Brocade Communications Systems ICX 7250 Series, ICX 7450 Series, ICX 7750 Series Configuration Manual

CONFIGURATION GUIDE

Brocade FastIron Layer 3 Routing Conguration Guide

Supporting FastIron Software Release 8.0.40a

53-1003903-04 20 December 2016

2 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Contents

Preface................................................................................................................................................................................................................................17

Document conventions.........................................................................................................................................................................................................................17

Text formatting conventions......................................................................................................................................................................................................17

Command syntax conventions.................................................................................................................................................................................................17

Notes, cautions, and warnings..................................................................................................................................................................................................18

Brocade resources..................................................................................................................................................................................................................................18

Contacting Brocade Technical Support......................................................................................................................................................................................... 19

Brocade customers.......................................................................................................................................................................................................................19

Brocade OEM customers..........................................................................................................................................................................................................19

Document feedback.............................................................................................................................................................................................................................. 19

About This Document..................................................................................................................................................................................................... 21

Supported hardware and software...................................................................................................................................................................................................21

What’s new in this document............................................................................................................................................................................................................. 21

How command information is presented in this guide............................................................................................................................................................22

ARP - Address Resolution Protocol............................................................................................................................................................................. 23

ARP parameter conguration............................................................................................................................................................................................................ 23

How ARP works.............................................................................................................................................................................................................................23

Rate limiting ARP packets..........................................................................................................................................................................................................24

Changing the ARP aging period..............................................................................................................................................................................................25

Enabling proxy ARP......................................................................................................................................................................................................................25

Creating static ARP entries........................................................................................................................................................................................................26

ARP Packet Validation.................................................................................................................................................................................................................28

Ingress ARP packet priority.......................................................................................................................................................................................................28

Displaying the ARP table ....................................................................................................................................................................................................................29

Reverse Address Resolution Protocol conguration................................................................................................................................................................29

How RARP Diers from BootP and DHCP....................................................................................................................................................................... 29

Disabling RARP..............................................................................................................................................................................................................................30

Creating static RARP entries.....................................................................................................................................................................................................30

Changing the maximum number of static RARP entries supported....................................................................................................................... 30

Dynamic ARP inspection ....................................................................................................................................................................................................................31

ARP poisoning................................................................................................................................................................................................................................31

Dynamic ARP Inspection........................................................................................................................................................................................................... 31

Conguration notes and feature limitations for DAI........................................................................................................................................................32

Dynamic ARP Inspection conguration...............................................................................................................................................................................33

Multi-VRF support for DAI........................................................................................................................................................................................................34

Displaying ARP inspection status and ports......................................................................................................................................................................35

IP Addressing.................................................................................................................................................................................................................... 37

IP addressing overview.........................................................................................................................................................................................................................37

IP conguration overview.....................................................................................................................................................................................................................37

Full Layer 3 support.....................................................................................................................................................................................................................37

IP interfaces......................................................................................................................................................................................................................................38

IP packet ow through a Layer 3 switch.............................................................................................................................................................................. 39

IP route exchange protocols......................................................................................................................................................................................................42

IP multicast protocols...................................................................................................................................................................................................................43

IP interface redundancy protocols..........................................................................................................................................................................................43

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 3

ACLs and IP access policies.....................................................................................................................................................................................................43

Basic IP parameters and defaults - Layer 3 switches.............................................................................................................................................................44

When parameter changes take eect....................................................................................................................................................................................44

IP global parameters - Layer 3 switches.............................................................................................................................................................................44

IP interface parameters - Layer 3 switches........................................................................................................................................................................48

Basic IP parameters and defaults - Layer 2 switches.............................................................................................................................................................49

IP global parameters - Layer 2 switches.............................................................................................................................................................................49

Interface IP parameters - Layer 2 switches........................................................................................................................................................................51

Basic IP conguration........................................................................................................................................................................................................................... 51

Conguring IP parameters - Layer 3 switches...........................................................................................................................................................................51

Conguring IP addresses...........................................................................................................................................................................................................51

Conguring 31-bit subnet masks on point-to-point networks..................................................................................................................................55

Conguring DNS resolver..........................................................................................................................................................................................................56

Conguring packet parameters................................................................................................................................................................................................59

Changing the router ID................................................................................................................................................................................................................62

Specifying a single source interface for specied packet types.................................................................................................................................62

Conguring delay time for notifying VE down event......................................................................................................................................................65

Conguring forwarding parameters....................................................................................................................................................................................... 66

Disabling ICMP messages........................................................................................................................................................................................................ 68

Enabling ICMP redirect messages.........................................................................................................................................................................................70

Conguring a default network route.......................................................................................................................................................................................70

Conguring IP load sharing.......................................................................................................................................................................................................71

ECMP load sharing for IPv6.....................................................................................................................................................................................................75

ICMP Router Discovery Protocol conguration................................................................................................................................................................76

IRDP parameters........................................................................................................................................................................................................................... 77

Conguring UDP broadcast and IP helper parameters.................................................................................................................................................78

Conguring IP parameters - Layer 2 switches...........................................................................................................................................................................80

Conguring the management IP address and specifying the default gateway................................................................................................... 80

Conguring Domain Name System resolver.....................................................................................................................................................................81

Changing the TTL threshold.....................................................................................................................................................................................................83

IPv4 point-to-point GRE tunnels ....................................................................................................................................................................................................84

IPv4 GRE tunnel overview.........................................................................................................................................................................................................84

GRE packet structure and header format............................................................................................................................................................................84

Path MTU Discovery support...................................................................................................................................................................................................85

Support for IPv4 multicast routing over GRE tunnels....................................................................................................................................................86

Conguration considerations for GRE IP tunnels.............................................................................................................................................................86

Conguration tasks for GRE tunnels.....................................................................................................................................................................................87

Example point-to-point GRE tunnel conguration..........................................................................................................................................................93

Displaying GRE tunneling information..................................................................................................................................................................................94

Clearing GRE statistics................................................................................................................................................................................................................98

Bandwidth for IP interfaces.................................................................................................................................................................................................................99

Limitations and pre-requisites...............................................................................................................................................................................................100

OSPF cost calculation with interface bandwidth...........................................................................................................................................................100

Setting the bandwidth value for an Ethernet interface.................................................................................................................................................100

Setting the bandwidth value for a VE interface..............................................................................................................................................................101

Setting the bandwidth value for a tunnel interface........................................................................................................................................................102

User-congurable MAC address per IP interface.................................................................................................................................................................. 102

Manually conguring an IP MAC address........................................................................................................................................................................103

Modifying and displaying Layer 3 system parameter limits..............................................................................................................................................104

Layer 3 conguration notes...................................................................................................................................................................................................104

4 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Displaying Layer 3 system parameter limits...................................................................................................................................................................104

Enabling or disabling routing protocols...................................................................................................................................................................................... 105

Enabling or disabling Layer 2 switching.....................................................................................................................................................................................106

Conguration notes and feature limitations for Layer 2 switching.........................................................................................................................106

Command syntax for Layer 2 switching...........................................................................................................................................................................106

Conguring a Layer 3 Link Aggregration Group (LAG).......................................................................................................................................................106

Disabling IP checksum check.........................................................................................................................................................................................................107

Displaying IP conguration information and statistics..........................................................................................................................................................108

Changing the network mask display to prex format.................................................................................................................................................. 108

Displaying IP information - Layer 3 switches.................................................................................................................................................................108

Displaying IP information - Layer 2 switches.................................................................................................................................................................119

IPv6 Addressing.............................................................................................................................................................................................................125

IPv6 addressing overview................................................................................................................................................................................................................125

IPv6 address types....................................................................................................................................................................................................................126

IPv6 stateless auto-conguration........................................................................................................................................................................................127

Full Layer 3 IPv6 feature support.................................................................................................................................................................................................128

IPv6 CLI command support ..........................................................................................................................................................................................................128

IPv6 host address on a Layer 2 switch.......................................................................................................................................................................................130

Conguring a global or site-local IPv6 address with a manually congured interface ID............................................................................131

Conguring a link-local IPv6 address as a system-wide address for a switch.................................................................................................131

Conguring the management port for an IPv6 automatic address conguration....................................................................................................132

Conguring basic IPv6 connectivity on a Layer 3 switch...................................................................................................................................................132

Enabling IPv6 routing............................................................................................................................................................................................................... 132

IPv6 conguration on each router interface.................................................................................................................................................................... 132

Conguring IPv4 and IPv6 protocol stacks.....................................................................................................................................................................135

IPv6 over IPv4 tunnels......................................................................................................................................................................................................................136

IPv6 over IPv4 tunnel conguration notes...................................................................................................................................................................... 136

Conguring a manual IPv6 tunnel.......................................................................................................................................................................................136

Clearing IPv6 tunnel statistics............................................................................................................................................................................................... 137

Displaying IPv6 tunnel information.....................................................................................................................................................................................138

Displaying a summary of tunnel information..................................................................................................................................................................138

Displaying interface level IPv6 settings.............................................................................................................................................................................138

IPv6 management (IPv6 host support)......................................................................................................................................................................................139

Conguring IPv6 management ACLs...............................................................................................................................................................................139

Restricting SNMP access to an IPv6 node..................................................................................................................................................................... 139

Specifying an IPv6 SNMP trap receiver...........................................................................................................................................................................140

Conguring SNMP V3 over IPv6........................................................................................................................................................................................140

Secure Shell, SCP, and IPv6..................................................................................................................................................................................................140

IPv6 Telnet.....................................................................................................................................................................................................................................140

IPv6 traceroute............................................................................................................................................................................................................................141

IPv6 Web management using HTTP and HTTPS.......................................................................................................................................................141

Restricting Web management access................................................................................................................................................................................142

Restricting Web management access by specifying an IPv6 ACL.......................................................................................................................142

Restricting Web management access to an IPv6 host...............................................................................................................................................142

Conguring name-to-IPv6 address resolution using IPv6 DNS resolver..........................................................................................................142

Dening an IPv6 DNS entry.................................................................................................................................................................................................. 142

Pinging an IPv6 address......................................................................................................................................................................................................... 143

Conguring an IPv6 Syslog server......................................................................................................................................................................................144

Viewing IPv6 SNMP server addresses.............................................................................................................................................................................144

Disabling router advertisement and solicitation messages.......................................................................................................................................145

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 5

Disabling IPv6 on a Layer 2 switch.................................................................................................................................................................................... 145

IPv6 ICMP feature conguration...................................................................................................................................................................................................145

Conguring ICMP rate limiting..............................................................................................................................................................................................146

Enabling IPv6 ICMP redirect messages...........................................................................................................................................................................146

IPv6 neighbor discovery conguration.......................................................................................................................................................................................147

IPv6 neighbor discovery conguration notes.................................................................................................................................................................147

Neighbor solicitation and advertisement messages....................................................................................................................................................147

Router advertisement and solicitation messages......................................................................................................................................................... 148

Neighbor redirect messages..................................................................................................................................................................................................148

Setting neighbor solicitation parameters for duplicate address detection..........................................................................................................148

Setting IPv6 router advertisement parameters..............................................................................................................................................................149

Prexes advertised in IPv6 router advertisement messages...................................................................................................................................150

Setting ags in IPv6 router advertisement messages................................................................................................................................................ 151

Enabling and disabling IPv6 router advertisements....................................................................................................................................................152

IPv6 router advertisement preference support..............................................................................................................................................................152

Conguring reachable time for remote IPv6 nodes.....................................................................................................................................................152

IPv6 neighbor discovery inspection.............................................................................................................................................................................................153

Neighbor discovery inspection conguration................................................................................................................................................................. 156

Syslog message for ND inspection.................................................................................................................................................................................... 156

IPv6 MTU............................................................................................................................................................................................................................................... 156

Conguration notes and feature limitations for IPv6 MTU.......................................................................................................................................156

Changing the IPv6 MTU......................................................................................................................................................................................................... 157

Static neighbor entries conguration...........................................................................................................................................................................................157

Limiting the number of hops an IPv6 packet can traverse.................................................................................................................................................158

IPv6 source routing security enhancements............................................................................................................................................................................158

TCAM space conguration.............................................................................................................................................................................................................. 158

Allocating TCAM space............................................................................................................................................................................................................159

Allocating TCAM space for GRE tunnels.........................................................................................................................................................................160

Displaying global IPv6 information..............................................................................................................................................................................................161

Displaying IPv6 cache information.....................................................................................................................................................................................161

Displaying IPv6 interface information................................................................................................................................................................................162

Displaying IPv6 neighbor information...............................................................................................................................................................................163

Displaying the IPv6 route table ............................................................................................................................................................................................164

Displaying local IPv6 routers.................................................................................................................................................................................................166

Displaying IPv6 TCP information........................................................................................................................................................................................166

Displaying IPv6 trac statistics............................................................................................................................................................................................169

Clearing global IPv6 information...................................................................................................................................................................................................172

Clearing the IPv6 cache...........................................................................................................................................................................................................172

Clearing IPv6 neighbor information....................................................................................................................................................................................172

Clearing IPv6 routes from the IPv6 route table.............................................................................................................................................................173

Clearing IPv6 trac statistics................................................................................................................................................................................................ 173

IPv4 Static Routing....................................................................................................................................................................................................... 175

Static routes conguration................................................................................................................................................................................................................175

Static route types........................................................................................................................................................................................................................ 175

Static IP route parameters.......................................................................................................................................................................................................175

Multiple static routes to the same destination provide load sharing and redundancy...................................................................................176

Static route states follow port states................................................................................................................................................................................... 176

Conguring a static IP route...................................................................................................................................................................................................177

Static route next hop resolution............................................................................................................................................................................................ 178

Naming a static IP route...........................................................................................................................................................................................................178

6 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Removing a name or a static route..................................................................................................................................................................................... 179

Static route recursive lookup..................................................................................................................................................................................................180

Static route resolve by default route....................................................................................................................................................................................180

Conguring a "Null" route........................................................................................................................................................................................................180

Conguring load balancing and redundancy using multiple static routes to the same destination......................................................... 181

Conguring standard static IP routes and interface or null static routes to the same destination............................................................ 182

IPv6 Static Routing....................................................................................................................................................................................................... 185

Static IPv6 route conguration.......................................................................................................................................................................................................185

Conguring a static IPv6 route.......................................................................................................................................................................................................185

Conguring a static route in a non-default VRF or User VRF.......................................................................................................................................... 186

RIP.....................................................................................................................................................................................................................................189

RIP overview.......................................................................................................................................................................................................................................... 189

RIP parameters and defaults...........................................................................................................................................................................................................189

RIP global parameters..............................................................................................................................................................................................................189

RIP interface parameters.........................................................................................................................................................................................................191

Conguring RIP parameters............................................................................................................................................................................................................191

Enabling RIP.................................................................................................................................................................................................................................191

Conguring route costs............................................................................................................................................................................................................192

Changing the administrative distance................................................................................................................................................................................192

Conguring redistribution........................................................................................................................................................................................................192

Conguring route learning and advertising parameters............................................................................................................................................. 194

Changing the route loop prevention method..................................................................................................................................................................195

Suppressing RIP route advertisement on a VRRP or VRRPE backup interface.............................................................................................196

Conguring RIP route lters using prex-lists and route maps...............................................................................................................................196

Setting RIP timers.......................................................................................................................................................................................................................198

Displaying RIP Information..............................................................................................................................................................................................................198

Displaying CPU utilization statistics.............................................................................................................................................................................................200

RIPng................................................................................................................................................................................................................................203

RIPng Overview....................................................................................................................................................................................................................................203

Conguring RIPng...............................................................................................................................................................................................................................203

Enabling RIPng............................................................................................................................................................................................................................203

Conguring RIPng timers........................................................................................................................................................................................................204

Conguring route learning and advertising parameters............................................................................................................................................. 205

Redistributing routes into RIPng...........................................................................................................................................................................................206

Controlling distribution of routes through RIPng...........................................................................................................................................................207

Conguring poison reverse parameters............................................................................................................................................................................207

Clearing RIPng routes from IPv6 route table...........................................................................................................................................................................208

Displaying RIPng information.........................................................................................................................................................................................................208

Displaying RIPng conguration............................................................................................................................................................................................208

Displaying RIPng routing table..............................................................................................................................................................................................209

OSPFv2........................................................................................................................................................................................................................... 211

OSPFv2 overview................................................................................................................................................................................................................................211

Autonomous System..........................................................................................................................................................................................................................211

OSPFv2 components and roles....................................................................................................................................................................................................212

Area Border Routers..................................................................................................................................................................................................................212

Autonomous System Boundary Routers......................................................................................................................................................................... 212

Designated routers.....................................................................................................................................................................................................................213

Reduction of equivalent AS external LSAs................................................................................................................................................................................214

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 7

Algorithm for AS external LSA reduction...................................................................................................................................................................................216

OSPFv2 areas.......................................................................................................................................................................................................................................216

Backbone area.............................................................................................................................................................................................................................216

Area types......................................................................................................................................................................................................................................216

Area range..................................................................................................................................................................................................................................... 217

Stub area and totally stubby area.........................................................................................................................................................................................217

Not-so-stubby area (NSSA)...................................................................................................................................................................................................217

Link state advertisements....................................................................................................................................................................................................... 218

Virtual links..............................................................................................................................................................................................................................................219

Default route origination....................................................................................................................................................................................................................220

External route summarization.........................................................................................................................................................................................................220

SPF timers..............................................................................................................................................................................................................................................221

OSPFv2 LSA refreshes.................................................................................................................................................................................................................... 221

Support for OSPF RFC 2328 Appendix E..............................................................................................................................................................................222

OSPFv2 graceful restart................................................................................................................................................................................................................... 223

OSPFv2 stub router advertisement.............................................................................................................................................................................................223

OSPFv2 Shortest Path First throttling........................................................................................................................................................................................224

IETF RFC and internet draft support...........................................................................................................................................................................................224

OSPFv2 non-stop routing...............................................................................................................................................................................................................224

Limitations of NSR.....................................................................................................................................................................................................................225

Synchronization of critical OSPFv2 elements.........................................................................................................................................................................225

Link state database synchronization...................................................................................................................................................................................225

LSA delayed acknowledging..................................................................................................................................................................................................225

LSA syncing and packing ...................................................................................................................................................................................................... 226

Neighbor device synchronization.........................................................................................................................................................................................226

Synchronization limitations.....................................................................................................................................................................................................226

Interface synchronization.........................................................................................................................................................................................................226

Standby module operations............................................................................................................................................................................................................ 226

Neighbor database.....................................................................................................................................................................................................................227

LSA database...............................................................................................................................................................................................................................227

OSPFv2 distribute list........................................................................................................................................................................................................................227

Conguring an OSPFv2 distribution list using ACLs .................................................................................................................................................227

Conguring an OSPFv2 distribution list using route maps .....................................................................................................................................228

OSPFv2 route redistribution...........................................................................................................................................................................................................229

Load sharing.......................................................................................................................................................................................................................................... 230

Interface types to which the reference bandwidth does not apply...................................................................................................................................232

Changing the reference bandwidth for the cost on OSPFv2 interfaces....................................................................................................................... 232

OSPFv2 over VRF..............................................................................................................................................................................................................................233

Conguring OSPFv2..........................................................................................................................................................................................................................233

Enabling OSPFv2......................................................................................................................................................................................................................233

Assigning OSPFv2 areas........................................................................................................................................................................................................233

Conguring an NSSA................................................................................................................................................................................................................234

Conguring a summary-address for the NSSA............................................................................................................................................................ 234

Disabling summary LSAs for a stub area.........................................................................................................................................................................235

Assigning an area range...........................................................................................................................................................................................................235

Assigning interfaces to an area.............................................................................................................................................................................................236

Conguring virtual links............................................................................................................................................................................................................236

Modifying Shortest Path First timers..................................................................................................................................................................................237

Conguring the OSPFv2 LSA pacing interval............................................................................................................................................................... 238

Disabling OSPFv2 graceful restart..................................................................................................................................................................................... 238

8 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Re-enabling OSPFv2 graceful restart............................................................................................................................................................................... 238

Disabling OSPFv2 graceful restart helper....................................................................................................................................................................... 239

Redistributing routes into OSPFv2.....................................................................................................................................................................................239

Conguring the OSPFv2 Max-Metric Router LSA...................................................................................................................................................... 240

Enabling OSPFv2 in a non-default VRF..........................................................................................................................................................................240

Changing default settings........................................................................................................................................................................................................241

Disabling and re-enabling OSPFv2 event logging...................................................................................................................................................... 241

Disabling OSPFv2 on the device........................................................................................................................................................................................241

OSPFv3........................................................................................................................................................................................................................... 243

OSPFv3 overview................................................................................................................................................................................................................................243

OSPFv3 areas.......................................................................................................................................................................................................................................244

Not-so-stubby area...................................................................................................................................................................................................................245

LSA types for OSPFv3............................................................................................................................................................................................................246

Virtual link source address assignment.............................................................................................................................................................................248

OSPFv3 route redistribution...........................................................................................................................................................................................................248

Filtering OSPFv3 routes...................................................................................................................................................................................................................249

OSPFv3 administrative distance...................................................................................................................................................................................................250

OSPFv3 LSA refreshes.................................................................................................................................................................................................................... 250

OSPFv3 over VRF..............................................................................................................................................................................................................................251

OSPFv3 graceful restart helper.....................................................................................................................................................................................................251

OSPFv3 non-stop routing...............................................................................................................................................................................................................252

IPsec for OSPFv3...............................................................................................................................................................................................................................252

IPsec for OSPFv3 conguration..........................................................................................................................................................................................253

IPsec for OSPFv3 considerations.......................................................................................................................................................................................253

Conguring OSPFv3..........................................................................................................................................................................................................................254

Conguring the router ID.........................................................................................................................................................................................................254

Enabling OSPFv3......................................................................................................................................................................................................................254

Enabling OSPFv3 in a non-default VRF..........................................................................................................................................................................255

Assigning OSPFv3 areas........................................................................................................................................................................................................256

Assigning OSPFv3 areas in a non-default VRF........................................................................................................................................................... 256

Assigning OSPFv3 areas to interfaces............................................................................................................................................................................. 257

Assigning a stub area................................................................................................................................................................................................................258

Redistributing routes into OSPFv3.....................................................................................................................................................................................260

Modifying SPF timers...............................................................................................................................................................................................................261

Conguring the OSPFv3 LSA pacing interval............................................................................................................................................................... 261

Conguring default external routes..................................................................................................................................................................................... 262

Disabling and re-enabling OSPFv3 event logging...................................................................................................................................................... 262

Conguring administrative distance based on route type......................................................................................................................................... 263

Changing the reference bandwidth for the cost on OSPFv3 interfaces..............................................................................................................263

Setting all OSPFv3 interfaces to the passive state.......................................................................................................................................................264

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 9

Disabling OSPFv3 graceful restart helper....................................................................................................................................................................... 264

Re-enabling OSPFv3 graceful restart helper................................................................................................................................................................. 265

Conguring IPsec on an OSPFv3 area.............................................................................................................................................................................265

Conguring IPsec on an OSPFv3 interface....................................................................................................................................................................266

Conguring IPsec on OSPFv3 virtual links.....................................................................................................................................................................267

Specifying the key rollover timer..........................................................................................................................................................................................267

Clearing IPsec statistics........................................................................................................................................................................................................... 268

Displaying OSPFv3 results.................................................................................................................................................................................................... 269

Conguring BGP4 (IPv4).............................................................................................................................................................................................273

BGP4 overview.....................................................................................................................................................................................................................................273

Relationship between the BGP4 route table and the IP route table......................................................................................................................274

How BGP4 selects a path for a route (BGP best path selection algorithm)......................................................................................................275

BGP4 message types.............................................................................................................................................................................................................. 276

Grouping of RIB-out peers.....................................................................................................................................................................................................278

Implementation of BGP4.................................................................................................................................................................................................................278

BGP4 restart..........................................................................................................................................................................................................................................278

BGP4 Peer notication during a management module switchover......................................................................................................................279

BGP4 neighbor local AS.........................................................................................................................................................................................................280

Basic conguration and activation for BGP4...........................................................................................................................................................................282

Disabling BGP4.......................................................................................................................................................................................................................... 283

BGP4 parameters................................................................................................................................................................................................................................283

Parameter changes that take eect immediately.......................................................................................................................................................... 285

Parameter changes that take eect after resetting neighbor sessions.................................................................................................................285

Parameter changes that take eect after disabling and re-enabling redistribution.........................................................................................286

Memory considerations.....................................................................................................................................................................................................................286

Memory conguration options obsoleted by dynamic memory............................................................................................................................286

Basic conguration tasks required for BGP4...........................................................................................................................................................................286

Enabling BGP4 on the device...............................................................................................................................................................................................286

Changing the device ID............................................................................................................................................................................................................287

Setting the local AS number.................................................................................................................................................................................................. 287

Adding a loopback interface...................................................................................................................................................................................................288

Adding BGP4 neighbors.........................................................................................................................................................................................................289

Adding a BGP4 peer group...................................................................................................................................................................................................296

Optional BGP4 conguration tasks.............................................................................................................................................................................................299

Changing the Keep Alive Time and Hold Time..............................................................................................................................................................299

Changing the BGP4 next-hop update timer...................................................................................................................................................................299

Enabling fast external fallover................................................................................................................................................................................................300

Changing the maximum number of paths for BGP4 Multipath load sharing...................................................................................................300

Customizing BGP4 Multipath load sharing.....................................................................................................................................................................301

Specifying a list of networks to advertise......................................................................................................................................................................... 302

Changing the default local preference................................................................................................................................................................................303

Using the IP default route as a valid next-hop for a BGP4 route...........................................................................................................................303

Changing the default MED (Metric) used for route redistribution...........................................................................................................................304

Enabling next-hop recursion..................................................................................................................................................................................................304

Changing administrative distances......................................................................................................................................................................................306

Requiring the rst AS to be the neighbor AS..................................................................................................................................................................307

Disabling or re-enabling comparison of the AS-Path length...................................................................................................................................308

Enabling or disabling comparison of device IDs...........................................................................................................................................................308

Conguring the device to always compare Multi-Exit Discriminators..................................................................................................................309

Treating missing MEDs as the worst MEDs....................................................................................................................................................................310

10 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Conguring route reection parameters........................................................................................................................................................................... 310

Conguring confederations.................................................................................................................................................................................................... 312

Aggregating routes advertised to BGP4 neighbors.....................................................................................................................................................315

Conguring BGP4 restart.................................................................................................................................................................................................................316

Conguring BGP4 Restart for the global routing instance....................................................................................................................................... 316

Conguring BGP4 Restart for a VRF................................................................................................................................................................................316

Conguring timers for BGP4 Restart (optional).............................................................................................................................................................316

BGP4 null0 routing....................................................................................................................................................................................................................317

Conguring BGP4 null0 routing..........................................................................................................................................................................................318

Modifying redistribution parameters............................................................................................................................................................................................321

Redistributing connected routes...........................................................................................................................................................................................321

Redistributing RIP routes.........................................................................................................................................................................................................322

Redistributing OSPF external routes..................................................................................................................................................................................322

Redistributing static routes......................................................................................................................................................................................................323

Redistributing IBGP routes.....................................................................................................................................................................................................323

Filtering.....................................................................................................................................................................................................................................................323

AS-path ltering..........................................................................................................................................................................................................................323

BGP4 ltering communities.................................................................................................................................................................................................. 326

Dening and applying IP prex lists....................................................................................................................................................................................327

Dening neighbor distribute lists..........................................................................................................................................................................................328

Dening route maps..................................................................................................................................................................................................................329

Using a table map to set the tag value...............................................................................................................................................................................336

Conguring cooperative BGP4 route ltering................................................................................................................................................................337

Four-byte Autonomous System Numbers (AS4).................................................................................................................................................................. 339

Enabling AS4 numbers............................................................................................................................................................................................................340

BGP4 AS4 attribute errors.............................................................................................................................................................................................................. 344

Error logs........................................................................................................................................................................................................................................344

Conguring route ap dampening................................................................................................................................................................................................344

Globally conguring route ap dampening......................................................................................................................................................................345

Using a route map to congure route ap dampening for a specic neighbor................................................................................................346

Removing route dampening from a route........................................................................................................................................................................347

Displaying and clearing route ap dampening statistics............................................................................................................................................347

Generating traps for BGP4..............................................................................................................................................................................................................348

Conguring BGP4...............................................................................................................................................................................................................................349

Entering and exiting the address family conguration level...............................................................................................................................................350

BGP route reector.............................................................................................................................................................................................................................350

Conguring BGP route reector...........................................................................................................................................................................................351

Specifying a maximum AS path length......................................................................................................................................................................................353

Setting a global maximum AS path limit.......................................................................................................................................................................... 354

Setting a maximum AS path limit for a peer group or neighbor.............................................................................................................................354

BGP4 max-as error messages......................................................................................................................................................................................................355

Maximum AS path limit error.................................................................................................................................................................................................355

Memory limit error......................................................................................................................................................................................................................355

Originating the default route............................................................................................................................................................................................................355

Changing the default metric used for route cost.....................................................................................................................................................................355

Conguring a static BGP4 network ............................................................................................................................................................................................ 356

Setting an administrative distance for a static BGP4 network.................................................................................................................................356

Limiting advertisement of a static BGP4 network to selected neighbors.......................................................................................................... 357

Dynamic route lter update....................................................................................................................................................................................................357

Generalized TTL Security Mechanism support...................................................................................................................................................................... 359

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 11

Displaying BGP4 information.........................................................................................................................................................................................................359

Displaying summary BGP4 information.......................................................................................................................................................................... 359

Displaying the active BGP4 conguration.......................................................................................................................................................................362

Displaying summary neighbor information.....................................................................................................................................................................362

Displaying BGP4 neighbor information............................................................................................................................................................................364

Displaying peer group information......................................................................................................................................................................................372

Displaying summary route information.............................................................................................................................................................................372

Displaying VRF instance information.................................................................................................................................................................................373

Displaying the BGP4 route table.........................................................................................................................................................................................373

Displaying BGP4 route-attribute entries..........................................................................................................................................................................380

Displaying the routes BGP4 has placed in the IP route table..................................................................................................................................381

Displaying route ap dampening statistics...................................................................................................................................................................... 381

Displaying the active route map conguration...............................................................................................................................................................382

Displaying BGP4 graceful restart neighbor information............................................................................................................................................383

Displaying AS4 details............................................................................................................................................................................................................. 383

Updating route information and resetting a neighbor session.................................................................................................................................390

Using soft reconguration.......................................................................................................................................................................................................390

Dynamically requesting a route refresh from a BGP4 neighbor............................................................................................................................392

Closing or resetting a neighbor session............................................................................................................................................................................394

Clearing and resetting BGP4 routes in the IP route table..........................................................................................................................................395

Clearing trac counters.....................................................................................................................................................................................................................395

Clearing diagnostic buers.............................................................................................................................................................................................................. 396

BGP4+..............................................................................................................................................................................................................................397

BGP4+ overview..................................................................................................................................................................................................................................397

BGP global mode ...............................................................................................................................................................................................................................397

IPv6 unicast address family.............................................................................................................................................................................................................398

BGP4+ neighbors................................................................................................................................................................................................................................399

BGP4+ peer groups............................................................................................................................................................................................................................399

BGP4+ next hop recursion.............................................................................................................................................................................................................. 400

BGP4+ NLRIs and next hop attributes.......................................................................................................................................................................................400

BGP4+ route reection......................................................................................................................................................................................................................401

BGP4+ route aggregation................................................................................................................................................................................................................401

BGP4+ multipath................................................................................................................................................................................................................................. 401

Route maps............................................................................................................................................................................................................................................402

BGP4+ outbound route ltering.................................................................................................................................................................................................... 402

BGP4+ confederations......................................................................................................................................................................................................................402

BGP4+ extended community.........................................................................................................................................................................................................403

BGP4+ graceful restart......................................................................................................................................................................................................................403

Conguring BGP4+............................................................................................................................................................................................................................ 403

Conguring BGP4+ neighbors using global IPv6 addresses..................................................................................................................................404

Conguring BGP4+ neighbors using link-local addresses.......................................................................................................................................404

Conguring BGP4+ peer groups.........................................................................................................................................................................................405

Conguring a peer group with IPv4 and IPv6 peers...................................................................................................................................................406

Importing routes into BGP4+................................................................................................................................................................................................407

Advertising the default BGP4+ route.................................................................................................................................................................................408

Advertising the default BGP4+ route to a specic neighbor....................................................................................................................................408

Using the IPv6 default route as a valid next hop for a BGP4+ route....................................................................................................................409

Conguring a cluster ID for a route reector...................................................................................................................................................................410

Conguring a route reector client.......................................................................................................................................................................................410

12 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Aggregating routes advertised to BGP neighbors........................................................................................................................................................411

Enabling load-balancing across dierent paths.............................................................................................................................................................411

Conguring a route map for BGP4+ prexes.................................................................................................................................................................412

Redistributing prexes into BGP4+.....................................................................................................................................................................................413

Conguring BGP4+ outbound route ltering..................................................................................................................................................................414

Conguring BGP4+ confederations................................................................................................................................................................................... 415

Dening a community ACL....................................................................................................................................................................................................415

Applying a BGP extended community lter....................................................................................................................................................................416

Disabling BGP4+ graceful restart........................................................................................................................................................................................417

Re-enabling BGP4+ graceful restart..................................................................................................................................................................................418

Disabling the BGP AS_PATH check function................................................................................................................................................................ 420

Displaying BGP4+ statistics...................................................................................................................................................................................................420

Displaying BGP4+ neighbor statistics...............................................................................................................................................................................423

Clearing BGP4+ dampened paths......................................................................................................................................................................................425

VRRPv2........................................................................................................................................................................................................................... 427

VRRPv2 overview................................................................................................................................................................................................................................427

VRRP terminology..................................................................................................................................................................................................................... 429

VRRP hold timer.........................................................................................................................................................................................................................430

VRRP interval timers.................................................................................................................................................................................................................430

VRRP authentication.................................................................................................................................................................................................................431

VRRP master device abdication to backup device.......................................................................................................................................................432

ARP and VRRP control packets...........................................................................................................................................................................................432

Enabling an owner VRRP device...................................................................................................................................................................................................432

Enabling a backup VRRP device...................................................................................................................................................................................................434

Conguring simple text authentication on VRRP interfaces..............................................................................................................................................435

Conguring MD5 authentication on VRRP interfaces......................................................................................................................................................... 436

Abdicating VRRP master device status......................................................................................................................................................................................437

Tracked ports and track priority with VRRP and VRRP-E..................................................................................................................................................439

Tracking ports and setting the VRRP priority..................................................................................................................................................................439

VRRP backup preemption...............................................................................................................................................................................................................440

Disabling VRRP backup preemption................................................................................................................................................................................. 440

Accept mode for backup VRRP devices....................................................................................................................................................................................441

Enabling accept mode on a backup VRRP device.......................................................................................................................................................441

Suppressing RIP route advertisements on VRRP backup devices................................................................................................................................ 443

VRRP-Ev2 overview...........................................................................................................................................................................................................................443

Enabling a VRRP-E device..............................................................................................................................................................................................................444

VRRP-E load-balancing using short-path forwarding.........................................................................................................................................................445

Packet routing with short-path forwarding to balance trac load..........................................................................................................................445

Short-path forwarding with revert priority.........................................................................................................................................................................446

Conguring VRRP-E load-balancing using short-path forwarding...................................................................................................................... 447

VRRP-E slow start timer...................................................................................................................................................................................................................448

Conguring a VRRP-E slow-start timer............................................................................................................................................................................448

Conguration example: ISSU upgrade using VRRP-E........................................................................................................................................................449

Displaying VRRPv2 information................................................................................................................................................................................................... 450

Clearing VRRPv2 statistics..............................................................................................................................................................................................................451

VRRPv3........................................................................................................................................................................................................................... 453

VRRPv3 overview................................................................................................................................................................................................................................453

Enabling an IPv6 VRRPv3 owner device..................................................................................................................................................................................454

Enabling an IPv6 VRRPv3 backup device................................................................................................................................................................................455

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 13

Enabling an IPv4 VRRPv3 owner device..................................................................................................................................................................................456

Enabling an IPv4 VRRPv3 backup device................................................................................................................................................................................457

Tracking ports and setting VRRP priority using VRRPv3......................................................................................................................................... 459

Enabling accept mode on a backup VRRP device.......................................................................................................................................................460

Alternate VRRPv2 checksum for VRRPv3 IPv4 sessions................................................................................................................................................ 461

Enabling the VRRPv2 checksum computation method in a VRRPv3 IPv4 session....................................................................................461

Displaying alternate VRRPv2 checksum settings........................................................................................................................................................ 462

Automatic generation of a virtual link-local address for VRRPv3...................................................................................................................................463

Assigning an auto-generated link-local IPv6 address for a VRRPv3 cluster................................................................................................... 464

Displaying VRRPv3 statistics......................................................................................................................................................................................................... 465

Clearing VRRPv3 statistics..............................................................................................................................................................................................................466

VRRP-Ev3 Overview......................................................................................................................................................................................................................... 466

Enabling an IPv6 VRRP-Ev3 device...........................................................................................................................................................................................467

Displaying and clearing VRRP-Ev3 statistics.......................................................................................................................................................................... 468

Multi-VRF........................................................................................................................................................................................................................471

Multi-VRF overview............................................................................................................................................................................................................................ 471

FastIron considerations for Multi-VRF...............................................................................................................................................................................473

VRF-related system-max values.........................................................................................................................................................................................473

Additional features to support Multi-VRF........................................................................................................................................................................ 475

Conguring Multi-VRF...................................................................................................................................................................................................................... 476

Conguring VRF system-max values ...............................................................................................................................................................................476

Creating VLANs as links on a tagged port for security...............................................................................................................................................478

Conguring a VRF instance...................................................................................................................................................................................................478

Starting a routing process for a VRF..................................................................................................................................................................................479

Assigning a Layer 3 interface to a VRF.............................................................................................................................................................................480

Assigning a loopback interface to a VRF..........................................................................................................................................................................480

Verifying a Multi-VRF conguration................................................................................................................................................................................... 481

Removing a VRF conguration............................................................................................................................................................................................482

Conguring static ARP for Multi-VRF............................................................................................................................................................................... 482

Conguring additional ARP features for Multi-VRF.....................................................................................................................................................483

14 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Brocade, Brocade Assurance, the B-wing symbol, ClearLink, DCX, Fabric OS, HyperEdge, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, Vplane, and Vyatta are registered trademarks, and Fabric Vision is a trademark of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of others.

Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service oered or to be oered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales oce for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.

The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or entity with respect to the accuracy of this document or any loss, cost, liability, or damages arising from the information contained herein or the computer programs that accompany it.

The product described by this document may contain open source software covered by the GNU General Public License or other open source license agreements. To nd out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd.

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 15

16 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Preface

• Document conventions...................................................................................................................................................................................17

• Brocade resources............................................................................................................................................................................................ 18

• Contacting Brocade Technical Support....................................................................................................................................................19

• Document feedback.........................................................................................................................................................................................19

Document conventions

The document conventions describe text formatting conventions, command syntax conventions, and important notice formats used in Brocade technical documentation.

Text formatting conventions

Text formatting conventions such as boldface, italic, or Courier font may be used in the ow of the text to highlight specic words or phrases.

Format Description bold text Identies command names

Identies keywords and operands

Identies the names of user-manipulated GUI elements

Identies text to enter at the GUI

italic text Identies emphasis

Identies variables

Identies document titles

Courier font

Identies CLI output

Identies command syntax examples

Command syntax conventions

Bold and italic text identify command syntax components. Delimiters and operators dene groupings of parameters and their logical relationships.

Convention Description bold text Identies command names, keywords, and command options.

italic text Identies a variable.

value In Fibre Channel products, a xed value provided as input to a command option is printed in plain text, for

example, --show WWN.

[ ] Syntax components displayed within square brackets are optional.

Default responses to system prompts are enclosed in square brackets.

{ x | y | z } A choice of required parameters is enclosed in curly brackets separated by vertical bars. You must select

one of the options.

In Fibre Channel products, square brackets may be used instead for this purpose.

x | y A vertical bar separates mutually exclusive elements.

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 17

Brocade resources

Convention Description

< > Nonprinting characters, for example, passwords, are enclosed in angle brackets.

... Repeat the previous element, for example, member[member...].

\ Indicates a “soft” line break in command examples. If a backslash separates two lines of a command

input, enter the entire command at the prompt without the backslash.

Notes, cautions, and warnings

Notes, cautions, and warning statements may be used in this document. They are listed in the order of increasing severity of potential hazards.

NOTE

A Note provides a tip, guidance, or advice, emphasizes important information, or provides a reference to related information.

ATTENTION

An Attention statement indicates a stronger note, for example, to alert you when trac might be interrupted or the device might

reboot.

CAUTION

A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware,

rmware, software, or data.

DANGER

A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety

labels are also attached directly to products to warn of these conditions or situations.

Brocade resources

Visit the Brocade website to locate related documentation for your product and additional Brocade resources.

You can download additional publications supporting your product at www.brocade.com. Select the Brocade Products tab to locate your product, then click the Brocade product name or image to open the individual product page. The user manuals are available in the resources module at the bottom of the page under the Documentation category.

To get up-to-the-minute information on Brocade products and resources, go to MyBrocade. You can register at no cost to obtain a user ID and password.

Release notes are available on MyBrocade under Product Downloads.

White papers, online demonstrations, and data sheets are available through the Brocade website.

18 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

Document feedback

Contacting Brocade Technical Support

As a Brocade customer, you can contact Brocade Technical Support 24x7 online, by telephone, or by e-mail. Brocade OEM customers contact their OEM/Solutions provider.

Brocade customers

For product support information and the latest information on contacting the Technical Assistance Center, go to http://www.brocade.com/

services-support/index.html.

If you have purchased Brocade product support directly from Brocade, use one of the following methods to contact the Brocade Technical Assistance Center 24x7.

Online Telephone E-mail

Preferred method of contact for non-urgent issues:

• My Cases through MyBrocade

• Software downloads and licensing tools

• Knowledge Base

Required for Sev 1-Critical and Sev 2-High issues:

• Continental US: 1-800-752-8061

• Europe, Middle East, Africa, and Asia Pacic: +800-AT FIBREE (+800 28 34 27 33)

• For areas unable to access toll free number: +1-408-333-6061

• Toll-free numbers are available in many countries.

support@brocade.com

Please include:

• Problem summary

• Serial number

• Installation details

• Environment description

Brocade OEM customers

If you have purchased Brocade product support from a Brocade OEM/Solution Provider, contact your OEM/Solution Provider for all of your product support needs.

• OEM/Solution Providers are trained and

• Brocade provides backline support for issues that cannot be resolved by the OEM/Solution Provider.

• Brocade Supplemental Support augments your existing OEM support contract, providing direct access to Brocade expertise. For more information, contact Brocade or your OEM.

• For questions regarding service levels and response times, contact your OEM/Solution Provider.

certied by Brocade to support Brocade® products.

Document feedback

To send feedback and report errors in the documentation you can use the feedback form posted with the document or you can e-mail the documentation team.

Quality is our rst concern at Brocade and we have made every eort to ensure the accuracy and completeness of this document. However, if you nd an error or an omission, or you think that a topic needs further development, we want to hear from you. You can provide feedback in two ways:

• Through the online feedback form in the HTML documents posted on www.brocade.com.

• By sending your feedback to documentation@brocade.com.

Provide the publication title, part number, and as much detail as possible, including the topic heading and page number if applicable, as well as your suggestions for improvement.

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 19

20 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

About This Document

• Supported hardware and software..............................................................................................................................................................21

• What’s new in this document........................................................................................................................................................................21

• How command information is presented in this guide......................................................................................................................22

Supported hardware and software

This guide supports the following product families for FastIron release 8.0.40:

• Brocade ICX 7250 Series (ICX 7250)

• Brocade ICX 7450 Series (ICX 7450)

• Brocade ICX 7750 Series (ICX 7750)

For information about the product family.

specic models and modules supported in a product family, refer to the hardware installation guide for that

What’s new in this document

The following tables describe information added or

TABLE 1 Summary of enhancements in FastIron release 8.0.40a

Feature Description Location

Updated content for defect x. Removed unsupported sections.

TABLE 2 Summary of enhancements in FastIron release 8.0.40

Feature Description Location

DHCP auto-provisioning DHCP auto-provisioning allows you to

DHCP client link layer option You can now specify the client link layer option in

DHCP options DHCP server options 176, 242, and 252 have

User-congurable MAC address per IP interface

Information taxonomy applied To improve consistency and access, this guide has

modied in this guide for FastIron software releases 8.0.40 and 8.0.40a.

The chapter BGP4 has been updated as part of a defect x.

automatically deploy devices with management IP addresses and le upgrades.

the DHCP relay-option messages.

been introduced.

Manual conguration of an IP MAC address for each Layer 3 physical or virtual ethernet (VE) interface on a device is permitted. The congured MAC address is used by routing protocols or hardware communications related to IPv4 or IPv6 addresses on the interface.

been restructured according to approved Brocade information taxonomy.

BGP4

"DHCP auto-provisioning" in the Brocade FastIron DHCP Conguration Guide.

"DHCP relay include options" in the Brocade FastIron DHCP Conguration Guide.

"Conguring WPAD" in the Brocade FastIron DHCP Conguration Guide.

"Conguring Avaya IP telephony" in the Brocade FastIron DHCP Conguration Guide.

User-congurable MAC address per IP interface

on page 102

These changes occur throughout the text.

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 21

How command information is presented in this guide

For all new content supported in FastIron Release 8.0.20 and later, command information is documented in a standalone command reference guide.

To provide consistent CLI documentation for all products, there is now a standalone command reference for the FastIron platforms.

In the Brocade FastIron Command Reference, the command pages are in alphabetical order and follow a standard format to present syntax, parameters, mode, usage guidelines, examples, and command history.

NOTE

Many commands from previous FastIron releases are also included in the command reference.

22 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

ARP - Address Resolution Protocol

• ARP parameter conguration.......................................................................................................................................................................23

• Displaying the ARP table ...............................................................................................................................................................................29

• Reverse Address Resolution Protocol conguration...........................................................................................................................29

• Dynamic ARP inspection ..............................................................................................................................................................................31

ARP parameter conguration

Address Resolution Protocol (ARP) is a standard IP protocol that enables an IP Layer 3 switch to obtain the MAC address of another device interface when the Layer 3 switch knows the IP address of the interface. ARP is enabled by default and cannot be disabled.

NOTE

Brocade Layer 2 switches also support ARP. However, the conguration options described later in this section apply only to Layer 3 switches, not to Layer 2 switches.

How ARP works

A Layer 3 switch needs to know a destination MAC address when forwarding trac, because the Layer 3 switch encapsulates the IP packet in a Layer 2 packet (MAC layer packet) and sends the Layer 2 packet to a MAC interface on a device directly attached to the Layer 3 switch. The device can be the packet nal destination or the next-hop router toward the destination.

The Layer 3 switch encapsulates IP packets in Layer 2 packets regardless of whether the ultimate destination is locally attached or is multiple router hops away. Because the Layer 3 switch IP route table and IP forwarding cache contain IP address information but not MAC address information, the Layer 3 switch cannot forward IP packets based solely on the information in the route table or forwarding cache. The Layer 3 switch needs to know the MAC address that corresponds with the IP address of either the packet locally attached destination or the next-hop router that leads to the destination.

For example, to forward a packet whose destination is multiple router hops away, the Layer 3 switch must send the packet to the nexthop router toward its destination, or to a default route or default network route if the IP route table does not contain a route to the packet destination. In each case, the Layer 3 switch must encapsulate the packet and address it to the MAC address of a locally attached device, the next-hop router toward the IP packet destination.

To obtain the MAC address required for forwarding a datagram, the Layer 3 switch rst looks in the ARP cache (not the static ARP table) for an entry that lists the MAC address for the IP address. The ARP cache maps IP addresses to MAC addresses. The cache also lists the port attached to the device and, if the entry is dynamic, the age of the entry. A dynamic ARP entry enters the cache when the Layer 3 switch receives an ARP reply or receives an ARP request (which contains the sender IP address and MAC address). A static entry enters the ARP cache from the separate static ARP table when the interface for the entry comes up.

To ensure the accuracy of the ARP cache, each dynamic entry has its own age timer. The timer is reset to zero each time the Layer 3 switch receives an ARP reply or ARP request containing the IP address and MAC address of the entry. If a dynamic entry reaches its maximum allowable age, the entry times out and the software removes the entry from the table. Static entries do not age out and can be removed only by you.

If the ARP cache does not contain an entry for the destination IP address, the Layer 3 switch broadcasts an ARP request out all its IP interfaces. The ARP request contains the IP address of the destination. If the device with the IP address is directly attached to the Layer 3 switch, the device sends an ARP response containing its MAC address. The response is a unicast packet addressed directly to the Layer 3 switch. The Layer 3 switch places the information from the ARP response into the ARP cache.

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 23

ARP parameter conguration

ARP requests contain the IP address and MAC address of the sender, so all devices that receive the request learn the MAC address and IP address of the sender and can update their own ARP caches accordingly.

NOTE

The ARP request broadcast is a MAC broadcast, which means the broadcast goes only to devices that are directly attached to the Layer 3 switch. A MAC broadcast is not routed to other networks. However, some routers, including Brocade Layer 3 switches, can be congured to reply to ARP requests from one network on behalf of devices on another network.

NOTE

If the router receives an ARP request packet that it is unable to deliver to the nal destination because of the ARP timeout and no ARP response is received (the Layer 3 switch knows of no route to the destination address), the router sends an ICMP Host Unreachable message to the source.

FIGURE 1 ARP supplies the MAC address corresponding to an IP address

If Device A wants to communicate with Device B, knowing the IP address of Device B is not sucient; the MAC address is also required. ARP supplies the MAC address.

Rate limiting ARP packets

You can limit the number of ARP packets the Brocade device accepts during each second. By default, the software does not limit the number of ARP packets the device can receive. Since the device sends ARP packets to the CPU for processing, if a device in a busy network receives a high number of ARP packets in a short period of time, some CPU processing might be deferred while the CPU processes the ARP packets.

To prevent the CPU from becoming will accept each second. When you congure an ARP rate limit, the device accepts up to the maximum number of packets you specify, but drops additional ARP packets received during the one-second interval. When a new one-second interval starts, the counter restarts at zero, so the device again accepts up to the maximum number of ARP packets you specied, but drops additional packets received within the interval.

24 53-1003903-04

ooded by ARP packets in a busy network, you can restrict the number of ARP packets the device

Brocade FastIron Layer 3 Routing Conguration Guide

ARP parameter conguration

To limit the number of ARP packets the device will accept each second, enter the rate-limit-arp command at the global CONFIG level of the CLI.

device(config)# rate-limit-arp 100

This command during a one-second interval, the device drops the additional ARP packets during the remainder of that one-second interval.

Syntax:[no] rate-limit-arp num

The num variable species the number of ARP packets and can be from 0 through 100. If you specify 0, the device will not accept any ARP packets.

congures the device to accept up to 100 ARP packets each second. If the device receives more than 100 ARP packets

NOTE

If you want to change a previously congured the ARP rate limiting policy, you must remove the previously congured policy using the no rate-limit-arp command before entering the new policy.

Changing the ARP aging period

When the Layer 3 switch places an entry in the ARP cache, the Layer 3 switch also starts an aging timer for the entry. The aging timer ensures that the ARP cache does not retain learned entries that are no longer valid. An entry can become invalid when the device with the MAC address of the entry is no longer on the network.

The ARP age change the ARP age to a value from 0 through 240 minutes. You cannot change the ARP age on Layer 2 switches. If you set the ARP age to zero, aging is disabled and entries do not age out.

aects dynamic (learned) entries only, not static entries. The default ARP age is ten minutes. On Layer 3 switches, you can

NOTE

Host devices connected to an ICX 7750 that also have a valid IP address and reply periodically to the arp request are not timed out, even if no trac is destined for the device. This behavior is restricted to only ICX 7750 devices.

To globally change the ARP aging parameter to 20 minutes, enter the ip arp-age command.

device(config)# ip arp-age 20

Syntax: [no] ip arp-age num

The num parameter species the number of minutes, which can be from 0 through 240. The default is 10. If you specify 0, aging is disabled.

To override the globally congured IP ARP age on an individual interface, enter the ip arp-age command followed by the new value at the interface conguration level.

device(config-if-e1000-1/1/1)# ip arp-age 30

Enabling proxy ARP

Proxy ARP allows a Layer 3 switch to answer ARP requests from devices on one network on behalf of devices in another network. Because ARP requests are MAC-layer broadcasts, they reach only the devices that are directly connected to the sender of the ARP request. Thus, ARP requests do not cross routers.

For example, if Proxy ARP is enabled on a Layer 3 switch connected to two subnets, 10.10.10.0/24 and 10.20.20.0/24, the Layer 3 switch can respond to an ARP request from 10.10.10.69 for the MAC address of the device with IP address 10.20.20.69. In standard ARP, a request from a device in the 10.10.10.0/24 subnet cannot reach a device in the 10.20.20.0 subnet if the subnets are on dierent network cables, and thus is not answered.

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 25

ARP parameter conguration

NOTE

An ARP request from one subnet can reach another subnet when both subnets are on the same physical segment (Ethernet cable), because MAC-layer broadcasts reach all the devices on the segment.

Proxy ARP is disabled by default on Brocade Layer 3 switches. This feature is not supported on Brocade Layer 2 switches.

You can enable proxy ARP at the Interface level, as well as at the Global CONFIG level, of the CLI.

NOTE

Conguring proxy ARP at the Interface level overrides the global conguration.

Enabling proxy ARP globally

To enable IP proxy ARP on a global basis, enter the ip proxy-arp command.

device(config)# ip proxy-arp

To again disable IP proxy ARP on a global basis, enter the no ip proxy-arp command.

device(config)# no ip proxy-arp

Syntax: [no] ip proxy-arp

Enabling IP ARP on an interface

NOTE

Conguring proxy ARP at the Interface level overrides the global conguration.

To enable IP proxy ARP on an interface, enter the following commands.

device(config)# interface ethernet 5 device(config-if-e1000-5)# ip proxy-arp enable

To again disable IP proxy ARP on an interface, enter the following command.

device(config)# interface ethernet 5 device(config-if-e1000-5)# ip proxy-arp disable

Syntax: [no] ip proxy-arp { enable | disable }

NOTE

By default, gratuitous ARP is disabled for local proxy ARP.

Creating static ARP entries

Static ARP entries are added to the ARP cache when they are congured. Static ARP entries are useful in cases where you want to precongure an entry for a device that is not connected to the Layer 3 switch, or you want to prevent a particular entry from aging out.

Brocade Layer 3 switches have a static ARP table, in addition to the regular ARP cache. Unlike static ARP entries, dynamic ARP entries are removed from the ARP cache if the ARP aging interval expires before the entry is refreshed. Static entries do not age out, regardless of whether the Brocade device receives an ARP request from the device that has the entry address.

NOTE

You cannot create static ARP entries on a Layer 2 switch.

26 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

ARP parameter conguration

The maximum number of static ARP entries you can congure depends on the software version running on the device.

To create a static ARP entry, enter a command such as the following.

device(config)# arp 1 10.53.4.2 0000.0054.2348 ethernet 1/1/2

Syntax: arp num ip-addr mac-addr ethernet port

The num variable

species the entry number. You can specify a number from 1 up to the maximum number of static entries allowed on

the device.

The ip-addr variable species the IP address of the device that has the MAC address of the entry.

The mac-addr variable species the MAC address of the entry.

Changing the maximum number of entries the static ARP table can hold

NOTE

The basic procedure for changing the static ARP table size is the same as the procedure for changing other congurable cache or table sizes.

To increase the maximum number of static ARP table entries you can congure on a Brocade Layer 3 switch, enter commands such as the following at the global CONFIG level of the CLI.

device(config)# system-max ip-static-arp 1000 device(config)# write memory device(config)# end device# reload

NOTE

You must save the conguration to the startup-cong le and reload the software after changing the static ARP table size to place the change into eect.

Syntax: system-max ip-static-arp num

The num variable indicates the maximum number of static ARP entries and can be within one of these ranges, depending on the software version running on the device.

TABLE 3 Static ARP entry support

Device Default maximum Congurable minimum Congurable maximum

ICX 7250 512 512 6000

ICX 7450 512 512 6000

ICX 7750 512 512 6000

Enabling learning gratuitous ARP

Learning gratuitous ARP enables Brocade Layer 3 devices to learn ARP entries from incoming gratuitous ARP packets from the hosts which are directly connected. This help achieve faster convergence for the hosts when they are ready to send trac.

A new ARP entry is created when a gratuitous ARP packet is received. If the ARP is already existing, it will be updated with the new content.

To enable learning gratuitous ARP, enter the following command at the device conguration level.

Brocade (config)# ip arp learn-gratuitous-arp

Syntax: [no] ip arp learn-gratuitous-arp

The no form of the command disables learning gratuitous ARP from the device.

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 27

ARP parameter conguration

Use the show run command to see whether ARP is enabled or disabled. Use the show arp command to see the newly learned ARP entries.

Use the clear arp command to clear learned ARP entries. Static ARP entries are not removed.

ARP Packet Validation

Validates ARP packets to avoid

To avoid trac interruption or loss, ARP Packet Validation allows the user to detect and drop ARP packets that do not pass the ARP validation process. ARP Packet Validation is disabled by default and can be enabled at the global conguration level. This functionality can be congured for the destination MAC address, the IP address and the source MAC address or with a combination of these parameters. The Ethernet header contains the destination MAC address and source MAC address, while the ARP packet contains the sender hardware address and target hardware address.

Follow these steps to perform checks on the incoming ARP packets.

1. Enter the global conguration mode.

2. Run the ip arp inspection validate [dst-mac | ip | src-mac] command to perform a check on any incoming ARP packets. Use one of the following parameters to run the validation check:

• dst-mac

The destination MAC address in the Ethernet header must be the same as the target hardware address in the ARP body. This validation is performed for the ARP response packet. When the destination MAC address validation is enabled, the packets with dierent MAC addresses are classied as invalid and are dropped.

• src-mac

The source MAC address in the Ethernet header and the sender hardware address in the ARP body must be the same. This validation is performed for the ARP request and response packets. When the source MAC validation is enabled, the packets with dierent MAC addresses are classied as invalid and are dropped.

• ip

Each ARP packet has a sender IP address and target IP address. The target IP address cannot be invalid or an unexpected IP address in the ARP response packet. The sender IP address cannot be an invalid or an unexpected IP address in the ARP request and response packets. Addresses include 0.0.0.0, 255.255.255.255, and all IP multicast addresses. When the IP address validation is enabled, the packets with invalid and unexpected IP addresses are classied as invalid and are dropped.

trac interruption or loss.

The following example shows ARP packets being validated for the destination MAC address.

device(config)# configuration terminal device(config)#ip arp inspection validate dst-mac

Ingress ARP packet priority

You can volume. Ingress ARP packets have a default priority value of 4. At the default priority value, ingress ARP packets may get dropped because of high trac volume or non-ARP packets with higher priority values. This can cause devices to become unreachable. If the ingress ARP packets have higher priority values than the default priority value, a high volume of ARP trac may lead to drops in control trac. This may cause trac loops in the network.

28 53-1003903-04

congure the priority of the ingress ARP packets to an optimum value that depends on your network conguration and trac

NOTE

You cannot change the priority of the ingress ARP packets on the management port.

Brocade FastIron Layer 3 Routing Conguration Guide

Reverse Address Resolution Protocol conguration

Conguring the priority of ingress ARP packets

To congure the priority of ingress ARP packets, use the arp-internal-priority priority-value command in global conguration mode.

The following example shows the priority of ingress ARP packets set to level 7.

Brocade(config)# arp-internal-priority 7

Displaying the ARP table

To display the ARP table, enter the show arp command.

device# show arp Total number of ARP entries: 2 Entries in default routing instance: No. IP Address MAC Address Type Age Port Status 1 10.1.1.100 0000.0000.0100 Dynamic 0 1/1/1*2/1/25 Valid 2 10.37.69.129 02e0.5215.cae3 Dynamic 0 mgmt1 Valid

The command displays all ARP entries in the system.

Syntax: show arp

Reverse Address Resolution Protocol conguration

The Reverse Address Resolution Protocol (RARP) provides a simple mechanism for directly-attached IP hosts to boot over the network. RARP allows an IP host that does not have a means of storing its IP address across power cycles or software reloads to query a directlyattached router for an IP address.

RARP is enabled by default. However, you must create a RARP entry for each host that will use the Layer 3 switch for booting. A RARP entry consists of the following information:

• The entry number - The entry sequence number in the RARP table.

• The MAC address of the boot client.

• The IP address you want the Layer 3 switch to give to the client.

When a client sends a RARP broadcast requesting an IP address, the Layer 3 switch responds to the request by looking in the RARP table for an entry that contains the client MAC address:

• If the RARP table contains an entry for the client, the Layer 3 switch sends a unicast response to the client that contains the IP address associated with the client MAC address in the RARP table.

• If the RARP table does not contain an entry for the client, the Layer 3 switch silently discards the RARP request and does not reply to the client.

How RARP Diers from BootP and DHCP

RARP, BootP, and DHCP are dierent methods for providing IP addresses to IP hosts when they boot. These methods dier in the following ways:

• Location of congured host addresses

– RARP requires static conguration of the host IP addresses on the Layer 3 device. The Layer 3 device replies directly to a

host request by sending an IP address you have congured in the RARP table.

Brocade FastIron Layer 3 Routing Conguration Guide 53-1003903-04 29

Reverse Address Resolution Protocol conguration

– The Layer 3 device forwards BootP and DHCP requests to a third-party BootP/DHCP server that contains the IP

addresses and other host conguration information.

• Connection of host to boot source (Layer 3 device or BootP/DHCP server)

– RARP requires the IP host to be directly attached to the Layer 3 device. – An IP host and the BootP/DHCP server can be on dierent networks and on dierent routers as long as the routers are

congured to forward ("help") the host boot request to the boot server.

– You can centrally congure other host parameters on the BootP/DHCP server and supply those parameters to the host

along with its IP address.

To congure the Layer 3 device to forward BootP/DHCP requests when boot clients and boot servers are on dierent subnets on dierent Layer 3 device interfaces, refer to the DHCP client section in the Brocade FastIron Conguration Guide.

Disabling RARP

RARP is enabled by default. To disable RARP, enter the following command at the global CONFIG level.

device(config)# no ip rarp

Syntax: [no] ip rarp

To re-enable RARP, enter the following command.

device(config)# ip rarp

Creating static RARP entries

You must congure the RARP entries for the RARP table. The Layer 3 switch can send an IP address in reply to a client RARP request only if create a RARP entry for that client.

To assign a static IP RARP entry for static routes on a Brocade router, enter a command such as the following.

device(config)# rarp 1 0000.0054.2348 10.53.4.2

This command creates a RARP entry for a client with MAC address 0000.0054.2348. When the Layer 3 switch receives a RARP request from this client, the Layer 3 switch replies to the request by sending IP address 192.53.4.2 to the client.

Syntax: rap number mac-addr ip-addr

The number parameter identies the RARP entry number. You can specify an unused number from 1 to the maximum number of RARP entries supported on the device. To determine the maximum number of entries supported on the device, refer to the section "Displaying and modifying system parameter default settings" in the Brocade FastIron Platform and Layer 2 Switching Conguration Guide.

The mac-addr parameter species the MAC address of the RARP client.

The ip-addr parameter species the IP address the Layer 3 switch will give the client in response to the client RARP request.

Changing the maximum number of static RARP entries supported

The number of RARP entries the Layer 3 switch supports depends on how much memory the Layer 3 switch has. To determine how many RARP entries your Layer 3 switch can have, display the system default information using the procedure in the section "Displaying system parameter default values" in the Brocade FastIron Platform and Layer 2 Switching

Conguration Guide.

If your Layer 3 switch allows you to increase the maximum number of RARP entries, you can use a procedure in the same section to do so.

30 53-1003903-04

Brocade FastIron Layer 3 Routing Conguration Guide

+ 453 hidden pages

Brocade Communications Systems ICX 7250 Series, ICX 7450 Series, ICX 7750 Series Configuration Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Preface

Document conventions

Text formatting conventions

Command syntax conventions

Brocade resources

Notes, cautions, and warnings

Document feedback

Contacting Brocade Technical Support

Brocade customers

Brocade OEM customers

About This Document

Supported hardware and software

What’s new in this document

How command information is presented in this guide

ARP - Address Resolution Protocol

How ARP works

Rate limiting ARP packets

Changing the ARP aging period

Enabling proxy ARP

Enabling proxy ARP globally

Enabling IP ARP on an interface

Creating static ARP entries

Enabling learning gratuitous ARP

ARP Packet Validation

Ingress ARP packet priority

Displaying the ARP table

Disabling RARP

Creating static RARP entries

Changing the maximum number of static RARP entries supported