BenutzerhandbuchInhaltsverzeichnisTitle1Notice2Contents13Preface25About This Manual25Who Should Read This Manual?25How to Use This Manual25Related Documentation27SSR Product Overview29Supported Media (Encapsulation Type)31Supported Routing Protocols31Configuring the SmartSwitch Router32Understanding the Command Line Interface32Basic Line Editing Commands33Access Modes33User Mode34Enable Mode35Configure Mode37Boot PROM Mode38Disabling a Function or Feature39Loading System Images and Configuration Files39Boot and System Image39Configuration Files39Loading System Image Software40Loading Boot PROM Software41Activating the Configuration Commands in the Scratchpad41Copying the Configuration to the Startup Configuration File42Displaying Configuration Changes43Managing the SSR43Setting the SSR Name44Setting SSR Date and Time44Configuring NTP44Configuring the SSR CLI45Configuring SNMP Services45Configuring DNS45Connecting Between the SSR and Other Systems46Configuring Logging46Monitoring Configuration47Hot Swapping Line Cards and Control Modules49Hot Swapping Overview49Hot Swapping Line Cards49Deactivating the Line Card50Removing the Line Card50Installing a New Line Card51Hot Swapping One Type of Line Card With Another51Hot Swapping a Secondary Control Module51Deactivating the Control Module52Removing the Control Module52Installing the Control Module53Hot Swapping a Switching Fabric Module (SSR 8600 only)53Bridging Configuration Guide55Bridging Overview55Spanning Tree (IEEE 802.1d)55Bridging Modes (Flow-Based and Address-Based)56VLAN Overview56Port-based VLANs57MAC-address-based VLANs57Protocol-based VLANs57Subnet-based VLANs57Multicast-based VLANs58Policy-based VLANs58SSR VLAN Support58VLANs and the SSR58Ports, VLANs, and L3 Interfaces59Access Ports and Trunk Ports (802.1Q support)59Explicit and Implicit VLANs60Configuring SSR Bridging Functions60Configuring Address-based or Flow-based Bridging60Configuring Spanning Tree61Adjusting Spanning-Tree Parameters62Setting the Bridge Priority62Setting a Port Priority63Assigning Port Costs63Adjusting Bridge Protocol Data Unit (BPDU) Intervals63Configuring a Port or Protocol based VLAN65Creating a Port or Protocol Based VLAN65Adding Ports to a VLAN65Configuring VLAN Trunk Ports65Configuring VLANs for Bridging65Configuring Layer-2 Filters66Monitoring Bridging66Configuration Examples67Creating an IP or IPX VLAN67Creating a non-IP/non-IPX VLAN67SmartTRUNK Configuration Guide69Overview69Configuring SmartTRUNKs70Creating a SmartTRUNK70Add Physical Ports to the SmartTRUNK70Specify Traffic Distribution Policy (Optional)71Monitoring SmartTRUNKs71Example Configurations72DHCP Configuration Guide75DHCP Overview75Configuring DHCP76Configuring an IP Address Pool76Configuring Client Parameters76Configuring a Static IP Address77Grouping Scopes with a Common Interface77Configuring DHCP Server Parameters78Updating the Lease Database78Monitoring the DHCP Server78DHCP Configuration Examples79Configuring Secondary Subnets80Secondary Subnets and Directly-Connected Clients81Interacting with Relay Agents82IP Routing Configuration Guide85IP Routing Overview85IP Routing Protocols86Unicast Routing Protocols86Multicast Routing Protocols86Configuring IP Interfaces and Parameters87Configuring IP Addresses to Ports87Configuring IP Interfaces for a VLAN87Specifying Ethernet Encapsulation Method87Configuring Address Resolution Protocol (ARP)88Configuring ARP Cache Entries88Configuring Proxy ARP88Configuring Reverse Address Resolution Protocol (RARP)89Specifying IP Interfaces for RARP89Defining MAC-to-IP Address Mappings89Monitoring RARP90Configuring DNS Parameters90Configuring IP Services (ICMP)90Configuring IP Helper91Configuring Direct Broadcast91Configuring Denial of Service (DOS)91Monitoring IP Parameters92Configuring Router Discovery92Configuration Examples93Assigning IP/IPX Interfaces93VRRP Configuration Guide95VRRP Overview95Configuring VRRP95Basic VRRP Configuration96Configuration of Router R196Configuration for Router R297Symmetrical Configuration97Configuration of Router R198Configuration of Router R299Multi-Backup Configuration99Configuration of Router R1101Configuration of Router R2102Configuration of Router R3103Additional Configuration103Setting the Backup Priority104Setting the Advertisement Interval104Setting Pre-empt Mode104Setting an Authentication Key105Monitoring VRRP105ip-redundancy trace105ip-redundancy show106VRRP Configuration Notes106RIP Configuration Guide109RIP Overview109Configuring RIP109Enabling and Disabling RIP110Configuring RIP Interfaces110Configuring RIP Parameters110Configuring RIP Route Preference112Configuring RIP Route Default-Metric112Monitoring RIP112Configuration Example113OSPF Configuration Guide115OSPF Overview115OSPF Multipath116Configuring OSPF116Enabling OSPF116Configuring OSPF Interface Parameters117Configuring an OSPF Area118Configuring OSPF Area Parameters119Creating Virtual Links119Configuring Autonomous System External (ASE) Link Advertisements120Configuring OSPF over Non-Broadcast Multiple Access120Monitoring OSPF121OSPF Configuration Examples122BGP Configuration Guide127BGP Overview127The SSR BGP Implementation128Basic BGP Tasks128Setting the Autonomous System Number129Setting the Router ID129Configuring a BGP Peer Group129Adding and Removing a BGP Peer131Starting BGP131Using AS-Path Regular Expressions131AS-Path Regular Expression Examples133Using the AS Path Prepend Feature133Notes on Using the AS Path Prepend Feature134BGP Configuration Examples134BGP Peering Session Example135IBGP Configuration Example137IBGP Routing Group Example138IBGP Internal Group Example141EBGP Multihop Configuration Example144Community Attribute Example147Notes on Using Communities154Local_Pref Attribute Example154Notes on Using the Local_Pref Attribute156Multi-Exit Discriminator Attribute Example156EBGP Aggregation Example158Route Reflection Example159Notes on Using Route Reflection162Routing Policy Configuration Guide163Route Import and Export Policy Overview163Preference164Import Policies165Import-Source165Route-Filter166Export Policies166Export-Destination166Export-Source166Route-Filter167Specifying a Route Filter167Aggregates and Generates168Aggregate-Destination169Aggregate-Source169Route-Filter170Authentication170Authentication Methods170Authentication Keys and Key Management171Configuring Simple Routing Policies171Redistributing Static Routes172Redistributing Directly Attached Networks172Redistributing RIP into RIP173Redistributing RIP into OSPF173Redistributing OSPF to RIP173Redistributing Aggregate Routes173Simple Route Redistribution Examples174Example 1: Redistribution into RIP174Example 2: Redistribution into OSPF175Configuring Advanced Routing Policies177Export Policies177Creating an Export Destination179Creating an Export Source179Import Policies179Creating an Import Source180Creating a Route Filter180Creating an Aggregate Route180Creating an Aggregate Destination182Creating an Aggregate Source182Examples of Import Policies182Example 1: Importing from RIP182Example 2: Importing from OSPF185Examples of Export Policies189Example 1: Exporting to RIP189Example 2: Exporting to OSPF194Multicast Routing Configuration Guide199IP Multicast Overview199IGMP Overview199DVMRP Overview200Configuring IGMP201Configuring IGMP on an IP Interface201Configuring IGMP Query Interval201Configuring IGMP Response Wait Time201Configuring Per-Interface Control of IGMP Membership202Configuring DVMRP202Starting and Stopping DVMRP202Configuring DVMRP on an Interface203Configuring DVMRP Parameters203Configuring the DVMRP Routing Metric203Configuring DVMRP TTL & Scope204Configuring a DVMRP Tunnel204Monitoring IGMP & DVMRP205Configuration Examples206IP Policy-Based Forwarding Configuration Guide209Overview209Configuring IP Policies210Defining an ACL Profile210Associating the Profile with an IP Policy210Creating Multi-statement IP Policies211Setting Load Distribution for Next-hop Gateways212Setting the IP Policy Action212Checking the Availability of Next-hop Gateways213Applying an IP Policy to an Interface213Applying an IP Policy to Locally Generated Packets214IP Policy Configuration Examples214Routing Traffic to Different ISPs214Prioritizing Service to Customers216Authenticating Users through a Firewall217Firewall Load Balancing218Monitoring IP Policies219Network Address Translation Configuration Guide223Overview223Configuring NAT224Setting Inside and Outside Interfaces224Setting NAT Rules225Static225Dynamic225Managing Dynamic Bindings225NAT and FTP226Monitoring NAT226Configuration Examples226Static Configuration226Using Static NAT227Dynamic Configuration228Using Dynamic NAT228Dynamic NAT with IP Overload (PAT) Configuration229Using Dynamic NAT with IP Overload230Dynamic NAT with Outside Interface Redundancy230Using Dynamic NAT with Matching Interface Redundancy231Web Hosting Configuration Guide233Overview233Load Balancing234Configuring Load Balancing234Creating the Server Group234Specifying Load Balancing Policy (Optional)234Adding Servers to the Load Balancing Group235Setting Server Status235Load Balancing and FTP236Allowing Access to Load Balancing Servers236Setting Timeouts for Load Balancing Mappings236Displaying Load Balancing Information237Configuration Examples237Web Hosting with One Virtual Group and Multiple Destination Servers237Web Hosting with Multiple Virtual Groups and Multiple Destination Servers238Virtual IP Address Ranges239Web Caching240Configuring Web Caching240Creating the Cache Group241Specifying the Client(s) for the Cache Group (Optional)241Redirecting HTTP Traffic on an Interface241Configuration Example242Other Configurations242Bypassing Cache Servers242Proxy Server Redundancy243Distributing Frequently-Accessed Sites Across Cache Servers243Monitoring Web-Caching243IPX Routing Configuration Guide245IPX Routing Overview245RIP (Routing Information Protocol)245SAP (Service Advertising Protocol)246Configuring IPX RIP & SAP247IPX RIP247IPX SAP247Creating IPX Interfaces247IPX Addresses247Configuring IPX Interfaces and Parameters248Configuring IPX Addresses to Ports248Configuring IPX Interfaces for a VLAN248Specifying IPX Encapsulation Method248Configuring IPX Routing249Enabling IPX RIP249Enabling SAP249Configuring Static Routes249Configuring Static SAP Table Entries250Controlling Access to IPX Networks250Creating an IPX Access Control List250Creating an IPX Type 20 Access Control List251Creating an IPX SAP Access Control List251Creating an IPX GNS Access Control List251Creating an IPX RIP Access Control List252Monitoring an IPX Network252Configuration Examples252Access Control List Configuration Guide255ACL Basics256Defining Selection Criteria in ACL Rules256How ACL Rules are Evaluated257Implicit Deny Rule258Allowing External Responses to Established TCP Connections259Creating and Modifying ACLs260Editing ACLs Offline260Maintaining ACLs Using the ACL Editor261Using ACLs262Applying ACLs to Interfaces262Applying ACLs to Services263Using ACLs as Profiles263Using Profile ACLs with the IP Policy Facility264Using Profile ACLs with the Traffic Rate Limiting Facility265Using Profile ACLs with Dynamic NAT266Using Profile ACLs with the Port Mirroring Facility266Using Profile ACLs with the Web Caching Facility267Enabling ACL Logging268Monitoring ACLs269Security Configuration Guide271Security Overview271Configuring SSR Access Security272Configuring RADIUS272Monitoring RADIUS273Configuring TACACS273Monitoring TACACS273Configuring TACACS Plus274Monitoring TACACS Plus274Configuring Passwords275Layer-2 Security Filters275Configuring Layer-2 Address Filters276Configuring Layer-2 Port-to-Address Lock Filters276Configuring Layer-2 Static Entry Filters277Configuring Layer-2 Secure Port Filters277Monitoring Layer-2 Security Filters278Layer-2 Filter Examples279Example 1: Address Filters279Example 2 : Secure Ports280Layer-3 Access Control Lists (ACLs)281QoS Configuration Guide283QoS & Layer-2/Layer-3/Layer-4 Flow Overview283Layer-2 and Layer-3 & Layer-4 Flow Specification284Precedence for Layer-3 Flows284SSR Queuing Policies285Traffic Prioritization for Layer-2 Flows285Configuring Layer-2 QoS285Traffic Prioritization for Layer-3 & Layer-4 Flows286Configuring IP QoS Policies286Setting an IP QoS Policy287Specifying Precedence for an IP QoS Policy287Configuring IPX QoS Policies287Setting an IPX QoS Policy287Specifying Precedence for an IPX QoS Policy288Configuring SSR Queueing Policy288Allocating Bandwidth for a Weighted-Fair Queuing Policy288ToS Rewrite288Configuring ToS Rewrite for IP Packets289Monitoring QoS291Limiting Traffic Rate291Example Configuration292Displaying Rate Limit Information293Performance Monitoring Guide295Performance Monitoring Overview295Configuring the SSR for Port Mirroring297Monitoring Broadcast Traffic297RMON Configuration Guide299RMON Overview299Configuring and Enabling RMON299Example of RMON Configuration Commands300RMON Groups301Lite RMON Groups301Standard RMON Groups302Professional RMON Groups302Control Tables303Using RMON304Configuring RMON Groups305Configuration Examples307Displaying RMON Information308RMON CLI Filters309Creating RMON CLI Filters311Using RMON CLI Filters311Troubleshooting RMON311Allocating Memory to RMON313WAN Configuration Guide315WAN Overview315High-Speed Serial Interface (HSSI) and Standard Serial Interfaces315Configuring WAN Interfaces316Primary and Secondary Addresses316Static, Mapped, and Dynamic Peer IP/IPX Addresses316Static Addresses316Mapped Addresses317Dynamic Addresses317Forcing Bridged Encapsulation318Packet Compression318Average Packet Size319Nature of the Data319Link Integrity319Latency Requirements319Example Configurations319Packet Encryption320WAN Quality of Service320Source Filtering and ACLs321Weighted-Fair Queueing321Congestion Management321Frame Relay Overview322Virtual Circuits322Permanent Virtual Circuits (PVCs)323Configuring Frame Relay Interfaces for the SSR323Defining the Type and Location of a Frame Relay and VC Interface323Setting up a Frame Relay Service Profile324Applying a Service Profile to an Active Frame Relay WAN Port324Monitoring Frame Relay WAN Ports325Frame Relay Port Configuration325Point-to-Point Protocol (PPP) Overview327Use of LCP Magic Numbers327Configuring PPP Interfaces327Defining the Type and Location of a PPP Interface328Setting up a PPP Service Profile328Applying a Service Profile to an Active PPP Port329Configuring Multilink PPP Bundles329Compression on MLP Bundles or Links329Monitoring PPP WAN Ports330PPP Port Configuration330WAN Configuration Examples332Simple Configuration File332Multi-Router WAN Configuration333Router R1 Configuration File334Router R2 Configuration File334Router R3 Configuration File335Router R4 Configuration File335Router R5 Configuration File336Router R6 Configuration File336Größe: 2,29 MBSeiten: 338Language: EnglishHandbuch öffnen