Extreme Switch Manual

Switched Routing
and Layer 3 VLANs
Layer 3 Performance at
Layer 2 Switched Speeds!
Ironclad Network
Performance
1
Training - Switched Routing & VLANs on Routers
07/03/15
1999 Foundry Networks, Inc.
Switched Routing - Overview

The Foundry Networks line of Switching Routers consists
of NetIron, TurboIron and BigIron (and FastIron II upgraded to a
Layer 3 Router)
All routers are ASIC-based routers that provide wire-speed

routing with incredibly low latency (10-70 microseconds)
There is no performance difference between our Switching
Routers and the fastest Layer 2 Switch (FastIron) in the
world!
This allows you to design networks based on addressing
and security concerns and not have to worry about the
performance impact that traditional routers have in a
network
07/03/15
1999 Foundry2
Networks,
Switched Routing Feature Set

NetIron, TurboIron, BigIron Switching Routers
Multi-Protocol Support
Highly Resilient
IP RIP V1 & V2, OSPF, BGP4

IPX RIP/SAP
AppleTalk
IGMP, PIM Dense, DVMRP
Layer 3 Filtering
Foundry Standby Router Protocol

VRRP - Virtual Router Redundancy Protocol
Trunk Groups
IP/OSPF Load Sharing
Redundant Power Supply Option
Multimedia Ready
Selectable QoS
IGMP Multicast Traffic Reduction
802.3x Flow Control
Ultra High Performance

Wire-Speed Routing /port
1.4M PPS at Gig ports
148K PPS at 100Base ports
Hardware Accelerated L2/L3
Sub 10 Microsecond Latency
Flexible Network Design

Multiple Platforms
- 10/100 with Gigabit Expansion
- All Gigabit Router
230K Route Entries
Policy Based VLANs
07/03/15
1999 Foundry3
Networks,
Switched Routing - Enabling IP

There are three basic steps to enabling IP RIP routing:
1. Enable RIP globally
2. Assign IP address/mask to each routed interface.
3. Enable a Routing Protocol to communicate to routers on the other side
(learning routes on the other side)
This example enables RIP routing
Example:
and assigns an IP address to (3)
interfaces.
NetIron(config)# router rip
NetIron(config-rip-router)# interface e1
NetIron(config-if-1)# ip addr 192.123.22.101 255.255.255.0 Interface e1 doesnt use a RIP
protocol since it only talks to a
single PC (not another router)
NetIron(config-if-1)# int e 2
NetIron(config-if-2)# ip addr 192.123.33.101 255.255.255.0
Make sure the other side is also
NetIron(config-if-2)# ip rip v2-only
configd for the same protocol
NetIron(config-if-2)# int e18
NetIron(config-if-18)# ip addr 194.100.100.1 255.255.255.0 With this configuration, all other
interfaces would not pass IP
packets.
NetIron(config-if-18)# exit
NetIron(config)# wr mem
If other interfaces need to switch

or route IP packets, you would
either create a protocol-based
VLAN (so you could L2 switch)
or assign IP addresses to them.
07/03/15
1999 Foundry4
Networks,
Routing Lab #1: subnet to subnet

Using Single Interfaces for each subnet
Router 2
Subnet 2 | Subnet 3
Interface e2 | Interface e3
DG: 192.1.20.2 | DG: 192.1.30.1
Router 1 - Subnet 2
Interface Ether 1/2
DG: 192.1.20.1
TurboIron/8
RIP
V2
All Gig Router
RIP
V2
Router 3 - Subnet 3
Interface e3
DG: 192.1.30.2
NetIron
BigIron 4000
Router 1 -Subnet 1
Interface Ether 1/1
DG: 192.1.10.1
Do we need a routing
protocol here?
PC1
192.1.10.X
Router 3 - Subnet 4
Interface e4
DG: 192.1.40.1
Do we need a routing
protocol here?
FastIron
FastIron Workgroup switch

192.1.40.100
PC2
192.1.40.X
07/03/15
1999 Foundry5
Networks,
Routing Lab #1: subnet to subnet

Lab Steps
Configure each Router using
addressing scheme shown on lab
map.
Configure each PC using addressing
scheme shown on lab map.
Verification
a) Ping from PC 1 to Router 1, Router 2, and

Router 3 then PC2.
b) Ping from PC 2 to Router 3, Router 2, and
Router 1 then PC1.
CLI Commands
#router rip
(this command alone assigns a global rip for all
interfaces)
#inter e 1/1
#ip add 192.1.10.1/24
#ip rip v2-only
#inter e 2/1
#ip address 192.1.20.1/24
#ip rip v2-only
#write mem
#reload
** verify configuration using the

show config command.
** Repeat for Routers 2 & 3 using the IP
addresses shown on the lab map.
07/03/15
1999 Foundry6
Networks,
Switched Routing - RIP parameters

There are a lot of other IP/RIP parameters
that can be modified
These parameters include:
Proxy ARP
IP ARP age
IP MTU
Reverse ARP
IP time to live (TTL)
IP filtering
Static routes, including default route
Permit/deny route redistribution into RIP V2 or OSPF
07/03/15
1999 Foundry7
Networks,
VLANs on Layer 3
Routers
(VLANs on Layer 2
Switches covered in
another module)
Ironclad Network
Performance
8
Training - Switched Routing & VLANs on Routers
07/03/15
1999 Foundry Networks, Inc.
VLANs - Layer 2 VLANs on Routers

Switching Router
Ports can be grouped together to form
Switched Domains (L2 VLANs)
Virtual Ethernet Interfaces (ve) are created
as members in these L2 VLANs and used as
the mechanism to route in and out
Switching among ports in a VLAN domain
Routing between groups
Bridge non-routed protocols
NetBIOS, DECNET-LAT, etc
07/03/15
1999 Foundry9
Networks,
VLANs - Subnet VLANs on Routers

This allows you to Layer 2 switch on some ports and route on other ports at
the same time!
This feature is known as Integrated Switch Routing (ISR). ISR allows you
to have a Foundry Router port connect to a shared media hub, other ports
connect to power users and yet another port connect to a file server - all
belonging to the same IP subnet!
07/03/15
Create virtual interfaces (referred to
1999 Foundry
as ve for Virtual Ethernet) to assign the Layer 3 address to this interface
10
Networks,

Create the subnet VLANs, and add a router-interface
Virtual Ethernet to each VLAN, just as you would any port
IP VLAN 1
192.123.22.xx
IP
VLAN 2
IP
VLAN 1
ve1 IP:
192.123.22.0
17
IP: ve2
192.123.44.0
4
NetIron
Link
Activity
Link
Activity
FDX
Link/Act
FDX
Link/Act
Console
Power
18
9
ve3
IPX VLAN 1
00000111
11
13
15
10
12
14
16
NetIron(config)# ip-subnet
NetIron(config-ip-subnet)#
192.123.22.0 255.255.255.0
static e1 to 4 e17
router-interface ve 1
exit
NetIron(config)# ip-subnet
192.123.44.0 255.255.255.0
static e4 to 8
router-int ve 2
exit
FDX
Link/Act
FDX
Link/Act
10
11 12 13 14 15 16
IPX:
00000111
IPX
VLAN 1
IPX:
ve4
00000222
IPX
VLAN 2
NetIron(config)# ipx-network
NetIron(config-ipx-network)#
00000111 ethernet_snap
static e9 to 12 e18
router-int ve3
exit
NetIron(config)# ipx-network
00000222 ethernet_802.2
static e12 to 16
router-int ve4
exit
<continued on next slide>
07/03/15
1999 Foundry
11
Networks,
Compare to Subnet
VLANs on a Switch

Configure the Virtual Interfaces just as you
would a Physical Interface
<continued from previous slide>
IP VLAN 1
192.123.22.xx
IP
VLAN 2
IP
VLAN 1
IP:
ve1 192.123.22.0
1
17
IP:
192.123.44.0 ve2
4
NetIron
Link
Activity
Link
Activity
FDX
Link/Act
FDX
Link/Act
Console
Power
18
9
ve3
IPX VLAN 1
00000111
11
13
15
10
12
14
16
FDX
Link/Act
FDX
Link/Act
10
11 12 13 14 15 16
IPX:
00000111
IPX
VLAN 1
IPX:
ve4
00000222
IPX
VLAN 2
NetIron(config)# interface ve1

NetIron(config-vif-1)# ip address 192.123.22.1 255.255.255.0
NetIron(config-vif-1)# interf ve2
NetIron(config-vif-2)# ip address 192.123.44.1 255.255.255.0
NetIron(config-vif-3)# ipx-net 00000111 ethernet_snap
NetIron(config-vif-4)# ipx-net 00000222 ethernet_802.2
NetIron(config-vif-4)# exit
NetIron(config-rip-router)# router ipx
NetIron(config)# exit
NetIron# write memory
Switched within VLAN groups

07/03/15
Routed between VLAN groups (through the Virtual1999
Interface)
Foundry
Networks,
12
Switched Routing - Subnet VLAN

Subnet VLAN Example:
IP
VLAN 1
IP subnet:
192.123.22.0
Port 17
Ports 1-8

NetIron(config-rip-router)# ip-sub 192.123.22.0/24
NetIron(config-ip-subnet)# static e1 to 8 e17
NetIron(config-ip-subnet)# exclude e9 to 16 e18
NetIron(config-ip-subnet)# router-interface ve1
NetIron(config-ip-subnet)# int ve1
NetIron(config-vif-1)# ip address 192.123.22.1/24
NetIron(config-ip-subnet)# exit
NetIron
Link
Activity
Link
Activity
Console
Power
Port 18
FDX
Link/Act
FDX
Link/Act
11
13
15
10
12
14
16
FDX
Link/Act
FDX
Link/Act
Ports 9-16
IP subnet:
192.123.44.0
IP
VLAN 2
NetIron(config)# ip-subnet 192.123.44.0/24

NetIron(config-ip-subnet)# static e9 to 16 e18
NetIron(config-ip-subnet)# exclude e1 to 8 e17
NetIron(config-ip-subnet)# router-int ve2
NetIron(config-vif-1)# int ve2
NetIron(config-vif-2)# ip address 192.123.44.4/24
07/03/15
1999 Foundry
13
Networks,
Routing & L2 VLAN Lab: (part 1)

Using Layer 2 802.1q Tagged VLANs
Router-interface Ve10, ip addr 192.1.10.1/24
Router-interface Ve20, ip addr 192.1.20.1/24
interface ether 1
Member of both:
VLAN 111
VLAN 222
(is it Tagged or Untagged?)
TurboIron/8 All Gig Router
FastIron
FastIron Workgroup
interface ether 25
VLAN 111
Tagged interface e25
untagged interf e1
VLAN 222
Tagged interface e25
untagged interf e16
interface ether 1
PC1
192.1.10.100
FastIron Workgroup
interface ether 16
PC2
192.1.20.100
07/03/15
1999 Foundry
14
Networks,

On the Router
enable rip
CLI Commands
On the Router
Create VLAN 111
#vlan 111 by port

#tag e 1
#router-int ve1
Repeat for VLAN 222
#vlan 222 by port

#tag e 1
#router-int ve2
Configure each Virtual Ethernet

(ve1 & ve2)
#interface ve1
#ip address 192.1.10.1
#int ve2
#ip address 192.1.20.1
assign ports to it
assign router-interface ve1
assign ports to it
assign router-interface ve2
On the FastIron
Workgroup
Create VLAN 111 and VLAN 2222

assign ports as shown on the diagram
On the FastIron Workgroup

#vlan 111 by port
#tag e 25
(or whatever is the last Gig Port)
#untag e 1
#vlan 222 by port
#tag e 25
(or whatever is the last Gig Port)
#untag e 16
07/03/15
1999 Foundry
15
Networks,

Lab Verification
Ping between VLANs from any port

What happens when you ping from a port that is NOT a member of either VLAN 111 or VLAN 222?
What is shown by the show VLAN command?
What is shown by the write term command?
What is the difference between write term and write mem?
What is the difference between write term and show config?
What parameters can be set in RIP?
What was the default gateway of the FastIron Workgroup Switch and why?
What is shown by the show interface command?
What is shown by the show stat command?
What is shown by the show media command?
What is shown by the show log command?
Using the terminal, how could you determine which modules were in which slot?
How would you determine if a power supply or fan had failed?
To provide a browse-type copy of your Routing Switchs config to your Online support group, what
show command would you use?
07/03/15
1999 Foundry
16
Networks,
Switched Routing - OSPF

There are 4 basic steps needed to
enable OSPF routing:
1) Enable OSPF globally
2) Define IP addresses/mask to interface(s)
3) Define one or more OSPF area(s)
4) Assign interfaces to an area
Optional OSPF parameters:

Load sharing on equal cost routes
Filtering
Route redistribution to RIP V1, RIP V2 or BGP4
Create an Area virtual link
07/03/15
1999 Foundry
17
Networks,
Switched Routing - OSPF example

Simple OSPF Example:
NetIron(config)# router ospf
NetIron(config-ospf-router)# area 0.0.1.1
NetIron(config)# interface e1
NetIron(config-if-1)# ip add 192.123.22.101 255.255.255.0
NetIron(config-if-1)# ip ospf area 0.0.1.1
NetIron(config-if-1)# int e 2
NetIron(config-if-2)# int e18
NetIron(config-if-18)# exit
NetIron(config)# write mem
07/03/15
1999 Foundry
18
Networks,
OSPF Lab:
192.0.0.10
Router #4
RIP V2 router
GWay: 192.0.0.2
PC
RIP
197.0.0.x
192.0.0.0
.2
Switch
.4
OSPF Area
0.0.1.1
PC
194.0.0.20
GWay: 194.0.0.4
.3
Router #2
Switch
.4
194.0.0.x
.2
(config)# interface e1
(config-if-1)# ip add 192.0.0.1/24
(config-if-1)# ip ospf area 0.0.1.1
Router #3
RIP V2 to OSPF
redistributor
193.0.0.x
.3
Interface 1/3
(config)# router rip

(config-rip-router)# redistribution
(config-rip-router)# router ospf
(config-ospf-router)# redistribution
(config)# interf e 1/3
(config-if-1/3)#ip rip v2-only
(config)# interface e 3/3
(config-if-3/3)# ip add 196.0.0.1 255.255.255.0
(config-if-3/3)# ip ospf area 0.0.1.1
07/03/15
1999 Foundry
19
Networks,
Switched Routing - IPX

There are 3 basic steps to enabling IPX routing:
1. Enable IPX globally
2. Assign IPX address to interface(s).
3. Assign ethernet frame type to interface(s).
Example:
TurboIron(config)# router ipx
TurboIron(config)# int e1
TurboIron(config-if-1)# ipx network 00000111 ethernet_802.3
TurboIron(config-if-1)# int e2
TurboIron(config-if-2)# ipx network 00000222 ethernet_802.3
TurboIron(config-if-2)# exit
TurboIron(config)# exit
TurboIron# write mem
07/03/15
1999 Foundry
20
Networks,
Switched Routing - IPX example

IPX Network VLAN example:
IPX
VLAN 1 IPX Network:
00000111
TurboIron(config)# router ipx

TurboIron(config)# ipx-net 00000111 ethernet_802.3
TurboIron(config-ipx_proto)# static e1 to 2 e5
TurboIron(config-ipx_proto)# router-int ve1
TurboIron(config-ipx_proto)# exit
FastIron Backbone
1
2
Link
Activity
3
4
9
10
7
8
FDX
Link/Act
FDX
Link/Act
Console
Power
11
12
13
15
16
14
FDX
Link/Act
FDX
Link/Act
TurboIron
Link
Activity
Link
Activity
Console
Link
Activity
Power
Link
Activity
FastIron Backbone
1
2
Link
Activity
Console
Power
IPX Network:
00000222
3
4
FDX
Link/Act
FDX
Link/Act
IPX
VLAN 2
5
6
9
10
7
8
FDX
Link/Act
FDX
Link/Act
11
12
13
14
15
16
TurboIron(config)# ipx-net 00000222 ethernet_802.3

TurboIron(config-ipx_proto)# static e3 to 4 e6
TurboIron(config-ipx_proto)# router-interface ve2
TurboIron(config-ipx_proto)# exit
TurboIron(config)# int ve1
TurboIron(config-vif-1)# ipx net 00000111 ethernet_802.3
TurboIron(config-vif-1)# int ve2
TurboIron(config-vif-2)# ipx net 00000222 ethernet_802.3
TurboIron(config-vif-2)# exit
TurboIron(config)# write mem
07/03/15
1999 Foundry
21
Networks,
VRRP Lab #1: Simple VRRP (part 1)

100.200.1.2
GW: 100.200.1.1
PC1
Port: e2/1
158.238.1.2/24
Port:e2/3
100.200.1.1/24
Port: e2/2
158.238.2.2/24
RouterA
Port: e3
158.238.2.1/24
Port: e3
158.238.1.1/24
RouterC
RouterB
Port: e1
209.157.22.1/24 , IP RIP V2-only
Owner
VRID 1, priority 255
1) Ping from PC2 to PC1
2) Pull cable from RouterB, e1
Did the PINGs from PC2 stop?
3) show ip vrrp on Router B & C
Did the master initialize?
Did the backup take over as Master?
Port: e1
209.157.22.2/24, IP RIP V2-only
Backup to 209.157.22.1
Hub
PC2
209.157.22.32
GW: 209.157.22.1
07/03/15
1999 Foundry
22
Networks,
VRRP Lab #1: Simple VRRP (part 2)

ver 05.2.13T13
ver 05.2.13T13
hostname RouterB-LEFT
hostname RouterC-Right
router vrrp
router vrrp
!
!
interface e 1
interface e 1
ip address 209.157.22.1 255.255.255.0
ip address 209.157.22.2
ip rip v2-only
255.255.255.0
ip vrrp vrid 1
ip rip v2-only
owner
ip vrrp vrid 1
ip-address 209.157.22.1
backup priority 150
activate
ip-address 209.157.22.1
!
activate
interface e 3
!
ip address 158.238.1.1 255.255.255.0
interface e 3
ip rip v2-only
ip address 158.238.2.1
!
255.255.255.0
!
ip rip v2-only
router rip
!
!
router rip
end
!
end
07/03/15
1999 Foundry
23
Networks,
VRRP Lab #2: Track Ports (part 1)

100.200.1.2
GW: 100.200.1.1
PC1
Port: e2/1
158.238.1.2/24
Port:e2/3
100.200.1.1/24
Port: e2/2
158.238.2.2/24
RouterA
Port: e3
158.238.2.1/24
Port: e3
158.238.1.1/24
RouterC
RouterB
Port: e1
209.157.22.1/24 , IP RIP V2-only
Owner
Port: e1
209.157.22.2/24, IP RIP V2-only
Backup to 209.157.22.1
Hub
Track Port e3
1) Ping from PC2 to PC1
2) Pull cable from RouterB, e3
Did the PINGs from PC2 stop?
3) show ip vrrp on Router B & C
Did the master initialize?
Did the backup take over as Master?
Look at the current priority
Track Port e3
PC2
209.157.22.32
GW: 209.157.22.1
Track Priority for each Router is in the same

precedence as the Backup Priorities, BUT,
must be lower than the lowest backup
priority.
A: 255/149 B:200/148 C:150/147
When a track port fails, the new priority is the
track port priority and will now be lower
than the next backups Main Priority
07/03/15
1999 Foundry
24
Networks,
VRRP Lab #2: Track Ports (part 2)

ver 05.2.13T13
hostname RouterB-LEFT
router vrrp
!
interface e 1
ip address 209.157.22.1
255.255.255.0
ip rip v2-only
ip vrrp vrid 1
owner
ip-address 209.157.22.1
track-port e3
activate
!
interface e 3
255.255.255.0
ip rip v2-only
!
!
router rip
!
end
ver 05.2.13T13
hostname RouterC-Right
router vrrp
!
interface e 1
ip address 209.157.22.2
255.255.255.0
ip rip v2-only
ip vrrp vrid 1
backup priority 150
ip-address 209.157.22.1
track-port e3
activate
!
interface e 3
255.255.255.0
ip rip v2-only
!
router rip
!
end
07/03/15
1999 Foundry
25
Networks,
This slide intentionally left blank
07/03/15
1999 Foundry
26
Networks,

Extreme Switch Manual

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Extreme Switch Manual

Uploaded by

Copyright:

Available Formats

Switched Routing

and Layer 3 VLANs

1999 Foundry Networks, Inc.

Switched Routing - Overview

All routers are ASIC-based routers that provide wire-speed

Switched Routing Feature Set

IP RIP V1 & V2, OSPF, BGP4

Foundry Standby Router Protocol

Ultra High Performance

Flexible Network Design

Switched Routing - Enabling IP

If other interfaces need to switch

Routing Lab #1: subnet to subnet

All Gig Router

FastIron Workgroup switch

Routing Lab #1: subnet to subnet

a) Ping from PC 1 to Router 1, Router 2, and

** verify configuration using the

Switched Routing - RIP parameters

1999 Foundry Networks, Inc.

VLANs - Layer 2 VLANs on Routers

VLANs - Subnet VLANs on Routers

VLANs - Subnet VLANs on Routers

<continued on next slide>

VLANs - Subnet VLANs on Routers

NetIron(config)# interface ve1

Switched within VLAN groups

Switched Routing - Subnet VLAN

NetIron(config)# router rip

NetIron(config)# ip-subnet 192.123.44.0/24

Routing & L2 VLAN Lab: (part 1)

Routing & L2 VLAN Lab: (part 2)

Create VLAN 111

#vlan 111 by port

Repeat for VLAN 222

#vlan 222 by port

Configure each Virtual Ethernet

Create VLAN 111 and VLAN 2222

On the FastIron Workgroup

Routing & L2 VLAN Lab: (part 3)

Ping between VLANs from any port

Switched Routing - OSPF

Optional OSPF parameters:

Switched Routing - OSPF example

(config)# router rip

Switched Routing - IPX

Switched Routing - IPX example

TurboIron(config)# router ipx

TurboIron(config)# ipx-net 00000222 ethernet_802.3

VRRP Lab #1: Simple VRRP (part 1)

VRRP Lab #1: Simple VRRP (part 2)

VRRP Lab #2: Track Ports (part 1)

Track Priority for each Router is in the same

VRRP Lab #2: Track Ports (part 2)

This slide intentionally left blank

You might also like