Picos 2.2 l2 l3 Configuration Guide
Picos 2.2 l2 l3 Configuration Guide
Picos 2.2 l2 l3 Configuration Guide
Configuration Guide
PicOS 2.2.0
March 2014
This guide provides the Layer 2 / Layer 3 configuration commands for PicOS 2.2.0
Pica8, Inc. makes no warranty of any kind with regard to this material, including, but not limited to, the implied
warranties of merchantability and fitness for a particular purpose. The information is provided “as is” without warranty
of any kind, and is subject to change without notice.
Table of Contents
TABLE OF CONTENTS ........................................................................................................ 3
PREFACE ............................................................................................................................. 7
Intended Audience ................................................................................................................................................ 7
PicOS Documents ................................................................................................................................................ 7
Organization ......................................................................................................................................................... 7
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e |3
Table of Contents
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e |4
Table of Contents
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e |5
Table of Contents
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e |6
Preface
Preface
Intended Audience
This guide is intended for data center administrators, system administrators, and customer service staffs responsible
for monitoring or configuring PicOS Layer 2 / Layer 3.
PicOS Documents
The PicOS documents are available on our Pica8 website:
http://www.pica8.com/portal/
Organization
This configuration guide is organized as follows:
Chapter Description
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e |7
Preface
Chapter 1 Overview
This chapter provides an overview of PicOS Layer 2 / Layer 3 features, including Layer2 switching and Layer3 routing.
Features List
PicOS Layer 2 / Layer 3 supports Layer 2 switching (STP, RSTP, MSTP, MAC learning, Q-in-Q) and Layer 3 routing
(static routing, RIPv2, OSPF, IGMP, PIM-SM, IPv6).
Support for configuration versioning and rollback; compares the two configurations for
differences
Device
Configuration, Ability to import/export configuration files, device software, and logs from a file on a
Software,& File remote server (tftp/scp as possible options)
Management
Ping tool and Trace route tool from CLI
SSH tool and telnet tool from CLI
Ability to view and configure MAC/ARP table information
Support for LLDP protocols for detecting devices on a link
Support for LACP protocol and hashing of traffic using Src/Dst MAC address, Src/Dst IP
address, and Layer4 port information and flag
Support for 802.1q trunked interfaces, for both single and LAG interfaces
Support for 802.1q tagged/untagged interfaces and native tags
Layer2
Forwarding and Support for Q-in-Q
Protocol Support for Jumbo Frame
Support for 802.1d Spanning Tree Protocol (STP)
Support for 802.1w rapid STP (RSTP)and Per-VLAN Spanning Tree(PVST)
Support for 802.1s Multiple Spanning Tree protocol (MSTP)
Support for functionality of BPDU Guard / Filter/UDLD etc.
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e |8
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e |9
Preface
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 10
System Management and Configuration
You can modify the baud rate of the switch. For that, enter the U-Boot and configure the baud rate or other
parameters. For example:
U-Boot 1.3.0 (Sep 8 2010 - 17:20:00)
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 11
System Management and Configuration
ipaddr=10.10.50.60
gatewayip=10.10.50.1
serverip=10.10.50.16
bootfile=u-boot.bin
filesize=100000
fileaddr=2000000
Do not interrupt the default boot process unless you are upgrading, fixing the file system, or changing the console port
settings (see documentation about upgrading or downgrading a Pica8 Switch).
Default Login
The system has two default users: root and admin. The default password for both is pica8. If you login as
root, the system defaults to a Linux shell with Linux root privileges. If you login as admin, you will log into the
L2/L3 Shell (also called XORP Shell).
The following section describe how to change the PicOS mode of operation (From L2/L3 to OVS or OVS to
L2/L3).
With the change below, the system will use the OVS mode.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 12
System Management and Configuration
picos_start=ovs
With the change below, the system will use the L2/L3 mode (or XORP Plus).
picos_start=xorpplus
Once the configuration file is updated, you must restart the PicOS service to activate the change (or restart the switch).
To restart the PicOS service, use the command:
service picos restart
To use the XORPPLUS CLI from the Linux shell, you can use the command “pica_sh”.
The login in the L2/L3 shell should look like the following:
Synchronizing configuration...OK.
Pica8 PicOS Version 2.1
Welcome to PicOS L2/L3 on XorPlus
XorPlus>
root@XorPlus#picos_boot
Please configure the default system start-up options:
(Press other key if no change)
[1] PicOS L2/L3
[2] PicOS Open vSwitch/OpenFlow
[3] No start-up options * default
Enter your choice (1,2,3):
Option 1, PicOS is XorPlus. When you choose option 1, after a reboot PicOS will load XorPlus.
Option 2, Open vSwitch (OVS), is an open source project ported to PicOS (refer to PicOS OVS Configuration Guide
for details) when you choose option 2, after a reboot PicOS will load Open vSwitch.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 13
System Management and Configuration
Synchronizing configuration...OK.
Pica8 PicOS Version 2.1
Welcome to PicOS L2/L3 on XorPlus
XorPlus>
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 14
Preface
XorPlus# exit
XorPlus>
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 15
System Management and Configuration
Commit confirmed
User can commit a candidate configuration before this configuration become permanent. By using “commit confirmed”,
the system will apply the configuration for ten minutes default. After ten minutes, the system will roll back to the
configuration automatically before user “commit confirmed”. User can configure the roll back time in the CLI, by default
it is 10 minutes.
(1) default configure
By default, it will be automatically rolled back to the previous configuration after 600 seconds.
XorPlus# set vlans vlan-id 2
[edit]
XorPlus# commit confirmed
Merging the configuration.
Will be automatically rolled back in 600 seconds unless confirmed by new commit.
Commit OK.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 16
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 17
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 18
System Management and Configuration
[edit]
XorPlus#
(2) Configure DHCP snooping binding file and timeout
XorPlus# set protocols dhcp snooping binding file /tmp/run/dhcp_bind //sync the dhcp snooping table to
disk
[edit]
XorPlus# set protocols dhcp snooping binding timeout 8
[edit]
XorPlus# com
Merging the configuration.
Commit OK.
Save done.
[edit]
(3) Configure DHCP snooping trust port
XorPlus# set protocols dhcp snooping port ge-1/1/2 trust true //(DHCP reply is trusted), usually, the port
connect to DHCP server should be enable
this.
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 19
System Management and Configuration
Configuring Authentication/Authorization/Accounting
PicOS supports Authentication/Authorization/Accounting (AAA). A user is authenticated by the AAA server (referred to
as “admin” in our guide) and then can configure the switch. PicOS supports TACACS+ and RADIUS protocols.
RADIUS supports only two levels: read-only and super-user. Configure the local switch and server as detailed below
Configuring AAA
Configure the tacacs enable
XorPlus# set system aaa tacacs-plus disable false
[edit]
XorPlus# set system aaa tacacs-plus key pica8
[edit]
XorPlus# set system aaa tacacs-plus server-ip 10.10.53.53
[edit]
XorPlus# commit
Commit OK.
Save done.
[edit]
XorPlus# set system aaa tacacs-plus authorization true
[edit]
XorPlus# set system aaa tacacs-plus accounting true
XorPlus# commit
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 20
System Management and Configuration
XorPlus#
XorPlus# set system aaa radius accounting disable false
[edit]
XorPlus# set system aaa radius accounting server-ip 10.10.50.41 shared-key testing123
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 21
System Management and Configuration
key = pica8
# Accounting File
accounting file = /var/tmp/acctfile
default authentication = file /etc/passwd
user = admin {
member = admins
}
group = admins {
global = cleartext "password"
service = exec {
default attribute = permit
}
}
user = operator {
global = cleartext "operator"
service = exec {
default attribute = permit
}
}
user = ychen {
global = cleartext "ychen"
member = admins
service = exec {
default attribute = permit
}
}
Add “/usr/share/freeradius/dictionary.pica8” to radius server before the configuration.
Radius server configuration:
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 22
System Management and Configuration
Following the configuration above, the admin or operator can access the switch via telnet or SSH.
Any valid CLI commands executed by the admin or operator will be recorded to the specified accounting file. In our
example above, the accounting file is /var/tmp/acct file.
In the configuration above, you cannot log in to the switch with a local account.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 23
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 24
System Management and Configuration
Configuring IPFIX
(1) Configuring IPFIX parameters
By default, IPFIX is disabled. You can enable IPFIX and configure its parameters as shown below. Make sure the
switch can connect to the IPFIX collector server correctly.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 25
System Management and Configuration
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Configuring sFlow
(1) Globally enabling sFlow
By default, sFlow is disabled. You can enable sFlow and configure its’ parameters. Verify that the switch can connect
to the sFlow collector server, and configure the sFlow agent-id and source-address at the same time that you enable
sFlow, as shown below:
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 26
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 27
System Management and Configuration
In the current version, sFlow samples only the ingress traffic of each interface. You can monitor the traffic with sFlow
Trend as follows:
Figure 2-1.sFlowTrendtools.
Configuring SNMP
(1) Configuring SNMP parameters
By default, SNMP is disabled. You can enable SNMP and configure its parameters (e.g. community, contact, location)
as shown below:
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 28
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 29
System Management and Configuration
In the example below, the system logs messages from Info, Warning, Error, and Fatal levels since the system syslog
level is set to Info.
You can display the log messages on the console screen by entering the following command:
XorPlus# exit
XorPlus> syslog monitor on
If the switch’s syslog level is Trace, the trace options of the modules should be turned on, as illustrated below. You can
also turn on the OSPF trace options for debugging.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 30
System Management and Configuration
Commit OK.
Save done.
[edit]
XorPlus#
Oct 17 15:22:42 XorPlus local0.warn : admin logined the switch
Oct 17 15:22:50 XorPlus local0.warn pica_sh: Tacacs send acct body send failed: wrote -1 of 127: Connection
refused
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 31
System Management and Configuration
The image will be placed under the local installation directory (/cftmp). The system will decompress pica.tar.gz
automatically when rebooted, updating only the PicOS Software.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 32
System Management and Configuration
The image will be placed under the local installation directory (/cftmp). The system will decompress rootfs.tar.gz
automatically when rebooted, updating both the PicOS Platform and PicOS Software. PicOS 2.2 supports using shell
script to upgrade. (Please consult picos-2.2.0-image-upgrade-guide)
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 33
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 34
System Management and Configuration
Linux XorPlus 2.6.27 #1 Thu Feb 13 00:42:23 CST 2014 ppc GNU/Linux
XorPlus# run show system processes brief
PID TTY STAT TIME COMMAND
1 ? Ss 0:01 init [2]
2 ? S< 0:00 [kthreadd]
3 ? S< 0:00 [ksoftirqd/0]
4 ? S< 0:00 [watchdog/0]
5 ? S< 0:02 [events/0]
6 ? S< 0:00 [khelper]
48 ? S< 0:00 [kblockd/0]
55 ? S< 0:00 [ata/0]
56 ? S< 0:00 [ata_aux]
58 ? S< 0:00 [kseriod]
99 ? S 0:00 [pdflush]
101 ? S< 0:00 [kswapd0]
147 ? S< 0:00 [aio/0]
156 ? S< 0:00 [nfsiod]
831 ? S< 0:00 [ftld]
853 ? S< 0:00 [rpciod/0]
857 ? S< 0:00 [kjournald]
2222 ? S 0:00 [pdflush]
2356 ? Ss 0:00 /usr/sbin/cron -L 0
2387 ? Ss 0:00 /usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive -inetd_compat
-inetd_ipv6
2501 ? S 0:03 pica_cardmgr
2503 ? S 0:59 pica_sif
2649 ? S 0:05 pica_lacp
2664 ? Ss 0:00 dhclient -pf /run/dhclient.eth0.pid -lf
/var/lib/dhcp/dhclient.eth0.leases eth0
2666 ? Sl 18:06 pica_lcmgr
2672 ? S 0:04 pica_login
3166 ? Sl 0:00 /usr/sbin/rsyslogd -c5
3457 ? S 0:35 pica_mstp
3462 ? S 0:02 xorp_policy
3464 ? Ss 1:03 /pica/bin/xorp_rtrmgr -d -L local0.info -P /var/run/xorp_rtrmgr.pid
3500 tty1 Ss+ 0:00 /sbin/getty 38400 tty1
3507 tty2 Ss+ 0:00 /sbin/getty 38400 tty2
3508 tty3 Ss+ 0:00 /sbin/getty 38400 tty3
3761 ttyS0 Ss+ 0:00 /sbin/getty -s -L ttyS0 115200 ansi
4050 ? S 0:57 ovs-vswitchd
4422 ? Ss 0:00 in.telnetd: 10.10.50.16
4423 pts/0 Ss 0:00 login -h 10.10.50.16 -p
4424 pts/0 S+ 0:00 -bash
4434 pts/0 S+ 0:03 /pica/bin/pica_sh
6451 ? Ss 0:00 in.telnetd: 10.10.50.18
6452 pts/1 Ss 0:00 login -h 10.10.50.18 -p
6460 pts/1 S+ 0:00 -bash
6469 pts/1 R+ 0:03 /pica/bin/pica_sh
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 35
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 36
System Management and Configuration
}
ip-source {
disable: false
}
ip-destination {
disable: false
}
port-source {
disable: false
}
port-destination {
disable: false
}
}
}
}
aggregate-balancing {
…………………..…………………..…………………..
XorPlus# run show system rollback list
-rw-rw-r-- 1 root xorp 23478 Jul 7 22:55 /pica/config/pica.conf
-rw-rw-r-- 1 root xorp 23595 Jul 7 22:28 /pica/config/pica.conf.01
-rw-rw-r-- 1 admin xorp 23595 Jul 7 22:27 /pica/config/pica.conf.02
-rw-rw-r-- 1 root xorp 23595 Jul 7 22:26 /pica/config/pica.conf.03
XorPlus# run show system users
admin pts/0 Jan 13 14:19 (10.10.50.16)
admin pts/1 Jan 13 15:03 (10.10.50.18)
XorPlus#
XorPlus# run show system core-dumps
total 0
XorPlus#
XorPlus# run show system connections
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode
tcp 0 0 127.0.0.1:49152 0.0.0.0:* LISTEN 0 6787
tcp 0 0 127.0.0.1:60833 0.0.0.0:* LISTEN 0 5715
tcp 0 0 127.0.0.1:51714 0.0.0.0:* LISTEN 11 31043
tcp 0 0 127.0.0.1:42179 0.0.0.0:* LISTEN 0 6789
tcp 0 0 127.0.0.1:56484 0.0.0.0:* LISTEN 0 5711
tcp 0 0 127.0.0.1:51044 0.0.0.0:* LISTEN 0 5705
tcp 0 0 127.0.0.1:40421 0.0.0.0:* LISTEN 0 6764
tcp 0 0 127.0.0.1:56263 0.0.0.0:* LISTEN 0 6822
XorPlus# run show system boot-messages
Copyright (c) 2009-2014 Pica8 Inc.
All rights reserved.
Up time: 18:19:41
revision: 2.6.27
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 37
System Management and Configuration
Technical Support
Execute the diagnostic command, show tech_support, to send the information to Pica8 Supports and receive a
diagnostic report back from Pica8 technical support.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 38
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 39
System Management and Configuration
Installing Software
You can install software that you’d like to have in your Debian system (for example, make, python, g++) as shown
below:
root@XorPlus#apt-get update
Hit http://ftp.tw.debian.org stable Release.gpg
Hit http://ftp.tw.debian.org stable Release
Hit http://ftp.tw.debian.org stable/main powerpc Packages
Hit http://ftp.tw.debian.org stable/main Translation-en
Reading package lists... Done
root@XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 40
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 41
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 42
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 43
System Management and Configuration
Command List
cls
commit
delete interface management-ethernet eth0 address
delete interface management-ethernet eth0 gateway
delete system aaa local disable
delete system aaa radius accounting disable
delete system aaa radius authorization disable
delete system aaa tacacs-plus accounting
delete system aaa tacacs-plus auth-type
delete system aaa tacacs-plus authorization
delete system aaa tacacs-plus disable
delete system aaa tacacs-plus key
delete system aaa tacacs-plus port-number
delete system hostname
delete system inband enable
delete system log-facility
delete system log-level
delete system login announcement
delete system login user admin authentication plain-text-password
delete system login user admin class
delete system login user operator authentication plain-text-password
delete system login user operator class
delete system login user root authentication plain-text-password
delete system login user root class
delete system services ssh connection-limit
delete system services ssh disable
delete system services ssh rate-limit
delete system services ssh root-login
delete system services telnet connection-limit
delete system services telnet disable
delete system services telnet rate-limit
delete system syslog host
delete system syslog local-file
delete system syslog port-number
delete system syslog port-protocol
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 44
System Management and Configuration
exit configuration-mode
exit discard
help apply
help commit
help create
help delete
help execute
help exit configuration-mode
help exit discard
help help
help load
help quit
help rollback
help run
help save
help set
help show all
help status
help top
help up
quit
run clear log bozo
run clear log all
run request system reboot
run set cli idle-timeout <int>
run set cli terminal ansi
run set cli terminal linux
run set cli terminal vt100
run set cli terminal xterm
run set date bozo
run set management-ethernet-speed eth0 <auto>|<int>
run show all_config
run show cli history
run show log date bozo
run show log last-rows <int>
run show running_config
run show system boot-messages
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 45
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 46
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 47
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 48
System Management and Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 49
System Management and Configuration
status
top
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 50
File Management Configuratio
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 51
File Management Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 52
File Management Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 53
File Management Configuration
XorPlus>
XorPlus> file cwd /pica/config
XorPlus> file cwd
XorPlus>
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 54
File Management Configuration
vlan-name: "default"
l3-interface: ""
}
}
[edit]
The maximum rollback file is limited to 50. The current configuration is located in pica.conf.
XorPlus# rollback 1
XorPlus# Loading config file...
Config file was loaded successfully.
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Displaying the different between the current config with destination config file
XorPlus# show | compare rollback 2
[edit vlans]
----------------------------------------------------------------------------------------
+vlan-id 3 {
+}
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 55
File Management Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 56
File Management Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 57
File Management Configuration
Save done.
[edit]
XorPlus#
XorPlus# execute ?
Possible completions:
<text> Local file name
Ychen1.conf Size: 10750, Last changed: Sat Apr 9 09:52:11 2011
XorPlus# execute ychen1.conf
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
The file of ychen.conf content like this:
firewall {
filter f33 {
sequence 1 {
from {
destination-mac-address: 22:22:22:22:22:22
}
then {
action: "forward"
}
}
input {
interface "ge-1/1/1"
}
}
}
The file of ychen1.conf content like this:
delete firewall filter f33
commit
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 58
File Management Configuration
By default, there is a shell script named with “upgrade.sh” in "/pica/bin/shell" directory, users can execute this script
by command “upgrade” in bash. This script will upgrade the image and back up configuration files automatically. You
should according to pico-2.2.0-image-upgrade-guide to change the image if you need to downgrade. Or you can get
the image and md5 file to /cftmp directory, then rebooting to downgrade (You should back up the configuration file
manually if you need).
Usage:
root@XorPlus$upgrade
USAGE
Upgrade system with local new image
SYNOPSIS
upgrade image_name [no-md5-check]
DESCRIPTION
image_name - Image should be saved in /cftmp
no-md5-check - Disable check of the image file for MD5
Steps:
1) Downloading new image to /cftmp dir. (By default this script will checking image MD5, it needs MD5 file in /cftmp
directory, you can use the parameter of "no-md5-check" to disable MD5 checking, otherwise the script will abort)
2) Synchronize. (After downloading image, you should synchronize the data by the command "sync" in bash, avoiding
losing data and some errors)
3) Executing upgrade script. (The image_name should be consistent with the platform, otherwise the script will abort)
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 59
File Management Configuration
Rebooting in 10 seconds!
reboot now!
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 60
File Management Configuration
Command List
execute bozo
load bozo
rollback
run bash <command>
run file archive bozo bozo bozo
run file checksum bozo
run file compare bozo bozo
run file copy bozo bozo
run file cwd bozo
run file delete bozo
run file list bozo
run file rename bozo bozo
run file show bozo
run file sync
run file tftp get remote-file bozo local-file bozo ip-address <ip-address>
run file tftp put local-file bozo remote-file bozo ip-address <ip-address>
save bozo
set alias bozo pattern bozo
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 61
Layer2 Switching Configuration
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 62
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 63
Layer2 Switching Configuration
Both static and LACP LAGs can support the hashing of traffic using the Src/Dst MAC address, the Src/DstIP
address, and Layer 4 port information.
If all member ports of a LAN are link-down, the LAG will be link-down. The LAG will become link-up when at least
one member port is link-up.
The logical function and configuration of LAGs are same as those of a physical port.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 64
Layer2 Switching Configuration
Output Octets............................1594
Aggregated link protocol: STATIC
Members Status Port Speed
--------- -------- ----------
ge-1/1/1 Down Auto
ge-1/1/2 Down Auto
ge-1/1/3 Up Auto
ge-1/1/4 Up Auto
The LACPDU includes the LACP system priority, the system MAC, the port priority and I.D. The port, included in the
LACP LAG, will transmit the LACPDU to its neighbors.
The configuration of the LACP LAG is similar to that of the static LAG.
min-selected-port denotes that the LAG is up only when no fewer than the defined number of ports are up. Below,
our defined number is 4.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 65
Layer2 Switching Configuration
In Figure 1, switch A and C are connected by link A; switch B and C is connected by link B. In switch C, link A and B
has formed an aggregation interface to balance the traffic. In the meanwhile, switch A and B has formed a MLAG
using link A and B. For communication, such as MAC entries, between the members of the MLAG and are learned by
the MLAG must need be synchronized. In Figure 1 synchronization between switch A and B, and link C are used to
connect switch A and B as the channel interface. The number of links which connect switch A and C or B and C
cannot be more than 1.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 66
Layer2 Switching Configuration
Figure 1-1
SwitchA SwitchB
Link C
Link A Link B
LAG
SwitchC
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 67
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 68
Layer2 Switching Configuration
SwitchA Peer-link
SwitchB
Te-1/1/49 Te-1/1/49
LAG3
Te-1/1/50 Te-1/1/50
Ge-1/1/1 Ge-1/1/1
LAG1
Ge-1/1/1
Ge-1/1/2
SwitchC
1) Configure the number of LAGs on Switch C. Add member interfaces to the aggregated ethernet interfaces on
Switch C.
2) Configure the number of MLAG member LAGs on both Switch A and Switch B. Add member interfaces to the
aggregated ethernet interfaces on on both Switch A and Switch B.
3) Configure the number of MLAG peer-link LAGs on both Switch A and Switch B. Add member interfaces to the
aggregated ethernet interfaces on on both Switch A and Switch B.
4) Configure the L3 interface IP address on both Switch A and Switch B for peer-to-peer communication.
5) Configure the same domain-id number on both MLAG peers on Switch A and Switch B.
6) Configure not the same system-id on both MLAG peers on Switch A and Switch B.
7) Configure the peer IP address for MLAG peer connect on both Switch A and Switch B.
8) Configure the LAGs for MLAG peer-link connects on both Switch A and Switch B.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 69
Layer2 Switching Configuration
Figure 2
SwitchA Peer-link
SwitchB
Te-1/1/49 Te-1/1/49
LAG3
Te-1/1/50 Te-1/1/50
LAG1 LAG2
Ge-1/1/1 NIC 2
Ge-1/1/2 NIC /2
SwitchC ServerA
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 70
Layer2 Switching Configuration
[edit]
XorPlus#
XorPlus# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae1
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae2
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/49 ether-options 802.3ad ae3
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/50 ether-options 802.3ad ae3
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 71
Layer2 Switching Configuration
Configuring the peer IP address and the peer-link for the MLAG domain peer
XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag peer10.10.0.2peer-link "ae3"
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 72
Layer2 Switching Configuration
[edit]
XorPlus# set interface aggregate-ethernet ae2 aggregated-ether-options mlag peer10.10.0.2peer-link "ae3"
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 73
Layer2 Switching Configuration
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 15
[edit]
XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16
[edit]
XorPlus# set interface aggregate-ethernet ae2 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 15
[edit]
XorPlus# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 16
[edit]
XorPlus# set interface aggregate-ethernet ae3 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 15
[edit]
XorPlus# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 16
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 74
Layer2 Switching Configuration
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set interface aggregate-ethernet ae2 aggregated-ether-options mlag domain-id 2
[edit]
XorPlus# set interface aggregate-ethernet ae2 aggregated-ether-options mlag system-id c8:0a:a9:9e:14:a4
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
Configuring the peer IP address and the peer-link for the MLAG domain peer
XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag peer10.10.0.1peer-link "ae3"
[edit]
XorPlus# set interface aggregate-ethernet ae2 aggregated-ether-options mlag peer10.10.0.1peer-link "ae3"
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 75
Layer2 Switching Configuration
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 76
Layer2 Switching Configuration
XorPlus#
Figure 3
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 77
Layer2 Switching Configuration
SwitchA Peer-link
SwitchB
Te-1/1/49 Te-1/1/49
LAG3
Te-1/1/50 Te-1/1/50
LAG1 LAG2
Ge-1/1/1 Ge-1/1/1
Ge-1/1/2 Ge-1/1/2
SwitchC SwitchD
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 78
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 79
Layer2 Switching Configuration
Configuring the peer IP address and the peer-link for the MLAG domain peer
XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag peer10.10.0.2peer-link "ae3"
[edit]
XorPlus# set interface aggregate-ethernet ae2 aggregated-ether-options mlag peer10.10.0.2peer-link "ae3"
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 80
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 81
Layer2 Switching Configuration
[edit]
XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16
[edit]
XorPlus# set interface aggregate-ethernet ae2 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 15
[edit]
XorPlus# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 16
[edit]
XorPlus# set interface aggregate-ethernet ae3 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 15
[edit]
XorPlus# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 16
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 82
Layer2 Switching Configuration
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Configuring the peer IP address and the peer-link for the MLAG domain peer
XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag peer10.10.0.1peer-link "ae3"
[edit]
XorPlus# set interface aggregate-ethernet ae2 aggregated-ether-options mlag peer10.10.0.1peer-link "ae3"
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 83
Layer2 Switching Configuration
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 15
[edit]
XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 84
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 85
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 86
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 87
Layer2 Switching Configuration
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 88
Layer2 Switching Configuration
Save done.
[edit]
XorPlus#
Configuring Mirroring
You can configure one (1) mirror to analyze traffic. Configure the source/destination port (also referred to as the
input/output port).
Note: The output port does not belong to any VLAN, and will not participate in Layer2 or Layer3 forwarding.
Access ports belong to native VLANs, while trunk ports belong to more than one VLAN including the native VLAN.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 89
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 90
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 91
Layer2 Switching Configuration
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 1-4094
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Te-1/1/49 Te-1/1/49
Switch A Switch B
ge-1/1/3 ge-1/1/4
ge-1/1/3 ge-1/1/4
Vlan.3 Vlan.3
Vlan.3 Vlan.3
Configuring Switch A
For Switch A, you should configure ge-1/1/1~ge-1/1/4 as access port sand te-1/1/49 as the trunk port, because
the10Gbit link will trunk the traffic of VLAN-2 and VLAN-3.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 92
Layer2 Switching Configuration
Configuring Switch B
For Switch B, configure ge-1/1/1~ge-1/1/4 as access port sand te-1/1/49 as the trunk port, because the 10Gbit link will
trunk the traffic ofVLAN-2 and VLAN-3.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 93
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 94
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 95
Layer2 Switching Configuration
XorPlus#
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 96
Layer2 Switching Configuration
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 97
Layer2 Switching Configuration
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 98
Layer2 Switching Configuration
XorPlus#
XorPlus# run show port-security interface gigabit-ethernet ge-1/1/1
Interface ge-1/1/1
----------------------------------------
Port security : enabled
Violation action : restrict
Block type : broadcast
Sticky : true
Dynamic MAC limit : 5
Total MAC addresses : 10
Configured MAC addresses : 5
Sticky MAC addresses : 5
Security violation count : 286062
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 99
Layer2 Switching Configuration
}
}
mac-address 00:00:23:23:23:24 {
vlan 1 {
}
}
mac-address 00:00:23:23:23:25 {
vlan 1 {
}
}
mac-address 00:00:23:23:23:26 {
vlan 1 {
}
}
mac-address 00:00:23:23:23:27 {
vlan 1 {
}
}
sticky: true
block: "broadcast"
}
OK
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Q-in-Q tunneling is useful when you have overlapping VLAN IDs, because the 802.1Q VLAN tags are prepended by
the service VLAN tag. The Layer 2 / Layer 3implementation of Q-in-Q tunneling supports the IEEE 802.1ad standard.
The Q-in-Q tunneling external mode belongs to basic Q-in-Q, while the Q-in-Q tunneling internal mode belongs to
selective Q-in-Q.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 100
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 101
Layer2 Switching Configuration
XorPlus# commit
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 102
Layer2 Switching Configuration
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching vlan members 200
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching vlan members 300
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching native-vlan-id 100
[edit]
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 103
Layer2 Switching Configuration
VLAN 10 VLAN 10
untaged untaged
Customer A Customer B
Ge-1/1/1 Ge-1/1/1
Ge-1/1/2 Ge-1/1/2
Customer C Customer D
VLAN 20 VLAN 20
untaged untaged
Configuration on Provider A
Configure VLAN 100 as the default VLAN of Gigabit Ethernet ge-1/1/1, and enable the Q-in-Q tunneling internal mode
on Gigabit Ethernet ge-1/1/1.
The configure the untagged frames received by the port with the customer VLAN tag30 and service VLAN tag 100.
Finally, configure the customer VLAN tag 10 frames received by the port with the service VLAN tag 100.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 104
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 105
Layer2 Switching Configuration
Configure VLAN 200 as the default VLAN of Gigabit Ethernet ge-1/1/2, and enable the Q-in-Q tunneling internal mode
on Gigabit Ethernet ge-1/1/2.
Then configure the untagged frames received by the port with the customer VLAN tag 30 and service VLAN tag 200.
Finally configure the customer VLAN tag 20 frames, received by the port with the service VLAN Tag 200.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 106
Layer2 Switching Configuration
XorPlus# commit
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# run show interface gigabit-ethernet ge-1/1/2 dot1q-tunneling
Dot1q Tunneling Mode: internal, Ether Type: 0x8100
Ingress: t5
Untagged-type Enabled: true
One-tagged-type Customer Vlan:
Double-tagged-type Service Vlan: 0
New Service Vlan: 200
New Customer Vlan: 30
Ingress: t6
Untagged-type Enabled: false
One-tagged-type Customer Vlan: 20
Double-tagged-type Service Vlan: 0
New Service Vlan: 200
New Customer Vlan: 0
Egress: t7
Service Vlan: 200
Customer Vlan: 20
Action: Retain the customer vlan tag
Egress: t8
Service Vlan: 200
Customer Vlan: 30
Action: Strip both tags
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 107
Layer2 Switching Configuration
Configure VLAN 100/200 as the trunk port of Gigabit Ethernet te-1/1/49, and enable the Q-in-Q tunneling internal
mode.
Configuration on Provider B
Configure VLAN 100 as the default VLAN of Gigabit Ethernet ge-1/1/1, and enable the Q-in-Q tunneling internal mode
on Gigabit Ethernet ge-1/1/1.
The configure the untagged frames received by the port with the customer VLAN tag 30 and service VLAN tag 100.
Finally, configure the customer VLAN tag 10 frames received by the port with the service VLAN tag 100.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 108
Layer2 Switching Configuration
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# run show interface gigabit-ethernet ge-1/1/1 dot1q-tunneling
Dot1q Tunneling Mode: internal, Ether Type: 0x8100
Ingress: t1
Untagged-type Enabled: true
One-tagged-type Customer Vlan:
Double-tagged-type Service Vlan: 0
New Service Vlan: 100
New Customer Vlan: 30
Ingress: t2
Untagged-type Enabled: false
One-tagged-type Customer Vlan: 10
Double-tagged-type Service Vlan: 0
New Service Vlan: 100
New Customer Vlan: 0
Egress: t3
Service Vlan: 100
Customer Vlan: 10
Action: Retain the customer vlan tag
Egress: t4
Service Vlan: 100
Customer Vlan: 30
Action: Strip both tags
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 109
Layer2 Switching Configuration
Configure VLAN 200 as the default VLAN of Gigabit Ethernet ge-1/1/2, and enable the Q-in-Q tunneling internal mode
on Gigabit Ethernet 1/1/2.
Then configure the untagged frames received by the port with the customer VLAN tag 30 and service VLAN tag 200.
Finally, configure the customer VLAN tag 20 frames received by the port with the service VLAN Tag 200.
XorPlus# commit
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 110
Layer2 Switching Configuration
Configure VLAN 100/200 as the trunk port of Gigabit Ethernet te-1/1/49, and enable the Q-in-Q tunneling internal
mode.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 111
Layer2 Switching Configuration
MSTP Configuration
802.1D, 802.1w, and 802.1s are spanning tree protocols that can avoid the loop in Layer2. You can configure the
parameters of MSTP, including bridge-priority, forward-delay, max-age, and hello-time interval.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 112
Layer2 Switching Configuration
Root Port:
CIST Internal Root Path Cost: 0
Hello Time: 2
Maximum Age: 20
Forward Delay: 20
Remaining Hops: 8
Bridge Configuration Name: test1
Bridge Configuration Digest: ac36177f50283cd4b83821d8ab26de62
Number of Topology Changes: 13
Time Since Last Topology Change: 0 days 00:00:31
Local Parameters
Bridge ID: 4096.08:9e:01:39:1a:fe
Hello Time: 2
Maximum Age: 20
Forward Delay: 20
Remaining Hops: 8
XorPlus#
XorPlus# set vlans vlan-id 100
[edit]
XorPlus# set vlans vlan-id 200
[edit]
XorPlus# set vlans vlan-id 300
[edit]
XorPlus# set vlans vlan-id 400
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols spanning-tree mstp msti 1
[edit]
XorPlus# set protocols spanning-tree mstp msti 2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols spanning-tree mstp msti 1 vlan 100
[edit]
XorPlus# set protocols spanning-tree mstp msti 1 vlan 200
[edit]
XorPlus# set protocols spanning-tree mstp msti 2 vlan 300
[edit]
XorPlus# set protocols spanning-tree mstp msti 2 vlan 400
[edit]
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 113
Layer2 Switching Configuration
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# run show spanning-tree mstp bridge
Bridge Spanning Tree Parameters
Enabled Protocol: MSTP
Root ID: 4096.08:9e:01:39:1a:fe
External Root Path Cost: 0
CIST Regional Root ID: 4096.08:9e:01:39:1a:fe
Root Port:
CIST Internal Root Path Cost: 0
Hello Time: 2
Maximum Age: 20
Forward Delay: 20
Remaining Hops: 8
Bridge Configuration Name: test1
Bridge Configuration Digest: 8b5d98ca042bad0d7fa5f18744f4755d
Msti 1 Member VLANs:
100, 200,
Msti 2 Member VLANs:
300, 400,
Number of Topology Changes: 14
Time Since Last Topology Change: 0 days 00:02:49
Local Parameters
Bridge ID: 4096.08:9e:01:39:1a:fe
Hello Time: 2
Maximum Age: 20
Forward Delay: 20
Remaining Hops: 8
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 114
Layer2 Switching Configuration
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# run show spanning-tree mstp interface
Spanning Tree Interface Parameters for Instance 0
Interface Port ID Designated Designated Bridge Ext Port Int Port State Role
Port ID ID Cost Cost
---------- --------- ---------- ----------------------- --------- --------- ---------- ------
ge-1/1/1 96.1 96.1 8192.08:9e:01:39:1a:fe 30000 10000 FORWARDING EDGE
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 115
Layer2 Switching Configuration
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Disabling/enabling MSTP
If you disable MSTP, the port will stay in forwarding status and cease to send BPDUs.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 116
Layer2 Switching Configuration
PVST Configuration
802.1D, 802.1w, and 802.1s are spanning tree protocols that \avoid the loop in Layer2. You can configure the
parameters of PVST, including bridge-priority, forward-delay, max-age, and hello-time interval.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 117
Layer2 Switching Configuration
Maximum Age: 30
Forward Delay: 20
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 118
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 119
Layer2 Switching Configuration
Disabling/enabling PVST
You cannot disable the spanning tree protocol PVST with just the enable false command. To disable PVST, first
configure the spanning tree mode in MSTP/RSTP/STP and then disable the spanning tree. After the spanning tree is
disabled, the port will stay in “forwarding” status and cease to send BPDUs.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 120
Layer2 Switching Configuration
[edit]
XorPlus#
XorPlus# run show spanning-tree
Bridge Spanning Tree Parameters
Enabled Protocol: PVST
Root ID: 32769.08:9e:01:61:65:71
Root Path Cost: 0
Designated Bridge ID: 32769.08:9e:01:61:65:71
Root Port:
Hello Time: 2
Maximum Age: 20
Forward Delay: 15
Number of Topology Changes: 1
Time Since Last Topology Change: 0 days 00:00:09
Local Parameters
Bridge ID: 32769.08:9e:01:61:65:71
Hello Time: 2
Maximum Age: 20
Forward Delay: 15
To achieve load balancing, VLAN 100 should be in MSTI-1 (Fig. 4-4), and VLAN 200 should be in MSTI-2 (Fig. 4-5).
Switch A Switch B
Ge-1/1/3
Ge-1/1/1 Ge-1/1/1 Ge-1/1/3
Ge-1/1/2 Ge-1/1/2
VLAN VLAN
VLAN 100,200 VLAN
100,200 100,200 100,200
Ge-1/1/1 Ge-1/1/2
Ge-1/1/1 Ge-1/1/2
Ge-1/1/2 Ge-1/1/1
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 121
Layer2 Switching Configuration
Regional Root
Switch A Switch B
Ge-1/1/3
Ge-1/1/1 Ge-1/1/1 Ge-1/1/3
Ge-1/1/2 Ge-1/1/2
VLAN 100
VLAN 100
VLAN 100 VLAN 100
Ge-1/1/1 Ge-1/1/2
Ge-1/1/1 Ge-1/1/2
Ge-1/1/2 Ge-1/1/1
Regional Root
Switch A Switch B
Ge-1/1/3
Ge-1/1/1 Ge-1/1/1 Ge-1/1/3
Ge-1/1/2 Ge-1/1/2
VLAN 200
VLAN 200
VLAN 200 VLAN 200
Ge-1/1/1 Ge-1/1/2
Ge-1/1/1 Ge-1/1/2
Ge-1/1/2 Ge-1/1/1
Configuring Switch A
For Switch A, configure ge-1/1/1~ge-1/1/3 as trunk ports, and as members of VLAN 100 and VLAN 200.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 122
Layer2 Switching Configuration
To make sure that Switch A is the root of the network and the regional root of MSTI-1, configure it as the higher priority.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 123
Layer2 Switching Configuration
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols spanning-tree mstp msti 1 bridge-priority 4096
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Configuring Switch B
Configure ge-1/1/1~ge-1/1/3 as trunk ports, and as members of VLAN 100 and VLAN 200.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 124
Layer2 Switching Configuration
XorPlus#
XorPlus# set protocols spanning-tree mstp msti 1 vlan 100
[edit]
XorPlus# set protocols spanning-tree mstp msti 2 vlan 200
[edit]
XorPlus# set protocols spanning-tree mstp configuration-name region1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
To verify that Switch B is the regional root of MSTI-2, and that ge-1/1/2 and ge-1/1/3 are in blocking status in MSTI-1,
configure a higher MSTI-2 priority, and a large value for internal-path-cost in MSTI-1.
Configuring Switch C
Configure ge-1/1/1~ge-1/1/2 as trunk ports, and as members of VLAN 100 and VLAN 200.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 125
Layer2 Switching Configuration
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching vlan members 200
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 200
[edit]
XorPlus#
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set protocols spanning-tree mstp msti 1 vlan 100
[edit]
XorPlus# set protocols spanning-tree mstp msti 2 vlan 200
[edit]
XorPlus# set protocols spanning-tree mstp configuration-name region1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
To set ge-1/1/1 and ge-1/1/2 in forwarding status in MSTI-1, configure a lower value for internal-path-cost.
To set ge-1/1/1 in blocking status in MSTI-2, configure a higher value for internal-path-cost.
XorPlus# set protocols spanning-tree mstp msti 1 interface ge-1/1/1 cost 1000
[edit]
XorPlus# set protocols spanning-tree mstp msti 1 interface ge-1/1/2 cost 1000
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols spanning-tree mstp msti 2 interface ge-1/1/1 cost 100000
[edit]
XorPlus# commit
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 126
Layer2 Switching Configuration
Configuring Switch D
Configure ge-1/1/1~ge-1/1/2 as trunk ports, and as members of VLAN 100 and VLAN 200.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 127
Layer2 Switching Configuration
To set ge-1/1/1 in blocking status in MSTI-2 and ge-1/1/2 in blocking status in MSTI-1, configure a large value for
internal-path-cost.
XorPlus# set protocols spanning-tree mstp msti 2 interface ge-1/1/1 cost 10000000
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols spanning-tree mstp msti 1 interface ge-1/1/2 cost 10000000
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Configuring Switch E
Configure ge-1/1/1~ge-1/1/2 as trunk ports, and as members of VLAN 100 and VLAN 200.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 128
Layer2 Switching Configuration
To set ge-1/1/1 and ge-1/1/2 in forwarding status in MSTI-2, configure a lower value for internal-path-cost.
To set ge-1/1/2 in blocking status in MSTI-1, configure a large value for internal-path-cost.
XorPlus# set protocols spanning-tree mstp msti 2 interface ge-1/1/1 cost 1000
[edit]
XorPlus# set protocols spanning-tree mstp msti 2 interface ge-1/1/2 cost 1000
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols spanning-tree mstp msti 1 interface ge-1/1/2 cost 10000000
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
In the second example, there are two regions. In region 1, VLAN 100 is mapped to MSTI-1, VLAN 200 is mapped to
MSTI-2, and VLAN 300 is mapped to MSTI-3. In region 2, VLAN 200 is mapped to MSTI-2, and VLAN 400 is mapped
to MSTI-4. Switch A is the root of the entire network. The topologies of the VLANs are presented in Fig. 4-6 through 4-
10.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 129
Layer2 Switching Configuration
Switch A ROOT
Ge-1/1/1 Ge-1/1/2
Ge-1/1/1 Ge-1/1/1
Switch B Switch C
Ge-1/1/2 Ge-1/1/2
Ge-1/1/3 Ge-1/1/3
Region 1
Ge-1/1/1 Ge-1/1/1
Ge-1/1/3 Ge-1/1/3
Region 2
Ge-1/1/1 Ge-1/1/2
Switch B Switch C
Ge-1/1/2 Ge-1/1/2
Ge-1/1/3 Ge-1/1/3
Region 1
VLAN 100
Ge-1/1/1 Ge-1/1/1
VLAN 100
Switch D Ge-1/1/2 Ge-1/1/2 Switch E
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 130
Layer2 Switching Configuration
Switch A
Ge-1/1/1 Ge-1/1/2
VLAN 200
Ge-1/1/1 Ge-1/1/1
Regional Root
Switch B VLAN 200 Switch C
Ge-1/1/2 Ge-1/1/2
Ge-1/1/3 Ge-1/1/3
Region 1
VLAN 200
Ge-1/1/1 Ge-1/1/1
VLAN 200
Switch D Ge-1/1/2 Ge-1/1/2 Switch E
Switch A
Ge-1/1/1 Ge-1/1/2
VLAN 300
Ge-1/1/1 Ge-1/1/1 Regional
Root
Switch B VLAN 300 Switch C
Ge-1/1/2 Ge-1/1/2
Ge-1/1/3 Ge-1/1/3
Region 1
VLAN 300
Ge-1/1/1 Ge-1/1/1
VLAN 300
Switch D Ge-1/1/2 Ge-1/1/2 Switch E
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 131
Layer2 Switching Configuration
Ge-1/1/1 Ge-1/1/2
Switch B Switch C
Ge-1/1/2 Ge-1/1/2
Ge-1/1/3 Ge-1/1/3
Region 1
VLAN 400
Ge-1/1/1 Ge-1/1/1
VLAN 400
Switch D Ge-1/1/2 Ge-1/1/2 Switch E
Configuring Switch A
For Switch A, configure ge-1/1/1~ge-1/1/2 as trunk ports, and as members of VLAN 100, VLAN 200, VLAN 300, and
VLAN 400.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 132
Layer2 Switching Configuration
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 200
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 300
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 400
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set protocols spanning-tree mstp msti 1 vlan 100
[edit]
XorPlus# set protocols spanning-tree mstp msti 2 vlan 200
[edit]
XorPlus# set protocols spanning-tree mstp msti 3 vlan 300
[edit]
XorPlus# set protocols spanning-tree mstp configuration-name region1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
To verify that Switch A is the root of the network and the regional root of MSTI-1, configure it as the higher priority.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 133
Layer2 Switching Configuration
XorPlus#
Configuring Switch B
Configure ge-1/1/1~ge-1/1/3 as trunk ports, and as members of VLAN 100, VLAN 200, VLAN 300, and VLAN 400.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 134
Layer2 Switching Configuration
To verify that Switch B is the regional root of MSTI-2, and that ge-1/1/1 is in blocking status in MSTI-3 configure a
higher MSTI-2 priority, and a large value for internal-path-cost in MSTI-3.
Configuring Switch C
Configure ge-1/1/1~ge-1/1/3 as trunk ports, and as members of VLAN 100, VLAN 200, VLAN 300, and VLAN 400.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 135
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 136
Layer2 Switching Configuration
To verify that Switch C is the regional root of MSTI-3, ge-1/1/1 is in blocking status in MSTI-2, and that ge-1/1/2 is in
blocking status in MSTI-1, you should configure a higher MSTI-3 priority, and large values for internal-path-costs of ge-
1/1/1 in MSTI-2 and ge-1/1/2 in MSTI-1.
Configuring Switch D
Configure ge-1/1/1~ge-1/1/3 as trunk ports, and as members of VLAN 100, VLAN 200, VLAN 300, and VLAN 400.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 137
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 138
Layer2 Switching Configuration
[edit]
XorPlus#
To verify that Switch D is the regional root of MSTI-2 and the root of CIST, configure a higher MSTI-2 priority and
bridge priority.
Configuring Switch E
Configure ge-1/1/1~ge-1/1/3 as trunk ports, and as members of VLAN 100, VLAN 200, VLAN 300, and VLAN 400.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 139
Layer2 Switching Configuration
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 200
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 300
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 400
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 200
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 300
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 400
[edit]
XorPlus#
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set protocols spanning-tree mstp msti 2 vlan 200
[edit]
XorPlus# set protocols spanning-tree mstp msti 4 vlan 400
[edit]
XorPlus# set protocols spanning-tree mstp configuration-name region2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
To verify that Switch E is the regional root of MSTI-4, configure a higher MSTI-4 priority.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 140
Layer2 Switching Configuration
XorPlus#
Switch A Switch B
Ge-1/1/1 Ge-1/1/1
Ge-1/1/3 Permit: all VLAN Ge-1/1/3
Ge-1/1/2 Ge-1/1/2
Ge-1/1/1 Ge-1/1/1
Permit: VLAN 200, 400
Switch C Switch D
Configuring Switch A
For Switch A, configure ge-1/1/1~ge-1/1/3 as trunk ports, and ge-1/1/1 as a member of VLANs 100, 200, 300, and 400;
ge-1/1/2 as a member of VLANs 200 and 300; and ge-1/1/3 as a member of VLANs 100 and 200.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 141
Layer2 Switching Configuration
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching vlan members 300
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching vlan members 400
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 200
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching vlan members 300
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching port-mode trunk
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 200
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set protocols spanning-tree force-version 4
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
To verify that Switch A is the root bridge of VLANs 100 and 200, configure VLANs 100 and 200 as the higher priority.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 142
Layer2 Switching Configuration
Configuring Switch B
Configure ge-1/1/1~ge-1/1/3 as trunk ports, and ge-1/1/1 as a member of VLANs 100, 200, 300, and 400; ge-1/1/2 as
a member of VLANs 100 and 200; and ge-1/1/3 as a member of VLANs 200 and 300.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 143
Layer2 Switching Configuration
XorPlus#
To verify that Switch B is the root bridge of VLAN 300, configure VLAN 300 as the higher priority.
Configuring Switch C
Configure ge-1/1/1~ge-1/1/3 as trunk ports, and ge-1/1/1 as a member of VLANs 200 and 400,ge-1/1/2 as a member
of VLANs 100 and 200, and ge-1/1/3 as a member of VLANs 100 and 200.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 144
Layer2 Switching Configuration
[edit]
XorPlus#
XorPlus# set protocols spanning-tree force-version 4
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
To verify that Switch C is the root bridge of VLAN 400, configure VLAN 400 as the higher priority.
Configuring Switch D
Configure ge-1/1/1~ge-1/1/3 as trunk ports, and ge-1/1/1 as a member of VLANs 200 and 400, ge-1/1/2 as a member
of VLANs 200 and 300, and ge-1/1/3 as a member of VLANs 200 and 300.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 145
Layer2 Switching Configuration
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 200
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 300
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set protocols spanning-tree force-version 4
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
You can, however, configure the switch to be in burst mode for burst traffic, which will dynamically allocate the “cell”
and “packet” for each port and queue.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 146
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 147
Layer2 Switching Configuration
STP1 STP1
Customer A Customer B
Ge-1/1/1 Ge-1/1/1
Ge-1/1/2 Ge-1/1/2
Customer C Customer D
STP2 STP2
Configuration on Provider A
Configure VLAN 100 as the default VLAN of Gigabit Ethernet ge-1/1/1, and enable BPDU tunneling on Gigabit
Ethernet ge-1/1/1.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 148
Layer2 Switching Configuration
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching native-vlan-id 100
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching bpdu-tunneling
protocol stp
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Configure VLAN 200 as the default VLAN of Gigabit Ethernet ge-1/1/2, and enable BPDU tunneling on Gigabit
Ethernet ge-1/1/2.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 149
Layer2 Switching Configuration
Save done.
[edit]
Configuration on Provider B
Configure VLAN 100 as the default VLAN of Gigabit Ethernet ge-1/1/1, and enable BPDU tunneling on Gigabit
Ethernet ge-1/1/1.
Configure VLAN 200 as the default VLAN of Gigabit Ethernet ge-1/1/2, and enable BPDU tunneling on Gigabit
Ethernet ge-1/1/2.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 150
Layer2 Switching Configuration
Save done.
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 200
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching bpdu-tunneling
protocol stp
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 151
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 152
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 153
Layer2 Switching Configuration
XorPlus# commit
Commit OK.
Save done.
[edit]
XorPlus#
Interface ge-1/1/2
----------------------------------------
Udld enabled, aggressive mode
Current bidirectional state: undetermined
Current phase: linkdown
Message interval: 7s
Timeout interval: 5s
Interface ge-1/1/3
----------------------------------------
Udld enabled, aggressive mode
Current bidirectional state: undetermined
Current phase: linkdown
Message interval: 7s
Timeout interval: 5s
You can configure the RA guard policy using hop-limit, managed-config-flag, other-config-flag, prefix, source-ipv6-
addr, and source-mac-addr options.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 154
Layer2 Switching Configuration
Configuring “trusted-port”
You can apply the RA guard to physical interfaces, LAGs, or VLANs; no more than one RA guard can be applied to
one interface. The RAs will be forwarded only if all conditions are matched, but if “trusted-port” has been configured for
the RA guard, then RAs will be forwarded on the trusted port regardless.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 155
Layer2 Switching Configuration
Commit OK.
Save done.
[edit]
XorPlus# set protocols neighbour ra-guard term 2 vlan-id 3
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Displaying RA guards
Raguard: 2
vlan : 3
packet dropped: 0
packet total : 0
trusted port:
ge-1/1/1
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 156
Layer2 Switching Configuration
Command List
delete interface aggregate-balancing hash-mapping field ethernet-destination-address disable
delete interface aggregate-balancing hash-mapping field ethernet-source-address disable
delete interface aggregate-balancing hash-mapping field ethernet-type disable
delete interface aggregate-balancing hash-mapping field ingress-interface disable
delete interface aggregate-balancing hash-mapping field ip-destination disable
delete interface aggregate-balancing hash-mapping field ip-protocol disable
delete interface aggregate-balancing hash-mapping field ip-source disable
delete interface aggregate-balancing hash-mapping field port-destination disable
delete interface aggregate-balancing hash-mapping field port-source disable
delete interface aggregate-balancing hash-mapping field vlan disable
delete interface cut-through-mode
delete interface gigabit-ethernet <port> description
delete interface gigabit-ethernet <port> disable
delete interface gigabit-ethernet <port> mtu
delete interface gigabit-ethernet <port> power-preemphasis-level
delete interface gigabit-ethernet <port> snmp-trap
delete interface gigabit-ethernet <port> speed
delete protocols lacp priority
delete protocols spanning-tree enable
delete protocols spanning-tree force-version
delete vlans vlan-id <int> description
delete vlans vlan-id <int> l3-interface
delete vlans vlan-id <int> vlan-name
request mstp mcheck
run clear ethernet-switching table all
run clear ethernet-switching table <port>
run clear interface statistics all
run clear interface statistics <port>
run clear lacp statistics gigabit-ethernet <port>
run clear spanning-tree statistics <port>
run show analyzer
run show ethernet-switching interfaces brief
run show ethernet-switching interfaces detail
run show ethernet-switching interfaces <port> brief
run show ethernet-switching interfaces <port> detail
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 157
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 158
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 159
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 160
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 161
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 162
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 163
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 164
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 165
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 166
Layer2 Switching Configuration
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 167
Layer3 Routing Configuratio
● You can configure the IP address and prefix length for the VLAN interface.
● When all the member ports in the VLAN are link-down, the VLAN interface will be link-down. The VLAN interface
will be link-up when at least one of the member ports are link-up.
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 168
Layer 3 Routing Configuratio
vlan-2 Hwaddr C8:0A:A9:9E:14:9F, Vlan:2, State:DOWN
Inet addr: 192.168.1.1/24
fe80::ca0a:a9ff:fe9e:149f/64
Traffic statistics:
IPv4 Input Packets............................0
IPv4 Forwarding Packets.......................0
IPv6 Input Packets............................0
IPv6 Forwarding Packets.......................0
XorPlus#
ARP Configuration
(1) Configuring ARP aging time
In the default setting, the ARP aging time is 1200 seconds.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 169
Layer 3 Routing Configuratio
Commit OK.
Save done.
[edit]
XorPlus#set protocols arp interface vlan-2 address 192.168.1.1 mac-address 22:22:22:22:22:22
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 170
Layer 3 Routing Configuratio
DHCP
Server
Te-1/1/50
Switch
Te-1/1/52
Host
Figure-DAI
(1). Step 1: Eable DHCP snooping on Switch
You can enable dhcp snooping on the egress port, the port connected to DHCP Server
Enable dhcp snooping
XorPlus# set protocols dhcp snooping disable false
[edit]
XorPlus# commit
Commit OK.
Save done.
[edit]
XorPlus#
Set the interface to trust mode
XorPlus# set protocols dhcp snooping port te-1/1/50 trust true
[edit]
XorPlus# commit
Commit OK.
Save done.
[edit]
XorPlus#
(2). Step 2: enable DAI
You can enable DAI on the port connect to the host
XorPlus# set protocols arp interface vlan-900 inspection disable false
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
(3). Step 3: Check arp inspection table
When the host got an ip address from the DHCP server and the switch have enabled dhcp snooping, it will created a
table, IP-MAC-port binded table , the entry in this table was trusted ,all other ARP packet will be discarded not in this
table(The arp packet must be according with the arp inspection table, interface . ip address .Mac address must be
identified )
XorPlus# run show arp inspection
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 171
Layer 3 Routing Configuratio
Total count : 1
Interface DAI Address HW Address
--------- -------- --------------- -----------------
vlan-900 Enabled 192.168.9.5 0:1e:c9:bb:d3:35
● Traffic that can be routed will have a route entry in the RIB and the ARP of the next hop; the outgoing interface
should be link-up. The traffic will then be soft-routed (i.e., routed by the switch’s CPU).
● When the switch learns the MAC address of the next-hop, the switch will forward the traffic with the ASIC chip.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 172
Layer 3 Routing Configuratio
192.168.1.0/24 [connected(0)/0]
> via vlan-2/vlan-2
192.168.2.0/24 [connected(0)/0]
> via vlan-3/vlan-3
XorPlus#
XorPlus# run show route forward-route ipv4 all
Destination NetMask NextHopMac Port
--------------- --------------- ----------------- ---------
10.10.1.0 255.255.255.0 00:1E:68:37:EF:7D ge-1/1/2
192.168.1.0 255.255.255.0 C8:0A:A9:04:49:28 connected
192.168.2.0 255.255.255.0 C8:0A:A9:04:49:28 connected
With the show route forward-routeipv4 all command, all the route entries in the ASIC chip will be displayed.
Following the show route table ipv4 unicast final command, all routes in the RIB of the kernel will be displayed.
●Host A and Host B should be able to communicate with the gateway (e.g., access Internet).
Gateway
10.10.5.1/24
ge-1/1/3 10.10.5.2/24
10.10.3.2/24 10.10.4.2/24
ge-1/1/1 ge-1/1/2
Switch C
10.10.6.1/24 10.10.6.2/24
10.10.1.1/24 10.10.2.1/24
Host A ge-1/1/3 ge-1/1/3 Host B
ge-1/1/1 Switch A Switch B ge-1/1/1
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 173
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 174
Layer 3 Routing Configuratio
XorPlus# run show route table ipv4 unicast final
0.0.0.0/0 [static(1)/1]
> to 10.10.3.2 via vlan-3/vlan-3
10.10.2.0/24[static(1)/1]
> to 10.10.6.2 via vlan-4/vlan-4
10.10.1.0/24 [connected(0)/0]
> via vlan-2/vlan-2
10.10.3.0/24 [connected(0)/0]
> via vlan-3/vlan-3
10.10.6.0/24 [connected(0)/0]
> via vlan-4/vlan-4
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 175
Layer 3 Routing Configuratio
XorPlus# set protocols static route 10.10.1.0/24 next-hop 10.10.6.1
[edit]
XorPlus# set protocols static route 0.0.0.0/0 next-hop 10.10.4.2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 176
Layer 3 Routing Configuratio
XorPlus# set vlans vlan-id 4 l3-interface vlan-4
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 10.10.3.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.4.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-4vif vlan-4 address 10.10.5.2 prefix-length 24
[edit]
XorPlus# set protocols static route 10.10.1.0/24 next-hop 10.10.3.1
[edit]
XorPlus# set protocols static route 10.10.2.0/24 next-hop 10.10.4.1
[edit]
XorPlus# set protocols static route 10.10.6.0/24 next-hop 10.10.3.1
[edit]
XorPlus# set protocols static route 0.0.0.0/0 next-hop 10.10.5.1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 177
Layer 3 Routing Configuratio
● A policy statement is used to specify which route entry will be distributed. For example, you can
distribute the static route or the connected route to a neighbor. You can also specify the distributed
route metric.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 178
Layer 3 Routing Configuratio
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols rip interface vlan-2vif vlan-2 address 192.168.1.1
[edit]
XorPlus# set protocols rip export "connected-to-rip,static-to-rip"
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Counter Value
-------------------------------- ----------------
Requests Sent 7
Updates Sent 6
Triggered Updates Sent 1
Non-RIP Updates Sent 0
Total Packets Received 0
Request Packets Received 0
Update Packets Received 0
Bad Packets Received 0
Authentication Failures 0
Bad Routes Received 0
Non-RIP Requests Received 0
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 179
Layer 3 Routing Configuratio
● Host A and Host B should be able to communicate with each other with an RIP route.
● Host A and Host B should be able to communicate with the gateway (e.g., access Internet) with RIP.
Gateway
10.10.5.1/24
ge-1/1/3 10.10.5.2/24
10.10.3.2/24 10.10.4.2/24
ge-1/1/1 ge-1/1/2
Switch C
10.10.1.1/24 10.10.2.1/24
Host A Host B
ge-1/1/1 Switch A Switch B ge-1/1/1
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 180
Layer 3 Routing Configuratio
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 10.10.1.1 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.3.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set policy policy-statement connected-to-rip term export from protocol connected
[edit]
XorPlus# set policy policy-statement connected-to-rip term export then metric 0
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols rip interface vlan-3 address 10.10.3.1
[edit]
XorPlus# set protocols rip export "connected-to-rip"
[edit]
XorPlus# set protocols rip interface vlan-3vif vlan-3 address 10.10.3.1 accept-default-route true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 181
Layer 3 Routing Configuratio
XorPlus# set vlans vlan-id 3 l3-interface vlan-3
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 10.10.2.1 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-2 address 10.10.4.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set policy policy-statement connected-to-rip term export from protocol connected
[edit]
XorPlus# set policy policy-statement connected-to-rip term export then metric 0
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols rip interface vlan-3vif vlan-3 address 10.10.4.1
[edit]
XorPlus# set protocols rip export "connected-to-rip"
[edit]
XorPlus# set protocols rip interface vlan-3vif vlan-3 address 10.10.4.1 accept-default-route true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 182
Layer 3 Routing Configuratio
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching native-vlan-id 4
[edit]
XorPlus# set vlans vlan-id 2 l3-interface vlan-2
[edit]
XorPlus# set vlans vlan-id 3 l3-interface vlan-3
[edit]
XorPlus# set vlans vlan-id 4 l3-interface vlan-4
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 10.10.3.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.4.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-4vif vlan-4 address 10.10.5.2 prefix-length 24
[edit]
XorPlus# set protocols static route 0.0.0.0/0 next-hop 10.10.5.1
[edit]
XorPlus# set protocols rip interface vlan-2vif vlan-2 address 10.10.3.2
[edit]
XorPlus# set protocols rip interface vlan-2vif vlan-2 address 10.10.3.2 advertise-default-route true
[edit]
XorPlus# set protocols rip interface vlan-3vif vlan-3 address 10.10.4.2
[edit]
XorPlus# set protocols rip interface vlan-3vif vlan-3 address 10.10.4.2 advertise-default-route true
[edit]
XorPlus# set protocols rip export "connected-to-rip"
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 183
Layer 3 Routing Configuratio
XorPlus#
XorPlus# run show route table ipv4 unicast rip
0.0.0.0/0[rip(120)/1]
> to 10.10.3.2 via vlan-3/vlan-3
10.10.2.0/24 [rip(120)/1]
> to 10.10.3.2 via vlan-3/vlan-3
10.10.4.0/24 [rip(120)/1]
> to 10.10.3.2 via vlan-3/vlan-3
●XorPlus supports normal areas, stub areas, and not-so-stubby areas (NSSAs) in OSPF.
The router ID is a string similar to the IP address, and should be unique in the OSPF domain. You should not change
the router ID after completing the configuration.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 184
Layer 3 Routing Configuratio
XorPlus#
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-2vif vlan-2 address 10.10.60.10hello-interval 5
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-2vif vlan-2 address 10.10.60.10interface-cost 8
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-2vif vlan-2 address 10.10.60.10transmit-delay 2
[edit]
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 185
Layer 3 Routing Configuratio
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# run show ospf4 interface detail
Interface vlan-2/vlan-2, State DR, Area 0.0.0.0
DR ID 1.1.1.1, BDR ID 0.0.0.0, Nbrs 0
Network Type BROADCAST, Address 10.10.60.10, Mask 255.255.255.0, Cost 8
DR addr 10.10.60.10, BDR addr 0.0.0.0, Priority 128
Hello 10, Dead 40, ReXmit 5, NORMAL
● Switch D will obtain the routes of networks 10.10.1.0/24, 10.10.3.0/24, and 10.10.9.0/24,through the
LSAs sent from its neighbors. Switch C will obtain the routes of networks 10.10.1.0/24, 10.10.2.0/24, and
10.10.8.0/24, according to LSAs sent from its neighbors.
Ge-1/1/1 Ge-1/1/1
10.10.1.1/24 10.10.1.2/24 Switch B
Switch A Area
0.0.0.0
Ge-1/1/2 Ge-1/1/2
10.10.2.1/24 10.10.3.1/24
Area Area
0.0.0.1 0.0.0.2
Ge-1/1/1 Ge-1/1/1
10.10.2.2/24 10.10.3.2/24
Switch D Switch C
Ge-1/1/2 Ge-1/1/2
10.10.8.1/24 Host A Host B 10.10.9.1/24
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 186
Layer 3 Routing Configuratio
For switch A, configure 2 VLAN interfaces for networks 10.10.1.1/24 and 10.10.2.1/24. You should also configure area
0.0.0.0, which includes network 10.10.1.1/24, and area 0.0.0.1, which includes network 10.10.2.1/24.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 187
Layer 3 Routing Configuratio
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 3
[edit]
XorPlus# set vlans vlan-id 2 l3-interface vlan-2
[edit]
XorPlus# set vlans vlan-id 3 l3-interface vlan-3
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 10.10.1.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.3.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols ospf4 router-id 2.2.2.2
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-2vif vlan-2 address 10.10.1.2
[edit]
XorPlus# set protocols ospf4 area 0.0.0.2 interface vlan-3vif vlan-3 address 10.10.3.1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 188
Layer 3 Routing Configuratio
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.9.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols ospf4 router-id 3.3.3.3
[edit]
XorPlus# set protocols ospf4 area 0.0.0.2 interface vlan-2vif vlan-2 address 10.10.3.2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 189
Layer 3 Routing Configuratio
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Below, switch A has two OSPF neighbor interfaces, 10.10.1.2 and 10.10.2.2.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 190
Layer 3 Routing Configuratio
Network 10.10.8.1 4.4.4.4 0x80000180 394 0x2 0xc0b9 32
Finally, you can check the OSPF route in the RIB of switch A.
XorPlus#
XorPlus# run show route table ipv4 unicast osfp
10.10.3.0/24 [ospf(110)/2]
> to 10.10.1.2 via vlan-2/vlan-2
● Switch D will obtain the routes of networks 10.10.1.0/24, 10.10.3.0/24, and 10.10.9.0/24, according to the
LSAs received from its neighbors. Switch C will obtain the routes of networks 10.10.1.0/24, 10.10.2.0/24,
and10.10.8.0/24, according to the LSAs received from its neighbors.
Ge-1/1/1 Ge-1/1/1
10.10.1.1/24 10.10.1.2/24 Switch B
Switch A Area
0.0.0.0
Ge-1/1/2 Ge-1/1/2
10.10.2.1/24 10.10.3.1/24
Stub
Area NSSA
Area
0.0.0.1 Internet 0.0.0.2
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 191
Layer 3 Routing Configuratio
[edit]
XorPlus# set vlans vlan-id 3
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching native-vlan-id 2
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 3
[edit]
XorPlus# set vlans vlan-id 2 l3-interface vlan-2
[edit]
XorPlus# set vlans vlan-id 3 l3-interface vlan-3
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 10.10.1.1 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.2.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols ospf4 router-id 1.1.1.1
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-2vif vlan-2 address 10.10.1.1
[edit]
XorPlus# set protocols ospf4 area 0.0.0.1 interface vlan-3vif vlan-3 address 10.10.2.1
[edit]
XorPlus# set protocols ospf4 area 0.0.0.1 area-type nssa
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 192
Layer 3 Routing Configuratio
XorPlus# set vlans vlan-id 2 l3-interface vlan-2
[edit]
XorPlus# set vlans vlan-id 3 l3-interface vlan-3
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 10.10.1.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.3.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols ospf4 router-id 2.2.2.2
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-2vif vlan-2 address 10.10.1.2
[edit]
XorPlus# set protocols ospf4 area 0.0.0.2 interface vlan-3vif vlan-3 address 10.10.3.1
[edit]
XorPlus# set protocols ospf4 area 0.0.0.2area-type stub
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 193
Layer 3 Routing Configuratio
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols ospf4 router-id 3.3.3.3
[edit]
XorPlus# set protocols ospf4 area 0.0.0.2 interface vlan-2vif vlan-2 address 10.10.3.2
[edit]
XorPlus# set protocols ospf4 area 0.0.0.2area-type stub
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 194
Layer 3 Routing Configuratio
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols ospf4 router-id 4.4.4.4
[edit]
XorPlus# set protocols ospf4 area 0.0.0.1 interface vlan-2vif vlan-2 address 10.10.2.2
[edit]
XorPlus# set protocols ospf4 area 0.0.0.1 area-type nssa
[edit]
XorPlus# set protocols ospf4 export rip-ospf
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Area Area
0.0.0.0 1.1.1.1
Figure 5-5. OSPF Stub area/NSSA summary: area 1.1.1.1 should be a stub area or an NSSA.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 195
Layer 3 Routing Configuratio
[edit]
XorPlus# set protocols ospf4 router-id 1.1.1.1
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-500 vif vlan-500 address 192.168.1.2
[edit]
XorPlus# commit
[edit]
Waiting for merging configuration.
Commit OK.
Save Done.
[edit]
XorPlus#
● The two endpoints of a virtual link are Area Border Routers (ARBs). The virtual link must be configured in both
routers. The configuration information in each router consists of the other virtual endpoint (the other ARB), and
the non-backbone area that the two routers have in common (called the transit area). Virtual links cannot be
configured through stub areas.
● Enable OSPF on Switch A, B, C, and D at the beginning. There is no route entry from the backbone area
(0.0.0.0) to area 2.2.2.2.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 196
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 197
Layer 3 Routing Configuratio
Waiting for merging configuration.
Commit OK.
Save Done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 198
Layer 3 Routing Configuratio
[edit]
XorPlus#commit
[edit]
Waiting for merging configuration.
Commit OK.
Save Done.
[edit]
XorPlus#
Enable virtual links on the Area Border Routers (Switch B and Switch C). After this step, there will be a
route entry from the backbone area, 0.0.0.0, to area 2.2.2.2.
XorPlus# set protocols ospf6 area 0.0.0.0 virtual-link 3.3.3.3 transmit-area 1.1.1.1
XorPlus#commit
[edit]
Waiting for merging configuration.
Commit OK.
Save Done.
[edit]
XorPlus#
XorPlus# set protocols ospf6 area 0.0.0.0 virtual-link 4.4.4.4 transmit-area 1.1.1.1
XorPlus#commit
[edit]
Waiting for merging configuration.
Commit OK.
Save Done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 199
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 200
Layer 3 Routing Configuratio
XorPlus# set protocols ospf4 area 1.1.1.1 area-type <normal | stub | nssa>
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
# Check route table on DUT3,there will be route entry to backbone area 192.168.1.0/30
XorPlus# run show route forward-route ipv4 all
Destination NetMask NextHopMac Port
--------------- --------------- ----------------- ---------
172.25.150.248 255.255.255.252 08:9E:01:62:D5:61 connected
192.168.1.0 255.255.255. 252 60:EB:69:9B:BE:31 te-1/1/51
Total route count:2
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 201
Layer 3 Routing Configuratio
● You can use the “advertise disable” parameter to restrain ABR route aggregation. The ABR will generate route
aggregation by default after you configure area-range, and the packet is routed to the best (the longest or most
specific) match.
Area Area
0.0.0.0 1.1.1.1
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 202
Layer 3 Routing Configuratio
XorPlus# set vlan-interface interface vlan-500 vif vlan-500 address 192.168.1.1 prefix-length 30
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/49 family ethernet-switching native-vlan-id 500
[edit]
XorPlus# set protocols ospf4 router-id 4.4.4.4
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-100 vif vlan-500 address 192.168.1.1
[edit]
XorPlus# set vlans vlan-id 400 l3-interface vlan-400
[edit]
XorPlus# set vlan-interface interface vlan-400 vif vlan-400 address 172.25.150.250 prefix-length 30
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/49 family ethernet-switching native-vlan-id 400
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-400 vif vlan-400 address 172.25.150.250
[edit]
XorPlus#commit
[edit]
Waiting for merging configuration.
Commit OK.
Save Done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 203
Layer 3 Routing Configuratio
XorPlus# set protocols ospf4 area 0.0.0.0 area-range 192.168.1.0/24 advertise true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 204
Layer 3 Routing Configuratio
XorPlus# set vlan-interface interface vlan-500 vif vlan-500 address 192.168.1.2 prefix-length 30
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/47 family ethernet-switching native-vlan-id 500
[edit]
XorPlus# set protocols ospf4 router-id 1.1.1.1
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan-500 vif vlan-500 address 192.168.1.2
[edit]
XorPlus#commit
[edit]
Waiting for merging configuration.
Commit OK.
Save Done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 205
Layer 3 Routing Configuratio
XorPlus# set vlans vlan-id 300 l3-interface vlan-300
[edit]
XorPlus# set vlan-interface interface vlan-300 vif vlan-300 address 172.25.150.246 prefix-length 30
[edit]
XorPlus# set vlans vlan-id 400 l3-interface vlan-400
[edit]
XorPlus# set vlan-interface interface vlan-400 vif vlan-400 address 172.25.150.249 prefix-length 30
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/49 family ethernet-switching native-vlan-id 300
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/51 family ethernet-switching native-vlan-id 400
[edit]
XorPlus# set protocols ospf4 router-id 3.3.3.3
[edit]
XorPlus# set protocols ospf4 area 2.2.2.2 interface vlan-300 vif vlan-300 address 172.25.150.246
[edit]
XorPlus# set protocols ospf4 area 1.1.1.1 interface vlan-400 vif vlan-400 address 172.25.150.249
[edit]
XorPlus#commit
[edit]
Waiting for merging configuration.
Commit OK.
Save Done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 206
Layer 3 Routing Configuratio
[edit]
XorPlus#
# Using policy on ospf
XorPlus# set protocols ospf4 export static
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
# Check route table on Switch A , there will be route entry 192.168.6.0/24
XorPlus# run show route forward-route ipv4 all
Destination NetMask NextHopMac Port
--------------- --------------- ----------------- ---------
192.168.1.0 255.255.255.252 C8:0A:A9:AE:0A:66 connected
172.25.150.248 255.255.255.252 60:EB:69:9B:BE:31 te-1/1/47
192.168.6.0 255.255.255.0 60:EB:69:9B:BE:31 te-1/1/47
Total route count:3
The BFD will send protocol messages initiatively in active mode, and passively in passive mode.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 207
Layer 3 Routing Configuratio
Detect-multiplier: a detection timeout multiple, it is used in calculating detection timeout time by the detector; min-
receive-interval: the minimum sending interval of the BFD packet supported by the local side; min-transmit-interval: the
minimum receiving interval of the BFD packet supported by the local side.
XorPlus# set protocols ospf4 area 1.1.1.1 interface vlan-25 vif vlan-25 address 125.125.25.6 bfd disable
false
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set protocols ospf6 area 1.1.1.1 interface vlan-23 vif vlan-23 bfd disable false
[edit]
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 208
Layer 3 Routing Configuratio
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 209
Layer 3 Routing Configuratio
XorPlus# set protocols static route 201.201.20.0/24 qualified-next-hop 115.115.15.1 metric 1
[edit]
XorPlus# commit
Commit OK.
Save done.
[edit]
XorPlus#
Switch A Switch B
123.123.10.1/24 123.123.10.6/24
Area
0.0.0.0
Ge-1/1/1 Ge-1/1/1
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 210
Layer 3 Routing Configuratio
Save done.
[edit]
XorPlus# set protocols ospf4 router-id 1.1.1.1
[edit]
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan10 vif vlan10 address 123.123.10.1 bfd disable false
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols bfd interface vlan10 disable false
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 211
Layer 3 Routing Configuratio
Save done.
[edit]
XorPlus# set protocols bfd interface vlan-10 disable false
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
Switch A Switch B
123.123.10.1/24 123.123.10.6/24
Ge-1/1/1 Ge-1/1/1
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 212
Layer 3 Routing Configuratio
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching native-vlan-id 10
[edit]
XorPlus# set vlan-interface interface vlan10 vif vlan10 address 123.123.10.1 prefix-length 24
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols static route 200.200.10.0/24 next-hop 123.123.10.6
[edit]
XorPlus# set protocols static route 200.200.10.0/24 bfd true
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols bfd interface vlan10 disable false
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 213
Layer 3 Routing Configuratio
XorPlus# set protocols static route 178.178.10.0/24 bfd true
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols bfd interface vlan-10 disable false
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 214
Layer 3 Routing Configuratio
The local AS (autonomous system) should be configured first when you configure BGP.
The AS_Path attribute records all the AS’s that a route passes through from the source to the destination, following the
order of vectors.
To establish point-to-point connections between peer autonomous systems, configure a BGP session on each
interface of a point-to-point link. Generally, such sessions are made at network exit points with neighboring hosts
outside the AS.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 215
Layer 3 Routing Configuratio
XorPlus# set protocols bgp peer 192.168.49.1 local-ip 192.168.49.2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 216
Layer 3 Routing Configuratio
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols bgp peer 192.168.49.1 export send-network
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
● To enable the IBGP peer to use this route to guide traffic forwarding, configure the ASBR to set its IP address as
the next hop of the route when the ASBR forwards this route to the IBGP peer. After the IBGP peer receives this
route from the ASBR, it finds the next hop of the route reachable, sets the route to active, and uses this route to
guide traffic forwarding.
● When a BGP route changes, BGP needs to iterate the indirect next hop of the route again. If no restriction is
imposed on the iterated route, BGP may iterate the next hop to an incorrect forwarding path, causing traffic loss.
Configure routing policy-based route iteration to prevent traffic loss.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 217
Layer 3 Routing Configuratio
● To ensure the connectivity between IBGP peers within an AS, you need to establish fullmesh connections between
the IBGP peers. When there are many IBGP peers, it is costly to establish a fullymeshed network. A route reflector
(RR) can solve this problem.
● A cluster ID can help prevent routing loops between multiple RRs within a cluster, and between clusters. When a
cluster has multiple RRs, the same cluster ID must be configured for all RRs within the cluster.
● If full-mesh IBGP connections are established between clients of multiple RRs, route reflection between clients is
not required and wastes bandwidth resources. In this case, prohibit route reflection between clients to reduce the
network burden.
● Within an AS, an RR transmits routing information and forwards traffic. When an RR connects to a large number of
clients and non-clients, many CPU resources are consumed if the RR transmits routing information and forwards
traffic simultaneously. This also reduces route transmission efficiency. To improve route transmission efficiency,
prohibit BGP from adding preferred routes to IP routing tables on the RR, enabling the RR to only transmit routing
information.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 218
Layer 3 Routing Configuratio
reduce the number of IBGP connections, simplify routing policy management, and improve route advertisement
efficiency.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 219
Layer 3 Routing Configuratio
XorPlus# set protocols bgp peer 192.168.11.10 md5-password pica8
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 220
Layer 3 Routing Configuratio
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 221
Layer 3 Routing Configuratio
BGP will not load balance across multiple paths by default. This is acceptable if you are multi-homed to a single AS,
but what if you are multi-homed to different AS path? In that case, you cannot load balance across theoretically equal
paths. Enter the BGP multipath path-relax command:
Ge-1/1/3 Vlan30
192.168.30.1/24 Ge-1/1/5 Vlan50
Ge-1/1/2 Vlan20 192.168.50.1/24
192.168.20.2/24
Ge-1/1/2 Vlan20
192.168.20.1/24
SwitchA SwitchB
Ge-1/1/4 Vlan40 Ge-1/1/5 Vlan50
192.168.40.1/24 192.168.50.2/24
Ge-1/1/4 Vlan40
192.168.40.2/24
SwitchC
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 222
Layer 3 Routing Configuratio
Figure 5-9. BGP configuration.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 223
Layer 3 Routing Configuratio
XorPlus# set protocols bgp peer 192.168.20.2 as 200
[edit]
XorPlus# set protocols bgp peer 192.168.20.2 local-ip 192.168.20.1
[edit]
XorPlus# set protocols bgp peer 192.168.20.2 next-hop-self true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 224
Layer 3 Routing Configuratio
[edit]
XorPlus# set vlan-interface interface 40 vif 40 address 192.168.40.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 225
Layer 3 Routing Configuratio
XorPlus# set vlans vlan-id 50 l3-interface 50
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/4 family ethernet-switching native-vlan-id 40
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/5 family ethernet-switching native-vlan-id 50
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 226
Layer 3 Routing Configuratio
[edit]
XorPlus# set protocols bgp peer 192.168.50.1 next-hop-self true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 227
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 228
Layer 3 Routing Configuratio
Peer ID: 4.4.4.4
Peer State: ESTABLISHED
Admin State: START
Negotiated BGP Version: 4
Peer AS Number: 100
Updates Received: 20, Updates Sent: 2
Messages Received: 634, Messages Sent: 611
Time since last received update: 1685 seconds
Number of transitions to ESTABLISHED: 1
Time since last entering ESTABLISHED state: 15995 seconds
Retry Interval: 120 seconds
Hold Time: 90 seconds, Keep Alive Time: 30 seconds
Configured Hold Time: 90 seconds, Configured Keep Alive Time: 30 seconds
Minimum AS Origination Interval: 0 seconds
Minimum Route Advertisement Interval: 0 seconds
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 229
Layer 3 Routing Configuratio
[edit]
XorPlus#
XorPlus# set protocols bgp export direct-to-bgp
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
The preceding command output display that the route to destination 192.168.10.0/24 becomes invalid because the
next hop address of this route is unreachable.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 230
Layer 3 Routing Configuratio
[edit]
XorPlus#
XorPlus# set protocols bgp export direct-to-bgp
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 231
Layer 3 Routing Configuratio
●Configure Switch B, Switch C, and Switch D to have IBGP connections. Between Switch A and Switch B should
be an EBGP connection.
SwitchD
Ge-1/1/1 Vlan10
192.168.10.1/24
Ge-1/1/5 Vlan50
Ge-1/1/2 Vlan20 192.168.50.1/24
192.168.20.2/24
Ge-1/1/2 Vlan20
192.168.20.1/24
SwitchA SwitchB
Ge-1/1/4 Vlan40 Ge-1/1/5 Vlan50
192.168.40.1/24 192.168.50.2/24
Ge-1/1/4 Vlan40
192.168.40.2/24
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 232
Layer 3 Routing Configuratio
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 233
Layer 3 Routing Configuratio
[edit]
XorPlus#
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 20
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/4 family ethernet-switching native-vlan-id 40
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 234
Layer 3 Routing Configuratio
[edit]
XorPlus# set protocols bgp peer 192.168.20.1 local-ip 192.168.20.2
[edit]
XorPlus# set protocols bgp peer 192.168.20.1 next-hop-self true
[edit]
XorPlus# set protocols bgp peer 192.168.40.2 as 200
[edit]
XorPlus# set protocols bgp peer 192.168.40.2 local-ip 192.168.40.1
[edit]
XorPlus# set protocols bgp peer 192.168.40.2 next-hop-self true
XorPlus# set protocols bgp export p2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 235
Layer 3 Routing Configuratio
XorPlus# set vlan-interface interface 50 vif 50 address 192.168.50.2 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 236
Layer 3 Routing Configuratio
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 237
Layer 3 Routing Configuratio
[edit]
XorPlus# set protocols bgp peer 192.168.30.1 as 200
[edit]
XorPlus# set protocols bgp peer 192.168.30.1 local-ip 192.168.30.2
[edit]
XorPlus# set protocols bgp peer 192.168.30.1next-hop-self true
[edit]
XorPlus# set protocols bgp peer 192.168.50.2 as 200
[edit]
XorPlus# set protocols bgp peer 192.168.50.2 local-ip 192.168.50.1
[edit]
XorPlus# set protocols bgp peer 192.168.50.2 next-hop-self true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 238
Layer 3 Routing Configuratio
●Configure BGP confederation members Switch A, Switch B, Switch C, and Switch D. Between Switch A and
Switch D is an EBGP connection within AS 200.
AS200
AS65011
SwitchD
Ge-1/1/6 Vlan60
192.168.60.1/24 Ge-1/0/3 Vlan30
192.168.30.1/24 Ge-1/1/5 Vlan50
192.168.50.1/24
Ge-1/1/2 Vlan20
192.168.20.2/24
Ge-1/1/2 Vlan20
192.168.20.1/24
SwitchE SwitchA
Ge-1/1/4 Vlan40 Ge-1/1/5 Vlan50
192.168.40.1/24 192.168.50.2/24
Ge-1/1/4 Vlan40
192.168.40.2/24
SwitchB AS65010
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 239
Layer 3 Routing Configuratio
XorPlus# set vlans vlan-id 40 l3-interface 40
[edit]
XorPlus# set vlans vlan-id 60 l3-interface 60
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 20
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching native-vlan-id 30
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/4 family ethernet-switching native-vlan-id 40
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/6 family ethernet-switching native-vlan-id 60
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 240
Layer 3 Routing Configuratio
[edit]
XorPlus# protocols bgp confederation identifier 200
[edit]
XorPlus# protocols bgp confederation disable false
[edit]
XorPlus# set protocols bgp peer 192.168.30.2 as 65010
[edit]
XorPlus# set protocols bgp peer 192.168.30.2 local-ip 192.168.30.1
[edit]
XorPlus# set protocols bgp peer 192.168.30.2 next-hop-self true
[edit]
XorPlus# set protocols bgp peer 192.168.30.2 confederation-member true
[edit]
XorPlus# set protocols bgp peer 192.168.40.2 as 65010
[edit]
XorPlus# set protocols bgp peer 192.168.40.2 local-ip 192.168.40.1
[edit]
XorPlus# set protocols bgp peer 192.168.40.2 next-hop-self true
[edit]
XorPlus# set protocols bgp peer 192.168.40.2 confederation-member true
[edit]
XorPlus# set protocols bgp peer 192.168.60.2 as 65011
[edit]
XorPlus# set protocols bgp peer 192.168.60.2 local-ip 192.168.60.1
[edit]
XorPlus# set protocols bgp peer 192.168.60.2 next-hop-self true
[edit]
XorPlus# set protocols bgp peer 192.168.60.2 confederation-member true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 241
Layer 3 Routing Configuratio
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 242
Layer 3 Routing Configuratio
[edit]
XorPlus# protocols bgp confederation identifier 200
[edit]
XorPlus# protocols bgp confederation disable false
[edit]
XorPlus# set protocols bgp peer 192.168.40.1 as 65010
[edit]
XorPlus# set protocols bgp peer 192.168.40.1 local-ip 192.168.40.2
[edit]
XorPlus# set protocols bgp peer 192.168.40.1 next-hop-self true
[edit]
XorPlus# set protocols bgp peer 192.168.40.1 confederation-member true
[edit]
XorPlus# set protocols bgp peer 192.168.50.1 as 65010
[edit]
XorPlus# set protocols bgp peer 192.168.50.1 local-ip 192.168.50.2
[edit]
XorPlus# set protocols bgp peer 192.168.50.1 next-hop-self true
[edit]
XorPlus# set protocols bgp peer 192.168.50.1 confederation-member true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 243
Layer 3 Routing Configuratio
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 244
Layer 3 Routing Configuratio
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 245
Layer 3 Routing Configuratio
XorPlus# set protocols bgp peer 192.168.60.2 as 65010
[edit]
XorPlus# set protocols bgp peer 192.168.60.2 local-ip 192.168.60.1
[edit]
XorPlus# set protocols bgp peer 192.168.60.2 next-hop-self true
[edit]
XorPlus# set protocols bgp peer 192.168.60.2 confederation-member true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 246
Layer 3 Routing Configuratio
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 247
Layer 3 Routing Configuratio
Nexthop: 192.168.30.2
Local Preference: 100
● Configure EBGP connections between Switch B and Switch A, and between Switch B and Switch D.
● Configure EBGP connections between Switch C and Switch A, and between Switch C and Switch D.
SwitchB
Ge-1/1/1 Vlan30 Ge-1/1/2 Vlan20
192.168.30.2/24 192.168.20.2/24
Ge-1/1/1 Vlan30
192.168.30.1/24 Ge-1/1/2 Vlan20
AS200 192.168.20.1/24
AS100
AS400
Ge-1/1/1 Vlan10
192.168.10.1/24
SwitchA SwitchD
Ge-1/1/2 Vlan40 AS300 Ge-1/1/3 Vlan30
192.168.40.1/24 192.168.50.1/24
SwitchC
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 248
Layer 3 Routing Configuratio
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 40
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set vlan-interface interface vlan30 vif vlan30 address 192.168.30.1 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan40 vif vlan40 address 192.168.40.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 249
Layer 3 Routing Configuratio
XorPlus# set vlan-interface interface vlan20 vif vlan20 address 192.168.20.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan30 vif vlan30 address 192.168.30.2 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 250
Layer 3 Routing Configuratio
XorPlus# set protocols bgp peer 192.168.30.2 local-ip 192.168.30.2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set vlan-interface interface vlan40 vif vlan40 address 192.168.40.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan50 vif vlan50 address 192.168.50.2 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 251
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 252
Layer 3 Routing Configuratio
XorPlus# set vlan-interface interface vlan10 vif vlan10 address 192.168.10.1 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan20 vif vlan20 address 192.168.20.1 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan50 vif vlan50 address 192.168.50.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 253
Layer 3 Routing Configuratio
Updates Received: 20, Updates Sent: 2
Messages Received: 634, Messages Sent: 611
Time since last received update: 1685 seconds
Number of transitions to ESTABLISHED: 1
Time since last entering ESTABLISHED state: 15995 seconds
Retry Interval: 120 seconds
Hold Time: 90 seconds, Keep Alive Time: 30 seconds
Configured Hold Time: 90 seconds, Configured Keep Alive Time: 30 seconds
Minimum AS Origination Interval: 0 seconds
Minimum Route Advertisement Interval: 0 seconds
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 254
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 255
Layer 3 Routing Configuratio
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
As expected, Switch A is not load balancing because it does not view the paths as “equal,” but as
different AS paths.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 256
Layer 3 Routing Configuratio
● After configuring the ECMP equal-cost path maximum, reboot the switch to make it available.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 257
Layer 3 Routing Configuratio
DRAM: Initializing
You can check the static ECMP route for 10.10.51.0/24 in the RIB.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 258
Layer 3 Routing Configuratio
XorPlus# run show route table ipv4 unicast final
10.10.51.0/24 [static(1)/1]
> to 10.10.61.20 via vlan-3/vlan-3
10.10.51.0/24 [static(1)/1]
> to 10.10.62.20 via vlan-4/vlan-4
10.10.60.0/24 [connected(0)/0]
> via vlan-2/vlan-2
10.10.61.0/24 [connected(0)/0]
> via vlan-3/vlan-3
10.10.62.0/24 [connected(0)/0]
> via vlan-4/vlan-4
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 259
Layer 3 Routing Configuratio
XorPlus# set vlans vlan-id 2
[edit]
XorPlus# set vlans vlan-id 3
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 2
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching native-vlan-id 3
[edit]
XorPlus# set vlans vlan-id 2 l3-interface vlan-2
[edit]
XorPlus# set vlans vlan-id 3 l3-interface vlan-3
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 192.168.1.1 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 192.168.2.1 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols vrrp interface vlan-2 vrid 1
[edit]
XorPlus# set protocols vrrp interface vlan-2vif vlan-2 vrid 1 ip 192.168.1.5 prefix-length 24
[edit]
XorPlus# set protocols vrrp interface vlan-2vif vlan-2 vrid 1 preempt true
[edit]
XorPlus# set protocols vrrp interface vlan-2vif vlan-2 vrid 1 priority 100
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 260
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 261
Layer 3 Routing Configuratio
● In P-3290 and P-3780, you should configure the link-local IPv6 address, otherwise all the IPv6 interfaces will share
the same link-local address. This problem will be fixed in a future version.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 262
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 263
Layer 3 Routing Configuratio
XorPlus# set vlans vlan-id 2 l3-interface vlan-2
[edit]
XorPlus# set vlans vlan-id 3 l3-interface vlan-3
[edit]
XorPlus# set vlan-interface interface vlan-2 vif vlan-2 address 2001::15 prefix-length 64
[edit]
XorPlus# set vlan-interface interface vlan-3 vif vlan-3 address 2002::15 prefix-length 64
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching native-vlan-id 2
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 3
[edit]
XorPlus# set protocols ospf6 area 0.0.0.0 interface vlan-2 vif vlan-2 address 2001::15
[edit]
XorPlus# set protocols ospf6 area 0.0.0.0 interface vlan-3 vif vlan-3 address 2002::15
[edit]
XorPlus# set protocols ospf6 instance-id 1
[edit]
XorPlus# set protocols ospf6 router-id 1.1.1.1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# run show ospf6 interface
Interface State Area DR ID BDR ID Nbrs
--------- -------- --------------- --------------- --------------- ----
vlan-2 Down 0.0.0.0 0.0.0.0 0.0.0.0 0
vlan-3 Down 0.0.0.0 0.0.0.0 0.0.0.0 0
XorPlus# set protocols ospf6 area 0.0.0.0 interface vlan-2 vif vlan-2 hello-interval 10
[edit]
XorPlus# set protocols ospf6 area 0.0.0.0 interface vlan-2 vif vlan-2 interface-cost 8
[edit]
XorPlus# set protocols ospf6 area 0.0.0.0 interface vlan-2 vif vlan-2 transmit-delay 2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 264
Layer 3 Routing Configuratio
XorPlus#
● TCP flags are also supported. These ACLs can be applied to physical ports, LAG ports, and VLAN interfaces. One
ACL can be applied to multiple ports (the properties of the ports can be same or different), but only one port can be
matched to one ACL.
XorPlus# set firewall filter bad-net sequence bad-1 from source-address-ipv4 1.1.1.0/24
[edit]
XorPlus# set firewall filter bad-net sequence bad-1 then action discard
[edit]
XorPlus# set firewall filter bad-net sequence bad-2 from source-address-ipv4 1.1.2.0/24
[edit]
XorPlus# set firewall filter bad-net sequence bad-2 then action discard
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set firewall filter bad-net input interface ge-1/1/1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set firewall filter bad-net input interface ae1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
When the switch receives a packet in ingress and egress, it will attempt to match ACLs by sequence number, with
smaller values representing higher priorities. If the matched ACL’s action is “forward” or “discard,” the switch will
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 265
Layer 3 Routing Configuratio
forward or discard the packet and will not match the remaining ACLs. If there is no matching ACL, the packet will be
dropped.
XorPlus# set firewall filter bad-net sequence bad-1 from source-address-ipv4 1.1.1.0/24
[edit]
XorPlus# set firewall filter bad-net sequence bad-1 then action discard
[edit]
XorPlus# set firewall filter bad-net sequence bad-2 from source-address-ipv4 1.1.2.0/24
[edit]
XorPlus# set firewall filter bad-net sequencebad-2 then action discard
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set firewall filter bad-netinput vlan-interface vlan-2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set firewall filter bad-net sequence bad-1 then action discard
[edit]
XorPlus# set firewall filter bad-net sequence bad-1 from protocol tcp flags ack true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set firewall filter bad-net output interface ge-1/1/1
[edit]
XorPlus# commit
Waiting for merging configuration.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 266
Layer 3 Routing Configuratio
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# set firewall filter bad-net sequence bad-1 then action discard
[edit]
XorPlus# set firewall filter bad-net sequence bad-1 from destination-address-ipv4 192.168.100.0/24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set firewall filter bad-net input interface ge-1/1/1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set firewall filter bad-net sequence bad-1 log interval 10
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# run syslog monitor on
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 267
Layer 3 Routing Configuratio
Command List
delete interface ecmp hash-mapping field ingress-interface disable
delete interface ecmp hash-mapping field ip-destination disable
delete interface ecmp hash-mapping field ip-protocol disable
delete interface ecmp hash-mapping field ip-source disable
delete interface ecmp hash-mapping field port-destination disable
delete interface ecmp hash-mapping field port-source disable
delete interface ecmp hash-mapping field vlan disable
delete interface ecmp max-path
delete vlan-interface loopback address 127.0.0.1 prefix-length
delete vlan-interface loopback address ::1 prefix-length
run clear arp all
run clear arp ip-address <ip-address>
run clear neighbor all
run clear neighbor ipv6-address <ipv6-address>
run clear vlan-interface statistics loopback
run flush arp all
run flush arp ip-address <ip-address>
run flush neighbor all
run flush neighbor ipv6-address <ipv6-address>
run ping <ip-address> <int> deadline <int> source 0x1 interval <int> tos <int> ttl <int> size <int>
run ping <ip-address> <int> interval <int>
run ping <ip-address> <int> pattern <int>
run ping <ip-address> <int> size <int>
run ping <ip-address> <int> source 0x1
run ping <ip-address> <int> tos <int>
run ping <ip-address> <int> ttl <int>
run ping6 <ipv6-address> <int> deadline <int> source 0x1 interval <int> ttl <int> size <int>
run ping6 <ipv6-address> <int> interval <int>
run ping6 <ipv6-address> <int> pattern <int>
run ping6 <ipv6-address> <int> size <int>
run ping6 <ipv6-address> <int> source 0x1
run ping6 <ipv6-address> <int> ttl <int>
run show arp brief
run show arp inspection brief
run show arp management-ethernet eth0
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 268
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 269
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 270
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 271
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 272
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 273
Layer 3 Routing Configuratio
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> authentication md5
<int> end-time bozo
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> authentication md5
<int> max-time-drift <int>
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> authentication md5
<int> max-time-drift <int>
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> authentication md5
<int> password bozo
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> authentication md5
<int> start-time bozo
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> authentication simple-
password bozo
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> bfd disable true
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> disable true
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> hello-interval <int>
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> interface-cost <int>
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> neighbor <ip-address>
router-id <ip-address>
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> passive disable true
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> passive host true
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> priority <int>
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> retransmit-interval
<int>
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> router-dead-interval
<int>
set protocols ospf4 area <ip-address> interface bozo vif bozo address <ip-address> transmit-delay <int>
set protocols ospf4 area <ip-address> summaries disable true
set protocols ospf4 area <ip-address> virtual-link <ip-address> authentication md5 <int> end-time bozo
set protocols ospf4 area <ip-address> virtual-link <ip-address> authentication md5 <int> max-time-drift
<int>
set protocols ospf4 area <ip-address> virtual-link <ip-address> authentication md5 <int> max-time-drift
<int>
set protocols ospf4 area <ip-address> virtual-link <ip-address> authentication md5 <int> password bozo
set protocols ospf4 area <ip-address> virtual-link <ip-address> authentication md5 <int> start-time bozo
set protocols ospf4 area <ip-address> virtual-link <ip-address> authentication simple-password bozo
set protocols ospf4 area <ip-address> virtual-link <ip-address> hello-interval <int>
set protocols ospf4 area <ip-address> virtual-link <ip-address> retransmit-interval <int>
set protocols ospf4 area <ip-address> virtual-link <ip-address> router-dead-interval <int>
set protocols ospf4 area <ip-address> virtual-link <ip-address> transmit-area <ip-address>
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 274
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 275
Layer 3 Routing Configuratio
set protocols ospf6 area <ip-address> interface bozo vif bozo neighbor <ipv6-address> router-id <ip-
address>
set protocols ospf6 area <ip-address> interface bozo vif bozo passive true
set protocols ospf6 area <ip-address> interface bozo vif bozo priority <int>
set protocols ospf6 area <ip-address> interface bozo vif bozo retransmit-interval <int>
set protocols ospf6 area <ip-address> interface bozo vif bozo router-dead-interval <int>
set protocols ospf6 area <ip-address> interface bozo vif bozo transmit-delay <int>
set protocols ospf6 export bozo
set protocols ospf6 import bozo
set protocols ospf6 instance-id <int>
set protocols ospf6 ip-router-alert true
set protocols ospf6 router-id <ip-address>
set protocols ospf6 traceoptions flag adjacency-event disable true
set protocols ospf6 traceoptions flag all disable true
set protocols ospf6 traceoptions flag config disable true
set protocols ospf6 traceoptions flag database-description disable true
set protocols ospf6 traceoptions flag event disable true
set protocols ospf6 traceoptions flag flooding disable true
set protocols ospf6 traceoptions flag hello disable true
set protocols ospf6 traceoptions flag lsa-ack disable true
set protocols ospf6 traceoptions flag lsa-generation disable true
set protocols ospf6 traceoptions flag lsa-request disable true
set protocols ospf6 traceoptions flag lsa-update disable true
set protocols ospf6 traceoptions flag packets disable true
set protocols ospf6 traceoptions flag retransmission disable true
set protocols ospf6 traceoptions flag route disable true
set protocols ospf6 traceoptions flag spt disable true
set protocols ospf6 traceoptions flag timer disable true
set protocols pimsm4 bootstrap cand-bsr scope-zone <ip-address/netmask> bsr-priority <int>
set protocols rip export bozo
set protocols rip import bozo
set protocols rip interface bozo vif bozo address <ip-address> accept-default-route true
set protocols rip interface bozo vif bozo address <ip-address> accept-non-rip-requests true
set protocols rip interface bozo vif bozo address <ip-address> advertise-default-route true
set protocols rip interface bozo vif bozo address <ip-address> authentication md5 <int> end-time bozo
set protocols rip interface bozo vif bozo address <ip-address> authentication md5 <int> password bozo
set protocols rip interface bozo vif bozo address <ip-address> authentication md5 <int> start-time bozo
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 276
Layer 3 Routing Configuratio
set protocols rip interface bozo vif bozo address <ip-address> authentication simple-password bozo
set protocols rip interface bozo vif bozo address <ip-address> deletion-delay <int>
set protocols rip interface bozo vif bozo address <ip-address> disable true
set protocols rip interface bozo vif bozo address <ip-address> horizon none
set protocols rip interface bozo vif bozo address <ip-address> horizon split-horizon-poison-rever
set protocols rip interface bozo vif bozo address <ip-address> interpacket-delay <int>
set protocols rip interface bozo vif bozo address <ip-address> metric <int>
set protocols rip interface bozo vif bozo address <ip-address> passive true
set protocols rip interface bozo vif bozo address <ip-address> request-interval <int>
set protocols rip interface bozo vif bozo address <ip-address> request-interval <int>
set protocols rip interface bozo vif bozo address <ip-address> route-timeout <int>
set protocols rip interface bozo vif bozo address <ip-address> triggered-delay <int>
set protocols rip interface bozo vif bozo address <ip-address> triggered-jitter <int>
set protocols rip interface bozo vif bozo address <ip-address> update-interval <int>
set protocols rip interface bozo vif bozo address <ip-address> update-jitter <int>
set protocols rip traceoptions flag all disable true
set protocols static interface-route <ip-address/netmask> metric <int>
set protocols static interface-route <ip-address/netmask> next-hop-interface bozo
set protocols static interface-route <ip-address/netmask> next-hop-router <ip-address>
set protocols static interface-route <ip-address/netmask> next-hop-vif bozo
set protocols static interface-route <ip-address/netmask> qualified-next-hop-interface bozo qualified-next-
hop-vif bozo metric <int>
set protocols static interface-route <ip-address/netmask> qualified-next-hop-interface bozo qualified-next-
hop-vif bozo next-hop-router <ip-address
set protocols static interface-route <ipv6-address/netmask> metric <int>
set protocols static interface-route <ipv6-address/netmask> next-hop-interface bozo
set protocols static interface-route <ipv6-address/netmask> next-hop-router <ipv6-address>
set protocols static interface-route <ipv6-address/netmask> next-hop-vif bozo
set protocols static interface-route <ipv6-address/netmask> qualified-next-hop-interface bozo qualified-next-
hop-vif bozo metric <int>
set protocols static interface-route <ipv6-address/netmask> qualified-next-hop-interface bozo qualified-next-
hop-vif bozo next-hop-router <ipv6-address>
set protocols static route <ip-address/netmask> bfd true
set protocols static route <ip-address/netmask> metric <int>
set protocols static route <ip-address/netmask> next-hop <ip-address>
set protocols static route <ip-address/netmask> qualified-next-hop <ip-address> bfd true
set protocols static route <ip-address/netmask> qualified-next-hop <ip-address> metric <int>
set protocols static route <ipv6-address/netmask> bfd true
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 277
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 278
Layer 3 Routing Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 279
MulticastConfiguratio
XorPlus#
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 280
Multicast Configuratio
[edit]
XorPlus# set protocols igmp-snooping vlan-id 1 querier address 10.10.1.1
[edit]
XorPlus# set protocols igmp-snooping vlan-id 1 querier version 2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# run show igmp-snooping querier
Vlan IP Address IGMP Version
-------- ------------------ ------------
1 10.10.1.1 v2
XorPlus#
IGMP Configuration
In XorPlus, IGMPv1/v2/v3 is supported.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 281
Multicast Configuratio
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols igmp interface vlan2 vif vlan2
[edit]
XorPlus# set protocols igmp interface vlan3 vif vlan3
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# run show igmp interface
Interface State Querier Timeout Version Groups
------------ -------- --------------- --------- --------- --------
vlan2 UP 10.10.60.10 None 2 2
vlan3 UP 10.10.61.10 None 2 2
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 282
Multicast Configuratio
XorPlus# run show igmp interface
Interface State Querier Timeout Version Groups
------------ -------- --------------- --------- --------- --------
vlan2 UP 10.10.60.10 None 2 2
vlan3 UP 10.10.61.10 None 3 2
If you send a Ieaving message for the above group, the specified group will be removed.
PIM-SM Configuration
In Layer 2 / Layer 3, PIM-SM is supported.
● You can then configure a candidate-RP and a candidate-BSR. For configuring the candidate-BSR, “scope-zone”
denotes the zone of the multicast group, which is included in the multicast domain.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 283
Multicast Configuratio
XorPlus# set vlans vlan-id 3 l3-interface vlan-3
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching native-vlan-id 2
[edit]
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 3
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2address 10.10.60.10 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.61.10 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set multicast-interface interface vlan-2vif vlan-2 disable false
[edit]
XorPlus# set multicast-interface interface vlan-3vif vlan-3 disable false
[edit]
XorPlus# set multicast-interface interface register_vif disable false
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols igmp interface vlan-3
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols pimsm4 interface vlan-2vif vlan-2 disable false
[edit]
XorPlus# set protocols pimsm4 interface vlan-3vif vlan-3 disable false
[edit]
XorPlus# set protocols pimsm4 interface register_vif disable false
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols pimsm4 bootstrap cand-bsr scope-zone 224.0.0.0/4 cand-bsr-by-vif-name vlan-3
[edit]
XorPlus# set protocols pimsm4 bootstrap cand-rp group-prefix 237.0.0.0/8 cand-rp-by-vif-name vlan-2
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 284
Multicast Configuratio
[edit]
XorPlus# set protocols pimsm4 bootstrap cand-rp group-prefix 231.0.0.0/8 cand-rp-by-vif-name vlan-3
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
●In this example, the static route in the RIB will be used by PIM-SM.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 285
Multicast Configuratio
Ge-1/1/1 Ge-1/1/1
10.10.1.1/24 C-RP BSR 10.10.2.1/24
Ge-1/1/2 Ge-1/1/2
10.10.3.1/24 10.10.4.1/24
Host A Host B
Destination Multicast Source
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 286
Multicast Configuratio
Commit OK.
Save done.
[edit]
XorPlus# set protocols pimsm4 interface vlan-2vif vlan-2 disable false
[edit]
XorPlus# set protocols pimsm4 interface vlan-3vif vlan-3 disable false
[edit]
XorPlus# set protocols pimsm4 interface register_vif disable false
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#set protocols static route 10.10.2.0/24 next-hop 10.10.1.2
[edit]
XorPlus#set protocols static route 10.10.4.0/24 next-hop 10.10.1.2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# run show pim interface
Interface State Mode V PIMstate Priority DRaddr Neighbors
---------- -------- ------ - -------- -------- --------------- ---------
vlan-2 UP Sparse 2 DR 1 10.10.1.1 0
vlan-3 UP Sparse 2 DR 1 10.10.3.1 0
register_vif UP Sparse 2 DR 1 10.10.1.1 0
XorPlus#
XorPlus# run show igmp interface
Interface State Querier Timeout Version Groups
------------ -------- --------------- --------- --------- --------
vlan-2 DISABLED 10.10.1.1 None 2 0
vlan-3 UP 10.10.3.1 None 2 3
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 287
Multicast Configuratio
XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 3
[edit]
XorPlus# set vlan-interface interface vlan-2vif vlan-2 address 10.10.1.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan-3vif vlan-3 address 10.10.2.2 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set multicast-interface interface vlan-2vif vlan-2 disable false
[edit]
XorPlus# set multicast-interface interface vlan-3vif vlan-3 disable false
[edit]
XorPlus# set multicast-interface interface register_vif disable false
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols pimsm4 interface vlan-2vif vlan-2 disable false
[edit]
XorPlus# set protocols pimsm4 interface vlan-3vif vlan-3 disable false
[edit]
XorPlus# set protocols pimsm4 interfaceregister_vif disable false
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols pimsm4 bootstrap cand-bsr scope-zone 224.0.0.0/4 cand-bsr-by-vif-name vlan-3
[edit]
XorPlus# set protocols pimsm4 bootstrap cand-rp group-prefix 238.0.0.0/8 cand-rp-by-vif-name vlan-2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#set protocols static route 10.10.3.0/24 next-hop 10.10.1.1
[edit]
XorPlus#set protocols static route 10.10.4.0/24 next-hop 10.10.2.1
[edit]
XorPlus# commit
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 288
Multicast Configuratio
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# run show pim bootstrap
Active zones:
BSR Pri LocalAddress Pri State Timeout SZTimeout
10.10.2.2 1 10.10.2.2 1 Elected 19 -1
Expiring zones:
BSR Pri LocalAddress Pri State Timeout SZTimeout
XorPlus#
XorPlus# run show pim rps
RP Type Pri Holdtime Timeout ActiveGroups GroupPrefix
------------- ------- --- -------- ------- ------------ ----------------
10.10.1.2 bootstrap 192 150 -1 0 238.0.0.0/8
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 289
Multicast Configuratio
Commit OK.
Save done.
[edit]
XorPlus# set protocols pimsm4 interface vlan-2vif vlan-2 disable false
[edit]
XorPlus# set protocols pimsm4 interface vlan-3vif vlan-3 disable false
[edit]
XorPlus# set protocols pimsm4 interface register_vif disable false
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set protocols static route 10.10.1.0/24 next-hop 10.10.2.2
[edit]
XorPlus# set protocols static route 10.10.3.0/24 next-hop 10.10.2.2
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# run show pim interface
Interface State Mode V PIMstate Priority DRaddr Neighbors
---------- -------- ------ - -------- -------- --------------- ---------
vlan-2 UP Sparse 2 DR 1 10.10.2.1 0
vlan-3 UP Sparse 2 DR 1 10.10.4.1 0
register_vif UP Sparse 2 DR 1 10.10.2.1 0
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 290
Multicast Configuratio
Command List
run show multicast dataflow
run show multicast interface address
set multicast-interface interface bozo vif bozo disable true
set multicast-interface traceoptions flag all disable trueset open-flow allowed-versions openflow-v1.0 disable
true
set protocols igmp interface bozo vif bozo disable true
set protocols igmp interface bozo vif bozo enable-ip-router-alert-option-check true
set protocols igmp interface bozo vif bozo query-interval <int>
set protocols igmp interface bozo vif bozo query-last-member-interval <int>
set protocols igmp interface bozo vif bozo query-response-interval <int>
set protocols igmp interface bozo vif bozo robust-count <int>
set protocols igmp interface bozo vif bozo version <int>
set protocols igmp traceoptions flag all disable true
set protocols igmp traceoptions flag event disable true
set protocols igmp traceoptions flag leave disable true
set protocols igmp traceoptions flag query disable true
set protocols igmp traceoptions flag report disable true
set protocols igmp-snooping enable true
set protocols igmp-snooping last-member-query-count <int>
set protocols igmp-snooping last-member-query-interval <int>
set protocols igmp-snooping max-response-time <int>
set protocols igmp-snooping query-interval <int>
set protocols igmp-snooping report-suppression true
set protocols igmp-snooping robustness-variable <int>
set protocols igmp-snooping router-aging-time <int>
set protocols igmp-snooping traceoptions flag all disable true
set protocols igmp-snooping traceoptions flag config disable true
set protocols igmp-snooping traceoptions flag input disable true
set protocols igmp-snooping traceoptions flag output disable true
set protocols igmp-snooping traceoptions flag state-machine disable true
set protocols igmp-snooping vlan-id <int> enable true
set protocols igmp-snooping vlan-id <int> fast-leave true
set protocols igmp-snooping vlan-id <int> mrouter interface bozo
set protocols igmp-snooping vlan-id <int> querier address <ip-address>
set protocols igmp-snooping vlan-id <int> querier enable true
set protocols igmp-snooping vlan-id <int> querier other-querier-timer <int>
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 291
Multicast Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 292
QoS Configuratio
Configuring SP
● In Layer 2 / Layer 3, 802.1p, DSCP, and COS QoS are supported.
● You should first create forwarding classes, which determine the queue number of the specified traffic type.
●Define your QoS classifiers (by specifying the associated forwarding class) and include the trust-mode. Map the
code-point in the forwarding class.
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 293
QoS Configuratio
Save done.
[edit]
Configuring WRR
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 294
QoS Configuratio
XorPlus# set class-of-service interface ge-1/1/3 classifier c3
XorPlus# commit
XorPlus# set interface gigabit-ethernet ge-1/1/3 static-ethernet-switching mac-address 22:00:00:00:00:00 vlan
1
XorPlus# commit
Configuring WFQ
(1) Configuring scheduler
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 295
QoS Configuratio
Command List
set class-of-service classifier bozo forwarding-class bozo code-point <int>
set class-of-service classifier bozo forwarding-class bozo scheduler bozo
set class-of-service classifier bozo trust-mode dscp
set class-of-service classifier bozo trust-mode ieee-802.1
set class-of-service classifier bozo trust-mode inet-precedence
set class-of-service forwarding-class bozo local-priority <int>
set class-of-service interface bozo classifier bozo
set class-of-service scheduler bozo guaranteed-rate 8
set class-of-service scheduler bozo mode SP
set class-of-service scheduler bozo mode WFQ
set class-of-service scheduler bozo mode WRR
set class-of-service scheduler bozo weight <int>
set class-of-service traceoptions flag all disable trueset firewall filter bozo description bozo
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 296
OpenFlow Configuratio
OpenFlow Introduction
● In Layer 2 / Layer 3, OpenFlow v1.0, OFv1.1, OFv1.2, and OFv1.3areall supported. You can configure any
supported version in the CLI.
● All ports in the switch are either legacy or crossflow ports. In a crossflow port, you can enable or disable local-
control, regarding local processing of protocol packets.
● You can configure specified ports in crossflow mode, and enable/disable the local control in a crossflow port. If
you enable local control in a crossflow port, the protocol packet (containing the BPDU, LLDP, and OSPF PDU)
will be processed in the local protocol stack. In the mean time, the MAC learning and flood domain will also be
enabled in this crossflow port. Without local control, the protocol packet, MAC learning, and flood domain will
not be enabled in crossflow mode.
© 2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 297
OpenFlow Configuratio
Legacy Network
Domain
Openflow
Domain
Legacy network
Openflow Domain
Domain
Crossflow Crossflow
L2/L3 mode, L2/L3 mode,
Legacy
LC- LC+ port
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 298
OpenFlow Configuratio
● In TCAM mode, traffic can be forwarded between the OpenFlow domain and the Legacy network domain (e.g.,
you can send traffic from a crossflow port to a legacy port, as shown in the following figures).
Legacy network
Openflow Domain
Domain
Tra Tra
ffic ffic
Figure 8-3. TCAM mode traffic between crossflow ports.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 299
OpenFlow Configuratio
Legacy network
Openflow Domain
Domain
Tra Tra
ffic ffic
The OpenFlow module needs resources in the ASIC to install flows. For example, you can allocate a specified TCAM
entry and L3 routing table entry for OpenFlow, as shown below. Allocate the resources before enabling OpenFlow, or
the configuration will not be successful.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 300
OpenFlow Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 301
OpenFlow Configuratio
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 302
OpenFlow Configuratio
You can also add “virtual-interface” as the output port (e.g. “all,” “drop”, “local”), and configure “controller” as the output
port of a flow.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 303
OpenFlow Configuratio
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 304
OpenFlow Configuratio
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/1 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/2 family ethernet-switching vlan members 100
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/3 family ethernet-switching vlan members 200
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/4 family ethernet-switching vlan members 300
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set vlan-interface interface vlan100 vif vlan100 address 1.1.1.1 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan200 vif vlan200 address 2.2.2.2 prefix-length 24
[edit]
XorPlus# set vlan-interface interface vlan300 vif vlan300 address 3.3.3.3 prefix-length 24
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/1 crossflow enable true
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/2 crossflow enable true
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/3 crossflow enable true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set open-flow flow f1 match-field ethernet-destination-address 08:9e:01:39:1a:fe
[edit]
XorPlus# set open-flow flow f1 match-field ip-destination-address 4.4.4.0/24
[edit]
XorPlus# set open-flow flow f1 match-field vlan-id 100
[edit]
XorPlus# set open-flow flow f1 match-field ethernet-type 2048
[edit]
XorPlus# set open-flow flow f1 action ecmp output-interface te-1/1/2 vlan-id 200
[edit]
XorPlus# set open-flow flow f1 action ecmp output-interface te-1/1/2 src-mac 08:9e:01:39:1a:fe
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 305
OpenFlow Configuratio
[edit]
XorPlus# set open-flow flow f1 action ecmp output-interface te-1/1/2 next-hop 08:9e:01:39:1a:11
[edit]
XorPlus# set open-flow flow f1 action ecmp output-interface te-1/1/3 vlan-id 300
[edit]
XorPlus# set open-flow flow f1 action ecmp output-interface te-1/1/3 src-mac 08:9e:01:39:1a:fe
[edit]
XorPlus# set open-flow flow f1 action ecmp output-interface te-1/1/3 next-hop 08:9e:01:39:1a:22
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# run show open-flow flow-table layer-3
FlowID Destination NetMask NextHopMac Output
------ --------------- --------------- ----------------- ---------
1 4.4.4.0 255.255.255.0 08:9e:01:39:1a:11 te-1/1/2
1 4.4.4.0 255.255.255.0 08:9e:01:39:1a:22 te-1/1/3
XorPlus#
You can configure multiple controllers for the OpenFlow bridge (only one of them will be the active controller).
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 306
OpenFlow Configuratio
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
user can create a group table and a flow whose action is a group table.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 307
OpenFlow Configuratio
actions=mod_dl_dst:22:22:22:22:22:22,output:2
XorPlus#
XorPlus# run show open-flow flow-table
cookie=0x0, duration=4.001s, table=0, n_packets=0, n_bytes=0, dl_dst=22:00:00:00:00:00 actions=group:1
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 308
OpenFlow Configuratio
XorPlus# set open-flow groups group-id 1 bucket-id 2 action modify eth-dst-address 22:00:00:00:00:22
[edit]
XorPlus# set open-flow groups group-id 1 bucket-id 2 action output-interface ge-1/1/4
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
XorPlus# run show open-flow groups
OFPST_GROUP_DESC reply (OF1.3) (xid=0x2):
group-id=1, type=fast failover
bucket 1:
weight=NONE,watch_port=1,watch_group=NONE
actions=mod_dl_dst:22:00:00:00:00:11,output:2
bucket 2:
weight=NONE,watch_port=3,watch_group=NONE
actions=mod_dl_dst:22:00:00:00:00:22,output:4
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 309
OpenFlow Configuratio
OK
[edit]
XorPlus# commit
Merging the configuration.
Commit OK.
Save done.
[edit]
XorPlus#
● Servers should not be able to communicate with each other, which means traffic from a server can only be
forwarded in the upstream direction.
●The network should be scalable, and the configuration of the switch should be simple (e.g., isolating the traffic
between servers by ACLs or VLANs is too complex of a configuration).
172.16.4.x OSPF/BGP
Gateway
172.16.1.1 172.16.3.1
V
P-3920
172.16.2.1
X X X X
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 310
OpenFlow Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 311
OpenFlow Configuratio
[edit]
XorPlus# set open-flow flow server-1-downstream match-field ip-destination-address 172.16.1.2/32
[edit]
XorPlus# set open-flow flow server-1-downstream action output interface ge-1/1/1
[edit]
XorPlus# set open-flow flow server-2-upstream match-field ingress-port ge-1/1/2
[edit]
XorPlus# set open-flow flow server-2-upstream action output interface te-1/1/49
[edit]
XorPlus# set open-flow flow server-2-downstream match-field ingress-port te-1/1/49
[edit]
XorPlus# set open-flow flow server-2-downstream match-field ip-destination-address 172.16.1.3/32
[edit]
XorPlus# set open-flow flow server-2-downstream action output interface ge-1/1/2
[edit]
XorPlus# set open-flow flow server-3-upstream match-field ingress-port ge-1/1/3
[edit]
XorPlus# set open-flow flow server-3-upstream action output interface te-1/1/49
[edit]
XorPlus# set open-flow flow server-3-downstream match-field ingress-port te-1/1/49
[edit]
XorPlus# set open-flow flow server-3-downstream match-field ip-destination-address 172.16.1.4/32
[edit]
XorPlus# set open-flow flow server-3-downstream action output interface ge-1/1/3
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus#
If you do not wish to manually configure the above flows with the CLI, you can configure a controller to perform those
tasks:
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 312
OpenFlow Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 313
OpenFlow Configuratio
Save done.
[edit]
XorPlus#
XorPlus# set interface gigabit-ethernet te-1/1/1 crossflow enable true
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/2 crossflow enable true
[edit]
XorPlus# set interface gigabit-ethernet te-1/1/3 crossflow enable true
[edit]
XorPlus# set interface gigabit-ethernet qe-1/1/49 crossflow enable true
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
[edit]
XorPlus# set open-flow working-mode tcam-mode
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
XorPlus# set open-flow flow net-1-upstream match-field ingress-port te-1/1/1
[edit]
XorPlus# set open-flow flow net-1-upstream action output interface qe-1/1/49
[edit]
XorPlus# set open-flow flow net-1-upstream action modify ethernet-destination-address 22:22:22:22:22:22
[edit]
XorPlus# set open-flow flow net-2-upstream match-field ingress-port te-1/1/2
[edit]
XorPlus# set open-flow flow net-2-upstream action output interface qe-1/1/49
[edit]
XorPlus# set open-flow flow net-2-upstream action modify ethernet-destination-address 22:22:22:22:22:22
[edit]
XorPlus# set open-flow flow net-3-upstream match-field ingress-port te-1/1/3
[edit]
XorPlus# set open-flow flow net-3-upstream action output interface qe-1/1/49
[edit]
XorPlus# set open-flow flow net-3-upstream action modify ethernet-destination-address 22:22:22:22:22:22
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
XorPlus#
Be sure to configure the OSPF interface to work with the OSPF Layer 3 network.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 314
OpenFlow Configuratio
XorPlus# set protocols ospf4 area 0.0.0.0 interface vlan400 vif vlan400 address 172.16.4.1
[edit]
XorPlus# set protocols ospf4 router-id 1.1.1.1
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
XorPlus# set policy policy-statement static-to-ospf term t1 from protocol connected
[edit]
XorPlus# set protocols ospf4 export static-to-ospf
[edit]
XorPlus# commit
Waiting for merging configuration.
Commit OK.
Save done.
XorPlus#
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 315
OpenFlow Configuratio
Command List
delete interface max-route-limit
set interface aggregate-ethernet bozo crossflow enable true
set interface aggregate-ethernet bozo crossflow local-control true
set interface gigabit-ethernet <port> crossflow enable true
set interface gigabit-ethernet <port> crossflow local-control true
set interface max-acl-rule-limit egress <int>
set interface max-acl-rule-limit ingress <int>
set interface max-route-limit <int>
set open-flow allowed-versions openflow-v1.1 disable true
set open-flow allowed-versions openflow-v1.2 disable true
set open-flow allowed-versions openflow-v1.3 disable true
set open-flow controller bozo address <ip-address>
set open-flow controller bozo port <int>
set open-flow controller bozo protocol ssl
set open-flow controller bozo protocol tcp
set open-flow flow bozo action ecmp output-interface bozo next-hop <mac-address>
set open-flow flow bozo action ecmp output-interface bozo src-mac <mac-address>
set open-flow flow bozo action ecmp output-interface bozo vlan-id <int>
set open-flow flow bozo action group <int>
set open-flow flow bozo action modify ethernet-destination-address <mac-address>
set open-flow flow bozo action modify ethernet-source-address <mac-address>
set open-flow flow bozo action modify ip-tos <int>
set open-flow flow bozo action modify mpls ethernet-type 0x0800
set open-flow flow bozo action modify mpls ethernet-type 0x86dd
set open-flow flow bozo action modify mpls ethernet-type 0x8847
set open-flow flow bozo action modify mpls inner-label <int>
set open-flow flow bozo action modify mpls outmost-label <int>
set open-flow flow bozo action modify mpls type pop
set open-flow flow bozo action modify mpls type push
set open-flow flow bozo action modify mpls type swap
set open-flow flow bozo action modify vlan-id <int>
set open-flow flow bozo action modify vlan-priority <int>
set open-flow flow bozo action output controller max-length <int>
set open-flow flow bozo action output interface bozo
set open-flow flow bozo action output virtual-interface all
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 316
OpenFlow Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 317
OpenFlow Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 318
OpenFlow Configuratio
When the switch boots up, a DHCP client will be started by debian service, then ZTP will gets three options: tftp-
server-name, boot-file-name and log-servers. If the log-servers option is set, ZTP will send the log of ZTP to the server
and local syslog at the same time. Then it starts a TFTP client to get a upgrade script with name defined in boot-file-
name from TFTP server. This upgrade script is used to define all upgrade procedures. The provision script is an shell
script, ZTP will automatically run this script after download it from TFTP server.
A typical pica8 provision target may include the following several tasks:
1) back up Layer 2 / Layer 3 configuration file, OVS configuration database, and boot list file
2) back up user data files and application configuration files
3) download PicOS image from TFTP server
4) upgrade PicOS image
5) reboot into new image
6) update PicOSonfiguration files
7) start PicOS application (XorPlus or OVS)
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 319
OpenFlow Configuratio
boot
|
start debian
|
get tftp-server-name, boot-file-name and log-servers from DHCP server
|
set syslog server for ZTP
|
get boot-file from TFTP server
|
Execute the script
|
remove the script
ZTP depends on DHCP server to provide switch with TFTP server IP address, shell script file name and log-server.
host pica8-pxxxx {
hardware ethernet 08:9e:01:62:d5:62;
option bootfile-name "pica8/provision.script";
option tftp-server-name "xx.xx.xx.xx";
option log-servers xx.xx.xx.xx;
fixed-address xx.xx.xx.xx;
}
Here "host" is the name of switch device, "hardware ethernet" is the MAC address of the device, option "bootfile-name"
is the TFTP server IP address, option “log-servers” is the log server that ZTP will send log to, and option "bootfile-
name" is the file name and path of provisioning script relative to the TFTP root directory on TFTP server. The switches
are configured to send a vendor-class-identifier to DHCP server in the format of "Pica8-pxxxx" where "xxxx" is the
switch model number. So it is also possible for customer to use this vendor class id to identify Pica8 switches.
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 320
OpenFlow Configuratio
(4):Appendix:
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 321
OpenFlow Configuratio
exit 1
fi
ovs_load_config 192.168.2.50/24 192.168.2.1 pica8/ovs_cfg.cli
if [ $? -ne 0 ]; then
exit 1
fi
picos_ovs_stop
if [ $? -ne 0 ]; then
exit 1
fi
fi
Example of xorp_cfg.cli:
show version;configure;run show vlans;set vlans vlan-id 20;commit;set vlans vlan-id 30;commit
Example of ovs_cfg.cli:
This following are the functions that can be used in provision scripts:
1) ztp_disable: disable ZTP auto-run when switch boot up
return value: 0 when succeed, 1 when failed
2) ztp_enable: enable ZTP auto-run when switch boot up
return value: 0 when succeed, 1 when failed
3) add_remote_syslog_server: add remote syslog server
parameter 1: the IP address of remote syslog server
return value: 0 when succeed, 1 when failed
4) remove_remote_syslog_server: remove remote syslog server
return value: 0 when succeed, 1 when failed
5) picos_config: set the configuration for PicOS service
parameter 1: the server selected, 1 for PicOS L2/L3, 2 for OVS, 3 for none service
parameter 2: a static IP and netmask for the switch (e.g. 128.0.0.10/24) when parameter 1 is set to 2
parameter 3: the gateway IP (e.g. 172.168.1.2) when parameter 1 is set to 2
return value: 0 when succeed, 1 when failed
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 322
OpenFlow Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 323
OpenFlow Configuratio
parameter 2: sever ip address, if this is not set, it will use the TFTP server IP address got from DHCP server by DHCP
client
return value: 0 when succeed, 1 when failed
16) tftp_get_picos_image: get PicOS image from TFTP server
parameter 1: image file name with path on TFTP sever
parameter 2: sever ip address, if this is not set, it will use the TFTP server IP address got from DHCP server by DHCP
client
return value: 0 when succeed, 1 when failed
17) tftp_get_pica_image: get Pica Image from TFTP server
parameter 1: image file name with path on TFTP sever
parameter 2: sever ip address, if this is not set, it will use the TFTP server IP address got from DHCP server by DHCP
client
return value: 0 when succeed, 1 when failed
18) l2l3_cmd_shell: run an CLI command of PicOS Layer 2 / Layer 3
parameter 1: the command
return value: 0 when succeed, 1 when failed
19) l2l3_load_config: get a file with PicOS Layer 2 / Layer 3 CLI commands list, and execute these commands.
parameter 1: command file name with path on TFTP sever
parameter 2: sever ip address, if this is not set, it will use the TFTP server IP address got from DHCP server by DHCP
client
return value: 0 when succeed, 1 when failed
20) ovs_cmd_shell: run an OVS command
parameter 1: the command
return value: 0 when succeed, 1 when failed
21) ovs_load_config: get a file with PicOS OVS commands list , and execute these commands.
parameter 1: if PicOS is not set to OVS, then it should be eth0 ip address and netmask, 192.168.0.2/24, otherwise “ ”
parameter 2: if PicOS is not set to OVS, then gateway IP, otherwise “ ”
parameter 3: file name with path on TFTP server
parameter 4: sever ip address, if this is not set, it will use the TFTP server IP address got from DHCP server by
DHCP client
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 324
OpenFlow Configuratio
Appendix
Other Command List
set interface traceoptions flag config disable true
set interface traceoptions flag ethernet-switching-options disable true
set interface traceoptions flag mlag-trace disable true
set interface traceoptions flag neighbor-event disable true
set interface traceoptions flag packets disable true
set interface traceoptions flag route-event disable true
set interface traceoptions flag static-ethernet-switching disable true
set interface traceoptions line-card statistic disable true
set interface traceoptions line-card trace-level all disable true
set interface traceoptions line-card trace-level api debug disable true
set interface traceoptions line-card trace-level api error disable true
set interface traceoptions line-card trace-level api information disable true
set interface traceoptions line-card trace-level api warning disable true
set interface traceoptions line-card trace-level sdk debug disable true
set interface traceoptions line-card trace-level sdk error disable true
set interface traceoptions line-card trace-level sdk information disable true
set interface traceoptions line-card trace-level sdk warning disable true
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 325
OpenFlow Configuratio
©2014 Pica8 Inc. All Rights Reserved. Layer 2 / Layer 3 Configuration Guide P a g e | 326