Administrator Guide
In customer deployment topologies, it might be required that the traffic for certain management applications needs to exit out of the
management port only. You can use EIS to control and the traffic can exit out of any port based on the route lookup in the IP stack.
One typical example is an SSH session to an unknown destination or an SSH connection that is destined to the management port IP
address. The management default route can coexist with front-end default routes. If SSH is specified as a management application, SSH
links to and from an unknown destination uses the management default route.
Protocol Separation
When you configure the application application-type command to configure a set of management applications with TCP/UDP
port numbers to the OS, the following table describes the association between applications and their port numbers.
Table 36. Association Between Applications and Port Numbers
Application Name Port Number Client Server
SSH 22
Supported Supported
Sflow-Collector 6343
Supported
SNMP 162 for SNMP Traps (client),
161 for SNMP MIB response (server)
Supported
NTP 123
Supported
DNS 53
Supported
FTP 20/21
Supported Supported
Syslog 514
Supported
Telnet 23
Supported Supported
TFTP 69
Supported
Radius 1812,1813
Supported
Tacacs 49
Supported
HTTP 80 for httpd
443 for secure httpd
8008 HTTP server port for confd application
8888 secure HTTP server port for confd
application
Supported
If you configure a source interface is for any EIS management application, EIS might not coexist with that interface and the behavior is
undefined in such a case. You can configure the source interface for the following applications: FTP, ICMP (ping and traceroute utilities),
NTP, RADIUS, TACACS, Telnet, TFTP, syslog, and SNMP traps. Out of these applications, EIS can coexist with only syslog and SNMP
traps because these applications do not require a response after a packet is sent.
The switch also processes user-specified port numbers for applications such as RADIUS, TACACS, SSH, and sFlow. The OS maintains a
list of configured management applications and their port numbers. You can configure two default routes, one configured on the
management port and the other on the front-end port.
Two tables, namely, Egress Interface Selection routing table and default routing table, are maintained. In the preceding table, the columns
Client and Server indicate that the applications can act as both a client and a server within the switch. The Management Egress Interface
Selection table contains all management routes (connected, static and default route). The default routing table contains all management
routes (connected, static and default route) and all front-end port routes.
Internet Group Management Protocol (IGMP)
345