Section |
Page |
Contents |
3 |
About This Document |
41 |
Audience |
41 |
Supported hardware and software |
41 |
List of supported features |
41 |
Unsupported features |
44 |
What’s new in this document |
45 |
Enhancements in release 02.7.03 |
45 |
Enhancements in release 02.7.02 |
46 |
Enhancements in release 02.7.00 |
47 |
Enhancements in release 02.6.00 |
48 |
Enhancements in patch release 02.5.00c |
51 |
Enhancements in patch release 02.5.00b |
51 |
Enhancements in release 02.5.00 |
51 |
Enhancements in patch release 02.4.00c |
52 |
Enhancements in release 02.4.00 |
53 |
Enhancements in patch release 02.3.00a |
57 |
Enhancements in release 02.3.00 |
58 |
Enhancements in release 02.2.01 |
63 |
Enhancements in release 02.2.00g |
67 |
Enhancements in release 02.2.00 |
68 |
Document conventions |
69 |
Text formatting |
69 |
Command syntax conventions |
69 |
Notes, cautions, and danger notices |
69 |
Notice to the reader |
70 |
Related publications |
70 |
Getting technical help or reporting errors |
70 |
Web access |
71 |
E-mail and telephone access |
71 |
Getting Started with the Command Line Interface |
73 |
In this chapter |
73 |
Logging on through the CLI |
73 |
On-line help |
74 |
Command completion |
74 |
Scroll control |
74 |
Line editing commands |
75 |
EXEC commands |
75 |
Global level |
76 |
CONFIG commands |
76 |
Accessing the CLI |
79 |
Navigating among command levels |
80 |
CLI command structure |
80 |
Searching and filtering output |
81 |
Allowable characters for LAG names |
85 |
Syntax shortcuts |
86 |
Saving configuration changes |
86 |
Getting Familiar With the BigIron RX Series Switch Management Applications |
87 |
How to manage BigIron RX Series switch |
87 |
Logging on through the CLI |
87 |
On-line help |
88 |
Command completion |
88 |
Scroll control |
88 |
Line editing commands |
88 |
Searching and filtering output from CLI commands |
89 |
Allowable characters for LAG names |
93 |
Logging on through the Web Management Interface |
94 |
Web Management Interface |
95 |
Logging on through IronView Network Manager |
96 |
Using a Redundant Management Module |
97 |
How management module redundancy works |
97 |
Management module redundancy overview |
97 |
Management module switchover |
98 |
Switchover implications |
99 |
Management module redundancy configuration |
101 |
Changing the default active Chassis slot |
101 |
Managing management module redundancy |
101 |
File synchronization between the active and standby management modules |
101 |
Manually switching over to the standby management module |
104 |
Rebooting the active and standby management modules |
104 |
Monitoring management module redundancy |
105 |
Determining management module status |
105 |
Displaying temperature information |
106 |
Displaying switchover information |
106 |
Flash memory and PCMCIA flash card file management commands |
108 |
Management focus |
109 |
Flash memory file system |
110 |
PCMCIA flash card file system |
111 |
Wildcards |
112 |
Formatting a flash card |
112 |
Determining the current management focus |
113 |
Switching the management focus |
113 |
Displaying a directory of the files |
114 |
Displaying the contents of a file |
116 |
Displaying the hexadecimal output of a file |
117 |
Creating a subdirectory |
117 |
Removing a subdirectory |
119 |
Renaming a file |
120 |
Changing the read-write attribute of a file |
120 |
Deleting a file |
121 |
Recovering (“undeleting”) a file |
122 |
Appending a file to another file |
123 |
Copying files using the copy command |
123 |
Copying files using the cp command |
127 |
Loading the software |
128 |
Saving configuration changes |
130 |
File management messages |
131 |
System Monitoring Service |
131 |
Securing Access to Management Functions |
135 |
Securing access methods |
135 |
Restricting remote access to management functions |
137 |
Using ACLs to restrict remote access |
137 |
Restricting remote access to the device to specific IP addresses |
140 |
Specifying the maximum number of login attempts for Telnet access |
141 |
Restricting remote access to the device to specific VLAN IDs |
141 |
Disabling specific access methods |
143 |
Setting passwords |
144 |
Setting a Telnet password |
144 |
Setting passwords for management privilege levels |
145 |
Recovering from a lost password |
147 |
Displaying the SNMP community string |
147 |
Disabling password encryption |
148 |
Specifying a minimum password length |
148 |
Setting up local user accounts |
148 |
Configuring a local user account |
149 |
Username, password and login rules |
151 |
Configuring the strict password feature |
152 |
Configuring SSL security for the Web Management Interface |
154 |
Enabling the SSL server on the device |
155 |
Importing digital certificates and RSA private key files |
155 |
Generating an SSL certificate |
156 |
Configuring TACACS and TACACS+ security |
156 |
How TACACS+ differs from TACACS |
156 |
TACACS and TACACS+ authentication, authorization, and accounting |
157 |
TACACS and TACACS+ configuration considerations |
160 |
Enabling SNMP to configure TACACS and TACACS |
161 |
Identifying the TACACS and TACACS+ servers |
161 |
Specifying different servers for individual AAA functions |
162 |
Setting optional TACACS and TACACS+ parameters |
162 |
Configuring authentication-method lists for TACACS and TACACS+ |
164 |
Configuring TACACS+ authorization |
166 |
Configuring TACACS+ accounting |
169 |
Configuring an interface as the source for all TACACS and TACACS+ packets |
170 |
Displaying TACACS and TACACS+ statistics and configuration information |
170 |
Configuring RADIUS security |
172 |
RADIUS authentication, authorization, and accounting |
172 |
RADIUS configuration considerations |
175 |
RADIUS configuration procedure |
175 |
Configuring Brocade-specific attributes on the RADIUS server |
176 |
Enabling SNMP to configure RADIUS |
177 |
Identifying the RADIUS server to the BigIron RX |
177 |
Specifying different servers for individual AAA functions |
178 |
Setting RADIUS parameters |
178 |
Configuring authentication-method lists for RADIUS |
179 |
Configuring RADIUS authorization |
180 |
Configuring RADIUS accounting |
182 |
Configuring an interface as the source for all RADIUS packets |
183 |
Displaying RADIUS configuration information |
184 |
Configuring authentication-method lists |
185 |
Configuration considerations for authentication- method lists |
186 |
Examples of authentication-method lists |
187 |
Configuring Basic Parameters |
189 |
Entering system administration information |
189 |
Configuring Simple Network Management Protocol traps |
190 |
Specifying an SNMP trap receiver |
190 |
Specifying a Single trap source |
191 |
Setting the SNMP Trap holddown time |
191 |
Disabling SNMP traps |
192 |
Disabling Syslog messages and traps for CLI access |
193 |
Configuring an interface as source for all Telnet packets |
194 |
Cancelling an outbound Telnet session |
195 |
Configuring an interface as the source for all TFTP packets |
195 |
Configuring an interface as the source for Syslog packets |
195 |
Specifying a Simple Network Time Protocol (SNTP) server |
196 |
Setting the system clock |
198 |
New Daylight Saving Time (DST) |
199 |
Configuring CLI banners |
200 |
Setting a message of the day banner |
200 |
Setting a privileged EXEC CLI level banner |
201 |
Displaying a message on the console when an incoming Telnet session is detected |
201 |
Configuring terminal display |
202 |
Checking the length of terminal displays |
202 |
Enabling or disabling routing protocols |
202 |
Displaying and modifying system parameter default settings |
203 |
Enabling or disabling Layer 2 switching |
205 |
CAM partitioning for the BigIron RX |
206 |
Re-distributing CAM allocations |
206 |
Nexthop table |
207 |
Changing the MAC age time |
208 |
Configuring static ARP entries |
208 |
Pinging an IPv4 address |
209 |
Configuring Interface Parameters |
211 |
Assigning a port name |
211 |
Assigning an IP address to a port |
211 |
Speed/Duplex negotiation |
212 |
Disabling or re-enabling a port |
213 |
Changing the default Gigabit negotiation mode |
213 |
Changing the negotiation mode |
214 |
Disabling or re-enabling flow control |
214 |
Specifying threshold values for flow control |
214 |
Locking a port to restrict addresses |
215 |
Wait for all cards feature |
215 |
Port transition hold timer |
216 |
Port flap dampening |
216 |
Modifying port priority (QoS) |
217 |
Assigning a mirror port and monitor ports |
218 |
Configuration guidelines for monitoring traffic |
218 |
Configuring port mirroring and monitoring |
218 |
Monitoring an individual trunk port |
219 |
Mirror ports for Policy-Based Routing (PBR) traffic |
220 |
About hardware-based PBR |
220 |
Configuring mirror ports for PBR traffic |
221 |
Displaying mirror and monitor port configuration |
221 |
Enabling WAN PHY mode support |
222 |
Configuring IP |
223 |
Overview of configuring IP |
223 |
The IP packet flow |
223 |
ARP cache table |
224 |
Static ARP table |
224 |
IP Route table |
225 |
IP forwarding cache |
226 |
Basic IP parameters and defaults |
226 |
When parameter changes take effect |
227 |
IP global parameters |
227 |
IP interface parameters |
230 |
Configuring IP parameters |
231 |
Configuring IP addresses |
231 |
Changing the network mask display to prefix format |
234 |
Configuring the default gateway |
234 |
GRE IP tunnel |
235 |
IPv6 over IPv4 tunnels in hardware |
240 |
Configuring Domain Name Server (DNS) resolver |
244 |
Adding host names to the DNS cache table |
245 |
Configuring packet parameters |
249 |
Changing the encapsulation type |
249 |
Setting maximum frame size per PPCR |
250 |
Changing the MTU |
251 |
Changing the router ID |
252 |
Specifying a single source interface for Telnet, TACACS, TACACS+, or RADIUS packets |
253 |
Configuring an interface as the source for Syslog packets |
255 |
IP fragmentation protection |
256 |
IP option attack protection |
256 |
IP receive access list |
256 |
Configuring ARP parameters |
257 |
How ARP works |
257 |
Rate limiting ARP packets |
258 |
Applying a rate limit to ARP packets on an interface |
259 |
Clearing the rate limit for ARP packets |
260 |
Changing the ARP aging period |
260 |
Creating a floating static ARP entry |
262 |
Static route ARP validation check |
263 |
Configuring forwarding parameters |
264 |
Disabling ICMP messages |
266 |
Disabling ICMP redirect messages |
268 |
Configuring static routes |
269 |
Static route tagging |
273 |
Configuring a default network route |
278 |
Configuring IP load sharing |
279 |
Default route ECMP |
282 |
IP receive access list |
283 |
Configuring IRDP |
284 |
Configuring UDP broadcast and IP helper parameters |
286 |
Configuring BootP/DHCP forwarding parameters |
288 |
Displaying IP information |
290 |
Displaying IP interface information |
293 |
Displaying interface name in Syslog |
294 |
Displaying ARP entries |
294 |
Displaying the forwarding cache |
296 |
Displaying the IP route table |
298 |
Clearing IP routes |
301 |
Displaying IP traffic statistics |
301 |
Displaying TCP traffic statistics |
304 |
Link Aggregation |
307 |
Link aggregation overview |
307 |
LAG formation rules |
307 |
LAG load sharing |
310 |
Migration from a pre-02.6.00 trunk or LACP configuration |
311 |
Configuration of a LAG |
312 |
Creating a Link Aggregation Group (LAG) |
312 |
Deploying a LAG |
315 |
Commands available under LAG once it is deployed |
316 |
Configuring ACL-based mirroring |
316 |
Disabling ports within a LAG |
316 |
Enabling ports within a LAG |
317 |
Monitoring an individual LAG port |
317 |
Assigning a name to a port within a LAG |
318 |
Enabling sFlow forwarding on a port within a LAG |
318 |
Setting the sFlow sampling rate for a port within a LAG |
318 |
Displaying LAG information |
319 |
Displaying LAG statistics |
322 |
Configuring LLDP |
325 |
Terms used in this chapter |
325 |
LLDP overview |
325 |
Benefits of LLDP |
326 |
General operating principles |
327 |
Operating modes |
327 |
LLDP packets |
327 |
TLV support |
328 |
MIB support |
331 |
Syslog messages |
331 |
Configuring LLDP |
331 |
Configuration notes and considerations |
332 |
Enabling and disabling LLDP |
332 |
Changing a port’s LLDP operating mode |
333 |
Specifying the maximum number of LLDP neighbors |
334 |
Enabling LLDP SNMP notifications and Syslog messages |
335 |
Specifying the minimum time between SNMP traps and Syslog messages |
335 |
Changing the minimum time between LLDP transmissions |
336 |
Changing the interval between regular LLDP transmissions |
336 |
Changing the holdtime multiplier for transmit TTL |
337 |
Changing the minimum time between port reinitializations |
337 |
LLDP TLVs advertised by the Brocade device |
338 |
Displaying LLDP statistics and configuration settings |
344 |
LLDP configuration summary |
344 |
LLDP statistics |
345 |
LLDP neighbors |
346 |
LLDP neighbors detail |
347 |
LLDP configuration details |
349 |
Resetting LLDP statistics |
349 |
Configuring Uni-Directional Link Detection (UDLD) |
351 |
Configuration considerations |
352 |
Configuring UDLD |
352 |
Changing the keepalive interval |
352 |
Changing the keepalive retries |
352 |
Displaying UDLD information |
353 |
Displaying information for all ports |
353 |
Displaying link-keepalive information |
353 |
Displaying information for a single port |
354 |
Clearing UDLD statistics |
356 |
VLANs |
357 |
Overview of Virtual Local Area Networks (VLANs) |
357 |
Tagged, untagged, and dual-mode ports |
357 |
Protocol-based VLANs |
359 |
VLAN configuration rules |
360 |
VLAN ID range |
360 |
Tagged VLANs |
360 |
VLAN hierarchy |
360 |
Multiple VLAN membership rules |
360 |
Layer 2 control protocols on VLANs |
361 |
Configuring port-based VLANs |
361 |
VLAN byte accounting |
362 |
Strictly or explicitly tagging a port |
364 |
Assigning or changing a VLAN priority |
364 |
Assigning a different ID to the default VLAN |
364 |
Configuring protocol-based VLANs |
365 |
Configuring an MSTP instance |
366 |
Configuring virtual routing interfaces |
366 |
Bridging and routing the same protocol simultaneously on the same device |
367 |
Integrated Switch Routing (ISR) |
368 |
VLAN groups |
369 |
Configuring a VLAN group |
369 |
Configuring super aggregated VLANs |
371 |
Configuring aggregated VLANs |
373 |
Complete CLI examples |
374 |
Configuring 802.1q-in-q tagging |
377 |
Configuration rules |
378 |
Enabling 802.1Q-in-Q tagging |
379 |
Example configuration |
379 |
Configuring 802.1q tag-type translation |
380 |
Configuration rules |
382 |
Enabling 802.1q tag-type translation |
383 |
Private VLANs |
384 |
Implementation notes |
385 |
Configuration notes |
385 |
Configuring a private VLAN |
386 |
Enabling broadcast, multicast or unknown unicast traffic to the private VLAN |
388 |
CLI example for Figure 30 |
388 |
Other VLAN features |
389 |
Allocating memory for more VLANs or virtual routing interfaces |
389 |
Hardware flooding for Layer 2 multicast and broadcast packets |
389 |
Unknown unicast flooding on VLAN ports |
390 |
Flow based MAC learning |
390 |
Configuring uplink ports within a port-based VLAN |
391 |
Configuring control protocols in VLANs |
391 |
Other configuration options |
392 |
Displaying VLAN information |
392 |
Displaying VLAN information |
392 |
Displaying VLAN information for specific ports |
393 |
Displaying VLAN status and port types |
393 |
Displaying VLAN group information |
395 |
Transparent firewall mode |
395 |
Enabling a transparent firewall |
395 |
Configuring Spanning Tree Protocol |
397 |
IEEE 802.1D Spanning Tree Protocol (STP) |
397 |
Enabling or disabling STP |
397 |
Default STP bridge and port parameters |
398 |
Changing STP bridge parameters |
399 |
Changing STP port parameters |
400 |
STP root guard |
400 |
Spanning Tree Protocol (STP) BPDU guard |
401 |
Displaying STP information |
402 |
IEEE Single Spanning Tree (SSTP) |
408 |
SSTP defaults |
408 |
Enabling SSTP |
409 |
Displaying SSTP information |
410 |
PVST/PVST+ compatibility |
410 |
Overview of PVST and PVST+ |
411 |
VLAN tags and dual mode |
411 |
Enabling PVST+ support |
412 |
Displaying PVST+ support information |
412 |
Configuration examples |
413 |
SuperSpan™ |
415 |
Customer ID |
416 |
BPDU forwarding |
416 |
Configuring SuperSpan |
421 |
Configuring Rapid Spanning Tree Protocol |
425 |
Overview of Rapid Spanning Tree Protocol |
425 |
Bridges and bridge port roles |
425 |
Assignment of port roles |
426 |
Ports on Switch 1 |
427 |
Ports on Switch 2 |
427 |
Ports on Switch 3 |
427 |
Ports Switch 4 |
428 |
Edge ports and edge port roles |
428 |
Point-to-point ports |
429 |
Bridge port states |
429 |
Edge port and non-edge port states |
430 |
Changes to port roles and states |
430 |
State machines |
430 |
Handshake mechanisms |
431 |
Convergence in a simple topology |
441 |
Convergence at start up |
442 |
Convergence after a link failure |
444 |
Convergence at link restoration |
445 |
Convergence in a complex RSTP topology |
446 |
Propagation of topology change |
449 |
Compatibility of RSTP with 802.1D |
452 |
Configuring RSTP parameters |
453 |
Enabling or disabling RSTP in a port-based VLAN |
453 |
Enabling or disabling RSTP on a single spanning tree |
454 |
Disabling or enabling RSTP on a port |
454 |
Changing RSTP bridge parameters |
454 |
Changing port parameters |
455 |
Fast port span |
456 |
Fast uplink span |
458 |
Displaying RSTP information |
460 |
Metro Ring Protocol (MRP) Phase 1 and 2 |
465 |
Metro Ring Protocol (MRP) phase 1 |
465 |
MRP rings without shared interfaces |
466 |
Ring initialization |
467 |
How ring breaks are detected and healed |
470 |
Master VLANs and customer VLANs in a topology group |
472 |
Configuring MRP |
474 |
Adding an MRP ring to a VLAN |
475 |
Changing the hello and preforwarding times |
476 |
MRP phase 2 |
476 |
Ring initialization for shared interfaces |
478 |
How ring breaks are detected and healed between shared interfaces |
478 |
Selection of master node |
479 |
RHP processing in rings with shared interfaces |
479 |
Normal flow |
480 |
Flow when a link breaks |
481 |
Configuring MRP with shared interfaces |
481 |
Using MRP diagnostics |
482 |
Enabling MRP diagnostics |
482 |
Displaying MRP diagnostics |
483 |
Displaying MRP information |
483 |
Displaying topology group information |
483 |
Displaying ring information |
484 |
MRP CLI example |
485 |
Commands on switch A (master node) |
486 |
Commands on switch B |
486 |
Commands on switch C |
487 |
Commands on switch D |
487 |
Virtual Switch Redundancy Protocol (VSRP) |
489 |
Overview of Virtual Switch Redundancy Protocol (VSRP) |
489 |
Layer 2 and Layer 3 redundancy |
490 |
Master election and failover |
490 |
Configuring basic VSRP parameters |
495 |
Enabling Layer 3 VSRP |
496 |
Configuring optional VSRP parameters |
496 |
Disabling VSRP on a VRID |
496 |
Configuring authentication |
496 |
Configuring a VRID IP address |
497 |
VSRP fast start |
498 |
Changing the backup priority |
499 |
Saving the timer values received from the master |
499 |
VSRP slow start |
500 |
Changing the Time-To-Live (TTL) |
500 |
Changing the hello interval |
501 |
Changing the dead interval |
501 |
Changing the backup hello state and interval |
501 |
Changing the hold-down interval |
502 |
Changing the default track priority |
502 |
Specifying a track port |
503 |
Disabling or re-enabling backup pre-emption |
503 |
Port transition hold timer |
503 |
Clearing VSRP information |
504 |
VSRP and MRP signaling |
504 |
Displaying VSRP information |
506 |
Displaying VRID information |
506 |
Displaying a summary of VSRP information |
508 |
Displaying VSRP packet statistics for VSRP |
509 |
Displaying the active interfaces for a VRID |
510 |
Topology Groups |
511 |
Topology overview |
511 |
Master VLAN and member VLANs |
511 |
Master VLANs and customer VLANs in MRP |
512 |
Control ports and free ports |
512 |
Configuration considerations |
512 |
Configuring a topology group |
513 |
Displaying topology group information |
513 |
Displaying topology group information |
513 |
Configuring VRRP and VRRPE |
515 |
Overview of VRRP |
515 |
Standard VRRP |
515 |
Brocade enhancements of VRRP |
517 |
Overview of VRRPE |
519 |
VRRP and VRRPE parameters |
522 |
Configuring parameters specific to VRRP |
524 |
Configuring the owner |
524 |
Configuring basic VRRP parameters |
524 |
Configuring the owner |
525 |
Configuring a backup |
525 |
Configuration rules for VRRP |
525 |
Configuring parameters specific to VRRPE |
526 |
Configuration rules for VRRPE |
526 |
Configuring additional VRRP and VRRPE parameters |
526 |
Authentication type |
527 |
Suppression of RIP advertisements on backup routers for the backup up interface |
528 |
Hello interval |
528 |
Dead interval |
528 |
Backup hello message state and interval |
529 |
Track port |
529 |
Track priority |
529 |
Backup preempt |
530 |
Master router abdication and reinstatement |
530 |
Displaying VRRP and VRRPE information |
531 |
Displaying summary information |
531 |
Displaying detailed information |
533 |
Displaying statistics |
536 |
Clearing VRRP or VRRPE statistics |
537 |
Configuration examples |
537 |
VRRP example |
537 |
VRRPE example |
539 |
Configuring Quality of Service |
541 |
Overview of Quality of Service (QoS) |
541 |
Classification |
541 |
Processing of classified traffic |
541 |
Marking |
544 |
Configuring DSCP classification by interface |
544 |
Configuring port, MAC, and VLAN-based classification |
544 |
Configuring ToS-based QoS |
546 |
Enabling ToS-based QoS |
546 |
Specifying trust level |
546 |
Enabling marking |
546 |
Configuring the QoS mappings |
547 |
Changing the CoS –> DSCP mappings |
547 |
Changing the DSCP –> DSCP mappings |
547 |
Changing the DSCP –> internal forwarding priority mappings |
548 |
Changing the CoS –> internal forwarding priority mappings |
549 |
Displaying QoS configuration information |
549 |
Determining packet drop priority using WRED |
551 |
How WRED Operates |
552 |
Calculating avg-q-size |
552 |
Calculating packets that are dropped |
552 |
Using WRED with rate limiting |
553 |
Configuring packet drop priority using WRED |
553 |
Enabling WRED |
553 |
Setting the averaging-weight (Wq) parameter |
553 |
Displaying the WRED configuration |
557 |
Scheduling traffic for forwarding |
558 |
Configuring traffic scheduling |
558 |
Configuring multicast traffic engineering |
562 |
Displaying the multicast traffic engineering configuration |
563 |
QoS for the oversubscribed 16 x 10GE modules |
564 |
Aggregation NP QOS modes |
564 |
Port group assignments |
564 |
Setting the server and storage modes |
564 |
Switching between server and storage modes |
565 |
Qos profiles |
565 |
Setting the group port weights |
566 |
Calculating the values for WFQ storage mode traffic scheduling |
566 |
Egress port shaping |
567 |
Mirroring ports |
567 |
Supported ACLs |
567 |
Configuring QoS for the 16 x 10G module |
568 |
Configuring Traffic Reduction |
571 |
Traffic policing on the BigIron RX Series |
571 |
Traffic reduction parameters and algorithm |
571 |
Requested rate |
571 |
Maximum burst |
572 |
Actual rate |
572 |
Configuration considerations |
573 |
Configuring rate limiting policies |
574 |
Configuring a port-based rate limiting policy |
574 |
Configuring a port-and-priority-based rate limiting policy |
575 |
Configuring a port-and-VLAN-based rate limiting policy |
575 |
Configuring a VLAN-group-based rate limiting policy |
576 |
Configuring a port-and-IPv6 ACL-based traffic reduction |
578 |
NP based multicast, broadcast, and unknown-unicast rate limiting |
579 |
Displaying traffic reduction |
579 |
Layer 2 ACLs |
581 |
Filtering based on ethertype |
581 |
Configuration rules and notes |
581 |
Configuring Layer 2 ACLs |
582 |
Creating a Layer 2 ACL table |
582 |
Example Layer 2 ACL clauses |
583 |
Inserting and deleting Layer 2 ACL clauses |
584 |
Binding a Layer 2 ACL table to an interface |
584 |
Increasing the maximum number of clauses per Layer 2 ACL table |
584 |
Viewing Layer 2 ACLs |
584 |
Example of Layer 2 ACL deny by MAC address |
585 |
Access Control List |
587 |
How the BigIron RX processes ACLs |
587 |
Disabling or re-enabling Access Control Lists (ACLs) |
588 |
Default ACL action |
588 |
Types of IP ACLs |
588 |
ACL IDs and entries |
589 |
Enabling support for additional ACL statements |
589 |
ACL-based inbound mirroring |
590 |
Considerations when configuring ACL-based inbound mirroring |
590 |
Configuring ACL-based inbound mirroring |
590 |
Creating an ACL with a mirroring clause |
590 |
Applying the ACL to an interface |
591 |
Specifying the destination mirror port |
591 |
Configuring ACL-based mirroring for ACLs bound to virtual interfaces |
593 |
Configuring numbered and named ACLs |
593 |
Configuring standard numbered ACLs |
593 |
Configuring extended numbered ACLs |
595 |
Configuring standard or extended named ACLs |
603 |
Configuring super ACLs |
606 |
Displaying ACL definitions |
608 |
Displaying of TCP/UDP numbers in ACLs |
609 |
ACL logging |
619 |
Enabling the new logging method |
620 |
Specifying the wait time |
620 |
Modifying ACLs |
620 |
Adding or deleting a comment |
622 |
Deleting ACL entries |
624 |
From numbered ACLs |
624 |
From named ACLs |
625 |
Applying ACLs to interfaces |
626 |
Reapplying modified ACLs |
626 |
ACL automatic rebind |
626 |
Manually setting the ACL rebind |
626 |
Applying ACLs to a virtual routing interface |
626 |
Configuring the Layer 4 session log timer |
627 |
Displaying ACL log entries |
627 |
QoS options for IP ACLs |
628 |
Enabling ACL duplication check |
629 |
ACL accounting |
629 |
Displaying accounting statistics for all ACLs |
629 |
Displaying statistics for an interface |
630 |
Clearing the ACL statistics |
631 |
Enabling ACL filtering of fragmented or non-fragmented packets |
632 |
ACL filtering for traffic switched within a virtual routing interface |
633 |
ICMP filtering for extended ACLs |
633 |
Troubleshooting ACLs |
635 |
Policy-Based Routing |
637 |
Policy-Based Routing (PBR) |
637 |
Configuration considerations |
637 |
Configuring a PBR policy |
638 |
Configure the ACLs |
638 |
Configure the route map |
639 |
Enabling PBR |
640 |
Configuration examples |
641 |
Basic example |
641 |
Setting the next hop |
642 |
Setting the output interface to the null interface |
643 |
Trunk formation |
643 |
Configuring IP Multicast Protocols |
645 |
Overview of IP multicasting |
645 |
Multicast terms |
645 |
Changing global IP multicast parameters |
646 |
Defining the maximum number of DVMRP cache entries |
646 |
Defining the maximum number of PIM cache entries |
646 |
IP multicast boundaries |
646 |
Configuring multicast boundaries |
647 |
Displaying multicast boundaries |
647 |
Passive Multicast Route Insertion (PMRI) |
648 |
Configuring PMRI |
648 |
Displaying hardware-drop |
648 |
Changing IGMP V1 and V2 parameters |
649 |
Modifying IGMP (V1 and V2) query interval period |
649 |
Modifying IGMP (V1 and V2) membership time |
649 |
Modifying IGMP (V1 and V2) maximum response time |
650 |
Adding an interface to a multicast group |
650 |
IGMP v3 |
651 |
Default IGMP version |
652 |
Compatibility with IGMP V1 and V2 |
652 |
Enabling the IGMP version per interface setting |
653 |
Enabling the IGMP version on a physical port within a virtual routing interface |
653 |
Setting the query interval |
655 |
Setting the group membership time |
655 |
Setting the maximum response time |
655 |
Displaying IGMPv3 information |
655 |
Clearing IGMP statistics |
659 |
IGMP V3 and source specific multicast protocols |
659 |
Configuring a static multicast route |
659 |
Next hop validation check |
661 |
PIM dense |
661 |
Initiating PIM multicasts on a network |
662 |
Pruning a multicast tree |
662 |
Grafts to a multicast tree |
664 |
PIM DM versions |
664 |
Configuring PIM DM |
665 |
Failover time in a multi-path topology |
669 |
Modifying the TTL |
669 |
PIM Sparse |
669 |
PIM Sparse router types |
670 |
RP paths and SPT paths |
671 |
Configuring PIM Sparse |
671 |
Route selection precedence for multicast |
676 |
Configuring the route precedence by specifying the route types |
676 |
Displaying the route selection |
677 |
Changing the Shortest Path Tree (SPT) threshold |
678 |
Changing the PIM join and prune message interval |
679 |
MLL optimization |
679 |
Displaying PIM Sparse configuration information and statistics |
679 |
Displaying basic PIM Sparse configuration information |
680 |
Displaying a list of multicast groups |
681 |
Displaying BSR information |
682 |
Displaying candidate RP information |
683 |
Displaying RP-to-group mappings |
684 |
Displaying RP information for a PIM Sparse group |
684 |
Displaying the RP set list |
685 |
Displaying multicast neighbor information |
685 |
Displaying information about an upstream neighbor device |
686 |
Displaying the PIM multicast cache |
687 |
Displaying PIM traffic statistics |
689 |
PIM-SSMv4 |
689 |
Enabling SSM |
690 |
Configuring Multicast Source Discovery Protocol (MSDP) |
690 |
Peer Reverse Path Forwarding (RPF) flooding |
692 |
Source active caching |
692 |
Configuring MSDP |
692 |
Enabling MSDP |
693 |
Configuring MSDP peers |
693 |
Designating an interface’s IP address as the RP’s IP address |
694 |
Filtering MSDP source-group pairs |
694 |
Filtering incoming source-active messages |
694 |
Filtering advertised source-active messages |
696 |
Displaying the differences before and after the source active filters are applied |
697 |
Configuring MSDP mesh groups |
699 |
Configuring MSDP mesh group |
700 |
Displaying summary information |
706 |
Displaying peer information |
707 |
Displaying source active cache information |
710 |
Clearing MSDP information |
710 |
Clearing peer information |
710 |
Clearing the source active cache |
711 |
Clearing MSDP statistics |
711 |
DVMRP overview |
711 |
Initiating DVMRP multicasts on a network |
712 |
Pruning a multicast tree |
712 |
Grafts to a multicast tree |
714 |
Configuring DVMRP |
715 |
Enabling DVMRP globally and on an interface |
715 |
Modifying DVMRP global parameters |
715 |
Modifying DVMRP interface parameters |
718 |
Displaying information about an upstream neighbor device |
719 |
Configuring a static multicast route |
719 |
Configuring IP multicast traffic reduction |
720 |
Enabling IP multicast traffic reduction |
721 |
Layer 2 multicast filters |
725 |
PIM SM traffic snooping |
726 |
Static IGMP membership |
730 |
Configuring RIP |
733 |
Overview of Routing Information Protocol (RIP) |
733 |
Configuring RIP parameters |
733 |
Enabling RIP |
733 |
Configuring metric parameters |
734 |
Changing the administrative distance |
734 |
Configuring redistribution |
735 |
Configuring route learning and advertising parameters |
736 |
Changing the route loop prevention method |
737 |
Suppressing RIP route advertisement on a VRRP or VRRPE backup interface |
738 |
Using prefix lists and route maps as route filters |
738 |
Setting RIP timers |
739 |
Displaying RIP filters |
740 |
Clearing the RIP routes from the routing table |
741 |
Configuring OSPF Version 2 (IPv4) |
743 |
Overview of OSPF (Open Shortest Path First) |
743 |
Designated routers in multi-access networks |
744 |
Designated router election in multi-access networks |
744 |
OSPF RFC 1583 and 2328 compliance |
746 |
Reduction of equivalent AS external LSAs |
746 |
Support for OSPF RFC 2328 appendix E |
748 |
Dynamic OSPF activation and configuration |
749 |
Configuring OSPF |
749 |
Configuration rules |
750 |
OSPF parameters |
750 |
Enable OSPF on the router |
751 |
Assign OSPF areas |
751 |
Assigning an area range (optional) |
755 |
Assigning interfaces to an area |
755 |
Modify interface defaults |
755 |
Change the timer for OSPF authentication changes |
758 |
Block flooding of outbound LSAs on specific OSPF interfaces |
759 |
Assign virtual links |
759 |
Modify virtual link parameters |
761 |
Configuring an OSPF non-broadcast interface |
762 |
OSPF point-to-point links |
763 |
Changing the reference bandwidth for the cost on OSPF interfaces |
766 |
Define redistribution filters |
767 |
Modify default metric for redistribution |
768 |
Enable route redistribution |
769 |
Disable or re-enable load sharing |
770 |
Configure external route summarization |
772 |
Configure default route origination |
773 |
Configuring a default network route |
774 |
Modify SPF timers |
775 |
Modify redistribution metric type |
775 |
Modify administrative distance |
776 |
Configure OSPF group Link State Advertisement pacing |
777 |
OSPF ABR type 3 LSA filtering |
777 |
Displaying the configured OSPF area prefix list |
780 |
Modifying OSPF traps generated |
780 |
Modify OSPF standard compliance setting |
782 |
Modify exit overflow interval |
783 |
Specify types of OSPF Syslog messages to log |
783 |
Displaying OSPF information |
784 |
Displaying general OSPF configuration information |
784 |
Displaying CPU utilization and other OSPF tasks |
785 |
Displaying OSPF area information |
787 |
Displaying OSPF neighbor information |
788 |
Displaying OSPF interface information |
789 |
Displaying OSPF route information |
791 |
Displaying OSPF external link state Information |
793 |
Displaying OSPF database link state information |
794 |
Displaying OSPF ABR and ASBR information |
795 |
Displaying OSPF trap status |
796 |
Displaying OSPF virtual neighbor and link information |
796 |
OSPF graceful restart |
798 |
Configuring BGP4 (IPv4 and IPv6) |
803 |
Overview of BGP4 |
803 |
Relationship between the BGP4 route table and the IP route table |
804 |
How BGP4 selects a path for a route |
804 |
BGP4 message types |
806 |
Brocade implementation of BGP4 |
808 |
Memory considerations |
808 |
Configuring BGP4 |
809 |
When parameter changes take effect |
811 |
Activating and disabling BGP4 |
812 |
Note regarding disabling BGP4 |
813 |
Entering and exiting the address family configuration level |
813 |
Filtering specific IP addresses |
814 |
Defining an AS-path filter |
815 |
Defining a community filter |
816 |
Configuring a switch to allow routes with its own AS number |
816 |
BGP Null0 routing |
817 |
Aggregating routes advertised to BGP4 neighbors |
821 |
Configuring the device to always compare MEDs |
821 |
Disabling or re-enabling comparison of the AS-path length |
822 |
Redistributing IBGP routes |
822 |
Disabling or re-enabling client-to-client route reflection |
823 |
Configuring a route reflector |
823 |
Enabling or disabling comparison of the router IDs |
823 |
Configuring confederations |
824 |
Configuring route flap dampening |
827 |
Originating the default route |
827 |
Changing the default local preference |
828 |
Changing the default metric used for redistribution |
828 |
Changing administrative distances |
829 |
Requiring the first AS to be the neighbor’s AS |
830 |
Neighbor local-AS |
830 |
Enabling fast external fallover |
830 |
Setting the local AS number |
831 |
Changing the maximum number of shared BGP4 paths |
831 |
Treating missing MEDs as the worst MEDs |
832 |
Customizing BGP4 load sharing |
832 |
Configuring BGP4 neighbors |
833 |
Removing route dampening from suppressed neighbor routes |
837 |
Encryption of BGP4 MD5 authentication keys |
838 |
Configuring a BGP4 peer group |
840 |
Peer group parameters |
840 |
Specifying a list of networks to advertise |
843 |
Using the IP default route as a valid next hop for a BGP4 route |
844 |
Enabling next-hop recursion |
845 |
Modifying redistribution parameters |
848 |
Using a table map to set the tag value |
851 |
Changing the keep alive time and hold time |
851 |
Changing the BGP4 next-hop update timer |
852 |
Changing the router ID |
852 |
Adding a loopback interface |
853 |
Changing the maximum number of paths for BGP4 load sharing |
853 |
Configuring route reflection parameters |
854 |
Filtering |
856 |
Filtering AS-paths |
857 |
Filtering communities |
860 |
Defining and applying IP prefix lists |
861 |
Defining neighbor distribute lists |
862 |
Defining route maps |
863 |
Configuring cooperative BGP4 route filtering |
871 |
Configuring route flap dampening |
873 |
Generating traps for BGP |
878 |
Updating route information and resetting a neighbor session |
878 |
Clearing traffic counters |
884 |
Clearing route flap dampening statistics |
885 |
Removing route flap dampening |
885 |
Clearing diagnostic buffers |
886 |
Displaying BGP4 information |
886 |
Displaying summary BGP4 information |
887 |
Displaying the active BGP4 configuration |
889 |
Displaying summary neighbor information |
889 |
Displaying BGP4 neighbor information |
891 |
Displaying peer group information |
902 |
Displaying summary route information |
902 |
Displaying the BGP4 route table |
903 |
Displaying BGP4 route-attribute entries |
909 |
Displaying the routes BGP4 has placed in the IP route table |
911 |
Displaying route flap dampening statistics |
911 |
Displaying the active route map configuration |
912 |
Generalized TTL security mechanism support |
916 |
Configuring MBGP |
919 |
Configuration considerations |
920 |
Configuring MBGP |
920 |
Setting the maximum number of multicast routes supported |
920 |
Enabling MBGP |
921 |
Adding MBGP neighbors |
921 |
Optional configuration tasks |
922 |
Displaying MBGP information |
925 |
Displaying summary MBGP information |
925 |
Displaying the active MBGP configuration |
926 |
Displaying MBGP neighbors |
927 |
Displaying MBGP routes |
928 |
Displaying the IP multicast route table |
928 |
Configuring IS-IS (IPv4) |
929 |
Relationship to IP route table |
929 |
Intermediate systems and end systems |
930 |
Domain and areas |
931 |
Level-1 routing and Level-2 routing |
931 |
Neighbors and adjacencies |
931 |
Designated IS |
931 |
IS-IS CLI levels |
933 |
Global configuration level |
933 |
Address family configuration level |
934 |
Interface level |
934 |
Configuring IPv4 IS-IS |
935 |
Enabling IS-IS globally |
935 |
Globally configuring IS-IS on a device |
936 |
Setting the overload bit |
936 |
Configuring authentication |
937 |
Changing the IS-IS Level globally |
938 |
Disabling or re-enabling display of hostname |
938 |
Changing the sequence numbers PDU interval |
938 |
Changing the maximum LSP lifetime |
939 |
Changing the LSP refresh interval |
939 |
Changing the LSP generation interval |
939 |
Changing the LSP interval and retransmit interval |
940 |
Changing the SPF timer |
940 |
Globally disabling or re-enabling hello padding |
940 |
Logging adjacency changes |
941 |
Disabling partial SPF calculations |
941 |
Configuring IPv4 address family route parameters |
942 |
Changing the metric style |
942 |
Changing the maximum number of load sharing paths |
942 |
Enabling advertisement of a default route |
942 |
Changing the administrative distance for IPv4 IS-IS |
943 |
Configuring summary addresses |
944 |
Redistributing routes into IPv4 IS-IS |
945 |
Changing the default redistribution metric |
945 |
Redistributing static IPv4 routes into IPv4 IS-IS |
946 |
Redistributing directly connected routes into IPv4 IS-IS |
946 |
Redistributing RIP routes into IPv4 IS-IS |
947 |
Redistributing OSPF routes into IPv4 IS-IS |
947 |
Redistributing BGP4+ routes into IPv4 IS-IS |
947 |
Redistributing IPv4 IS-IS routes within IPv4 IS-IS |
948 |
Configuring ISIS properties on an interface |
948 |
Disabling and enabling IS-IS on an interface |
948 |
Disabling or re-enabling formation of adjacencies |
948 |
Setting the priority for designated IS election |
949 |
Limiting access to adjacencies with a neighbor |
949 |
Changing the IS-IS level on an interface |
950 |
Disabling and enabling hello padding on an interface |
950 |
Changing the hello interval |
950 |
Changing the hello multiplier |
951 |
Changing the metric added to advertised routes |
951 |
Displaying IPv4 IS-IS information |
952 |
Displaying the IS-IS configuration in the running-config |
952 |
Displaying the name mappings |
952 |
Displaying neighbor information |
953 |
Displaying IS-IS Syslog messages |
954 |
Displaying interface information |
955 |
Displaying route information |
958 |
Displaying LSP database entries |
959 |
Displaying traffic statistics |
962 |
Displaying error statistics |
963 |
Clearing IS-IS information |
964 |
BiDirectional Forwarding Detection (BFD) |
967 |
Configuring BFD parameters |
968 |
Number of BFD sessions supported |
968 |
Disabling BFD Syslog messages |
968 |
Displaying Bidirectional Forwarding Detection information |
969 |
Displaying BFD information on a router |
969 |
Clearing BFD neighbor sessions |
973 |
Configuring BFD for the specified protocol |
973 |
Configuring BFD for OSPFv2 |
973 |
Configuring BFD for OSPFv3 |
974 |
Configuring BFD for IS-IS |
974 |
Configuring Secure Shell |
977 |
Overview of Secure Shell (SSH) |
977 |
SSH version 2 support |
977 |
Supported features |
978 |
Configuring SSH |
978 |
Generating a host key pair |
979 |
Configuring DSA challenge-response authentication |
980 |
Disabling 3-DES |
985 |
Displaying SSH connection information |
985 |
Using secure copy |
986 |
Configuring Multi-Device Port Authentication |
989 |
How multi-device port authentication works |
989 |
RADIUS authentication |
989 |
Authentication-failure actions |
990 |
Supported RADIUS attributes |
990 |
Dynamic VLAN and ACL assignments |
990 |
Support for authenticating multiple MAC addresses on an interface |
991 |
Support for multi-device port authentication and 802.1x on the same interface |
991 |
Configuring multi-device port authentication |
991 |
Enabling multi-device port authentication |
991 |
Configuring an authentication method list for 802.1x |
992 |
Setting RADIUS parameters |
992 |
Specifying the format of the MAC addresses sent to the RADIUS server |
993 |
Specifying the authentication-failure action |
993 |
Defining MAC address filters |
994 |
Configuring dynamic VLAN assignment |
994 |
Specifying to which VLAN a port is moved after its RADIUS-specified VLAN assignment expires |
995 |
Saving dynamic VLAN assignments to the running configuration file |
996 |
Clearing authenticated MAC addresses |
996 |
Disabling aging for authenticated MAC addresses |
997 |
Specifying the aging time for blocked MAC addresses |
997 |
Displaying multi-device port authentication information |
998 |
Displaying authenticated MAC address information |
998 |
Displaying multi-device port authentication configuration information |
999 |
Displaying multi-device port authentication information for a specific MAC address or port |
1001 |
Displaying the authenticated MAC addresses |
1002 |
Displaying the non-authenticated MAC addresses |
1002 |
Using the MAC Port Security Feature and Transparent Port Flooding |
1003 |
MAC Port Security |
1003 |
Violation actions |
1003 |
Local and global resources |
1004 |
Configuring the MAC Port Security feature |
1004 |
Enabling the MAC Port Security feature |
1004 |
Setting the maximum number of secure MAC addresses for an interface |
1005 |
Specifying static secure MAC addresses |
1006 |
Enabling dynamic MAC address learning |
1006 |
Denying specific MAC addresses |
1006 |
Autosaving secure MAC addresses to the startup-config |
1006 |
Setting the MAC Port Security age timer |
1007 |
Defining security violation actions |
1007 |
Shutdown the interface |
1008 |
Restricting interface access |
1008 |
Denying a MAC address |
1010 |
Understanding the rules for violation action configuration |
1010 |
Interaction between global and interface level violation actions |
1010 |
Changing the global violation action |
1011 |
Changing the violation action for an interface |
1011 |
Re-enabling an interface |
1012 |
Interface shutdown time |
1012 |
Manually re-enabling a interface |
1012 |
Displaying MAC Port Security information |
1012 |
Displaying MAC Port Security settings |
1012 |
Displaying the secure MAC addresses list on the device |
1013 |
Displaying MAC Port Security statistics |
1014 |
Displaying a list of MAC addresses |
1015 |
Displaying a list of secure and denied MAC addresses |
1015 |
Displaying information when violation action is restrict |
1016 |
Displaying information when violation action is deny |
1016 |
Transparent port flooding |
1017 |
Configuring 802.1x Port Security |
1019 |
Overview of 802.1x port security |
1019 |
IETF RFC support |
1019 |
How 802.1x port security works |
1019 |
Device roles in an 802.1x configuration |
1019 |
Communication between the devices |
1020 |
Controlled and uncontrolled ports |
1021 |
Message exchange during authentication |
1022 |
Authenticating multiple clients connected to the same port |
1024 |
802.1x port security and sFlow |
1026 |
Configuring 802.1x port security |
1026 |
Configuring an authentication method list for 802.1x |
1027 |
Setting RADIUS parameters |
1027 |
Configuring dynamic VLAN assignment for 802.1x ports |
1028 |
Disabling and enabling strict security mode for dynamic filter assignment |
1029 |
Dynamically applying existing ACLs or MAC address filter |
1030 |
Configuring per-user IP ACLs or MAC address filters |
1032 |
Enabling 802.1x port security |
1032 |
Setting the port control |
1033 |
Configuring periodic re-authentication |
1034 |
Re-authenticating a port manually |
1034 |
Setting the quiet period |
1035 |
Setting the interval for retransmission of EAP-request/ identity frames |
1035 |
Specifying the number of EAP-request/identity frame retransmissions |
1035 |
Specifying a timeout for retransmission of messages to the authentication server |
1036 |
Specifying a timeout for retransmission of EAP-request frames to the client |
1036 |
Initializing 802.1x on a port |
1036 |
Allowing multiple 802.1x clients to authenticate |
1036 |
Displaying 802.1x information |
1038 |
Displaying 802.1x configuration information |
1038 |
Displaying 802.1x statistics |
1040 |
Clearing 802.1x statistics |
1041 |
Displaying dynamically assigned VLAN information |
1041 |
Displaying information on MAC address filters and IP ACLs on an interface |
1042 |
Displaying information about the dot1x-mac-sessions on each port |
1043 |
Sample 802.1x configurations |
1045 |
Point-to-point configuration |
1045 |
Hub configuration |
1046 |
Protecting Against Denial of Service Attacks |
1049 |
Protecting against Smurf attacks |
1049 |
Avoiding being an intermediary in a Smurf attack |
1050 |
ACL-based DOS-attack prevention |
1050 |
Protecting against TCP SYN attacks |
1051 |
TCP security enhancement |
1052 |
Displaying statistics due DoS attacks |
1053 |
Clear DoS attack statistics |
1054 |
Inspecting and Tracking DHCP Packets |
1055 |
Dynamic ARP inspection |
1055 |
ARP attacks |
1055 |
How DAI works |
1056 |
Limits and restrictions |
1057 |
Configuring DAI |
1057 |
Displaying ARP inspection status and ports |
1058 |
Displaying the ARP table |
1059 |
DHCP snooping |
1060 |
How DHCP snooping works |
1060 |
System reboot and the binding database |
1061 |
Configuring DHCP snooping |
1061 |
DHCP relay agent information (DHCP option 82) |
1062 |
Disabling option 82 processing |
1063 |
Displaying DHCP snooping status and ports |
1063 |
DHCP snooping configuration example |
1064 |
IP source guard |
1064 |
Limits and restrictions |
1065 |
Enabling IP source guard |
1065 |
Securing SNMP Access |
1067 |
Establishing SNMP community strings |
1067 |
Encryption of SNMP community strings |
1067 |
Adding an SNMP community string |
1067 |
Displaying the SNMP community strings |
1068 |
Using the user-based security model |
1069 |
Configuring your NMS |
1069 |
Configuring SNMP version 3 on the BigIron RX |
1069 |
Defining the engine ID |
1070 |
Defining an SNMP group |
1070 |
Defining an SNMP user account |
1071 |
Displaying the engine ID |
1073 |
Displaying SNMP groups |
1073 |
Displaying user information |
1074 |
Interpreting varbinds in report packets |
1074 |
Defining SNMP views |
1074 |
SNMP v3 configuration examples |
1075 |
Enabling the Foundry Discovery Protocol (FDP) and Reading Cisco Discovery Protocol (CDP) Packets |
1077 |
Using FDP |
1077 |
Configuring FDP |
1077 |
Displaying FDP information |
1078 |
Clearing FDP and CDP information |
1081 |
Reading CDP packets |
1082 |
Enabling interception of CDP packets globally |
1082 |
Enabling interception of CDP packets on an interface |
1082 |
Displaying CDP information |
1082 |
Clearing CDP information |
1084 |
Remote Network Monitoring |
1087 |
Basic management |
1087 |
Viewing system information |
1087 |
Viewing configuration information |
1087 |
Viewing port statistics |
1087 |
Viewing STP statistics |
1087 |
Clearing statistics |
1088 |
RMON support |
1088 |
Statistics (RMON group 1) |
1088 |
History (RMON group 2) |
1091 |
Alarm (RMON group 3) |
1091 |
Event (RMON group 9) |
1091 |
Configuring sFlow |
1093 |
Configuration considerations |
1093 |
Configuring and enabling sFlow |
1094 |
ACL-based inbound sFlow |
1098 |
Displaying sFlow information |
1101 |
Display sFlow configuration and statistics |
1101 |
Displaying sFlow counters |
1102 |
Clearing sFlow statistics |
1102 |
Multiple Spanning Tree Protocol (MSTP) 802.1s |
1105 |
802.1s Multiple Spanning Tree Protocol |
1105 |
Multiple spanning-tree regions |
1105 |
Configuring MSTP |
1107 |
Setting the MSTP name |
1107 |
Setting the MSTP revision number |
1107 |
Configuring an MSTP instance |
1108 |
Configuring port priority and port path cost |
1108 |
Configuring bridge priority for an MSTP instance |
1108 |
Setting the MSTP global parameters |
1109 |
Setting ports to be operational edge ports |
1109 |
Setting point-to-point link |
1109 |
Disabling MSTP on a port |
1110 |
Forcing ports to transmit an MSTP BPDU |
1110 |
Enabling MSTP on a switch |
1110 |
Displaying MSTP statistics |
1113 |
Displaying MSTP information for a specified instance |
1114 |
Displaying MSTP information for CIST instance 0 |
1115 |
Configuring IP Multicast Traffic Reduction |
1117 |
Enabling IP multicast traffic reduction |
1118 |
Changing the IGMP mode |
1119 |
Modifying the query interval |
1120 |
Modifying the age interval |
1120 |
Filtering multicast groups |
1120 |
Static IGMP membership |
1121 |
PIM SM traffic snooping |
1123 |
Application examples |
1124 |
Configuration requirements |
1125 |
Enabling PIM SM traffic snooping |
1126 |
Multicast traffic reduction per VLAN |
1127 |
Displaying IP multicast information |
1127 |
Displaying multicast information |
1127 |
Displaying IP multicast statistics |
1128 |
Clearing IP multicast statistics |
1129 |
Clearing IGMP group flows |
1129 |
IPv6 Addressing |
1131 |
IPv6 addressing |
1131 |
IPv6 address types |
1132 |
IPv6 stateless autoconfiguration |
1134 |
Configuring Basic IPv6 Connectivity |
1135 |
Enabling IPv6 routing |
1135 |
Configuring IPv6 on each router interface |
1135 |
Configuring a global or site-local IPv6 address |
1136 |
Configuring a link-local IPv6 address |
1137 |
Configuring IPv6 anycast addresses |
1138 |
Configuring the management port for an IPv6 automatic address configuration |
1138 |
IPv6 host support |
1138 |
Restricting SNMP access to an IPv6 node |
1138 |
Specifying an IPv6 SNMP trap receiver |
1139 |
Restricting web management access to an IPv6 host by specifying an IPv6 ACL |
1139 |
Restricting web management access to an IPv6 host |
1139 |
Configuring an IPv6 Syslog server |
1139 |
Configuring an IPv6 host address for a BigIron RX running a switch image |
1140 |
Configuring a global or site-local IPv6 address with a manually configured interface ID as the switch’s system-wide address |
1140 |
Configuring a global or site-local IPv6 address with an automatically computed EUI-64 interface ID as the switch’s system-wide address |
1141 |
Configuring a link-local IPv6 address as the switch’s system-wide address |
1141 |
Configuring IPv4 and IPv6 protocol stacks |
1142 |
Configuring IPv6 Domain Name Server (DNS) resolver |
1143 |
Defining a DNS entry |
1143 |
ECMP load sharing for IPv6 |
1144 |
Disabling or re-enabling ECMP load sharing for IPv6 |
1144 |
Changing the maximum number of load sharing paths for IPv6 |
1145 |
Changing the ECMP load-sharing method for IPv6 |
1145 |
DHCP relay agent for IPv6 |
1145 |
Configuring DHCP for IPv6 relay agent |
1146 |
Displaying DHCP relay information |
1146 |
Enabling support for network-based ECMP load sharing for IPv6 |
1146 |
Displaying ECMP load-sharing information for IPv6 |
1146 |
Configuring IPv6 ICMP |
1147 |
Configuring ICMP rate limiting |
1147 |
Disabling or reenabling ICMP redirect messages |
1148 |
Configuring IPv6 neighbor discovery |
1148 |
Neighbor solicitation and advertisement messages |
1149 |
Router advertisement and solicitation messages |
1150 |
Neighbor redirect messages |
1150 |
Setting neighbor solicitation parameters for duplicate address detection |
1150 |
Setting IPv6 router advertisement parameters |
1151 |
Controlling prefixes advertised in IPv6 router advertisement messages |
1152 |
Setting flags in IPv6 router advertisement messages |
1153 |
Enabling and disabling IPv6 router advertisements |
1153 |
Configuring reachable time for remote IPv6 nodes |
1154 |
Changing the IPv6 MTU |
1154 |
Configuring static neighbor entries |
1155 |
Limiting the number of hops an IPv6 packet can traverse |
1155 |
QoS for IPv6 traffic |
1156 |
Clearing global IPv6 information |
1156 |
Clearing the IPv6 cache |
1156 |
Clearing IPv6 neighbor information |
1157 |
Clearing IPv6 routes from the IPv6 route table |
1157 |
Clearing IPv6 traffic statistics |
1158 |
Deleting IPv6 session flows |
1158 |
Displaying global IPv6 information |
1158 |
Displaying IPv6 cache information |
1158 |
Displaying IPv6 interface information |
1159 |
Displaying IPv6 neighbor information |
1161 |
Displaying the IPv6 route table |
1163 |
Displaying local IPv6 routers |
1164 |
Displaying IPv6 TCP information |
1165 |
Displaying IPv6 traffic statistics |
1168 |
Configuring RIPng |
1173 |
Configuring RIPng |
1173 |
Enabling RIPng |
1173 |
Configuring RIPng timers |
1174 |
Configuring route learning and advertising parameters |
1175 |
Redistributing routes into RIPng |
1177 |
Controlling distribution of routes through RIPng |
1177 |
Configuring poison reverse parameters |
1178 |
Clearing RIPng routes from IPv6 route table |
1178 |
Displaying RIPng information |
1178 |
Displaying RIPng configuration |
1179 |
Displaying RIPng routing table |
1179 |
Configuring BGP4+ |
1181 |
Address family configuration level |
1181 |
Configuring BGP4+ |
1182 |
Enabling BGP4+ |
1182 |
Configuring BGP4+ neighbors using global or site-local IPv6 addresses |
1183 |
Adding BGP4+ neighbors using link-local addresses |
1184 |
Configuring a BGP4+ peer group |
1185 |
Advertising the default BGP4+ route |
1187 |
Importing routes into BGP4+ |
1187 |
Redistributing prefixes into BGP4+ |
1188 |
Aggregating routes advertised to BGP4 neighbors |
1189 |
Using route maps |
1189 |
Clearing BGP4+ information |
1190 |
Removing route flap dampening |
1190 |
Clearing route flap dampening statistics |
1190 |
Clearing BGP4+ local route information |
1191 |
Clearing BGP4+ neighbor information |
1191 |
Clearing and resetting BGP4+ routes in the IPv6 route table |
1194 |
Clearing traffic counters for all BGP4+ neighbors |
1194 |
Displaying BGP4+ information |
1194 |
Displaying the BGP4+ route table |
1195 |
Displaying BGP4+ route information |
1201 |
Displaying BGP4+ route-attribute entries |
1202 |
Displaying the BGP4+ running configuration |
1204 |
Displaying dampened BGP4+ paths |
1204 |
Displaying filtered-out BGP4+ routes |
1205 |
Displaying route flap dampening statistics |
1209 |
Displaying BGP4+ neighbor information |
1211 |
Displaying BGP4+ peer group configuration information |
1234 |
Displaying BGP4+ summary |
1235 |
Configuring IPv6 MBGP |
1239 |
Configuration considerations |
1239 |
Configuring IPv6 MBGP |
1239 |
Setting the maximum number of multicast routes supported |
1240 |
Enabling IPv6 MBGP |
1240 |
Adding IPv6 MBGP neighbors |
1240 |
Optional configuration tasks |
1241 |
Aggregating routes advertised to IPv6 BGP neighbors |
1244 |
Displaying IPv6 MBGP information |
1244 |
Displaying summary MBGP information |
1245 |
Displaying the Active MBGP Configuration |
1245 |
Displaying MBGP neighbors |
1246 |
Displaying MBGP routes |
1247 |
Displaying the IPv6 multicast route table |
1248 |
IPv6 Access Control Lists (ACLs) |
1249 |
IPv6 ACLs |
1249 |
Using IPv6 ACLs as input to other features |
1250 |
Configuring an IPv6 ACL |
1250 |
Example configurations |
1250 |
Default and implicit IPv6 ACL action |
1252 |
ACL syntax |
1253 |
Applying an IPv6 ACL to an interface |
1258 |
Adding TCP flags to an IPv6 ACL entry |
1258 |
Adding a comment to an IPv6 ACL entry |
1259 |
Displaying ACLs |
1260 |
Configuring OSPF Version 3 |
1261 |
OSPF version 3 |
1261 |
Link state advertisement types for OSPFv3 |
1261 |
Configuring OSPFv3 |
1262 |
Enabling OSPFv3 |
1262 |
Assigning OSPFv3 areas |
1263 |
Configuring virtual links |
1265 |
Changing the reference bandwidth for the cost on OSPFv3 interfaces |
1267 |
Redistributing routes into OSPFv3 |
1268 |
Filtering OSPFv3 routes |
1272 |
Configuring default route origination |
1274 |
Modifying shortest path first timers |
1275 |
Modifying administrative distance |
1276 |
Configuring the OSPFv3 LSA pacing interval |
1277 |
Modifying exit overflow interval |
1277 |
Modifying external link state database limit |
1277 |
Modifying OSPFv3 interface defaults |
1278 |
Disabling or reenabling event logging |
1279 |
Displaying OSPFv3 information |
1279 |
Displaying OSPFv3 area information |
1279 |
Displaying OSPFv3 database Information |
1280 |
Displaying OSPFv3 interface information |
1286 |
Displaying OSPFv3 memory usage |
1289 |
Displaying OSPFv3 neighbor information |
1290 |
Displaying routes redistributed into OSPFv3 |
1292 |
Displaying OSPFv3 route information |
1293 |
Displaying OSPFv3 SPF information |
1295 |
Displaying IPv6 OSPF virtual link information |
1298 |
Displaying OSPFv3 virtual neighbor information |
1298 |
Configuring IPv6 Multicast Features |
1301 |
IPv6 PIM sparse |
1301 |
PIM sparse router types |
1301 |
RP paths and SPT paths |
1302 |
Configuring PIM sparse |
1302 |
IPv6 PIM-sparse mode |
1303 |
Configuring IPv6 PIM-SM on a virtual routing interface |
1303 |
Passive Multicast Route Insertion (PMRI) |
1310 |
Displaying PIM sparse configuration information and statistics |
1311 |
Multicast Listener Discovery and source specific multicast protocols (MLDv2) |
1319 |
MLD version distinctions |
1320 |
Enabling MLDv2 |
1321 |
Enabling source specific multicast |
1321 |
Setting the query interval |
1321 |
Setting the maximum response time |
1322 |
Setting the last listener query count |
1322 |
Setting the last listener query interval |
1322 |
Setting the robustness |
1322 |
Setting the version |
1322 |
Specifying a port version |
1323 |
Specifying a static group |
1323 |
Setting the interface MLD version |
1323 |
Displaying MLD information |
1323 |
Displaying MLD group information |
1323 |
Displaying MLD definitions for an interface |
1324 |
Displaying MLD traffic |
1325 |
Clearing IPv6 MLD traffic |
1326 |
Embedded Rendezvous Point (RP) |
1326 |
Configuring IPv6 Routes |
1329 |
Configuring a static IPv6 route |
1329 |
Configuring a IPv6 multicast route |
1331 |
Using Syslog |
1333 |
Displaying Syslog messages |
1333 |
Configuring the Syslog service |
1335 |
Displaying the Syslog configuration |
1335 |
Disabling or re-enabling Syslog |
1339 |
Specifying a Syslog server |
1339 |
Specifying an additional Syslog server |
1339 |
Disabling logging of a message level |
1340 |
Logging all CLI commands to Syslog |
1340 |
Changing the number of entries the local buffer can hold |
1341 |
Changing the log facility |
1341 |
Displaying the interface name in Syslog messages |
1342 |
Displaying TCP/UDP port numbers in Syslog messages |
1342 |
Syslog messages |
1343 |
Software Specifications |
1363 |
IEEE compliance |
1363 |
RFC compliance |
1363 |
RFC compliance - BGPv4 |
1363 |
RFC compliance - OSPF |
1364 |
RFC compliance - IS-IS |
1364 |
RFC compliance - RIP |
1364 |
RFC compliance - IP Multicast |
1364 |
RFC compliance - general protocols |
1365 |
RFC compliance - management |
1366 |
RFC compliance - IPv6 core |
1366 |
RFC compliance - IPv6 routing |
1367 |
RFC compliance - IPv6 multicast |
1367 |
RFC compliance - IPv6 transitioning |
1367 |
RFC compliance - IPv6 management |
1367 |
Internet drafts |
1367 |
NIAP-CCEVS Certification |
1369 |
NIAP-CCEVS certified Brocade equipment and Ironware releases |
1369 |
Web management access to NIAP-CCEVS certified equipment |
1369 |
Local user password changes |
1370 |
Commands That Require a Reload |
1371 |
Index to the CLI Commands |
1373 |
ACLs (IP) |
1373 |
Numbered ACL |
1373 |
Named ACL |
1374 |
Other ACL commands |
1374 |
ACLs (L2) |
1375 |
BGP4 |
1375 |
FDP/CDP |
1381 |
IP |
1381 |
Metro Ring protocol |
1384 |
IPv6 BGP4+ |
1385 |
IPv6 ACL |
1387 |
IPv6 basic connectivity |
1388 |
IPv6 multicast |
1390 |
IPv6 RIPng |
1391 |
IPv6 OSPFv3 |
1392 |
IS-IS |
1393 |
Metro Ring |
1396 |
MSTP |
1396 |
Multicast (IP) |
1397 |
Multicast (L2) |
1399 |
OSPF version 4 |
1399 |
Port parameters |
1401 |
Port-based routing |
1402 |
Quality of Service (QoS) |
1402 |
Rate limiting |
1404 |
RIP |
1404 |
RMON |
1405 |
RSTP |
1406 |
Security/Management |
1406 |
802.1x Port Security |
1406 |
Access |
1407 |
Authentication method list |
1408 |
Passwords |
1408 |
Privilege level |
1408 |
RADIUS |
1408 |
SNMP access |
1409 |
SSH access |
1409 |
SSL |
1409 |
TACACS and TACACS+ |
1410 |
Telnet access |
1410 |
TFTP access |
1411 |
User account |
1411 |
Web management access |
1411 |
DoS Protection |
1411 |
MAC authentication |
1412 |
MAC port security |
1413 |
Redundant management module |
1414 |
SNMP |
1416 |
SSH |
1416 |
sFlow |
1417 |
STP |
1418 |
SysLog messages |
1418 |
System parameters |
1419 |
Topology |
1420 |
LAG |
1421 |
UDLD |
1421 |
VLAN |
1422 |
VRRP/VRRPE |
1423 |