Usage Guidelines
If you permit or allow a specific protocol to an interface, traffic is allowed only for that protocol, and all other
management traffic is dropped.
After you configure the interface as inband or out-of-band, the specified protocol's traffic, or all protocol
traffic, is allowed on the interface. Interfaces that are not configured as inband or out-of-band interfaces, drop
the protocol traffic.
The IOS XR XML API provides a programmatic interface to the router for use by external management
applications. This interface provides a mechanism for router configuration and monitoring utilizing XML
formatted request and response streams. As one of the management services, XML should be capable of
applying MPP. To secure XML MPP data, XML keyword has been added to the command.
Task ID
OperationsTask ID
read, writesystem
Examples
The following example shows how to configure all management protocols for all inband interfaces:
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# control-plane
RP/0/RP0/CPU0:router(config-ctrl)# management-plane
RP/0/RP0/CPU0:router(config-mpp)# inband
RP/0/RP0/CPU0:router(config-mpp-inband)# interface all
RP/0/RP0/CPU0:router(config-mpp-inband-all)# allow all
The following example shows how to configure peer interface for the TFTP protocol for out-of-band interfaces:
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# control-plane
RP/0/RP0/CPU0:router(config-ctrl)# management-plane
RP/0/RP0/CPU0:router(config-mpp)# out-of-band
RP/0/RP0/CPU0:router(config-mpp-outband)# interface GigabitEthernet 0/1/1/2
RP/0/RP0/CPU0:router(config-mpp-outband-GigabitEthernet0_1_1_2)# allow TFTP peer
RP/0/RP0/CPU0:router(config-tftp-peer)#
The following example shows how to configure MPP support on an XML peer in-band interface:
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# control-plane
RP/0/RP0/CPU0:router(config-ctrl)# management-plane
RP/0/RP0/CPU0:router(config-ctrl-mpp)# inband interface all allow xml peer address ipv4
172.10.10.1
Related Commands
DescriptionCommand
Configures the control plane.control-plane, on page 169
Configures an inband interface or protocol.inband, on page 170
Cisco IOS XR System Security Command Reference for the Cisco CRS Router, Release 4.1
OL-24740-01 167
Management Plane Protection Commands
allow
To Next Page
Loading...
Need help?
General
