- Preface
- Boot Commands
- Bulk Content Downloader (BCDL) Commands
- Call Home Commands
- CDP Commands
- Clock Commands
- Configuration Management Commands
- File System Commands
- Hardware Redundancy and Node Administration Commands
- Manageability Commands
- NTP Commands
- Object Tracking Commands
- Process and Memory Management Commands
- Secure Domain Router Commands
- SNMP Server Commands
- Software Entitlement Commands
- Software Package Management Commands
- Terminal Services Commands
- Utility Commands
- Index
Secure Domain Router
Commands
Secure domain routers (SDRs) provide a means of partitioning a router into multiple, independent routers. SDRs perform routing functions in the same manner as a physical router but share resources with the rest of the system. For example, the applications, configurations, protocols, and routing tables assigned to an SDR belong to that SDR only, but other functions such as chassis control, switch fabric, and partitioning are shared with the rest of the system.
For detailed information about secure domain router concepts, configuration tasks, and examples, see the Configuring Secure Domain Routers on Cisco IOS XR Software module in Cisco IOS XR System Management Configuration Guide for the Cisco XR 12000 Series Router.
location (SDR)
To assign a node to a secure domain router (SDR), use the location command in SDR configuration mode. To remove a node from an SDR and return the node to the owner SDR, use the no form of this command.
location node-location
location partially-qualified-nodeid [primary]
no location
Syntax Description
|
partially-qualified-nodeid |
Node to be assigned to the specified secure domain router. Refer to the Usage Guidelines for the syntax required in each router platform. |
Command Default
All nodes are assigned to the owner SDR.
Command Modes
SDR configuration
Command History
|
Release |
Modification |
|---|---|
|
Release 3.2 |
This command was introduced. |
|
Release 3.3.0 |
The term logical router (LR) was changed to secure domain router (SDR). |
Usage Guidelines
Use the location command to assign a node to an SDR. By default, all nodes belong to the owner SDR. When a node is assigned to a non-owner SDR, it is automatically removed from the owner SDR inventory.
Use the no form of the location command to remove a node from an SDR. Removing a node from an SDR implicitly returns it to the owner SDR. When a node has been removed from an SDR, it can be reassigned to another SDR. To remove the designated secure domain router system controller (DSDRSC), you must first remove all other nodes in the SDR. You cannot remove the designated system controller (DSC) from the owner SDR.
 Note | Removing all nodes from an SDR deletes the secure domain router from the configuration. |
Usage Notes
- Enter the value of the partially-qualified-nodeid argument to specify a single node. The value of the nodeid argument is entered in the rack/slot/* notation. Node IDs are always specified at the slot level, so the wildcard (*) is used to specify the CPU.
- The first RP you assign to the SDR will become the DSDRSC. To add a redundant standby RP to the configuration, install a second RP in the adjacent redundancy slot and add it to the SDR configuration. For more information, see Configuring Secure Domain Routers on Cisco IOS XR Software.
Task ID
|
Task ID |
Operations |
|---|---|
|
system |
read, write |
Examples
The following example shows how to create an SDR, and assign RPs in adjacent redundancy slots to be the DSDRSC:
RP/0/0/CPU0:router# admin RP/0/0/CPU0:router(admin)# configure RP/0/0/CPU0:router(admin-config)# sdr rname RP/0/0/CPU0:router(admin-config-sdr:rname)# location 0/2/* RP/0/0/CPU0:router(admin-config-sdr:rname)# location 0/3/* RP/0/0/CPU0:router(admin-config-sdr:rname)# commit RP/0/0/CPU0:router(admin-config-sdr:rname)# end
The following example shows how to add a node to an SDR:
RP/0/0/CPU0:router# admin RP/0/0/CPU0:router(admin)# configure RP/0/0/CPU0:router(admin-config)# sdr rname RP/0/0/CPU0:router(admin-config-sdr:rname)# location 0/5/* RP/0/0/CPU0:router(admin-config-sdr:rname2)# end
The following example shows how to remove a node from an SDR:
RP/0/0/CPU0:router# admin RP/0/0/CPU0:router(admin)# configure RP/0/0/CPU0:router(admin-config)# sdr rname RP/0/0/CPU0:router(admin-config-sdr:rname)# no location 0/5/* RP/0/0/CPU0:router(admin-config-sdr:rname2)# end
Related Commands
Command | Description |
Creates a secure domain router (SDR) and enters SDR configuration mode. |
sdr
administration configuration
mode. To remove a secure domain router from the configuration, use the no form of this command.sdr sdr-name
no sdr sdr-name
Syntax Description
|
sdr-name |
Name of the SDR to be created or modified. |
Command Default
The system comes configured as a single secure domain router known as the owner SDR.
Command Modes
Administration configuration
Command History
|
Release |
Modification |
|---|---|
|
Release 3.2 |
This command was introduced. |
|
Release 3.3.0 |
The term logical router (LR) was changed to secure domain router (SDR). |
|
Release 3.3.0 |
No modification. |
Usage Guidelines
Use the sdr command to create an SDR or modify an existing SDR.
Note | The sdr-name argument creates an SDR if the SDR specified for the sdr-name argument does not exist. |
By default, a router running Cisco IOS XR software contains one SDR, the owner SDR. You cannot create the owner SDR because it always exists—nor can you completely remove it because it is necessary for managing the router.
After the sdr command is used, the router enters SDR configuration mode. From SDR configuration mode, you can add nodes to the SDR or remove nodes from the SDR using the location (SDR) command.
Use the no form of the command to remove a non-owner SDR configuration. When an SDR is removed from the router configuration, all nodes included in the SDR configuration are returned to the owner SDR inventory. The owner SDR cannot be removed.
Maximum Number of SDR Configurations
We recommend a maximum of four SDRs, including one owner SDR and up to three non-owner SDRs.
Task ID
|
Task ID |
Operations |
|---|---|
|
system |
read, write |
Examples
The following example shows how to enter SDR configuration mode to configure an SDR.
RP/0/0/CPU0:router# admin
RP/0/0/CPU0:router(admin)# configure
RP/0/0/CPU0:router(admin-config)# sdr rname
RP/0/0/CPU0:router(admin-config-sdr:rname)# location 0/0/*
RP/0/0/CPU0:router(admin-config-sdr:rname)# location 0/5/*
RP/0/0/CPU0:router(admin-config-sdr:rname)# end
Related Commands
Command | Description |
Assigns a node to a secure domain router. | |
location (DRP) | Assigns nodes to a DRP pair. |
pairing (DRP) | Specifies a distributed router processor (DRP) pair and enters DRP pairing configuration mode. |
show sdr
To display information about the currently defined secure domain routers (SDRs), use the show sdr command in the appropriate configuration mode.
Administration EXEC Mode
show sdr [ name sdr-name [detail] | summary ]
EXEC Mode
show sdr [detail]
Syntax Description
|
name sdr-name |
Specifies a specific SDR. |
|
detail |
Displays more detailed information for a specific SDR. |
|
summary |
Displays summary information about all SDRs in the system. |
Command Default
Administration EXEC Mode Mode:
- Displays information for the Owner SDR.
- If you are logged into a specific SDR as the admin user, then information about the local SDR is displayed.
EXEC Mode Mode:
Command Modes
EXEC
Administration EXEC
Command History
|
Release |
Modification |
|---|---|
|
Release 3.5.0 |
This command was introduced. |
Usage Guidelines
Use the show sdr command in administration EXEC mode to display the inventory of nodes in the Owner SDR or in a specific named SDR. The show sdr command in EXEC mode displays the inventory of nodes in the current SDR.
Task ID
|
Task ID |
Operations |
|---|---|
|
system |
read |
Examples
EXEC
mode:RP/0/5/CPU0:router# show sdr Mon Sep 28 19:55:31.905 DST SDR Inventory -------------- Type NodeName NodeState RedState PartnerName --------------------------------------------------------------- LC(2) 0/0/CPU0 UNPOWERED NONE NONE LC(2) 0/1/CPU0 UNPOWERED NONE NONE LC(2) 0/2/CPU0 IOS XR RUN NONE NONE LC(2) 0/3/CPU0 IOS XR RUN NONE NONE LC(2) 0/4/CPU0 IOS XR RUN NONE NONE RP(0) 0/5/CPU0 IOS XR RUN Active NONE
|
Field |
Description |
|---|---|
|
Type |
Type of card, which can be Linecard, RP, or DRP. |
|
NodeName |
Name of the node, expressed in the rack/slot/module notation. |
|
NodeState |
Run state of the card, which can be failure, present, booting, running, and so on. |
|
RedState |
Redundancy state of the card, which can be active, standby, or none. |
|
PartnerName |
Partner of the card, expressed in the rack/slot/module notation. |
This example shows sample output from the show sdr command in administration EXEC mode with the summary keyword:
RP/0/5/CPU0:router(admin)# show sdr summary Mon Sep 28 19:57:36.929 DST SDRs Configured: SDR-Names SDRid dSDRSC StbydSDRSC MacAddr ---------------------------------------------------------------------- Owner 0 0/5/CPU0 NONE 0019.aaa3.3df0
|
Field |
Description |
|---|---|
|
SDRid |
Identifier of the SDR. |
|
dSDRSC |
Designated secure domain router shelf controller. This refers to the controller of the SDR. |
|
StbydSDRSC |
Standby DSDRSC. This refers to the standby controller of the SDR. |
|
Primary1 |
Configured primary node. |
|
Primary2 |
Configured primary node pair. |
|
MacAddr |
MAC address associated with the SDR. |
Feedback