Users Guide
Application Name Port Number Client Server
443 for secure httpd
8008 HTTP server port for confd application
8888 secure HTTP server port for confd application
If you congure a source interface is for any EIS management application, EIS might not coexist with that interface and the behavior
is undened in such a case. You can congure the source interface for the following applications: FTP, ICMP (ping and traceroute
utilities), NTP, RADIUS, TACACS, Telnet, TFTP, syslog, and SNMP traps. Out of these applications, EIS can coexist with only syslog
and SNMP traps because these applications do not require a response after a packet is sent.
The switch also processes user-specied port numbers for applications such as RADIUS, TACACS, SSH, and sFlow. The OS
maintains a list of congured management applications and their port numbers. You can congure two default routes, one congured
on the management port and the other on the front-end port.
Two tables, namely, Egress Interface Selection routing table and default routing table, are maintained. In the preceding table, the
columns Client and Server indicate that the applications can act as both a client and a server within the switch. The Management
Egress Interface Selection table contains all management routes (connected, static and default route). The default routing table
contains all management routes (connected, static and default route) and all front-end port routes.
Enabling and Disabling Management Egress Interface Selection
You can enable or disable egress-interface-selection using the management egress-interface-selection command.
NOTE: Egress Interface Selection (EIS) works only with IPv4 routing.
When the feature is enabled using the management egress-interface-selection command, the following events are
performed:
• The CLI prompt changes to the EIS mode.
• In this mode, you can run the application and no application commands
• Applications can be congured or uncongured as management applications using the application or no application
command. All congured applications are considered as management applications and the rest of them as non-management
applications.
• All the management routes (connected, static and default) are duplicated and added to the management EIS routing table.
• Any new management route added is installed to both the EIS routing table and default routing table.
• For management applications, route lookup is preferentially done in the management EIS routing table for all trac. management
port is the preferred egress port. For example, if SSH is a management application, an SSH session to a front-panel port IP on
the peer box is initiated via management port only, if the management port is UP and management route is available.
• If SSH request is received on the management port destined to the management port IP address, the response to the request is
sent out of the management port by performing a route lookup in the EIS routing table
• If the SSH request is received on the front-end port destined for the front-end IP address, the response trac is sent by doing a
route lookup in the default routing table only.
• If the management port is down or route lookup fails in the management EIS routing table, packets are dropped.
• For all non-management applications, trac exits out of either front-end data port or management port based on route lookup in
default routing table.
• Ping and traceroute are always non-management applications and route lookup for these applications is done in the default
routing table only.
• For ping and traceroute utilities that are initiated from the switch, if reachability needs to be tested through routes in the
management EIS routing table, you must congure ICMP as a management application.
356
Internet Group Management Protocol (IGMP)