53-1003087-0430 July 2014FastIron Ethernet SwitchLayer 3 RoutingConfiguration GuideSupporting FastIron Software Release 08.0.10d
Customizing BGP4 Multipath load sharing... 414Specifying a list of networks to advertise...
• The DHCP option 067 bootfile name will be used for configuration download if it does not have theextension .bin .• If the DHCP option 067 bootfile n
Step 1. Validate the IP address and lease negotiation1. At boot-up, the device automatically checks its configuration for an IP address.2. If the devi
TFTP server IP address (option 150), if it is available. If the TFTP server IP address is not available,the DHCP client requests the TFTP file from th
• 006 - domain name server• 012 - hostname (optional)• 066 - TFTP server name (only used for Client-Based Auto Configuration)• 067 - bootfile name• 15
The following example shows output from the show ip address command for a Layer 2 device.device(config)# show ip address IP Address Type L
2d01h48m21s:I: DHCPC: Found static IP Address 10.1.1.1 subnet mask 255.255.255.0 on port 0/1/52d01h48m21s:I: DHCPC: Client service found no DHCP serve
address belongs. Refer to "Designated VLAN for Telnet management sessions to a Layer 2 Switch"section in the FastIron Ethernet Switch Securi
To ABORT Trace Route, Please use stop-traceroute command. Traced route to target IP node 10.157.22.80: IP Address Round Trip Time1 Round
To modify the TTL threshold to 25, enter the following commands.device(config)# ip ttl 25device(config)# exitSyntax: ip ttlttl-thresholdDHCP Assist co
In the example figure, a host from each of the four subnets supported on a Layer 2 switch requests anIP address from the DHCP server. These requests a
Setting an administrative distance for a static BGP4 network...473Limiting advertisement of a static BGP4 network to selectedneighbors...
NOTEWhen DHCP Assist is enabled on any port, Layer 2 broadcast packets are forwarded by the CPU.Unknown unicast and multicast packets are still forwar
NOTEWhen DHCP Assist is enabled on any port, Layer 2 broadcast packets are forwarded by the CPU.Unknown unicast and multicast packets are still forwar
IPv4 GRE tunnel overviewGeneric Routing Encapsulation is described in RFC 2784. Generally, GRE provides a way toencapsulate arbitrary packets (payload
FIGURE 15 GRE header formatThe GRE header has the following fields:• Checksum - 1 bit. This field is assumed to be zero in this version. If set to 1,
• On FCX devices, only eight different MTU values can be configured over the whole system. Whenthe SX-FI48GPP module is installed in the FastIron SX d
Support for IPv4 multicast routing over GRE tunnelsPIM-DM and PIM-SM Layer 3 multicast protocols and multicast data traffic are supported over GREtunn
For FastIron SX devices only, traffic coming from a tunnel can be filtered by an ACL both before andafter the tunnel is terminated and also redirected
Configuration considerations for tunnel loopback portsNOTEThe configuration considerations for tunnel loopback ports are only required for Generation
Configuration tasks for GRE tunnelsTABLE 17 Configuration tasks Default behaviorRequired tasksCreate a tunnel interface. Not assignedConfigure the s
Creating a tunnel interfaceTo create a tunnel interface, enter the following command at the Global CONFIG level of the CLI.device(config)# interface t
Displaying BGP4+ route information...547Displaying BGP4+ route-attribute entries...
Syntax: [no] tunnel source { ip-address | ethernet portnum | venumber | loopback number }The ip-address variable is the source IP address being config
Syntax: [no] tunnel mode gre ip• gre specifies that the tunnel will use GRE encapsulation (IP protocol 47).• ip specifies that the tunneling protocol
Applying an ACL or PBR to a tunnel interface on the SX-FI48GPP interface moduleTo apply an ACL or PBR policy to a tunnel interface on the SX-FI48GPP i
You can set an MTU value for packets entering the tunnel. Packets that exceed either the default MTUvalue of 1476/9192 bytes (for jumbo case) or the v
does not have the ability to bring down the line protocol of either tunnel endpoint, if the far endbecomes unreachable. Traffic sent on the tunnel can
Syntax: [no] tunnel path-mtu-discovery disableChanging the age timer for PMTUDBy default, when PMTUD is enabled on a tunnel interface, the path MTU is
Enabling PIM-SM on a GRE tunnelTo enable PIM-SM on a GRE tunnel interface, enter commands such as the following:device(config)# interface tunnel 10dev
Configuring point-to-point GRE tunnel for FastIron Adevice (config)# interface ethernet 3/1device (config-if-e1000-3/1)# ip address 10.0.8.108/24devic
Total number of IP routes: 3, avail: 79996 (out of max 80000)B:BGP D:Connected R:RIP S:Static O:OSPF *:Candidate default Destination Net
show interface tunnel output descriptions (Continued)TABLE 18 Field DefinitionMTU The configured path maximum transmission unit.encapsulation GRE GR
VRRP-E Extension for Server Virtualization... 614Suppressing default interface-level RA messages on an interfaceconf
show ip tunnel traffic output descriptions TABLE 19 Field DescriptionTunnel Status Indicates whether the tunnel is up or down. Possible values are:•
Total number of neighbors: 1 on 1 portsPort Phy_p Neighbor Holdtime Age UpTimetn1 tn1:e2 10.1.1.20 180 60 1740Sy
To reset a dynamically-configured MTU on a tunnel Interface back to the configured value, enter acommand such as the following.device(config)#clear ip
Displaying global IP configuration informationTo display IP configuration information, enter the following command at any CLI level.device# show ipGlo
CLI display of global IP configuration information - Layer 3 switch (Continued)TABLE 20 Field DescriptionSubnet Mask The network mask for the IP add
Displaying IP interface informationTo display IP interface information, enter the following command at any CLI level.device# show ip interface Interfa
ICMP redirect: enabledproxy-arp: disabledip arp-age: 10 minutesNo Helper Addresses are configured.No inbound ip access-list is setNo outgoing ip acce
NOTEThe ip-mask parameter and mask parameter perform different operations. The ip-mask parameterspecifies the network mask for a specific IP address,
CLI display of ARP cache (Continued)TABLE 22 Field DescriptionPort The port on which the entry was learned.NOTEIf the ARP entry type is DHCP, the po
The num parameter lets you display the table beginning with a specific entry number.CLI display of static ARP table TABLE 23 Field DescriptionStatic
Step 3: Start OSPF process for each VRF...660Step 4: Assign VRFs to each ve interfaces, and configure IPaddress and
CLI display of IP forwarding cache - Layer 3 switch (Continued)TABLE 24 Field DescriptionMAC The MAC address of the destination.NOTEIf the entry is
Syntax: show ip route [ ip-addr [ip-mask ] [longer ] [none-bgp ] ] {num | bgp | direct | ospf | rip |static }The ip-addr parameter displays the route
This example shows all the routes for networks beginning with 10.159. The mask value and longerparameter specify the range of network addresses to be
Clearing IP routesIf needed, you can clear the entire route table or specific individual routes.To clear all routes from the IP route table, enter the
CLI display of IP traffic statistics - Layer 3 switch (Continued)TABLE 26 Field Descriptionfiltered The total number of IP packets filtered by the d
CLI display of IP traffic statistics - Layer 3 switch (Continued)TABLE 26 Field Descriptionirdp advertisement The number of ICMP Router Discovery Pr
CLI display of IP traffic statistics - Layer 3 switch (Continued)TABLE 26 Field Descriptionresponses sent The number of responses this device has se
CLI display of global IP configuration information - Layer 2 switchTABLE 27 Field DescriptionIP configurationSwitch IP address The management IP add
CLI display of ARP cache (Continued)TABLE 28 Syntax: show arpFieldDescriptionMac The MAC address of the device.NOTEIf the MAC address is all zeros,
CLI display of IP traffic statistics - Layer 2 switchTABLE 29 Field DescriptionIP statisticsreceived The total number of IP packets received by the
Preface● Document conventions...15● Brocade resources
CLI display of IP traffic statistics - Layer 2 switch (Continued)TABLE 29 Field Descriptiontimestamp reply The number of Timestamp Reply messages se
CLI display of IP traffic statistics - Layer 2 switch (Continued)TABLE 29 Field Descriptioninput errors This information is used by Brocade customer
NOTEThis command only functions on the IPv4 platform.IP Configuration152 FastIron Ethernet Switch Layer 3 Routing Configuration Guide53-1003087-04
Layer 3 Routing Protocols● Supported Layer 3 routing protocols features... 153● Adding a s
Adding a static IP routeTo configure an IP static route with a destination address of 192.0.0.0 255.0.0.0 and a next-hop routerIP address of 195.1.1.1
NOTEIf you specify 16, RIP considers the metric to be infinite and thus also considers the route to beunreachable.The tag num parameter specifies the
The distancenum parameter configures the administrative distance for the route. You can specify avalue from 1 - 255. The default is 1. The value 255 m
Use the following command to configure static route resolve by default route.device(config)# ip route next-hop-enable-defaultSyntax: [no] ip route nex
Layer 3 configuration notes• Changing the system parameters reconfigures the device memory. Whenever you reconfigure thememory on a Brocade device, yo
The following example shows output on a FastIron X Series with third generation modules.device#show default valuesys log buffers:50 mac age ti
Convention Descriptionvalue In Fibre Channel products, a fixed value provided as input to a commandoption is printed in plain text, for example, --sho
NOTEConsult your reseller or Brocade to understand the risks involved before disabling all Layer 2 switchingoperations.Configuration notes and feature
The following example shows the creation and deployment of a dynamic LAGthat is used for routing on a FastIron device with Layer 3 image.Brocade(confi
Configuring a Layer 3 Link Aggregration Group (LAG)162 FastIron Ethernet Switch Layer 3 Routing Configuration Guide53-1003087-04
IPv6 Configuration on FastIron X Series, FCX, and ICX SeriesSwitches● Supported IPv6 features on FastIron X Series, FCX, and ICX devices...
Feature ICX 6430 ICX 6450 FCX ICX 6610 ICX 6650 FSX 800FSX 1600ICX 7750IPv6 debug 08.0.01 08.0.01 08.0.01 08.0.01 08.0.01 08.0.01 08.0.10IPv6 ping 08.
Feature ICX 6430 ICX 6450 FCX ICX 6610 ICX 6650 FSX 800FSX 1600ICX 7750DHCPv6 relay agent No 08.0.01 08.0.01 08.0.01 08.0.01 08.0.01 08.0.10DHCPv6 pre
FIGURE 17 IPv6 address formatAs shown in the above figure, HHHH is a 16-bit hexadecimal value, while H is a 4-bit hexadecimalvalue. The following is a
IPv6 address types TABLE 30 AddresstypeDescription Address structureUnicast An address for a singleinterface. A packet sent to aunicast address is d
IPv6 stateless auto-configurationBrocade routers use the IPv6 stateless autoconfiguration feature to enable a host on a local link toautomatically con
IPv6 CLI command support (Continued)TABLE 31 IPv6 command Description Switch code Router codeclear ipv6 route Deletes all dynamic entries in the IPv
Brocade resourcesVisit the Brocade website to locate related documentation for your product and additional Brocaderesources.You can download additiona
IPv6 CLI command support (Continued)TABLE 31 IPv6 command Description Switch code Router codeipv6 route Configures an IPv6 static route. Xipv6 route
IPv6 host address on a Layer 2 switchIn a Layer 3 (router) configuration, each port can be configured separately with an IPv6 address. This isaccompli
To override a link-local address that is automatically computed for the global interface with a manuallyconfigured address, enter a command such as th
IPv6 configuration on each router interfaceTo forward IPv6 traffic on a router interface, the interface must have an IPv6 address, or IPv6 must beexpl
You must specify the prefix-length parameter as a decimal value. A slash mark (/) must follow theipv6-prefix parameter and precede the prefix-length p
To override a link-local address that is automatically computed for an interface with a manuallyconfigured address, enter commands such as the followi
Syntax: ip address ip-address sub-net-mask [ secondary ]You must specify the ip-address parameter using 8-bit values in dotted decimal notation.You ca
Restricting SNMP access to an IPv6 nodeYou can restrict SNMP access to the device to the IPv6 host whose IP address you specify. To do so,enter a comm
To establish a Telnet connection to a remote host with the IPv6 address of 2001:DB8:3de2:c37::6,enter the following command.device#telnet 2001:DB8:3de
instead of the host name and its domain name. For example, you could enter either of the followingcommands to initiate the ping.device#ping ipv6 nyc01
• Brocade Supplemental Support augments your existing OEM support contract, providing directaccess to Brocade expertise. For more information, contact
• The timeout milliseconds parameter specifies how many milliseconds the router waits for a replyfrom the pinged device. You can specify a timeout fro
Location:Community(ro): ...Traps Warm/Cold start: Enable Link up: Enable Link down: Enable
NOTEIPv6 is disabled by default in the router code and must be configured on each interface that willsupport IPv6.IPv6 ICMP feature configurationAs wi
Enabling IPv6 ICMP redirect messagesYou can enable a Layer 3 switch to send an IPv6 ICMP redirect message to a neighboring host toinform it of a bette
‐ Prefixes advertised in router advertisement messages.‐ Flags for host stateful autoconfiguration.• Amount of time during which an IPv6 node consider
Each configured router interface on a link sends out a router advertisement message, which has a valueof 134 in the Type field of the ICMP packet head
• The number of consecutive neighbor solicitation messages that duplicate address detection sendson an interface. By default, duplicate address detect
Syntax: [no] ipv6 nd ra-interval number | min-range-value max-range-valueSyntax: [no] ipv6 nd ra-lifetime numberSyntax: ipv6 nd ra-hop-limit numbernum
For example, to advertise the prefix 2001:DB8:a487:7365::/64 in router advertisement messages sentout on Ethernet interface 3/1 with a valid lifetime
Enabling and disabling IPv6 router advertisementsIf IPv6 unicast routing is enabled on an Ethernet interface, by default, this interface sends IPv6 ro
About This Document● Supported Hardware... 19● Wha
Syntax: [no] ipv6 nd reachable-time secondsFor the seconds variable, specify a number from 0 through 3600 seconds. To restore the default time,use the
Syntax: [no] ipv6 mtu bytesFor bytes, specify a value between 1280 - 1500, or 1280 - 10218 if jumbo mode is enabled. For ICX6610 and ICX 6450 devices,
Limiting the number of hops an IPv6 packet can traverseBy default, the maximum number of hops an IPv6 packet can traverse is 64. You can change thisva
TCAM space allocation on FCX and ICX devices (except ICX 6450) (Continued)TABLE 32 Default Maximum MinimumGRE tunnels 16 64 16Allocating TCAM space
Clearing the IPv6 cacheYou can remove all entries from the IPv6 cache or specify an entry based on the following:• IPv6 prefix.• IPv6 address.• Interf
Clearing IPv6 routes from the IPv6 route tableYou can clear all IPv6 routes or only those routes associated with a particular IPv6 prefix from the IPv
4 2001:DB8:46a::1 LOCAL ethe 3/25 2001:DB8::2e0:52ff:fe99:9737
Ethernet 3/17 up/up 2017::c017:101/64Ethernet 3/19 up/up 2019::c019:101/64VE 4 down/downVE 14 up/up
Detailed IPv6 interface information fields TABLE 35 Field DescriptionInterface/line protocolstatusThe status of interface and line protocol. If you
The interface parameter restricts the display to the entries for the specified router interface. For thisparameter, you can specify the Ethernet or VE
© 2014, Brocade Communications Systems, Inc. All Rights Reserved.Brocade, the B-wing symbol, Brocade Assurance, ADX, AnyIO, DCX, Fabric OS, FastIron,
Summary of Enhancements in FastIron release 08.0.10dTABLE 1 Feature Description LocationDHCPv6 Relay Agent PrefixDelegation NotificationDHCPv6 Relay
tunnel 6 1/1C 2001:DB8:46a::/64 :: ethe 3/2 0/0C 2001:DB8::1/128
4 connected, 2 static, 0 RIP, 1 OSPF, 0 BGP Number of prefixes: /16: 1 /32: 1 /64: 3 /128: 2The following table lists the information displayed by
IPv6 local router information fields (Continued)TABLE 39 Field DescriptionLifetime The amount of time (in seconds) that the router is useful as the
General IPv6 TCP connection fields (Continued)TABLE 40 Field DescriptionTCP state The state of the TCP connection. Possible states include the follo
Receive: expected incoming sequence number = 740507227 Receive: received window = 16384 Receive: bytes in receive queue = 0 Receive: congestion w
Specific IPv6 TCP connection fields (Continued)TABLE 41 Field DescriptionReceive: expected incoming sequencenumber = numberThe incoming sequence num
Field Descriptionforwarded The total number of IPv6 packets received by the router and forwarded to other routers.delivered The total number of IPv6 p
Field DescriptionICMP6 statisticsSome ICMP statistics apply to both Received and Sent, some apply to Received only, some apply to Sent only,and some a
Field Descriptionerror The number of Error messages sent by the router.can not send error The number of times the node encountered errors in ICMP erro
Field Descriptionpassive opens The number of TCP connections opened by the router in response to connectionrequests (TCP SYNs) received from other dev
IP Configuration● Supported IP features... 21● Basic
Specify the ipv6-address as a destination address to which client messages are forwarded and whichenables DHCPv6 relay service on the interface. You c
DHCPv6 relay configured destination information (Continued)TABLE 42 Field DescriptionInterface The interface specified (ethernet, tunnel, or VE inte
DHCPv6 Relay Agent Prefix Delegation NotificationDHCPv6 Relay Agent Prefix Delegation Notification feature allows a DHCPv6 server to dynamicallydelega
• The PD notification fails when the DHCPv6 messages between a DHCPv6 server and a DHCPv6client containing the PD option are not relayed via the DHCPv
Syntax: [no] ipv6 dhcp-relay maximum-delegated-prefixes valueThe value parameter is used to limit the maximum number of prefixes that can be delegated
Output from the show ipv6 dhcp-relay delegated-prefixes command (Continued)TABLE 44 Field DescriptionClient The IPv6 address of the client.Interface
Output from the show ipv6 dhcp-relay options commandTABLE 46 Field DescriptionInterface The interface name.Interface-Id The interface ID option. Yes
Syntax: show ipv6 dhcp-relay interface interfacetypeThe interface type is interface type such as ethernet, POS, or VE and the specific port number.Tab
Syntax: clear ipv6 dhcp-relay statisticsIPv6 Configuration on FastIron X Series, FCX, and ICX Series Switches218 FastIron Ethernet Switch Layer 3 Rout
RIP● RIP feature support... 219● RIP Overview...
Feature ICX 6430 ICX 6450 FCX ICX 6610 ICX 6650 FSX 800FSX 1600ICX 7750GRE tunnel counters enhancement No No 08.0.01 No 08.0.01 No 08.0.10Routing for
RIP routers, including the Brocade device, also can modify a route cost, generally by adding to it, tobias the selection of a route for a given destin
RIP global parameters (Continued)TABLE 49 Parameter Description DefaultRedistribution RIP can redistribute routes fromother routing protocols such a
RIP interface parametersRIP interface parameters TABLE 50 Parameter Description DefaultRIP state andversionThe state of the protocol and the version
To enable RIP globally, enter the router rip command.device(config)# router ripSyntax: [no] router ripAfter globally enabling the protocol, you must e
Syntax: [no] distance numberThe number variable specifies a range from 1 through 255.Configuring redistributionYou can configure the Brocade device to
If the route map contains set statements, routes that are permitted by the route map’s match statementsare modified according to the set statements.In
The no form of this command disables RIP redistribution. You can redistribute BGP4, OSPF, or staticroutes into RIP.Configuring route learning and adve
To configure a RIP neighbor filters, enter the neighbor command.device(config-rip-router)# neighbor 1 deny anyThis command configures the Brocade devi
Syntax: [no] poison-local-routesSuppressing RIP route advertisement on a VRRP or VRRPE backupinterfaceNOTEThis section applies only if you configure t
To apply a prefix list at the global level of RIP, enter commands such as the following.device(config-rip-router)# prefix-list list1 inSyntax: no pref
If you are configuring a Layer 2 switch, refer to Configuring the management IP address and specifyingthe default gateway on page 105 to add an IP add
The timeout-timer parameter sets the amount of time after which a route is considered unreachable.The possible value ranges from 9 - 65535. The defaul
CLI display of neighbor filter information (Continued)TABLE 51 Field. DefiinitionAction The action the Brocade device takes for RIP route packets to
ip ospf area 0 ip ospf priority 0 ip rip v2-only ip address 10.1.1.2/24 ipv6 address 2000::1/32 ipv6 enable!To display current running configuration
RIPng● RIPng feature support... 233● RIPng Overview...
NOTEBrocade IPv6 devices support up to 10,000 RIPng routes. ICX 6650 IPv6 devices support up to 2000RIPng routes.Configuring RIPngTo configure RIPng,
Configuring RIPng timersRIPng timersTABLE 52 Timer Description DefaultUpdate Amount of time (in seconds) between RIPng routing updates. 30 seconds.T
• Learning and advertising of RIPng default routes.• Advertising of IPv6 address summaries.• Metric of routes learned and advertised on a Brocade devi
Changing the metric of routes learned and advertised on an interfaceA device interface increases the metric of an incoming RIPng route it learns by an
device(config)# ipv6 router ripdevice(config-ripng-router)# distribute-list prefix-list routesfor2001 out To deny prefix lengths greater than 64 bits
Clearing RIPng routes from IPv6 route tableTo clear all RIPng routes from the RIPng route table and the IPv6 main route table and reset the routes,ent
Layer 3 switchesBrocade Layer 3 switches allow you to configure IP addresses on the following types of interfaces:• Ethernet ports• Virtual routing in
show ipv6 rip output descriptions (Continued)TABLE 53 Field DescriptionPeriodic updates/triggerupdatesThe number of periodic updates and triggered u
show ipv6 rip route output descriptions (Continued)TABLE 54 Field DescriptionInterface The interface name. If "null" appears, the interfac
Displaying RIPng routing table242 FastIron Ethernet Switch Layer 3 Routing Configuration Guide53-1003087-04
OSPFv2● OSPFv2 feature support... 243● OSPF overview...
Feature ICX 6430 ICX 6450 FCX ICX 6610 ICX 6650 FSX 800FSX 1600ICX 7750Graceful restart No08.0.01 1008.0.01 1108.0.01 1208.0.01 08.0.01 08.0.10Gracefu
OSPF is built upon a hierarchy of network components. The highest level of the hierarchy is theAutonomous System (AS) . An autonomous system is define
FIGURE 19 OSPF operating in a networkOSPF point-to-point linksIn an OSPF point-to-point network, where a direct Layer 3 connection exists between a si
Designated routers in multi-access networksIn a network that has multiple routers attached, OSPF elects one router to serve as the designatedrouter (D
FIGURE 21 Backup designated router becomes designated routerIf two neighbors share the same priority, the router with the highest router ID is designa
OSPF RFC 1583 and 2328 complianceBrocade devices are configured, by default, to be compliant with the RFC 1583 OSPF V2 specification.Brocade devices c
IP packet flow through a Layer 3 switchFIGURE 1 IP Packet flow through a Brocade Layer 3 switch1. When the Layer 3 switch receives an IP packet, the L
FIGURE 22 AS external LSA reductionNotice that both Router D and Router E have a route to the other routing domain through Router F.OSPF eliminates th
‐ A second ASBR comes on-line‐ A second ASBR that is already on-line begins advertising an equivalent route to the samedestination.In either case abov
because the first network has 16 ones bits (255.255.0.0) whereas the second network has only 8ones bits (255.0.0.0).• ‐ For the less specific network,
The feature is useful for avoiding a loss of traffic during short periods when adjacency failures aredetected and traffic is rerouted. Using this feat
IETF RFC and internet draft supportThe implementation of OSPF Graceful Restart supports the following IETF RFC:• RFC 3623: Graceful OSPF RestartNOTEA
OSPF parametersYou can modify or set the following global and interface OSPF parameters.Global parametersThe global OSPF parameters are as follows:• M
Enable OSPF on the deviceWhen you enable OSPF on the device, the protocol is automatically activated. To enable OSPF on thedevice, use the following m
When an NSSA contains more than one ABR, OSPF elects one of the ABRs to perform the LSAtranslation for NSSA. OSPF elects the ABR with the highest rout
NSSAs are especially useful when you want to summarize Type-5 External LSAs (external routes)before forwarding them into an OSPF area. The OSPF specif
Syntax: [no] area { num | ip-addr nssa cost [ no-summary ] | default-information-originate }The num and ip-addr parameters specify the area number, wh
makes an entry in the session table or the forwarding cache, and sends the route to a queue on theoutgoing ports:• ‐ If the running-config contains an
The ip-mask parameter specifies the portions of the IP address that a route must contain to besummarized in the summary route. In the example above, a
Modifies the address range status to advertise and a Type 3 summary link-state advertisement (LSA)can be generated for this address range.device(confi
To assign interface 1/8 of Router A to area 10.5.0.0 and then save the changes, enter the followingcommands.RouterA(config)# interface e 1/8RouterA(co
default authentication-change interval is 300 seconds (5 minutes). You change the interval to a valuefrom 0 - 14400 seconds.• authentication-key strin
NOTEThis option affects all IP subnets configured on the interface. If you want to disable OSPF updatesonly on some of the IP subnets on the interface
To change the authentication-change interval, enter a command such as the following at the interfaceconfiguration level of the CLI.device(config-if-e1
The all-summary-external option directs the router to allow the following LSAs: Router, Network,Opq-Area-TE and Opq-Link-Graceful while it blocks all
FIGURE 24 Defining OSPF virtual links within a networkThe example shows an OSPF area border router, Device A, that is cut off from the backbone area (
Modify virtual link parametersOSPF has some parameters that you can modify for virtual links. Notice that these are the sameparameters as the ones you
md5-authentication keystringThe MD5 key is a number from 1 - 255 and identifies the MD5 key that is being used. Thisparameter is required to different
Here is an example of a static ARP entry. Index IP Address MAC Address Port 1 10.95.6.111 0000.003b.d210
• LAG group - The combined bandwidth of all the ports.• Virtual interface - The combined bandwidth of all the ports in the port-based VLAN that contai
ports that are currently active. The following example enables cost calculation for currently active ports.device(config-ospf-router)# auto-cost use-a
FIGURE 25 Redistributing OSPF and static routes to RIP routesYou also have the option of specifying import of just RIP, OSPF, BGP4, or static routes,
device(config-ospf-router)# redistribute staticdevice(config-ospf-router)# write memoryModify default metric for redistributionThe default metric is a
The match command in the route map matches on routes that have 5 for their metric value (cost). Theset command changes the metric in routes that match
Disable or re-enable load sharingBrocade devices can load share among up to eight equal-cost IP routes to a destination. By default, IPload sharing is
Configure external route summarizationWhen the device is an OSPF Autonomous System Boundary Router (ASBR), you can configure it toadvertise one extern
Router OSPF: EnabledNonstop Routing: DisabledGraceful Restart: DisabledGraceful Restart Helper: EnabledGraceful Restart Time: 120Graceful Restart Noti
If default route origination is enabled and you disable it, the default route originated by the device isflushed. Default routes generated by other OS
Supported match and set conditionsThe supported match and set conditions of a normal route-map configuration are as follows:Match ConditionsTABLE 55
• If the cache contains an entry with the destination IP address, the device uses the information in theentry to forward the packet out the ports list
Synchronization of critical OSPF elementsAll types of LSAs and the neighbor information are synchronized to the standby module using the NSRsynchroniz
Limitations• If a neighbor router is inactive for 30 seconds, and if the standby module takes over in another 10seconds, the neighbor router cannot be
Enabling and disabling NSRTo enable NSR for OSPF, enter the following commands:device(config)# router ospfdevice(config-ospf-router)# nonstop-routing
The following commands with any or all of the options will remove the options from the default-information-originate command if any of the options are
device still receives the routes and installs them in the OSPF database. The feature only prevents thesoftware from installing the denied OSPF routes
Syntax: [no] distribute-list { acl-name | acl-number } inThe distribute-list command is applied globally to all interfaces on the router where it is e
NOTEA Route Map used with the distribute-list command can use either the ip prefix-list command (asshown in the example) or an ACL to define the route
The default is type2.Modify administrative distanceThe device can learn about networks from various protocols, including Border Gateway Protocol versi
Configure OSPF group Link State Advertisement (LSA) pacingThe device paces LSA refreshes by delaying the refreshes for a specified time interval inste
• interface-authentication-failure-trap - [MIB object: ospfIfAuthFailure]• virtual-interface-authentication-failure-trap - [MIB object: ospfVirtIfAuth
IP multicast protocolsBrocade Layer 3 switches also support the following Internet Group Membership Protocol (IGMP) basedIP multicast protocols:• Prot
The log command has the following options:The all option causes all OSPF-related Syslog messages to be logged. If you later disable this optionwith th
On a non-broadcast interface, the routers at either end of this interface must configure non-broadcastinterface type and the neighbor IP address. Ther
Syntax: [no] graceful-restart restart-time secondsThe seconds variable sets the maximum restart wait time advertised to neighbors.Possible values are
Syntax: [no] graceful-restart helper-disableThis command disables OSPF Graceful Restart helper mode.The default behavior is to help the restarting nei
0xFFFFFFFF). The default value is 4294967295 (Hex: 0xFFFFFFFF). This parameter only applies tothe default instance of OSPF.ExamplesThe following examp
NOTEThe hold time values that you specify are rounded up to the next highest 100 ms value. For example,any value between 0 and 99 will be configured a
• ABR and ASBR information• Trap state information• OSPF Point-to-Point Links• OSPF Graceful Restart information• OSPF Router Advertisement informatio
show ip ospf config output descriptions (Continued)TABLE 57 Field DescriptionGraceful Restart Shows whether or not the graceful restart is enabled.G
show ip ospf config output descriptions (Continued)TABLE 57 Field DescriptionArea-ID Shows the area ID of the interface.Area-Type Shows the area typ
show ip ospf area output descriptions (Continued)TABLE 58 This field DisplaysSPFR The SPFR value.ABR The ABR number.ASBR The ABSR number.LSA The LSA
ContentsPreface...15Do
Basic IP parameters and defaults - Layer 3 SwitchesIP is enabled by default. The following IP-based protocols are all disabled by default:• Routing pr
show ip ospf neighbor output descriptions (Continued)TABLE 59 Field DescriptionState The state of the conversation between the device and the neighb
Displaying OSPF interface informationTo display OSPF interface information, enter the following command at any CLI level.device# show ip ospf interfac
show ip ospf interface output descriptions (Continued)TABLE 60 This field DisplaysState The state of the interface. Possible states include the foll
show ip ospf interface output descriptions (Continued)TABLE 60 This field DisplaysEvents OSPF Interface Event:• Interface_Up = 0x00• Wait_Timer = 0x
show ip ospf interface brief output descriptions (Continued)TABLE 61 This field DisplaysState The state of the conversation between the router and t
10.65.0.0 255.255.0.0 0 0 Inter Adv_Router Link_State Dest_Type State Tag Flags 10.1.1
show ip ospf routes output descriptions (Continued)TABLE 62 This field DisplaysTag The external route tag.Flags State information for the route entr
Done 6 0.0.0.200 Net 192.213.111.213 192.168.98.213 8000002d 1683 0x17bc Done Syntax: show ip ospf databaseshow ip ospf databaseoutput
The extensive option displays the LSAs in decrypted format.NOTEYou cannot use the extensive option in combination with other display options. The enti
show ip ospf database database-summary output descriptions (Continued)TABLE 65 This field DisplaysNetwork The number of network link state advertise
IP global parameters - Layer 3 Switches (Continued)TABLE 2 Parameter Description DefaultIP address andmask notationFormat for displaying an IP addre
The router-id ip-addr parameter shows the LSAs for the specified OSPF router.The sequence-number num parameter displays the LSA entries for the specif
show ip ospf border-routersoutput descriptions (Continued)TABLE 67 This field DisplaysRouter ID ID of the OSPF routerRouter type Type of OSPF router
show ip ospf interfaceoutput descriptions TABLE 68 This field DisplaysIP Address The IP address of the interface.OSPF state The OSPF state of the in
ver V2.2.1T143module 1 rx-bi-1g-24-port-fibermodule 2 rx-bi-10g-4-portmodule 6 rx-bi-10g-4-portmodule 7 rx-bi-1g-24-port-copper!!no spanning-tree!vlan
Displaying OSPF virtual neighborUse the show ip ospf virtual neighbor command to display OSPF virtual neighbor information.device# show ip ospf virtua
show ip ospf database grace-link-state output descriptionsTABLE 69 This field DisplaysArea The OSPF area that the interface configured for OSPF grac
The show ip ospf command displays LSAs that have been configured with a maximum metric.Clearing OSPF informationYou can use the clear ip ospf commands
OSPFv3● OSPFv3 feature support... 317● OSPFv3 overview...
OSPFv3 overviewOpen Shortest Path First (OSPF) is a link-state routing protocol. OSPF uses link-state advertisements(LSAs) to update neighboring route
Configuring OSPFv3To configure OSPFv3, you must perform the following steps.• Enable OSPFv3 globally.• Assign OSPF areas.• Assign device interfaces to
IP global parameters - Layer 3 Switches (Continued)TABLE 2 Parameter Description DefaultTime to Live (TTL) The maximum number of routers (hops) thro
Disabling OSPFv3 in a VRFTo disable OSPFv3 for a default Virtual Routing and Forwarding (VRF), enter a command such as thefollowing.device(config-ospf
When an NSSA contains more than one ABR, OSPFv3 elects one of the ABRs to perform the LSAtranslation for NSSA. OSPF elects the ABR with the highest ro
Assign a Not-So-Stubby Area (NSSA)The OSPF Not So Stubby Area (NSSA) feature enables you to configure OSPF areas that provide thebenefits of stub area
The following example deletes the NSSA area 100.device(config-ospf6-router)#no area 100Syntax: [no] area area-id nssa [[stub-metric] [default-informat
The ipv6-subnet-mask parameter specifies the portions of the IPv6 address that a route must containto be summarized in the summary route. In the examp
NOTEThis command does not work in incremental fashion. So both the optional parameters have to beconfigured each time. Otherwise it will take the defa
The point-to-point parameter specifies that the OSPF interface will support point-to-point networking.This is the default setting for tunnel interface
• Dead-interval: The number of seconds that a neighbor router waits for a hello packet from the devicebefore declaring the router is down. The range i
The interfaces that consist of more than one physical port is calculated as follows:• LAG group- The combined bandwidth of all the ports.• Virtual (Et
Configuring route redistribution into OSPFv3You can configure the device to redistribute routes from the following sources into OSPFv3:• IPv6 static r
IP global parameters - Layer 3 Switches (Continued)TABLE 2 Parameter Description DefaultStatic RARP entries An IP address you place in the RARP tabl
static IPv6 route to be redistributed into OSPF only if the route has a metric of 5, and changes themetric to 8 before placing the route into the OSPF
To restore the default metric to the default value, use the no form of this command.Modifying metric type for routes redistributed into OSPFv3The devi
To configure the summary address 2001:db8::/24 for routes redistributed into OSPFv3, enter thefollowing command.device(config-ospf6-router)# summary-a
To specify an IPv6 prefix list called filterOspfRoutes that denies route 2001:db8:2::/64, enter thefollowing commands.device(config)# ipv6 prefix-list
Configuring an OSPFv3 distribution list using a route map as inputThe following commands configure a route map that matches internal routes.device(con
Configuring default route originationWhen the Brocade device is an OSPFv3 Autonomous System Boundary Router (ASBR), you canconfigure it to automatical
the SPF delay to a value from 0 through 65535 seconds. If you set the SPF delay to 0 seconds, thesoftware immediately begins the SPF calculation after
• Intra-area routes• Inter-area routes• External routesThe default for all of these OSPFv3 route types is 110.NOTEThis feature does not influence the
Modifying exit overflow intervalIf a database overflow condition occurs on the Brocade device, the device eliminates the condition byremoving entries
• cost: Indicates the overhead required to send a packet across an interface. You can modify the costto differentiate between 100 Mbps and 1000 Mbps (
IP global parameters - Layer 3 Switches (Continued)TABLE 2 Parameter Description DefaultSource interface The IP address the router uses as the sourc
IPsec for OSPFv3This section describes the implementation of Internet Protocol Security (IPsec) for securing OSPFv3traffic.IPsec is available for OSPF
• ESP security protocol• Authentication• HMAC-SHA1-96 authentication algorithm• Security parameter index (SPI)• A 40-character key using hexadecimal c
If you configure IPsec for an area, all interfaces that utilize the area-wide IPsec (where interface-specific IPsec is not configured) nevertheless re
Syntax: [no] ipv6 ospf authentication ipsec key-add-remove-interval rangeThe no form of this command sets the key-add-remove-interval back to a defaul
The sha1 keyword specifies the HMAC-SHA1-96 authentication algorithm. This mandatory parametercan be only the sha1 keyword in the current release.Incl
If no-encrypt is not entered, then the key will be encrypted. This is the default. The system adds thefollowing in the configuration to indicate that
Disabling IPsec on an interfaceFor the purpose of troubleshooting, you can operationally disable IPsec on an interface by using theipv6 ospf authentic
Configuring OSPFv3 Graceful Restart Helper modeTo enable the graceful restart (GR) helper capability, use the graceful-restart helper command in theOS
Displaying OSPFv3 informationYou can display the information for the following OSPFv3 parameters:• Areas• Link state databases• Interfaces• Memory usa
Router: 1 Network: 0 Maximum of Hop count to nodes: 0Syntax: show ipv6 ospf area [area-id]You can specify the area-id parameter in the foll
IP interface parameters - Layer 3 switches (Continued)TABLE 3 Parameter Description DefaultICMP RouterDiscovery Protocol(IRDP)Locally overrides the
0.0.0.200 Rtr 0 192.168.98.213 800001c7 799 8402 56 Yes 0.0.0.200 Net 1156 192.168.98.111 80000004 823 b2d2 32
show ipv6 ospf database output descriptions (Continued)TABLE 72 This field DisplaysChksum A checksum for the LSA packet. The checksum is based on al
LSA Key - Rtr:Router Net:Network Inap:InterPrefix Inar:InterRouter Extn:ASExternal Grp:GroupMembership Typ7:Type7 Link:Link Iap:Intr
OSPFv3 detailed database information fields (Continued)TABLE 73 This field DisplaysMetric The cost of using this router interface for outbound traff
OSPFv3 detailed database information fields (Continued)TABLE 73 This field DisplaysOptions A 24-bit field that enables IPv6 OSPF routers to support
OSPFv3 detailed database information fields (Continued)TABLE 73 This field DisplaysPrefix Options An 8-bit field of capabilities that serve as input
show ipv6 interface output descriptions TABLE 74 Field DescriptionType Codes Shows the routing protocol enabled on the interface. The routing protoc
show ipv6 ospf interface brief output descriptions (Continued)TABLE 75 This field DisplaysStatus The status of the link and the protocol. Possible s
Outbound: None Inbound: None DR:192.168.98.111 BDR:192.168.98.213 Number of I/F scoped LSAs is
show ipv6 ospf interface output descriptions (Continued)TABLE 76 This field DisplaysInstance ID An identifier for an instance of OSPFv3.Router ID Th
NOTEBrocade Layer 2 switches also provide IP multicast forwarding, which is enabled by default. Forinformation about this feature, refer to chapter &q
show ipv6 ospf interface output descriptions (Continued)TABLE 76 This field DisplaysAdjacent NeighborCountThe number of neighbors with which the int
MTYPE_OSPF6_OTHER 0 0 0 0 MTYPE_THREAD_MASTER 84 1 1 0Syntax: show ipv6 ospf m
show ipv6 ospf neighbor output descriptions (Continued)TABLE 78 Field DescriptionState The state between the device and the neighbor. The state can
Number of LSAs in DbDesc retransmitting: 0 Number of LSAs in SummaryList: 0 Number of LSAs in RequestList: 0 Number o
show ipv6 ospf neighbor router-id output descriptions (Continued)TABLE 79 Field DescriptionDbDesc bit The Database Description packet, which include
Displaying routes redistributed into OSPFv3You can display all IPv6 routes or a specified IPv6 route that the device has redistributed into OSPFv3.To
Current Route count: 309 Intra: 304 Inter: 4 External: 1 (Type1 0/Type2 1) Equal-cost multi-path: 56 OSPF Type: IA- Intra, OA - Inter, E1 - E
OSPFv3 route information (Continued)TABLE 81 This field DisplaysE2 Cost The type 2 cost of this route.Tag The route tag for this route.Flags Flags a
child nodes: 192.168.98.61:5 192.168.98.190:1551 192.168.98.112:643 SPF node 192.168.98.61:5, cost: 2, hops: 2 nexthops to node: 5100::192:11
R 192.168.98.111 --V-B V6E---R- 1 fe80::768e:f8ff:fe3e:1800 ve 17 N 192.168.98.111[136] ----- V6E---R- 1 :: e 4/3/1N
IP global parameters - Layer 2 switches (Continued)TABLE 4 Parameter Description DefaultTime to Live (TTL) The maximum number of routers (hops) thro
For example, to display the SPF tree for area 0, enter the following command at any level of the CLI.device# show ipv6 ospf spf tree area 0 SPF tree
Displaying IPv6 OSPF virtual link informationTo display OSPFv3 virtual link information on a Brocade device, enter the show ipv6 ospf virtual-linkcomm
show ipv6 ospf virtual-neighbor output descriptionsTABLE 85 This field DisplaysIndex An index number associated with the virtual neighbor.Router ID
IPSEC Security Association Database(Entries:8)SPDID(vrf:if) Dir Encap SPI Destination AuthAlg EncryptAlg1:ALL in ESP 512
show ipsec policy output descriptions (Continued)TABLE 86 This field DisplaysDir The direction of traffic flow to which the IPsec policy is applied.
secAuthenticationErrors 0secReplayErrors: 0 ipsecPolicyErrors: 13secOtherReceiveErrors: 0 ipsecSendErrors: 0
show ipv6 ospf area output descriptions (Continued)TABLE 88 This field DisplaysCurrent Shows current SPI, authentication algorithm (currently ESP on
show ipv6 ospf interface output descriptions (Continued)TABLE 89 This field DisplaysKeyRolloverTime The number of seconds between each initiation of
Changing a keyIn this example, the key is changed. Note that the SPI value is changed from 300 to 310 to complywith the requirement that the SPI is ch
Area 1:Authentication: Not ConfiguredInterface attached to this area: eth 1/1Number of Area scoped LSAs is 6Sum of Area LSAs Checksum is 00046630Stati
Configuring IP parameters - Layer 3 switchesThe following sections describe how to configure IP parameters. Some parameters can be configuredglobally
Clearing OSPFv3 data in a VRFYou can use the clear ipv6 ospf vrf command to clear anything in a specific vrf as shown in thefollowing.device# clear ip
Clearing OSPF neighbors attached to a specified interfaceYou can use the clear ipv6 ospf neighbor interface command to delete and relearn the OSPFneig
Specify the interface options as shown in the following options.ethernet slot/port - clears OSPFv3 counters for OSPFv3 neighbors on the specified Ethe
Configuring BGP4 (IPv4)● Supported BGP4 features ... 383● BGP
Feature ICX 6430 ICX 6450 FCX ICX 6610 ICX 6650 FSX 800FSX 1600ICX 7750BGP4 No No 08.0.01 08.0.01 08.0.01 08.0.01 08.0.10BGP4 Restart No 08.0.01 1408.
Feature ICX 6430 ICX 6450 FCX ICX 6610 ICX 6650 FSX 800FSX 1600ICX 7750BGP4 AS4 Confederation ErrorCheckingNo 08.0.011408.0.01 08.0.01 08.0.01 08.0.01
communication. When you configure the device for BGP4, one of the configuration tasks you performis to identify the device’s BGP4 neighbors.Although a
4. Prefer the route that was originated locally (by this BGP4 device).5. If the local preferences are the same, prefer the path with the shortest AS-p
13.If the route is a BGP4 VRF instance, prefer the route with the smallest RD value.14.Prefer the route that comes from the lowest BGP4 neighbor addre
and the length of the network portion of the number. For example, an UPDATE message with theNLRI entry 10.215.129.0/18 indicates a route to IP network
The ospf-ignore and ospf-passive parameters modify the Layer 3 switch defaults for adjacencyformation and interface advertisement. Use one of these pa
NOTERIB-out peer grouping is not shared between different VRFs or address families.Implementation of BGP4BGP4 is described in RFC 1771 and the latest
NOTEBGP4 restart is supported in FSX 800, FSX 1600 devices with dual management modules, FCXswitches in a stack and ICX switches in a stack. If the sw
FIGURE 29 Management module switchover behavior for BGP4 peer notificationIf the active management module fails due to a fault, the management module
FIGURE 30 Example of customer connected to two ISPsIn the next example, ISP-A has purchased ISP-B. The AS associated with ISP-B changes to AS 100. IfC
1. Enable the BGP4 protocol.2. Set the local AS number.NOTEYou must specify the local AS number for BGP4 to become functional.3. Add each BGP4 neighbo
NOTETo disable BGP4 without losing the BGP4 configuration information, remove the local AS (for example,by entering the no local-as command). When you
NOTEWhen using the CLI, you set global level parameters at the BGP CONFIG level of the CLI. You canreach the BGP CONFIG level by entering the router b
Parameter changes that take effect after disabling and re-enablingredistributionThe following parameter change takes effect only after you disable and
Basic configuration tasks required for BGP4The following sections describe how to perform the configuration tasks that are required to use BGP4on the
Setting the local AS numberThe local autonomous system number (ASN) identifies the AS in which the Brocade BGP4 deviceresides.To set the local AS numb
Reverse Address Resolution Protocol configuration...79Configuring UDP broadcast and IP helper parameters...81B
The num parameter specifies the virtual interface number. You can specify from 1 to the maximumnumber of virtual interfaces supported on the device. T
Adding a loopback interfaceYou can configure the device to use a loopback interface instead of a specific port or virtual routinginterface to communic
The neighbor command has additional parameters, as shown in the following syntax:Syntax: no neighbor {ip-addr | peer-group-name} {[activate] [advertis
filters. The device applies the filters in the order in which you list them and stops applying the filters inthe distribute list when a match is found
maximum-prefix num specifies the maximum number of IP network prefixes (routes) that can belearned from the specified neighbor or peer group . You can
remove-private-as configures the device to remove private AS numbers from update messages thedevice sends to this neighbor. The device will remove AS
2 10.1.44.0/24 10.2.0.1 1 101 32768 BLS AS_PATH: In this example, the aggregate-address command configures an aggreg
When encryption of the authentication string is enabled, the string is encrypted in the CLI regardless ofthe access level you are using.When you save
By default, password is encrypted. If you want the password to be in clear text, insert a 0 betweenpassword and string.device(config-bgp)# neighbor 10
The ip-address parameter is the neighbor IP address. The following sub-parameters are available forthe ip-address parameter:[advertised routes} [flap-
explicitly configured for the neighbor. If you do not set a neighbor parameter in the peer group and theparameter also is not set for the individual n
Configuration limitations and feature limitations for IP Follow on a virtual routinginterface• When configuring IP Follow, the primary virtual routing
The peer-group-name parameter specifies the name of the group and can be up to 80 characters long.The name can contain special characters and internal
The software also contains an option to end the session with a BGP4 neighbor and clear the routeslearned from the neighbor. Unlike this clear option,
Changing the BGP4 next-hop update timerBy default, the device updates the BGP4 next-hop tables and affected BGP4 routes five seconds afterIGP route ch
• Enable IP load sharing if it is disabled.• Set the maximum number of BGP4 load sharing paths. The default maximum number is 1, whichmeans no BGP4 lo
Changing the maximum number of shared BGP4 pathsTo change the maximum number of BGP4 shared paths, enter commands such as the following.device(config)
To set the number of equal-cost multipath IBGP routes or paths that will be selected, enter commandssuch as the following.device(config)# router bgpde
To configure a route map, and use it to set or change route attributes for a network you define forBGP4 to advertise, enter commands such as the follo
Changing the default MED (Metric) used for route redistributionThe Brocade device can redistribute directly connected routes, static IP routes, RIP ro
Enabling recursive next-hop lookupsThe recursive next-hop lookups feature is disabled by default. To enable recursive next-hop lookups,enter the follo
3 10.40.0.0/24 10.1.0.2 0 100 0 BI AS_PATH: 65001 4355 701 1 1894 10.0.0.0/24 10.0.0.1 1
broadcast support because any packet that is transmitted by one host is always received by the otherhost at the receiving end. Therefore, directed bro
When selecting a route from among different sources (BGP4, OSPF, RIP, static routes, and so on),the software compares the routes on the basis of the a
group. If neither configuration exists, enforcement is simply that of the global configuration (which isdisabled by default).To enable this feature gl
This command disables comparison of the AS-Path lengths of otherwise equal paths. When youdisable AS-Path length comparison, the BGP4 algorithm shown
NOTEMED comparison is not performed for internal routes originated within the local AS or confederationunless the compare-med-empty-aspath command is
cluster must be in the same AS. The cluster ID can be any number from 1 - 4294967295, or an IPaddress. The default is the device ID expressed as a 32-
Support for RFC 4456Route reflection on Brocade devices is based on RFC 4456. This updated RFC helps eliminate routingloops that are possible in some
Disabling or re-enabling client-to-client route reflectionBy default, the clients of a route reflector are not required to be fully meshed. Routes fro
FIGURE 33 Example BGP4 confederationIn this example, four devices are configured into two sub-autonomous systems, each containing two ofthe devices. T
Commands for device AdeviceA(config)# router bgpdeviceA(config-bgp-router)# local-as 64512deviceA(config-bgp-router)# confederation identifier 10devic
Aggregating routes advertised to BGP4 neighborsBy default, the device advertises individual routes for all networks. The aggregation feature allows yo
Routers B and C are connected by a regular 24-bit subnet. Router C can either be a switch with manyhosts belonging to the 10.2.2.2/24 subnet connected
Configuring BGP4 Restart for a VRFUse the following command to enable the BGP4 Restart feature for a specified VRF.device(config)# router bgpdevice(co
BGP4 null0 routingBGP4 considers the null0 route in the routing table (for example, static route) as a valid route, and canuse the null0 route to reso
6. To configure a route-map perform the following step.• On device 1, (the device facing the Internet), configure a null0 route matching the next-hopa
The following configuration defines a null0 route to the specific next hop address. The next hop address10.199.1.1 points to the null0 route, which ge
The show ip route output for device 1 and device 2 shows "drop" under the Port column for thenetwork prefixes you configured with null0 rout
Redistributing connected routesTo configure BGP4 to redistribute directly connected routes, enter the following command.device(config-bgp-router)# red
NOTEIf you do not enter a value for the match parameter, (for example, you enter redistribute ospf only)then only internal OSPF routes will be redistr
FilteringThis section describes the following:• AS-path filtering• Route-map continue clauses for BGP4 routes• Defining and applying IP prefix lists•
The software interprets the entries in an AS-path list in numerical order, beginning with the lowestsequence number.The deny and permit parameters spe
BGP4 special characters for regular expressions (Continued)TABLE 91 Character Operation+ The plus sign matches on one or more sequences of a pattern
FIGURE 3 DNS resolution with one domain nameDefining DNS server addressesYou can configure the Brocade device to recognize up to four DNS servers. The
BGP4 special characters for regular expressions (Continued)TABLE 91 Character Operation| A vertical bar (sometimes called a pipe or a "logical
NOTEOnce you define a filter or ACL, the default action for communities that do not match a filter or ACL isdeny . To change the default action to per
These commands configure an IP prefix list named Routesfor20, which permits routes to network10.20.0.0/24. The neighbor command configures the device
To configure a distribute list that uses ACL 1, enter a command such as the following.device(config-bgp)# neighbor 10.10.10.1 distribute-list 1 inThis
• Prepend AS numbers to the front of the route AS-path. By adding AS numbers to the AS-path, youcan cause the route to be less preferred when compared
Specifying the match conditionsUse the following command to define the match conditions for instance 1 of the route map GET_ONE.This instance compares
The string parameter specifies an AS-path ACL and can be a number from 1 through 199. You canspecify up to five AS-path ACLs.Matching based on communi
device(config)# route-map bgp1 permit 1device(config-routemap bgp1)# match ip route-source 10The first command configures an IP ACL that matches on ro
The match protocol bgp external option will match the eBGP routes.The match protocol bgp internal option will match the iBGP routes.The match protocol
The comm-list parameter deletes a community from the community attributes field for a BGP4 route.The community parameter sets the community attribute
Using a DNS name to initiate a trace routeSuppose you want to trace the route from a BrocadeLayer 3 switch to a remote server identified asNYC02 on do
device(config)# route-map bgp4 permit 1device(config-routemap bgp4)# match ip address 1device(config-routemap bgp4)# set metric-type internalThe first
Using a table map to set the tag valueRoute maps that contain set statements change values in routes when the routes are accepted by theroute map. For
as outbound filters when it sends routes to the device. Likewise, the device uses the ORFs itreceives from the neighbor as outbound filters when sendi
NOTEMake sure cooperative filtering is enabled on the device and on the neighbor before you send the filters.To reset a neighbor session and send ORFs
seq 5 permit 10.10.0.0/16 ge 18 le 28 seq 10 permit 10.20.10.0/24 seq 15 permit 10.0.0.0/8 le 32 seq 20 permit 10.10.0.0/16 ge 18Synt
You can enable AS4s on a device, a peer group, and a neighbor. For global configuration, thecapability command in the BGP4 configuration context enabl
Specifying the local AS numberThe local autonomous system number (ASN) identifies the autonomous system where the BGP4device resides.Normally, AS4s ar
The peer-group-name specifies all neighbors in a specific peer group. The as-num parameter specifiesall neighbors within the specified AS. After choos
NOTERemember that autonomous system path matching that uses regular expression is based on theconfigured autonomous system format.The following comman
NOTELogging of errors is rate-limited to not more than one message for every two minutes. Some errors maybe lost due to this rate-limiting.Sample log
The entire IP packet, including the source and destination address and other control information andthe data, is placed in the data portion of the Lay
The route flap dampening mechanism is based on penalties. When a route exceeds a configuredpenalty value, the device stops using that route and stops
This example shows how to change the dampening parameters.device(config-bgp-router)# dampening 20 200 2500 40This command changes the half-life to 20
to neighbor 10.10.10.1. Since the second route map does not contain match clauses for specificroutes, the route map enables dampening for all routes r
The as-path-filternum parameter specifies one or more filters. Only the routes that have beendampened and that match the specified filter or filters a
Generating traps for BGP4You can enable and disable SNMP traps for BGP4. BGP4 traps are enabled by default.To enable BGP4 traps after they have been d
IPv4 BGP4 commands for different configuration levels (Continued)TABLE 93 Command Global (iPv4 and IPv6) IPv4 address family unicastdampening xdefau
IPv4 BGP4 commands for different configuration levels (Continued)TABLE 93 Command Global (iPv4 and IPv6) IPv4 address family unicastupdate-time xEnt
NOTEThe always-propagate command and the rib-route-limit command are supported.Configuring BGP route reflectorThe always-propagate command enables a d
If the rib-route-limit command is configured to a value that is below the number of BGP4 routesalready installed in the RTM, the following warning mes
NOTETraffic loss on a BGP4 route occurs when a device is advertising preferred BGP4 routes not installed inthe RTM as part of the forwarding path.Beca
• You cannot use this command to set Layer 2 maximum frame sizes per interface. The global jumbocommand causes all interfaces to accept Layer 2 frames
If a route from a peer exceeds the configured Maximum AS path limit, the device also removes thesame route from that peer, if it exists, from its own
To configure a peer group named "PeerGroup1" and set a maximum AS path value of 7, enter thefollowing commands:device(config-bgp)# neighbor
Changing the default metric used for route costBy default, BGP4 uses the BGP MED value as the route cost when adding the route to the RTM.However, you
Setting an administrative distance for a static BGP4 networkWhen a static BGP4 network route is configured, its type is local BGP4 route and has a def
This feature supports a more programmable route map configuration and route filtering scheme forBGP4 peering. It can also execute additional instances
The num parameter specifies the instance of the route map defined in the route-map context that theCLI enters. Routes are compared to the instances in
When a route filter is changed (created, modified or deleted) by a user, the filter change notificationwill be sent to all relevant protocols, so that
BGP4 policy processing orderThe order of application of policies when processing inbound and outbound route advertisements on thedevice is:1. lp prefi
• Active route maps (the route map configuration information in the running configuration)• BGP4 graceful restart neighbor Information• AS4 support an
show ip bgp summary output descriptions (Continued)TABLE 95 This field DisplaysNumber of NeighborsConfiguredThe number of BGP4 neighbors configured
‐ 10,200 bytes - The maximum for Ethernet II encapsulation (Default MTU: 9216)‐ 10,174 bytes - The maximum for SNAP encapsulation (Default MTU: 9216)•
show ip bgp summary output descriptions (Continued)TABLE 95 This field DisplaysState The state of device sessions with each neighbor. The states are
show ip bgp summary output descriptions (Continued)TABLE 95 This field DisplaysFiltered The routes or prefixes that have been filtered out:• If soft
BEST Routes not Installed in IP Forwarding Table:0 Unreachable Routes (no IGP Route for NEXTHOP):0 History Routes:0 NLRIs Received in Upda
show ip bgp neighbors route-summary output descriptions (Continued)TABLE 96 This field DisplaysRoutes Advertised The number of routes the device has
Received: 1 8 1 0 0 Last Update Time: NLRI Withdraw NLRI Withdraw Tx:
The routes-summary option displays a summary of the following information:• Number of routes received from the neighbor• Number of routes accepted by
show ip bgp neighbor output descriptions (Continued)TABLE 97 This field Displays.State The state of the session with the neighbor. The states are fr
show ip bgp neighbor output descriptions (Continued)TABLE 97 This field Displays.Multihop-EBGP Whether this option is enabled for the neighbor.Route
show ip bgp neighbor output descriptions (Continued)TABLE 97 This field Displays.Last Connection Reset Reason The reason the previous session with t
show ip bgp neighbor output descriptions (Continued)TABLE 97 This field Displays.Notification Sent If the device receives a NOTIFICATION message fro
addresses configured on the Layer 3 switch, regardless of the interfaces that connect the Layer 3switches. This IP address is the router ID.NOTERoutin
show ip bgp neighbor output descriptions (Continued)TABLE 97 This field Displays.TCP Connection state The state of the connection with the neighbor.
show ip bgp neighbor output descriptions (Continued)TABLE 97 This field Displays.ReTrans The number of sequence numbers that the device retransmitte
You also can enter a specific route.device# show ip bgp neighbors 192.168.4.211 advertised 10.1.1.0/24Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST I
Displaying peer group informationTo display peer-group information, enter a command such as the following at the Privileged EXEC levelof the CLI.devic
show ip bgp routes output descriptions (Continued)TABLE 98 This field DisplaysBEST routes not installed in IPforwarding tableNumber of BGP4 routes t
The ip-addr option displays routes for a specific network. The network keyword is optional. You canenter the network address without entering network
Prefix Next Hop MED LocPrf Weight Status1 10.3.0.0/8 192.168.4.106 100 0 BE
Displaying information for a specific routeTo display BGP4 network information by specifying an IP address within the network, enter a commandsuch as
show ip bgp route output descriptions (Continued)TABLE 99 This field DisplaysLocPrf The degree of preference for this route relative to other routes
show ip bgp route output descriptions (Continued)TABLE 99 This field DisplaysStatus The route status, which can be one or more of the following:• A
IPv6 CLI command support ...168IPv6 host address on a Layer 2 switch...
• TFTP• RADIUS• Syslog• SNTP• SSH• SNMP trapsYou can configure the Layer 3 switch to always use the lowest-numbered IP address on a specificEthernet,
show ip bgp routes detail output descriptionsTABLE 100 This field DisplaysTotal number ofBGP4 RoutesThe number of BGP4 routes.Status codes A list of
show ip bgp routes detail output descriptions (Continued)TABLE 100 This field DisplaysLocal_Pref The degree of preference for this route relative to
Displaying BGP4 route-attribute entriesThe route-attribute entries table lists the sets of BGP4 attributes stored in device memory. Each set ofattribu
show ip bgp attribute-entries output descriptions (Continued)TABLE 101 This field DisplaysAtomic Whether the network information in this set of attr
Displaying route flap dampening statisticsTo display route dampening statistics or all the dampened routes, enter the following command at anylevel of
show ip bgp flap-statistics output descriptions (Continued)TABLE 102 This field DisplaysPath The AS-path information for the route.You can display a
...Displaying AS4 detailsThis section describes the use of the following show commands, which produce output that includesinformation about AS4s.• sh
TTL check: 0, value: 0, rcvd: 64 Byte Sent: 148, Received: 203 Local host: 192.168.1.2, Local Port: 179 Remote host: 192.168
show ip bgp neighbors output descriptions (Continued)TABLE 103 Field DescriptionState Shows the state of the device session with the neighbor. The s
show ip bgp neighbors output descriptions (Continued)TABLE 103 Field DescriptionMessages Sent andReceivedShows the number of messages this device ha
TACACS/TACACS+ packetsTo specify the lowest-numbered IP address configured on a virtual interface as the device source for allTACACS/TACACS+ packets,
show ip bgp neighbors output descriptions (Continued)TABLE 103 Field DescriptionLast Connection ResetReason(continued)• Reasons described in the BGP
show ip bgp neighbors output descriptions (Continued)TABLE 103 Field DescriptionNotification Sent Shows an error code corresponding to one of the fo
show ip bgp neighbors output descriptions (Continued)TABLE 103 Field DescriptionNeighbor AS4 CapabilityNegotiationShows the state of the device’s AS
show ip bgp neighbors output descriptions (Continued)TABLE 103 Field DescriptionISentSeq Shows the initial send sequence number for the session.Send
Address: 0x10e4e062 Hash:545 (0x0301e8f6), PeerIdx 0 Links: 0x00000000, 0x00000000, nlri: 0x10f47ff0 Reference Counts: 1:0:1, M
This example is a simple illustration of route-map continue clauses. If the match clause of either routemap instance 5 or 10 matches, the route map tr
set metric 20 continue 3route-map test permit 3 set community 10:20 continue 4route-map test permit 4 set community 30:40 continue 5route-map test pe
Updating route information and resetting a neighbor sessionThe following sections describe how to update route information with a neighbor, reset a se
NOTEThe syntax related to soft reconfiguration is shown.Placing a policy change into effectTo place policy changes into effect, enter a command such a
The prefix-list string parameter specifies an IP prefix list. Only routes permitted by the prefix list aredisplayed.If you also use the optional longe
Syslog packetsTo specify the lowest-numbered IP address configured on a virtual interface as the device source forall Syslog packets, enter commands s
• RFC 2842. This RFC specifies the Capability Advertisement, which a BGP4 device uses todynamically negotiate a capability with a neighbor.• RFC 2858
NOTEThe soft-outbound parameter updates all outbound routes by applying the new or changed filters, butsends only the existing routes affected by the
Notification Sent: Unspecified Notification Received: Unspecified TCP Connection state: ESTABLISHED Byte Sent: 115, Recei
Clearing traffic countersYou can clear the counters (reset them to 0) for BGP4 messages.To clear the BGP4 message counter for all neighbors, enter the
The The all , ip-addr , peer-group-name , and as-num parameters specify the neighbor. The ip-addrparameter specifies a neighbor by its IP interface wi
Configuring BGP4+● Supported BGP4+ features...525● BGP4+ overv
NOTEThe implementation of BGP4+ supports the advertising of routes among different address families.However, it supports BGP4+ unicast routes only; it
For more information on performing these configuration tasks, refer to FastIron Ethernet SwitchAdministration Guide.To configure BGP4+, you must do th
Configuring BGP4+ neighbors using global or site-local IPv6addressesTo configure BGP4+ neighbors using global or link-local IPv6 addresses, you must a
Identifying a neighbor interfaceTo specify Ethernet interface 3/1 as the neighbor interface over which the neighbor and local device willexchange pref
The commands in this example configure loopback interface 2, assign IP address 10.0.0.2/24 to theinterface, then designate the interface as the source
Syntax: set ipv6 next-hop ipv6-addressThe ipv6-address parameter specifies the IPv6 global address of the next-hop router. You mustspecify the ipv6-ad
The as-number parameter indicates the number of the autonomous system in which the neighborresides.To delete the neighbor from the BGP4+ neighbor tabl
You can enable the BGP4+ device to advertise the default BGP4+ route by specifying the default-information-originate command at the BGP4+ unicast addr
• Static IPv6 routes• Directly connected IPv6 networks• OSPFv3• RIPngYou can redistribute routes in the following ways:• By route types, for example,
The advertise-map map-name parameter configures the device to advertise the more specific routesin the specified route map.The attribute-map map-name
IPv6 route table. Otherwise, the device performs another lookup on the next-hop IPv6 address of thenext-hop for the next-hop gateway, and so on, until
AS_PATH:2 2001:db8::/64 2001:ab::1 100 0 BI AS_PATH: 65000 650013 2007:7002:17::/64 2071:
In some cases, such as when the device is acting as an edge device, you can allow the device to usethe default route as a valid next-hop. To do so, en
NOTEClearing the dampening statistics for a route does not change the dampening status of the route.To clear all the route dampening statistics, enter
To clear these buffers for neighbor 2000:db8::1, enter the following commands at the Privileged EXEClevel or any of the Config levels of the CLI.devic
network route if the IP route table does not contain a route to the packet destination. In each case, theLayer 3 switch must encapsulate the packet an
applies the filters and route maps you have configured to the list of routes. If the filters or route mapsresult in changes to the list of routes, the
To clear all of the route flap dampening statistics for a neighbor, enter a command such as the followingat the Privileged EXEC level or any of the Co
NOTEThe show commands implemented for BGP4+ correspond to the show commands implemented forIPv4 BGP. For example, you can specify the show ipv6 bgp co
show ipv6 bgp routes output descriptions (Continued)TABLE 104 Field DescriptionWeight The value that this device associates with routes from a speci
The as-path-access-list name parameter filters the display using the specified AS-path ACL.The as-path-filter number parameter filters the display usi
LOCAL_PREF: 400, MED: 0, ORIGIN: incomplete, Weight: 0 AS_PATH: 65005 65010 Adj_RIB_out count: 1, Admin distance 2004 Prefix: 2
show ipv6 bgp route detail output descriptions (Continued)TABLE 105 Field DescriptionOrigin The source of the route information. The origin can be o
in RFC 2373. You must specify the prefix-length parameter as a decimal value. A slash mark (/) mustfollow the ipv6-prefix parameter and precede the pr
Status codes: s suppressed, d damped, h history, * valid, > best, i internal, SstaleOrigin codes: i - IGP, e - EGP, ? - incomplete Network
show ipv6 bgp output descriptions (Continued)TABLE 106 This field... Displays...Number of BGP Routesmatching display condition(appears in display th
To limit the number of ARP packets the device will accept each second, enter the rate-limit-arpcommand at the global CONFIG level of the CLI.device(co
NOTEPortions of this display are truncated for brevity. The purpose of this display is to show all possiblefields that might display rather than to sh
show ipv6 bgp attribute-entries output descriptions (Continued)TABLE 107 This field... Displays...AS Path The ASs through which routes with this set
show ipv6 bgp dampened-paths output descriptions TABLE 108 This field... Displays...Status codes A list of the characters the display uses to indica
colons as documented in RFC 2373. You must specify the prefix-length parameter as a decimal value.A slash mark (/) must follow the ipv6-prefix paramet
show ipv6 bgp filtered-routes output descriptions (Continued)TABLE 109 This field... Displays...Status The route’s status, which can be one or more
LOCAL_PREF: 100, MED: 0, ORIGIN: incomplete, Weight: 0 AS_PATH: 100 Syntax: show ipv6 bgp filtered-routes detail [ ipv6-prefix/prefix-length [
show ipv6 bgp filtered-routes detail output descriptions (Continued)TABLE 110 This field... Displays...Origin The source of the route information. T
documented in RFC 2373. You must specify the prefix-length parameter as a decimal value. A slashmark (/) must follow the ipv6-prefix parameter and pre
• Router advertisements.• Route-attribute entries.• Route flap dampening statistics.• The last packet containing an error.• Received Outbound Route Fi
The ipv6-address parameter allows you to display information for a specified neighbor only. You mustspecify the ipv6-address parameter in hexadecimal
10.10.10.0/24 subnet cannot reach a device in the 10.20.20.0 subnet if the subnets are on differentnetwork cables, and thus is not answered.NOTEAn ARP
show ipv6 bgp neighbor output descriptions (Continued)TABLE 112 This field... Displays...State The state of the device’s session with the neighbor.
show ipv6 bgp neighbor output descriptions (Continued)TABLE 112 This field... Displays...Messages Sent andReceivedThe number of messages this device
show ipv6 bgp neighbor output descriptions (Continued)TABLE 112 This field... Displays...Last Connection ResetReason (cont.)• Reasons specific to th
show ipv6 bgp neighbor output descriptions (Continued)TABLE 112 This field... Displays...Notification Received See above.Neighbor NLRINegotiationThe
show ipv6 bgp neighbor output descriptions (Continued)TABLE 112 This field... Displays...ISentSeq The initial send sequence number for the session.S
The ipv6-address parameter displays routes advertised to a specified neighbor. You must specify thisaddress in hexadecimal using 16-bit values between
For example, to display details about all routes a device has advertised to neighbor 2001:db8::110,enter the following command at any level of the CLI
show ipv6 bgp neighbor advertised-routes detail output descriptions (Continued)TABLE 114 This field... Displays...AS-PATH The AS-path information fo
You also can display all the dampened routes by using the show ipv6 bgp dampened-pathscommand. For more information, refer to Displaying dampened BGP4
For example, to display a summary of the route information received in route updates from neighbor2001:db8::10, enter the following command at any lev
Static entries are useful in cases where you want to pre-configure an entry for a device that is notconnected to the Layer 3 switch, or you want to pr
show ipv6 bgp neighbor received-routes output descriptions (Continued)TABLE 117 This field... Displays...Status The advertised route’s status, which
show ipv6 bgp neighbor received-routes detail output descriptionsTABLE 118 This field... Displays...Number of BGP4+routes received from aneighborFor
The RIB contains the routes that the device either has most recently sent to the neighbor or is about tosend to the neighbor.For example, to display a
show ipv6 bgp neighbor rib-out-routesoutput descriptions (Continued)TABLE 119 This field... Displays...Weight The value that this device associates
show ipv6 bgp neighbor rib-out-routes detail output descriptions (Continued)TABLE 120 This field... Displays...LOCAL_PREF For information about this
The detail keyword displays detailed information about the routes. If you do not specify this parameter,a summary of the routes displays.This display
show ipv6 bgp neighbor routes best output descriptions (Continued)TABLE 121 This field... Displays...Status The route’s status, which can be one or
show ipv6 bgp neighbor routes detail bestoutput descriptions (Continued)TABLE 122 This field... Displays...Status codes For information about this f
Receiving Update Messages:0, Accepting Routes(NLRI):0 Attributes:0, Outbound Routes(RIB-out):0 Outbound Routes Holder:0Syntax: show ipv6 bgp neig
show ipv6 bgp neighbor routes-summary output descriptions (Continued)TABLE 123 This field... Displays...NLRIs Sent inUpdate MessageThe number of NLR
Static ARP entry support (Continued)TABLE 6 Default maximum Configurable minimum Configurable maximumICX 6430 and ICX 6450 devices256 64 1024ICX 661
Displaying BGP4+ summaryTo view summary BGP4+ information for the device, enter the following command at any level of theCLI.device# show ipv6 bgp sum
show ipv6 bgp summary output descriptions (Continued)TABLE 124 This field... Displays...State The state of this neighbor session with each neighbor.
show ipv6 bgp summary output descriptions (Continued)TABLE 124 This field... Displays...ToSend The number of routes the has queued to send to this n
Configuring BGP4+ graceful restart stale routes timerUse the following command to specify the maximum amount of time a helper device will wait for an
Displaying BGP4+ graceful restart neighbor information584 FastIron Ethernet Switch Layer 3 Routing Configuration Guide53-1003087-04
VRRP and VRRP-E● VRRP and VRRP-E Feature Table... 585● Overview...
OverviewThis chapter describes how to configure Brocade Layer 3 switch with the following router redundancyprotocols:• Virtual Router Redundancy Proto
FIGURE 35 Switch 1 is the Host1 default gateway but is a single point of failureSwitch 1 is the host default gateway out of the subnet. If this interf
FIGURE 36 Switch 1 and Switch 2 configured as VRRP virtual routers for redundant network accessfor Host1The dashed box represents a VRRP virtual route
192.53.5.1. Hosts use the virtual router MAC address in routed traffic they send to their default IPgateway (in this example, 192.53.5.1).Virtual rout
The source MAC address in the Ethernet header and the sender hardware address in the ARPbody must be the same. This validation is performed for the AR
Hello messagesVirtual routers use Hello messages for negotiation to determine the Master router. Virtual routers sendHello messages to IP Multicast ad
feature, make sure the track priorities are always lower than the VRRP priorities. The default trackpriority for the router that owns the VRID IP addr
‐ VRRP has an Owner and one or more Backup routers for each VRID. The Owner is therouter on which the VRID's IP address is also configured as a r
FIGURE 37 Switch 1 and Switch 2 are configured to provide dual redundant network access for the hostIn this example, Switch 1 and Switch 2 use VRRP-E
Comparison of VRRP and VRRP-EThis section compares router redundancy protocols.VRRPVRRP is a standards-based protocol, described in RFC 2338. The Broc
Master and Backup routers• VRRP - The "Owner" of the IP address of the VRID is the default Master and has the highest priority(255). The pre
VRRP and VRRP-E parameters (Continued)TABLE 125 Parameter Description DefaultAuthenticationtypeThe type of authentication the VRRP or VRRP-E interfa
VRRP and VRRP-E parameters (Continued)TABLE 125 Parameter Description DefaultDead interval The number of seconds or milliseconds a Backup waits for
VRRP and VRRP-E parameters (Continued)TABLE 125 Parameter Description DefaultBackup preemptmodePrevents a Backup with a higher VRRP priority from ta
Basic VRRP parameter configurationTo implement a simple VRRP configuration using all the default values, enter the commands shown inthe following sect
Displaying global IPv6 information...195Displaying IPv6 cache information...
Changing the TTL thresholdThe time to live (TTL) threshold prevents routing loops by specifying the maximum number of routerhops an IP packet originat
The track-priority value option changes the track-port priority for this interface and the VRID from thedefault (255) to a value from 1 through 254.Th
Syntax: [no] ip-address ip-addressSyntax: [no] ip vrrp vrrp vrid numSyntax: [no] backup [ priority value] [ track-priority value ]Syntax: [no] hello-i
By default, Backup routers do not send Hello messages to advertise themselves to the Master. Theadvertise backup command is used to enable a Backup ro
Enabling accept mode in VRRP non-Owner Master routerTo configure a non-Owner Master router to respond to ping, traceroute, and Telnet packets destined
• The Hello interval must be set to the same value with in the same VRID.• The dead interval must be set to the same value with in the same VRID.• The
Brocade(config)# ipv6 router vrrp-extendedBrocade(config-ipv6-VRRP-E-router)# interface ethernet 1/5Brocade(config-if-e10000-1/5)# ipv6-address 2001:D
• Backup preempt mode• Timer scale• VRRP-E slow start timer• VRRP-E extension for server virtualization (short-path forwarding)VRRP and VRRP-E authent
Syntax: ip vrrp-extended auth-type no-auth | simple-text-auth auth-data | md5-auth [ 0 |1 ] keyFor IPv6 VRRP-E:Syntax: ipv6 vrrp-extended auth-type no
NOTEThe Owner type is not applicable to VRRP-E.NOTEFor VRRP, the IP address you associate with the Owner must be real IP address on the interfacewhere
Suppression of RIP advertisementsNOTESuppression of RIPng advertisements on Backup routers for the backup interface is not supported byIPv6 VRRP v3 an
Disabling forwarding of IP source-routed packetsA source-routed packet specifies the exact router path for the packet. The packet specifies the path b
The milliseconds variable can be 100 milliseconds interval only. The default is 1000 milliseconds, andthe range is 100 to 40900 milliseconds.To change
device(config)#interface ethernet 1/6device(config-if-1/6)#ip vrrp vrid 1device(config-if-1/6-vrid-1)#backup-hello-interval 180Syntax: [no] backup-hel
Backup preempt configurationBy default, a Backup that has a higher priority than another Backup that has become the Master canpreempt the Master, and
Time scale values (Continued)TABLE 126 Timer Timer scale Timer value2 1.5 secondsBackup Hello interval 1 60 seconds2 30 secondsHold-down interval 1
If the Master subsequently comes back up again, the amount of time specified by the VRRP-E slowstart timer elapses (in the IPv4 example, 30 seconds) b
FIGURE 38 VRRP-E Extension for short-path forwardingVRRP-E Extension for short-path forwarding exampleUnder the VRRP-E VRID configuration level, there
lowered by the number specified in the track-port command. When the current priority is lower thanthe threshold, the SPF behavior is temporarily suspe
To avoid this, you can disable the default interface-level IPv6 RA messages on an interface configuredwith IPv6 VRRP or VRRP-E.To disable the default
To change the Master priority, enter commands such as the following.device(config)# interface ethernet 1/6device(config-if-1/6)# ip vrrp vrid 1device(
Syntax: show ipv6 vrrp [ brief | [ stat | [ statistics ] [ vrid num ] ] [ ethernet stack/slotnum/portnum |ve num ] ]Syntax for IPv4 and IPv6 VRRP-E:Sy
To enable the Layer 3 switch for zero-based IP subnet broadcasts in addition to ones-based IP subnetbroadcasts, enter the following command.device(con
The table shows a description of the output for the show ip vrrp brief and show ip vrrp-extendedbrief commands.Output description for VRRP or VRRP-E s
version v3 mode owner priority 255 current priority 255 track-priority 150 hello-interval 1000 msec ip-address 172.21.3.1 virtual mac address 0000-5
current dead-interval 3100 msec preempt-mode true virtual ip address 10.201.201.5 virtual mac address 0000.00d7.82c9 advertise backup: enabled next h
Output description for VRRP-E detailed information (Continued)TABLE 128 Field Descriptionstate This Layer 3 switch VRRP, VRRP v3, VRRP-E, or IPv6 VR
Output description for VRRP-E detailed information (Continued)TABLE 128 Field Descriptiondead interval The configured value for the dead interval. T
Output description for VRRP-E detailed information (Continued)TABLE 128 Field Descriptionbackup router ip-addr expires in timeThe IP addresses of Ba
dead-interval 0 msec current dead-interval 3600 msec preempt-mode true ip-address 10.1.1.5 virtual mac address 0000.0000.0102 advertise backup: disab
show ip vrrp vrid output description (Continued)TABLE 129 Field Descriptioncurrent deadintervalThe current value of the dead interval. This value is
total number of vrrp packets sent = 105backup advertisements sent = 10The following example displays the output of the show ipv6 vrrp-extended stat ve
Output field descriptions (Continued)TABLE 130 Field Descriptionrxed vrrp priority zero from mastercountIndicates that the current Master has resign
• Port - The destination host does not have the destination TCP or UDP port specified in the packet. Inthis case, the host sends the ICMP Port Unreach
0v226 0 VR226 0 46772
Output field descriptions (Continued)TABLE 131 Field DescriptionTX master adv The number of VRRP or VRRP-E advertisement packets sent by this router
VRRP exampleTo implement the VRRP configuration shown in "VRRP Overview," use the following method.Configuring Switch 1To configure VRRP Swi
Syntax: ip vrrp vridvridSyntax: owner [ track-priorityvalue]Syntax: backup [ priorityvalue][track-priorityvalue]Syntax: track-port ethernet [slotnum/]
The backup command specifies that this router is a VRRP-E Backup for virtual router VRID1. The IPaddress entered with the ip-address command is the sa
Configuring Multi-VRF● Supported Multi-VRF features ...635● Support
Feature ICX 6430 ICX 6450 FCX ICX 6610 ICX 6650 FSX 800FSX 1600ICX 7750PIM-SM/DM for IPv4 No 08.0.01 08.0.01 08.0.01 08.0.01 08.0.01 08.0.10PIM-SM for
FSX interface modules supporting Multi-VRF (Continued)TABLE 132 FSX Interface Modules Multi-VRF SupportSX-FI-24HF YesSX-FI-2XG YesSX-FI-8XG YesSX-FI
FIGURE 39 Typical Multi-VRF topologyNOTESome vendors also use the terms Multi-VRF CE or VRF-Lite for this technology.Configuring Multi-VRFA Multi-VRF
Configuring VRF-related system-max valuesBefore configuring a VRF instance, VRF-related system-max values must be modified. The defaultFastIron config
NOTESome FSX devices do not generate ICMP redirect and network unreachable messages.NOTEThe device forwards misdirected traffic to the appropriate rou
ip-route and ip6-route values changed.ip-route: 10000ip6-route: 1408Warning: Please reconfigure system-max for ip-route-default-vrf and ip-route-vrf (
Configuration limits for system-max (Continued)TABLE 134 Configuration SX FCX/ICX 6610Min Default Max Min Default Maxip-route-default-vrf (system-ma
For example:Brocade(config)# vrf blue6Brocade(config-vrf-blue6)# rd 1:106Brocade(config-vrf-blue6)# address-family ipv4Error: has reached maximum syst
While configuring an AF, you can optionally configure the maximum routes that are associated with theAF. If the max-route is not configured, the defau
When configuring a VRF, a warning message is generated specifying that any configuration existingon the interface is deleted.When assigning a VRF inst
Example:Brocade(config)# no vrf customer1Warning: All IPv4 and IPv6 addresses (including link-local) from all interfaces in VRF customer1 have been re
Supported management applicationsThis section explains the management VRF support provided by the management applications.SNMP serverWhen the manageme
To configure the VRF name in outbound Telnet sessions, enter the following command at the privilegedEXEC level:device(config)# telnet vrf red 10.157.2
SyslogWhen the management VRF is configured, the Syslog module sends log messages only through theports belonging to the management VRF and the out-of
Configuration notesConsider the following configuration notes:• If there is a management VRF already configured, you must remove the existing manageme
• Standard - the static route consists of the destination network address and network mask, and the IPaddress of the next-hop gateway. You can configu
show vrf output descriptions (Continued)TABLE 135 This field DisplaysIP Router-Id The 32-bit number that uniquely identifies the router.Number of Un
Traps - 0 SysLogs - 0 TCP Connection rejects:
To distinguish collected packets in different VRFs, refer to the in vlan and out vlan data fields foreach captured ingress packet. For example, in the
Configuring static-ARP on default VRFsThis command is used to configure static-ARP entries on default VRFs. The command is backwardcompatible, and all
Configuring DAI to support a Multi-VRF instanceDynamic ARP Inspection (DAI) enables the Brocade device to intercept and examine all ARP requestand res
Configuring static-neighbor on non-default VRFsThis command configures static-neighbor entries on a VRF interface. The command is specific to VRFAF mo
View all configured VRFs in summary modeTo see all configured VRFs in summary mode, enter the show vrf command. The following is anexample of the outp
View DHCPv6 snooping status and portsTo see DHCPv6 snooping status and ports, enter the show ipv6 dhcp6 snooping vlan command. Thefollowing is an exam
FIGURE 40 Multi-VRF topology exampleThis topology is a network owned by an enterprise. Normal corporate traffic must pass through thefirewall so that
ip arp age:10 min bootp relay max hops:4 ip ttl:64 hopsip addr per intf:24 : :System Parameters Default M
This feature allows the Layer 3 switch to adjust to changes in network topology. The Layer 3 switchdoes not continue trying to use routes on unavailab
Step 2: Configuring VRFsThe following illustrates configuring the VRF R1.R1(config)#vrf corporateR1(config-vrf-corporate)#rd 11:11R1(config-vrf-corpor
been removedR1(config-vif-30)#ip add 192.168.3.1/30R1(config-vif-30)#ip ospf area 0R1(config-vif-30)#exitR1(config)#interface ve 31R1(config-vif-31)#v
192.168.5.0/30 192.168.4.2 ve 40 110/2 O 5m3s7 192.168.6.0/30 192.168.4.2 ve 40 110/2
Layer 3 Routing Commands● arp-internal-priority...
arp-internal-priorityConfigures the priority of ingress ARP packets.Syntaxarp-internal-priority priority-valueCommand DefaultThe default priority of i
ipv6 nd router-preferenceEnables IPv6 router advertisement preferenceEnables IPv6 router advertisement (RA) messages to communicate default router pre
ipv6-address auto-gen-link-localGenerates a virtual link-local IPv6 address and assigns it as the virtual IPv6 address for a VRRPv3instance. The no fo
use-v2-checksumEnables the v2 checksum computation method for VRRPv3. The no form of this command enables thedefault v3 checksum computation method in
accept-modeEnables the non-Owner Master router to respond to ping, traceroute, and Telnet packets destined forthe virtual IPv4 or IPv6 address of a VR
ipv6 nd skip-interface-raDisables the default interface-level IPv6 RA messages on an interface configured with IPv6 VRRP orVRRP-E. The no form of this
The dest-ip-addr is the route destination. The dest-mask is the network mask for the route destination IPaddress. Alternatively, you can specify the n
hello-intervalSpecifies the hello-interval configuration.Specifies the hello-interval in milliseconds or seconds for IPv4 VRRP and IPv6 VRRP.Syntaxhel
versionAllows you to select either version 2 or version 3 of VRRP.Allows you to select either version 2 or version 3 of the VRRP.Syntaxversion {v2 |v3
ip arp inspection validateValidates the ARP packet destination MAC, ARP Packet IP address and source MAC address.Syntaxip arp inspection validate [dst
To display the maximum value for your device, enter the show default values command. Themaximum number of static IP routes the system can hold is list
The show run command displays the entire name of the static IP route. The show ip static routecommand displays an asterisk (*) after the first twelve
OSPFv2 feature support... 243OSPF overview...
distance than other types of routes, unless you want those other types to be preferred over the staticroute.The steps for configuring the static route
metric than the standard static route. The Layer 3 switch always prefers the static route with the lowermetric. In this example, the Layer 3 switch al
FIGURE 6 Standard and interface routes to the same destination networkTo configure a standard static IP route and a null route to the same network, en
When the software uses the default network route, it also uses the default network route's next hopgateway as the gateway of last resort.This fea
Configuring IP load sharingThe IP route table can contain more than one path to a given destination. When this occurs, the Layer3 switch selects the p
route table. For example, if the Layer 3 switch has a path learned from OSPF and a path learned fromRIP for a given destination, only the path with th
with a given cost for a given destination, the BGP4 route table cannot contain equal-cost paths to thedestination. Consequently, the IP route table wi
Changing the maximum number of ECMP (load sharing) pathsYou can change the maximum number of paths the Layer 3 switch supports to a value from 2 throu
• Packet type - The Layer 3 switch can send Router Advertisement messages as IP broadcasts or asIP multicasts addressed to IP multicast group 224.0.0.
Advertisement message from the Layer 3 switch, the host resets the hold time for the Layer 3 switch tothe hold time specified in the new advertisement
Specify types of OSPF Syslog messages to log...289Configuring an OSPF network type...
‐ RARP requires the IP host to be directly attached to the Layer 3 switch.‐ An IP host and the BootP/DHCP server can be on different networks and on d
If your Layer 3 switch allows you to increase the maximum number of RARP entries, you can use aprocedure in the same section to do so.NOTEYou must sav
Enabling forwarding for a UDP applicationIf you want the Layer 3 switch to forward client requests for UDP applications that the Layer 3 switchdoes no
You can configure up to 16 helper addresses on each interface. You can configure a helper address onan Ethernet port or a virtual interface.To configu
field). When the server responds to the request, the server sends the response as a unicast packetto the IP address in the Gateway Address field. (If
Syntax: ip bootp-gatewayip-addrChanging the maximum number of hops to a BootP relay serverEach BootP or DHCP request includes a field Hop Count field.
the requested time and tries to return the same network address each time the client makes a request.The period of time for which a network address is
• Vendor Specific Information - Allows clients and servers to exchange vendor-specific information.• Boot File - Specifies a boot image to be used by
1. Enable DHCP Server by entering a command similar to the following.device(config)# ip dhcp-server enable2. Create a DHCP Server address pool by ente
DHCP server optional parameters commands (Continued)TABLE 10 Command Descriptionoption merit-dump Specifies the path name of a file into which the c
Displaying OSPFv3 area information... 348Displaying OSPFv3 database information...
DHCP Server CLI commands (Continued)TABLE 11 Command Descriptionshow ip dhcp-server flash Displays the lease binding database that is stored in flas
Disabling DHCP Server on the management portBy default, when DHCP Server is enabled, it responds to DHCP client requests received on themanagement por
Enabling relay agent echo (Option 82)The ip dhcp-server relay-agent-echo enable command activates DHCP Option 82, and enables theDHCP server to echo r
Configuring the domain name for the clientThe domain-name command configures the domain name for the client.device(config-dhcp-cabo)# domain-name sier
Configuring the TFTP serverThe tftp-server command specifies the address or name of the TFTP server to be used by the DHCPclients.To configure a TFTP
show ip dhcp-server binding output descriptions (Continued)TABLE 12 Field DescriptionClient ID/Hardware address The hardware address for the clientL
show ip dhcp-server address pools output descriptions (Continued)TABLE 13 Field Descriptiondhcp-server-router The address of the DHCP server routerd
Displaying summary DHCP server informationThe show ip dhcp-server summary command displays information about active leases, deployedaddress-pools, und
DHCP Client-Based Auto-Configuration and Flash image updateNOTEThe DHCP Client-Based Auto-Configuration and Flash image update are platform independen
FIGURE 8 DHCP Client-Based Auto-ConfigurationConfiguration notes and feature limitations for DHCP client-based auto-configuration• For Layer 3 devices
Commentaires sur ces manuels