Support User Manuals

Cisco Systems ASR 9000 Switch User Manual

Open as PDF

of 140

1-19

Cisco ASR 9000 Series Aggregation Services Router Getting Started Guide

OL-17502-02

Chapter 1 Introducing the Cisco ASR 9000 Series Aggregation Services Router

Initial Router Configuration

Security

• Cisco IOS XR Software: This software provides comprehensive network security features, including

ACLs; control-plane protection; routing authentications; authentication, authorization, and

accounting (AAA); TACACS+; IP Security (IPSec); Secure Shell (SSH) Protocol; SNMPv3; and

leading Routing Policy Language (RPL) support.

• Layer 2 ACLs: You can use this security feature to filter packets under an EVC based on MAC

addresses.

• Layer 3 ACLs: This feature matches ACLs by IPv4 protocol packet attributes.

• Security: Many critical security features are supported:

–

Standard IEEE 802.1ad Layer 2 Control Protocol (L2CP) and bridge-protocol-data-unit

(BPDU) filtering

–

MAC limiting per EFP or bridge domain

–

Unicast, multicast, and broadcast storm control blocking on any interface or port

–

Unknown Unicast Flood Blocking (UUFB)

–

Dynamic Host Configuration Protocol (DHCP) Snooping

–

Unicast Reverse Path Forwarding (URPF)

–

Control-plane security

• Secure Shell (SSH)

• Authorization, Admission, Accounting (AAA)

• Control Plane Policing (CoPP)

Initial Router Configuration

The initial configuration of the Cisco ASR 9000 Series router is determined automatically by the

software when you boot the router; you need not set up any general configuration information. Also there

is no explicit configuration needed to make a particular RSP active. It becomes the active RSP when

chosen automatically by the software upon boot.

Since there are not multiple RSP pairs in this router, the only RSP choices are RSP0 and RSP1. Typically,

the lower numbered slot is the chosen RSP. If that RSP is not available the software chooses the RSP in

the other slot as the route process controller, making it the primary RSP. During fail over or switch over,

the active role migrates to the standby RSP.

Management Interfaces

Although there is no need to set up general router configuration information, you do need to configure

management interfaces manually. Configure management ports on RSP0, RSP1, or both at the same

time:

• Telnet

• Secure Shell (SSH)

• Console Server

The router provides different router management interfaces, described in the following sections:

previous next