Implementing Management Plane Protection on Cisco IOS XR Software
How to Configure a Device for Management Plane Protection
SC-188
Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router
OL-20382-01
SUMMARY STEPS
1. configure
2. control-plane
3. management-plane
4. out-of-band
5. vrf vrf-name
6. interface {type instance | all}
7. allow {protocol | all} [peer]
8. address ipv6 {peer-ip-address | peer ip-address/length}
9. end
or
commit
10. show mgmt-plane [inband | out-of-band] [interface {type instance} | vrf]
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
control-plane
Example:
RP/0/RP0/CPU0:router(config)# control-plane
RP/0/RP0/CPU0:router(config-ctrl)#
Enters control plane configuration mode.
Step 3
management-plane
Example:
RP/0/RP0/CPU0:router(config-ctrl)# management-plane
RP/0/RP0/CPU0:router(config-mpp)#
Configures management plane protection to allow
and disallow protocols and enters management plane
protection configuration mode.
Step 4
out-of-band
Example:
RP/0/RP0/CPU0:router(config-mpp)# out-of-band
RP/0/RP0/CPU0:router(config-mpp-outband)#
Configures out-of-band interfaces or protocols and
enters management plane protection out-of-band
configuration mode.
Step 5
vrf vrf-name
Example:
RP/0/RP0/CPU0:router(config-mpp-outband)# vrf target
Configures a Virtual Private Network (VPN) routing
and forwarding (VRF) reference of an out-of-band
interface.
• Use the vrf-name argument to assign a name to
a VRF.
To Next Page
Loading...
