Receiving of routes, which are configured in VRF via BGP or/and OSPF, failed. The neighbor adjacency is successfully established, but record of routes in RIB is denied
%ROUTING-W-KERNEL: Can not install route. Reached the maximum number of BGP routes in the RIB
Allocate RIB resource for VRF (0 by default). Do it in VRF configuration mode:
esr(config)# ip vrf <NAME> esr(config-vrf)# ip protocols ospf max-routes 12000 esr(config-vrf)# ip protocols bgp max-routes 1200000 esr(config-vrf)# end
SSH/Telnet sessions, which go through ESR router, are closing.
Configure transmission of keepalive packets in order to keep session active. Keepalive transmission option is configured on SSH client, for instance, section 'Connection' for PuTTY client.
It is possible to set timeout before closing inactive TCP sessions (1 hour in example):
esr(config)# ip firewall sessions tcp-estabilished-timeout 3600
Firewall was disabled on interface (ip firewall disable). However access for active sessions from the port was not closed, according to security zone-pair rules, after including this interface to security zone, removing from 'ip firewall disable' configuration and applying changes.
Changes in Firewall configuration will be active only for new sessions. The reset of Firewall active sessions does not occur. You can clear active sessions in firewall, using following command:
esr# clear ip firewall session
LACP does not launch on XG ports of ESR-1000/1200/1500/1700
Port-channel has speed 1000M mode by default. Enable speed 10G mode:
esr(config)# interface port-channel 1 esr(config-port-channel)# speed 10G
How to clear ESR configuration completely and reset it to factory default?
Copy blank configuration in candidate-config and apply it in running-config.
esr# copy system:default-config system:candidate-config
Reset to factory default is similar.
esr# copy system:factory-config system:candidate-config
How to attach sub-interface to created VLAN?
While sub-interface creation, VLAN is created and attached automatically (direct correlation index sub – VID).
esr(config)# interface gigabitethernet 1/0/1.100
Information messages are shown after applying:
2016-07-14T012:46:24+00:00 %VLAN: creating VLAN 100
Do the ESR series routers have features for traffic analysis?
Opportunity of analyzing traffic through CLI interfaces is realized on ESR-series routers. A packet sniffer is launched by monitor command.
esr# monitor gigabitethernet 1/0/1
How to configure ip-prefix-list 0.0.0.0./0?
Example of prefix-list configuration is shown below. The configuration allows route reception by default.
esr(config)# ip prefix-list eltex esr(config-pl)# permit default-route
Problem of asynchronous traffic transmission is occurred
In case of asynchronous routing, Firewall will forbid 'incorrect' ingress traffic (which does not open new connection and does not belong any established connection) for security reasons.
Allowing rule in Firewall does not solve the problem.
Firewall should be disabled on the ingress interface.
esr(config-if-gi)# ip firewall disable
How to save the local copy of the router configuration?
If you need to copy the current running or candidate configuration on the router itself, you can use the copy command specifying 'system:running-config' or 'system:candidate-config' as the copy source, and the file in the 'flash:data/' section as the copy destination.
esr# copy system:candidate-config flash:data/temp.txt
Also, it is possible to copy previously saved configuration files (automatically from the flash:backup/ section or manually from the flash:data/ section) to the candidate configuration:
esr# copy flash:data/temp.txt system:candidate-config esr# copy flash:backup/config_20190918_164455 system:candidate-config