BigIron RX Installation Guide
Page 187
... RX Series software 7 Special instructions for using one of the methods described in "Upgrading the interface module's IronWare image". If you already own. In release 02.5.00, all OS functions have older versions of the software that it has installed on interface modules that need to be upgraded every time, thus eliminating another step in the upgrade process. • The first version of the boot and monitor image supporting this upgrade...
... RX Series software 7 Special instructions for using one of the methods described in "Upgrading the interface module's IronWare image". If you already own. In release 02.5.00, all OS functions have older versions of the software that it has installed on interface modules that need to be upgraded every time, thus eliminating another step in the upgrade process. • The first version of the boot and monitor image supporting this upgrade...
BigIron RX Series Configuration Guide v02.7.02
Page 17
... Creating a Layer 2 ACL table 506 Example Layer 2 ACL clauses 507 Inserting and deleting Layer 2 ACL clauses 508 Binding a Layer 2 ACL table to an interface 508 Increasing the maximum number of clauses per Layer 2 ACL table 508 Viewing Layer 2 ACLs 508 Example of Layer 2 ACL deny by MAC address 509 Access Control List In this chapter 511 How the device processes ACLs 512 Disabling or re-enabling Access Control Lists (ACLs 513 Default ACL action 513 Types of IP ACLs 513 ACL IDs and entries 513 Enabling support for additional ACL statements 514 ACL-based inbound mirroring...
... Creating a Layer 2 ACL table 506 Example Layer 2 ACL clauses 507 Inserting and deleting Layer 2 ACL clauses 508 Binding a Layer 2 ACL table to an interface 508 Increasing the maximum number of clauses per Layer 2 ACL table 508 Viewing Layer 2 ACLs 508 Example of Layer 2 ACL deny by MAC address 509 Access Control List In this chapter 511 How the device processes ACLs 512 Disabling or re-enabling Access Control Lists (ACLs 513 Default ACL action 513 Types of IP ACLs 513 ACL IDs and entries 513 Enabling support for additional ACL statements 514 ACL-based inbound mirroring...
BigIron RX Series Configuration Guide v02.7.02
Page 102
... have configured the system to use one. Layer 2 protocols such as STP, RSTP, MRP, and VSRP are based on the MAC address of the BigIron RX Series chassis. 3 How management module redundancy works Management sessions You can establish management sessions with the new active module, provided that the new active module has the same management port connections. (For example, if you were accessing the Web management interface through a PC connected to the original active module's management port...
... have configured the system to use one. Layer 2 protocols such as STP, RSTP, MRP, and VSRP are based on the MAC address of the BigIron RX Series chassis. 3 How management module redundancy works Management sessions You can establish management sessions with the new active module, provided that the new active module has the same management port connections. (For example, if you were accessing the Web management interface through a PC connected to the original active module's management port...
BigIron RX Series Configuration Guide v02.7.02
Page 132
....cfg file will include the command that the software could not find. Path not found You specified a file name that designates slot 1 as the following table lists the messages the CLI can not read -only attribute. NOTE In this example, after you save location for another file. To change the save configuration changes to copy or delete a file that is already in use by the message. Access is...
....cfg file will include the command that the software could not find. Path not found You specified a file name that designates slot 1 as the following table lists the messages the CLI can not read -only attribute. NOTE In this example, after you save location for another file. To change the save configuration changes to copy or delete a file that is already in use by the message. Access is...
BigIron RX Series Configuration Guide v02.7.02
Page 140
... example, suppose you configure an ACL to permit Telnet access only to specific client IP addresses, and you do not enter a correct username or password after 3 attempts, the device disconnects the Telnet session. BigIron RX(config)# telnet login-retries 5 Syntax: [no ] telnet server enable vlan 68 BigIron RX Series Configuration Guide 53-1001810-01 BigIron RX(config)# telnet server enable vlan 10 The command configures the device to allow Telnet access only to clients in a VLAN that is allowed for all ports. Restricting remote access to...
... example, suppose you configure an ACL to permit Telnet access only to specific client IP addresses, and you do not enter a correct username or password after 3 attempts, the device disconnects the Telnet session. BigIron RX(config)# telnet login-retries 5 Syntax: [no ] telnet server enable vlan 68 BigIron RX Series Configuration Guide 53-1001810-01 BigIron RX(config)# telnet server enable vlan 10 The command configures the device to allow Telnet access only to clients in a VLAN that is allowed for all ports. Restricting remote access to...
BigIron RX Series Configuration Guide v02.7.02
Page 574
... the named-access-group specifies the ACL used in the rate limiting policy. For information on page 497. Traffic that can be configured, refer to the "Configuration considerations" on the number of ACL-based rate limiting policies that matches the deny condition is adjusted to "Configuring a port-based rate limiting policy" on page 498. 502 BigIron RX Series Configuration Guide 53-1001810-01 BigIron RX(config)# interface ethernet 1/1 BigIron RX(config-if-e10000-1/1)# rate-limit...
... the named-access-group specifies the ACL used in the rate limiting policy. For information on page 497. Traffic that can be configured, refer to the "Configuration considerations" on the number of ACL-based rate limiting policies that matches the deny condition is adjusted to "Configuring a port-based rate limiting policy" on page 498. 502 BigIron RX Series Configuration Guide 53-1001810-01 BigIron RX(config)# interface ethernet 1/1 BigIron RX(config-if-e10000-1/1)# rate-limit...
BigIron RX Series Configuration Guide v02.7.02
Page 734
...100 BigIron RX(config-vlan-100)# multicast static-group 224.10.1.1 uplink 662 BigIron RX Series Configuration Guide 53-1001810-01 The source traffic will respond to IGMP queries from the uplink multicast PIM switch for downstream traffic and uses a port. 23 Configuring IP multicast traffic reduction Configuring the PIM SM traffic snooping per VLAN When the multicast static-group uplink command is enabled on a snooping VLAN, the snooping device behaves like an IGMP host on ports connected to the multicast switch. To configure an BigIron RX switch to the switch, and saves a port...
...100 BigIron RX(config-vlan-100)# multicast static-group 224.10.1.1 uplink 662 BigIron RX Series Configuration Guide 53-1001810-01 The source traffic will respond to IGMP queries from the uplink multicast PIM switch for downstream traffic and uses a port. 23 Configuring IP multicast traffic reduction Configuring the PIM SM traffic snooping per VLAN When the multicast static-group uplink command is enabled on a snooping VLAN, the snooping device behaves like an IGMP host on ports connected to the multicast switch. To configure an BigIron RX switch to the switch, and saves a port...
BigIron RX Series Configuration Guide v02.7.02
Page 1371
... the RADIUS server specifies a VLAN ID for the port. DOT1X: Port currently used vlan-id is set the dynamic assigned IP ACLs or MAC address filters 802.1x authentication could not take place on the Root port so 802.1W changed from authorized to unauthorized. user added | deleted | modified from console | telnet | ssh | web | snmp A user created, modified, or deleted a local user account through the Web, SNMP, console, SSH, or Telnet session. DOT1X: Port , The status of the interface's controlled port AuthControlledPortStatus change: authorized has changed...
... the RADIUS server specifies a VLAN ID for the port. DOT1X: Port currently used vlan-id is set the dynamic assigned IP ACLs or MAC address filters 802.1x authentication could not take place on the Root port so 802.1W changed from authorized to unauthorized. user added | deleted | modified from console | telnet | ssh | web | snmp A user created, modified, or deleted a local user account through the Web, SNMP, console, SSH, or Telnet session. DOT1X: Port , The status of the interface's controlled port AuthControlledPortStatus change: authorized has changed...
BigIron RX Series Configuration Guide v02.7.03
Page 131
... message is currently undergoing formatting. TABLE 33 Flash card file management messages This message... BigIron RX Series Configuration Guide 59 53-1001986-01 System Monitoring Service 3 Specify the parameter if you want to save location back to make sure the command matches the source and destination you intended for the file operation. One possible cause of the saved configuration file. When an error or event occurs, SYSMON...
... message is currently undergoing formatting. TABLE 33 Flash card file management messages This message... BigIron RX Series Configuration Guide 59 53-1001986-01 System Monitoring Service 3 Specify the parameter if you want to save location back to make sure the command matches the source and destination you intended for the file operation. One possible cause of the saved configuration file. When an error or event occurs, SYSMON...
BigIron RX Series Configuration Guide v02.7.03
Page 351
... certain number of times from the port at any point between two BigIron RX devices and provides a fast detection of retries is received from the other end (peer) supports UDLD. The UDLD will continue to suspended state. BigIron RX Series Configuration Guide 279 53-1001986-01 FIGURE 20 UDLD example Without link keepalive, the ports remain enabled. If the port still does not receive a health-check packet...
... certain number of times from the port at any point between two BigIron RX devices and provides a fast detection of retries is received from the other end (peer) supports UDLD. The UDLD will continue to suspended state. BigIron RX Series Configuration Guide 279 53-1001986-01 FIGURE 20 UDLD example Without link keepalive, the ports remain enabled. If the port still does not receive a health-check packet...
BigIron RX Series Configuration Guide v02.7.03
Page 578
... forwarded on page 501. For information on the other parameters, refer to the "Configuration considerations" on the port. Traffic that match the condition are not subject to rate limiting. Traffic denied by ACL 50; 19 Configuring rate limiting policies These commands first configure access-list groups that contain the ACLs that matches the permit rules a rate of 100 Mbps with a maximum burst size of 200 Mbits. BigIron RX(config...
... forwarded on page 501. For information on the other parameters, refer to the "Configuration considerations" on the port. Traffic that match the condition are not subject to rate limiting. Traffic denied by ACL 50; 19 Configuring rate limiting policies These commands first configure access-list groups that contain the ACLs that matches the permit rules a rate of 100 Mbps with a maximum burst size of 200 Mbits. BigIron RX(config...
BigIron RX Series Configuration Guide v02.7.03
Page 722
... a specific VLAN instance, IGMP snooping is not configured for passive IGMP and allow the to work . NOTE A router-id is required if a virtual interface (ve) or IP is enabled. If you enable IP multicast on a BigIron RX, all ports on the Group Membership reports received from the network. 650 BigIron RX Series Configuration Guide 53-1001986-01 If you can use active or passive IGMP mode. BigIron RX(config)# show ip multicast Configuring the IGMP mode per VLAN NOTE A router...
... a specific VLAN instance, IGMP snooping is not configured for passive IGMP and allow the to work . NOTE A router-id is required if a virtual interface (ve) or IP is enabled. If you enable IP multicast on a BigIron RX, all ports on the Group Membership reports received from the network. 650 BigIron RX Series Configuration Guide 53-1001986-01 If you can use active or passive IGMP mode. BigIron RX(config)# show ip multicast Configuring the IGMP mode per VLAN NOTE A router...
BigIron RX Series Configuration Guide v02.7.03
Page 730
... exclude multicast traffic, respectively for the groups and sources configured. To configure the snooping device to statically join a multicast group on the uplink interface, enter commands such as the following . BigIron RX(config)# vlan 100 BigIron RX((config-vlan-100)# multicast static-group 224.10.1.1 2/4 To configure the snooping device to statically join a multicast stream with the source address of 10.43.1.12 in the include mode, enter commands such as the following . 658 BigIron RX Series Configuration Guide...
... exclude multicast traffic, respectively for the groups and sources configured. To configure the snooping device to statically join a multicast group on the uplink interface, enter commands such as the following . BigIron RX(config)# vlan 100 BigIron RX((config-vlan-100)# multicast static-group 224.10.1.1 2/4 To configure the snooping device to statically join a multicast stream with the source address of 10.43.1.12 in the include mode, enter commands such as the following . 658 BigIron RX Series Configuration Guide...
BigIron RX Series Configuration Guide v02.7.03
Page 1361
... Root port so 802.1W changed from the RADIUS server specifies a VLAN ID for example, the Filter-ID attribute did not refer to be the root bridge of minutes. BigIron RX Series Configuration Guide 53-1001986-01 1289 The port to unauthorized. telnet | SSH | web access [by ] from src IP , src MAC rejected, attempts There were failed web, SSH, or Telnet login access attempts from the RADIUS server (for the user. DOT1X: Port currently used vlan-id is connected has...
... Root port so 802.1W changed from the RADIUS server specifies a VLAN ID for example, the Filter-ID attribute did not refer to be the root bridge of minutes. BigIron RX Series Configuration Guide 53-1001986-01 1289 The port to unauthorized. telnet | SSH | web access [by ] from src IP , src MAC rejected, attempts There were failed web, SSH, or Telnet login access attempts from the RADIUS server (for the user. DOT1X: Port currently used vlan-id is connected has...
BigIron RX Series Configuration Guide v02.8.00
Page 73
... of Service" Book: BigIron RX Series Configuration Guide Chapter:"Configuring Traffic Reduction" Book: BigIron RX Series Configuration Guide Chapter:"VLANs" Section:"Hardware flooding for Layer 2 multicast and broadcast packets" 802.1s Multiple Spanning Tree Protocol (MSTP) Switching and Routing Packets Multiple Spanning Tree Protocol (MSTP) as on the BigIron MG8 except: • Only Inbound rate limiting is supported. • 802.1p packet priority is used by default • Rate limit accounting is available if WRED is not supported on ACL matching of flows and...
... of Service" Book: BigIron RX Series Configuration Guide Chapter:"Configuring Traffic Reduction" Book: BigIron RX Series Configuration Guide Chapter:"VLANs" Section:"Hardware flooding for Layer 2 multicast and broadcast packets" 802.1s Multiple Spanning Tree Protocol (MSTP) Switching and Routing Packets Multiple Spanning Tree Protocol (MSTP) as on the BigIron MG8 except: • Only Inbound rate limiting is supported. • 802.1p packet priority is used by default • Rate limit accounting is available if WRED is not supported on ACL matching of flows and...
BigIron RX Series Configuration Guide v02.8.00
Page 135
... you save the configuration changes using a name that designates slot 1 as the following table lists the messages the CLI can not read -only attribute. BigIron RX Series Configuration Guide 59 53-1002253-01 TABLE 34 Flash card file management messages This message... To change the save location back to flash memory, enter a command such as the save the configuration changes to copy or delete a file that the software could not find. Means... BigIron RX# locate startup-config flash...
... you save the configuration changes using a name that designates slot 1 as the following table lists the messages the CLI can not read -only attribute. BigIron RX Series Configuration Guide 59 53-1002253-01 TABLE 34 Flash card file management messages This message... To change the save location back to flash memory, enter a command such as the save the configuration changes to copy or delete a file that the software could not find. Means... BigIron RX# locate startup-config flash...
BigIron RX Series Configuration Guide v02.8.00
Page 357
... not bring down the ports connected to the failed link. Figure 20 shows an example. Traffic continues to be transitioned into the suspended state to suspended state. If the port still does not receive a health-check packet after maximum number of link failures. This include the case where: • User enables UDLD on both ends of the link down if the link goes down at...
... not bring down the ports connected to the failed link. Figure 20 shows an example. Traffic continues to be transitioned into the suspended state to suspended state. If the port still does not receive a health-check packet after maximum number of link failures. This include the case where: • User enables UDLD on both ends of the link down if the link goes down at...
BigIron RX Series Configuration Guide v02.8.00
Page 589
... IPv6 ACL used to be rate limited. The slot/port specifies the interface module and port to permit or deny traffic on a specific port, enter a command such as the following: BigIron RX (config)# unknown-unicast rate-limit 1000000 1 np 4/2 Syntax: [no parameter to "Configuring a port-based rate limiting policy" on the other parameters, refer to disable np rate limiting. The is supported. The parameter specifies the total number bits that you specify default...
... IPv6 ACL used to be rate limited. The slot/port specifies the interface module and port to permit or deny traffic on a specific port, enter a command such as the following: BigIron RX (config)# unknown-unicast rate-limit 1000000 1 np 4/2 Syntax: [no parameter to "Configuring a port-based rate limiting policy" on the other parameters, refer to disable np rate limiting. The is supported. The parameter specifies the total number bits that you specify default...
BigIron RX Series Configuration Guide v02.8.00
Page 742
... the uplink interface, enter commands such as the following. Where there are present in the include mode, enter commands such as the following. 666 BigIron RX Series Configuration Guide 53-1002253-01 Configuring a multicast static group uplink per VLAN instance Using the PIM proxy function, multicast traffic can use the following commands. (config)# vlan 2 (config-vlan-2)# multicast pim-proxy-enable Syntax: [no] multicast pim-proxy-enable Static IGMP membership When configuring a static IGMP membership, you can be reduced by configuring an BigIron RX switch to...
... the uplink interface, enter commands such as the following. Where there are present in the include mode, enter commands such as the following. 666 BigIron RX Series Configuration Guide 53-1002253-01 Configuring a multicast static group uplink per VLAN instance Using the PIM proxy function, multicast traffic can use the following commands. (config)# vlan 2 (config-vlan-2)# multicast pim-proxy-enable Syntax: [no] multicast pim-proxy-enable Static IGMP membership When configuring a static IGMP membership, you can be reduced by configuring an BigIron RX switch to...
Getting Started Guide
Page 3
... passwords 27 •Configuring IP addresses 29 •Connecting the PowerConnect B-RX Series to a network device 31 Introduction This guide provides instructions for installing the brackets and mounting the unit. Note the following additional documentation: • For detailed installation and configuration instructions, refer to your PowerConnect supplier to the appropriate rack mount installation procedures. A mid-mount kit can be ordered separately from your hardware installation guide. • For rack-specific installation instructions, refer to center mount the PowerConnect...
... passwords 27 •Configuring IP addresses 29 •Connecting the PowerConnect B-RX Series to a network device 31 Introduction This guide provides instructions for installing the brackets and mounting the unit. Note the following additional documentation: • For detailed installation and configuration instructions, refer to your PowerConnect supplier to the appropriate rack mount installation procedures. A mid-mount kit can be ordered separately from your hardware installation guide. • For rack-specific installation instructions, refer to center mount the PowerConnect...