CSM Management Configuration Commands

address

Syntax

[no] address ip-prefix/ip-prefix-length[active | standby]

Context

bof

Description

This command assigns an IP address to the CSM Management port in the running configuration and the BOF on the active CSM, or the CSM Management port on the standby CSM for systems using redundant CSMs.

Either an IPv4 or IPv6 address can be assigned to the CSM Management port. If an address already exists, it is overwritten with the new address. If no address exists, a new one is created.

Before changing an active IPv4 or IPv6 address, you must ensure that:

  • all static routes are removed

  • the standby address is removed; address changes are not allowed unless both addresses are on the same subnet

In previous releases, if an IPv6 address was assigned to the CSM Management port, an IPv4 address was also required on the port. This setup is no longer required; therefore, for configurations with both IPv4 and IPv6 addresses, the IPv4 address can be deleted from the BOF.

The no form of the command deletes the IP address from the CSM Management port.

If you delete an active IPv4 address from the BOF, or you replace an IPv4 address with an IPv6 address, the following must be considered.

  • IPv4 static routes must be removed before the IPv4 active address can be deleted.

  • If remote directory locations are used for the primary image file (primary-image) and primary configuration file (primary-config), you must also change the primary image and primary configuration paths (as well as the secondary and tertiary image and configuration files) to use IPv6 addresses. Otherwise, when the 7705 SAR reboots, it tries to load the image using IPv4, which causes continuous reboots.

  • If a primary DNS server is configured (primary-dns), the server address must be changed to an IPv6 address in order for it to be reachable.

If the IPv4 address is removed before any Telnet sessions can be established, Telnet IPv6 servers must be enabled using the config>system>security>telnet6-server command. See the 7705 SAR System Management Guide for the command description.

Caution:
  • If you have a dual IPv4/IPv6 BOF address configuration and you are running a Telnet IPv6 session or an SSH session, changing or deleting the active IPv4 address does not affect the session.

  • If you have a dual IPv4/IPv6 BOF address configuration and you are running a Telnet IPv4 session or an SSH session, changing or deleting the active IPv6 address does not affect the session.

  • If you have a dual IPv4/IPv6 BOF address configuration and you change or delete the active IP address that is the same version as the session (for example, you delete the active IPv4 address while running a Telnet IPv4 session), the session hangs after the change executes, and CLI access is lost. You can either close the session (if possible) or wait until it times out. You must start a new session, using the new or existing active BOF address, to regain CLI access.

  • If there is only one active BOF address on the port (that is, not the dual IPv4/IPv6 configuration), and it is deleted through a Telnet or SSH session, the session hangs and CLI access is lost. You must use a directly connected console session to create a new BOF address. It is strongly recommended that you do not delete a single active BOF address through Telnet or SSH.

Default

no address — there are no IP addresses assigned to CSM Management ports

Parameters

ip-prefix/ip-prefix-length

the IP address for the CSM Management port

active | standby

specifies which CSM Management port address is being configured: the active CSM Management port or the standby CSM Management port

Default

active

auto-discover

Syntax

auto-discover [id client-identifier][vlan vlan-id]

no auto-discover

Context

bof

Description

This command enables ADP as part of the boot-up sequence by adding an ADP keyword to the BOF file. ADP runs the next time the chassis is rebooted. You can also use this command to specify an optional unique identifier to use in the automatic discovery broadcast. You can use any unique identifier of up to 16 characters. If you specify mac, the chassis MAC address is used. If you run ADP with 802.1q encapsulation, you can specify the VLAN ID.

Parameters

client-identifier

indicates the unique system identifier to use in the auto-discovery broadcast. If you use MAC as the client identifier, the chassis MAC address is used.

Values

any combination of up to 16 alphanumeric characters with no spaces

vlan-id

indicates the VLAN ID for ADP with 802.1q encapsulation

Values

0 to 4094

autonegotiate

Syntax

[no] autonegotiate

Context

bof

Description

This command enables speed and duplex autonegotiation on the CSM Management port in the running configuration and the BOF.

When autonegotiation is enabled, the link attempts to automatically negotiate the link speed and duplex parameters. If autonegotiation is enabled, then the configured duplex and speed parameters are ignored.

The no form of the command disables the autonegotiate feature on this port.

Default

autonegotiate

duplex

Syntax

duplex {full | half}

Context

bof

Description

This command configures the duplex mode of the CSM Management port when autonegotiation is disabled in the running configuration and the BOF.

This configuration command allows for the configuration of the duplex mode of the CSM Management port. If the port is configured to autonegotiate, this parameter is ignored.

Default

duplex full — full duplex operation

Parameters

full

sets the link to full duplex mode

half

sets the link to half duplex mode

fips-140-2

Syntax

[no]fips-140-2

Context

bof

Description

This command is used to enable the node to support security level 1 of Federal Information Processing Standards 140 series, version 2 (FIPS-140-2). This mode limits the use of cryptographic algorithms on both the CSM and data plane to only those that are in accordance with FIPS-140-2. The node must be rebooted after executing this command in order for the node to begin operating in FIPS-140-2 mode.

Caution:

Before using this command, the operator must ensure that no current configuration exists in the configuration file that is not supported in FIPS-140-2 mode. Failing to remove unsupported configurations results in the node being unable to boot up.

The no form of the command disables support for security level 1 of FIPS-140-2 on the node.

Default

no fips-140-2

speed

Syntax

speed speed

Context

bof

Description

This command configures the speed for the CSM Management port when autonegotiation is disabled in the running configuration and the BOF.

If the port is configured to autonegotiate, this parameter is ignored.

Default

100 — 100 Mb/s operation

Parameters

speed

the link speed, in Mb/s

Values

10, 100, 1000

static-route

Syntax

[no] static-route ip-prefix/prefix-length next-hop ip-address

Context

bof

Description

This command creates a static route entry for the CSM Management port in the running configuration and the BOF.

This command allows manual configuration of static routing table entries. These static routes are only used by traffic generated by the CSM Management port. To reduce configuration, manual address aggregation should be applied where possible.

A static default route (0.0.0.0/0) cannot be configured on the CSM Management port. A maximum of 10 IPv4 and 10 IPv6 static routes can be configured on the CSM Management port.

Each unique next hop of active static routes configured on both the active and standby CSM Management ports are tested every 60 seconds. If the next hop is unreachable, an alarm is raised. The alarm condition is cleared when the preferred static route becomes reachable.

The no form of the command deletes the static route.

Default

n/a

Parameters

ip-prefix/prefix-length

the destination address requiring the static route

next-hop ip-address

the next hop IP address used to reach the destination