Brocade Multi-Service IronWare Routing Configuration Guide Manuel d'utilisateur Page 144
- Page / 846
- Table des matières
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
116 Multi-Service IronWare Routing Configuration Guide
53-1003033-02
Generalized TTL Security Mechanism support
Device 1 and 2
The show ip route output for device 1 and device 2 shows “drop” under the Port column for the
network prefixes you configured with null0 routing
Generalized TTL Security Mechanism support
The device supports the Generalized TTL Security Mechanism (GTSM) as defined in RFC 3682.
GTSM protects the device from attacks of invalid BGP4 control traffic that is sent to overload the
CPU or hijack the BGP4 session. GTSM protection applies to EBGP neighbors only.
When GTSM protection is enabled, BGP4 control packets sent by the device to a neighbor have a
Time To Live (TTL) value of 255. In addition, the device expects the BGP4 control packets received
from the neighbor to have a TTL value of either 254 or 255. For multihop peers (where the
e/jointfilesconvert/1441120/bgp-multihop option is configured for the neighbor), the device expects the TTL for BGP4 control
packets received from the neighbor to be greater than or equal to 255, minus the configured
number of hops to the neighbor. If the BGP4 control packets received from the neighbor do not
have the anticipated value, the device drops them.
For more information on GTSM protection, see RFC 3682.
To enable GTSM protection for neighbor 192.168.9.210 (for example), enter the following
command.
Brocade(config-/jointfilesconvert/1441120/bgp-router)# neighbor 192.168.9.210 e/jointfilesconvert/1441120/bgp-btsh
Syntax: [no] neighbor ip-addr | peer-group-name e/jointfilesconvert/1441120/bgp-btsh
NOTE
For GTSM protection to work properly, it must be enabled on both the device and the neighbor.
Brocade#show ip route
Total number of IP routes: 133
Type Codes - B:BGP D:Connected S:Static R:RIP O:OSPF; Cost - Dist/Metric
Destination Gateway Port Cost Type
1 10.9.1.24/32 DIRECT loopback 1 0/0 D
2 10.30.1.0/24 DIRECT eth 2/7 0/0 D
3 10.40.1.0/24 DIRECT eth 2/1 0/0 D
.
13 10.110.0.6/31 10.90.1.3 eth 2/2 20/1 B
14 10.110.0.16/30 10.90.1.3 eth 2/2 20/1 B
15 10.110.0.40/29 DIRECT drop 200/0 B
. .. . . . .
42 10.115.0.192/27 DIRECT drop 200/0 B
43 10.115.1.128/26 10.30.1.3 eth 2/7 20/1 B
. .. . . . .
69 10.120.7.0/24 10.70.1.3 eth 2/10 20/1 B
70 10.120.14.0/23 DIRECT drop 200/0 B
. .. . . . .
. .. . . . .
131 10.144.0.0/12 10.80.1.3 eth 3/4 20/1 B
132 12.168.0.1/32 DIRECT drop 1/1 S
Brocade#
- Multi-Service IronWare 1
- Document History 2
- Contents 3
- Chapter 3 IS-IS (IPv4) 9
- Chapter 4 RIP (IPv4) 10
- Chapter 6 MBGP 11
- Chapter 7 Multi-VRF 12
- Chapter 8 Inter-VRF Routing 12
- Chapter 9 Management VRF 13
- Chapter 11 IPv6 Addressing 15
- Chapter 12 IPv6 Prefix List 15
- Chapter 14 Static IPv6 Routes 16
- Chapter 15 BGP4+ (IPv6) 16
- Chapter 17 IS-IS (IPv6) 18
- Chapter 18 RIPng (IPv6) 20
- Chapter 20 VRRP and VRRP-E 21
- About This Document 23
- Supported software 24
- Document conventions 25
- Notice to the reader 26
- Related publications 26
- BGP (IPv4) 29
- Overview of BGP4 32
- BGP4 message types 35
- UPDATE message 36
- KEEPALIVE message 36
- Implementation of BGP4 37
- Memory considerations 37
- BGP4 Restart 38
- BGP4 neighbor local AS 40
- BGP4 null0 routing 41
- Configuring BGP4 42
- Enabling and disabling BGP4 46
- Multi-Exit Discriminators 48
- Redistributing IBGP routes 49
- BGP router reflector 49
- Configuring a route reflector 53
- Configuring confederations 54
- Enabling AS4 numbers 58
- AS4 notation 61
- BGP4 AS4 attribute errors 62
- • Logs an error 63
- BGP4 max-as error messages 64
- Originating the default route 66
- Setting the local AS number 70
- Configuring BGP4 neighbors 75
- Encryption example 82
- Configuring a BGP4 peer group 88
- Configuring a peer group 89
- Redistributing RIP routes 96
- Redistributing IS-IS 97
- Redistributing static routes 98
- Changing the device ID 99
- Adding a loopback interface 100
- BGP4 load sharing 101
- 53-1003033-02 102
- Support for RFC 4456 103
- Configuration procedures 103
- Filtering 104
- Special characters 105
- Using regular expressions 105
- Filtering communities 106
- Defining a community ACL 107
- Brocade(config)# router bgp 108
- Defining route maps 109
- Matching based on AS-path ACL 113
- Matching based on interface 115
- Dynamic route filter update 121
- Filter update delay and BGP 123
- BGP4 policy processing order 123
- • Configure the filter 124
- Sending and receiving ORFs 125
- Generating traps for BGP4 130
- Using soft reconfiguration 131
- Clearing traffic counters 137
- Removing route flap dampening 138
- Clearing diagnostic buffers 138
- Configuring BGP4 Restart 139
- Configuration steps 140
- Configuration examples 141
- Show commands 142
- Device 6 143
- Displaying BGP4 information 145
- BGP4 summary information 146
- This field... Displays 148
- Displaying route details 165
- Displaying AS4 details 171
- Field Description 172
- Attribute entries 177
- Extended community 177
- Running configuration 178
- BGP Routing Table is empty 182
- OSPF version 2 (IPv4) 183
- OSPF point-to-point links 186
- OSPF graceful restart 191
- • Summary (type 3 and type 4) 192
- • Opaque (type 10, TE link) 192
- Configuring OSPF 195
- Enable OSPF on the router 196
- Assign OSPF areas 197
- Assign a totally stubby area 198
- Brocade(config)# router ospf 199
- Example 201
- Modify interface defaults 203
- OSPF interface parameters 204
- Table 0.1: 206
- OSPF interfaces 207
- Assign virtual links 208
- Table 0.2: 210
- Define redistribution filters 213
- Enable route redistribution 215
- • Router ->R3 217
- • Router ->R4 217
- • Router ->R5 217
- • Router ->R6 217
- TABLE 19 Match Conditions 220
- OSPF non-stop routing 221
- Interface synchronization 222
- BFD with OSPF NSR 223
- Standby module operations 223
- Enabling and disabling NSR 224
- Limitations of NSR 224
- Adding additional parameters 224
- Disabling configuration 225
- OSPF distribute list 226
- Modify SPF timers 228
- (LSA) pacing 230
- Usage guidelines 231
- Modify OSPF traps generated 234
- Modify exit overflow interval 236
- Examples 240
- Command replacement 241
- Displaying OSPF information 242
- Syntax: show ip ospf config 243
- Syntax: show tasks 246
- • normal 247
- • 1 = point-to-point link 248
- This field Displays 250
- Displaying OSPF trap status 261
- This field Displays 262
- Clearing OSPF neighbors 264
- • Candidate 266
- • Elected 266
- Clearing OSPF information 267
- Commands 268
- Release Command History 269
- Output field Description 273
- IS-IS (IPv4) 275
- Domain and areas 278
- Neighbors and adjacencies 279
- Designated IS 279
- Broadcast pseudonode 280
- IS-IS CLI levels 281
- Interface level 282
- Enabling IS-IS globally 282
- • Change the default metric 283
- Setting the overload bit 284
- Configuring authentication 285
- • show isis database 288
- • show isis interface 288
- • show isis neighbor 288
- Brocade(config-isis-router)# 289
- Changing the SPF timer 291
- • ES hello (ESH PDU) 292
- • IS hello (ISH PDU) 292
- • IS to IS hello (IIH PDU) 292
- Logging adjacency changes 293
- Configuration considerations 294
- DIsabling 294
- Changing the metric style 295
- Configuring summary addresses 298
- ISIS Show command 300
- • Configure a GRE IP Tunnel 304
- Brocade C configuration 306
- Brocade D configuration 306
- IS-IS Non-Stop Routing 307
- Limitations 308
- Changing the hello interval 316
- Changing the hello multiplier 316
- DIS hello interval 316
- • Enabled – IS-IS is enabled 318
- Timers: L1 or L2 SPF: 319
- Timers: PSPF: 320
- Timers: LSP: 320
- Timers: SNP: 320
- Displaying the name mappings 322
- • LEVEL-1 326
- • LEVEL-2 326
- • LEVEL-1-2 326
- • Invalid checksum 328
- • Invalid length 328
- • Invalid lifetime value 328
- • Enabled 328
- • Disabled 328
- Displaying route information 329
- Displaying traffic statistics 334
- Displaying error statistics 335
- Displaying the IS-IS SPF Log 338
- Trigger types and description 339
- Clearing the IS-IS SPF Log 340
- Clearing IS-IS information 341
- RIP (IPv4) 343
- RIP parameters and defaults 344
- RIP interface parameters 345
- Configuring RIP parameters 346
- Configuring redistribution 347
- Setting RIP timers 352
- Displaying RIP Information 353
- Metric-offset, Outbound 0 354
- Policy-Based Routing (IPv4) 357
- Configuring a PBR policy 359
- Setting the next hop 360
- Enabling PBR 363
- LAG formation 367
- Show telemetry command 370
- (MBGP) features they support 373
- • Static IP multicast routes 374
- Configuring MBGP 375
- Enabling MBGP 376
- Adding MBGP neighbors 377
- Optional configuration tasks 378
- Displaying MBGP information 381
- Command Description 382
- Displaying MBGP neighbors 384
- Displaying MBGP routes 386
- Displaying dampened paths 388
- Displaying MBGP peer groups 391
- Clearing MBGP information 392
- Clearing BGP routes 393
- Multi-VRF 395
- Multi-VRF BGP or MPLS VPN 397
- MPLS Required No Yes 398
- Configuring Multi-VRF 400
- Configuration 1 402
- PE2 Configuration: 403
- CE 1 and CE 2 configurations 404
- Configuration 2 405
- PE1 configuration: 406
- PE2 configuration: 407
- CE 3 and CE 4 configurations 408
- Inter-VRF Routing 409
- Features & benefits 410
- Maximum route limitations 413
- Configuring Inter-VRF routing 413
- Clearing IP routes 419
- Modified CLI commands 420
- Management VRF 423
- SNMP server 424
- SNMP trap generator 424
- Telnet server 425
- SSH server 425
- Telnet client 425
- RADIUS client 426
- TACACS+ client 426
- Configuration notes 427
- Syntax: show vrf vrf-name 429
- Basic IPv6 Connectivity 433
- Enabling IPv6 routing 436
- FE48:4672/64 437
- IPv6 host support 439
- Supported protocols 446
- Restart global timers 446
- IPv6 Hitless OS upgrade 453
- Defining a DNS entry 455
- IPv6 Non-Stop Routing support 456
- ECMP load sharing for IPv6 457
- DHCP relay agent for IPv6 458
- Notification 460
- Notification information 462
- Configuring IPv6 ICMP 467
- IPv6 packets 469
- Neighbor redirect messages 473
- 1000 800 onlink autoconfig 475
- Changing the IPv6 MTU 484
- • Default IP MTU setting 485
- • Global MTU Setting 485
- • Interface MTU Setting 485
- QoS for IPv6 traffic 486
- Clearing the IPv6 cache 487
- • IPv6 prefix 488
- • IPv6 address 488
- • Interface type 488
- Using the nexthop option 498
- Displaying local IPv6 devices 500
- Advertisement Options 510
- IPv6 Addressing 515
- IPv6 address types 516
- TABLE 94 IPv6 address types 517
- IPv6 Prefix List 519
- IPv6 ND Prefix Suppress 521
- Managing a Device Over IPv6 525
- • Flash memory 526
- • Running configuration 526
- • Startup configuration 526
- Using the IPv6 ncopy command 528
- IPv6 TFTP server 529
- Using the IPv6 ping command 530
- Using Telnet 532
- Using Secure Shell 533
- Static IPv6 Routes 535
- BFD for Static Routes 538
- Single hop configuration 539
- Multi-hop configuration 539
- BGP4+ (IPv6) 541
- Configuring BGP4+ 543
- Adding BGP4+ neighbor 545
- Configuring a route map 546
- Creating a BGP4+ peer group 547
- Importing routes into BGP4+ 549
- Using route maps 551
- Enabling next-hop recursion 551
- Clearing BGP4+ information 553
- • Clear diagnostic buffers 554
- • Clear traffic counters 554
- Clearing BGP4+ VRF6 routes 558
- Displaying BGP4+ information 559
- Syntax: show ipv6 bgp config 568
- Displaying BGP4+ summary 598
- BGP4+ VPNv6 route information 606
- graceful restart 620
- • Restart Timer 621
- • Stale Routes Timer 621
- • Purge Timer 621
- OSPF version 3 (IPv6) 659
- OSPF Version 3 660
- Configuring OSPFv3 661
- Enabling OSPFv3 662
- Assigning OSPFv3 areas 662
- Specifying a network type 669
- Configuring virtual links 670
- Filtering OSPFv3 routes 677
- • 1 – Type 1 external route 680
- • 2 – Type 2 external route 681
- • Intra-area routes 682
- • Inter-area routes 682
- • External routes 682
- Brocade# configure terminal 684
- IPsec for OSPFv3 685
- Configuring IPsec for OSPFv3 686
- General considerations 687
- Configuring IPsec for an area 690
- Clearing IPsec statistics 693
- Configuring OSPFv3 NSR 694
- Displaying OSPFv3 information 696
- • BROADCAST 707
- • POINT TO POINT UNKNOWN 707
- • POINT TO POINT 707
- Syntax: show ipv6 ospf memory 709
- TABLE 143 OSPFv3 SPF table 717
- • DOWN – The link is down 720
- IPsec examples 721
- Showing IPsec policy 722
- Showing IPsec statistics 723
- Area configuration of IPsec 726
- OSPFv3 clear commands 731
- IS-IS (IPv6) 737
- Global configuration level 739
- Configuring IPv6 IS-IS 740
- Configuring summary prefixes 745
- IPv6 IS-IS Non-Stop Routing 751
- Configuring IS-IS NSR 752
- IPv6 IS-IS information fields 754
- • L1 – Level-1 route 769
- • L2 – Level-2 route 769
- IPv6 IS-IS Multi-Topology 770
- Migrating to IPv6 IS-IS MT 771
- Maintaining MT adjacencies 772
- New TLV attributes 772
- Enabling IPv6 IS-IS MT 772
- RIPng (IPv6) 777
- Configuring RIPng 778
- Configuring RIPng timers 779
- • IPv6 static routes 781
- • BGP4+ 781
- • IPv6 IS-IS 781
- • OSPFv3 781
- Displaying RIPng information 783
- Syntax: show ipv6 rip 784
- RIPng configuration fields 784
- RIPng routing table fields 786
- Policy-Based Routing (IPv6) 787
- Configuring the route map 789
- Enabling IPv6 PBR 792
- Displaying IPv6 ACL output 796
- ACL configuration 799
- Route-map configuration 799
- Apply route-map 799
- VRRP and VRRP-E 801
- Overview of VRRP 802
- Enhancements to VRRP 805
- Authentication 809
- Overview of VRRP-E 810
- Comparison of VRRP and VRRP-E 811
- VRRP and VRRP-E parameters 812
- ID of the virtual router 813
- Configuring the VRRP version 815
- Configuring a Backup for IPv4 817
- Configuring a Backup for IPv6 817
- Configuring IPv4 VRRP-E 818
- Configuring IPv6 VRRP-E 819
- Authentication type 821
- Hello interval 823
- Dead interval 823
- Track port 824
- Track priority 825
- Backup preempt 825
- VRRP-extended slow start 826
- VRRP-extended scale timer 827
- • “Displaying statistics” 828
- Displaying statistics 833
- VRRP example for IPv6 838
- Configuring router2 839
- VRRP-E example for IPv4 840
- VRRP-E example for IPv6 841
- Short path forwarding 844
- IP address 845
- IPv4 VRF support 845
Produits connexes et manuels pour Accessoires pour ordinateurs Brocade Multi-Service IronWare Routing Configuration Guide
Accessoires pour ordinateurs Brocade ICX 6610 Stackable Switch Hardware Installation Gu Manuel d'utilisateur
(108 pages)
(108 pages)
Accessoires pour ordinateurs Brocade ICX 6450 Stackable Switches Hardware Installation Manuel d'utilisateur
(116 pages)
(116 pages)
Accessoires pour ordinateurs Brocade Multi-Service IronWare Administration Guide (Suppo Manuel d'utilisateur
(432 pages)
(432 pages)
Accessoires pour ordinateurs Brocade Multi-Service IronWare Multiprotocol Label Switch Manuel d'utilisateur
(852 pages)
(852 pages)
Accessoires pour ordinateurs Brocade FastIron WS Hardware Installation Guide Manuel d'utilisateur
(74 pages)
(74 pages)
Accessoires pour ordinateurs Brocade FastIron SX Series Chassis Hardware Installation G Manuel d'utilisateur
(192 pages)
(192 pages)
Accessoires pour ordinateurs Brocade Unified IP MIB Reference (Supporting FastIron Rele Manuel d'utilisateur
(768 pages)
(768 pages)
Accessoires pour ordinateurs Brocade TurboIron 24X Series Configuration Guide Manuel d'utilisateur
(111 pages)
(111 pages)
Accessoires pour ordinateurs Brocade Fabric OS Administrators Guide (Supporting Fabric Manuel d'utilisateur
(622 pages)
(622 pages)
Accessoires pour ordinateurs Brocade Fabric OS Encryption Administrator’s Guide Support Manuel d'utilisateur
(332 pages)
(332 pages)
© 2020, manymanuals.fr. Tous droits réservés | 0.071 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels