3 Configuration File
The following configuration applies to Router 3.
The following configuration file applies to Router R4
Router R4 Configuration File
Router R5 Configuration File
The following configuration file applies to Router R5
The following configuration file applies to Router R6
Router R6 Configuration File
30.16 CHANNELIZED T1, E1 AND T3 SERVICES OVERVIEW
30.16.1 T1 and E1 WAN Interface Cards
Page
Page
Page
Basic Channelized T1, E1 and T3 Interface Functions
Configuring Frame Relay over Channelized T1, E1 and T3 Interfaces
30.16.4 Bit Error Rate Testing
Example: Configuring Loopbacks and Using BERT Testing on a DS1 Interface
This example shows the use of BERT to test a structured DS1 interface for a duration of one hour.
Example: Configuring Loopbacks and Using BERT Testing on a DS3 Interface
Example: Configuring Loopbacks and Using BERT Testing on a Channelized E1 Interface
This example shows the use of BERT to test a structured E1 interface for a duration of one hour.
30.16.5 Configuring a Test using External Test Equipment
30.17 CLEAR CHANNEL T3 AND E3 SERVICES OVERVIEW
30.18 SCENARIOS FOR DEPLOYING CHANNELIZED T1, E1 AND T3
Figure 30-5 Bridged MSP MTU/MDU Aggregation
Metropolitan Sevice Provider
Page
hqsite RS 3000 Configuration
The following configuration applies to the RS 3000 router at the head office, hqsite.
The following configuration applies to router RS 3000 at the remote site, rsite2.
30.18.2 Scenario 2: Routed Inter-Office Connections with Only T1 on RS 8x00
Page
ISP RS 32000 Configuration
The following configuration applies to the RS 32000 router at the ISP.
Page
Page
Page
30.18.3 Scenario 3: Routed Inter-Office Connections with T1 and T3 on RS 8x00
Page
ISP RS 32000 Configuration
The following configuration applies to the RS 32000 router at the ISP.
Page
Page
Page
Page
30.18.4 Scenario 4: Routed Metropolitan Backbone with Only T1 on RS 8x00
Page
Page
Page
Page
Internet Service Provider B RS 32000 Configuration
The following configuration applies to the RS 32000 router at Internet Service Provider B.
Page
30.18.5 Scenario 5: Routed Metropolitan Backbone with T1 and T3 on RS 8x00
Figure 30-9 Routed Metropolitan Backbone with T1 and T3 on RS 8x00
Page
Page
Page
Page
Internet Service Provider B RS 32000 Configuration
The following configuration applies to the RS 32000 router at Internet Service Provider B.
Page
30.18.6 Scenario 6: Routed Inter-Office Connections with E1 on RS8x00
Page
Page
Page
30.18.7 Scenario 7: Transatlantic Connection using T1 and E1 on RS 8x00
T1
E1
RS 8600 Configuration (USA)
RS 8000 Configuration (Europe)
The following configuration applies to the RS 8000 router.
30.18.8 Scenario 8: Configuring Frame Relay over Channelized T1 Interfaces
Figure 30-12 Frame Relay over Channelized T1
rsite1 RS 3000 Configuration
rsite4 RS 3000 Configuration
rsite5 RS 3000 Configuration
rsite6 RS 3000 Configuration
30.19 SCENARIOS FOR DEPLOYING CLEAR CHANNEL T3 AND E3
30.19.1 Scenario 1: Routed Inter-Office Connections through and ISP
Page
ISP RS 8000 Configuration
The following configuration applies to the RS 8000 router at the ISP.
hqsite RS 8000 Configuration
The following configuration applies to the RS 8000 router at the head office, hqsite.
Page
Page
Page
30.19.2 Scenario 2: Routed Metropolitan Backbone
Page
Metropolitan Service Provider RS 8000 Configuration
The following configuration applies to the RS 8000 router at the Metropolitan Service Provider.
hqsite RS 8000 Configuration
The following configuration applies to the RS 8000 router at the head office, hqsite.
Page
Page
Internet Service Provider A RS 8000 Configuration
The following configuration applies to the RS 8000 router at Internet Service Provider A.
Internet Service Provider B RS 8000 Configuration
The following configuration applies to the RS 8000 router at Internet Service Provider B.
Page
Page
Page
31 SERVICE CONFIGURATION
31.1 SERVICE FACILITY RATE LIMITING TYPES
31.2 CREATING A SERVICE
31.2.1 Aggregate Rate Limiting Service
Hardware Credit Buckets
31.2.2 Flow-Aggregate Rate Limiting Service
31.2.3 Per-Flow Rate Limiting Service
31.2.4 Burst-Safe Rate Limiting Service
31.3 APPLYING A SERVICE
31.3.1 Applying Services With ACLs
31.3.2 Applying Services Using the MF-Classifier Command
31.4 SHOWING A SERVICE
31.4.1 Aggregate, Flow-Aggregate, Per-Flow, and Burst-Safe Show Commands
31.4.2 Show All Command
31.5 PORT-LEVEL RATE LIMITING
31.6 SERVICE CONFIGURATION EXAMPLES
31.6.1 Applying a Service to Multiple Servers
Page
31-12 Riverstone Networks RS Switch Router User Guide Release 8.0
Service Configuration Examples Service Configuration
Following is the configuration:
MAN
Figure 31-3 Burst-Safe Configuration
Customers
31.7 RATE LIMITING CONFIGURATION EXAMPLES
Per-Flow Rate Limiting
Flow-Aggregate Rate Limiting
The following is an example of configuring flow-aggregate rate limiting.
Network
Subnetwork 122.132.0.0/16
256 Kbps 64 Kbps
