|
|
The Apollo Domain routing protocol is the native-mode networking protocol for Apollo workstations. This chapter describes how to configure Apollo Domain routing. It also describes how to control access to the Apollo Domain network, optimize Apollo Domain network performance, and monitor the Apollo Domain network. For a complete description of the commands discussed in this chapter, refer to the "Configuring Apollo Domain" chapter in the Router Products Configuration Guide.
To apply an access list to an interface, use the apollo access-group interface configuration command. To remove the access list, use the no form of this command.
apollo access-group access-list-name| access-list-name | Name of an access list to apply to the interface |
None
Interface configuration
The apollo access-group command applies an access list to an interface. You use the apollo access-list command to specify the filtering conditions.
You can apply only one access list to an interface.
In the following example, the access list named "eng" is assigned to the first Ethernet interface:
interface ethernet 0
apollo access-group eng
apollo access-list
show apollo interface
To define an Apollo Domain access list, use the access-list global configuration command. To remove an access list, use the no form of this command.
apollo access-list access-list-name {deny | permit} [firstnet-]lastnet.host [wildcard-mask]| access-list-name | Name of the access list. |
| deny | Denies access if the conditions are matched. |
| permit | Permits access if the conditions are matched. |
| firstnet | (Optional) Number that specifies the lower limit of a selected Apollo network range. |
| lastnet.host | Number that specifies the upper limit of a selected Apollo network range. This is a 32-bit Apollo address consisting of a network number and a host number separated by a period. To specify all networks, use a value of -1. |
| wildcard-mask | (Optional) A wildcard mask that uses the one bits to ignore the host part of the network address. Host bits corresponding to wildcard mask bits set to zero are used in comparisons. |
None
Global configuration
Use this command in conjunction with the apollo access-group command to restrict access to the Apollo network. Apollo Domain access lists are collections of permit and deny conditions that apply to defined Apollo network and host numbers. The router sequentially tests the network and host numbers against conditions set in the access lists. The first match determines whether the router accepts or rejects the network and host number. Because the router stops testing conditions after the first match, the order of the conditions is critical. If no conditions match, the software rejects the network and host number.
Apollo Domain access lists are identified by a name, not by a number.
You can define Apollo access lists for a single network or for a range of Apollo networks. An access list can contain an indefinite number of actual and wildcard addresses. A wildcard address has a nonzero mask and thus potentially matches more than one actual address. The software examines the actual addresses, then the wildcard addresses. The order of the wildcard addresses is important because the software stops examining access list entries once it finds a match.
After creating an access list, apply the list restrictions to specific interfaces with the apollo access-group command.
In the following example, the first line denies access to networks 3a to 3f, the second line denies access to a specific host, and the third line permits everyone else.
apollo access-list eng deny 3a-3f.0 fffff
apollo access-list eng deny 5fe.1293c
apollo access-list eng permit -1.0 ffff
apollo access-group
show apollo interface
To set the maximum number of paths the router uses when sending packets, use the apollo maximum-paths global configuration command. To restore the default value, use the no form of this command.
apollo maximum-paths paths| paths | Maximum number of equal-cost paths from which the router chooses. The argument paths can be a value from 1 to 512. The default value is 1. |
1 path
Global configuration
A router can use multiple paths to reach an Apollo Domain destination in order to increase throughput in the network. By default, the router will pick one best path and send all traffic on this path, but you can configure it to remember two or more paths that have equal costs and to balance the traffic load across all the available paths. (Note that when paths have differing costs, the router chooses lower-cost routes in preference to higher-cost routes.) Packets are distributed over the multiple paths in round-robin fashion on a packet-by-packet basis. That is, the first packet is sent along the first path, the second packet along the second path, and so on. If the final path is reached before all packets are sent, the next packet is sent to the first path, the next to the second path, and so on.
Limiting the number of equal-cost paths can save memory on routers with limited memory or very large configurations. Additionally, in networks with a large number of multiple paths and systems with limited ability to cache out-of-sequence packets, performance might suffer when traffic is split between many paths.
The following command sets a maximum of three equal-cost paths:
apollo maximum-paths 3
show apollo route
To enable Apollo Domain routing on a particular interface, use the apollo network interface configuration command. To disable Apollo Domain routing on an interface, use the no form of this command.
apollo network numbernumber | Network number. This is an eight-digit hexadecimal number consisting of the network address followed by the host address. |
Disabled
Interface configuration
You must enable Apollo routing on the router with the apollo routing command before issuing the apollo network command.
The following example enables Apollo Domain routing, specifying that Apollo networks 5f and 4e are connected to two of the router's Ethernet interfaces:
apollo routing 23d5a
interface ethernet 0
apollo network 5f
interface ethernet 1
apollo network 4e
apollo routing
show apollo interface
To add a static route to the Apollo Domain routing table, use the apollo route global configuration command. To remove a route from the routing table, use the no form of this command.
apollo route destination-network network.host| destination-network | Network to which you want to establish a static route. This is a 12-bit hexadecimal number. You can omit leading zeros. |
| network.host | Network address of the router to which to forward packets destined for destination-network.
The argument network is a 12-bit hexadecimal number. You can omit leading zeros. The argument host is the host number of the target router. This is a 20-bit hexadecimal value. |
Disabled
Global configuration
Static routes always override any paths determined by metrics.
Be careful when assigning static routes. When links associated with static routes are lost, traffic may stop being forwarded even though alternative paths might be available.
In the following example, all packets addressed to network 33 will be forwarded to the router at the address of 45.91ac6:
apollo route 33 45.91ac6
show apollo route
To enable Apollo routing, use the apollo routing global configuration command. To disable Apollo routing, use the no form of this command.
apollo routing host| host | Host number of the router. This is a five-digit hexadecimal host address that is unique across the Apollo internet. |
Disabled
Global configuration
This command must be used in conjunction with the apollo network command.
In the following example, Apollo Domain routing is enabled on the router whose host address is 23d5a:
apollo routing 23d5a
apollo network
show apollo interface
To set the interval between Apollo Domain routing updates, use the apollo update-time interface configuration command. To restore the default value, use the no form of this command.
apollo update-time interval| interval | Interval, in seconds, at which Apollo Domain routing updates are sent. The minimum interval is 10 seconds, and the maximum is 2,493,644 seconds. The default is 30 seconds. |
30 seconds
Interface configuration
The apollo update-time command sets the routing update timer on a per-interface basis. To display the current value, use the show apollo route command.
Routers exchange information about routes by sending broadcast messages when they are brought up and shut down, and periodically while they are running. The apollo update-time command lets you modify the periodic update interval.
You can set RIP timers only in a configuration in which all routers are our routers. The timers should be the same for all routers connected to the network.
The update interval you choose affects the internal Apollo Domain timers as follows:
The concept of granularity is best explained by an example. (This is illustrated in the "Example" section below.) If you have two interfaces in the router and you set the update timer on one to 20 seconds and the second to 30 seconds, the router wakes up every 20 seconds to try to send routing updates. So at time 0:00:20, the router sends an update out the first interface only, and at time 0:00:40 it sends updates out the first and second interfaces. The router does not wake up at 0:00:30 to see if it needs to send an update out the second interface. This means that routing updates are sent out the second interface at N:NN:40 and N:NN:00. That is, the interval alternates between 40 seconds and 20 seconds; it is never 30 seconds. The interval on the first interface is always 20 seconds.
Ensure that all timers are the same for all routers attached to the same network segment.
Do not use the apollo update-time command in a multivendor router environment.
The following example sets the update timers on three interfaces in the router. The update timer granularity would be 20 seconds because this is the lowest value specified.
interface serial 0
apollo update-time 40
interface ethernet 0
apollo update-time 20
interface ethernet 1
apollo update-time 25
show apollo interface
To list the entries in the Apollo Domain ARP table, use the show apollo arp EXEC command.
show apollo arpThis command has no arguments or keywords.
EXEC
The following is sample output from the show apollo arp command:
Router# show apollo arp
Protocol Address Age (min) Hardware Addr Type Interface
Apollo 123A.CAFE - 0000.0c00.62e6 ARPA Ethernet0
Table 12-1 describes the fields shown in the display.
| Field | Description |
|---|---|
| Protocol | Protocol for which the interface has been configured. This should be Apollo. |
| Address | Apollo address of the interface. |
| Age (min) | Time, in minutes, that this entry has been in the ARP table. A hyphen indicates that this is a new entry. |
| Hardware Addr | MAC address of this interface. |
| Type | Encapsulation type. |
| Interface | Type and number of the interface. |
To display the status of the Apollo Domain interfaces configured in the router and the parameters configured on each interface, use the show apollo interface EXEC command.
show apollo interface [interface unit]| interface unit | (Optional) Interface and unit identifiers. The variable interface can be one of the following types: asynchronous, dialer, Ethernet (IEEE 802.3), loopback, null, serial, or tunnel. The variable unit is the number of the interface. For example, ethernet0 specifies the first Ethernet interface. |
EXEC
The following is sample output from the show apollo interface command:
Router# show apollo interface ethernet0
Ethernet 0 is up, line protocol is up
Apollo address is 123A.CAFE
Update time is 30 seconds
Outgoing access list is not set
Table 12-2 describes the fields shown in the display.
| Field | Description |
|---|---|
| Ethernet 0 is ... | The interface is currently active and inserted into the network (up) or is inactive and not inserted (down). |
| line protocol is ... | Indicates whether the software processes that handle the line protocol believe that the interface is usable (that is, whether keepalives are successful). |
| Apollo address is 123A.CAFE | Address of the Apollo interface, followed by its subnet mask, if any. |
| Update time is 30 seconds | How often the router sends RIP updates, as configured with the apollo update-time command. |
| Outgoing access list is not set | Indicates whether an access list has been enabled with the apollo access-list command. |
apollo access-group
apollo access-list
apollo update-time
To display the contents of the Apollo Domain routing table, use the show apollo route EXEC command.
show apollo route [network]| network | (Optional) Number of the network that the route is to. This is a 12-bit hexadecimal number. |
EXEC
The following is sample output from the show apollo route command:
Router# show apollo route
Codes: R - RIP derived, C - connected, S - static, 1 learned routes
Maximum allowed path(s) are/is 1
C Net 123A is directly connected, 0 uses, Ethernet0
C Net 123B is directly connected, 0 uses, Ethernet1
R Net 123C [1/0] via 123A.CAFB, 4 sec, 0 uses, Ethernet0
Table 12-3 describes the fields shown in the display.
| Field | Description |
|---|---|
| Codes: | Codes defining source of route. |
| R | Route learned from a RIP update. |
| C | Directly connected network. |
| S | Statically defined route via the apollo route command. |
| l learned routes | Number of routes learned from RIP updates. |
| Maximum allowed path(s) are/is 1 | Maximum number of paths for which the router has been configured with the apollo maximum-paths command. |
| Net 123A | Apollo network number. |
| is directly connected | Indicates that this network is directly connected to the router. |
| uses | Fair estimate of the number of times a route gets used. It actually indicates the number of times the route has been selected for use prior to operations such as access list filtering. |
| Ethernet 0 | Possible interface through which you can reach the remote network via the specified router. |
| [1/0] | Delay/Metric. The delay is the delay between sending routing updates. The metric is the Apollo Domain metric used in making routing decisions. |
| via | Address of a router that is the next hop to the remote network. |
| sec | Number of seconds since information about this network was last heard. |
apollo maximum-paths
apollo route
To display information about the number and type of Apollo Domain packets transmitted and received by the router, use the show apollo traffic EXEC command.
show apollo trafficThis command has no arguments or keywords.
EXEC
The following is sample output from the show apollo traffic command output:
Router# show apollo traffic
Rcvd: 8 total, 0 format errors, 0 checksum errors, 0 bad hop count,
8 local destination, 0 multicast
Bcast: 8 received, 0 sent
Sent: 16 generated, 0 forwarded
0 encapsulation failed, 0 no route
0 unknown
Table 12-4 describes the fields shown in the display.
| Field | Description |
|---|---|
| Rcvd: | Description of the Apollo Domain packets the router has received. |
| 8 total | Total number of packets the router has received. |
| 0 format errors | Number of bad packets discarded (for example, packets with a corrupted header). |
| 0 checksum errors | Number of packets discarded because they contained checksum errors. This field should always have a value of 0, because Apollo Domain does not use a checksum. |
| 0 bad hop count | Number of packets discarded because their hop count exceeded 16 (that is, the packets timed out). |
| 8 local destination | Number of packets sent to the local broadcast address or specifically to the router. |
| 0 multicast | Number of packets received that were addressed to multiple destinations. |
| Bcast: | Number of broadcast packets received and sent. |
| Sent: | Description of the Apollo Domain packets the router has sent. |
| 16 generated | Number of packets the router transmitted that it generated itself. |
| 0 forwarded | Number of packets the router transmitted that it forwarded from other sources. |
| 0 encapsulation failed | Number of packets the router was unable to encapsulate. |
| 0 no route | Number of times the router could not locate in the routing table a route to the destination. |
| Unknown: | Number of packets the router was unable to forward, for example, because of a misconfigured helper address or because no route was available. |
|
|