How it Works
Brocade
Loading...
TurboIron 24X
Configuration Guide
1116 pgs9.53 Mb0
Installation Guide
84 pgs5.15 Mb1
Table of contents
Loading...

Brocade TurboIron 24X Configuration Guide

53-1003053-01
®
30 September 2013
Brocade TurboIron 24X Series
Configuration Guide
Supporting FastIron Software Release 08.0.01
ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, and Vyatta are registered trademarks, and HyperEdge, The Effortless Network, and The On-Demand Data Center are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that accompany it.
The product described by this document may contain “open source” software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd.
Brocade Communications Systems, Incorporated
Corporate and Latin American Headquarters Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 Tel: 1-408-333-8000 Fax: 1-408-333-8101 E-mail: info@brocade.com
European Headquarters Brocade Communications Switzerland Sàrl Centre Swissair Tour B - 4ème étage 29, Route de l'Aéroport Case Postale 105 CH-1215 Genève 15 Switzerland Tel: +41 22 799 5640 Fax: +41 22 799 5641 E-mail: emea-info@brocade.com
Asia-Pacific Headquarters Brocade Communications Systems China HK, Ltd. No. 1 Guanghua Road Chao Yang District Units 2718 and 2818 Beijing 100020, China Tel: +8610 6588 8888 Fax: +8610 6588 9999 E-mail: china-info@brocade.com
Asia-Pacific Headquarters Brocade Communications Systems Co., Ltd. (Shenzhen WFOE) Citic Plaza No. 233 Tian He Road North Unit 1308 – 13th Floor Guangzhou, China Tel: +8620 3891 2000 Fax: +8620 3891 2111 E-mail: china-info@brocade.com
Document History
Title Publication number Summary of changes Date
Brocade TurboIron 24X Series Configuration Guide
53-1003053-01 Release 08.0.00 has been
updated for Release
08.0.01
September 2013
Contents
About This Document
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxi
Device nomenclature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxi
What’s new in this document. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxii
Document conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxii
Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxxii
Notes, cautions, and danger notices . . . . . . . . . . . . . . . . . . . .xxxii
Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii
Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii
Getting technical help or reporting errors . . . . . . . . . . . . . . . . . . . xxxiii
Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiv
Chapter 1 Feature Highlights
Introduction to features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Supported features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Supported management features . . . . . . . . . . . . . . . . . . . . . . . . 1
Supported security features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Supported system-level features . . . . . . . . . . . . . . . . . . . . . . . . . 3
Supported Layer 2 features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Supported Layer 3 features on TurboIron X Series devices . . . . 7
Supported IPv6 management features . . . . . . . . . . . . . . . . . . . . . . . . 8
Unsupported features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Chapter 2 Getting Familiar with Management Applications
Using the management port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
How the management port works. . . . . . . . . . . . . . . . . . . . . . . . 11
CLI Commands for use with the management port. . . . . . . . . .11
Logging on through the CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
On-line help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Command completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Scroll control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Line editing commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Using and port number with CLI commands. . . . . . . . . . . . . . . . . . .15
CLI nomenclature on TurboIron X Series devices . . . . . . . . . . .15
Searching and filtering output from CLI commands . . . . . . . . .15
Using special characters in regular expressions . . . . . . . . . . . .18
Creating an alias for a CLI command . . . . . . . . . . . . . . . . . . . . . 19
Brocade TurboIron 24X Series Configuration Guide iii 53-1003053-01
Logging on through Brocade Network Advisor . . . . . . . . . . . . . . . . .20
Chapter 3 Configuring Basic Software Features
Configuring basic system parameters . . . . . . . . . . . . . . . . . . . . . . . .21
Entering system administration information . . . . . . . . . . . . . . .22
Configuring Simple Network Management Protocol (SNMP)
parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Disabling Syslog messages and traps for CLI access . . . . . . . .26
Configuring an interface as the source for all Telnet packets . 27
Cancelling an outbound Telnet session . . . . . . . . . . . . . . . . . . .28
Specifying a Simple Network Time Protocol (NTPv4) server . . .28
Setting the system clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Limiting broadcast, multicast, and unknown unicast traffic. . . 31
Configuring basic port parameters . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Assigning a port name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Modifying port speed and duplex mode. . . . . . . . . . . . . . . . . . .35
Auto speed detect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Modifying port duplex mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Disabling or re-enabling a port . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Disabling or re-enabling flow control . . . . . . . . . . . . . . . . . . . . .37
Auto-negotiation and advertisement of flow control . . . . . . . . . 37
TurboIron X SeriesConfiguring the Interpacket Gap (IPG) . . . . .38
Changing the Gbps fiber negotiation mode . . . . . . . . . . . . . . . .39
Modifying port priority (QoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Configuring port flap dampening . . . . . . . . . . . . . . . . . . . . . . . .39
Port loop detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Chapter 4 Operations, Administration, and Maintenance
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Determining the software versions installed and
running on a device. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
Determining the flash image version running on the device . .48 Determining the image versions installed in flash memory . . . 48
Flash image verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Image file types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Upgrading software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
Upgrading the boot code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
Upgrading the flash code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Boot code synchronization feature. . . . . . . . . . . . . . . . . . . . . . . 51
Using SNMP to upgrade software . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Changing the block size for TFTP file transfers . . . . . . . . . . . . . . . . . 52
Rebooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Displaying the boot preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
iv Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Loading and saving configuration files . . . . . . . . . . . . . . . . . . . . . . .54
Replacing the startup configuration with the
running configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Replacing the running configuration with the
startup configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Logging changes to the startup-config file. . . . . . . . . . . . . . . . .55
Copying a configuration file to or from a TFTP server . . . . . . . . 55
Dynamic configuration loading . . . . . . . . . . . . . . . . . . . . . . . . . .56
Maximum file sizes for startup-config file and running-config . 58
Scheduling a system reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
Reloading at a specific time . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
Reloading after a specific amount of time. . . . . . . . . . . . . . . . .59
Displaying the amount of time remaining
before a scheduled reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Canceling a scheduled reload. . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Diagnostic error codes and remedies for TFTP transfers. . . . . . . . .60
Chapter 5 Securing Access to Management Functions
Securing access methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Restricting remote access to management functions . . . . . . . . . . .65
Using ACLs to restrict remote access . . . . . . . . . . . . . . . . . . . . .65
Defining the console idle time . . . . . . . . . . . . . . . . . . . . . . . . . .67
Restricting remote access to the device to specific IP addresses68 Restricting access to the device based on IP or
MAC address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
Specifying the maximum number of login attempts
for Telnet access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70
Restricting remote access to the device to specific
VLAN IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Designated VLAN for Telnet management sessions to a Layer 2
Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Device management security . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Disabling specific access methods. . . . . . . . . . . . . . . . . . . . . . . 72
Setting passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Setting a Telnet password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Setting passwords for management privilege levels . . . . . . . . . 74
Recovering from a lost password . . . . . . . . . . . . . . . . . . . . . . . . 77
Displaying the SNMP community string . . . . . . . . . . . . . . . . . . . 77
Specifying a minimum password length. . . . . . . . . . . . . . . . . . . 77
Setting up local user accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Enhancements to username and password . . . . . . . . . . . . . . .78
Configuring a local user account . . . . . . . . . . . . . . . . . . . . . . . .82
Create password option. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Changing a local user password . . . . . . . . . . . . . . . . . . . . . . . . .84
Brocade TurboIron 24X Series Configuration Guide v 53-1003053-01
Configuring TACACS/TACACS+ security . . . . . . . . . . . . . . . . . . . . . . .84
How TACACS+ differs from TACACS. . . . . . . . . . . . . . . . . . . . . . .85
TACACS/TACACS+ authentication, authorization,
and accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
TACACS authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
TACACS/TACACS+ configuration considerations . . . . . . . . . . . .89
Enabling TACACS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89
Identifying the TACACS/TACACS+ servers. . . . . . . . . . . . . . . . . . 90
Specifying different servers for individual AAA functions . . . . . 90
Setting optional TACACS/TACACS+ parameters. . . . . . . . . . . . .91
Configuring authentication-method lists for TACACS/TACACS+ 92
Configuring TACACS+ authorization . . . . . . . . . . . . . . . . . . . . . .94
Configuring TACACS+ accounting . . . . . . . . . . . . . . . . . . . . . . . . 97
Configuring an interface as the source for all
TACACS/TACACS+ packets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
Displaying TACACS/TACACS+ statistics and
configuration information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
Configuring RADIUS security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100
RADIUS authentication, authorization, and accounting . . . . .100
RADIUS configuration considerations. . . . . . . . . . . . . . . . . . . .103
RADIUS configuration procedure . . . . . . . . . . . . . . . . . . . . . . .104
Configuring Brocade-specific attributes on the RADIUS server104
Enabling SNMP to configure RADIUS . . . . . . . . . . . . . . . . . . . .105
Identifying the RADIUS server to the device. . . . . . . . . . . . . . .106
Specifying different servers for individual AAA functions . . . .106
Configuring a RADIUS server per port . . . . . . . . . . . . . . . . . . .106
Mapping a RADIUS server to individual ports . . . . . . . . . . . . . 107
Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .108
Configuring authentication-method lists for RADIUS. . . . . . . .109
Configuring RADIUS authorization . . . . . . . . . . . . . . . . . . . . . .111
Configuring RADIUS accounting . . . . . . . . . . . . . . . . . . . . . . . .113
Configuring an interface as the source for all
RADIUS packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114
Displaying RADIUS configuration information . . . . . . . . . . . . .114
Configuring authentication-method lists . . . . . . . . . . . . . . . . . . . . .115
Configuration considerations for authentication- method lists116
Examples of authentication-method lists. . . . . . . . . . . . . . . . .117
Chapter 6 Configuring SSH2 and SCP
SSH version 2 support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119
Tested SSH2 clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
Supported features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
Unsupported features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
AES encryption for SSH2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121
Configuring SSH2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121
Recreating SSH keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122
Generating a host key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . .122
Configuring DSA challenge-response authentication . . . . . . .123
vi Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Setting optional parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125
Setting the number of SSH authentication retries . . . . . . . . .126
Deactivating user authentication . . . . . . . . . . . . . . . . . . . . . . .126
Enabling empty password logins. . . . . . . . . . . . . . . . . . . . . . . .126
Setting the SSH port number . . . . . . . . . . . . . . . . . . . . . . . . . .127
Setting the SSH login timeout value. . . . . . . . . . . . . . . . . . . . .127
Designating an interface as the source for all SSH
packets (Layer 3 code only). . . . . . . . . . . . . . . . . . . . . . . . . . . .127
Configuring the maximum idle time for SSH sessions . . . . . .128
Filtering SSH access using ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . .128
Terminating an active SSH connection . . . . . . . . . . . . . . . . . . . . . .128
Displaying SSH connection information . . . . . . . . . . . . . . . . . . . . .128
Using Secure copy with SSH2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Enabling and disabling SCP . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Example file transfers using SCP . . . . . . . . . . . . . . . . . . . . . . .130
Chapter 7 Configuring IPv6 Connectivity
IPv6 addressing overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133
IPv6 address types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134
IPv6 stateless autoconfiguration . . . . . . . . . . . . . . . . . . . . . . .136
IPv6 CLI command support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136
Configuring an IPv6 host address on a Layer 2 switch. . . . . . . . . .137
Enabling IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
Configuring a global or site-local IPv6 address with a
manually configured interface ID . . . . . . . . . . . . . . . . . . . . . . .138
Configuring the management port for an IPv6 automatic address
configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
Configuring basic IPv6 connectivity on a Layer 3 switch . . . . . . . .138
Configuring IPv6 on each router interface . . . . . . . . . . . . . . . .138
IPv6 management (IPv6 host support) . . . . . . . . . . . . . . . . . . . . . .141
Restricting SNMP access to an IPv6 node. . . . . . . . . . . . . . . .141
Specifying an IPv6 SNMP trap receiver . . . . . . . . . . . . . . . . . .141
SNMP V3 over IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141
SNTP over IPv6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142
Secure Shell, SCP, and IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . .142
IPv6 Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142
Configuring name-to-IPv6 address resolution using IPv6 DNS
resolver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143
Defining an IPv6 DNS entry. . . . . . . . . . . . . . . . . . . . . . . . . . . .143
Using the IPv6 copy command . . . . . . . . . . . . . . . . . . . . . . . . .143
Using the IPv6 ncopy command . . . . . . . . . . . . . . . . . . . . . . . .145
IPv6 ping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147
Configuring an IPv6 Syslog server . . . . . . . . . . . . . . . . . . . . . .148
Viewing IPv6 SNMP server addresses . . . . . . . . . . . . . . . . . . .149
Disabling IPv6 on a Layer 2 switch. . . . . . . . . . . . . . . . . . . . . .149
Brocade TurboIron 24X Series Configuration Guide vii 53-1003053-01
Clearing global IPv6 information . . . . . . . . . . . . . . . . . . . . . . . . . . .150
Clearing the IPv6 cache. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .150
Clearing IPv6 neighbor information . . . . . . . . . . . . . . . . . . . . .150
Clearing IPv6 traffic statistics . . . . . . . . . . . . . . . . . . . . . . . . . .151
Displaying global IPv6 information. . . . . . . . . . . . . . . . . . . . . . . . . .151
Displaying IPv6 cache information . . . . . . . . . . . . . . . . . . . . . .151
Displaying IPv6 interface information. . . . . . . . . . . . . . . . . . . .152
Displaying IPv6 neighbor information. . . . . . . . . . . . . . . . . . . .154
Displaying IPv6 TCP information . . . . . . . . . . . . . . . . . . . . . . . .155
Displaying IPv6 traffic statistics . . . . . . . . . . . . . . . . . . . . . . . .158
Chapter 8 Securing SNMP Access
SNMP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
Establishing SNMP community strings . . . . . . . . . . . . . . . . . . . . . .164
Encryption of SNMP community strings . . . . . . . . . . . . . . . . . .164
Adding an SNMP community string . . . . . . . . . . . . . . . . . . . . .164
Displaying the SNMP community strings . . . . . . . . . . . . . . . . .166
Configuring your NMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .166
Configuring SNMP version 3 . . . . . . . . . . . . . . . . . . . . . . . . . . .167
Defining the engine id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167
Defining an SNMP group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .168
Defining an SNMP user account. . . . . . . . . . . . . . . . . . . . . . . .169
Defining SNMP views . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170
SNMP version 3 traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Defining an SNMP group and specifying which
view is notified of traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Defining the UDP port for SNMP v3 traps . . . . . . . . . . . . . . . .172
Trap MIB changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173
Specifying an IPv6 host as an SNMP trap receiver . . . . . . . . .173
Displaying SNMP Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Displaying the Engine ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Displaying SNMP groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Displaying user information. . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Interpreting varbinds in report packets . . . . . . . . . . . . . . . . . .175
SNMP v3 Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . .175
Simple SNMP v3 configuration . . . . . . . . . . . . . . . . . . . . . . . . .175
More detailed SNMP v3 configuration . . . . . . . . . . . . . . . . . . . 176
Chapter 9 Enabling the Foundry Discovery Protocol and Reading Cisco
Discovery Protocol Packets
Using FDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Configuring FDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Displaying FDP information. . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Clearing FDP and CDP information. . . . . . . . . . . . . . . . . . . . . .181
viii Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Reading CDP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .182
Enabling interception of CDP packets globally . . . . . . . . . . . .182
Enabling interception of CDP packets on an interface . . . . . .182
Displaying CDP information. . . . . . . . . . . . . . . . . . . . . . . . . . . .182
Clearing CDP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
Chapter 10 Configuring LLDP
Terms used in this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187
LLDP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .188
Benefits of LLDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189
General operating principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189
Operating modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189
LLDP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190
TLV support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190
MIB support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193
Syslog messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194
Configuring LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194
Configuration notes and considerations . . . . . . . . . . . . . . . . .194
Enabling and disabling LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . .195
Changing a port LLDP operating mode . . . . . . . . . . . . . . . . . .195
Specifying the maximum number of LLDP neighbors. . . . . . .196
Enabling LLDP SNMP notifications and syslog messages . . . 197 Changing the minimum time between LLDP transmissions . .198 Changing the interval between regular LLDP transmissions .199
Changing the holdtime multiplier for transmit TTL . . . . . . . . .199
Changing the minimum time between port reinitializations. .199
LLDP TLVs advertised by the device . . . . . . . . . . . . . . . . . . . . .200
Displaying LLDP statistics and configuration settings. . . . . . .205
LLDP configuration summary . . . . . . . . . . . . . . . . . . . . . . . . . .205
LLDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .206
LLDP neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207
LLDP neighbors detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208
LLDP configuration details . . . . . . . . . . . . . . . . . . . . . . . . . . . .210
Resetting LLDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211
Clearing cached LLDP neighbor information. . . . . . . . . . . . . . . . . .211
Chapter 11 Monitoring Hardware Components
Hardware support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213
Brocade TurboIron 24X Series Configuration Guide ix 53-1003053-01
Digital optical monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213
Supported media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213
Media not supported . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214
Supported media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214
Media not supported . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214
Configuration limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214
Enabling digital optical monitoring . . . . . . . . . . . . . . . . . . . . . .214
Setting the alarm interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215
Displaying information about installed media . . . . . . . . . . . . .215
Viewing optical monitoring information . . . . . . . . . . . . . . . . . .216
Syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218
Chapter 12 Using Syslog
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221
Displaying Syslog messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222
Enabling real-time display of Syslog messages. . . . . . . . . . . .222
Enabling real-time display for a Telnet or SSH session . . . . . .222
Show log on all terminals . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223
Configuring the Syslog service . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223
Displaying the Syslog configuration . . . . . . . . . . . . . . . . . . . . .223
Disabling or re-enabling Syslog. . . . . . . . . . . . . . . . . . . . . . . . .227
Specifying a Syslog server. . . . . . . . . . . . . . . . . . . . . . . . . . . . .227
Specifying an additional Syslog server. . . . . . . . . . . . . . . . . . .227
Disabling logging of a message level . . . . . . . . . . . . . . . . . . . .228
Changing the number of entries the local buffer can hold. . .228
Changing the log facility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228
Displaying Interface names in Syslog messages. . . . . . . . . . .229
Displaying TCP or UDP port numbers in Syslog messages . . .230
Clearing the Syslog messages from the local buffer . . . . . . . .230
Appendix 13 Network Monitoring
Basic management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231
Viewing system information . . . . . . . . . . . . . . . . . . . . . . . . . . .231
Viewing configuration information . . . . . . . . . . . . . . . . . . . . . .232
Viewing port statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232
Viewing STP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234
Clearing statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234
Traffic counters for outbound traffic. . . . . . . . . . . . . . . . . . . . .235
RMON support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238
Maximum number of entries allowed in the
RMON control table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238
Statistics (RMON group 1). . . . . . . . . . . . . . . . . . . . . . . . . . . . .238
History (RMON group 2). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240
Alarm (RMON group 3). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241
Event (RMON group 9). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241
x Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
sFlow support for IPv6 packets. . . . . . . . . . . . . . . . . . . . . . . . .242
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .243
Configuring and enabling sFlow . . . . . . . . . . . . . . . . . . . . . . . .244
Displaying sFlow information . . . . . . . . . . . . . . . . . . . . . . . . . .249
Configuring a utilization list for an uplink port . . . . . . . . . . . . . . . .251
Command syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
Displaying utilization percentages for an uplink . . . . . . . . . . .252
Chapter 14 Configuring Basic Layer 2 Features
Enabling or disabling the Spanning Tree Protocol (STP). . . . . . . . .255
Modifying STP bridge and port parameters . . . . . . . . . . . . . . .256
Changing the MAC age time and disabling MAC address learning256
Disabling the automatic learning of MAC addresses . . . . . . .256
Displaying the MAC address table . . . . . . . . . . . . . . . . . . . . . .257
Configuring static MAC entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . .257
Multi-port static MAC address. . . . . . . . . . . . . . . . . . . . . . . . . .258
Configuring VLAN-based static MAC entries . . . . . . . . . . . . . . . . . .259
Enabling port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259
Assigning IEEE 802.1Q tagging to a port . . . . . . . . . . . . . . . . .260
Defining MAC address filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .260
Configuration notes and limitations . . . . . . . . . . . . . . . . . . . . .261
Command syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .261
Enabling logging of management traffic
permitted by MAC filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263
MAC address filter override for 802.1X-enabled ports. . . . . . . . . .264
MAC address filter override configuration notes . . . . . . . . . . .264
MAC address filter override configuration syntax . . . . . . . . . .264
Displaying and modifying system parameter default settings . . . .265
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .265
Displaying system parameter default values . . . . . . . . . . . . . .265
Modifying system parameter default values . . . . . . . . . . . . . .267
Egress buffer thresholds for QoS priorities . . . . . . . . . . . . . . . . . . .267
Cut-Through Switching Support. . . . . . . . . . . . . . . . . . . . . . . . .269
Default settings for egress buffer thresholds . . . . . . . . . . . . .269
Disabling and re-enabling the default settings
for egress buffer thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . .269
Setting the egress buffer threshold for all QoS
priorities on a port or group of ports . . . . . . . . . . . . . . . . . . . .270
Setting the egress buffer threshold for a specific
QoS priority on a port or group of ports . . . . . . . . . . . . . . . . . .270
Link Fault Signaling (LFS) for 10G . . . . . . . . . . . . . . . . . . . . . . . . . . 271
Jumbo frame support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272
Brocade TurboIron 24X Series Configuration Guide xi 53-1003053-01
Chapter 15 Configuring Metro Features
Topology groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
Master VLAN and member VLANs . . . . . . . . . . . . . . . . . . . . . .273
Control ports and free ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Configuring a topology group . . . . . . . . . . . . . . . . . . . . . . . . . .275
Displaying topology group information . . . . . . . . . . . . . . . . . . . 276
Metro Ring Protocol (MRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .279
MRP rings without shared interfaces (MRP Phase 1) . . . . . . .279
MRP rings with shared interfaces (MRP Phase 2). . . . . . . . . .280
Ring initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282
How ring breaks are detected and healed . . . . . . . . . . . . . . . .285
Alarm RHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
Master VLANs and customer VLANs. . . . . . . . . . . . . . . . . . . . .289
Configuring MRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291
Using MRP diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293
Displaying MRP information . . . . . . . . . . . . . . . . . . . . . . . . . . .294
MRP CLI example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296
Virtual Switch Redundancy Protocol (VSRP) . . . . . . . . . . . . . . . . . .298
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .300
Layer 2 and Layer 3 redundancy . . . . . . . . . . . . . . . . . . . . . . .300
Master election and failover . . . . . . . . . . . . . . . . . . . . . . . . . . .300
VSRP-Aware security features. . . . . . . . . . . . . . . . . . . . . . . . . .305
VSRP parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .305
Configuring basic VSRP parameters. . . . . . . . . . . . . . . . . . . . .308
Configuring optional VSRP parameters . . . . . . . . . . . . . . . . . .309
Displaying VSRP information. . . . . . . . . . . . . . . . . . . . . . . . . . .318
VSRP fast start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321
VSRP and MRP signaling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .322
Chapter 16 Configuring Uni-Directional Link Detection (UDLD)
UDLD overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .325
Enabling UDLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326
Changing the Keepalive interval . . . . . . . . . . . . . . . . . . . . . . . .326
Changing the Keepalive retries . . . . . . . . . . . . . . . . . . . . . . . . .326
UDLD for tagged ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327
Displaying UDLD information . . . . . . . . . . . . . . . . . . . . . . . . . .327
Clearing UDLD statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .329
Chapter 17 Configuring Trunk Groups and Dynamic Link Aggregation
Trunk group overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .331
Trunk group connectivity to a server. . . . . . . . . . . . . . . . . . . . .332
Trunk group rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333
Trunk group configuration examples . . . . . . . . . . . . . . . . . . . .334
Flexible trunk group membership. . . . . . . . . . . . . . . . . . . . . . .334
Trunk group load sharing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
xii Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Configuring a trunk group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
CLI syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
Example 1: Configuring the trunk groups shown in Figure 75337 Example 2: Configuring a trunk group that spans
two Gbps Ethernet modules in a chassis device. . . . . . . . . . .338
Example 3: Configuring a multi-slot trunk group
with one port per module . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
Example 4: Configuring a trunk group of 10 Gbps
Ethernet ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
Additional trunking options . . . . . . . . . . . . . . . . . . . . . . . . . . . .339
Displaying trunk group configuration information . . . . . . . . . . . . .343
Dynamic link aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344
Examples of valid LACP trunk groups . . . . . . . . . . . . . . . . . . . .345
Configuration notes and limitations . . . . . . . . . . . . . . . . . . . . .345
Adaptation to trunk disappearance . . . . . . . . . . . . . . . . . . . . .347
Flexible trunk eligibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347
Enabling dynamic link aggregation. . . . . . . . . . . . . . . . . . . . . .348
How changing the VLAN membership of a port affects
trunk groups and dynamic keys . . . . . . . . . . . . . . . . . . . . . . . .350
Link aggregation parameters . . . . . . . . . . . . . . . . . . . . . . . . . .350
Displaying and determining the status of aggregate links . . . . . . .355
Events that affect the status of ports in an aggregate link. . .355
Displaying link aggregation and port status information . . . .356
Displaying LACP status information . . . . . . . . . . . . . . . . . . . . .358
Clearing the negotiated aggregate links table . . . . . . . . . . . . . . . .358
Configuring single link LACP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .358
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359
CLI syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359
Chapter 18 Configuring Virtual LANs (VLANs)
VLAN overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361
Types of VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361
Default VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .366
802.1Q tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .367
Spanning Tree Protocol (STP) . . . . . . . . . . . . . . . . . . . . . . . . . .369
Virtual routing interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .370
VLAN and virtual routing interface groups . . . . . . . . . . . . . . . .371
Dynamic, static, and excluded port membership . . . . . . . . . .372
Super aggregated VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
Trunk group ports and VLAN membership . . . . . . . . . . . . . . . . 374
Brocade TurboIron 24X Series Configuration Guide xiii 53-1003053-01
Routing between VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
Virtual routing interfaces (Layer 3 Switches only) . . . . . . . . . . 374
Routing between VLANs using virtual routing
interfaces (Layer 3 Switches only) . . . . . . . . . . . . . . . . . . . . . .375
Dynamic port assignment (Layer 2 Switches
and Layer 3 Switches) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376
Assigning a different VLAN ID to the default VLAN . . . . . . . . . 376
Assigning different VLAN IDs to reserved VLANs 4091 and 4092376
Assigning trunk group ports . . . . . . . . . . . . . . . . . . . . . . . . . . .377
Configuring port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . .378
Modifying a port-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . .381
Enable spanning tree on a VLAN . . . . . . . . . . . . . . . . . . . . . . .382
Configuring IP subnet, IPX network andprotocol-based VLANs . . .383
Configuration example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .383
Routing between VLANs using virtual routing
interfaces (Layer 3 Switches only) . . . . . . . . . . . . . . . . . . . . . . . . . .385
Configuring uplink ports within a port-based VLAN . . . . . . . . . . . .391
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .391
Configuration syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .391
Configuring the same IP subnet address on multiple
port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .392
Configuring VLAN groups and virtual routing interface groups . . .395
Configuring a VLAN group . . . . . . . . . . . . . . . . . . . . . . . . . . . . .395
Configuring a virtual routing interface group . . . . . . . . . . . . . .397
Displaying the VLAN group and virtual routing
interface group information . . . . . . . . . . . . . . . . . . . . . . . . . . .398
Allocating memory for more VLANs or virtual routing interfaces398
Configuring super aggregated VLANs . . . . . . . . . . . . . . . . . . . . . . .399
Configuration note . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .403
Configuring aggregated VLANs . . . . . . . . . . . . . . . . . . . . . . . . .403
Verifying the configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . .404
Complete CLI examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404
Configuring 802.1Q-in-Q tagging . . . . . . . . . . . . . . . . . . . . . . . . . . .407
Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .408
Enabling 802.1Q-in-Q tagging. . . . . . . . . . . . . . . . . . . . . . . . . .408
Example configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .409
Configuring private VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .411
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .412
Configuration notes and limitations . . . . . . . . . . . . . . . . . . . . .413
Command syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
CLI example for Figure 52 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415
Dual-mode VLAN ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
Displaying VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .418
Displaying VLANs in alphanumeric order . . . . . . . . . . . . . . . . .418
Displaying system-wide VLAN information . . . . . . . . . . . . . . . .419
Displaying VLAN information for specific ports . . . . . . . . . . . .420
xiv Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Chapter 19 Configuring Port Mirroring and Monitoring
Mirroring support by platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . .423
Configuring port mirroring and monitoring . . . . . . . . . . . . . . . . . . .423
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .424
Monitoring a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .425
Monitoring an individual trunk port . . . . . . . . . . . . . . . . . . . . .425
ACL-based inbound mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .426
Creating an ACL-based inbound mirror clause . . . . . . . . . . . . .426
MAC filter-based mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .430
Configuring MAC filter-based mirroring. . . . . . . . . . . . . . . . . . .430
Chapter 20 Configuring IP
Basic configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .433
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .433
IP interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .434
IP packet flow through a Layer 3 Switch. . . . . . . . . . . . . . . . . .435
IP route exchange protocols . . . . . . . . . . . . . . . . . . . . . . . . . . .439
IP multicast protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .440
IP interface redundancy protocols . . . . . . . . . . . . . . . . . . . . . .440
Access Control Lists and IP access policies. . . . . . . . . . . . . . .440
Basic IP parameters and defaults – Layer 3 Switches. . . . . . . . . .441
When parameter changes take effect . . . . . . . . . . . . . . . . . . .441
IP global parameters – Layer 3 Switches . . . . . . . . . . . . . . . . .442
IP interface parameters – Layer 3 Switches . . . . . . . . . . . . . .445
Basic IP parameters and defaults – Layer 2 Switches. . . . . . . . . .446
IP global parameters – Layer 2 Switches . . . . . . . . . . . . . . . . .446
Interface IP parameters – Layer 2 Switches . . . . . . . . . . . . . .447
Configuring IP parameters – Layer 3 Switches . . . . . . . . . . . . . . . . 447
Configuring IP addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .448
Configuring 31-bit subnet masks on point-to-point networks.450
Configuring packet parameters . . . . . . . . . . . . . . . . . . . . . . . .452
Changing the router ID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .455
Specifying a single source interface for Telnet,
TACACS/TACACS+, or RADIUS Packets . . . . . . . . . . . . . . . . . . .456
Configuring ARP parameters. . . . . . . . . . . . . . . . . . . . . . . . . . .458
Configuring forwarding parameters . . . . . . . . . . . . . . . . . . . . .462
Disabling ICMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . .463
Configuring static routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465
Configuring a default network route . . . . . . . . . . . . . . . . . . . . . 473
Configuring IP load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Configuring IRDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .477
Configuring RARP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .479
Configuring UDP broadcast and IP helper parameters . . . . . .481
Configuring BootP/DHCP relay parameters . . . . . . . . . . . . . . .483
Brocade TurboIron 24X Series Configuration Guide xv 53-1003053-01
Configuring IP parameters – Layer 2 Switches . . . . . . . . . . . . . . . .484
Configuring the management IP address and specifying
the default gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .485
Configuring Domain Name Server (DNS) resolver. . . . . . . . . .486
Changing the TTL threshold . . . . . . . . . . . . . . . . . . . . . . . . . . .487
Configuring DHCP Assist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488
Displaying IP configuration information and statistics . . . . . . . . . .492
Changing the network mask display to prefix format . . . . . . .492
Displaying IP information – Layer 3 Switches . . . . . . . . . . . . .492
Displaying IP information – Layer 2 Switches . . . . . . . . . . . . .506
Chapter 21 Configuring Spanning Tree Protocol (STP) Related Features
STP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511
Configuring standard STP parameters. . . . . . . . . . . . . . . . . . . . . . .511
STP parameters and defaults . . . . . . . . . . . . . . . . . . . . . . . . . .512
Enabling or disabling the Spanning Tree Protocol (STP) . . . . .513
Changing STP bridge and port parameters . . . . . . . . . . . . . . .514
STP protection enhancement . . . . . . . . . . . . . . . . . . . . . . . . . . 516
Displaying STP information . . . . . . . . . . . . . . . . . . . . . . . . . . . .517
Configuring STP related features . . . . . . . . . . . . . . . . . . . . . . . . . . .524
802.1W Rapid Spanning Tree (RSTP). . . . . . . . . . . . . . . . . . . .525
802.1W Draft 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .562
Single Spanning Tree (SSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . .566
PVST/PVST+ compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .568
Overview of PVST and PVST+ . . . . . . . . . . . . . . . . . . . . . . . . . .569
VLAN tags and dual mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . .570
Configuring PVST+ support . . . . . . . . . . . . . . . . . . . . . . . . . . . .571
Displaying PVST+ support information. . . . . . . . . . . . . . . . . . .571
Configuration examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .572
PVRST compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .575
BPDU guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .575
Enabling BPDU protection by port. . . . . . . . . . . . . . . . . . . . . . .575
Re-enabling ports disabled by BPDU guard . . . . . . . . . . . . . . .576
Displaying the BPDU guard status . . . . . . . . . . . . . . . . . . . . . . 576
Example console messages . . . . . . . . . . . . . . . . . . . . . . . . . . .577
Root guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .577
Enabling STP root guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .578
Displaying the STP root guard . . . . . . . . . . . . . . . . . . . . . . . . . .578
802.1s Multiple Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . .578
Multiple spanning-tree regions . . . . . . . . . . . . . . . . . . . . . . . . .578
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .580
Configuring MSTP mode and scope . . . . . . . . . . . . . . . . . . . . .580
Configuring additional MSTP parameters . . . . . . . . . . . . . . . .581
Chapter 22 Configuring RIP
RIP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .591
ICMP host unreachable message for undeliverable ARPs . . .591
xvi Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
RIP parameters and defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .592
RIP global parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .592
RIP interface parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .593
Configuring RIP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .593
Enabling RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .593
Configuring metric parameters . . . . . . . . . . . . . . . . . . . . . . . . .594
Changing the administrative distance. . . . . . . . . . . . . . . . . . .595
Configuring redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . .595
Configuring route learning and advertising parameters . . . . .598
Changing the route loop prevention method . . . . . . . . . . . . . .599
Suppressing RIP route advertisement on a VRRP
or VRRPE backup interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .600
Configuring RIP route filters . . . . . . . . . . . . . . . . . . . . . . . . . . .600
Displaying RIP filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .601
Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . . . . . .602
Chapter 23 Configuring OSPF Version 2 (IPv4)
Overview of OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .605
OSPF point-to-point Links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607
Designated routers in multi-access networks . . . . . . . . . . . . .608
Designated router election in multi-access networks . . . . . . .608
OSPF RFC 1583 and 2178 compliance . . . . . . . . . . . . . . . . . .609
Reduction of equivalent AS External LSAs . . . . . . . . . . . . . . . .610
Support for OSPF RFC 2328 Appendix E . . . . . . . . . . . . . . . . .612
Dynamic OSPF activation and configuration . . . . . . . . . . . . . .613
Brocade TurboIron 24X Series Configuration Guide xvii 53-1003053-01
Configuring OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .613
Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .614
OSPF parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .614
Enable OSPF on the router . . . . . . . . . . . . . . . . . . . . . . . . . . . .615
Assign OSPF areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616
Assigning an area range (optional). . . . . . . . . . . . . . . . . . . . . .620
Assigning interfaces to an area . . . . . . . . . . . . . . . . . . . . . . . .620
Modify interface defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . .620
Change the timer for OSPF authentication changes. . . . . . . .623
Block flooding of outbound LSAs on specific OSPF interfaces624
Assign virtual links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .624
Modify virtual link parameters . . . . . . . . . . . . . . . . . . . . . . . . .626
Changing the reference bandwidth for the cost on
OSPF interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .627
Define redistribution filters . . . . . . . . . . . . . . . . . . . . . . . . . . . .629
Prevent specific OSPF routes from being installed in the
IP route table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .631
Modify default metric for redistribution . . . . . . . . . . . . . . . . . .634
Enable route redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . .635
Disable or re-enable load sharing. . . . . . . . . . . . . . . . . . . . . . .636
Configure external route summarization . . . . . . . . . . . . . . . . .637
Configure default route origination. . . . . . . . . . . . . . . . . . . . . .639
Modify SPF timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .640
Modify redistribution metric type . . . . . . . . . . . . . . . . . . . . . . .640
Modify administrative distance. . . . . . . . . . . . . . . . . . . . . . . . .641
Configure OSPF group Link State Advertisement
(LSA) pacing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .642
Modify OSPF traps generated . . . . . . . . . . . . . . . . . . . . . . . . . .642
Modify OSPF standard compliance setting . . . . . . . . . . . . . . .643
Modify exit overflow interval . . . . . . . . . . . . . . . . . . . . . . . . . . .643
Specifying the types of OSPF Syslog messages to log . . . . . .644
Clearing OSPF information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .644
Clearing OSPF neighbor information . . . . . . . . . . . . . . . . . . . .644
Clearing OSPF topology information . . . . . . . . . . . . . . . . . . . . .645
Clearing redistributed routes from the OSPF routing table . . .645
Clearing information for OSPF areas . . . . . . . . . . . . . . . . . . . .645
Displaying OSPF information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .646
Displaying general OSPF configuration information . . . . . . . .646
Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . . 647
Displaying OSPF area information . . . . . . . . . . . . . . . . . . . . . .649
Displaying OSPF neighbor information. . . . . . . . . . . . . . . . . . .649
Displaying OSPF interface information. . . . . . . . . . . . . . . . . . .651
Displaying OSPF route information . . . . . . . . . . . . . . . . . . . . . .653
Displaying OSPF external link state information . . . . . . . . . . .655
Displaying OSPF link state information . . . . . . . . . . . . . . . . . .656
Displaying the data in an LSA . . . . . . . . . . . . . . . . . . . . . . . . . .656
Displaying OSPF virtual neighbor information . . . . . . . . . . . . .657
Displaying OSPF virtual link information . . . . . . . . . . . . . . . . .657
Displaying OSPF ABR and ASBR information. . . . . . . . . . . . . .657
Displaying OSPF trap status . . . . . . . . . . . . . . . . . . . . . . . . . . .658
xviii Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Chapter 24 Configuring BGP4
Overview of BGP4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .660
Relationship between the BGP4 route table and the IP route table 660
How BGP4 selects a path for a route . . . . . . . . . . . . . . . . . . . .661
BGP4 message types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .663
Basic configuration and activation for BGP4 . . . . . . . . . . . . . . . . .665
Note regarding disabling BGP4. . . . . . . . . . . . . . . . . . . . . . . . .665
BGP4 parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .666
When parameter changes take effect . . . . . . . . . . . . . . . . . . .667
Memory considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .668
Memory configuration options obsoleted by dynamic memory669
Basic configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .669
Enabling BGP4 on the router . . . . . . . . . . . . . . . . . . . . . . . . . .669
Changing the router ID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .669
Setting the local AS number . . . . . . . . . . . . . . . . . . . . . . . . . . .670
Adding a loopback interface . . . . . . . . . . . . . . . . . . . . . . . . . . .670
Adding BGP4 neighbors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .671
Adding a BGP4 peer group . . . . . . . . . . . . . . . . . . . . . . . . . . . .677
Optional configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .681
Changing the Keep Alive Time and Hold Time . . . . . . . . . . . . .681
Changing the BGP4 next-hop update timer . . . . . . . . . . . . . . .682
Enabling fast external fallover. . . . . . . . . . . . . . . . . . . . . . . . . .682
Changing the maximum number of paths for
BGP4 load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .683
Customizing BGP4 load sharing . . . . . . . . . . . . . . . . . . . . . . . .684
Specifying a list of networks to advertise. . . . . . . . . . . . . . . . .685
Changing the default local preference . . . . . . . . . . . . . . . . . . .686
Using the IP default route as a valid next hop for
a BGP4 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .687
Advertising the default route. . . . . . . . . . . . . . . . . . . . . . . . . . .687
Changing the default MED (Metric) used for
route redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .687
Enabling next-hop recursion . . . . . . . . . . . . . . . . . . . . . . . . . . .688
Changing administrative distances . . . . . . . . . . . . . . . . . . . . .691
Requiring the first AS to be the neighbor AS . . . . . . . . . . . . . .692
Disabling or re-enabling comparison of the AS-Path length . .692
Enabling or disabling comparison of the router IDs . . . . . . . .693
Configuring the Layer 3 Switch to always compare
Multi-Exit Discriminators (MEDs) . . . . . . . . . . . . . . . . . . . . . . .693
Treating missing MEDs as the worst MEDs . . . . . . . . . . . . . . .694
Configuring route reflection parameters . . . . . . . . . . . . . . . . .694
Aggregating routes advertised to BGP4 neighbors . . . . . . . . .698
Brocade TurboIron 24X Series Configuration Guide xix 53-1003053-01
Modifying redistribution parameters . . . . . . . . . . . . . . . . . . . . . . . .699
Redistributing connected routes. . . . . . . . . . . . . . . . . . . . . . . .699
Redistributing RIP routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .700
Redistributing OSPF external routes. . . . . . . . . . . . . . . . . . . . .700
Redistributing static routes. . . . . . . . . . . . . . . . . . . . . . . . . . . .701
Disabling or re-enabling re-advertisement of all learned
BGP4 routes to all BGP4 neighbors . . . . . . . . . . . . . . . . . . . . .701
Redistributing IBGP routes into RIP and OSPF. . . . . . . . . . . . .701
Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .702
Filtering specific IP addresses . . . . . . . . . . . . . . . . . . . . . . . . .702
Filtering AS-paths. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .703
Filtering communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .707
Defining IP prefix lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .709
Defining neighbor distribute lists . . . . . . . . . . . . . . . . . . . . . . .710
Defining route maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .711
Using a table map to set the rag value. . . . . . . . . . . . . . . . . . . 719
Configuring cooperative BGP4 route filtering. . . . . . . . . . . . . .719
Configuring route flap dampening . . . . . . . . . . . . . . . . . . . . . . . . . .722
Globally configuring route flap dampening . . . . . . . . . . . . . . .723
Using a route map to configure route flap dampening
for specific routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .724
Using a route map to configure route flap dampening for
a specific neighbor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .725
Removing route dampening from a route. . . . . . . . . . . . . . . . .726
Removing route dampening from a neighbor routes
suppressed due to aggregation . . . . . . . . . . . . . . . . . . . . . . . .726
Displaying and clearing route flap dampening statistics . . . .727
Generating traps for BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .729
Displaying BGP4 information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .729
Displaying summary BGP4 information . . . . . . . . . . . . . . . . . .729
Displaying the active BGP4 configuration . . . . . . . . . . . . . . . .731
Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . .732
Displaying summary neighbor information . . . . . . . . . . . . . . .733
Displaying BGP4 neighbor information. . . . . . . . . . . . . . . . . . .735
Displaying peer group information . . . . . . . . . . . . . . . . . . . . . .746
Displaying summary route information . . . . . . . . . . . . . . . . . . 747
Displaying the BGP4 route table. . . . . . . . . . . . . . . . . . . . . . . .748
Displaying BGP4 route-attribute entries . . . . . . . . . . . . . . . . . .754
Displaying the routes BGP4 has placed in the
IP route table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .755
Displaying route flap dampening statistics . . . . . . . . . . . . . . .756
Displaying the active route map configuration . . . . . . . . . . . .757
Updating route information and resetting a neighbor session . . .758
Using soft reconfiguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . .758
Dynamically requesting a route refresh from
a BGP4 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .761
Closing or resetting a neighbor session . . . . . . . . . . . . . . . . . . 764
Clearing and resetting BGP4 routes in the IP route table . . . .764
Clearing traffic counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .765
xx Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Clearing route flap dampening statistics. . . . . . . . . . . . . . . . . . . . .765
Removing route flap dampening . . . . . . . . . . . . . . . . . . . . . . . . . . .765
Clearing diagnostic buffers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .766
Chapter 25 Configuring IP Multicast Traffic Reduction
IGMP snooping overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .767
IGMP V1, V2, and V3 snooping support . . . . . . . . . . . . . . . . . .768
Queriers and non-queriers . . . . . . . . . . . . . . . . . . . . . . . . . . . .768
IGMP snooping enhancements. . . . . . . . . . . . . . . . . . . . . . . . .769
Configuration notes and feature limitations . . . . . . . . . . . . . .769
PIM SM traffic snooping overview . . . . . . . . . . . . . . . . . . . . . . . . . . 771
PIM SM snooping support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 771
Application examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 771
Configuration notes and limitations . . . . . . . . . . . . . . . . . . . . .773
Configuring IGMP snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .773
Enabling IGMP snooping globally on the device . . . . . . . . . . .775
Configuring the IGMP mode . . . . . . . . . . . . . . . . . . . . . . . . . . .775
Configuring the IGMP version . . . . . . . . . . . . . . . . . . . . . . . . . .776
Disabling IGMP snooping on a VLAN . . . . . . . . . . . . . . . . . . . . 776
Disabling transmission and receipt of IGMP packets
on a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .777
Modifying the age interval for group membership entries . . .777 Modifying the query interval (active IGMP snooping
mode only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .777
Modifying the maximum response time. . . . . . . . . . . . . . . . . .778
Configuring report control . . . . . . . . . . . . . . . . . . . . . . . . . . . . .778
Modifying the wait time before stopping traffic when receiving a
leave message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .778
Modifying the multicast cache age time . . . . . . . . . . . . . . . . .779
Enabling or disabling error and warning messages . . . . . . . .779
Configuring static router ports . . . . . . . . . . . . . . . . . . . . . . . . .779
Turning off static group proxy . . . . . . . . . . . . . . . . . . . . . . . . . .779
IGMP V3 membership tracking and fast leave . . . . . . . . . . . .780
Fast leave for IGMP V2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .780
Fast convergence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .781
Configuring PIM SM snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . .781
Enabling or disabling PIM SM snooping. . . . . . . . . . . . . . . . . .781
Enabling PIM SM snooping on a VLAN . . . . . . . . . . . . . . . . . . .782
Disabling PIM SM snooping on a VLAN . . . . . . . . . . . . . . . . . .782
IGMP snooping show commands. . . . . . . . . . . . . . . . . . . . . . . . . . .782
Displaying the IGMP snooping configuration . . . . . . . . . . . . . .782
Displaying IGMP snooping errors . . . . . . . . . . . . . . . . . . . . . . .783
Displaying IGMP group information . . . . . . . . . . . . . . . . . . . . .784
Displaying IGMP snooping mcache information . . . . . . . . . . .785
Displaying software resource usage for VLANs . . . . . . . . . . . .786
Displaying the status of IGMP snooping traffic . . . . . . . . . . . .787
Brocade TurboIron 24X Series Configuration Guide xxi 53-1003053-01
PIM SM snooping show commands. . . . . . . . . . . . . . . . . . . . . . . . .788
Displaying PIM SM snooping information. . . . . . . . . . . . . . . . .788
Displaying PIM SM snooping information on a Layer 2 switch788 Displaying PIM SM snooping information for a specific
group or source group pair . . . . . . . . . . . . . . . . . . . . . . . . . . . .789
Clear commands for IGMP snooping . . . . . . . . . . . . . . . . . . . . . . . .790
Clearing the IGMP mcache . . . . . . . . . . . . . . . . . . . . . . . . . . . .790
Clearing the mcache on a specific VLAN . . . . . . . . . . . . . . . . .790
Clearing traffic on a specific VLAN . . . . . . . . . . . . . . . . . . . . . .791
Clearing IGMP counters on VLANs . . . . . . . . . . . . . . . . . . . . . .791
Chapter 26 Configuring IP Multicast Protocols
Overview of IP multicasting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .793
IPv4 multicast group addresses . . . . . . . . . . . . . . . . . . . . . . . .794
Mapping of IPv4 Multicast group addresses to
Ethernet MAC addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .794
Supported Layer 3 multicast routing protocols . . . . . . . . . . . .794
Multicast terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .794
Changing global IP multicast parameters . . . . . . . . . . . . . . . . . . . .795
Changing dynamic memory allocation for IP multicast groups795
Changing IGMP V1 and V2 parameters . . . . . . . . . . . . . . . . . .796
PIM Dense . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .798
Initiating PIM multicasts on a network . . . . . . . . . . . . . . . . . . .798
Pruning a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .799
Grafts to a multicast Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . .801
PIM DM versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .802
Configuring PIM DM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .802
Failover time in a multi-path topology . . . . . . . . . . . . . . . . . . .806
Modifying the TTL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .806
PIM Sparse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .806
PIM Sparse switch types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .807
RP paths and SPT paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .808
Configuring PIM Sparse. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .808
Displaying PIM Sparse configuration information
and statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 817
Passive multicast route insertion. . . . . . . . . . . . . . . . . . . . . . . . . . .830
Multicast Source Discovery Protocol (MSDP) . . . . . . . . . . . . . . . . .830
Peer Reverse Path Forwarding (RPF) flooding . . . . . . . . . . . . .832
Source active caching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .832
Configuring MSDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .833
Designating an interface IP address as
the RP IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .834
Filtering MSDP source-group pairs . . . . . . . . . . . . . . . . . . . . . .835
MSDP mesh groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .838
Displaying MSDP information . . . . . . . . . . . . . . . . . . . . . . . . . .844
Clearing MSDP information. . . . . . . . . . . . . . . . . . . . . . . . . . . .848
xxii Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Using ACLs to control multicast features. . . . . . . . . . . . . . . . . . . . .849
Using ACLs to limit static RP groups. . . . . . . . . . . . . . . . . . . . .849
Using ACLs to limit PIM RP candidate advertisement . . . . . . .851
Tracing a multicast route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .852
Displaying the multicast configuration for another multicast router853
IGMP V3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .854
Default IGMP version. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .855
Compatibility with IGMP V1 and V2 . . . . . . . . . . . . . . . . . . . . .855
Globally enabling the IGMP version . . . . . . . . . . . . . . . . . . . . .856
Enabling the IGMP version per interface setting. . . . . . . . . . .856
Enabling the IGMP version on a physical port within
a virtual routing interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . .856
Enabling membership tracking and fast leave . . . . . . . . . . . .857
Setting the query interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . .857
Setting the group membership time. . . . . . . . . . . . . . . . . . . . .858
Setting the maximum response time . . . . . . . . . . . . . . . . . . . .858
Displaying IGMP V3 information on Layer 3 Switches. . . . . . .858
Clearing IGMP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .862
Chapter 27 Configuring VRRP and VRRPE
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .863
Overview of VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .864
Overview of VRRPE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .868
Configuration note . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 871
Comparison of VRRP and VRRPE. . . . . . . . . . . . . . . . . . . . . . . . . . . 871
VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 871
VRRPE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .871
Architectural differences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 871
VRRP and VRRPE parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .872
Configuring basic VRRP parameters . . . . . . . . . . . . . . . . . . . . . . . .874
Configuring the Owner. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .875
Configuring a Backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .875
Configuration rules for VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . .875
Configuring basic VRRPE parameters . . . . . . . . . . . . . . . . . . . . . . .875
Configuration rules for VRRPE . . . . . . . . . . . . . . . . . . . . . . . . .876
Note regarding disabling VRRP or VRRPE . . . . . . . . . . . . . . . . . . . .876
Configuring additional VRRP and VRRPE parameters . . . . . . . . . . 876
Forcing a Master router to abdicate to a standby router . . . . . . . .883
Displaying VRRP and VRRPE information . . . . . . . . . . . . . . . . . . . .884
Displaying summary information . . . . . . . . . . . . . . . . . . . . . . .884
Displaying detailed information . . . . . . . . . . . . . . . . . . . . . . . .886
Displaying statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .891
Clearing VRRP or VRRPE statistics . . . . . . . . . . . . . . . . . . . . . .892
Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . .892
Brocade TurboIron 24X Series Configuration Guide xxiii 53-1003053-01
Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .894
VRRP example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .894
VRRPE example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .895
Chapter 28 Configuring Rule-Based IP Access Control Lists
ACL overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .897
Types of IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .898
ACL IDs and entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .898
Numbered and named ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . .899
Default ACL action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .899
How hardware-based ACLs work . . . . . . . . . . . . . . . . . . . . . . . . . . .899
How fragmented packets are processed . . . . . . . . . . . . . . . . .899
Hardware aging of Layer 4 CAM entries . . . . . . . . . . . . . . . . . .900
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .900
Configuring standard numbered ACLs. . . . . . . . . . . . . . . . . . . . . . .901
Standard numbered ACL syntax . . . . . . . . . . . . . . . . . . . . . . . .901
Configuration example for standard numbered ACLs . . . . . . .902
Configuring standard named ACLs . . . . . . . . . . . . . . . . . . . . . . . . .903
Standard named ACL syntax. . . . . . . . . . . . . . . . . . . . . . . . . . .903
Configuration example for standard named ACLs . . . . . . . . . .904
Configuring extended numbered ACLs . . . . . . . . . . . . . . . . . . . . . .905
Extended numbered ACL syntax . . . . . . . . . . . . . . . . . . . . . . . .906
Configuration examples for extended numbered ACLs . . . . . .909
Configuring extended named ACLs . . . . . . . . . . . . . . . . . . . . . . . . .911
Extended named ACL syntax. . . . . . . . . . . . . . . . . . . . . . . . . . . 911
Configuration example for extended named ACLs. . . . . . . . . .915
Preserving user input for ACL TCP/UDP port numbers. . . . . . . . . .915
Managing ACL comment text . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .916
Adding a comment to an entry in a numbered ACL. . . . . . . . .916
Applying an ACL to a virtual interface in a protocol-
or subnet-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 917
Enabling ACL logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 917
Enabling strict control of ACL filtering of fragmented packets. . . .919
Enabling ACL support for switched traffic in the router image . . .920
Enabling ACL filtering based on VLAN membership or VE port
membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .920
Applying an IPv4 ACL to specific VLAN members on
a port (Layer 2 devices only) . . . . . . . . . . . . . . . . . . . . . . . . . . .921
Applying an IPv4 ACL to a subset of ports on a virtual
interface (Layer 3 devices only) . . . . . . . . . . . . . . . . . . . . . . . .922
Filtering on IP precedence and ToS values . . . . . . . . . . . . . . . . . . .922
QoS options for IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .923
DSCP matching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .924
ACL-based rate limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .925
xxiv Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Using ACLs to control multicast features. . . . . . . . . . . . . . . . . . . . .925
Enabling and viewing hardware usage statistics for an ACL . . . . .925
Displaying ACL information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .926
Troubleshooting ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .926
Chapter 29 Configuring Traffic Policies
About traffic policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .929
Configuration notes and feature limitations . . . . . . . . . . . . . . . . . .930
Maximum number of traffic policies supported on a device . . . . .931
Setting the maximum number of traffic policies supported
on a Layer 3 device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .931
ACL-based rate limiting using traffic policies. . . . . . . . . . . . . . . . . .931
Support for fixed rate limiting and adaptive rate limiting . . . .932
Configuring ACL-based fixed rate limiting. . . . . . . . . . . . . . . . .932
Configuring ACL-based adaptive rate limiting . . . . . . . . . . . . .933
Specifying the action to be taken for packets that are
over the limit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .935
ACL and rate limit counting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .936
Enabling ACL statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .937
Enabling ACL statistics with rate limiting traffic policies. . . . .938
Viewing ACL and rate limit counters . . . . . . . . . . . . . . . . . . . . .938
Clearing ACL and rate limit counters . . . . . . . . . . . . . . . . . . . .939
Viewing traffic policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .939
Chapter 30 Configuring 802.1X Port Security
IETF RFC support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .941
How 802.1X port security works . . . . . . . . . . . . . . . . . . . . . . . . . . .941
Device roles in an 802.1X configuration . . . . . . . . . . . . . . . . .941
Communication between the devices . . . . . . . . . . . . . . . . . . .942
Controlled and uncontrolled ports . . . . . . . . . . . . . . . . . . . . . .944
Message exchange during authentication. . . . . . . . . . . . . . . .945
Authenticating multiple hosts connected to the same port . .947
802.1X port security and sFlow . . . . . . . . . . . . . . . . . . . . . . . .950
Brocade TurboIron 24X Series Configuration Guide xxv 53-1003053-01
Configuring 802.1X port security. . . . . . . . . . . . . . . . . . . . . . . . . . .950
Configuring an authentication method list for 802.1X . . . . . .950
Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .951
Configuring dynamic VLAN assignment for 802.1X ports . . . .954
Dynamically applying IP ACLs and MAC filters to
802.1X ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .958
Enabling 802.1X port security. . . . . . . . . . . . . . . . . . . . . . . . . .961
Setting the port control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .962
Configuring periodic re-authentication . . . . . . . . . . . . . . . . . . .963
Re-authenticating a port manually . . . . . . . . . . . . . . . . . . . . . .963
Setting the quiet period. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .964
Specifying the wait interval and number of EAP-request/
identity frame retransmissions . . . . . . . . . . . . . . . . . . . . . . . . .964
Specifying the wait interval and number of EAP-request/
identity frame retransmissions from the RADIUS server . . . .965
Specifying a timeout for retransmission of messages to the
authentication server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .966
Initializing 802.1X on a port . . . . . . . . . . . . . . . . . . . . . . . . . . .966
Allowing access to multiple hosts. . . . . . . . . . . . . . . . . . . . . . .966
Configuring VLAN access for non-EAP-capable clients . . . . . .968
Displaying 802.1X information. . . . . . . . . . . . . . . . . . . . . . . . . . . . .969
Displaying 802.1X configuration information . . . . . . . . . . . . .970
Displaying 802.1X statistics . . . . . . . . . . . . . . . . . . . . . . . . . . .972
Clearing 802.1X statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . .973
Displaying dynamically assigned VLAN information . . . . . . . .973
Displaying information about dynamically applied
MAC filters and IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 974
Displaying 802.1X multiple-host authentication
information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .975
Sample 802.1X configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . .979
Point-to-point configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . 979
Hub configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .981
802.1X Authentication with dynamic VLAN assignment . . . . .983
Using multi-device port authentication and 802.1X security
on the same port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .984
Configuring Brocade-specific attributes on the RADIUS server985
Example configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .986
Chapter 31 Using the MAC Port Security Feature
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .991
Local and global resources . . . . . . . . . . . . . . . . . . . . . . . . . . . .991
Configuration notes and feature limitations . . . . . . . . . . . . . .992
xxvi Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Configuring the MAC port security feature . . . . . . . . . . . . . . . . . . .992
Enabling the MAC port security feature . . . . . . . . . . . . . . . . . .992
Setting the maximum number of secure MAC addresses
for an interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .993
Setting the port security age timer . . . . . . . . . . . . . . . . . . . . . .993
Specifying secure MAC addresses . . . . . . . . . . . . . . . . . . . . . .993
Autosaving secure MAC addresses to the
startup-config file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .994
Specifying the action taken when a security
violation occurs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .995
Clearing port security statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . .996
Clearing restricted MAC addresses. . . . . . . . . . . . . . . . . . . . . .996
Clearing violation statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . .996
Displaying port security information . . . . . . . . . . . . . . . . . . . . . . . .996
Displaying port security settings . . . . . . . . . . . . . . . . . . . . . . . .997
Displaying the secure MAC addresses . . . . . . . . . . . . . . . . . . . 997
Displaying port security statistics . . . . . . . . . . . . . . . . . . . . . . .998
Displaying restricted MAC addresses on a port. . . . . . . . . . . .998
Chapter 32 Configuring Multi-Device Port Authentication
How multi-device port authentication works. . . . . . . . . . . . . . . . . .999
RADIUS authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .999
Authentication-failure actions . . . . . . . . . . . . . . . . . . . . . . . . 1000
Supported RADIUS attributes . . . . . . . . . . . . . . . . . . . . . . . . 1000
Support for dynamic VLAN assignment . . . . . . . . . . . . . . . . .1001
Support for dynamic ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . .1001
Support for authenticating multiple MAC addresses
on an interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1001
Using multi-device port authentication and
802.1X security on the same port . . . . . . . . . . . . . . . . . . . . . . . . .1001
Configuring Brocade-specific attributes on the RADIUS server1002
Configuring multi-device port authentication . . . . . . . . . . . . . . . 1003
Enabling multi-device port authentication . . . . . . . . . . . . . . 1003
Specifying the format of the MAC addresses sent
to the RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1004
Specifying the authentication-failure action . . . . . . . . . . . . 1004
Generating traps for multi-device port authentication . . . . 1005
Defining MAC address filters. . . . . . . . . . . . . . . . . . . . . . . . . 1005
Configuring dynamic VLAN assignment . . . . . . . . . . . . . . . . 1006
Dynamically applying IP ACLs to authenticated MAC
addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1008
Enabling denial of service attack protection . . . . . . . . . . . . .1010
Clearing authenticated MAC addresses. . . . . . . . . . . . . . . . .1011
Disabling aging for authenticated MAC addresses . . . . . . . .1011
Changing the hardware aging period for blocked
MAC addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1012
Specifying the aging time for blocked MAC addresses . . . . .1013
Specifying the RADIUS timeout action . . . . . . . . . . . . . . . . . .1013
Multi-device port authentication password override . . . . . . .1014
Limiting the number of authenticated MAC addresses. . . . .1015
Brocade TurboIron 24X Series Configuration Guide xxvii 53-1003053-01
Displaying multi-device port authentication information . . . . . . .1015
Displaying authenticated MAC address information . . . . . . .1015
Displaying multi-device port authentication configuration
information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1016
Displaying multi-device port authentication information
for a specific MAC address or por t . . . . . . . . . . . . . . . . . . . . .1016
Displaying the authenticated MAC addresses . . . . . . . . . . . .1017
Displaying the non-authenticated MAC addresses . . . . . . . .1017
Displaying multi-device port authentication
information for a port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1018
Displaying multi-device port authentication settings
and authenticated MAC addresses . . . . . . . . . . . . . . . . . . . .1018
Chapter 33 Protecting Against Denial of Service Attacks
Protecting against Smurf attacks. . . . . . . . . . . . . . . . . . . . . . . . . 1023
Avoiding being a victim in a Smurf attack . . . . . . . . . . . . . . .1024
Protection against ICMP attacks. . . . . . . . . . . . . . . . . . . . . . .1024
Protecting against TCP SYN attacks. . . . . . . . . . . . . . . . . . . . . . . 1025
Protection against TCP-SYN attacks . . . . . . . . . . . . . . . . . . . 1025
TCP security enhancement . . . . . . . . . . . . . . . . . . . . . . . . . . 1026
Displaying statistics about packets dropped
because of DoS attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1027
Displaying statistics about packets dropped due to
DoS attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1028
Chapter 34 Configuring Rate Limiting and Rate Shaping
Rate limiting overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1029
Rate limiting in hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1029
How Fixed Rate Limiting works . . . . . . . . . . . . . . . . . . . . . . . 1030
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1030
Configuring a port-based rate limiting policy . . . . . . . . . . . . .1031
Configuring an ACL-based rate limiting policy . . . . . . . . . . . .1031
Displaying the fixed rate limiting configuration . . . . . . . . . . .1031
Rate shaping overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1032
Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1032
Configuring outbound rate shaping for a port . . . . . . . . . . . 1033
Configuring outbound rate shaping for a specific priority. . 1033
Configuring outbound rate shaping for a trunk port . . . . . . 1033
Displaying rate shaping configurations . . . . . . . . . . . . . . . . 1033
Chapter 35 Configuring Quality of Service
Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1035
Processing of classified traffic . . . . . . . . . . . . . . . . . . . . . . . 1035
QoS queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1039
Assigning QoS priorities to traffic . . . . . . . . . . . . . . . . . . . . . 1039
Buffer allocation/threshold for QoS queues . . . . . . . . . . . . .1041
Marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1041
xxviii Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Configuring DSCP-based QoS. . . . . . . . . . . . . . . . . . . . . . . . . . . . .1041
Application notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1042
Using ACLs to honor DSCP-based QoS . . . . . . . . . . . . . . . . . 1042
Configuring the QoS mappings. . . . . . . . . . . . . . . . . . . . . . . . . . . 1042
Default DSCP –> Internal forwarding priority mappings . . . 1042 Changing the DSCP –> internal forwarding priority mappings1043 Changing the internal forwarding priority –> hardware
forwarding queue mappings . . . . . . . . . . . . . . . . . . . . . . . . . 1044
Scheduling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045
QoS Queuing methods. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045
Selecting the QoS queuing method . . . . . . . . . . . . . . . . . . . 1046
Configuring the QoS queues . . . . . . . . . . . . . . . . . . . . . . . . . 1046
Viewing QoS settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1049
Viewing DSCP-based QoS settings. . . . . . . . . . . . . . . . . . . . . . . . 1049
Appendix A Syslog messages
Appendix B Software Specifications
IEEE compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1075
RFC support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1075
Internet drafts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1080
Appendix C NIAP-CCEVS Certification
NIAP-CCEVS certified TurboIron X Series equipment and
Ironware releases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1081
Local user password changes . . . . . . . . . . . . . . . . . . . . . . . . . . . 1082
Brocade TurboIron 24X Series Configuration Guide xxix 53-1003053-01
xxx Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Loading...
+ 1086 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use