Cabletron Systems SmartSwitch 8-slot, SSR-8 User's Reference Manual

SmartSwitch Router

User Reference Manual

9032578

Notice

Cabletron Systems reserves the right to make changes in specifications and ot her information co ntained
in this document without prior notice. The reader should in all cases consult Cabletron Systems to
determine whether any such changes have been made.

The hardware, firmware, or software described in this manual is subject to change without notice.
IN NO EVENT SHALL CABLETRON SYSTEMS BE LIABLE FOR ANY INCIDENTAL,

INDIRECT, SPECIAL, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT
NOT LIMITED TO LOST PROFITS) ARISING OUT OF OR RELATED TO THIS MANUAL OR
THE INFORMATION CONTAINED IN IT, EVEN IF CABLETRON SYSTEMS HAS BEEN
ADVISED OF, KNOWN, OR SHOULD HAVE KNOWN, THE POSSIBILITY OF SUCH
DAMAGES.

© Copyright April 1998 by:
Cabletron Systems, Inc.

35 Industrial Way
Rochester, NH 03867-5005

All Rights Reserved
Printed in the United States of America

Order Number:9032578

LANVIEW is a registered trademark, and SmartSwitch is a trademark of
Cabletron Systems, Inc.

CompuServe is a registered trademark of CompuServe, Inc.

i960 microprocessor is a registered trademark of Intel Corp.

Ethernet is a trademark of Xerox Corporation.

SSR User Reference Manual iii

Notice

FCC Notice

This device complies with Part 15 of the FCC rules. Operation is subject to the following two
conditions: (1) this device may not cause harmful interference, and (2) this device must accept any
interference received, including interference that may cause undesired operation.

NOTE: This equipment has been tested and found to comply with the limits for a Class A digital
device, pursuant to P art 1 5 of the FCC r ules. These limits are design ed to provide reasonable protection
against harmful interference when the equipment is operated in a commercial environment. This
equipment uses, generates, and can radiate radio frequency energy and if not installed in accordance
with the operator’s manual, may cause harmful interference to radio commu nications. Oper ation of this
equipment in a residential area is likely to cause interference in which case the user will be required to
correct the interference at his own expense.

WARNING: Changes or modifications made to this device which are not expressly approved by the
party responsible for compliance could void the user’s authority to operate the equipment.

VCCI Notice

This is a Class A product based on the standard of the Voluntary Control Council for Interference by
Information Technology Equipment (VCCI). If this equipment is used in a domestic environment, radio
disturbance may arise. When such trouble occurs, the user may be required to take corrective actions.

DOC Notice

This digital apparatus does not exceed the Class A limits for radio noise emissions from digital
apparatus set out in the Radio Interference Regulations of the Canadian Department of
Communications.

Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables
aux appareils numériques de la class A prescrites dans le Règlement sur le brouillage radioélectrique
édicté par le ministère des Communicati o ns du Canada.

iv

DECLARATION OF CONFORMITY

ADDENDUM

Application of Council Directive(s): 89/336/EEC

73/23/EEC

Manufacturer’s Name: Cabletron Systems, Inc.

Manufacturer’s Address: 35 Industrial Way

PO Box 5005
Rochester, NH 03867

European Representative Name: Mr. J. Solari

European Representative Address: Cabletron Systems Limited

Nexus House, Newbury
Business Park
London Road, Newbury
Berkshire RG13 2PZ, England

Conformance to Directive(s)/Product Standards:

EC Directive 89/336/EEC
EC Directive 73/23/EEC
EN 55022
EN 50082-1
EN 60950

Equipment Type/Environment: Networking Equipment, for

use in a Commercial or Light
Industrial Environment.

We the undersigned, hereby declare, under our sole responsibility, that the equipment
packaged with this notice conforms to the above directives.

Manufacturer Legal Representative in Europe
Mr. Ronald Fotino Mr. J. Solari

____________________________________________________ ____________________________________

Full Name Full Name
Principal Compliance Engineer Managing Director - E.M.E.A.

____________________________________________________ ____________________________________

Title Title
Rochester, NH, USA Newbury, Berkshire, England

____________________________________________________ ____________________________________

Location Location

SSR User Reference Manual v

Notice

vi

About This Manual

This manual provides detailed information and procedures for configuring the 8-slot
SmartSwitch Router (SSR-8) software. If you have not yet installed the SSR, use the
instructions in the SmartSwitch Router Getting Started Guide to install the chassis and
perform basic setup tasks, then return to this manual for more detail ed configuration
information.

Who Should Read This Manual?

Read this manual if you are a network administrator responsible for configuring and
monitoring the SSR.

Preface

About This Manual

How to Use This Manual

If Yo u Want To... See...

Read overview information Chapter 1
Configure bridging Chapter 2
Configure IP interfaces and global routing parameters Chapter 3
Configure RIP routing Chapter 4
Configure OSPF routing Chapter 5
Configure Routin g Pol ic ie s Chapter 6
Configure IP Multicast routing Chapter 7
Configure IPX routing C hapter 8
Configure filters Chapter 9
Configure QoS (Quality of Service) parameters Chapter 10
Monitor performance Chapter 11

Related Documentation

The Cabletron Systems documentation set includes the following items. R efer to these
other documents to learn more about your product.

For Information About... See the...

Installing and setting up the SSR SmartSwitch Router Getting Started

Managing the SSR using Cabletron
Systems’ element management appli­cation

The complete syntax for all CLI com­mands

Guide
CoreWatch User’s Manual and the

CoreWatch online help

SmartSwitch Router Command Line
Interface Reference Manual

viii SSR User Reference Manual

About This Manual

For Information About... See the...

System messages and SNMP traps SmartSwitch Router Error Messag e Ref-

erence Manual

SSR User Reference Manual ix

About This Manual

x SSR User Reference Manual

Contents

Chapter 1 SmartSwitch Router Product Overview

Supported Media (Encapsulation Type). . . . . . . . . . . . . . . . . . . 1-2

Supported Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2

Configuring the Cabletron SmartSwitc h Router . . . . . . . . . . . . . 1-3

Understanding the Command Line Interface . . . . . . . . . . . . 1-3

Basic Line Editing Commands . . . . . . . . . . . . . . . . . . . . . . . 1-3

Access Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4

User Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5

Enable Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6

Configure Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7

Boot PROM Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8

Disabling a Function or Feature . . . . . . . . . . . . . . . . . . . . . . 1-9

Loading System Images and Configuration Files. . . . . . . . . . . . 1-9

Boot and System Image. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9

Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9

Loading System Image Software . . . . . . . . . . . . . . . . . . . . 1-10

Loading Boot PROM Software . . . . . . . . . . . . . . . . . . . . . . 1-11

Activate the Configuration Commands in the Scratchpad . 1-12
Copy the Configuration to the Startup Configuration File. . 1-13

Managing the SSR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-13

Set SSR Name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-14

Set SSR Date and Time. . . . . . . . . . . . . . . . . . . . . . . . . . . 1-14

Configure the SSR CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-14

Configure SNMP Services . . . . . . . . . . . . . . . . . . . . . . . . . 1-14

Configure DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-15

Configure HTTP Services. . . . . . . . . . . . . . . . . . . . . . . . . . 1-15

Monitoring Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-15

Chapter 2 Bridging Configuration Guide

Bridging Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

Contents

Spanning Tree (IEEE 802.1d) . . . . . . . . . . . . . . . . . . . . . . . 2-1

Bridging Modes (Flow-Based and Address-Based) . . . . . . . 2-1

VLAN Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2

SSR VLAN Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3

VLANs and the SSR. . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4

Ports, VLANs, and L3 Interfaces . . . . . . . . . . . . . . . . . . 2-4

Access Ports and Trunk Ports (802.1Q support) . . . . . . 2-5

Explicit and Implicit VLANs. . . . . . . . . . . . . . . . . . . . . . . 2-5

Configuring SSR Bridging Functions . . . . . . . . . . . . . . . . . . . . . 2-6

Configure Address-based or Flow-based Bridging. . . . . . . . 2-6

Configuring Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . 2-7

Adjust Spanning-Tree Parameters . . . . . . . . . . . . . . . . . . . . 2-7

Set the Bridge Priority. . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8

Set a Port Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8

Assign Port Costs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8

Adjust Bridge Protocol Data Unit (BPDU) Intervals . . . . 2-8

Configuring a Port or Protocol based VLAN. . . . . . . . . . . . . 2-9

Create a Port or Protocol Based VLAN . . . . . . . . . . . . . 2-9

Adding Ports to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . 2-9

Configuring VLAN Trunk Ports. . . . . . . . . . . . . . . . . . . . . . 2-10

Configure Bridging for Non-IP/IPX Protocols . . . . . . . . . . . 2-10

Configure Layer-2 Filters . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10

Monitor Bridging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11

Configuration Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11

Creating an IP or IPX VLAN. . . . . . . . . . . . . . . . . . . . . . . . 2-11

Chapter 3 IP Routing Configuration Guide

IP Routing Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

IP Routing Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Unicast Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . 3-1

Multicast Routing Protocols . . . . . . . . . . . . . . . . . . . . . . 3-2

xii SSR User Refere nce Manual

Contents

Configuring IP Interfaces and Parameters . . . . . . . . . . . . . . . . . 3-2

Configure IP Addresses to Ports . . . . . . . . . . . . . . . . . . . . . 3-2

Configure IP Interfaces for a VLAN . . . . . . . . . . . . . . . . . . . 3-3

Specify Ethernet Encapsulation Method. . . . . . . . . . . . . . . . 3-3

Configure Address Resolution Protocol . . . . . . . . . . . . . . . . 3-3

Configure ARP Cache Entries . . . . . . . . . . . . . . . . . . . . 3-4

Configure Proxy ARP . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

Configure DNS Parameters . . . . . . . . . . . . . . . . . . . . . . . . .3-4

Configure IP Services (ICMP) . . . . . . . . . . . . . . . . . . . . . . . 3-5

Monitor IP Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5

Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

Assigning IP/IPX Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

Chapter 4 RIP Configuration Guide

RIP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Configure RIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Enabling and Disabling RIP . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Configuring RIP Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Configure RIP Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

Configure RIP Route Preference . . . . . . . . . . . . . . . . . . . . . 4-3

Configure RIP Route Default-Metric. . . . . . . . . . . . . . . . . . . 4-3

Monitoring RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

Chapter 5 OSPF Configuration Guide

OSPF Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

Configure OSPF. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

Enable OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-2

Configure OSPF Interface Parameters. . . . . . . . . . . . . . . . . 5-2

Configure an OSPF Area . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

SSR User Reference Manual xiii

Contents

Configure OSPF Area Parameters. . . . . . . . . . . . . . . . . . . . 5-4

Create Virtual Links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5

Configure Autonomous System External (ASE) Link

Advertisements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

Configure OSPF over Non-Broadcast Multiple Access . . . . 5-6

Monitoring OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

OSPF Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . 5-8

Chapter 6 Routing Policy Configuration Guide

Route Import and Export Policy Overview . . . . . . . . . . . . . . . . . 6-1

Preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1

Import Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2

Import-Source. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3

Route-Filter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-4

Export Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-4

Export-Destinatio n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-4

Export-Source. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-4

Route-Filter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5

Specifying a Route Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5

Aggregates and Generates . . . . . . . . . . . . . . . . . . . . . . . . . 6-6

Aggregate-Destination . . . . . . . . . . . . . . . . . . . . . . . . . . 6-7

Aggregate-Source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-7

Route-Filter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-7

Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-8

Authentication Methods . . . . . . . . . . . . . . . . . . . . . . . . . 6-8

Authentication Keys and Key Management . . . . . . . . . . 6-8

Configure Simple Routing Policies. . . . . . . . . . . . . . . . . . . . . . . 6-9

Redistributing Static Routes. . . . . . . . . . . . . . . . . . . . . . . . . 6-9

Redistributing Directly Attached Networks . . . . . . . . . . . . . 6-10

Redistributing RIP into RIP. . . . . . . . . . . . . . . . . . . . . . . . . 6-10

Redistributing RIP into OSPF. . . . . . . . . . . . . . . . . . . . . . . 6-10

xiv SSR User Re ference Manual

Contents

Redistributing OSPF to RIP . . . . . . . . . . . . . . . . . . . . . . . . 6-11

Redistributing Aggregate Routes . . . . . . . . . . . . . . . . . . . . 6-11

Simple Route Redistribution Examples . . . . . . . . . . . . . . . 6-11

Example 1: Redistribution into RIP. . . . . . . . . . . . . . . . 6-11

Example 2: Redistribution into OSPF. . . . . . . . . . . . . . 6-13

Configure Advanced Routing Policies . . . . . . . . . . . . . . . . . . . 6-15

Export Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15

Creating an Export Destination. . . . . . . . . . . . . . . . . . . . . . 6-16

Creating an Export Source . . . . . . . . . . . . . . . . . . . . . . . . . 6-17

Import Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-17

Creating an Import Source . . . . . . . . . . . . . . . . . . . . . . . . . 6-18

Creating a Route Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-18

Creating an Aggregate Route. . . . . . . . . . . . . . . . . . . . . . . 6-18

Creating an Aggregate Destination . . . . . . . . . . . . . . . . . . 6-20

Creating an Aggregate Source. . . . . . . . . . . . . . . . . . . . . . 6-20

Examples of Import Policies . . . . . . . . . . . . . . . . . . . . . . . . 6-20

Example 1: Importing from RIP . . . . . . . . . . . . . . . . . . 6-20

Example 2: Importing from OSPF. . . . . . . . . . . . . . . . . 6-23

Examples of Export Policies. . . . . . . . . . . . . . . . . . . . . . . . 6-27

Example 1: Exporting to RIP . . . . . . . . . . . . . . . . . . . . 6-27

Example 2: Exporting to OSPF. . . . . . . . . . . . . . . . . . . 6-31

Chapter 7 Multicast Routing Configuration Guide

IP Multicast Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1

IGMP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1

DVMRP Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1

Configure IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2

Configuring IGMP on an IP Interface . . . . . . . . . . . . . . . . . . 7-2

Configure IGMP Query Interval . . . . . . . . . . . . . . . . . . . . . . 7-3

Configure IGMP Response Wait Time . . . . . . . . . . . . . . . . . 7-3

Configure Per-Interfac e Control of IGMP Membership. . . . . 7-3

SSR User Reference Manual xv

Contents

Configure DVMRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4

Starting and Stopping DVMRP. . . . . . . . . . . . . . . . . . . . . . . 7-4

Configure DVMRP on an Interface. . . . . . . . . . . . . . . . . . . . 7-4

Configure DVMRP Parameters . . . . . . . . . . . . . . . . . . . . . . 7-4

Configure the DVMRP Routing Metric . . . . . . . . . . . . . . . . . 7-5

Configure DVMRP TTL and Scope . . . . . . . . . . . . . . . . . . . 7-5

Configure a DVMRP Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . 7-6

Monitor IGMP and DVMRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7

Configuration Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7

Chapter 8 IPX Routing Configuration Guide

IPX Routing Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1

RIP (Routing Information Protocol) . . . . . . . . . . . . . . . . . . . 8-1

SAP (Service Advertising Protocol) . . . . . . . . . . . . . . . . . . . 8-2

Configuring IPX RIP and SAP . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2

IPX RIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2

IPX SAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3

Creating IPX Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3

IPX Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3

Configuring IPX Interfaces and Para met e rs. . . . . . . . . . . . . . . . 8-3

Configure IPX Addresses to Ports . . . . . . . . . . . . . . . . . . . . 8-3

Configure IPX Interfaces for a VLAN . . . . . . . . . . . . . . . . . . 8-3

Specify IPX Encapsulation Method . . . . . . . . . . . . . . . . . . . 8-4

Configure IPX Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4

Enable IPX RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4

Enable SAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5

Configure Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5

Configure Static SAP Table Entries . . . . . . . . . . . . . . . . . . . 8-5

Control Access to IPX Networks . . . . . . . . . . . . . . . . . . . . . 8-5

Create an IPX Access Control List. . . . . . . . . . . . . . . . . 8-6

Create an IPX SAP Access Control List. . . . . . . . . . . . . 8-6

xvi SSR User Re ference Manual

Create an IPX RIP Access Control List . . . . . . . . . . . . . 8-7

Monitor an IPX Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7

Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7

Chapter 9 Security Configuration Guide

Security Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1

Configuring SSR Access Security . . . . . . . . . . . . . . . . . . . . . . . 9-1

Configure TACACS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1

Monitor TACACS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2

Configure Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2

L2 Security Filters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2

Configuring Layer-2 Address Filters. . . . . . . . . . . . . . . . . . . 9-3

Configuring Layer-2 Port-to-Address Lock Filters . . . . . . . . 9-4

Contents

Configuring Layer-2 Static Entry Filters . . . . . . . . . . . . . . . . 9-4

Configuring Layer-2 Secure Port Filters . . . . . . . . . . . . . . . . 9-5

Monitor Layer-2 Security Filters . . . . . . . . . . . . . . . . . . . . . . 9-5

Layer-2 Filter Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7

Example 1: Address Filters. . . . . . . . . . . . . . . . . . . . . . . 9-7

Example 2 : Secure Ports. . . . . . . . . . . . . . . . . . . . . . . . 9-8

L3 Access Control Lists (ACLs) . . . . . . . . . . . . . . . . . . . . . . . . . 9-9

Traffic Filters at Layer-3 and 4 (Access Control List) . . . . . . 9-9

The Anatomy of an ACL rule . . . . . . . . . . . . . . . . . . . . . . . . 9-9

The Ordering of ACL rules . . . . . . . . . . . . . . . . . . . . . . . . . 9-10

Implicit Deny Rule. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-11

Applying ACLs to Interfaces . . . . . . . . . . . . . . . . . . . . . . . . 9-12

Applying ACLs to Services . . . . . . . . . . . . . . . . . . . . . . . . . 9-13

ACL Logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-13

Maintaining ACLs offline using TFTP or RCP . . . . . . . . . . 9-14

Maintaining ACLs using the ACL Editor . . . . . . . . . . . . . . . 9-15

Configure ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-15

SSR User Reference Manual xvii

Defining an IP ACL. . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-16

Contents

Defining an IPX ACL. . . . . . . . . . . . . . . . . . . . . . . . . . . 9-16

Applying an ACL to an Interface. . . . . . . . . . . . . . . . . . 9-16

Applying an ACL to a Service. . . . . . . . . . . . . . . . . . . . 9-16

Edit an ACL with the ACL Editor. . . . . . . . . . . . . . . . . . 9-16

Monitor Access Control Lists . . . . . . . . . . . . . . . . . . . . . . . 9-16

Chapter 10 QoS Configuration Guide

QoS and L2/L3/L4 flow Overview. . . . . . . . . . . . . . . . . . . . . . . 10-1

Layer-2, 3, 4 Flow Specification . . . . . . . . . . . . . . . . . . . . . 10-1

Precedence for Layer-3 Flows . . . . . . . . . . . . . . . . . . . . . . 10-2

SSR Queuing Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2

Configure Layer-2 QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2

Configure Layer-3 and 4 QoS . . . . . . . . . . . . . . . . . . . . . . . . . 10-3

Configure IP QoS Policies . . . . . . . . . . . . . . . . . . . . . . . . . 10-3

Set an IP QoS Policy . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4

Specify Precedence for an IP QoS Policy . . . . . . . . . . 10-4

Configure IPX QoS Policies . . . . . . . . . . . . . . . . . . . . . . . . 10-4

Set an IPX QoS Policy . . . . . . . . . . . . . . . . . . . . . . . . . 10-4

Specify Precedence for an IPX QoS Policy . . . . . . . . . 10-5

Configure SSR Queuing Policy . . . . . . . . . . . . . . . . . . . . . . . . 10-5

Allocating Bandwidth for a Weighted-Fair Queuing Policy. 10-5

Monitor QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6

Chapter 11 Performance Monitori ng Guide

Performance Monitoring Overview. . . . . . . . . . . . . . . . . . . . . . 11-1

xviii SSR User Refere nce Manual

Chapter 1

Chapter 1 SmartSwitch Router Product

Overview

The 8-slot SmartSwitch Router (SSR-8) provides non-blocking, wire-speed Layer-2
(switching), Layer-3 (routing) and Layer-4 (application) switching. The hardware
provides wire-speed performance regardless of the performance monitoring, filtering,
and Quality of Service (QoS) features enabled by the software. You do not need to
accept performance compromises to run QoS or access control lists (ACLs).

The following table lists the basic hardware and software specifications for the SSR-8.

Feature Specification

Throughput • 16-Gbps non-blocking switching fabric

• 15 million packets-per-second routing throu ghput

Capacity • Up to 250,000 routes

• Up to 2,000,000 Layer-4 application flows

• 400,000 Layer-2 MAC addresses

• 4,096 Virtual LANs (VLANs)

• 20,000 Layer-2 security and access-control filters

• 3MB input/output buffering per Gigabit por t

• 1MB input/output buffering per 10/100 port

Routing protocols • IP: RIPv1/v2, OSPF

• IPX: RIP, SAP

• Multicast: IGMP, DVMRP

Bridging and

VLAN protocols

Media Interface

protocols

• 802.1d Spanning Tree

• 802.1Q (VLAN trunking)

• 802.3 (10Base-T)

• 802.3u (100Base-TX, 100BASE-FX)

• 802.3x (1000Base-SX, 1000Base-LX)

• 802.3z (1000Base-SX, 1000Base-LX)

Chapter 1: SmartSwitch Router Product Overview

Feature Specification

Quality of Service

(QoS)

RMON • RMONv1/v2 for each port

Management • SNMP

Port mirroring • Traffic to Control Module

Hot swapping • Power supply (when redundant supply is installed

Redundancy • Redundant and hot-swappable power supplies

• Layer-2 prioritization (802.1p)

• Layer-3 source-destination flows

• Layer-4 source-destination flows

• Layer-4 application flows

• CoreWatch Element Manager (GUI)

• Emacs-like Command Line Interface (CLI)

• Traffic from specific ports

• Traffic to specific chassis slots (line cards)

and online)

Supported Media (Encapsulation Typ e)

The SSR supports the following industry-standard networking media:

• IP: IEEE 802.3 SNAP and Ethernet Type II

• IPX: IEEE 802.3 SNAP, Ethernet Type II, IPX 802.3, 802.2

• 802.1Q VLAN Encapsulation

Supported Routing Protocols

The SSR supports many routing protocols based on open standards. The SSR can
receive and forward packets concurrently from any combination of the following:

• Interior Gateway Protocols

• Open Shortest Path First (OSPF) Version 2

• Routing Information Protocol (RIP) Version 1, 2

1 - 2 SSR User Reference Manual

Chapter 1: SmartSwitch Router Product Overview

“IP Routing Configuration Guide” on page 3 - 1 describes these protocols in detail.
The SSR supports the following Novell IPX routing protocols:

• Routing Information Protocol (RIP)

• Service Advertising Protocol (SAP)
“IPX Routing Configuration Guide” on page 8 - 1 describes these protocols in detail.

Configuring the Cabletron SmartSwitc h Router

The SSR provides a command line interface (CLI) that allows you to configure and
manage the SSR. The CLI has several command modes, each of which provides a
group of related co mmands that you can use t o configure the SSR and display its stat us.
Some commands are available to all users; others can be executed only after the user
enters an “Enable” password.

You use the CLI to configure ports, IP/IPX interfaces, routing, switching, security
filters and Quality of Service (QoS) policies.

Understanding the Command Line Interface

The SSR Command Line Interface (CLI) provides access to several different command
modes. Each command mode provides a group of related commands. This chapter
describes how to access and list the commands available in each command mode and
explains the primary uses for each command mode. This chapter also describes the
other features of the user interface.

SSR commands can be entered at a terminal connected to the access server or router
using the command line interface (CLI). The SSR can also be configured using the
CoreW atch Java-based management application. Using CoreWatch is described in the
CoreWatch User’s Guide.

Basic Line Editing Commands

The CLI supports EMACs-like line editing commands. The following table lists some
commonly used commands.

Key sequence Command

Ctrl-A Move cursor to beginning of line
Ctrl-B Move cursor back one character

SSR User Reference Manual 1 - 3

Ctrl-D Delete character

Chapter 1: SmartSwitch Router Product Overview

Key sequence Command

Ctrl-E Move cursor to end of line
Ctrl-F Move cursor forward one character

Ctrl-N Scroll to next command in command

history (use the
command to di splay the history)

Ctrl-P Scroll to previous command in com-

mand history
Ctrl-U Erase entire line
Ctrl-X Erase from cursor to end of line

Ctrl-Z Exit current access mode to previous

access mode

cli show history

Access Modes

The SSR CLI has four access modes.

• User – Allows you to display basic information and use basic utilities such as ping

but does not allow you to display SNMP, filter and access control list information or
make other configuration changes. You are in User mode when the command
prompt ends with this character:

>

• Enable – Allows you to display SNMP, filter, and access control information as well

as all the information you can display in User mode. To enter Enable mode, enter the

enable

Enable mode, the command prompt ends with this character:

#

• Configure – Allows you to make configuration changes. To ent er Configure mode,

first enter Enable mode (
from the Enable command prompt. When you are in Configur e mode, the command
prompt ends with these characters:

(config)#

• Boot – This mode appears when the SSR the extern al flash card or the system image
is not found d uring boot up. You should ent er the reboot command to reset the SSR.
If the SSR still fails to bootup, please call Cabletron Technical Support.

command, then supply the password when prompted. When you are in

enable

command), then enter the

configure

command

1 - 4 SSR User Reference Manual

Chapter 1: SmartSwitch Router Product Overview

Note:

When you are in Conf igure or Enable mode, use the
exit to the previous access mode.

Note:

User Mode

After you log in to the SSR, you are automatically in User mode. The User commands
available are a subset of those available in Enable mode. In general, the User
commands allow you to display basic information and use basic utilities such as ping
information.

To list the User commands, enter:

List the User commands.

The command prompt will show the name of the SmartSwitch Router in
front of the mode character(s). The default name is “ssr”.

exit

command or press Ctrl-z to

When you exit Configure mode, the CLI will ask you whether you want to
activate the configuration commands you have issued. If yo u enter

Y

(Y es ),
the configuration commands you issued are placed into effect and the
SmartSwitch Router’s configuration is changed accordingly. However, the
changes are not written to the Startup configuration f ile in the Control Mod­ule’s boot flash and therefore are not reinstated after a reboot.

?

The User mode command prompt consists of the SSR name followed by the angle
bracket (>):

ssr>

The default name is SSR unless it has been changed during initial configuration using
the system set name command. Refer to the SmartSwitch Router Command Line
Interface Reference Manual for information on the system facility.

To list the commands available in User mode, enter a question mark (?) as shown in
the following example:

ssr> ?
aging - Show L2 and L3 Aging information

cli - Modify the command line interface behavior
dvmrp - Show DVMRP related parameters
enable - Enable privileged user mode
exit - Exit current mode
file - File manipulation commands
igmp - Show IGMP related parameters
ipx - Show IPX related parameters

SSR User Reference Manual 1 - 5

Chapter 1: SmartSwitch Router Product Overview

l2-tables - Show L2 Tables information
logout - Log off the system
multicast - Configure Multicast related parameters
ping - Ping utility
statistics - Show or clear SSR statistics
stp - Show STP status
traceroute - Traceroute utility
vlan - Show VLAN-related parameters

Enable Mode

Enable mode provides more facilities than User mode. Y ou can display critical features
within Enable mode including router configuration, access control lists and SNMP
statistics. To enter Enable mode, enter the
password when prompted.

To list the Enable commands, enter:

enable

command, then supply the

List the user Enable commands.

The Enable mode command prompt consi sts of the S SR name fo llo wed by th e pound
sign(#):

ssr#

T o list the commands available in Enable mode, enter a question mark (?) as shown in
the following example:

ssr# ?

acl - Show L3 Access Control List
aging - Show L2 and L3 Aging information
arp - Show or modify ARP entries
cli - Modify the command line interface

configure - Enter Configuration Mode
copy - Copy configuration database
dvmrp - Show DVMRP related parameters
enable - Enable privileged user mode
exit - Exit current mode
file - File manipulation commands
filters - Show L2 security filters
http - Show http parameters
igmp - Show IGMP related parameters
interface - Show interface related parameters
ip - Show IP related parameters
ip-router - Show unicast IP Routing related

?

behavior

parameters

1 - 6 SSR User Reference Manual

Chapter 1: SmartSwitch Router Product Overview

ipx - Show IPX related parameters
l2-tables - Show L2 Tables information
logout - Log off the system
mtrace - Multicast Traceroute utility
multicast - Configure Multicast related parameters
ospf - Show/Monitor Open Shortest Path First

Protocol (OSPF).
ping - Ping utility
port - Show or change Port parameters
qos - Show Quality of Service parameters
reboot - Reboot the system
rip - Show/Query Routing Information Protocol

(RIP) tables
snmp - Show SNMP related parameters.
statistics - Show or clear SSR statistics
stp - Show STP status
system - Show system-wide parameters
tacacs - Show TACACS related parameters
traceroute - Traceroute utility
vlan - Show VLAN-related parameters

To exit Enable mode and return to User mode, use one of the following commands:

Exit Enable mode.

Configure Mode

Configure mode provides the capabilities to configure all features and functions on the
SSR. You can configure features and functions within Configure mode including
router configuration, access control lists and spanning tree.

To list the Configure commands, enter:

List the Configure commands.

The Configure mode command prompt consists of the SSR name followed by the
pound sign (#):

ssr(config)#

T o list the commands availabl e in Configure mode, enter a question mark (?) as shown
in the following example:

ssr(config)# ?
acl - Configure L3 Access Control List
acl-edit - Edit an ACL in the ACL Editor
aging - Configure L2 and L3 Aging
arp - Configure ARP entries

exit
Ctrl-Z

?

SSR User Reference Manual 1 - 7

Chapter 1: SmartSwitch Router Product Overview

bgp - Configure Border Gateway Protocol (BGP)
cli - Modify the command line interface behavior
dvmrp - Configure DVMRP related parameters
exit - Exit current mode
filters - Configure L2 security filters
http - Configure SNMP related parameters.
igmp - Configure IGMP related parameters
interface - Configure interface related parameters
ip - Configure IP related parameters
ip-router - Configure Unicast Routing Protocol related

parameters
ipx - Configure IPX related parameters
ospf - Configure Open Shortest Path Protocol (OSPF)

port - Configure Port parameters
qos - Configure Quality of Service parameters
rip - Configure Routing Information Protocol (RIP)
snmp - Configure SNMP related parameters.
stp - Configure STP parameters
system - Configure system-wide parameters

tacacs - Configure TACACS related parameters

vlan - Configure VLAN-related parameters

Special configuration mode commands:
erase - Erase configuration information
negate - Negate a command or a group of commands

no - Negate matching commands
save - Save configuration information
search - Look up a command in configuration
show - Show configuration commands

To exit Configure mode and return to Enable mode, use one of the following
commands:

Exit Configure mode.

Boot PROM Mode

If your SSR does not find a valid system image on the external PCMCIA flash, the
system might enter pro grammable read-only memory (PROM) mode. You should then
reboot the SSR at the boot PROM to restart the system. If the system fails to reboot
successfully, please call Cabletron Systems T ec hnical Supp ort to resolve the prob lem.

To reboot the SSR from the ROM monitor mode, enter the following command.

using line numbers

exit
Ctrl-Z

Reboot in Boot PROM mode.

1 - 8 SSR User Reference Manual

reboot

Chapter 1: SmartSwitch Router Product Overview

Disabling a Function or Feature

The CLI provides for an implicit negate. This allows for the “disabling” of a feature or
function which has been “enabled”. Use the
active configuration to “disable” a feature or function which has been enabled. For
example, Spanning Tree Protocol is disabled by default. If after enabling Spanning
Tree Protocol on the SmartSwitch Router, you want to disable STP, you must specify

negate

the

enable

command on the line of the active configuration containing the

command.

negate

command on a specific line of the

Loading System Images and Configuration Files

The SSR contains an internal flash on the Control Module and an external PC flash.
The internal flash contains the SSR boot image and user defined configuration files.
An external PC flash contains the system image executed by the Control module.
When an SSR boots, the boot image is executed first, followed by the system image
and finishing with a configuration file.

stp

Boot and System Image

Only one boot image exists on the internal flash of the SSR Control Module. Multiple
system images can be stored on the external PC flash.

Configuration Files

The SSR uses three special configuration files:

• Active – The commands from the Startup configuration file and any

configuration commands that you have made active from the scratchpad (see
below).

Caution

: The active configuration remains in effect only during the current power

cycle. If you power down or reboot the SSR without saving the active
configuration changes to the Startu p configuration file, the changes are lost.

• Startup – The configuration file that the SSR uses to configure itself when the

system is powered on.

• Scratchpad – The configuration commands you have entered during a

management session. These commands do not become active until you
explicitly activate them. Because some commands depend on other commands
for successful execution, the SSR scratchpad simplifies system configuration by
allowing you to enter configuration commands in any order, even when
dependencies exist. When you activate the commands in the scratchpad, the
SSR sorts out the dependencies and executes the command in the proper

SSR User Reference Manual 1 - 9

Chapter 1: SmartSwitch Router Product Overview

sequence.

Loading System Image Software

By default, the SSR boots using the system im age software installed on the Control
Module’s PCMCIA flash card. To upgrade the system software and boot using the
upgraded image, use the following procedure.

1. Display the current boot settings by entering the following command:

system show version

Here is an example:

ctron-ssr-1# system show version
Software Information
Software Version : 1.0
Copyright : Copyright (c) 1996-1998 Cabletron Systems, Inc.
Image Information : Version 1.0, built on Fri Mar 20 19:28:49 1998

Image Boot Location: file:/pc-flash/boot/ssr8/

Note:

In this example, the location “pc-flash” indicates that the SSR is set to use
the factory-installed software on the flash card.

2. Copy the software upgrade you want to install onto a TFTP server that the SSR
can access. (Use the

ping

command to verify that the SSR can reach the TFTP

server.)

3. Enter the following command to copy the software upgrade onto the PCMCIA
flash card in the Control Module:

system image add

<IPaddr-of-TFTP-host> <image-file-name>

Here is an example:

ctron-ssr-1# system image add 10.50.11.12 ssr8000
Downloading image 'ssr8000' from host '10.50.11.12'
to local image ssr8000 (takes about 3 minutes)
kernel: 100%
Image checksum validated.
Image added.

4. Enter the following command to list the images on the PCMCIA flash card and
verify that the new image is on the card:

system image list

Here is an example:

1 - 10 SSR User Reference Manual

Chapter 1: SmartSwitch Router Product Overview

ctron-ssr-1# system image list
Images currently available:
ssr8-1.0

5. Enter the following command to select the image file the SSR wi ll use the next

time you reboot the switch.

system image choose

Here is an example:

ctron-ssr-1# system image choose ssr8000_10A9
Making image ssr8-1.0 the active image for next reboot

6. Enter the

Note:

You do not need to activate this change.

system image list

Loading Boot PROM Software

The SSR boots using the boot PROM software in stalled on the Control Module’s
internal memory. To upgrade the boot PROM software and boot using the upgraded
image, use the following procedure.

1. Display the current boot settings by entering the following command:

system show version

Here is an example:

ctron-ssr-1# system show version
Software Information
Software Information
Software Version : 1.0
Copyright : Copyright (c) 1996-1998 Cabletron Systems, Inc.
Image Information : Version 1.0.B.13, built on Wed Mar 25 22:49:07

1998

Image Boot Location: file:/pc-flash/boot/ssr8/
Boot Prom Version : prom-1.0

<file-name>

command to verify the change.

Note:

In this example, the location “pc-flash” indicates that the SSR is set to use
the factory-installed software on the flash card.

2. Copy the software upgrade you want to install onto a TFTP server that the SSR

can access. (Use the

SSR User Reference Manual 1 - 11

ping

command to verify that the SSR can reach the TFTP

Chapter 1: SmartSwitch Router Product Overview

server.)

3. Enter the following command to copy the boot PROM upgrade onto the internal
memory in the Control Module:

system promimage upgrade

name>

<IPaddr-of-TFTP-host> <image-file-

Here is an example:

ctron-ssr-1# system promimage upgrade 10.50.11.12 prom2
Downloading image 'prom2' from host '10.50.11.12'
to local image prom2 (takes about 3 minutes)
kernel: 100%
Image checksum validated.
Image added.

4. Enter the following command to verify that the new boot PROM software is on
the internal memory of the Control Module:

system show version

Activate the Configuration Commands in the Scratchpad

The configuration commands you have en tered u sing procedures in this ch apter are in
the Scratchpad but have not yet been activated. Use the following procedure to activate
the configuration commands in the scratchpad.

1. If you have not alread y done so, enter the
in the CLI.

enable

command to enter Enable mode

2. If you have not already done so, enter the

configure

command to enter

Configure mode in the CLI.

3. Enter the following command:

save active

The CLI displays the following message:

Do you want to make the changes Active? [y]

4. Enter

Note:

yes

to activate the changes.

If you exit Config ure mode (by ent ering the exit comm and or pressi ng Ctrl­z), the CLI will ask you whether you want to make the changes in the
scratchpad active.

1 - 12 SSR User Reference Manual