Table Of Contents
Configuring Hardware
5.1 Overview
5.2 Using the NE Explorer to Configure Optical and Core Router NEs
5.2.1 Exporting an NE Configuration
5.2.2 Understanding the Color Scheme Used for Port and Alarm Status on CTC-Based NEs
5.3 Configuring Routing Protocols on Optical NEs
5.3.1 Specifying a Routing Protocol
5.3.2 Viewing Routing Tables for CTC-Based NEs
5.3.3 Creating Static Routes for CTC-Based NEs
5.3.4 Using OSPF with CTC-Based NEs
5.3.5 Using RIP
5.3.6 Creating and Modifying an SDCC, LDCC, or GCC Termination on Transponder Cards
5.3.7 Creating and Modifying an SDCC, LDCC, GCC, or OSC Termination on SONET or SDH Cards
5.3.8 Creating a DCC Tunnel Connection
5.3.9 Using SNMP
5.3.10 Specifying the Preferred Copy—ONS 15600 SONET or ONS 15600 SDH
5.3.11 Enabling Intermediate Path Performance Monitoring
5.3.12 Enabling Pointer Justification Count Monitoring for CTC-Based NEs
5.3.13 Changing the Power Monitoring Threshold for the ONS 15454 SONET and ONS 15454 SDH
5.3.14 Creating an Ethernet Threshold
5.4 Synchronizing the Network for Optical Devices
5.4.1 Synchronization Settings for the ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, and ONS 15600 SONET
5.4.2 Synchronization Settings for the ONS 15454 SDH and ONS 15600 SDH
5.5 Synchronizing the Network for MGX Voice Gateway Devices
5.5.1 Viewing Clocking Sources
5.6 Configuring and Administering the CRS-1 and XR 12000
5.6.1 Explicit Path Configuration Application
5.6.2 MPLS-TE Configuration Application
5.6.3 VRF Application
5.6.4 Interface Common Attributes Configuration Application
5.6.5 Interface Ethernet Configuration Application
5.6.6 Interface POS Configuration Application
5.6.7 SONET Port Configuration Application
5.6.8 Access Control Lists Application
5.6.9 Packet Filter Application
5.6.10 QoS Application
5.6.11 Routing Policy Manager Application
5.6.12 BGP Configuration Application—CRS-1 and XR 12000 R3.0 and R3.2
5.6.13 BGP Configuration Application—CRS-1 and XR 12000 R3.3
5.6.14 ISIS Configuration Application
5.6.15 LDP Configuration Application
5.6.16 OSPF Configuration Application
5.6.17 RSVP Configuration Application
5.6.18 Static Route Configuration
5.6.19 Template Configuration
5.6.20 Telnet Plus
5.6.21 SSHv1 and SSHv2
5.6.22 AAA Administration
5.6.23 Alarm Administration
5.6.24 User Administration
5.6.25 Rolling Back to a Checkpoint for the CRS-1 and XR 12000
5.6.26 Configuring Secure Socket Layer for the CRS-1 and XR 12000
5.7 Configuring the MDS 9000
5.8 Configuring the ONS 15216
5.9 Configuring the ONS 15302 and ONS 15305
5.10 Configuring the ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, and ONS 15454 SDH
5.10.1 Provisioning an ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, or ONS 15454 SDH Card Slot
5.10.2 Resetting a Card
5.10.3 Deleting a Card
5.10.4 Changing a Card
5.10.5 Inserting an AIS-V on an STS-1 SD-P
5.10.6 Changing Secure Config Mode—ONS 15454 SONET or ONS 15454 SDH
5.11 Configuring the ONS 15501, ONS 15530, and ONS 15540
5.12 Configuring the ONS 15600 SONET and ONS 15600 SDH
5.12.1 Resetting a Card
5.12.2 Deleting a Card
5.12.3 Changing a Card
5.13 Configuring the ONS 15800, ONS 15801, and ONS 15808
5.13.1 Synchronizing the ONS 15800, ONS 15801, and ONS 15808 Configuration and Inventory
5.13.2 Manually Resetting the ONS 15800, ONS 15801, or ONS 15808
5.13.3 Tagging an ONS 15800, ONS 15801, or ONS 15808 Module as Out of Service
5.14 Configuring MGX Voice Gateway Devices
5.14.1 How Do I Manage My Network with the Chassis View?
5.14.2 How Do I Manage My Network with the Configuration Center?
5.14.3 How Do I Manage Templates for NEs?
5.14.4 How Do I Configure MGX Voice Gateway Devices?
5.14.5 How Do I Create or Modify APS?
Configuring Hardware
This chapter describes the various NE configuration procedures that can be managed by CTM. This chapter contains the following sections:
•
Overview
•Using the NE Explorer to Configure Optical and Core Router NEs
•Configuring Routing Protocols on Optical NEs
•Synchronizing the Network for Optical Devices
•Synchronizing the Network for MGX Voice Gateway Devices
•Configuring and Administering the CRS-1 and XR 12000
•Configuring the MDS 9000
•Configuring the ONS 15216
•Configuring the ONS 15302 and ONS 15305
•Configuring the ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, and ONS 15454 SDH
•Configuring the ONS 15501, ONS 15530, and ONS 15540
•Configuring the ONS 15600 SONET and ONS 15600 SDH
•Configuring the ONS 15800, ONS 15801, and ONS 15808
•Configuring MGX Voice Gateway Devices
5.1 Overview
In order for CTM to communicate with NEs, certain configuration tasks must be performed on the NEs. Until these configuration tasks are completed, CTM cannot contact the NEs, and no management can begin.
Before CTM can manage NEs, the following conditions must be met:
•Ethernet—Management Ethernet port must be configured.
•Password—Current privileged command password must be configured.
•Telnet—Gigabit Route Processor (GRP) should accept a Telnet session.
•SNMP—GRP must be SNMP-manageable.
Configuration management functions control, identify, retrieve data from, and provide data to network resources to deliver customer services. Configuration management includes broad categories traditionally known as network planning and engineering, installation, network and service provisioning, service planning and negotiation, and status and control.
5.2 Using the NE Explorer to Configure Optical and Core Router NEs
Step 1 In the Domain Explorer window, select the NE that you want to configure.
Note Not all NEs have an associated NE Explorer. See Table 1-11 on page 1-25 for more information.
Step 2 Choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 3 In the NE Explorer tree, click the top-level NE node to open the node properties pane.
Step 4 Complete one of the following options, depending on the NE type:
•For optical NEs, click the tab (or subtab) that corresponds to the setting(s) you want to change. Modify the settings. For drop-down lists, select an item from the list. For numerics or editable text fields, double-click the field and type the new number or text. Click Apply.
•For the CRS-1 and XR 12000, the NE Explorer is menu-based. Use the Configuration and Administration menu options to configure the CRS-1 and XR 12000. For details, see Configuring and Administering the CRS-1 and XR 12000.
5.2.1 Exporting an NE Configuration
Use the NE Configuration Export dialog box to save the NE configuration information for CTC-based and ONS 1580x NEs.
Step 1 In the Domain Explorer tree, select a CTC-based or ONS 1580x NE.
Step 2 Choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 3 In the NE Explorer window, choose Configuration > Export NE Configuration. The NE Configuration Export dialog box opens.
Step 4 Configure the fields. The following table provides descriptions.
Step 5 After making your selections, click OK.
Step 6 Click Yes in the confirmation dialog box. While the export is in progress, a progress bar tracks the percentage to completion.
Step 7 A confirmation dialog box indicates that the data was successfully exported. Click OK.
Table 5-1 Field Descriptions for the NE Configuration Export Dialog Box
Field
|
Description
|
Field Separator
|
You can export the data as comma-separated values (CSV) or tab-separated values (TSV), which are formats commonly used to import data into spreadsheet and database applications for further analysis and manipulation. Click Other if you want to separate the CTM data values with a different character. An error occurs if you select Other but do not insert a separator character.
|
Enclose text in double quotes if it has separator
|
If checked, exported text is enclosed in double quotation marks if that text has a separator. If you choose the CSV format, you must check this option to avoid generating an error.
|
Export configuration of the selected module only
|
If checked, only the selected module's configuration is exported.
|
Export to file
|
By default, exported data is stored in the C:\Cisco\TransportManagerClient<version_number>\exports or /opt/CiscoTransportManagerClient<version_number>/exports directory under the name that you provide in the Export to file text box. Click Browse to change the file location. An error occurs if you do not specify a filename for the configuration file.
|
Below is an example of the exported information:
Date:,1/04/2005 10:06:29.893 AM,
ENDMODULE:,sjc4-310a-168-238,
5.2.2 Understanding the Color Scheme Used for Port and Alarm Status on CTC-Based NEs
The NE Explorer shelf views and card-level views for CTC-based NEs report the port and alarm status as a background color. This background color feature is configurable; you can enable or disable the display of background port color in the NE Explorer. This feature is available only if the card is physically present on the NE and is provisioned in CTM.
Figure 5-1 shows the color scheme used to represent the port state and alarm status. Figure 5-2 and Figure 5-3 show how the color-coded ports appear in the Network Explorer window.
Figure 5-1 Colors of Port State and Alarm Status
Row
|
Color
|
Port State
|
Port State Abbreviation
|
Alarm Status
|
1
|
Gray
|
Out of Service
|
OOS_DSBLD
|
—
|
2
|
Cyan
|
Out of Service-Maintenance
|
OOS_MT
|
—
|
3
|
Purple
|
In Service
|
IS_AINS
|
—
|
4
|
Green
|
In Service
|
IS
|
Clear
|
5
|
Light blue
|
In Service
|
IS
|
Warning
|
6
|
Yellow
|
In Service
|
IS
|
Minor
|
7
|
Orange
|
In Service
|
IS
|
Major
|
8
|
Red
|
In Service
|
IS
|
Critical
|
Figure 5-2 Sample of Ports with OOS, OOS_MT, IS_AINS, and IS States
Figure 5-3 Sample of Ports in IS State with Critical, Major, Minor, and Warning Alarms
5.3 Configuring Routing Protocols on Optical NEs
This section describes how to configure the various routing protocols supported by CTM. This section contains the following information:
•Specifying a Routing Protocol
•Viewing Routing Tables for CTC-Based NEs
•Creating Static Routes for CTC-Based NEs
•Using OSPF with CTC-Based NEs
•Using RIP
•Creating and Modifying an SDCC, LDCC, or GCC Termination on Transponder Cards
•Creating and Modifying an SDCC, LDCC, GCC, or OSC Termination on SONET or SDH Cards
•Creating a DCC Tunnel Connection
•Using SNMP
•Specifying the Preferred Copy—ONS 15600 SONET or ONS 15600 SDH
•Enabling Intermediate Path Performance Monitoring
•Enabling Pointer Justification Count Monitoring for CTC-Based NEs
•Changing the Power Monitoring Threshold for the ONS 15454 SONET and ONS 15454 SDH
•Creating an Ethernet Threshold
5.3.1 Specifying a Routing Protocol
CTM allows you to choose a routing protocol for the LAN interface for CTC-based NEs. You can choose one of the following:
•Open Shortest Path First (OSPF)
•Routing Information Protocol (RIP)
•SNMP
By default, no routing protocol is specified.
5.3.2 Viewing Routing Tables for CTC-Based NEs
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the Routing Table subtab.
5.3.3 Creating Static Routes for CTC-Based NEs
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the Static Routes subtab.
Step 4 Click Create. The Create New Static Route dialog box opens. The following table provides descriptions.
Step 5 After making your selections, click OK.
Table 5-2 Field Descriptions for the Create New Static Route Dialog Box
Field
|
Description
|
Destination
|
Enter the IP address of the computer running CTM.
|
Length
|
Enter the subnet mask length (a decimal number representing the subnet mask length, in bits).
|
Mask
|
Enter the subnetwork mask IP address.
|
Next Hop
|
Enter the IP address of the router port or the node IP address if the CTM computer is connected to the node directly.
|
Cost
|
Enter the number of hops between the NE and the computer running CTM.
|
5.3.4 Using OSPF with CTC-Based NEs
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the OSPF subtab.
Step 4 Complete the following fields. Fields shown depend on the type of NE selected.
•DCC OSPF Area ID—Number that identifies the NE as a unique OSPF area. It can be between 0.0.0.0 and 255.255.255.255. The number must be unique to the LAN OSPF area.
•SDCC Metric—Cost of sending packets across the SDCC, which is used by OSPF routers to calculate the shortest path.
•LDCC Metric—Cost of sending packets across the LDCC, which is used by OSPF routers to calculate the shortest path.
•OSPF Active on LAN—When checked, it enables the OSPF topology to be advertised to OSPF routers on the LAN.
•LAN Port Area ID—OSPF area ID for the router port where the NE is connected. This number is different from the DCC OSPF Area ID.
•Authentication Type—Displays either one of the following:
–Simple Password—If the router where the NE is connected uses authentication.
–No Authentication—If the router where the NE is connected does not use authentication.
•Authentication Key—Displays the OSPF key (or password) if authentication is enabled.
•Router Priority—Designated router for a subnet.
•Hello Interval—Number of seconds between OSPF hello packet advertisements sent by OSPF routers. The Cisco default is 10 seconds.
•Dead Interval—Number of seconds that will pass while an OSPF router's packets are not visible before its neighbors declare the router down. The Cisco default is 40 seconds.
•Transit Delay—Service speed. The Cisco default is 1 second.
•Retransmit Int—Time that will elapse before a packet is resent. The Cisco default is 5 seconds.
•LAN Metric—Cost for sending packets across the LAN. Values should be greater than zero.
Step 5 Click Apply.
5.3.4.1 Creating an OSPF Area Range
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the OSPF subtab and check the OSPF Active on LAN check box. (See Using OSPF with CTC-Based NEs for more information.)
Step 4 Click Apply.
Step 5 Click the OSPF Area Range subtab.
Step 6 Click Create. The Create OSPF Area Range dialog box opens. The following table provides descriptions.
Step 7 After making your selections, click OK.
Note If no range address is created when enabling OSPF on a LAN from CTM, you must manually provision the OSPF area range address for the respective range area IDs, as described in this procedure. Alternately, enable OSPF from CTC so that the range address is created when OSPF is enabled. This is a known issue that has been tracked using DDTS number CSCin62975.
Table 5-3 Field Descriptions for the Create OSPF Area Range Dialog Box
Field
|
Description
|
Range Address
|
Enter the area IP address for the NEs that reside within the OSPF area. For example, if the OSPF area includes nodes with IP addresses 10.10.20.100, 10.10.30.150, 10.10.40.200, and 10.10.50.250, the range address would be 10.10.0.0.
|
Range Area ID
|
Enter the OSPF area ID for the NEs. This is either the ID in the DCC OSPF Area ID field or the ID in the Area ID for LAN Port field. The ID cannot be 0.0.0.0.
|
Mask Length
|
Enter the subnet mask length.
|
Advertise
|
Check this check box if you want the area range to be advertised.
|
5.3.4.2 Deleting an OSPF Area Range
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the OSPF Area Range subtab.
Step 4 Select the OSPF area range from the table; then, click Delete.
Step 5 Click OK in the confirmation message box.
5.3.4.3 Managing OSPF Virtual Links
The following sections describe how to manage OSPF virtual links.
5.3.4.3.1 Viewing OSPF Virtual Links
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the OSPF Virtual Links subtab. The following information is displayed:
•Neighbor—Router ID of the Area 0 router.
•Transit Delay—Service speed. The Cisco default is 1 second.
•Retransmit Interval—Time that will elapse before a packet is resent. The Cisco default is 5 seconds.
•Hello Interval—Number of seconds between OSPF hello packet advertisements sent by OSPF routers.
•Dead Interval—Number of seconds that will pass while the packets of an OSPF router are not visible before its neighbors declare the router down.
•Authentication Type—Authentication type.
•Auth Key—Authentication key.
5.3.4.3.2 Creating an OSPF Virtual Link
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the OSPF subtab and check the OSPF Active on LAN check box. (See Using OSPF with CTC-Based NEs for more information.)
Step 4 Click Apply.
Step 5 Click the OSPF Virtual Links subtab.
Step 6 Click Create. The Create New Virtual Link dialog box opens and allows you to define a link between OSPF area border routers. The following table provides descriptions.
Step 7 After making your selections, click OK.
Table 5-4 Field Descriptions for the Create New Virtual Link Dialog Box
Field
|
Description
|
Neighbor
|
Specify the IP address of the Area 0 router.
|
Transit Delay
|
Specify the service speed. The Cisco default is 1 second.
|
Retransmit Interval
|
Specify the time that will elapse before a packet is resent. The Cisco default is 5 seconds.
|
Hello Interval
|
Specify the number of seconds between OSPF hello packet advertisements. The Cisco default is 10 seconds.
|
Dead Interval
|
Specify the number of seconds that will pass while the packets of an OSPF router are not visible before its neighbors declare the router down. The Cisco default is 40 seconds.
|
Authentication Type
|
Specify the authentication type. Select Simple Password if the router where the NE is connected uses authentication. Otherwise, select No Authentication.
|
Authentication Key
|
Enter the OSPF key (password) if authentication is enabled.
|
Confirm Authentication Key
|
Reenter the authentication key to confirm it.
|
5.3.4.3.3 Modifying an OSPF Virtual Link
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the OSPF Virtual Links subtab.
Step 4 Select an OSPF virtual link to modify; then click Edit.
Step 5 The Modify Virtual Link dialog box opens. Modify the following:
•Neighbor—Enter the new IP address.
•Transit Delay—Indicates the service speed.
•Retransmit Delay—Sets the time that will elapse before a packet is resent.
•Hello Interval—Sets the number of seconds between OSPF hello packet advertisements sent by OSPF routers.
•Dead Interval—Sets the number of seconds that will pass while an OSPF router's packets are not visible before its neighbors declare the router down.
•Authentication Type—Select the authentication type. Select either No Authentication or Simple Authentication.
•Auth Key—If Simple Authentication is selected as authentication type, enter the authentication key.
•Confirm Auth Key—Re-enter the authentication key.
Step 6 Click OK.
5.3.4.3.4 Deleting an OSPF Virtual Link
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the OSPF Virtual Links subtab.
Step 4 Select an OSPF virtual link to delete; then, click Delete.
Step 5 Click Yes in the confirmation dialog box.
5.3.5 Using RIP
Step 1 In the Domain Explorer tree, select an ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, or ONS 15454 SDH NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the RIP subtab.
Step 4 Complete the following:
•RIP Active—Check to enable RIP.
•RIP Type—Select the RIP version from the pull-down menu.
•Metric—Set to a number between 1 and 15. This represents the number of hops.
•Authentication Type—By default, RIP is set to No Authentication. If the router that the NE is connected to requires authentication, set this to Simple Password.
•Authentication Key—If the Authentication Type is set to Simple Password, enter the password.
•Confirm Authentication Key—Enter the same password to confirm it.
Step 5 If you want to create an address summary, complete the following steps:
a. Click Create. Complete the address summary only if the NE is a gateway network element (GNE) with multiple end NEs attached and IP addresses in different subnets.
b. In the Create RIP Address Summary dialog box that opens, create aggregate addresses, which will be represented in the routing table by a summary address. Table 5-5 provides descriptions. The NEs use the IP summary address for RIP to advertise a summarized local IP address pool on the NE so that the address pool can be provided to clients.
c. After making your selections, click OK. The RIP address information is displayed in the RIP Address Summary table.
Step 6 If you want to delete a RIP address, complete the following steps:
a. Select the RIP address from the RIP Address Summary table and click Delete.
b. Click Yes in the confirmation dialog box.
Step 7 Click Apply.
Note Both the OSPF and RIP tabs are enabled if no routing advertisement is enabled. If either OSPF or RIP is enabled, the other routing protocol is disabled.
Table 5-5 Field Descriptions for the Create RIP Address Summary Dialog Box
Field
|
Description
|
Summary Address
|
Specify the IP address of the RIP summary.
|
Mask Length
|
Enter the subnet mask length.
|
Mask Address
|
(Read-only) View the subnet mask address.
|
Cost
|
Enter the hop count metric (the number of hops between the NE and the destination). The valid range is 1 to 15. The smaller the number of hops, the higher the priority.
|
5.3.5.1 Viewing the RIP Routing Table
Step 1 In the Domain Explorer tree, select an ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, or ONS 15454 SDH NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the RIP Routing Table subtab. The RIP Routing table is displayed with the following information:
•Destination—(Read-only) Displays the IP address of the destination network or host.
•Mask—(Read-only) Displays the subnet mask used to reach the destination host or network.
•Gateway—(Read-only) Displays the IP address of the gateway used to reach the destination network or host.
•Cost—(Read-only) Displays the hop count metric. The valid range is 1 to 15.
5.3.6 Creating and Modifying an SDCC, LDCC, or GCC Termination on Transponder Cards
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane of the NE Explorer, click one of the following tabs. Tabs shown depend on the type of NE selected.
•DCC
DCC (Data Communications Channel) carries provisioning and maintenance data/information between network elements in the SONET overhead.
•DCC/GCC/OSC
GCC (General Communications Channel) is used for transponders and muxponders in dense wavelength division multiplexing (DWDM) applications.
Optical Service Channel (OSC) is a bidirectional channel that connects two adjacent nodes in a DWDM ring
•LDCC
LDCC (Line Data Communications Channel or Line DCC) is a 576-kbps data communications channel embedded in the section overhead for OAM&P traffic between two NEs.
•SDCC
SDCC (Section Data Communications Channel or Section DCC) is a 192-kbps data communications channel embedded in the section overhead for OAM&P traffic between two NEs.
Step 3 Click the subtab that corresponds to the termination that you want to create or modify. For example, to create or modify an LDCC termination, click the LDCC subtab.
Step 4 Complete one of the following options, depending on whether you want to create a new termination or modify an existing one:
•Click the Create button above the Transponder area. The Create <SDCC, LDCC, GCC, or OSC> dialog box opens and allows you to create new terminations on transponder cards. Table 5-6 provides descriptions.
Note The fields shown in the Create <SDCC, LDCC, GCC, or OSC> dialog box depend on the type of termination that is being created. The fields shown also depend on the NE type.
•Select an existing termination and click the Edit button above the Transponder area. The Edit <SDCC, LDCC, GCC, or OSC> dialog box opens and allows you to modify existing terminations on transponder cards. The following table provides descriptions.
Note The fields shown in the Edit <SDCC, LDCC, GCC, or OSC> dialog box depend on the type of termination that is being modified. The fields shown also depend on the NE type.
Step 5 After making your selections, click OK.
Table 5-6 Field Descriptions for the Create or Modify <SDCC, LDCC, GCC, or OSC> Dialog Box
Tab
|
Description
|
SDCC/LDCC Info
|
(Available for SDCC and LDCC termination.) Displays the slot and port number of the SDCC or LDCC termination.
|
OSPF Disabled on Link
|
Indicates whether Open Shortest Path First (OSPF) is disabled on the link. OSPF should be disabled only when the slot and port connect to third-party equipment that does not support OSPF.
|
Foreign
|
If checked, it means that the far-end node is a non-ONS node.
|
Admin State
|
Indicates the SDCC or LDCC port state. Select one of the following:
Note Admin state options that appear in the drop-down list depend on the NE type.
•Leave Unchanged
•IS
•OOS DSBLD
•OOS MT
•IS AINS
•unlocked
•locked, disabled
•locked, maintenance
•unlocked, automaticInService
|
Layer3/Layer 2 Config
|
Layer3 (Layer2) Config
|
Select one of the following:
•OSI (LAPD)—When selected, all fields in the OSI Subnet and LAPD areas are enabled. The Layer 3 protocol used for the DCC is OSI (IP not applicable); the Layer 2 protocol is LAPD. The OSI (LAPD) option applies only to SDCC and is disabled for all other DCC types.
•IP (PPP)—When selected, all fields in the OSI Subnet and LAPD areas are disabled. The Layer 3 protocol used for the DCC is IP only; the Layer 2 protocol is PPP.
•OSI and IP (PPP)—When selected, only the fields in the OSI Subnet area are enabled. The Layer 3 protocol includes both OSI and IP, but the Layer 2 protocol remains as PPP.
Note When editing an existing DCC, you can toggle between the IP (PPP) and OSI and IP (PPP) options if either option exists on the DCC.
Note If the DCC is configured as OSI (LAPD), you cannot modify the Layer 3/Layer 2 configuration.
|
OSI Subnet
|
Router Number
|
The OSI virtual router where the subnet (SDCC or LDCC) is provisioned.
|
IS-IS Cost
|
Sets the cost for sending packets on the subnet. This is used by OSPF routers to calculate the shortest path.
|
ISH
|
Sets the Intermediate System Hello (ISH) protocol data unit (PDU) propagation frequency. Intermediate system NEs send ISHs to other ESs and ISs to inform them about the NETs they serve. The Cisco default is 10 seconds. The range is from 10 to 1000 seconds.
|
ESH
|
Sets the End System Hello (ESH) propagation frequency. End system NEs transmit ESHs to inform other ESs and ISs about the NSAPs they serve. The Cisco default is 10 seconds. The range is from 10 to 1000 seconds.
|
IIH
|
Sets the Intermediate System to Intermediate System Hello PDU propagation frequency. The IS-IS Hello PDUs establish and maintain adjacencies between ISs. The Cisco default is 3 seconds. The range is from 1 to 600 seconds.
|
LAPD
|
Acknowledgement
|
Indicates the Link Access Protocol on the D channel (LAPD) acknowledgement type. Select either:
•Acknowledged Information Transfer Service (AITS)
•Unacknowledged Information Transfer Service (UITS)
|
T200
|
Shows the time between Set Asynchronous Balanced Mode (SABM) frame transmissions. The range is from 0.2 to 20 seconds.
|
T203
|
Shows the maximum time between LAPD frame exchanges. The range is from 4 to 120 seconds.
|
Mode
|
Indicates the LAPD frame command/response role. Values are:
•Network
•User
|
MTU
|
Sets the maximum transfer unit (MTU).
|
5.3.7 Creating and Modifying an SDCC, LDCC, GCC, or OSC Termination on SONET or SDH Cards
Step 1 In the Domain Explorer tree, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane of the NE Explorer, click one of the following tabs. Tabs shown depend on the type of NE selected.
•DCC
DCC (Data Communications Channel) carries provisioning and maintenance data/information between network elements in the SONET overhead.
•DCC/GCC/OSC
GCC (General Communications Channel) is used for transponders and muxponders in dense wavelength division multiplexing (DWDM) applications.
Optical Service Channel (OSC) is a bidirectional channel that connects two adjacent nodes in a DWDM ring
•LDCC
LDCC (Line Data Communications Channel or Line DCC) is a 576-kbps data communications channel embedded in the section overhead for OAM&P traffic between two NEs.
•SDCC
SDCC (Section Data Communications Channel or Section DCC) is a 192-kbps data communications channel embedded in the section overhead for OAM&P traffic between two NEs.
Step 3 Click the subtab that corresponds to the termination that you want to create or modify. For example, to create or modify an LDCC termination, click the LDCC subtab.
Step 4 Complete one of the following options, depending on whether you want to create a new termination or modify an existing one:
•Click the Create button above the SONET/SDH area. The Create <SDCC, LDCC, GCC, or OSC> dialog box opens and allows you to create new terminations on SONET or SDH cards. Table 5-7 provides descriptions.
Note The fields shown in the Create <SDCC, LDCC, GCC, or OSC> dialog box depend on the type of termination that is being created. The fields shown also depend on the NE type.
•Select an existing termination and click the Edit button above the SONET/SDH area. The Edit <SDCC, LDCC, GCC, or OSC> dialog box opens and allows you to modify existing terminations on SONET or SDH cards. Table 5-7 provides descriptions.
Note The fields shown in the Edit <SDCC, LDCC, GCC, or OSC> dialog box depend on the type of termination that is being modified. The fields shown also depend on the NE type.
Step 5 After making your selections, click OK.
Table 5-7 Field Descriptions for the Create or Edit <SDCC, LDCC, GCC, or OSC> Dialog Box
Field
|
Description
|
SDCC/LDCC Info
|
(Available for SDCC and LDCC termination.) Displays the slot and port number of the SDCC or LDCC termination.
|
GCC Terminations
|
(Available for GCC termination.) Displays the slot and port number of the GCC termination.
|
OSC Terminations
|
(Available for OSC termination.) Displays the slot and port number of the OSC termination.
|
OSPF Disabled on Link
|
Indicates whether Open Shortest Path First (OSPF) is disabled on the link. OSPF should be disabled only when the slot and port connect to third-party equipment that does not support OSPF.
|
Foreign
|
If checked, it means that the far-end node is a non-ONS node.
|
Admin State
|
Indicates the SDCC or LDCC port state. Select one of the following:
Note Admin state options that appear in the drop-down list depend on the NE type.
•Leave Unchanged
•IS
•OOS DSBLD
•OOS MT
•IS AINS
•unlocked
•locked, disabled
•locked, maintenance
•unlocked, automaticInService
|
GCC Rate
|
(Available for GCC termination.) Select the GCC rate.
|
Layer3/Layer 2 Config
|
Layer3 (Layer2) Config
|
Select one of the following:
•OSI (LAPD)—When selected, all fields in the OSI Subnet and LAPD areas are enabled. The Layer 3 protocol used for the DCC is OSI (IP not applicable); the Layer 2 protocol is LAPD. The OSI (LAPD) option applies only to SDCC and is disabled for all other DCC types.
•IP (PPP)—When selected, all fields in the OSI Subnet and LAPD areas are disabled. The Layer 3 protocol used for the DCC is IP only; the Layer 2 protocol is PPP.
•OSI and IP (PPP)—When selected, only the fields in the OSI Subnet area are enabled. The Layer 3 protocol includes both OSI and IP, but the Layer 2 protocol remains as PPP.
Note When editing an existing DCC, you can toggle between the IP (PPP) and OSI and IP (PPP) options if either option exists on the DCC.
Note If the DCC is configured as OSI (LAPD), you cannot modify the Layer 3/Layer 2 configuration.
|
OSI Subnet
|
Router Number
|
The OSI virtual router where the subnet (SDCC, LDCC, GCC, or OSC) is provisioned.
|
IS-IS Cost
|
Sets the cost for sending packets on the subnet. This is used by OSPF routers to calculate the shortest path.
|
ISH
|
Sets the Intermediate System Hello (ISH) protocol data unit (PDU) propagation frequency. Intermediate system NEs send ISHs to other ESs and ISs to inform them about the NETs they serve. The Cisco default is 10 seconds. The range is from 10 to 1000 seconds.
|
ESH
|
Sets the End System Hello (ESH) propagation frequency. End system NEs transmit ESHs to inform other ESs and ISs about the NSAPs they serve. The Cisco default is 10 seconds. The range is from 10 to 1000 seconds.
|
IIH
|
Sets the Intermediate System to Intermediate System Hello PDU propagation frequency. The IS-IS Hello PDUs establish and maintain adjacencies between ISs. The Cisco default is 3 seconds. The range is from 1 to 600 seconds.
|
LAPD
|
Acknowledgement
|
Indicates the Link Access Protocol on the D channel (LAPD) acknowledgement type. Select either:
•Acknowledged Information Transfer Service (AITS)
•Unacknowledged Information Transfer Service (UITS)
|
T200
|
Shows the time between Set Asynchronous Balanced Mode (SABM) frame transmissions. The range is from 0.2 to 20 seconds.
|
T203
|
Shows the maximum time between LAPD frame exchanges. The range is from 4 to 120 seconds.
|
Mode
|
Indicates the LAPD frame command/response role. Values are:
•Network
•User
|
MTU
|
Sets the maximum transfer unit (MTU).
|
5.3.8 Creating a DCC Tunnel Connection
The Create DCC Tunnel Connection dialog box allows you to create new DCC tunnel connections for the ONS 15454 SONET R3.3 and earlier.
Step 1 In the Domain Explorer tree, select the R3.3 or earlier ONS 15454 SONET NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane of the NE Explorer, click the DCC/GCC/OSC tab.
Step 3 Click the DCC Tunnel Connection subtab.
Step 4 Click Create. The Create dialog box opens. The following table provides descriptions.
Step 5 After making your selections, click OK.
Table 5-8 Field Descriptions for the Create DCC Tunnel Connection Dialog Box
Field
|
Description
|
From A
|
Select a beginning interface for the DCC tunnel.
|
From B
|
Select an ending interface for the DCC tunnel.
|
5.3.9 Using SNMP
5.3.9.1 Changing the SNMP Community String—CTC-Based NEs
Use the SNMP Trap Destination dialog box in CTC to provision community names for all SNMP requests (for example, get, next, bulk, and set) for CTC-based NEs R3.3 and later. Any SNMP request that uses a community name that matches a community name in the list of provisioned SNMP trap destinations is considered valid.
If an SNMP request contains an invalid community name (one that does not match a provisioned community name), the request is dropped silently. The MIB variable snmpInBadCommunityNames increments, and an authenticationFailure trap is sent.
Due to security concerns, the community names public and private do not have the special meaning that they have in most SNMP interfaces.
5.3.9.2 Configuring SNMP for CTC-Based NEs
Step 1 Select a CTC-based NE in the Domain Explorer tree and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab; then, click the SNMP subtab.
Step 3 (Not applicable to the ONS 15600) To allow SNMP proxy, check the Allow SNMP Proxy check box.
Step 4 (Not applicable to the ONS 15600) To use the SNMP management software with the NE, check the Allow SNMP Set check box.
Step 5 (Not applicable to the ONS 15600) Click Apply.
Step 6 Click Create. The Create SNMP Trap Destination dialog box opens. The following table provides descriptions.
Step 7 After making your selections, click OK.
Step 8 Click Apply.
Table 5-9 Field Descriptions for the Create SNMP Trap Destination Dialog Box
Field
|
Description
|
IP Address
|
Enter the IP address of your NMS.
|
Community Name
|
Enter the SNMP community name. For a description of SNMP community names, refer to the SNMP information in the NE reference guide.
Note The community name is a form of authentication and access control. The community name assigned to the ONS 15600 is case-sensitive and must match the community name of the NMS.
|
UDP Port
|
Set the UDP port for SNMP. The Cisco default port is 162. Allowed UDP port values are 162, 391, and values between 1024 and 65535.
|
Trap Version
|
Set the Trap Version field for either SNMPv1 or SNMPv2. See your NMS documentation to determine whether to use SNMPv1 or SNMPv2.
|
Max Traps per Second (not applicable to the ONS 15600)
|
Enter the maximum number of traps per second that will be sent to the SNMP manager. A zero value indicates that there is no maximum and all traps are sent to the SNMP manager.
|
5.3.9.3 Creating an SNMP Community—ONS 15216 EDFA2
The Create SNMP Community View dialog box allows you to create an SNMP community for the ONS 15216 EDFA2.
Note SNMP views are supported only for the EDFA2 R2.4.0 and later. The SNMP tab is not present in the EDFA2 R2.1.1 and R2.3.0.
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the SNMP Community Table subtab.
Step 4 Click Create. The Create SNMP Community View dialog box opens. The following table provides descriptions.
Table 5-10 Field Descriptions for the Create SNMP Community View Dialog Box
Field
|
Description
|
Community Name
|
Enter the SNMP community name.
|
Privileges
|
Enter the access privileges that govern what management operations a particular community can perform. These privileges are expressed as a sum of values, where each value represents a particular operation. See Table 5-11 for the SNMP operation decimal values.
|
IP Address
|
Enter the IP address from which network management traffic for the new SNMP community originates.
|
Subnet Mask
|
Enter the subnet mask for the source IP address.
|
Step 5 After making your selections, click OK in the Create SNMP Community View dialog box.
Step 6 Click Apply in the node properties pane. The new SNMP community is listed in the SNMP Community table.
The following table displays the decimal values for the different SNMP operations. For example, 255 is the sum of all decimal values and specifies access to all SNMP operations. This sum is the default private community. 247 is the sum for all SNMP operations with the exception of the Set operation. This sum is the default public community.
Table 5-11 SNMP Operation Decimal Values
SNMP Operation
|
Decimal Values
|
Get
|
1
|
GetNext
|
2
|
Response (enable for all community strings)
|
4
|
Set
|
8
|
SNMPv1-Trap
|
16
|
GetBulk
|
32
|
Inform (enable for all community strings)
|
64
|
SNMPv2-Trap (enable for all community strings)
|
128
|
5.3.9.4 Modifying an SNMP Community—ONS 15216 EDFA2
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the SNMP Community Table subtab.
Step 4 In the SNMP Community table, select the SNMP community to modify.
Step 5 Double-click a specific field and modify the following:
•Community Name—New community string.
•View Index—New index number.
•Privilege—New access privilege that governs what management operations a particular community can perform. These privileges are expressed as a sum of values, where each value represents a particular operation. See Table 5-11 for the SNMP operation decimal values.
•IP Address—New IP address from which network management traffic for the new SNMP community originates.
•Subnet Mask—New subnet mask for the source IP address.
•Status—Read-only.
Step 6 Click Apply.
5.3.9.5 Deleting an SNMP Community—ONS 15216 EDFA2
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the SNMP Community Table subtab.
Step 4 In the SNMP Community table, select an SNMP community to delete.
Step 5 Click Delete; then, click OK.
Step 6 Click Apply.
5.3.9.6 Creating an SNMP Trap Destination—ONS 15216 EDFA2
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the Trap Destination Table subtab.
Step 4 Click Create. The Create Trap Destination dialog box opens. The following table provides descriptions.
Step 5 After making your selections, click OK.
Step 6 Click Apply in the node properties pane. The new SNMP trap destination is listed in the Trap Destination table.
Table 5-12 Field Descriptions for the Create Trap Destination Dialog Box
Field
|
Description
|
IP Address
|
Type the SNMP trap destination IP address.
|
UDP Port
|
Set the trap destination User Datagram Protocol (UDP) port for SNMP.
|
Community Name
|
Type the SNMP community name.
|
Version
|
Enter the trap version number.
|
5.3.9.7 Modifying an SNMP Trap Destination—ONS 15216 EDFA2
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the Trap Destination Table subtab.
Step 4 In the Trap Destination table, select the SNMP trap destination to modify.
Step 5 Double-click a specific field and modify the following:
•IP Address—IP address of the SNMP trap destination.
•UDP Port—UDP port number of the SNMP trap destination.
•Community Name—SNMP trap destination community string name.
•Version—Select the version from the pull-down menu.
•View Index—New index number.
•Status—Read-only.
Step 6 Click Apply.
5.3.9.8 Deleting an SNMP Trap Destination—ONS 15216 EDFA2
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the Trap Destination Table subtab.
Step 4 In the Trap Destination table, select an SNMP trap destination to delete.
Step 5 Click Delete; then, click OK.
Step 6 Click Apply.
5.3.9.9 Creating an SNMP View—ONS 15216 EDFA2
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the SNMP Views subtab.
Step 4 Click Create. The Create SNMP View dialog box opens. The following table provides descriptions.
Step 5 After making your selections, click OK.
Step 6 Click Apply in the node properties pane. The new SNMP view is listed in the SNMP Views table.
Table 5-13 Field Descriptions for the Create SNMP View Dialog Box
Field
|
Description
|
View Index
|
Enter the view index number, which is a unique value for each MIB view.
|
Subtree
|
Enter an object identifier that designates a subtree element in the MIB hierarchy.
|
Mask
|
Enter the bit mask that identifies objects in the subtree.
|
Type
|
From the pull-down menu, select the flag that specifies the status of the view. Values are included and excluded.
|
5.3.9.10 Modifying an SNMP View—ONS 15216 EDFA2
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the SNMP Views subtab.
Step 4 In the SNMP Views table, select the SNMP view to modify.
Step 5 Double-click a specific field and modify the following:
•View Index—Read-only.
•Subtree—Read-only.
•Mask—Modify the bit mask that identifies objects in the subtree.
•Type—From the pull-down menu, select the flag that specifies the status of the view.
•Status—Read-only.
Step 6 Click Apply.
5.3.9.11 Deleting an SNMP View—ONS 15216 EDFA2
Step 1 In the Domain Explorer, select an ONS 15216 EDFA2 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the SNMP Views subtab.
Step 4 In the SNMP Views table, select an SNMP view to delete.
Step 5 Click Delete; then, click OK.
Step 6 Click Apply.
5.3.9.12 Creating an SNMP Trap Destination—ONS 15216 EDFA3
Step 1 In the Domain Explorer, select an ONS 15216 EDFA3 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click Add Row. The Create Trap Destination table opens. Table 5-14 provides descriptions.
Step 4 After making your selections, click OK.
Step 5 Click Apply in the node properties pane. The new SNMP trap destination is listed in the Trap Destination table.
Note A maximum of 10 SNMP hosts can be configured for the EDFA3. (The EDFA2 has no such restriction.)
Table 5-14 Field Descriptions for the Trap Destination Table Subtab
Field
|
Description
|
IP Address
|
Enter the trap destination IP address.
|
UDP Port
|
Set the trap destination UDP port for SNMP.
|
Community Name
|
Enter the SNMP trap destination community string name.
|
Version
|
Enter the trap version number.
|
5.3.9.13 Modifying an SNMP Trap Destination—ONS 15216 EDFA3
Step 1 In the Domain Explorer, select an ONS 15216 EDFA3 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the Trap Destination Table subtab.
Step 4 In the Trap Destination table, select the SNMP trap destination to modify.
Step 5 Double-click a specific field and modify the following:
•IP Address—IP address of the SNMP trap destination.
•UDP Port—UDP port number of the SNMP trap destination.
•Community Name—SNMP trap destination community string name.
•Version—Select the version from the pull-down menu.
Step 6 Click Apply.
5.3.9.14 Deleting an SNMP Trap Destination—ONS 15216 EDFA3
Step 1 In the Domain Explorer, select an ONS 15216 EDFA3 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the SNMP tab.
Step 3 Click the Trap Destination Table subtab.
Step 4 In the Trap Destination table, select an SNMP trap destination to delete; then, click Delete Row.
Step 5 Click Apply.
5.3.10 Specifying the Preferred Copy—ONS 15600 SONET or ONS 15600 SDH
Step 1 In the Domain Explorer tree, select the ONS 15600 SONET or ONS 15600 SDH NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Maintenance tab.
Step 3 In the Preferred Copy subtab > Data Copy area, select the preferred data from the Preferred Data pull-down list.
Step 4 Click Apply.
5.3.11 Enabling Intermediate Path Performance Monitoring
Most CTC-based networks use line-terminating equipment (LTE) to enable intermediate path performance monitoring (IPPM). IPPM allows you to transparently monitor a transmission signal originating from any equipment without terminating the channel of that signal. To use IPPM, create the STS circuit on the DS-N cards; then, enable IPPM on the EC1-12 or OC-N cards that carry the circuit.
Note IPPM occurs only on STS paths that have IPPM enabled; threshold crossing alerts (TCAs) are raised only for PM parameters on the IPPM-enabled paths. The monitored IPPM parameters are STS CV-P, STS ES-P, STS SES-P, STS UAS-P, and STS FC-P.
Step 1 In the Domain Explorer, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 Select an LTE card. The following table lists the LTE cards.
Table 5-15 Traffic Cards that Terminate the Line (LTE Cards)
NE
|
Line-Terminating Equipment
|
ONS 15327
|
XTC-14
|
XTC-28-3
|
OC3 IR4 1310
|
OC12 IR 1310
|
OC12 LR 1550
|
OC48 IR 1310
|
OC48 LR 1550
|
—
|
ONS 15454 SONET
|
Electrical LTE
|
EC1-12
|
DS1-14
|
DS1N-14
|
DS3-12
|
DS3N-12
|
DS3-12E
|
DS3N-12E
|
DS3XM-6
|
DS3i/DS3iN
|
—
|
Optical LTE
|
OC3 IR 4/STM1 SH 1310
|
OC3 IR/STM1 SH 1310-8
|
OC12 IR/STM4 SH 1310
|
OC12 LR/STM4 LH 1310
|
OC12 LR/STM4 LH 1550
|
OC12 IR/STM4 SH 1310-4
|
OC48 IR 1310
|
OC48 LR 1550
|
OC48 IR/STM16 SH AS 1310
|
OC48 LR/STM16 LH AS 1550
|
OC48 ELR/STM16 EH 100 GHz
|
OC48 ELR 200 GHz
|
OC192 SR/STM64 IO 1310
|
OC192 IR/STM64 SH 1550
|
OC192 LR/STM64 LH 1550
|
OC192 LR/STM64 LH ITU 15xx.xx
|
TXP_MR_10G
|
MXP_2.5G_10G
|
ONS 15454 SDH
|
Electrical LTE
|
E1-N-14
|
E1-42
|
E3-12
|
DS3i-N-12
|
STM1E-12
|
—
|
Optical LTE
|
OC3 IR 4/STM1 SH 1310
|
OC3 IR/STM1 SH 1310-8
|
OC12 IR/STM4 SH 1310
|
OC12 LR/STM4 LH 1310
|
OC12 LR/STM4 LH 1550
|
OC12 IR/STM4 SH 1310-4
|
OC48 IR/STM16 SH AS 1310
|
OC48 LR/STM16 LH AS 1550
|
OC48 ELR/STM16 EH 100 GHz
|
OC192 SR/STM64 IO 1310
|
OC192 IR/STM64 SH 1550
|
OC192 LR/STM64 LH 1550
|
OC192 LR/STM64 LH ITU 15xx.xx
|
—
|
ONS 15600
|
OC48/STM16 LR/LH 16 Port 1550
|
OC192/STM64 LR/LH 4 Port 1550
|
Step 3 Click the STS tab.
Step 4 Click the STS Config subtab.
Step 5 Check the IPPM Enabled check box.
Step 6 Click Apply.
5.3.12 Enabling Pointer Justification Count Monitoring for CTC-Based NEs
Note Pointer justification count monitoring is not available for the ONS 15600 SONET and ONS 15600 SDH NEs.
Pointers are used in CTC-based NEs to compensate for frequency and phase variations. They provide a way to align the phase variations in STS and VT payloads. Pointer justification counts indicate timing differences on SONET networks.
There are positive pointer justification count (PPJC) and negative pointer justification count (NPJC) parameters. PPJC is a count of path-detected (PPJC-Pdet) or path-generated (PPJC-Pgen) positive pointer justifications. NPJC is a count of path-detected (NPJC-Pdet) or path-generated (NPJC-Pgen) negative pointer justifications depending on the specific PM name.
A consistent pointer justification count indicates clock synchronization problems between nodes. A difference between the counts means the node transmitting the original pointer justification has timing variations with the node detecting and transmitting this count. Positive pointer adjustments occur when the frame rate of the synchronous payload envelope (SPE) is too slow in relation to the rate of the STS-1.
To enable performance monitoring of the pointer justification count:
Step 1 In the Domain Explorer, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 Select an LTE card. See Table 5-15 for a list of LTE cards.
Step 3 Click the Line tab.
Step 4 Click the Line Config subtab.
Step 5 Double-click the PJStsMon# field and select a number:
•The value Off means pointer justification monitoring is disabled.
•The values 1 to n are the STS numbers on one port. One STS per port can be enabled from the PJStsMon# menu, as follows:
–EC1-12 PJStsMon# card field: 0 or 1 can be selected on a total of 12 ports.
–OC-3 PJStsMon# card field: 1, 2, or 3 can be selected on a total of 4 ports.
–OC-12 PJStsMon# card field: Between 1 and 12 can be selected on 1 port.
–OC-48 PJStsMon# card field: Between 1 and 48 can be selected on 1 port.
–OC-192 PJStsMon# card field: Between 1 and 192 can be selected on 1 port.
Step 6 Click Apply.
5.3.13 Changing the Power Monitoring Threshold for the ONS 15454 SONET and ONS 15454 SDH
Step 1 In the Domain Explorer tree, select an ONS 154545 SONET or ONS 15454 SDH NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Identification tab.
Step 3 In the Voltage Thresholds area, select the threshold for the following:
•ELWBATVG—Very low battery voltage.
•LWBATVG—Low battery voltage. Available on ONS 15454 SONET only.
•HIBATVG—High battery voltage. Available on ONS 15454 SONET only.
•EHIBATVG—Very high battery voltage.
•Current Voltage Environment—Read-only.
Note You can set thresholds in 0.5 VDC increments.
Step 4 Click Apply.
5.3.14 Creating an Ethernet Threshold
The Create Ethernet Threshold dialog box allows you to create new Ethernet thresholds for the G1000-2, G1000-4, ETH100, ETH1000, and ML-series cards for ONS 15327, ONS 15454 SONET, and ONS 15454 SDH NEs.
Step 1 In the Domain Explorer, select a CTC-based NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the NE Explorer tree, select an Ethernet card.
Step 3 Click the Thresholds tab.
Step 4 Click Create. The Create Ether Thresholds dialog box opens. The following table provides descriptions.
Step 5 After making your selections, click OK.
Step 6 Click Apply.
Table 5-16 Field Descriptions for the Create Ethernet Thresholds Dialog Box
Field
|
Description
|
Slot
|
Select a slot for the new Ethernet threshold.
|
Port
|
Select a port for the selected slot. If you select All, the threshold is created on all ports for that slot. This operation might take several minutes to complete.
|
Variable
|
Select a variable for the new Ethernet threshold. The list of variables differs based on the type of card that is installed in the slot selected in the Slot field.
|
Alarm Type
|
Select an alarm type for the new Ethernet threshold. Available alarm types are Rising, Falling, and Rising and Falling.
|
Sample Type
|
Select a sample type for the new Ethernet threshold. Available sample types are Relative and Absolute.
|
Sample Period
|
Enter a sample period for the new Ethernet threshold. The sample period is measured in seconds.
|
Rising Threshold
|
Enter a rising threshold for the new Ethernet threshold. The value must be equal to or greater than the Falling Threshold value.
|
Falling Threshold
|
Enter a falling threshold for the new Ethernet threshold. The value must be equal to or less than the Rising Threshold value.
|
5.4 Synchronizing the Network for Optical Devices
Use the NE Explorer to synchronize the CTC-based NEs in your network. The following sections describe the synchronization settings in detail.
5.4.1 Synchronization Settings for the ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, and ONS 15600 SONET
Full Cisco IOS configuration synchronization is performed automatically by CTM to keep the NE and the CTM Data Provisioning Service synchronized. Full configuration resynchronization might be delayed depending on the usage of the CTM server.
For more information, see Chapter 7, "Provisioning Services and Connections."
Synchronization status messaging (SSM) is a SONET protocol that communicates information about the quality of the timing source. SSM messages are carried on the S1 byte of the SONET Line layer. These messages enable SONET devices to automatically select the highest quality timing reference and to avoid timing loops.
SSM messages are either Generation 1 or Generation 2. Generation 1 is the first and most widely deployed SSM message set. Generation 2 is a newer version. If SSM is enabled, consult the timing reference documentation to determine which message set to use. The following tables show the Generation 1 and Generation 2 message sets.
Table 5-17 SSM Generation 1 Message Set
Message
|
Quality
|
Description
|
PRS
|
1
|
Primary reference source—Stratum 1
|
STU
|
2
|
Synchronization traceability unknown
|
ST2
|
3
|
Stratum 2
|
ST3
|
4
|
Stratum 3
|
SMC
|
5
|
SONET minimum clock
|
ST4
|
6
|
Stratum 4
|
DUS
|
7
|
Do not use for timing synchronization
|
RES
|
—
|
Reserved; quality level set by user
|
Table 5-18 SSM Generation 2 Message Set
Message
|
Quality
|
Description
|
PRS
|
1
|
Primary reference source—Stratum 1
|
STU
|
2
|
Sync traceability unknown
|
ST2
|
3
|
Stratum 2
|
TNC
|
4
|
Transit node clock
|
ST3E
|
5
|
Stratum 3E
|
ST3
|
6
|
Stratum 3
|
SMC
|
7
|
SONET minimum clock
|
ST4
|
8
|
Stratum 4
|
DUS
|
9
|
Do not use for timing synchronization
|
RES
|
—
|
Reserved; quality level set by user
|
Note Alarms relating to PM collection indicate that the load on the system is high. Reduce the load on the system before proceeding.
5.4.1.1 Setting Up External or Line Timing for CTC-Based SONET NEs
Step 1 Select an ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, or ONS 15600 SONET NE and choose Configuration > NE Explorer.
Step 2 In the node property pane, click the Timing tab. Fields shown depend on the NE that is selected.
Step 3 In the General Timing section of the General subtab, complete the following information:
•Timing Mode—Set to External if the NE derives its timing from a building integrated timing supply (BITS) source wired to the backplane pins; set to Line if timing is derived from an OC-N card that is optically connected to the timing node. A third option, Mixed, allows users to set external and line timing references.
Caution Because mixed timing can cause timing loops, Cisco does not recommend its use. Use this mode with care.
Note The Mixed option is not applicable to the ONS 15600 SONET.
•SSM Message Set—Choose the message set level supported by the network. If a Generation 1 node receives a Generation 2 message, the message will be mapped down to the next available Generation 1. For example, an ST3E message becomes an ST3.
•Revertive—If checked, the NE reverts to a primary reference source after the conditions that caused it to switch to a secondary timing reference are corrected.
•Reversion Time—If Revertive is checked, indicate the amount of time that the NE will wait before reverting back to its primary timing source.
•Quality of RES—If the timing source supports the reserved S1 byte, set the timing quality here. (Most timing sources do not use RES.) Qualities are displayed in descending quality order as ranges. For example, ST3 < RES < ST2 means the timing reference is higher than a Stratum 3 and lower than a Stratum 2.
Step 4 In the BITS Facilities section of the General subtab, complete the following information:
Note The BITS Facilities section sets the parameters for BITS1 and BITS2 timing references. Many of these settings are determined by the timing source manufacturer. If the equipment is timed through BITS Out, set the timing parameters to meet the requirements of the equipment.
•In State—If Timing Mode is set to External or Mixed, set the In State for BITS 1 and/or BITS 2 to IS (In Service) depending on whether one or both BITS input pin pairs on the backplane are connected to the external timing source. If Timing Mode is set to Line, set the In State to OOS (Out of Service).
•Out State—If equipment is connected to the node's BITS output pins on the backplane and you want to time the equipment from a node reference, set the Out State for BITS 1 and/or BITS 2 to IS, depending on which BITS output pins are used for external equipment. If equipment is not attached to the BITS output pins, set the Out State to OOS.
•Coding—Set to the coding used by the BITS reference, either B8ZS (binary 8-zero substitution) or AMI (alternate mark inversion).
•Framing—Set to the framing used by the BITS reference, either ESF (Extended Superframe) or SF(D4) (Super Frame). SSM is not available with Super Frame.
•Sync Messaging—Check to enable SSM.
•AIS Threshold (Not applicable to the ONS 15600 SONET)—Sets the quality level where a node sends an alarm indication signal (AIS) from the BITS 1 Out and BITS 2 Out backplane pins. When a node times at or below the AIS threshold quality, an AIS is sent. This is used when SSM is disabled or when the frame is SF.
•LBO (Not applicable to the ONS 15600 SONET)—If you are timing an external device connected to the BITS Out pins, set the distance between the device and the NE. Options are 0-133 ft. (Cisco default), 134-266 ft., 267-399 ft., 400-533 ft., and 534-655 ft.
Step 5 In the Reference List subtab, complete the following information:
Note Reference lists define up to three timing references for the node and up to six BITS Out references. BITS Out references define the timing references used by equipment that can be attached to the node BITS Out pins on the backplane. If you attach equipment to BITS Out pins, you normally attach it to a node with Line mode because equipment near the External timing reference can be directly wired to the reference.
•NE References—Define up to three timing references (Ref-1, Ref-2, Ref-3). The node uses Reference 1 unless a failure occurs to that reference, in which case the node uses Reference 2. If that fails, the node uses Reference 3, which is typically set to Internal Clock. This is the Stratum 3 clock provided on the TCC+/TCC2 card. The options displayed depend on the Timing Mode setting:
–Timing Mode set to External—Options are BITS1, BITS2, and Internal Clock.
–Timing Mode set to Line—Options are the node's working OC-N cards (non-DWDM nodes), OSC cards (DWDM nodes), and Internal Clock. Select the cards/ports that are directly or indirectly connected to the node wired to the BITS source; that is, the node's trunk (span) cards. Set Reference 1 to the trunk card that is closest to the BITS source. For example, if slot 5 is connected to the node wired to the BITS source, select slot 5 as Reference 1.
–Timing Mode set to Mixed—Both BITS and optical cards are available, which allows you to set a mixture of external BITS and OC-N trunk cards as timing references.
•BITS 1 Out/BITS 2 Out—Define the timing references for equipment wired to the BITS Out backplane pins. BITS 1 Out and BITS 2 Out are enabled when BITS 1 and BITS 2 facilities are put in service. If Timing Mode is set to external, choose the OC-N card used to set timing. If Timing Mode is set to Line, you can choose an OC-N card or choose NE reference to have BITS 1 out and/or BITS 2 Out follow the same timing reference as the NE.
Step 6 In the Status subtab, complete the following information:
•NE Clock
–NE Reference—Set the NE timing reference to internal, BITS 1, or BITS 2.
–Status—Read only. Displays the status of the NE clock.
–Operations—Execute a switch on the NE timing reference.
•BITS 1 OUT
–BITS 1 Out—Set the BITS 1 Out timing reference.
–Status—Read only. Displays the status of the BITS 1 out timing reference.
–Operations—Execute a switch on the BITS 1 out timing reference.
•BITS 2 OUT
–BITS 2 Out—Set the BITS 2 Out timing reference.
–Status—Read only. Displays the status of the BITS 2 out timing reference.
–Operations—Execute a switch on the BITS 2 out timing reference.
Step 7 In the Timing Report subtab, you can view the timing status report summary for the node.
Step 8 Click Apply.
Note Refer to the relevant ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454, or ONS 15600 troubleshooting guide for timing-related alarms.
5.4.1.2 Setting Up Internal Timing for CTC-Based SONET NEs
If no BITS source is available, set up internal timing by timing all nodes in the ring from the internal clock of one node.
Caution Internal timing is Stratum 3 and not intended for permanent use. All nodes should be timed to a Stratum 2 or better primary reference source.
Step 1 Select an ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, or ONS 15600 SONET NE and choose Configuration > NE Explorer.
Step 2 In the node property pane, click the Timing tab. Fields shown depend on the NE that is selected.
Step 3 In the General Timing section of the General subtab, enter the following information:
•Timing Mode—Set to External.
•SSM Message Set—Set to Generation 1.
•Revertive—Not relevant for internal timing; the default setting (checked) is sufficient.
•Reversion Time—The default setting is sufficient.
•Quality of RES—Set to RES=DUS.
Step 4 In the BITS Facilities section of the General subtab, enter the following information:
•In State—Set BITS 1 and BITS 2 to OOS.
•Out State—Set BITS 1 and BITS 2 to OOS.
•Coding—Not relevant for internal timing. The default (B8ZS) is sufficient.
•Framing—Not relevant for internal timing. The default (ESF) is sufficient.
•Sync Messaging—Checked.
•AIS Threshold—Not available.
•LBO—Not relevant.
Step 5 In the Reference List subtab, enter the following information:
•NE References
–Ref-1—Set to Internal Clock.
–Ref-2—Set to Internal Clock.
–Ref-3—Set to Internal Clock.
•BITS 1 Out/BITS 2 Out—Set to None.
Step 6 Click Apply.
Step 7 In the Domain Explorer tree, select the node that will be timed from the node that was set up in Steps 1 through 6 and choose Configuration > NE Explorer.
Step 8 In the Timing tab, enter the same information that was entered in Step 3, except for the following:
•In the General Timing section of the General subtab, set the Timing Mode field to Line.
•In the NE References section of the Reference List subtab:
–Ref-1—Set to the OC-N trunk (span) card (non-DWDM node) or OSC card (DWDM) with the closest connection to the node.
–Ref-2—Set to the OC-N trunk (span) card (non-DWDM node) or OSC card (DWDM) with the next closest connection to the node.
–Ref-3—Set to Internal Clock.
Step 9 Click Apply.
Step 10 Repeat Steps 3 through 9 at each node that will be timed by the node.
5.4.2 Synchronization Settings for the ONS 15454 SDH and ONS 15600 SDH
SSM communicates information about the quality of the timing source. SSM messages are carried on the S1 byte of the SDH section overhead. These messages enable SDH devices to automatically select the highest quality timing reference and to avoid timing loops.
SSM messages are either Generation 1 or Generation 2. Generation 1 is the first and most widely deployed SSM message set. Generation 2 is a newer version. If you enable SSM for the ONS 15454 SDH, consult your timing reference documentation to determine which message set to use. The following table shows the SDH message set.
Table 5-19 SDH SSM Message Set
Message
|
Quality
|
Description
|
G811
|
1
|
Primary reference clock
|
STU
|
2
|
Synchronization traceability unknown
|
G812T
|
3
|
Transit node clock traceable
|
G812L
|
4
|
Local node clock traceable
|
SETS
|
5
|
Synchronous equipment
|
DUS
|
6
|
Do not use for timing synchronization
|
Note Alarms relating to PM collection indicate that the load on the system is high. Reduce the load on the system before proceeding.
5.4.2.1 Setting Up External or Line Timing for CTC-Based SDH NEs
Step 1 Select an ONS 15454 SDH or ONS 15600 SDH NE and choose Configuration > NE Explorer.
Step 2 In the node property pane, select the Timing tab. Fields shown depend on the NE that is selected.
Step 3 In the General Timing section of the General subtab, complete the following information:
•Timing Mode
–For the ONS 15454 SDH:
Choose External if the ONS 15454 SDH NE derives its timing from an MIC-C/T/P FMEC; choose Line if timing is derived from an STM-N card (non-DWDM node) or OSC card (DWDM node) that is optically connected to the timing node. A third option, Mixed, allows you to set external and line timing references.
–For the ONS 15600 SDH:
Choose External if the ONS 15600 SDH NE derives its timing from a BITS source wired to the backplane; choose Line if timing is derived from an STM-N card that is optionally connected to the timing node. A third option, Mixed, allows you to set external and line timing references.
Caution Because mixed timing may cause timing loops, Cisco does not recommend its use. Use this mode with care.
•Revertive—If checked, the NE reverts to a primary reference source after the conditions that caused it to switch to a secondary timing reference are corrected.
•Reversion Time—If Revertive is checked, indicate the amount of time the NE will wait before reverting to its primary timing source.
•SSM Message Set (Applicable to the ONS 15600 SDH)—Enabled only if T1 signal type is selected. Choose the message set level supported by the network.
•Hold Off Time (Applicable to the ONS 15600 SDH)—If a value other than zero is provided, then this is the amount of time the ONS 15600 SDH will wait before including a previously failed timing source as available and valid.
Step 4 In the BITS Facilities section of the General subtab, complete the following information:
Note The BITS Facilities section sets the parameters for your BITS 1 and BITS 2 timing references. Many of these settings are determined by the timing source manufacturer. If equipment is timed through BITS Out, you can set timing parameters to meet the requirements of the equipment.
•E1, T1, 2.048 MHz, 64 KHz—Choose E1, T1, 2.048 MHz, or 64 KHz depending on the signal supported in your market. For example, 64 KHz is used in Japan. E1, 2.048 MHz, and 64 KHz are physical signal modes used to transmit the external clock (from a GPS, for example) to BITS.
•In State—If Timing Mode is set to External or Mixed, set the In State for BITS 1 and/or BITS 2 to IS (in service) depending whether one or both BITS input pin pairs on the backplane are connected to the external timing source. If Timing Mode is set to Line, set the In State to OOS (Out of Service)
•Out State—If equipment is connected to the node's BITS output pins on the backplane and you want to time the equipment from a node reference, set the Out State for BITS 1 and/or BITS 2 to IS (in service), depending on which BITS output pins are used for external equipment. If equipment is not attached to the BITS output pins, set the Out State to OOS (out of service).
•State (Applicable to the ONS 15600 SDH)—For nodes using external timing, set the State to IS (In Service).
•Coding—Choose the coding used by your BITS reference, either HDB3 or AMI. If you selected 2.048 MHz or 64 KHz, the coding option is disabled.
•Framing—Choose the framing used by your BITS reference, either unframed, FAS, FAS + CAS, FAS + CRC, or FAS + CAS + CRC. If you selected 2.048 MHz or 64 KHz, the framing option is disabled.
•Sync Messaging—Select the check box to enable SSM. SSM is used to deliver clock quality. The SSM supported in SDH is G811, STU, G812T, G812L, SETS, DUS (ordered from high quality to low quality). If you selected 2.048 MHz, 64 KHz, or E1 with FAS or if FAS + CAS framing is provisioned, the SSM option is disabled.
•AIS Threshold (Applicable to the ONS 15454 SDH)—Sets the quality level at which a node sends an alarm indication signal (AIS) from the BITS 1 Out and BITS 2 Out FMEC connectors. When a node times at or below the AIS threshold quality, an AIS is raised. (The AIS threshold is used when SSM is disabled or framing is set to unframed, FAS, or FAS + CAS.)
•LBO (Applicable to the ONS 15454 SDH)—Choose a BITS cable length. Line build out (LBO) relates to the BITS cable length.
•Cable Type (Applicable to the ONS 15600 SDH)—Choose 75 ohm or 120 ohm.
•Sa bit—Choose one of 5 Sa bits (4, 5, 6, 7, or 8). The Sa bit transmits the SSM message. If you selected 2.048 MHz or 64 KHz, the Sa bit option is disabled.
Step 5 In the Reference List subtab, complete the following information:
Note Reference lists define up to three timing references for the node and up to six BITS Out references. BITS Out references define the timing references used by equipment attached to the node's MIC-C/T/P FMEC Timing A Out and Timing B Out connectors. If you attach equipment to the Timing A Out or Timing B Out connector, you normally attach it to a node with line mode because equipment near the external timing reference can be directly wired to the reference.
•NE References—Allows you to define three timing references (Ref-1, Ref-2, Ref-3). The node uses Reference 1 unless a failure occurs to that reference, in which case the node uses Reference 2. If Reference 2 fails the node uses Reference 3, which is typically set to Internal Clock. The internal clock is the Stratum 3 clock provided on the TCC2. The options displayed depend on the Timing Mode setting:
–Timing Mode set to External—Options are BITS 1, BITS 2, and Internal Clock.
–Timing Mode set to Line—For the ONS 15454 SDH, options are the node's working OC-N cards (non-DWDM nodes), OSC cards (DWDM nodes), and Internal Clock. For the ONS 15600 SDH, options are the node's STM-N ports (except for the ports that have been specified as protection ports in 1+1 [LMSP] (Linear Multiplex Section protection) protection groups) and Internal Clock. Select the cards/ports that are directly or indirectly connected to the node wired to the BITS source; that is, select the node's trunk cards. Set Reference 1 to the trunk card that is closest to the BITS source. For example, if Slot 5 is connected to the node wired to the BITS source, select Slot 5 as Reference 1.
–Timing Mode set to Mixed—Both BITS and optical cards are available, allowing you to set a mixture of external BITS and optical trunk (span) cards as timing references.
•BITS 1 Out/BITS 2 Out References (Applicable to the ONS 15454 SDH)—Define the timing references for equipment connected to the Timing A Out or Timing B Out FMEC connector. Normally, Timing Out is used with line nodes, so the options displayed are the working optical cards. Timing A Out and Timing B Out are enabled as soon as BITS 1 and BITS 2 facilities are placed in service.
Step 6 In the Status subtab, complete the following information:
•NE Clock
–NE Reference—Set the NE timing reference to internal, BITS 1, or BITS 2.
–Status—Read only. Displays the status of the NE clock.
–Operations—Execute a switch on the NE timing reference.
•BITS 1 OUT
–BITS 1 Out—Set the BITS 1 out timing reference.
–Status—Read only. Displays the status of the BITS 1 out timing reference.
–Operations—Execute a switch on the BITS 1 out timing reference.
•BITS 2 OUT
–BITS 2 Out—Set the BITS 2 out timing reference.
–Status—Read only. Displays the status of the BITS 2 out timing reference.
–Operations—Execute a switch on the BITS 2 out timing reference.
Step 7 In the Timing Report subtab, you can view the timing status report summary for the node.
Step 8 Click Apply.
Note Refer to the Cisco ONS 15454 SDH Troubleshooting Guide or Cisco ONS 15600 SDH Troubleshooting Guide for timing-related alarms.
5.4.2.2 Setting Up Internal Timing for CTC-Based SDH NEs
If no BITS source is available, you can set up internal timing by timing all nodes in the ring from the internal clock of one node.
Caution Internal timing is Stratum 3 and not intended for permanent use. All nodes should be timed to a Stratum 2 or better primary reference source.
Step 1 Select an ONS 15454 SDH or ONS 15600 SDH NE and choose Configuration > NE Explorer.
Step 2 In the node property pane, select the Timing tab.
Step 3 In the General Timing section of the General subtab, enter the following information:
•Timing Mode—Choose External.
•Revertive—Not applicable for internal timing; the default setting (checked) is sufficient.
•Reversion Time—Not applicable; leave unchanged.
Step 4 In the BITS Facilities section of the General subtab, enter the following information:
•E1, T1, 2.048 MHz, 64 KHz—Choose E1, T1, 2.048 MHz, or 64 KHz depending on the signal supported in your market. For example, 64 KHz is used in Japan. E1, 2.048 MHz, and 64 KHz are physical signal modes used to transmit the external clock (from a GPS, for example) to BITS.
•In State—Set BITS 1 and BITS 2 to OOS.
•Out State—Set BITS 1 and BITS 2 to OOS.
•State (Applicable to the ONS 15600 SDH)—Set BITS 1 and BITS 2 to OOS.
•Coding—Not relevant for internal timing; the default is sufficient.
•Framing—Not relevant for internal timing; the default is sufficient.
•Sync Messaging—Checked automatically. SSM is used to deliver clock quality. The SSM supported in SDH is G811, STU, G812T, G812L, SETS, DUS (ordered from high quality to low quality). If you selected 2.048 MHz or 64 KHz, the SSM option is disabled.
•AIS Threshold—Not relevant for internal timing.
•LBO—Not relevant for internal timing.
•Sa bit—Not relevant for internal timing.
Step 5 In the Reference List subtab, enter the following information:
•NE References
–Ref-1—Set to Internal Clock.
–Ref-2—Set to Internal Clock.
–Ref-3—Set to Internal Clock.
•BITS 1 Out/BITS 2 Out (Applicable to the ONS 1545 SDH)—Set to None.
Step 6 Click Apply.
Step 7 In the Domain Explorer tree, select the node that will be timed from the node that was set up in Steps 1 through 7 and choose Configuration > NE Explorer.
Step 8 In the Timing tab, complete the following:
•In the General Timing section of the General subtab:
–Timing Mode—Set to Line.
–Revertive—Not applicable for internal timing; the default setting is sufficient.
–Reversion Time—Not applicable for internal timing; the default setting is sufficient.
•In the NE References section of the Reference List subtab:
–Ref-1—Set to the STM-N trunk card with the closest connection to the node.
–Ref-2—Set to the STM-N trunk card with the next closest connection to the node.
–Ref-3—Set to Internal Clock.
Step 9 Click Apply.
Step 10 Repeat Steps 7 through 9 for each node that will be timed by the node.
5.5 Synchronizing the Network for MGX Voice Gateway Devices
The CTM server and managed nodes must be synchronized with the same date and time. If the CTM server and managed nodes do not have the same date and time, there might be inconsistencies in retrieving time-sensitive data.
5.5.1 Viewing Clocking Sources
CTM supports manual clock configuration. This configures both a primary and secondary clock source, which are distributed throughout the network. The secondary clock source takes over if the primary clock source fails. You can configure a network setup with one master clock source, and a secondary to ensure network clock stability.
On Cisco MGX 8850 (PXM45) switches, clock source configuration is done on a PXM45 card, and clock sourcing information is passed to other nodes over AXSM lines.
Clock synchronization is done directly on the Cisco MGX 8880 using the CLI.
These topics are used to manage and configure clocking sources:
•Configuring Global Clocking
•Displaying the List of Available Clock Sources
•Displaying the List of Manual Clock Sources
•Creating a Manual Clock Source
5.5.1.1 Configuring Global Clocking
Step 1 In the Domain Explorer tree, select the node and choose Configuration > MGX Voice Gateway > Configuration Center.
Step 2 Drag and drop the node from the Hierarchy pane to the right-most pane.
Step 3 Click the Elements tab to display the Configuration Window for Elements.
Step 4 Click the Clocking tab to display the Global Clocking Configuration window.
Step 5 Choose Global Clocking Configuration from the Category drop-down list.
Step 6 The Distribution Method is manual. This specifies that the network clock source is statically configured in the device.
Step 7 Enter the maximum network diameter, measured in hops, in the Max Diameter field.
The range is from 3-20. The Cisco default value is 20.
Note Change Time—The time when the global clocking was configured.
Clock Source—The clock source from the list of available clocking source
Step 8 Click Apply to apply the global clocking configuration settings.
5.5.1.2 Displaying the List of Available Clock Sources
To display the available clock sources:
Step 1 In the Domain Explorer, right-click the PNNI node from the Hierarchy pane and choose Configuration Center.
Step 2 Click the Elements tab to display the Configuration Window for Elements.
Step 3 Click the Clocking tab to display Clocking Configuration window.
Step 4 Choose Available Clock Sources to display the list of available clock sources from the Category drop-down list.
5.5.1.3 Displaying the List of Manual Clock Sources
To display a list of manual clock sources:
Step 1 In the Domain Explorer, right-click the PNNI node from the Hierarchy pane and choose Configuration Center.
Step 2 Click the Elements tab to display the Configuration Window for Elements.
Step 3 Click the Clocking tab to display Clocking Configuration window.
Step 4 Choose Manual Clock Sources from the Category drop-down list.
5.5.1.4 Creating a Manual Clock Source
To create a manual clock source:
Step 1 In the Domain Explorer, right-click the PNNI node from the Hierarchy pane and choose Configuration Center.
Step 2 Click the Elements tab to display the Configuration Window for Elements.
Step 3 Click the Clocking tab to display Clocking Configuration window.
Step 4 Choose Manual Clock Sources from the Category drop-down list.
Step 5 Click Create to display the Manual Clock Source Configuration Window.
Step 6 Choose one of the following clock source options from the Priority drop-down list:
•primary— Configures an available network clock source to be the primary manual clock source.
•secondary—Configures an available network clock source to be the secondary manual clock source.
•default—Configures an available network clock source to be the default manual clock source.
Step 7 Enter the index value that is used to identify the primary, secondary, or default manual clock source in the Clock Source Index field.
Step 8 Click Apply to create a manual clock source.
5.6 Configuring and Administering the CRS-1 and XR 12000
This section explains the NE Explorer menu options used to configure the CRS-1 and XR 12000.
Tip See Appendix A, "CRS-1 and XR 12000 NE Explorer—Configuration and Administration Application Icons" for an explanation of the icons available in the CRS-1 NE Explorer and XR 12000 NE Explorer configuration and administration applications.
The CRS-1 NE Explorer and XR 12000 NE Explorer Configuration and Administration menus allow access to a number of applications, as follows:
Tip You can move your cursor over each port in rack view to display availability and alarm information.
5.6.1 Explicit Path Configuration Application
The Explicit Path Configuration application allows you to configure the explicit path. An IP explicit path is a list of IP addresses, each representing a node or link in the explicit path.
The following table describes the explicit path application fields.
Table 5-21 Field Descriptions for the Explicit Path Configuration Application Window
Field
|
Description
|
Basics Area
|
Category list
|
Allows you to choose whether an IP explicit path name or identifier will be entered in the Name/ID field. Options are:
•Name—The IP explicit path is identified by a name.
•Identifier—The IP explicit path is identified by an identifier number.
|
Name/Id field
|
Allows you to enter a name or identifier for the IP explicit path.
|
Enable check box
|
Allows you to enable or disable the IP explicit path.
|
Path Details Table
|
Index column
|
Displays the index number for the link in the IP explicit path. This value is automatically generated and the field is read-only.
|
IP Address column
|
Displays the IP address for the link in the IP explicit path.
Double-clicking the cell activates it and allows you to enter the IP address.
|
Exclude column
|
Allows you to exclude or include the link in the IP explicit path.
Double-clicking the cell changes the value from false to true or from true to false.
|
Up and Down arrows
|
Allows you to reorder the IP addresses in the explicit path. Choose a row in the table and use the arrows to move the row up or down. The index number is automatically modified based on location in the table relative to other records in the same list.
|
Add button
|
Allows you to add an IP address to the explicit path. Click the Add button; then, click the IP Address cell in the table and enter a valid IP address.
|
Remove button
|
Allows you to remove the chosen IP address from the explicit path. Choose a row in the table and click Remove to remove the IP address from the explicit path.
|
5.6.2 MPLS-TE Configuration Application
The MPLS-TE Configuration application contains the following tabs:
•Global Tab
•Labels Tab
•Links Tab
•Tunnel Head Tab
•Operations Tab
The MPLS-TE Configuration application allows you to configure MPLS-TE for a Cisco router.
MPLS is a standards-based solution driven by the Internet Engineering Task Force (IETF) that was devised to convert the Internet and IP backbones into business-class transport mediums. Traffic engineering is the process of adjusting bandwidth allocations to accommodate high-priority traffic. In MPLS-TE, the upstream router creates a network tunnel for a particular traffic destination, reserving the bandwidth required for that tunnel. This network tunnel lets IP match the abilities of ATM or Frame Relay, which both offer that capability under private virtual channels (PVCs).
MPLS traffic engineering automatically establishes and maintains label-switched paths (LSPs) across the backbone using Resource Reservation Protocol (RSVP) by either:
•Dynamic path option
•Explicit path option (manually)
Available resources are flooded throughout the network by means of extensions to a link-state-based Interior Gateway Protocol (IGP).
MPLS-TE enables an MPLS backbone to replicate and expand on the traffic engineering capabilities of Layer 2 ATM and Frame Relay networks. MPLS is an integration of Layer 2 and Layer 3 technologies. By making traditional Layer 2 features available to Layer 3, MPLS enables traffic engineering.
MPLS-TE uses IGP (Intermediate System-to-Intermediate System [ISIS] and Open Shortest Path First [OSPF]) to flood bandwidth information through a network. It also uses RSVP extensions to distribute labels and constraint-based routing to compute paths in the network. These extensions have been defined in RFC 3209.
MPLS-TE provides connectivity failure protection using fast reroute (FRR). FRR protects primary tunnels by using preprovisioned backup tunnels. During a failure condition, the primary tunnel switches over to the backup tunnel.
5.6.2.1 Global Tab
The Global tab allows you to perform the following tasks:
•Configure the use of explicit-null labels or implicit-null labels.
•Specify the maximum bandwidth hold time and flooding interval.
•Configure the tunnel reoptimization frequency.
The following table describes the Global tab fields.
Table 5-22 Field Descriptions for the Global Tab
Field
|
Description
|
Basics Area
|
Advertise explicit null check box
|
Allows you to specify that tunnels originating from the router use explicit-null labels.
|
Maximum Tunnels field
|
Allows you to specify the maximum number of tunnels.
|
Link Management Timers Area
|
Max bandwidth holdtime (secs) field
|
Allows you to set the length of time that bandwidth is held for an RSVP setup message while waiting for the corresponding RSVP Resv message to come back.
|
Flooding interval (secs) field
|
Allows you to set the length of the interval for periodic flooding.
|
Tunnel Reoptimization Area
|
Frequency (secs) field
|
Allows you to control the frequency with which tunnels with established LSP are checked for better paths. A value of 0 disables reoptimization.
|
Fast Reroute Promotion Timer (secs) field
|
Allows you to set the fast reroute backup promotion timer.
|
Topology Hold-down Timer (secs) field
|
Allows you to set the link hold-down timer when path admission fails on the link, and is used in the next path calculation.
|
Path Selection Metric Type list
|
Allows you to choose the metric to use for path calculation. Options are:
•IGP
•TE
|
5.6.2.2 Labels Tab
The Labels tab allows you to configure the range of local labels.
The following table describes the Labels tab fields.
Table 5-23 Field Descriptions for the Labels Tab
Field
|
Description
|
Basics Area
|
Table Id field
|
Allows you to specify the index of the label table to display.
|
Label Range Area
|
Min field
|
Allows you to configure the range minimum of local labels available for use on packet interfaces. The minimum is the smallest label allowed in the label space.
The range provided in the Min and Max fields is used by all MPLS applications that allocate local labels (for dynamic label switching, MPLS traffic engineering, and MPLS virtual private networks [VPNs]).
Labels 0 through 15 are reserved by the IETF and cannot be included in the range.
|
Max field
|
Allows you to configure the range maximum of local labels available for use on packet interfaces. The maximum is the largest label allowed in the label space.
The range provided in the Min and Max fields is used by all MPLS applications that allocate local labels (for dynamic label switching, MPLS traffic engineering, and MPLS VPNs).
Labels 0 through 15 are reserved by the IETF and cannot be included in the range.
|
5.6.2.3 Links Tab
The Links tab contains General and Backup Tunnels subtabs. The General subtab is displayed by default when the Links tab is clicked.
The Links tab allows you to perform the following tasks:
•Enable MPLS on the link.
•Set flooding thresholds for the interface.
•Specify backup tunnels.
•Configure the administrative weight.
•Configure the attribute flags.
5.6.2.3.1 General Subtab
The General subtab allows you to perform the following tasks:
•Specify the link name.
•Set flooding thresholds for the interface.
•Configure the administrative weight.
•Configure the attribute flags.
The following table describes the General subtab fields.
Table 5-24 Field Descriptions for the General Subtab
Field
|
Description
|
Basics Area
|
Name
|
Allows you to specify the name of the interface to be MPLS-TE enabled.
|
Name field
|
Allows you to enter the name of the interface to be MPLS-enabled.
|
Name ellipsis button
|
Allows you to choose the name of the interface to be MPLS-enabled using the Select Interfaces dialog box.
|
Administrative weight field
|
Allows you to specify the cost of the link. The Administrative weight field overrides the IGP administrative weight (cost) of the link.
|
Attribute flags field
|
Allows you to set the user-specified attribute flags for the interface.
This field assigns attributes to a link so that tunnels with matching attributes (represented by their affinity bits) prefer this link instead of others that do not match.
The interface is flooded globally, allowing it to be used as a tunnel head-end path selection criterion.
|
Flooding Thresholds Area
|
Up Thresholds (%) field
|
Allows you to set up the flooding thresholds for increased resource availability. You can enter up to 14 space-delimited values within the specified range.
The up and down flooding thresholds set the reserved bandwidth thresholds for a link.
When a threshold is crossed, MPLS traffic engineering link management advertises updated link information. If no thresholds are crossed, changes can be flooded periodically unless periodic flooding is disabled.
|
Down Thresholds (%) field
|
Allows you to set the flooding thresholds for decreased resource availability. You can enter up to 14 space-delimited values within the specified range.
The up and down flooding thresholds set the reserved bandwidth thresholds for a link.
When a threshold is crossed, MPLS traffic engineering link management advertises updated link information. If no thresholds are crossed, changes can be flooded periodically unless periodic flooding is disabled.
|
5.6.2.3.2 Backup Tunnels Subtab
The Backup Tunnels subtab allows you to specify the backup tunnels for the link.
The following table describes the Backup Tunnels subtab fields.
Table 5-25 Field Descriptions for the Backup Tunnels Subtab
Field
|
Description
|
Tunnel Number list
|
Allows you to enter which tunnels to use as backup tunnels.
Clicking Add adds a blank row in the list, which allows you to double-click the row and enter a valid tunnel number.
Clicking Remove removes the chosen tunnel from the list.
|
5.6.2.4 Tunnel Head Tab
The Tunnel Head tab contains three subtabs: General, Advanced, and Path Selection. The General subtab is displayed by default when the Tunnel Head tab is clicked.
The Tunnel Head tab allows you to perform the following tasks:
•Configure tunnel parameters including path, bandwidth, and source IP address.
•Specify and configure the shortest path first (SPF) calculation.
•Specify bandwidth.
•Enable record route and fast reroute.
•Specify the tunnel path selection metric used for path calculation.
5.6.2.4.1 General Subtab
The General subtab allows you to perform the following tasks:
•Specify the tunnel name, destination, and bandwidth.
•Specify the tunnel IP address.
•Configure the tunnel priorities.
•Configure the tunnel affinities.
The following table describes the General subtab fields.
Table 5-26 Field Descriptions for the General Subtab
Field
|
Description
|
Basics Area
|
Tunnel Name field
|
Allows you to enter a tunnel name.
|
Destination field
|
Allows you to enter the destination of the tunnel.
|
Bandwidth (kbps) field
|
Allows you to enter the bandwidth required for an MPLS traffic engineering tunnel.
|
Reserve Bandwidth from SubPool field
|
Allows you to choose bandwidth from a subpool rather than the global pool.
|
Shutdown check box
|
Allows you to choose to shut down a tunnel, protecting the interface. When this tunnel is shut down or removed, the traffic that it was carrying is rerouted onto another tunnel (if available).
|
IP Address Area
|
None radio button
|
Allows you to specify that the IP address is not configured. You can configure a tunnel without specifying the IP address.
|
Unnumbered
|
Allows you to configure the IP address for the tunnel without an explicit address.
|
Unnumbered radio button
|
Allows you to enable IP processing without an explicit address.
|
Unnumbered field
|
Allows you to enter a valid interface name. The Unnumbered radio button must be chosen to enable the Unnumbered field.
|
Unnumbered ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box. The Unnumbered radio button must be chosen to enable the Unnumbered ellipsis button.
|
IP/Mask
|
Allows you to configure the IP address for the tunnel using an IPv4 address and mask or prefix length.
|
IP/Mask radio button
|
Allows you to enable IP processing with an explicit address.
|
IP/Mask field
|
Allows you to enter a valid IPv4 address and mask or prefix length for the tunnel. The IP/Mask radio button must be chosen to enable the IP/Mask field.
|
Priority Area
|
Setup Priority field
|
Allows you to enter a setup priority. The priority is used when signaling an LSP for the tunnel to determine which existing tunnels can be preempted.
A lower priority number indicates a higher priority. Therefore, an LSP with a setup priority of 0 can preempt any LSP with a non-0 priority.
When an LSP is being signaled and an interface does not currently have enough bandwidth available for that LSP, the call admission software preempts lower-priority LSPs so that the new LSP can be admitted. (LSPs are preempted if the new LSPs are allowed to be admitted.)
The new LSP priority is its setup priority and the existing LSP priority is its hold priority. The two priorities make it possible to signal an LSP with a low setup priority (so that the LSP does not preempt other LSPs on setup) but a high hold priority (so that the LSP is not preempted after it is established). Setup priority and hold priority are typically configured to be equal, and setup priority cannot be better (numerically smaller) than the hold priority.
|
Hold Priority field
|
Allows you to enter a hold priority. This is the hold priority associated with an LSP for the tunnel to determine if it should be preempted by other LSPs that are being signaled.
A lower priority number indicates a higher priority. Therefore, an LSP with a setup priority of 0 can preempt any LSP with a non-0 priority.
When an LSP is being signaled and an interface does not currently have enough bandwidth available for that LSP, the call admission software preempts lower-priority LSPs so that the new LSP can be admitted. (LSPs are preempted if the new LSPs are allowed to be admitted.)
The new LSP priority is its setup priority and the existing LSP priority is its hold priority. The two priorities make it possible to signal an LSP with a low setup priority (so that the LSP does not preempt other LSPs on setup) but a high hold priority (so that the LSP is not preempted after it is established). Setup priority and hold priority are typically configured to be equal, and setup priority cannot be better (numerically smaller) than the hold priority.
|
Affinity Area
|
Affinity Bits field
|
Allows you to enter the affinity bits value required for links carrying the tunnel. The affinity determines the attributes of the links that this tunnel will use (that is, the attributes for which the tunnel has an affinity).
|
Affinity Mask field
|
Allows you to set the affinity mask value required for links carrying the tunnel. The affinity determines the attributes of the links that this tunnel will use (that is, the attributes for which the tunnel has an affinity).
The attribute mask determines which link attribute the router should check. If a bit in the mask is 0, the attribute value of a link or that bit is irrelevant. If a bit in the mask is 1, the attribute value of that link and the required affinity of the tunnel for that bit must match. A tunnel can use a link if the tunnel affinity equals the link attributes and the tunnel affinity mask. Any properties set to 1 in the affinity should also be 1 in the mask.
In other words, affinity and mask should be set such that:
tunnel affinity = (tunnel affinity and tunnel affinity mask)
|
5.6.2.4.2 Advanced Subtab
The Advanced subtab allows you to perform the following tasks:
•Configure the autoroute parameters.
•Configure the backup bandwidth parameters.
•Enable reserving backup bandwidth.
•Enable fast reroute.
•Set the load-sharing for each tunnel (indicate the proportion of total traffic you want to be allocated into each individual tunnel).
The following table describes the Advanced subtab fields.
Table 5-27 Field Descriptions for the Advanced Subtab
Field
|
Description
|
Autoroute Area
|
Auto Announce check box
|
Allows you to specify that the IGP (routing protocol) should use the tunnel (if the tunnel is up) in its enhanced SPF calculation.
Currently, the only way to forward traffic onto a tunnel is to enable this feature or explicitly configure forwarding (for example, with an interface static route).
|
IGP Metric Subarea
|
Default radio button
|
Allows you to choose the default IP traffic engineering tunnel metric that the IGP-enhanced SPF calculation will use. The Cisco default is metric relative 0.
|
Relative
|
Allows you to choose to use the relative metric that the IGP-enhanced SPF calculation will use.
|
Relative radio button
|
Allows you to choose the relative metric as the IGP metric.
|
Relative field
|
Allows you to enter a relative metric. A positive, negative, or zero metric value is required. The Relative radio button must be chosen to enable the Relative field.
|
Absolute
|
Allows you to choose to use the absolute metric that the IGP-enhanced SPF calculation will use.
|
Absolute radio button
|
Allows you to choose the absolute metric as the IGP metric.
|
Absolute field
|
Allows you to enter an absolute metric. A positive metric value is required. The Absolute radio button must be chosen to enable the Absolute field.
|
Backup Bandwidth Area
|
Reserve Backup Bandwidth check box
|
Allows you to enable or disable reserve backup bandwidth.
|
From Pool field
|
Allows you to choose the pool for the reserve backup bandwidth. Options are:
•Any Pool—The backup bandwidth in any pool provided by an MPLS traffic engineering backup tunnel.
•Global Pool—The backup bandwidth in a global pool provided by an MPLS traffic engineering backup tunnel.
•Sub Pool—The backup bandwidth in a subpool provided by an MPLS traffic engineering backup tunnel. Only LSPs using bandwidth from the subpool can use the backup tunnel.
|
Unlimited Bandwidth radio button
|
Allows you to set the reserve backup bandwidth for the tunnel to unlimited.
|
Limited Bandwidth
|
Allows you to limit the reserve backup bandwidth for the tunnel.
|
Limited Bandwidth radio button
|
Allows you to enable limiting the reserve backup bandwidth for the tunnel.
|
Limited Bandwidth field
|
Allows you to enter the reserve backup bandwidth.
|
Other Area
|
Record Route check box
|
Allows you to document the route used by a tunnel.
|
Fast Reroute check box
|
Allows you to enable fast-reroute protection for the tunnel.
|
5.6.2.4.3 Path Selections Subtab
The Path Selections subtab allows you to perform the following tasks:
•Choose the path selection metric.
•Choose the available IP path and set the path options.
The following table describes the Path Selections subtab fields.
Table 5-28 Field Descriptions for the Path Selections Subtab
Field
|
Description
|
Path Selection Metric Area
|
Path Selection Metric list
|
Allows you to choose the tunnel path selection metric to be used for path calculation. Options are:
•Use IGP Metric
•Use MPLS-TE Metric
|
Path Option Area
|
Available IP Path list
|
Allows you to choose a path option for the tunnel.
Choose a path option from the Available IP Path list; then, click the To arrow to add the path to the Path Options table.
|
Path Options table
|
Allows you to configure several path options for a single tunnel. For example, there can be several explicit path options and a dynamic option for one tunnel. The following fields are in the Path Options table:
•Preference—This is a sequential number automatically generated. This field is not user-configurable.
•Name/ID—This field contains the path name or path number of the IP explicit path that the tunnel uses with this path option. This field is not user-configurable.
•Type—This field indicates whether the LSP path is dynamically calculated (Dynamic) or is an IP explicit path (Explicit). This field is not user-configurable.
•Lockdown—By default the LSP is reoptimized. The field shows false. Double-clicking the field changes the value from false to true or from true to false.
|
Up and Down arrows
|
Allows you to reorder the path options. Choose a row in the table; then, use the arrows to move the row up or down. The preference number is automatically modified based on location in the table relative to other records in the same list.
|
5.6.2.5 Operations Tab
The Operations tab allows you to perform the following tasks:
•Reoptimize tunnels.
•Reset counters.
The following table describes the Operations tab fields.
Table 5-29 Field Descriptions for the Operations Tab
Field
|
Description
|
Reoptimize Tunnels Area
|
All tunnels radio button
|
Allows you to choose all tunnels for reoptimization.
|
This tunnel
|
Allows you to choose the tunnel for reoptimization.
|
This tunnel radio button
|
Allows you to enable the reoptimization of a specific tunnel.
|
This tunnel field
|
Allows you to enter a tunnel name. The This tunnel radio button must be chosen to enable the This tunnel field.
|
Reoptimize Tunnels button
|
Tunnel reoptimization looks for a more optimal path for the tunnel.
Allows you to look for an optimal path for all tunnels or a specified tunnel. When the button is clicked, the Confirm dialog box prompts you to confirm that you want to reoptimize the tunnels. If you click Yes, the tunnels are reoptimized; if you click No, the tunnels are not reoptimized.
|
Clear Counters Area
|
All Counters radio button
|
Allows you to clear all counters for tunnels.
|
Summary Counters radio button
|
Allows you to clear only summary counters for tunnels.
|
For this tunnel
|
Allows you to choose a tunnel. Only counters for this tunnel will be cleared.
|
For this tunnel radio button
|
Allows you to enable the reoptimization of a specific tunnel.
|
For this tunnel field
|
Allows you to enter a tunnel name. The For this tunnel radio button must be chosen to enable the For this tunnel field.
|
Clear Counters button
|
Counters include tunnel input and output counters. Clearing counters for tunnels clears (sets to zero) counters so that you can monitor the tunnel traffic easily.
Allows you to clear counters. When the button is clicked, the Confirm dialog box prompts you to confirm that you want to clear the counters. If you click Yes, the counters are cleared; if you click No, the counters are not cleared.
|
5.6.3 VRF Application
The VPN routing and forwarding (VRF) applications contains the following tabs:
•General Tab
•Address Family Tab
The VRF application allows you to configure VRFs for a Cisco router. A VRF contains the routing information that defines the customer's virtual private network (VPN) site that is attached to a Provider Edge (PE) router. A VPN is associated with one or more VRFs.
A VRF consists of the following elements:
•An IP routing table
•A derived Cisco express forwarding (CEF) table
•A set of interface that use the CEF table
•A set of rules and routing protocols that determine what goes into the forwarding table
The router maintains a separate routing and CEF table for each VRF. This prevents information from being sent outside to the VPN and allows the same subnet to be used in several VPNs without causing duplicate IP address problems. VRF configuration defines the VPN membership parameters such as the following:
•Route Descriptor (RD)—Used to create routing and forwarding tables for a VRF.
•Route Targets (RT)—Used to create a route-target extended community for a VRF.
5.6.3.1 General Tab
The General tab allows you to specify basic VRF information. The following table describes fields in the General tab.
Table 5-30 Field Description for the General Tab
Field
|
Description
|
VRF Name
|
Allows you to enter the VRF name. VRF name can have a maximum of 32 characters.
|
Description
|
Allows you to enter a description of the VRF. The description can have a maximum of 244 characters.
|
5.6.3.2 Address Family Tab
The Address Family tab allows you to specify address family information. The following table describes fields in the Address Family tab.
Table 5-31 Field Description for the Address Family Tab
Field
|
Description
|
VRF Name field
|
Allows you to specify the VRF name.
|
VRF Name ellipsis button
|
Allows you to select the name of the VRF from the Select VRF dialog box.
|
AF Mode list
|
Allows you to view the address family configuration associated with the VRF.
|
Import Route Policy
|
Allows you to specify the route policy that gets imported into the VRF. Use this to provide finer control and discard prefixes that do not match a configured policy.
|
Export Route Policy
|
Allows you to specify the route policy that gets exported from the VRF. Use this to provide finer control and discard prefixes that do not match a configured policy.
|
Import Route Targets
|
Type list
|
Allows you to specify the type of import route target.
|
AS
|
Allows you to enter the AS number. Value must be between 0 and 65535. Default value is 0.
|
AS Index
|
Allows you to enter the AS index number. Value must be between 0 and 4294967295. Default value is 0.
|
IP Address
|
Allows you to enter the IP address.
|
IP Address Index
|
Allows you to enter the IP address index number. Value must be between 0 and 4294967295. Default value is 0.
|
>>
|
Allows you to add a route target information to the Import Route Target List.
|
<<
|
Allows you to remove a route target information to the Import Route Target List.
|
Import Route Target List
|
Provides a list of import route targets.
|
Export Route Targets
|
Type
|
Allows you to specify the type of export route target.
|
AS
|
Allows you to enter the AS number. Value must be between 0 and 65535. Default value is 0.
|
AS Index
|
Allows you to enter the AS index number. Value must be between 0 and 4294967295. Default value is 0.
|
IP Address
|
Allows you to enter the IP address.
|
IP Address Index
|
Allows you to enter the IP address index number. Value must be between 0 and 4294967295. Default value is 0.
|
>>
|
Allows you to add a route target information to the Export Route Target List.
|
<<
|
Allows you to remove a route target information to the Export Route Target List.
|
Export Route Target List
|
Provides a list of export route targets.
|
5.6.3.3 Cross-launching Another VRF Application
From an existing CRS-1 or XR 12000 NE's VRF application, you can launch a neighbor NE's VRF application while maintaining and passing the existing application's context.
Step 1 From the VRF application window, click either the General or Address Family tab.
Step 2 Select a record from the list.
Step 3 Right-click and select either Configure Peer VRF from the General tab or Configure Peer VRF AF from the Address Family tab.
Step 4 Choose an IP address from the Select IP Address dialog box.
Another NE Explorer is launched, which displays the VRF application of the neighbor NE. A record is automatically added to the General or Address Family tab that has the same entries as the record where you launched the peer application.
5.6.4 Interface Common Attributes Configuration Application
The Interface Common Attributes Configuration application contains the following tabs:
•Physical Interfaces Tab
•Logical Interfaces Tab
The Interface Common Attributes Configuration application allows you to configure interface attributes that are common across all interfaces, including Ethernet and Packet-over-SONET (POS). Configuration of common attributes prevents the need to enter the same data numerous times across various interfaces.
When a common attribute is configured in the Ethernet or POS application, the changes can be displayed and edited in the Interface Common Attributes Configuration application.
Tip You can move your cursor over each port in rack view to display availability and alarm information.
5.6.4.1 Physical Interfaces Tab
The Physical Interfaces tab contains IPv4 Configuration and Dampening subtabs. The IPv4 Configuration subtab is displayed by default when the Physical Interfaces tab is clicked.
The Physical Interfaces tab allows you to perform the following tasks:
•Provide a description of the interface.
•Specify the maximum transmission unit (MTU) Layer 2 value.
•Choose to enable or disable the Cisco Discovery Protocol (CDP).
•Allows you to manually shut down the interface.
The following table describes fields in the Physical Interfaces table.
Table 5-32 Field Descriptions for the Physical Interfaces Table
Field
|
Description
|
Interface Name
|
Displays the name of the interface.
|
Description
|
Allows you to enter a description of the interface.
|
IP Address
|
Allows you to enter a valid IP address. The IP Address radio button must be chosen to enable the IP Address field.
|
Mask
|
Allows you to enter a valid mask for the IP address of the interface.
|
MTU Layer 2 (bytes)
|
Allows you to enter an MTU Layer 2 value in bytes for the interface. This value is the maximum packet size or MTU size.
|
CDP
|
Allows you to enable or disable CDP on the interface. When CDP is set to the Disable (Default) value on the NE, the Disable (Default) value will not appear in the running configuration.
|
VRF
|
Allows you to enter the VPN Routing and Forwarding (VRF) name.
|
Enable IPv4 Processing
|
Enables IPv4 processing, which allows you to either set primary and secondary IP Version 4 addresses for an interface or set an unnumbered interface to make this interface use the unnumbered interface IP address.
|
Unnumbered Option
|
Allows you to enable IP v4 processing.
|
Unnumbered
|
Displays the chosen interface name.
|
IP Address Option
|
Allows you to configure the IPv4 address.
|
MTU Layer 3 (bytes)
|
Allows you to enter a valid MTU Layer 3 size in bytes. The MTU Layer 3 field contains the maximum MTU available for IP traffic.
|
ICMP Mask Reply
|
Allows you to configure the software to respond to ICMP mask requests by sending ICMP mask reply messages to the interface.
|
Disable Unreachables
|
Allows you to disable ICMP unreachable messages.
|
Enable ICMP Unreachable Message
|
Allows you to enable ICMP unreachable messages. If the software receives a nonbroadcast packet destined for itself and that uses a protocol it does not recognize, the software sends an Internet Control Message Protocol (ICMP) unreachable message to the source. If the software receives a datagram that it cannot deliver to its ultimate destination because it does not know any route to the destination address, it replies to the originator of the datagram with an ICMP host unreachable message.
|
Dampening
|
Allows you to enable state dampening for the interface.
|
Half Life (min)
|
Allows you to enter a time after which a penalty is decreased (decay half-life).
|
Reuse
|
Allows you to set the reuse threshold. An interface state is unsuppressed if the penalty for an interface decreases enough to fall below the reuse threshold.
|
Suppress
|
Allows you to set a suppress threshold. An interface state is suppressed when its penalty (increased by state flaps) exceeds the suppress threshold.
|
Max Suppress (min)
|
Allows you to set the maximum time (in minutes) an interface state can be suppressed. A reasonable rule is to configure the maximum suppress to approximately four times the half-life value.
|
Oper Status
|
Displays the operational status of the interface.
|
Shutdown
|
Allows you to shut down the interface administratively.
|
The following table describes the Physical Interfaces tab fields.
Table 5-33 Field Descriptions for the Physical Interfaces Tab
Field
|
Description
|
Description field
|
Allows you to enter a description of the interface.
|
MTU Layer 2 (bytes) field
|
Allows you to enter an MTU Layer 2 value in bytes for the interface. This value is the maximum packet size or MTU size.
The following are the default MTUs according to media type:
•Ethernet—1514 bytes
•POS—4474 bytes
•Tunnel—1500 bytes
•Loopback—1514 bytes
Each interface has a default maximum packet size or MTU size. This number generally defaults to the largest size possible for that interface type.
|
CDP list
|
Allows you to enable or disable CDP on the interface.
CDP is disabled by default at the global level. CDP is supported on all interfaces except for Spatial Reuse Protocol (SRP) interfaces. To start sending and receiving CDP information on the interface, choose enable. Choose disable to stop sending and receiving CDP information on the interface.
CDP allows Cisco routers to discover each other in a protocol/media independent way. It allows a device to advertise its existence to other devices, and also to detect all other devices on the same LAN (or on the other side of a WAN). CDP is a hello-based protocol, and all devices running CDP will periodically advertise their attributes to their neighbors.
|
Shutdown check box
|
Allows you to shut down the interface administratively.
|
5.6.4.1.1 IPv4 Configuration Subtab
The IPv4 Configuration subtab allows you to perform the following tasks:
•Specify the IPv4 address and mask.
•Specify secondary addresses for the interface.
•Specify the IPv4 MTU for the interface.
•Configure the software response to Internet Control Message Protocol (ICMP) mask requests.
•Specify helper addresses for the interface.
The following table describes the IPv4 Configuration subtab fields.
Note If any networking device on a network segment uses a secondary address, all other devices on that same segment must also use a secondary address from the same network or subnet. Inconsistent use of secondary addresses on a network segment can quickly cause routing loops.
Table 5-34 Field Descriptions for the IPv4 Configuration Subtab
Field
|
Description
|
IPv4 Configuration Area
|
Enable IPv4 Processing check box
|
Enables IPv4 processing, which allows you to either set primary and secondary IP Version 4 addresses for an interface or set an unnumbered interface to make this interface use the unnumbered interface IP address.
An interface can have one primary IP address and multiple secondary IP addresses. Packets generated by the software always use the primary IP address. Therefore, all networking devices on a segment should share the same primary network number.
|
Unnumbered
|
Allows you to enable IPv4 processing without an explicit address.
|
Unnumbered radio button
|
Allows you to enable IP v4 processing.
|
Unnumbered field
|
Allows you to view the chosen interface name.
|
Unnumbered ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box. The Unnumbered radio button must be chosen to enable the Unnumbered field.
|
IP Address
|
Allows you to enter a valid IPv4 address for the interface.
|
IP Address radio button
|
Allows you to configure the IPv4 address.
|
IP Address field
|
Allows you to enter a valid IP address. The IP Address radio button must be chosen to enable the IP Address field.
|
Mask field
|
Allows you to enter a valid mask for the IP address of the interface.
|
Secondary Addresses table
|
Allows you to specify secondary IP addresses for the interface. Click the Add button to add a secondary address. Choose an address in the table and click Remove to delete a secondary address from the interface.
Double-click a cell in the IP Address column to activate it and enter the IP address for the secondary address. Double-click a cell in the Mask column to activate it and enter the mask for the secondary address.
There can be more than one secondary address specified. Secondary addresses are treated like primary addresses, except that the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and Address Resolution Protocol (ARP) requests are handled properly, as are interface routes in the IP routing table.
Secondary IP addresses can be used in a variety of situations. The following are the most common applications:
•There might not be enough host addresses for a particular network segment. For example, your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you need to have 300 host addresses. Using secondary IP addresses on the networking devices allows you to have two logical subnets using one physical subnet.
•Many older networks were built using Level 2 bridges. The judicious use of secondary addresses can aid in the transition to a subnetted, router-based network. Routers on an older, bridged segment can be easily made aware that there are many subnets on that segment.
•Two subnets of a single network might otherwise be separated by another network. This situation is not permitted when subnets are in use. In these instances, the first network is extended, or layered on top of the second network using secondary addresses.
|
General Area
|
MTU Layer 3 (bytes) field
|
Allows you to enter a valid MTU Layer 3 size in bytes. The MTU Layer 3 field contains the maximum MTU available for IP traffic.
|
ICMP Mask Reply check box
|
Allows you to configure the software to respond to ICMP mask requests by sending ICMP mask reply messages to the interface.
Hosts can determine subnet masks using the ICMP mask request message. Networking devices respond to this request with an ICMP mask reply message.
|
Helper Addresses table
|
Allows you to specify helper addresses for the interface. Helper addresses are the addresses to which the software forwards User Datagram Protocol (UDP) broadcasts/packets, including BOOTP, received on an interface.
Click the Add button to add a helper address. Choose an address in the table and click Remove to delete a helper address from the interface. There can be more than one helper address for an interface.
Double-click a cell in the Helper IP Address column to activate it and enter the IP address for the helper address.
One common application that requires helper addresses is Dynamic Host Configuration Protocol (DHCP), which is defined in RFC 1531. DHCP protocol information is carried inside of BOOTP packets. To enable BOOTP broadcast forwarding for a set of clients, configure a helper address on the networking device interface closest to the client. The helper address should specify the address of the DHCP server. If you have multiple servers, you can configure one helper address for each server. Because BOOTP packets are forwarded by default, DHCP information can now be forwarded by the networking device. The DHCP server now receives broadcasts from the DHCP clients.
|
5.6.4.1.2 Dampening Subtab
Currently, a router with an unstable data link (also known as a link flap) can remove itself from service and return to service several times in a matter of seconds, requiring all other routers to rebuild their routing tables with each event. Dampening enables a router experiencing link flap to remove itself from network routing tables until return to data-link stability is ensured. Once the link is stable, an up event is sent and the route is added back to the routing table.
With interface state dampening, the interface will immediately remove itself from the routing table on the down event (link flap). If there are multiple link flaps in a short period of time, the interface will ignore the next up event. The interface will remain down until the data link has stabilized based on the dampening configuration parameters. Dampening can ignore up events but cannot ignore down events unless the interface is already down.
Dampening delivers resiliency improvements that include the following:
•Faster convergence—Routers that are not experiencing link flap reach convergence sooner, because routing tables are not rebuilt each time the offending router leaves and enters service. Faster convergence provides a more stable network because a router remains out of service until it is ready to enter service, ensuring fewer transitions.
•Increased network stability—A router with data-link problems removes itself from service until the data link is consistently stable. Other routers simply redirect traffic around the affected router until data-link issues are resolved, thus ensuring that the router loses no data packets.
The Dampening subtab allows you to perform the following tasks:
•Enable dampening for the interface.
•Configure the half-life, suppress, reuse, and maximum suppress values.
The following table describes the Dampening subtab fields.
Table 5-35 Field Descriptions for the Dampening Subtab
Field
|
Description
|
Dampening Attributes Area
|
Dampening check box
|
Allows you to enable state dampening for the interface.
|
HalfLife (min) field
|
Allows you to enter a time after which a penalty is decreased (decay half-life).
Once the interface has been assigned a penalty, the penalty is decreased by half after the half-life period.
|
Suppress field
|
Allows you to set a suppress threshold. An interface state is suppressed when its penalty (increased by state flaps) exceeds the suppress threshold.
|
Reuse field
|
Allows you to set the reuse threshold. An interface state is unsuppressed if the penalty for an interface decreases enough to fall below the reuse threshold.
|
Max Suppress (min) field
|
Allows you to set the maximum time (in minutes) an interface state can be suppressed. A reasonable rule is to configure the maximum suppress to approximately four times the half-life value.
|
5.6.4.2 Logical Interfaces Tab
The Logical Interfaces tab contains IPv4 Configuration and Dampening subtabs. The IPv4 Configuration subtab is displayed by default when the Logical Interfaces tab is clicked.
The Logical Interfaces tab allows you to perform the following tasks:
•Provide a description of the interface.
•Indicate whether the interface is a loopback interface or not.
•Specify the number of loopback instances.
The following table describes fields in the Logical Interfaces table.
Table 5-36 Field Descriptions for the Logical Interfaces Table
Field
|
Description
|
Interface Name
|
Displays the name of the interface.
|
Description
|
Allows you to enter a description of the interface.
|
IP Address
|
Allows you to enter a valid IP address. The IP Address radio button must be chosen to enable the IP Address field.
|
Mask
|
Allows you to enter a valid mask for the IP address of the interface.
|
MTU Layer 2 (bytes)
|
Allows you to enter an MTU Layer 2 value in bytes for the interface. This value is the maximum packet size or MTU size.
|
VRF
|
Allows you to enter a VRF name.
|
Enable IPv4 Processing
|
Enables IPv4 processing, which allows you to either set primary and secondary IP Version 4 addresses for an interface or set an unnumbered interface to make this interface use the unnumbered interface IP address.
|
Unnumbered Option
|
Allows you to enable IP v4 processing.
|
Unnumbered
|
Displays the chosen interface name.
|
IP Address Option
|
Allows you to configure the IPv4 address.
|
MTU Layer 3 (bytes)
|
Allows you to enter a valid MTU Layer 3 size in bytes. The MTU Layer 3 field contains the maximum MTU available for IP traffic.
|
ICMP Mask Reply
|
Allows you to configure the software to respond to ICMP mask requests by sending ICMP mask reply messages to the interface.
|
Disable Unreachables
|
Allows you to disable ICMP unreachable messages.
|
Enable ICMP Unreachable Message
|
Allows you to enable ICMP unreachable messages. If the software receives a nonbroadcast packet destined for itself and that uses a protocol it does not recognize, the software sends an Internet Control Message Protocol (ICMP) unreachable message to the source. If the software receives a datagram that it cannot deliver to its ultimate destination because it does not know any route to the destination address, it replies to the originator of the datagram with an ICMP host unreachable message.
|
Dampening
|
Allows you to enable state dampening for the interface.
|
Half Life (min)
|
Allows you to enter a time after which a penalty is decreased (decay half-life).
|
Reuse
|
Allows you to set the reuse threshold. An interface state is unsuppressed if the penalty for an interface decreases enough to fall below the reuse threshold.
|
Suppress
|
Allows you to set a suppress threshold. An interface state is suppressed when its penalty (increased by state flaps) exceeds the suppress threshold.
|
Max Suppress (min)
|
Allows you to set the maximum time (in minutes) an interface state can be suppressed. A reasonable rule is to configure the maximum suppress to approximately four times the half-life value.
|
Oper Status
|
Displays the operational status of the interface.
|
Shutdown
|
Allows you to shut down the interface administratively.
|
The following table describes the Logical Interfaces tab fields.
Table 5-37 Field Descriptions for the Logical Interfaces Tab
Field
|
Description
|
Description field
|
Allows you to enter a description of the interface.
|
Loopback radio button
|
If selected, it allows you to add, delete, and modify loopback interfaces.
|
Null radio button
|
If selected, it allows you to modify null interfaces.
|
Instance field
|
Allows you to specify a loopback instance number. This is applicable to loopback interfaces.
|
Shutdown check box
|
Allows you to shut down the interface administratively.
|
5.6.4.2.1 IPv4 Configuration Subtab
The IPv4 Configuration subtab allows you to perform the following tasks:
•Specify the IPv4 address and mask.
•Specify secondary addresses for the interface.
•Specify the IPv4 MTU for the interface.
•Configure the software response to Internet Control Message Protocol (ICMP) mask requests.
•Specify helper addresses for the interface.
The following table describes the IPv4 Configuration subtab fields.
Note If any networking device on a network segment uses a secondary address, all other devices on that same segment must also use a secondary address from the same network or subnet. Inconsistent use of secondary addresses on a network segment can quickly cause routing loops.
Table 5-38 Field Descriptions for the IPv4 Configuration Subtab
Field
|
Description
|
IPv4 Configuration Area
|
Enable IPv4 Processing check box
|
Enables IPv4 processing, which allows you to either set primary and secondary IP Version 4 addresses for an interface or set an unnumbered interface to make this interface use the unnumbered interface IP address.
An interface can have one primary IP address and multiple secondary IP addresses. Packets generated by the software always use the primary IP address. Therefore, all networking devices on a segment should share the same primary network number.
|
Unnumbered
|
Allows you to enable IPv4 processing without an explicit address.
|
Unnumbered radio button
|
Allows you to enable IP v4 processing.
|
Unnumbered field
|
Allows you to view the chosen interface name.
|
Unnumbered ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box. The Unnumbered radio button must be chosen to enable the Unnumbered field.
|
IP Address
|
Allows you to enter a valid IPv4 address for the interface.
|
IP Address radio button
|
Allows you to configure the IPv4 address.
|
IP Address field
|
Allows you to enter a valid IP address. The IP Address radio button must be chosen to enable the IP Address field.
|
Mask field
|
Allows you to enter a valid mask for the IP address of the interface.
|
Secondary Addresses table
|
Allows you to specify secondary IP addresses for the interface. Click the Add button to add a secondary address. Choose an address in the table and click Remove to delete a secondary address from the interface.
Double-click a cell in the IP Address column to activate it and enter the IP address for the secondary address. Double-click a cell in the Mask column to activate it and enter the mask for the secondary address.
There can be more than one secondary address specified. Secondary addresses are treated like primary addresses, except that the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and Address Resolution Protocol (ARP) requests are handled properly, as are interface routes in the IP routing table.
Secondary IP addresses can be used in a variety of situations. The following are the most common applications:
•There might not be enough host addresses for a particular network segment. For example, your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you need to have 300 host addresses. Using secondary IP addresses on the networking devices allows you to have two logical subnets using one physical subnet.
•Many older networks were built using Level 2 bridges. The judicious use of secondary addresses can aid in the transition to a subnetted, router-based network. Routers on an older, bridged segment can be easily made aware that there are many subnets on that segment.
•Two subnets of a single network might otherwise be separated by another network. This situation is not permitted when subnets are in use. In these instances, the first network is extended, or layered on top of the second network using secondary addresses.
|
General Area
|
MTU Layer 3 (bytes) field
|
Allows you to enter a valid MTU Layer 3 size in bytes. The MTU Layer 3 field contains the maximum MTU available for IP traffic.
|
ICMP Mask Reply check box
|
Allows you to configure the software to respond to ICMP mask requests by sending ICMP mask reply messages to the interface.
Hosts can determine subnet masks using the ICMP mask request message. Networking devices respond to this request with an ICMP mask reply message.
|
Enable ICMP Unreachables
|
Allows you to enable ICMP unreachable messages. If the software receives a nonbroadcast packet destined for itself and that uses a protocol it does not recognize, the software sends an Internet Control Message Protocol (ICMP) unreachable message to the source. If the software receives a datagram that it cannot deliver to its ultimate destination because it does not know any route to the destination address, it replies to the originator of the datagram with an ICMP host unreachable message.
|
Helper Addresses table
|
Allows you to specify helper addresses for the interface. Helper addresses are the addresses to which the software forwards User Datagram Protocol (UDP) broadcasts/packets, including BOOTP, received on an interface.
Click the Add button to add a helper address. Choose an address in the table and click Remove to delete a helper address from the interface. There can be more than one helper address for an interface.
Double-click a cell in the Helper IP Address column to activate it and enter the IP address for the helper address.
One common application that requires helper addresses is Dynamic Host Configuration Protocol (DHCP), which is defined in RFC 1531. DHCP protocol information is carried inside of BOOTP packets. To enable BOOTP broadcast forwarding for a set of clients, configure a helper address on the networking device interface closest to the client. The helper address should specify the address of the DHCP server. If you have multiple servers, you can configure one helper address for each server. Because BOOTP packets are forwarded by default, DHCP information can now be forwarded by the networking device. The DHCP server now receives broadcasts from the DHCP clients.
|
5.6.4.2.2 Dampening Subtab
Currently, a router with an unstable data link (also known as a link flap) can remove itself from service and return to service several times in a matter of seconds, requiring all other routers to rebuild their routing tables with each event. Dampening enables a router experiencing link flap to remove itself from network routing tables until return to data-link stability is ensured. Once the link is stable, an up event is sent and the route is added back to the routing table.
With interface state dampening, the interface will immediately remove itself from the routing table on the down event (link flap). If there are multiple link flaps in a short period of time, the interface will ignore the next up event. The interface will remain down until the data link has stabilized based on the dampening configuration parameters. Dampening can ignore up events but cannot ignore down events unless the interface is already down.
Dampening delivers resiliency improvements that include the following:
•Faster convergence—Routers that are not experiencing link flap reach convergence sooner, because routing tables are not rebuilt each time the offending router leaves and enters service. Faster convergence provides a more stable network because a router remains out of service until it is ready to enter service, ensuring fewer transitions.
•Increased network stability—A router with data-link problems removes itself from service until the data link is consistently stable. Other routers simply redirect traffic around the affected router until data-link issues are resolved, thus ensuring that the router loses no data packets.
The Dampening subtab allows you to perform the following tasks:
•Enable dampening for the interface.
•Configure the half-life, suppress, reuse, and maximum suppress values.
The following table describes the Dampening subtab fields.
Table 5-39 Field Descriptions for the Dampening Subtab
Field
|
Description
|
Dampening Attributes Area
|
Dampening check box
|
Allows you to enable state dampening for the interface.
|
HalfLife (min) field
|
Allows you to enter a time after which a penalty is decreased (decay half-life).
Once the interface has been assigned a penalty, the penalty is decreased by half after the half-life period.
|
Suppress field
|
Allows you to set a suppress threshold. An interface state is suppressed when its penalty (increased by state flaps) exceeds the suppress threshold.
|
Reuse field
|
Allows you to set the reuse threshold. An interface state is unsuppressed if the penalty for an interface decreases enough to fall below the reuse threshold.
|
Max Suppress (min) field
|
Allows you to set the maximum time (in minutes) an interface state can be suppressed. A reasonable rule is to configure the maximum suppress to approximately four times the half-life value.
|
5.6.5 Interface Ethernet Configuration Application
The Interface Ethernet Configuration application contains the following tabs:
•General Tab
•Ethernet Tab
•Administration Tab
The Interface Ethernet Configuration application allows you to configure interface attributes that are specific to Ethernet interfaces. With the exception of the attributes in the Ethernet tab, when an attribute is configured in the Interface Ethernet Configuration application, the changes can be displayed and edited in the common application. See Interface Common Attributes Configuration Application for information on the common application.
5.6.5.1 General Tab
The General tab contains two subtabs: IPv4 Configuration and Dampening. The IPv4 Configuration subtab is displayed by default when the General tab is clicked.
The General tab allows you to perform the following tasks:
•Provide a description of the interface.
•Specify the maximum transmission unit (MTU) Layer 2 value.
•Choose to enable or disable the Cisco Discovery Protocol (CDP).
The following table describes the General tab fields.
Table 5-40 Field Descriptions for the General Tab
Field
|
Description
|
Description field
|
Allows you to enter a description of the interface.
|
MTU Layer 2 (bytes) field
|
Allows you to enter an MTU Layer 2 value in bytes for the Ethernet interface. This value is the maximum packet size or MTU size.
Each interface has a default maximum packet size or MTU size. This number generally defaults to the largest size possible for that interface type.
|
CDP list
|
Allows you to enable or disable CDP on the Ethernet interface. When CDP is set to the Disable(Default) value on the NE, the Disable(Default) value will not appear in the running configuration.
CDP is disabled by default at the global level. CDP is supported on all interfaces except for Spatial Reuse Protocol (SRP) interfaces. To start sending and receiving CDP information on the interface, choose enable. Choose disable to stop sending and receiving CDP information on the interface.
CDP allows Cisco routers to discover each other in a protocol- and media-independent way. It allows a device to advertise its existence to devices, and also to detect all other devices on the same LAN (or on the other side of a WAN). CDP is a hello-based protocol, and all devices running CDP will periodically advertise their attributes to their neighbors.
|
5.6.5.1.1 IPv4 Configuration Subtab
The IPv4 Configuration subtab allows you to perform the following tasks:
•Specify the IPv4 address and mask.
•Specify secondary addresses for the interface.
•Specify the IPv4 MTU for the interface.
•Configure the software response to Internet Control Message Protocol (ICMP) mask requests.
•Specify helper addresses for the interface.
The following table describes the IPv4 Configuration subtab fields.
Note If any networking device on a network segment uses a secondary address, all other devices on that same segment must also use a secondary address from the same network or subnet. Inconsistent use of secondary addresses on a network segment can quickly cause routing loops.
Table 5-41 Field Descriptions for the IPv4 Configuration Subtab
Field
|
Description
|
IPv4 Configuration Area
|
Enable IPv4 Processing check box
|
Enables IPv4 processing, which allows you to either set primary and secondary IP Version 4 addresses for an interface or set an unnumbered interface to make this interface use the unnumbered interface IP address.
An interface can have one primary IP address and multiple secondary IP addresses. Packets generated by the software always use the primary IP address. Therefore, all networking devices on a segment should share the same primary network number.
|
Unnumbered
|
Allows you to enable IPv4 processing without an explicit address.
|
Unnumbered radio button
|
Allows you to enable IP v4 processing.
|
Unnumbered field
|
Allows you to enter a valid interface name. The Unnumbered radio button must be chosen to enable the Unnumbered field.
|
Unnumbered ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box. The Unnumbered radio button must be chosen to enable the Unnumbered field.
|
IP Address
|
Allows you to enter a valid IPv4 address for the interface.
|
IP Address radio button
|
Allows you to configure the IPv4 address.
|
IP Address field
|
Allows you to enter a valid IP address. The IP Address radio button must be chosen to enable the IP Address field.
|
Mask field
|
Allows you to enter a valid mask for the IP address of the interface.
|
Secondary Addresses table
|
Allows you to specify secondary IP addresses for the interface. Click the Add button to add a secondary address. Choose an address in the table and click Remove to delete a secondary address from the interface.
Double-click a cell in the IP Address column to activate it and enter the IP address for the secondary address. Double-click a cell in the Mask column to activate it and enter the mask for the secondary address.
There can be more than one secondary address specified. Secondary addresses are treated like primary addresses, except that the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and Address Resolution Protocol (ARP) requests are handled properly, as are interface routes in the IP routing table.
Secondary IP addresses can be used in a variety of situations. The following are the most common applications:
•There might not be enough host addresses for a particular network segment. For example, your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you need to have 300 host addresses. Using secondary IP addresses on the networking devices allows you to have two logical subnets using one physical subnet.
•Many older networks were built using Level 2 bridges. The judicious use of secondary addresses can aid in the transition to a subnetted, router-based network. Routers on an older, bridged segment can be easily made aware that there are many subnets on that segment.
•Two subnets of a single network might otherwise be separated by another network. This situation is not permitted when subnets are in use. In these instances, the first network is extended, or layered on top of the second network using secondary addresses.
|
General Area
|
MTU Layer 3 (bytes) field
|
Allows you to enter a valid MTU Layer 3 size in bytes. The MTU Layer 3 field contains the maximum MTU available for IP traffic.
|
ICMP Mask Replay check box
|
Allows you to configure the software response to ICMP mask requests by sending ICMP mask reply messages to the interface.
Hosts can determine subnet masks using the ICMP mask request message. Networking devices respond to this request with an ICMP mask reply message.
|
Helper Addresses table
|
Allows you to specify helper addresses for the interface. Helper addresses are the addresses to which the software forwards UDP broadcasts and packets, including BOOTP, received on an interface.
Click the Add button to add a helper address. Choose an address in the table and click Remove to delete a helper address from the interface. There can be more than one helper address for an interface.
Double-click a cell in the Helper IP Address column to activate it and enter the IP address for the helper address.
One common application that requires helper addresses is Dynamic Host Configuration Protocol (DHCP), which is defined in RFC 1531. DHCP protocol information is carried inside of BOOTP packets. To enable BOOTP broadcast forwarding for a set of clients, configure a helper address on the networking device interface closest to the client. The helper address should specify the address of the DHCP server. If you have multiple servers, you can configure one helper address for each server. Because BOOTP packets are forwarded by default, DHCP information can now be forwarded by the networking device. The DHCP server now receives broadcasts from the DHCP clients.
|
5.6.5.1.2 Dampening Subtab
Currently, a router with an unstable data link (also known as link flap) can remove itself from service and return to service several times in a matter of seconds, requiring all other routers to rebuild their routing tables with each event. Dampening enables a router experiencing link flap to remove itself from network routing tables until return to data-link stability is ensured. Once the link is stable, an up event is sent and the route is added back to the routing table.
With interface state dampening, the interface will immediately remove itself from the routing table on the down event (link flap). If there are multiple link flaps in a short period of time, the interface will ignore the next up event. The interface will remain down until the data link has stabilized based on the dampening configuration parameters. Dampening can ignore up events but cannot ignore down events unless the interface is already down.
Dampening delivers resiliency improvements that include the following:
•Faster convergence—Routers that are not experiencing link flap reach convergence sooner, because routing tables are not rebuilt each time the offending router leaves and enters service. Faster convergence provides a more stable network because a router remains out of service until it is ready to enter service, ensuring fewer transitions.
•Increased network stability—A router with data-link problems removes itself from service until the data link is consistently stable, so other routers simply redirect traffic around the affected router until data-link issues are resolved, thus ensuring that the router loses no data packets.
The Dampening subtab allows you to perform the following tasks:
•Enable dampening for the interface.
•Configure the half-life, suppress, reuse, and maximum suppress values.
The following table describes the Dampening subtab fields.
Table 5-42 Field Descriptions for the Dampening Subtab
Field
|
Description
|
IPv4 Configuration Area
|
Dampening check box
|
Allows you to enable state dampening for the interface.
|
HalfLife (min) field
|
Allows you to enter a time after which a penalty is decreased (decay half-life).
Once the interface has been assigned a penalty, the penalty is decreased by half after the half-life period.
|
Suppress field
|
Allows you to set a suppress threshold. An interface state is suppressed when its penalty (increased by state flaps) exceeds the suppress threshold.
|
Reuse field
|
Allows you to set the reuse threshold. An interface state is unsuppressed if the penalty for an interface decreases enough to fall below the reuse threshold.
|
Max Suppress (min) field
|
Allows you to set the maximum time (in minutes) an interface state can be suppressed. A reasonable rule is to configure the maximum suppress to approximately four times the half-life value.
|
5.6.5.2 Ethernet Tab
The Ethernet tab allows you to perform the following tasks:
•Specify an Address Resolution Protocol (ARP) timeout length.
•Enable proxy ARP.
•Configure the Ethernet driver parameters.
The following table describes the Ethernet tab fields.
Table 5-43 Field Descriptions for the Ethernet Tab
Field
|
Description
|
ARP Configuration Area
|
ARP Timeout (sec) field
|
Allows you to enter an ARP timeout length.
The ARP timeout length specifies how long dynamic entries learned on an interface remain in the ARP cache.
|
Proxy ARP check box
|
Allows you to enable or disable proxy ARP. Check the check box to enable proxy ARP or uncheck the check box to disable proxy ARP.
When proxy ARP is disabled, the networking device responds to ARP requests received on an interface only if one of the following conditions is met:
•The target IP address in the ARP request is the same as the interface IP address on which the request is received.
•The target IP address in the ARP request has a statically configured ARP alias.
When proxy ARP is enabled, the networking device also responds to ARP requests that meet all of the following criteria:
•The target IP address is not on the same physical network (LAN) on which the request is received.
•The networking device has one or more routes to the target IP address.
•All of the routes to the target IP address go through interfaces other than the one on which the request is received.
|
Ethernet Driver Configuration Area
|
MAC Address field
|
Allows you to enter a valid MAC address for the Ethernet driver.
|
Speed list
|
Allows you to choose the Ethernet connection speed. Options are:
•10 Mbps = Ethernet
•100 Mbps = FastEthernet
•1000 Mbps = GigabitEthernet
|
Media Type list
|
Allows you to choose the media type. Options are:
•AUI—Attachment unit interface. Institute of Electrical and Electronics Engineers (IEEE) 802.3 interface between a media attachment unit (MAU) and a network interface card (NIC). Also called transceiver cable.
•RJ45—Registered jack 45.
•MII—Media independent interface. Standard specification for the interface between network controller chips and their associated media interface chips. The MII automatically senses 10- and 100-MHz Ethernet speeds.
|
Duplex Type Configuration Subarea
|
Enable Duplex check box
|
Allows you to enable or disable a duplex configuration.
|
Full Duplex radio button
|
Allows you to choose full duplex. The Enable Duplex check box must be enabled for this radio button to be available.
|
Half Duplex radio button
|
Allows you to choose half duplex. The Enable Duplex check box must be enabled for this radio button to be available.
|
5.6.5.3 Administration Tab
The Administration tab allows you to manually shut down the interface.
The following table describes the Administration tab field.
Table 5-44 Field Descriptions for the Administration Tab
Field
|
Description
|
Shutdown check box
|
Allows you to shut down the Ethernet interface administratively.
|
5.6.6 Interface POS Configuration Application
The Interface POS Configuration application contains the following tabs:
•General Tab
•POS Tab
•Administration Tab
The Interface POS Configuration application allows you to configure interface attributes that are specific to packet-over-SONET (POS) interfaces. With the exception of the attributes in the POS tab, when an attribute is configured in the Interface POS Configuration application, the changes can be displayed and edited in the common application. See Interface Common Attributes Configuration Application for information on the common application.
POS provides a method for efficiently carrying data packets in SONET or Synchronous Digital Hierarchy (SDH) frames. High-bandwidth capacity and efficient link utilization are characteristics that make POS largely preferred for building the core of data networks. POS uses PPP in High-Level Data Link Control (HDLC)-like framing for data encapsulation at Layer 2 (data link) of the Open System Interconnection (OSI) stack. This method provides efficient packet delineation and error control.
In addition to high-bandwidth efficiency, POS offers secure and reliable data transmission. Reliable data transfer depends on timing integrity.
The real-time POS functions are performed in hardware, according to the hardware configuration offline setup. Configured hardware events are detected by the framer application-specific integrated circuits (ASICs) and the control is passed to the software. The generic POS driver is responsible for providing a mechanism to configure the hardware on a per-interface basis, handle interface state transitions, and collect POS-related statistics.
5.6.6.1 General Tab
The General tab contains IPv4 Configuration and Dampening subtabs. The IPv4 Configuration subtab is displayed by default when the General tab is clicked.
The General tab allows you to perform the following tasks:
•Provide a description of the interface.
•Specify the maximum transmission unit (MTU) Layer 2 value.
•Choose to enable or disable the Cisco Discovery Protocol (CDP).
The following table describes the General tab fields.
Table 5-45 Field Descriptions for the General Tab
Field
|
Description
|
Description field
|
Allows you to enter a description of the interface.
|
MTU Layer 2 (bytes) field
|
Allows you to enter an MTU Layer 2 value in bytes for the POS interface. This value is the maximum packet size or MTU size.
Each interface has a default maximum packet size or MTU size. This number generally defaults to the largest size possible for that interface type.
|
CDP list
|
Allows you to enable or disable CDP on the POS interface. When CDP is set to the Disable(Default) value on the NE, the Disable(Default) value will not appear in the running configuration.
CDP is disabled by default at the global level. CDP is supported on all interfaces except for Spatial Reuse Protocol (SRP) interfaces. To start sending and receiving CDP information on the interface, choose enable. Choose disable to stop sending and receiving CDP information on the interface.
CDP allows Cisco routers to discover each other in a protocol- and media-independent way. It allows a device to advertise its existence to other devices, and also to detect all other devices on the same LAN (or on the other side of a WAN). CDP is a hello-based protocol, and all devices running CDP will periodically advertise their attributes to their neighbors.
|
5.6.6.1.1 IPv4 Configuration Subtab
The IPv4 Configuration subtab allows you to perform the following tasks:
•Specify the IPv4 address and mask.
•Specify secondary addresses for the interface.
•Specify the IPv4 MTU for the interface.
•Configure the software response to Internet Control Message Protocol (ICMP) mask requests.
•Specify helper addresses for the interface.
The following table describes the IPv4 Configuration subtab fields.
Note If any networking device on a network segment uses a secondary address, all other devices on that same segment must also use a secondary address from the same network or subnet. Inconsistent use of secondary addresses on a network segment can quickly cause routing loops.
Table 5-46 Field Descriptions for the IPv4 Configuration Subtab
Field
|
Description
|
IPv4 Configuration Area
|
Enable IPv4 Processing check box
|
Enables IPv4 processing, which allows you to either set primary and secondary IP Version 4 addresses for an interface or set an unnumbered interface to make this interface use the unnumbered interface IP address.
An interface can have one primary IP address and multiple secondary IP addresses. Packets generated by the software always use the primary IP address. Therefore, all networking devices on a segment should share the same primary network number.
|
Unnumbered
|
Allows you to enable IPv4 processing without an explicit address.
|
Unnumbered radio button
|
Allows you to enable IPv4 processing.
|
Unnumbered field
|
Allows you to enter a valid interface name. The Unnumbered radio button must be chosen to enable the Unnumbered field.
|
Unnumbered ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box. The Unnumbered radio button must be chosen to enable the Unnumbered field.
|
IP Address
|
Allows you to enter a valid IPv4 address for the interface.
|
IP Address radio button
|
Allows you to configure the IPv4 address.
|
IP Address field
|
Allows you to enter a valid IP address. The IP Address radio button must be chosen to enable the IP Address field.
|
Mask field
|
Allows you to enter a valid mask for the IP address of the interface.
|
Secondary Addresses table
|
Allows you to specify secondary IP addresses for the interface. Click the Add button to add a secondary address. Choose an address in the table and click Remove to delete a secondary address from the interface.
Double-click a cell in the IP Address column to activate it and enter the IP address for the secondary address. Double-click a cell in the Mask column to activate it and enter the mask for the secondary address.
There can be more than one secondary address specified. Secondary addresses are treated like primary addresses, except that the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and ARP requests are handled properly, as are interface routes in the IP routing table.
Secondary IP addresses can be used in a variety of situations. The following are the most common applications:
•There might not be enough host addresses for a particular network segment. For example, your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you need to have 300 host addresses. Using secondary IP addresses on the networking devices allows you to have two logical subnets using one physical subnet.
•Many older networks were built using Level 2 bridges. The judicious use of secondary addresses can aid in the transition to a subnetted, router-based network. Routers on an older, bridged segment can be easily made aware that there are many subnets on that segment.
•Two subnets of a single network might otherwise be separated by another network. This situation is not permitted when subnets are in use. In these instances, the first network is extended, or layered on top of the second network using secondary addresses.
|
General Area
|
MTU Layer 3 (bytes) field
|
Allows you to enter a valid MTU Layer 3 size in bytes. The MTU Layer 3 field contains the maximum MTU available for IP traffic.
|
ICMP Mask Reply check box
|
Allows you to configure the software response to ICMP mask requests by sending ICMP mask reply messages to the interface.
Hosts can determine subnet masks using the ICMP mask request message. Networking devices respond to this request with an ICMP mask reply message.
|
Helper Addresses table
|
Allows you to specify helper addresses for the interface. Helper addresses are the addresses to which the software forwards UDP broadcasts/packets, including BOOTP, received on an interface.
Click the Add button to add a helper address. Choose an address in the table and click Remove to delete a helper address from the interface. There can be more than one helper address for an interface.
Double-click a cell in the Helper IP Address column to activate it and enter the IP address for the helper address.
One common application that requires helper addresses is Dynamic Host Configuration Protocol (DHCP), which is defined in RFC 1531. DHCP protocol information is carried inside of BOOTP packets. To enable BOOTP broadcast forwarding for a set of clients, configure a helper address on the networking device interface closest to the client. The helper address should specify the address of the DHCP server. If you have multiple servers, you can configure one helper address for each server. Because BOOTP packets are forwarded by default, DHCP information can now be forwarded by the networking device. The DHCP server now receives broadcasts from the DHCP clients.
|
5.6.6.1.2 Dampening Subtab
Currently, a router with an unstable data link (also known as link flap) can remove itself from service and return to service several times in a matter of seconds, requiring all other routers to rebuild their routing tables with each event. Dampening enables a router experiencing link flap to remove itself from network routing tables until return to data-link stability is ensured. Once the link is stable, an up event is sent and the route is added back to the routing table.
With interface state dampening, the interface will immediately remove itself from the routing table on the down event (link flap). If there are multiple link flaps in a short period of time, the interface will ignore the next up event. The interface will remain down until the data link has stabilized based on the dampening configuration parameters. Dampening can ignore up events but cannot ignore down events unless the interface is already down.
Dampening delivers resiliency improvements that include the following:
•Faster convergence—Routers that are not experiencing link flap reach convergence sooner, because routing tables are not rebuilt each time the offending router leaves and enters service. Faster convergence provides a more stable network because a router remains out of service until it is ready to enter service, ensuring fewer transitions.
•Increased network stability—A router with data-link problems removes itself from service until the data link is consistently stable, so other routers simply redirect traffic around the affected router until data-link issues are resolved, thus ensuring that the router loses no data packets.
The Dampening subtab allows you to perform the following tasks:
•Enable dampening for the interface.
•Configure the half-life, suppress, reuse, and maximum suppress values.
The following table describes the Dampening subtab fields.
Table 5-47 Field Descriptions for the Dampening Subtab
Field
|
Description
|
Dampening check box
|
Allows you to enable state dampening for the interface.
|
HalfLife (min) field
|
Allows you to enter a time after which a penalty is decreased (decay half-life).
Once the interface has been assigned a penalty, the penalty is decreased by half after the half-life period.
|
Suppress field
|
Allows you to set a suppress threshold. An interface state is suppressed when its penalty (increased by state flaps) exceeds the suppress threshold.
|
Reuse field
|
Allows you to set the reuse threshold. An interface state is unsuppressed if the penalty for an interface decreases enough to fall below the reuse threshold.
|
Max Suppress (min) field
|
Allows you to set the maximum time (in minutes) an interface state can be suppressed. A reasonable rule is to configure the maximum suppress to approximately four times the half-life value.
|
5.6.6.2 POS Tab
The POS tab contains three subtabs: PPP Common, PAP, and CHAP. The PPP Common subtab is displayed by default when the POS tab is clicked.
The POS tab allows you to perform the following tasks:
•Configure encapsulation.
•Configure PPP parameters.
•Configure Password Authentication Protocol (PAP) parameters.
•Configure Challenge Handshake Authentication Protocol (CHAP) parameters.
The following table describes the POS tab fields.
Table 5-48 Field Descriptions for the POS Tab
Field
|
Description
|
Encapsulation list
|
Allows you to choose the encapsulation type for the interface. Options are:
•ppp—Point-to-Point Protocol. Standard protocol for sending data over synchronous serial links.
•hdlc(Default)—High-Level Data Link Controller. ISO communications protocol used in X.25 packet switching networks. When the encapsulation type is set to the hdlc(Default) value on the NE, the hdlc(Default) value will not appear in the running configuration.
|
5.6.6.2.1 PPP Common Subtab
The PPP Common subtab allows you to perform the following tasks:
•Configure the number of authentication retries, unacknowledged confirmation requests, consecutive negative acknowledgments, and unacknowledged terminate requests.
•Enable authentication types.
•Configure the timeout parameters.
The following table describes the PPP Common subtab fields.
Table 5-49 Field Descriptions for the PPP Common Subtab
Field
|
Description
|
Max Authentication Failures field
|
Allows you to enter a specified number of authentication retries. After the number of specified retries is reached, the interface is reset.
|
Max Conf Requests field
|
Allows you to enter the number of unacknowledged confirmation requests.
|
Max Consecutive Conf Naks field
|
Allows you to enter the number of consecutive negative acknowledgments.
|
Max Terminate Requests field
|
Allows you to enter the number of unacknowledged terminate requests.
|
Authentication Area
|
PAP check box
|
Allows you to choose PAP authentication.
|
CHAP check box
|
Allows you to choose CHAP authentication.
|
MS-CHAP check box
|
Allows you to choose MS-CHAP authentication.
|
Authentication List field
|
Allows you to specify an authentication to be used with the interface. Type default to use the default list. This list is enabled when at least one of PAP, CHAP, or MS-CHAP is selected.
|
Timeout Parameters Area
|
Authentication Timeout (sec) field
|
Allows you to specify the maximum time to wait for a response to an authentication packet.
|
NCP Timeout (sec) field
|
Allows you to set a time limit for the successful negotiation of at least one network layer protocol after a PPP connection is established. If no network protocol is negotiated in the given time, the connection is disconnected.
The Network Control Protocol (NCP) timeout protects against the establishment of links that are physically up and carrying traffic at the link level, but are unusable for carrying data traffic due to failure to negotiate the capability to transport any network-level data. Timeout is particularly useful for dialed connections, where it is usually undesirable to leave a telephone circuit active when it cannot carry network traffic.
|
Retry Timeout (sec) field
|
Allows you to set a time limit for the maximum amount of time PPP should wait for a response to any control packet it sends.
|
5.6.6.2.2 PAP Subtab
The PAP subtab allows you to perform the following tasks:
•Refuse PAP authentication from peers.
•Specify the PAP username and password.
The following table describes the PAP subtab fields.
Table 5-50 Field Descriptions for the PAP Subtab
Field
|
Description
|
Refuse PAP list
|
Allows you to refuse PAP authentication from peers requesting it.
Authentication is disabled for all calls, meaning that all attempts by the peer to force the user to authenticate using PAP will be refused. If outbound PAP has been enabled, PAP will be suggested as the authentication method in the refusal packet.
|
PAP Username field
|
Allows you to enter a username to reenable remote PAP support for an interface and include the sent-username and password in the PAP authentication request packet to the peer. This field allows you to replace username configurations on any dialer interface or asynchronous group interface.
|
PAP Password field
|
Allows you to enter a password to reenable remote PAP support for an interface and include the sent-username and password in the PAP authentication request packet to the peer. This field allows you to replace password configurations on any dialer interface or asynchronous group interface.
|
PAP Encryption check box
|
Allows you to enable PAP encryption.
|
5.6.6.2.3 CHAP Subtab
The CHAP subtab allows you to perform the following tasks:
•Refuse CHAP authentication from peers.
•Specify the CHAP username and password.
The following table describes the CHAP subtab fields.
Table 5-51 Field Descriptions for the CHAP Subtab
Field
|
Description
|
Refuse CHAP list
|
Allows you to refuse CHAP authentication from peers requesting it.
Authentication is disabled for all calls, meaning that all attempts by the peer to force the user to authenticate using CHAP will be refused. If outbound CHAP has been enabled, CHAP will be suggested as the authentication method in the refusal packet.
|
CHAP Host Name field
|
Allows you to enter a username to enable a router calling a collection of routers that do not support this command (such as routers running older Cisco IOS software images) to configure a common CHAP secret password to use in response to challenges from an unknown peer.
The CHAP hostname is used for remote CHAP authentication only (when routers authenticate to the peer) and does not affect local CHAP authentication.
|
CHAP Password field
|
Allows you to enter a password to enable a router calling a collection of routers that do not support this command (such as routers running older Cisco IOS software images) to configure a common CHAP secret password to use in response to challenges from an unknown peer.
The CHAP password is used for remote CHAP authentication only (when routers authenticate to the peer) and does not affect local CHAP authentication.
|
CHAP Encryption check box
|
Allows you to enable CHAP encryption.
|
5.6.6.3 Administration Tab
The Administration tab allows you to manually shut down the interface.
The following table describes the Administration tab field.
Table 5-52 Field Descriptions for the Administration Tab
Field
|
Description
|
Shutdown check box
|
Allows you to shut down the POS interface administratively.
|
5.6.7 SONET Port Configuration Application
The SONET Port Configuration application contains the following tabs:
•SONET Tab
•Administration Tab
The SONET Port Configuration application allows you to configure the SONET on a router port using Layer 1 SONET transport technology.
5.6.7.1 SONET Tab
The SONET tab contains SONET Configuration and Alarm Reporting subtabs. The SONET Configuration subtab is displayed by default when the SONET tab is clicked.
The SONET tab allows you to perform the following tasks:
•Configure SONET for the interface.
•Configure the alarm reporting parameters for the interface.
5.6.7.1.1 SONET Configuration Subtab
The SONET Configuration subtab allows you to perform the following tasks:
•Configure a clock source.
•Configure a loopback source.
•Specify the framing for the SONET controller.
•Configure the section, line, and path parameters.
The following table describes the SONET Configuration subtab fields.
Table 5-53 Field Descriptions for the SONET Configuration Subtab
Field
|
Description
|
General Area
|
Clock Source list
|
Allows you to choose which reference clock is used by the sender for the sent signal on SONET ports. Options are:
•Internal—Specifies that the controller will clock its sent data from its internal clock.
•Line(Default)—Specifies that the controller will clock its sent data from a clock recovered from the receive data stream of the line. When the Clock Source list is set to the Line(Default) value on the NE, the Line(Default) value will not appear in the running configuration.
|
Loopback list
|
Allows you to choose the SONET controller for loopback mode. Options are:
•Internal—In the terminal (internal) loopback, the sent signal is looped back to the receiver.
•Line—In the facility (line) loopback, the signal received from the far end is looped back and sent on the line.
The two loopback modes cannot be active at the same time.
|
Framing list
|
Allows you to choose the framing used on the SONET controller. Options are:
•SONET(Default)—Chooses SONET framing. When the Framing list is set to the SONET(Default) value on the NE, the SONET(Default) value will not appear in the running configuration.
•SDH—Chooses SDH framing.
|
Section Area
|
Identifier (J0/C1) Byte field
|
Allows you to enter the JO/C1 byte value in the SONET section overhead. For interoperability with SDH equipment in Japan, use the value 0x01.
The value that you use for the trace byte depends on the type of equipment being used.
|
Line Area
|
Bits s1 and s0 of H1 Byte field
|
Allows you to enter the s1 and s0 bits value of the H1 byte in the SONET line overhead.
•For SONET mode, use 0.
•For SDH mode, use 2.
The values for the s1 and s0 bits can be from 0 to 3. Values 1 and 3 are undefined.
|
AIS When Shutdown check box
|
Allows you to enable automatic insertion of a Line Alarm Indication Signal (LAIS) in the sent SONET signal whenever the SONET port enters the administratively down state.
When the line is placed in administrative shutdown state, a signal is sent to downstream equipment, indicating that there is a problem with the line. LAIS is ignored if automatic protection switching (APS) is running for the corresponding port, because the setting must be enabled for proper APS operation.
|
Delay Trigger (msec) field
|
Allows you to specify the line defects hold-off delay value. The delay trigger is the amount of time a defect must persist before a recovery action, such as protection switching, takes place. If the defect disappears within the delay trigger time, the protection activity is not triggered.
|
Path Area
|
Delay Trigger (msec) field
|
Allows you to specify the path defects hold-off delay value. The delay trigger is the amount of time a defect must persist before a recovery action, such as protection switching, takes place. If the defect disappears within the delay trigger time, the protection activity is not triggered.
|
SPE Content (C2) Byte field
|
Allows you to enter the transmit C2 byte value. This SONET path overhead value allows you to meet a specific standards requirement or to ensure interoperability with equipment from another vendor.
The SONET standards permit or require user access for configuration of some bytes or bits in the SONET path overhead.
|
AIS When Shutdown check box
|
Allows you to enable automatic insertion of a LAIS in the sent SONET signal whenever the SONET port enters the administratively down state.
When the line is placed in administrative shutdown state, a signal is sent to downstream equipment, indicating that there is a problem with the line. LAIS is ignored if APS is running for the corresponding port, because the setting must be enabled for proper APS operation.
|
Scrambling list
|
Allows you to enable SONET payload scrambling on a SONET path. When the Scrambling list is set to the Enabled(Default) value on the NE, the Enabled(Default) value will not appear in the running configuration.
SONET payload scrambling applies a self-synchronous scrambler (x43+1) to the Synchronous Payload Envelope (SPE) of the controller to ensure sufficient bit transition density. Both ends of the connection must be configured using SONET path scrambling.
|
Trace (J1) Buffer field
|
Allows you to enter the user-defined path trace message in the J1 bytes of the SONET path overhead. This trace buffer value allows you to meet specific standards requirements or to ensure interoperability.
|
Shutdown UNEQ check box
|
This check box allows you to enable the automatic insertion of Path Unequipped (UNEQ) code (0x00) in the sent SONET path overhead C2 byte when the SONET path enters an administratively down state.
|
5.6.7.1.2 Alarm Reporting Subtab
The Alarm Reporting subtab allows you to perform the following tasks:
•Set the section alarm threshold and reporting parameters.
•Set the line alarm threshold and reporting parameters.
•Set the path alarm threshold and reporting parameters.
The following table describes the Alarm Reporting subtab fields.
Table 5-54 Field Descriptions for the Alarm Reporting Subtab
Field
|
Description
|
Section Area
|
Threshold B1 BER field
|
Allows you to set the B1 bit error rate (BER) threshold values of the specified alarms for a SONET controller (10 to the power -n).
|
Report LOF check box
|
Allows you to enable Section Loss of Frame (SLOF) reporting.
|
Report B1 BER check box
|
Allows you to enable B1 BER TCA reporting.
|
Report LOS check box
|
Allows you to enable Section Loss of Signal (SLOS) reporting.
|
Line Area
|
Threshold B2 BER field
|
Allows you to set the B2 BER threshold values of the specified alarms for a SONET controller (10 to the power -n).
|
Threshold SF BER field
|
Allows you to set the signal failure (SF) BER threshold values of the specified alarms for a SONET controller (10 to the power -n).
|
Threshold SD BER field
|
Allows you to set the signal degrade (SD) BER threshold values of the specified alarms for a SONET controller (10 to the power -n).
|
Report B2 BER check box
|
Allows you to enable B2 BER TCA reporting. Check the check box to enable B2 BER TCA reporting and uncheck the check box to disable B2 BER TCA reporting.
|
Report SD BER check box
|
Allows you to enable SD BER reporting.
|
Report AIS check box
|
Allows you to enable LAIS reporting.
|
Report RDI check box
|
Allows you to enable Line Remote Defect Indication (LRDI) reporting.
|
Report SF BER check box
|
Allows you to enable SF BER reporting.
|
Path Area
|
Threshold B3 BER field
|
Allows you to set the B3 BER threshold values of the specified alarms for a SONET controller (10 to the power -n).
|
Report B3 BER check box
|
Allows you to enable B3 BER reporting.
|
Report RDI check box
|
Allows you to enable Path RDI reporting.
|
Report AIS check box
|
Allows you to enable Path AIS reporting.
|
Report LOP check box
|
Allows you to enable Path Loss of Pointer (LOP) reporting.
|
Report UNEQ check box
|
Allows you to enable Path UNEQ reporting.
|
5.6.7.2 Administration Tab
The Administration tab allows you to enable shutdown on the chosen interface.
The following table describes the Administration tab field.
Table 5-55 Field Descriptions for the Administration Tab
Field
|
Description
|
Shutdown check box
|
Allows you to shut down the interface administratively (shut down the SONET controller and disable SONET controller processing).
|
5.6.8 Access Control Lists Application
The Access Control Lists application contains the following subtabs:
•Basic Subtab
•Advanced Subtab
•TCP/UDP/SCTP Subtab
•ICMP/IGMP Subtab
The Access Control Lists application allows you to configure IP Version 4 (IPv4) access lists.
An access control list (ACL) consists of one or more access control entries (ACEs) that collectively define the network traffic profile. This profile can then be referenced by Craft Works Interface (CWI) features such as traffic filtering, priority or custom queueing, and dynamic access control. Each ACL includes an action element (permit or deny) and a filter element based on criteria such as source address, destination address, protocol, and protocol-specific parameters.
You can reorder the access lists by clicking the blue up and down arrows on the left side of the Application table. Each time an arrow is clicked, the chosen record moves up or down one row in the Application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
5.6.8.1 Basic Subtab
The Basic subtab allows you to perform the following tasks:
•Specify an access control list name and sequence number.
•Choose to permit or deny packet matching.
•Choose whether to log matches.
•Specify source and destination traffic matching criteria.
•Specify a remark for the ACL.
The following table describes the Basic subtab fields.
Table 5-56 Field Descriptions for the Basic Subtab
Field
|
Description
|
Basics Area
|
Name field
|
Allows you to enter the name of the ACL.
|
Sequence Number field
|
Allows you to enter the sequence number for the ACL.
The sequence number is the number of the statement in the access list. This number determines the order of the statements in the access list.
|
Grant list
|
Allows you to specify whether packets that match the ACL are permitted or denied. Options are:
•Permit—Packets that match the ACL are permitted.
•Deny—Packets that match the ACL are denied.
|
Logging list
|
Allows you to specify whether to log matches against the input and how the log match is done. A packet is matched for a new flow defined by a combination of the source address, destination address, source port, and destination port. Options are:
•Log—Causes an informational logging message about the packet that matches the entry to be sent to the console. The message includes the access list number, whether the packet was permitted or denied; the protocol, whether it was TCP, UDP, Internet Control Message Protocol (ICMP), or a number; and, if appropriate, the source and destination addresses and source and destination port numbers. The message is generated for the first packet that matches, and then at 5-minute intervals, including the number of packets permitted or denied in the prior 5-minute interval.
•LogInput—Provides the same function as the log, except that the logging message also includes the input interface.
|
Traffic Area
|
Source-any radio button
|
Allows you to use the default value for source IPv4 address matching.
|
Source-address radio button
|
Allows you to specify a source IPv4 address to match.
The source must be the number of the network or host from which the packet is being sent.
|
Source-wildcard field
|
Allows you to enter the wildcard bits to be applied to the source. The wildcard bits are the opposite of the IP address mask. If a bit is zero, it is considered for filtering.
This field is enabled when the Source-address radio button is activated.
|
Destination-any radio button
|
Allows you to use the default value for destination IPv4 address matching.
|
Destination-address radio button
|
Allows you to specify a destination IPv4 address to match.
The destination must be the number of the network or host to which the packet is being sent.
|
Destination-wildcard field
|
Allows you to enter the wildcard bits to be applied to the destination. The wildcard bits are the opposite of the IP address mask. If a bit is zero, it is considered for filtering.
This field is enabled when the address radio button is activated.
|
Remark Area
|
Add remark field
|
Allows you to enter comments or a description of the ACL.
|
5.6.8.2 Advanced Subtab
The Advanced subtab allows you to perform the following tasks:
•Specify an IP protocol the ACL must match.
•Choose to enable or disable Differentiated Services Code Point (DSCP) matching.
•Choose to enable or disable IP precedence matching.
•Specify whether to search for noninitial fragments.
You can reorder the access lists by clicking the blue up and down arrows on the left side of the Application table. Each time an arrow is clicked, the chosen record moves up or down one row in the Application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the Advanced subtab fields.
Table 5-57 Field Descriptions for the Advanced Subtab
Field
|
Description
|
Advanced Area
|
Protocol list
|
Allows you to choose the IP protocol that the ACL must match. Options are:
•0 (IP)(Default) is the default value. When the Protocol list is set to the 0 (IP)(Default) value on the NE, the 0 (IP)(Default) value will not appear in the running configuration.
•1 (ICMP)
•2 (IGMP)
•3 (GGP)
•4 (IPinIP)
•6 (TCP)
•8 (EGP)
•12 (PUP)
•17 (UDP)
•22 (IDP)
•29 (TP)
•46 (RSVP)
•47 (GRE)
•50 (ESP)
•51 (AHP)
•80 (AHP)
•88 (EIGRP)
•89 (OSPF)
•94 (NOSIP)
•98 (ENCAP)
•103 (PIM)
•108 (PCP)
•115 (L2TPV)
•120 (UTI)
•132 (SCTP)
•255 (RAW)
The integers from 0 to 255 represent an IP protocol number.
|
DSCP or Precedence Area
|
None radio button
|
Allows you to disable DSCP and precedence for the chosen ACL.
|
DSCP
|
Allows you to enable DSCP matching. DSCP provides quality of service (QoS) control.
|
DSCP radio button
|
Allows you to enable DSCP matching.
|
DSCP list
|
Allows you to choose a DSCP reserved keyword to match packets from the list. Options are:
•0—(Cisco default) Default DSCP (000000)
•8 (CS1)—CS1 (precedence 1) DSCP (001000)
•10 (AF11)—AF11 DSCP (001010)
•12 (AF12)—AF12 DSCP (001100)
•14 (AF13)—AF13 DSCP (001110)
•16 (CS2)—CS2 (precedence 2) DSCP (010000)
•18 (AF21)—AF21 DSCP (010010)
•20 (AF22)—AF22 DSCP (010100)
•22 (AF23)—AF23 DSCP (010110)
•24 (CS3)—CS3 (precedence 3) DSCP (011000)
•26 (AF31)—AF31 DSCP (011010)
•28 (AF32)—AF32 DSCP (011100)
•30 (AF33)—AF33 DSCP (011110)
•32 (CS4)—CS4 (precedence 4) DSCP (100000)
•34 (AF41)—AF41 DSCP (100010)
•36 (AF42)—AF42 DSCP (100100)
•38 (AF43)—AF43 DSCP (100110)
•40 (CS5)—CS5 (precedence 5) DSCP (101000)
•46 (EF)—EF DSCP (101110)
•48 (CS6)—CS6 (precedence 6) DSCP (110000)
•56 (CS7)—CS7 (precedence 7) DSCP (111000)
The DSCP radio button must be clicked to enable the DSCP list.
|
Precedence
|
Allows you to enable precedence. Packets can be filtered by precedence level, as specified by a number from 0 to 7, or by name.
|
Precedence radio button
|
Allows you to enable precedence.
|
Precedence list
|
Allows you to choose the precedence level. Options are:
•0 (Routine)
•1 (Priority)
•2 (Immediate)
•3 (Flash)
•4 (Flash Override)
•5 (Critical)
•6 (Internet)
•7 (Network)
The Precedence radio button must be chosen to enable the Precedence list.
|
Check Noninitial Fragments check box
|
Allows you to check for noninitial fragments of IPv4 packets when applying the chosen access list entry.
|
5.6.8.3 TCP/UDP/SCTP Subtab
The TCP/UDP/SCTP subtab allows you to perform the following tasks:
•Specify the source port comparison criteria.
•Specify the destination port comparison criteria.
•Choose a TCP flag.
You can reorder the access lists by clicking the blue up and down arrows on the left side of the Application table. Each time an arrow is clicked, the chosen record moves up or down one row in the Application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the TCP/UDP/SCTP subtab fields.
Table 5-58 Field Descriptions for the TCP/UDP/SCTP Subtab
Field
|
Description
|
Source Port Area
|
operator list
|
Allows you to choose the source comparison operator, which compares source or destination ports. Options are:
•Equal—You must enter a value for the start parameter.
•Greater Than—You must enter a value for the start parameter.
•Less Than—You must enter a value for the start parameter.
•Not Equal—You must enter a value for the start parameter.
•Range—You must enter values for the start and end parameters.
This list becomes available when 6 (TCP), 17 (UDP), or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab. (See Advanced Subtab.)
|
start field
|
Allows you to enter the first source port for comparison.
This list becomes available when 6 (TCP), 17 (UDP), or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and an operator is chosen in the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
start-TCP/SCTP list
|
Allows you to choose a TCP port. This list is available when the start field is empty.
TCP port names can be used only when filtering TCP.
This list becomes available when 6 (TCP) or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and an operator is chosen in the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
start-UDP list
|
Allows you to choose a UDP port.
UDP port names can be used only when filtering UDP.
This list becomes available when 17 (UDP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and an operator is chosen in the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
end field
|
Allows you to enter the second source port for comparison. Only enter a value in the end field if comparing a range of TCP, SCTP, or UDP ports.
This list becomes available when 6 (TCP), 17 (UDP), or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and Range is chosen for the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
end-TCP/SCTP list
|
Allows you to choose a TCP port. This list is available when the end field is empty.
TCP port names can be used only when filtering TCP.
This list becomes available when 6 (TCP) or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and Range is chosen for the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
end-UDP list
|
Allows you to choose a UDP port. This list is available when the end field is empty.
UDP port names can be used only when filtering UDP.
This list becomes available when 17 (UDP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and Range is chosen for the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
Destination Port Area
|
operator list
|
Allows you to choose the source comparison operator, which compares source or destination ports. Options are:
•Equal—You must enter a value for the start parameter.
•Greater Than—You must enter a value for the start parameter.
•Less Than—You must enter a value for the start parameter.
•Not Equal—You must enter a value for the start parameter.
•Range—You must enter values for the start and end parameters.
This list becomes available when 6 (TCP), 17 (UDP), or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab. (See Advanced Subtab.)
|
start field
|
Allows you to enter the first source port for comparison.
This list becomes available when 6 (TCP), 17 (UDP), or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and an operator is chosen in the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
start-TCP/SCTP list
|
Allows you to choose a TCP port. This list is available when the start field is empty.
TCP port names can be used only when filtering TCP.
This list becomes available when 6 (TCP) or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and an operator is chosen in the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
start-UDP list
|
Allows you to choose a UDP port.
UDP port names can be used only when filtering UDP.
This list becomes available when 17 (UDP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and an operator is chosen in the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
end field
|
Allows you to enter the second source port for comparison. Only enter a value in the end field if comparing a range of TCP, SCTP, or UDP ports.
This list becomes available when 6 (TCP), 17 (UDP), or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and Range is chosen for the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
end-TCP/SCTP list
|
Allows you to choose a TCP port. This list is available when the end field is empty.
TCP port names can be used only when filtering TCP.
This list becomes available when 6 (TCP) or 132 (SCTP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and Range is chosen for the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
end-UDP list
|
Allows you to choose a UDP port. This list is available when the end field is empty.
UDP port names can be used only when filtering UDP.
This list becomes available when 17 (UDP) is chosen in the Protocol list in the Advanced subtab (see Advanced Subtab) and Range is chosen for the operator list in the Source Port area of the TCP/UDP/SCTP tab.
|
TCP Only Area
|
TCP Flags
Established check box
|
Allows you to enable an established connection. A match occurs if the TCP datagram has the ACK.
When the Established check box is checked, the ACK and RST check boxes are activated by default.
Checking any of the following check boxes enables matching of the bits:
•ACK—Acknowledgment bit set
•RST—Reset bit set
•SYN—Synchronize bit set
•FIN—Fin bit set; no more data from sender
•PSH—Push function bit set
A match occurs if the TCP datagram has any of the checked bits sets.
|
5.6.8.4 ICMP/IGMP Subtab
The ICMP/IGMP subtab allows you to perform the following tasks:
•Specify the ICMP message type.
•Specify the IGMP message type.
You can reorder the access lists by clicking the blue up and down arrows on the left side of the Application table. Each time an arrow is clicked, the chosen record moves up or down one row in the Application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the ICMP/IGMP subtab fields.
Table 5-59 Field Descriptions for the ICMP/IGMP Subtab
Field
|
Description
|
ICMP Area
|
ICMP Message Type field
|
Allows you to enter an ICMP message type for filtering ICMP packets. ICMP packets can be filtered by ICMP message type.
This field is activated when ICMP is the chosen protocol in the Advanced subtab. (See Advanced Subtab.)
|
ICMP Message Code field
|
Allows you to enter an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code.
|
IGMP Area
|
IGMP Message Type field
|
Allows you to enter an ICMP message type for filtering ICMP packets. ICMP packets can be filtered by ICMP message type.
This field is activated when ICMP is the chosen protocol in the Advanced subtab. (See Advanced Subtab.)
|
5.6.9 Packet Filter Application
The Packet Filter application allows you to control which access control lists (ACLs) are applied to specific interfaces.
The Packet Filter application allows you to perform the following tasks:
•Add an ACL to inbound or outbound traffic on one or more interfaces.
•Remove currently configured ACLs from one or more interfaces.
The following table describes the Packet Filter application fields.
Table 5-60 Field Descriptions for the Packet Filter Application
Field
|
Description
|
Packet Filter Area
|
Inbound
|
Allows you to choose the inbound packet filter (ACL).
|
Inbound field
|
Allows you to view the ACL chosen using the Select ACL dialog box.
|
Inbound ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
Inbound-Count packets in hardware check box
|
Allows you to enable inbound hardware packet counting.
|
Outbound
|
Allows you to choose the outbound packet filter (ACL).
|
Outbound field
|
Allows you to view the ACL chosen using the Select ACL dialog box.
|
Outbound ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
Outbound-Count packets in hardware check box
|
Allows you to enable outbound hardware packet counting.
|
5.6.10 QoS Application
The QoS application contains the following tabs:
•Classmaps Tab
•Policymaps Tab
•Service Policies Tab
Quality of service (QoS) is a measure of performance for a transmission system that reflects its transmission quality and service availability. QoS efficiently applies network resources to ensure that the greatest breadth of applications can be properly supported while still enabling packet networks to achieve the high levels of utilization essential for enabling profitability.
The QoS application allows you to configure class maps and policy maps, and apply the policy maps to the inbound and outbound traffic on interfaces.
The policy map specifies the traffic policy name and configures a traffic policy. The class map is used for matching packets to a specific class.
5.6.10.1 Classmaps Tab
The Classmaps tab allows you to perform the following tasks:
•Specify a class map name.
•Configure the match settings for the chosen class map.
The following table describes the Classmaps tab fields.
Table 5-61 Field Descriptions for the Classmaps Tab
Field
|
Description
|
Basics area
|
Name field
|
Allows you to enter the name of the class map for which you want to create or modify class map match criteria. Packets arriving at the interface are checked against the match criteria configured for a class map to determine if the packet belongs to that class.
The class map is used for matching packets to the class whose name you specify.
The name entered in the Name field is used for the class map and for configuring the policy for the class in the policy map.
|
Match Settings Area
|
Match Any check box
|
Allows you to configure the match criteria for a class map to match any. When the Match Any check box is checked, the class map will match all packets (equivalent to the default class).
Match Any specifies that the remaining traffic (after the other match criteria set in the Match Settings area are met) is considered to belong to the class specified by the class map.
|
Match IPv4 Access Group(s)
|
Allows you to choose the match criteria for a class map based on the specified access control lists (ACLs). The Match IPv4 Access Group(s) parameter specifies the ACLs whose contents are used as the match criteria against which packets are checked to determine if they belong to the class specified by the class map.
|
Match IPv4 Access Group(s) field
|
Allows you to view the match criteria chosen using the Select ACL(s) dialog box.
|
Match IPv4 Access Group(s) ellipsis button
|
Allows you to choose the match criteria from the Select ACL(s) dialog box.
|
Match IPv4 DSCP(s)
|
Allows you to choose the IP DSCP values as match criteria for a class map.
This feature examines the higher order 6 bits in the type of service (ToS) byte of the IP header. Up to eight IP Differentiated Services Code Point (DSCP) values can be matched in one match statement. For example, if you want the IP DCSP values of 0, 1, 2, 3, 4, 5, 6, and 7 (note that only one of the IP DSCP values must be a successful match criterion, not all of the specified IP DSCP values), enter the match IP DSCP values.
The IP DSCP value is used as a matching criterion only. The value has no mathematical significance. For instance, the IP DSCP value 2 is not greater than 1. The value simply indicates that a packet marked with the DSCP of 2 should be treated differently from a packet marked with a DSCP value of 1. The treatment of these marked packets is defined by the user through the setting of QoS policies.
|
Match IPv4 DSCP(s) field
|
Allows you to view the match criteria chosen using the Select IP DSCP(s) dialog box.
|
Match IPv4 DSCP(s) ellipsis button
|
Allows you to choose the match criteria from the Select IP DSCP(s) dialog box.
|
Match IPv4 Precedence(s)
|
Allows you to choose the IP precedences as match criteria for a class map. This feature examines the higher order 3 bits in the ToS byte of the IP header. Up to four precedences can be matched in one match statement. For example, if you want the IP precedences of Routine, Flash, and Internet (note that only one of the IP precedences must be a successful match criterion, not all of the specified IP precedences), enter the match IP precedences.
|
Match IPv4 Precedence(s) field
|
Allows you to view the match criteria chosen using the Select IP Precedence(s) dialog box.
|
Match IPv4 Precedence(s) ellipsis button
|
Allows you to choose the match criteria from the Select IP Precedence(s) dialog box.
Choose a precedence from the Configured IP Precedence(s) list and click Add>> to move it to the Selected IP Precedence(s) list. You can choose multiple precedences. Options are:
•Routine
•Priority
•Immediate
•Flash
•Flash Override
•Critical
•Internet
•Network
|
Match Protocol
|
Allows you to choose the protocols as match criteria for a class map.
|
Match Protocol field
|
Allows you to view the match criteria chosen using the Select IP Protocol(s) dialog box.
|
Match Protocol ellipsis button
|
Allows you to choose the match criteria from the Select IP Protocol(s) dialog box.
|
Match QoS Group
|
Allows you to choose the QoS group values in a class map to match packets.
This feature is used to set the match criteria for examining QoS groups marked on the packet. Up to eight QoS group values can be matched in one match statement. For example, match QoS group 1 2 3 4 5 6 7 returns matches for QoS group variables 1, 2, 3, 4, 5, 6, and 7. Only one of the QoS group values must be a successful match criterion, not all of the specified QoS group values.
The QoS group value is used as a matching criterion only. The value has no mathematical significance. For instance, the QoS group value 2 is not greater than 1. The value simply indicates that a packet marked with the QoS group of 2 should be treated differently from a packet marked with a QoS group value of 1. The treatment of these different packets is defined using the policy map service policy configuration features.
|
Match QoS Group field
|
Allows you to view the match criteria chosen using the Select QoS Group(s) dialog box.
|
Match QoS Group ellipsis button
|
Allows you to choose the match criteria from the Select QoS Group(s) dialog box.
|
Match MPLS EXP topmost(s)
|
Allows you to configure a class map so that the three-bit experimental field in the top-most MPLS labels is examined for experimental (EXP) field values.
This feature is used by the class map to identify Multiprotocol Label Switching (MPLS) experimental value matching on a packet.
Up to four EXP values can be matched in one match statement. For example, if you want the EXP values of 0, 1, 2, and 3 (note that only one of the EXP values must be a successful match criterion, not all of the specified EXP values), enter the match MPLS experimental topmost 0 1 2 3 values.
The EXP value is used as a matching criterion only. The value has no mathematical significance. For instance, the EXP value 2 is not greater than 1. The value simply indicates that a packet marked with the EXP value of 2 is different from a packet marked with the EXP value of 1. The treatment of these different packets is defined by the user through the setting of policy map QoS configuration features.
|
Match MPLS EXP topmost(s) field
|
Allows you to view the match criteria chosen using the Select MPLS Experimental Topmost(s) dialog box.
|
Match MPLS EXP topmost(s) ellipsis button
|
Allows you to choose the match criteria from the Select MPLS Experimental Topmost(s) dialog box.
|
Match Discard Class(es)
|
Allows you to use specified discard class values in a class map to match packets.
This feature is used to set the match criteria for examining discard classes marked on the packet. Up to eight discard class values can be matched in one match statement. For example, match discard class 0 1 2 3 4 5 6 7 returns matches for discard class variables 0, 1, 2, 3, 4, 5, 6, and 7. Only one of the discard class values must be a successful match criterion, not all of the specified discard class values.
The discard class value is used as a matching criterion only. The value has no mathematical significance. For instance, the discard class value 2 is not greater than 1. The value simply indicates that a packet marked with the discard class of 2 should be treated differently from a packet marked with a discard class value of 1.
|
Match Discard Class(es) field
|
Allows you to view the match criteria chosen using the Select Discard Class(s) dialog box.
|
Match Discard Class(es) ellipsis button
|
Allows you to choose the match criteria from the Select Discard Class(s) dialog box.
|
5.6.10.2 Policymaps Tab
The Policymaps tab contains five subtabs: Congestion Mgmt, Congestion Avoidance, Police (traffic/conform), Policy (exceed/violate), and Mark. The Congestion Mgmt subtab is displayed by default when the Policymaps tab is clicked.
The Policymaps tab allows you to perform the following tasks:
•Specify a policy map name and sequence number.
•Specify an associated class maps name.
•Configure the congestion management parameters.
•Configure the congestion avoidance parameters.
•Configure the traffic conform, exceed, and violate parameters.
•Configure the mark parameters.
You can reorder the class maps by clicking the blue up and down arrows on the left side of the Application table. Each time an arrow is clicked, the chosen record moves up or down one row in the Application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the Policymaps tab fields.
Table 5-62 Field Descriptions for the Policymaps Tab
Field
|
Description
|
Basics Area
|
Name field
|
Allows you to enter the name of the policy map that can be attached to one or more interfaces to specify a service policy.
A single policy map can be attached to multiple interfaces concurrently. When you attempt to attach a policy map to an interface, the attempt is denied if the available bandwidth on the interface cannot accommodate the total bandwidth requested by class policies comprising the policy map. In this case, any policy map already attached to other interfaces is removed.
|
Sequence Number field
|
Allows you to enter the ordering index for the policy map.
|
Classmap Name field
|
Allows you to enter the name of the class map. The name must be unique among all the ordering indexes for the policy map.
The name is used to configure the policy for the class in the policy map.
|
5.6.10.2.1 Congestion Mgmt Subtab
The Congestion Mgmt subtab allows you to perform the following tasks:
•Specify the shape average parameters.
•Specify the bandwidth parameters.
•Specify the priority parameters.
The bandwidth and priority parameters are used to calculate the total bandwidth available on an interface.
Note Specifying the queue limit is especially important for higher-speed interfaces, in order to meet the minimum bandwidth guarantees required by the interface.
The following table describes the Congestion Mgmt subtab fields.
Table 5-63 Field Descriptions for the Congestion Mgmt Subtab
Field
|
Description
|
Shape Average check box
|
Enables shape averaging. Shape averaging allows you to shape traffic to the specified bit rate.
|
kbps
|
Allows you to enter the shape average in kilobits per second. The minimum rate is 128 kilobits per second and the rates are in multiples of 128 kilobits per second.
|
kbps radio button
|
Allows you to specify the shape average in kilobits per second.
|
kbps field
|
Allows you to enter the shape average in kilobits per second. The kilobits per second radio button must be chosen to enable the kilobits per second field.
|
percent
|
Allows you to specify average or peak-rate traffic shaping on the basis of a percentage of bandwidth available on an interface.
Specifying the shape average using percent calculates the committed information rate (CIR) based on a percentage of the available bandwidth on the interface. Once a policy map is attached to the interface, the equivalent CIR value in bits per second (bps) is calculated based on the interface bandwidth and the percent value entered. If the CIR percentage is changed after the policy map is attached to the interface, the bps value of the CIR is recalculated.
|
percent radio button
|
Allows you to specify the shape average as a percentage.
|
percent field
|
Allows you to enter the shape average as a percentage. The percent radio button must be chosen to enable the percent field.
|
Bandwidth check box
|
Allows you to enable the configuring of the bandwidth allocated for a class belonging to a policy map.
Bandwidth configuration is used to configure guaranteed bandwidth for a class. When bandwidth is configured, traffic belonging to the class is guaranteed that much bandwidth even during congestion.
|
kbps
|
Allows you to enter the amount of bandwidth, in kilobits per second, to be assigned to the class.
The amount of bandwidth varies according to the interface.
|
kbps radio button
|
Allows you to specify the bandwidth in kilobits per second.
|
kbps field
|
Allows you to enter the bandwidth in kilobits per second. The kilobits per second radio button must be chosen to enable the kilobits per second field.
|
percent
|
Allows you to enter the amount of guaranteed bandwidth, based on an absolute percent of available bandwidth.
During periods of congestion, the classes are serviced in proportion to their configured bandwidth percentages. Available bandwidth is equal to the interface bandwidth minus the sum of all bandwidths reserved by the low latency queueing (LLQ) feature.
|
percent radio button
|
Allows you to specify the bandwidth as a percentage.
|
percent field
|
Allows you to enter the bandwidth as a percentage. The percent radio button must be chosen to enable the percent field.
|
priority radio button
|
Allows you to give priority to a class of traffic belonging to a policy map.
Priority configures LLQ, providing strict priority queueing (PQ). Strict PQ allows delay-sensitive data such as voice to be dequeued and sent before packets in other queues are dequeued.
The Bandwidth and Priority cannot be used in the same class, within the same policy map, but they can be used together in the same policy map. Within a policy map, you can give one or more classes priority status. When multiple classes within a single policy map are configured as priority classes, all traffic from these classes is queued to the same, single priority queue.
When the policy map containing class policy configurations is attached to the interface to stipulate the service policy for that interface, available bandwidth is assessed. If a policy map cannot be attached to a particular interface because of insufficient interface bandwidth, the policy is removed from all interfaces to which it was attached.
|
Queue limit (bytes) field
|
Allows you to enter the maximum number of bytes the queue can hold for a class policy configured in a policy map.
Packets satisfying the match criteria for a class accumulate in the queue reserved for the class until they are sent, which occurs when the queue is serviced by the fair queueing process. When the maximum byte threshold you defined for the class is reached, enqueueing of any further packets to the class queue causes tail drop.
|
Service Policy field
|
Allows you to enter the name of the service policy map. When a service policy map is entered, the policy map is attached to an input interface or output interface.
|
5.6.10.2.2 Congestion Avoidance Subtab
The Congestion Avoidance subtab allows you to specify the random detection parameters.
The following table describes the Congestion Avoidance subtab fields.
Table 5-64 Field Descriptions for the Congestion Avoidance Subtab
Field
|
Description
|
Discard Class
|
Allows you to choose the discard class and set the thresholds for the discard class.
|
Discard Class field
|
Allows you to view the discard class chosen using the Select Discard Classes and Bandwdith(s) dialog box.
|
Discard Class ellipsis button
|
Allows you to choose the discard class and thresholds from the Select Discard Classes and Bandwidth(s) dialog box.
Enter the minimum threshold for the discard class in the Minimum threshold (bytes) field and the maximum threshold for the discard class in the Maximum threshold (bytes) field. Then choose a discard class value.
|
IP DSCP
|
Allows you to choose the IP DSCP and set the thresholds for the DSCP.
|
IP DSCP field
|
Allows you to view the IP DSCP chosen using the Select DSCPs and Bandwidth(s) dialog box.
|
IP DSCP ellipsis button
|
Allows you to choose the IP DSCP and thresholds from the Select DSCPs and Bandwidth(s) dialog box.
Enter the minimum threshold for the DSCP in the Minimum threshold (bytes) field and the maximum threshold for the DSCP in the Maximum threshold (bytes) field. Then choose a DSCP reserved keyword.
|
IP Precedence
|
Allows you to choose the IP precedence and set the thresholds for the IP precedence.
|
IP Precedence field
|
Allows you to view the IP precedence chosen using the Select IP Precedences and Bandwidth(s) dialog box.
|
IP Precedence ellipsis button
|
Allows you to choose the IP precedence and thresholds from the Select IP Precedences and Bandwidth(s) dialog box.
Enter the minimum threshold for the IP precedence in the Minimum threshold (bytes) field and the maximum threshold for the IP precedence in the Maximum threshold (bytes) field. Then choose an IP precedence value.
|
MPLS EXP topmost
|
Allows you to choose the MPLS EXP topmost value and set the thresholds for the MPLS experimental topmost value.
|
MPLS EXP topmost field
|
Allows you to view the MPLS EXP topmost value chosen using the Select MPLS EXP topmost and Bandwidth(s) dialog box.
|
MPLS EXP topmost ellipsis button
|
Allows you to choose the MPLS EXP topmost value and thresholds from the Select MPLS EXP topmost and Bandwidth(s) dialog box.
Enter the minimum threshold for the MPLS EXP topmost in the Minimum threshold (bytes) field and the maximum threshold for the MPLS EXP topmost in the Maximum threshold (bytes) field. Then choose an MPLS EXP topmost value.
|
5.6.10.2.3 Police (traffic/conform) Subtab
The Police (traffic/conform) subtab allows you to mark packets with different QoS values based on conformance to the service-level agreement. Traffic policing is not executed for traffic that passes through an interface.
The Police (traffic/conform) subtab allows you to perform the following tasks:
•Specify traffic parameters such as rate of traffic and burst size.
•Set the conform action criteria.
The following table describes the Police (traffic/conform) subtab fields.
Table 5-65 Field Descriptions for the Police (traffic/conform) Subtab
Field
|
Description
|
Traffic Area
|
No CIR radio button
|
Allows you to choose to not configure a CIR.
|
CIR (kb/sec) radio button
|
Allows you to choose to specify a CIR in kilobytes per second.
|
CIR (kb/sec) field
|
Allows you to enter a CIR.
|
CIR (%) radio button
|
Allows you to choose to specify a CIR as a percentage.
|
CIR (%)
|
Allows you to enter a CIR percentage.
|
Burst Size (kb/sec) field
|
Allows you to enter the sustained number of bits that can be sent per interval.
|
Excess Burst Size (kb/sec) field
|
Allows you to enter the maximum number of bits that can exceed the burst size in the first interval in a congestion event.
|
Conform Area
|
Transmit radio button
|
Allows you to set the conform action to transmit. Conform is the action to take on packets that conform to the rate limit. The packets are sent with no alteration.
|
Set MPLS EXP topmost
|
Allows you to set the conform action to MPLS EXP topmost and choose the MPLS EXP topmost value.
|
Set MPLS EXP topmost radio button
|
Allows you to set the conform action to MPLS experimental topmost.
|
Set MPLS EXP topmost list
|
Allows you to choose the MPLS experimental topmost value.
The Set MPLS EXP topmost list sets the MPLS experimental bits from 0 to 7 and sends the packet with the new MPLS experimental bit value setting.
The Set MPLS EXP topmost radio button must be chosen to enable the Set MPLS EXP topmost list.
|
Set Discard Class
|
Allows you to set the conform action to Discard Class and choose a valid discard class value.
|
Set Discard Class radio button
|
Allows you to set the conform action to Discard Class.
|
Set Discard Class list
|
Allows you to choose the Discard Class value.
The Set Discard Class list sets the discard class attribute of a packet and sends the packet with the new discard class setting.
The Set Discard Class radio button must be chosen to enable the Set Discard Class list.
|
Set IP Precedence
|
Allows you to set the conform action to IP Precedence and choose a valid IP precedence value.
|
Set IP Precedence radio button
|
Allows you to set the conform action to IP Precedence.
|
Set IP Precedence list
|
Allows you to choose the IP precedence value. Options are:
•Routine
•Priority
•Immediate
•Flash
•Flash Override
•Critical
•Internet
•Network
The Set IP Precedence list sets the IP precedence and sends the packet with the new IP precedence value setting.
The Set IP Precedence radio button must be chosen to enable the Set IP Precedence list.
|
Set IP DSCP
|
Allows you to set the conform action to IP DSCP and choose a valid IP DSCP value.
|
Set IP DSCP radio button
|
Allows you to set the conform action to IP DSCP.
|
Set IP DSCP list
|
Allows you to choose the IP DSCP value.
The Set IP DSCP list sets the DSCP value and sends the packet with the new DSCP value setting.
The Set IP DSCP radio button must be chosen to enable the Set IP DSCP list.
|
5.6.10.2.4 Police (exceed/violate) Subtab
The Police (exceed/violate) subtab allows you to mark packets with different QoS values based on conformance to the service-level agreement. Traffic policing is not executed for traffic that passes through an interface.
The Police (exceed/violate) subtab allows you to perform the following tasks:
•Specify the traffic exceed parameters.
•Specify the traffic violate parameters.
The following table describes the Police (exceed/violate) subtab fields.
Table 5-66 Field Descriptions for the Police (exceed/violate) Subtab
Field
|
Description
|
Exceed Area
|
Drop radio button
|
Allows you to set the exceed action to drop. Drop means that the packets are dropped when they exceed the rate limit.
|
Set MPLS EXP topmost
|
Allows you to set the exceed action to MPLS EXP topmost and choose the MPLS EXP topmost value.
|
Set MPLS EXP topmost radio button
|
Allows you to set the exceed action to MPLS EXP topmost.
|
Set MPLS EXP topmost list
|
Allows you to choose the MPLS EXP topmost value.
The Set MPLS EXP topmost list sets the MPLS experimental bits from 0 to 7 and sends the packet with the new MPLS experimental bit value setting.
The Set MPLS EXP topmost radio button must be chosen to enable the Set MPLS EXP topmost list.
|
Set Discard Class
|
Allows you to set the exceed action to discard class and choose a valid discard class value.
|
Set Discard Class radio button
|
Allows you to set the exceed action to Discard Class.
|
Set Discard Class list
|
Allows you to choose the Discard Class value.
The Set Discard Class list sets the discard class attribute of a packet and sends the packet with the new discard class setting.
The Set Discard Class radio button must be chosen to enable the Set Discard Class list.
|
Set IP Precedence
|
Allows you to set the exceed action to IP Precedence and choose a valid IP Precedence value.
|
Set IP Precedence radio button
|
Allows you to set the exceed action to IP Precedence.
|
Set IP Precedence list
|
Allows you to choose the IP Precedence value. Options are:
•Routine
•Priority
•Immediate
•Flash
•Flash Override
•Critical
•Internet
•Network
The Set IP Precedence list sets the IP precedence and sends the packet with the new IP precedence value setting.
The Set IP Precedence radio button must be chosen to enable the Set IP Precedence list.
|
Set IP DSCP
|
Allows you to set the exceed action to IP DSCP and choose a valid IP DSCP value.
|
Set IP DSCP radio button
|
Allows you to set the exceed action to IP DSCP.
|
Set IP DSCP list
|
Allows you to choose the IP DSCP value.
The Set IP DSCP list sets the IP DSCP value and sends the packet with the new IP DSCP value setting.
The Set IP DSCP radio button must be chosen to enable the Set IP DSCP list.
|
Violate Area
|
Drop radio button
|
Allows you to set the violate action to Drop. Drop means that the packets are dropped when the packet sizes violate the normal and maximum burst sizes.
|
Set MPLS EXP topmost
|
Allows you to set the violate action to MPLS EXP topmost and choose the MPLS EXP topmost value.
|
Set MPLS EXP topmost radio button
|
Allows you to set the violate action to MPLS EXP topmost.
|
Set MPLS EXP topmost list
|
Allows you to choose the MPLS EXP topmost value.
The Set MPLS EXT topmost list sets the MPLS experimental bits from 0 to 7 and sends the packet with the new MPLS experimental bit value setting.
The Set MPLS EXP topmost radio button must be chosen to enable the Set MPLS EXP topmost list.
|
Set Discard Class
|
Allows you to set the violate action to Discard Class and choose a valid discard class value.
|
Set Discard Class radio button
|
Allows you to set the violate action to Discard Class.
|
Set Discard Class list
|
Allows you to choose the discard class value.
The Set Discard Class list sets the discard class attribute of a packet and sends the packet with the new discard class setting.
The Set Discard Class radio button must be chosen to enable the Set Discard Class list.
|
Set IP Precedence
|
Allows you to set the violate action to IP Precedence and choose a valid IP Precedence value.
|
Set IP Precedence radio button
|
Allows you to set the violate action to IP Precedence.
|
Set IP Precedence list
|
Allows you to choose the IP Precedence value. Options are:
•Routine
•Priority
•Immediate
•Flash
•Flash Override
•Critical
•Internet
•Network
The Set IP Precedence list sets the IP precedence and sends the packet with the new IP precedence value setting.
The Set IP Precedence radio button must be chosen to enable the Set IP Precedence list.
|
Set IP DSCP
|
Allows you to set the violate action to IP DSCP and choose a valid IP DSCP value.
|
Set IP DSCP radio button
|
Allows you to set the violate action to IP DSCP.
|
Set IP DSCP list
|
Allows you to choose the IP DSCP value.
The Set IP DSCP list sets the IP DSCP value and sends the packet with the new IP DSCP value setting.
The Set IP DSCP radio button must be chosen to enable the Set IP DSCP list.
|
5.6.10.2.5 Mark Subtab
The Mark subtab allows you to set the policy map criteria.
The following table describes the Mark subtab fields.
Table 5-67 Field Descriptions for the Mark Subtab
Field
|
Description
|
None radio button
|
Allows you to set the mark action to None.
|
Discard Class
|
Allows you to set the discard class and choose a valid discard class value for inbound policies. Choosing a discard class value marks a packet with the discard class value.
|
Discard Class radio button
|
Allows you to set the discard class.
|
Discard Class list
|
Allows you to choose the discard class value.
The Discard Class radio button must be chosen to enable the Discard Class list.
|
MPLS EXP topmost
|
Allows you to set the MPLS EXP topmost and choose the MPLS EXP topmost value.
|
MPLS EXP topmost radio button
|
Allows you to set the MPLS EXP topmost value.
|
MPLS EXP topmost list
|
Allows you to choose the MPLS EXP topmost value.
The MPLS EXP topmost radio button must be chosen to enable the MPLS EXP topmost list.
|
QoS Group
|
Allows you to set the QoS group and choose a valid QoS value for inbound policies. Choosing a QoS group sets a QoS group identifier that can be used later to classify packets.
|
QoS Group radio button
|
Allows you to set the QoS group.
|
QoS Group list
|
Allows you to choose the QoS group value.
The QoS Group radio button must be chosen to enable the QoS Group list.
|
IP Precedence
|
Allows you to set the IP precedence and choose a valid IP precedence value. Choosing an IP precedence sets the precedence value in the packet header.
|
IP Precedence radio button
|
Allows you to set the IP precedence.
|
IP Precedence list
|
Allows you to choose the IP precedence value. Options are:
•Routine
•Priority
•Immediate
•Flash
•Flash Override
•Critical
•Internet
•Network
The IP Precedence radio button must be chosen to enable the IP Precedence list.
|
IP DSCP
|
Allows you to set the IP DSCP and choose a valid IP DSCP value. Choosing an IP DSCP marks a packet by setting the DSCP value in the ToS byte.
|
IP DSCP radio button
|
Allows you to set the IP DSCP.
|
IP DSCP list
|
Allows you to choose the IP DSCP value.
The IP DSCP radio button must be chosen to enable the IP DSCP list.
|
COS
|
Allows you to set the class of service (CoS) and choose a valid COS value.
CoS is an indication of how an upper-layer protocol requires a lower-layer protocol to treat its messages. Also called ToS.
|
COS radio button
|
Allows you to set the COS.
|
COS list
|
Allows you to choose the COS value.
Choosing a CoS sets the Layer 2 CoS value of an outgoing packet.
The COS radio button must be chosen to enable the COS list.
|
5.6.10.3 Service Policies Tab
The Service Policies tab allows you to specify the service policy criteria.
The following table describes the Service Policies tab fields.
Table 5-68 Field Descriptions for the Service Policies Tab
Field
|
Description
|
Basics Area
|
Inbound Service Policy field
|
Allows you to enter the name of a policy map to attach to an inbound interface to be used as the service policy for that interface.
|
Outbound Service Policy field
|
Allows you to enter the name of a policy map to attach to an outbound interface to be used as the service policy for that interface.
|
5.6.11 Routing Policy Manager Application
The Routing Policy Manager application contains the following tabs:
•Prefix Lists Tab
•Standard Community Lists Tab
•Expanded Community Lists Tab
•AS Path Access Lists Tab
The Routing Policy Manager application allows you to configure system-wide policy-related information that includes prefix lists, standard and extended community lists, and AS-path access lists.
Routing policy provides a flexible mechanism to route IP traffic to a destination and to provide access control. A routing policy is defined to configure a router to inspect and modify the attributes of routes. The definition of a routing policy in the network determines how routes are processed. Routing protocols make routing decisions to advertise, aggregate, discard, distribute, export, hold, import, redistribute, and otherwise modify routes based on the configured routing policy. Routing policies were previously defined by route maps. However, route maps have limitations and are difficult to maintain and troubleshoot in large networks as configuration sizes increase.
Note To configure Routing Policy Language (RPL), refer to Cisco CRS-1 Series Carrier Routing System Configuration Guide.
5.6.11.1 Prefix Lists Tab
The Prefix Lists tab allows you to specify any routes that have a destination network number address that is permitted by a prefix list.
The Prefix Lists tab allows you to perform the following tasks:
•Specify a prefix list name and sequence number.
•Specify whether to permit or deny packets that match the prefix list criteria.
•Specify the prefix list matching criteria.
You can reorder the prefix lists by clicking the blue up and down arrows on the left side of the application table. Each time an arrow is clicked, the chosen record moves up or down one row in the application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the Prefix Lists tab fields.
Table 5-69 Field Descriptions for the Prefix Lists Tab
Field
|
Description
|
Basics Area
|
Name field
|
Allows you to enter the prefix list name.
|
Sequence Number field
|
Allows you to enter the sequence number of the prefix list.
|
Grant list
|
Allows you to either permit or deny packets that match the prefix list criteria specified in the following fields:
•Prefix
•Prefix Mask
•Min Prefix Length
•Max Prefix Length
Options are:
•Permit—Permits a packet that matches the criteria.
•Deny—Denies the packet that matches the criteria.
|
Prefix field
|
Allows you to enter the IPv4 prefix address to match. Prefix address matching distributes any routes that have a destination network number address that is permitted by a prefix list.
|
Prefix Mask field
|
Allows you to enter the IPv4 prefix mask to match.
|
Min Prefix Length field
|
Allows you to specify the minimum length of the prefix to match.
|
Max Prefix Length field
|
Allows you to specify the maximum length of the prefix to match.
|
Add remark field
|
Allows you to add comments or a description to the prefix list.
|
5.6.11.2 Standard Community Lists Tab
The Standard Community Lists tab allows you to specify the standard community lists name, sequence number, and community numbers, and whether to permit matching.
You can reorder the standard community lists by clicking the blue up and down arrows on the left side of the application table. Each time an arrow is clicked, the chosen record moves up or down one row in the application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the Standard Community Lists tab fields.
Table 5-70 Field Descriptions for the Standard Community Lists Tab
Field
|
Description
|
Standard Community Lists Area
|
List No. field
|
Allows you to enter a value that identifies the standard community list. The standard community list can contain one or more permit or deny groups of communities.
|
Sequence No. field
|
Allows you to enter the sequence number of the standard community list.
|
Grant list
|
Allows you to either permit or deny access for a matching condition.
|
Community Numbers field
|
Allows you to enter up to three standard community numbers.
|
5.6.11.3 Expanded Community Lists Tab
The Expanded Community Lists tab allows you to specify the expanded community lists name and sequence number, and whether to permit matching regular expressions.
You can reorder the expanded community lists by clicking the blue up and down arrows on the left side of the application table. Each time an arrow is clicked, the chosen record moves up or down one row in the application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the Expanded Community Lists tab fields.
Table 5-71 Field Descriptions for the Expanded Community Lists Tab
Field
|
Description
|
Extended Community Lists Area
|
List No field
|
Allows you to enter a value that identifies the expanded community list to use for filtering.
|
Sequence No field
|
Allows you to enter the sequence number of the expanded community list.
|
Action field
|
Allows you to either permit or deny access for a matching condition.
|
Regular Expression field
|
Allows you to enter an autonomous system in the expanded community list using a regular expression.
|
5.6.11.4 AS Path Access Lists Tab
The AS Path Access Lists tab allows you to specify the autonomous system (AS) path access lists name and sequence number, and whether to permit matching regular expressions.
You can reorder the AS path access lists by clicking the blue up and down arrows on the left side of the application table. Each time an arrow is clicked, the chosen record moves up or down one row in the application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the AS Path Access Lists tab fields.
Table 5-72 Field Descriptions for the AS Path Access Lists Tab
Field
|
Description
|
AS Path Access Lists Area
|
List No field
|
Allows you to enter a value that identifies the group of AS-path access lists.
|
Sequence No field
|
Allows you to enter the sequence number of the AS-path access list.
|
Filter list
|
Allows you to either permit or deny access for a matching condition.
|
Regular Expression field
|
Allows you to enter an autonomous system in the access list using a regular expression to match the BGP AS-paths.
You can specify an access list filter on both inbound and outbound BGP routes. In addition, you can assign weights based on a set of filters. Each filter is an access list based on regular expressions. If the regular expression matches the representation of the AS-path of the route as an ASCII string, the permit or deny condition applies. The AS-path does not contain the local AS-number.
|
5.6.12 BGP Configuration Application—CRS-1 and XR 12000 R3.0 and R3.2
The BGP Configuration application contains the following tabs:
•General Tab
•Networks Tab
•Aggregates Tab
•Redistribution Tab
•Neighbors Tab
•Neighbor Address Family Configuration Window
•Neighbor Groups Tab
•Neighbor Group Address Family Configuration Window
•Session Groups Tab
•AF Groups Tab
•Operations Tab
The BGP Configuration application allows you to configure the Border Gateway Protocol (BGP) routing protocol on the router.
The BGP performs interdomain routing in TCP/IP networks. BGP is an Exterior Gateway Protocol (EGP), which means that it performs routing between multiple autonomous systems and exchanges routing and reachability information with other BGP systems.
Like any routing protocol, BGP maintains routing tables, sends routing updates, and bases routing decisions on routing metrics.
Each BGP router maintains a routing table listing all feasible paths to a particular network. Periodic refreshing of the routing table is not performed. Routing information received from peer routers is retained until an incremental update is received.
BGP devices exchange routing information in the following situations:
•Initial data exchange—When a router first connects to the network, BGP routers exchange their entire BGP routing tables.
•Incremental updates—When the routing table changes, routers send the portion of their routing table that has changed.
BGP routers do not send regularly scheduled routing updates. BGP routing updates advertise only the optimal path to a network.
BGP uses a single routing metric to determine the best path to a given network. This metric consists of an arbitrary unit number specifying the degree of preference of a particular link.
The BGP metric is typically assigned to each link by the network administrator. The value assigned to a link can be based on any number of criteria, including the following:
•Autonomous system count—The number of autonomous systems through which the path passes.
•Type of link—How stable or fast the link is.
•Other factors—Other criteria; for example, delay and cost.
5.6.12.1 General Tab
The General tab contains five subtabs: Cluster ID, Confederation, Graceful Restart, Router ID, and Write Limit. The Cluster ID subtab is displayed by default when the General tab is clicked.
The General tab allows you to perform the following tasks:
•Specify an autonomous system (AS) number, local preference, local metric, send buffer sizes, receive buffer sizes, and best path parameters.
•Configure the global address family modes.
The following table describes the General tab fields.
Table 5-73 Field Descriptions for the General Tab
Field
|
Description
|
AS Number
|
Allows you to enter the router autonomous system number.
|
Default Local Preference
|
Allows you to enter a value for the default local preference.
Generally, the Cisco default value of 100 allows you to easily define a particular path as less preferable than paths with no local preference attribute. The preference is sent to all networking devices in the local AS.
|
Default Metric
|
Allows you to enter the default metric value for the BGP.
A default metric helps solve the problem of redistributing routes with incompatible metrics. Whenever metrics do not convert, using a default metric provides a reasonable substitute and enables the redistribution to proceed.
In BGP, setting the default metric sets the Multi Exit Discriminator (MED) metric.
|
Keepalive (sec)
|
Allows you to enter a value for the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec)
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 to disable keepalive and hold time.
Note that the values 1 and 2 are not allowable because the minimum allowable keepalive time is a third of the hold time.
|
Socket Receive Size (bytes)
|
Allows you to enter the receive socket buffer size.
|
BGP Receive Size (bytes)
|
Allows you to enter the BGP receive buffer size.
|
Socket Send Size (bytes)
|
Allows you to enter the send socket buffer size.
|
BGP Send Size (bytes)
|
Allows you to enter the BGP write buffer size.
|
Scan Time (sec)
|
Allows you to enter the scanner interval.
|
Update Delay(sec) field
|
Allows you to enter a value for the maximum delay time for a BGP-speaking networking device.
|
Always check box
|
Allows you to disable the keepalive trigger best path and enforce the delay specified in the Update Delay (sec) field.
|
AS Path Loopcheck check box
|
Allows you to enable an autonomous system path for loop checking internal Border Gateway Protocol (IBGP) peers.
|
Auto Policy Soft Reset check box
|
Allows you to enable an automatic soft peer reset on the reconfiguration for BGP peers.
|
Bestpath Compare Router ID check box
|
Allows you to enable the comparison of identical routes received from external BGP (EBGP) peers during the best path selection process and switch the best path to the route with the lowest router ID.
By default, during the best path selection process, when BGP receives identical routes from EBGP peers (all the attributes are the same except for the router ID), the best path is not switched to the route with the lowest router ID if that route was not the first route received. If the Bestpath Compare Router ID check box is checked, similar routes are compared and the best path is switched to the route with the lowest router ID.
|
Bestpath Med Always check box
|
Allows you to enable the comparison of the MED for paths from neighbors in different autonomous systems.
The software chooses the path with the lowest MED.
By default, during the best path selection process, there is a MED comparison only among paths from the same autonomous system. Checking the Bestpath Med Always check box allows comparison of MEDs among paths regardless of the autonomous system from which the paths are received.
|
Bestpath Med Confed check box
|
Allows you to enable MED comparison among paths learned from confederation peers.
There is a comparison between MEDs only if no external autonomous systems are in the path (an external autonomous system is an autonomous system that is not within the confederation). If an external autonomous system is in the path, the external MED passes transparently through the confederation, and the comparison is not made.
For example, assume that autonomous systems 65000, 65001, 65002, and 65004 are part of the confederation. Autonomous system 1 is not. The software compares route A with the following four paths:
•path 1 = 65000 65004, med=2
•path 2 = 65001 65004, med=3
•path 3 = 65002 65004, med=4
•path 4 = 65003 1, med=1
If the Bestpath Med Confed check box is checked, the software chooses path 1. The fourth path has a lower MED, but the software does not include path 4 in the MED comparison because an external autonomous system is in this path.
|
Bestpath Med Missing As Worst check box
|
Allows you to have the software consider a missing MED attribute in a path as having a value of infinity, making the path without a MED value the least desirable path.
|
Default Information Originate check box
|
Allows you to enable the distribution of a default route (set the originate network to 0.0.0.0 into the BGP table).
|
Enforce First AS check box
|
Allows you to enable the enforcement of the first autonomous system (known as the AS-path) of a route received from an EBGP peer to be the same as the configured remote autonomous system.
By default, the software ignores any update received from an EBGP neighbor that does not have the autonomous system configured for that neighbor at the beginning of the AS-path. When checked, the Enforce First AS check box applies to all EBGP peers of the networking device.
|
Fast External Fallover check box
|
Allows you to enable the immediate reset of the BGP sessions of any directly adjacent external peers if the link used to reach them goes down.
Performing an immediate session reset allows the network to recover faster when links go down between BGP peers.
|
Log Neighbor Changes check box
|
Allows you to enable logging of BGP neighbor resets.
Log Neighbor Changes enables logging of BGP neighbor status changes (up or down) and resets for troubleshooting network connectivity problems and measuring network stability. Unexpected neighbor resets might indicate high error rates or high packet loss in the network, and should be investigated.
|
Redistribute Internal check box
|
Allows you to enable the redistribution of IBGP routes into an Interior Gateway Protocol (IGP) such as Intermediate System-to-Intermediate System (ISIS) or Open Shortest Path First (OSPF).
Caution Redistributing IBGP routes into IGPs can cause routing loops to form within an autonomous system.
|
AF Mode
|
Allows you to create an address family group for BGP neighbors.
An address family group for BGP neighbors is used to group address family-specific neighbor parameters within an IP address family. Neighbors that have the same address family configuration are able to use the address family group name under that address family. Further, neighbors will inherit the configuration parameters of the entire address family group.
|
AF Mode field
|
Allows you to view the address family group.
|
AF Mode ellipsis button
|
Allows you to configure an address family group from the Global Address Family Configuration window. Configure the global address family using the Family Configuration window. See Global Address Family Configuration Window.
|
5.6.12.1.1 Global Address Family Configuration Window
The Global Address Family Configuration window is opened when the AF Mode ellipsis button is clicked in the General tab. It allows you to perform the following tasks:
•Choose the address family mode.
•Configure the address family distances.
•Specify the number of paths to a single destination.
•Specify the scanner interval.
•Specify a policy name.
•Configure dampening parameters.
The following table describes the Global Address Family Configuration window fields.
Table 5-74 Field Descriptions for the Global Address Family Configuration Window
Field
|
Description
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
|
Global AF Detail Area
|
External Distance field
|
Allows you to specify the distance for routes external to the AS. The external distance is the administrative distance for BGP external routes. External routes are routes for which the best path is learned from a neighbor external to the autonomous system.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Internal Distance field
|
Allows you to specify the distance for routes internal to the AS. This is the administrative distance for BGP internal routes. Internal routes are those routes that are learned from another BGP entity within the same autonomous system.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Local Distance field
|
Allows you to specify the distance for local routes. This is the administrative distance for BGP local routes. The local-distance parameter applies to locally generated aggregate routes and backdoor routes installed in the routing table.
Caution Changing the administrative distance of BGP internal routes is considered risky and is not recommended. One problem that can arise is the accumulation of routing table inconsistencies, which can interfere with routing.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Scan Time (sec) field
|
Allows you to specify the scanning intervals of BGP-speaking networking devices.
The specified scan time shortens the interval times where the BGP scanner processes routing information. Internal BGP features might work more efficiently if the routing tables are updated faster.
|
Table Policy field
|
Allows you to specify a routing policy for updates advertised to or received from a BGP neighbor. The policy can be used to filter routes and to modify route attributes.
|
CC Reflection check box
|
Allows you to enable route reflection from a BGP route reflector to clients. Click the CC Reflection check box to enable client-to-client (CC) reflection.
Clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required.
If the neighbors are fully meshed, there is no need for client-to-client reflection. If the neighbors are not fully meshed, the route reflection (RR) configuration can be based on the address family-specific number.
|
RIB Attribute Download check box
|
Allows you to enable RIB attribute download.
|
Maximum Paths Area
|
Maximum Paths check box
|
When checked, it allows you to enter the maximum number of paths to a single destination.
|
EBGP radio button
|
Available when Maximum Paths check box is checked. Allows you to enter the maximum number of EBGP paths.
|
EBGP field
|
Enter the maximum number of EBGP paths. Value must be between 2 and 8. Default value is 2.
|
IBGP radio button
|
Available when Maximum Paths check box is checked. Allows you to enter the maximum number of IBGP paths.
|
IBGP field
|
Enter the maximum number of IBGP paths. Value must be between 2 and 8. Default value is 2.
|
Dampening Parameters Area
|
Dampening check box
|
Allows you to enable BGP dampening for the global address family. Check the Dampening check box to enable dampening.
|
Route Policy
|
Allows you to specify the name of the route policy.
|
Route Policy radio button
|
Allows you to select route policy filtering.
|
Route Policy field
|
Allows you to enter the name of the route policy.
This field is enabled when the Route Policy radio button is activated.
|
Counters radio button
|
Allows you to configure dampening using counters. When this radio button is clicked, the Half-Life, Max Suppress, Reuse, and Suppress fields become available in sequence when values are entered into the fields.
|
Half-Life (min) field
|
Allows you to specify the time after which a penalty is decreased. Once the route has been assigned a penalty, the penalty is decreased by half after the half-life period. Penalty reduction happens every 5 seconds.
|
Max Suppress (min) field
|
Allows you to specify the maximum time a route can be suppressed. The Cisco default is four times the half-life value. If the default half-life value is selected, the maximum suppress time defaults to 60 minutes.
|
Reuse field
|
Allows you to enter the route reuse value. If the penalty for a flapping route decreases enough to fall below this value, the route is unsuppressed. Routes are unsuppressed in 10-second increments.
|
Suppress field
|
Allows you to enter a value for when route suppression should start. A route is suppressed when its penalty exceeds this limit.
|
5.6.12.1.2 Cluster ID Subtab
The Cluster ID subtab allows you to specify the cluster ID IP address or number.
The following table describes the Cluster ID subtab fields.
Table 5-75 Field Descriptions for the Cluster ID Subtab
Field
|
Description
|
Cluster ID check box
|
Allows you to enable the configuring of the cluster ID if the BGP cluster has more than one route reflector. Together, a route reflector and its clients form a cluster. Checking the check box enables the IP Address and Number radio buttons.
Usually a cluster of clients will have a single route reflector. In that case, the cluster is identified by the software as the networking device ID of the route reflector. In order to increase redundancy and avoid a single point of failure in the network, a cluster might have more than one route reflector. In this case, all route reflectors in the cluster must be configured with the 4-byte cluster ID so that a route reflector can recognize updates from route reflectors in the same cluster.
If the cluster has more than one route reflector, checking the Cluster ID check box configures the cluster ID.
|
IP Address
|
Allows you to enter an IP address for the cluster ID.
|
IP Address radio button
|
Allows you to specify an IP address.
|
IP Address field
|
Allows you to enter an IP address for the cluster ID.
This field is enabled when the IP Address radio button is activated.
|
Number
|
Allows you to enter a number for the cluster ID. The number must be the cluster ID of the networking device acting as a route reflector.
|
Number radio button
|
Allows you to specify a number.
|
Number field
|
Allows you to enter a number for the cluster ID.
This field is enabled when the Number radio button is activated.
|
5.6.12.1.3 Confederation Subtab
The Confederation subtab allows you to perform the following tasks:
•Specify the confederation ID.
•Specify the confederation neighbors.
The following table describes the Confederation subtab fields.
Table 5-76 Field Descriptions for the Confederation Subtab
Field
|
Description
|
Confederation ID field
|
Allows you to specify a BGP confederation identifier. The confederation ID is an autonomous system number that internally includes multiple autonomous systems.
One way to reduce the IBGP mesh is to divide an autonomous system into multiple autonomous systems and group them into a single confederation. Each autonomous system is fully meshed within itself, and has a few connections to another autonomous system in the same confederation. Even though the peers in different autonomous systems have EBGP sessions, they exchange routing information as if they are IBGP peers. Specifically, the confederation maintains the next hop and local preference information, which allows you to retain a single IGP for all the autonomous systems. To the outside world, the confederation looks like a single autonomous system.
|
Confederation Peers field
|
Allows you to configure the autonomous systems that belong to a confederation by entering the autonomous system numbers for BGP peers that will belong to the confederation.
The autonomous systems specified are visible internally to a confederation. Each autonomous system is fully meshed within itself.
|
5.6.12.1.4 Graceful Restart Subtab
The Graceful Restart subtab allows you to perform the following tasks:
•Specify graceful restart and graceful reset.
•Specify the purge time.
•Specify the restart time.
•Specify the stale path time.
The following table describes the Graceful Restart subtab fields.
Table 5-77 Field Descriptions for the Graceful Restart Subtab
Field
|
Description
|
Graceful Restart check box
|
Allows you to enable graceful restart support.
|
Graceful Reset check box
|
Allows you to reset gracefully if the configuration change forces a peer reset.
|
Purge Time (sec) field
|
Allows you to enter the maximum time before stale routes are purged.
|
Restart Time (sec) field
|
Allows you to enter the maximum time advertised to neighbors.
|
Stalepath Time (sec) field
|
Allows you to enter the maximum time to wait for the End-of-RIB message from a neighbor that has been restarted before deleting learned routes.
|
5.6.12.1.5 Router ID Subtab
The Router ID subtab allows you to configure a router ID IP address or interface name.
The following table describes the Router ID subtab fields.
Table 5-78 Field Descriptions for the Router ID Subtab
Field
|
Description
|
Router ID check box
|
Allows you to enable the configuration of a fixed router ID for a BGP-speaking networking device.
A loopback interface, if one is configured, is more effective as an identifier because there is no physical link to go down.
|
IP Address
|
Allows you to specify an IP address for the router ID.
|
IP Address radio button
|
Allows you to specify the IP address.
|
IP Address field
|
Allows you to enter an IP address for the router ID.
This field is enabled when the IP Address radio button is activated.
|
Interface Name
|
Allows you to enter an interface name.
|
Interface Name radio button
|
Allows you to specify an interface name.
|
Interface Name field
|
Allows you to view the chosen interface name.
|
Interface Name ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box.
This ellipsis button is enabled when the Interface Name radio button is activated.
|
5.6.12.1.6 Write Limit Subtab
The Write Limit subtab allows you to perform the following tasks:
•Specify a formatted messages limit.
•Specify an enqueued messages limit.
•Disable desynchronization.
The following table describes the Write Limit subtab fields.
Table 5-79 Field Descriptions for the Write Limit Subtab
Field
|
Description
|
Formatted Messages field
|
Allows you to enter the maximum number of formatted messages for an update group.
|
Enqueued Messages field
|
Allows you to enter the number of messages that can be enqueued in total.
|
Desynchronize check box
|
Allows you to desynchronize. Desynchronization is the process by which BGP will separate and update groups into slow and fast peers so that the slow peers do not increase the update latency of the fast peers.
|
5.6.12.2 Networks Tab
The Networks tab allows you to perform the following tasks:
•Specify the IP address and mask for a network.
•Choose the address family mode.
•Specify a backdoor route.
The following table describes the Networks tab fields.
Table 5-80 Field Descriptions for the Networks Tab
Field
|
Description
|
Network Area
|
IP Address
|
Allows you to specify a local network that the BGP routing process should originate and advertise to its neighbors.
The BGP determines which local networks will be originated by the networking device and included in routing advertisements to its neighbors. Only routes that are specified using the Networks tab will be originated and advertised to neighbors even if there is a corresponding non-BGP route in the routing table. Such routes can be learned using connected networks, static routing, or dynamic routing using an IGP.
|
IP Address field
|
Allows you to enter an IP address.
|
IP Address ellipsis button
|
Allows you to choose an IP address from the Select IP Address dialog box.
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
|
Mask field
|
Allows you to enter an IP address mask for the network.
|
AutoGenerate Mask button
|
Allows you to automatically generate a mask. Click the button to automatically generate a mask.
|
Route Policy field
|
Allows you to specify the name of the route policy.
|
Backdoor check box
|
Allows you enable a BGP backdoor route. The backdoor route is to a BGP border networking device. This device will provide better information than the local networking device about the network.
|
5.6.12.3 Aggregates Tab
The Aggregates tab allows you to perform the following tasks:
•Specify the IP address and mask for aggregates.
•Choose the address format mode and optionally choose to generate AS confederation set path information and filter routes from updates.
•Configure the filtering policy for aggregates.
The following table describes the Aggregates tab fields.
Table 5-81 Field Descriptions for the Aggregates Tab
Field
|
Description
|
Aggregate Address Area
|
IP Address field
|
Allows you to specify an IP address to create an aggregate entry in a BGP routing table.
|
Mask field
|
Allows you to enter an aggregate IP address mask.
|
AutoGenerate Mask button
|
Allows you to automatically generate an aggregate mask. Click the button to automatically generate a mask.
|
AS Set check box
|
Allows you to generate AS set path information.
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
|
AS Confed Set check box
|
Allows you to generate autonomous system set path information and community information from contributing paths.
|
Summary Only check box
|
Allows you to filter more specific routes from updates. Checking the Summary Only check box creates the aggregate route (for example, 172.20.0.0/8) but suppresses advertisements of more specific routes to all neighbors.
|
Route Policy field
|
Allows you to enter a policy on which you can condition advertisement, suppression, and attributes.
|
5.6.12.4 Redistribution Tab
The Redistribution tab allows you to perform the following tasks:
•Choose the address family mode for redistribution.
•Configure connected routes.
•Configure static routes.
•Configure OSPF routes.
•Configure ISIS routes.
The following table describes the Redistribution tab fields.
Table 5-82 Field Descriptions for the Redistribution Tab
Field
|
Description
|
General Area
|
AF Mode list
|
Allows you to choose the address family mode to redistribute routes from another routing protocol into BGP. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
Each protocol (and instance of a protocol) can be redistributed independently of the others. Changing or removing redistribution for a particular instance does not affect the redistribution capability of other protocols or other instances of the same protocol.
Networks specified using the Networks tab are not affected by the Redistribution tab settings; that is, the policy specified in the Network tab takes precedence over the policy specified through the Redistribution tab.
|
Connected Routes Area
|
Default Metric field
|
Allows you to specify a metric value to assign to connected routes.
|
Route Policy field
|
Allows you to enter a routing policy to filter connected routes.
|
Static Routes Area
|
Default Metric field
|
Allows you to specify a metric value to assign to static routes.
|
Route Policy field
|
Allows you to enter a routing policy to filter static routes.
|
OSPF Routes Area
|
OSPF Instance Name column
|
Specifies the OSPF instance. Click the cell and enter a value.
|
Default Metric column
|
Specifies the metric value to assigned to the routes. Click the cell and enter a value.
|
Redistribute Type column
|
Specifies the redistribution type. Click the cell and enter a value.
|
Route Policy Name column
|
Specifies the name of the route policy that is used. Click the cell and enter a value.
|
Internal column
|
Indicates whether the internal OSPF routes are redistributed. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External column
|
Indicates whether the external OSPF routes are redistributed. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External Type 1 column
|
Specifies whether the route is an external route type 1. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External Type 2 column
|
Specifies whether the route is an external route type 2. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External column
|
Specifies whether the external OSFP routes are redistributed to the not-so-stubby area (NSSA). Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External Type 1 column
|
Specifies whether the NSSA External type is Type 1. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External Type 2 column
|
Column specifies whether the NSSA External type is Type 2. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
IS-IS Routes Area
|
IS-IS instance name column
|
Specifies the ISIS name. Click the cell and enter a value.
|
Default Metric column
|
Specifies the metric value assigned to the routes. Click the cell and enter a value.
|
Redistribute Type column
|
Allows you to choose the redistribute type. Options are:
•Level1
•Level2
•Level1and2
Double-click the cell to activate the list; then, choose a redistribute type.
|
Route Policy Name column
|
Specifies the name of the route policy. Click the cell and enter a value.
|
Level 1
|
Redistributes ISIS level 1 routes.
|
Level 2
|
Redistributes ISIS level 1 interarea routes.
|
Level 1 Inter-Area
|
Redistributes ISIS level 2 ISIS routes.
|
5.6.12.5 Neighbors Tab
The Neighbors tab allows you to perform the following tasks:
•Specify the neighbor IP address and AS number.
•Configure the neighbor inheritance.
•Configure neighbor details including demilitarized zone link bandwidth (DmzLinkBw) password, send and receive buffer sizes, shutdown, timers, and address family mode.
The following table describes the Neighbors tab fields.
Table 5-83 Field Descriptions for the Neighbors Tab
Field
|
Description
|
Neighbor Specific Area
|
IP Address field
|
Allows you to enter an IP address of the BGP-speaking neighbor. Once a BGP neighbor is created, routing information is exchanged.
|
AS Number field
|
Allows you to enter the autonomous system number to which the neighbor belongs.
The AS Number field assigns a remote AS number to a neighbor and causes the neighbor to be created. A neighbor must have a remote AS number before any other parameters can be configured for it.
|
Neighbor Inheritance Area
|
Neighbor Group Name
|
Allows you to choose a neighbor group name.
|
Neighbor Group Name field
|
Allows you to view the chosen neighbor group name.
|
Neighbor Group Name ellipsis button
|
Allows you to choose a neighbor group name from the Select Neighbor Group dialog box.
|
Session Group Name
|
Allows you to choose a session group name. Click the Session Group Name ellipsis button to open a Select Session Group dialog box and choose a session group name from the dialog box.
|
Session Group Name field
|
Allows you to view the chosen session group name.
|
Session Group Name ellipsis button
|
Allows you to choose a session group name from the Select Session Group dialog box.
|
Neighbor Details Area
|
Ad. Interval(sec) field
|
Allows you to enter the minimum advertisement interval time.
|
Description field
|
Allows you to enter a description of the neighbor.
|
EBGP Multihop field
|
Allows you to enter the maximum hop count.
The hop count allows the router to accept and attempt BGP connections to external peers residing on networks that are not directly connected.
|
Session Open Mode list
|
Allows you to select the TCP mode. Values can be Either, Active Only, or Passive Only. Default value is Either.
|
Update Source
|
Allows you to specify an interface name by specifying an interface type and instance.
•interface type—Interface to be used to obtain the local IP address for the BGP session with the neighbor.
•interface number—The interface number of the interface-type argument.
Choosing an interface allows internal IBGP sessions to use the IP address from a particular interface as the local address when forming an IBGP session with a neighbor.
This mechanism allows a BGP session to remain up even if the outbound interface goes down, provided there is another route to the neighbor.
If you configure the update source for a neighbor group or session group, all neighbors using the group will inherit the characteristics configured with the Update Source field. (See Neighbor Groups Tab and Session Groups Tab.) Configuring the update source directly for the neighbor will override the value inherited from the group.
|
Update Source field
|
Allows you to view the chosen interface name.
|
Update Source ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
|
Local AS Area
|
Local AS field
|
Allows you to assign local AS numbers.
Each BGP peer can be assigned a local autonomous system value for peering. In the case of neighbor groups and session groups, the local autonomous system value is valid for all peers in the neighbor group.
This feature cannot be customized for individual peers in a group.
You cannot use the local BGP autonomous system number or the autonomous system number of the remote peer.
This is valid only if the peer is a true EBGP peer; it does not work for two peers in different subautonomous systems in a confederation.
|
Disable check box
|
Enables or disables local AS and to prevent it from being inherited from a parent.
|
No Prepend check box
|
Enables or disables prepending the local AS to announcements.
|
Buffer Sizes - Receive and Send Area
|
Socket Read(bytes) field
|
Allows you to enter the receive socket buffer size.
|
BGP Read(bytes) field
|
Allows you to enter the BGP read buffer size.
|
Socket Send(bytes) field
|
Allows you to enter the send socket buffer size.
|
BGP Send(bytes) field
|
Allows you to enter the BGP write buffer size.
|
AF Mode
|
Allows you to specify the address family mode. Click the AF Mode ellipsis button to open a Neighbor Address Family Configuration window and configure a neighbor address family. (See Neighbor Address Family Configuration Window.)
|
AF Mode field
|
Allows you to view the chosen address family mode.
|
AF Mode ellipsis button
|
Allows you to configure an address family mode from the Neighbor Address Family Configuration window.
|
DMZLinkBw Area
|
DmzLinkBw check box
|
Allows you to propagate demilitarized zone (DMZ) link bandwidth, which advertises the bandwidth of links that are used to exit an autonomous system.
This feature supports only single hop links over IBGP. BGP can originate the link bandwidth community only for EBGP peers that are one hop away.
|
Enable Inheritance check box
|
Allows you to enable DMZ link bandwidth to be inherited, allowing propagation and inheritance from a parent.
|
Password Area
|
Password field
|
Allows you to enter a neighbor password. When a password is entered, it enables Message Digest 5 (MD5) authentication on a TCP connection between two BGP neighbors.
You can invoke authentication between two BGP neighbors, causing each segment sent on the TCP connection between them to be verified. The password must be configured the same on both BGP neighbors, otherwise the connection will not be made. The authentication feature uses the MD5 algorithm. Specifying the password causes the software to generate and check the MD5 digest on every segment sent on the TCP connection.
If you configure a password for a neighbor, an existing session will be torn down and a new one established.
If you specify a BGP neighbor group or session group, all the members of the group will inherit the password characteristic.
To override any inherited password configuration from a neighbor group or session group, disable the password on the neighbor.
|
Encryption Type list
|
Allows you to choose a password encryption type. Options are:
•None
•Cisco Proprietary
|
Password Disable check box
|
Allows you to disable the password even if the parent has its own password. Check the Password Disable check box to disable the password for the neighbor and uncheck the check box to enable the password.
|
Shutdown Area
|
Shutdown check box
|
Allows you to shut down the neighbor. Check the Shutdown check box to enable shutdown; uncheck the check box to disable shutdown.
|
Enable Inheritance check box
|
Allows you to enable shutdown of the neighbor from a parent.
|
Timers Area
|
Keepalive (sec) field
|
Allows you to enter the keepalive interval timer. This is the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The timers actually used in connection with the neighbor group might not be the same as those configured because the actual timers are negotiated with the neighbor when establishing the session. The negotiated hold time is the lower of the configured time and the time received from the neighbor. If the negotiated hold time is 0, keepalives are disabled and the software never terminates the session when a keepalive is not received.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec) field
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 in the Holdtime (sec) field to disable the keepalive and hold-time timers.
Note that the values 1 and 2 are not allowable because the minimum allowable keepalive time is a third of the hold time.
|
TTL Security Area
|
TTL Security check box
|
Allows you to enable BGP TTL security.
|
Enable Inheritance check box
|
Allows you to enable inheritance from a parent.
|
5.6.12.6 Neighbor Address Family Configuration Window
The Neighbor Address Family Configuration window is opened when the AF Mode ellipsis button is clicked in the Neighbors tab.
The Neighbor Address Family Configuration window allows you to specify the address family group and mode.
The following table describes the Neighbor Address Family Configuration window fields.
Table 5-84 Field Descriptions for the Neighbor Address Family Configuration Window
Field
|
Description
|
AF Group Area
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
|
AF Group
|
Allows you to choose the address family group.
|
AF Group field
|
Allows you to view the chosen address family group.
|
AF Group ellipsis button
|
Allows you to choose the address group from the Select AF Group dialog box.
|
5.6.12.6.1 Generic Config Subtab
The Generic Config subtab allows you to perform the following tasks:
•Specify the maximum number of prefixes and the threshold.
•Configure the default originate.
•Configure the route reflector client.
•Disable the next hop calculation.
•Remove private AS updates.
•Send communities to an EBGP group.
•Configure soft reconfiguration.
The following table describes the Generic Config subtab fields.
Table 5-85 Field Descriptions for the Generic Config Subtab
Field
|
Description
|
ORF Capability list
|
Allows you to choose the capability Outbound Route Filter (ORF). Options are:
•Receive
•Send
•Both
•None
|
Weight field
|
Allows you to specify the default weight.
|
Max Prefix field
|
Allows you to enter the maximum number of prefixes. The Max Prefix field configures a maximum number of prefixes that a BGP networking device is allowed to receive from a neighbor. It adds another mechanism (in addition to routing policy) to control prefixes received from a peer.
When the number of received prefixes exceeds the maximum number configured, the software terminates the peering (by default). However, if the Enable Warning check box is activated, the software sends only a log message, but continues peering with the sender.
|
Threshold field
|
Allows you to enter the threshold value based on the maximum value in the Max Prefix field. When the threshold is reached (specified percentage of the maximum received prefixes), a warning is generated.
|
Enable Warning check box
|
Allows you to configure the software to generate a log message when the maximum argument value (threshold) is exceeded, instead of terminating the peering.
|
Default Originate Area
|
Default Originate check box
|
Allows you to enable default originate. Default originate allows you to originate network 0.0.0.0 into the BGP table.
|
Enable Inheritance check box
|
Allows you to prevent default originate from being inherited from a parent (session group or neighbor group).
|
Route Policy field
|
Allows you to enter a route policy name to specify criteria to originate default.
|
Route Reflector Client Area
|
RR Client check box
|
Allows you to enable client-to-client reflection.
When client-to-client reflection is enabled, the clients of a route reflector cannot be members of a peer group.
If the neighbors are fully meshed, there is no need for client-to-client reflection.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the RR Client check box.
|
Send Extended Community EBGP Area
|
Send Ext Comm check box
|
Allows you to specify that extended community attributes will be sent to an EBGP neighbor and cannot be configured for IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Ext Comm check box.
|
Next Hop Self Area
|
Next Hop Self check box
|
Allows you to disable next hop calculation for BGP updates advertised by the networking device, causing all routes to be advertised with this network device as the next hop.
Disabling the next hop calculation is useful in nonmeshed networks (such as Frame Relay or X.25) where BGP neighbors might not have direct access to all other neighbors on the same IP subnet.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Next Hop Self check box.
|
Remove Private AS Area
|
Remove Private AS check box
|
Allows you to remove private autonomous system numbers. When an update is passed to the external neighbor, the software will drop any private autonomous system numbers in the AS-path. This feature is available for EBGP neighbors only.
If the AS-path includes both private and public autonomous system numbers, the software considers the two numbers to be a configuration error and does not remove the private autonomous system numbers.
If the AS path contains the autonomous system number of the EBGP neighbor, the private autonomous system numbers will not be removed.
If this feature is used with Confederation (see Confederation Subtab), it will work as long as the private autonomous system numbers follow the confederation portion of the AS-path.
If you configure this command for a neighbor group or address family group, all neighbors using the group will inherit the characteristics. Configuring the remove private AS directly for the neighbor will override the value inherited from the group.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Remove Private AS check box.
|
Send Community EBGP Area
|
Send Community check box
|
Allows you to specify that community attributes should be sent to an EBGP neighbor and not to IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Community check box.
|
Soft Reconfig Inbound Area
|
Soft Reconfiguration check box
|
Allows you to enable soft reconfiguration, allowing the software to store updates received from a neighbor.
When an inbound policy is used to filter out or modify some of the updates received from a neighbor, this feature causes the software to store the original unmodified route in addition to the one that was changed or filtered out. This feature allows a "soft clear" to be performed after the inbound policy is changed. The original routes are then passed through the new policy, which then updates the set of routes to be used.
When the Soft Reconfiguration check box is checked, the three radio button options are:
•Enable—Allow inbound soft reconfiguration. If the neighbor supports route refresh capability, the original routes are not stored because they can be retrieved from the neighbor by making a route refresh request. Click the Enable radio button to allow inbound soft reconfiguration.
•Disable—Do not allow inbound soft reconfiguration. If the neighbor does not support the route refresh capability, an inbound soft clear is not possible. In that case, the only way to rerun the inbound policy is to perform a "hard clear," which is to reset the neighbor BGP session. Click the Disable radio button to deny inbound soft reconfiguration.
•Soft Always—Always use soft reconfiguration, even when route refresh is supported. Checking the Soft Always check box enables the storing of received updates, even if the neighbor supports route refresh capability. Click the Soft Always radio button to always use soft reconfiguration.
|
5.6.12.6.2 Filtering Policy Subtab
The Filtering Policy subtab allows you to perform the following tasks:
•Specify the prefix list.
•Specify the policy.
•Configure the outgoing route filter.
The following table describes the Filtering Policy subtab fields.
Table 5-86 Field Descriptions for the Filtering Policy Subtab
Field
|
Description
|
Prefix List (in)
|
Allows you to choose a prefix list to filter updates advertised to or received from a neighbor. Choosing a prefix list applies the prefix list to incoming advertisements to that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (in) field.
|
Prefix List (in) field
|
Allows you to view the prefix list.
|
Prefix List (in) ellipsis button
|
Allows you to choose the prefix list from the Select prefix dialog box.
|
Route Policy (in) field
|
Allows you to enter the name of a policy to apply to inbound routes.
|
Route Policy (out) field
|
Allows you to enter the name of a policy to apply to outbound routes.
|
5.6.12.7 Neighbor Groups Tab
The Neighbor Groups tab allows you to perform the following tasks:
•Specify the neighbor group name and AS number.
•Configure the neighbor group inheritance.
•Configure neighbor group address (family-independent) and address family specific-information, including DMZ link bandwidth, password, send and receive buffer sizes, shutdown, timers, and address family mode.
The following table describes the Neighbor Groups tab fields.
Table 5-87 Field Descriptions for the Neighbor Groups Tab
Field
|
Description
|
Neighbor Group Specific Area
|
Neighbor Group Name field
|
Allows you to enter a neighbor group name.
|
AS Number field
|
Allows you to assign a remote AS number to the remote neighbor.
|
Neighbor Group Inheritance Area
|
Parent
|
Allows you to specify a neighbor group parent for inheritance. Click the Parent ellipsis button to open a Select Neighbor Group dialog box and choose a neighbor group from the dialog box.
|
Parent field
|
Allows you to view the neighbor group parent.
|
Parent ellipsis button
|
Allows you to choose the neighbor group parent from the Select Neighbor Group dialog box.
|
Session Group Name
|
This field and ellipsis button allows you to specify a session group name for inheritance. Click the Session Group Name ellipsis button to open a Select Session Group dialog box and choose a session group from the dialog box.
|
Session Group Name field
|
Allows you to view the chosen the session group name.
|
Session Group Name ellipsis button
|
Allows you to choose the session group name.
|
Neighbor Group Details Area
|
Ad. Interval (sec) field
|
Allows you to enter the minimum advertisement interval time.
|
Description field
|
Allows you to enter a description of the neighbor group.
|
EBGP Multihop field
|
Allows you to enter the maximum hop count.
The hop count allows the router to accept and attempt BGP connections to external peers residing on networks that are not directly connected.
|
Session Open Mode list
|
Allows you to select the TCP mode. Values can be Either, Active Only, or Passive Only. Default value is Either.
|
Update Source
|
Allows you to specify an interface name by specifying an interface type and instance.
•Interface type—Interface to be used to obtain the local IP address for the BGP session with the neighbor.
•Interface number—The interface number of the interface-type argument.
Click the Update Source ellipsis button to open a Select Interfaces dialog box and choose an interface from the dialog box.
|
Update Source field
|
Allows you to view the chosen interface name.
|
Update Source ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
|
Local AS Area
|
Local AS field
|
Allows you to assign local AS numbers.
Each BGP peer can be assigned a local autonomous system value for peering. In the case of neighbor groups and session groups, the local autonomous system value is valid for all peers in the neighbor group.
|
Disable check box
|
Enables or disables local AS and to prevent it from being inherited from a parent.
|
No Prepend check box
|
Enables or disables prepending the local AS to announcements.
|
Buffer Sizes - Receive and Send Area
|
Socket Read (bytes) field
|
Allows you to enter the receive socket buffer size.
|
BGP Read (bytes) field
|
Allows you to enter the BGP read buffer size.
|
Socket Send (bytes) field
|
Allows you to enter the send socket buffer size.
|
BGP Send (bytes) field
|
Allows you to enter the BGP write buffer size.
|
AF Mode
|
Allows you to specify the address family mode.
|
AF Mode field
|
Allows you to view the chosen address family mode.
|
AF Mode ellipsis button
|
Allows you to configure the address family mode from the Neighbor Group Address Family Configuration window. (See Neighbor Group Address Family Configuration Window.)
|
DMZLinkBw Area
|
DmzLinkBw check box
|
Allows you to propagate DMZ link bandwidth, which advertises the bandwidth of links that are used to exit an autonomous system.
This feature supports only single hop links over IBGP. BGP can originate the link bandwidth community only for EBGP peers that are one hop away.
|
Enable Inheritance check box
|
Allows you to enable DMZ link bandwidth to be inherited, allowing propagation and inheritance from a parent.
|
Password Area
|
Password field
|
Allows you to enter a neighbor password. When a password is entered, it enables MD5 authentication on a TCP connection between two BGP neighbors.
You can invoke authentication between two BGP neighbors, causing each segment sent on the TCP connection between them to be verified. The password must be configured the same on both BGP neighbors, otherwise the connection will not be made. The authentication feature uses the MD5 algorithm. Specifying the password causes the software to generate and check the MD5 digest on every segment sent on the TCP connection.
If you configure a password for a neighbor, an existing session will be torn down and a new one established.
If you specify a BGP neighbor group, all the members of the group will inherit the password characteristic.
|
Encryption Type list
|
Allows you to choose a password encryption type. Options are:
•None
•Cisco Proprietary
|
Password Disable check box
|
Allows you to disable the password for the neighbor group even if the parent has its own password.
|
Shutdown Area
|
Shutdown check box
|
Allows you to shut down the neighbor group. Check the Shutdown check box to enable shutdown; uncheck the check box to disable shutdown.
|
Enable Inheritance check box
|
Allows you to shut down the neighbor group independently of the parent.
|
Timers Area
|
Keepalive (sec) field
|
Allows you to enter the keepalive interval timer. This is the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The timers actually used in connection with the neighbor group might not be the same as those configured because the actual timers are negotiated with the neighbor group when establishing the session. The negotiated hold time is the lower of the configured time and the time received from the neighbor group. If the negotiated hold time is 0, keepalives are disabled and the software never terminates the session when a keepalive is not received.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec) field
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 in the Holdtime (sec) field to disable the keepalive and hold-time timers.
|
TTL Security Area
|
TTL Security check box
|
Allows you to enable BGP TTL security.
|
Enable Inheritance check box
|
Allows you to enable inheritance from a parent.
|
5.6.12.8 Neighbor Group Address Family Configuration Window
The Neighbor Group Address Family Configuration window is opened when the AF Mode ellipsis button is clicked in the Neighbor Groups tab. It allows you to specify the address family group and mode.
The following table describes the Neighbor Group Address Family Configuration window fields.
Table 5-88 Field Descriptions for the Neighbor Group Address Family Configuration Window
Field
|
Description
|
AF Group Area
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
|
AF Group
|
Allows you to choose the address family group.
|
AF Group field
|
Allows you to view the chosen address family group.
|
AF Group ellipsis button
|
Allows you to choose the address group from the Select AF Group dialog box.
|
5.6.12.8.1 Generic Config Subtab
The Generic Config subtab allows you to perform the following tasks:
•Specify the maximum number of prefixes and the threshold.
•Configure the default originate.
•Configure the route reflector client.
•Disable the next hop calculation.
•Remove private AS updates.
•Send communities to an EBGP group.
•Configure soft reconfiguration.
The following table describes the Generic Config subtab fields.
Table 5-89 Field Descriptions for the Generic Config Subtab
Field
|
Description
|
ORF Capability list
|
Allows you to choose the capability Outbound Route Filter (ORF). Options are:
•Receive
•Send
•Both
•None
|
Weight field
|
Allows you to specify the default weight.
|
Max Prefix field
|
Allows you to enter the maximum number of prefixes. The Max Prefix field configures a maximum number of prefixes that a BGP networking device is allowed to receive from a neighbor. It adds another mechanism (in addition to routing policy) to control prefixes received from a peer.
When the number of received prefixes exceeds the maximum number configured, the software terminates the peering (by default). However, if the Enable Warning check box is activated, the software sends only a log message, but continues peering with the sender.
|
Threshold field
|
Allows you to enter the threshold value based on the maximum value in the Max Prefix field. When the threshold is reached (specified percentage of the maximum received prefixes), a warning is generated.
|
Enable Warning check box
|
Allows you to configure the software to generate a log message when the maximum argument value (threshold) is exceeded, instead of terminating the peering.
|
Default Originate Area
|
Default Originate check box
|
Allows you to enable default originate. Default originate allows you to originate network 0.0.0.0 into the BGP table.
|
Enable Inheritance check box
|
Allows you to prevent default originate from being inherited from a parent (session group or neighbor group).
|
Route Policy field
|
Allows you to enter a route policy name to specify criteria to originate default.
|
Route Reflector Client Area
|
RR Client check box
|
Allows you to enable client-to-client reflection.
If the neighbors are fully meshed, there is no need for client-to-client reflection.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the RR Client check box.
|
Send Extended Community EBGP Area
|
Send Ext Comm check box
|
Allows you to specify that extended community attributes will be sent to an EBGP neighbor and cannot be configured for IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Ext Comm check box.
|
Next Hop Self Area
|
Next Hop Self check box
|
Allows you to disable next hop calculation for BGP updates advertised by the networking device, causing all routes to be advertised with this network device as the next hop.
Disabling the next hop calculation is useful in nonmeshed networks (such as Frame Relay or X.25) where BGP neighbors might not have direct access to all other neighbors on the same IP subnet.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Next Hop Self check box.
|
Remove Private AS Area
|
Remove Private AS check box
|
Allows you to remove private autonomous system numbers. When an update is passed to the external neighbor, the software will drop any private autonomous system numbers in the AS-path. This feature is available for EBGP neighbors only.
If the AS-path includes both private and public autonomous system numbers, the software considers the two numbers to be a configuration error and does not remove the private autonomous system numbers.
If the AS path contains the autonomous system number of the EBGP neighbor, the private autonomous system numbers will not be removed.
If this feature is used with Confederation (see Confederation Subtab), it will work as long as the private autonomous system numbers follow the confederation portion of the AS-path.
If you configure this command for a neighbor group or address family group, all neighbors using the group will inherit the characteristics. Configuring the remove private AS directly for the neighbor will override the value inherited from the group.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Remove Private AS check box.
|
Send Community EBGP Area
|
Send Community check box
|
Allows you to specify that community attributes should be sent to an EBGP neighbor and not to IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Community check box.
|
Soft Reconfig Inbound Area
|
Soft Reconfiguration check box
|
Allows you to enable soft reconfiguration, allowing the software to store updates received from a neighbor.
When an inbound policy is used to filter out or modify some of the updates received from a neighbor, this feature causes the software to store the original unmodified route in addition to the one that was changed or filtered out. This feature allows a "soft clear" to be performed after the inbound policy is changed. The original routes are then passed through the new policy, which then updates the set of routes to be used.
When the Soft Reconfiguration check box is checked, the three radio button options are:
•Enable—Allow inbound soft reconfiguration. If the neighbor supports route refresh capability, the original routes are not stored because they can be retrieved from the neighbor by making a route refresh request. Click the Enable radio button to allow inbound soft reconfiguration.
•Disable—Do not allow inbound soft reconfiguration. If the neighbor does not support the route refresh capability, an inbound soft clear is not possible. In that case, the only way to rerun the inbound policy is to perform a "hard clear," which is to reset the neighbor BGP session. Click the Disable radio button to deny inbound soft reconfiguration.
•Soft Always—Always use soft reconfiguration, even when route refresh is supported. Checking the Soft Always check box enables the storing of received updates, even if the neighbor supports route refresh capability. Click the Soft Always radio button to always use soft reconfiguration.
|
5.6.12.8.2 Filtering Policy Subtab
The Filtering Policy subtab allows you to perform the following tasks:
•Specify the prefix list.
•Specify the policy.
The following table describes the Filtering Policy subtab fields.
Table 5-90 Field Descriptions for the Filtering Policy Subtab
Field
|
Description
|
Prefix List (in)
|
Allows you to choose a prefix list to filter updates advertised to or received from a neighbor. Choosing a prefix list applies the prefix list to incoming advertisements to that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (in) field.
|
Prefix List (in) field
|
Allows you to view the prefix list.
|
Prefix List (in) ellipsis button
|
Allows you to choose the prefix list from the Select prefix dialog box.
|
Route Policy (in) field
|
Allows you to enter the name of a policy to apply to inbound routes.
|
Route Policy (out) field
|
Allows you to enter the name of a policy to apply to outbound routes.
|
5.6.12.9 Session Groups Tab
The Session Groups tab allows you to perform the following tasks:
•Specify the session group name and AS number.
•Configure the session group inheritance.
•Configure session group address family-independent information, including DMZ link bandwidth, password, send and receive buffer sizes, shutdown, and timers.
The following table describes the Session Groups tab fields.
Table 5-91 Field Descriptions for the Session Groups Tab
Field
|
Description
|
Session Group Specific Area
|
Session Group Name field
|
Allows you to enter the session group name.
|
AS Number field
|
Allows you to assign a remote AS number to the session group.
|
Session Group Inheritance Area
|
Parent
|
Allows you to specify a session group parent for inheritance.
|
Parent field
|
Allows you to view the session group parent.
|
Parent ellipsis button
|
Allows you to choose the session group parent from the Select Session Group dialog box.
|
Session Group Details Area
|
Ad. Interval(sec) field
|
Allows you to enter the minimum advertisement interval time in seconds.
|
Description field
|
Allows you to enter a description of the session group.
|
EBGP Multihop field
|
Allows you to enter the maximum hop count.
The hop count allows the router to accept and attempt BGP connections to external peers residing on networks that are not directly connected.
|
Session Open Mode list
|
Allows you to select the TCP mode. Values can be Either, Active Only, or Passive Only. Default value is Either.
|
Update Source
|
Allows you to specify an interface name by specifying an interface type and instance.
•interface type—Interface to be used to obtain the local IP address for the BGP session with the neighbor.
•interface number—The interface number of the interface-type argument.
|
Update Source field
|
Allows you to view the interface name.
|
Update Source ellipsis button
|
Allows you to choose the interface name from the Select Interfaces dialog box.
|
Local AS field
|
Allows you to assign local AS numbers.
Each BGP neighbor can be assigned a local autonomous system value for peering. In the case of neighbor groups and neighbors, the local autonomous system value is valid for all neighbor in the session group.
|
Disable check box
|
Enables or disables local AS and to prevent it from being inherited from a parent.
|
No Prepend check box
|
Enables or disables prepending the local AS to announcements.
|
Buffer Sizes - Receive and Send Area
|
Socket Read (bytes) field
|
Allows you to enter the receive socket buffer size.
|
BGP Read (bytes) field
|
Allows you to enter the BGP read buffer size.
|
Socket Send (bytes) field
|
Allows you to enter the send socket buffer size.
|
BGP Send (bytes) field
|
Allows you to enter the BGP write buffer size.
|
DmzLinkBw Area
|
DmzLinkBw check box
|
Allows you to propagate DMZ link bandwidth, which advertises the bandwidth of links that are used to exit an autonomous system.
This feature only supports single hop links over internal IBGP. BGP can originate the link bandwidth community only for EBGP peers that are one hop away.
|
Enable Inheritance check box
|
Allows you to enable DMZ link bandwidth to be inherited, allowing propagation and inheritance from a parent.
|
Password Area
|
Password field
|
Allows you to enter a session password. When a password is entered, it enables MD5 authentication on a TCP connection between two BGP neighbors.
You can invoke authentication between two BGP peers, causing each segment sent on the TCP connection between them to be verified. The password must be configured the same on both BGP peers, otherwise the connection will not be made. The authentication feature uses the MD5 algorithm. Specifying the password causes the software to generate and check the MD5 digest on every segment sent on the TCP connection.
If you specify a BGP session group, all the members of the group will inherit the password characteristic.
To override any inherited password configuration from a neighbor or neighbor group, disable the password for the neighbor or neighbor group.
|
Encryption Type list
|
Allows you to choose a password encryption type. Options are:
•None
•Cisco Proprietary
|
Password Disable check box
|
Allows you to disable the password even if the parent has its own password.
|
Shutdown Area
|
Shutdown check box
|
Allows you to shut down the session group.
|
Enable Inheritance check box
|
Allows you to shut down the session group from a parent.
|
Timers Area
|
Keepalive (sec) field
|
Allows you to enter the keepalive interval timer. This is the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The timers actually used in connection with the session group might not be the same as those configured because the actual timers are negotiated with the session group when establishing the session. The negotiated hold time is the lower of the configured time and the time received from the session group. If the negotiated hold time is 0, keepalives are disabled and the software never terminates the session when a keepalive is not received.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec) field
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 in the Holdtime (sec) field to disable the keepalive and hold-time timers.
|
TTL Security Area
|
TTL Security check box
|
Allows you to enable BGP TTL security.
|
Enable Inheritance check box
|
Allows you to enable inheritance from a parent.
|
5.6.12.10 AF Groups Tab
The AF Groups tab contains two subtabs: Generic Config and Filtering Policy. The Generic Config subtab is displayed by default when the AF Groups tab is clicked.
The AF Groups tab allows you to perform the following tasks:
•Specify the address family group name and mode.
•Specify an address group parent for inheritance.
The following table describes the AF Groups tab fields.
Table 5-92 Field Descriptions for the AF Groups Tab
Field
|
Description
|
AF Group Specific Area
|
AF Group Name field
|
Allows you to enter a BGP address family group name.
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
|
AF Group Inheritance Area
|
Parent
|
This field and ellipsis button allows you to specify an address group parent for inheritance.
|
Parent field
|
Allows you to view the chosen address group parent.
|
Parent ellipsis button
|
Allows you to choose the address group parent from the Select AF Group dialog box.
|
5.6.12.10.1 Generic Config Subtab
The Generic Config subtab allows you to perform the following tasks:
•Specify the maximum number of prefixes and the threshold.
•Configure the default originate.
•Configure the route reflector client.
•Disable the next hop calculation.
•Remove AS updates from outbound updates.
•Send communities to an EBGP group.
•Configure soft reconfiguration.
The following table describes the Generic Config subtab fields.
Table 5-93 Field Descriptions for the Generic Config Subtab
Field
|
Description
|
Capability ORF list
|
Allows you to choose the capability ORF. Options are:
•Receive
•Send
•Both
•None
|
Max Prefix field
|
Allows you to enter the maximum number of prefixes. The Max Prefix field configures a maximum number of prefixes that a BGP networking device is allowed to receive from a neighbor. It adds another mechanism (in addition to routing policy) to control prefixes received from a peer.
When the number of received prefixes exceeds the maximum number configured, the software terminates the peering (by default). However, if the Enable Warning check box is activated, the software sends only a log message, but continues peering with the sender.
|
Weight field
|
Allows you to specify the default weight.
|
Threshold field
|
Allows you to enter the threshold value based on the maximum value in the Max Prefix field. When the threshold is reached (specified percent of the maximum received prefixes), a warning is generated.
|
Enable Warning check box
|
Allows you to configure the software to generate a log message when the maximum argument value (threshold) is exceeded, instead of terminating the peering.
|
Default Originate Area
|
Default Originate check box
|
Allows you to enable default originate. Default originate allows you to originate network 0.0.0.0 into the BGP table.
|
Enable Inheritance check box
|
Allows you to prevent default originate from being inherited from a parent (session group or neighbor group).
|
Route Policy field
|
Allows you to enter a route policy name to specify criteria to originate default.
|
Route Reflector Client Area
|
RR Client check box
|
Allows you to enable client-to-client reflection.
When client-to-client reflection is enabled, the clients of a route reflector cannot be members of a peer group.
If the neighbors are fully meshed, there is no need for client-to-client reflection.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the RR Client check box.
|
Send Extended Community EBGP Area
|
Send Ext Comm check box
|
Allows you to specify that extended community attributes will be sent to an EBGP neighbor and cannot be configured for IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Ext Comm check box.
|
Next Hop Self Area
|
Next Hop Self check box
|
Allows you to disable next hop calculation for BGP updates advertised by the networking device, causing all routes to be advertised with this network device as the next hop.
Disabling the next hop calculation is useful in nonmeshed networks (such as Frame Relay or X.25) where BGP neighbors might not have direct access to all other neighbors on the same IP subnet.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Next Hop Self check box.
|
Remove Private AS Area
|
Remove Private AS check box
|
Allows you to remove private autonomous system numbers. When an update is passed to the external neighbor, the software will drop any private autonomous system numbers in the AS-path. This feature is available for EBGP neighbors only.
If the AS-path includes both private and public autonomous system numbers, the software considers the two numbers to be a configuration error and does not remove the private autonomous system numbers.
If the AS path contains the autonomous system number of the EBGP neighbor, the private autonomous system numbers will not be removed.
If this feature is used with Confederation (see Confederation Subtab), it will work as long as the private autonomous system numbers follow the confederation portion of the AS-path.
If you configure this command for a neighbor group or address family group, all neighbors using the group will inherit the characteristics. Configuring the Remove Private AS directly for the neighbor will override the value inherited from the group.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Remove Private AS check box.
|
Send Community EBGP Area
|
Send Community check box
|
Allows you to specify that community attributes should be sent to an EBGP neighbor and not to IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Community check box.
|
Soft Reconfig Inbound Area
|
Soft Reconfiguration check box
|
Allows you to enable soft reconfiguration, allowing the software to store updates received from a neighbor.
When an inbound policy is used to filter out or modify some of the updates received from a neighbor, this feature causes the software to store the original unmodified route in addition to the one that was changed or filtered out. This feature allows a "soft clear" to be performed after the inbound policy is changed. The original routes are then passed through the new policy, which then updates the set of routes to be used.
When the Soft Reconfiguration check box is checked, the three radio button options are:
•Enable—Allow inbound soft reconfiguration. If the neighbor supports route refresh capability, the original routes are not stored because they can be retrieved from the neighbor by making a route refresh request. Click the Enable radio button to allow inbound soft reconfiguration.
•Disable—Do not allow inbound soft reconfiguration. If the neighbor does not support the route refresh capability, an inbound soft clear is not possible. In that case, the only way to rerun the inbound policy is to perform a "hard clear," which is to reset the neighbor BGP session. Click the Disable radio button to deny inbound soft reconfiguration.
•Soft Always—Always use soft reconfiguration, even when route refresh is supported. Checking the Soft Always check box enables the storing of received updates, even if the neighbor supports route refresh capability. Click the Soft Always radio button to always use soft reconfiguration.
|
5.6.12.10.2 Filtering Policy Subtab
The Filtering Policy subtab allows you to perform the following tasks:
•Specify the prefix list.
•Specify the policy.
The following table describes the Filtering Policy subtab fields.
Table 5-94 Field Descriptions for the Filtering Policy Subtab
Field
|
Description
|
Prefix List (in)
|
Allows you to choose a prefix list to filter updates advertised to or received from a neighbor. Choosing a prefix list applies the prefix list to incoming advertisements to that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (in) field.
|
Prefix List (in) field
|
Allows you to view the prefix list.
|
Prefix List (in) ellipsis button
|
Allows you to choose the prefix list from the Select prefix dialog box.
|
Route Policy (in) field
|
Allows you to enter the name of a policy to apply to inbound routes.
|
Route Policy (out) field
|
Allows you to enter the name of a policy to apply to outbound routes.
|
5.6.12.11 Operations Tab
The Operations tab allows you to perform the following tasks:
•Specify clear BGP parameters and execute the operation.
•Specify clear BGP dampening parameters and execute the operation.
•Specify clear BGP flap statistics parameters and execute the operation.
•Specify clear BGP peer drop parameters and execute the operation.
•Clear BGP performance statistics.
•Clear BGP self-originated routes.
The following table describes the Operations tab fields.
Table 5-95 Field Descriptions for the Operations Tab
Field
|
Description
|
Clear BGP Area
|
All radio button
|
Allows you to reset all BGP neighbors.
|
External Peers radio button
|
Allows you to reset all external neighbors.
|
Neighbor
|
Allows you to reset a neighbor based on IP address.
|
Neighbor radio button
|
Allows you to enable the resetting of neighbors based on IP address.
|
Neighbor field
|
Allows you to view the chosen neighbor.
This field is enabled when the Neighbor radio button is activated.
|
Neighbor ellipsis button
|
Allows you to choose the neighbor from the Select Neighbor dialog box.
This ellipsis button is enabled when the Neighbor radio button is activated.
|
Peers in AS
|
Allows you to reset a neighbor based on the AS number.
|
Peers in AS radio button
|
Allows you to enable the resetting of neighbors based on AS number.
|
Peers in AS field
|
Allows you to enter an AS number.
This field is enabled when the Peers in AS radio button is activated.
|
Official AF list
|
Allows you to choose the official address family mode. Options are:
•IPv4
•IPv6
•All
|
Subsequent AF list
|
Allows you to choose the subsequent address family mode. Options are:
•Unicast
•Multicast
•All
|
Clear Direction list
|
Allows you to choose the clear direction. Options are:
•SoftInbound—The router uses soft inbound or route refresh reconfiguration (cached routes).
•SoftOutbound—The Cisco CRS-1 Series router uses soft outbound reconfiguration (cached routes).
•Both—The router uses soft inbound and outbound reconfiguration.
•Hard—The router clears with a hard reset. This option can be chosen only if Official AF and Subsequent AF are set to All.
•Hard (Graceful)—The router clears with a hard reset (for example, when you terminate the TCP connection) and a graceful restart. This option can be chosen only if Official AF and Subsequent AF are set to All.
|
Prefix ORF check box
|
Allows you to send a new ORF to the neighbor. The BGP neighbor installs the new ORF and resends its routes.
|
Clear button
|
Executes the clear operation based on the criteria configured in the Clear BGP area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
This Clear button is disabled by default. You must choose a radio button in an area to enable the Clear button.
|
Clear BGP Dampening Area
|
All radio button
|
Allows you to clear BGP route dampening information and unsuppress the specified suppressed routes for all AS neighbors.
|
Network
|
Allows you to clear BGP dampening information based on an IP address network prefix.
|
Network radio button
|
Allows you to enable the clearing of BGP dampening information based on an IP address network prefix.
|
Network field
|
Allows you to enter the IP address.
This field is enabled when the Network radio button is activated.
|
Mask field
|
Allows you to enter a prefix mask that is applied to the IP address. This field is enabled when the Network radio button is clicked.
|
Official AF list
|
Allows you to choose the official address family mode. Options are:
•IPv4
•IPv6
•All
|
Subsequent AF list
|
Allows you to choose the subsequent address family mode. Options are:
•Unicast
•Multicast
•All
|
Clear button
|
Executes the clear operation based on the criteria configured in the Clear BGP Dampening area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
This Clear button is disabled by default. You must choose a radio button in an area to enable the Clear button.
|
Clear BGP Flap Statistics Area
|
Route Policy radio button
|
Allows you to enable the clear BGP flap stats through the route policy.
|
Route Policy field
|
Allows you to specify the route policy.
|
Neighbor
|
Allows you to clear BGP flap counts for a specified group based on the neighbor address.
|
Neighbor radio button
|
Allows you to enable the clearing of BGP flap counts based on a neighbor address.
|
Neighbor field
|
Allows you to view the chosen neighbor address.
This field is enabled when the Neighbor radio button is activated.
|
Neighbor ellipsis button
|
Allows you to choose the neighbor address from the Select Neighbor dialog box.
This ellipsis button is enabled when the Neighbor radio button is activated.
|
Network
|
Allows you to clear flap counts based on IP address network prefix.
|
Network radio button
|
Allows you to enable the clearing of BGP flap counts based on a network prefix.
|
Network field
|
Allows you to enter an IP address network prefix.
This field is enabled when the Network radio button is activated.
|
Mask field
|
Allows you to enter a prefix mask that is applied to the IP address. This field is enabled when the Network radio button is clicked. Enter a network mask in the Mask field.
|
Regular Exp
|
Allows you to enter a regular expression.
|
Regular Exp radio button
|
Allows you to enable the clearing of BGP flap counts based on a regular expression.
|
Regular Exp field
|
Allows you to enter a regular expression.
This field is enabled when the Regular Exp radio button is activated.
|
Official AF list
|
Allows you to choose the official address family mode. Options are:
•IPv4
•IPv6
•All
|
Subsequent AF list
|
Allows you to choose the subsequent address family mode. Options are:
•Unicast
•Multicast
•All
|
Clear button
|
Executes the clear operation based on the criteria configured in the Clear BGP Flap Statistics area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
This Clear button is disabled by default. You must choose a radio button in an area to enable the Clear button.
|
Clear BGP Peer Drops Area
|
All radio button
|
Allows you to clear the connections dropped counter for all neighbors.
|
Neighbor
|
Allows you to clear BGP neighbor drops for a specified group based on the neighbor address.
|
Neighbor radio button
|
Allows you to enable the clearing of BGP peer drops based on a neighbor address.
|
Neighbor field
|
Allows you to view the chosen neighbor address.
This field is enabled when the Neighbor radio button is activated.
|
Neighbor ellipsis button
|
Allows you to choose a neighbor address from the Select Neighbor dialog box.
This ellipsis button is enabled when the Neighbor radio button is activated.
|
Clear button
|
Executes the clear operation based on the criteria configured in the Clear BGP Peer Drops area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
This Clear button is disabled by default. You must choose a radio button in an area to enable the Clear button.
|
Clear BGP Performance Statistics Area
|
Clear BGP Performance Statistics button
|
Allows you to clear the performance statistics for all address families. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
|
Clear BGP Self Originated Area
|
Clear Self Originated Routes button
|
Allows you to clear BGP routes that are self-originated (redistributed network and aggregate routes originated by the local system). When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
|
Official AF list
|
Allows you to choose the official address family mode. Options are:
•IPv4
•IPv6
•All
|
Subsequent AF list
|
Allows you to choose the subsequent address family mode. Options are:
•Unicast
•Multicast
•All
|
5.6.13 BGP Configuration Application—CRS-1 and XR 12000 R3.3
5.6.13.1 Creating Autonomous System
Step 1 Right-click a node in the BGP Configuration Tree and choose Add AS. The Add process dialog box opens.
Step 2 Enter the AS number in the field; then, click OK.
Step 3 Click OK in the Commit Status message box.
5.6.13.1.1 General Tab
The General tab contains five subtabs: Cluster ID, Confederation, Graceful Restart, Router ID, and Write Limit. The Cluster ID subtab is displayed by default when the General tab is clicked.
The General tab allows you to perform the following tasks:
•Specify an autonomous system (AS) number, local preference, local metric, send buffer sizes, receive buffer sizes, and best path parameters.
•Configure the global address family modes.
The following table describes the General tab fields.
Table 5-96 Field Descriptions for the General Tab
Field
|
Description
|
Default Local Preference
|
Allows you to enter a value for the default local preference. Value must be between 0 and 4294967295. The default value is 100.
Generally, the Cisco default value of 100 allows you to easily define a particular path as less preferable than paths with no local preference attribute. The preference is sent to all networking devices in the local AS.
|
Default Metric
|
Allows you to enter the default metric value for the BGP. Value must be between 1 and 4294967295.
A default metric helps solve the problem of redistributing routes with incompatible metrics. Whenever metrics do not convert, using a default metric provides a reasonable substitute and enables the redistribution to proceed.
In BGP, setting the default metric sets the Multi Exit Discriminator (MED) metric.
|
Keepalive (sec)
|
Allows you to enter a value for the frequency, in seconds, with which the software sends keepalive messages to the neighbor. Value must be between 0 and 4294967295. The default value is 60.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec)
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor. Values must be between 0 and 4294967295. The default value is 180.
Enter 0 to disable keepalive and hold time.
Note that the values 1 and 2 are not allowable because the minimum allowable keepalive time is a third of the hold time.
|
Socket Receive Size (bytes)
|
Allows you to enter the receive socket buffer size. Values must be between 512 and 131072. The default value is 32768.
|
BGP Receive Size (bytes)
|
Allows you to enter the BGP receive buffer size. Values must be between 512 and 131072. The default value is 4032.
|
Socket Send Size (bytes)
|
Allows you to enter the send socket buffer size. Values must be between 512 and 131072. The default value is 4096.
|
BGP Send Size (bytes)
|
Allows you to enter the BGP write buffer size. Values must be between 4096 and 131072.
|
Scan Time (sec)
|
Allows you to enter the scanner interval. Values must be between 5 and 3600. The default value is 60.
|
Update Delay (sec)
|
Allows you to enter a value for the maximum delay time for a BGP-speaking networking device. Values must be between 0 and 3600. The default value is 120.
|
Always check box
|
Allows you to disable the keepalive trigger best path and enforce the delay specified in the Update Delay (sec) field. It is disabled by default.
|
AS Path Loopcheck check box
|
Allows you to enable an autonomous system path for loop checking internal Border Gateway Protocol (IBGP) peers.
|
Auto Policy Soft Reset check box
|
Allows you to enable an automatic soft peer reset on the reconfiguration for BGP peers.
|
Bestpath Compare Router ID check box
|
Allows you to enable the comparison of identical routes received from EBGP peers during the best path selection process and switch the best path to the route with the lowest router ID.
By default, during the best path selection process, when BGP receives identical routes from EBGP peers (all the attributes are the same except for the router ID), the best path is not switched to the route with the lowest router ID if that route was not the first route received. If the Bestpath Compare Router ID check box is checked, similar routes are compared and the best path is switched to the route with the lowest router ID.
|
Bestpath Med Always check box
|
Allows you to enable the comparison of the MED for paths from neighbors in different autonomous systems.
The software chooses the path with the lowest MED.
By default, during the best path selection process, there is a MED comparison only among paths from the same autonomous system. Checking the Bestpath Med Always check box allows comparison of MEDs among paths regardless of the autonomous system from which the paths are received.
|
Bestpath Med Confed check box
|
Allows you to enable MED comparison among paths learned from confederation peers.
There is a comparison between MEDs only if no external autonomous systems are in the path (an external autonomous system is an autonomous system that is not within the confederation). If an external autonomous system is in the path, the external MED passes transparently through the confederation, and the comparison is not made.
For example, assume that autonomous systems 65000, 65001, 65002, and 65004 are part of the confederation. Autonomous system 1 is not. The software compares route A with the following four paths:
•path 1 = 65000 65004, med=2
•path 2 = 65001 65004, med=3
•path 3 = 65002 65004, med=4
•path 4 = 65003 1, med=1
If the Bestpath Med Confed check box is checked, the software chooses path 1. The fourth path has a lower MED, but the software does not include path 4 in the MED comparison because an external autonomous system is in this path.
|
Bestpath Med Missing As Worst check box
|
Allows you to have the software consider a missing MED attribute in a path as having a value of infinity, making the path without a MED value the least desirable path.
|
Default Information Originate check box
|
Allows you to enable the distribution of a default route (set the originate network to 0.0.0.0 into the BGP table).
|
Enforce First AS check box
|
Allows you to enable the enforcement of the first autonomous system (known as the AS-path) of a route received from an EBGP peer to be the same as the configured remote autonomous system.
By default, the software ignores any update received from an EBGP neighbor that does not have the autonomous system configured for that neighbor at the beginning of the AS-path. When checked, the Enforce First AS check box applies to all EBGP peers of the networking device.
|
Fast External Fallover check box
|
Allows you to enable the immediate reset of the BGP sessions of any directly adjacent external peers if the link used to reach them goes down.
Performing an immediate session reset allows the network to recover faster when links go down between BGP peers.
|
Log Neighbor Changes check box
|
Allows you to enable logging of BGP neighbor resets.
Log Neighbor Changes enables logging of BGP neighbor status changes (up or down) and resets for troubleshooting network connectivity problems and measuring network stability. Unexpected neighbor resets might indicate high error rates or high packet loss in the network, and should be investigated.
|
Redistribute Internal check box
|
Allows you to enable the redistribution of IBGP routes into an Interior Gateway Protocol (IGP) such as Intermediate System-to-Intermediate System (ISIS) or Open Shortest Path First (OSPF).
Caution Redistributing IBGP routes into IGPs can cause routing loops to form within an autonomous system.
|
Maximum Neighbors
|
Allows you to specify the maximum number of neighbors that can be configured. Value must be between 1 and 1500. The default value is 1024.
|
AF Mode
|
Allows you to create an address family group for BGP neighbors.
An address family group for BGP neighbors is used to group address family-specific neighbor parameters within an IP address family. Neighbors that have the same address family configuration are able to use the address family group name under that address family. Further, neighbors will inherit the configuration parameters of the entire address family group.
|
AF Mode field
|
Allows you to view the address family group.
|
AF Mode ellipsis button
|
Allows you to configure an address family group from the Global Address Family Configuration window. Configure the global address family using the Family Configuration window. See Global Address Family Configuration Window.
|
Cluster ID Subtab
|
The Cluster ID subtab allows you to specify the cluster ID IP address or number.
|
Cluster ID check box
|
Allows you to enable the configuring of the cluster ID if the BGP cluster has more than one route reflector. Together, a route reflector and its clients form a cluster. Checking the check box enables the IP Address and Number radio buttons.
Usually a cluster of clients will have a single route reflector. In that case, the cluster is identified by the software as the networking device ID of the route reflector. In order to increase redundancy and avoid a single point of failure in the network, a cluster might have more than one route reflector. In this case, all route reflectors in the cluster must be configured with the 4-byte cluster ID so that a route reflector can recognize updates from route reflectors in the same cluster.
If the cluster has more than one route reflector, checking the Cluster ID check box configures the cluster ID.
|
IP Address
|
Allows you to enter an IP address for the cluster ID.
|
IP Address radio button
|
Allows you to specify an IP address.
|
IP Address field
|
Allows you to enter an IP address for the cluster ID.
This field is enabled when the IP Address radio button is activated.
|
Number
|
Allows you to enter a number for the cluster ID. The number must be the cluster ID of the networking device acting as a route reflector.
|
Number radio button
|
Allows you to specify a number.
|
Number field
|
Allows you to enter a number for the cluster ID.
This field is enabled when the Number radio button is activated.
|
Confederation Subtab
|
The Confederation subtab allows you to perform the following tasks:
•Specify the confederation ID.
•Specify the confederation neighbors.
|
Confederation ID field
|
Allows you to specify a BGP confederation identifier. The confederation ID is an autonomous system number that internally includes multiple autonomous systems.
One way to reduce the IBGP mesh is to divide an autonomous system into multiple autonomous systems and group them into a single confederation. Each autonomous system is fully meshed within itself, and has a few connections to another autonomous system in the same confederation. Even though the peers in different autonomous systems have EBGP sessions, they exchange routing information as if they are IBGP peers. Specifically, the confederation maintains the next hop and local preference information, which allows you to retain a single IGP for all the autonomous systems. To the outside world, the confederation looks like a single autonomous system.
|
Confederation Peers field
|
Allows you to configure the autonomous systems that belong to a confederation by entering the autonomous system numbers for BGP peers that will belong to the confederation.
The autonomous systems specified are visible internally to a confederation. Each autonomous system is fully meshed within itself.
|
Graceful Restart
|
The Graceful Restart subtab allows you to perform the following tasks:
•Specify graceful restart and graceful reset.
•Specify the purge time.
•Specify the restart time.
•Specify the stale path time.
|
Graceful Restart check box
|
Allows you to enable graceful restart support.
|
Graceful Reset check box
|
Allows you to reset gracefully if the configuration change forces a peer reset.
|
Purge Time (sec) field
|
Allows you to enter the maximum time before stale routes are purged.
|
Restart Time (sec) field
|
Allows you to enter the maximum time advertised to neighbors.
|
Stalepath Time (sec) field
|
Allows you to enter the maximum time to wait for the End-of-RIB message from a neighbor that has been restarted before deleting learned routes.
|
Router ID Subtab
|
The Router ID subtab allows you to configure a router ID IP address.
|
Router ID check box
|
Allows you to enable the configuration of a fixed router ID for a BGP-speaking networking device.
A loopback interface, if one is configured, is more effective as an identifier because there is no physical link to go down.
|
IP Address
|
Allows you to specify an IP address for the router ID.
|
IP Address radio button
|
Allows you to specify the IP address.
|
IP Address field
|
Allows you to enter an IP address for the router ID.
This field is enabled when the IP Address radio button is activated.
|
Write Limit Subtab
|
The Write Limit subtab allows you to perform the following tasks:
•Specify a formatted messages limit.
•Specify an enqueued messages limit.
•Disable desynchronization.
|
Formatted Messages field
|
Allows you to enter the maximum number of formatted messages for an update group.
|
Enqueued Messages field
|
Allows you to enter the number of messages that can be enqueued in total.
|
Desynchronize check box
|
Allows you to desynchronize. Desynchronization is the process by which BGP will separate and update groups into slow and fast peers so that the slow peers do not increase the update latency of the fast peers.
|
5.6.13.1.2 Global Address Family Configuration Window
The Global Address Family Configuration window is opened when the AF Mode ellipsis button is clicked in the General tab.
The Global Address Family Configuration window allows you to perform the following tasks:
•Choose the address family mode.
•Configure the address family distances.
•Specify the number of paths to a single destination.
•Specify the scanner interval.
•Specify a policy name.
•Configure dampening parameters.
The following table describes the Global Address Family Configuration window fields.
Table 5-97 Field Descriptions for the Global Address Family Configuration Window
Field
|
Description
|
Global AF Specific Area
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•VPNv4Unicast
•IPv6Unicast
•IPv6Multicast
|
Global AF Detail Area
|
External Distance field (not applicable to VPNv4 address family)
|
Allows you to specify the distance for routes external to the AS. The external distance is the administrative distance for BGP external routes. External routes are routes for which the best path is learned from a neighbor external to the autonomous system.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Internal Distance field (not applicable to VPNv4 address family)
|
Allows you to specify the distance for routes internal to the AS. This is the administrative distance for BGP internal routes. Internal routes are those routes that are learned from another BGP entity within the same autonomous system.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Local Distance field (not applicable to VPNv4 address family)
|
Allows you to specify the distance for local routes. This is the administrative distance for BGP local routes. The local-distance parameter applies to locally generated aggregate routes and backdoor routes installed in the routing table.
Caution Changing the administrative distance of BGP internal routes is considered risky and is not recommended. One problem that can arise is the accumulation of routing table inconsistencies, which can interfere with routing.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Scan Time (sec) field
|
Allows you to specify the scanning intervals of BGP-speaking networking devices.
The specified scan time shortens the interval times where the BGP scanner processes routing information. Internal BGP features might work more efficiently if the routing tables are updated faster.
|
Table Policy field (not applicable to VPNv4 address family)
|
Allows you to specify a routing policy for updates advertised to or received from a BGP neighbor. The policy can be used to filter routes and to modify route attributes.
|
CC Reflection check box
|
Allows you to enable route reflection from a BGP route reflector to clients. Click the CC Reflection check box to enable client-to-client (CC) reflection.
Clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required.
If the neighbors are fully meshed, there is no need for client-to-client reflection. If the neighbors are not fully meshed, the route reflection (RR) configuration can be based on the address family-specific number.
|
RIB Attribute Download check box (not applicable to VPNv4 address family)
|
Allows you to enable RIB attribute download.
|
Maximum Paths Subarea
|
Maximum Paths check box (not applicable to VPNv4 address family)
|
When checked, it allows you to enter the maximum number of paths to a single destination.
|
EBGP radio button
|
Available when Maximum Paths check box is checked. Allows you to enter the maximum number of EBGP paths.
|
EBGP field
|
Enter the maximum number of EBGP paths. Value must be between 2 and 8. Default value is 2.
|
IBGP radio button
|
Available when Maximum Paths check box is checked. Allows you to enter the maximum number of IBGP paths.
|
IBGP field
|
Enter the maximum number of IBGP paths. Value must be between 2 and 8. Default value is 2.
|
Unequal Cost check box
|
Allows multipaths to have different IGP metrics. This is available when IBGP radio button is selected.
|
EIBGP radio button
|
Available when Maximum Paths check box is checked. Allows you to enter the maximum number of EIBGP paths.
|
EIBGP field
|
Enter the maximum number of EIBGP paths. Value must be between 2 and 8. Default value is 2.
|
Route Target Parameters Subarea (applicable to VPNv4 address family)
|
All check box
|
Allows you to retain all route targets.
|
Route Policy field
|
Allows you to retain route targets based on a route policy.
|
Dampening Parameters Area
|
Dampening check box
|
Allows you to enable BGP dampening for the global address family. Check the Dampening check box to enable dampening.
|
Route Policy radio button
|
Allows you to select route policy filtering.
|
Route Policy
|
Allows you to specify the name of the route policy.
|
Route Policy field
|
Allows you to enter the name of the route policy.
This field is enabled when the Route Policy radio button is activated.
|
Counters radio button
|
Allows you to configure dampening using counters. When this radio button is clicked, the Half-Life, Max Suppress, Reuse, and Suppress fields become available in sequence when values are entered into the fields.
|
Half-Life (min) field
|
Allows you to specify the time after which a penalty is decreased. Once the route has been assigned a penalty, the penalty is decreased by half after the half-life period. Penalty reduction happens every 5 seconds.
|
Max Suppress (min) field
|
Allows you to specify the maximum time a route can be suppressed. The Cisco default is four times the half-life value. If the default half-life value is selected, the maximum suppress time defaults to 60 minutes.
|
Reuse field
|
Allows you to enter the route reuse value. If the penalty for a flapping route decreases enough to fall below this value, the route is unsuppressed. Routes are unsuppressed in 10-second increments.
|
Suppress field
|
Allows you to enter a value for when route suppression should start. A route is suppressed when its penalty exceeds this limit.
|
5.6.13.1.3 Networks Tab
The Networks tab allows you to perform the following tasks:
•Specify the IP address and mask for a network.
•Choose the address family mode.
•Specify a backdoor route.
The following table describes the Networks tab fields.
Table 5-98 Field Descriptions for the Networks Tab
Field
|
Description
|
Network Area
|
IP Address
|
Allows you to specify a local network that the BGP routing process should originate and advertise to its neighbors.
The BGP determines which local networks will be originated by the networking device and included in routing advertisements to its neighbors. Only routes that are specified using the Networks tab will be originated and advertised to neighbors even if there is a corresponding non-BGP route in the routing table. Such routes can be learned using connected networks, static routing, or dynamic routing using an IGP.
|
IP Address field
|
Allows you to enter an IP address.
|
IP Address ellipsis button
|
Allows you to choose an IP address from the Select IP Address dialog box.
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
|
Mask field
|
Allows you to enter an IP address mask for the network.
|
AutoGenerate Mask button
|
Allows you to automatically generate a mask. Click the button to automatically generate a mask.
|
Route Policy field
|
Allows you to enter the name of the route policy.
|
Backdoor check box
|
Allows you enable a BGP backdoor route. The backdoor route is to a BGP border networking device. This device will provide better information than the local networking device about the network.
|
5.6.13.1.4 Aggregates Tab
The Aggregates tab allows you to perform the following tasks:
•Specify the IP address and mask for aggregates.
•Choose the address format mode and optionally choose to generate AS confederation set path information and filter routes from updates.
•Configure the filtering policy for aggregates.
The following table describes the Aggregates tab fields.
Table 5-99 Field Descriptions for the Aggregates Tab
Field
|
Description
|
Aggregate Address Area
|
IP Address field
|
Allows you to specify an IP address to create an aggregate entry in a BGP routing table.
|
Mask field
|
Allows you to enter an aggregate IP address mask.
|
AutoGenerate Mask button
|
Allows you to automatically generate an aggregate mask. Click the button to automatically generate a mask.
|
AS Set check box
|
Allows you to generate AS set path information.
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
|
AS Confed Set check box
|
Allows you to generate autonomous system set path information and community information from contributing paths.
|
Summary Only check box
|
Allows you to filter more specific routes from updates. Checking the Summary Only check box creates the aggregate route (for example, 172.20.0.0/8) but suppresses advertisements of more specific routes to all neighbors.
|
Route Policy field
|
Allows you to enter a policy on which to condition advertisement, suppression, and attributes.
|
5.6.13.1.5 Redistribution Tab
The Redistribution tab allows you to perform the following tasks:
•Choose the address family mode for redistribution.
•Configure connected routes.
•Configure static routes.
•Configure OSPF routes.
•Configure ISIS routes.
The following table describes the Redistribution tab fields.
Table 5-100 Field Descriptions for the Redistribution Tab
Field
|
Description
|
General Area
|
AF Mode list
|
Allows you to choose the address family mode to redistribute routes from another routing protocol into BGP. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
Each protocol (and instance of a protocol) can be redistributed independently of the others. Changing or removing redistribution for a particular instance does not affect the redistribution capability of other protocols or other instances of the same protocol.
Networks specified using the Networks tab are not affected by the Redistribution tab settings; that is, the policy specified in the Network tab takes precedence over the policy specified through the Redistribution tab.
|
Connected Routes Area
|
Default Metric field
|
Allows you to specify a metric value to assign to connected routes.
|
Policy field
|
Allows you to enter a routing policy to filter connected routes.
|
Static Routes Area
|
Default Metric field
|
Allows you to specify a metric value to assign to static routes.
|
Policy field
|
Allows you to enter a routing policy to filter static routes.
|
RIP Routes Area
|
Default Metric
|
Allows you to specify metric value for the RIP route.
|
Route Policy
|
Allows you to specify route policy to filter the RIP route.
|
OSPF Routes Area
|
OSPF Instance Name column
|
Specifies the OSPF instance. Click the cell and enter a value.
|
Default Metric column
|
Specifies the metric value to assigned to the routes. Click the cell and enter a value.
|
Redistribute Type column
|
Specifies the redistribution type. Click the cell and enter a value.
|
Route Policy Name column
|
Specifies the name of the route policy that is used. Click the cell and enter a value.
|
Internal column
|
Indicates whether the internal OSPF routes are redistributed. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External column
|
Indicates whether the external OSPF routes are redistributed. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External Type 1 column
|
Specifies whether the route is an external route type 1. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External Type 2 column
|
Specifies whether the route is an external route type 2. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External column
|
Specifies whether the external OSFP routes are redistributed to the not-so-stubby area (NSSA). Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External Type 1 column
|
Specifies whether the NSSA External type is Type 1. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External Type 2 column
|
Column specifies whether the NSSA External type is Type 2. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
IS-IS Routes Area
|
IS-IS instance name column
|
Specifies the ISIS name. Click the cell and enter a value.
|
Default Metric column
|
Specifies the metric value assigned to the routes. Click the cell and enter a value.
|
Redistribute Type column
|
Allows you to choose the redistribute type. Options are:
•Level1
•Level2
•Level1and2
Double-click the cell to activate the list; then, choose a redistribute type.
|
Route Policy Name column
|
Specifies the name of the route policy. Click the cell and enter a value.
|
Level 1 column
|
Redistributes ISIS level 1 routes.
|
Level 2 column
|
Redistributes ISIS level 1 interarea routes.
|
Level 1 Inter-Area column
|
Redistributes ISIS level 2 ISIS routes.
|
EIGRP Routes Area
|
EIGRP Instance Name column
|
Specifies the EIGRP instance name. Click the cell and enter a value.
|
Default Metric column
|
Specifies the metric value assigned to the routes. Click the cell and enter a value.
|
Redistribute column
|
Allows you to choose the redistribute type. Options are:
•Level1
•Level2
•Level1and2
Double-click the cell to activate the list; then, choose a redistribute type.
|
Route Policy Name column
|
Specifies the name of the route policy. Click the cell and enter a value.
|
5.6.13.1.6 Neighbors Tab
The Neighbors tab allows you to perform the following tasks:
•Specify the neighbor IP address and AS number.
•Configure the neighbor inheritance.
•Configure neighbor details including demilitarized zone link bandwidth (DmzLinkBw) password, send and receive buffer sizes, shutdown, timers, and address family mode.
The following table describes the Neighbors tab fields.
Table 5-101 Field Descriptions for the Neighbors Tab
Field
|
Description
|
Neighbor Specific Area
|
IP Address field
|
Allows you to enter an IP address of the BGP-speaking neighbor. Once a BGP neighbor is created, routing information is exchanged.
|
AS Number field
|
Allows you to enter the autonomous system number to which the neighbor belongs.
The AS Number field assigns a remote AS number to a neighbor and causes the neighbor to be created. A neighbor must have a remote AS number before any other parameters can be configured for it.
|
Neighbor Inheritance Area
|
Neighbor Group Name
|
Allows you to choose a neighbor group name.
|
Neighbor Group Name field
|
Allows you to view the chosen neighbor group name.
|
Neighbor Group Name ellipsis button
|
Allows you to choose a neighbor group name from the Select Neighbor Group dialog box.
|
Session Group Name
|
Allows you to choose a session group name. Click the Session Group Name ellipsis button to open a Select Session Group dialog box and choose a session group name from the dialog box.
|
Session Group Name field
|
Allows you to view the chosen session group name.
|
Session Group Name ellipsis button
|
Allows you to choose a session group name from the Select Session Group dialog box.
|
Neighbor Details Area
|
Ad. Interval(sec) field
|
Allows you to enter the minimum advertisement interval time.
|
Description field
|
Allows you to enter a description of the neighbor.
|
EBGP Multihop field
|
Allows you to enter the maximum hop count.
The hop count allows the router to accept and attempt BGP connections to external peers residing on networks that are not directly connected.
|
Session Open Mode list
|
Allows you to select the TCP mode. Values can be Either, Active Only, or Passive Only. Default value is Either.
|
Update Source
|
Allows you to specify an interface name by specifying an interface type and instance.
•interface type—Interface to be used to obtain the local IP address for the BGP session with the neighbor.
•interface number—The interface number of the interface-type argument.
Choosing an interface allows internal IBGP sessions to use the IP address from a particular interface as the local address when forming an IBGP session with a neighbor.
This mechanism allows a BGP session to remain up even if the outbound interface goes down, provided there is another route to the neighbor.
If you configure the update source for a neighbor group or session group, all neighbors using the group will inherit the characteristics configured with the Update Source field. (See Neighbor Groups Tab and Session Groups Tab.) Configuring the update source directly for the neighbor will override the value inherited from the group.
|
Update Source field
|
Allows you to view the chosen interface name.
|
Update Source ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
|
Local AS Subarea
|
Local AS field
|
Allows you to assign local AS numbers.
Each BGP peer can be assigned a local autonomous system value for peering. In the case of neighbor groups and session groups, the local autonomous system value is valid for all peers in the neighbor group.
This feature cannot be customized for individual peers in a group.
You cannot use the local BGP autonomous system number or the autonomous system number of the remote peer.
This is valid only if the peer is a true EBGP peer; it does not work for two peers in different subautonomous systems in a confederation.
|
Disable check box
|
Enables or disables local AS and to prevent it from being inherited from a parent.
|
No Prepend check box
|
Enables or disables prepending the local AS to announcements.
|
Buffer Sizes - Receive and Send Area
|
Socket Read(bytes) field
|
Allows you to enter the receive socket buffer size.
|
BGP Read(bytes) field
|
Allows you to enter the BGP read buffer size.
|
Socket Send(bytes) field
|
Allows you to enter the send socket buffer size.
|
BGP Send(bytes) field
|
Allows you to enter the BGP write buffer size.
|
AF Mode
|
Allows you to specify the address family mode. Click the AF Mode ellipsis button to open a Neighbor Address Family Configuration window and configure a neighbor address family. (See Neighbor Address Family Configuration Window.)
|
AF Mode field
|
Allows you to view the chosen address family mode.
|
AF Mode ellipsis button
|
Allows you to configure an address family mode from the Neighbor Address Family Configuration window.
|
DMZLinkBw Area
|
DmzLinkBw check box
|
Allows you to propagate demilitarized zone (DMZ) link bandwidth, which advertises the bandwidth of links that are used to exit an autonomous system.
This feature supports only single hop links over IBGP. BGP can originate the link bandwidth community only for EBGP peers that are one hop away.
|
Enable Inheritance check box
|
Allows you to enable DMZ link bandwidth to be inherited, allowing propagation and inheritance from a parent.
|
Password Area
|
Password field
|
Allows you to enter a neighbor password. When a password is entered, it enables Message Digest 5 (MD5) authentication on a TCP connection between two BGP neighbors.
You can invoke authentication between two BGP neighbors, causing each segment sent on the TCP connection between them to be verified. The password must be configured the same on both BGP neighbors, otherwise the connection will not be made. The authentication feature uses the MD5 algorithm. Specifying the password causes the software to generate and check the MD5 digest on every segment sent on the TCP connection.
If you configure a password for a neighbor, an existing session will be torn down and a new one established.
If you specify a BGP neighbor group or session group, all the members of the group will inherit the password characteristic.
To override any inherited password configuration from a neighbor group or session group, disable the password on the neighbor.
|
Encryption Type list
|
Allows you to choose a password encryption type. Options are:
•None
•Cisco Proprietary
|
Password Disable check box
|
Allows you to disable the password even if the parent has its own password. Check the Password Disable check box to disable the password for the neighbor and uncheck the check box to enable the password.
|
Shutdown Area
|
Shutdown check box
|
Allows you to shut down the neighbor. Check the Shutdown check box to enable shutdown; uncheck the check box to disable shutdown.
|
Enable Inheritance check box
|
Allows you to enable shutdown of the neighbor from a parent.
|
Timers Area
|
Keepalive (sec) field
|
Allows you to enter the keepalive interval timer. This is the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The timers actually used in connection with the neighbor group might not be the same as those configured because the actual timers are negotiated with the neighbor when establishing the session. The negotiated hold time is the lower of the configured time and the time received from the neighbor. If the negotiated hold time is 0, keepalives are disabled and the software never terminates the session when a keepalive is not received.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec) field
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 in the Holdtime (sec) field to disable the keepalive and hold-time timers.
Note that the values 1 and 2 are not allowable because the minimum allowable keepalive time is a third of the hold time.
|
TTL Security Area
|
TTL Security check box
|
Allows you to enable BGP TTL security.
|
Enable Inheritance check box
|
Allows you to enable inheritance from a parent.
|
5.6.13.1.7 Neighbor Address Family Configuration Window
The Neighbor Address Family Configuration window is opened when the AF Mode ellipsis button is clicked in the Neighbors tab.
The Neighbor Address Family Configuration window allows you to specify the address family group and mode.
The following table describes the Neighbor Address Family Configuration window fields.
Table 5-102 Field Descriptions for the Neighbor Address Family Configuration Window
Field
|
Description
|
AF Group Area
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•VPNv4Unicast
•IPv6Unicast
•IPv4Multicast
|
AF Group
|
Allows you to choose the address family group.
|
AF Group field
|
Allows you to view the chosen address family group.
|
AF Group ellipsis button
|
Allows you to choose the address group from the Select AF Group dialog box.
|
Generic Config Subtab
|
The Generic Config subtab allows you to perform the following tasks:
•Specify the maximum number of prefixes and the threshold.
•Configure the default originate.
•Configure the route reflector client.
•Disable the next hop calculation.
•Remove private AS updates.
•Send communities to an EBGP group.
•Configure soft reconfiguration.
|
Advertise Map
|
This field and ellipsis button allows you to choose to map, to conditionally advertise.
|
Advertise Map field
|
Allows you to view the advertise map.
|
Advertise Map ellipsis button
|
Allows you to choose the advertise map from the Select routemap dialog box.
|
Conditional Map
|
This field and ellipsis button allows you to choose the conditional map.
|
Conditional Map field
|
Allows you to view the conditional map.
|
Conditional Map ellipsis button
|
Allows you to choose the map from the Select routemap dialog box.
|
Condition Type list
|
Allows you to choose the type of condition. Options are:
•ConditionMatch—To advertise if a map is matched.
•ConditionNoMatch—To advertise if a map is not matched.
|
ORF Capability list
|
Allows you to choose the capability Outbound Route Filter (ORF). Options are:
•Receive
•Send
•Both
•None
|
Max Prefix field
|
Allows you to enter the maximum number of prefixes. The Max Prefix field configures a maximum number of prefixes that a BGP networking device is allowed to receive from a neighbor. It adds another mechanism (in addition to routing policy) to control prefixes received from a peer.
When the number of received prefixes exceeds the maximum number configured, the software terminates the peering (by default). However, if the Enable Warning check box is activated, the software sends only a log message, but continues peering with the sender.
|
Threshold field
|
Allows you to enter the threshold value based on the maximum value in the Max Prefix field. When the threshold is reached (specified percentage of the maximum received prefixes), a warning is generated.
|
Allow AS In field
|
Allows you to enter the number of occurrences of the AS number. Value must be between 1 and 10. Default value is 3.
|
Enable Warning check box
|
Allows you to configure the software to generate a log message when the maximum argument value (threshold) is exceeded, instead of terminating the peering.
|
Weight field
|
Allows you to specify the default weight.
|
Default Originate Area
|
Default Originate check box
|
Allows you to enable default originate. Default originate allows you to originate network 0.0.0.0 into the BGP table.
|
Enable Inheritance check box
|
Allows you to prevent default originate from being inherited from a parent (session group or neighbor group).
|
Route Reflector Client Area
|
RR Client check box
|
Allows you to enable client-to-client reflection.
When client-to-client reflection is enabled, the clients of a route reflector cannot be members of a peer group.
If the neighbors are fully meshed, there is no need for client-to-client reflection.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the RR Client check box.
|
Send Extended Community EBGP Area
|
Send Ext Comm check box
|
Allows you to specify that extended community attributes will be sent to an EBGP neighbor and cannot be configured for IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Ext Comm check box.
|
Next Hop Self Area
|
Next Hop Self check box
|
Allows you to disable next hop calculation for BGP updates advertised by the networking device, causing all routes to be advertised with this network device as the next hop.
Disabling the next hop calculation is useful in nonmeshed networks (such as Frame Relay or X.25) where BGP neighbors might not have direct access to all other neighbors on the same IP subnet.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Next Hop Self check box.
|
Remove Private AS Area
|
Remove Private AS check box
|
Allows you to remove private autonomous system numbers. When an update is passed to the external neighbor, the software will drop any private autonomous system numbers in the AS-path. This feature is available for EBGP neighbors only.
If the AS-path includes both private and public autonomous system numbers, the software considers the two numbers to be a configuration error and does not remove the private autonomous system numbers.
If the AS path contains the autonomous system number of the EBGP neighbor, the private autonomous system numbers will not be removed.
If this feature is used with Confederation, it will work as long as the private autonomous system numbers follow the confederation portion of the AS-path.
If you configure this command for a neighbor group or address family group, all neighbors using the group will inherit the characteristics. Configuring the remove private AS directly for the neighbor will override the value inherited from the group.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Remove Private AS check box.
|
Send Community EBGP Area
|
Send Community check box
|
Allows you to specify that community attributes should be sent to an EBGP neighbor and not to IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Community check box.
|
Soft Reconfig Inbound Area
|
Soft Reconfiguration check box
|
Allows you to enable soft reconfiguration, allowing the software to store updates received from a neighbor.
When an inbound policy is used to filter out or modify some of the updates received from a neighbor, this feature causes the software to store the original unmodified route in addition to the one that was changed or filtered out. This feature allows a "soft clear" to be performed after the inbound policy is changed. The original routes are then passed through the new policy, which then updates the set of routes to be used.
When the Soft Reconfiguration check box is checked, the three radio button options are:
•Enable—Allow inbound soft reconfiguration. If the neighbor supports route refresh capability, the original routes are not stored because they can be retrieved from the neighbor by making a route refresh request. Click the Enable radio button to allow inbound soft reconfiguration.
•Disable—Do not allow inbound soft reconfiguration. If the neighbor does not support the route refresh capability, an inbound soft clear is not possible. In that case, the only way to rerun the inbound policy is to perform a "hard clear," which is to reset the neighbor BGP session. Click the Disable radio button to deny inbound soft reconfiguration.
•Soft Always—Always use soft reconfiguration, even when route refresh is supported. Checking the Soft Always check box enables the storing of received updates, even if the neighbor supports route refresh capability. Click the Soft Always radio button to always use soft reconfiguration.
|
Filtering Policy Subtab
|
The Filtering Policy subtab allows you to perform the following tasks:
•Specify the prefix list.
•Specify the policy.
•Configure the outgoing route filter.
|
Prefix List (in)
|
Allows you to choose a prefix list to filter updates advertised to or received from a neighbor. Choosing a prefix list applies the prefix list to incoming advertisements to that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (in) field.
|
Prefix List (in) field
|
Allows you to view the prefix list.
|
Prefix List (in) ellipsis button
|
Allows you to choose the prefix list from the Select prefix dialog box.
|
Policy (in) field
|
Allows you to enter the name of a policy to apply to inbound routes.
|
Prefix List (out)
|
Allows you to choose a prefix list filter for updates advertised from or sent to a neighbor. Choosing a prefix list applies the prefix list to outgoing advertisements from that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (out) field.
|
Prefix List (out) field
|
Allows you to view the chosen prefix list.
|
Prefix List (out) ellipsis button
|
Allows you to choose the prefix list from the Select prefix list dialog box.
|
Policy (out) field
|
Allows you to enter the name of a policy to apply to outbound routes.
|
5.6.13.1.8 Neighbor Groups Tab
The Neighbor Groups tab allows you to perform the following tasks:
•Specify the neighbor group name and AS number.
•Configure the neighbor group inheritance.
•Configure neighbor group address (family-independent) and address family specific-information, including DMZ link bandwidth, password, send and receive buffer sizes, shutdown, timers, and address family mode.
The following table describes the Neighbor Groups tab fields.
Table 5-103 Field Descriptions for the Neighbor Groups Tab
Field
|
Description
|
Neighbor Group Specific Area
|
Neighbor Group Name field
|
Allows you to enter a neighbor group name.
|
AS Number field
|
Allows you to assign a remote AS number to the remote neighbor.
|
Neighbor Group Inheritance Area
|
Parent
|
Allows you to specify a neighbor group parent for inheritance. Click the Parent ellipsis button to open a Select Neighbor Group dialog box and choose a neighbor group from the dialog box.
|
Parent field
|
Allows you to view the neighbor group parent.
|
Parent ellipsis button
|
Allows you to choose the neighbor group parent from the Select Neighbor Group dialog box.
|
Session Group Name
|
This field and ellipsis button allows you to specify a session group name for inheritance. Click the Session Group Name ellipsis button to open a Select Session Group dialog box and choose a session group from the dialog box.
|
Session Group Name field
|
Allows you to view the chosen the session group name.
|
Session Group Name ellipsis button
|
Allows you to choose the session group name.
|
Neighbor Group Details Area
|
Ad. Interval (sec) field
|
Allows you to enter the minimum advertisement interval time.
|
Description field
|
Allows you to enter a description of the neighbor group.
|
EBGP Multihop field
|
Allows you to enter the maximum hop count.
The hop count allows the router to accept and attempt BGP connections to external peers residing on networks that are not directly connected.
|
Session Open Mode list
|
Allows you to select the TCP mode. Values can be Either, Active Only, or Passive Only. Default value is Either.
|
Update Source
|
Allows you to specify an interface name by specifying an interface type and instance.
•Interface type—Interface to be used to obtain the local IP address for the BGP session with the neighbor.
•Interface number—The interface number of the interface-type argument.
Click the Update Source ellipsis button to open a Select Interfaces dialog box and choose an interface from the dialog box.
|
Update Source field
|
Allows you to view the chosen interface name.
|
Update Source ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
|
Local AS Subarea
|
Local AS field
|
Allows you to assign local AS numbers.
Each BGP peer can be assigned a local autonomous system value for peering. In the case of neighbor groups and session groups, the local autonomous system value is valid for all peers in the neighbor group.
|
Disable check box
|
Enables or disables local AS and to prevent it from being inherited from a parent.
|
No Prepend check box
|
Enables or disables prepending the local AS to announcements.
|
Buffer Sizes - Receive and Send Area
|
Socket Read (bytes) field
|
Allows you to enter the receive socket buffer size.
|
BGP Read (bytes) field
|
Allows you to enter the BGP read buffer size.
|
Socket Send (bytes) field
|
Allows you to enter the send socket buffer size.
|
BGP Send (bytes) field
|
Allows you to enter the BGP write buffer size.
|
AF Mode
|
Allows you to specify the address family mode.
|
AF Mode field
|
Allows you to view the chosen address family mode.
|
AF Mode ellipsis button
|
Allows you to configure the address family mode from the Neighbor Group Address Family Configuration window. (See Neighbor Group Address Family Configuration Window.)
|
DMZLinkBw Area
|
DmzLinkBw check box
|
Allows you to propagate DMZ link bandwidth, which advertises the bandwidth of links that are used to exit an autonomous system.
This feature supports only single hop links over IBGP. BGP can originate the link bandwidth community only for EBGP peers that are one hop away.
|
Enable Inheritance check box
|
Allows you to enable DMZ link bandwidth to be inherited, allowing propagation and inheritance from a parent.
|
Password Area
|
Password field
|
Allows you to enter a neighbor password. When a password is entered, it enables MD5 authentication on a TCP connection between two BGP neighbors.
You can invoke authentication between two BGP neighbors, causing each segment sent on the TCP connection between them to be verified. The password must be configured the same on both BGP neighbors, otherwise the connection will not be made. The authentication feature uses the MD5 algorithm. Specifying the password causes the software to generate and check the MD5 digest on every segment sent on the TCP connection.
If you configure a password for a neighbor, an existing session will be torn down and a new one established.
If you specify a BGP neighbor group, all the members of the group will inherit the password characteristic.
|
Encryption Type list
|
Allows you to choose a password encryption type. Options are:
•None
•Cisco Proprietary
|
Password Disable check box
|
Allows you to disable the password for the neighbor group even if the parent has its own password.
|
Shutdown Area
|
Shutdown check box
|
Allows you to shut down the neighbor group. Check the Shutdown check box to enable shutdown; uncheck the check box to disable shutdown.
|
Enable Inheritance check box
|
Allows you to shut down the neighbor group independently of the parent.
|
Timers Area
|
Keepalive (sec) field
|
Allows you to enter the keepalive interval timer. This is the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The timers actually used in connection with the neighbor group might not be the same as those configured because the actual timers are negotiated with the neighbor group when establishing the session. The negotiated hold time is the lower of the configured time and the time received from the neighbor group. If the negotiated hold time is 0, keepalives are disabled and the software never terminates the session when a keepalive is not received.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec) field
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 in the Holdtime (sec) field to disable the keepalive and hold-time timers.
|
TTL Security Area
|
TTL Security check box
|
Allows you to enable BGP TTL security.
|
Enable Inheritance check box
|
Allows you to enable inheritance from a parent.
|
5.6.13.1.9 Neighbor Group Address Family Configuration Window
The Neighbor Group Address Family Configuration window is opened when the AF Mode ellipsis button is clicked in the Neighbor Groups tab.
The Neighbor Group Address Family Configuration window allows you to specify the address family group and mode.
The following table describes the Neighbor Group Address Family Configuration window fields.
Table 5-104 Field Descriptions for the Neighbor Group Address Family Configuration Window
Field
|
Description
|
AF Group Area
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•VPNv4Unicast
•IPv6Unicast
•IPv4Multicast
|
AF Group
|
Allows you to choose the address family group.
|
AF Group field
|
Allows you to view the chosen address family group.
|
AF Group ellipsis button
|
Allows you to choose the address group from the Select AF Group dialog box.
|
Generic Config Subtab
|
The Generic Config subtab allows you to perform the following tasks:
•Specify the maximum number of prefixes and the threshold.
•Configure the default originate.
•Configure the route reflector client.
•Disable the next hop calculation.
•Remove private AS updates.
•Send communities to an EBGP group.
•Configure soft reconfiguration.
|
Advertise Map
|
This field and ellipsis button allows you to choose to map, to conditionally advertise.
|
Advertise Map field
|
Allows you to view the advertise map.
|
Advertise Map ellipsis button
|
Allows you to choose the conditional map.
|
Conditional Map
|
This field and ellipsis button allows you to choose the conditional map.
|
Conditional Map field
|
Allows you to view the conditional map.
|
Conditional Map ellipsis button
|
Allows you to choose the map from the Select routemap dialog box.
|
Condition Type list
|
Allows you to choose the type of condition. Options are:
•ConditionMatch—To advertise if a map is matched.
•ConditionNoMatch—To advertise if a map is not matched.
|
ORF Capability list
|
Allows you to choose the capability Outbound Route Filter (ORF). Options are:
•Receive
•Send
•Both
•None
|
Max Prefix field
|
Allows you to enter the maximum number of prefixes. The Max Prefix field configures a maximum number of prefixes that a BGP networking device is allowed to receive from a neighbor. It adds another mechanism (in addition to routing policy) to control prefixes received from a peer.
When the number of received prefixes exceeds the maximum number configured, the software terminates the peering (by default). However, if the Enable Warning check box is activated, the software sends only a log message, but continues peering with the sender.
|
Threshold field
|
Allows you to enter the threshold value based on the maximum value in the Max Prefix field. When the threshold is reached (specified percentage of the maximum received prefixes), a warning is generated.
|
Allow AS In field
|
Allows you to enter the number of occurrences of the AS number. Value must be between 1 and 10. Default value is 3.
|
Enable Warning check box
|
Allows you to configure the software to generate a log message when the maximum argument value (threshold) is exceeded, instead of terminating the peering.
|
Weight field
|
Allows you to specify the default weight.
|
Default Originate Area
|
Default Originate check box
|
Allows you to enable default originate. Default originate allows you to originate network 0.0.0.0 into the BGP table.
|
Enable Inheritance check box
|
Allows you to prevent default originate from being inherited from a parent (session group or neighbor group).
|
Route Reflector Client Area
|
RR Client check box
|
Allows you to enable client-to-client reflection.
If the neighbors are fully meshed, there is no need for client-to-client reflection.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the RR Client check box.
|
Send Extended Community EBGP Area
|
Send Ext Comm check box
|
Allows you to specify that extended community attributes will be sent to an EBGP neighbor and cannot be configured for IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Ext Comm check box.
|
Next Hop Self Area
|
Next Hop Self check box
|
Allows you to disable next hop calculation for BGP updates advertised by the networking device, causing all routes to be advertised with this network device as the next hop.
Disabling the next hop calculation is useful in nonmeshed networks (such as Frame Relay or X.25) where BGP neighbors might not have direct access to all other neighbors on the same IP subnet.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Next Hop Self check box.
|
Remove Private AS Area
|
Remove Private AS check box
|
Allows you to remove private autonomous system numbers. When an update is passed to the external neighbor, the software will drop any private autonomous system numbers in the AS-path. This feature is available for EBGP neighbors only.
If the AS-path includes both private and public autonomous system numbers, the software considers the two numbers to be a configuration error and does not remove the private autonomous system numbers.
If the AS path contains the autonomous system number of the EBGP neighbor, the private autonomous system numbers will not be removed.
If this feature is used with Confederation, it will work as long as the private autonomous system numbers follow the confederation portion of the AS-path.
If you configure this command for a neighbor group or address family group, all neighbors using the group will inherit the characteristics. Configuring the remove private AS directly for the neighbor will override the value inherited from the group.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Remove Private AS check box.
|
Send Community EBGP Area
|
Send Community check box
|
Allows you to specify that community attributes should be sent to an EBGP neighbor and not to IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Community check box.
|
Soft Reconfig Inbound Area
|
Soft Reconfiguration check box
|
Allows you to enable soft reconfiguration, allowing the software to store updates received from a neighbor.
When an inbound policy is used to filter out or modify some of the updates received from a neighbor, this feature causes the software to store the original unmodified route in addition to the one that was changed or filtered out. This feature allows a "soft clear" to be performed after the inbound policy is changed. The original routes are then passed through the new policy, which then updates the set of routes to be used.
When the Soft Reconfiguration check box is checked, the three radio button options are:
•Enable—Allow inbound soft reconfiguration. If the neighbor supports route refresh capability, the original routes are not stored because they can be retrieved from the neighbor by making a route refresh request. Click the Enable radio button to allow inbound soft reconfiguration.
•Disable—Do not allow inbound soft reconfiguration. If the neighbor does not support the route refresh capability, an inbound soft clear is not possible. In that case, the only way to rerun the inbound policy is to perform a "hard clear," which is to reset the neighbor BGP session. Click the Disable radio button to deny inbound soft reconfiguration.
•Soft Always—Always use soft reconfiguration, even when route refresh is supported. Checking the Soft Always check box enables the storing of received updates, even if the neighbor supports route refresh capability. Click the Soft Always radio button to always use soft reconfiguration.
|
Filtering Policy Subtab
|
The Filtering Policy subtab allows you to perform the following tasks:
•Specify the prefix list.
•Specify the policy.
|
Prefix List (in)
|
Allows you to choose a prefix list to filter updates advertised to or received from a neighbor. Choosing a prefix list applies the prefix list to incoming advertisements to that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (in) field.
|
Prefix List (in) field
|
Allows you to view the prefix list.
|
Prefix List (in) ellipsis button
|
Allows you to choose the prefix list from the Select prefix dialog box.
|
Policy (in) field
|
Allows you to enter the name of a policy to apply to inbound routes.
|
Prefix List (out)
|
Allows you to choose a prefix list filter for updates advertised from or sent to a neighbor. Choosing a prefix list applies the prefix list to outgoing advertisements from that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (out) field.
|
Prefix List (out) field
|
Allows you to view the chosen prefix list.
|
Prefix List (out) ellipsis button
|
Allows you to choose the prefix list from the Select prefix list dialog box.
|
Policy (out) field
|
Allows you to enter the name of a policy to apply to outbound routes.
|
Site of Origin Subtab
|
The Site of Origin subtab allows you to perform the following tasks:
•Specify the site of origin type.
•Specify the AS number AS index, IP address, and IP address index.
|
SOO Type
|
Allows you to specify the type of site of origin.
|
AS Number
|
Allows you to enter the AS number. Value must be between 1 and 65535.
|
Address
|
Allows you to enter the IP address. Value must be an IPv4 address.
|
AS index
|
Allows you to enter the AS index. Value must be between 0 and 4294967295.
|
Address Index
|
Allows you to enter the IP address index. Value must be between 0 and 65535.
|
5.6.13.1.10 Session Groups Tab
The Session Groups tab allows you to perform the following tasks:
•Specify the session group name and AS number.
•Configure the session group inheritance.
•Configure session group address family-independent information, including DMZ link bandwidth, password, send and receive buffer sizes, shutdown, and timers.
The following table describes the Session Groups tab fields.
Table 5-105 Field Descriptions for the Session Groups Tab
Field
|
Description
|
Session Group Specific Area
|
Session Group Name field
|
Allows you to enter the session group name.
|
AS Number field
|
Allows you to assign a remote AS number to the session group.
|
Session Group Inheritance Area
|
Parent
|
Allows you to specify a session group parent for inheritance.
|
Parent field
|
Allows you to view the session group parent.
|
Parent ellipsis button
|
Allows you to choose the session group parent from the Select Session Group dialog box.
|
Session Group Details Area
|
Ad. Interval(sec) field
|
Allows you to enter the minimum advertisement interval time in seconds.
|
Description field
|
Allows you to enter a description of the session group.
|
EBGP Multihop field
|
Allows you to enter the maximum hop count.
The hop count allows the router to accept and attempt BGP connections to external peers residing on networks that are not directly connected.
|
Session Open Mode list
|
Allows you to select the TCP mode. Values can be Either, Active Only, or Passive Only. Default value is Either.
|
Update Source
|
Allows you to specify an interface name by specifying an interface type and instance.
•interface type—Interface to be used to obtain the local IP address for the BGP session with the neighbor.
•interface number—The interface number of the interface-type argument.
|
Update Source field
|
Allows you to view the interface name.
|
Update Source ellipsis button
|
Allows you to choose the interface name from the Select Interfaces dialog box.
|
Local AS Subarea
|
Local AS field
|
Allows you to assign local AS numbers.
Each BGP neighbor can be assigned a local autonomous system value for peering. In the case of neighbor groups and neighbors, the local autonomous system value is valid for all neighbor in the session group.
|
Disable check box
|
Enables or disables local AS and to prevent it from being inherited from a parent.
|
No Prepend check box
|
Enables or disables prepending the local AS to announcements.
|
Buffer Sizes - Receive and Send Area
|
Socket Read (bytes) field
|
Allows you to enter the receive socket buffer size.
|
BGP Read (bytes) field
|
Allows you to enter the BGP read buffer size.
|
Socket Send (bytes) field
|
Allows you to enter the send socket buffer size.
|
BGP Send (bytes) field
|
Allows you to enter the BGP write buffer size.
|
DmzLinkBw Area
|
DmzLinkBw check box
|
Allows you to propagate DMZ link bandwidth, which advertises the bandwidth of links that are used to exit an autonomous system.
This feature only supports single hop links over internal IBGP. BGP can originate the link bandwidth community only for EBGP peers that are one hop away.
|
Enable Inheritance check box
|
Allows you to enable DMZ link bandwidth to be inherited, allowing propagation and inheritance from a parent.
|
Password Area
|
Password field
|
Allows you to enter a session password. When a password is entered, it enables MD5 authentication on a TCP connection between two BGP neighbors.
You can invoke authentication between two BGP peers, causing each segment sent on the TCP connection between them to be verified. The password must be configured the same on both BGP peers, otherwise the connection will not be made. The authentication feature uses the MD5 algorithm. Specifying the password causes the software to generate and check the MD5 digest on every segment sent on the TCP connection.
If you specify a BGP session group, all the members of the group will inherit the password characteristic.
To override any inherited password configuration from a neighbor or neighbor group, disable the password for the neighbor or neighbor group.
|
Encryption Type list
|
Allows you to choose a password encryption type. Options are:
•None
•Cisco Proprietary
|
Password Disable check box
|
Allows you to disable the password even if the parent has its own password.
|
Shutdown Area
|
Shutdown check box
|
Allows you to shut down the session group.
|
Enable Inheritance check box
|
Allows you to shut down the session group from a parent.
|
Timers Area
|
Keepalive (sec) field
|
Allows you to enter the keepalive interval timer. This is the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The timers actually used in connection with the session group might not be the same as those configured because the actual timers are negotiated with the session group when establishing the session. The negotiated hold time is the lower of the configured time and the time received from the session group. If the negotiated hold time is 0, keepalives are disabled and the software never terminates the session when a keepalive is not received.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec) field
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 in the Holdtime (sec) field to disable the keepalive and hold-time timers.
|
TTL Security Area
|
TTL Security check box
|
Allows you to enable BGP TTL security.
|
Enable Inheritance check box
|
Allows you to enable inheritance from a parent.
|
5.6.13.1.11 AF Groups Tab
The AF Groups tab contains three subtabs: Generic Config, Filtering Policy, and Site of Origin. The Generic Config subtab is displayed by default when the AF Groups tab is clicked.
The AF Groups tab allows you to perform the following tasks:
•Specify the address family group name and mode.
•Specify an address group parent for inheritance.
The following table describes the AF Groups tab fields.
Table 5-106 Field Descriptions for the AF Groups Tab
Field
|
Description
|
AF Group Specific Area
|
AF Group Name field
|
Allows you to enter a BGP address family group name.
|
AF Mode list
|
Allows you to choose the address family mode. Options are:
•IPv4Unicast
•IPv4Multicast
•IPv6Unicast
•IPv6Multicast
|
AF Group Inheritance Area
|
Parent
|
This field and ellipsis button allows you to specify an address group parent for inheritance.
|
Parent field
|
Allows you to view the chosen address group parent.
|
Parent ellipsis button
|
Allows you to choose the address group parent from the Select AF Group dialog box.
|
Generic Config Subtab
|
The Generic Config subtab allows you to perform the following tasks:
•Specify the maximum number of prefixes and the threshold.
•Configure the default originate.
•Configure the route reflector client.
•Disable the next hop calculation.
•Remove AS updates from outbound updates.
•Send communities to an EBGP group.
•Configure soft reconfiguration.
|
Capability ORF list
|
Allows you to choose the capability ORF. Options are:
•Receive
•Send
•Both
•None
|
Max Prefix field
|
Allows you to enter the maximum number of prefixes. The Max Prefix field configures a maximum number of prefixes that a BGP networking device is allowed to receive from a neighbor. It adds another mechanism (in addition to routing policy) to control prefixes received from a peer.
When the number of received prefixes exceeds the maximum number configured, the software terminates the peering (by default). However, if the Enable Warning check box is activated, the software sends only a log message, but continues peering with the sender.
|
Weight field
|
Allows you to specify the default weight.
|
Threshold field
|
Allows you to enter the threshold value based on the maximum value in the Max Prefix field. When the threshold is reached (specified percent of the maximum received prefixes), a warning is generated.
|
Allow AS In field
|
Allows you to enter the number of occurrences of the AS number. Value must be between 1 and 10. Default value is 3.
|
Enable Warning check box
|
Allows you to configure the software to generate a log message when the maximum argument value (threshold) is exceeded, instead of terminating the peering.
|
Default Originate Area
|
Default Originate check box
|
Allows you to enable default originate. Default originate allows you to originate network 0.0.0.0 into the BGP table.
|
Enable Inheritance check box
|
Allows you to prevent default originate from being inherited from a parent (session group or neighbor group).
|
Route Policy field
|
Allows you to enter a route policy name to specify criteria to originate default.
|
Route Reflector Client Area
|
RR Client check box
|
Allows you to enable client-to-client reflection.
When client-to-client reflection is enabled, the clients of a route reflector cannot be members of a peer group.
If the neighbors are fully meshed, there is no need for client-to-client reflection.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the RR Client check box.
|
Send Extended Community EBGP Area
|
Send Ext Comm check box
|
Allows you to specify that extended community attributes will be sent to an EBGP neighbor and cannot be configured for IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Ext Comm check box.
|
Next Hop Self Area
|
Next Hop Self check box
|
Allows you to disable next hop calculation for BGP updates advertised by the networking device, causing all routes to be advertised with this network device as the next hop.
Disabling the next hop calculation is useful in nonmeshed networks (such as Frame Relay or X.25) where BGP neighbors might not have direct access to all other neighbors on the same IP subnet.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Next Hop Self check box.
|
Remove Private AS Area
|
Remove Private AS check box
|
Allows you to remove private autonomous system numbers. When an update is passed to the external neighbor, the software will drop any private autonomous system numbers in the AS-path. This feature is available for EBGP neighbors only.
If the AS-path includes both private and public autonomous system numbers, the software considers the two numbers to be a configuration error and does not remove the private autonomous system numbers.
If the AS path contains the autonomous system number of the EBGP neighbor, the private autonomous system numbers will not be removed.
If this feature is used with Confederation, it will work as long as the private autonomous system numbers follow the confederation portion of the AS-path.
If you configure this command for a neighbor group or address family group, all neighbors using the group will inherit the characteristics. Configuring the Remove Private AS directly for the neighbor will override the value inherited from the group.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Remove Private AS check box.
|
Send Community EBGP Area
|
Send Community check box
|
Allows you to specify that community attributes should be sent to an EBGP neighbor and not to IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Community check box.
|
Soft Reconfig Inbound Area
|
Soft Reconfiguration check box
|
Allows you to enable soft reconfiguration, allowing the software to store updates received from a neighbor.
When an inbound policy is used to filter out or modify some of the updates received from a neighbor, this feature causes the software to store the original unmodified route in addition to the one that was changed or filtered out. This feature allows a "soft clear" to be performed after the inbound policy is changed. The original routes are then passed through the new policy, which then updates the set of routes to be used.
When the Soft Reconfiguration check box is checked, the three radio button options are:
•Enable—Allow inbound soft reconfiguration. If the neighbor supports route refresh capability, the original routes are not stored because they can be retrieved from the neighbor by making a route refresh request. Click the Enable radio button to allow inbound soft reconfiguration.
•Disable—Do not allow inbound soft reconfiguration. If the neighbor does not support the route refresh capability, an inbound soft clear is not possible. In that case, the only way to rerun the inbound policy is to perform a "hard clear," which is to reset the neighbor BGP session. Click the Disable radio button to deny inbound soft reconfiguration.
•Soft Always—Always use soft reconfiguration, even when route refresh is supported. Checking the Soft Always check box enables the storing of received updates, even if the neighbor supports route refresh capability. Click the Soft Always radio button to always use soft reconfiguration.
|
Filtering Policy Subtab
|
The Filtering Policy subtab allows you to perform the following tasks:
•Specify the prefix list.
•Specify the policy.
|
Prefix List (in)
|
Allows you to choose a prefix list to filter updates advertised to or received from a neighbor. Choosing a prefix list applies the prefix list to incoming advertisements to that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (in) field.
|
Prefix List (in) field
|
Allows you to view the prefix list.
|
Prefix List (in) ellipsis button
|
Allows you to choose the prefix list from the Select prefix dialog box.
|
Policy (in) field
|
Allows you to enter the name of a policy to apply to inbound routes.
|
Prefix List (out)
|
Allows you to choose a prefix list filter for updates advertised from or sent to a neighbor. Choosing a prefix list applies the prefix list to outgoing advertisements from that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (out) field.
|
Prefix List (out) field
|
Allows you to view the chosen prefix list.
|
Prefix List (out) ellipsis button
|
Allows you to choose the prefix list from the Select prefix list dialog box.
|
Policy (out) field
|
Allows you to enter the name of a policy to apply to outbound routes.
|
Site of Origin Subtab
|
The Site of Origin subtab allows you to perform the following tasks:
•Specify the site of origin type.
•Specify the AS number AS index, IP address, and IP address index.
|
SOO Type
|
Allows you to specify the type of site of origin.
|
AS Number
|
Allows you to enter the AS number. Value must be between 1 and 65535.
|
Address
|
Allows you to enter the IP address. Value must be an IPv4 address.
|
AS index
|
Allows you to enter the AS index. Value must be between 0 and 4294967295.
|
Address Index
|
Allows you to enter the IP address index. Value must be between 0 and 65535.
|
5.6.13.1.12 Operations Tab
The Operations tab allows you to perform the following tasks:
•Specify clear BGP parameters and execute the operation.
•Specify clear BGP dampening parameters and execute the operation.
•Specify clear BGP flap statistics parameters and execute the operation.
•Specify clear BGP peer drop parameters and execute the operation.
•Clear BGP performance statistics.
•Clear BGP self-originated routes.
The following table describes the Operations tab fields.
Table 5-107 Field Descriptions for the Operations Tab
Field
|
Description
|
Clear BGP Area
|
All radio button
|
Allows you to reset all BGP neighbors.
|
External Peers radio button
|
Allows you to reset all external neighbors.
|
OutofMemory Peers radio button
|
Allows you to clear all neighbors, which were shut down due to low memory.
|
Neighbor
|
Allows you to reset a neighbor based on IP address.
|
Neighbor radio button
|
Allows you to enable the resetting of neighbors based on IP address.
|
Neighbor field
|
Allows you to view the chosen neighbor.
This field is enabled when the Neighbor radio button is activated.
|
Neighbor ellipsis button
|
Allows you to choose the neighbor from the Select Neighbor dialog box.
This ellipsis button is enabled when the Neighbor radio button is activated.
|
Peers in AS
|
Allows you to reset a neighbor based on the AS number.
|
Peers in AS radio button
|
Allows you to enable the resetting of neighbors based on AS number.
|
Peers in AS field
|
Allows you to enter an AS number.
This field is enabled when the Peers in AS radio button is activated.
|
VRF Name
|
Allows you to reset a VRF name.
|
VRF Name radio button
|
Allows you to enable the resetting of VRF names.
|
VRF Name field
|
Allows you to view the VRF name.
This field is enabled when the VRF Name radio button is activated.
|
Official AF list
|
Allows you to choose the official address family mode. Options are:
•IPv4
•IPv6
•All
|
Subsequent AF list
|
Allows you to choose the subsequent address family mode. Options are:
•VPN
•Unicast
•Multicast
•All
|
Clear Direction list
|
Allows you to choose the clear direction. Options are:
•SoftInbound—The router uses soft inbound or route refresh reconfiguration (cached routes).
•SoftOutbound—The Cisco CRS-1 Series router uses soft outbound reconfiguration (cached routes).
•Both—The router uses soft inbound and outbound reconfiguration.
•Hard—The router clears with a hard reset. This option can be chosen only if Official AF and Subsequent AF are set to All.
•Hard (Graceful)—The router clears with a hard reset (for example, when you terminate the TCP connection) and a graceful restart. This option can be chosen only if Official AF and Subsequent AF are set to All.
|
Prefix ORF check box
|
Allows you to send a new ORF to the neighbor. The BGP neighbor installs the new ORF and resends its routes.
|
Clear button
|
Executes the clear operation based on the criteria configured in the Clear BGP area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
This Clear button is disabled by default. You must choose a radio button in an area to enable the Clear button.
|
Clear BGP Dampening Area
|
All radio button
|
Allows you to clear BGP route dampening information and unsuppress the specified suppressed routes for all AS neighbors.
|
Network
|
Allows you to clear BGP dampening information based on an IP address network prefix.
|
Network radio button
|
Allows you to enable the clearing of BGP dampening information based on an IP address network prefix.
|
Network field
|
Allows you to enter the IP address.
This field is enabled when the Network radio button is activated.
|
Mask field
|
Allows you to enter a prefix mask that is applied to the IP address. This field is enabled when the Network radio button is clicked.
|
VRF Name
|
Allows you to reset a VRF name.
|
VRF Name radio button
|
Allows you to enable the resetting of VRF names.
|
VRF Name field
|
Allows you to view the VRF name.
This field is enabled when the VRF Name radio button is activated.
|
Official AF list
|
Allows you to choose the official address family mode. Options are:
•IPv4
•IPv6
•All
|
Subsequent AF list
|
Allows you to choose the subsequent address family mode. Options are:
•VPN
•Unicast
•Multicast
•All
|
Clear button
|
Executes the clear operation based on the criteria configured in the Clear BGP Dampening area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
This Clear button is disabled by default. You must choose a radio button in an area to enable the Clear button.
|
Clear BGP Flap Statistics Area
|
Route Policy radio button
|
Allows you to enable the clear BGP flap stats through the route policy.
|
Route Policy field
|
Allows you to specify the route policy.
|
Neighbor
|
Allows you to clear BGP flap counts for a specified group based on the neighbor address.
|
Neighbor radio button
|
Allows you to enable the clearing of BGP flap counts based on a neighbor address.
|
Neighbor field
|
Allows you to view the chosen neighbor address.
This field is enabled when the Neighbor radio button is activated.
|
Neighbor ellipsis button
|
Allows you to choose the neighbor address from the Select Neighbor dialog box.
This ellipsis button is enabled when the Neighbor radio button is activated.
|
Network
|
Allows you to clear flap counts based on IP address network prefix.
|
Network radio button
|
Allows you to enable the clearing of BGP flap counts based on a network prefix.
|
Network field
|
Allows you to enter an IP address network prefix.
This field is enabled when the Network radio button is activated.
|
Mask field
|
Allows you to enter a prefix mask that is applied to the IP address. This field is enabled when the Network radio button is clicked. Enter a network mask in the Mask field.
|
Regular Exp
|
Allows you to enter a regular expression.
|
Regular Exp radio button
|
Allows you to enable the clearing of BGP flap counts based on a regular expression.
|
Regular Exp field
|
Allows you to enter a regular expression.
This field is enabled when the Regular Exp radio button is activated.
|
VRF Name
|
Allows you to reset a VRF name.
|
VRF Name radio button
|
Allows you to enable the resetting of VRF names.
|
VRF Name field
|
Allows you to view the VRF name.
This field is enabled when the VRF Name radio button is activated.
|
Official AF list
|
Allows you to choose the official address family mode. Options are:
•IPv4
•IPv6
•All
|
Subsequent AF list
|
Allows you to choose the subsequent address family mode. Options are:
•VPN
•Unicast
•Multicast
•All
|
Clear button
|
Executes the clear operation based on the criteria configured in the Clear BGP Flap Statistics area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
This Clear button is disabled by default. You must choose a radio button in an area to enable the Clear button.
|
Clear BGP Peer Drops Area
|
All radio button
|
Allows you to clear the connections dropped counter for all neighbors.
|
Neighbor
|
Allows you to clear BGP neighbor drops for a specified group based on the neighbor address.
|
Neighbor radio button
|
Allows you to enable the clearing of BGP peer drops based on a neighbor address.
|
Neighbor field
|
Allows you to view the chosen neighbor address.
This field is enabled when the Neighbor radio button is activated.
|
Neighbor ellipsis button
|
Allows you to choose a neighbor address from the Select Neighbor dialog box.
This ellipsis button is enabled when the Neighbor radio button is activated.
|
Clear button
|
Executes the clear operation based on the criteria configured in the Clear BGP Peer Drops area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
This Clear button is disabled by default. You must choose a radio button in an area to enable the Clear button.
|
Clear BGP Performance Statistics Area
|
Clear BGP Performance Statistics button
|
Allows you to clear the performance statistics for all address families. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
|
Clear BGP Self Originated Area
|
Clear Self Originated Routes button
|
Allows you to clear BGP routes that are self-originated (redistributed network and aggregate routes originated by the local system). When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear operation or click No to cancel the operation.
|
VRF Name
|
Allows you to reset a VRF name.
|
VRF Name radio button
|
Allows you to enable the resetting of VRF names.
|
VRF Name field
|
Allows you to view the VRF name.
This field is enabled when the VRF Name radio button is activated.
|
Official AF list
|
Allows you to choose the official address family mode. Options are:
•IPv4
•IPv6
•All
|
Subsequent AF list
|
Allows you to choose the subsequent address family mode. Options are:
•VPN
•Unicast
•Multicast
•All
|
5.6.13.2 Removing Autonomous System
Note This procedure is available for CRS-1 and XR 12000 R3.3.
Step 1 Right-click an AS in the BGP Configuration Tree and choose Remove AS.
Step 2 Click Yes in the confirmation dialog box.
Step 3 Click OK in the Commit Status message box.
5.6.13.3 Creating a VRF
Step 1 Right-click an AS in the BGP Instance Tree and choose Add VRF. The VRF Selector dialog box opens.
Step 2 Enter a VRF name in the field or click the ellipses button. If you click the ellipses button, the Select VRF dialog box opens. Choose a VRF from the list and click OK.
Step 3 Click OK in the VRF Selector dialog box.
Step 4 Click OK in the Commit Status message box.
5.6.13.3.1 General Tab
The General tab allows you to perform the following tasks:
•Configure the route distinguisher for the VRF.
•Configure the address family for the VRF.
The following table describes the General tab fields.
Table 5-108 Field Descriptions for the General Tab
Field
|
Description
|
Default Local Preference
|
Allows you to enter a value for the default local preference.
Generally, the Cisco default value of 100 allows you to easily define a particular path as less preferable than paths with no local preference attribute. The preference is sent to all networking devices in the local AS.
|
Default Metric
|
Allows you to enter the default metric value for the BGP.
A default metric helps solve the problem of redistributing routes with incompatible metrics. Whenever metrics do not convert, using a default metric provides a reasonable substitute and enables the redistribution to proceed.
In BGP, setting the default metric sets the Multi Exit Discriminator (MED) metric.
|
Keepalive (sec)
|
Allows you to enter a value for the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec)
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 to disable keepalive and hold time.
Note that the values 1 and 2 are not allowable because the minimum allowable keepalive time is a third of the hold time.
|
Socket Receive Size (bytes)
|
Allows you to enter the receive socket buffer size.
|
BGP Receive Size (bytes)
|
Allows you to enter the BGP receive buffer size.
|
Socket Send Size (bytes)
|
Allows you to enter the send socket buffer size.
|
BGP Send Size (bytes)
|
Allows you to enter the BGP write buffer size.
|
Always check box
|
Allows you to disable the keepalive trigger best path and enforce the delay specified in the Update Delay (sec) field.
|
Auto Policy Soft Reset check box
|
Allows you to enable an automatic soft peer reset on the reconfiguration for BGP peers.
|
Bestpath Compare Router ID check box
|
Allows you to enable the comparison of identical routes received from EBGP peers during the best path selection process and switch the best path to the route with the lowest router ID.
By default, during the best path selection process, when BGP receives identical routes from EBGP peers (all the attributes are the same except for the router ID), the best path is not switched to the route with the lowest router ID if that route was not the first route received. If the Bestpath Compare Router ID check box is checked, similar routes are compared and the best path is switched to the route with the lowest router ID.
|
Bestpath Med Always check box
|
Allows you to enable the comparison of the MED for paths from neighbors in different autonomous systems.
The software chooses the path with the lowest MED.
By default, during the best path selection process, there is a MED comparison only among paths from the same autonomous system. Checking the Bestpath Med Always check box allows comparison of MEDs among paths regardless of the autonomous system from which the paths are received.
|
Bestpath Med Confed check box
|
Allows you to enable MED comparison among paths learned from confederation peers.
There is a comparison between MEDs only if no external autonomous systems are in the path (an external autonomous system is an autonomous system that is not within the confederation). If an external autonomous system is in the path, the external MED passes transparently through the confederation, and the comparison is not made.
For example, assume that autonomous systems 65000, 65001, 65002, and 65004 are part of the confederation. Autonomous system 1 is not. The software compares route A with the following four paths:
•path 1 = 65000 65004, med=2
•path 2 = 65001 65004, med=3
•path 3 = 65002 65004, med=4
•path 4 = 65003 1, med=1
If the Bestpath Med Confed check box is checked, the software chooses path 1. The fourth path has a lower MED, but the software does not include path 4 in the MED comparison because an external autonomous system is in this path.
|
Bestpath Med Missing As Worst check box
|
Allows you to have the software consider a missing MED attribute in a path as having a value of infinity, making the path without a MED value the least desirable path.
|
Default Information Originate check box
|
Allows you to enable the distribution of a default route (set the originate network to 0.0.0.0 into the BGP table).
|
Enforce First AS check box
|
Allows you to enable the enforcement of the first autonomous system (known as the AS-path) of a route received from an EBGP peer to be the same as the configured remote autonomous system.
By default, the software ignores any update received from an EBGP neighbor that does not have the autonomous system configured for that neighbor at the beginning of the AS-path. When checked, the Enforce First AS check box applies to all EBGP peers of the networking device.
|
Fast External Fallover check box
|
Allows you to enable the immediate reset of the BGP sessions of any directly adjacent external peers if the link used to reach them goes down.
Performing an immediate session reset allows the network to recover faster when links go down between BGP peers.
|
Log Neighbor Changes check box
|
Allows you to enable logging of BGP neighbor resets.
Log Neighbor Changes enables logging of BGP neighbor status changes (up or down) and resets for troubleshooting network connectivity problems and measuring network stability. Unexpected neighbor resets might indicate high error rates or high packet loss in the network, and should be investigated.
|
Redistribute Internal check box
|
Allows you to enable the redistribution of IBGP routes into an Interior Gateway Protocol (IGP) such as Intermediate System-to-Intermediate System (ISIS) or Open Shortest Path First (OSPF).
Caution Redistributing IBGP routes into IGPs can cause routing loops to form within an autonomous system.
|
Label Allocation Mode list
|
Allows you to specify the label allocation mode for the VRF. Possible values are:
•per-ce
•per-vrf
|
AF Mode
|
Allows you to create an address family group for BGP neighbors.
An address family group for BGP neighbors is used to group address family-specific neighbor parameters within an IP address family. Neighbors that have the same address family configuration are able to use the address family group name under that address family. Further, neighbors will inherit the configuration parameters of the entire address family group.
|
AF Mode field
|
Allows you to view the address family group.
|
AF Mode ellipsis button
|
Allows you to configure an address family group from the Global Address Family Configuration window. Configure the global address family using the Family Configuration window. See Global Address Family Configuration Window.
|
Router ID Subtab
|
The Router ID subtab allows you to configure a router ID IP address or interface name.
|
Router ID check box
|
Allows you to enable the configuration of a fixed router ID for a BGP-speaking networking device.
A loopback interface, if one is configured, is more effective as an identifier because there is no physical link to go down.
|
IP Address
|
Allows you to specify an IP address for the router ID.
|
IP Address radio button
|
Allows you to specify the IP address.
|
IP Address field
|
Allows you to enter an IP address for the router ID.
This field is enabled when the IP Address radio button is activated.
|
Interface Name
|
Allows you to enter an interface name.
|
Interface Name radio button
|
Allows you to specify an interface name.
|
Interface Name field
|
Allows you to view the chosen interface name.
|
Interface Name ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box.
This ellipsis button is enabled when the Interface Name radio button is activated.
|
Route Distinguisher Subtab
|
The Route Distinguisher subtab allows you to perform the following tasks:
•Specify the route distinguisher type.
•Specify the AS number AS index, IP address, and IP address index.
|
RD Type
|
Allows you to specify the type of route distinguisher.
|
AS Number
|
Allows you to enter the AS number. Value must be between 1 and 65535.
|
Address
|
Allows you to enter the IP address. Value must be an IPv4 address.
|
AS index
|
Allows you to enter the AS index. Value must be between 0 and 4294967295.
|
Address Index
|
Allows you to enter the IP address index. Value must be between 0 and 65535.
|
5.6.13.3.2 Global Address Family Configuration Window
The Global Address Family Configuration window is opened when the AF Mode ellipsis button is clicked in the General tab.
The Global Address Family Configuration window allows you to perform the following tasks:
•Choose the address family mode.
•Configure the address family distances.
•Specify the number of paths to a single destination.
•Specify the scanner interval.
•Specify a policy name.
•Configure dampening parameters.
The following table describes the Global Address Family Configuration window fields.
Table 5-109 Field Descriptions for the Global Address Family Configuration Window
Field
|
Description
|
AF Mode list
|
Specify the address family mode. Select IPv4Unicast from drop-down menu.
|
Global AF Detail Area
|
External Distance field
|
Allows you to specify the distance for routes external to the AS. The external distance is the administrative distance for BGP external routes. External routes are routes for which the best path is learned from a neighbor external to the autonomous system.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Internal Distance field
|
Allows you to specify the distance for routes internal to the AS. This is the administrative distance for BGP internal routes. Internal routes are those routes that are learned from another BGP entity within the same autonomous system.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Local Distance field
|
Allows you to specify the distance for local routes. This is the administrative distance for BGP local routes. The local-distance parameter applies to locally generated aggregate routes and backdoor routes installed in the routing table.
Caution Changing the administrative distance of BGP internal routes is considered risky and is not recommended. One problem that can arise is the accumulation of routing table inconsistencies, which can interfere with routing.
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual networking device or a group of networking devices. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
|
Table Policy field
|
Allows you to specify a routing policy for updates advertised to or received from a BGP neighbor. The policy can be used to filter routes and to modify route attributes.
|
RIB Attribute Download check box
|
Allows you to enable RIB attribute download.
|
Maximum Paths Area
|
Maximum Paths check box
|
When checked, it allows you to enter the maximum number of paths to a single destination.
|
EBGP radio button
|
Available when Maximum Paths check box is checked. Allows you to enter the maximum number of EBGP paths.
|
EBGP field
|
Enter the maximum number of EBGP paths. Value must be between 2 and 8. Default value is 2.
|
IBGP radio button
|
Available when Maximum Paths check box is checked. Allows you to enter the maximum number of IBGP paths.
|
IBGP field
|
Enter the maximum number of IBGP paths. Value must be between 2 and 8. Default value is 2.
|
EIBGP radio button
|
Available when Maximum Paths check box is checked. Allows you to enter the maximum number of external internal BGP (EIBGP) paths.
|
EIBGP field
|
Enter the maximum number of EIBGP paths. Value must be between 2 and 8. Default value is 2.
|
Dampening Parameters Area
|
Dampening check box
|
Allows you to enable BGP dampening for the global address family. Check the Dampening check box to enable dampening.
|
Route Policy
|
Allows you to specify the name of the route policy.
|
Route Policy radio button
|
Allows you to select route policy filtering.
|
Route Policy field
|
Allows you to enter the name of the route policy.
This field is enabled when the Route Policy radio button is activated.
|
Counters radio button
|
Allows you to configure dampening using counters. When this radio button is clicked, the Half-Life, Max Suppress, Reuse, and Suppress fields become available in sequence when values are entered into the fields.
|
Half-Life (min) field
|
Allows you to specify the time after which a penalty is decreased. Once the route has been assigned a penalty, the penalty is decreased by half after the half-life period. Penalty reduction happens every 5 seconds.
|
5.6.13.3.3 Networks Tab
The Networks tab allows you to perform the following tasks:
•Specify the IP address and mask for a network.
•Choose the address family mode.
•Specify a backdoor route.
The following table describes the Networks tab fields.
Table 5-110 Field Descriptions for the Networks Tab
Field
|
Description
|
Network Area
|
IP Address
|
Allows you to specify a local network that the BGP routing process should originate and advertise to its neighbors.
The BGP determines which local networks will be originated by the networking device and included in routing advertisements to its neighbors. Only routes that are specified using the Networks tab will be originated and advertised to neighbors even if there is a corresponding non-BGP route in the routing table. Such routes can be learned using connected networks, static routing, or dynamic routing using an IGP.
|
IP Address field
|
Allows you to enter an IP address.
|
IP Address ellipsis button
|
Allows you to choose an IP address from the Select IP Address dialog box.
|
AF Mode list
|
Specify the address family mode. Select IPv4Unicast from drop-down menu.
|
Mask field
|
Allows you to enter an IP address mask for the network.
|
AutoGenerate Mask button
|
Allows you to automatically generate a mask. Click the button to automatically generate a mask.
|
Route Policy field
|
Allows you to enter the name of the route policy.
|
Backdoor check box
|
Allows you enable a BGP backdoor route. The backdoor route is to a BGP border networking device. This device will provide better information than the local networking device about the network.
|
5.6.13.3.4 Aggregates Tab
The Aggregates tab allows you to perform the following tasks:
•Specify the IP address and mask for aggregates.
•Choose the address format mode and optionally choose to generate AS confederation set path information and filter routes from updates.
•Configure the filtering policy for aggregates.
The following table describes the Aggregates tab fields.
Table 5-111 Field Descriptions for the Aggregates Tab
Field
|
Description
|
Aggregate Address Area
|
IP Address field
|
Allows you to specify an IP address to create an aggregate entry in a BGP routing table.
|
Mask field
|
Allows you to enter an aggregate IP address mask.
|
AutoGenerate Mask button
|
Allows you to automatically generate an aggregate mask. Click the button to automatically generate a mask.
|
AS Set check box
|
Allows you to generate AS set path information.
|
AF Mode list
|
Specify the address family mode. Select IPv4Unicast from drop-down menu.
|
AS Confed Set check box
|
Allows you to generate autonomous system set path information and community information from contributing paths.
|
Summary Only check box
|
Allows you to filter more specific routes from updates. Checking the Summary Only check box creates the aggregate route (for example, 172.20.0.0/8) but suppresses advertisements of more specific routes to all neighbors.
|
Route Policy field
|
Allows you to enter a policy on which to condition advertisement, suppression, and attributes.
|
5.6.13.3.5 Redistribution Tab
The Redistribution tab allows you to perform the following tasks:
•Choose the address family mode for redistribution.
•Configure connected routes.
•Configure static routes.
•Configure OSPF routes.
•Configure ISIS routes.
The following table describes the Redistribution tab fields.
Table 5-112 Field Descriptions for the Redistribution Tab
Field
|
Description
|
General Area
|
AF Mode list
|
Allows you to specify the address family mode to redistribute routes from another routing protocol into BGP. Select IPv4Unicast from drop-down menu.
Each protocol (and instance of a protocol) can be redistributed independently of the others. Changing or removing redistribution for a particular instance does not affect the redistribution capability of other protocols or other instances of the same protocol.
Networks specified using the Networks tab are not affected by the Redistribution tab settings; that is, the policy specified in the Network tab takes precedence over the policy specified through the Redistribution tab.
|
Connected Routes Area
|
Default Metric field
|
Allows you to specify a metric value to assign to connected routes.
|
Route Policy field
|
Allows you to enter a routing policy to filter connected routes.
|
Static Routes Area
|
Default Metric field
|
Allows you to specify a metric value to assign to static routes.
|
Route Policy field
|
Allows you to enter a routing policy to filter static routes.
|
RIP Routes Area
|
Default Metric
|
Allows you to specify metric value for the RIP route.
|
Route Policy field
|
Allows you to specify route policy to filter the RIP route.
|
OSPF Routes Area
|
OSPF Instance Name column
|
Specifies the OSPF instance. Click the cell and enter a value.
|
Default Metric column
|
Specifies the metric value to assigned to the routes. Click the cell and enter a value.
|
Redistribute Type column
|
Specifies the redistribution type. Click the cell and enter a value.
|
Route Policy Name column
|
Specifies the name of the route policy that is used. Click the cell and enter a value.
|
Internal column
|
Indicates whether the internal OSPF routes are redistributed. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External column
|
Indicates whether the external OSPF routes are redistributed. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External Type 1 column
|
Specifies whether the route is an external route type 1. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
External Type 2 column
|
Specifies whether the route is an external route type 2. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External column
|
Specifies whether the external OSFP routes are redistributed to the not-so-stubby area (NSSA). Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External Type 1 column
|
Specifies whether the NSSA External type is Type 1. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
NSSA External Type 2 column
|
Column specifies whether the NSSA External type is Type 2. Options are true or false. Double-click the cell to activate it; then, double-click to choose true or false.
|
IS-IS Routes Area
|
IS-IS instance name column
|
Specifies the ISIS name. Click the cell and enter a value.
|
Default Metric column
|
Specifies the metric value assigned to the routes. Click the cell and enter a value.
|
Redistribute Type column
|
Allows you to choose the redistribute type. Options are:
•Level1
•Level2
•Level1and2
Double-click the cell to activate the list; then, choose a redistribute type.
|
Route Policy Name column
|
Specifies the name of the route policy. Click the cell and enter a value.
|
Level 1
|
Redistributes ISIS level 1 routes.
|
Level 2
|
Redistributes ISIS level 1 interarea routes.
|
Level 1 Inter-Area
|
Redistributes ISIS level 2 ISIS routes.
|
EIGRP Routes Area
|
EIGRP Instance Name
|
Specifies the EIGRP name. Click the cell and enter a value.
|
Default Metric
|
Specifies the metric value assigned to the routes. Click the cell and enter a value.
|
Redistribute Type
|
Allows you to choose the redistribute type. Options are:
•Internal - Value 1
•External - Value 2
•Both Internal and External - Value 3
|
Route Policy Name
|
Specifies the name of the route policy. Click the cell and enter a value.
|
5.6.13.3.6 Neighbors Tab
The Neighbors tab allows you to perform the following tasks:
•Specify the neighbor IP address and AS number.
•Configure the neighbor inheritance.
•Configure neighbor details including demilitarized zone link bandwidth (DmzLinkBw) password, send and receive buffer sizes, shutdown, timers, and address family mode.
The following table describes the Neighbors tab fields.
Table 5-113 Field Descriptions for the Neighbors Tab
Field
|
Description
|
Neighbor Specific Area
|
IP Address field
|
Allows you to enter an IP address of the BGP-speaking neighbor. Once a BGP neighbor is created, routing information is exchanged.
|
AS Number field
|
Allows you to enter the autonomous system number to which the neighbor belongs.
The AS Number field assigns a remote AS number to a neighbor and causes the neighbor to be created. A neighbor must have a remote AS number before any other parameters can be configured for it.
|
Neighbor Inheritance Area
|
Neighbor Group Name
|
Allows you to choose a neighbor group name.
|
Neighbor Group Name field
|
Allows you to view the chosen neighbor group name.
|
Neighbor Group Name ellipsis button
|
Allows you to choose a neighbor group name from the Select Neighbor Group dialog box.
|
Session Group Name
|
Allows you to choose a session group name. Click the Session Group Name ellipsis button to open a Select Session Group dialog box and choose a session group name from the dialog box.
|
Session Group Name field
|
Allows you to view the chosen session group name.
|
Session Group Name ellipsis button
|
Allows you to choose a session group name from the Select Session Group dialog box.
|
Neighbor Details Area
|
Ad. Interval(sec) field
|
Allows you to enter the minimum advertisement interval time.
|
Description field
|
Allows you to enter a description of the neighbor.
|
EBGP Multihop field
|
Allows you to enter the maximum hop count.
The hop count allows the router to accept and attempt BGP connections to external peers residing on networks that are not directly connected.
|
Session Open Mode list
|
Allows you to select the TCP mode. Values can be Either, Active Only, or Passive Only. Default value is Either.
|
Update Source
|
Allows you to specify an interface name by specifying an interface type and instance.
•interface type—Interface to be used to obtain the local IP address for the BGP session with the neighbor.
•interface number—The interface number of the interface-type argument.
Choosing an interface allows internal IBGP sessions to use the IP address from a particular interface as the local address when forming an IBGP session with a neighbor.
This mechanism allows a BGP session to remain up even if the outbound interface goes down, provided there is another route to the neighbor.
|
Update Source field
|
Allows you to view the chosen interface name.
|
Update Source ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
|
Local AS Area
|
Local AS field
|
Allows you to assign local AS numbers.
Each BGP peer can be assigned a local autonomous system value for peering. In the case of neighbor groups and session groups, the local autonomous system value is valid for all peers in the neighbor group.
This feature cannot be customized for individual peers in a group.
You cannot use the local BGP autonomous system number or the autonomous system number of the remote peer.
This is valid only if the peer is a true EBGP peer; it does not work for two peers in different subautonomous systems in a confederation.
|
Disable check box
|
Enables or disables local AS and to prevent it from being inherited from a parent.
|
No Prepend check box
|
Enables or disables prepending the local AS to announcements.
|
Buffer Sizes - Receive and Send Area
|
Socket Read(bytes) field
|
Allows you to enter the receive socket buffer size.
|
BGP Read(bytes) field
|
Allows you to enter the BGP read buffer size.
|
Socket Send(bytes) field
|
Allows you to enter the send socket buffer size.
|
BGP Send(bytes) field
|
Allows you to enter the BGP write buffer size.
|
AF Mode
|
Allows you to specify the address family mode. Click the AF Mode ellipsis button to open a Neighbor Address Family Configuration window and configure a neighbor address family. (See VRF Neighbor Address Family Configuration Window.)
|
AF Mode field
|
Allows you to view the chosen address family mode.
|
AF Mode ellipsis button
|
Allows you to configure an address family mode from the Neighbor Address Family Configuration window.
|
DMZLinkBw Area
|
DmzLinkBw check box
|
Allows you to propagate demilitarized zone (DMZ) link bandwidth, which advertises the bandwidth of links that are used to exit an autonomous system.
This feature supports only single hop links over IBGP. BGP can originate the link bandwidth community only for EBGP peers that are one hop away.
|
Enable Inheritance check box
|
Allows you to enable DMZ link bandwidth to be inherited, allowing propagation and inheritance from a parent.
|
Password Area
|
Password field
|
Allows you to enter a neighbor password. When a password is entered, it enables Message Digest 5 (MD5) authentication on a TCP connection between two BGP neighbors.
You can invoke authentication between two BGP neighbors, causing each segment sent on the TCP connection between them to be verified. The password must be configured the same on both BGP neighbors, otherwise the connection will not be made. The authentication feature uses the MD5 algorithm. Specifying the password causes the software to generate and check the MD5 digest on every segment sent on the TCP connection.
If you configure a password for a neighbor, an existing session will be torn down and a new one established.
If you specify a BGP neighbor group or session group, all the members of the group will inherit the password characteristic.
To override any inherited password configuration from a neighbor group or session group, disable the password on the neighbor.
|
Encryption Type list
|
Allows you to choose a password encryption type. Options are:
•None
•Cisco Proprietary
|
Password Disable check box
|
Allows you to disable the password even if the parent has its own password. Check the Password Disable check box to disable the password for the neighbor and uncheck the check box to enable the password.
|
Shutdown Area
|
Shutdown check box
|
Allows you to shut down the neighbor. Check the Shutdown check box to enable shutdown; uncheck the check box to disable shutdown.
|
Enable Inheritance check box
|
Allows you to enable shutdown of the neighbor from a parent.
|
Timers Area
|
Keepalive (sec) field
|
Allows you to enter the keepalive interval timer. This is the frequency, in seconds, with which the software sends keepalive messages to the neighbor.
The timers actually used in connection with the neighbor group might not be the same as those configured because the actual timers are negotiated with the neighbor when establishing the session. The negotiated hold time is the lower of the configured time and the time received from the neighbor. If the negotiated hold time is 0, keepalives are disabled and the software never terminates the session when a keepalive is not received.
The configured value for the keepalive time is used, provided it does not exceed a third of the negotiated hold time. If it does, a value of a third of the negotiated hold time will be used.
|
Holdtime (sec) field
|
Allows you to enter a value, in seconds, for the interval at which the software terminates the neighbor BGP session after not receiving a keepalive message from the neighbor.
Enter 0 in the Holdtime (sec) field to disable the keepalive and hold-time timers.
Note that the values 1 and 2 are not allowable because the minimum allowable keepalive time is a third of the hold time.
|
5.6.13.3.7 VRF Neighbor Address Family Configuration Window
The VRF Neighbor Address Family Configuration window is opened when the AF Mode ellipsis button is clicked in the Neighbors tab.
The VRF Neighbor Address Family Configuration window allows you to specify the address family group and mode.
The following table describes the VRF Neighbor Address Family Configuration window fields.
Table 5-114 Field Descriptions for the VRF Neighbor Address Family Configuration Window
Field
|
Description
|
AF Group Area
|
AF Mode list
|
Specify the address family mode. Select IPv4Unicast from drop-down menu.
|
AF Group
|
Allows you to choose the address family group.
|
AF Group field
|
Allows you to view the chosen address family group.
|
AF Group ellipsis button
|
Allows you to choose the address group from the Select AF Group dialog box.
|
Generic Config Subtab
|
The Generic Config subtab allows you to perform the following tasks:
•Specify the maximum number of prefixes and the threshold.
•Configure the default originate.
•Configure the route reflector client.
•Disable the next hop calculation.
•Remove private AS updates.
•Send communities to an EBGP group.
•Configure soft reconfiguration.
|
ORF Capability list
|
Allows you to choose the capability Outbound Route Filter (ORF). Options are:
•Receive
•Send
•Both
•None
|
Weight field
|
Allows you to specify the default weight.
|
Max Prefix field
|
Allows you to enter the maximum number of prefixes. The Max Prefix field configures a maximum number of prefixes that a BGP networking device is allowed to receive from a neighbor. It adds another mechanism (in addition to routing policy) to control prefixes received from a peer.
When the number of received prefixes exceeds the maximum number configured, the software terminates the peering (by default). However, if the Enable Warning check box is activated, the software sends only a log message, but continues peering with the sender.
|
Threshold field
|
Allows you to enter the threshold value based on the maximum value in the Max Prefix field. When the threshold is reached (specified percentage of the maximum received prefixes), a warning is generated.
|
Allow AS In field
|
Allows you to enter the number of occurrences of the AS number. Value must be between 1 and 10. Default value is 3.
|
Enable Warning check box
|
Allows you to configure the software to generate a log message when the maximum argument value (threshold) is exceeded, instead of terminating the peering.
|
Default Originate Area
|
Default Originate check box
|
Allows you to enable default originate. Default originate allows you to originate network 0.0.0.0 into the BGP table.
|
Enable Inheritance check box
|
Allows you to prevent default originate from being inherited from a parent (session group or neighbor group).
|
Route Policy field
|
Allows you to enter a route policy name to specify criteria to originate default.
|
Route Reflector Client Area
|
RR Client check box
|
Allows you to enable client-to-client reflection.
When client-to-client reflection is enabled, the clients of a route reflector cannot be members of a peer group.
If the neighbors are fully meshed, there is no need for client-to-client reflection.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the RR Client check box.
|
Send Extended Community EBGP Area
|
Send Ext Comm check box
|
Allows you to specify that extended community attributes will be sent to an EBGP neighbor and cannot be configured for IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Ext Comm check box.
|
AS Override Area
|
AS Override check box
|
Allows you to enable or disable AS override configuration.
|
Enable Inheritance check box
|
Allows you to enable or disable overriding all matching AS numbers while sending updates.
|
Next Hop Self Area
|
Next Hop Self check box
|
Allows you to disable next hop calculation for BGP updates advertised by the networking device, causing all routes to be advertised with this network device as the next hop.
Disabling the next hop calculation is useful in nonmeshed networks (such as Frame Relay or X.25) where BGP neighbors might not have direct access to all other neighbors on the same IP subnet.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Next Hop Self check box.
|
Remove Private AS Area
|
Remove Private AS check box
|
Allows you to remove private autonomous system numbers. When an update is passed to the external neighbor, the software will drop any private autonomous system numbers in the AS-path. This feature is available for EBGP neighbors only.
If the AS-path includes both private and public autonomous system numbers, the software considers the two numbers to be a configuration error and does not remove the private autonomous system numbers.
If the AS path contains the autonomous system number of the EBGP neighbor, the private autonomous system numbers will not be removed.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Remove Private AS check box.
|
Send Community EBGP Area
|
Send Community check box
|
Allows you to specify that community attributes should be sent to an EBGP neighbor and not to IBGP neighbors.
|
Enable Inheritance check box
|
Allows you to specify that all neighbors using the address family group will inherit the characteristics configured with the Send Community check box.
|
Soft Reconfig Inbound Area
|
Soft Reconfiguration check box
|
Allows you to enable soft reconfiguration, allowing the software to store updates received from a neighbor.
When an inbound policy is used to filter out or modify some of the updates received from a neighbor, this feature causes the software to store the original unmodified route in addition to the one that was changed or filtered out. This feature allows a "soft clear" to be performed after the inbound policy is changed. The original routes are then passed through the new policy, which then updates the set of routes to be used.
When the Soft Reconfiguration check box is checked, the three radio button options are:
•Enable—Allow inbound soft reconfiguration. If the neighbor supports route refresh capability, the original routes are not stored because they can be retrieved from the neighbor by making a route refresh request. Click the Enable radio button to allow inbound soft reconfiguration.
•Disable—Do not allow inbound soft reconfiguration. If the neighbor does not support the route refresh capability, an inbound soft clear is not possible. In that case, the only way to rerun the inbound policy is to perform a "hard clear," which is to reset the neighbor BGP session. Click the Disable radio button to deny inbound soft reconfiguration.
•Soft Always—Always use soft reconfiguration, even when route refresh is supported. Checking the Soft Always check box enables the storing of received updates, even if the neighbor supports route refresh capability. Click the Soft Always radio button to always use soft reconfiguration.
|
Filtering Policy Subtab
|
The Filtering Policy subtab allows you to perform the following tasks:
•Specify the prefix list.
•Specify the policy.
•Configure the outgoing route filter.
|
Prefix List (in)
|
Allows you to choose a prefix list to filter updates advertised to or received from a neighbor. Choosing a prefix list applies the prefix list to incoming advertisements to that neighbor.
All neighbors using this group will inherit the characteristics configured with the Prefix List (in) field.
|
Prefix List (in) field
|
Allows you to view the prefix list.
|
Prefix List (in) ellipsis button
|
Allows you to choose the prefix list from the Select prefix dialog box.
|
Route Policy (in) field
|
Allows you to enter the name of a policy to apply to inbound routes.
|
Route Policy (out) field
|
Allows you to enter the name of a policy to apply to outbound routes.
|
Site of Origin Subtab
|
The Site of Origin subtab allows you to perform the following tasks:
•Specify the site of origin type.
•Specify the AS number AS index, IP address, and IP address index.
|
SOO Type
|
Allows you to specify the type of site of origin.
|
AS Number
|
Allows you to enter the AS number. Value must be between 1 and 65535.
|
Address
|
Allows you to enter the IP address. Value must be an IPv4 address.
|
AS index
|
Allows you to enter the AS index. Value must be between 0 and 4294967295.
|
Address Index
|
Allows you to enter the IP address index. Value must be between 0 and 65535.
|
5.6.13.4 Removing a VRF
Step 1 Right-click a VRF in the BGP Instance Tree and choose Remove VRF.
Step 2 Click Yes in the confirmation dialog box.
Step 3 Click OK in the Commit Status message box.
5.6.13.5 Cross-launching Another BGP Application
From an existing CRS-1 or XR 12000 NE's BGP application, you can launch a neighbor NE's BGP application while maintaining and passing the existing application's context.
Step 1 From the BGP Configuration application window, click the Neighbors tab.
Step 2 Select a record from the list.
Step 3 Right-click and select Configure Peer BGP from the shortcut menu.
Another NE Explorer is launched, which displays the BGP application of the neighbor NE. A record is automatically added to the Neighbors tab that has the same entries as the record where you launched the peer application.
5.6.14 ISIS Configuration Application
The ISIS Configuration application contains the following tabs:
•Router Operations Tab
•Creating an ISIS Process
•Logical Router Process Tree
•Process Tabs
•General Tab
•LSP Settings Tab
•Advanced Tab
•Address Family Tabs
•Interfaces Tab
See Creating an ISIS Process for information on creating an ISIS Process in the ISIS Configuration application and the Logical Router Process Tree for information on the Process Tree.
The ISIS Configuration application allows you to configure the Integrated Intermediate System-to-Intermediate system (ISIS) routing protocol on the router.
ISIS, Internet Protocol Version 4 (IPv4) is an Interior Gateway Protocol (IGP) that advertises link-state information throughout the network to create a picture of the network topology. ISIS is an Open Systems Interconnection (OSI) hierarchical routing protocol that designates an intermediate system as a Level 1 or Level 2 device. Level 2 devices route between Level 1 areas to create an intradomain routing backbone.
ISIS, Internet Protocol Version 6 (IPv6), functions the same and offers many of the same benefits as ISIS in IPv4. IPv6 enhancements to ISIS allow ISIS to advertise IPv6 prefixes in addition to IPv4 routes. IPv6 extends the address families supported by ISIS to include IPv6, in addition to IPv4.
ISIS requires you to create an ISIS routing instance for each area, and assign it to a specific interface instead of assigning it to a network. An ISIS routing instance is known as an ISIS process and is a logical router (LR) running ISIS in a physical router.
5.6.14.1 Router Operations Tab
The Router Operations tab is available when an LR is selected in the ISIS Process Tree.
The Router Operations tab allows you to perform the following tasks:
•Clear the ISIS database and adjacency database.
•Clear the ISIS topology table.
The following table describes the router Operations tab fields.
Table 5-115 Field Descriptions for the Router Operations Tab
Field
|
Description
|
Clear Process Area
|
Process ID field
|
Allows you to specify an instance identifier.
|
Clear IS-IS Database & Adjacency Database button
|
Allows you to clear the ISIS database and the adjacency database for the chosen LR.
Clicking this button clears the link-state packet (LSP) database and adjacency database sessions for the LR ISIS instance.
|
Clear Routes Area
|
Process ID field
|
Allows you to specify an instance identifier.
|
Clear All Routes button
|
Allows you to clear all routes for the selected LR.
Clicking this button clears all the routes in the specified LR topology.
|
5.6.14.2 Creating an ISIS Process
An ISIS process must be created to configure ISIS.
Step 1 Right-click the LR in the ISIS Process Tree and choose Create a new ISIS process. The Add Process dialog box opens.
Step 2 Enter a process ID in the Process ID field; then, click OK.
A new process is created and appears below the LR in the ISIS Process Tree.
5.6.14.3 Logical Router Process Tree
The ISIS Process Tree displays the processes for the LR. Each process in the ISIS Process Tree contains Address Family and Interfaces icons. Clicking an icon displays the corresponding tab in the Application pane.
5.6.14.4 Process Tabs
Click a process in the ISIS Process Tree to display the Process tabs.
5.6.14.5 General Tab
The General tab allows you to add a network entity title (NET), and choose the routing level and dynamic hostname.
The following table describes the General tab fields.
Table 5-116 Field Descriptions for the General Tab
Field
|
Description
|
Network Entity Title field
|
Allows you to enter a network entity title. Click the Add button; then, click the new row in the table and enter a name.
A NET is a network service access point (NSAP) where the last byte is always zero. On a router running ISIS, a NET can be 8 to 20 bytes in length. The last byte is always the n-selector and must be zero. The n-selector indicates which transport entity the packet is sent to. An n-selector of zero indicates no transport entity, and means that the packet is for the routing software of the system. The six bytes directly preceding the n-selector are the system ID. The system ID length is a fixed size and cannot be changed. The system ID must be unique throughout each area (Level 1) and throughout the backbone (Level 2). All bytes preceding the system ID are the area ID.
A maximum of three NETs per router are allowed. Configuring multiple NETs can be temporarily useful in the case of network reconfiguration where multiple areas are merged, or where one area is split into more areas. Multiple area addresses enable you to renumber an area individually as needed.
The following example configures a router with area ID 47.0004.004d.0001 and system ID 0001.0c11.1110:
47.0004.004d.0001.0001.0c11.1110.00
|
Routing Level list
|
Allows you to choose a routing level for the ISIS process. Options are:
•Level 1—Router performs only Level 1 (intra-area) routing. This router learns only about destinations inside its area. Level 2 (interarea) routing is performed by the closest Level 1-2 router.
•Level 2—Router performs only Level 2 (interarea) routing only. This router is part of the backbone, and does not communicate with Level 1 only routers in its own area.
•Level 1-2(Default)—Router performs both Level 1 and Level 2 routing. This router runs two instances of the routing process. It has one link-state packet database (LSDB) for destinations inside the area (Level 1 routing) and runs a shortest path first (SPF) calculation to discover the area topology. It also has another LSDB with LSPs of all other backbone (Level 2) routers, and runs another SPF calculation to discover the topology of the backbone, and the existence of all other areas. When the Routing Level list is set to the Level 1-2(Default) value on the NE, the Level 1-2(Default) value will not appear in the running configuration.
Note When configuring a routing level parameter, and the parameter is configured for both Level 1 and Level 1-2 or for both Level 2 and Level 1-2, the Level 1 and Level 2 parameters are used instead of the Level 1-2 parameter.
|
Dynamic host name list
|
Allows you to enable or disable the dynamic hostname resolution. Options are enable and disable.
When network administrators maintain and troubleshoot networking devices, they must know the networking device name and corresponding system ID. This list allows the mapping of networking device names to system IDs.
ISIS uses hostnames rather than system IDs in all log messages and line interface output. Flooding of LSPs causes the type, length, and value (TLV) object parameters to carry the mapping information across the entire network. Every networking device in the network, upon receiving the TLV from an LSP, tries to install it in a mapping table. The networking device uses the mapping table when it wants to convert a system ID to a networking device name. If a networking device on the network advertises the dynamic name in the TLV, but later stops the advertisement, the dynamic name remains in the mapping table for up to one hour. This behavior is intended to help the network administrator use the mapping entry when the network has a problem.
|
5.6.14.6 LSP Settings Tab
The LSP Settings tab allows you to limit LSP flooding in ISIS networks. In a network with a high degree of redundancy, such as a fully meshed set of point-to-point links over a nonbroadcast multiaccess (NBMA) transport, flooding of LSPs can limit network scalability. You can reduce LSP flooding in two ways:
•Blocking flooding on specific interfaces—The advantage of full blocking over mesh groups is that it is easier to configure and understand, and fewer LSPs are flooded. Blocking flooding on all links permits the best scaling performance, but results in a less robust network structure. Permitting flooding on all links results in poor scaling performance.
•Configuring mesh groups—The advantage of mesh groups over full blocking is that mesh groups allow LSPs to be flooded over one hop to all routers on the mesh, while full blocking allows some routers to receive LSPs over multiple hops. This relatively small delay in flooding can have an impact on convergence times, but the delay is negligible compared to overall convergence times.
By default, the Cisco CRS-1 Series router sends a periodic LSP refresh every 15 minutes. LSPs remain in a database for 20 minutes by default. If they are not refreshed by that time, they are deleted. You can change the LSP refresh interval or the LSP lifetime. The LSP interval should be less than the LSP lifetime or else LSPs will time out before they are refreshed. The software will adjust the LSP refresh interval if necessary to prevent the LSPs from timing out.
The LSP Settings tab allows you to perform the following tasks:
•Configure the LSP maximum transmission unit.
•Configure the general, refresh, and lifetime.
•Configure the LSP passwords for Level 1, Level 2, and Level 1-2.
Note When configuring a routing level parameter, and the parameter is configured for both Level 1 and Level 1-2 or for both Level 2 and Level 1-2, the Level 1 and Level 2 parameters are used instead of the Level 1-2 parameter.
The following table describes the LSP Settings tab fields.
Table 5-117 Field Descriptions for the LSP Settings Tab
Field
|
Description
|
LSP Settings Area
|
LSP MTU fields
|
Allows you to enter the maximum transmission unit (MTU) value for Level 1, Level 2, and Level 1-2. Under normal conditions, the default MTU size should be sufficient. However, if the MTU of a link is less than 1500 bytes, the LSP MTU must be lowered accordingly on each router in the network. If this action is not taken, routing becomes unpredictable. This field allows you to specify the MTU.
If any link in the network has a reduced MTU, all devices must be changed, not just the devices directly connected to the link.
|
Generate Interval (secs) fields
|
Allows you to configure the time delay between successive ISIS LSP transmissions for Level 1, Level 2, and Level 1-2.
In topologies with a large number of ISIS neighbors and interfaces, a router might have difficulty with the CPU load imposed by LSP transmission and reception. This field allows you to specify the LSP transmission rate and reception rate of ISIS neighbors to be reduced.
|
Refresh Interval (secs) fields
|
Allows you to set the refresh interval for Level 1, Level 2, and Level 1-2, which determines the rate at which the software periodically sends the route topology information that it originates. This is done to keep the information from becoming out of date.
The lifetime of an LSP will expire if it is not refreshed. The refresh interval must be less than the LSP lifetime specified in the Maximum Lifetime (secs) field. Reducing the refresh interval reduces the amount of time that undetected link-state database corruption can persist at the cost of increased link utilization. (This event is extremely unlikely to occur, however, because there are other safeguards against corruption.) Increasing the interval reduces the link utilization caused by the flooding of refreshed packets.
|
Maximum Lifetime (secs) fields
|
Allows you to adjust the maximum LSP lifetime for Level 1, Level 2, and Level 1-2 if the LSP refresh interval is changed.
The maximum LSP lifetime must be greater than the LSP refresh interval.
|
LSP Password Area
|
Encryption Type lists
|
Allows you to choose the password encryption type. Options are:
•None—No encryption is used.
•Cisco Proprietary—Encryption is used.
|
Password fields
|
Allows you to enter a password for Level 1, Level 2, and Level 1-2. These fields will prevent unauthorized networking devices from injecting false routing information into the link-state database. The configured password is inserted into all LSPs and sequence number protocols (SNPs) at the configured level.
|
SNP Authentication Mode lists
|
Allows you to choose the SNP data units for Level 1, Level 2, and Level 1-2. Options are:
•Validate—Adds passwords to SNPs when they are sent. Checks authentication in received SNP. This is the default if no SNP option is specified.
•Send only—Adds passwords to SNPs when they are sent. Does not check for authentication in received SNPs.
|
5.6.14.7 Advanced Tab
The Advanced tab allows you to perform the following tasks:
•Configure nonstop forwarding (NSF).
•Configure overhead bit parameters for Level 1, Level 2, and Level 1-2.
•Configure log dropped protocol data unit (PDU) and adjacency changes.
•Ignore LSP errors.
Note When configuring a routing level parameter, and the parameter is configured for both Level 1 and Level 1-2 or for both Level 2 and Level 1-2, the Level 1 and Level 2 parameters are used instead of the Level 1-2 parameter.
The following table describes the Advanced tab fields.
Table 5-118 Field Descriptions for the Advanced Tab
Field
|
Description
|
Non-Stop Forwarding Area
|
NSF Type list
|
Allows you to choose the NSF type. Options are:
•Cisco-proprietary NSF—Specifies Cisco proprietary NSF restart.
•IETF-standard NSF—Specifies Internet Engineering Task Force (IETF) NSF restart.
NSF allows the ISIS process to restart using checkpointed adjacency and LSP information, and to perform a restart with no impact on neighboring routers. In other words, when NSF is enabled, there is no impact on other routers in the network due to the destruction and recreation of adjacencies and the system LSP.
|
Min. restart interval (secs) field
|
Allows you to enter a value to control successive NSF restarts within a minimal interval time.
If the ISIS instance restarts repeatedly, it might indicate a serious (nonrecoverable) problem. In this case it is undesirable for other routers in the network to treat the restarting router as stable, as is assumed by NSF. If the NSF interval is not exceeded between restarts, the second restart will be non-NSF and result in a network topology change seen by all other routers.
|
Max. route lifetime (secs) field
|
Allows you to enter a value for the maximum lifetime following a restart. The value is the maximum available time for the reacquisition of checkpointed adjacencies and LSPs during a Cisco-proprietary NSF restart. LSPs and adjacencies not recovered during this time are abandoned, causing changes to the network topology.
This field applies only to Cisco-proprietary NSF. It has no effect if an IETF-style NSF is configured.
|
Interface timer (secs) field
|
Allows you to enter a value for the per-interface time period to wait for a restart acknowledgment during an IETF NSF restart. Specifying the interface timer controls the restart time interval after the hello packet is resent. The restart time interval need not match the hello interval. When the IETF NSF restart process begins, hello packets send an NSF restart flag that must be acknowledged by the neighboring routers.
This field applies to IETF-style NSF, not Cisco-proprietary NSF.
|
Interface-expires number field
|
When a hello packet sent with the NSF restart flag set is not acknowledged, it is resent.
Allows you to enter a value for the maximum number of times an interface timer can expire during an IETF NSF restart before the NSF restart is aborted. Specifying the interface expiry number controls the number of times the NSF hello is resent. When this limit is reached on an interface, any neighbor previously known on that interface is assumed to be down and the initial SPF calculation is permitted, provided all other necessary conditions are met.
The total time period available for adjacency reestablishment (interface-timer, interface-expires) should be greater than the expected total NSF restart time.
This field applies to IETF-style NSF, not Cisco-proprietary NSF.
|
Overload Bit Area
|
Set overload bit
Level 1 list
Level 2 list
Level 1 & 2 list
|
Allows you to choose an option to force the router to set the overload bit in its nonpseudonode LSPs. Options are:
•Permanently—Permanently sets the overload bit after reboot.
•Delay on startup—Time to advertise when the router is overloaded after reboot. This option enables the Delay (secs) field and allows you to enter a delay time.
•Wait for BGP on startup—Sets the overload bit on startup until BGP signals converge or time out.
Normally the setting of the overload bit is allowed only when a router encounters problems. For example, when a router is experiencing a memory shortage, the reason might be that the link-state database is not complete, resulting in an incomplete or inaccurate routing table.
If the overload bit is set in the LSPs of the unreliable router, other routers can ignore the router in their SPF calculations until it has recovered from its problems. The result will be that no paths through the unreliable router are seen by other routers in the ISIS area. However, IP prefixes directly connected to this router will still be reachable.
Setting the overload bit is useful when you want to connect a router to an ISIS network, but do not want real traffic flowing through it under any circumstances.
Routers that would have the overload bit set are:
•Test router in the lab, connected to a production network.
•Router configured as an LSP flooding server.
•Router that is aggregating virtual circuits used only for network management. In this case, the network management stations must be on a network directly connected to the router with the overload bit configured.
|
Delay (secs)
Level 1 field
Level 2 field
Level 1 & 2 field
|
Allows you to enter a set overload bit delay time.
This field becomes available when the Delay on startup option is chosen from the Set overhead bit field.
|
Other Area
|
Log dropped PDUs check box
|
Allows you to enable monitoring (logging) of a network when ISIS PDUs are suspected of being dropped. The reason for the PDU being dropped and current PDU drop statistics are recorded.
|
Log adjacency changes check box
|
Allows you to enable monitoring of ISIS adjacency state changes and can be useful when monitoring large networks. Messages are logged using the system error message facility.
|
Ignore LSP errors list
|
Allows you to ignore LSPs with a bad checksum instead of purging the LSP. Options are Enable(Default) and Disable. Choose Enable(Default) to ignore LSPs with a bad checksum or choose Disable to purge LSPs with bad checksums. When the Ignore LSP errors list is set to the Enable(Default) value on the NE, the Enable(Default) value will not appear in the running configuration.
LSPs with an incorrect data-link checksum must be purged by the receiver, which causes the initiator of the packet to regenerate it. However, if a network has a link that causes data corruption while still delivering LSPs with correct data-link checksums, a continuous cycle of purging and regenerating large numbers of packets can occur. Because this situation could stop network operations, use this field to ignore these LSPs rather than purge the packets.
Link-state packets are used by the receiving networking devices to maintain their routing tables.
|
5.6.14.8 Address Family Tabs
Click an address family under a process in the ISIS Process Tree to display the Address Families tab.
5.6.14.8.1 General Subtab
The General subtab allows you to perform the following tasks:
•Specify the address family type.
•Use the default link topology for the address family.
•Enable adjacency checking.
•Configure the default route.
•Configure parallel routes.
•Configure the metric style for Level 1, Level 2, and Level 1-2.
Note When configuring a routing level parameter, and the parameter is configured for both Level 1 and Level 1-2 or for both Level 2 and Level 1-2, the Level 1 and Level 2 parameters are used instead of the Level 1-2 parameter.
The following table describes the General subtab fields.
Table 5-119 Field Descriptions for the General Subtab
Field
|
Description
|
Address Family Type list
|
Allows you to choose the process address family configuration mode, from which you can configure routing sessions that use standard IPv4 or IPv6 address prefixes or alter interface parameters for IPv4 or IPv6. Options are:
•ipv4 unicast
•ipv6 unicast
|
Basics Area
|
Use IPv4 Unicast topology check box
|
Allows you to use the default link topology. The Cisco default topology is IPv4 unicast.
|
Enable Adjacency Check check box
|
Allows you to enable multitopology mode check on received ISIS hello (IIH) packets.
ISIS performs consistency checks on hello packets and forms an adjacency only with a neighboring router that supports the same set of protocols.
|
Default Route Area
|
Generate default route information check box
|
This check box allows you to enable generating default route information.
|
Parallel Routes Area
|
Maximum parallel routes field
|
Allows you to specify the maximum number of active parallel routes that the ISIS protocol can support.
|
Metric Style Area
|
Generate TLV Style
Level 1 list
Level 2 list
Level 1 & 2 list
|
Allows you to choose whether the software generates old-style, new-style, or both TLV objects for Level 1, Level 2, and Level 1-2. Options are:
•old-style (metric style narrow)—Narrower metric fields than the new-style.
•new-style (metric style wide)—ISIS traffic engineering extensions include new-style TLV objects with wider metric fields than old-style TLV objects. To perform Multiprotocol Label Switching traffic engineering (MPLS-TE [also known as MPLS TE]), a router must generate new-style TLV objects. If new-style is chosen, a router generates and accepts only new-style TLV objects. Therefore, the router uses less memory and fewer other resources rather than generating both old-style and new-style TLV objects.
•both (metric style transition)—The software generates and accepts both old-style and new-style TLV objects.
|
Accept TLV Style
Level 1 list
Level 2 list
Level 1 & 2 list
|
Allows you to choose whether the software accepts old-style, new-style, or both TLV objects for Level 1, Level 2, and Level 1- 2. Options are:
•old-style (metric style narrow)—Narrower metric fields than the new-style.
•new-style (metric style wide)—ISIS traffic engineering extensions include new-style TLV objects with wider metric fields than old-style TLV objects. To perform MPLS-TE, a router must generate new-style TLV objects. If new-style is chosen, a router generates and accepts only new-style TLV objects. Therefore, the router uses less memory and fewer other resources rather than generating both old-style and new-style TLV objects.
•both (metric style transition)—The software generates and accepts both old-style and new-style TLV objects.
|
5.6.14.8.2 Advanced Subtab
The Advanced subtab allows you to perform the following tasks:
•Configure the SPF calculation for Level 1, Level 2, and Level 1- 2.
•Configure the incremental SPF calculation for Level 1, Level 2, and Level 1- 2.
•Set an attached bit.
Note When configuring a routing level parameter, and the parameter is configured for both Level 1 and Level 1-2 or for both Level 2 and Level 1-2, the Level 1 and Level 2 parameters are used instead of the Level 1-2 parameter.
The following table describes the Advanced subtab fields.
Table 5-120 Field Descriptions for the Advanced Subtab
Field
|
Description
|
SPF Calculation Area
|
SPF interval (secs) fields
|
Allows you to set the interval between SPF calculations for Level 1, Level 2, and Level 1-2. The SPF interval is used to reduce the processor load when ISIS needs to recalculate its topology after minor changes.
|
PRC interval (secs) fields
|
Allows you to set the minimum interval between partial route calculations (PRCs) for Level 1, Level 2, and Level 1- 2. The PRC interval controls the hold-down period between PRCs.
|
ISPF Area
|
ISPF-Enable check boxes
|
Allows you to enable incremental SPF (ISPF) for Level 1, Level 2, and Level 1-2. ISPF is used to configure the ISPF algorithm to calculate network topology.
|
Startup delay (secs) fields
|
Allows you to set the time delay between the starting of the ISIS instance and the activation of the ISPF algorithm.
Running the ISPF algorithm before the ISIS network reaches stability is inefficient because the network has not completely converged, resulting in wasted CPU resources.
In very large or slowly converging networks, you might need to increase the delay before ISPF begins to handle topology changes; conversely, the delay can be activated sooner for small or rapidly converging networks.
|
Attached bit Area
|
Set attached bit check box
|
Allows you to configure an ISIS instance with an attached bit in the Level 1 LSP.
|
5.6.14.8.3 MPLS-TE Subtab
The MPLS-TE subtab allows you to perform the following tasks:
•Enable traffic engineering for the address family.
•Configure the router ID.
The following table describes the MPLS-TE subtab fields.
Table 5-121 Field Descriptions for the MPLS-TE Subtab
Field
|
Description
|
MPLS-TE Related Settings
|
Enable TE for list
|
Allows you to choose to enable MPLS-TE for Level 1 or Level 2. Options are:
•Level 1
•Level 2
|
Route ID Area
|
None radio button
|
Allows you to specify that the IP address is not configured, allowing you to configure a tunnel without specifying the IP address.
|
Interface Name
|
Allows you to specify that the MPLS-TE router ID for the node is the IP address associated with a chosen interface.
The identifier of the router acts as a stable IP address for the traffic engineering configuration. This IP address is flooded to all nodes. For all traffic engineering tunnels originating at other nodes and ending at this node, you must set the tunnel destination to the traffic engineering router of the destination node (because that is the address used by the traffic engineering topology database at the tunnel head for its path calculation).
|
Interface Name radio button
|
Allows you to specify an interface name.
|
Interface Name field
|
Allows you to enter an interface name.
This field is enabled when the Interface Name radio button is activated.
|
Interface Name ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
This ellipsis button is enabled when the Interface Name radio button is activated.
|
IP Address
|
Allows you to enter an IP address that specifies that the MPLS-TE router ID for the node is the IP address.
The identifier of the router acts as a stable IP address for the traffic engineering configuration. This IP address is flooded to all nodes. For all traffic engineering tunnels originating at other nodes and ending at this node, you must set the tunnel destination to the traffic engineering router of the destination node (because that is the address used by the traffic engineering topology database at the tunnel head for its path calculation).
|
IP Address radio button
|
Allows you to specify an IP address.
|
IP Address field
|
Allows you to enter an IP address.
This field is enabled when the IP Address radio button is activated.
|
5.6.14.8.4 Route Summarization Subtab
The Route Summarization subtab contains a table that allows you to add route summary addresses. Multiple groups of addresses can be summarized for a given level. Routes learned from other routing protocols can also be summarized. The metric used to advertise the summary is the smallest metric of all the more-specific routes. Configuring route summarization helps reduce the size of the routing table. It also reduces the size of the LSPs and the link-state database. It also helps ensure stability because a summary advertisement depends on many more-specific routes. If one more-specific route flaps, in most cases this flap does not cause a flap of the summary advertisement.
The drawback of summary addresses is that other routes might have less information to calculate the most optimal routing table for all individual destinations.
Note When ISIS advertises a summary prefix, it automatically inserts the summary prefix into the IP routing table but labels it as a discard route entry. Any packet that matches the entry will be discarded to prevent routing loops. When ISIS stops advertising the summary prefix, the routing table entry is removed.
The following table describes the Route Summarization subtab fields.
Table 5-122 Field Descriptions for the Route Summarization Subtab
Field
|
Description
|
Route Summarization Area
|
Prefix column
|
Allows you to enter a summary prefix designated for a range of IPv4 or IPv6 prefixes. Click the column and enter a value.
|
Prefix Length column
|
Allows you to enter the length of the IPv4 or IPv6 prefix. Click the column then enter a value.
|
Level column
|
Allows you to choose the level to redistribute routes into and summarizes them with the configured address and mask value. Options are:
•Level 1-2
•Level 1
•Level 2
Double-click the column to activate the list; then, choose a level.
|
5.6.14.8.5 Route Propagation Subtab
The Route Propagation subtab provides a table that allows you to propagate routes from one ISIS level into another level.
The following table describes the Route Propagation subtab fields.
Table 5-123 Field Descriptions for the Route Propagation Subtab
Field
|
Description
|
Route Propagation Area
|
From Level column
|
Allows you to choose the route level to propagate from. Double-click the column then choose the level. Options are:
•Level 1
•Level 2
|
Into Level column
|
Allows you to choose the route level to propagate to. Double-click the column then choose the level. Options are:
•Level 1
•Level 2
|
Distribute List column
|
Allows you to enter the name or number of the access list that controls which packets are propagated. Click the column then enter a name or number for the access list.
|
5.6.14.8.6 Admin Distance Subtab
The Admin Distance subtab provides a table that allows you to configure the default route source administrative distance and specify route sources that will override the default administrative distance.
The following table describes the Admin Distance subtab fields.
Table 5-124 Field Descriptions for the Admin Distance Subtab
Field
|
Description
|
Default admin distance for all route source field
|
Allows you to set the administrative distance assigned to routes discovered by the ISIS protocol.
In general, the higher the value, the lower the trust rating. An administrative distance of 255 means that the routing information source cannot be trusted at all and should be ignored.
This field is used to configure the administrative distances applied to ISIS routes when they are inserted into the Routing Information Base (RIB), and influences the likelihood of these routes being preferred over routes to the same destination addresses discovered by other protocols.
The default administrative distance is overridden for chosen route sources when the route source matches the values provided in the Override By Route Source table.
|
Override By Route Source Area
|
Source Prefix column
|
Allows you to enter the source prefix. Click the column and enter a value.
|
Prefix Length column
|
Allows you to set the prefix length. Click the column and enter a value.
|
Admin Distance column
|
Allows you to set the administrative distance assigned to routes discovered by the ISIS protocol that matches the Source Prefix and Prefix Length values. Click the column and enter a value.
|
Prefix List column
|
Allows you to enter the prefix list. Click the column and enter a prefix list.
|
5.6.14.9 Interfaces Tab
Click an interface under a process in the ISIS Process Tree to display the Interfaces tab.
5.6.14.9.1 General Subtab
The General subtab allows you to perform the following tasks:
•Specify an interface name and type.
•Choose the circuit type.
The following table describes the General subtab fields.
Table 5-125 Field Descriptions for the General Subtab
Field
|
Description
|
Interface name
|
Allows you to enter the interface name.
|
Interface name ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
|
Circuit type list
|
Allows you to choose a circuit type for the interface. Options are:
•Level 1
•Level 2
•Level 1-2(Default). When the Circuit type list is set to the Level 1-2(Default) value on the NE, the Level 1-2(Default) value will not appear in the running configuration.
|
Interface state list
|
Allows you to choose the interface state. Options are:
•Shutdown
•Passive
|
5.6.14.9.2 Supported Address Families Subtab
The Supported Address Families subtab provides a table that allows you to configure ISIS IPv4 and IPv6 address families.
Note It is recommended that you configure metrics on all interfaces. If you do not do so, the ISIS metrics are similar to hop-count metrics.
The following table describes the Supported Address Families subtab fields.
Table 5-126 Field Descriptions for the Supported Address Families Subtab
Field
|
Description
|
Supported Address Families Area
|
AF Name column
|
Allows you to choose an address family name. Double-click the column and choose an address family type. Options are:
•ipv4 unicast
•ipv6 unicast
|
State column
|
Allows you to choose the state of the address family. Double-click the column and choose a state. Options are:
•Active—The state is active.
•Disabled—The state is disabled.
|
Metric Level 1 column
|
Allows you to set the metric level for the interface used in the SPF calculation for Level 1 (intra-area) routing. Click the column and enter a value.
This column allows you to specify the metric that is assigned to the link and used to calculate the cost from each networking device, through the links in the network to other destinations.
|
Metric Level 2 column
|
Allows you to set the metric level for the interface used in the SPF calculation for Level 2 (interarea) routing. Click the column and enter a value.
This column allows you to specify the metric assigned to the link and used to calculate the cost from each other networking device through the links in the network to other destinations.
|
Metric Level 1&2 column
|
Allows you to set the metric level for the interface used in the SPF calculation for Level 1-2 routing. Click the column and enter a value.
This column allows you to specify the metric assigned to the link and used to calculate the cost from each other networking device through the links in the network to other destinations.
|
5.6.14.9.3 PDU Settings Subtab
The PDU Settings subtab allows you to perform the following tasks:
•Configure the hello interval, multiplexer, padding, and password for Level 1, Level 2, and Level 1- 2.
•Configure the complete sequence number PDU for Level 1, Level 2, and Level 1-2.
•Configure the LSP interval and resend interval for Level 1, Level 2, and Level 1-2.
Note When configuring a routing level parameter, and the parameter is configured for both Level 1 and Level 1-2 or for both Level 2 and Level 1-2, the Level 1 and Level 2 parameters are used instead of the Level 1-2 parameter.
The following table describes the PDU Settings subtab fields.
Table 5-127 Field Descriptions for the PDU Settings Subtab
Field
|
Description
|
Hello interval (secs) fields
|
Allows you to set the hello intervals for Level 1, Level 2, and Level 1-2. This value is the interval at which ISIS hello (IIH) packets are sent.
With smaller hello intervals, topological changes are detected more quickly, but there is more routing traffic.
Caution A shorter hello interval gives earlier convergence, but increases bandwidth and CPU usage. It might also add to instability in the network.
A slower hello interval saves bandwidth and CPU. Especially when used in combination with a higher hello multiplier, this strategy can increase overall network stability.
It is recommended that you tune the hello interval and hello multiplier on point-to-point interfaces rather than on LAN interfaces.
|
Hello multiplier fields
|
Allows you to set the hello multipliers for Level 1, Level 2, and Level 1-2. This value is the number of successive IIH packets a neighbor must miss before the networking device should declare the ISIS adjacency as down.
The holding time carried in an ISIS hello packet determines how long a neighbor waits for another hello packet before declaring the neighbor to be down. This time determines how quickly a failed link or neighbor is detected so that routes can be recalculated.
This feature is used in circumstances where hello packets are lost frequently and ISIS adjacencies are failing unnecessarily. You can raise the hello multiplier and lower the hello interval correspondingly to make the hello protocol more reliable without increasing the time required to detect a link failure.
On point-to-point links, there is only one hello for both Level 1 and Level 2. Separate Level 1 and Level 2 hello packets are sent over NBMA networks in multipoint mode, such as X.25, Frame Relay, and ATM. However, it is recommended that you run ISIS over point-to-point subinterfaces over WAN NBMA media.
|
Encryption Type lists
|
Allows you to choose the encryption types for Level 1, Level 2, and Level 1-2. Options are:
•None
•Cisco Proprietary
|
Hello Password- Password fields
|
Allows you to configure the authentication passwords for Level 1, Level 2, and Level 1-2. The passwords prevent unauthorized networking devices from injecting false routing information into the link-state database.
The configured password argument is inserted into all LSPs and SNPs at the configured level. The configured password argument is exchanged as plain text, so the command provides only limited security.
The recommended password configuration is that both incoming and outgoing SNPs be authenticated.
|
Hello padding lists
|
Allows you to choose the hello paddings for Level 1, Level 2, and Level 1-2. Options are:
•Disable—Suppresses hello padding.
•Sometimes Enable—Enables hello padding during adjacency formation only.
•Always Enable—Configures hello padding.
This allows you to configure padding on ISIS hello PDUs for ISIS interfaces.
You might want to suppress hello padding in order to conserve network resources. The lower the circuit speed, the higher the percentage of padding overhead. Before suppressing the hello padding, you should know your physical and data link layer configurations and have control over them, and also know your router configuration at the network layer.
You also might want to suppress hello padding to save resources on the authentication of PDUs. The encryption value of the PDU is computed over the entire length of the hello PDU, including the padding portion. If you have a large number of authenticated ISIS adjacencies on the networking device, hello padding can adversely impact the networking device CPU.
|
CSNP interval (secs) fields
|
Allows you to set the complete sequence number PDU (CSNP) intervals for Level 1, Level 2, and Level 1- 2. Specifying the CSNP interval configures the interval at which periodic CSNP packets are sent on broadcast interfaces.
The CSNP interval applies only to the designated router (DR) for a specified interface. Only DRs send CSNP packets to maintain database synchronization. The CSNP interval can be configured independently for Level 1 and Level 2.
Use of this feature on point-to-point subinterfaces makes sense only when using it in combination with the ISIS mesh-group feature.
It is unlikely that you will ever need to change the default value of this field.
|
LSP interval (ms) fields
|
Allows you to set the LSP intervals for Level 1, Level 2, and Level 1-2. Specifying the LSP interval configures the time delay between successive ISIS LSP transmissions.
In topologies with a large number of ISIS neighbors and interfaces, a router might have difficulty with the CPU load imposed by LSP transmission and reception.
The specified interval reduces the LSP transmission rate of the router and the reception rate of its ISIS neighbors.
|
LSP retransmit interval (secs) fields
|
Allows you to set the LSP retransmit intervals for Level 1, Level 2, and Level 1-2. Specifying the LSP retransmit interval configures the interval between retransmissions of the same LSP.
The setting of the seconds argument should be conservative, or needless retransmission will result.
The value specified in the LSP retransmit interval field has no effect on LAN (multipoint) interfaces. On point-to-point links, the value can be increased to enhance network stability.
Because retransmissions only occur when LSPs are dropped, setting the value higher has little effect on reconvergence. The more neighbors networking devices have, and the more paths over which LSPs can be flooded, the higher this value can be made.
The value should be higher for serial lines.
|
LSP retransmit throttle interval (ms) fields
|
Allows you to set the LSP retransmit throttle intervals for Level 1, Level 2, and Level 1-2. Specifying the LSP retransmit throttle interval configures the minimum interval between retransmissions of different LSPs.
The value specified in the LSP retransmit throttle interval field can be useful in very large networks with many LSPs and many interfaces as a way of controlling LSP retransmission traffic. This controls the rate at which LSPs can be resent on the interface.
The LSP retransmit throttle interval is distinct from the rate at which LSPs are sent on the interface and the period between retransmissions of a single LSP. All the LSP retransmit parameters can be used in combination to control the offered load of routing traffic from one networking device to its neighbors.
|
5.6.14.9.4 Advanced Subtab
The Advanced subtab allows you to perform the following tasks:
•Configure the designated routers for Level 1, Level 2, and Level 1-2.
•Configure the mesh group.
Note When configuring a routing level parameter, and the parameter is configured for both Level 1 and Level 1-2 or for both Level 2 and Level 1-2, the Level 1 and Level 2 parameters are used instead of the Level 1-2 parameter.
The following table describes the Advanced subtab fields.
Table 5-128 Field Descriptions for the Advanced Subtab
Field
|
Description
|
DR Election Area
|
Priority fields
|
Allows you to configure the priority of DRs for Level 1, Level 2, and Level 1- 2.
The priority is used to determine which networking device on a LAN will be the designated router or Designated Intermediate System (DIS). The priorities are advertised in the hello packets. The networking device with the highest priority will become the DIS.
In the ISIS protocol, there is no backup designated router. Setting the priority to 0 lowers the chance of this system becoming the DIS, but does not prevent it. If a networking device with a higher priority comes online, it will take over the role from the current DIS. In the case of equal priorities, the highest MAC address breaks the tie.
|
Mesh Group Area
|
Default radio button
|
Allows you to choose the default mesh group.
The mesh group optimizes LSP flooding in NBMA networks with highly meshed, point-to-point topologies.
LSPs that are first received on subinterfaces that are not part of a mesh group are flooded to all other subinterfaces in the usual way.
LSPs that are first received on subinterfaces that are part of a mesh group are flooded to all interfaces except those in the same mesh group. If the mesh group is blocked on a subinterface, a newly received LSP is not flooded out over that interface.
To minimize the possibility of incomplete flooding, you should allow unrestricted flooding over at least a minimal set of links in the mesh. Choosing the smallest set of logical links that covers all physical paths results in very low flooding, but less robustness. Ideally, you should choose only enough links to ensure that LSP flooding is not detrimental to scaling performance, but enough links to ensure that under most failure scenarios, no networking device will be logically disconnected from the rest of the network. In other words, blocking flooding on all links permits the best scaling performance, but there is no flooding. Permitting flooding on all links results in very poor scaling performance.
|
Block mesh group radio button
|
Allows you to specify that no LSP flooding will take place on the selected interface.
|
Mesh group number
|
Allows you to enter a number identifying the mesh group of which the chosen interface is a member.
|
Mesh group number radio button
|
Allows you to specify a number for identifying the mesh group.
|
Mesh group number field
|
Allows you to enter a mesh group number.
This field is enabled when the Mesh group number radio button is activated.
|
5.6.15 LDP Configuration Application
The LDP Configuration application contains the following tabs:
•Interfaces Tab
•General Tab
•Neighbors Tab
•Label Advertisement Tab
•Operations Tab
The LDP Configuration application allows you to configure Label Distribution Protocol (LDP) to perform label distribution in Multiprotocol Label Switching (MPLS) environments. LDP performs hop-by-hop or dynamic path setup, but does not provide end-to-end switching services. LDP also provides constraint-based routing using LDP extensions for traffic engineering.
LDP provides the means for label switching routers (LSRs) to request, distribute, and release label prefix binding information to peer routers in a network. LDP enables LSRs to discover potential peers and establish LDP sessions with those peers to exchange label binding information.
LDP is deployed in the core of the Cisco CRS-1 Series router, and is one of the key protocols used in Layer 2 virtual private networks (VPNs). LDP assigns labels to routes using the underlying Interior Gateway Protocol (IGP) routing.
5.6.15.1 Interfaces Tab
The Interfaces tab allows you to perform the following tasks:
•Specify the LDP interface name.
•Configure the discovery transportation address.
The following table describes the Interfaces tab fields.
Table 5-129 Field Descriptions for the Interfaces Tab
Field
|
Description
|
Basics Area
|
Name
|
Allows you to choose the interface name.
|
Name field
|
Allows you to enter a name.
|
Name ellipsis button
|
Allows you to choose a name from the Select Interfaces dialog box.
|
Discovery Transportation Address Area
|
Default radio button
|
Allows you to specify that LDP use the router ID as its source address for TCP connection setup with its peer. Hello messages include this address in transport address type, length, and value (TLV) objects.
|
Specific IP
|
Allows you to provide an alternative address for a TCP connection. Hello messages include this address in transport address TLV objects.
|
Specific IP radio button
|
Allows you to enable an alternative address for a TCP connection.
|
Specific IP field
|
Allows you to enter an address.
|
5.6.15.2 General Tab
The General tab allows you to perform the following tasks:
•Configure the router ID.
•Set the linked and targeted hello hold time and interval.
•Set the session hold time.
•Enable advertising Explicit Null labels.
•Configure backoff time parameters.
•Configure graceful restart parameters.
•Enable logging neighbor changes.
The following table describes the General tab fields.
Table 5-130 Field Descriptions for the General Tab
Field
|
Description
|
Router ID Area
|
Default radio button
|
Allows you to specify that LDP obtains its router ID from the router-wide router ID configuration, if available.
|
Use Loopback Interface
|
Allows you to provide a loopback interface name for the router ID.
|
Use Loopback Interface radio button
|
Allows you to use the loopback interface name for the router ID.
|
Use Loopback Interface field
|
Allows you to enter a loopback interface name.
This field is enabled when the Use Loopback Interface radio button is activated.
|
Use Loopback Interface ellipsis button
|
Allows you to choose a loopback interface name from the Select Interfaces dialog box.
This field is enabled when the Use Loopback Interface radio button is activated.
|
Use IP Address
|
Allows you to provide a routable IP address for the router ID.
|
Use IP Address radio button
|
Allows you to use the IP address for the router ID.
|
Use IP Address field
|
Allows you to enter an IP address.
This field is enabled when the Use IP Address radio button is activated.
|
Discovery Area
|
Hellos Subarea
|
Link Hello Hold time (sec) field
|
Allows you to configure the linked hello hold time. This is the hold time for a discovered LDP neighbor.
This field specifies the length of time that a discovered neighbor is assumed to be present in the absence of discovery messages.
|
Link Hello Interval (sec) field
|
Allows you to configure the linked hello interval. This is the interval between transmission of consecutive LDP discovery messages.
|
Targeted Hellos
|
Targeted Hello Hold time (sec) field
|
Allows you to configure the targeted hello hold time. This is the hold time for targeted neighbors.
This field specifies the length of time that a targeted neighbor is assumed to be present in the absence of discovery messages.
|
Targeted Hello Interval (sec) field
|
Allows you to configure the targeted hello interval. This is the interval between transmission of consecutive LDP discovery messages.
|
Session Area
|
Hold time (sec) field
|
Allows you to specify the time for which an LDP session is maintained in the absence of LDP messages from the session peer.
|
Signalling DSCP Area
|
Signalling DSCP field
|
Allows users to set Differentiated Services Code Point (DSCP) for LDP control packets.
|
Backoff Time Area
|
Hold time (sec) field
|
Allows you to specify the initial session time for LDP backoff. The LDP backoff mechanism prevents two incompatibly configured LSRs from engaging in an unthrottled sequence of session setup failures. If a session setup attempt fails due to such incompatibility, each LSR delays its next attempt (backs off), increasing the delay exponentially with each successive failure until the maximum backoff delay is reached.
|
Maximum (sec) field
|
Allows you to specify the maximum session time for LDP backoff. The LDP backoff mechanism prevents two incompatibly configured LSRs from engaging in an unthrottled sequence of session setup failures. If a session setup attempt fails due to such incompatibility, each LSR delays its next attempt (backs off), increasing the delay exponentially with each successive failure until the maximum backoff delay is reached.
|
Logging Area
|
Log Neighbor Changes check box
|
Allows you to enable the logging of neighbor session changes. You will receive a message when a neighbor goes up or down.
|
Advertise Explicit Null Label Area
|
None radio button
|
Allows you to disable Advertise Explicit Null configuration.
|
All radio button
|
Allows you to configure explicit null label advertisement for all LDP peers.
|
ACL (Peer/Prefix)
|
Allows you to enable ACL Peer of Prefix configuration.
|
Peer ACL check box
|
Allows you to enable or disable peer ACL.
|
Peer ACL field
|
If Peer ACL is checked, allows you to specify the name of the peer ACL.
|
Prefix ACL check box
|
Allows you to enable or disable prefix ACL.
|
Prefix ACL field
|
If Prefix ACL is checked, allows you to specify the name of the prefix ACL.
|
Graceful Restart Area
|
Enable check box
|
Allows you to enable the graceful restart capability.
You must restart LDP process to have the graceful restart configuration take effect.
|
Forwarding State Holdtime (sec) field
|
Allows you to specify the length of time that the peer label mapping entries are kept and can be reclaimed.
The Forwarding State hold time value is the length of time, after restart, for which the restarted LSR will keep its stale forwarding-state entries. After restarting and recovering its preserved forwarding entries, LSR will start a Forwarding State hold timer and wait for peers to resynchronize with the LSR.
The value of recovery time in the fault tolerant (FT) session TLV (the INIT message) to another peer after a restart or reconnect is computed to be the value of the Forwarding State hold timer at the time of the INIT message.
|
Reconnection timeout (sec) field
|
Allows you to specify the time given to the peer to reestablish the connection before the peer is considered an indefinitely connected neighbor.
The Reconnection timeout value is the reconnect timeout that will be sent in the FT Session TLV (the INIT message) to another peer.
|
5.6.15.3 Neighbors Tab
The Neighbors tab allows you to perform the following tasks:
•Provide the IP address of an LDP neighbor whose password and encryption type you want to set.
•Set the password and password encryption type for the LDP neighbor.
The following table describes the Neighbors tab fields.
Table 5-131 Field Descriptions for the Neighbors Tab
Field
|
Description
|
Neighbor IP Address field
|
Allows you to view the LDP neighbor IP address.
|
Neighbor IP Address ellipsis
|
Allows you to select a role type and an IP address under the selected role type.
|
Password field
|
Allows you to enter a password so that an attempt to establish a session between two LDP peers is allowed only when a password match has been configured.
|
Encryption Type list
|
Allows you to choose the password encryption type. Options are:
•None
•Cisco Proprietary
|
5.6.15.4 Label Advertisement Tab
The Label Advertisement tab allows you to perform the following tasks:
•Add or remove an advertisement interface or access control list.
•Disable label advertisement.
The following table describes the Label Advertisement tab fields.
Table 5-132 Field Descriptions for the Label Advertisement Tab
Field
|
Description
|
Advertise Interface Area
|
Interface field
|
Displays the interface name that sends label advertisement messages.
|
For Prefix ACL Area
|
Prefix Access List field
|
Displays the prefix access control list.
|
Peer Access List field
|
Displays the peer access control list.
|
Add button
|
Allows you to add a new advertisement interface or access control list.
|
Remove button
|
Allows you to remove a new advertisement interface or access control list.
|
Disable Advertisement check box
|
Allows you to disable label advertisement.
|
5.6.15.5 Operations Tab
The Operations tab allows you to perform the following tasks:
•Clear all message counters or a counter for a specific neighbor IP address.
•Restart all LDP sessions or a specific neighbor session.
Note Restarting a session could impact forwarding in nongraceful restart mode.
The following table describes the Operations tab fields.
Table 5-133 Field Descriptions for the Operations Tab
Field
|
Description
|
Clear Counters Area
|
All Message Counters radio button
|
Allows you to clear the statistics message counters for all neighbors.
|
Specify Neighbor IP Address
|
Allows you to clear the statistics message counters for a specific neighbor. This sets the Clear Counters option to Clear Counters only for the specified neighbor.
|
Specify Neighbor IP Address radio button
|
Allows you to enable clearing statistics message counters for a specific neighbor.
|
Specify Neighbor IP Address field
|
Allows you to enter a neighbor IP address.
This field is enabled when the Specify Neighbor IP Address radio button is activated.
|
Clear Counters button
|
Executes the clear counters operation based on the criteria configured in the Clear Counters area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the clear counters operation or click No to cancel the operation.
|
Restart Sessions Area
|
Restart all LDP Sessions radio button
|
Allows you to restart all LDP sessions without restarting LDP itself.
|
By Neighbor Session IP Address
|
Allows you to restart a single LDP session without restarting LDP itself
|
By Neighbor Session IP Address radio button
|
Allows you to enable a single LDP session without restarting LDP itself.
|
By Neighbor Session IP Address field
|
Allows you to enter an IP address.
|
Restart Sessions button
|
Executes the Restart Sessions operation based on the criteria configured in the Restart Sessions area (restart one or all LDP sessions). When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
|
5.6.15.6 Cross-launching Another LDP Application
From an existing CRS-1 or XR 12000 NE's LDP application, you can launch a neighbor NE's LDP application while maintaining and passing the existing application's context.
Step 1 From the LDP Configuration application window, click the Neighbors tab.
Step 2 Select a record from the list.
Step 3 Right-click and select Configure Peer LDP from the shortcut menu.
Another NE Explorer is launched, which displays the LDP application of the neighbor NE. A record is automatically added to the Neighbors tab that has the same entries as the record where you launched the peer application.
5.6.16 OSPF Configuration Application
The OSPF Configuration application allows you to implement the OSPF protocol on the Cisco CRS-1 and XR 12000 routers.
OSPF is an Interior Gateway Protocol (IGP) developed by the Internet Engineering Task Force (IETF). Designed expressly for IP networks, OSPF supports IP subnetting and tagging of externally derived routing information. OSPF also allows packet authentication and uses IP multicast when sending and receiving packets.
OSPF Version 3 (OSPFv3) expands on OSPF Version 2 (OSPFv2), to provide support for IPv6 routing prefixes. OSPFv3 is not currently supported in the Craft Works Interface (CWI). Refer to the Cisco IOS-XR command reference documentation for information using command-line interface (CLI) commands to configure OSPFv3.
The OSPF Configuration application contains the General and Operations tabs. Table 5-134 provides field descriptions.
See Creating an OSPF Instance for information on the Instance Tree and on creating an Open Shortest Path First (OSPF) Instance in the OSPF Configuration application. Also, for information on creating an OSPF area, see Creating a Global OSPF Area.
Table 5-134 Field Descriptions for the General and Operations Tab
Field
|
Description
|
General Tab
|
The General tab is available when a logical router is chosen in the OSPF Instance Tree. It allows you to enable Domain Name System (DNS) name lookup.
|
DNS lookup for show commands check box
|
Enables the OSPF protocol to look up DNS names. DNS lookup makes it easier to identify a router when executing all OSPF show command displays. The router is displayed by name rather than by its router ID or neighbor ID.
|
Operations Tab
|
The Operations tab is available when an LR is chosen in the OSPF Instance Tree and then the Operations tab is clicked. It allows you to perform the following tasks:
•Reset OSPF instances.
•Clear routing tables.
•Clear redistributed route entries.
•Clear the neighbor state transition count.
|
Reset Commands Area
|
Reset all OSPF processes button
|
Allows you to reset OSPF processes without stopping and restarting it.
Clicking this button releases all OSPF resources allocated, cleans up the internal database, and shuts down and restarts all interfaces that belong to the process. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
|
Clear routing table Area
|
Clear all OSPF routing tables button
|
Allows you to clear OSPF routes from the OSPF routing table.
Clicking this button clears all OSPF routes from the OSPF routing table and recomputes valid routes. When the OSPF routing table is cleared, OSPF routes in the global routing table are also recalculated.
|
Clear all redistributed route entries button
|
Allows you to clear routes redistributed from other protocols out of the OSPF routing table. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
Clicking this button causes the routing table to be read again. If an unexpected route has not appeared in the OSPF redistribution, clearing OSPF redistribution causes OSPF to resend Type 5 and Type 7 link-state advertisements (LSAs) that can be used by the routing table.
Caution This command can cause a significant number of LSAs to flood the network. It is recommended that you use this command with caution.
|
Clear neighbor state transition count Area
|
Interface name
|
Allows you to specify the interface name for which you want to clear the state transition counter.
|
Interface name field
|
Allows you to enter an interface name.
|
Interface name ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
|
Neighbor IP field
|
Allows you to enter the neighbor IP address of a specified neighbor for which you want to clear the state transition counter.
|
Clear button
|
Allows you to clear the OSPF statistics of neighbor state transitions. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
|
5.6.16.1 Creating an OSPF Instance
An OSPF instance is the equivalent of a router as described in OSPF v2 RFC 2328. RFC 2328 assumes that a physical router has a single OSPF instance. The router operating system allows multiple instances of OSPF to run simultaneously on the router. However, no two instances can share interfaces or reside in the same autonomous system (AS).
To configure OSPF, you must first create an OSPF instance.
Step 1 Right-click the LR in the OSPF Instance Tree and choose Add instance. The Add Instance dialog box opens.
Step 2 Enter an Instance ID in the Instance ID field; then, click OK.
A new process is created and appears below the LR in the OSPF Instance Tree.
The OSPF Instance Tree displays the instances for the LR. Each process in the OSPF Instance Tree can contain multiple area icons which must be manually created. See Creating a Global OSPF Area. Clicking an icon displays the corresponding tab in the Application pane.
5.6.16.1.1 Instance Tabs
For CRS-1 and XR 12000 software release 3.2 NEs, click an instance in the OSPF Instance Tree to display the Instance tabs.
For CRS-1 and XR 12000 software release 3.3 NEs, click the expand icon (+) next to an instance in the OSPF Instance Tree; then, click a global OSPF.
5.6.16.1.2 General Tab
The General tab allows you to perform the following tasks:
•Configure the router ID and maximum number of paths.
•Configure the link metrics.
•Configure the SPF algorithm.
•Configure link costs and LSA timers.
•Configure the default external route parameters.
The following table describes the General tab fields.
Table 5-135 Field Descriptions for the General Tab
Field
|
Description
|
Basics Area
|
Router ID
|
Allows you to specify the a router ID for the OSPF instance.
|
Router ID field
|
Allows you to enter an router ID. Value must be an IPv4 address.
|
Max number of paths field
|
Allows you to specify the maximum number of equal cost paths to install. This controls the maximum number of parallel routes that the OSPF protocol can support and install in a routing table.
|
Default Link Metrics Area
|
Reference BW (Mbps)
|
Allows you to enable and specify the reference bandwidth.
This feature controls how the OSPF protocol calculates default metrics for the interface. By default, OSPF calculates the OSPF metric for an interface according to the bandwidth of the interface.
|
Reference BW (Mbps) check box
|
Allows you to enable reference bandwidth.
|
Reference BW (Mbps) field
|
Allows you to enter a value for the bandwidth.
This field is enabled when the Reference BW (Mbps) check box is activated.
|
Administrative distance field
|
Allows you to specify the administrative distance of OSPF.
In general, the higher the value, the lower the trust rating. An administrative distance of 255 means that the routing information source cannot be trusted at all and should be ignored. Weight values are subjective; there is no quantitative method for choosing weight values.
|
Shortest Path First Algorithm Area
|
Initial delay (ms) field
|
Allows you to specify the time before the first shortest path first (SPF) is run (also known as SPF throttling).
|
Backoff increment (ms) field
|
Allows you to specify the initial wait interval between the first and second SPF calculations. Each consecutive wait interval is twice the previous wait interval. If no SPF calculation is run for the maximum delay time, the subsequent wait interval is reset to the initial value.
|
Max delay time (ms) field
|
Allows you to specify the maximum time between consecutive SPF calculations.
The first wait interval between SPF calculations is the amount of time in milliseconds specified by the initial delay. Each consecutive wait interval is twice the current hold level in milliseconds until the wait time reaches the maximum time in milliseconds as specified by the Max delay time field. Subsequent wait times remain at the maximum until the values are reset or an LSA is received between SPF calculations.
|
Link Costs Area
|
Inter-area field
|
Allows you to specify the administrative distance for all routes from one area to another area.
|
Intra-area field
|
Allows you to specify the administrative distance for all routes within an area.
|
External field
|
Allows you to specify the administrative distance for all external routes (type 5 and type 7) learned from other routing domains through redistribution.
|
Link State Advertisement Timers Area
|
Min LSArrival rate (sec / LSA) field
|
Allows you to specify a value limiting the frequency at which new instances of any particular OSPF LSA can be accepted during flooding.
|
Min LSInterval rate (sec / LSA) field
|
This field is used to adjust the minimum amount of time between originations of the same LSA. This adjustment helps to reduce the flooding and SPF overhead that leads to frequent LSA generation.
|
Maxage / Refresh rate (sec / group LSA) field
|
Allows you to specify a value to change the interval at which OSPF LSAs are collected into a group and refreshed, checksummed, or aged (also called group pacing).
The duration of the LSA group pacing is inversely proportional to the number of LSAs the router is handling. For example, if you have approximately 10,000 LSAs, decreasing the pacing interval would benefit you. If you have a very small database (40 to 100 LSAs), increasing the pacing interval to 10 to 20 minutes might benefit you slightly.
|
Default External Route Area
|
Enable check box
|
Allows you to enable the generation of a default external route into an OSPF routing domain.
Whenever you redistribute routes into an OSPF routing domain, the software automatically becomes an Autonomous System Boundary Router (ASBR). However, an ASBR does not, by default, generate a default route into the OSPF routing domain. The software still must have a default route for itself before it generates one, except when you have specified the always keyword.
|
Always check box
|
Allows you to choose to always advertise the default route regardless of whether the software has a default route.
|
Use existing default route radio button
|
Allows you to specify that the existing default route (0.0.0.0/0) be used.
|
Route metric field
|
Allows you to specify the metric used for generating the default route. The value used is specific to the protocol.
|
Link state type list
|
Allows you to choose the external link type associated with the default route advertised into the OSPF routing domain. Options are:
•Type 1
•Type 2
•Type 1&2
|
5.6.16.1.3 Route Summarization Tab
The Route Summarization tab allows you to perform the following tasks:
•Configure the IP prefix and mask for the route.
•Configure route summary filtering, matching, and suppressing options.
The following table describes the Route Summarization tab fields.
Table 5-136 Field Descriptions for the Route Summarization Tab
Field
|
Description
|
Configuration Area
|
IP Prefix / Mask
|
Allows you to specify an IP summary prefix and summary mask to create aggregate addresses for routes being redistributed from another routing protocol into the OSPF protocol.
|
IP Prefix / Mask radio button
|
Allows you to use an IP summary prefix and mask.
|
IP Prefix / Mask fields
|
Allows you to enter an IP prefix and mask.
This field is enabled when the IP Prefix / Mask radio button is activated.
|
No filter radio button
|
Allows you to choose no filtering.
|
Match tag
|
Allows you to specify a tag value that can be used as a match value for controlling redistribution.
|
Match tag radio button
|
Allows you to enable the option to specify a tag value to be used for matching.
|
Match tag field
|
Allows you to enter a tag value.
|
Suppress type-7 LSAs radio button
|
Allows you to choose to suppress advertising of the summary routes that match the address and mask pair.
|
5.6.16.1.4 Admin Distance Tab
The Admin Distance tab allows you to perform the following tasks:
•Configure the IP address and wildcard bits.
•Specify the administrative distance and the IP access list to be applied to incoming routing updates.
The following table describes the Admin Distance tab fields.
Table 5-137 Field Descriptions for the Admin Distance Tab
Field
|
Description
|
Configuration Area
|
IP / Wildcard bits fields
|
Allows you to specify an IP source address and IP wildcard bits (or inverted mask) to create aggregate addresses for routes being redistributed from another routing protocol into the OSPF protocol.
|
IP / Wildcard bits radio button
|
Allows you to use an IP source address and wildcard bits.
|
IP / Wildcard bits fields
|
Allows you to enter an IP source address and wildcard bits.
This field is enabled when the IP / Wildcard bits radio button is activated.
|
Distance field
|
Allows you to specify the administrative distance of the OSPF.
|
Access Control List
|
Allows you to specify the name of an IP access list to be applied to incoming routing updates.
|
Access Control List field
|
Allows you to enter an ACL name.
|
Access Control List ellipsis button
|
Allows you to choose an ACL from the Select Access Control List dialog box.
|
5.6.16.1.5 Advanced Tab
The Advanced tab allows you to perform the following tasks:
•Configure the nonstop forwarding (NSF) parameters.
•Configure the max-metric LSA parameters.
•Choose a default metric for redistributed routes.
•Configure syslog messages.
•Configure Multiprotocol Label Switching traffic engineering (MPLS-TE) parameters.
•Configure outgoing network filtering parameters.
The following table describes the Advanced tab fields.
Table 5-138 Field Descriptions for the Advanced Tab
Field
|
Description
|
Non Stop Forwarding Area
|
Enable NSF list
|
Allows you to choose an option for configuring NSF for the OSPF protocol. Options are:
•Yes
•No
•Only for NSF-aware neighbors—NSF is canceled if any non NSF-aware routers are detected.
NSF allows for the forwarding of data packets to continue along known routes while routing protocol information (such as OSPF) is being restored following a switchover.
This feature is used if the router is expected to perform NSF during restart. To obtain the full benefits of this feature, configure all neighboring routers with NSF.
|
Interval (sec) field
|
Allows you to configure the minimum time between NSF restart attempts for the OSPF protocol.
|
Lifetime (sec) field
|
Allows you to configure the maximum time that routes are held in the Routing Information Base (RIB) following an OSPF instance restart.
The OSPF instance must reconverge within the maximum length of time configured. If the convergence exceeds this length of time, routes will be purged from RIB, and NSF restart might fail.
|
Max-metric Link State Advertisements Area
|
Send max-metric LSAs check box
|
Allows you to specify that the OSPF protocol will signal other networking devices not to prefer the local router as an intermediate hop in their SPF calculations.
Max-metric LSAs cause the software to originate router LSAs with router link metrics set to LSInfinity (0XFFFF). This feature might be useful in Internet backbone routers. After a router reboots, OSPF might converge quickly, and other routers might try to forward traffic through the recently rebooted router. However, a router in the network might still be building its Border Gateway Protocol (BGP) routing tables, and might not have fully converged yet. In such instances, the router that has not fully converged could drop many packets for destinations it has not yet learned through BGP.
When max-metric LSAs are configured, the router advertises its locally generated router LSAs with a metric of 0XFFFF. This action allows the router to converge but not attract transit traffic if there are better, alternative paths around this router. After the specified announce-time value or notification from BGP, the router advertises the local router LSAs with the normal metric (the interface cost).
This feature might be useful when you want to connect a router to an OSPF network, but do not want real traffic flowing through it if there are better, alternative paths. If there are no alternative paths, this router still accepts transit traffic as before.
Cases where this might be useful are as follows:
•During a router reload, you prefer that OSPF wait for BGP to converge before accepting transit traffic. If there are no alternative paths, the router still accepts transit traffic.
•A router is in critical condition (for example, it has a very high CPU load or does not have enough memory to store all LSAs or build the routing table).
•When you want to gracefully introduce or remove a router to or from the network.
•When you have a test router in a lab, connected to a production network.
|
Always radio button
|
Allows you to specify that the OSPF protocol always originates router LSAs with the maximum metric.
|
Announce time (sec)
|
This radio button and field allows you to specify the time that router LSAs are originated with the maximum metric of 0XFFFF.
|
Announce time (sec) radio button
|
Allows you to enable specifying that the LSAs are originated with the maximum metric.
|
Announce time (sec) field
|
Allows you to enter the announce time.
This field is enabled when the Announce time (sec) radio button is activated.
|
Until BGP converges radio button
|
Allows you to specify that OSPF use the originate router LSAs with the maximum metric and allow BGP to decide when to start originating router LSAs with a normal metric instead of the maximum metric.
|
Redistributed Routes Area
|
Default metric field
|
Allows you to specify the default metric of redistributed routes.
|
Syslog Messages Area
|
Ignore LSA MOSPF check box
|
Allows you to enable the option to suppress the sending of syslog messages when the router receives LSA Type 6 (MOSPF) packets.
Cisco routers do not support LSA Type 6 (MOSPF), and they generate syslog messages if they receive such packets. If the router is receiving many Multicast OSPF (MOSPF) packets, you might want to configure the router to ignore the packets and thus prevent a large number of syslog messages.
|
Log adjacency changes list
|
Allows you to configure the router to send a syslog message when the state of an OSPF neighbor changes. Options are:
•Brief—Provides brief information about adjacency changes.
•Detail—Provides detailed information about adjacency changes.
•Suppress—Suppresses the logging of adjacency changes.
|
MPLS-TE Area
|
Router ID
|
Allows you to specify a stable MPLS-TE address for the OSPF instance.
|
Router ID field
|
Allows you to enter a loopback name of an IPv4 address.
|
Router ID ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box.
|
Opaque LSAs check box
|
Allows you to control opaque LSA support capability of the OSPF protocol.
This capability must be enabled in order for OSPF to support MPLS-TE. The MPLS-TE topology information is flooded to the network through opaque LSAs of OSPF.
|
Enable MPLS-TE for Areas table
|
Allows you to configure an OSPF area for MPLS-TE. Click Add then double-click the new column and enter an area ID.
|
Filter outgoing network updates Area
|
All
|
Allows you to filter all outgoing network updates.
|
All field
|
Allows you to enter an ACL name.
|
All ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
BGP AS
|
Allows you to filter BGP AS updates. Enter an AS number in the first field.
|
BGP AS fields
|
Allows you to enter an AS number in the first field and an ACL name in the second field.
|
BGP AS ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
Connected
|
Allows you to filter connected updates.
|
Connected field
|
Allows you to enter an ACL name.
|
Connected ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
OSPF PID
|
Allows you to filter OSPF instance identifier updates. Enter an OSPF instance name in the first field. Either enter an ACL name in the second field or click the ellipsis button to open a Select ACL dialog box and choose an ACL from the dialog box.
|
OSPF PID fields
|
Allows you to enter an OSPF instance name in the first field and an ACL name in the second field.
|
OSPF PID ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
Static
|
This field and ellipsis button allow you to filter static updates. Either enter an ACL name in the Static field or click the ellipsis button to open a Select ACL dialog box and choose an ACL from the dialog box.
|
Static field
|
Allows you to enter an ACL.
|
Static ellipsis button
|
Allows you to choose an ACL name from the Select ACL dialog box.
|
5.6.16.1.6 Operations Tab
This tab is also available at the LR level. See Table 5-134.
The Operations tab allows you to perform the following tasks:
•Set the Clear Counters option to all message counters or a specific neighbor IP address.
•Execute the clear counters operation.
•Set the Restart Session option to all LDP sessions or a specific neighbor session.
•Execute the restart session operation.
The following table describes the Operations tab fields.
Table 5-139 Field Descriptions for the Operations Tab
Field
|
Description
|
Reset Commands Area
|
Reset all OSPF processes button
|
Allows you to reset an OSPF router process without stopping and restarting it.
Clicking this button releases all OSPF resources allocated, cleans up the internal database, and shuts down and restarts all interfaces that belong to the process. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
|
Clear routing table Area
|
Clear all OSPF routing tables button
|
Allows you to clear all OSPF routes from the OSPF routing table.
Clicking this button clears all OSPF routes from the OSPF routing table and recomputes valid routes. When the OSPF routing table is cleared, OSPF routes in the global routing table are also recalculated.
|
Clear all redistributed route entries button
|
Allows you to clear all routes redistributed from other protocols out of the OSPF routing table. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
Clicking this button causes the routing table to be read again. If an unexpected route has not appeared in the OSPF redistribution, clearing OSPF redistribution causes OSPF to resend Type 5 and Type 7 LSAs that can be used by the routing table.
Caution This command can cause a significant number of LSAs to flood throughout the network. It is recommended that you use this command with caution.
|
Clear neighbor state transition count Area
|
Interface name
|
Allows you to specify the interface name for which you want to clear the state transition counter
|
Interface name field
|
Allows you to enter the interface name.
|
Interface name ellipsis button
|
Allows you to choose the interface name from the Select Interfaces dialog box.
|
Neighbor IP field
|
Allows you to enter the neighbor IP address of a specified neighbor for which you want to clear the state transition counter.
|
Clear button
|
Allows you to clear the OSPF statistics of neighbor state transitions. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
If an interface name and neighbor IP are not specified, this button clears all statistics.
|
5.6.16.1.7 Interface Settings Tab
The Interface Settings tab contains two subtabs: General and Authentication. The following table provides field descriptions of the General and Authentication subtabs.
Note The General subtab is displayed by default when the Interface Settings tab is clicked.
Table 5-140 Field Descriptions for the General and Authentication Subtabs
Field
|
Description
|
General Subtab
|
The General subtab allows you to perform the following tasks:
•Configure the designated router priority.
•Configure the resend interval.
•Configure the send delay.
•Configure the link cost, hello interval, and dead interval.
•Enable incoming network filtering.
•Choose a network broadcast behavior.
•Optimize process settings.
|
Basics Area
|
Designated Router priority field
|
Allows you to specify the router priority for the DR and backup designated routers (BDRs).
When two routers attached to a network both attempt to become the designated router, the one with the higher router priority takes precedence. If there is a tie, the router with the higher router ID takes precedence. A router with a router priority set to zero is ineligible to become the DR or BDR. Router priority is configured only for interfaces to multiaccess networks (in other words, not point-to-point networks).
|
Retransmit Interval (sec) field
|
Allows you to specify the time between LSA retransmissions for adjacencies belonging to the interface.
When a router sends an LSA to its neighbor, it keeps the LSA until it receives the acknowledgment message. If the router receives no acknowledgment, it will resend the LSA.
The value of this parameter should be conservative, or needless retransmission will result. The value should be larger for serial lines and virtual links.
|
Transmit Delay (sec) field
|
Allows you to specify the estimated time required to send a link-state update packet on the interface. LSAs in the update packet have their age incremented by this amount before transmission.
|
Link cost field
|
Allows you to specify the cost of the link.
|
Hello Interval (sec) field
|
Allows you to specify the time between the hello packets that the software sends on an interface. This is the unsigned integer value to be advertised in the hello packets of the software. The value must be the same for all routers attached to a common network.
|
Dead Interval (sec) field
|
Allows you to specify the length of time that the hello packets are suspended before neighbors declare the router down. As with the hello interval, this value must be the same for all routers attached to a common network.
|
Filter incoming network updates Area
|
Distribute List ACL
|
This check box, field, and ellipsis button allow you to enable and specify the incoming network updates filter. Check the Distribute List ACL check box to enable the incoming network updates filter. Either enter an ACL name in the Distribute List ACL field or click the ellipsis button to open a Select ACL dialog box and choose an ACL from the dialog box.
|
Distribute List ACL check box
|
Allows you to enable incoming network updates filtering.
|
Distribute List ACL field
|
Allows you to enter an ACL name.
|
Distribute List ACL ellipsis button
|
Allows you to choose an ACL name from the Select ACL dialog box.
|
Network Broadcast Behavior Area
|
Network broadcast behavior list
|
Allows you to choose the type of attached network. This list configures the OSPF network type to a type other than the default for a given medium. Options are:
•Default for interface type.
•Broadcast—Sets the network type to broadcast.
•Non-broadcast—Sets the network type to nonbroadcast multiaccess (NBMA).
•Point-to-point—Sets the network type to point-to-point.
•Point-to-multipoint—Sets the network type to point-to-multipoint.
•Point-to-multipoint non-broadcast—Sets the point-to-multipoint network to nonbroadcast.
You can configure broadcast networks as NBMA networks when, for example, routers in your network do not support multicast addressing.
Configuring NBMA networks as either broadcast or nonbroadcast assumes that there are virtual circuits from every router to every other router or to every fully meshed network. However, there are other configurations where this assumption is not true; for example, a partially meshed network. In these cases, you can configure the OSPF network type as a point-to-multipoint network. Routing between two routers that are not directly connected will go through the router that has virtual circuits to both routers. You need not configure neighbors when using this command.
OSPF has two features related to point-to-multipoint networks. One feature applies to broadcast networks; the other feature applies to nonbroadcast networks:
•On point-to-multipoint, broadcast networks, you must specify a cost to that neighbor.
•On point-to-multipoint, nonbroadcast networks, you must identify neighbors; assigning a cost to a neighbor is optional.
|
Optimizations Area
|
Flood reduction list
|
Allows you to enable flood reduction, which suppresses unnecessary flooding of LSAs in stable topologies.
All routers supporting the OSPF demand circuit are compatible and can interact with routers supporting flooding reduction.
|
Demand circuit list
|
Allows you to enable demand circuit, which configures the OSPF protocol to treat the interface as an OSPF demand circuit.
On point-to-point interfaces, only one end of the demand circuit must be have demand circuit enabled. Periodic hello messages are suppressed and periodic refreshes of LSAs do not flood the demand circuit. Configuring the demand circuit allows the underlying data link layer to be closed when the topology is stable. In point-to-multipoint topology, only the multipoint end must have demand circuit enabled.
|
Ignore MTU setting list
|
Allows you to enable or disable the option to ignore maximum transmission unit (MTU) settings. Options are Enable and Disable. Choose Enable to ignore MTU settings.
Ignoring MTU settings prevents OSPF from verifying whether neighbors are using the same MTU on a common interface when exchanging database descriptor (DBD) packets. This check is performed when neighbors exchange DBD packets. If the receiving MTU in the DBD packet is higher than the MTU configured on the incoming interface, OSPF adjacency will not be established.
|
Database filtering list
|
Allows you to enable or disable database filters during flooding and synchronization. Options are Enable and Disable. Choose Enable to allow database filtering on outgoing LSAs to an OSPF interface. This feature is supported only at the interface level.
|
Passive list
|
Allows you to enable or disable the option to send OSPF updates on an interface. Options are Enable and Disable. Choose Enable to allow sending of OSPF updates.
This feature is used to reduce OSPF traffic over low-bandwidth, high-cost network lines such as ISDN.
|
Authentication Subtab
|
The Authentication subtab allows you to perform the following tasks:
•Choose the authentication type.
•Configure the plain authentication parameters.
•Configure MD5 authentication parameters.
|
Basics Area
|
Authentication Type list
|
Allows you to choose the authentication type. Options are:
•None—No authentication is used. Useful for overriding password or MD5 authentication if configured for an area.
•Plain—Plain text authentication is used.
•MD5—Message Digest 5 (MD5) authentication is used.
Specifying an authentication type for the interface overrides the authentication specified for the area to which this interface belongs.
The authentication type and password must be the same for all OSPF interfaces that are to communicate with each other through OSPF. If you specified plain text authentication, you must specify a plain text password.
|
Plain Authentication Area
|
Password
|
Allows you to enable plain authentication. Specifying a password assigns a password to be used by neighboring routers that are using the OSPF simple password authentication.
The password created is used as a "key" that is inserted directly into the OSPF header when the software originates routing protocol packets. A separate password can be assigned to each network on a per-interface basis. All neighboring routers on the same network must have the same password to be able to exchange OSPF information.
|
Password check box
|
Allows you to enable plain authentication.
|
Password field
|
Allows you to enter a password.
|
Encryption Type list
|
Allows you to choose the password encryption type. Options are:
•None
•Cisco Proprietary
|
MD5 Authentication Area
|
Key id column
|
Allows you to specify a key ID for the interface. Click Add to add a new row to the table then double-click the Key id column and enter a key ID.
Usually, one key per interface is used to generate authentication information when packets are sent and to authenticate incoming packets. The same key identifier on the neighbor router must have the same key value.
|
Password column
|
Allows you to specify a password for the interface. Double-click the password column and enter a password.
|
Encryption Type column
|
Allows you to specify the password encryption type for the interface. Double-click the Encryption Type column and choose an encryption type from the list. Options are:
•None
•Cisco Proprietary
|
5.6.16.2 Removing an OSPF Instance
Step 1 Right-click an instance in the OSPF Instance Tree and choose Remove instance.
Step 2 Click Yes in the confirmation dialog box.
Step 3 Click OK in the Commit Status message box.
5.6.16.3 Creating a Global OSPF Area
Step 1 For CRS-1 and XR 12000 software release 3.2, right-click an instance in the OSPF Instance Tree and choose Add area. The Add area dialog box opens.
Step 2 For CRS-1 and XR 12000 software release 3.3, do the following:
a. Click the expand icon (+) next to the instance in the OSPF Instance Tree.
b. Right-click a Global OSPF assigned to that instance.
c. Choose Add area. The Add area dialog box opens.
Step 3 Choose an area type radio button. Options are Number or IP. The Area Type field becomes available.
Step 4 Enter an area number or area IP address in the field.
Step 5 Click OK. A new area is created and appears below the instance in the OSPF Instance Tree.
5.6.16.3.1 Area Tabs
To display the Area tabs:
•For CRS-1 and XR 12000 software release 3.2, click an area under an instance in the OSPF Instance Tree.
•For CRS-1 and XR 12000 software release 3.3, click an area under a global OSPF in the OSPF Instance Tree.
5.6.16.3.2 General Tab
The General tab allows you to perform the following tasks:
•Choose the area type.
•Specify the summary route cost.
The following table describes the General tab fields.
Table 5-141 Field Descriptions for the General Tab
Field
|
Description
|
Basics Area
|
Area Type list
|
Allows you to choose the area type. Options are:
•Normal—Configure the area as a standard OSPF area (all external routes are flooded through the network). External routes are flooded bidirectionally across the Area Border Router (ABR).
•Stub—Configure the area as a stubby area.
•NSSA—Configure the area as a not-so-stubby area.
|
Totally stubby check box
|
Allows you to configure the area as a totally stubby area which means that only intra-area and the default route are allowed.
This check box is enabled when Stub or NSSA is chosen from the Area Type list.
|
Default information originate check box
|
Allows you to generate a Type 7 Cisco default into the NSSA area.
This check box is enabled when NSSA is chosen from the Area Type list.
|
Metric Type list
|
Allows you to choose the OSPF external metric type. Options are:
•type1
•type2
|
Default Metric field
|
Allows you to enter the OSPF default metric.
|
No redistribution check box
|
Allows you to import routes only into the normal areas, but not into the NSSA area.
This check box is enabled when NSSA is chosen from the Area Type list.
|
Summary Route Defaults Area
|
Default summary route cost field
|
Allows you to specify a cost for the default summary route sent into a stubby area.
|
5.6.16.3.3 Inter-area Summary Routes Tab
The Inter-area Summary Routes tab allows you to perform the following tasks:
•Specify interarea summary routes.
•Choose to advertise type 3 labels.
The following table describes the Inter-area Summary Routes tab fields.
Table 5-142 Field Descriptions for the Inter-area Summary Routes Tab
Field
|
Description
|
Configuration Area
|
IP / Mask fields
|
Allows you to create aggregate addresses for routes being redistributed from another routing protocol into the OSPF protocol.
|
Advertise type 3 labels
|
Allows you to advertise type 3 labels to other areas.
|
5.6.16.3.4 Virtual Links Tab
The Virtual Links tab allows you to perform the following tasks:
•Specify the neighbor router parameters.
•Set the authentication parameters.
It contains the General and Authentication subtabs. The following table provides field descriptions.
Table 5-143 Field Descriptions for the General and Authentication Subtabs
Field
|
Description
|
General Subtab
|
The General subtab allows you to perform the following tasks:
•Specify the neighbor router ID.
•Specify the hello, dead, and retransmit interval for the neighbor.
•Specify the transmit delay for the neighbor.
|
Basics Area
|
Neighbor Router ID field
|
Allows you to specify the router ID of a virtual link neighbor. The ID is internally derived by each router from the interface IP address of the router.
|
Hello Interval (sec) field
|
Allows you to specify the time between the hello packets that the software sends on an interface. It is an unsigned integer value to be advertised in the hello packets of the software. The value must be the same for all routers attached to a common network.
|
Dead Interval (sec) field
|
Allows you to specify the time that OSPF waits for hello packets from a neighbor before declaring that the neighboring router is unavailable. It is an unsigned integer value.This value must be the same for all routers attached to a common network.
|
Retransmit Interval (sec) field
|
Allows you to specify the time between LSA retransmissions for adjacencies belonging to the interface. It is the expected round-trip delay between any two routers on the attached network. The value must be greater than the expected round-trip delay.
|
Transmit Delay (sec) field
|
Allows you to specify the estimated time required to send a link-state update packet on the interface. It is an integer value that must be greater than zero. LSAs in the update packet have their age incremented by this amount before transmission.
|
Authentication Subtab
|
The Authentication subtab allows you to perform the following tasks:
•Specify the authentication type for the neighbor.
•Specify the password to be used by neighbors.
|
Basics Area
|
Authentication Type list
|
Allows you to choose the authentication type. Options are:
•None—No authentication is used. Useful for overriding password or MD5 authentication if configured for an area.
•Plain—Plain text authentication is used.
•MD5— MD5 authentication is used.
Specifying an authentication type for the interface overrides the authentication specified for the area to which this interface belongs.
The authentication type and password must be the same for all OSPF interfaces that are to communicate with each other through OSPF. If you specified plain text authentication, you must specify a plain text password.
|
Plain Authentication Area
|
Password
|
Allows you to specify the password the neighbor must use.
The password acts as a key that allows the authentication procedure to generate or verify the authentication field in the OSPF header. The password is inserted directly into the OSPF header when originating routing protocol packets. A separate password can be assigned to each network on a per-interface basis. All neighboring routers on the same network must have the same password to route OSPF traffic.
|
Password check box
|
Allows you to enable plain authentication.
|
Password field
|
Allows you to enter a password if no message-digest keys are configured.
This field is enabled when the Password check box is activated.
|
Encryption Type list
|
Allows you to choose the encryption type. Options are:
•None—An unencrypted password will follow.
•Cisco Proprietary—An encrypted password will follow.
The password is stored in encrypted form on the router.
|
MD5 Authentication Area
|
MD5 Authentication table
|
Allows you to define an OSPF virtual link with a key identifier and password for MD5 authentication.
To add a row to the table, click Add. To remove a row from the table, choose a row and then click Remove.
Click the Add button to add an MD5 authentication link. Choose a row in the table and click Remove to delete an MD5 authentication link.
|
Key id column
|
Allows you to specify the key ID. The routers at both ends of the virtual link must have the same key ID to route OSPF traffic.
|
Password column
|
Allows you to specify the password. The routers at both ends of the virtual link must have the same password to route OSPF traffic.
|
Encryption Type column
|
Allows you to choose the encryption type. Options are:
•None—An unencrypted password will follow.
•Cisco Proprietary—An encrypted password will follow.
The password is stored in encrypted form on the router.
Double-click the cell in the Encryption Type column to activate it and choose an encryption type.
|
5.6.16.3.5 Interface Settings Tab
The Interface Settings tab allows you to perform the following tasks:
•Specify the interface name.
•Configure interface parameters and optimizations.
•Configure the interface authentication parameters.
•Configure the nonbroadcast network parameters.
It contains the General, Authentication, and Nonbroadcast Network subtabs. The following table provides field descriptions.
Table 5-144 Field Descriptions for the General Subtab
Field
|
Description
|
General Subtab
|
The General subtab allows you to perform the following tasks:
•Specify the interface name.
•Specify filtering on incoming network updates.
•Configure interface parameters including designated router priority, retransmit, hello, and dead interval, transmit delay, and link cost.
•Choose the interface optimizations.
The parameters in the General subtab always use the most specific value specified. For example, if a parameter is specified at the Interface level it will use that value and not the values specified for the same parameter at the Area or Process level.
•Process—If the parameter is not specified for the Area level, the interface adopts the parameter specified for the process.
•Area—If the parameter is not specified for the Interface level, the interface adopts the parameter specified for the area.
•Interface—The interface adopts the parameter specified by the interface.
|
Interface Name Area
|
Name
|
Allows you to specify the interface name. There are three levels:
•Process Level—Not user-configurable. Allows you to display the settings at the Process Level.
•Area Level—Not user-configurable. Allows you to display the settings at the Area Level.
•Interface Level—Allows you to associate an interface with an area.
|
Name field
|
Allows you to view the chosen interface name.
The Process Level and Area Level names will appear in the field if they are chosen from the Interface Settings table. They are not user configurable.
Click the Add Record tool on the OSPF Configuration toolbar to associate the interface with an area.
|
Name ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box.
This ellipsis button is enabled when an interface is chosen in the Interface Settings table.
|
Filter incoming network updates Area
|
Distribute List ACL
|
Allows you to filter networks received in OSPF updates and is used to limit which OSPF routes are installed on this router. It does not affect the OSPF protocol itself.
If this parameter is not specified at any level, the distribute list is disabled.
|
Distribute List ACL check box
|
Allows you to enable incoming network updates filtering by applying the chosen access list to incoming routing updates.
|
Distribute List ACL field
|
Allows you to enter an access list name.
The access list defines which networks are to be received and which are to be suppressed in routing updates.
This field is enabled when the Distribute ACL check box is activated.
|
Distribute List ACL ellipsis button
|
Allows you to choose an access list from the Select ACL dialog box.
This ellipsis button is enabled when the Distribute ACL check box is activated.
|
Basics Area
|
Designated Router priority field
|
Allows you to set the router priority, which helps determine the designated router for this network.
If this parameter is not specified at any level, the designated router priority is 1.
|
Retransmit Interval (sec) field
|
Allows you to specify the time between LSA retransmissions for adjacencies belonging to the interface. When a router sends an LSA to its neighbor, it keeps the LSA until it receives the acknowledgment message. If the router receives no acknowledgment, it will resend the LSA.
This parameter should be conservative, or needless retransmission will result. The value should be larger for serial lines and virtual links.
If this parameter is not specified at any level, the retransmit interval is 5.
|
Transmit Delay (sec) field
|
Allows you to specify the transmission delay for LSAs.
If this parameter is not specified at any level, the transmit delay is 1.
|
Link Cost field
|
Allows you to specify the cost of sending a packet on an interface.
In general, the path cost is calculated using the following formula:
108 / bandwidth
If this parameter is not specified at any level, the link cost is automatically calculated.
|
Hello Interval (sec) field
|
Allows you to specify the interval between hello packets that are sent on the interface. The hello interval value is advertised in the hello packets. The shorter the hello interval, the faster topological changes will be detected, but more routing traffic will occur. This value must be the same for all routers and access servers on a specific network.
If this parameter is not specified at any level, the hello interval is 10 seconds for broadcast and point-to-point or 30 seconds for nonbroadcast.
|
Dead Interval (sec) field
|
To set the interval at which hello packets are suspended before neighbors declare the router down. This value must be the same for all routers and access servers on a specific network. The dead interval value must be larger than the hello interval value.
If this parameter is not specified at any level, the dead interval is 4 times the hello interval.
|
Optimizations Area
|
Flood reduction list
|
Allows you to suppress the unnecessary flooding of LSAs in stable topologies. All routers supporting the OSPF demand circuit are compatible and can interact with routers supporting flooding reduction.
If this parameter is not specified at any level, the flood reduction parameter is disabled.
|
Demand circuit list
|
Allows you to configure the OSPF protocol to treat the interface as an OSPF demand circuit.
On point-to-point interfaces, only one end of the demand circuit must be configured with this command. Periodic hello messages are suppressed and periodic refreshes of LSAs do not flood the demand circuit. Enabling the demand circuit allows the underlying data link layer to be closed when the topology is stable. In point-to-multipoint topology, only the multipoint end must be configured.
If this parameter is not specified at any level, the demand circuit parameter is disabled.
|
Ignore MTU setting list
|
Allows you to prevent OSPF from verifying whether neighbors are using the same MTU on a common interface when exchanging DBD packets.
The ignore MTU setting verifies whether OSPF neighbors are using the same MTU on a common interface. This check is performed when neighbors exchange DBD packets. If the receiving MTU in the DBD packet is higher than the MTU configured on the incoming interface, OSPF adjacency will not be established.
If this parameter is not specified at any level, the OSPF checks the MTU received from neighbors when exchanging DBD packets.
|
Database filtering list
|
Allows you to filter OSPF LSAs during synchronization and flooding.
If this parameter is not specified at any level, database filtering is disabled.
|
Passive list
|
Allows you to suppress the sending of OSPF updates on an interface. This passive parameter is used to reduce OSPF traffic over low-bandwidth, high-cost network lines such as ISDN.
If this parameter is not specified at any level, the passive list is disabled and OSPF updates are sent on the interface.
|
Authentication Subtab
|
The Authentication subtab allows you to perform the following tasks:
•Choose the authentication type.
•Set the plain authentication password.
•Choose the MD5 authentication.
The parameters in the Authentication subtab always use the most specific value specified. For example, if a parameter is specified at the Interface level, it will use that value and not the values specified for the same parameter at the Area or Process level.
•Process—If the parameter is not specified for the Area level, the interface adopts the parameter specified for the process.
•Area—If the parameter is not specified for the Interface level, the interface adopts the parameter specified for the area.
•Interface—The interface adopts the parameter specified by the interface.
|
Basics Area
|
Authentication Type list
|
Allows you to choose the authentication type. Options are:
•None—No authentication is used. Useful for overriding password or MD5 authentication if configured for an area.
•Plain—Plain text authentication is used.
•MD5—MD5 authentication is used.
•Inherited—Authentication is inherited.
Specifying an authentication type for the interface overrides the authentication specified for the area to which this interface belongs.
The authentication type and password must be the same for all OSPF interfaces that are to communicate with each other through OSPF. If you specified plain text authentication, you must specify a plain text password.
|
Plain Authentication Area
|
Password
|
Allows you to specify the password the interface must use.
The password acts as a key that allows the authentication procedure to generate or verify the authentication field in the OSPF header. The password is inserted directly into the OSPF header when originating routing protocol packets. A separate password can be assigned to each network on a per-interface basis.
|
Password check box
|
Allows you to enable plain authentication.
|
Password field
|
Allows you to enter a password if no message-digest keys are configured.
This field is enabled when the Password check box is activated.
|
Encryption Type list
|
Allows you to choose the encryption type. Options are:
•None—An unencrypted password will follow.
•Cisco Proprietary—An encrypted password will follow.
The password is stored in encrypted form on the router.
|
MDS Authentication Table
|
MD5 Authentication table
|
Allows you to define an OSPF virtual link with a key identifier and password for MD5 authentication.
To add a row to the table, click Add. To remove a row from the table, choose a row; then, click Remove.
Click the Add button to add an MD5 authentication link. Choose a row in the table and click Remove to delete an MD5 authentication link.
If MD5 authentication is not specified at any level, MD5 authentication is unavailable for the interface.
|
Key id column
|
Allows you to specify the key ID. The routers at both ends of the virtual link must have the same key ID to route OSPF traffic.
|
Password column
|
Allows you to specify the password. The routers at both ends of the virtual link must have the same password to route OSPF traffic.
|
Encryption Type column
|
Allows you to choose the encryption type. Options are:
•None—Password is unencrypted.
•Cisco Proprietary—Password is encrypted and stored on the router.
Double-click the cell in the Encryption Type column to activate it and choose an encryption type.
|
Nonbroadcast Network
|
The Nonbroadcast Network subtab allows you to perform the following tasks:
•Choose the nonbroadcast behavior.
•Configure the nonbroadcast network.
The parameters in the Nonbroadcast Network subtab always use the most specific value specified. For example, if a parameter is specified at the Interface level, it will use that value and not the values specified for the same parameter at the Area or Process level.
•Process—If the parameter is not specified for the Area level, the interface adopts the parameter specified for the process.
•Area—If the parameter is not specified for the Interface level, the interface adopts the parameter specified for the area.
•Interface—The interface adopts the parameter specified by the interface.
|
Basics Area
|
Network broadcast behavior list
|
Allows you to choose the broadcast behavior for the interface. Options are:
•Default for interface type
•Broadcast
•Nonbroadcast
•Point-to-point
•Point-to-multipoint
•Point-to-multipoint nonbroadcast
If the broadcast behavior is not specified at any level, the default for the interface type is used.
|
Nonbroadcast Network Area
|
IP Address column
|
Allows you to enter an IP address for the neighbor. Double-click the cell to activate it; then, enter an IP address.
|
Priority column
|
Allows you to enter an 8-bit number indicating the router priority value of the nonbroadcast neighbor associated with the IP address specified.
Priority does not apply to point-to-multipoint interfaces.
|
Poll Interval column
|
Allows you to enter an unsigned integer value reflecting the poll interval. RFC 1247 recommends that this value be much larger than the hello interval.
Poll Interval does not apply to point-to-multipoint interfaces.
|
Link Cost
|
Allows you to assigns a cost to the neighbor. Neighbors with no specific cost configured will assume the cost of the interface, based on the cost command. On point-to-multipoint interfaces, Link Cost is the only column that applies. Link Cost does not apply to NBMA networks.
|
Database Filtering column
|
Allows you to enable filtering on all outgoing LSAs to an OSPF neighbor during synchronization and flooding for point-to-multipoint neighbors on nonbroadcast networks. Double-click the column to activate the column and switch between true and false.
|
5.6.16.4 Removing an OSPF Area
Step 1 Right-click an OSPF or global OSPF in the OSPF Instance Tree and choose Remove area.
Step 2 Click Yes in the confirmation dialog box.
Step 3 Click OK in the Commit Status message box.
5.6.16.5 Creating a VRF Instance
Note This procedure is available for CRS-1 and XR 12000 R3.3.
Step 1 Right-click an instance in the OSPF Instance Tree and choose Add VRF instance. The VRF Selector dialog box opens.
Step 2 Enter a VRF name in the field or click the ellipses button. If you click the ellipses button, the Select VRF dialog box opens. Choose a VRF from the list and click OK.
Step 3 Click OK in the VRF Selector dialog box.
Step 4 Click OK in the Commit Status message box.
5.6.16.5.1 General Tab
The General tab allows you to perform the following tasks:
•Configure the router ID and maximum number of paths.
•Configure the link metrics.
•Configure the SPF algorithm.
•Configure link costs and LSA timers.
•Configure the default external route parameters.
The following table describes the General tab fields.
Table 5-145 Field Descriptions for the General Tab
Field
|
Description
|
Basics Area
|
Router ID
|
Allows you to specify a router ID for the OSPF instance. Value must be an IPv4 address.
|
Max number of paths field
|
Allows you to specify the maximum number of equal cost paths to install. This controls the maximum number of parallel routes that the OSPF protocol can support and install in a routing table. Value must be between 1 and 32. The default value is 16.
|
Default Link Metrics Area
|
Reference BW (Mbps) check box
|
Allows you to enable reference bandwidth.
|
Reference BW (Mbps)
|
Allows you to enable and specify the reference bandwidth. This field is enabled when the Reference BW (Mbps) check box is activated.
This feature controls how the OSPF protocol calculates default metrics for the interface. By default, OSPF calculates the OSPF metric for an interface according to the bandwidth of the interface.
Value must be between 1 and 4294967. The default value is 100.
|
Administrative distance field
|
Allows you to specify the administrative distance of OSPF. Value must be between 1 and 255. The default value is 110. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means that the routing information source cannot be trusted at all and should be ignored. Weight values are subjective; there is no quantitative method for choosing weight values.
|
Shortest Path First Algorithm Area
|
Initial delay (ms) field
|
Allows you to specify the time before the first shortest path first (SPF) is run (also known as SPF throttling). Value must be between 1 and 600000. The default value is 5000.
|
Backoff increment (ms) field
|
Allows you to specify the initial wait interval between the first and second SPF calculations. Each consecutive wait interval is twice the previous wait interval. If no SPF calculation is run for the maximum delay time, the subsequent wait interval is reset to the initial value. Value must be between 1 and 600000. The default value is 10000.
|
Max delay time (ms) field
|
Allows you to specify the maximum time between consecutive SPF calculations. Value must be between 1 and 600000. The default value is 10000.
The first wait interval between SPF calculations is the amount of time in milliseconds specified by the initial delay. Each consecutive wait interval is twice the current hold level in milliseconds until the wait time reaches the maximum time in milliseconds as specified by the Max delay time field. Subsequent wait times remain at the maximum until the values are reset or an LSA is received between SPF calculations.
|
OSPF Distances Area
|
Inter-area field
|
Allows you to specify the administrative distance for all routes from one area to another area. Value must be between 1 and 255. The default value is 110.
|
Intra-area field
|
Allows you to specify the administrative distance for all routes within an area. Value must be between 1 and 255. The default value is 110.
|
External field
|
Allows you to specify the administrative distance for all external routes (type 5 and type 7) learned from other routing domains through redistribution. Value must be between 1 and 255. The default value is 110.
|
Link State Advertisement Timers Area
|
Min LSArrival rate (sec / LSA) field
|
Allows you to specify the minimum interval between accepting the same LSA. Value must be between 0 and 600000. The default value is 1000.
|
Initial delay (ms)
|
Allows you to specify the time before generating the first LSA. Value must be between 0 and 600000. The default value is 500.
|
Backoff increment (ms)
|
Allows you to specify the time interval between successive LSA builds. Value must be between 0 and 600000. The default value is 5000.
|
Max delay (ms)
|
Allows you to specify the time delay between consecutive LSA builds. Value must be between 0 and 600000. The default value is 5000.
|
Maxage / Refresh rate (sec / group LSA) field
|
Allows you to specify a value to change the interval at which OSPF LSAs are collected into a group and refreshed, checksummed, or aged (also called group pacing). Value must be between 10 and 1800. The default value is 240.
The duration of the LSA group pacing is inversely proportional to the number of LSAs the router is handling. For example, if you have approximately 10,000 LSAs, decreasing the pacing interval would benefit you. If you have a very small database (40 to 100 LSAs), increasing the pacing interval to 10 to 20 minutes might benefit you slightly.
|
Default External Route Area
|
Enable check box
|
Allows you to enable the generation of a default external route into an OSPF routing domain.
Whenever you redistribute routes into an OSPF routing domain, the software automatically becomes an Autonomous System Boundary Router (ASBR). However, an ASBR does not, by default, generate a default route into the OSPF routing domain. The software still must have a default route for itself before it generates one, except when you have specified the always keyword.
|
Always check box
|
Allows you to choose to always advertise the default route regardless of whether the software has a default route.
|
Use existing default route radio button
|
Allows you to specify that the existing default route (0.0.0.0/0) be used.
|
Route metric field
|
Allows you to specify the metric used for generating the default route. The value used is specific to the protocol.
|
Link state type list
|
Allows you to choose the external link type associated with the default route advertised into the OSPF routing domain. Options are:
•Type 1
•Type 2
•Type 1&2
|
5.6.16.5.2 Route Summarization Tab
The Route Summarization tab allows you to perform the following tasks:
•Configure the IP prefix and mask for the route.
•Configure route summary filtering, matching, and suppressing options.
The following table describes the Route Summarization tab fields.
Table 5-146 Field Descriptions for the Route Summarization Tab
Field
|
Description
|
Configuration Area
|
IP Prefix / Mask
|
Allows you to specify an IP summary prefix and summary mask to create aggregate addresses for routes being redistributed from another routing protocol into the OSPF protocol.
|
IP Prefix / Mask radio button
|
Allows you to use an IP summary prefix and mask.
|
IP Prefix / Mask fields
|
Allows you to enter an IP prefix and mask.
This field is enabled when the IP Prefix / Mask radio button is activated.
|
No filter radio button
|
Allows you to choose no filtering.
|
Match tag
|
Allows you to specify a tag value that can be used as a match value for controlling redistribution.
|
Match tag radio button
|
Allows you to enable the option to specify a tag value to be used for matching.
|
Match tag field
|
Allows you to enter a tag value.
|
Suppress type-7 LSAs radio button
|
Allows you to choose to suppress advertising of the summary routes that match the address and mask pair.
|
5.6.16.5.3 Admin Distance Tab
The Admin Distance tab allows you to perform the following tasks:
•Configure the IP address and wildcard bits.
•Specify the administrative distance and the IP access list to be applied to incoming routing updates.
The following table describes the Admin Distance tab fields.
Table 5-147 Field Descriptions for the Admin Distance Tab
Field
|
Description
|
Configuration Area
|
IP / Wildcard bits fields
|
Allows you to specify an IP source address and IP wildcard bits (or inverted mask) to create aggregate addresses for routes being redistributed from another routing protocol into the OSPF protocol.
|
IP / Wildcard bits radio button
|
Allows you to use an IP source address and wildcard bits.
|
IP / Wildcard bits fields
|
Allows you to enter an IP source address and wildcard bits.
This field is enabled when the IP / Wildcard bits radio button is activated.
|
Distance field
|
Allows you to specify the administrative distance of the OSPF.
|
Access Control List
|
Allows you to specify the name of an IP access list to be applied to incoming routing updates.
|
Access Control List field
|
Allows you to enter an ACL name.
|
Access Control List ellipsis button
|
Allows you to choose an ACL from the Select Access Control List dialog box.
|
5.6.16.5.4 Advanced Tab
The Advanced tab allows you to perform the following tasks:
•Configure the nonstop forwarding (NSF) parameters.
•Configure the max-metric LSA parameters.
•Choose a default metric for redistributed routes.
•Configure syslog messages.
•Configure Multiprotocol Label Switching traffic engineering (MPLS-TE) parameters.
•Configure outgoing network filtering parameters.
The following table describes the Advanced tab fields.
Table 5-148 Field Descriptions for the Advanced Tab
Field
|
Description
|
Non Stop Forwarding Area
|
Enable NSF list
|
Allows you to choose an option for configuring NSF for the OSPF protocol. Options are:
•Yes
•No
•Only for NSF-aware neighbors—NSF is canceled if any non NSF-aware routers are detected.
NSF allows for the forwarding of data packets to continue along known routes while routing protocol information (such as OSPF) is being restored following a switchover.
This feature is used if the router is expected to perform NSF during restart. To obtain the full benefits of this feature, configure all neighboring routers with NSF.
|
Interval (sec) field
|
Allows you to configure the minimum time between NSF restart attempts for the OSPF protocol. Value must be between 90 and 3600. The default value is 90.
|
Lifetime (sec) field
|
Allows you to configure the maximum time that routes are held in the Routing Information Base (RIB) following an OSPF instance restart. Value must be between 90 and 3600. The default value is 90.
The OSPF instance must reconverge within the maximum length of time configured. If the convergence exceeds this length of time, routes will be purged from RIB, and NSF restart might fail.
|
Max-metric Link State Advertisements Area
|
Send max-metric LSAs check box
|
Allows you to specify that the OSPF protocol will signal other networking devices not to prefer the local router as an intermediate hop in their SPF calculations.
Max-metric LSAs cause the software to originate router LSAs with router link metrics set to LSInfinity (0XFFFF). This feature might be useful in Internet backbone routers. After a router reboots, OSPF might converge quickly, and other routers might try to forward traffic through the recently rebooted router. However, a router in the network might still be building its Border Gateway Protocol (BGP) routing tables, and might not have fully converged yet. In such instances, the router that has not fully converged could drop many packets for destinations it has not yet learned through BGP.
When max-metric LSAs are configured, the router advertises its locally generated router LSAs with a metric of 0XFFFF. This action allows the router to converge but not attract transit traffic if there are better, alternative paths around this router. After the specified announce-time value or notification from BGP, the router advertises the local router LSAs with the normal metric (the interface cost).
This feature might be useful when you want to connect a router to an OSPF network, but do not want real traffic flowing through it if there are better, alternative paths. If there are no alternative paths, this router still accepts transit traffic as before.
Cases where this might be useful are as follows:
•During a router reload, you prefer that OSPF wait for BGP to converge before accepting transit traffic. If there are no alternative paths, the router still accepts transit traffic.
•A router is in critical condition (for example, it has a very high CPU load or does not have enough memory to store all LSAs or build the routing table).
•When you want to gracefully introduce or remove a router to or from the network.
•When you have a test router in a lab, connected to a production network.
|
Always radio button
|
Allows you to specify that the OSPF protocol always originates router LSAs with the maximum metric.
|
Announce time (sec)
|
This radio button and field allows you to specify the time that router LSAs are originated with the maximum metric of 0XFFFF.
|
Announce time (sec) radio button
|
Allows you to enable specifying that the LSAs are originated with the maximum metric.
|
Announce time (sec) field
|
Allows you to enter the announce time. Value must be between 5 and 86400.
This field is enabled when the Announce time (sec) radio button is activated.
|
Until BGP converges radio button
|
Allows you to specify that OSPF use the originate router LSAs with the maximum metric and allow BGP to decide when to start originating router LSAs with a normal metric instead of the maximum metric.
|
Redistributed Routes Area
|
Default metric field
|
Allows you to specify the default metric of redistributed routes. Value must be between 1 and 16777214.
|
Syslog Messages Area
|
Ignore LSA MOSPF check box
|
Allows you to enable the option to suppress the sending of syslog messages when the router receives LSA Type 6 (MOSPF) packets.
Cisco routers do not support LSA Type 6 (MOSPF), and they generate syslog messages if they receive such packets. If the router is receiving many Multicast OSPF (MOSPF) packets, you might want to configure the router to ignore the packets and thus prevent a large number of syslog messages.
|
Log adjacency changes list box
|
Select the logging type. Options are:
•Brief
•Detail
•Suppress (Default)
|
Opaque LSA Area
|
Opaque LSAs check box
|
Allows you to control opaque LSA support capability of the OSPF protocol.
This capability must be enabled in order for OSPF to support MPLS-TE. The MPLS-TE topology information is flooded to the network through opaque LSAs of OSPF.
|
Filter outgoing network updates Area
|
All
|
Allows you to filter all outgoing network updates.
|
All field
|
Allows you to enter an ACL name.
|
All ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
BGP AS
|
Allows you to filter BGP AS updates. Enter an AS number in the first field.
|
BGP AS fields
|
Allows you to enter an AS number in the first field and an ACL name in the second field.
|
BGP AS ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
Connected
|
Allows you to filter connected updates.
|
Connected field
|
Allows you to enter an ACL name.
|
Connected ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
OSPF PID
|
Allows you to filter OSPF instance identifier updates. Enter an OSPF instance name in the first field. Either enter an ACL name in the second field or click the ellipsis button to open a Select ACL dialog box and choose an ACL from the dialog box.
|
OSPF PID fields
|
Allows you to enter an OSPF instance name in the first field and an ACL name in the second field.
|
OSPF PID ellipsis button
|
Allows you to choose an ACL from the Select ACL dialog box.
|
Static
|
This field and ellipsis button allow you to filter static updates. Either enter an ACL name in the Static field or click the ellipsis button to open a Select ACL dialog box and choose an ACL from the dialog box.
|
Static field
|
Allows you to enter an ACL.
|
Static ellipsis button
|
Allows you to choose an ACL name from the Select ACL dialog box.
|
5.6.16.5.5 Route Redistribution Tab
The Route Redistribution tab allows you to redistribute information from one routing protocol to another. The protocols that are supported are connected, static, BGP, OSPF, and ISIS.
The following table describes the Route Redistribution tab fields.
Table 5-149 Field Descriptions for the Route Redistribution Tab
Field
|
Description
|
Redistribute into this process from Area
|
Protocol Type
|
Allows you to specify the protocol type.
|
Default Redistributed Route Metric
|
Displays the default metric for routes that are being redistributed to the OSPF. Values must be between 1 and 16777214.
|
Tag
|
Allows you to set the tag for routes that are redistributed to the OSPF. Values must be between 0 and 4292967295.
|
Policy
|
Displays the routing policy name.
|
OSPF Internal check box
|
Allows you to enable or disable OSPF internal route.
|
Instance Name
|
Displays the OSPF or ISIS instance name or protocol name.
|
AS Number
|
Allows you to specify the autonomous system number. Values must be between 1 and 65535.
|
ISIS Levels
|
Allows you to specify the level of the ISIS route.
|
NSSA external route types
|
Allows you to specify the OSPF NSSA external route type.
|
OSPF External
|
Allows you to specify the OSPF external route type.
|
Metric Type
|
Allows you to specify the OSPF external metric type.
|
5.6.16.5.6 Domain Tab
The Domain tab allows you to perform the following tasks:
•Set the primary domain parameters
•Create the secondary domain
•Set the domain tag
•Enable or disable the DN Bit check
The following table describes the Domain tab fields.
Table 5-150 Field Descriptions for the Domain Tab
Field
|
Description
|
Domain ID Area
|
Primary Domain ID Subarea
|
Type
|
Allows you to specify the primary domain ID type.
|
Value
|
Allows you to specify the primary domain ID value.
|
Secondary Domain ID
|
Type column
|
Displays the secondary domain ID type.
|
Value column
|
Displays the secondary domain ID value.
|
Add button
|
Allows you to add a secondary domain ID.
|
Remove button
|
Allows you to remove a secondary domain ID.
|
Domain Tag
|
Domain Tag field
|
Allows you to specify the 32-bit domain tag value. Values must be between 1 and 4294967295.
|
DN Bit Check
|
DN bit check box
|
Allows you to enable or disable DN bit check.
|
5.6.16.5.7 Operations Tab
The Operations tab allows you to perform the following tasks:
•Set the Clear Counters option for all message counters or for a specific neighbor IP address.
•Execute the clear counters operation.
•Set the Restart Session option for all LDP sessions or for a specific neighbor session.
•Execute the restart session operation.
The following table describes the Operations tab fields.
Table 5-151 Field Descriptions for the Operations Tab
Field
|
Description
|
Reset Commands Area
|
Reset VRF OSPF processes button
|
Allows you to reset an VRF OSPF router process without stopping and restarting it.
Clicking this button releases all OSPF resources allocated, cleans up the internal database, and shuts down and restarts all interfaces that belong to the process. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
|
Clear routing table Area
|
Clear VRF OSPF routing tables button
|
Allows you to clear VRF OSPF routes from the OSPF routing table.
Clicking this button clears all OSPF routes from the OSPF routing table and recomputes valid routes. When the OSPF routing table is cleared, OSPF routes in the global routing table are also recalculated.
|
Clear VRF redistributed route entries button
|
Allows you to clear all routes redistributed from other protocols out of the OSPF routing table. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
Clicking this button causes the routing table to be read again. If an unexpected route has not appeared in the OSPF redistribution, clearing OSPF redistribution causes OSPF to resend Type 5 and Type 7 LSAs that can be used by the routing table.
Caution This command can cause a significant number of LSAs to flood throughout the network. It is recommended that you use this command with caution.
|
Clear neighbor state transition count Area
|
Interface name
|
Allows you to specify the interface name for which you want to clear the state transition counter
|
Interface name field
|
Allows you to enter the interface name.
|
Interface name ellipsis button
|
Allows you to choose the interface name from the Select Interfaces dialog box.
|
Neighbor IP field
|
Allows you to enter the neighbor IP address of a specified neighbor for which you want to clear the state transition counter.
|
Clear button
|
Allows you to clear the OSPF statistics of neighbor state transitions. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
If an interface name and neighbor IP are not specified, this button clears all statistics.
|
5.6.16.5.8 Interface Settings Tab
The Interface Settings tab contains the following subtabs:
•General
•Authentication
The General subtab is displayed by default when the Interface Settings tab is clicked.
The following table describe the Interface Settings tab fields.
Table 5-152 Field Descriptions for the Interface Settings Tab
Field
|
Description
|
General Subtab
|
The General subtab allows you to perform the following tasks:
•Configure the designated router priority.
•Configure the resend interval.
•Configure the send delay.
•Configure the link cost, hello interval, and dead interval.
•Enable incoming network filtering.
•Choose a network broadcast behavior.
•Optimize process settings.
|
Basic Area
|
Designated Router priority field
|
Allows you to specify the router priority for the DR and backup designated routers (BDRs). Value must be between 0 and 255. The default value is 1.
When two routers attached to a network both attempt to become the designated router, the one with the higher router priority takes precedence. If there is a tie, the router with the higher router ID takes precedence. A router with a router priority set to zero is ineligible to become the DR or BDR. Router priority is configured only for interfaces to multiaccess networks (in other words, not point-to-point networks).
|
Retransmit Interval (sec) field
|
Allows you to specify the time between LSA retransmissions for adjacencies belonging to the interface. Value must be between 1 and 65535. The default value is 5.
When a router sends an LSA to its neighbor, it keeps the LSA until it receives the acknowledgment message. If the router receives no acknowledgment, it will resend the LSA.
The value of this parameter should be conservative, or needless retransmission will result. The value should be larger for serial lines and virtual links.
|
Transmit Delay (sec) field
|
Allows you to specify the estimated time required to send a link-state update packet on the interface. LSAs in the update packet have their age incremented by this amount before transmission. Value must be between 1 and 65535.
|
Link cost field
|
Allows you to specify the cost of the link. Value must be between 1 and 65535.
|
Hello Interval (sec) field
|
Allows you to specify the time between the hello packets that the software sends on an interface. This is the unsigned integer value to be advertised in the hello packets of the software. The value must be the same for all routers attached to a common network. Value must be between 1 and 65535.
|
Dead Interval (sec) field
|
Allows you to specify the length of time that the hello packets are suspended before neighbors declare the router down. As with the hello interval, this value must be the same for all routers attached to a common network. Value must be between 1 and 65535.
|
Filter incoming network updates Area
|
Distribute List ACL
|
This check box, field, and ellipsis button allow you to enable and specify the incoming network updates filter. Check the Distribute List ACL check box to enable the incoming network updates filter. Either enter an ACL name in the Distribute List ACL field or click the ellipsis button to open a Select ACL dialog box and choose an ACL from the dialog box.
|
Distribute List ACL check box
|
Allows you to enable incoming network updates filtering.
|
Distribute List ACL field
|
Allows you to enter an ACL name.
|
Distribute List ACL ellipsis button
|
Allows you to choose an ACL name from the Select ACL dialog box.
|
Network Broadcast Behavior Area
|
Network broadcast behavior list
|
Allows you to choose the type of attached network. This list configures the OSPF network type to a type other than the default for a given medium. Options are:
•Default for interface type.
•Broadcast—Sets the network type to broadcast.
•Non-broadcast—Sets the network type to nonbroadcast multiaccess (NBMA).
•Point-to-point—Sets the network type to point-to-point.
•Point-to-multipoint—Sets the network type to point-to-multipoint.
•Point-to-multipoint non-broadcast—Sets the point-to-multipoint network to nonbroadcast.
You can configure broadcast networks as NBMA networks when, for example, routers in your network do not support multicast addressing.
Configuring NBMA networks as either broadcast or nonbroadcast assumes that there are virtual circuits from every router to every other router or to every fully meshed network. However, there are other configurations where this assumption is not true; for example, a partially meshed network. In these cases, you can configure the OSPF network type as a point-to-multipoint network. Routing between two routers that are not directly connected will go through the router that has virtual circuits to both routers. You need not configure neighbors when using this command.
OSPF has two features related to point-to-multipoint networks. One feature applies to broadcast networks; the other feature applies to nonbroadcast networks:
•On point-to-multipoint, broadcast networks, you must specify a cost to that neighbor.
•On point-to-multipoint, nonbroadcast networks, you must identify neighbors; assigning a cost to a neighbor is optional.
|
Optimizations Area
|
Flood reduction list
|
Allows you to enable flood reduction, which suppresses unnecessary flooding of LSAs in stable topologies.
All routers supporting the OSPF demand circuit are compatible and can interact with routers supporting flooding reduction.
|
Demand circuit list
|
Allows you to enable demand circuit, which configures the OSPF protocol to treat the interface as an OSPF demand circuit.
On point-to-point interfaces, only one end of the demand circuit must be have demand circuit enabled. Periodic hello messages are suppressed and periodic refreshes of LSAs do not flood the demand circuit. Configuring the demand circuit allows the underlying data link layer to be closed when the topology is stable. In point-to-multipoint topology, only the multipoint end must have demand circuit enabled.
|
Ignore MTU setting list
|
Allows you to enable or disable the option to ignore maximum transmission unit (MTU) settings. Options are Enable and Disable. Choose Enable to ignore MTU settings.
Ignoring MTU settings prevents OSPF from verifying whether neighbors are using the same MTU on a common interface when exchanging database descriptor (DBD) packets. This check is performed when neighbors exchange DBD packets. If the receiving MTU in the DBD packet is higher than the MTU configured on the incoming interface, OSPF adjacency will not be established.
|
Database filtering list
|
Allows you to enable or disable database filters during flooding and synchronization. Options are Enable and Disable. Choose Enable to allow database filtering on outgoing LSAs to an OSPF interface. This feature is supported only at the interface level.
|
Passive list
|
Allows you to enable or disable the option to send OSPF updates on an interface. Options are Enable and Disable. Choose Enable to allow sending of OSPF updates.
This feature is used to reduce OSPF traffic over low-bandwidth, high-cost network lines such as ISDN.
|
Authentication Subtab
|
The Authentication subtab allows you to perform the following tasks:
•Choose the authentication type.
•Configure the plain authentication parameters.
•Configure MD5 authentication parameters.
|
Basics Area
|
Authentication Type list
|
Allows you to choose the authentication type. Options are:
•None—No authentication is used. Useful for overriding password or MD5 authentication if configured for an area.
•Plain—Plain text authentication is used.
•MD5—Message Digest 5 (MD5) authentication is used.
Specifying an authentication type for the interface overrides the authentication specified for the area to which this interface belongs.
The authentication type and password must be the same for all OSPF interfaces that are to communicate with each other through OSPF. If you specified plain text authentication, you must specify a plain text password.
|
Plain Authentication Area
|
Password
|
Allows you to enable plain authentication. Specifying a password assigns a password to be used by neighboring routers that are using the OSPF simple password authentication.
The password created is used as a "key" that is inserted directly into the OSPF header when the software originates routing protocol packets. A separate password can be assigned to each network on a per-interface basis. All neighboring routers on the same network must have the same password to be able to exchange OSPF information.
|
Password check box
|
Allows you to enable plain authentication.
|
Password field
|
Allows you to enter a password.
|
Encryption Type list
|
Allows you to choose the password encryption type. Options are:
•None
•Cisco Proprietary
|
MD5 Authentication Area
|
Key id column
|
Allows you to specify a key ID for the interface. Click Add to add a new row to the table then double-click the Key id column and enter a key ID.
Usually, one key per interface is used to generate authentication information when packets are sent and to authenticate incoming packets. The same key identifier on the neighbor router must have the same key value.
|
Password column
|
Allows you to specify a password for the interface. Double-click the password column and enter a password.
|
Encryption Type column
|
Allows you to specify the password encryption type for the interface. Double-click the Encryption Type column and choose an encryption type from the list. Options are:
•None
•Cisco Proprietary
|
5.6.16.6 Removing a VRF Instance
Note This procedure is available for CRS-1 and XR 12000 R3.3.
Step 1 Right-click a VRF in the OSPF Instance Tree and choose Remove VRF.
Step 2 Click Yes in the confirmation dialog box.
Step 3 Click OK in the Commit Status message box.
5.6.16.7 Creating a VRF Area
Note This procedure is available for CRS-1 and XR 12000 R3.3.
Step 1 Right-click a VRF instance in the OSPF Instance Tree and choose Add VRF area. The Add area dialog box opens.
Step 2 Choose an area type radio button. Options are Number or IP. The Area Type field becomes available.
Step 3 Enter an area number or area IP address in the field.
Step 4 Click OK A new VRF area is created and appears below the instance in the OSPF Instance Tree.
5.6.16.7.1 VRF Area Tabs
Click VRF under an instance in the OSPF Instance Tree to display the Area tabs.
5.6.16.7.2 General Tab
The General tab allows you to perform the following tasks:
•Choose the area type.
•Specify the summary route cost.
The following table describes the General tab fields.
Table 5-153 Field Descriptions for the General Tab
Field
|
Description
|
Basics Area
|
Area Type list
|
Allows you to choose the area type. Options are:
•Normal—Configure the area as a standard OSPF area (all external routes are flooded through the network). External routes are flooded bidirectionally across the Area Border Router (ABR).
•Stub—Configure the area as a stubby area.
•NSSA—Configure the area as a not-so-stubby area.
|
Totally stubby check box
|
Allows you to configure the area as a totally stubby area which means that only intra-area and the default route are allowed.
This check box is enabled when Stub or NSSA is chosen from the Area Type list.
|
Default information originate check box
|
Allows you to generate a Type 7 Cisco default into the NSSA area.
This check box is enabled when NSSA is chosen from the Area Type list.
|
Metric Type list
|
Allows you to choose the OSPF external metric type. Options are:
•type1
•type2
|
Default Metric field
|
Allows you to enter the OSPF default metric.
|
No redistribution check box
|
Allows you to import routes only into the normal areas, but not into the NSSA area.
This check box is enabled when NSSA is chosen from the Area Type list.
|
Summary Route Defaults Area
|
Default summary route cost field
|
Allows you to specify a cost for the default summary route sent into a stubby area.
|
5.6.16.7.3 Inter-area Summary Routes Tab
The Inter-area Summary Routes tab allows you to perform the following tasks:
•Specify interarea summary routes.
•Choose to advertise type 3 labels.
The following table describes the Inter-area Summary Routes tab fields.
Table 5-154 Field Descriptions for the Inter-area Summary Routes Tab
Field
|
Description
|
Configuration Area
|
IP / Mask fields
|
Allows you to create aggregate addresses for routes being redistributed from another routing protocol into the OSPF protocol.
|
Advertise type 3 labels
|
Allows you to advertise type 3 labels to other areas.
|
5.6.16.7.4 Virtual Links Tab
The Virtual Links tab allows you to perform the following tasks:
•Specify the neighbor router parameters.
•Set the authentication parameters.
It contains the following subtabs:
•General
•Authentication
The following table describes the Virtual Links tab fields.
Table 5-155 Field Descriptions for the Virtual Links Tab
Field
|
Description
|
General Subtab
|
The General subtab allows you to perform the following tasks:
•Specify the neighbor router ID.
•Specify the hello, dead, and retransmit interval for the neighbor.
•Specify the transmit delay for the neighbor.
|
Basic Area
|
Neighbor Router ID field
|
Allows you to specify the router ID of a virtual link neighbor. The ID is internally derived by each router from the interface IP address of the router.
|
Hello Interval (sec) field
|
Allows you to specify the time between the hello packets that the software sends on an interface. It is an unsigned integer value to be advertised in the hello packets of the software. The value must be the same for all routers attached to a common network.
|
Dead Interval (sec) field
|
Allows you to specify the time that OSPF waits for hello packets from a neighbor before declaring that the neighboring router is unavailable. It is an unsigned integer value.This value must be the same for all routers attached to a common network.
|
Retransmit Interval (sec) field
|
Allows you to specify the time between LSA retransmissions for adjacencies belonging to the interface. It is the expected round-trip delay between any two routers on the attached network. The value must be greater than the expected round-trip delay.
|
Transmit Delay (sec) field
|
Allows you to specify the estimated time required to send a link-state update packet on the interface. It is an integer value that must be greater than zero. LSAs in the update packet have their age incremented by this amount before transmission.
|
Authentication Subtab
|
The Authentication subtab allows you to perform the following tasks:
•Specify the authentication type for the neighbor.
•Specify the password to be used by neighbors.
|
Basics Area
|
Authentication Type list
|
Allows you to choose the authentication type. Options are:
•None—No authentication is used. Useful for overriding password or MD5 authentication if configured for an area.
•Plain—Plain text authentication is used.
•MD5— MD5 authentication is used.
Specifying an authentication type for the interface overrides the authentication specified for the area to which this interface belongs.
The authentication type and password must be the same for all OSPF interfaces that are to communicate with each other through OSPF. If you specified plain text authentication, you must specify a plain text password.
|
Plain Authentication Area
|
Password
|
Allows you to specify the password the neighbor must use.
The password acts as a key that allows the authentication procedure to generate or verify the authentication field in the OSPF header. The password is inserted directly into the OSPF header when originating routing protocol packets. A separate password can be assigned to each network on a per-interface basis. All neighboring routers on the same network must have the same password to route OSPF traffic.
|
Password check box
|
Allows you to enable plain authentication.
|
Password field
|
Allows you to enter a password if no message-digest keys are configured.
This field is enabled when the Password check box is activated.
|
Encryption Type list
|
Allows you to choose the encryption type. Options are:
•None—An unencrypted password will follow.
•Cisco Proprietary—An encrypted password will follow.
The password is stored in encrypted form on the router.
|
MD5 Authentication Area
|
MD5 Authentication table
|
Allows you to define an OSPF virtual link with a key identifier and password for MD5 authentication.
To add a row to the table, click Add. To remove a row from the table, choose a row and then click Remove.
Click the Add button to add an MD5 authentication link. Choose a row in the table and click Remove to delete an MD5 authentication link.
|
Key id column
|
Allows you to specify the key ID. The routers at both ends of the virtual link must have the same key ID to route OSPF traffic.
|
Password column
|
Allows you to specify the password. The routers at both ends of the virtual link must have the same password to route OSPF traffic.
|
Encryption Type column
|
Allows you to choose the encryption type. Options are:
•None—An unencrypted password will follow.
•Cisco Proprietary—An encrypted password will follow.
The password is stored in encrypted form on the router.
Double-click the cell in the Encryption Type column to activate it and choose an encryption type.
|
5.6.16.7.5 Interface Settings Tab
The Interface Settings tab allows you to perform the following tasks:
•Specify the interface name.
•Configure interface parameters and optimizations.
•Configure the interface authentication parameters.
•Configure the nonbroadcast network parameters.
It contains the following subtabs:
•General
•Authentication
•Nonbroadcast Network
The following table describes the General subtab fields.
Table 5-156 Field Descriptions for the Interface Settings Tab
Field
|
Description
|
General Subtab
|
The General subtab allows you to perform the following tasks:
•Specify the interface name.
•Specify filtering on incoming network updates.
•Configure interface parameters including designated router priority, retransmit, hello, and dead interval, transmit delay, and link cost.
•Choose the interface optimizations.
The parameters in the General subtab always use the most specific value specified. For example, if a parameter is specified at the Interface level it will use that value and not the values specified for the same parameter at the Area or Process level.
•Process—If the parameter is not specified for the Area level, the interface adopts the parameter specified for the process.
•Area—If the parameter is not specified for the Interface level, the interface adopts the parameter specified for the area.
•Interface—The interface adopts the parameter specified by the interface.
|
Interface Name Area
|
Name
|
Allows you to specify the interface name. There are three levels:
•Process Level—Not user-configurable. Allows you to display the settings at the Process Level.
•Area Level—Not user-configurable. Allows you to display the settings at the Area Level.
•Interface Level—Allows you to associate an interface with an area.
|
Name field
|
Allows you to view the chosen interface name.
The Process Level and Area Level names will appear in the field if they are chosen from the Interface Settings table. They are not user configurable.
Click the Add Record tool on the OSPF Configuration toolbar to associate the interface with an area.
|
Name ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box.
This ellipsis button is enabled when an interface is chosen in the Interface Settings table.
|
Filter incoming network updates Area
|
Distribute List ACL
|
Allows you to filter networks received in OSPF updates and is used to limit which OSPF routes are installed on this router. It does not affect the OSPF protocol itself.
If this parameter is not specified at any level, the distribute list is disabled.
|
Distribute List ACL check box
|
Allows you to enable incoming network updates filtering by applying the chosen access list to incoming routing updates.
|
Distribute List ACL field
|
Allows you to enter an access list name.
The access list defines which networks are to be received and which are to be suppressed in routing updates.
This field is enabled when the Distribute ACL check box is activated.
|
Distribute List ACL ellipsis button
|
Allows you to choose an access list from the Select ACL dialog box.
This ellipsis button is enabled when the Distribute ACL check box is activated.
|
Basics Area
|
Designated Router priority field
|
Allows you to set the router priority, which helps determine the designated router for this network.
If this parameter is not specified at any level, the designated router priority is 1.
|
Retransmit Interval (sec) field
|
Allows you to specify the time between LSA retransmissions for adjacencies belonging to the interface. When a router sends an LSA to its neighbor, it keeps the LSA until it receives the acknowledgment message. If the router receives no acknowledgment, it will resend the LSA.
This parameter should be conservative, or needless retransmission will result. The value should be larger for serial lines and virtual links.
If this parameter is not specified at any level, the retransmit interval is 5.
|
Transmit Delay (sec) field
|
Allows you to specify the transmission delay for LSAs.
If this parameter is not specified at any level, the transmit delay is 1.
|
Link Cost field
|
Allows you to specify the cost of sending a packet on an interface.
In general, the path cost is calculated using the following formula:
108 / bandwidth
If this parameter is not specified at any level, the link cost is automatically calculated.
|
Hello Interval (sec) field
|
Allows you to specify the interval between hello packets that are sent on the interface. The hello interval value is advertised in the hello packets. The shorter the hello interval, the faster topological changes will be detected, but more routing traffic will occur. This value must be the same for all routers and access servers on a specific network.
If this parameter is not specified at any level, the hello interval is 10 seconds for broadcast and point-to-point or 30 seconds for nonbroadcast.
|
Dead Interval (sec) field
|
To set the interval at which hello packets are suspended before neighbors declare the router down. This value must be the same for all routers and access servers on a specific network. The dead interval value must be larger than the hello interval value.
If this parameter is not specified at any level, the dead interval is 4 times the hello interval.
|
Optimizations Area
|
Flood reduction list
|
Allows you to suppress the unnecessary flooding of LSAs in stable topologies. All routers supporting the OSPF demand circuit are compatible and can interact with routers supporting flooding reduction.
If this parameter is not specified at any level, the flood reduction parameter is disabled.
|
Demand circuit list
|
Allows you to configure the OSPF protocol to treat the interface as an OSPF demand circuit.
On point-to-point interfaces, only one end of the demand circuit must be configured with this command. Periodic hello messages are suppressed and periodic refreshes of LSAs do not flood the demand circuit. Enabling the demand circuit allows the underlying data link layer to be closed when the topology is stable. In point-to-multipoint topology, only the multipoint end must be configured.
If this parameter is not specified at any level, the demand circuit parameter is disabled.
|
Ignore MTU setting list
|
Allows you to prevent OSPF from verifying whether neighbors are using the same MTU on a common interface when exchanging DBD packets.
The ignore MTU setting verifies whether OSPF neighbors are using the same MTU on a common interface. This check is performed when neighbors exchange DBD packets. If the receiving MTU in the DBD packet is higher than the MTU configured on the incoming interface, OSPF adjacency will not be established.
If this parameter is not specified at any level, the OSPF checks the MTU received from neighbors when exchanging DBD packets.
|
Database filtering list
|
Allows you to filter OSPF LSAs during synchronization and flooding.
If this parameter is not specified at any level, database filtering is disabled.
|
Passive list
|
Allows you to suppress the sending of OSPF updates on an interface. This passive parameter is used to reduce OSPF traffic over low-bandwidth, high-cost network lines such as ISDN.
If this parameter is not specified at any level, the passive list is disabled and OSPF updates are sent on the interface.
|
Authentication Subtab
|
The Authentication subtab allows you to perform the following tasks:
•Choose the authentication type.
•Set the plain authentication password.
•Choose the MD5 authentication.
The parameters in the Authentication subtab always use the most specific value specified. For example, if a parameter is specified at the Interface level, it will use that value and not the values specified for the same parameter at the Area or Process level.
•Process—If the parameter is not specified for the Area level, the interface adopts the parameter specified for the process.
•Area—If the parameter is not specified for the Interface level, the interface adopts the parameter specified for the area.
•Interface—The interface adopts the parameter specified by the interface.
|
Basics Area
|
Authentication Type list
|
Allows you to choose the authentication type. Options are:
•None—No authentication is used. Useful for overriding password or MD5 authentication if configured for an area.
•Plain—Plain text authentication is used.
•MD5—MD5 authentication is used.
•Inherited—Authentication is inherited.
Specifying an authentication type for the interface overrides the authentication specified for the area to which this interface belongs.
The authentication type and password must be the same for all OSPF interfaces that are to communicate with each other through OSPF. If you specified plain text authentication, you must specify a plain text password.
|
Plain Authentication Area
|
Password
|
Allows you to specify the password the interface must use.
The password acts as a key that allows the authentication procedure to generate or verify the authentication field in the OSPF header. The password is inserted directly into the OSPF header when originating routing protocol packets. A separate password can be assigned to each network on a per-interface basis.
|
Password check box
|
Allows you to enable plain authentication.
|
Password field
|
Allows you to enter a password if no message-digest keys are configured.
This field is enabled when the Password check box is activated.
|
Encryption Type list
|
Allows you to choose the encryption type. Options are:
•None—An unencrypted password will follow.
•Cisco Proprietary—An encrypted password will follow.
The password is stored in encrypted form on the router.
|
MDS Authentication Table
|
MD5 Authentication table
|
Allows you to define an OSPF virtual link with a key identifier and password for MD5 authentication.
To add a row to the table, click Add. To remove a row from the table, choose a row; then, click Remove.
Click the Add button to add an MD5 authentication link. Choose a row in the table and click Remove to delete an MD5 authentication link.
If MD5 authentication is not specified at any level, MD5 authentication is unavailable for the interface.
|
Key id column
|
Allows you to specify the key ID. The routers at both ends of the virtual link must have the same key ID to route OSPF traffic.
|
Password column
|
Allows you to specify the password. The routers at both ends of the virtual link must have the same password to route OSPF traffic.
|
Encryption Type column
|
Allows you to choose the encryption type. Options are:
•None—Password is unencrypted.
•Cisco Proprietary—Password is encrypted and stored on the router.
Double-click the cell in the Encryption Type column to activate it and choose an encryption type.
|
Nonbroadcast Network Subtab
|
The Nonbroadcast Network subtab allows you to perform the following tasks:
•Choose the nonbroadcast behavior.
•Configure the nonbroadcast network.
The parameters in the Nonbroadcast Network subtab always use the most specific value specified. For example, if a parameter is specified at the Interface level, it will use that value and not the values specified for the same parameter at the Area or Process level.
•Process—If the parameter is not specified for the Area level, the interface adopts the parameter specified for the process.
•Area—If the parameter is not specified for the Interface level, the interface adopts the parameter specified for the area.
•Interface—The interface adopts the parameter specified by the interface.
|
Basics Area
|
Network broadcast behavior list
|
Allows you to choose the broadcast behavior for the interface. Options are:
•Default for interface type
•Broadcast
•Nonbroadcast
•Point-to-point
•Point-to-multipoint
•Point-to-multipoint nonbroadcast
If the broadcast behavior is not specified at any level, the default for the interface type is used.
|
Nonbroadcast Network Area
|
IP Address column
|
Allows you to enter an IP address for the neighbor. Double-click the cell to activate it; then, enter an IP address.
|
Priority column
|
Allows you to enter an 8-bit number indicating the router priority value of the nonbroadcast neighbor associated with the IP address specified.
Priority does not apply to point-to-multipoint interfaces.
|
Poll Interval column
|
Allows you to enter an unsigned integer value reflecting the poll interval. RFC 1247 recommends that this value be much larger than the hello interval.
Poll Interval does not apply to point-to-multipoint interfaces.
|
Link Cost
|
Allows you to assigns a cost to the neighbor. Neighbors with no specific cost configured will assume the cost of the interface, based on the cost command. On point-to-multipoint interfaces, Link Cost is the only column that applies. Link Cost does not apply to NBMA networks.
|
Database Filtering column
|
Allows you to enable filtering on all outgoing LSAs to an OSPF neighbor during synchronization and flooding for point-to-multipoint neighbors on nonbroadcast networks. Double-click the column to activate the column and switch between true and false.
|
5.6.16.8 Removing a VRF Area
Note This procedure is available for CRS-1 and XR 12000 R3.3.
Step 1 Right-click a VRF area in the OSPF Instance Tree and choose Remove area.
Step 2 Click Yes in the confirmation dialog box.
Step 3 Click OK in the Commit Status message box.
5.6.17 RSVP Configuration Application
The RSVP Configuration application contains the following tabs:
•Interfaces Tab
•General Tab
•Operations Tab
The RSVP Configuration application allows you to configure the Resource Reservation Protocol (RSVP).
RSVP is an end-to-end admission control and reservation signaling protocol that enables systems to request resource reservations from the network. RSVP processes protocol messages from other systems, processes resource requests from local clients, and generates protocol messages. As a result, resources are reserved for data flows on behalf of local and remote clients. RSVP creates, maintains, and deletes these resource reservations. Multiprotocol Label Switching (MPLS) uses RSVP to signal Label Switched Path (LSP).
5.6.17.1 Interfaces Tab
The Interfaces tab allows you to perform the following tasks:
•Configure the RSVP interface.
•Configure the signaling messages.
•Configure the refresh messages.
•Configure refresh reduction parameters.
•Specify the DSCP for the interface.
The following table describes the Interfaces tab fields.
Table 5-157 Field Descriptions for the Interfaces Tab
Field
|
Description
|
Basics Area
|
Interface Name
|
Allows you to configure RSVP bandwidth on an interface.
When RSVP is enabled on an interface, no bandwidth resources are specified for RSVP on that interface. The Interface Name field is used to specify the RSVP bandwidth on an interface so that RSVP can make bandwidth reservations on behalf of applications (for instance, MPLS-TE). If the RSVP bandwidth on an interface is 0, RSVP can be used only to signal for flows that do not require bandwidth.
If RSVP Reservation messages are received on an interface different from the one through which the corresponding path message was sent out, the interfaces are adjusted such that all resource reservations, such as bandwidth, are done on the outgoing interface of the path message.
|
Interface Name field
|
Allows you to enter an interface name.
|
Interface Name ellipsis button
|
Allows you to choose an interface name from the Select Interfaces dialog box.
|
Reserved BW (kbps) field
|
Allows you to specify the total reservable bandwidth that RSVP will accept for reservations on this interface.
|
Max. flow (kbps) field
|
Allows you to specify the maximum size of a single reservation.
|
Sub Pool (kbps) field
|
Allows you to specify the reservable subpool bandwidth on the interface. The value cannot be higher than the total bandwidth.
|
Signaling Message Rate Area
|
Limit Signaling Message Rate check box
|
Allows you to limit the rate of RSVP signaling messages being sent out on a particular interface.
Limiting the rate of RSVP signaling has the advantage of avoiding an overload of the input queue of the next hop router, because such overloads would cause the next hop router to drop RSVP messages. Reliable messaging and rapid resend usually enable the router to recover rapidly from message drops, so rate limiting might not be necessary. If you set the rate too low, you can cause slower convergence times.
Checking the Limit Signaling Message Rate check box limits all RSVP messages except acknowledgments (ACK) and SRefresh messages. It does not let you make a router generate messages faster than its inherent limit. The inherent limit differs among router models.
|
Number of messages field
|
Allows you to specify the number of messages to be sent per scheduling interval.
|
Interval (ms) field
|
Allows you to specify the interval length between scheduling intervals.
|
Refresh Messages Area
|
Missed message limit field
|
Allows you to specify the number of successive refresh messages that can be missed before the RSVP deems a state to be expired (resulting in the state to be torn down).
|
Message interval (sec) field
|
Allows you to specify the frequency at which refresh messages are sent through a particular interface to the peer router to refresh the path and reservation states.
RSVP relies on a soft-state mechanism to maintain state consistency in the face of network losses. That mechanism is based on continuous refresh messages to keep a state current. Each RSVP router is responsible for sending periodic refresh messages to its neighbors.
The router attempts to randomize network traffic and reduce metronomic burstiness by jittering the actual interval between refreshes by as much as 50 percent. As a result, refreshes might not be sent at exactly the interval specified. However, the average rate of refreshes is within the specified refresh interval.
Lengthening the interval reduces the refresh load of RSVP on the network but causes downstream nodes to hold the state longer, and reduces the responsiveness of the network to failure scenarios. Shortening the interval improves network responsiveness but expands the messaging load on the network.
|
Refresh Reduction Area
|
Enable Refresh Reduction check box
|
Allows you to enable or disable RSVP refresh reduction on an interface.
The following features of the IETF refresh reduction standard RFC2961 are enabled when the Enable Refresh Reduction check box is checked:
•Refresh-reduction enabled bit in message headers.
•Message-ID usage.
•Reliable messaging with rapid resend, and ACK and negative acknowledgment (NACK) messages.
•Summary refresh extension.
Because refresh reduction relies on cooperation of the neighbor, the neighbor must also support the standard. If the router detects that a neighbor is not supporting the refresh reduction standard (either through observing the refresh-reduction-enabled bit in messages received from the next hop, or by sending a Message-ID object to the next hop and receiving an error), refresh reduction will not be used on this link.
|
Max ACK size (bytes) field
|
Allows you to specify the maximum size of a single acknowledgment message. This length includes the RSVP message header and any other RSVP object headers. It does not include the IP header or any other Layer 3 or Layer 2 overheads.
|
ACK hold time (ms) field
|
Allows you to specify the maximum amount of time a router will hold onto an acknowledgment before sending it, in an attempt to bundle several acknowledgments into a single acknowledgment message.
|
Retransmit time (ms) field
|
Allows you to specify the amount of time the router initially waits for an acknowledgment message before resending the RSVP message. If still no acknowledgment is received, the router doubles this interval and resends again. After five successive backoffs, the original RSVP message sent through the normal refresh mechanism is discarded.
|
Enable Summary Refresh check box
|
Allows you to enable the use of ACK and NACK for summary refresh messages.
|
Summary Messaging Area
|
Max message size (bytes) field
|
Allows you to specify the maximum message size for summary refresh messages.
|
DSCP Area
|
Override with value field
|
Allows you to specify the differentiated services code point (DSCP) for the interface and gives all RSVP signaling packets sent out on a specific interface higher priority in the network by marking them with a particular DSCP.
DSCP marking improves signaling setup and teardown times. Ordinarily, when a router receives path messages for a particular state marked with a DSCP value, it sends out path messages for that state, marked with the same DSCP value. The Override with value feature overrides that DSCP persistence and ensures that all messages sent out on a particular interface are marked with a specified DSCP.
The override value controls RSVP signaling packets and has no effect on ordinary IP or MPLS data packets traveling along the path created or reserved by this RSVP session.
DSCP persistence operates on a per-state basis, but this feature operates on a per-interface basis. So, if some incoming message (for example, multicast path) with DSCP 10 causes two outgoing messages on interfaces A and B, ordinarily both will be sent out with DSCP 10. If signaling DSCP 5 is configured for RSVP on interface A, the path messages being sent out on interface A would be marked with DSCP 5, but the path messages being sent out on interface B would still be marked with DSCP 10.
Note that there is a difference between the signaling DSCP 0 and no signaling DSCP. DSCP 0 instructs RSVP to explicitly set to 0 the DSCP on all packets sent out on this interface. No signaling DSCP removes any override on the packets being sent out on this interface, and allows the DSCP of received packets that created this state to persist on packets forwarded out on this interface.
|
5.6.17.2 General Tab
The General tab allows you to configure the graceful restart parameters.
The following table describes the General tab fields.
Table 5-158 Field Descriptions for the General Tab
Field
|
Description
|
Enable Graceful Restart check box
|
Allows you to enable or disable graceful restart.
Graceful restart provides a mechanism that helps minimize the negative effects on MPLS or Optical UNI (OUNI) traffic for the following types of faults. This is an implementation of the Fault handling section of the Internet Engineering Task Force (IETF) standard RFC3473:
•Control channel failure—Disruption of control channels between two nodes occurs when the control channels are separated from the data channels.
•Node failure—If the control plane of a node fails, the node preserves its data forwarding states.
Graceful restart requires the use of RSVP hello messages. When graceful restart is enabled, RSVP attempts to exchange hello messages with its neighbor nodes. Once the hello messages are exchanged with a given neighbor, RSVP can then detect the two types of fault when they occur with the given neighbor.
|
Graceful Restart Time (secs) field
|
Allows you to specify the restart time that is advertised in the Restart Cap object in hello messages.
If no hello messages are received from a neighbor within a certain number of hello intervals, a node assumes that communication with the neighbor has been lost. The node waits the amount of time set by the last restart time communicated by the neighbor before invoking procedures related to communication loss.
The Graceful Restart time is important in case of recovery from failure. The configured value should accurately reflect the amount of time within which, after a control-plane restart, RSVP can start exchanging hello messages. Note that having a long restart time is useful in case of control channel failure to have enough time to fix the link failure problem.
|
Graceful Restart Hello Interval (millisecs) field
|
Allows you to specify the interval at which RSVP graceful restart hello messages are sent per neighbor.
The graceful restart hello interval determines how often hello messages are sent to each neighbor. If the interval is made short, the hello messages are sent more frequently. A short interval might help detect failures quickly; however this results in increased network traffic. Optimizations in the RSVP hello mechanism exist to reduce the number of hello messages traveling over the network.
When an RSVP hello message is received, the receiving node acknowledges the hello and restarts its hello timer to the neighbor. A hello is sent to the neighbor only if a hello is not received before the hello refresh interval has expired.
If two neighboring nodes do not have the same hello interval, the node with the larger hello interval must acknowledge its neighbor's (more frequent) hellos. For instance, if node A has a hello interval of 5 seconds and node B has a hello interval of 10 seconds, node B still must send hello messages every 5 seconds.
|
Graceful Restart Max. Missed Messages field
|
Allows you to specify the number of consecutive missed RSVP hello messages before a neighbor is declared down or unreachable.
If no hello messages (request or ACK) are received from a neighbor within the configured number of refresh misses, a node assumes that communication with the neighbor has been lost. The value should be configured such that faults are detected quickly but reliably.
|
5.6.17.3 Operations Tab
The Operations tab allows you to clear counters.
The following table describes the Operations tab fields.
Table 5-159 Field Descriptions for the Operations Tab
Field
|
Description
|
All Counters radio button
|
Allows you to choose to clear all counters.
|
Counter for this Interface
|
Allows you to clear counters for the specified interface.
|
Counter for this Interface radio button
|
Allows you to enable clearing counters for a specified interface.
|
Counter for this Interface field
|
Allows you to enter an interface name.
This field is enabled when the Counter for this Interface radio button is activated.
|
Counter for this Interface ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box.
This field is enabled when the Counter for this Interface radio button is activated.
|
All Event Counters radio button
|
Allows you to choose to clear all event counters.
|
Event counter for this Interface
|
Allows you to clear event counters for the specified interface.
|
Event counter for this Interface radio button
|
Allows you to enable clearing counters for all events on an interface.
|
Event counter for this Interface field
|
Allows you to enter an interface name.
This field is enabled when the Event counter for this Interface radio button is activated.
|
Event counter for this Interface ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box.
This field is enabled when the Event counter for this Interface radio button is activated.
|
All Message Counters radio button
|
Allows you to choose to clear all message counters.
|
Message Counters for this Interface
|
Allows you to clear message counters for the specified interface.
|
Message Counters for this Interface radio button
|
Allows you to enable clearing counters for all events on an interface.
|
Message Counters for this Interface field
|
Allows you to enter an interface name.
This field is enabled when the Message Counters for this Interface radio button is activated.
|
Message Counters for this Interface ellipsis button
|
Allows you to choose an interface from the Select Interfaces dialog box.
This field is enabled when the Message Counters for this Interface radio button is activated.
|
Clear Counters button
|
Executes the clear operation based on the criteria configured in the Clear Counters area. When the button is clicked, a Confirm dialog box opens. Click Yes to proceed with the operation or click No to cancel the operation.
|
5.6.18 Static Route Configuration
A static route is a user-defined explicit path between two network devices. It can point to a forwarding interface, next-hop IP address, or both. Static routes are useful for smaller networks with only one path to an outside network. It also provides security for larger networks with certain types of traffic or links to other networks that need more control. In general, most networks use dynamic routing protocols to communicate between network devices but may have one or two static routes configured for special cases.
This application supports both global and VRF-aware static route creation, modification, and deletion.
5.6.18.1 Global Routes Tab
The Global Routes tab allows users to configure global static routes.
Note In CTM R7.0, IPv4 unicast is the only supported address-family type.
The following table describes the Global Routes tab fields.
Table 5-160 Field Descriptions for the Global Routes Tab
Field
|
Description
|
Basics Area
|
Address Family Type
|
Allows you to select from the list the name of the address family type. The default value is IPv4 Unicast.
|
Route Details Area
|
Prefix/Prefix Length
|
Displays the destination prefix and destination prefix length of the route.
|
Via Subarea
|
Forwarding Table
|
Provides ways on how the forwarding interface and next-hop IP address can be resolved. Values are:
•Same—Finding resolution from the global routing table.
•Other VRF—Finding resolution from a specified VRF table.
|
Forwarding VRF
|
Allows you to specify the forwarding VRF table name. The name can have a maximum of 32 characters and must be a valid VRF.
|
Forwarding Interface
|
Allows you to specify the forwarding interface name.
Note To complete a route entry, you must specify one forwarding interface or one next hop IP address.
|
Nexthop Address
|
Allows you to specify the next hop's IP address.
Note To complete a route entry, you must specify one forwarding interface or one next hop IP address.
|
Misc Subarea
|
Distance
|
Allows you to specify the distance metric of the path. Value must be between 1 and 254.
|
Tag
|
Allows you to specify the tag for the path. Value must be between 1 and 4294967295.
|
Permanent check box
|
If checked, the static route is installed in the Routing Information Base (RIB) of the router regardless of the destination's reachability. Otherwise, the route entry is installed in the router's RIB if the destination is reachable.
|
5.6.18.2 VRF Route Tabs
The VRF Route tab allows users to configure VRF-specific static routes.
Note In CTM R7.0, IPv4 unicast is the only supported address-family type.
The following table describes the VRF Route tab fields.
Table 5-161 Field Descriptions for the VRF Route Tab
Field
|
Description
|
Basics Area
|
VRF Name
|
Allows you to specify the VRF name.
|
VRF Name ellipsis button
|
Allows you to select the name of the VRF from the Select VRF dialog box.
|
Address Family Type
|
Allows you to select from the list the name of the address family type. The default value is IPv4 Unicast.
|
Route Details Area
|
Prefix/Prefix Length
|
Displays the destination prefix and destination prefix length of the route.
|
Via Subarea
|
Forwarding Table
|
Allows you to specify the packet's forwarding mechanism. Values are:
•Same—Allows you to use the same VRF table specified in the VRF Name field to resolve the forwarding interface or next-hop IP address.
•Other VRF—Allows you to use a VRF table other than the VRF table specified in the VRF Name field to resolve the forwarding interface or next-hop IP address.
|
Forwarding VRF
|
Allows you to specify the forwarding VRF table name. The name can have a maximum of 32 characters and must be a valid VRF.
•Manually enter `default' as the VRF Name to use the global routing table to resolve the forwarding interface or next-hop IP address.
|
Forwarding Interface
|
Allows you to specify the forwarding interface name.
|
Nexthop Address
|
Allows you to specify the next hop's IP address.
|
Misc Subarea
|
Distance
|
Allows you to specify the distance metric of the path. Value must be between 1 and 254.
|
Tag
|
Allows you to specify the tag for the path. Value must be between 1 and 4294967295.
|
Permanent check box
|
If checked, the static route is installed in the Routing Information Base (RIB) of the router regardless of the destination's reachability. Otherwise, the route entry is installed in the router's RIB if the destination is reachable.
|
5.6.19 Template Configuration
CTM allows users to record configuration operations for CRS-1 and XR 12000 NEs and apply them to several CRS-1 and XR 12000 NEs at a scheduled time.
5.6.19.1 Recording Configuration Operations
Configuration operations are recorded in ASCII CLI format and saved as template files in a local directory or on the server.
Step 1 In the NE Explorer, choose Configuration > Template Configuration > Start Recording (or click the Start Template Configuration CLI Recording tool). The Start Template Configuration CLI Recording tool changes to the Stop Template Configuration CLI Recording tool.
Step 2 Perform configuration operations on the NE. The following configuration applications are supported:
•Explicit Path configuration
•MPLS-TE configuration
•VRF configuration
•Access control lists
•QoS policy
•Routing policy
•BGP configuration
•ISIS configuration
•LDP configuration
•OSPF configuration
•RSVP configuration
•Static route configuration
Note You can perform configuration operations on multiple applications in the NE Explorer.
Step 3 Choose Configuration > Template Configuration > Stop Recording (or click the Stop Template Configuration CLI Recording tool). The Stop Template Configuration CLI Recording tool changes to the Start Template Configuration CLI Recording tool. The Save Template Configuration dialog box opens.
Step 4 Select where you want to save the template file. In the File Location area, select one of the following radio buttons:
•Local—Saves the template file in a local directory. In the File Name area, enter the directory path or click Browse for a particular destination.
•Server—Saves the template file on the server. After you specify the filename, the file is saved under /opt/CiscoTransportManagerServer/admin/template/Cisco_CRS-1 (for the CRS-1) or /opt/CiscoTransportManagerServer/admin/template/Cisco_XR_12000 (for the XR 12000).
Step 5 Click Save.
Note If any of the configuration operations fail, those configuration operations will not be recorded and stored in the template file.
Note If you close the NE Explorer while the recording process is going on, the configuration operations you performed since the last successful recording will not be stored in a template file.
5.6.19.2 Applying Configuration Templates
Template files can be applied to multiple CRS-1 and XR 12000 NEs at a scheduled time.
Step 1 In the Domain Explorer, choose Configuration > Cisco XR 12000 > Template Configuration. The Template Configuration Wizard opens.
Step 2 Enter the following information (see Table 5-162 for details):
•NE Model
•Network Elements
•Source
•Job Comments
•Time
Step 3 Click Finish.
Applying templates that contain the following configuration details might fail since interfaces might not be the same for all NEs:
•QoS policies
•Routing policy
•BGP configuration
•ISIS configuration
•LDP configuration
•OSPF configuration
•RSVP configuration
•Static route configuration
Table 5-162 Field Descriptions for the Template Configuration Wizard
Field
|
Description
|
NE Model
|
Select the NE model to which you want to apply the configuration template. The model you select determines the NEs that are displayed in the Network Elements field.
Note You can apply configuration templates to several NEs that belong to the same NE model.
|
Network Elements
|
Use the Add and Remove buttons to move the NE to which you want to apply the configuration template to the Selected NEs list.
|
Source
|
Specify the location of the template file:
•Click Local to browse a local client directory.
•Click Server to get the template file from the CTM server.
If the template is already saved under /opt/CiscoTransportManagerServer/admin/template/Cisco_CRS-1 (for the CRS-1) or /opt/CiscoTransportManagerServer/admin/template/Cisco_XR_12000 (for the XR 12000), the location is shown automatically in the GUI and you can select a file to download to the NE.
|
Job Comments
|
Enter comments about the template configuration procedure, if needed.
|
Time (time zone)
|
Set a time for applying the configuration template. Click Now to begin immediately, or click At Time and specify when to begin, in 5-minute increments.
|
5.6.20 Telnet Plus
Use Telnet Plus connectivity to manage the CRS-1 and XR 12000 using the CLI without launching external applications for Telnet. The Telnet Plus application provides a terminal emulation client integrated within the user interface, which allows you to connect to the CRS-1 and XR 12000, issue CLI commands, and receive responses without leaving the user interface.
Note Since the Telnet session is initiated from the Sun Solaris workstation or Microsoft Windows PC client directly to the NE, it is required that the NE's IP address is reachable from the Sun Solaris workstation or Microsoft Windows PC running the CTM client. In addition, the NE's name as it appears in the CTM client, must be resolved by the CTM client.
To launch the Telnet Plus application, select a logical router (LR) node in the NE Explorer tree and choose Configuration > Telnet.
When the Telnet Plus application is started, CTM logs in using the username and password provided during the login procedure. If the authentication fails, you must manually enter the username and password.
The following Telnet Plus functions are supported:
•Telnet Plus client functionality to connect to a CRS-1 or XR 12000 router.
•Ability to launch multiple sessions to the same CRS-1 or XR 12000 router.
•Use of full-length lines.
•Storage and recall of commonly used commands in the Telnet Plus window buffer.
•Ability to save all the commands in the buffer to a file, browse saved files, and retrieve and load commands saved to files in the buffer.
•Clipboard functionality.
•Ability to launch a snapshot window of the Telnet Plus session, allowing you to view, print, copy, or search a selected portion of the session while continuing your Telnet work. You can copy and paste between the snapshot and the Telnet Plus session, and important information will not scroll off the screen.
•Ability to specify a batch file for batch-mode execution of commands.
5.6.21 SSHv1 and SSHv2
Use Secure Shell Protocol (SSH) connectivity to manage the CRS-1 and XR 12000 using its CLI without launching external applications for SSH. The SSH Plus application is the same as Telnet Plus, except that SSH provides secure login sessions by encrypting the entire session.
Note Since the SSH session is initiated from the Sun Solaris workstation or Microsoft Windows PC client directly to the NE, it is required that the NE's IP address is reachable from the Sun Solaris workstation or Microsoft Windows PC running the CTM client. In addition, the NE's name as it appears in the CTM client, must be resolved by the CTM client.
To launch the SSH Plus application, select an LR node in the NE Explorer tree and choose Configuration > SSHv1 or SSHv2.
When the SSH Plus application is started, CTM logs in using the username and password provided during the login procedure. If the authentication fails, you must manually enter the username and password.
The following SSH Plus functions are supported:
•SSH functionality (SSH Plus only).
•Ability to launch multiple sessions to the same CRS-1 or XR 12000 router.
•Use of full-length lines.
•Storage and recall of commonly used commands.
•Clipboard functionality.
•Ability to specify a batch file for batch-mode execution of commands.
5.6.22 AAA Administration
The authentication, authorization, and accounting (AAA) application contains the following tabs:
•Tacacs Server Tab
•Tacacs Server Hosts Tab
•Tacacs Server Groups Tab
•Authentication Tab
•Authorization Tab
•Accounting Tab
AAA is a network security service that provides the primary framework to set up access control on a router or access server. AAA is an architectural framework and modular means of configuring three independent but closely related security functions in a consistent manner. It is flexible and scalable, and supports TACACS+ authentication.
The three functions are:
•Authentication—This function identifies users on a network using an authentication scheme prior to being allowed access to the network and network services. AAA authentication is configured by defining a named list (or unnamed default list) of authentication methods and then applying that list to various interfaces. The method list defines the types of authentication to be performed and the sequence in which they will be performed. It must be applied to a specific interface before any of the defined authentication methods can be performed.
•Authorization—This function controls authorization for each service. AAA authorization works by assembling a set of attributes that describe the tasks the user is authorized to perform. These attributes are compared to the information contained in a database for a given user and the results are returned to AAA to determine the user's actual privileges and restrictions.
•Accounting—This function collects and sends security server information, such as user identities, start and stop times, and executed commands, used for billing, auditing, and reporting. Accounting lets administrators track the services that users are accessing and the amount of network resources they are consuming. When AAA accounting is activated, the network access server reports user activity to the TACACS+ security server in the form of accounting records. As with authentication and authorization, AAA accounting is configured by defining a list of accounting methods and then applying that list to various interfaces.
Refer to Cisco CRS-1 Series Carrier Routing System Craft Works Interface User Interface Guide for information on the common window elements and common procedures in the AAA Administration application.
5.6.22.1 Tacacs Server Tab
The Tacacs Server tab allows you to perform the following tasks:
•Configure the timeout.
•Choose an authentication key.
•Choose a source interface.
The following table describes the Tacacs Server tab fields.
Table 5-163 Tacacs Server Tab Description
Field
|
Description
|
Time Out field
|
Allows you to enter the interval that the server waits for a server host to reply.
|
Auth Key
|
Allows you to configure the authentication encryption key used for all TACACS+ communications between the router and the TACACS+ daemon.
The key name entered must match the key used on the TACACS+ daemon. All leading spaces are ignored; spaces within and at the end of the key are not. If you use spaces in your key, do not enclose the key in quotation marks unless the quotation marks themselves are part of the key.
This key name applies to all servers that have no individual keys specified.
|
Auth Key field
|
Allows you to view the authentication encryption key chosen using the Auth Key ellipsis button.
|
Auth Key ellipsis button
|
Allow you to set the authentication encryption key.
Click the Auth Key ellipsis button to open the TacacsServer Global Configuration dialog box. Enter an authentication key in the Auth Key field and confirm the authentication key in the Retype Auth Key field.
|
Source Interface
|
Allows you to choose the source IP address for the interface for all outgoing TACACS+ packets.
The Source Interface specifies the name of the interface whose IP address should be used for all outgoing TACACS+ packets. This address is used as long as the interface is in the Up state. In this way, the TACACS+ server can use one IP address entry associated with the network access client instead of maintaining a list of all IP addresses.
The Source Interface is especially useful in cases where the router has many interfaces and you want to ensure that all TACACS+ packets from a particular router have the same IP address.
When the specified interface does not have an IP address or is in the Down state, TACACS+ behaves as if no source interface configuration is used.
|
Source Interface field
|
Allows you to view the source IP address chosen using the Source Interface ellipsis button.
|
Source Interface ellipsis button
|
Allows you to choose the source IP address from the Select Interfaces dialog box.
|
5.6.22.2 Tacacs Server Hosts Tab
The Tacacs Server Hosts tab allows you specify a TACACS+ host server.
The Tacacs Server Hosts tab allows you to perform the following tasks:
•Configure the IP address for the host.
•Configure the port number and timeout parameters.
•Choose an authentication key.
You can reorder the TACACS+ server hosts by clicking the blue up and down arrows on the left side of the Application table. Each time an arrow is clicked, the chosen record moves up or down one row in the Application table and the sequence number is automatically modified based on location in the table relative to other records in the same list.
The following table describes the Tacacs Server Hosts tab fields.
Table 5-164 Tacacs Server Hosts Tab Description
Field
|
Description
|
IP Address field
|
Allows you to specify the IP address of the TACACS+ server.
|
Port Number field
|
Allows you to specify a server port number.
|
Timeout field
|
Allows you to specify a timeout value that sets the length of time the AAA server will wait to receive a response from the TACACS+ server.
The Timeout field overrides the global timeout value set in the Tacacs Server tab for this server only.
|
Auth Key
|
Allows you to choose the authentication encryption key used for all TACACS+ communications between the router and the TACACS+ daemon. The Auth Key overrides the authentication key set in the Tacacs Server tab for this server only.
|
Auth Key field
|
Allows you to view the authentication encryption key chosen using the Tacacs Server Global Configuration dialog box.
|
Auth Key ellipsis button
|
Allows you to choose the authentication encryption key used for all TACACS+ communications between the router and the TACACS+ daemon from the TacacsServer Global Configuration dialog box. Enter an authentication key in the Auth Key field and confirm the authentication key in the Retype Auth Key field.
The Auth Key field overrides the authentication key set in the Tacacs Server tab for this server only.
|
5.6.22.3 Tacacs Server Groups Tab
The Tacacs Server Groups tab allows you to choose a subset of the configured server hosts and use them for a particular service.
A server group is a list of server hosts of a particular type. The supported server host type is TACACS+ server hosts. A server group is used in conjunction with a global server host list and lists the IP addresses of the chosen server hosts.
The Tacacs Server Groups tab allows you to add TACACS+ server IP addresses from the global list to the group.
The following table describes the Tacacs Server Groups tab fields.
Table 5-165 Tacacs Server Groups Tab Description
Field
|
Description
|
Group Name field
|
Allows you to enter the name of a group of servers.
|
Selected Servers list
|
Allows you to choose servers to add to the server group. Click the Add button to open the Tacacs Server dialog box and choose a server.
For the AAA server group configuration to succeed, the server should be reachable at the time of configuration. Once configured, this group can be referenced from the AAA method lists (used while configuring authentication, authorization, or accounting).
|
5.6.22.4 Authentication Tab
The Authentication tab allows you to create a series of authentication methods, or a method list. A method list is a named list describing the authentication methods to be used (such as TACACS+), in sequence. The subsequent methods of authentication are used only if the initial method returns an error, not if it fails.
The default method list will be applied on all the interfaces for authentication, except when a different named method list is explicitly specified, in which case the explicitly specified method list will override the default list.
The following port behavior for authentication is supported:
•Console—Authentication is bypassed only if no authentication is configured and no local username is configured. If a username is configured locally, authentication is performed.
•Virtual type terminal (vty)—Authentication is performed under all circumstances (not bypassed). If no authentication is configured for the line, the default method list is used. If a default method list is defined as present, the local authentication is performed.
•Auxiliary (aux)—Authentication is performed under normal working conditions, but authentication is bypassed under abnormal circumstances such as low memory and loss of connectivity. Only local authentication is supported. A local username assigned to the root-system group and a secret password is required for authentication. The aux port runs Korn Shell (KSH).
The Authentication tab allows you to perform the following tasks:
•Choose the authentication type and list name.
•Configure the method entry.
The following table describes the Authentication tab fields.
Table 5-166 Authentication Tab Description
Field
|
Description
|
Authentication Area
|
Type list
|
Allows you to choose the method list type. The options are:
•login—Set the authentication for login.
•ppp—Set the authentication for PPP.
|
List Name list
|
Allows you to choose the list name of the authentication method list. The options are:
•default—Use the default list of methods for authentication.
•remote—Use the default list of methods for administrative authentication on a remote nonowner logical router (LR).
•named list—Enter a list name for the named list of methods for authentication.
|
Method Entry Area
|
Method list
|
Allows you to choose the method. The options are:
•Server Group—A method list that uses a named subset of TACACS+ servers for authentication. You can specify up to four TACACS+ server groups. The Group Name field and ellipsis button become available when Server Group is chosen.
•Line—A method list that uses the line password for authentication.
•Local—A method list that uses the local username database method for authentication.
•None—No method list is chosen.
|
Group Name
|
Allows you to choose up to four server group names for the method list server group.
|
Group Name field
|
Allows you to view the group names chosen from the Tacacs Server Groups dialog box.
|
Group Name ellipsis button
|
Allows you to choose up to four server group names from the Tacacs Server Groups dialog box.
|
Method List list
|
Shows the authentication method lists.
|
5.6.22.5 Authorization Tab
The Authorization tab allows you to set parameters for authorization and to create named method lists defining specific authorization methods that can be used on a per-line or per-interface basis.
Note The authorization referred to is the one performed by an external AAA server and not to task-based authorization. This authorization is always performed and cannot be disabled.
The Authorization tab allows you to specify method lists for authorization that define the ways authorization will be performed and the sequence in which these methods will be performed. A method list is a named list describing the authorization methods to be used (such as TACACS+), in sequence. Method lists enable you to designate one or more security protocols to be used for authorization, thus ensuring a backup system in case the initial method fails. The first method listed to authorize users for specific network services is used, but if that method fails to respond the next method listed in the method list is chosen. This process continues until there is communication with a listed authorization method, or until all methods defined have been exhausted.
Note The CRS-1 and XR 12000 router OS software attempts authorization with the next listed method only when there is no response or an error response (not a failure) from the previous method. If authorization fails at any point in this cycle—meaning that the security server or local username database responds by denying the user services—the authorization process stops and no other authorization methods are attempted.
Two methods for authorization are supported:
•TACACS+—The router exchanges authorization information with the TACACS+ security daemon. Command authorization allows the administrator to define commands that are permitted or denied for a user or a group of users. TACACS+ authorization defines specific rights for users by associating attribute-value (AV) pairs, which are stored in a database on the TACACS+ security server, with the appropriate user.
•None—The router does not request authorization information; authorization is not performed over this line or interface.
Method lists are specific to the type of authorization being requested. The router OS software supports three types of AAA authorization:
•Command—Applies to the EXEC mode commands a user issues. Command authorization attempts authorization for all EXEC mode commands.
Note Command authorization is distinct from task-based authorization, which is based on the task profile established during authentication.
•EXEC—Applies authorization for starting an EXEC session.
•Network—Applies authorization for network services Internet Key Exchange (IKE).
When you create a named method list, you are defining a particular list of authorization methods for the indicated authorization type. Once defined, method lists must be applied to specific lines or interfaces before any of the defined methods will be performed. Do not use the names of methods, such as TACACS+, when creating a new method list.
The authorization causes a request packet containing a series of AV pairs to be sent to the TACACS+ daemon as part of the authorization process. The daemon can do one of the following:
•Accept the request as is.
•Make changes to the request.
•Refuse the request and refuse authorization.
The Authorization tab allows you to perform the following tasks:
•Choose the authorization type and list name.
•Configure the method entry.
The following table describes the Authorization tab fields.
Table 5-167 Authorization Tab Description
Field
|
Description
|
Authorization Area
|
Mode list
|
Allows you to choose the method list type. The options are:
•commands—Enables authorization for EXEC shell commands.
•exec—Enables authorization for an interactive (EXEC) session.
•network—Enables authorization for the network.
|
List Name list
|
Allows you to define the list name of the authorization method list.
|
Method Entry Area
|
Method
|
Allows you to choose the method. The options are:
•Server Group—A method list that uses a named subset of TACACS+ servers for authorization. You can specify up to four TACACS+ server groups. The Group List field and ellipsis button become available when Server Group is chosen.
•None—A method list that uses no authorization. Authorization will succeed if all prior methods (if any) return an error.
|
Group Name
|
Allows you to choose up to four server group names for the method list server group.
|
Group Name field
|
Allows you to view the group names chosen from the Tacacs Server Groups dialog box.
|
Group Name ellipsis button
|
Allow you to choose up to four server group names from the Tacacs Server Groups dialog box.
|
Method List
|
Shows the authorization method lists.
|
5.6.22.6 Accounting Tab
The Accounting tab allows you to create default or named method lists defining specific accounting methods that can be used on a per-line or per-interface basis. The list name can be applied to a line (console, aux, or vty template) to enable accounting on that particular line.
Currently, the router OS software supports only the TACACS+ method for accounting. The router reports user activity to the TACACS+ security server in the form of accounting records. Each accounting record contains accounting AV pairs and is stored on the security server.
Method lists for accounting define the way accounting will be performed, enabling you to designate a particular security protocol to be used on specific lines or interfaces for particular types of accounting services. When naming a method list, do not use the names of methods, such as TACACS+.
When AAA accounting is activated, the router monitors TACACS+ AV pairs pertinent to the connection. The router reports these attributes as accounting records, which are then stored in an accounting log on the security server.
The requested user process begins regardless of whether the "start accounting" notice was received by the accounting server.
The Accounting tab allows you to perform the following tasks:
•Choose the accounting type, default, and list name.
•Configure the method entry.
The following table describes the Accounting tab fields.
Table 5-168 Accounting Tab Description
Field
|
Description
|
Authorization Area
|
Mode list
|
Allows you to choose the mode. The options are:
•commands—Enables accounting for EXEC shell commands.
•exec—Enables accounting for an interactive (EXEC) session.
•network—Enables accounting for the network.
|
Default list
|
Allows you to choose when to send a start or stop accounting message. The options are:
•StartStop—Sends a "start accounting" notice at the beginning of a process and a "stop accounting" notice at the end of a process. The requested user process begins regardless of whether the "start accounting" notice was received by the accounting server. Enabling command accounting makes the router send only stop records even if start-stop is chosen.
•StartOnly—Sends a "stop accounting" notice at the end of the requested user process.
|
List Name list
|
Allows you to choose default as the list name of the accounting method list.
|
Method Entry Area
|
Method list
|
This list allows you to choose the method. The options are:
•Server Group—A method list that uses a named subset of TACACS+ servers for authentication. You can specify up to four TACACS+ server groups. The Group List field and ellipsis button become available when Server Group is chosen.
•None—A method list that uses no accounting.
|
Group Name
|
Allows you to choose up to four server group names for the method list server group.
|
Group Name field
|
Allows you to view the server group names chosen from the Tacacs Server Groups dialog box.
|
Group Name ellipsis button
|
Allows you to choose up to four server group names from the Tacacs Server Groups dialog box.
|
Method List list
|
Shows the accounting method lists.
|
5.6.23 Alarm Administration
The Alarm Administration application contains the following tabs:
•Event Logs Tab
•Correlation Rules Tab
•Rule Definition Subtab
•Rule Apply to Target Subtab
The Alarm Administration application allows you to configure alarm and correlation rule parameters.
Alarm settings can be adjusted to respond to changes in user activity, network events, or system configuration that affect network performance or network monitoring requirements. The appropriate alarm settings depend on the configuration and requirements of the system.
Correlation rules extend system logging to include the ability to group similar messages generated by various applications and servers on the distributed router system while isolating the root cause.
The alarm logs are used to monitor and store alarm messages that are emitted by system servers and applications, and the correlation rules are used to correlate alarm messages that tend to be emitted due to a single root cause.
Correlation rules provide the ability to group alarm logs emitted because of a shared root cause. With correlation rules, alarms can be associated and grouped on the basis of alarm groups, alarm codes, time stamps, and alarm severity. The most significant root alarms describing events affecting system performance can be isolated.
When logged alarms are correlated, the attribute in the resulting alarm record and the correlated logs is set with a common ID that associates the records. The root, causal message appears in the alarm record. All other related messages are tagged along with the root message and stored in the correlated log record. In this way, log correlation can be used to prevent event storms (for instance, by filtering out messages resulting from too many clients trying to access the alarm agent).
Refer to Cisco CRS-1 Series Carrier Routing System Craft Works Interface User Interface Guide for information on the Correlation Record Viewer in the Alarm Viewer.
Refer to Cisco CRS-1 Series Carrier Routing System Craft Works Interface User Interface Guide for information on the common window elements and common procedures in the Alarm Administration application.
5.6.23.1 Event Logs Tab
The Event Logs tab allows you to perform the following tasks:
•Configure the alarm log size.
•Configure the log threshold level.
•Display the current alarm log size in bytes and number of alarms.
•Filter alarm by severity.
•Manually purge the alarm log.
•Configure the correlation log size.
•Manually purge the correlation log.
Caution Decreasing the alarm log size might clear some alarm event records from the alarm record buffer.
Caution Modifications to alarm settings that lower the severity level for reporting alarms and lower the threshold for generating capacity can slow system performance.
The following table describes the Event Logs tab fields.
Table 5-169 Event Logs Tab Description
Field
|
Description
|
Alarm Log Area
|
Log Size field
|
Allows you to configure the size of the event logging buffer.
|
Capacity Threshold field
|
Allows you to specify the logging events buffer threshold. This field contains the minimum percentage of buffer capacity that must be allocated to messages before an alarm is generated. When the threshold is surpassed, an alarm is generated.
|
Alarm Log Used (Bytes) field
|
Displays the size of the current alarm log in bytes. Use this field to check the log size compared to the log size allocated in the Log Size field.
|
Alarm Log Used (Records)
|
Displays the number of records in the alarm log.
|
Alarm Filter slider
|
Allows you to specify a severity level for logging alarm messages. When a severity level is specified, events of a higher severity are also written to the alarm event log.
|
Purge Log button
|
Allows you to purge all alarm logs in the buffer. When this button is clicked, an Alarm Administration dialog box opens, asking you to confirm that you want to purge all alarms.
|
Correlation Log Area
|
Log Size field
|
Allows you to configure the logging correlator circular buffer size.
|
Correlation Log Used (Bytes) field
|
Displays the size of the current correlation buffer. Use this field to check the correlation log size compared to the correlation log size allocated in the Log Size field.
|
Purge Log button
|
Allows you to purge the correlation logs in the buffer. When this button is clicked, an Alarm Administration dialog box opens, asking you to confirm that you want to purge correlation logs.
|
5.6.23.2 Correlation Rules Tab
The Correlation Rules tab allows you to perform the following tasks:
•Specify a rule name and timeout duration.
•Specify the message group and code names.
•Add and delete items from the target list.
The following table describes the Correlation Rules tab fields.
Table 5-170 Correlation Rules Tab Description
Field
|
Description
|
Rule Name field
|
Allows you to specify the rule name for the correlation rule.
|
Timeout (ms) field
|
Allows you to specify the duration of the message collection period with the period of time beginning with the first arrival of logging messages and continuing until the specified time has expired.
This field defines the correlation rules used by the internal event correlator to store messages in the correlation message buffer. The correlator queues messages for each message pair separately for the duration of the timeout period. When the timeout for a given correlator queue expires and a root message (the first group and message pair defined in the rule) has been captured, only the root message is reported. When no root message has been reported, all other messages in the queue are reported.
The root message is assigned a consecutive correlation ID number. This number is also assigned to each unsent message in the correlator queue, and the unsent messages are retained in a buffer maintained by the correlator for future retrieval.
When the same message pair is defined in multiple rules, the rules are applied in alphabetical order. Only the first matching rule is applied (messages can be correlated once by a correlator instance).
|
5.6.23.3 Rule Definition Subtab
The Rule Definition subtab allows you to perform the following tasks:
•Specify the message group and code names.
•Add and delete items from the target list.
The following table describes the Rule Definition subtab fields.
Table 5-171 Rule Definition Subtab Description
Field
|
Description
|
Group field
|
Allows you to enter the message group name. A code name must also be entered in the Code field before it can be added to the Group/Code List.
|
Code field
|
Allows you to enter the message code name. A group name must also be entered in the Group field before it can be added to the Group/Code List.
|
Group/Code List field
|
Displays the current group and code names for the chosen correlation rule.
|
5.6.23.4 Rule Apply to Target Subtab
The Rule Apply to Target subtab allows you to perform the following tasks:
•Specify the objects to add to the target list.
•Specify the source to add to the target list.
•Specify the context parameter to add to the target list.
The following table describes the Rule Apply to Target subtab fields.
Table 5-172 Rule Apply to Target Subtab Description
Field
|
Description
|
Objects field
|
Allows you to choose multiple objects to add to the target list.
|
Context field
|
Allows you to enter a context parameter to add to the target list.
|
Target List field
|
Displays the target list for the selected correlation rule.
This field defines the scope of the correlation rules that are applied. Messages that map to a given scope are stored in separate queues. Messages within each queue are correlated. This field is cumulative. The same rule name can be applied to multiple scopes in multiple commands.
|
5.6.24 User Administration
The User Administration application contains the following tabs and window:
•Users Tab
•User Groups Tab
•Task Groups Tab
•Active Users Tab
•AAA User Tasks Window
The router user attributes form the basis of the router operating system administrative model. Each router user is associated with the following attributes:
•User ID (ASCII string) that identifies the user uniquely across an administrative domain (maximum of 253 characters).
•Password stored encrypted (maximum of 253 characters).
•List of user groups (at least one) of which the user is a member (thereby enabling attributes such as task IDs).
The router allows you to configure groups of users and the job characteristics that are common in groups of users. All groups must be explicitly assigned to users. Users are not assigned to groups by default. A user can be assigned to more than one group.
A user group defines a collection of users who share a common set of attributes such as access privileges. Each user can be associated with one or more user groups.
The router system provides a collection of user groups whose attributes are already defined. The predefined groups include:
•root-system
•root-lr
•sysadmin
•netadmin
•operator
•cisco-support
The user group root-system has root owners as the only members. The root-system group has predefined authorization; that is, it has the complete responsibility for root owner managed resources and certain responsibilities in other logical routers (LRs). Authorization is enabled by default for root system users in any LR. Refer to the "Configuring AAA Services on Cisco IOS-XR" module of Cisco IOS-XR System Security Configuration Guide for detailed information on the predefined user groups.
Users can configure their own user groups to meet particular needs.
Router control, configuration, and monitoring of operational tasks are represented by task IDs. A task ID defines the permission to execute an operation. Users are associated with sets of task IDs (a task group) that define their authorized access to the router.
Task IDs are assigned to users through the following means: Each user is associated with one or more user groups. Every user group is associated with one or more task groups. In turn, every task group is defined by a set of task IDs. A user's association with a particular user group links that user to a particular set of task IDs. A user associated with a task ID can execute any of the operations associated with that task ID.
A task group is defined by a collection of task IDs. Task groups contain task ID lists for each class of task IDs. Each user group is associated with a set of task groups applicable to the users in that group. A user's task permissions are derived from the task groups associated with the user groups to which that user belongs.
Refer to Cisco CRS-1 Series Carrier Routing System Craft Works Interface User Interface Guide for information on the common window elements and common procedures in the User Administration application.
5.6.24.1 Users Tab
Each user is identified by a username that is unique across the administrative domain. Each user must be a member of at least one user group. Deleting a user group might orphan the users associated with that group.
The Users tab allows you to perform the following tasks:
•Set the password for a username.
•Assign a username to user groups.
The following table describes the Users tab fields.
Table 5-173 Users Tab Description
Field
|
Description
|
User Configuration Area
|
User Name field
|
Allows you to enter a username.
|
Password
|
Allows to configure the password.
|
Password field
|
Allows you to confirm that a password has been configured using the User Administration dialog box. The field displays asterisks when there is a configured password.
|
Password ellipsis button
|
Allows you to set the password associated with the username using the User Administration dialog box. You must enter and confirm the password.
|
Secret
|
Allows you to configure the secret password. The secret password creates a secure login password.
|
Secret field
|
Allows you to confirm that a secret password has been configured using the User Administration dialog box. The field displays asterisks when there is a configured secret password.
|
Secret ellipsis button
|
Allows you to set the secure password associated with the username using the User Administration dialog box. You must enter and confirm the secure password.
|
User Groups Area
|
Selected User Groups list
|
Displays the user groups the username can inherit from.
Click the Add button to add a user group. This button opens a User Groups dialog box, allowing you to choose a user group. Click Delete to remove a user group from the list.
|
Show
|
Allows you to open the AAA User Tasks window. See AAA User Tasks Window for more information on the AAA User Tasks window.
|
5.6.24.2 User Groups Tab
User groups are configured with the parameters for a set of users, such as task groups. You can add and remove specific user groups.
The User Groups tab allows you to perform the following tasks:
•Specify a user group name and description.
•Add and delete user groups from the selected user group.
•Add and delete task groups from the selected user group.
The following table describes the User Groups tab fields.
Table 5-174 User Groups Tab Description
Field
|
Description
|
User Group Configuration Area
|
Group Name field
|
Allows you to enter a user group name.
|
Description field
|
Allows you to enter a description of the user group.
|
Inherited User Groups Area
|
Selected Inherited User Groups list
|
Displays the user groups the user group is associated with.
Click the Add button to add a user group. This button opens a User Group dialog box, allowing you to choose a user group. Click Delete to remove a user group from the list.
|
Task Groups Area
|
Selected Task Groups list
|
Displays the task groups the user group is associated with.
Click the Add button to add a task group. This button opens a Task Group dialog box, allowing you to choose a task group. Click Delete to remove a task group from the list.
|
Show
|
Allows you to open the AAA User Tasks window. See AAA User Tasks Window for more information on the AAA User Tasks window.
|
5.6.24.3 Task Groups Tab
Task-based authorization employs the concept of a task ID as its basic element. A task ID defines the permission to execute an operation for a given user. Each user is associated with a set of permitted router operation tasks identified by task IDs. Users are granted authority by being assigned to user groups that are in turn associated with task groups. Each task group is associated with one or more task IDs selected from the router set of available task IDs. The first configuration task in setting up the router authorization scheme is to configure the task groups, followed by user groups, followed by individual users.
The Task Groups tab allows you to perform the following tasks:
•Specify a task group name and description.
•Configure read, write, and execute classes for tasks.
•Add, delete, and inherit task groups from the chosen task group.
The following table describes the Task Groups tab fields.
Table 5-175 Task Groups Tab Description
Field
|
Description
|
Task Group Configuration Area
|
Group Name field
|
Allows you to enter a task group name.
|
Description field
|
Allows you to enter a description of the task group.
|
Tasks table
|
Allows you to enable and disable the following classes for each task:
•read
•write
•execute
•notify
Checking the check box for a task enables the class for the task. If the check box is unchecked, the class is disabled.
You can also perform bulk selections. For example, if you want to select the Read field for a range of tasks, check the Read check box for the first task, hold down the Shift key on your keyboard, scroll down the window, and check the Read check box for the last task. Use the right-click menu to choose Select, which performs the bulk selection. (The Clear right-click menu option clears the selection for the range of tasks selected.)
|
Task Groups area
|
Selected Inherited Task Groups list
|
Displays the inherited task groups for this task group.
Click the Add button to add a task group. This button opens a Task Groups dialog box, allowing you to choose a task group. Click Delete to remove a task group from the list.
|
Show
|
Allows you to open the AAA User Tasks window. See AAA User Tasks Window for more information on the AAA User Tasks window.
|
5.6.24.4 Active Users Tab
In the Active Users tab, you can view and force logout users of the CRS-1 and XR 12000 NEs. All active users are listed in the Active Users table. Only users who have read/write access to the IOS XR User Administration application are allowed to force logout the active users.
Some limitations are:
•Force logout of non-VTY users is not allowed. A non-VTY user is a user that is logged in through one of the console or auxiliary ports of the NE. VTY users are users that are telneted into the NE through a management interface. Force logout is allowed on VTY users.
•Force logout is not allowed on EMS session user. An EMS session user is used by the EMS to get the data needed for the User Administration application.
•When CTM is using Telnet to manage the NE, two additional sessions are created. If a forced logout is performed on these sessions, the NE will enter an unavailable state until the next health polling cycle.
The following table describes the Active Users tab fields.
Table 5-176 Active Users Tab Description
Field
|
Description
|
Active User Properties Area
|
User
|
Displays the username of the user logged into the NE. An asterisk (*) indicates that the user is an EMS session user.
|
Line
|
Displays the VTY line number for the user.
|
Service
|
Displays the protocol used by the user to log into the NE.
|
Idle Time
|
Displays the idle time of the user.
|
Client Location
|
Displays the IP address of the machine that the user is using. It will display LOCAL for console or auxiliary connection.
|
Force Logout button
|
Allows you to force logout an active user.
|
Show
|
Allows you to open the AAA User Tasks window. See AAA User Tasks Window for more information on the AAA User Tasks window.
|
5.6.24.5 AAA User Tasks Window
The AAA User Tasks window is opened from the User Administration application. The window allows you to display which tasks are users are assigned to and the privileges for each assigned task (read, write, execute, debug).
5.6.25 Rolling Back to a Checkpoint for the CRS-1 and XR 12000
Step 1 In the Domain Explorer tree, select the CRS-1 or XR 12000 NE that will be configured and choose Configuration > NE Explorer.
Step 2 In the NE Explorer, choose Administration > Checkpoint and Rollback. The Checkpoint and Rollback table appears. Table 5-177 provides field descriptions.
Note The Checkpoint and Rollback table lists only the checkpoints, which can be rolled back.
Step 3 From the Checkpoint and Rollback table, select a commit to rollback and enter the following:
•Commit ID—Read-only. Displays the commit ID you selected.
•Label—This is a unique user-specified label that is associated with the rollback in the router's commit database. If specified, the label must begin with an alphabet character and cannot match any existing label in the router's commit database.
•Comment—This is a user-specified comment to be associated with the rollback in the router's commit database.
Step 4 Click Rollback.
Table 5-177 Field Descriptions for the Checkpoint and Rollback Table
Field
|
Description
|
CommitID
|
The unique ID associated with the commit.
|
Label
|
The optional label associated with the commit.
|
UserID
|
The name of the user who created the configuration session within which the commit was performed.
|
Line
|
The line used to connect to the router for the configuration session.
|
ClientName
|
The name of the client application that performed the commit.
|
Timestamp
|
The date and time of the commit.
|
Comment
|
The optional comment associated with the commit.
|
5.6.26 Configuring Secure Socket Layer for the CRS-1 and XR 12000
CTM can communicate with the NE using SSL or SSH encryption. If SSH is used, the NE must be setup to use a TTY XML agent. See 3.5.1.6 Prerequisites for Adding Cisco CRS-1 and XR 12000 NEs, page 3-13 for details f how to setup the XML agent on the NE. The following steps describe how to setup SSL on the CRS-1 or XR 12000 NE.
Step 1 Log into the CRS-1 or XR 12000 where SSL will be configured.
Step 2 Install the cryptograghy (crypto) Cisco IOS software package on the router.
Step 3 If SSL was configured previously, complete the following substeps to delete any existing expired certificates:
a. Enter the following command to see whether the NE has expired certificates:
Router# show crypto ca certificates
b. If the Validity End field of the router certificate is not later than the current date, you must delete each certificate. A distinct certificate is identified by trustpoint column; for example:
For each expired certificate, enter the following commands if the trustpoint name is not seen in the running configuration:
Router(config)# crypto ca trustpoint <trustpoint_name>
Router(config-trustp)# enrollment url http://<certification_authority_server_name>
c. Enter the following no commands to delete each certificate:
Router(config)# no crypto ca trustpoint <trustpoint_name>
d. Enter the following command to verify that the certificates have been deleted:
Router# sh crypto ca certificates
The output of the show command should be blank or should show only the certificates that have not expired. If there are valid certificates, proceed to Step 7.
Step 4 Enter the following commands at the following prompts to create a new certificate:
Router#crypto key generate rsa
The name for the keys will be: the_default
% You already have keys defined for the_default
Do you really want to replace them? [yes/no]: yes
Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose
Keypair. Choosing a key modulus greater than 512 may take a few minutes.
How many bits in the modulus [1024]:
Done w/ crypto generate keypair
Router(config)# domain ipv4 host <CA_server_name> <IP_address_of_CA>
Router(config)# crypto ca trustpoint <trustpoint_name>
Router(config-trustp)# enrollment url http://<CA_server_name>
Router(config-trustp)# exit
Note•The output of the following two commands is a sample of the output that will be shown. The actual output varies depending on the trustpoint name and the certification authority (CA) server that you specify.
•The CA server is an authority that issues and manages security credentials, including whether to grant or deny router SSL certificates.
Router# crypto ca authenticate <trustpoint_name>
cn=Root coax-u10 Certificate Manager,ou=HFR,o=Cisco Systems,l=San Jose,st=CA,c=US
cn=Root coax-u10 Certificate Manager,ou=HFR,o=Cisco Systems,l=San Jose,st=CA,c=US
Validity Start : 07:00:00 UTC Tue Aug 19 2003
Validity End : 07:00:00 UTC Wed Aug 19 2020
Fingerprint: 58 71 FB 94 55 65 D4 64 38 91 2B 00 61 E9 F8 05
Do you accept this certificate?? [yes/no]: yes
Router#crypto ca enroll <trustpoint_name>
% Start certificate enrollment ...
% Create a challenge password. You will need to verbally provide this
password to the CA Administrator in order to revoke your certificate.
% For security reasons your password will not be saved in the configuration.
% Please make a note of it.
Re-enter Password: <password>
Fingerprint: 1CD4B9B8 77F59AD0 3494A8A6 343DF375
Router# sh crypto ca certificates
Trustpoint : <trustpoint_name>
==================================================
cn=Root coax-u10 Certificate Manager,ou=HFR,o=Cisco Systems,l=San Jose,st=CA,c=US
cn=Root coax-u10 Certificate Manager,ou=HFR,o=Cisco Systems,l=San Jose,st=CA,c=US
Validity Start : 07:00:00 UTC Tue Aug 19 2003
Validity End : 07:00:00 UTC Wed Aug 19 2020
Step 5 Contact the administrator of the CA server to grant the certificate.
Step 6 Enter the following command to check the status of the certificate and verify that it has been granted:
Note The Status field of the router certificate section should be Available.
Router# sh crypto ca certificates
Trustpoint : <trustpoint_name>
==================================================
cn=Root coax-u10 Certificate Manager,ou=HFR,o=Cisco Systems,l=San Jose,st=CA,c=US
cn=Root coax-u10 Certificate Manager,ou=HFR,o=Cisco Systems,l=San Jose,st=CA,c=US
Validity Start : 07:00:00 UTC Tue Aug 19 2003
Validity End : 07:00:00 UTC Wed Aug 19 2020
Key usage : General Purpose
cn=smart-gsr-11.cisco.com,o=Cisco Systems
cn=Root coax-u10 Certificate Manager,ou=HFR,o=Cisco Systems,l=San Jose,st=CA,c=US
Validity Start : 05:55:12 UTC Tue Jul 13 2004
Validity End : 05:55:12 UTC Tue Jul 20 2004
ldap://coax-u10.cisco.com/CN=Root coax-u10 Certificate Manager,O=Cisco Systems
Step 7 Enter the following commands to configure xmlagent with SSL:
Router(config)# no xml agent corba
Router(config)# no http server
Router(config)# http server ssl
Router(config)# xml agent corba ssl
Step 8 Complete the following substeps to add the root certificate of the CA server to the CTM R7.0 server:
a. While installing CTM, Java Runtime Environment (JRE) is installed in the /opt directory by default. Set the JAVA_HOME variable. For example, if JRE is installed in /opt/j2re1.4.2, set the JAVA_HOME variable to /opt/j2re1.4.2
b. Enter the following commands to check whether the root certificate of the CA server already exists in the keystore:
$JAVA_HOME/bin/keytool -list -keystore
/opt/CiscoTransportManagerServer/cfg/hfr/metadata/cacerts
If the keystore lists the certificate, stop here. You are finished with this procedure.
If the keystore does not list the certificate, continue with the following substeps:
c. Enter the following commands to add the root certificate to CTM:
$JAVA_HOME/bin/keytool -import -file <root_CA_certificate_filename> -alias
<any_alias_name>
-keystore /opt/CiscoTransportManagerServer/cfg/hfr/metadata/cacerts
d. At the prompt for the password, enter Ctm123!.
e. Enter the following command to stop the CTM server processes:
f. After the CTM server shuts down, enter the following command to restart it:
5.7 Configuring the MDS 9000
Use the Fabric Manager to manage and configure MDS 9000 devices. The Fabric Manager provides:
•Fabric discovery and topology mapping
•Multiple switch configuration
•VSAN and zone management
•Fabric checker, switch health, and zone merge analysis
•End-to-end connectivity and traceroute analysis
To launch the Fabric Manager:
Step 1 In the Domain Explorer tree, select the MDS 9000 NE that will be configured and choose Configuration > MDS 9000 > Launch Fabric Manager. The initial Java-based Fabric Manager screen launches.
Note If the Fabric Manager is not already installed, you will be guided through the installation steps.
Step 2 In the Open Fabric dialog box, enter your username and password. The default username is admin; the default password is blank.
Step 3 Click Options.
Step 4 Fill in the following fields:
•FM Server—Leave it set to localhost (the default).
•Fabric Seed Switch—Specify the IP address of the seed MDS 9000 node.
•Read Community—Enter the read community string; the default is public.
•Write Community—Enter the write community string; the default is private.
•SNMPv3—Check this check box to log in using SNMPv3. (Leave the check box unchecked to log in using SNMPv2.) If you check SNMPv3, fill in the User Name, Password, and Privacy Password fields for SNMPv3 authentication.
•SHA—Specify the authentication protocol to use for authenticating the user. Values are MD5 (the default) or SHA.
•AES—Specify the type of privacy protocol to use for encryption. Values are DES (the default) or AES.
•Load from Database—The Fabric Manager stores discovered information in the database. If you load from the database, information is retrieved faster and you are notified of changes since the last discovery. (Note that you lose enclosure information.) The default is to load from the database.
•Use SNMP Proxy—SNMP uses UDP. The ports that it uses are random. If you are working through a restricted firewall, you can set up a Fabric Manager server inside the firewall, open preconfigured TCP ports in the firewall, and use a TCP tunnel to proxy SNMP traffic from the Fabric Manager client through the Fabric Manager server.
Step 5 Click Open. The Fabric Manager application launches. Refer to the MDS 9000 hardware documentation for information about using Fabric Manager.
5.8 Configuring the ONS 15216
Step 1 In the Domain Explorer tree, select the ONS 15216 NE that will be configured and choose Configuration > NE Explorer (or click the Open NE Explorer tool). The NE Explorer window displays configuration information for the selected ONS 15216 NE.
Step 2 Make any necessary changes to the fields in the properties pane that corresponds to the NE or its components. Click Apply to save the changes in the CTM database and apply the changes to the NE.
5.9 Configuring the ONS 15302 and ONS 15305
Within CTM, use Cisco Edge Craft to configure ONS 15302 and ONS 15305 NEs. Select the ONS 15302 or ONS 15305 NE in the Domain Explorer tree and choose Configuration > ONS 15302 or ONS 15305 > Launch Cisco Edge Craft. Refer to the "Installing the CTM R7.0 Client and Cisco Edge Craft" chapter in Cisco Transport Manager Release 7.0 Installation Guide for instructions on how to start Cisco Edge Craft.
Note To configure ONS 15302 and ONS 15305 NEs through Cisco Edge Craft, refer to the Cisco Edge Craft Software Guide.
5.10 Configuring the ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, and ONS 15454 SDH
Step 1 In the Domain Explorer tree, select the NE that will be configured and choose Configuration > NE Explorer. The NE Explorer window displays configuration information about the selected NE.
Step 2 Make any necessary changes to the fields in the properties pane that corresponds to the NE or its components. Click Apply to save the changes in the CTM database and apply the changes to the NE.
Note The ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, and ONS 15454 SDH can also be configured using TL1. In the Domain Explorer tree, select the NE that will be configured and choose Configuration > CTC-based SONET NEs or CTC-based SDH NEs > Launch TL1 Interface. This launches a Telnet session directed at the TL1 port on the NE.
5.10.1 Provisioning an ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, or ONS 15454 SDH Card Slot
Step 1 In the Domain Explorer tree, select the NE that will be configured and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the tree view or in the shelf view of the node properties pane, right-click an unprovisioned slot and choose Add Card from the shortcut menu.
Step 3 Select the type of card. The list of cards in the Add Card menu depends on the NE and the slot selected.
Step 4 Click OK in the confirmation dialog box.
Note It might take several minutes for the newly provisioned card to be added on the NE. During this time, it is possible to add additional cards on the same slot. However, only the first card added will be shown in the NE Explorer tree view and in the shelf view.
Tip You can use this procedure to reset, delete, or change a card.
5.10.2 Resetting a Card
Step 1 In the Domain Explorer tree, select the NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the tree view or in the shelf view of the node properties pane, right-click the card that you want to reset and choose Reset Card from the shortcut menu.
Step 3 Click OK in the confirmation dialog box.
5.10.3 Deleting a Card
Step 1 In the Domain Explorer tree, select the NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the tree view or in the shelf view of the node properties pane, right-click the card that you want to delete and choose Delete Card from the shortcut menu.
Note For the ONS 15310 CL and ONS 15310 MA, you cannot delete the CTX card.
Step 3 Click OK in the confirmation dialog box.
5.10.4 Changing a Card
Step 1 In the Domain Explorer tree, select the NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the tree view or in the shelf view of the node properties pane, right-click the card that you want to change and choose Change Card from the shortcut menu.
Note For the ONS 15310 CL and ONS 15310 MA, you cannot change the CTX card.
Step 3 Select the type of the new card. The list of cards in the Change Card menu depends on the slot selected.
Step 4 Click OK in the confirmation dialog box.
Tip If you receive a mismatched equipment alarm (MEA) after changing a card, troubleshoot the MEA with the Cisco ONS 15454 Troubleshooting Guide.
5.10.5 Inserting an AIS-V on an STS-1 SD-P
Note This procedure does not apply to the ONS 15454 SDH.
Step 1 In the Domain Explorer tree, select the ONS 15310 CL, ONS 15310 MA, ONS 15327, or ONS 15454 SONET NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Identification tab.
Step 3 In the AIS-V Insertion on STS-1 Signal Degrade-Path area, complete the following substeps:
a. Check the Insert AIS-V on STS-1 SD-P check box to insert an AIS-V on the STS-1 Signal Degrade-Path.
b. Click OK in the warning message dialog box.
c. Select the SD-P BER from the drop-down list.
Step 4 Click Apply.
5.10.6 Changing Secure Config Mode—ONS 15454 SONET or ONS 15454 SDH
The TCC2P card supports secure config mode. When the secure mode is ON, the NE has two IP addresses, one for the backplane and one for the front port. The front port IP address is used by the DCC-connected NEs. The secure config mode feature applies to the ONS 15454 SONET R5.0 and ONS 15454 SDH R5.0 and later.
The Secure Config Mode subtab allows you to configure the secure config mode. The fields shown depend on whether the NE is in secure mode. For example, the Backplane Ethernet Port values are displayed only when the NE is in secure mode.
Step 1 In the Domain Explorer tree, select the ONS 15454 SONET or ONS 15454 SDH NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the node properties pane, click the Network tab.
Step 3 Click the Secure Config Mode subtab.
Step 4 Click the Change Mode button. The Change Secure Mode dialog box opens.
Note The Change Mode button is enabled only if an active TCC2P card exists on the NE.
Step 5 Complete one of the following options, depending on your configuration:
•If you are changing the secure mode from secure to nonsecure, fill in the fields described in Table 5-178.
•If you are changing the secure mode from nonsecure to secure, fill in the fields described in Table 5-179.
Step 6 Click OK.
Table 5-178 Field Descriptions for the Change Secure Mode Dialog Box when the NE Is Secure
Field
|
Description
|
Node IP Address
|
Backplane LAN Port
|
Click this radio button to use the IP address currently assigned to the backplane LAN port as the IP address of the NE in normal (nonsecure) mode.
|
TCC LAN Port
|
Click this radio button to use the IP address currently assigned to the TCC LAN port as the IP address of the NE in normal (nonsecure) mode.
|
New IP Address
|
Click this radio button to use neither the backplane nor the TCC LAN port IP address, but instead assign a completely new IP address to the NE.
|
IP Address
|
(Available only if New IP Address is selected) Enter the backplane IP address.
|
Net/Subnet Mask Length
|
(Available only if New IP Address is selected) Enter the mask length of the secure IP address. Use the up or down arrows to change the mask length.
|
Default Router
|
(Available only if New IP Address is selected) Enter the address of the default router for this NE.
|
Gateway Settings
|
Enable Proxy Server on Port
|
If checked, the ONS 15454 SONET or ONS 15454 SDH serves as a proxy for connections between the CTM server and NEs that are DCC-connected to the proxy NE. The CTM server establishes connections to DCC-connected nodes through the proxy node. The CTM server can connect to nodes that it cannot directly reach from the host on which it runs. The proxy server uses port number 1080.
If unchecked, the node does not proxy.
|
End Network Element (ENE)
|
(Available only if Enable Proxy Server on Port is checked) Enables the node to proxy as an ENE.
|
Gateway Network Element (GNE)
|
(Available only if Enable Proxy Server on Port is checked) Enables the node to proxy as a GNE.
|
Proxy-only
|
(Available only if Enable Proxy Server on Port is checked) Enables proxy only.
|
Table 5-179 Field Descriptions for the Change Secure Mode Dialog Box when the NE Is Not Secure
Field
|
Description
|
TCC Ethernet Port
|
IP Address
|
Enter the TCC Ethernet port IP address.
|
Net/Subnet Mask Length
|
Enter the mask length of the secure IP address. Use the up or down arrows to change the mask length.
|
Backplane Ethernet Port
|
IP Address
|
Enter the backplane Ethernet port IP address.
|
Default Router
|
Enter the address of the default router for this NE.
|
Subnet Mask
|
Enter the subnet mask of the secure IP address.
|
Gateway Settings
|
Enable Proxy Server on Port
|
If checked, the ONS 15454 SONET or ONS 15454 SDH serves as a proxy for connections between the CTM server and NEs that are DCC-connected to the proxy NE. The CTM server establishes connections to DCC-connected nodes through the proxy node. The CTM server can connect to nodes that it cannot directly reach from the host on which it runs. The proxy server uses port number 1080.
Note When you are changing the config mode to secure, you cannot disable proxy.
If unchecked, the node does not proxy.
|
End Network Element (ENE)
|
(Available only if Enable Proxy Server on Port is checked) Enables the node to proxy as an ENE.
|
Gateway Network Element (GNE)
|
(Available only if Enable Proxy Server on Port is checked) Enables the node to proxy as a GNE.
|
Proxy-only
|
(Available only if Enable Proxy Server on Port is checked) Enables proxy only.
|
5.11 Configuring the ONS 15501, ONS 15530, and ONS 15540
Within CTM, use CiscoView to configure ONS 15501, ONS 15530, and ONS 15540 NEs and monitor their configuration and performance. CiscoView is a browser-based, graphical, SNMP-based, device management tool that provides real-time views of ONS 15501, ONS 15530, and ONS 15540 NEs. These views deliver a continuously updated physical picture of device configuration and performance. CiscoView allows:
•Configuration of parameters for devices, cards, and interfaces
•Monitoring of real-time statistics for interfaces, resource utilization, and device performance
•Management of dual CPUs
CiscoView is provided in a server-based version for all ONS 15501, ONS 15530, and ONS 15540 NEs. In addition, CiscoView is embedded in flash memory for the ONS 15540 and ONS 15530.
Launch CiscoView from the Domain Explorer, Network Map, or Subnetwork Explorer by using one of the following options:
•Double-click the ONS 15501, ONS 15530, or ONS 15540 NE
•Select the NE and choose Configuration > ONS 155XX > Launch CiscoView
•Right-click the NE and choose Launch CiscoView
Note If CiscoView is not installed on the NE or if you need to install an updated version, see the relevant hardware installation and configuration guide. If CiscoView is not installed on the CTM server, see the installation instructions in Cisco Transport Manager Release 7.0 Installation Guide.
CiscoView configuration and monitoring dialog boxes include online help. For information about using the CiscoView application, see Appendix J, "Using CiscoView to Configure and Monitor ONS 15501, ONS 15530, and ONS 15540 NEs."
5.12 Configuring the ONS 15600 SONET and ONS 15600 SDH
Step 1 In the Domain Explorer tree, select the ONS 15600 SONET or ONS 15600 SDH NE that will be configured and choose Configuration > NE Explorer (or click the Open NE Explorer tool). The NE Explorer window displays configuration information about the selected ONS 15600 SONET or ONS 15600 SDH NE.
Step 2 Make any necessary changes to the fields in the properties pane that corresponds to the NE or its components. Click Apply to save the changes in the CTM database and apply the changes to the NE.
Note To configure ONS 15600 SONET or ONS 15600 SDH NEs through CTC, launch CTC from CTM. In the Domain Explorer tree, select the ONS 15600 SONET or ONS 15600 SDH NE and choose Configuration > CTC-based SONET NEs or CTC-based SDH NEs > Launch CTC. See Cisco ONS 15600 Procedure Guide for more information.
5.12.1 Resetting a Card
Step 1 In the Domain Explorer tree, select the ONS 15600 SONET or ONS 15600 SDH NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 Click the Shelf View tab.
Step 3 On the shelf graphic, right-click a card and select either Hard Reset Card or Soft Reset Card from the shortcut menu.
Step 4 Click OK in the confirmation message box.
5.12.2 Deleting a Card
Step 1 In the Domain Explorer tree, select the ONS 15600 SONET or ONS 15600 SDH NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the tree view or in the shelf view of the node properties pane, right-click the card that you want to delete and choose Delete Card from the shortcut menu.
Step 3 Click OK in the confirmation dialog box.
5.12.3 Changing a Card
Step 1 In the Domain Explorer tree, select the ONS 15600 SONET or ONS 15600 SDH NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the tree view or in the shelf view of the node properties pane, right-click the card that you want to change and choose Change Card from the shortcut menu.
Step 3 Select the type of the new card. The list of cards in the Change Card menu depends on the slot selected.
Step 4 Click OK in the confirmation dialog box.
5.13 Configuring the ONS 15800, ONS 15801, and ONS 15808
Step 1 In the Domain Explorer tree, select the ONS 15800, ONS 15801, or ONS 15808 NE that will be configured and choose Configuration > NE Explorer (or click the Open NE Explorer tool). The NE Explorer window displays configuration information about the selected NE.
Step 2 Make any necessary changes to the fields in the properties pane that corresponds to the NE or its components. Click Apply to save the changes in the CTM database and apply the changes to the ONS 15800, ONS 15801, or ONS 15808 NE.
Step 3 If the user input is not saved successfully, a warning message is displayed. Click Details to see which values were not updated; then, click OK and edit the values.
Note The ONS 1580x can also be configured using TL1. In the Domain Explorer tree, select the NE that will be configured and choose Configuration > ONS 15800, ONS 15801, or ONS 15808 > Launch TL1 Interface. This launches a Telnet session directed at the TL1 port on the NE. You can launch up to a maximum of five TL1 sessions.
5.13.1 Synchronizing the ONS 15800, ONS 15801, and ONS 15808 Configuration and Inventory
To manually synchronize the ONS 15800, ONS 15801, or ONS 15808 configuration and inventory, complete the following steps:
Step 1 In the Domain Explorer tree, select an ONS 15800, ONS 15801, or ONS 15808 NE and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the NE Explorer window, choose File > Refresh Data.
Step 3 In the Refresh Data dialog box, click the From Network Element radio button; then, click OK.
Step 4 Click Yes to confirm the synchronization.
5.13.2 Manually Resetting the ONS 15800, ONS 15801, or ONS 15808
Use the Reset Network Element option to perform a software reset of the TL1 agent. This procedure does not affect traffic, but CTM will lose connectivity to the ONS 15800, ONS 15801, or ONS 15808 until the reset is complete.
Caution While the ONS 15800, ONS 15801, or ONS 15808 is booting, the Reset Network Element option is unavailable. Before manually resetting an ONS 15800, ONS 15801, or ONS 15808, take into account that the NE will be unavailable during the reset.
Step 1 In the Domain Explorer window, select an ONS 15800, ONS 15801, or ONS 15808 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the NE Explorer window, choose File > Reset Network Element.
Step 3 Click Yes in the confirmation dialog box.
5.13.3 Tagging an ONS 15800, ONS 15801, or ONS 15808 Module as Out of Service
To suppress the alarms from an ONS 15800, ONS 15801, or ONS 15808 module, tag the module as Out of Service.
Step 1 In the Domain Explorer tree, select an ONS 15800, ONS 15801, or ONS 15808 and choose Configuration > NE Explorer (or click the Open NE Explorer tool).
Step 2 In the NE Explorer tree, select a provisioned slot to open its properties pane. Click the Identification tab.
Step 3 In the State field, choose Out of Service.
Step 4 Click Apply.
5.14 Configuring MGX Voice Gateway Devices
This section helps you use the Configuration Center and Chassis View to configure your voice-enabled switches, and contains the following information:
•How Do I Manage My Network with the Chassis View?
•How Do I Manage My Network with the Configuration Center?
•How Do I Manage Templates for NEs?
•How Do I Configure MGX Voice Gateway Devices?
•How Do I Create or Modify APS?
5.14.1 How Do I Manage My Network with the Chassis View?
The Chassis View provides a graphical view of equipment status for the operational and alarm status of each card, port, or line, which is represented with a predefined color. By default, the front view opens (click the Rear View tab to switch views).
This section contains the following information:
•Launching Chassis View
•Navigating with Chassis View
•Accessing NEs
•Chassis View LED Colors
5.14.1.1 Launching Chassis View
To launch Chassis View from the Domain Explorer:
•Click a node; then, choose Configuration > MGX Voice Gateway > Chassis View.
To launch Chassis View from the Diagnostic Center, Configuration Center, or Statistics Report, do any of the following:
•Click the Chassis View tool from the toolbar.
•Choose Tools > Chassis View.
•Right-click an NE in the Hierarchy pane and choose Chassis View from the pop-up menu. Once the Chassis View opens, the corresponding window opens in the Configuration pane.
Figure 5-4 Chassis View—Front View
5.14.1.2 Navigating with Chassis View
The Chassis View main window contains the following components:
•Menu bar—See Table 5-180
•Toolbar—See Table 5-181
•Hierarchy, Configuration, and Inspector panes—See Table 5-182
Table 5-180 Chassis View—Menu Bar Options
Menu Bar Options
|
Task
|
File
|
Close
|
Closes the current Chassis View main window when you are running multiple sessions of the Chassis View. If you are running only one session, that single session is closed.
|
Exit
|
Exits the Chassis View instance and the other sessions. This option works only on the window in which the option is selected. When you have started other Chassis Views, they continue to run.
Exits the Chassis View instance and the other sessions. This option will close all the Chassis View windows launched in this CTM session.
|
Edit
|
Copy
|
Copies the selected object and puts it into the Clipboard.
|
Paste
|
Pastes the object into the Clipboard and inserts it to the target area.
|
Tools
|
Chassis View
|
Launches the Chassis View for the selected object. For more information, see How Do I Manage My Network with the Chassis View?
|
Configuration Center
|
Launches the Configuration Center for the selected object.
|
Diagnostic Center
|
Launches the Diagnostic Center for the selected object. For more information, see Chapter 9, "Managing Faults."
|
Statistics Report
|
Launches the Statistics Report for the selected object. For more information, see Chapter 10, "Managing Performance."
|
Administration
|
Allows you to perform administration-type tasks, such as:
•CTM Audit Trail—Allows you to access audit trail files for specified days.
•Telnet—(Only available when an NE is selected) Opens a command line tool to telnet to MGX switches.
•SSH—(Only available when an NE is selected) Opens a command line tool to gain secure shell access to MGX switches.
|
Help
|
Color Legend
|
Displays the CTM color legend.
|
Contents
|
Displays the contents for online help.
|
Table 5-181 Chassis View—Toolbar Buttons
Option
|
Task
|
Chassis View
|
Launches the Chassis View for the selected object.
If no object is selected, the Chassis View launches, and the right area is empty.
|
Configuration Center
|
Launches the Configuration Center for the selected object.
If no object is selected, the Configuration Center launches, and the right area is empty.
|
Diagnostics Center
|
Launches the Diagnostics Center for the selected object.
If no object is selected, the Diagnostics Center launches, and the right area is empty.
|
Statistics Report
|
Launches the Statistics Report.
|
Administration
|
Launches the CTM Audit Trail Viewer. For more information, see 8.3.2 Viewing the Audit Trail File—MGX Voice Gateway Devices, page 8-4.
|
Table 5-182 Chassis View—Hierarchy, Configuration, and Inspector Pane Descriptions
Options
|
Task
|
Hierarchy pane
|
Allows you to navigate to objects and displays the objects for selection and configuration. For more information, see Chapter 2, "Basic Concepts."
|
Inspector pane
|
Provides a list of detailed status information for the NE selected in the Hierarchy pane. For more information, see Chapter 2, "Basic Concepts."
|
Configuration pane
|
Displays the chassis view for the selected object. If no object is selected, the Configuration pane will be empty.
Within the Configuration pane, there are two tabs:
•Front View—Shows the front view configuration.
•Rear View—Shows the rear view configuration.
|
|
5.14.1.3 Accessing NEs
To view the chassis view for an NE in the Hierarchy pane:
•Drag and drop the NE from the Hierarchy pane into the Configuration pane
•Double-click the NE in the Hierarchy pane
The corresponding view opens or is highlighted in the Configuration pane.
Tip Any window within the Hierarchy pane can be "pinned" down by clicking on the pin tool, located in the bottom right corner of each window. This means that when you open other windows, the tacked down window will remain open. For more information on this feature, see Chapter 2, "Basic Concepts."
5.14.1.4 Chassis View LED Colors
The following table describes the LED colors that are used in the Chassis View.
Table 5-183 LED Colors for Chassis View
Color
|
State
|
Red
|
Critical
|
Orange
|
Major
|
Yellow
|
Minor
|
Green
|
Up, OK, and Clear
|
Purple
|
Self-test (loopback)
|
Gray
|
Down (unmanaged)
|
Blue
|
Unknown
|
Cyan
|
Not defined
|
5.14.2 How Do I Manage My Network with the Configuration Center?
By managing NEs with the Configuration Center, you can:
•Configure numerous managed device objects, such as configuration settings, interface status, and so forth in a media gateway.
•Display and modify the values for almost all of the objects.
•Perform tasks, such as element configuration and connection management.
These tasks are used to manage the NE configurations through the Configuration Center:
•Launching the Configuration Center
•Navigating with the Configuration Center
•Navigating Within Tables
5.14.2.1 Launching the Configuration Center
To launch the Configuration Center from the Domain Explorer:
•Click a node and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration pane for that node opens.
To launch the Configuration Center from the Diagnostic Center, Chassis View, or Statistics Report, do any of the following:
•Click the Configuration Center tool within the toolbar.
•Choose Tools > Configuration Center.
•Right-click an NE and choose Configuration Center from the pop-up menu. Once the Configuration Center opens, the corresponding window opens in the Configuration pane.
After the Configuration Center application is launched, the Configuration Center main window opens. For information about the main window components, see Navigating with the Configuration Center.
5.14.2.2 Navigating with the Configuration Center
The Configuration Center main window contains the following components:
•Menu bar—See Table 5-184
•Toolbar—See Table 5-185
•Hierarchy, Configuration, and Inspector panes—See Table 5-186
Table 5-184 Configuration Center—Menu Bar Options
Menu Bar Options
|
Task
|
File
|
Close
|
Closes the current Configuration Center main window when you are running multiple sessions of the Configuration Center. If you are running only one session, that single session is closed.
|
Exit
|
Exits the Configuration Center instance and the other sessions. This option works only on the window in which the option is selected. When you have started other Configuration Centers, they continue to run.
Exits the Configuration Center instance and the other sessions. This option will close all the Configuration windows launched in this CTM session.
|
Edit
|
Cut
|
Removes the selection from the text field.
|
Copy
|
Copies the selected object and puts it into the Clipboard.
|
Paste
|
Pastes the object into the Clipboard and inserts it to the target area.
|
Connection Templates
|
(Only applicable from the Connections tab) Displays connection templates.
|
Show Unused Descriptors
|
(Only applicable from the Connections tab) Shows unused descriptors.
|
Tools
|
Chassis View
|
Launches the Chassis View for the selected object. For more information, see How Do I Manage My Network with the Chassis View?
|
Configuration Center
|
Launches the Configuration Center for the selected object.
Note See 6.12 MGX Voice Gateway Cards, page 6-25 for additional information on how to configure your voice-enabled switches using the Configuration Center.
|
Diagnostic Center
|
Launches the Diagnostic Center for the selected object. For more information, see Chapter 9, "Managing Faults."
|
Statistics Report
|
Launches the Statistics Report for the selected object. For more information, see Chapter 10, "Managing Performance."
|
Administration
|
Allows you to perform administration-type tasks, such as:
•CTM Audit Trail—Allows you to access audit trail files for specified days.
•Telnet—(Only available when an NE is selected) Opens a command line tool to telnet to MGX switches.
•SSH—(Only available when an NE is selected) Opens a command line tool to gain secure shell access to MGX switches.
|
Help
|
Color Legend
|
Displays the CTM color legend.
|
Contents
|
Displays the contents for online help.
|
Table 5-185 Configuration Center—Toolbar Buttons
Option
|
Task
|
Chassis View
|
Launches the Chassis View for the selected object.
If no object is selected, the Chassis View launches, and the right area is empty.
|
Configuration Center
|
Launches the Configuration Center for the selected object.
If no object is selected, the Configuration Center launches, and the right area is empty.
|
Diagnostics Center
|
Launches the Diagnostics Center for the selected object.
If no object is selected, the Diagnostics Center launches, and the right area is empty.
|
Statistics Report
|
Launches the Statistics Report.
|
Administration
|
Launches the CTM Audit Trail Viewer. For more information, see 8.3.2 Viewing the Audit Trail File—MGX Voice Gateway Devices, page 8-4.
|
Table 5-186 Configuration Center—Hierarchy, Configuration, and Inspector Pane Descriptions
Options
|
Task
|
Hierarchy pane
|
Navigates and selects objects for configuration. For more information, see Chapter 2, "Basic Concepts."
Within the Hierarchy pane, there are two tabs:
•Elements—Configures the node, card, line, and port.
•Connections—Configures the connections.
|
|
Configuration pane
|
Depending on the active tab (Elements or Connections), the configuration details for the selected object appear. If an object is not selected, the Configuration pane is empty.
Fields within the Configuration pane with an asterisk (*) indicate required fields. Fields that have been modified appear blue.
|
Inspector pane
|
Provides a list of detailed status information for the NE selected from the Hierarchy pane. For more information, see Chapter 2, "Basic Concepts."
|
5.14.2.3 Navigating Within Tables
Many tabs within the Configuration pane contain tables. Each table contains the following buttons:
Note Some of these buttons might be grayed out, depending on availability.
•Create—Allows you to create a new table entry
•Details—Allows you to view or modify detailed information about a selected entry
•Delete—Allows you to delete an entry
•Refresh—Refreshes the table
If you select the Create or Details button, a new window opens. This window contains the following buttons:
Note Some of these buttons might be grayed out, depending on availability.
•Apply—Applies any modifications or additions
•Save As—Allows you to save the current parameters as a named template
•Load From—Provides a list of templates to load parameters from
•Delete—Deletes the information
•Refresh—Refreshes the data
5.14.3 How Do I Manage Templates for NEs?
•Saving Templates for NEs
•Loading or Deleting Templates for NEs
5.14.3.1 Saving Templates for NEs
For any specified NE (such as a node, card, line, port, or connection), you can save the current parameters as a template.
Note For details on creating connection templates, see Chapter 7, "Provisioning Services and Connections."
Step 1 From the Configuration Center main window, under the Elements tab, double-click the node, card, line, port, or connection whose parameters you want to save; then, click Save As to display the Save Template window.
Figure 5-5 Save Template Window
Step 2 Enter the new name for the template in the Save As field.
Step 3 Enter a description for the template in the Description field.
Step 4 Ensure that the listed categories are correct in the Selected Categories area.
Step 5 Click Save to save the current NE template, or Cancel to exit without saving.
5.14.3.2 Loading or Deleting Templates for NEs
Step 1 From the Configuration Center main window, under the Elements tab, double-click the node, card, line, port, or connection for which you want to load or delete a template.
Step 2 Under the appropriate subtab, click Load From to display a list of available templates.
Step 3 Select the template name from the list of templates.
Step 4 Do any of the following:
•Click Load to load the template for a particular category group
•Click Delete to delete an existing template
•Click Cancel to exit without saving
•Click Refresh to refresh the window
5.14.4 How Do I Configure MGX Voice Gateway Devices?
•Configuring a Node
•Displaying Cards Within a Node
•Verifying a Specific Card for the Node
•Managing Node Peripherals
•Viewing Node Controllers
•Managing Node Clocking
5.14.4.1 Configuring a Node
Select an MGX node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens. The Node tab opens by default. Table 5-187 provides descriptions.
Step 1 Check or configure each field, as applicable.
Note Some fields are grayed out, meaning they are not configurable.
Step 2 Click Apply to apply the current node configuration settings.
Note For a description of all buttons within this tab, see Navigating Within Tables.
Table 5-187 Field Descriptions for the Node Tab
Field Name
|
Description
|
NE Provided Description
|
System description of the managed node as provided by the MGX.
|
Up Time
|
System up time of the current node.
|
Contact
|
Contact person for the managed node.
|
Location Stored in NE
|
Physical location of the node as configured and stored in the MGX.
|
Node Name
|
Administratively assigned name for the node.
|
Integrated Alarm Status (read-only)
|
Integrated alarm status of the shelf. The following options are valid:
•Clear
•Minor
•Major
•Critical
|
Filtered Alarm Status (read-only)
|
Filtered alarm status of the shelf. The following options are valid:
•Clear
•Minor
•Major
•Critical
|
Date and Time
|
Current local date and time for the system.
|
Clock Lost on Reboot (if applicable)
|
Indicates whether the system can preserve knowledge of current date and time across a system reboot.
|
System Country
|
Country where the system is physically located.
|
Descriptor
|
Node descriptor.
|
5.14.4.2 Displaying Cards Within a Node
Displaying cards within a node allows you to verify that the correct cards are installed in the correct slots, and that the back cards installed are indeed compatible with the front cards they serve.
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Click the Cards tab to display a summary report of all the cards installed on the node. The Cards category opens by default in the drop-down list.
Note For detailed information on the Redundancy Info option, see Chapter 4, "Maintaining an Efficient Network."
5.14.4.3 Verifying a Specific Card for the Node
You can verify a card when the objects to be managed are associated with a particular card.
Step 1 Under the Cards tab (see Displaying Cards Within a Node) select the card from the summary report; then, click Details.
Alternately, within the Configuration Center Hierarchy pane, double-click the card you want to view details for.
The Card tab opens. Table 5-188 provides descriptions.
Step 2 Choose one of the following card configurations from the Category drop-down list:
•Front Card Configuration
•Back Card Configuration
•Sec Back Card Configuration (optional)
•System Information (RPM only)
•Entity Sensors (VXSM only)
•Card Information (VISM-PR only)
•Daughter Card Information (VISM-PR only)
Note The Back Card Configuration or Sec Back Card Configuration options are read-only.
Step 3 (Optional) Under the Front Card Configuration option, enter the card descriptor in the Descriptor field.
Note The Descriptor field is valid for the whole Card Configuration, but is available only from the first category of that card configuration, in this case the Front Card Configuration.
Step 4 (Optional) Under the System Information option, enter the Node Name.
Step 5 Click Apply to modify the card descriptor and to verify that the information for the card is valid.
Note For a description of all buttons within this tab, see Navigating Within Tables.
Table 5-188 Field Descriptions for the Cards Tab
Field Name
|
Description
|
Front, Back, and Sec Back Card Configuration
(applicable fields vary for each)
|
(Operational) Status
|
Operational state of the module.
|
Card Description
|
Front card description.
|
Admin Status
|
Administrative control of the module.
|
Type
|
Textual description of physical entity.
|
Slot Number
|
Number of the physical entity.
|
Hardware (HW) Revision
|
Vendor-specific hardware description string.
|
Firmware (FW) Revision
|
Vendor-specific firmware description string.
|
SW Revision
|
Vendor-specific software description string.
|
Serial Number
|
Vendor-specific serial number string.
|
Orderable Part No
|
Name of the manufacturer.
|
Reset Reason
|
Reason for last reset.
|
Descriptor
|
Card descriptor.
|
Secondary Description (RPM only)
|
Secondary back card description.
|
Secondary Serial Number (RPM only)
|
Secondary back card serial number.
|
Secondary Hardware Revision (RPM only)
|
Secondary back card hardware revision.
|
Secondary Firmware Revision (RPM only)
|
Secondary back card firmware revision.
|
Secondary Operational Status (RPM only)
|
Secondary back card operational status.
|
Save Running Config button (RPM only)
|
Allows you to save any configuration changes on the router, in order to keep those changes after a reboot.
|
System Information
(RPM only)
|
Sys Description
|
Textual description of the system entity.
|
Up Time
|
Time (in hundredths of a second) since the network management portion of the system was last reinitialized.
|
Contact
|
ID and contact information of the contact person for this managed node.
|
Node Name
|
Administratively assigned name for the managed node.
|
Location
|
Physical location of the node.
|
Services
|
Indicates a set of services that the system offers.
|
Entity Sensors, Entity Sensors Tab
|
Sensor Description
|
Textual description of the sensor.
|
Sensor Type
|
Type of data reported by the entSensorValue. This variable is set by the agent at startup and the value does not change during operation.
|
Sensor Scale
|
Indicates the exponent to apply to sensor values reported by entSensorValue. This variable is set by the agent at startup and the value does not change during operation.
|
Sensor Value
|
Reports the most recent measurement detected by the sensor.
|
Sensor State
|
Indicates the present operational state of the sensor.
|
Entity Sensors, Sensor Threshold Tab
|
Threshold Index
|
Index that uniquely identifies an entry in the entSensorThreshold table. This index permits the same sensor to have several different thresholds.
|
Threshold Severity
|
Severity of this threshold.
|
Threshold Relation
|
Relation between sense or value and threshold value, required to trigger the alarm.
|
Threshold Value
|
Value of the threshold.
|
Threshold Evaluation
|
Result of the most recent evaluation of the threshold.
|
Threshold Notification
|
Controls generation of entSensorThresholdNotification for this threshold.
|
Card Information
(VISM-PR only)
|
Slot Number
|
Slot number of the card.
|
Card Type
|
This object holds the type of the card, for processor module as well as service module.
|
Card Change Type
|
Type of card change.
|
Daughter Card Information
(VISM-PR only)
|
Daughter Card Serial Number
|
The serial number is on the nonvolatile RAM on the P daughter card, entered by the manufacturer.
|
Daughter Card Description
|
Describes the VISM-PR daughter card.
|
Daughter Card Hardware (HW) Revision
|
Hardware revision number for the daughter card.
|
5.14.4.4 Managing Node Peripherals
These tasks are used to manage peripherals:
•Displaying IP Interfaces
•Configuring Serial Interfaces
•Displaying Sensors
5.14.4.4.1 Displaying IP Interfaces
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Click the Peripherals tab. The IP Interfaces option opens by default in the Category drop-down list.
Step 3 (Optional) Click Refresh to refresh the table.
Note For a description of all buttons within this tab, see Navigating Within Tables.
5.14.4.4.2 Configuring Serial Interfaces
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Click the Peripherals tab.
Step 3 Choose the Serial Interfaces option from the Category drop-down list.
Step 4 (Optional) Click Details to view or modify information about a selected controller. The Serial Interface tab opens. The following table provides descriptions.
a. Enter the speed, and configure the stop bits and parity, if applicable.
b. Click Apply.
Note For a description of all buttons within this tab, see Navigating Within Tables.
Table 5-189 Field Descriptions for the Serial Interfaces Tab
Field Name
|
Description
|
Port Index
|
Interface index of the port.
|
Speed (Bits Per Second)
|
The input speed of the port.
|
Stop bits
|
The number of stop bits on the port:
•NA
•one
•two
•oneAndHalf
•dynamic
|
Parity
|
The port's sense of a character parity bit:
•NA
•none
•odd
•even
•mark
•space
|
5.14.4.4.3 Displaying Sensors
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Click the Peripherals tab.
Step 3 Choose the Sensors option from the Category drop-down list to open the Sensors table. The following table provides descriptions.
Step 4 (Optional) Click Refresh to refresh the table.
Table 5-190 Field Descriptions for the Sensors Table
Field Name
|
Description
|
Description
|
Specifies the type of environmental state, such as temperature, DC voltage, bottom fan tray, and so forth.
|
Value
|
Reports the most recent measurement seen by the sensor.
|
Type
|
Indicates the type of data reported by the Value parameter. The variable is set by the agent at startup and the value does not change during operation.
|
Value Last Updated
|
Indicates the status of the value.
|
Value Time Stamp
|
Indicates the date and time of the value reported in the Value parameter.
|
Update Rate
|
Indicates the rate at which the agent updates the Value parameter.
|
5.14.4.5 Viewing Node Controllers
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Click the Controllers tab. The following table provides descriptions.
Step 3 (Optional) Click any one of the following buttons:
•Create to create a new controller
•Details to view or modify information about a selected controller
•Delete to delete a controller
•Refresh to refresh the table
Table 5-191 Field Descriptions for the Controllers Table
Field Name
|
Description
|
Controller ID
|
Unique value for VSI controller (VSI master).
|
Controller Type
|
Identifies the controller type.
|
Controller Name
|
Name chosen by the user for the VSI controller.
|
Controller Shelf Location
|
Identifies the location of the controller shelf.
|
Controller Location
|
Identifies the location of the controller.
|
5.14.4.6 Managing Node Clocking
On Cisco MGX 8850 (PXM1E) switches, clock source configuration is done on the PXM1E card and passed to other nodes over PXM1E lines.
On Cisco MGX 8850 (PXM45) switches, clock source configuration is done on a PXM45 card, and clock sourcing information is passed to other nodes over ATM Switch Service Module (AXSM) lines.
CTM supports the manual clock configuration method of network clock synchronization for the Cisco MGX switches. Manual clock configuration configures both primary and secondary clock sources, which are distributed throughout the network. The secondary clock source takes over if the primary clock source fails. You can configure a network setup with one master clock source, and a secondary to ensure network clock stability.
You can manage three types of node clocking:
•Configuring Global Clocking
•Viewing Available Clock Sources
•Viewing or Creating Manual Clock Sources
5.14.4.6.1 Configuring Global Clocking
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Click the Clocking tab. The Global Clocking Configuration option opens by default in the Category drop-down list. Table 5-192 provides descriptions.
Step 3 (Optional) Modify the fields as necessary.
Step 4 (Optional) Click any one of the following buttons:
•Apply—Applies any modifications or additions
•Save As—Allows you to save the current parameters as a named template
•Load From—Provides a list of templates to load parameters from
•Refresh—Refreshes the data
5.14.4.6.2 Viewing Available Clock Sources
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Click the Clocking tab.
Step 3 Choose the Available Clock Sources option from the Category drop-down list. Table 5-192 provides descriptions.
Step 4 (Optional) Click Refresh to reload the table data.
Note For a description of all buttons within this tab, see Navigating Within Tables.
5.14.4.6.3 Viewing or Creating Manual Clock Sources
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Click the Clocking tab.
Step 3 Choose the Manual Clock Sources option from the Category drop-down list. Table 5-192 provides descriptions.
Step 4 To create a new clock source, proceed as follows:
a. Click Create. Complete the following fields:
•Priority
•Clock Source Index
b. Click Apply.
Note For a description of all buttons within this tab, see Navigating Within Tables.
Table 5-192 Field Descriptions for the Clocking Tab
Field Name
|
Description
|
Global Clocking Configuration
|
Distribution Method
|
Method used to distribute the network clock for the device.
|
Stratum
|
This variable contains the stratum level of the node.
|
Max Diameter
|
The maximum possible height of a network clock distribution tree in the network.
|
Change Reason
|
Reason for the most recent change of a source of network clock, as indicated by the change in the value of "ciscoWanChangeTimeStamp."
|
Change Time
|
Value of sysUpTime when the most recent change of a source of network clock occurred.
|
Clock Source
|
Description of the clock source associated with this entry.
|
Available Clock Sources
|
Clock Index
|
Clock index number.
|
Clock Source
|
Description of the clock source associated with this entry.
|
Type
|
Type of clock.
|
Manual Clock Sources Table
|
Clock Source
|
Description of the clock source associated with this entry.
|
Manual Clock Index
|
Manual clock index number.
|
Manual Source Priority
|
Manual source priority.
|
Health
|
Health of the clock source.
|
Manual Clock Sources Create Window
|
Priority
|
Value used to configure an available network clock source to be primary, secondary, or default manual clock source.
|
Clock Source Index
|
An index value used to identify the primary, secondary, or default manual clock source.
|
Clock Source
|
Description of the clock source associated with this entry.
|
Health
|
Health of the clock source.
|
5.14.5 How Do I Create or Modify APS?
Automatic Protection Switching (APS) can be configured on SONET lines within SRME, AXSM, and VXSM OC-type cards.
If you are setting up APS on multiple cards, you must first set up an APS connector and then set up redundancy on the node (for details on setting up redundancy, see 4.5.13 Configuring Card Redundancy, page 4-93).
Step 1 Select a node in the Domain Explorer tree and choose Configuration > MGX Voice Gateway > Configuration Center. The Configuration window for the selected node opens.
Step 2 Double-click an AXSM, SRME, or VXSM card.
Step 3 Click the Sonet Line APS tab. Under the Sonet Line APS tab, you can:
•Click Create to create a new Sonet Line APS
•Select the line you want to modify and click Details
Step 4 Configure the fields. The following table provides descriptions.
Step 5 Click Apply to save any changes.
Table 5-193 Field Descriptions for the Sonet Line APS Tab
Field Name
|
Description
|
Working Bay
|
Working bay number.
|
Working Line
|
Working line number.
|
Protection Slot
|
Protection slot number.
|
Protection Bay
|
Protection bay number.
|
Protection Line
|
Protection line number.
|
APS Mode
|
Configures APS architecture mode on the working/protection line pairs.
|
Active Line
|
Indicates which line is active.
|
Signal Fault BER
|
Contains the bit error rate threshold for signal fault detection on the working line.
|
Signal Degrade BER
|
Contains the bit error rate threshold for signal degrade detection on the working line.
|
Switch Back Time
|
Contains the interval (in minutes) to wait before attempting to switch back to the working line.
|
Switching Direction
|
Configures the switching direction supported by this APS line.
|
APS Revertive
|
Configures the APS revertive or nonrevertive option.
|
APS Operational Direction
|
Shows the actual APS direction that is implemented on the near-end terminal.
|
APS Operational Mode
|
Shows the actual APS architecture mode that is implemented on the near-end terminal.
|
Channel Protocol
|
Allows configuration of APS channel protocol to be implemented at the near-end terminal.
|
Line Failure Status
|
APS line failure status.
|
Line Switch Reason
|
APS line switch reason.
|
Working Section
|
Indicates which working section is the APS primary section.
|
