Page 1
DIGITAL GIGAswitch/Router
User Reference Manual
Part Number: 9032684-03
December 1999
This manual describes how to use the DIGITAL GIGAswitch/Router
(GSR).
Revision/Update Information: This is a revised document.
Page 2
Changes
Cabletron Systems reserves the right to make changes in specifications and other information
contained in this document without prior notice. The reader should in all cases consult Cabletron
Systems to determine whether any such changes have been made.
The hardware, firmware, or software described in this manual is subject to change without notice.
Disclaimer
IN NO EVENT SHALL CABLETRON SYSTEMS BE LIABLE FOR ANY INCIDENTAL, INDIRECT,
SPECIAL, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED
TO LOST PROFITS) ARISING OUT OF OR RELATED TO THIS MANUAL OR THE INFORMATION
CONTAINED IN IT, EVEN IF CABLETRON SYSTEMS HAS BEEN ADVISED OF, KNOWN, OR
SHOULD HAVE KNOWN, THE POSSIBILITY OF SUCH DAMAGES.
Copyright
© 1999 by Cabletron Systems, Inc. All rights reserved.
Printed in the United States of America
Trademarks
Apple, AppleTalk, and Macintosh are registered trademarks of Apple Computer, Inc.
Cabletron Systems is registered trademark and Cabletron, clearVISN, and GIGAswitch are trademarks
of Cabletron Systems, Inc.
EtherChannel is a registered trademark of Cicsco Systems, Inc.
DIGITAL Equipment Corporation, DEC, and the DIGITAL Equipment Corporation logo are registered
trademarks and DECnet is a trademark of DIGITAL Equipment Corporation Equipment Corporation.
Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corporation.
Java is a trademark of Sun Microsytems, Inc.
All other product names mentioned in this manual may be trademarks or registered trademarks of
their respective companies.
Page 3
FCC Notice — Class A Computing Device
FCC Notice — Class A Computing Device
This equipment generates, uses, and may emit radio frequency energy. The equipment has been type
tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of FCC
rules, which are designed to provide reasonable protection against such radio frequency interference.
Operation of this equipment in a residential area may cause interference in which case the user at his
own expense will be required to take whatever measures may be required to correct the interference.
Any modifications to this device - unless expressly approved by the manufacturer - can void the user's
authority to operate this equipment under part 15 of the FCC rules.
Industry Canada Notice
This digital apparatus does not exceed the Class A limits for radio noise emissions from digital
apparatus set out in the Radio Interference Regulations of the Canadian Department of
Communications.
Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables
aux appareils numériques de la class A prescrites dans le Règlement sur le brouillage radioélectrique
édicté par le ministère des Communications du Canada.
NOTICE: The Industry Canada label identifies certified equipment. This certification means that the
equipment meets telecommunications network protective, operational and safety requirements as
prescribed in the appropriate Terminal Equipment Technical Requirements document(s). The
department does not guarantee the equipment will operate to the user’s satisfaction.
Before installing this equipment, users should ensure that it is permissible to be connected to the
facilities of the local telecommunications company. The equipment must also be installed using an
acceptable method of connection. The customer should be aware that compliance with the above
conditions may not prevent degradation of service in some situations.
Repairs to certified equipment should be coordinated by a representative designated by the supplier.
Any repairs or alterations made by the user to this equipment, or equipment malfunctions, may give
the telecommunications company cause to request the user to disconnect the equipment.
Users should ensure for their own protection that the electrical ground connections of the power
utility, telephone lines and internal metallic water pipe system, if present, are connected together. This
precaution may be particularly important in rural areas. Caution: Users should not attempt to make
such connections themselves, but should contact the appropriate electric inspection authority, or
electrician, as appropriate.
NOTICE: The Ringer Equivalence Number (REN) assigned to each terminal device provides an
indication of the maximum number of terminals allowed to be connected to a telephone interface. The
termination on an interface may consist of any combination of devices subject only to the requirement
that the sum of the ringer equivalence Numbers of all the devices does not exceed 5.
iii
Page 4
VCCI Notice — Class A Computing Device
VCCI Notice — Class A Computing Device
This equipment is a Class A product (information equipment to be used in commercial and/or
industrial areas) and conforms to the standards set by the Voluntary Control Council for Interference
by Data Processing Equipment and Electronic Office Machines aimed at preventing radio interference
in commercial and/or industrial areas. Consequently, when used in a residential area or in an adjacent
area thereto, radio interference may be caused to radios and TV receivers. Read the instructions for
correct handling.
Taiwanese Notice — Class A Computing Device
CE Notice — Class A Computing Device
Warning!
This is a Class A product. In a domestic environment, this product may cause radio interference, in
which case the user may be required to take adequate measures.
Achtung!
Dieses ist ein Gerät der Funkstörgrenzwertklasse A. In Wohnbereichen können bei Betrieb dieses Gerätes
Rundfunkstörungen auftreten, in welchen Fällen der Benutzer für entsprechende Gegenma
verantwortlich ist.
Avertissement!
Cet appareil est un appareil de Classe A. Dans un environnement résidentiel cet appareil peut provoquer
des brouillages radioélectriques. Dans ce cas, il peut être demandé à l'utilisateur de prendre les mesures
appropriées.
iv
nahmen
ß
Page 5
Cabletron Systems, Inc. Program License Agreement
Cabletron Systems, Inc. Program License Agreement
IMPORTANT: Before utilizing this product, carefully read this License Agreement.
This document is an agreement between you, the end user, and Cabletron Systems, Inc. (“Cabletron”)
that sets forth your rights and obligations with respect to the Cabletron software program (the
“Program”) contained in this package. The Program may be contained in firmware, chips or other
media. BY UTILIZING THE ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME BOUND
BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE
LIMITATION OF WARRANTY AND DISCLAIMER OF LIABILITY. IF YOU DO NOT AGREE TO THE
TERMS OF THIS AGREEMENT, PROMPTLY RETURN THE UNUSED PRODUCT TO THE PLACE
OF PURCHASE FOR A FULL REFUND.
Cabletron Software Program License
1. LICENSE. You have the right to use only the one (1) copy of the Program provided in this package
subject to the terms and conditions of this License Agreement.
You may not copy, reproduce or transmit any part of the Program except as permitted by the
Copyright Act of the United States or as authorized in writing by Cabletron.
2. OTHER RESTRICTIONS
3. APPLICABLE LAW
and in the state and federal courts of New Hampshire. You accept the personal jurisdiction and
venue of the New Hampshire courts.
. You may not reverse engineer, decompile, or disassemble the Program.
. This License Agreement shall be interpreted and governed under the laws
Exclusion of Warranty and Disclaimer of Liability
1. EXCLUSION OF WARRANTY. Except as may be specifically provided by Cabletron in writing,
Cabletron makes no warranty, expressed or implied, concerning the Program (including its
documentation and media).
CABLETRON DISCLAIMS ALL WARRANTIES, OTHER THAN THOSE SUPPLIED TO YOU BY
CABLETRON IN WRITING, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT
LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE, WITH RESPECT TO THE PROGRAM, THE ACCOMPANYING
WRITTEN MATERIALS, AND ANY ACCOMPANYING HARDWARE.
2. NO LIABILITY FOR CONSEQUENTIAL DAMAGES
ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT
LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS, BUSINESS INTERRUPTION,
LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR
RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE OR INABILITY TO USE
THIS CABLETRON PRODUCT, EVEN IF CABLETRON HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME STATES DO NOT ALLOW THE
EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL
DAMAGES, OR ON THE DURATION OR LIMITATION OF IMPLIED WARRANTIES, IN SOME
INSTANCES THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU.
. IN NO EVENT SHALL CABLETRON OR
v
Page 6
SAFETY INFORMATION
United States Government Restricted Rights
The enclosed product (a) was developed solely at private expense; (b) contains “restricted computer
software” submitted with restricted rights in accordance with Section 52227-19 (a) through (d) of the
Commercial Computer Software - Restricted Rights Clause and its successors, and (c) in all respects is
proprietary data belonging to Cabletron and/or its suppliers.
For Department of Defense units, the product is licensed with “Restricted Rights” as defined in the
DoD Supplement to the Federal Acquisition Regulations, Section 52.227-7013 (c) (1) (ii) and its
successors, and use, duplication, disclosure by the Government is subject to restrictions as set forth in
subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at 252.227-7013.
Cabletron Systems, Inc., 35 Industrial Way, Rochester, New Hampshire 03867-0505.
SAFETY INFORMATION
CLASS 1 LASER TRANSCEIVERS
The DGSRF-AA 100Base-FX Module, DGSRS-AA 1000Base-LX Module, and DGSRL-AA 1000BaseLX Module use Class 1 Laser transceivers. Read the following safety information before installing
or operating these modules.
The Class 1 laser transceivers use an optical feedback loop to maintain Class 1 operation limits. This
control loop eliminates the need for maintenance checks or adjustments. The output is factory set, and
does not allow any user adjustment. Class 1 Laser transceivers comply with the following safety
standards:
• 21 CFR 1040.10 and 1040.11 U.S. Department of Health and Human Services (FDA).
• IEC Publication 825 (International Electrotechnical Commission).
• CENELEC EN 60825 (European Committee for Electrotechnical Standardization).
When operating within their performance limitations, laser transceiver output meets the Class 1
accessible emission limit of all three standards. Class 1 levels of laser radiation are not considered
hazardous.
Laser Radiation and Connectors
When the connector is in place, all laser radiation remains within the fiber. The maximum amount of
radiant power exiting the fiber (under normal conditions) is -12.6 dBm or 55 x 10
Removing the optical connector from the transceiver allows laser radiation to emit directly from the
optical port. The maximum radiance from the optical port (under worst case conditions) is
0.8 W cm
Do not use optical instruments to view the laser output. The use of optical instruments to view
laser output increases eye hazard. When viewing the output optical port, power must be removed
from the network adapter.
-2
or 8 x 103 W m2 sr-1.
-6
watts.
vi
Page 7
DECLARATION OF CONFORMITY
Application of Council Directive(s): 89/336/EEC
Manufacturer’s Name: Cabletron Systems, Inc.
Manufacturer’s Address: 35 Industrial Way
European Representative Name: Mr. J. Solari
European Representative Address: Cabletron Systems Limited
Conformance to Directive(s)/Product Standards:
SAFETY INFORMATION
73/23/EEC
PO Box 5005
Rochester, NH 03867
Nexus House, Newbury
Business Park
London Road, Newbury
Berkshire RG13 2PZ, England
EC Directive 89/336/EEC
EC Directive 73/23/EEC
EN 55022
EN 50082-1
EN 60950
Equipment Type/Environment: Networking Equipment, for
use in a Commercial or Light
Industrial Environment.
We the undersigned, hereby declare, under our sole responsibility, that the equipment packaged with
this notice conforms to the above directives.
Manufacturer Legal Representative in Europe
Mr. Ronald Fotino Mr. J. Solari
Full Name Full Name
Principal Compliance Engineer Managing Director - E.M.E.A.
Tit le Tit le
Rochester, NH, USA Newbury, Berkshire, England
Location Location
vii
Page 8
Page 9
Contents
Preface.................................................................................................... xxi
About This Manual.............................................................................................................. xxi
Who Should Read This Manual? ....................................................................................... xxi
How to Use This Manual ....................................................................................................xxi
Related Documentation.....................................................................................................xxiii
Correspondence................................................................................................................. .xxiii
Documentation Comments........................................................................................xxiii
Online Services............................................................................................................xxiii
Getting Help........................................................................................................................ xxiv
Chapter 1: DIGITAL GIGAswitch/Router Product Overview .................. 1
Supported Media (Encapsulation Type)...............................................................................3
Supported Routing Protocols.................................................................................................3
Configuring the DIGITAL GIGAswitch/Router.................................................................4
Understanding the Command Line Interface...............................................................4
Basic Line Editing Commands........................................................................................4
Access Modes ....................................................................................................................5
User Mode..........................................................................................................................6
Enable Mode......................................................................................................................7
Configure Mode ................................................................................................................9
Boot PROM Mode...........................................................................................................11
Disabling a Function or Feature....................................................................................11
Loading System Images and Configuration Files .............................................................11
Boot and System Image..................................................................................................11
Configuration Files .........................................................................................................12
Loading System Image Software..................................................................................12
Loading Boot PROM Software......................................................................................14
Activating the Configuration Commands in the Scratchpad...................................14
Copying the Configuration to the Startup Configuration File.................................15
Displaying Configuration Changes..............................................................................16
DIGITAL GIGAswitch/Router User Reference Manual ix
Page 10
Contents
Managing the GSR ................................................................................................................17
Setting the GSR Name................................................................................................... 17
Setting GSR Date and Time .......................................................................................... 17
Configuring NTP............................................................................................................ 18
Configuring the GSR CLI.............................................................................................. 18
Configuring SNMP Services......................................................................................... 18
Configuring DNS ........................................................................................................... 19
Connecting Between the GSR and Other Systems .................................................... 19
Configuring Logging..................................................................................................... 20
Monitoring Configuration.................................................................................................... 20
Chapter 2: Hot Swapping Line Cards and Control Modules ................ 23
Hot Swapping Overview...................................................................................................... 23
Hot Swapping Line Cards.................................................................................................... 24
Deactivating the Line Card........................................................................................... 24
Removing the Line Card............................................................................................... 25
Installing a New Line Card ................................................................................... 25
Hot Swapping One Type of Line Card With Another.............................................. 25
Hot Swapping a Secondary Control Module.................................................................... 26
Deactivating the Control Module................................................................................ 26
Removing the Control Module .................................................................................... 27
Installing the Control Module...................................................................................... 27
Hot Swapping a Switching Fabric Module (GSR-16 only).............................................. 27
Chapter 3: Bridging Configuration Guide ............................................. 29
Bridging Overview................................................................................................................ 29
Spanning Tree (IEEE 802.1d)........................................................................................ 29
Bridging Modes (Flow-Based and Address-Based).................................................. 30
VLAN Overview.................................................................................................................... 30
Port-based VLANs.................................................................................................. 31
MAC-address-based VLANs................................................................................. 31
Protocol-based VLANs........................................................................................... 31
Subnet-based VLANs............................................................................................. 32
Multicast-based VLANs......................................................................................... 32
Policy-based VLANs .............................................................................................. 32
GSR VLAN Support....................................................................................................... 32
VLANs and the GSR............................................................................................... 32
Ports, VLANs, and L3 Interfaces .......................................................................... 33
Access Ports and Trunk Ports (802.1Q support)................................................. 34
Explicit and Implicit VLANs................................................................................. 34
x DIGITAL GIGAswitch/Router User Reference Manual
Page 11
Contents
Configuring GSR Bridging Functions.................................................................................35
Configuring Address-based or Flow-based Bridging ...............................................35
Configuring Spanning Tree...........................................................................................36
Adjusting Spanning-Tree Parameters..........................................................................36
Setting the Bridge Priority......................................................................................37
Setting a Port Priority..............................................................................................37
Assigning Port Costs ...............................................................................................38
Adjusting Bridge Protocol Data Unit (BPDU) Intervals ....................................38
Adjusting the Interval between Hello Times................................................38
Defining the Forward Delay Interval ............................................................38
Defining the Maximum Age ...........................................................................39
Configuring a Port or Protocol based VLAN..............................................................39
Creating a Port or Protocol Based VLAN.............................................................39
Adding Ports to a VLAN........................................................................................39
Configuring VLAN Trunk Ports...................................................................................40
Configuring VLANs for Bridging.................................................................................40
Configuring Layer-2 Filters...........................................................................................40
Monitoring Bridging..............................................................................................................41
Configuration Examples .......................................................................................................42
Creating an IP or IPX VLAN.........................................................................................42
Creating a non-IP/non-IPX VLAN ..............................................................................42
Chapter 4: SmartTRUNK Configuration Guide...................................... 43
Overview.................................................................................................................................43
Configuring SmartTRUNKs .................................................................................................44
Creating a SmartTRUNK...............................................................................................44
Add Physical Ports to the SmartTRUNK ....................................................................45
Specify Traffic Distribution Policy (Optional)............................................................45
Monitoring SmartTRUNKs...................................................................................................46
Example Configurations .......................................................................................................47
Chapter 5: DHCP Configuration Guide.................................................. 49
DHCP Overview ....................................................................................................................49
Configuring DHCP ................................................................................................................50
Configuring an IP Address Pool...................................................................................50
Configuring Client Parameters.....................................................................................50
Configuring a Static IP Address ...................................................................................51
Grouping Scopes with a Common Interface...............................................................51
Configuring DHCP Server Parameters........................................................................52
Updating the Lease Database...............................................................................................52
Monitoring the DHCP Server...............................................................................................52
DHCP Configuration Examples...........................................................................................53
Configuring Secondary Subnets...................................................................................54
Secondary Subnets and Directly-Connected Clients.................................................55
Interacting with Relay Agents.......................................................................................56
DIGITAL GIGAswitch/Router User Reference Manual xi
Page 12
Contents
Chapter 6: IP Routing Configuration Guide .......................................... 59
IP Routing Overview ............................................................................................................ 59
IP Routing Protocols...................................................................................................... 60
Unicast Routing Protocols ..................................................................................... 60
Multicast Routing Protocols.................................................................................. 60
Configuring IP Interfaces and Parameters ........................................................................ 61
Configuring IP Addresses to Ports.............................................................................. 61
Configuring IP Interfaces for a VLAN........................................................................ 61
Specifying Ethernet Encapsulation Method............................................................... 62
Configuring Address Resolution Protocol (ARP) ..................................................... 62
Configuring ARP Cache Entries ........................................................................... 62
Configuring Proxy ARP......................................................................................... 62
Configuring Reverse Address Resolution Protocol (RARP).................................... 63
Specifying IP Interfaces for RARP........................................................................ 63
Defining MAC-to-IP Address Mappings ............................................................ 63
Monitoring RARP ................................................................................................... 64
Configuring DNS Parameters ...................................................................................... 64
Configuring IP Services (ICMP)................................................................................... 65
Configuring IP Helper................................................................................................... 65
Configuring Direct Broadcast....................................................................................... 66
Configuring Denial of Service (DOS).......................................................................... 66
Monitoring IP Parameters............................................................................................. 66
Configuring Router Discovery............................................................................................ 67
Configuration Examples....................................................................................................... 68
Assigning IP/IPX Interfaces......................................................................................... 68
Chapter 7: VRRP Configuration Guide................................................... 69
VRRP Overview..................................................................................................................... 69
Configuring VRRP ................................................................................................................70
Basic VRRP Configuration............................................................................................ 70
Configuration of Router R1................................................................................... 71
Configuration for Router R2.................................................................................. 71
Symmetrical Configuration .......................................................................................... 71
Configuration of Router R1................................................................................... 73
Configuration of Router R2................................................................................... 73
Multi-Backup Configuration ........................................................................................ 74
Configuration of Router R1................................................................................... 75
Configuration of Router R2................................................................................... 76
Configuration of Router R3................................................................................... 77
Additional Configuration ............................................................................................. 78
Setting the Backup Priority.................................................................................... 78
Setting the Advertisement Interval...................................................................... 78
Setting Pre-empt Mode .......................................................................................... 79
Setting an Authentication Key.............................................................................. 79
Monitoring VRRP.................................................................................................................. 80
ip-redundancy trace....................................................................................................... 80
ip-redundancy show...................................................................................................... 80
VRRP Configuration Notes.................................................................................................. 81
xii DIGITAL GIGAswitch/Router User Reference Manual
Page 13
Contents
Chapter 8: RIP Configuration Guide ...................................................... 83
RIP Overview..........................................................................................................................83
Configuring RIP .....................................................................................................................83
Enabling and Disabling RIP ..........................................................................................84
Configuring RIP Interfaces............................................................................................84
Configuring RIP Parameters .........................................................................................85
Configuring RIP Route Preference...............................................................................86
Configuring RIP Route Default-Metric........................................................................86
Monitoring RIP.......................................................................................................................87
Configuration Example.........................................................................................................88
Chapter 9: OSPF Configuration Guide................................................... 89
OSPF Overview ......................................................................................................................89
OSPF Multipath...............................................................................................................90
Configuring OSPF..................................................................................................................90
Enabling OSPF.................................................................................................................90
Configuring OSPF Interface Parameters .....................................................................91
Configuring an OSPF Area............................................................................................92
Configuring OSPF Area Parameters ............................................................................93
Creating Virtual Links....................................................................................................94
Configuring Autonomous System External (ASE) Link Advertisements..............94
Configuring OSPF over Non-Broadcast Multiple Access.........................................95
Monitoring OSPF....................................................................................................................95
OSPF Configuration Examples.............................................................................................97
Exporting All Interface & Static Routes to OSPF.........................................97
Exporting All RIP, Interface & Static Routes to OSPF.................................98
Chapter 10: BGP Configuration Guide................................................. 103
BGP Overview ......................................................................................................................103
The GSR BGP Implementation....................................................................................104
Basic BGP Tasks....................................................................................................................104
Setting the Autonomous System Number ................................................................105
Setting the Router ID....................................................................................................105
Configuring a BGP Peer Group ..................................................................................106
Adding and Removing a BGP Peer............................................................................107
Starting BGP...................................................................................................................107
Using AS-Path Regular Expressions ..........................................................................108
AS-Path Regular Expression Examples..............................................................109
Using the AS Path Prepend Feature...........................................................................110
Notes on Using the AS Path Prepend Feature...................................................110
BGP Configuration Examples ............................................................................................111
BGP Peering Session Example ....................................................................................111
IBGP Configuration Example......................................................................................113
IBGP Routing Group Example.............................................................................114
IBGP Internal Group Example.............................................................................117
EBGP Multihop Configuration Example...................................................................120
Community Attribute Example..................................................................................123
Notes on Using Communities..............................................................................130
DIGITAL GIGAswitch/Router User Reference Manual xiii
Page 14
Contents
Local_Pref Attribute Example.................................................................................... 130
Notes on Using the Local_Pref Attribute .......................................................... 132
Multi-Exit Discriminator Attribute Example ........................................................... 132
EBGP Aggregation Example....................................................................................... 134
Route Reflection Example........................................................................................... 135
Notes on Using Route Reflection........................................................................ 138
Chapter 11: Routing Policy Configuration Guide................................ 139
Route Import and Export Policy Overview..................................................................... 139
Preference......................................................................................................................140
Import Policies.............................................................................................................. 141
Import-Source........................................................................................................ 141
Route-Filter ............................................................................................................ 142
Export Policies .............................................................................................................. 142
Export-Destination................................................................................................ 142
Export-Source ........................................................................................................ 143
Route-Filter ............................................................................................................ 143
Specifying a Route Filter ............................................................................................. 144
Aggregates and Generates.......................................................................................... 145
Aggregate-Destination ......................................................................................... 145
Aggregate-Source.................................................................................................. 145
Route-Filter ............................................................................................................ 146
Authentication.............................................................................................................. 146
Authentication Methods...................................................................................... 147
Authentication Keys and Key Management..................................................... 147
Configuring Simple Routing Policies............................................................................... 148
Redistributing Static Routes ....................................................................................... 148
Redistributing Directly Attached Networks ............................................................ 149
Redistributing RIP into RIP ........................................................................................ 149
Redistributing RIP into OSPF..................................................................................... 149
Redistributing OSPF to RIP ........................................................................................ 150
Redistributing Aggregate Routes .............................................................................. 150
Simple Route Redistribution Examples.................................................................... 150
Example 1: Redistribution into RIP.................................................................... 150
Exporting a Given Static Route to All RIP Interfaces............................... 151
Exporting All Static Routes to All RIP Interfaces...................................... 152
Exporting All Static Routes Except the Default Route to All RIP Interfaces
152
Example 2: Redistribution into OSPF................................................................. 152
Exporting All Interface & Static Routes to OSPF ...................................... 153
Exporting All RIP, Interface & Static Routes to OSPF.............................. 153
Configuring Advanced Routing Policies......................................................................... 154
Export Policies .............................................................................................................. 154
Creating an Export Destination.................................................................................. 156
Creating an Export Source.......................................................................................... 156
Import Policies.............................................................................................................. 156
Creating an Import Source.......................................................................................... 157
Creating a Route Filter ................................................................................................ 157
Creating an Aggregate Route..................................................................................... 158
Creating an Aggregate Destination........................................................................... 159
xiv DIGITAL GIGAswitch/Router User Reference Manual
Page 15
Contents
Creating an Aggregate Source ....................................................................................159
Examples of Import Policies........................................................................................159
Example 1: Importing from RIP...........................................................................159
Importing a Selected Subset of Routes from One RIP Trusted Gateway.....
162
Importing a Selected Subset of Routes from All RIP Peers Accessible Over
a Certain Interface ...................................................................................162
Example 2: Importing from OSPF.......................................................................163
Importing a Selected Subset of OSPF-ASE Routes....................................165
Examples of Export Policies ........................................................................................166
Example 1: Exporting to RIP................................................................................166
Exporting a Given Static Route to All RIP Interfaces................................168
Exporting a Given Static Route to a Specific RIP Interface ......................168
Exporting All Static Routes Reachable Over a Given Interface to a Specific
RIP-Interface.............................................................................................169
Exporting Aggregate-Routes into RIP.........................................................170
Example 2: Exporting to OSPF.............................................................................171
Exporting All Interface & Static Routes to OSPF.......................................172
Exporting All RIP, Interface & Static Routes to OSPF...............................173
Chapter 12: Multicast Routing Configuration Guide ......................... 177
IP Multicast Overview.........................................................................................................177
IGMP Overview ............................................................................................................177
DVMRP Overview........................................................................................................178
Configuring IGMP ...............................................................................................................179
Configuring IGMP on an IP Interface........................................................................179
Configuring IGMP Query Interval.............................................................................179
Configuring IGMP Response Wait Time...................................................................180
Configuring Per-Interface Control of IGMP Membership......................................180
Configuring DVMRP...........................................................................................................180
Starting and Stopping DVMRP...................................................................................181
Configuring DVMRP on an Interface ........................................................................181
Configuring DVMRP Parameters...............................................................................181
Configuring the DVMRP Routing Metric .................................................................182
Configuring DVMRP TTL & Scope............................................................................182
Configuring a DVMRP Tunnel ...................................................................................183
Monitoring IGMP & DVMRP.............................................................................................184
Configuration Examples .....................................................................................................185
Chapter 13: IP Policy-Based Forwarding Configuration Guide.......... 187
Overview...............................................................................................................................187
Configuring IP Policies........................................................................................................188
Defining an ACL Profile ..............................................................................................188
Associating the Profile with an IP Policy ..................................................................189
Creating Multi-statement IP Policies ..................................................................189
Setting Load Distribution for Next-hop Gateways...........................................190
Setting the IP Policy Action..................................................................................190
Checking the Availability of Next-hop Gateways............................................191
DIGITAL GIGAswitch/Router User Reference Manual xv
Page 16
Contents
Applying an IP Policy to an Interface ....................................................................... 192
Applying an IP Policy to Locally Generated Packets ...................................... 192
IP Policy Configuration Examples.................................................................................... 192
Routing Traffic to Different ISPs................................................................................ 192
Prioritizing Service to Customers.............................................................................. 194
Authenticating Users Through a Firewall................................................................ 195
Firewall Load Balancing.............................................................................................. 196
Monitoring IP Policies ........................................................................................................ 197
Chapter 14: Network Address Translation Configuration Guide ...... 201
Overview .............................................................................................................................. 201
Configuring NAT ................................................................................................................ 202
Setting Inside and Outside Interfaces ....................................................................... 202
Setting NAT Rules........................................................................................................ 203
Static........................................................................................................................ 203
Dynamic ................................................................................................................. 203
Managing Dynamic Bindings............................................................................................ 203
NAT and FTP....................................................................................................................... 204
Monitoring NAT..................................................................................................................204
Configuration Examples..................................................................................................... 204
Static Configuration..................................................................................................... 204
Using Static NAT .................................................................................................. 205
Dynamic Configuration............................................................................................... 206
Using Dynamic NAT............................................................................................ 206
Dynamic NAT with IP Overload (PAT) Configuration ......................................... 207
Using Dynamic NAT with IP Overload ............................................................ 208
Dynamic NAT with Outside Interface Redundancy .............................................. 208
Using Dynamic NAT with Matching Interface Redundancy......................... 209
Chapter 15: Web Hosting Configuration Guide.................................. 211
Overview .............................................................................................................................. 211
Load Balancing .................................................................................................................... 212
Configuring Load Balancing ...................................................................................... 212
Creating the Server Group................................................................................... 212
Specifying Load Balancing Policy (Optional)................................................... 213
Adding Servers to the Load Balancing Group.................................................. 213
Setting Server Status.................................................................................................... 213
Load Balancing and FTP ............................................................................................. 214
Allowing Access to Load Balancing Servers............................................................ 214
Setting Timeouts for Load Balancing Mappings..................................................... 215
Displaying Load Balancing Information .................................................................. 215
Configuration Examples ............................................................................................. 216
Web Hosting with One Virtual Group and Multiple Destination Servers... 216
Web Hosting with Multiple Virtual Groups and Multiple Destination Servers
217
Virtual IP Address Ranges .................................................................................. 218
xvi DIGITAL GIGAswitch/Router User Reference Manual
Page 17
Contents
Web Caching.........................................................................................................................219
Configuring Web Caching...........................................................................................219
Creating the Cache Group....................................................................................219
Specifying the Client(s) for the Cache Group (Optional).................................220
Redirecting HTTP Traffic on an Interface..........................................................220
Configuration Example................................................................................................221
Other Configurations ...................................................................................................221
Bypassing Cache Servers ......................................................................................222
Proxy Server Redundancy....................................................................................222
Distributing Frequently-Accessed Sites Across Cache Servers.......................222
Monitoring Web-Caching............................................................................................223
Chapter 16: IPX Routing Configuration Guide.................................... 225
IPX Routing Overview ........................................................................................................225
RIP (Routing Information Protocol)...........................................................................226
SAP (Service Advertising Protocol) ...........................................................................226
Configuring IPX RIP & SAP ...............................................................................................227
IPX RIP............................................................................................................................227
IPX SAP ..........................................................................................................................227
Creating IPX Interfaces ................................................................................................227
IPX Addresses................................................................................................................228
Configuring IPX Interfaces and Parameters.....................................................................228
Configuring IPX Addresses to Ports..........................................................................228
Configuring IPX Interfaces for a VLAN....................................................................228
Specifying IPX Encapsulation Method......................................................................228
Configuring IPX Routing ....................................................................................................229
Enabling IPX RIP...........................................................................................................229
Enabling SAP.................................................................................................................229
Configuring Static Routes............................................................................................229
Configuring Static SAP Table Entries ........................................................................230
Controlling Access to IPX Networks..........................................................................230
Creating an IPX Access Control List...................................................................230
Creating an IPX Type 20 Access Control List....................................................231
Creating an IPX SAP Access Control List ..........................................................231
Creating an IPX GNS Access Control List..........................................................231
Creating an IPX RIP Access Control List............................................................232
Monitoring an IPX Network...............................................................................................232
Configuration Examples .....................................................................................................233
Chapter 17: Access Control List Configuration Guide........................ 235
ACL Basics ............................................................................................................................236
Defining Selection Criteria in ACL Rules..................................................................236
How ACL Rules are Evaluated...................................................................................238
Implicit Deny Rule........................................................................................................238
Allowing External Responses to Established TCP Connections ............................240
Creating and Modifying ACLs...........................................................................................240
Editing ACLs Offline....................................................................................................241
Maintaining ACLs Using the ACL Editor.................................................................242
Using ACLs...........................................................................................................................242
DIGITAL GIGAswitch/Router User Reference Manual xvii
Page 18
Contents
Applying ACLs to Interfaces...................................................................................... 242
Applying ACLs to Services......................................................................................... 243
Using ACLs as Profiles................................................................................................ 244
Using Profile ACLs with the IP Policy Facility................................................. 245
Using Profile ACLs with the Traffic Rate Limiting Facility............................ 246
Using Profile ACLs with Dynamic NAT........................................................... 246
Using Profile ACLs with the Port Mirroring Facility ...................................... 247
Using Profile ACLs with the Web Caching Facility......................................... 248
Redirecting HTTP Traffic to Cache Servers............................................... 248
Preventing Web Objects From Being Cached............................................ 248
Enabling ACL Logging....................................................................................................... 249
Monitoring ACLs.................................................................................................................250
Chapter 18: Security Configuration Guide .......................................... 251
Security Overview...............................................................................................................251
Configuring GSR Access Security..................................................................................... 252
Configuring RADIUS .................................................................................................. 252
Monitoring RADIUS............................................................................................. 253
Configuring TACACS ................................................................................................. 253
Monitoring TACACS............................................................................................ 253
Configuring TACACS Plus......................................................................................... 254
Monitoring TACACS Plus................................................................................... 255
Configuring Passwords............................................................................................... 255
Layer-2 Security Filters....................................................................................................... 255
Configuring Layer-2 Address Filters ........................................................................ 256
Configuring Layer-2 Port-to-Address Lock Filters................................................. 256
Configuring Layer-2 Static Entry Filters................................................................... 257
Configuring Layer-2 Secure Port Filters................................................................... 257
Monitoring Layer-2 Security Filters .......................................................................... 258
Layer-2 Filter Examples............................................................................................... 259
Example 1: Address Filters.................................................................................. 259
Static Entries Example................................................................................... 259
Port-to-Address Lock Examples.................................................................. 260
Example 2: Secure Ports....................................................................................... 260
Layer-3 Access Control Lists (ACLs)................................................................................ 261
Chapter 19: QoS Configuration Guide................................................. 263
QoS & Layer-2/Layer-3/Layer-4 Flow Overview.......................................................... 263
Layer-2 and Layer-3 & Layer-4 Flow Specification................................................. 264
Precedence for Layer-3 Flows .................................................................................... 264
GSR Queuing Policies.................................................................................................. 265
Traffic Prioritization for Layer-2 Flows............................................................................ 265
Configuring Layer-2 QoS............................................................................................ 266
Traffic Prioritization for Layer-3 & Layer-4 Flows......................................................... 266
Configuring IP QoS Policies ....................................................................................... 266
Setting an IP QoS Policy....................................................................................... 267
Specifying Precedence for an IP QoS Policy..................................................... 267
xviii DIGITAL GIGAswitch/Router User Reference Manual
Page 19
Contents
Configuring IPX QoS Policies .....................................................................................267
Setting an IPX QoS Policy.....................................................................................267
Specifying Precedence for an IPX QoS Policy ...................................................268
Configuring GSR Queueing Policy....................................................................................268
Allocating Bandwidth for a Weighted-Fair Queuing Policy..................................268
ToS Rewrite...........................................................................................................................268
Configuring ToS Rewrite for IP Packets....................................................................269
Monitoring QoS....................................................................................................................271
Limiting Traffic Rate............................................................................................................272
Example Configuration................................................................................................272
Displaying Rate Limit Information ............................................................................273
Chapter 20: Performance Monitoring Guide ...................................... 275
Performance Monitoring Overview ..................................................................................275
Configuring the GSR for Port Mirroring ..........................................................................277
Monitoring Broadcast Traffic .............................................................................................277
Chapter 21: RMON Configuration Guide ............................................ 279
RMON Overview .................................................................................................................279
Configuring and Enabling RMON ....................................................................................280
Example of RMON Configuration Commands........................................................280
RMON Groups ..............................................................................................................281
Lite RMON Groups ...............................................................................................282
Standard RMON Groups......................................................................................282
Professional RMON Groups ................................................................................282
Control Tables ...............................................................................................................283
Using RMON ........................................................................................................................284
Configuring RMON Groups...............................................................................................285
Configuration Examples ..............................................................................................287
Displaying RMON Information.........................................................................................289
RMON CLI Filters.........................................................................................................290
Creating RMON CLI Filters .................................................................................291
Using RMON CLI Filters ......................................................................................291
Troubleshooting RMON .....................................................................................................292
Allocating Memory to RMON............................................................................................293
Chapter 22: WAN Configuration Guide............................................... 295
WAN Overview....................................................................................................................295
High-Speed Serial Interface (HSSI) and Standard Serial Interfaces ......................295
Configuring WAN Interfaces......................................................................................296
Primary and Secondary Addresses ............................................................................296
Static, Mapped, and Dynamic Peer IP/IPX Addresses...........................................296
Static Addresses.....................................................................................................296
Mapped Addresses................................................................................................297
Dynamic Addresses...............................................................................................297
Forcing Bridged Encapsulation...................................................................................298
DIGITAL GIGAswitch/Router User Reference Manual xix
Page 20
Contents
Packet Compression..................................................................................................... 298
Average Packet Size.............................................................................................. 299
Nature of the Data ................................................................................................ 299
Link Integrity......................................................................................................... 299
Latency Requirements.......................................................................................... 299
Example Configurations ...................................................................................... 300
Packet Encryption ........................................................................................................ 300
WAN Quality of Service.............................................................................................. 300
Source Filtering and ACLs................................................................................... 301
Weighted-Fair Queueing ..................................................................................... 301
Congestion Management..................................................................................... 301
Random Early Discard (RED)...................................................................... 302
Adaptive Shaping.......................................................................................... 302
Frame Relay Overview....................................................................................................... 302
Virtual Circuits ............................................................................................................. 303
Permanent Virtual Circuits (PVCs) .................................................................... 303
Configuring Frame Relay Interfaces for the GSR........................................................... 303
Defining the Type and Location of a Frame Relay and VC Interface................... 303
Setting up a Frame Relay Service Profile.................................................................. 304
Applying a Service Profile to an Active Frame Relay WAN Port......................... 304
Monitoring Frame Relay WAN Ports............................................................................... 305
Frame Relay Port Configuration....................................................................................... 305
Point-to-Point Protocol (PPP) Overview.......................................................................... 307
Use of LCP Magic Numbers....................................................................................... 307
Configuring PPP Interfaces................................................................................................ 308
Defining the Type and Location of a PPP Interface................................................ 308
Setting up a PPP Service Profile................................................................................. 308
Applying a Service Profile to an Active PPP Port................................................... 309
Configuring Multilink PPP Bundles.......................................................................... 310
Compression on MLP Bundles or Links............................................................ 310
Monitoring PPP WAN Ports.............................................................................................. 311
PPP Port Configuration...................................................................................................... 311
WAN Configuration Examples......................................................................................... 313
Simple Configuration File........................................................................................... 313
Multi-Router WAN Configuration............................................................................ 314
Router R1 Configuration File .............................................................................. 315
Router R2 Configuration File .............................................................................. 316
Router R3 Configuration File .............................................................................. 317
Router R4 Configuration File .............................................................................. 318
Router R5 Configuration File .............................................................................. 318
Router R6 Configuration File .............................................................................. 319
xx DIGITAL GIGAswitch/Router User Reference Manual
Page 21
About This Manual
Preface
This manual provides detailed information and procedures for configuring the DIGITAL®
GIGAswitch
in the DIGITAL GIGAswitch/Router Getting Started Guide to install the chassis and perform
basic setup tasks, then return to this manual for more detailed configuration information.
™
/Router software. If you have not yet installed the GSR, use the instructions
Who Should Read This Manual?
Read this manual if you are a network administrator responsible for configuring and
monitoring the GSR.
How to Use This Manual
If You Want To See
Read overview information Chapter 1, ”DIGITAL GIGAswitch/Router
Product Overview”
Hot swap line cards and Control
Modules
Chapter 2, ”Hot Swapping Line Cards and
Control Modules”
Configure bridging Chapter 3, ”Bridging Configuration Guide”
Configure SmartTRUNKs Chapter 4, ”SmartTRUNK Configuration Guide”
Configure Dynamic Host
Configuration Protocol server
Configure IP interfaces and global
routing parameters
Configure VRRP Chapter 7, ”VRRP Configuration Guide”
Configure RIP routing Chapter 8, ”RIP Configuration Guide”
DIGITAL GIGAswitch/Router User Reference Manual xxi
Chapter 5, ”DHCP Configuration Guide”
Chapter 6, ”IP Routing Configuration Guide”
Page 22
Preface
If You Want To See
Configure OSPF routing Chapter 9, ”OSPF Configuration Guide”
Configure BGP routing Chapter 10, ”BGP Configuration Guide”
Configure routing policies Chapter 11, ”Routing Policy Configuration
Guide”
Configure IP multicast routing Chapter 12, ”Multicast Routing Configuration
Guide”
Configure IP policy-based
forwarding
Configure Network Address
Translation
Chapter 13, ”IP Policy-Based Forwarding
Configuration Guide”
Chapter 14, ”Network Address Translation
Configuration Guide”
Configure web hosting Chapter 15, ”Web Hosting Configuration Guide”
Configure IPX routing Chapter 16, ”IPX Routing Configuration Guide”
Configure Access Control Lists Chapter 17, ”Access Control List Configuration
Guide”
Configure security Chapter 18, ”Security Configuration Guide”
Configure QoS (Quality of Service)
Chapter 19, ”QoS Configuration Guide”
parameters
Monitor performance Chapter 20, ”Performance Monitoring Guide”
Configure RMON Chapter 21, ”RMON Configuration Guide”
Configure WAN Chapter 22, ”WAN Configuration Guide”
xxii DIGITAL GIGAswitch/Router User Reference Manual
Page 23
Related Documentation
The DIGITAL GIGAswitch/Router documentation set includes the following items. Refer
to these other documents to learn more about your product.
For Information About See the
Installing and setting up the GSR DIGITAL GIGAswitch/Router Getting Started
Preface
Guide
Managing the GSR using DIGITAL’s
element management application
The complete syntax for all CLI
commands
System messages and SNMP traps DIGITAL GIGAswitch/Router Error Reference
Correspondence
Documentation Comments
If you have comments or suggestions about this manual, send them to the DIGITAL
Network Products Organization.
Attn.: Documentation Project Manager
E-MAIL: doc_quality@lkg.mts.dec.com
Online Services
DIGITAL clearVISN CoreWatch User’s Guide and
the DIGITAL clearVISN CoreWatch online help
DIGITAL GIGAswitch/Router Command Line
Interface Reference Manual
Manual
To locate product-specific information, refer to the DIGITAL Network Products Home
Page on the World Wide Web located at the following addresses:
Americas: http://www.networks.digital.com
Europe: http://www.networks.europe.digital.com
Asia Pacific: http://www.networks.digital.com.au
DIGITAL GIGAswitch/Router User Reference Manual xxiii
Page 24
Preface
Getting Help
To expedite your inquiry when you contact your DIGITAL representative, please provide
the following information:
• Your Name
• Your Company Name
•Address
• Email Address
• Phone Number
• FAX Number
• Detailed description of the issue (including history, what you’ve tried, and conditions
under which you see this occur)
• Hardware module number, software version, and switch configuration (that is, what
part types are in what slots)
xxiv DIGITAL GIGAswitch/Router User Reference Manual
Page 25
Chapter 1
DIGITAL
GIGAswitch/Router
Product Overview
The DIGITAL GIGAswitch/Router provides non-blocking, wire-speed Layer-2
(switching), Layer-3 (routing) and Layer-4 (application) switching. The hardware
provides wire-speed performance regardless of the performance monitoring, filtering, and
Quality of Service (QoS) features enabled by the software. You do not need to accept
performance compromises to run QoS or access control lists (ACLs).
The following table lists the basic hardware and software specifications for the GSR:
Tab le 1.
Throughput GSR-8:
DIGITAL GIGAswitch/Router User Reference Manual 1
GSR
Hardware and software specifications
Feature Specification
• 16-Gbps non-blocking switching fabric
• Up to 15 million packets-per-second routing throughput
GSR-16:
• 32-Gbps non-blocking switching fabric
• Up to 30 million packets-per-second routing throughput
Page 26
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
Tab le 1. GSR Hardware and software specifications (Continued)
Feature Specification
Capacity • 4,096 Virtual LANs (VLANs)
• 3 MB input/output buffering per Gigabit port
• 1 MB input/output buffering per 10/100 port
GSR-8:
• Up to 250,000 routes
• Up to 2,000,000 Layer-4 application flows
• Up to 400,000 Layer-2 MAC addresses
• 20,000 Layer-2 security and access-control filters
GSR-16:
• Up to 250,000 routes
• Up to 4,000,000 Layer-4 application flows
Routing
protocols
Bridging and
VLAN protocols
Media Interface
protocols
Quality of
Service (QoS)
• Up to 800,000 Layer-2 MAC addresses
• 20,000 Layer-2 security and access-control filters
• IP: RIP v1/v2, OSPF, BGP 2, 3, 4
• IPX: RIP, SAP
• Multicast: IGMP, DVMRP
• 802.1d Spanning Tree
• 802.1Q (VLAN trunking)
• 802.3 (10Base-T)
• 802.3u (100Base-TX, 100Base-FX)
• 802.3x (1000Base-SX, 1000Base-LX)
• 802.3z (1000Base-SX, 1000Base-LX)
• Layer-2 prioritization (802.1p)
• Layer-3 source-destination flows
• Layer-4 source-destination flows
• Layer-4 application flows
RMON • RMON v1/v2 for each port
2 DIGITAL GIGAswitch/Router User Reference Manual
Page 27
Supported Media (Encapsulation Type)
Table 1.
Management • SNMP
Port mirroring • Traffic to Control Module
Hot swapping • Power supply (when redundant supply is installed and online)
Load balancing/
sharing
Redundancy • Redundant and hot-swappable power supplies
GSR
Hardware and software specifications (Continued)
Feature Specification
•clearVISN
• Emacs-like Command Line Interface (CLI)
• Traffic from specific ports
• Traffic to specific chassis slots (line cards)
• Cabletron Systems
• Virtual Router Redundancy Protocol (VRRP)
™
CoreWatch Element Manager (GUI)
®
SmartTRUNK support
Supported Media (Encapsulation Type)
The GSR supports the following industry-standard networking media:
• IP: IEEE 802.3 SNAP and Ethernet Type II
• IPX: IEEE 802.3 SNAP, Ethernet Type II, IPX 802.3, 802.2
• 802.1Q VLAN Encapsulation
Supported Routing Protocols
The GSR supports many routing protocols based on open standards. The GSR can receive
and forward packets concurrently from any combination of the following:
• Interior gateway protocols:
– Open Shortest Path First (OSPF) Version 2
– Routing Information Protocol (RIP) Version 1, 2
Chapter6, ”IP Routing Configuration Guide,” describes these protocols in detail.
• Exterior gateway protocol:
– Border Gateway Protocol (BGP) Version 2,3,4
Chapter10, ”BGP Configuration Guide,” describes this protocol in detail.
DIGITAL GIGAswitch/Router User Reference Manual 3
Page 28
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
• Novell IPX routing protocols:
– Routing Information Protocol (RIP)
– Service Advertising Protocol (SAP)
Chapter 16, ”IPX Routing Configuration Guide,” describes these protocols in detail.
Configuring the DIGITAL GIGAswitch/Router
The GSR provides a command line interface (CLI) that allows you to configure and
manage the GSR. The CLI has several command modes, each of which provides a group
of related commands that you can use to configure the GSR and display its status. Some
commands are available to all users; others can be executed only after the user enters an
“Enable” password.
You use the CLI to configure ports, IP/IPX interfaces, routing, switching, security filters
and Quality of Service (QoS) policies.
Understanding the Command Line Interface
The GSR Command Line Interface (CLI) provides access to several different command
modes. Each command mode provides a group of related commands. This chapter
describes how to access and list the commands available in each command mode and
explains the primary uses for each command mode. This chapter also describes the other
features of the user interface.
GSR commands can be entered at a terminal connected to the access server or router using
the command line interface (CLI). The GSR can also be configured using the DIGITAL
clearVISN CoreWatch Java-based management application. Using DIGITAL clearVISN
CoreWatch is described in the DIGITAL clearVISN CoreWatch User’s Guide.
Basic Line Editing Commands
The CLI supports EMACs-like line editing commands. The following table lists some
commonly used commands.
Table 2. Common CLI key commands
Key Sequence Command
Ctrl+A Move cursor to beginning of line
Ctrl+B Move cursor back one character
Ctrl+D Delete character
4 DIGITAL GIGAswitch/Router User Reference Manual
Page 29
Table 2. Common CLI key commands (Continued)
Key Sequence Command
Ctrl+E Move cursor to end of line
Ctrl+F Move cursor forward one character
Ctrl+N Scroll to next command in command history (use the cli show
Ctrl+P Scroll to previous command in command history
Ctrl+U Erase entire line
Ctrl+X Erase from cursor to end of line
Ctrl+Z Exit current access mode to previous access mode
Access Modes
Configuring the DIGITAL GIGAswitch/Router
history command to display the history)
The GSR CLI has four access modes.
• User – Allows you to display basic information and use basic utilities such as ping but
does not allow you to display SNMP, filter, and access control list information or make
other configuration changes. You are in User mode when the command prompt ends
with the
> character:
• Enable – Allows you to display SNMP, filter, and access control information as well as
all the information you can display in User mode. To enter Enable mode, enter the
enable command, then supply the password when prompted. When you are in Enable
mode, the command prompt ends with the
# character:
• Configure – Allows you to make configuration changes. To enter Configure mode, first
enter Enable mode (enable command), then enter the configure command from the
Enable command prompt. When you are in Configure mode, the command prompt
ends with
(config).
• Boot – This mode appears when the GSR the external flash card or the system image is
not found during bootup. You should enter the reboot command to reset the GSR. If
the GSR still fails to bootup, please call DIGITAL Technical Support.
Note:
The command prompt will show the name of the DIGITAL GIGAswitch/Router
in front of the mode character(s). The default name is “gs/r.”
DIGITAL GIGAswitch/Router User Reference Manual 5
Page 30
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
When you are in Configure or Enable mode, enter the exit command or press Ctrl+Z to
exit to the previous access mode.
Note: When you exit Configure mode, the CLI will ask you whether you want to
activate the configuration commands you have issued. If you enter Y (Yes), the
configuration commands you issued are placed into effect and the DIGITAL
GIGAswitch/Router’s configuration is changed accordingly. However, the
changes are not written to the Startup configuration file in the Control Module’s
boot flash and, therefore, are not reinstated after a reboot.
User Mode
After you log in to the GSR, you are automatically in User mode. The User commands
available are a subset of those available in Enable mode. In general, the User commands
allow you to display basic information and use basic utilities such as ping information.
To list the User commands, enter:
List the User commands. ?
The User mode command prompt consists of the GSR name followed by the angle bracket
(>):
gs/r>
The default name is GSR unless it has been changed during initial configuration using the
system set name command. Refer to the DIGITAL GIGAswitch/Router Command Line
Interface Reference Manual for information on the system facility.
6 DIGITAL GIGAswitch/Router User Reference Manual
Page 31
Configuring the DIGITAL GIGAswitch/Router
To list the commands available in User mode, enter a question mark (?) as shown in the
following example:
gs/r> ?
aging - Show L2 and L3 Aging information
cli - Modify the command line interface behavior
dvmrp - Show DVMRP related parameters
enable - Enable privileged user mode
exit - Exit current mode
file - File manipulation commands
help - Describe online help facility
igmp - Show IGMP related parameters
ip-redundancy - Show IP Redundancy information (VRRP)
ipx - Show IPX related parameters
l2-tables - Show L2 Tables information
logout - Log off the system
multicast - Configure Multicast related parameters
ping - Ping utility
pvst - Show Per Vlan Spanning Tree Protocol (PVST)
parameters
sfs - Show SecureFast Switching (SFS) parameters
statistics - Show or clear GSR statistics
stp - Show STP status
telnet - Telnet utility
traceroute - Traceroute utility
vlan - Show VLAN-related parameters
Enable Mode
Enable mode provides more facilities than User mode. You can display critical features
within Enable mode including router configuration, access control lists, and SNMP
statistics. To enter Enable mode, enter the enable command, then supply the password
when prompted.
To list the Enable commands, enter:
List the Enable commands. ?
The Enable mode command prompt consists of the GSR name followed by the pound
sign(#):
gs/r#
DIGITAL GIGAswitch/Router User Reference Manual 7
Page 32
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
To list the commands available in Enable mode, enter a question mark (?) as shown in the
following example:
gs/r# ?
acl - Show L3 Access Control List
aging - Show L2 and L3 Aging information
arp - Show or modify ARP entries
bgp - Show Border Gateway Protocol (BGP) parameters
cli - Modify the command line interface behavior
configure - Enter Configuration Mode
copy - Copy configuration database
dhcp - Configure DHCP server
dvmrp - Show DVMRP related parameters
enable - Enable privileged user mode
exit - Exit current mode
file - File manipulation commands
filters - Show L2 security filters
frame-relay - Display Frame Relay statistics
help - Describe online help facility
http - Show http parameters
igmp - Show IGMP related parameters
interface - Show interface related parameters
ip - Show IP related parameters
ip-policy - Show IP policy information
ip-redundancy - Show IP Redundancy information (VRRP)
ip-router - Show unicast IP Routing related parameters
ipx - Show IPX related parameters
l2-tables - Show L2 Tables information
lfap - Show LFAP parameters
load-balance - Show Load Balancing related parameters and
hosts
logout - Log off the system
mtrace - Multicast Traceroute utility
multicast - Configure Multicast related parameters
nat - Show Network Address Translation related
parameters
ntp - Network Time Protocol (NTP)
ospf - Show/Monitor Open Shortest Path First Protocol
(OSPF).
ping - Ping utility
port - Show or change Port parameters
ppp - Display Point to Point Protocol (PPP)
statistics
pvst - Show Per Vlan Spanning Tree Protocol (PVST)
parameters
qos - Show Quality of Service parameters
radius - Show RADIUS related parameters
rate-limit - Show rate-limit policy information
rdisc - Show Router Discovery Protocol (RIP) parameters
reboot - Reboot the system
rip - Show/Query Routing Information Protocol(RIP)
tables
rmon - Show RMON related parameters
sfs - Show SecureFast Switching (SFS) parameters
8 DIGITAL GIGAswitch/Router User Reference Manual
Page 33
Configuring the DIGITAL GIGAswitch/Router
smarttrunk - Show SmartTRUNK information
snmp - Show SNMP related parameters.
statistics - Show or clear GSR statistics
stp - Show STP status
system - Show system-wide parameters
tacacs - Show TACACS related parameters
tacacs-plus - Show TACACS+ related parameters
telnet - Telnet utility
traceroute - Traceroute utility
vlan - Show VLAN-related parameters
web-cache - Configure web caching parameters
To exit Enable mode and return to User mode, use one of the following commands:
Exit Enable mode.
Configure Mode
Configure mode provides the capabilities to configure all features and functions on the
GSR. You can configure features and functions within Configure mode including router
configuration, access control lists and spanning tree.
To list the Configure commands, enter:
List the Configure commands. ?
The Configure mode command prompt consists of the GSR name followed by the pound
sign (#):
gs/r(config)#
To list the commands available in Configure mode, enter a question mark (?) as shown in
the following example:
exit
Ctrl+Z
gs/r(config)# ?
acl - Configure L3 Access Control List
acl-edit - Edit an ACL in the ACL Editor
acl-policy - Configure ACL policy
aging - Configure L2 and L3 Aging
arp - Configure ARP entries
bgp - Configure Border Gateway Protocol (BGP)
cli - Modify the command line interface behavior
dhcp - Configure DHCP server
dvmrp - Configure DVMRP related parameters
exit - Exit current mode
DIGITAL GIGAswitch/Router User Reference Manual 9
Page 34
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
filters - Configure L2 security filters
frame-relay - Configure wan interface parameters
help - Describe online help facility
igmp - Configure IGMP related parameters
interface - Configure interface related parameters
ip - Configure IP related parameters
ip-policy - Configure IP policy for packet forwarding
ip-redundancy - Configure IP redundancy protocols
ip-router - Configure Unicast Routing Protocol related
parameters
ipx - Configure IPX related parameters
lfap - Configure Lightweight Flow Accounting Protocol
client
load-balance - Configure Load Balancing related parameters
nat - configure network address translation
parameters
ntp - Configure Network Time Protocol (NTP)
parameters
ospf - Configure Open Shortest Path Protocol (OSPF)
port - Configure Port parameters
ppp - Configure wan interface parameters
pvst - Configure Per Vlan Spanning Tree Protocol
(PVST)
qos - Configure Quality of Service parameters
radius - Configure RADIUS related parameters
rate-limit - Configure rate limits for flows
rdisc - Configure Router Discovery Protocol
rip - Configure Routing Information Protocol (RIP)
rmon - Configure RMON related parameters
sfs - Configure SecureFast Switching (SFS) parameters
smarttrunk - Configure SmartTRUNK
snmp - Configure SNMP related parameters.
stp - Configure STP parameters
system - Configure system-wide parameters
tacacs - Configure TACACS related parameters
tacacs-plus - Configure TACACS+ related parameters
vlan - Configure VLAN-related parameters
web-cache - Configure web caching parameters
Special configuration mode commands:
clear - Show configuration commands
diff - Compare active configuration against another
configuration
erase - Erase configuration information
negate - Negate a command or a group of commands
no - Negate matching commands
save - Save configuration information
search - Look up a command in configuration
show - Show configuration commands
10 DIGITAL GIGAswitch/Router User Reference Manual
using line numbers
Page 35
Loading System Images and Configuration Files
To exit Configure mode and return to Enable mode, use one of the following commands:
Exit Configure mode.
Boot PROM Mode
If your GSR does not find a valid system image on the external PCMCIA flash, the system
might enter programmable read-only memory (PROM) mode. You should then reboot the
GSR at the boot PROM to restart the system. If the system fails to reboot successfully,
please call DIGITAL Equipment Corporation Technical Support to resolve the problem.
To reboot the GSR from the ROM monitor mode, enter the following command.
Reboot in Boot PROM mode.
Disabling a Function or Feature
The CLI provides for an implicit negate. This allows for the “disabling” of a feature or
function which has been “enabled”. Use the negate command on a specific line of the
active configuration to “disable” a feature or function which has been enabled. For
example, Spanning Tree Protocol is disabled by default. If after enabling Spanning Tree
Protocol on the DIGITAL GIGAswitch/Router, you want to disable STP, you must specify
the negate command on the line of the active configuration containing the
command.
exit
Ctrl+Z
reboot
stp enable
Loading System Images and Configuration Files
The GSR contains an internal flash on the Control Module and an external PC flash. The
internal flash contains the GSR boot image and user defined configuration files. An
external PC flash contains the system image executed by the Control Module. When a
GSR boots, the boot image is executed first, followed by the system image and finishing
with a configuration file.
Boot and System Image
Only one boot image exists on the internal flash of the GSR Control Module. Multiple
system images can be stored on the external PC flash.
DIGITAL GIGAswitch/Router User Reference Manual 11
Page 36
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
Configuration Files
The GSR uses three special configuration files:
• Active – The commands from the Startup configuration file and any configuration
commands that you have made active from the scratchpad (see below).
Caution:
The active configuration remains in effect only during the current power cycle. If
you power down or reboot the GSR without saving the active configuration changes to
the Startup configuration file, the changes are lost.
• Startup – The configuration file that the GSR uses to configure itself when the system
is powered on.
• Scratchpad – The configuration commands you have entered during a management
session. These commands do not become active until you explicitly activate them.
Because some commands depend on other commands for successful execution, the
GSR scratchpad simplifies system configuration by allowing you to enter
configuration commands in any order, even when dependencies exist. When you
activate the commands in the scratchpad, the GSR sorts out the dependencies and
executes the command in the proper sequence.
Loading System Image Software
By default, the GSR boots using the system image software installed on the Control
Module’s PCMCIA flash card. To upgrade the system software and boot using the
upgraded image, use the following procedure.
1. Display the current boot settings by entering the system show version command:
Here is an example:
gs/r# system show version
Software Information
Software Version : 2.1
Copyright : Copyright (c) 1996-1998 Cabletron Systems, Inc.
Image Information : Version 2.1.0.0 built on Wed Jan 20 19:28:49 1999
Image Boot Location: file:/pc-flash/boot/img8/
Note:
In this example, the location “pc-flash” indicates that the GSR is set to use the
factory-installed software on the flash card.
2. Copy the software upgrade you want to install onto a TFTP server that the GSR can
access. (Use the ping command to verify that the GSR can reach the TFTP server.)
3. Use the system image add command to copy the software upgrade onto the PCMCIA
flash card in the Control Module.
12 DIGITAL GIGAswitch/Router User Reference Manual
Page 37
Loading System Images and Configuration Files
Here is an example:
gs/r# system image add 10.50.11.12 img2100
Downloading image 'img2100' from host '10.50.11.12'
to local image img2100 (takes about 3 minutes)
kernel: 100%
Image checksum validated.
Image added.
4. Enter the system image list command to list the images on the PCMCIA flash card
and verify that the new image is on the card:
Here is an example:
gs/r# system image list
Images currently available:
img2100
5. Use the system image choose command to select the image file the GSR will use the
next time you reboot the switch.
Here is an example:
gs/r# system image choose img2100
Making image img2100 the active image for next reboot
6. Enter the system image list command to verify the change.
Note: You do not need to activate this change.
DIGITAL GIGAswitch/Router User Reference Manual 13
Page 38
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
Loading Boot PROM Software
The GSR boots using the boot PROM software installed on the Control Module’s internal
memory. To upgrade the boot PROM software and boot using the upgraded image, use
the following procedure.
1. Display the current boot settings by entering the system show version command:
Here is an example:
gs/r# system show version
Software Information
Software Version : 2.1
Copyright : Copyright (c) 1996-1999 Cabletron Systems, Inc.
Image Information : Version 2.1.0.0, built on Wed Jan 2022:49:07 1999
Image Boot Location: file:/pc-flash/boot/img2100/
Boot Prom Version : prom-1.0
In this example, the location “pc-flash” indicates that the GSR is set to use the factoryinstalled software on the flash card.
2. Copy the software upgrade you want to install onto a TFTP server that the GSR can
access. (Use the ping command to verify that the GSR can reach the TFTP server.)
3. Use the system promimage upgrade command to copy the boot PROM upgrade onto
the internal memory in the Control Module.
Here is an example:
gs/r# system promimage upgrade 10.50.11.12 prom2
Downloading image 'prom2' from host '10.50.11.12'
to local image prom2 (takes about 3 minutes)
kernel: 100%
Image checksum validated.
Image added.
4. Enter the system show version command to verify that the new boot PROM software
is on the internal memory of the Control Module:
Activating the Configuration Commands in the Scratchpad
The configuration commands you have entered using procedures in this chapter are in the
scratchpad but have not yet been activated. Use the following procedure to activate the
configuration commands in the scratchpad.
1. If you have not already done so, enter the enable command to enter Enable mode in
the CLI.
14 DIGITAL GIGAswitch/Router User Reference Manual
Page 39
Loading System Images and Configuration Files
2. If you have not already done so, enter the configure command to enter Configure
mode in the CLI.
3. Enter the following command:
save active
4. The CLI displays the following message:
Do you want to make the changes Active? [y]
5. Enter yes or y to activate the changes.
Note: If you exit Configure mode (by entering the exit command or pressing Ctrl+Z),
the CLI will ask you whether you want to make the changes in the scratchpad
active.
Copying the Configuration to the Startup Configuration File
After you save the configuration commands in the scratchpad, the Control Module
executes the commands and makes the corresponding configuration changes to the GSR.
However, if you power down or reboot the GSR, the new changes are lost. Use the
following procedure to save the changes into the Startup configuration file so that the GSR
reinstates the changes when you reboot the software.
1. Ensure that you are in the Enable mode by entering the enable command.
2. Enter the following command to copy the configuration changes in the Active
configuration to the Startup configuration:
copy active to startup
3. When the CLI displays the following message, enter yes or y to save the changes.
Are you sure you want to overwrite the Startup configuration? [n]
Note: You also can save active changes to the Startup configuration file from within
Configure mode by entering the save startup command:
The new configuration changes are added to the Startup configuration file stored in the
Control Module’s boot flash.
DIGITAL GIGAswitch/Router User Reference Manual 15
Page 40
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
Displaying Configuration Changes
While in Configure mode, you can display the configuration of the running system as well
as non-activated changes that are in the Scratchpad by entering the following command:
Display running system configuration and non-activated
show
changes in scratchpad.
While in Enable mode, you can display the active configuration of the system by entering
the following command:
Display active configuration of the
system show active-config
system.
The show and system show active-config commands normally display configuration
commands in the order that they are executed. To display the configuration commands in
a different order, enter the following command in Configure mode:
Display configuration commands in
system set show-config alphabetical
alphabetical order.
Whenever you have activated commands in the scratchpad, you can compare the
activated changes with a previously-saved configuration file. To compare the activated
commands with the Startup (or another) configuration file, enter the following command
in Configure mode:
Compare activated commands with
diff <filename>|startup
Startup configuration file.
16 DIGITAL GIGAswitch/Router User Reference Manual
Page 41
Managing the GSR
The GSR contains numerous system facilities for system management. You can perform
configuration management tasks on the GSR including:
• Setting the GSR name
• Setting the GSR date and time
• Configuring NTP
• Configuring the CLI
• Configuring SNMP services
• Configuring DNS
• Connecting between the GSR and other systems
Setting the GSR Name
Managing the GSR
The GSR name is set to gs/r by default. You may customize the name for the GSR by
entering the following command in Configure mode:
Set the GSR name.
Setting GSR Date and Time
The GSR system time can keep track of time as entered by the user or via NTP. To
configure the GSR date and time manually, enter the following command in Enable mode:
Set GSR date and time. system set date year <year> month <month>
system set name <system-name>
day
<day> hour <hour> min <min> second <sec>
DIGITAL GIGAswitch/Router User Reference Manual 17
Page 42
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
Configuring NTP
You can use the ntp set server command to instruct the GSR’s NTP client to periodically
synchronize its clock. By default, the GSR specifies an NTPv3 client that sends a
synchronization packet to the server every 60 minutes. This means the GSR will attempt
to set its own clock against the server once every hour. The synchronization interval as
well as the NTP version number can be changed.
Note:
To configure the GSR’s NTP client to synchronize its clock, enter the following command
in Configure mode:
To ensure that NTP has the correct time, you need to specify the time zone, as
well. You can set the time zone by using the system set timezone command.
When specifying daylight saving time, you’ll need to use the system set daylight-
saving command.
Instruct GSR’s NTP server to
periodically synchronize clock
Configuring the GSR CLI
You can customize the CLI display format to a desired line length or row count. To
configure the CLI terminal display, enter the following command in Enable mode:
Configure the CLI terminal display. cli set terminal rows <num> columns
Configuring SNMP Services
ntp set server <host> [interval <minutes>]
[source
<num>
<ipaddr>] [version <num>]
The GSR accepts SNMP sets and gets from an SNMP manager. You can configure GSR
SNMP parameters including community strings and trap server target addresses.
To configure the GSR SNMP community string, enter the following command in
Configure mode:
Configure the SNMP community string. snmp set community <community-name>
To configure the SNMP trap server target address, enter the following command in
Configure mode:
Configure the SNMP trap server
target address.
18 DIGITAL GIGAswitch/Router User Reference Manual
privilege read|read-write
snmp set target <IP-addr> community
<community-name> [status
enable|disable]
Page 43
Configuring DNS
The GSR allows you to configure up to three Domain Name Service (DNS) servers.
To configure the DNS, enter the following command in Configure mode:
Managing the GSR
Configure DNS.
system set dns server <IPaddr>[,<IPaddr>[,<IPaddr>]]
domain
<name>
Connecting Between the GSR and Other Systems
To test a connection between the GSR and an IP host, enter the following command in
User or Enable mode:
Test connection
between the GSR
and an IP host.
To open a Telnet session from the GSR to an IP host, enter the following command in User
or Enable mode:
Telnet to a specified
IP host.
The GSR accepts up to four telnet sessions. You can immediately end a particular telnet
session (for example, an unauthorized user is logged in to the GSR).
ping <hostname-or-IPaddr> packets <num> size <num> wait
<num> [flood] [dontroute]
telnet <hostname-or-IPaddr> [socket <socket-number>]
To end a user’s telnet session, first determine the session ID by entering the following
command in Enable mode:
Show current
system show users
Telnet sessions.
To end the telnet session, enter the following command in Enable mode:
Kill the Telnet
system kill telnet-session <session-id>
session.
DIGITAL GIGAswitch/Router User Reference Manual 19
Page 44
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
Configuring Logging
During operation, the GSR system software sends messages to the management console.
These messages include informational, warning, error, and fatal messages. Console
messages can also be sent to a syslog server.
To configure a Syslog server, enter the following command in Configure mode:
Configure a Syslog server.
system set syslog [server <hostname-or-
IPaddr>][level <level-type>][facility <facilitytype>][source <source-IPaddr>][buffer-size <size>]
If a syslog server is identified and ACL logging is enabled, then messages about whether
packets are forwarded or dropped because of ACL are sent to the Syslog server.
Chapter 18, ”Security Configuration Guide,” describes ACL logging.
Monitoring Configuration
The GSR provides many commands for displaying configuration information. After you
add configuration items and commit them to the active configuration, you can display
them using the following commands.
Task Command
Display history buffer.
Show terminal settings.
Show all accesses to the SNMP agent.
Show all SNMP information.
cli show history
cli show terminal
snmp show access
snmp show all
Show chassis ID.
Show the SNMP community strings.
Show SNMP related statistics.
Show trap target related configuration.
Show the active configuration of the system.
Show the contents of the boot log file, which
contains all the system messages generated
during bootup.
Show boot PROM parameters for TFTP
downloading of the system image.
20 DIGITAL GIGAswitch/Router User Reference Manual
snmp show chassis-id
snmp show community
snmp show statistics
snmp show trap
system show active-config
system show bootlog
system show bootprom
Page 45
Monitoring Configuration
Task Command
Show the most recent Syslog messages kept in
the local syslog message buffer.
Show usage information about various system
resources.
Show the contact information (administrator
name, phone number, and so on).
Shows the percentage of the CPU that is
currently being used.
Show the GSR date and time.
Show the IP addresses and domain names for
DNS servers.
Show environmental information, such as
temperature and power supply status.
Show GSR hardware information.
Show the GSR’s location.
Show the GSR login banner.
Show the GSR name.
system show syslog buffer
system show capacity
all|chassis|task|cpu|memory
system show contact
system show cpu-utilization
system show date
system show dns
system show environmental
system show hardware
system show location
system show login-banner
system show name
Show the type of Power-On Self Test (POST)
that should be performed.
Show the configuration changes in the
scratchpad. These changes have not yet been
activated.
Show the startup configuration for the next
reboot.
Show the status of the switching fabric
module.
Show the IP address of the SYSLOG server
and the level of messages the GSR sends to the
server.
Lists the last five Telnet connections to the
GSR.
Show the default terminal settings (number of
rows, number of columns, and baud rate.
Show the time zone offset from UCT in
minutes.
system show poweron-selftestmode
system show scratchpad
system show startup-config
system show switching-fabric
system show syslog
system show telnet-access
system show terminal
system show timezone
DIGITAL GIGAswitch/Router User Reference Manual 21
Page 46
Chapter 1: DIGITAL GIGAswitch/Router Product Overview
Task Command
Show GSR uptime.
Show the current Telnet connections to the
GSR.
Show the software version running on the
GSR.
system show uptime
system show users
system show version
22 DIGITAL GIGAswitch/Router User Reference Manual
Page 47
Control Modules
Hot Swapping Overview
This chapter describes the hot swapping functionality of the GSR. Hot swapping is the
ability to replace a line card or Control Module while the GSR is operating. Hot swapping
allows you to remove or install line cards without switching off or rebooting the GSR.
Swapped-in line cards are recognized by the GSR and begin functioning immediately
after they are installed.
Chapter 2
Hot Swapping
Line Cards and
On the GSR-8 and GSR-16, you can hot swap line cards and secondary control modules.
On the GSR-16, you can also hot swap the secondary switching fabric module.
This chapter provides instructions for the following tasks:
• Hot swapping line cards
• Hot swapping secondary Control Modules
• Hot swapping the secondary Switching Fabric Module (GSR-16 only)
DIGITAL GIGAswitch/Router User Reference Manual 23
Page 48
Chapter 2: Hot Swapping Line Cards and Control Modules
Hot Swapping Line Cards
The procedure for hot swapping a line card consists of deactivating the line card,
removing it from its slot in the GSR chassis, and installing a new line card in the slot.
Deactivating the Line Card
To deactivate the line card, do one of the following:
• Press the Hot Swap button on the line card. The Hot Swap button is recessed in the line
card's front panel. Use a pen or similar object to reach it.
When you press the Hot Swap button, the Offline LED lights. Figure 1 shows the
location of the Offline LED and Hot Swap button on a 1000Base-SX line card.
Tx Link
AN
Rx
Offline LED
Offline
Online
Tx Link
Rx
AN
1000BASE-SXDGSRS-AA
21
Hot
Swap
Hot Swap Button
hswapgb_sx
Figure 1. Location of Offline LED and Hot Swap button on a 1000Base-SX line card
•Use the system hotswap out command in the CLI. For example, to deactivate the line
card in slot 7, enter the following command in Enable mode:
gs/r# system hotswap out slot 7
After you enter this command, the Offline LED on the line card lights, and messages
appear on the console indicating the ports on the line card are inoperative.
Note:
If you have deactivated a line card and want to activate it again, simply pull it
from its slot and push it back in again. (Make sure the Offline LED is lit before you
pull out the line card.) The line card is activated automatically.
Alternately, if you have not removed a line card you deactivated with the system
hotswap out command, you can reactivate it with the system hotswap in
command. For example, to reactivate a line card in slot 7, enter the following
command in Enable mode:
gs/r# system hotswap in slot 7
24 DIGITAL GIGAswitch/Router User Reference Manual
Page 49
Removing the Line Card
To remove a line card from the GSR:
1. Make sure the Offline LED on the line card is lit.
Hot Swapping Line Cards
Warning:
GSR to crash.
2. Loosen the captive screws on each side of the line card.
3. Carefully remove the line card from its slot in the GSR chassis.
Installing a New Line Card
To install a new line card:
1. Slide the line card all the way into the slot, firmly but gently pressing the line card
2. Tighten the captive screws on each side of the line card to secure it to the chassis.
Do not remove the line card unless the Offline LED is lit. Doing so can cause the
fully in place to ensure that the pins on the back of the line card are completely seated
in the backplane.
Note:
Once the line card is installed, the GSR recognizes and activates it. The Online LED
button lights.
Make sure the circuit card (and not the metal plate) is between the card
guides. Check both the upper and lower tracks.
Hot Swapping One Type of Line Card With Another
You can hot swap one type of line card with another type. For example, you can replace a
10/100Base-TX line card with a 1000Base-SX line card. The GSR can be configured to
accommodate whichever line card is installed in the slot. When one line card is installed,
configuration statements for that line card are used; when you remove the line card from
the slot and replace it with a different type, configuration statements for the new line card
take effect.
To set this up, you include configuration statements for both line cards in the GSR
configuration file. The GSR determines which line card is installed in the slot and uses the
appropriate configuration statements.
For example, you may have a GSR with a 10/100Base-TX line card in slot 7 and want to
hot swap it with a 1000Base-SX line card. If you include statements for both line cards in
the GSR configuration file, the statements for the 1000Base-SX take effect immediately
after you install it in slot 7.
DIGITAL GIGAswitch/Router User Reference Manual 25
Page 50
Chapter 2: Hot Swapping Line Cards and Control Modules
Hot Swapping a Secondary Control Module
If you have a secondary control module installed on the GSR, you can hot swap it with
another Control Module or line card.
Warning
You can only hot swap an inactive Control Module. You should never remove
:
the active Control Module from the GSR. Doing so will crash the system.
The procedure for hot swapping a control module is similar to the procedure for hot
swapping a line card. You must deactivate the Control Module, remove it from the GSR,
and insert another Control Module or line card in the slot.
Deactivating the Control Module
To deactivate the Control Module:
1. Determine which is the secondary Control Module.
Control Modules can reside in slot CM or slot CM/1 on the GSR. Usually slot CM
contains the primary Control Module, and slot CM/1 contains the secondary Control
Module. On the primary Control Module, the Online LED is lit, and on the secondary
Control Module, the Offline LED is lit.
Note:
The Offline LED on the Control Module has a different function from the
Offline LED on a line card. On a line card, it means that the line card has been
deactivated. On a Control Module, a lit Offline LED means that it is standing
by to take over as the primary Control Module if necessary; it does not mean
that the Control Module has been deactivated.
2. Press the Hot Swap button on the secondary Control Module.
When you press the Hot Swap button, all the LEDs on the Control Module (including
the Offline LED) are deactivated. Figure 2 shows the location of the Offline LED and
Hot Swap button on a Control Module.
DGSRC CONTROL MODULE
Console
10/100 Mgmt
RST
OK
SYS
ERR DIAG
HBT
Hot Swap Button
Online Offline
Hot
Swap
Offline LED
hswapcm
Figure 2. Location of Offline LED and Hot Swap button on a Control Module
26 DIGITAL GIGAswitch/Router User Reference Manual
Page 51
Removing the Control Module
To remove a Control Module from the GSR:
1. Make sure that none of the LEDs on the Control Module are lit.
2. Loosen the captive screws on each side of the Control Module.
3. Carefully remove the Control Module from its slot in the GSR chassis.
Installing the Control Module
To install a new Control Module or line card into the slot:
Hot Swapping a Switching Fabric Module (GSR-16 only)
Note:
1. Slide the Control Module or line card all the way into the slot, firmly but gently
2. Tighten the captive screws on each side of the Control Module or line card to secure it
You can install either a line card or a Control Module in slot CM/1, but you can
install only a Control Module in slot CM.
pressing it fully in place to ensure that the pins on the back of the card are completely
seated in the backplane.
Note:
to the chassis.
On a line card, the Online LED lights, indicating it is now active.
On a secondary Control Module, the Offline LED lights, indicating it is standing by to
take over as the primary Control Module if necessary.
Make sure the circuit card (and not the metal plate) is between the card
guides. Check both the upper and lower tracks.
Hot Swapping a Switching Fabric Module (GSR-16
only)
The GSR-16 has slots for two Switching Fabric Modules. While the GSR-16 is operating,
you can install a second Switching Fabric Module. If two Switching Fabric Modules are
installed, you can hot swap one of them.
When you remove one of the Switching Fabric Modules, the other goes online and stays
online until it is removed or the GSR-16 is powered off. When the GSR-16 is powered on
again, the Switching Fabric Module in slot “Fabric 1”, if one is installed there, becomes the
active Switching Fabric Module.
Warning:
GSR-16. If only one Switching Fabric Module is installed, and you remove it, the GSR-16
will crash.
DIGITAL GIGAswitch/Router User Reference Manual 27
You can only hot swap a Switching Fabric Module if two are installed on the
Page 52
Chapter 2: Hot Swapping Line Cards and Control Modules
The procedure for hot swapping a Switching Fabric Module is similar to the procedure for
hot swapping a line card or Control Module. You deactivate the Switching Fabric Module,
remove it from the GSR, and insert another Switching Fabric Module in the slot.
Note: You cannot deactivate the Switching Fabric Module with the system hotswap
command.
To deactivate the Switching Fabric Module:
1. Press the Hot Swap button on the Switching Fabric Module you want to deactivate.
The Online LED goes out and the Offline LED lights. Figure 3 shows the location of the
Offline LED and Hot Swap button on a Switching Fabric Module.
Offline LED
DGSRD-AA
Offline
Online
Active
Hot
Swap
Hot Swap Button
Switching Fabric
Figure 3. Location of Offline LED and Hot Swap button on a Switching Fabric
Module
To remove the Switching Fabric Module:
1. Loosen the captive screws on each side of the Switching Fabric Module.
2. Pull the metal tabs on the Switching Fabric Module to free it from the connectors
holding it in place in the chassis.
3. Carefully remove the Switching Fabric Module from its slot.
To install a Switching Fabric Module:
1. Slide the Switching Fabric Module all the way into the slot, firmly but gently pressing
to ensure that the pins on the back of the module are completely seated in the
backplane.
Note: Make sure the circuit card (and not the metal plate) is between the card
guides. Check both the upper and lower tracks.
2. Tighten the captive screws on each side of the Switching Fabric Module to secure it to
the chassis.
28 DIGITAL GIGAswitch/Router User Reference Manual
Page 53
Bridging Overview
The DIGITAL GIGAswitch/Router provides the following bridging functions:
• Compliance with the IEEE 802.1d standard
Chapter 3
Bridging
Configuration
Guide
• Compliance with the IGMP multicast bridging standard
• Wire-speed address-based bridging or flow-based bridging
• Ability to logically segment a transparently bridged network into virtual local-area
networks (VLANs), based on physical ports or protocol (IP or IPX or bridged protocols
like Appletalk
• Frame filtering based on MAC address for bridged and multicast traffic
• Integrated routing and bridging, which supports bridging of intra-VLAN traffic and
routing of inter-VLAN traffic
Spanning Tree (IEEE 802.1d)
Spanning tree (IEEE 802.1d) allows bridges to dynamically discover a subset of the
topology that is loop-free. In addition, the loop-free tree that is discovered contains paths
to every LAN segment.
DIGITAL GIGAswitch/Router User Reference Manual 29
®
)
Page 54
Chapter 3: Bridging Configuration Guide
Bridging Modes (Flow-Based and Address-Based)
The GSR provides the following types of wire-speed bridging:
Address-based bridging - The GSR performs this type of bridging by looking up the
destination address in an L2 lookup table on the line card that receives the bridge packet
from the network. The L2 lookup table indicates the exit port(s) for the bridged packet. If
the packet is addressed to the GSR's own MAC address, the packet is routed rather than
bridged.
Flow-based bridging - The GSR performs this type of bridging by looking up an entry in
the L2 lookup table containing both the source and destination addresses of the received
packet in order to determine how the packet is to be handled.
The GSR ports perform address-based bridging by default but can be configured to
perform flow-based bridging instead, on a per-port basis. A port cannot be configured to
perform both types of bridging at the same time.
The GSR performance is equivalent when performing flow-based bridging or addressbased bridging. However, address-based bridging is more efficient because it requires
fewer table entries while flow-based bridging provides tighter management and control
over bridged traffic.
VLAN Overview
Virtual LANs (VLANs) are a means of dividing a physical network into several logical
(virtual) LANs. The division can be done on the basis of various criteria, giving rise to
different types of VLANs. For example, the simplest type of VLAN is the port-based
VLAN. Port-based VLANs divide a network into a number of VLANs by assigning a
VLAN to each port of a switching device. Then, any traffic received on a given port of a
switch belongs to the VLAN associated with that port.
VLANs are primarily used for broadcast containment. A layer-2 (L2) broadcast frame is
normally transmitted all over a bridged network. By dividing the network into VLANs,
the range of a broadcast is limited, i.e., the broadcast frame is transmitted only to the
VLAN to which it belongs. This reduces the broadcast traffic on a network by an
appreciable factor.
30 DIGITAL GIGAswitch/Router User Reference Manual
Page 55
The type of VLAN depends upon one criterion: how a received frame is classified as
belonging to a particular VLAN. VLANs can be categorized into the following types:
• Port based
• MAC address based
• Protocol based
• Subnet based
• Multicast based
• Policy based
Detailed information about these types of VLANs is beyond the scope of this manual.
Each type of VLAN is briefly explained in the following subsections.
Port-based VLANs
Ports of L2 devices (switches, bridges) are assigned to VLANs. Any traffic received by a
port is classified as belonging to the VLAN to which the port belongs. For example, if
ports 1, 2, and 3 belong to the VLAN named “Marketing”, then a broadcast frame received
by port 1 is transmitted on ports 2 and 3. It is not transmitted on any other port.
VLAN Overview
MAC-address-based VLANs
In this type of VLAN, each switch (or a central VLAN information server) keeps track of
all MAC addresses in a network and maps them to VLANs based on information
configured by the network administrator. When a frame is received at a port, its
destination MAC address is looked up in the VLAN database. The VLAN database
returns the name of the VLAN to which this frame belongs.
This type of VLAN is powerful in the sense that network devices such as printers and
workstations can be moved anywhere in the network without the need for network
reconfiguration. However, the administration is intensive because all MAC addresses on
the network need to be known and configured.
Protocol-based VLANs
Protocol-based VLANs divide the physical network into logical VLANs based on
protocol. When a frame is received at a port, its VLAN is determined by the protocol of
the packet. For example, there could be separate VLANs for IP, IPX and Appletalk. An IP
broadcast frame will only be sent to all ports in the IP VLAN.
DIGITAL GIGAswitch/Router User Reference Manual 31
Page 56
Chapter 3: Bridging Configuration Guide
Subnet-based VLANs
Subnet-based VLANs are a subset of protocol based VLANs and determine the VLAN of a
frame based on the subnet to which the frame belongs. To do this, the switch must look
into the network layer header of the incoming frame. This type of VLAN behaves similar
to a router by segregating different subnets into different broadcast domains.
Multicast-based VLANs
Multicast-based VLANs are created dynamically for multicast groups. Typically, each
multicast group corresponds to a different VLAN. This ensures that multicast frames are
received only by those ports that are connected to members of the appropriate multicast
group.
Policy-based VLANs
Policy-based VLANs are the most general definition of VLANs. Each incoming
(untagged) frame is looked up in a policy database, which determines the VLAN to which
the frame belongs. For example, you could set up a policy which creates a special VLAN
for all email traffic between the management officers of a company, so that this traffic will
not be seen anywhere else.
GSR VLAN Support
The GSR supports:
• Port-based VLANs
• Protocol-based VLANs
• Subnet-based VLANs
When using the GSR as an L2 bridge/switch, use the port-based and protocol-based
VLAN types. When using the GSR as a combined switch and router, use the subnet-based
VLANs in addition to port-based and protocol-based VLANs. It is not necessary to
remember the types of VLANs in order to configure the GSR, as seen in the section on
configuring the GSR.
VLANs and the GSR
VLANs are an integral part of the GSR family of switching routers. The GSR switching
routers can function as layer-2 (L2) switches as well as fully-functional layer-3 (L3)
routers. Hence they can be viewed as a switch and a router in one box. To provide
maximum performance and functionality, the L2 and L3 aspects of the GSR switching
routers are tightly coupled.
32 DIGITAL GIGAswitch/Router User Reference Manual
Page 57
VLAN Overview
The GSR can be used purely as an L2 switch. Frames arriving at any port are bridged and
not routed. In this case, setting up VLANs and associating ports with VLANs is all that is
required. You can set up the GSR switching router to use port-based VLANs, protocolbased VLANs, or a mixture of the two types.
The GSR can also be used purely as a router, i.e., each physical port of the GSR is a
separate routing interface. Packets received at any interface are routed and not bridged. In
this case, no VLAN configuration is required. Note that VLANs are still created implicitly
by the GSR as a result of creating L3 interfaces for IP and/or IPX. However, these implicit
VLANs do not need to be created or configured manually. The implicit VLANs created by
the GSR are subnet-based VLANs.
Most commonly, a GSR is used as a combined switch and router. For example, it may be
connected to two subnets S1 and S2. Ports 1-8 belong to S1 and ports 9-16 belong to S2.
The required behavior of the GSR is that intra-subnet frames be bridged and inter-subnet
packets be routed. In other words, traffic between two workstations that belong to the
same subnet should be bridged, and traffic between two workstations that belong to
different subnets should be routed.
The GSR switching routers use VLANs to achieve this behavior. This means that a L3
subnet (i.e., an IP or IPX subnet) is mapped to a VLAN. A given subnet maps to exactly
one and only one VLAN. With this definition, the terms VLAN and subnet are almost
interchangeable.
To configure a GSR as a combined switch and router, the administrator must create
VLANs whenever multiple ports of the GSR are to belong to a particular VLAN/subnet.
Then the VLAN must be bound to an L3 (IP/IPX) interface so that the GSR knows which
VLAN maps to which IP/IPX subnet.
Ports, VLANs, and L3 Interfaces
The term port refers to a physical connector on the GSR, such as an ethernet port. Each
port must belong to at least one VLAN. When the GSR is unconfigured, each port belongs
to a VLAN called the “default VLAN”. By creating VLANs and adding ports to the
created VLANs, the ports are moved from the default VLAN to the newly created VLANs.
Unlike traditional routers, the GSR has the concept of logical interfaces rather than
physical interfaces. An L3 interface is a logical entity created by the administrator. It can
contain more than one physical port. When an L3 interface contains exactly one physical
port, it is equivalent to an interface on a traditional router. When an L3 interface contains
several ports, it is equivalent to an interface of a traditional router which is connected to a
layer-2 device such as a switch or bridge.
DIGITAL GIGAswitch/Router User Reference Manual 33
Page 58
Chapter 3: Bridging Configuration Guide
Access Ports and Trunk Ports (802.1Q support)
The ports of a GSR can be classified into two types, based on VLAN functionality: access
ports and trunk ports. By default, a port is an access port. An access port can belong to at
most one VLAN of the following types: IP, IPX or bridged protocols. The GSR can
automatically determine whether a received frame is an IP frame, an IPX frame or neither.
Based on this, it selects a VLAN for the frame. Frames transmitted out of an access port
are untagged, meaning that they contain no special information about the VLAN to which
they belong. Untagged frames are classified as belonging to a particular VLAN based on
the protocol of the frame and the VLAN configured on the receiving port for that protocol.
For example, if port 1 belongs to VLAN IPX_VLAN for IPX, VLAN IP_VLAN for IP and
VLAN OTHER_VLAN for any other protocol, then an IP frame received by port 1 is
classified as belonging to VLAN IP_VLAN.
Trunk ports (802.1Q) are usually used to connect one VLAN-aware switch to another.
They carry traffic belonging to several VLANs. For example, suppose that GSR A and B
are both configured with VLANs V1 and V2.
Then a frame arriving at a port on GSR A must be sent to GSR B, if the frame belongs to
VLAN V1 or to VLAN V2. Thus the ports on GSR A and B which connect the two GSRs
together must belong to both VLAN V1 and VLAN V2. Also, when these ports receive a
frame, they must be able to determine whether the frame belongs to V1 or to V2. This is
accomplished by “tagging” the frames, i.e., by prepending information to the frame in
order to identify the VLAN to which the frame belongs. In the GSR switching routers,
trunk ports always transmit and receive tagged frames only. The format of the tag is
specified by the IEEE 802.1Q standard. The only exception to this is Spanning Tree
Protocol frames, which are transmitted as untagged frames.
Explicit and Implicit VLANs
As mentioned earlier, VLANs can either be created explicitly by the administrator (explicit
VLANs) or are created implicitly by the GSR when L3 interfaces are created (implicit
VLANs).
34 DIGITAL GIGAswitch/Router User Reference Manual
Page 59
Configuring GSR Bridging Functions
Configuring GSR Bridging Functions
Configuring Address-based or Flow-based Bridging
The GSR ports perform address-based bridging by default but can be configured to
perform flow-based bridging instead of address-based bridging, on a per-port basis. A
port cannot be configured to perform both types of bridging at the same time.
The GSR performance is equivalent when performing flow-based bridging or addressbased bridging. However, address-based bridging is more efficient because it requires
fewer table entries while flow-based bridging provides tighter management and control
over bridged traffic.
For example, the following illustration shows a GSR with traffic being sent from port A to
port B, port B to port A, port B to port C, and port A to port C.
GSR
ABC
The corresponding bridge tables for address-based and flow-based bridging are shown
below. As shown, the bridge table contains more information on the traffic patterns when
flow-based bridging is enabled compared to address-based bridging.
Address-Based Bridge Table Flow-Based Bridge Table
A (source) A
B (source) B
C (destination) B
With the GSR configured in flow-based bridging mode, the network manager has “per
flow” control of layer-2 traffic. The network manager can then apply Quality of Service
(QoS) policies or security filters based on layer-2 traffic flows.
To enable flow-based bridging on a port, enter the following command in Configure
mode.
Configure a port for flow-based
bridging.
port flow-bridging <port-list>|all-ports
A
→ B
→ A
→ C
→ C
DIGITAL GIGAswitch/Router User Reference Manual 35
Page 60
Chapter 3: Bridging Configuration Guide
To change a port from flow-based bridging to address-based bridging, enter the following
command in Configure mode:
Change a port from flowbased bridging to addressbased bridging.
Configuring Spanning Tree
Note:
The GSR supports per VLAN spanning tree. By default, all the VLANs defined belong to
the default spanning tree. You can create a separate instance of spanning tree using the
following command:
By default, spanning tree is disabled on the GSR. To enable spanning tree on the GSR, you
perform the following tasks on the ports where you want spanning tree enabled..
Some commands in this facility require updated GSR hardware. Please refer to the
Release Notes for details.
Create spanning tree for a VLAN. pvst create spanningtree vlan-name
Enable spanning tree on one or
more ports for default spanning
tree.
negate <line-number of active config containing command>:
port flow-bridging
<string>
stp enable port <port-list>
<port-list>|all-ports
Enable spanning tree on one or
more ports for a particular VLAN.
pvst enable port <port-list> spanning-tree
<string>
Adjusting Spanning-Tree Parameters
You may need to adjust certain spanning-tree parameters if the default values are not
suitable for your bridge configuration. Parameters affecting the entire spanning tree are
configured with variations of the bridge global configuration command. Interface-specific
parameters are configured with variations of the bridge-group interface configuration
command.
36 DIGITAL GIGAswitch/Router User Reference Manual
Page 61
You can adjust spanning-tree parameters by performing any of the tasks in the following
sections:
• Set the Bridge Priority
• Set an Interface Priority
Note: Only network administrators with a good understanding of how bridges and the
Spanning-Tree Protocol work should make adjustments to spanning-tree
parameters. Poorly chosen adjustments to these parameters can have a negative
impact on performance. A good source on bridging is the IEEE 802.1d
specification.
Setting the Bridge Priority
You can globally configure the priority of an individual bridge when two bridges tie for
position as the root bridge, or you can configure the likelihood that a bridge will be
selected as the root bridge. The lower the bridge's priority, the more likely the bridge will
be selected as the root bridge. This priority is determined by default; however, you can
change it.
Configuring GSR Bridging Functions
To set the bridge priority, enter the following command in Configure mode:
Set the bridge priority for default
spanning tree.
Set the bridge priority for a
particular instance of spanning tree.
Setting a Port Priority
You can set a priority for an interface. When two bridges tie for position as the root bridge,
you configure an interface priority to break the tie. The bridge with the lowest interface
value is elected.
To set an interface priority, enter the following command in Configure mode:
Establish a priority for a specified
interface for default spanning tree.
Establish a priority for a specified
interface for a particular instance of
spanning tree.
stp set bridging priority <num>
pvst set bridging spanning-tree <string>
priority <num>
stp set port <port-list> priority <num>
pvst set port <port-list> spanning-tree
<string> priority <num>
DIGITAL GIGAswitch/Router User Reference Manual 37
Page 62
Chapter 3: Bridging Configuration Guide
Assigning Port Costs
Each interface has a port cost associated with it. By convention, the port cost is 1000/data
rate of the attached LAN, in Mbps. You can set different port costs.
To assign port costs, enter the following command in Configure mode:
Set a different port cost other than
stp set port <port-list> port-cost <num>
the defaults for default spanning
tree.
Set a different port cost other than
the defaults for a particular instance
pvst set port <port-list> spanning-tree
<string> port-cost <num>
of spanning tree.
Adjusting Bridge Protocol Data Unit (BPDU) Intervals
You can adjust BPDU intervals as described in the following sections:
• Adjust the Interval between Hello BPDUs
• Define the Forward Delay Interval
• Define the Maximum Idle Interval
Adjusting the Interval between Hello Times
You can specify the interval between hello time.
To adjust this interval, enter the following command in Configure mode:
Specify the interval between hello
stp set bridging hello-time <num>
time for default spanning tree.
Specify the interval between hello
time for a particular instance of
pvst set bridging spanning-tree <string>
hello-time <num>
spanning tree.
Defining the Forward Delay Interval
The forward delay interval is the amount of time spent listening for topology change
information after an interface has been activated for bridging and before forwarding
actually begins.
38 DIGITAL GIGAswitch/Router User Reference Manual
Page 63
Configuring GSR Bridging Functions
To change the default interval setting, enter the following command in Configure mode:
Set the default of the forward delay
stp set bridging forward-delay <num>
interval for default spanning tree.
Set the default of the forward delay
interval for a particular instance of
pvst set bridging spanning-tree <string>
forward-delay <num>
spanning tree.
Defining the Maximum Age
If a bridge does not hear BPDUs from the root bridge within a specified interval, it
assumes that the network has changed and recomputes the spanning-tree topology.
To change the default interval setting, enter the following command in Configure mode:
Change the amount of time a bridge will
stp set bridging max-age <num>
wait to hear BPDUs from the root bridge
for default spanning tree.
Change the amount of time a bridge will
wait to hear BPDUs from the root bridge
pvst set bridging spanning-tree
<string> max-age <num>
for a particular instance of spanning tree.
Configuring a Port or Protocol based VLAN
To create a port or protocol based VLAN, perform the following steps in the Configure
mode.
1. Create a port or protocol based VLAN.
2. Add physical ports to a VLAN.
Creating a Port or Protocol Based VLAN
To create a VLAN, enter the following command in Configure mode.
Create a VLAN. vlan create <vlan-name> <type> id <num>
Adding Ports to a VLAN
To add ports to a VLAN, enter the following command in Configure mode.
Add ports to a VLAN. vlan add ports <port-list> to <vlan-name>
DIGITAL GIGAswitch/Router User Reference Manual 39
Page 64
Chapter 3: Bridging Configuration Guide
Configuring VLAN Trunk Ports
The GSR supports standards-based VLAN trunking between multiple GSRs as defined by
IEEE 802.1Q. 802.1Q adds a header to a standard Ethernet frame which includes a unique
VLAN id per trunk between two GSRs. These VLAN IDs extend the VLAN broadcast
domain to more than one GSR.
To configure a VLAN trunk, enter the following command in the Configure mode.
Configure 802.1Q VLAN trunks.
Configuring VLANs for Bridging
The GSR allows you to create VLANs for AppleTalk, DECnet®, SNA, and IPv6 traffic as
well as for IP and IPX traffic. You can create a VLAN for handling traffic for a single
protocol, such as a DECnet VLAN. Or, you can create a VLAN that supports several
specific protocols, such as SNA and IP traffic.
Note:
Some commands in this facility require updated GSR hardware. Please refer to the
Release Notes for details.
Configuring Layer-2 Filters
Layer-2 security filters on the GSR allow you to configure ports to filter specific MAC
addresses. When defining a Layer-2 security filter, you specify to which ports you want
the filter to apply. Refer to the “Security Configuration Chapter” for details on configuring
Layer-2 filters. You can specify the following security filters:
• Address filters
These filters block traffic based on the frame's source MAC address, destination MAC
address, or both source and destination MAC addresses in flow bridging mode.
Address filters are always configured and applied to the input port.
vlan make <port-type> <port-list>
• Port-to-address lock filters
These filters prohibit a user connected to a locked port or set of ports from using
another port.
• Static entry filters
These filters allow or force traffic to go to a set of destination ports based on a frame's
source MAC address, destination MAC address, or both source and destination MAC
addresses in flow bridging mode. Static entries are always configured and applied at
the input port.
40 DIGITAL GIGAswitch/Router User Reference Manual
Page 65
• Secure port filters
A secure filter shuts down access to the GSR based on MAC addresses. All packets
received by a port are dropped. When combined with static entries, however, these
filters can be used to drop all received traffic but allow some frames to go through.
Monitoring Bridging
The GSR provides display of bridging statistics and configurations contained in the GSR.
To display bridging information, enter the following commands in Enable mode.
Monitoring Bridging
Show IP routing table.
Show all MAC addresses currently
in the l2 tables.
Show l2 table information on a
specific port.
Show information the master MAC
table.
Show information on a specific
MAC address.
Show information on MACs
registered.
Show all VLANs.
ip show routes
l2-tables show all-macs
l2-tables show port-macs
l2-tables show mac-table-stats
l2-tables show mac
l2-table show bridge-management
vlan show
DIGITAL GIGAswitch/Router User Reference Manual 41
Page 66
Chapter 3: Bridging Configuration Guide
Configuration Examples
VLANs are used to associate physical ports on the GSR with connected hosts that may be
physically separated but need to participate in the same broadcast domain. To associate
ports to a VLAN, you must first create a VLAN and then assign ports to the VLAN. This
section shows examples of creating an IP or IPX VLAN and a DECnet, SNA, and
AppleTalk VLAN.
Creating an IP or IPX VLAN
In this example, servers connected to port gi.1.(1-2) on the GSR need to communicate with
clients connected to et.4.(1-8). You can associate all the ports containing the clients and
servers to an IP VLAN called ‘BLUE’.
First, create an IP VLAN named ‘BLUE’
gs/r(config)# vlan create BLUE ip
Next, assign ports to the ‘BLUE’ VLAN.
gs/r(config)# vlan add ports et.4.(1-8),gi.1.(1-2) to BLUE
Creating a non-IP/non-IPX VLAN
In this example, SNA, DECnet, and AppleTalk hosts are connected to et.1.1 and et.2.(1-4).
You can associate all the ports containing these hosts to a VLAN called ‘RED’ with the
VLAN ID 5.
First, create a VLAN named ‘RED’
gs/r(config)# vlan create RED sna dec appletalk id 5
Next, assign ports to the ‘RED’ VLAN.
gs/r(config)# vlan add ports et.1.1, et.2.(1-4) to RED
42 DIGITAL GIGAswitch/Router User Reference Manual
Page 67
Overview
This chapter explains how to configure and monitor SmartTRUNKs on the GSR. A
SmartTRUNK is DIGITAL Equipment Corporation’s technology for load balancing and
load sharing. For a description of the SmartTRUNK commands, see the “smarttrunk
commands” section of the DIGITAL GIGAswitch/Router Command Line Interface Reference
Manual.
Chapter 4
SmartTRUNK
Configuration
Guide
On the GSR, a SmartTRUNK is a group of two or more ports that have been logically
combined into a single port. Multiple physical connections between devices are
aggregated into a single logical, high-speed path that acts as a single link. Traffic is
balanced across all interfaces in the combined link, increasing overall available system
bandwidth.
SmartTRUNKs allow administrators the ability to increase bandwidth at congestion
points in the network, thus eliminating potential traffic bottlenecks. SmartTRUNKs also
provide improved data link resiliency. If one port in a SmartTRUNK should fail, its load is
distributed evenly among the remaining ports and the entire SmartTRUNK link remains
operational.
SmartTRUNK is DIGITAL’s standard for building high-performance links between
DIGITAL’s switching platforms. SmartTRUNKs can interoperate with switches, routers,
and servers from other vendors as well as DIGITAL platforms.
DIGITAL GIGAswitch/Router User Reference Manual 43
Page 68
Chapter 4: SmartTRUNK Configuration Guide
SmartTRUNKs are compatible with all GSR features, including VLANs, STP, VRRP, etc.
SmartTRUNK operation is supported over different media types and a variety of
technologies including 10/100/1000 Mbps Ethernet.
Configuring SmartTRUNKs
To create a SmartTRUNK:
1. Create a SmartTRUNK and specify a control protocol for it.
2. Add physical ports to the SmartTRUNK.
3. Specify the policy for distributing traffic across SmartTRUNK ports. This step is
optional; by default, the GSR distributes traffic to ports in a round-robin (sequential)
manner.
Creating a SmartTRUNK
When you create a SmartTRUNK, you specify if the DEC® Hunt Group Control Protocol is
to be used or no control protocol is to be used:
• If you are connecting the SmartTRUNK to another GSR or to other DIGITAL devices
(such as the DIGITAL GIGAswitch/Router), specify the DEC Hunt Group Control
Protocol. The DEC Hunt Group Control Protocol is useful in detecting errors like
transmit/receive failures, misconfiguration, etc.
• If you are connecting the SmartTRUNK to a device that does not support the DEC Hunt
Group Control Protocol, such as those devices that support Cisco’s EtherChannel
technology, specify no control protocol. Only link failures are detected in this mode.
To create a SmartTRUNK, enter the following command in Configure mode:
Create a SmartTRUNK that will be connected
to a device that supports the DEC Hunt Group
Control Protocol.
Create a SmartTRUNK that will be connected
to a device that does not support the DEC
Hunt Group Control Protocol.
smarttrunk create <smarttrunk>
protocol huntgroup
smarttrunk create <smarttrunk>
protocol no-protocol
®
44 DIGITAL GIGAswitch/Router User Reference Manual
Page 69
Add Physical Ports to the SmartTRUNK
You can add any number of ports to a SmartTRUNK. The limit is the number of ports on
the GSR. Any port on any module can be part of a SmartTRUNK. If one module should go
down, the remaining ports on other modules will remain operational.
Ports added to a SmartTRUNK must:
• Be set to full duplex.
• Be in the same VLAN.
• Have the same properties (L2 aging, STP state, and so on).
To add ports to a SmartTRUNK, enter the following command in Configure mode:
Configuring SmartTRUNKs
Create a SmartTRUNK that will be connected
smarttrunk add ports <port list>
to a device that supports the DEC Hunt Group
Control Protocol.
Specify Traffic Distribution Policy (Optional)
The default policy for distributing traffic across the ports in a SmartTRUNK is “roundrobin,” where the GSR selects the port on a rotating basis. The other policy that can be
chosen is “link-utilization,” where packets are sent to the least-used port in a
SmartTRUNK. You can choose to specify the link-utilization policy for a particular
SmartTRUNK, a list of SmartTRUNKs, or for all SmartTRUNKs on the GSR.
Specify traffic distribution
policy.
smarttrunk set load-policy on <smarttrunk
list>
|all-smarttrunks round-robin|link-
utilization
to <smarttrunk>
DIGITAL GIGAswitch/Router User Reference Manual 45
Page 70
Chapter 4: SmartTRUNK Configuration Guide
Monitoring SmartTRUNKs
Statistics are gathered for data flowing through a SmartTRUNK and each port in the
SmartTRUNK.
To display SmartTRUNK statistics, enter one of the following commands in Enable mode:.
Display information about all
smarttrunk show trunks
SmartTRUNKs and the control
protocol used.
Display statistics on traffic
distribution on SmartTRUNK
Display information about the
control protocol on a
smarttrunk show distribution <smarttrunk
|all-smarttrunks
list>
smarttrunk show protocol-state <smarttrunk
list>
|all-smarttrunks
SmartTRUNK.
Display information about the
SmartTRUNK connection (DEC
smarttrunk show connections <smarttrunk
list>
|all-smarttrunks
Hunt Group Control Protocol
connections only).
To clear statistics for SmartTRUNK ports, enter the following command in Enable mode:.
Clear load distribution statistics
for SmartTRUNK ports.
smarttrunk clear load-distribution
<smarttrunk list>|all-smarttrunk
46 DIGITAL GIGAswitch/Router User Reference Manual
Page 71
Example Configurations
The following shows a network design based on SmartTRUNKs. R1 is an GSR operating
as a router, while S1 and S2 are GSRs operating as switches.
Example Configurations
Cisco
7500
Router
10.1.1.1/24
st.1 st.2 st.4
Router
R1
10.1.1.2/24
to-cisco
12.1.1.2/24
to-s2
11.1.1.2/24
to-s1
st.3
Switch
S2
st.5
Cisco
Catalyst
5K Switch
The following is the configuration for the Cisco 7500 router:
interface port-channel 1
ip address 10.1.1.1 255.255.255.0
ip route-cache distributed
interface fasteth 0/0
no ip address
channel-group 1
Switch
S1
Server
The following is the configuration for the Cisco Catalyst 5K switch:
set port channel 3/1-2 on
DIGITAL GIGAswitch/Router User Reference Manual 47
Page 72
Chapter 4: SmartTRUNK Configuration Guide
The following is the SmartTRUNK configuration for the GSR labeled ‘R1’ in the diagram:
smarttrunk create st.1 protocol no-protocol
smarttrunk create st.2 protocol huntgroup
smarttrunk create st.3 protocol huntgroup
smarttrunk add ports et.1(1-2) to st.1
smarttrunk add ports et.2(1-2) to st.2
smarttrunk add ports et.3(1-2) to st.3
interface create ip to-cisco address-netmask 10.1.1.2/24 port st.1
interface create ip to-s1 address-netmask 11.1.1.2/24 port st.2
interface create ip to-s2 address-netmask 12.1.1.2/24 port st.3
The following is the SmartTRUNK configuration for the GSR labeled ‘S1’ in the diagram:
smarttrunk create st.2 protocol huntgroup
smarttrunk create st.4 protocol no-protocol
smarttrunk add ports et.1(1-2) to st.2
smarttrunk add ports et.2(1-2) to st.4
The following is the SmartTRUNK configuration for the GSR labeled ‘S2’ in the diagram:
smarttrunk create st.3 protocol huntgroup
smarttrunk create st.5 protocol no-protocol
smarttrunk add ports et.1(1-2) to st.3
smarttrunk add ports et.2(1-2) to st.5
48 DIGITAL GIGAswitch/Router User Reference Manual
Page 73
DHCP Overview
The Dynamic Host Configuration Protocol (DHCP) server on the GSR provides dynamic
address assignment and configuration to DHCP capable end-user systems, such as
Microsoft
You can configure the server to provide a dynamic IP address from a pre-allocated pool of
IP addresses or a static IP address. You can also configure parameters for use by the
clients, such as default gateway and network masks, and system-specific parameters, such
as NetBIOS Name Server and NetBIOS node type of the client.
®
Windows® 95/98, Microsoft Windows NT, and Apple® Macintosh® systems.
Chapter 5
DHCP
Configuration
Guide
The amount of time that a particular IP address is valid for a system is called a lease. The
GSR maintains a lease database which contains information about each assigned IP address,
the MAC address to which it is assigned, the lease expiration, and whether the address
assignment is dynamic or static. The DHCP lease database is stored in flash memory and
can be backed up on a remote TFTP or RCP server. You can configure the intervals at
which updates to the lease database (and backup) are done. Upon system reboot, the lease
database will be loaded either from flash memory or from the TFTP or RCP server.
Note:
DIGITAL GIGAswitch/Router User Reference Manual 49
The GSR DHCP server is not designed to work as the primary DHCP server in an
enterprise environment with hundreds or thousands of clients that are constantly
seeking IP address assignment or reassignment. A standalone DHCP server with
a redundant backup server may be more suitable for this enterprise environment.
Page 74
Chapter 5: DHCP Configuration Guide
Configuring DHCP
By default, the DHCP server is not enabled on the GSR. You can selectively enable DHCP
service on particular interfaces and not others. To enable DHCP service on an interface,
you must first define a DHCP scope. A scope consists of a pool of IP addresses and a set of
parameters for a DHCP client. The parameters are used by the client to configure its
network environment, for example, the default gateway and DNS domain name.
To configure DHCP on the GSR, you must configure an IP address pool, client parameters,
and optional static IP address for a specified scope. Where several subnets are accessed
through a single port, you can also define multiple scopes on the same interface and
group the scopes together into a “superscope.”
Configuring an IP Address Pool
To define a pool of IP addresses that the DHCP server can assign to a client, enter the
following command in Configure mode:
Define pool of IP addresses to be
used by clients.
Configuring Client Parameters
You can configure the client parameters shown in the table below.
Table 3. Client Parameters
Parameter Value
address-mask Address/netmask of the scope’s subnet (This parameter is
required and must be defined before any other client
parameters are specified.)
broadcast Broadcast address
bootfile Client boot file name
dns-domain DNS domain name
dns-server IP address of DNS server
gateway IP address of default gateway
dhcp <scope> define pool <ip-range>
lease-time Amount of time the assigned IP address is valid for the
50 DIGITAL GIGAswitch/Router User Reference Manual
system
Page 75
Configuring DHCP
Table 3. Client Parameters
Parameter Value
netbios-name-server IP address of NetBIOS Name Server (WINS server)
netbios-node-type NetBIOS node type of the client
netbios-scope NetBIOS scope of the client
To define the parameters that the DHCP server gives the clients, enter the following
command in Configure mode:
Define client parameters.
dhcp <scope> define parameters <parameter>
<value>...
Configuring a Static IP Address
To define a static IP address that the DHCP server can assign to a client with a specific
MAC address, enter the following command in Configure mode:
Define static IP address for a
particular MAC address.
dhcp <scope> define static-ip <ipaddr>
mac-address <macaddr> [<parameter>
<value>...]
Grouping Scopes with a Common Interface
You can apply several scopes to the same physical interface. For example, scopes can
define address pools on different subnets that all are accessed through the same GSR port.
In this case, scopes that use the same interface must be grouped together into a
“superscope.”
To attach a scope to a superscope, enter the following command in Configure mode:
Attach a scope to a superscope.
DIGITAL GIGAswitch/Router User Reference Manual 51
dhcp <scope> attach superscope <name>
Page 76
Chapter 5: DHCP Configuration Guide
Configuring DHCP Server Parameters
You can configure several “global” parameters that affect the behavior of the DHCP server
itself.
To configure global DHCP server parameters, enter the following commands in Configure
mode:
Specify a remote location to back up
the lease database.
Specify the intervals at which the
lease database is updated.
dhcp global set lease-database <url>
dhcp global set commit-interval <hours>
Updating the Lease Database
After each client transaction, the DHCP server does not immediately update the
information in the lease database. Lease update information is stored in flash memory and
flushed to the database at certain intervals. You can use the dhcp global set commit-
interval command to specify this interval; the default is one hour.
To force the DHCP server to immediately update its lease database, enter the following
command in Enable mode:
Force the server to update its lease
database.
dhcp flush
Monitoring the DHCP Server
To display information from the lease database:
Show lease database information.
To display the number of allocated bindings for the DHCP server and the maximum
number allowed:
Show the number of allocated
bindings for the DHCP server.
52 DIGITAL GIGAswitch/Router User Reference Manual
dhcp show binding
[active|expired|static]
dhcp show num-clients
Page 77
DHCP Configuration Examples
The following configuration describes DHCP configuration for a simple network with just
one interface on which DHCP service is enabled to provide both dynamic and static IP
addresses.
1. Create an IP VLAN called ‘client_vlan’.
vlan create client_vlan ip
2. Add all Fast Ethernet ports in the GSR to the VLAN ‘client_vlan’.
vlan add port et.*.* to client_vlan
3. Create an IP interface called ‘clients’ with the address 10.1.1.1 for the VLAN
‘client_vlan’.
interface create ip clients address-netmask 10.1.1.1./16 vlan
client_vlan
DHCP Configuration Examples
4. Define DHCP network parameters for the scope ‘scope1’.
dhcp scope1 define parameters address-netmask 10.1.0.0/16 gateway
10.1.1.1 lease-time 720 dns-domain acme.com dns-server
10.2.45.67 netbios-name-server 10.1.55.60
5. Define an IP address pool for addresses 10.1.1.10 through 10.1.1.20.
dhcp scope1 define pool 10.1.1.10-10.1.1.20
6. Define another IP address pool for addresses 10.1.1.40 through 10.1.1.50.
dhcp scope1 define pool 10.1.1.40-10.1.1.50
7. Define a static IP address for 10.1.7.5.
dhcp scope1 define static-ip 10.1.7.5 mac-address 08:00:20:11:22:33
8. Define another static IP address for 10.1.7.7. and give it a specific gateway address of
10.1.1.2.
dhcp scope1 define static-ip 10.1.7.7 mac-address
08:00:20:aa:bb:cc:dd gateway 10.1.1.2
DIGITAL GIGAswitch/Router User Reference Manual 53
Page 78
Chapter 5: DHCP Configuration Guide
9. Specify a remote lease database on the TFTP server 10.1.89.88.
dhcp global set lease-database tftp://10.1.89.88/lease.db
10. Specify a database update interval of every 15 minutes.
dhcp global set commit-interval 15
Configuring Secondary Subnets
In some network environments, multiple logical subnets can be imposed on a single
physical segment. These logical subnets are sometimes referred to as “secondary subnets”
or “secondary networks.” For these environments, the DHCP server may need to give out
addresses on different subnets. The DNS server, DNS domain, and WINS server may be
the same for clients on different secondary subnets, however, the default gateway will
most likely be different since it must be a router on the client’s local subnet.
The following example shows a simple configuration to support secondary subnets
10.1.x.x and 10.2.x.x.
1. Define the network parameters for ‘scope1’ with the default gateway 10.1.1.1.
dhcp scope1 define parameters address-netmask 10.1.0.0/16 gateway
10.1.1.1 dns-domain acme.com dns-server 10.1.44.55
2. Define the address pool for ‘scope1’.
dhcp scope1 define pool 10.1.1.10-10.1.1.20
3. Define the network parameters for ‘scope2’ with the default gateway 10.2.1.1.
dhcp scope2 define parameters address-netmask 10.2.0.0/16 gateway
10.2.1.1 dns-domain acme.com dns-server 10.1.77.88
4. Define the address pool for ‘scope2’.
dhcp scope2 define pool 10.2.1.40-10.2.1.50
5. Create a superscope ‘super1’ that includes ‘scope1’.
dhcp scope1 attach superscope super1
54 DIGITAL GIGAswitch/Router User Reference Manual
Page 79
6. Include ‘scope2’ in the superscope ‘super1’.
dhcp scope2 attach superscope super1
Since there are multiple pools of IP addresses, the pool associated with ‘scope1’ is used
first since ‘scope1’ is applied to the interface before ‘scope2’. Clients that are given an
address from ‘scope1’ will also be given parameters from ‘scope1,’ which includes the
default gateway 10.1.1.1 that resides on the 10.1.x.x subnet. When all the addresses for
‘scope1’ are assigned, the server will start giving out addresses from ‘scope2’ which will
include the default gateway parameter 10.2.1.1 on subnet 10.2.x.x.
Secondary Subnets and Directly-Connected Clients
A directly-connected client is a system that resides on the same physical network as the
DHCP server and does not have to go through a router or relay agent to communicate
with the server. If you configure the DHCP server on the GSR to service directlyconnected clients on a secondary subnet, you must configure the secondary subnet using
the interface add ip command. The interface add ip command configures a secondary
address for an interface that was previously created with the interface create ip
command.
DHCP Configuration Examples
The following example shows a simple configuration to support directly-connected clients
on a secondary subnet.
1. Create an interface ‘clients’ with the primary address 10.1.1.1.
interface create ip clients address-mask 10.1.1.1/16 port et.1.1
2. Assign a secondary address 10.2.1.1 to the interface ‘clients’.
interface add ip clients address-mask 10.2.1.1/16
3. Define the network parameters for ‘scope1’ with the default gateway 10.1.1.1.
dhcp scope1 define parameters address-netmask 10.1.0.0/16 gateway
10.1.1.1 dns-domain acme.com dns-server 10.1.44.55
4. Define the address pool for ‘scope1’.
dhcp scope1 define pool 10.1.1.10-10.1.1.20
5. Define the network parameters for ‘scope2’ with the default gateway 10.2.1.1.
dhcp scope2 define parameters address-netmask 10.2.0.0/16 gateway
10.2.1.1 dns-domain acme.com dns-server 10.1.77.88
DIGITAL GIGAswitch/Router User Reference Manual 55
Page 80
Chapter 5: DHCP Configuration Guide
6. Define the address pool for ‘scope2’.
dhcp scope2 define pool 10.2.1.40-10.2.1.50
7. Create a superscope ‘super1’ that includes ‘scope1’.
dhcp scope1 attach superscope super1
8. Include ‘scope2’ in the superscope ‘super1’.
dhcp scope2 attach superscope super1
For clients on the secondary subnet, the default gateway is 10.2.1.1, which is also the
secondary address for the interface ‘clients’.
Interacting with Relay Agents
For clients that are not directly connected to the DHCP server, a relay agent (typically a
router) is needed to communicate between the client and the server. The relay agent is
usually only needed during the initial leasing of an IP address. Once the client obtains an
IP address and can connect to the network, the renewal of the lease is performed between
the client and server without the help of the relay agent.
The default gateway for the client must be capable of reaching the GSR’s DHCP server.
The GSR must also be capable of reaching the client’s network. The route must be
configured (with static routes, for example) or learned (with RIP or OSPF, for example) so
that the DHCP server can reach the client.
The following example shows a simple configuration to support clients across a relay
agent.
1. Create an interface ‘clients’ with the primary address 10.1.1.1.
interface create ip clients address-mask 10.1.1.1/16 port et.3.3
2. Define a static route to the 10.5.x.x. subnet using the gateway 10.1.7.10 which tells the
DHCP server how to send packets to the client on the 10.5.x.x subnet.
ip add route 10.5.0.0/16 gateway 10.1.7.10
3. Define the network parameters for ‘scope1’ with the default gateway 10.5.1.1 (the
relay agent for the client).
dhcp scope1 define parameters address-netmask 10.5.0.0/16 gateway
10.5.1.1 dns-domain acme.com
56 DIGITAL GIGAswitch/Router User Reference Manual
Page 81
4. Define the address pool for ‘scope1’.
dhcp scope1 define pool 10.5.1.10-10.5.1.20
DHCP Configuration Examples
DIGITAL GIGAswitch/Router User Reference Manual 57
Page 82
Page 83
This chapter describes how to configure IP interfaces and general non-protocol-specific
routing parameters.
IP Routing Overview
Chapter 6
IP Routing
Configuration
Guide
Internet Protocol (IP) is a packet-based protocol used to exchange data over computer
networks. IP handles addressing, routing, fragmentation, reassembly, and protocol
demultiplexing. In addition, IP specifies how hosts and routers should process packets,
handle errors and discard packets. IP forms the foundation upon which transport layer
protocols, such as TCP or UDP, interoperate over a routed network.
The Transmission Control Protocol (TCP) is built upon the IP layer. TCP is a connectionoriented protocol that specifies the data format, buffering and acknowledgments used in
the transfer of data. TCP is a full-duplex connection which also specifies the procedures
that the computers use to ensure that the data arrives correctly.
The User Datagram Protocol (UDP) provides the primary mechanism that applications
use to send datagrams to other application programs. UDP is a connectionless protocol
that does not guarantee delivery of datagrams between applications. Applications which
use UDP are responsible for ensuring successful data transfer by employing error
handling, retransmission and sequencing techniques.
DIGITAL GIGAswitch/Router User Reference Manual 59
Page 84
Chapter 6: IP Routing Configuration Guide
TCP and UDP also specify “ports,” which identify the application which is using
TCP/UDP. For example, a web server would typically use TCP/UDP port 80, which
specifies HTTP-type traffic.
The GSR supports standards-based TCP, UDP, and IP.
IP Routing Protocols
The GSR supports standards-based unicast and multicast routing. Unicast routing
protocol support includes Interior Gateway Protocols and Exterior Gateway Protocols.
Multicast routing protocols are used to determine how multicast data is transferred in a
routed environment.
Unicast Routing Protocols
Interior Gateway Protocols are used for routing networks that are within an “autonomous
system,” a network of relatively limited size. All IP interior gateway protocols must be
specified with a list of associated networks before routing activities can begin. A routing
process listens to updates from other routers on these networks and broadcasts its own
routing information on those same networks. The GSR supports the following Interior
Gateway Protocols:
• Routing Information Protocol (RIP) Version 1, 2 (RFC 1058, 1723)
• Open Shortest Path First (OSPF) Version 2 (RFC 1583)
Exterior Gateway Protocols are used to transfer information between different
“autonomous systems”. The GSR supports the following Exterior Gateway Protocol:
• Border Gateway Protocol (BGP) Version 3, 4 (RFC 1267, 1771)
Multicast Routing Protocols
IP multicasting allows a host to send traffic to a subset of all hosts. These hosts subscribe
to group membership, thus notifying the GSR of participation in a multicast transmission.
Multicast routing protocols are used to determine which routers have directly attached
hosts, as specified by IGMP, that have membership to a multicast session. Once host
memberships are determined, routers use multicast routing protocols, such as DVMRP, to
forward multicast traffic between routers.
60 DIGITAL GIGAswitch/Router User Reference Manual
Page 85
Configuring IP Interfaces and Parameters
The GSR supports the following multicast routing protocols:
• Distance Vector Multicast Routing Protocol (DVMRP) RFC 1075
• Internet Group Management Protocol (IGMP) as described in RFC 2236
The GSR also supports the latest DVMRP Version 3.0 draft specification, which includes
mtrace, Generation ID and Pruning/Grafting.
Configuring IP Interfaces and Parameters
This section provides an overview of configuring various IP parameters and setting up IP
interfaces.
Configuring IP Addresses to Ports
You can configure one IP interface directly to physical ports. Each port can be assigned
multiple IP addresses representing multiple subnets connected to the physical port.
To configure an IP interface to a port, enter one of the following commands in Configure
mode.
Configure an IP interface to a
physical port.
Configure a secondary address to
an existing IP interface.
interface create ip <InterfaceName>
interface add ip <InterfaceName>
Configuring IP Interfaces for a VLAN
You can configure one IP interface per VLAN. Once an IP interface has been assigned to a
VLAN, you can add a secondary IP addresses to the VLAN.
To configure a VLAN with an IP interface, enter the following command in Configure
mode:
Create an IP interface for a VLAN. interface create ip <InterfaceName>
Configure a secondary address to
an existing VLAN.
interface add ip <InterfaceName>
address-mask <ipAddr-mask> port <port>
address-netmask <ipAddr-mask>
[broadcast <ipaddr>]
address-mask <ipAddr-mask> vlan <name>
address-netmask <ipAddr-mask>
vlan <name>
DIGITAL GIGAswitch/Router User Reference Manual 61
Page 86
Chapter 6: IP Routing Configuration Guide
Specifying Ethernet Encapsulation Method
The DIGITAL GIGAswitch/Router supports two encapsulation types for IP. You can
configure encapsulation type on a per-interface basis.
• Ethernet II: The standard ARPA Ethernet Version 2.0 encapsulation, which uses a 16bit protocol type code (the default encapsulation method)
• 802.3 SNAP: SNAP IEEE 802.3 encapsulation, in which the type code becomes the
frame length for the IEEE 802.2 LLC encapsulation (destination and source Service
Access Points, and a control byte)
To configure IP encapsulation, enter one of the following commands in Configure mode.
Configure Ethernet II
encapsulation.
Configure 802.3
SNAP encapsulation.
interface create ip <InterfaceName> output-mac-
encapsulation ethernet_II
interface create ip <InterfaceName> output-mac-
encapsulation ethernet_snap
Configuring Address Resolution Protocol (ARP)
The GSR allows you to configure Address Resolution Protocol (ARP) table entries and
parameters. ARP is used to associate IP addresses with media or MAC addresses. Taking
an IP address as input, ARP determines the associated MAC address. Once a media or
MAC address is determined, the IP address/media address association is stored in an
ARP cache for rapid retrieval. Then the IP datagram is encapsulated in a link-layer frame
and sent over the network.
Configuring ARP Cache Entries
You can add and delete entries in the ARP cache. To add or delete static ARP entries, enter
one of the following commands in Configure mode:
Add a static ARP entry. arp add <host> mac-addr <MAC-addr>
exit-port
<port>
Clear a static ARP entry. arp clear <host>
Configuring Proxy ARP
The GSR can be configured for proxy ARP. The GSR uses proxy ARP (as defined in
RFC 1027) to help hosts with no knowledge of routing determine the MAC address of
hosts on other networks or subnets. Through Proxy ARP, the GSR will respond to ARP
requests from a host with a ARP reply packet containing the GSR MAC address. Proxy
ARP is enabled by default on the GSR.
62 DIGITAL GIGAswitch/Router User Reference Manual
Page 87
Configuring IP Interfaces and Parameters
To disable proxy ARP, enter the following command in Configure mode:
Disable Proxy ARP on
ip disable-proxy-arp interface <InterfaceName>|all
an interface.
Configuring Reverse Address Resolution Protocol (RARP)
Reverse Address Resolution Protocol (RARP) works exactly the opposite of ARP. Taking a
MAC address as input, RARP determines the associated IP address. RARP is useful for Xterminals and diskless workstations that may not have an IP address when they boot.
They can submit their MAC address to a RARP server on the GSR, which returns an IP
address.
Configuring RARP on the GSR consists of two steps:
• Letting the GSR know which IP interfaces to respond to
• Defining the mappings of MAC addresses to IP addresses
Specifying IP Interfaces for RARP
To specify the interfaces that the RARP server on the GSR should respond to, enter the
following command in Configure mode:
Specify interfaces for RARP. rarpd set interface <InterfaceName>|all
Defining MAC-to-IP Address Mappings
To map a MAC address to an IP address, enter the following command in Configure
mode:
Map a MAC address to an
IP address.
There is no limit to the number of address mappings you can configure.
Optionally, you can create a list of mappings with a text editor and then use TFTP to
upload the text file to the GSR. The format of the text file must be as follows:
MAC-address1 IP-address1
MAC-address2 IP-address2
...
MAC-addressn IP-addressn
rarpd add hardware-address <MAC-addr>
ip-address
<IPaddr>
DIGITAL GIGAswitch/Router User Reference Manual 63
Page 88
Chapter 6: IP Routing Configuration Guide
Then place the text file on a TFTP server that the GSR can access and enter the following
command in Enable mode:
gs/r# copy tftp-server to ethers
TFTP server?
Source filename? <filename>
<IPaddr-of-TFTP-server>
Monitoring RARP
You can use the following commands to obtain information about the GSR’s RARP
configuration:
Display the interfaces to which the
RARP server responds.
Display the existing MAC-to-IP
address mappings
Display RARP statistics.
Configuring DNS Parameters
The GSR can be configured to specify DNS servers, which supply name services for DNS
requests. You can specify up to three DNS servers.
To configure DNS servers, enter the following command in Configure mode:
Configure a DNS server. system set dns server <IPaddr>
You can also specify a domain name for the GSR. The domain name is used by the GSR to
respond to DNS requests.
To configure a domain name, enter the following command in Configure mode:
rarpd show interface
rarpd show mappings
statistics show rarp <InterfaceName>|all
[,<IPaddr>[,<IPaddr>]]
Configure a domain name. system set dns domain <name>
64 DIGITAL GIGAswitch/Router User Reference Manual
Page 89
Configuring IP Services (ICMP)
The GSR provides ICMP message capabilities including ping and traceroute. Ping allows
you to determine the reachability of a certain IP host. Traceroute allows you to trace the IP
gateways to an IP host.
To access ping or traceroute on the GSR, enter the following commands in Enable mode:
Configuring IP Interfaces and Parameters
Specify ping.
Specify traceroute. traceroute <host> [max-ttl <num>] [probes <num>]
Configuring IP Helper
You can configure the GSR to forward UDP broadcast packets received on a given
interface to all other interfaces or to a specified IP address. You can specify a UDP port
number for which UDP broadcast packets with that destination port number will be
forwarded. By default, if no UDP port number is specified, the GSR will forward UDP
broadcast packets for the following six services:
• BOOTP/DHCP (port 67 and 68)
• DNS (port 37)
• NetBIOS Name Server (port 137)
• NetBIOS Datagram Server (port 138)
• TACACS Server (port 49)
ping <hostname-or-IPaddr> packets <num> size <num>
wait <num> [flood] [dontroute]
[size
<num>] [source <secs>] [tos <num>]
[wait-time
<secs>] [verbose] [noroute]
• Time Service (port 37)
To configure a destination to which UDP packets will be forwarded, enter the following
command in Configure mode:
Specify local subnet interface,
destination “helper” IP
address, and UDP port
number to forward.
DIGITAL GIGAswitch/Router User Reference Manual 65
ip helper-address interface <interface-name>
<helper-address>|all-interfaces [<udp-port#>]
Page 90
Chapter 6: IP Routing Configuration Guide
Configuring Direct Broadcast
You can configure the GSR to forward all directed broadcast traffic from the local subnet
to a specified IP address or all associated IP addresses. This is a more efficient method
than defining only one local interface and remote IP address destination at a time with the
ip-helper command when you are forwarding traffic from more than one interface in the
local subnet to a remote destination IP address.
To forward all directed broadcast traffic to a specified IP address, enter the following
command in Configure mode:
Forward directed broadcast
traffic.
ip enable directed-broadcast interface
Configuring Denial of Service (DOS)
By default, the GSR installs flows in the hardware so that packets sent as directed
broadcasts are dropped in hardware, if directed broadcast is not enabled on the interface
where the packet is received. You can disable this feature, causing directed broadcast
packets to be processed on the GSR even if directed broadcast is not enabled on the
interface receiving the packet.
Similarly, the GSR installs flows to drop packets destined for the GSR for which service is
not provided by the GSR. This prevents packets for unknown services from slowing the
CPU. You can disable this behavior, causing these packets to be processed by the CPU.:
Disables the directedbroadcast-protection feature
of the GSR.
Disables the port-attackprotection feature of the GSR.
ip dos disable directed-broadcast-protection
ip dos disable port-attack-protection
<interface name>|all
Monitoring IP Parameters
The GSR provides display of IP statistics and configurations contained in the routing
table. Information displayed provides routing and performance information.
66 DIGITAL GIGAswitch/Router User Reference Manual
Page 91
Configuring Router Discovery
To display IP information, enter the following command in Enable mode:
Show ARP table entries.
Show IP interface configuration.
Show all TCP/UDP connections
arp show all
interface show ip
ip show connections [no-lookup]
and services.
Show configuration of IP interfaces.
Show IP routing table information.
Show ARP entries in routing table.
Show DNS parameters.
ip show interfaces [<interface-name>]
ip show routes
ip show routes show-arps
system show dns
Configuring Router Discovery
The router discovery server on the GSR periodically sends out router advertisements to
announce the existence of the GSR to other hosts. The router advertisements are multicast
or broadcast to each interface on the GSR on which it is enabled and contain a list of the
addresses on the interface and the preference of each address for use as a default route for
the interface. A host can also send a router solicitation, to which the router discovery
server on the GSR will respond with a unicast router advertisement.
On systems that support IP multicasting, router advertisements are sent to the ‘all-hosts’
multicast address 224.0.0.1 by default. You can specify that broadcast be used, even if IP
multicasting is available. When router advertisements are sent to the all-hosts multicast
address or an interface is configured for the limited broadcast address 255.255.255.255, the
router advertisement includes all IP addresses configured on the physical interface. When
router advertisements are sent to a net or subnet broadcast, then only the address
associated with the net or subnet is included.
To start and stop router discovery on the GSR, enter the following commands in
Configure mode:
Start router discovery. rdisc start
Stop router discovery. rdisc stop
DIGITAL GIGAswitch/Router User Reference Manual 67
Page 92
Chapter 6: IP Routing Configuration Guide
To configure router advertisement, enter the following commands in Configure mode:
Define IP address to be
included in router
advertisements.
Enable router advertisement on
an interface.
Configure router advertisement
for a specific address.
Configure router advertisement
for an interface or all interfaces.
To show the state of router discovery on the GSR, enter the following command in Enable
mode:
Show router discovery state.
Configuration Examples
rdisc add address <hostname-or-ipaddr>
rdisc add interface <interface name>|all
rdisc set address <ipaddr>
type multicast|broadcast
advertise enable|disable
preference
rdisc set interface <name>|all min-advinterval
lifetime <number>
rdisc show all
<number>|ineligible
<number> max-adv-interval <number>
Assigning IP/IPX Interfaces
To enable routing on the GSR, you must assign an IP or IPX interface to a VLAN. To assign
an IP or IPX interface named ‘RED’ to the ‘BLUE’ VLAN, enter the following command:
gs/r(config)# interface create ip RED address-netmask
10.50.0.1/255.255.0.0 vlan BLUE
You can also assign an IP or IPX interface directly to a physical port. For example, to
assign an IP interface ‘RED’ to physical port et.3.4, perform the following:
gs/r(config)# interface create ip RED address-netmask
10.50.0.0/255.255.0.0 port et.3.4
68 DIGITAL GIGAswitch/Router User Reference Manual
Page 93
VRRP Overview
This chapter explains how to set up and monitor the Virtual Router Redundancy Protocol
(VRRP) on the GSR. VRRP is defined in RFC 2338.
End host systems on a LAN are often configured to send packets to a statically configured
default router. If this default router becomes unavailable, all the hosts that use it as their
first hop router become isolated on the network. VRRP provides a way to ensure the
availability of an end host’s default router.
Chapter 7
VRRP
Configuration
Guide
This is done by assigning IP addresses that end hosts use as their default route to a
“virtual router.” A Master router is assigned to forward traffic designated for the virtual
router. If the Master router should become unavailable, a backup router takes over and
begins forwarding traffic for the virtual router. As long as one of the routers in a VRRP
configuration is up, the IP addresses assigned to the virtual router are always available,
and the end hosts can send packets to these IP addresses without interruption.
DIGITAL GIGAswitch/Router User Reference Manual 69
Page 94
Chapter 7: VRRP Configuration Guide
6
Configuring VRRP
This section presents three sample VRRP configurations:
• A basic VRRP configuration with one virtual router
• A symmetrical VRRP configuration with two virtual routers
• A multi-backup VRRP configuration with three virtual routers
Basic VRRP Configuration
Figure 4 shows a basic VRRP configuration with a single virtual router. Routers R1 and R2
are both configured with one virtual router (
Router R2 serves as the Backup. The four end hosts are configured to use 10.0.0.1/16 as
the default route. IP address 10.0.0.1/16 is associated with virtual router
Master Backup
VRID=1). Router R1 serves as the Master and
VRID=1.
R1 R2
Interface Addr. =
VRID=1
Addr. =
;
10.0.0.1/16
10.0.0.1/16
H1 H2 H3 H4
Default Route = 10.0.0.1/16
VRID=1
10.0.0.1/16
Interface Addr. =
VRID=1
Addr. =
;
10.0.0.2/1
10.0.0.1/16
Figure 4. Basic VRRP Configuration
If Router R1 should become unavailable, Router R2 would take over virtual router
VRID=1
and its associated IP addresses. Packets sent to 10.0.0.1/16 would go to Router R2. When
Router R1 comes up again, it would take over as Master, and Router R2 would revert to
Backup.
70 DIGITAL GIGAswitch/Router User Reference Manual
Page 95
Configuration of Router R1
The following is the configuration file for Router R1 in Figure 4.
1: interface create ip test address-netmask 10.0.0.1/16 port et.1.1
2: ip-redundancy create vrrp 1 interface test
3: ip-redundancy associate vrrp 1 interface test address 10.0.0.1/16
4: ip-redundancy start vrrp 1 interface test
Line 1 adds IP address 10.0.0.1/16 to interface test, making Router R1 the owner of this IP
address. Line 2 creates virtual router
10.0.0.1/16 with virtual router
In VRRP, the router that owns the IP address associated with the virtual router is the
Master. Any other routers that participate in this virtual router are Backups. In this
configuration, Router R1 is the Master for virtual router
10.0.0.1/16, the IP address associated with virtual router
Configuration for Router R2
Configuring VRRP
VRID=1 on interface test. Line 3 associates IP address
VRID=1. Line 4 starts VRRP on interface test.
VRID=1 because it owns
VRID=1.
The following is the configuration file for Router R2 in Figure 4.
1: interface create ip test address-netmask 10.0.0.2/16 port et.1.1
2: ip-redundancy create vrrp 1 interface test
3: ip-redundancy associate vrrp 1 interface test address 10.0.0.1/16
4: ip-redundancy start vrrp 1 interface test
The configuration for Router R2 is nearly identical to Router R1. The difference is that
Router R2 does not own IP address 10.0.0.1/16. Since Router R2 does not own this IP
address, it is the Backup. It will take over from the Master if it should become unavailable.
Symmetrical Configuration
Figure 5 shows a VRRP configuration with two routers and two virtual routers. Routers
R1 and R2 are both configured with two virtual routers (
Router R1 serves as:
• Master for
•Backup for VRID=2
Router R2 serves as:
VRID=1
VRID=1 and VRID=2).
• Master for
•Backup for VRID=1
DIGITAL GIGAswitch/Router User Reference Manual 71
VRID=2
Page 96
Chapter 7: VRRP Configuration Guide
This configuration allows you to load-balance traffic coming from the hosts on the
10.0.0.0/16 subnet and provides a redundant path to either virtual router.
Note: This is the recommended configuration on a network using VRRP.
Master for VRID=1
Backup for VRID=2
Master for VRID=2
Backup for VRID=1
R1 R2
Interface Addr. =
Addr. =
;
VRID=1
Addr. =
;
VRID=2
10.0.0.1/16
10.0.0.1/16
10.0.0.2/16
10.0.0.1/16
VRID=1
H1 H2 H3 H4
Default Route = 10.0.0.1/16
VRID=2
10.0.0.2/16
Interface Addr. =
Addr. =
;
VRID=1
Addr. =
;
VRID=2
Default Route = 10.0.0.2/16
10.0.0.2/16
10.0.0.1/16
10.0.0.2/16
Figure 5. Symmetrical VRRP Configuration
In this configuration, half the hosts use 10.0.0.1/16 as their default route, and half use
10.0.0.2/16. IP address 10.0.0.1/16 is associated with virtual router
10.0.0.2/16 is associated with virtual router
VRID=2.
VRID=1, and IP address
If Router R1, the Master for virtual router
the IP address 10.0.0.1/16. Similarly, if Router R2, the Master for virtual router
VRID=1, goes down, Router R2 would take over
VRID=2,
goes down, Router R1 would take over the IP address 10.0.0.2/16.
72 DIGITAL GIGAswitch/Router User Reference Manual
Page 97
Configuration of Router R1
The following is the configuration file for Router R1 in Figure 5.
1: interface create ip test address-netmask 10.0.0.1/16 port et.1.1
!
2: ip-redundancy create vrrp 1 interface test
3: ip-redundancy create vrrp 2 interface test
!
4: ip-redundancy associate vrrp 1 interface test address 10.0.0.1/16
5: ip-redundancy associate vrrp 2 interface test address 10.0.0.2/16
!
6: ip-redundancy start vrrp 1 interface test
7: ip-redundancy start vrrp 2 interface test
Router R1 is the owner of IP address 10.0.0.1/16. Line 4 associates this IP address with
virtual router
VRID=1, so Router R1 is the Master for virtual router VRID=1.
Configuring VRRP
On line 5, Router R1 associates IP address 10.0.0.2/16 with virtual router
However, since Router R1 does not own IP address 10.0.0.2/16, it is not the default Master
for virtual router
Configuration of Router R2
The following is the configuration file for Router R2 in Figure 5.
1: interface create ip test address-netmask 10.0.0.2/16 port et.1.1
!
2: ip-redundancy create vrrp 1 interface test
3: ip-redundancy create vrrp 2 interface test
!
4: ip-redundancy associate vrrp 1 interface test address 10.0.0.1/16
5: ip-redundancy associate vrrp 2 interface test address 10.0.0.2/16
!
6: ip-redundancy start vrrp 1 interface test
7: ip-redundancy start vrrp 2 interface test
On line 1, Router R2 is made owner of IP address 10.0.0.2/16. Line 5 associates this IP
address with virtual router
Line 4 associates IP address 10.0.0.1/16 with virtual router
Backup for virtual router
VRID=2.
VRID=2.
VRID=2, so Router R2 is the Master for virtual router VRID=2.
VRID=1, making Router R2 the
VRID=1.
DIGITAL GIGAswitch/Router User Reference Manual 73
Page 98
Chapter 7: VRRP Configuration Guide
Multi-Backup Configuration
Figure 6 shows a VRRP configuration with three routers and three virtual routers. Each
router serves as a Master for one virtual router and as a Backup for each of the others.
When a Master router goes down, one of the Backups takes over the IP addresses of its
virtual router.
In a VRRP configuration where more than one router is backing up a Master, you can
specify which Backup router takes over when the Master goes down by setting the
priority for the Backup routers.
Master for VRID=1
1st Backup for VRID=2
1st Backup for VRID=3
Master for VRID=2
1st Backup for VRID=1
2nd Backup for VRID=3
R1 R2
VRID=1
10.0.0.1/16
H1 H2 H3 H4
Default Route = 10.0.0.1/16
Default Route = 10.0.0.2/16
10.0.0.2/16
Figure 6. Multi-Backup VRRP Configuration
In this configuration, Router R1 is the Master for virtual router
Backup for virtual routers
VRID=2 and VRID=3. If Router R2 or R3 were to go down,
Router R1 would assume the IP addresses associated with virtual routers
VRID=3.
VRID=2
Master for VRID=3
2nd Backup for VRID=1
2nd Backup for VRID=2
R3
VRID=3
10.0.0.3/16
H5 H6
Default Route = 10.0.0.3/16
VRID=1 and the primary
VRID=2 and
Router R2 is the Master for virtual router
VRID=1, and the secondary Backup for virtual router VRID=3. If Router R1 should fail,
Router R2 would become the Master for virtual router
should fail, Router R2 would become the Master for all three virtual routers. Packets sent
to IP addresses 10.0.0.1/16, 10.0.0.2/16, and 10.0.0.3/16 would all go to Router R2.
74 DIGITAL GIGAswitch/Router User Reference Manual
VRID=2, the primary backup for virtual router
VRID=1. If both Routers R1 and R3
Page 99
Router R3 is the secondary Backup for virtual routers VRID=1 and VRID=2. It would
become a Master router only if both Routers R1 and R2 should fail. In such a case, Router
R3 would become the Master for all three virtual routers.
Configuration of Router R1
The following is the configuration file for Router R1 in Figure 6.
1: interface create ip test address-netmask 10.0.0.1/16 port et.1.1
!
2: ip-redundancy create vrrp 1 interface test
3: ip-redundancy create vrrp 2 interface test
4: ip-redundancy create vrrp 3 interface test
!
5: ip-redundancy associate vrrp 1 interface test address 10.0.0.1/16
6: ip-redundancy associate vrrp 2 interface test address 10.0.0.2/16
7: ip-redundancy associate vrrp 3 interface test address 10.0.0.3/16
!
8: ip-redundancy set vrrp 2 interface test priority 200
9: ip-redundancy set vrrp 3 interface test priority 200
!
10: ip-redundancy start vrrp 1 interface test
11: ip-redundancy start vrrp 2 interface test
12: ip-redundancy start vrrp 3 interface test
Configuring VRRP
Router R1’s IP address on interface test is 10.0.0.1. There are three virtual routers on this
interface:
•
VRID=1 – IP address=10.0.0.1/16
•
VRID=2 – IP address=10.0.0.2/16
VRID=3 – IP address=10.0.0.3/16
•
Since the IP address of virtual router
VRID=1 is the same as the interface’s IP address
(10.0.0.1), then the router automatically becomes the address owner of virtual router
VRID=1.
A priority is associated with each of the virtual routers. The priority determines whether
the router will become the Master or the Backup for a particular virtual router. Priorities
can have values between 1 and 255. When a Master router goes down, the router with the
next-highest priority takes over the virtual router. If more than one router has the nexthighest priority, the router that has the highest-numbered interface IP address becomes
the Master.
If a router is the address owner for a virtual router, then its priority for that virtual router
is 255 and cannot be changed. If a router is not the address-owner for a virtual-router, then
its priority for that virtual router is 100 by default, and can be changed by the user.
DIGITAL GIGAswitch/Router User Reference Manual 75
Page 100
Chapter 7: VRRP Configuration Guide
Since Router R1 is the owner of the IP address associated with virtual router VRID=1, it has
a priority of 255 (the highest) for virtual router
priority for virtual routers
configuration have a higher priority, Router R1 will take over as Master for virtual routers
VRID=2 and VRID=3, should Router R2 or R3 go down.
The following table shows the priorities for each virtual router configured on Router R1.
Virtual Router Default Priority Configured Priority
VRID=1 – IP address=10.0.0.1/16 255 (address owner) 255 (address owner)
VRID=2 – IP address=10.0.0.2/16 100 200 (see line 8)
VRID=3 – IP address=10.0.0.3/16 100 200 (see line 9)
Configuration of Router R2
The following is the configuration file for Router R2 in Figure 6.
VRID=1. Lines 8 and 9 set Router R1’s
VRID=2 and VRID=3 at 200. If no other routers in the VRRP
1: interface create ip test address-netmask 10.0.0.2/16 port et.1.1
!
2: ip-redundancy create vrrp 1 interface test
3: ip-redundancy create vrrp 2 interface test
4: ip-redundancy create vrrp 3 interface test
!
5: ip-redundancy associate vrrp 1 interface test address 10.0.0.1/16
6: ip-redundancy associate vrrp 2 interface test address 10.0.0.2/16
7: ip-redundancy associate vrrp 3 interface test address 10.0.0.3/16
!
8: ip-redundancy set vrrp 1 interface test priority 200
9: ip-redundancy set vrrp 3 interface test priority 100
!
10: ip-redundancy start vrrp 1 interface test
11: ip-redundancy start vrrp 2 interface test
12: ip-redundancy start vrrp 3 interface test
Line 8 sets the backup priority for virtual router
higher than Router R3’s backup priority for virtual router
primary Backup, and Router R3 is the secondary Backup for virtual router
On line 9, the backup priority for virtual router
VRID=1 to 200. Since this number is
VRID=1, Router R2 is the
VRID=1.
VRID=3 is set to 100. Since Router R1’s
backup priority for this virtual router is 200, Router R1 is the primary Backup, and Router
R2 is the secondary Backup for virtual router
VRID=3.
76 DIGITAL GIGAswitch/Router User Reference Manual
Loading...