Administrator Guide
• For all non-management applications, traffic exits out of either front-end data port or management port based on route lookup in
default routing table.
• Ping and traceroute are always non-management applications and route lookup for these applications is done in the default routing
table only.
• For ping and traceroute utilities that are initiated from the switch, if reachability needs to be tested through routes in the management
EIS routing table, you must configure ICMP as a management application.
• If ping and traceroute are destined to the management port IP address, the response traffic for these packets is sent by doing route
lookup in the EIS routing table.
When the feature is disabled using the no management egress-interface-selection command, the following operations are
performed:
• All management application configuration is removed.
• All routes installed in the management EIS routing table are removed.
Handling of Management Route Configuration
When the EIS feature is enabled, the following processing occurs:
• All existing management routes (connected, static and default) are duplicated and added to the management EIS routing table.
• Any management static route newly added using the management route CLI is installed to both the management EIS routing table
and default routing table.
• As per existing behavior, for routes in the default routing table, conflicting front-end port routes if configured has higher precedence
over management routes. So there can be scenarios where the same management route is present in the EIS routing table but not in
the default routing table.
• Routes in the EIS routing table are displayed using the show ip management-eis-route command.
• In the netstat output, the prefix “mgmt” is added to routes in the EIS table so that the user can distinguish between routes in the EIS
Routing table and default routing table.
• If the management port IP address is removed, the corresponding connected route is removed from both the EIS routing table and
default routing table.
• If a management route is deleted, then the route is removed from both the EIS routing table and default routing table.
Handling of Switch-Initiated Traffic
When the control processor (CP) initiates a control packet, the following processing occurs:
• TCP/UDP port number is extracted from the sockaddr structure in the in_selectsrc call which is called as part of the connect system
call or in the ip_output function. If the destination TCP/UDP port number belongs to a configured management application, then
sin_port of destination sockaddr structure is set to Management EIS ID 2 so that route lookup can be done in the management EIS
routing table.
• To ensure that protocol separation is done only for switch initiated traffic where the application acts as client, only the destination
TCP/UDP port is compared and not the source TCP/UDP port. The source TCP/UDP port becomes a known port number when the
box acts as server.
• TFTP is an exception to the preceding logic.
• For TFTP, data transfer is initiated on port 69, but the data transfer ports are chosen independently by the sender and receiver during
initialization of the connection. The ports are chosen at random according to the parameters of the networking stack, typically from
the range of temporary ports.
• If route lookup in EIS routing table succeeds, the application-specific packet count is incremented. This counter is viewed using the
show management application pkt-cntr command. This counter is cleared using clear management application
pkt-cntr command.
• If the route lookup in the EIS routing table fails or if management port is down, then packets are dropped. The application-specific
count of the dropped packets is incremented and is viewed using the show management application pkt-drop-cntr
command. This counter is cleared using clear management application pkt-drop-cntr command.
• Packets whose destination TCP/UDP port does not match a configured management application, take the regular route lookup flow in
the IP stack.
• In the ARP layer, for all ARP packets received through the management interface, a double route lookup is done, one in the default
routing table and another in the management EIS routing table. This is because in the ARP layer, we do not have TCP/UDP port
information to decide the table in which the route lookup should be done.
• The show arp command is enhanced to show the routing table type for the ARP entry.
• For the clear arp-cache command, upon receiving the ARP delete request, the route corresponding to the destination IP is
identified. The ARP entries learned in the management EIS routing table are also cleared.
294
Internet Group Management Protocol (IGMP)