BenutzerhandbuchInhaltsverzeichnisNotices3Contents13About This Manual27Related Documentation27Document Conventions27Introduction29Configuration Files29Using the Command Line Interface30Command Modes30User Mode30Enable Mode30Configure Mode31Boot PROM Mode31Getting Help with CLI Commands31Line Editing Commands33Displaying and Changing Configuration Information35Port Names37Hot Swapping Line Cards and Control Modules39Hot Swapping Overview39Hot Swapping Line Cards40Deactivating the Line Card40Removing the Line Card41Installing a New Line Card41Hot Swapping One Type of Line Card With Another41Hot Swapping a Secondary Control Module42Deactivating the Control Module42Removing the Control Module43Installing a Control Module43Hot Swapping a Switching Fabric Module (SSR 8600 only)44Removing the Switching Fabric Module45Installing a Switching Fabric Module45Bridging Configuration Guide47Bridging Overview47Spanning Tree (IEEE 802.1d)47Bridging Modes (Flow-Based and Address-Based)48VLAN Overview48Port-based VLANs49MAC-address-based VLANs49Protocol-based VLANs49Subnet-based VLANs49Multicast-based VLANs50Policy-based VLANs50SSR VLAN Support50VLANs and the SSR50Ports, VLANs, and L3 Interfaces51Access Ports and Trunk Ports (802.1Q support)51Explicit and Implicit VLANs52Configuring SSR Bridging Functions52Configuring Address-based or Flow-based Bridging52Configuring Spanning Tree54Adjusting Spanning-Tree Parameters54Setting the Bridge Priority55Setting a Port Priority55Assigning Port Costs55Adjusting Bridge Protocol Data Unit (BPDU) Intervals56Configuring a Port- or Protocol-Based VLAN57Creating a Port or Protocol Based VLAN57Adding Ports to a VLAN57Configuring VLAN Trunk Ports57Configuring VLANs for Bridging58Configuring Layer-2 Filters58Monitoring Bridging59Configuration Examples59Creating an IP or IPX VLAN59Creating a non-IP/non-IPX VLAN60SmartTRUNK Configuration Guide61Overview61Configuring SmartTRUNKs62Creating a SmartTRUNK62Add Physical Ports to the SmartTRUNK62Specify Traffic Distribution Policy (Optional)63Monitoring SmartTRUNKs63Example Configurations64ATM Configuration Guide67ATM Overview67Virtual Channels67Creating a Virtual Channel68Service Class Definition68Creating a Service Class Definition69Applying a Service Class Definition70Cell Scrambling71Enabling Cell Scrambling71Cell Mapping72Selecting the Cell Mapping Format72Creating a Non-Zero VPI73Setting the Bit Allocation for VPI73Displaying ATM Port Information74ATM Sample Configuration 178Configuring an Interface on an Ethernet Port79Creating a Virtual Channel79Defining an ATM Service Class79Applying an ATM Service Class80Configuring an Interface on an ATM Port80Configuring an IP Route80Packet-over-SONET Configuration Guide83Overview83Configuring IP Interfaces for PoS Links84Configuring Packet-over-SONET Links84Configuring Automatic Protection Switching85Configuring Working and Protecting Ports86Specifying Bit Error Rate Thresholds87Monitoring PoS Ports88Example Configurations89APS PoS Links Between SSRs89PoS Link Between the SSR and a Cisco Router90Bridging and Routing Traffic Over a PoS Link91DHCP Configuration Guide93DHCP Overview93Configuring DHCP94Configuring an IP Address Pool94Configuring Client Parameters94Configuring a Static IP Address95Grouping Scopes with a Common Interface95Configuring DHCP Server Parameters96Updating the Lease Database96Monitoring the DHCP Server96DHCP Configuration Examples97Configuring Secondary Subnets98Secondary Subnets and Directly-Connected Clients99Interacting with Relay Agents100IP Routing Configuration Guide103IP Routing Protocols103Unicast Routing Protocols103Multicast Routing Protocols104Configuring IP Interfaces and Parameters104Configuring IP Interfaces to Ports105Configuring IP Interfaces for a VLAN105Specifying Ethernet Encapsulation Method105Configuring Jumbo Frames106Configuring Address Resolution Protocol (ARP)107Configuring ARP Cache Entries107Unresolved MAC Addresses for ARP Entries107Configuring Proxy ARP108Configuring Reverse Address Resolution Protocol (RARP)108Specifying IP Interfaces for RARP109Defining MAC-to-IP Address Mappings109Monitoring RARP110Configuring DNS Parameters110Configuring IP Services (ICMP)110Configuring IP Helper110Configuring Direct Broadcast111Configuring Denial of Service (DOS)112Monitoring IP Parameters112Configuring Router Discovery113Configuration Examples116Assigning IP/IPX Interfaces116VRRP Configuration Guide117VRRP Overview117Configuring VRRP117Basic VRRP Configuration118Configuration of Router R1118Configuration for Router R2119Symmetrical Configuration119Configuration of Router R1120Configuration of Router R2121Multi-Backup Configuration121Configuration of Router R1123Configuration of Router R2124Configuration of Router R3125Additional Configuration125Setting the Backup Priority126Setting the Advertisement Interval126Setting Pre-empt Mode126Setting an Authentication Key127Monitoring VRRP127ip-redundancy trace127ip-redundancy show128VRRP Configuration Notes129RIP Configuration Guide131RIP Overview131Configuring RIP131Enabling and Disabling RIP132Configuring RIP Interfaces132Configuring RIP Parameters132Configuring RIP Route Preference134Configuring RIP Route Default-Metric134Monitoring RIP134Configuration Example135OSPF Configuration Guide137OSPF Overview137OSPF Multipath138Configuring OSPF138Enabling OSPF139Configuring OSPF Interface Parameters139Default Cost of an OSPF Interface140Configuring an OSPF Area141Configuring OSPF Area Parameters142Creating Virtual Links142Configuring Autonomous System External (ASE) Link Advertisements143Configuring OSPF for Different Types of Interfaces143Monitoring OSPF144OSPF Configuration Examples146BGP Configuration Guide151BGP Overview151The SSR BGP Implementation152Basic BGP Tasks152Setting the Autonomous System Number153Setting the Router ID153Configuring a BGP Peer Group153Adding and Removing a BGP Peer155Starting BGP155Using AS-Path Regular Expressions155AS-Path Regular Expression Examples157Using the AS Path Prepend Feature157Notes on Using the AS Path Prepend Feature158BGP Configuration Examples158BGP Peering Session Example159IBGP Configuration Example161IBGP Routing Group Example162IBGP Internal Group Example165EBGP Multihop Configuration Example168Community Attribute Example171Notes on Using Communities178Local Preference Examples178Using the local-pref Option180Using the set-pref Option180Multi-Exit Discriminator Attribute Example181EBGP Aggregation Example182Route Reflection Example183Notes on Using Route Reflection186Routing Policy Configuration Guide187Route Import and Export Policy Overview187Preference188Import Policies189Import-Source189Route-Filter190Export Policies190Export-Destination190Export-Source190Route-Filter191Specifying a Route Filter191Aggregates and Generates192Aggregate-Destination193Aggregate-Source193Route-Filter194Authentication194Authentication Methods194Authentication Keys and Key Management195Configuring Simple Routing Policies195Redistributing Static Routes196Redistributing Directly Attached Networks196Redistributing RIP into RIP197Redistributing RIP into OSPF197Redistributing OSPF to RIP197Redistributing Aggregate Routes197Simple Route Redistribution Examples198Example 1: Redistribution into RIP198Example 2: Redistribution into OSPF199Configuring Advanced Routing Policies201Export Policies201Creating an Export Destination203Creating an Export Source203Import Policies203Creating an Import Source204Creating a Route Filter204Creating an Aggregate Route205Creating an Aggregate Destination206Creating an Aggregate Source206Examples of Import Policies206Example 1: Importing from RIP206Example 2: Importing from OSPF210Examples of Export Policies213Example 1: Exporting to RIP213Example 2: Exporting to OSPF218Multicast Routing Configuration Guide223IP Multicast Overview223IGMP Overview223DVMRP Overview224Configuring IGMP225Configuring IGMP on an IP Interface225Configuring IGMP Query Interval225Configuring IGMP Response Wait Time225Configuring Per-Interface Control of IGMP Membership226Configuring Static IGMP Groups226Configuring DVMRP226Starting and Stopping DVMRP227Configuring DVMRP on an Interface227Configuring DVMRP Parameters227Configuring the DVMRP Routing Metric228Configuring DVMRP TTL & Scope228Configuring a DVMRP Tunnel229Monitoring IGMP & DVMRP229Configuration Examples230IP Policy-Based Forwarding Configuration Guide233Overview233Configuring IP Policies234Defining an ACL Profile234Associating the Profile with an IP Policy234Creating Multi-Statement IP Policies235Setting the IP Policy Action235Setting Load Distribution for Next-Hop Gateways236Applying an IP Policy to an Interface236Applying an IP Policy to Locally Generated Packets236IP Policy Configuration Examples237Routing Traffic to Different ISPs237Prioritizing Service to Customers238Authenticating Users through a Firewall239Firewall Load Balancing240Monitoring IP Policies241Network Address Translation Configuration Guide245Overview245Configuring NAT246Setting Inside and Outside Interfaces246Setting NAT Rules247Static247Dynamic247Forcing Flows through NAT247Managing Dynamic Bindings248NAT and DNS248NAT and ICMP Packets249NAT and FTP249Monitoring NAT250Configuration Examples250Static Configuration250Using Static NAT251Dynamic Configuration251Using Dynamic NAT252Dynamic NAT with IP Overload (PAT) Configuration253Using Dynamic NAT with IP Overload253Dynamic NAT with DNS254Using Dynamic NAT with DNS255Dynamic NAT with Outside Interface Redundancy255Using Dynamic NAT with Matching Interface Redundancy256Web Hosting Configuration Guide257Overview257Load Balancing258Configuring Load Balancing258Creating the Server Group258Adding Servers to the Load Balancing Group258Session Persistence259Optional Group or Server Operating Parameters261Specifying Load Balancing Policy261Specifying a Connection Threshold261Verifying Servers and Applications262Verifying Extended Content263Setting Server Status263Load Balancing and FTP264Allowing Access to Load Balancing Servers264Setting Timeouts for Load Balancing Mappings264Displaying Load Balancing Information265Configuration Examples265Web Hosting with One Virtual Group and Multiple Destination Servers266Web Hosting with Multiple Virtual Groups and Multiple Destination Servers267Virtual IP Address Ranges268Session and Netmask Persistence269Web Caching270Configuring Web Caching270Creating the Cache Group270Specifying the Client(s) for the Cache Group (Optional)271Redirecting HTTP Traffic on an Interface271Configuration Example272Other Configurations272Bypassing Cache Servers272Proxy Server Redundancy273Distributing Frequently-Accessed Sites Across Cache Servers273Monitoring Web-Caching273IPX Routing Configuration Guide275IPX Routing Overview275RIP (Routing Information Protocol)275SAP (Service Advertising Protocol)276Configuring IPX RIP & SAP277IPX RIP277IPX SAP277Creating IPX Interfaces277IPX Addresses277Configuring IPX Interfaces and Parameters278Configuring IPX Addresses to Ports278Configuring Secondary Addresses on an IPX Interface278Configuring IPX Interfaces for a VLAN278Specifying IPX Encapsulation Method279Configuring IPX Routing279Enabling IPX RIP279Enabling SAP279Configuring Static Routes280Configuring Static SAP Table Entries280Controlling Access to IPX Networks280Creating an IPX Access Control List280Creating an IPX Type 20 Access Control List281Creating an IPX SAP Access Control List281Creating an IPX GNS Access Control List282Creating an IPX RIP Access Control List282Monitoring an IPX Network283Configuration Examples283Access Control List Configuration Guide285ACL Basics286Defining Selection Criteria in ACL Rules286How ACL Rules are Evaluated288Implicit Deny Rule288Allowing External Responses to Established TCP Connections289Creating and Modifying ACLs290Editing ACLs Offline290Maintaining ACLs Using the ACL Editor291Using ACLs292Applying ACLs to Interfaces292Applying ACLs to Services293Applying ACLs to Layer-4 Bridging Ports293Using ACLs as Profiles294Using Profile ACLs with the IP Policy Facility295Using Profile ACLs with the Traffic Rate Limiting Facility295Using Profile ACLs with Dynamic NAT296Using Profile ACLs with the Port Mirroring Facility297Using Profile ACLs with the Web Caching Facility297Enabling ACL Logging299Monitoring ACLs300Security Configuration Guide301Security Overview301Configuring SSR Access Security302Configuring RADIUS302Monitoring RADIUS303Configuring TACACS303Monitoring TACACS303Configuring TACACS Plus304Monitoring TACACS Plus305Configuring Passwords305Layer-2 Security Filters305Configuring Layer-2 Address Filters306Configuring Layer-2 Port-to-Address Lock Filters307Configuring Layer-2 Static Entry Filters307Configuring Layer-2 Secure Port Filters308Monitoring Layer-2 Security Filters309Layer-2 Filter Examples309Example 1: Address Filters309Example 2 : Secure Ports311Layer-3 Access Control Lists (ACLs)311Layer-4 Bridging and Filtering312Creating a Port-Based VLAN for Layer-4 Bridging313Placing the Ports on the Same VLAN313Enabling Layer-4 Bridging on the VLAN313Creating ACLs to Specify Selection Criteria for Layer-4 Bridging313Applying a Layer-4 Bridging ACL to a Port314Notes314QoS Configuration Guide317QoS & Layer-2/Layer-3/Layer-4 Flow Overview317Layer-2 and Layer-3 & Layer-4 Flow Specification318Precedence for Layer-3 Flows319SSR Queuing Policies319Traffic Prioritization for Layer-2 Flows319Configuring Layer-2 QoS320802.1p Priority Mapping320Creating and Applying a New Priority Map321Removing or Disabling Per-Port Priority Map321Displaying Priority Map Information322Traffic Prioritization for Layer-3 & Layer-4 Flows322Configuring IP QoS Policies322Setting an IP QoS Policy323Specifying Precedence for an IP QoS Policy323Configuring IPX QoS Policies323Setting an IPX QoS Policy323Specifying Precedence for an IPX QoS Policy324Configuring SSR Queueing Policy324Allocating Bandwidth for a Weighted-Fair Queuing Policy324Weighted Random Early Detection (WRED)325ToS Rewrite325Configuring ToS Rewrite for IP Packets326Monitoring QoS328Limiting Traffic Rate329Rate Limiting Modes329Per-Flow Rate Limiting330Port Rate Limiting330Aggregate Rate Limiting331Example Configurations332Per-Flow Rate Limiting332Aggregate Rate Limiting333Displaying Rate Limit Information334Performance Monitoring Guide335Performance Monitoring Overview335Configuring the SSR for Port Mirroring337Monitoring Broadcast Traffic337RMON Configuration Guide339RMON Overview339Configuring and Enabling RMON340Example of RMON Configuration Commands340RMON Groups341Lite RMON Groups341Standard RMON Groups342Professional RMON Groups342Control Tables343Using RMON344Configuring RMON Groups345Configuration Examples347Displaying RMON Information348RMON CLI Filters349Creating RMON CLI Filters351Using RMON CLI Filters351Troubleshooting RMON351Allocating Memory to RMON353LFAP Configuration Guide355Overview355Cabletron’s Traffic Accounting Services356Configuring the LFAP Agent on the SSR356Monitoring the LFAP Agent on the SSR358WAN Configuration Guide359WAN Overview359High-Speed Serial Interface (HSSI) and Standard Serial Interfaces359Configuring WAN Interfaces360Primary and Secondary Addresses360Static, Mapped, and Dynamic Peer IP/IPX Addresses360Static Addresses360Mapped Addresses361Dynamic Addresses361Forcing Bridged Encapsulation362Packet Compression362Average Packet Size363Nature of the Data363Link Integrity363Latency Requirements363Example Configurations363Packet Encryption364WAN Quality of Service364Source Filtering and ACLs365Weighted-Fair Queueing365Congestion Management365Frame Relay Overview366Virtual Circuits366Permanent Virtual Circuits (PVCs)367Configuring Frame Relay Interfaces for the SSR367Defining the Type and Location of a Frame Relay and VC Interface367Setting up a Frame Relay Service Profile368Applying a Service Profile to an Active Frame Relay WAN Port368Monitoring Frame Relay WAN Ports369Frame Relay Port Configuration369Point-to-Point Protocol (PPP) Overview371Use of LCP Magic Numbers371Configuring PPP Interfaces371Defining the Type and Location of a PPP Interface372Setting up a PPP Service Profile372Applying a Service Profile to an Active PPP Port373Configuring Multilink PPP Bundles373Compression on MLP Bundles or Links373Monitoring PPP WAN Ports374PPP Port Configuration374WAN Configuration Examples376Simple Configuration File376Multi-Router WAN Configuration377Router R1 Configuration File378Router R2 Configuration File378Router R3 Configuration File379Router R4 Configuration File379Router R5 Configuration File380Router R6 Configuration File380New Features Supported on Line Cards383Introduction383SSR 8000/8600 Line Cards383Line Cards Available Prior to the 3.0 Firmware Release383Line Cards Introduced at the 3.0 Firmware Release (-AA Revision)384Line Cards Introduced at the 3.1 Firmware Release (T-Series)385SSR 2000 Line Cards387New Features that Require Specific Line Cards388Network Address Translation388Load Balancing (LSNAT)390Layer 4 Bridging391Per-Protocol VLAN392QoS Rate Limiting393Per-Flow Rate Limiting393Aggregate Rate Limiting393Port Rate Limiting393ToS Rewrite394Established Bit ACL394Multiple IPX Encapsulation394Weighted Random Early Detection (WRED)395Jumbo Frames395Summary395Identifying a Line Card396Example 1:396Example 2:397Example 3:397Größe: 3,77 MBSeiten: 398Language: EnglishHandbuch öffnen