Intel 480T Bedienungsanleitung
- Schauen Sie die Anleitung online durch oderladen Sie diese herunter
- 523 Seiten
- 5.66 mb
Zur Seite of
Ähnliche Gebrauchsanleitungen
-
Switch
Intel 510T
144 Seiten 3.2 mb -
Switch
Intel 6300ESB
14 Seiten 0.19 mb -
Switch
Intel 220T
24 Seiten 0.59 mb -
Switch
Intel 82600
40 Seiten 0.74 mb -
Switch
Intel 82558
175 Seiten 0.97 mb -
Switch
Intel 550T
151 Seiten 1.95 mb -
Switch
Intel 480T
523 Seiten 5.66 mb -
Switch
Intel Ethernet Switch Boards
52 Seiten 9.04 mb
Richtige Gebrauchsanleitung
Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Intel 480T an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Intel 480T, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.
Was ist eine Gebrauchsanleitung?
Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Intel 480T die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.
Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Intel 480T. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.
Was sollte also eine ideale Gebrauchsanleitung beinhalten?
Die Gebrauchsanleitung Intel 480T sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Intel 480T
- Den Namen des Produzenten und das Produktionsjahr des Geräts Intel 480T
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Intel 480T
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen
Warum lesen wir keine Gebrauchsanleitungen?
Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Intel 480T zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Intel 480T und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Intel finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Intel 480T zu überspringen, wie es bei der Papierform passiert.
Warum sollte man Gebrauchsanleitungen lesen?
In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Intel 480T, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.
Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Intel 480T widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.
Inhaltsverzeichnis der Gebrauchsanleitungen
-
Seite 1
A14542-001 100044-00 rev04 Intel ® NetStructure ™ 480T Routing Switch User Guide Intel ® NetStructur e ™ 480T Routing Switch User Guide User Guide User Guide User Guide User Guide[...]
-
Seite 2
Copyright © 2001, Intel Corporation. All rights reserved. Intel Corporation, 5200 NE Elam Young Parkway, Hillsboro OR 97124-6497 Intel Corporation assumes no responsibility for errors or omissions in this manual. Nor does Intel make any commitment to update the information contained herein. * Other names and brands may be claimed as the property o[...]
-
Seite 3
Contents Contents .............. .................... .............. i Preface ................ .................... ............. 1 Introducti on ....... ....... ......... .......... ....... ......... ......... ....... .... 1 Related Publicati ons .. ....... ........ ....... ......... ......... ........ ..... 2 1: Overview ...................... .[...]
-
Seite 4
ii C O N T E N T S AC Connector ........ .......... ......... ....... ......... ......... ........ 10 Seri al Num ber .. ....... .... ....... ...... ..... ...... ....... .... ....... .... . 10 Cons ole P ort ...... ....... ...... ..... ...... ..... ...... ....... .... ....... ... 10 Management Port ............. ........... ............. ..........[...]
-
Seite 5
Intel® Ne tStructu re™ 480T Rou ting Switc h User Gu ide iii Viewi ng R MON Infor mat ion . ....... ...... ..... ...... ....... ..... ..... 3 0 To Vi ew RMO N Sta tistic s ....... .... ....... ...... ..... ...... ..... .. 31 4: Using Web Device Manager ... ....... 33 Enabling and Disabling Web Access ....... ......... ........... 33 Sett ing U p[...]
-
Seite 6
iv C O N T E N T S Domai n Na me Se rvice Clie nt ..... ....... .... ....... ...... ..... ...... 51 Real-time Basic Connect ivity Checking .......... ........... . 52 Ping ...... ...... ....... ..... ...... ....... .... ....... ...... ..... ...... ..... ..... 52 Trac erout e ....... .... ....... ....... .... ....... .... ....... ...... ..... ......[...]
-
Seite 7
Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide v 6: Configuring Ports .......................... 79 Confi guri ng Po rts .... ....... ...... ..... ...... ..... ...... ....... .... ....... . 79 Changing Port Speed and Duplex Setti ng ........... ...... 80 Random Early Detection (RED) .......... ........... ........... . 80 Turning Off [...]
-
Seite 8
vi C O N T E N T S Assigning a VLAN Tag ............... ........... ............. ..... 100 Mixing Port-Based and Tagged VLANs ......... .......... 102 Prot ocol-B ase d VLA Ns . ....... .... ....... ...... ..... ...... ..... ... 102 Predefined Pro tocol Filters ......... .......... ......... ....... ... 103 Defi ning P roto col Fi lter s .........[...]
-
Seite 9
Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide vii How FDB Entries Get Added ........... ........... .......... ... 121 Associati ng a QoS Profile with an FDB Entry ....... ... 122 Confi guri ng F DB E ntries .... ....... .... ....... ...... ..... ...... ...... 1 22 FDB Configuration Examples 123 Displ ayin g FDB En tries .... ...... [...]
-
Seite 10
viii C O N T E N T S Explicit Class of Service Tra ffic Grouping s (802.1p and DiffS erv) .. ....... .... ....... ...... ..... ...... ....... .... ....... .... ....... . 147 Configuri ng 802.1p Priori ty ........ ......... ....... ....... ....... 148 Observing 802.1p Information .... .......... ........... ........ 148 Replacing 802.1p Prior ity In[...]
-
Seite 11
Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide ix Ensure that EDP is Enabled .......... ......... ......... ........ 169 ESRP and Host Attached Ports ... ....... ........... ......... . 169 Open Shortest Path Fir st and ESRP ........ ....... ........ 169 Determining the ESRP Master ........... ............ ........... .. 170 ESRP Trac[...]
-
Seite 12
x C O N T E N T S BGP and OSPF Route Map Support f or Tagging .... 195 BGP and OSPF Route Map Support for DSB Accounting 195 Proxy ARP ................. ................. ............... ............ ....... 196 ARP-Incapable Devices.... ........... ........... ........... ...... 196 Prox y ARP Betw een Sub nets ....... ...... ..... ...... ..... ..[...]
-
Seite 13
Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xi Triggered Updat es ........ ........... ......... ........... ......... ... 226 Route Adve rtisem ent of VLANs .... ....... .... ....... ....... .. 226 RIP Versi on 1 Compared to RI P Version 2 ....... ...... 226 Overv iew o f O SPF ..... ..... ...... ....... .... ....... .... ....... [...]
-
Seite 14
xii C O N T E N T S 14: Bord er Gateway Protocol (BG P) 255 Overv iew .. .... ....... .... ....... ....... .... ....... ...... ..... ...... ....... .... 25 5 BGP A ttrib utes ...... ....... .... ....... ...... ..... ...... ....... .... ....... .. 256 BGP C ommuni ties ....... ...... ....... .... ....... ....... .... ....... ...... 25 6 BGP F eature[...]
-
Seite 15
Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xiii PIM -SM Con figur ation E xamp le ..... ..... ...... ....... ..... .. 286 Configurati on for ABR1 ..... ........... ........... ........... ...... 287 Displaying IP Mu lticast Routing Settings ......... ......... 287 Deleting and Resett ing IP Multicast Settings ...... ..... 288 16: [...]
-
Seite 16
xiv C O N T E N T S Precedence Number s .................. ........... ............. .... 312 Speci fying a D efaul t Rul e ...... .... ....... ....... .... ....... ..... 3 12 The Permit-Establ ished Keyword ........ ........... ......... 313 Adding and Deleti ng Access List Entries ........... ...... 314 Maxi mum Entrie s . ....... .... ....... ..[...]
-
Seite 17
Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xv Route Ma p Ope ration .. ...... ..... ...... ....... .... ....... ....... .. 34 1 Route Map Ex ample ..... ...... ..... ...... ....... .... ....... ....... . 341 Changes to Route Maps ....... ........... ............ ......... ... 342 Route Maps in BGP .. ..... ...... ....... .... ....[...]
-
Seite 18
xvi C O N T E N T S Exte rnal H ealt h Che ckin g ...... .... ....... .... ....... ....... .... . 374 Health Check s for Web Cac he Redirection and Policy Bas ed Routi ng ... ....... .... ....... ...... ..... ...... ....... .... ....... . 375 Layer 4 F lows .. ....... .... ....... ...... ..... ...... ....... .... ....... ... 376 Policy-Ba sed Routi[...]
-
Seite 19
Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xvii Port Monit oring Display Keys ..... ........... ........... ......... 407 Sett ing t he Sy stem Reco very Leve l ....... ....... .... ....... 408 Logging ..... .......... ............. ........... ............. ........... ......... 408 Local Logging ........ ........... ........... [...]
-
Seite 20
Intel ® Ne tStructure ™ 4 80T Routin g Switch Us er Guide xviii A: Technical Specificat ions and Supported Limits .................... ........... 431 Technical Spec ification s ..... ........... ......... ......... ......... .. 431 Supported Standards, RFCs and Protocols .......... .... 433 Supported Limits .......... ....... ....... ........ .[...]
-
Seite 21
Intel ® NetS tructure ™ 480T R outing Sw itch Us er Guid e xix List of Figu r es Figure 1.1: Intel ® NetStructure ™ 480T routing switch (front) ........................................................................... 9 Figure 1.2: Intel ® NetStructure ™ 480T routing s witch (with and without redundant power supply) .....................[...]
-
Seite 22
xx C O N T E N T S Figure 14.1: Route reflectors ........................................ 257 Figure 14.2: Routing confederation .............................. 258 Figure 15.1: IP multicast routing PIM-DM configuration ex- ample ........................................................................ 285 Figure 15.2: IP multicast routing using PIM-[...]
-
Seite 23
Intel ® NetS tructure ™ 480T R outing Sw itch Us er Guid e xxi List of T ables Table 1.1: Switch LEDs .................................................. 11 Table 1.2: Global Factory Defaults ................................. 12 Table 1.3: Media Types and Distances ........................... 14 Table 1.4: 1000LH Specifications ..................[...]
-
Seite 24
xxii C O N T E N T S Table 10.7: 802.1p Priority Value-to-Har dware Queue Ma p- ping ................................................................................ 150 Table 10.8: 802.1p Configuration Commands .............. 150 Table 10.9: Default Code Point-to-QoS Profile Mapping .. 152 Table 10.10: Default 802.1p Priority Value-to-Code Point M[...]
-
Seite 25
Intel ® NetS tructure ™ 480T R outing Sw itch Us er Guid e xxiii Table 16.2: IPX § Protocol Fil ters and Enca psulation Types 298 Table 16.3: Basic IPX § Commands ............................ 300 Table 16.4: IPX § /RIP Configuration Commands ........ 301 Table 16.5: IPX § /SAP Configuration Commands ........ 302 Table 16.6: IPX § Show Comma[...]
-
Seite 26
xxiv C O N T E N T S[...]
-
Seite 27
Preface This preface provid es an overview of this user g uide, describes guide conventions, an d lists other u seful publi cations. Intr oduction This use r guide prov ides the in formation you need to con figure th e Intel ® NetS tructu re ™ 48 0T routin g switch. Informati on in the “Late Breaki ng News” shi pped with yo ur sw itch i s mo[...]
-
Seite 28
2 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Internet Packet Exchange (IPX) • Server Load Balancing (SLB) • Simple Network Management Prot ocol (SN MP) Related Publications For furt her informat ion refe r to these pub lications: • Comm and Line I nterf ace Re ference Gui de • Intel ® NetStr uctu r e ™ 480T R outing[...]
-
Seite 29
Overview The I ntel ® NetStructure ™ 480T rout ing sw itch uses a powerf ul, full- featured software operat ing system for local management of the switch. This chapter offers an overvie w of the switch operation and covers these topic s: • Summary of featur es • Software licensi ng • Hardware specifications and factory defaults • Media t[...]
-
Seite 30
4 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • IP Multinetting • Dynam ic Ho st Conf igur ation P roto col (DH CP)/B oots trap Pr otoco l (BOOTP) Relay • Enterpri se Standb y Router Pr otocol (ES RP) • RIP (Ro uting Inf ormation Prot ocol) v ersion 1 and version 2 • OSPF (Open Shortes t Path First) routing protoco l • [...]
-
Seite 31
C H A P T E R 1 Overv iew 5 Full-Duplex Support The 480T routing swi tch provide s full-dup lex support for all p orts. Full-du plex mode allows frames to be transmi tted and rec eived simultaneousl y and, in e ffect, doub les the bandwidt h availa ble on a link. All 100/1000 Mbps po rts on the 48 0Tswitch auton egotiate f or half- duplex or f ull-[...]
-
Seite 32
6 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Quality of Service (Q oS) See Chapter 10,"Qual ity of Serv ice (QoS)" on page 135. The local managemen t software has Policy- Based Quality of Servi ce (QoS) features th at enable you to sp ecify service levels for d ifferent traffic groups. By defau lt, all t raffic is a ssig[...]
-
Seite 33
C H A P T E R 1 Overv iew 7 Load Sharing See “ Con figurin g Port s ” on page 79. Load sharing al lows you to increase b andwidth and resiliency by using a group of ports to carry traffi c in paral lel between systems. The switch ’ s sharing algorithm al lows you to use mu ltiple port s as a single logical p ort. For example, VLANs treat t he[...]
-
Seite 34
8 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Full L ayer 3 Functional ity Switches u sing a Full Layer 3 license also sup port other r outing protocol s and functions i n addition to Basi c function s, including: • IP routing using OSPF • IP multicast routing using DVMRP • IP mult icast routing using PIM (D ense or Sparse Mo[...]
-
Seite 35
C H A P T E R 1 Overv iew 9 Figure 1.1: Intel ® NetStructure ™ 480T ro uting s witch (front ) For inf ormation on switch LE Ds, refer to "Swi tch LEDs" on page 10. Rear View Figure 1.2 shows two rear view co nfiguratio ns. The second h as a redundan t power supply . Figure 1.2: Intel ® NetStructure ™ 480T routin g switch (with and w[...]
-
Seite 36
10 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide AC Connector The 480T routin g switch au tomatica lly adjust s to the su pply vo ltage. The power suppl y unit (PSU) operates down t o 100V, and is suitabl e for bot h 110 VAC and 200- 240 VAC operati on. Serial Number Use this seri al number fo r fault-repo rting purpose s. Console Po[...]
-
Seite 37
C H A P T E R 1 Overv iew 11 . T a ble 1.1: Sw itch LEDs LED Color Indicates 1000BASE-X Port Status LEDs (GBIC LEDs) Link/ activity Green Orange Green flashing (st eady) Off Link is present ; port is enabl ed. Frames are being t ransmitted/rec eived on this port. Link is p resent; port is disabl ed. Link is n ot present. 100/1000B ASE-T Port St atu[...]
-
Seite 38
12 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Software Factory Defaults Table 1.2 l ists factory def aults for gl obal features. T a ble 1.2: G lobal F actory Defa ults Item Default Setting Serial or T elnet user account admin with no password and user with no password W eb network managemen t Enable d Te l n e t Enab led SNMP acc[...]
-
Seite 39
C H A P T E R 1 Overv iew 13 802.1Q taggi ng Packets are u ntagged on the defaul t VLAN. Spanning T ree Prot ocol Disabled for the Intel ® NetStru cture ™ 480T routing switch; enabled for each port in the STPD Forwarding database aging p eriod 300 seconds (5 minutes) IP Routin g Disabled RIP Disabled OSPF Disabled IP multi cast routing Disabled [...]
-
Seite 40
14 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Media T ypes, Distances and Specifi cations Table 1.3 describes the media types and distances (cabl e lengths) for the different types of switch ports. T a ble 1.3: M edia T ypes a nd Distances Ty p e Med ia M Hz/Km Rating Maximu m Distance 1000BAS E-SX 50/1 25 µm Multi mode Fiber 50/[...]
-
Seite 41
C H A P T E R 1 Overv iew 15 Table 1.4 describes t he specifications for the 10 00B-LH interface. Optical Output Power The minimu m cable length with out a 10 d B attenuator is 32 kilo meters. The transmi tter output power level fo r the 1000-LH i s +5dBm. The maximum allowable recei ver input power level is -3dBm. Therefore, there is a mi nimum of[...]
-
Seite 42
16 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 43
Installation and Setup This chapt er describe s: • Determining the Switch Locat ion • Installing th e Switch • Connecting Equi pment to the Console Por t • Checking the Installation Using the Power-On Self T es t (POST) • Logg ing I n for the Fi rst Time • Upg rading Y our Fir mwar e • Installing the Gigabit In terface Connector (GBIC[...]
-
Seite 44
18 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Determining the Switch Locatio n The 480T r outing switch can be free stand ing or mounte d in a standard 19- inch equipmen t rack. Mount ing bracket s are supplied with the s witch . When decidi ng where to install the swi tch, ensure that: • The switch is accessib le and you can co[...]
-
Seite 45
C H A P T E R 2 Instal lation a nd Setup 19 4 Replace the screws and fully t ighten with a screwdriver , as shown in Figure 2.1. Figure 2.1: Fitting the m ounting br acket 5 Repeat the two previous steps for the o ther side of the switch. 6 Insert the switch into the 19-i nch rack. Ensure that ventilation holes are not obstructed. 7 Secure the swit[...]
-
Seite 46
20 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Free- Standing The 480T r outing switch is supplied wi th four self -adhesive r ubber pads. Y ou can stack up t o four swit ches on top of one another. 1 Apply the pads to t he underside o f the device by sticking a pad in the marked area at ea ch corner of the switch. 2 Place the devi[...]
-
Seite 47
C H A P T E R 2 Instal lation a nd Setup 21 If the switch passes the POST, the MGMT LED blinks at a slow rate (1 blink p er second). If th e switch fail s the POST, the MGMT LE D shows a so lid ora nge li ght . Logging In f or the First Time After the sw itch has co mpleted the Power-O n Self T est (POST), it is operational . Then you can log i n t[...]
-
Seite 48
22 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Upgrading Y our Firmwar e To upgrad e your Intel ® Ne tStruc ture ™ 480T ro uting s witc h you mus t upgrade the Bo otRom image and firmware. Refer to the Late Br eak ing Ne ws that shipped wi th your switch f or this proc edure. Installing the Gigabit Interface Connector (GBIC) Ens[...]
-
Seite 49
Using Intel ® Device View Intel ® Device View is a graphical user interface t hat helps you manage the Inte l NetS tructur e ™ 480T r outing swit ch and othe r supported Intel networking d evices on you r network. Intel De vice View pr ovides these feat ures: • The ability to configure new network devices • A graphical dev ice manager f or [...]
-
Seite 50
24 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can instal l both the W indows and the Web ve rsion of Int el Device View. T o Insta ll Intel Device V iew If you mana ge devi ces with Intel De vice View from only one lo cation on the networ k, insta ll the Windo ws § version. 1. Put the Intel Device V iew CD-ROM in your compute[...]
-
Seite 51
C H A P T E R 3 Using Int el ® Devi ce Vi ew 25 Starting the Windows § V ersion We recommend you u se the Wind ow version of Int el Device View if you manage de vices from only one l ocation on t he network. To start the Windo ws version: 1 From your deskto p, click Start . 2 Point to Programs > Intel De vice V iew > Intel Device V iew - W [...]
-
Seite 52
26 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Installing a New Device After you ’ ve i nstalled a new swi tch on your n etwork, you can u se Intel Device View ’ s Device Install Wizard to co nfigure it for management. T o Install and Configur e a New Switch for Management 1. Start Intel Device V iew . The Device Install W izar[...]
-
Seite 53
C H A P T E R 3 Using Int el ® Devi ce Vi ew 27 network. As it discov ers devices, it adds an icon for each de vice to the Device Tree on t he left side of the screen. Different states of the 480T routing swit ch are represented by unique icons in th e Device Tree as indica ted below. Device T ree icons Device T ree root Subnet Intel Switch (if no[...]
-
Seite 54
28 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The Device Tr ee works much li ke Windows Explorer : • T o expand the root or a subnet, click the (+) next to the icon. • T o collapse the view , click the (-) next to the icon. • Double-click a device icon to view the device image. T o Add a Device to the Devi ce T ree 1. Right-[...]
-
Seite 55
C H A P T E R 3 Using Int el ® Devi ce Vi ew 29 3. I n the Fi nd De vice dialog box, enter the IP address o f the device you want to find in the tree. 4. Cl ick OK . The device ’ s icon is high lighted in the Device T ree. Losi ng Con tact with a D evice If Intel Device Vi ew loses contact with a switch, it re places the switch icon wit h the re[...]
-
Seite 56
30 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The Express 480T Web Device Manager appears i n the Intel D evice View window. For comp lete inform ation on usin g Intel De vice View, refe r to the progra m ’ s onlin e help or see th e Intel Devic e View Help file on the installatio n CD-ROM. Vie w i n g R M O N In f o r m a ti on[...]
-
Seite 57
C H A P T E R 3 Using Int el ® Devi ce Vi ew 31 switch creates an ev ent (see below). For example, you m ight set an alarm if switch utilization exceeds 30%. • Group 9 Event s — Provides no tification and tells th e switch what to do when an event o ccurs on the netwo rk. Events can send a trap to a trap-r eceiving station, place an entry in t[...]
-
Seite 58
32 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 59
Using Web Device Manager Web Device Man ager is devic e-management software runni ng in th e Intel ® NetStru cture ™ 480T routi ng switch. It allo ws you to access t he switch over a TCP/IP network, usi ng a Web browser tha t supports frames and JavaScript § ( such as Netscape Navigator § 3.0 or later, or Mi crosoft Internet Explorer § 3.0 or[...]
-
Seite 60
34 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Use the none option to remov e a configured access profi le. To displ ay the status of Web a ccess, use this c ommand: show management To disable Web acce ss, use this command: disable web To re-enabl e Web access, use this command: enable web {access-profile [<access-profile> | [...]
-
Seite 61
C H A P T E R 4 Usin g Web Devi ce Manag er 35 Accessing W eb Device Manager To access the default home page of the switch , enter this URL in your browser ( substituting t he actual ip add ress): http://<ip_address> When you acce ss the home page o f the system, the Logi n screen appears. En ter your u ser name and password and click OK. If [...]
-
Seite 62
36 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Below the task butt ons are options. Options are specifi c to the task button that you select. When y ou select an opt ion, the in formation displayed in the content frame chang es. However, when you select a new task button, the content f rame does not change u ntil you select a new o[...]
-
Seite 63
C H A P T E R 4 Usin g Web Devi ce Manag er 37 Status Messages Status messages are displa yed at the top of the content frame. There are four types of status messages: • Infor mation — Displays information that is u seful to know prior to, or as a r esult of, cha ngi ng co nfigur atio n opti ons. • Wa r n i n g — Di splays warnings about th[...]
-
Seite 64
38 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Filt ering Inform ation On some pages you ca n click a F ilter button t o display a sub set of informati on for a pa ge. For example, on the OSPF configuration page, you can c onfigure au thenticati on based on the VLAN, area identi fier, or v irtual lin k. Once you select a filtering [...]
-
Seite 65
Accessing the Switch This c hapter provid es informat ion to help y ou manage the Intel ® NetS tructu re ™ 480T rout ing switch , including: • Understand ing the Comman d Syntax • Lin e-Edi ting Keys • Command Hi story • Common Co mmands • Configuring Managem ent Access • Real-time Basic Connectivity Checking • Methods of Managing [...]
-
Seite 66
40 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide To use the command-line i nterface (CLI): Most conf iguratio n comma nds requir e that you ha ve admini strator privil eges. 1. Enter the command name. When entering a command at the promp t, ensure that you have the appropriate pr ivilege level. 2. Enter th e parameter na me and value[...]
-
Seite 67
C H A P T E R 5 Accessin g the Switch 41 Command Shortcuts All componen t names must be unique. Name components using the create command. When you enter a co mmand to config ure a named component , you do not nee d to use the keyword of the component. F or example, to create a VLAN, you must enter a unique VLAN name: create vlan engineering After y[...]
-
Seite 68
42 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Symbols You may s ee a vari ety of sy mbol s sho wn a s par t of the co mm and syntax. These symbol s explain how to enter the comman d, and you do not ty pe them as part of the command i tself. Table 5 .1 summarizes command syntax symbols. Press the Tab ke y in the command line in ter[...]
-
Seite 69
C H A P T E R 5 Accessin g the Switch 43 Line-Editing Keys Table 5.2 describes t he line-editing key s available using the CLI. T a ble 5.2: Lin e-Editi ng Keys Key(s) Description Backspace Deletes charact ers to the left of the cursor and shifts the remainder of the lin e to the le ft. Delete or Ctrl + D Deletes character at t he cursor position a[...]
-
Seite 70
44 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Command History The local manag ement software st ores the last 49 c ommands you entered. You can display a l ist of th ese commands by usi ng this command: history Common Co mmands Table 5.3 d escribes common comman ds used to manage t he 480T routing switch. Commands specific to part[...]
-
Seite 71
C H A P T E R 5 Accessin g the Switch 45 configure time < date> <time> Configures the sy stem date and time. The format is as follo ws: mm/dd/yyyy hh:mm:ss The time u ses a 24-hour c lock format. configure timezone <gmt_of fset> {aut odst | noautodst } Config ures th e time zone informati on to the configure d off set from Greenwi[...]
-
Seite 72
46 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide disable cli paging Disables pausi ng of the screen display when a show command out put reaches the end of the pa ge. disable idletim eout Di sables the t imer that disconnects all sessions. Once disabl ed, console session s remain open un til the switch is reboot ed or you log of f. T [...]
-
Seite 73
C H A P T E R 5 Accessin g the Switch 47 enable telnet {a ccess-profile [<access_pro file> | none]} {port <tcp_port _number>} Enables T elnet access to the switch. By default, T elnet is enabled wit h no access profile, and uses T ransmission Control Protocol ( TCP) port nu mber 23. T o cancel a previously confi gured access profile, us[...]
-
Seite 74
48 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configuring Management Access The local management softwar e supports the se two level s of management: • User • Administrator In additi on to these manag ement levels, yo u can optio nally use an external RADIUS server to prov ide CLI command authorization checking for ea ch comma[...]
-
Seite 75
C H A P T E R 5 Accessin g the Switch 49 Pr ompt T ext The prompt text is t aken from th e SNMP sysname setting (see Table 5.8, “ SNMP Configurat ion Commands, ” on page 64) . The number th at follows t he colon indicat es the sequen tial line/ command number . If an asterisk (*) appears in front of the command-line prompt , it indicat es that [...]
-
Seite 76
50 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 4. Enter the new p assword at the prompt. 5. Re-enter t he password fo r verification. To add a passwor d to the default user ac count: 1. Log in to the switch using the name admi n . 2. At the pass word prompt , press Ente r , or enter t he password that you have con figured for the a[...]
-
Seite 77
C H A P T E R 5 Accessin g the Switch 51 Deletin g an Account To delet e an account, you must have a dministrator pr ivileges. Use this c ommand to delet e an account: delete account <username> The accoun t name admi n canno t be deleted . Domain Name Service Client The Domain Name Service (DNS) cl ient augments the se commands, to all ow the[...]
-
Seite 78
52 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Real-time Basic Connectivity Checking Use these commands to ch eck basic connect ivity: • ping • traceroute Ping You can use the ping comma nd to send In ternet Con trol Message Protocol (I CMP) echo messa ges to a remote IP device. The ping command is availab le for both the user [...]
-
Seite 79
C H A P T E R 5 Accessin g the Switch 53 T raceroute The traceroute command enab les you to trace the routed path between the switch and a dest ination endstation . The traceroute command syntax is: traceroute [<ip_address> | <hostname>] {from <src_ipaddress>} {ttl <TTL>} {port <port>} where: • ip_address is the IP a[...]
-
Seite 80
54 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can use Tel net, a Web browser, or an SNMP manager t o manage the switc h remotely. Th ere can be one console se ssion, one Web session or eight concu rrent Telnet sessions. Using the Console I nterface You can ac cess the built- in CLI of th e 480T r outing switch through the 9-pi[...]
-
Seite 81
C H A P T E R 5 Accessin g the Switch 55 Telnet session is lost inadverten tly, the swit ch termin ates the session with in two hours. Before you can start a Telnet session, you must set up the IP parameters de scribed i n the section "Co nfiguring S witch IP Parameters" on page 55 .. Telnet is e nabled by defa ult. To open the Telnet ses[...]
-
Seite 82
56 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can enable BOOTP on a per-VLAN basis using this command: enable bootp vlan [<name> | all] By defaul t, BOOTP is enabled on the defaul t VLAN. If you conf igure the 480T routing switch to use BOOTP, th e switch IP address is not ret ained through a power cycle, even if the con[...]
-
Seite 83
C H A P T E R 5 Accessin g the Switch 57 login: admin Administrator capabilities en able you to access all switch func tion s. The defau lt user names have no pa ssword s assig ned. 4. If you have been assigned a user name and p assword with admin- istrator privileges, enter them at the login prompt and press Enter . When you have su ccessfully log[...]
-
Seite 84
58 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Disconn ecting a T elnet Session An administra tor-level a ccount can disconnect a management session that i s established t hrough Telnet connection. I f this happens, the user logged i n through Te lnet is n otified that t he session is terminated. To terminate a Telnet sessi on: 1. [...]
-
Seite 85
C H A P T E R 5 Accessin g the Switch 59 Using Access P r ofiles An access profi le permits or denies a named list of IP addresses and subnet masks. To use a ccess profiles, first define the list, an d then apply the named list to the desir ed applicat ion. Access profiles are u sed by several routi ng switch features as a way to restrict access. A[...]
-
Seite 86
60 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The subnet mask spec ified in the access profile command i s interpreted as a reverse mask. A reverse mask indi cates the bits that are significant in the IP address an d specifies the part of the address that must match the IP address to which th e profile is applied. If you conf igur[...]
-
Seite 87
C H A P T E R 5 Accessin g the Switch 61 Access Profil e Rules These rules apply when u sing access profiles: • Only one access profile can b e applied to each application. • The access profile can either permit or deny the entries in the profile. • The same access pr ofile can be applied to m ore than one application. Access Profile Example [...]
-
Seite 88
62 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide When you acce ss the home page of the swit ch the Lo gon screen appears. Control ling W eb Access By default, Web acc ess is enabled on the routing switch. You can restrict acce ss through th e Web Device Manager u sing an access profile, which pe rmits or denies access to a named list[...]
-
Seite 89
C H A P T E R 5 Accessin g the Switch 63 Accessing Sw itch Agents To have access to the SNMP agent in the routing switch, at least one VLAN must have an IP address assigned to it. For more info rmation o n assigni ng IP addr esses, refer to T able 5. 3 on page 44. Supported MIBs Along with private MIB s, the routing switch support s the MIBs listed[...]
-
Seite 90
64 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Communi ty strings — Allo ws a simple method of authentication between the 480T routing switch and the remote Network Manager . There are two types of community strings on the switch. Read community strings provide read-o nly access to the switch. The default read-only commu nity[...]
-
Seite 91
C H A P T E R 5 Accessin g the Switch 65 configure snmp co mmunity [readonly | readwrite] {encrypt ed} <string> Adds an SNMP read or read/write community string . The default readonly com munity string is public . The de fault readwrite commu nity strin g is private . Ea ch community stri ng can have a maximum o f 127 characters, and can be e[...]
-
Seite 92
66 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Displaying S NMP Settings To display the SNMP settin gs configured on the r outing switch, use this co mmand: show management This c ommand disp lays th e follo wing i nformat ion: • Enable/disable state for T elnet, SNMP , and W eb access, along with access profile information • S[...]
-
Seite 93
C H A P T E R 5 Accessin g the Switch 67 and then t o the seconda ry RADIUS server, if t he primary doe s not respond. If the RADIUS client is enabled, but access to the RADIUS primary and secondary servers fail, th e routing switch uses its local database for authenticati on. The privil eges assigned to the user (admin versus non-admin) at the RAD[...]
-
Seite 94
68 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 5.9: RADIUS ® Comma nds Command Descrip tion configure radius [primary | secondary] server [<ipaddress> | <hostna me>] {<udp_po rt>} client -ip <ipaddr ess> Configures the pri mary and secondar y RADIUS § serv er . Spe cify th e follow ing: • [primar[...]
-
Seite 95
C H A P T E R 5 Accessin g the Switch 69 configure radi us-accounting [primary | secondary] server [<ipadd ress> | <hostname>] {< udp_port>} clie nt-ip <ipaddress> Configures t he RADIUS accounting se rver . Specify the foll owing: • [primary | secondary] — Either the primary or s econdary RADIUS server . • [<ipadre[...]
-
Seite 96
70 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide RADIUS RFC 2138 At tributes The RADIUS RFC 21 38 optional attributes sup ported are: • User-Name • User-Password • Service-T ype • Login-IP-Ho st Configuring T ACACS+ Terminal Access Controller Access Control S ystem Plus (TACACS+) is a mea ns for prov iding authen tication, a [...]
-
Seite 97
C H A P T E R 5 Accessin g the Switch 71 T a ble 5.10: T ACACS+ Commands Command Description configure tacacs [primary | secondary] server [<ipaddress> | <hostna me>] {<udp_po rt>} client -ip <ipaddre ss> Configures the server information for a T ACAC S+ ser ver . Spec ify t he fo llow ing: • primary | secondary — Specif[...]
-
Seite 98
72 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Simple Network Ti me Pr otocol (SNTP) Theroutin g switch supp orts the clien t portion of the Simple Network Time P rotocol (SNTP) Versio n 3 based on RFC 1769. The switch can use SNTP to upd ate and synchroni ze its interna l clock from a Network T ime Protocol ( NTP) server. When SN [...]
-
Seite 99
C H A P T E R 5 Accessin g the Switch 73 Configuring and Using SNTP To use S NTP: 1 Identify the host(s) that are con figured as NTP server(s). 2 Identify th e preferred met hod for ob taining NTP updates. The options are for the NTP server to send out broadcasts, or for switches using NTP to query the NTP server(s) directl y . A combination of bot[...]
-
Seite 100
74 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide If the switch cannot obtain the time, i t restarts the query process. Otherwise, the switch waits for the sntp-client update interval bef ore querying again. 6 Optiona lly , you can chan ge the interval for whi ch the SNTP client up dates the real -time clock of the swi tch using this [...]
-
Seite 101
C H A P T E R 5 Accessin g the Switch 75 -6:00 -360 CST - Centr al Standa rd Chicag o, Illinois, US A; Mexico City , Mexi co; Saskatchewan, Canada -7:00 -420 MST - Mounta in Standa rd Salt Lake City , Ut ah, USA; Alberta, Cana da -8:00 -480 PST - Pacific St andard Los Angeles, CA. USA; Seattle, WA , U S A -9:00 -540 YST - Y ukon Stan dard Whitehors[...]
-
Seite 102
76 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide NTP updates are distribut ed using GMT t ime. To proper ly display the local time in logs and other timestamp information, the switch should be co nfigured with the approp riate offset to GMT based o n geographical location. +4:00 +240 ZP4 - Rus sia Zon e 3 Abu Dhabi, UAE; Muscat; Tbli[...]
-
Seite 103
C H A P T E R 5 Accessin g the Switch 77 SNTP Configuration Com mands Table 5.12 describes Simple Networ k T ime Protocol (SNTP) configura tion commands. Pr ess the Tab key i n the command li ne interface for more command o ptions. SNTP Example In this example, the 480T routing switch q ueries a specific NTP server and a backup NTP server. An updat[...]
-
Seite 104
78 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 105
Configuring Ports This chapte r describe s how to configure po rts on the Intel ® NetStructure ™ 480T rou ting switch and co vers these topi cs: • Configurin g Ports • Changing Port Speed and Duplex Settings • Jumbo Frames • Load Sharing • Jumbo Frames • Port-Mirr oring • Enterprise Dis covery Protocol Configuring Ports By defaul t[...]
-
Seite 106
80 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de Changing Port Speed and Duplex Setting By defa ult, the switc h is config ured to u se auto-ne gotiatio n to determine port spe ed and duple x setting for each port. You can manually co nfigure the d uplex setti ng and the spe ed of 100/100 0 Mbps port s, and you can m[...]
-
Seite 107
C H A P T E R 6 Config urin g Por ts 81 To tur n on RED, use this comman d: enable red port <portnumber> To configur e the proba bility at which yo u want random earl y detection t o drop packets, use t his command: configure red drop-probability <percent> The percen tage rang e is 0 - 100. T u rning Of f Auto-negotia tion for a GBIC Po[...]
-
Seite 108
82 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de Enabling Jumbo Fr ames Some ne twork inter face car ds have a con figur ed maximum MTU size that does n ot includ e the additiona l 4 bytes of CRC. Ensu re that the NIC maximum MTU size is at or below th e maximum MTU size conf igured on the switc h . Larger frame s ar[...]
-
Seite 109
C H A P T E R 6 Config urin g Por ts 83 IP Fragmentation with Jum bo frames T o set the MTU s ize greater than 1500, al l ports in the VLAN m ust be jumbo-fr ame enabl ed. If an IP packet o riginates in a local net work that allows large packets and that packet t raverses a network that limits pa ckets to a smaller size, the pack et is fragmented i[...]
-
Seite 110
84 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de want IP fragm entation only with in a VLAN. This is for in ter-VLAN IP fragm entation only. Fo r intra-VL AN IP fragm entation , all port s in the VLAN must be configure d for jumbo frame support. Load Sharing Load sha ring (also cal led link agg regatio n) using 480T [...]
-
Seite 111
C H A P T E R 6 Config urin g Por ts 85 If you do not explicitl y sele ct an algor ithm, the port-ba sed sche me is used. Howev er , the address -based alg orithm has a mor e even distributi on and is t he recomm ended c hoice. You can configu re one of three load-sh aring algorithms: • Port-based • Address- based • Round-ro bin Port-based lo[...]
-
Seite 112
86 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de To define a load-shari ng group, you assi gn a group of ports to a single, l ogical port nu mber. To enable or disable a lo ad-sharing group, use the se commands: enable sharing <port> grouping <portlist> {algorithm [port-based | address-based | round- robi[...]
-
Seite 113
C H A P T E R 6 Config urin g Por ts 87 T a ble 6.1: Por t Commands Command Descrip tion configure jumbo-frame size <jumbo_frame_mt u> Configures the jumbo fr ame size. The range is between 152 3 and 9216. T he default set ting is 9216. conf igure po rts <portlist> auto off {speed [100 | 1 000]} duplex [ha lf | full] Changes the co nfig[...]
-
Seite 114
88 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de disable por ts <portlist> Disables a port. Even when di sabled, the link is availab le for diagno stic purposes. disable sha ring <por t> Di sables a load-sharin g group of ports. enable jumbo-frame ports [<portl ist> | all] Enables rec eption and tra[...]
-
Seite 115
C H A P T E R 6 Config urin g Por ts 89 show ports {<por tlist> | mgmt} conf igur atio n Displays t he port configur ation. show ports {<po rtlist> | mgmt} info {detail} Di splays detailed system-rel ated information. show ports {<po rtlist> | mgmt} packet Displays a histog ram of packet statistics. show ports {<por tlist> |[...]
-
Seite 116
90 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de Port-Mirr oring Port-mirr oring confi gures the switch t o copy all t raffic comi ng in and out of on e or more por ts to a monit or port on the swi tch. You can connect the monitor port to a n etwork analyzer or RMON prob e for packet analysi s. The switch uses a traf[...]
-
Seite 117
C H A P T E R 6 Config urin g Por ts 91 Mirr oring IP Multicast T raf fic Due to IGMP snooping, mult icast traffic may cease to be seen on a mirror port. If yo u issue a restart command f or the mirror port or remove and rei nsert the port c onnection, multicast traff ic will resume for the IGMP host time-out period (260 sec onds). Mirr oring Bandw[...]
-
Seite 118
92 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de Port-Mirr oring Example This example select s port 3 as the mirror port, and sends all t raffic coming into o r out of the swi tch on port 1 t o the mirror p ort: enable mirroring to port 3 untagged configure mirroring add port 1 This next exampl e sends all traffi c c[...]
-
Seite 119
C H A P T E R 6 Config urin g Por ts 93 EDP Commands Table 6.3 list s EDP commands. Fo r further comman d options, press the Tab key i n the command line i nterface. T a ble 6.3: EDP Comman ds Command Descrip tion disable ed p ports [<port list> | all ] Disables the E DP on one or more po rts. enable edp port s [<portlist> | all] Enable[...]
-
Seite 120
94 C H A P T E R 6 Int el ® NetStructu re ™ 480T R outing Switc h User Gui de[...]
-
Seite 121
Virtual LANs (VLANs) Setting up Virtual L ocal Area Netw orks (VLANs) on the switch eases many time-con suming tasks of network admi nistration wh ile increasing efficiency i n network oper ations. This chapt er describe s the concept of VLANs and explains how to impl ement VLANs o n the Intel ® NetS tructure ™ 480T routing switc h. Overvi ew of[...]
-
Seite 122
96 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide VLANs Help to Control T raffic With tra ditional n etworks, broad cast traffic ca n cause congestion, because packet s are sent to all network devices, ev en though the data is not needed by all . VLANs increase the efficiency of y our network because each VLAN can be set up to include[...]
-
Seite 123
C H A P T E R 7 Virtual L ANs (VLANs) 97 Ty p e s o f V L A N s You can create VLANs based o n these criteria: • Physi cal port • 802.1Q ta g • Ethernet, Logical Link Con trol Service Advertis ing Protocol (LLC SAP), or Logical Link Control Subnetwork Access Protoco l ( LLC/SNAP) Ethernet protoc ol type • MAC address • A combination of th[...]
-
Seite 124
98 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide of the same port. Th is means that each VLAN must be configured as a router interface with a u nique IP address. Spanning Sw itches with Port-Based VL ANs To create a port-based VL AN that spans two switches, you must: • Assign the po rt on each switch to the VLAN. • Connect the tw[...]
-
Seite 125
C H A P T E R 7 Virtual L ANs (VLANs) 99 • On System 2, ports 1 through 4 a re part of VLA N Accounting and port s 5 through 8, 15, and 16 are part of VLAN Engineeri ng . Figure 7.3: T wo port- based VL ANs span ning two swi tches • VLAN Accounti ng spans System 1 and System 2 by way of a connection between Sys tem 1, port 12 and System 2, port[...]
-
Seite 126
100 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide lead to c onnectivi ty proble ms if non-80 2.1Q bridges or r outers ar e placed in the path. Uses of T agged VLANs Tagging is most commo nly used to create VLANs that span switches. The switch-t o-switch connections are t ypically called trunks . Using tags, mult iple VLA Ns can span [...]
-
Seite 127
C H A P T E R 7 Virtual L ANs (VLANs) 101 Figure 7.4: Physical di agram of tagge d and unt agged traffic Figure 7.5 sho ws a logical di agram of th e same network. Figure 7.5: Logical di agram of ta gged and unta gged traffic In Figure 7.4 and Figure 7.5: • The trunk por t on each switch carr ies traffic for b oth VLAN Marketi ng and VLAN Sales .[...]
-
Seite 128
102 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • The trunk po rt on each switch is tagged. • The server co nnected to port 9 on Sys tem 1 has a NIC that support s 802.1Q t agging. • The server co nnected to port 9 on System 1 is a member of both VLAN Marketi ng and VL AN Sa les . • All other stations use untagged traffic. [...]
-
Seite 129
C H A P T E R 7 Virtual L ANs (VLANs) 103 • The remainder of the traffic belongs to the VLAN named MyCompany . • All ports are member s of the VLAN MyCompany . Figure 7.6: Protocol -based VLA Ns Pr edefined Protocol Filters These protocol filters are predefined on the switch: • IP • IPX § • NetBIOS • DECnet § • IPX_8022 • IPX_SNAP[...]
-
Seite 130
104 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Defining Protocol Filt ers For more info rmation o n SNAP for Ethernet protocol ty pes, see TR 1 1802-5:1 997 (ISO/ IEC) [ANS I/IEEE std. 802.1H, 1997 Ed ition]. For more info rmation on standa rds see "T ech nical Specifi cations and Supporte d Limits " on page 431. If nece[...]
-
Seite 131
C H A P T E R 7 Virtual L ANs (VLANs) 105 Deleting a Protocol Filte r If a p roto col filter is del ete d from a VL AN, th e VL AN is assi gned a protocol f ilter of none . You can continu e to config ure the VLAN. Howeve r, no traffic is forwarded to the VLA N until a protoc ol is assigned to it. Precedence of T agged Packets Over Protocol Filters[...]
-
Seite 132
106 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Default VLAN The switch ships with one de fault VLAN that has these properties: • The VLAN name is default. • It includes all the ports on a new or initialized switch. The defa ult VLAN is unt agged on all ports. It has a n internal VLANid of 1. Renaming a VLAN To rename a VLAN, u[...]
-
Seite 133
C H A P T E R 7 Virtual L ANs (VLANs) 107 Table 7.2 describe s the commands used to configure a VLAN. Fo r a complete l ist of comman d options, pr ess the Tab key i n the command line in terface. T a ble 7.2: VLA N Config uration Co mmands Command Des cription configure dot1q eth ertype <ether type> Configures an IEEE 802.1Q Ethert ype. Use [...]
-
Seite 134
108 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide VLAN Configuration Examples Exampl e 1 This exampl e creates a port -based VLAN named acco unting , assigns the IP address 132 .15.121.1, and assi gns ports 1, 2, 3 and 6 to i t: create vlan accounting configure accounting ipaddress 132.15.121.1 configure vl an <name> protocol [[...]
-
Seite 135
C H A P T E R 7 Virtual L ANs (VLANs) 109 configure default delete port 1-3,6 configure accounting add port 1-3,6 Because VLAN names are u nique, you do not need to e nter the keyword vlan after you ha ve created the unique VL AN name. You can use the VLAN n ame alone. Exampl e 2 This example crea tes a tag-based VLAN named video . It ass ig ns th [...]
-
Seite 136
110 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create protocol myprotocol configure protocol myprotocol add etype 0xf0f0 configure protocol myprotocol add etype 0xffff create vlan myvlan configure myvlan protocol myprotocol Displaying VLAN Settings To displ ay VLAN settings, use th is command: show vlan {<name>} The show com[...]
-
Seite 137
C H A P T E R 7 Virtual L ANs (VLANs) 111 VLAN Statistics You can coll ect statisti cs on a per VLAN basis. Avai lable statist ics include: • Receive and T ransmit Unicast • Receive and T ransmit Multi cast • Receive and T ransmit Broadcast • Receive and T ransmit Byte Co unt . To displ ay VLAN statistics use the command: show vlan stats vl[...]
-
Seite 138
112 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can tunnel any number of 8 02.1Q VLANs into a single VLAN that can b e switched t hrough the 48 0T routing swi tch Etherne t infra struc ture. Each tunne l is comple tely isol ated from oth er tunne ls or VLANs. This feat ure is useful i n building t ransparent pri vate networks ([...]
-
Seite 139
C H A P T E R 7 Virtual L ANs (VLANs) 113 The figur e shows a vMAN configu ration with tw o tunnels that have ingress/egress ports o n each 480T routing switch. The switches are conf igured as follows: configure dot1q ethertype 9100 enable jumbo-frame ports 1,2 configure jumbo-frame size 1530 create vlan Tunnel1 configure vlan Tunnel1 tag 50 config[...]
-
Seite 140
114 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Specifi c to this con figurati on, a Layer 1 or Layer 2 redunda ncy method would also be employed , such as Spanni ng Tree or oth er protocol av ailable on t he switch. MAC-B ased VL ANs MAC-based VLANs allow ph ysical ports to be mappe d to a VLAN based on the source MAC address l ea[...]
-
Seite 141
C H A P T E R 7 Virtual L ANs (VLANs) 115 This example sho w MAC 00:00:00 :00:00:aa is on ly allowed to enter into the VLAN on po rts 10 and 1 1 because of membe rship in group 100: • The group any is equivalent to the group 0 (zero). Ports that are configured as any allow any MAC address to be assigned to a VLAN , re gard less of gro up ass oci [...]
-
Seite 142
116 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide VLAN association remai ns until the port connection is dropped or the FDB entry ages out. MAC-Based VLAN Commands Table 7.4 describes MAC -based VLAN commands. For a complete list of co mmand option s, press the Tab key i n the command li ne inte rfac e. MAC-Based VLAN Example In the [...]
-
Seite 143
C H A P T E R 7 Virtual L ANs (VLANs) 117 • The MAC ad dres s 00:00: 00: 00:00 :01 h as a gro up n umber o f 10 associated with it, and can only be assigned to a VLAN if inserted into port s 5 or 6. • The MAC ad dres s 00:0 0:00: 00:00 :03 h as a gr oup n umbe r of 200 associated with it and can only be inserted into po rts 9 through 12. To cre[...]
-
Seite 144
118 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Example For MAC-based VLANs, the downloaded file is an ASCII file that consists of CLI command s used to configure the most recent MAC- to-VLAN database . This fea ture is diff erent from the normal downloa d configur ation comma nd in that it allows incr emental c onfigurati on with [...]
-
Seite 145
Forwarding Database (FDB) This chapt er describe s the conten ts of the f orwarding da tabase (FDB), how the FDB works, and how to config ure the FDB. Overvi ew of the FDB The I ntel ® NetStru ctur e ™ 480T routin g switch maintains a dat abase of all media access control (MAC) addresses received on all of its ports. It uses the infor mation in [...]
-
Seite 146
120 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can downl oad up t o 7,000 MAC add resses to th e switch when using MAC-based VLANs. You c an create up t o 3,000 VLANs on the s witch . FDB Contents Each FDB entry consi sts of: • The MAC address of the d evice • An identifier for the p ort on which it was received • An ide[...]
-
Seite 147
C H A P T E R 8 Forwardin g Databas e (FDB) 121 Perman ent Entrie s All entri es entered through the command line int erface are stored as permanent.Only ent ries designated as P ermanent are retained in the database if t he switch is reset or a power off/ on cycle occur s. A permanent entr y can either be a uni cast or multicast MAC address. The s[...]
-
Seite 148
122 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Y ou can enter and update entries u sing a MIB browser , an SNMP Network Manager , or the command line interface (C LI). Associating a QoS Profile with an FD B Entry The swit ch appl ies the QoS profile as soon as the FDB entry is lear ned. You can associate a QoS profile with a M[...]
-
Seite 149
C H A P T E R 8 Forwardin g Databas e (FDB) 123 FDB C ONFIGURATION E XAMPLES This example add s a permanent entry to the FDB: create fdbentry 00:A0:C9:12:34:56 vlan marketing port 4 The permanent entr y has these characterist ics: • MAC address is 00:A 0:C9:12:34 :56. • VLAN name is marketing . • Port number for this device is 4. This example[...]
-
Seite 150
124 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Displaying FDB Entries To display FDB entr ies, use the command: Show fdb {<mac_address> | vlan <name> | ports <portlist> | permanent} where the following is true: • mac_address — Displays the entry for a particu lar MAC address. • vlan <name> — Display[...]
-
Seite 151
Spanning Tree Protocol (STP) Using the Sp anning Tree Protocol ( STP) funct ionality o f the Int el ® NetS tructu re ™ 480T rout ing switch makes y our network mo re fault tole rant . STP is a pa rt of th e 802.1D bridge specificati on defined b y the IEEE (Institute of Electrical and Electronics Engine ers), a standard-setti ng body. To exp lai[...]
-
Seite 152
126 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide STPD has it s own Root Bridge a nd active path. Af ter the ST PD is created, you c an assign one or more VLANs to it. A port can bel ong to onl y one STPD. If a port is a member of multiple VLANs, then all those VLANs must belong to the same STPD. Remember these key po ints when confi[...]
-
Seite 153
C H A P T E R 9 Spanni ng Tree P rotoc ol (STP) 127 • Marketi ng is defined on all switch es (Switch A, Switch B, Switch Y , Switch Z, and Switch M). Two STPDs ar e defined: • STPD1 cont ains VLANs Sales and Personnel. • STPD2 cont ains VLANs Manuf acturing and Engineering. The VLAN Marketin g is a member of the defau lt STPD, but not assigne[...]
-
Seite 154
128 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Be careful when configuring your VLANs within a singl e STPD. Figure 9 .2 illustrat es an incorr ect network co nfiguratio n using a single ST PD. The STP co nfiguratio n disables the a b ilit y of the switches t o forward VLAN traffi c. Figure 9.2: T ag-ba sed ST P configur ation -In[...]
-
Seite 155
C H A P T E R 9 Spanni ng Tree P rotoc ol (STP) 129 Configuring STP We recommend that you d o not confi gure STP paramet ers unless you have consi derable knowl edge and experi ence with S TP. The default STP parameters are adequate for mo st networks. To confi gure STP: STPD, V LAN, and QoS profile nam es mus t be unique. F or example , a name use[...]
-
Seite 156
130 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 9.3: S TP Confi guration Comman ds Command Des cription configu re stpd <s tpd_name> a dd vlan <name> Adds a VLAN to the STPD. configu re stpd <stp d_name> fo rwarddel ay <value> S pecifies th e time (in se conds) tha t the ports in this ST PD spen d in[...]
-
Seite 157
C H A P T E R 9 Spanni ng Tree P rotoc ol (STP) 131 create stpd <s tpd_name> Creates an STPD. When creat ed, an STPD has these default p arameters: • Bridge priori ty — 32,768 • Hello ti me — 2 seconds • Forward delay — 15 seco nds enable ignore-st p vlan <name> Configures t he switch to i gnore the ST P protocol, an d not b[...]
-
Seite 158
132 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide STP Configuration Exampl e This example creates and enables an STPD named Backbone_st . It assigns the Man ufact uring VLAN to the STPD. It di sables STP on ports 1 thr ough 7, and port 12. create stpd backbone_st configure stpd backbone_st add vlan manufacturing enable stpd backbone_[...]
-
Seite 159
C H A P T E R 9 Spanni ng Tree P rotoc ol (STP) 133 Disabling and Resetting STP To disable S TP or retur n STP setting s to their defa ults, use the commands list ed in Table 9.4. For further command options, press the T ab key in the command l ine interface. T a ble 9.4: ST P Disable an d Reset Commands Command Descri ption delete stpd < stpd_n[...]
-
Seite 160
134 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 161
Quality of Service (QoS) This chapt er describe s the conc ept of Quality of Servic e (QoS) and explains how to conf igure QoS on th e Intel ® Ne tStructure ™ 480T rout ing switch. Overvi ew of Policy-Bas ed Quality of Service Policy-base d QoS allows you t o assign specif ic levels of ser vice to differe nt traffic t ypes trave rsing the swi tc[...]
-
Seite 162
136 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide prioriti zation parameter s. The bandwidth-mana gement and prioriti zation paramet ers that mod ify the forwardi ng behavior of the switch affect how the switch transmits traffic for a given hardware queue on a phy sical por t. The switch track s and enforces the minimum a nd maximum [...]
-
Seite 163
C H A P T E R 10 Quality of Service (QoS) 137 Applications and T ypes of QoS Applicati ons vary sign ificantly i n QoS requirements. T hese applications are o nes that you will most commonly encount er and need to prioritize: • V oice applications • V ideo applications • Critical database applicatio ns • W eb browsing applications • File [...]
-
Seite 164
138 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide For example, in t he playback of stored v ideo streams, some applications can t ransmit large amounts of data for multipl e streams in one spike, with the expectation t hat the endstations wil l buffer significan t amounts of v ideo-stream data. T his can present a problem to th e net[...]
-
Seite 165
C H A P T E R 10 Quality of Service (QoS) 139 File S erver App licati ons File s ervin g typi cal ly pos es the great est deman d on b andw idt h, although file server appl ications ar e tolerant of l atency, jit ter, and some packet l oss, depending on t he network op erating system and the use of TCP o r UDP. Building Blocks The service that a p [...]
-
Seite 166
140 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 2. Assign one o r more traffic g roupings to a QoS p rofile to create a QoS policy . T raffi c group ing — A classification or traffic typ e that has one or more attributes in common . These can range f rom a physical port to a VLA N to IP Layer 4 port in formation. T raff ic groupi[...]
-
Seite 167
C H A P T E R 10 Quality of Service (QoS) 141 other queues. The minimum bandwid th for all queues shou ld add up to les s than 90%. The default v alue on all minimum bandwidth parameters is 0%. • Maximum ba ndwidth – The m aximu m per cen tage o f tota l li nk bandwidth that may be transmitted by a hardware queue on a physical port. The d efaul[...]
-
Seite 168
142 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configuring a QoS Pr ofile Table 10.4 lists the comman ds used to configure QoS. For further command options, press t he Tab key in the command li ne interface. T a ble 10.3: Defa ult QoS P rofiles Profile Name Hardwar e Queue Priority Buff er Mini mum Band widt h Maximu m Band widt h[...]
-
Seite 169
C H A P T E R 10 Quality of Service (QoS) 143 T a ble 10.4: Q oS Configur ation Com mands Command Des cription conf igur e qo sprof ile <q ospr ofi le> {m inb w <percent>} {maxbw < percent>} {pr iority <level>} {< portlist> | ma xbuf <percent> minbuf <perce nt> [K | M]} Configures a Qo S profile. Sp ecify: [...]
-
Seite 170
144 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Modifying a QoS Pr ofile You can modify t he default pr ofiles as desire d. To modify th e parameters of an existin g QoS profile, use this command: configure qosprofile <qosprofile> {minbw <percent>} {maxbw <percent>} {priority <level>} {minbuf <percent>[...]
-
Seite 171
C H A P T E R 10 Quality of Service (QoS) 145 IP-Based T r af fic Groupings IP-based traf fic groupi ngs are based on any combin ation of: • IP source or destin ation address • TCP/ UDP or other Laye r 4 pr otoco l • TCP/UDP port in formation IP-based traffic grouping s are defined using access li sts (see chapter 16). By supplyi ng a named Q[...]
-
Seite 172
146 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The MAC address options are: • Permanent • Dynamic • Blackhole • Broadcast/un known rate limiting Perm anent MA C Addresses Permanent MAC add resses can be assigned a QoS prof ile whenever traffic is dest ined for the MAC address. Yo u can do this when you create a permanent F[...]
-
Seite 173
C H A P T E R 10 Quality of Service (QoS) 147 Broadcast/Unknown Rate Limiting MAC Address IP multic ast traffic is subject to broadc ast and unknown r ate limiting only when IGMP snooping is disable d. Refer to " IGMP Snoop ing" on pag e 278. It is possib le to assig n broadcast and unknown destinat ion packets to a QoS pr ofile th at has[...]
-
Seite 174
148 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide be preserved a cross a routed swit ch boundary an d DiffServ cod e points can be observed or over written acr oss a Layer 2 swit ch boundary. Config uring 8 02.1p Prior ity The switch su pports the st andard 802.1p p riorit y bits that are part of a tagged E thernet pack et. The 802. [...]
-
Seite 175
C H A P T E R 10 Quality of Service (QoS) 149 As described in T able 10.2, by default a QoS profil e is mapped to a hardware queue, and each QoS profile has confi gurable bandwidth parameters an d priority. In this way, an 802.1p pri ority value detected on ingress can b e mapped to a particular QoS profile wi th specified ban dwidth-manageme nt an[...]
-
Seite 176
150 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide that i s used when t ransmitting the packet. T o replace 8 02.1p prior ity information, use the command: enable dot1p replacement ports [<portlist> | all] 802.1p priorit y information is replaced according to the hard ware queue tha t is used when transmitti ng from the switch. [...]
-
Seite 177
C H A P T E R 10 Quality of Service (QoS) 151 Configuring Dif fServ Contained in the header of every IP packet is a field for IP Type of Service (TOS), also referred to as the DiffServ fi eld. The DiffServ or TOS fi eld is used by the switc h to determin e the type of service provided t o the packet. Fi gure 10.2 shows t he encapsulati on of an IP [...]
-
Seite 178
152 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Observing DiffServ Information When a packet arrives at t he switch on an ingress port , the switch examines the first si x of eight TOS bits. T hese bits are called the code point . The switch can assign the QoS p rofile used to subsequently t ransmit the packet based on the code poi[...]
-
Seite 179
C H A P T E R 10 Quality of Service (QoS) 153 You can change the Qo S profile assignmen t for all 64 code poin ts. Use this command: configure diffserv examination code-point <code- point> qosprofile <qosprofile> ports [<portlist>] Once assigned , the rest o f the switches i n the networ k prioritize t he packet using t he charact[...]
-
Seite 180
154 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can change the 802.1p prior ity to DiffServ code point mapping to any code point value u sing thi s command: configure diffserv replacement priority vpri <number> code-point <code-point> ports [<portlist>] By doing so, t he hardware queue used t o transmit a pack[...]
-
Seite 181
C H A P T E R 10 Quality of Service (QoS) 155 Table 10.1 1 describes th e commands used to configure Dif fServ. For further command opt ions, press the Tab key in the command line interf ace. T a ble 10.1 1: DiffServ Confi guration C ommands Command Des cription configure diffser v examinatio n code-point <code-p oint> qosprof ile <qospr o[...]
-
Seite 182
156 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide DiffServ Example In this example, we use DiffServ to signal a class of servi ce through put and assign an y traffic comin g from network 1 0.1.2.x with a speci fic DiffServ code point. T his allows all ot her network switches to send and obser ve the Diffserv co de point i nstead of r[...]
-
Seite 183
C H A P T E R 10 Quality of Service (QoS) 157 transmit ted out t o any other port. To config ure a source por t traff ic groupin g, use this co mmand: configure ports [all | mgmt | <portnumber>] qosprofile <qosprofile> In the following ex ample, all traffic sourc ed from port 7 uses the QoS prof ile na med qp3 when being tran smitted. c[...]
-
Seite 184
158 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide QoS Monitor The Qo S monito r is a util ity th at moni tors the hardw are q ueues associated wit h any port(s). The QoS mo nitor keeps track of t he number of f rames and the frames per second that a specif ic queue is responsible f or transmit ting on a physi cal port. Two options ar[...]
-
Seite 185
C H A P T E R 10 Quality of Service (QoS) 159 • A port is samp led for fiv e seconds before the packets p er second (pps) value is displayed on the screen . Background Performanc e Monitori ng Monitori ng QoS in the background plac es the tran smit counter and any o verflow inform ation into the switch l og. The lo g notific ation appears if one [...]
-
Seite 186
160 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • T o display information inclu ding QoS information for the port. show ports info {detail} Modifying a QoS Policy If you chang e the para meters of a QoS profile a fter a QoS po licy was created (by app lying a QoS profile to a t raffic grouping), the timing of the con figuration c[...]
-
Seite 187
C H A P T E R 10 Quality of Service (QoS) 161 To se t the maxbuf value on a queue, use th is command: configure qosprofile <qos profile> minbw <per cent> maxbw <percent> priority <priority> maxbuf <n umber> To view the maxbuf c onfiguration, u se this command : show qosprofile Bandwidth Settings and T heir Impact Bandw[...]
-
Seite 188
162 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Minimu m bandwi dth sett ings The minimu m bandwidth sett ings determi ne the reser ved port bandwidth avai lable to each queue. Table 10.14 sh ows actual reserved bandwidth for each setting. If the reserved percentage configure d does not match the settings below, it is roun ded up. [...]
-
Seite 189
C H A P T E R 10 Quality of Service (QoS) 163 The sum of the minimum bandwi dth values f or the applie d QoS profiles should be kept to less than 90% of available ba ndwidth. If the minimum b andwidth settings exceed 90% it is p ossible, under a sustained situation of over-subscripti on, that a lower prio rity que ue co uld b ecom e “ starved ”[...]
-
Seite 190
164 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can uti lize up to eight i ngress rate-sha ping queues per VLAN and eight egress rate-shap ing queues pe r physical por t. By definin g a QoS profi le ’ s minimum and ma ximum bandwidth c orrespondin g to the ph ysical queu e and port, you define co mmitted infor mation rates fo[...]
-
Seite 191
C H A P T E R 10 Quality of Service (QoS) 165 • Uni cas t traffic fro m a no n-ra te-s hap ed po rt to a rat e-sha ped port within the VLAN will not be ra te-shaped. • The aggregate for warding bandwidth of all rate- shaped ports in a VLAN is determined by the traffic g roupings and ba ndwidth settings for the QoS p rofiles of the loopback port[...]
-
Seite 192
166 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide To add rat e-shaped por ts to the VLAN, use the following c ommand: configure vlan <vlan name> add port <portlist > {tagged | untagged} {nobroadcast} soft-rate-l imit To delet e rate-shaped port s from the VLAN, use t he command: configure vlan <vlan name> delete por[...]
-
Seite 193
Enterprise Standby Router Protocol (ESRP) Overvie w We recommen d that all switches using E SRP use the sa me versio n of firmware fo r interope rabili ty . S ee "Softw are Upgrade a nd Boot Opti ons" on page 419. Enterp rise Standby Rout er Protocol (E SRP) allows mul tiple switches to provide redundant rout ing service s to users. Fro m[...]
-
Seite 194
168 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ESRP-A ware Switches 480T routi ng switches that are not running ESRP, but are connect ed on a netw ork with other 480T rout ing switche s running ES RP, are ESRP-aware. When ESRP-aware switches are attached to ESRP-enabled switches, the ESRP-aware switches rel iably perform failover [...]
-
Seite 195
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 169 Multiple E SRP VLANs If multiple ESRP VLANs share a host port, each VLAN must be in an ES RP gr oup. Mixing Clients and Routers on ESRP VLANs ESRP should not be enabled on a VLAN that is also e xpected to exchange r outes with ot her non-ESR P routers ( such as router s using RIP o[...]
-
Seite 196
170 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • For a VLAN to be recognized as participatin g in ESRP , the assigned IP addres s or the IPX NetID for the separ ate switches must be ide ntical . Other aspects of the VLAN, including its name, are ignored . • ESRP must be enabled on the desired VLANs for each switch. ESRP can no[...]
-
Seite 197
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 171 default priorit y setting is 0. A priority settin g of 255 loses the election and remains in standby mode. • System MAC address — The switch with the higher MAC addr ess has prio rity . ESRP T racking You can use tr acking inf ormation to moni tor various forms of connectiv ity[...]
-
Seite 198
172 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide route of the switch, or any d evice meanin gful to networ k connectivity o f the master ESRP switch. The swit ch auto maticall y relinqu ishes ma ster sta tus and remai ns in sta ndby mode if a ping keepalive fail s thre e cons ecutive times. To view the statu s of tracked devices, us[...]
-
Seite 199
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 173 Elec tin g th e M aste r Sw itch A new master can be elect ed in one of th ese ways: • A communicated parameter change • Loss of commu nication between master an d slave(s). Whenever a parameter that det ermines the master changes (fo r example, link loss or priority change), t[...]
-
Seite 200
174 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ESRP Options ESRP opti ons include: • ESRP Host Attach • ESRP Domains • ESRP Groups • Linking ES RP Switches • Configuring ESRP an d Multinetting • ESR P and S panni ng Tree ESRP Host Atta ch ESRP host at tach (HA) is an op tional ESRP confi guration that allows y ou to co[...]
-
Seite 201
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 175 Figure 1 1.1: ESRP hos t attach Other appl ications al low lower-cost redundant r outing configurations, because hosts can be directly attached to the switch involved with ESRP. The ESRP HA feature requires at l east one link between the master and standby E SRP switch for carrying[...]
-
Seite 202
176 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide For exampl e, two ESRP switches pr ovide La yer 2 and Layer 3 connectiv ity and redu ndancy for the subnet, whi le anoth er two ESRP switches p rovide Layer 2 co nnectivity and r edundancy for a portion of t he same subnet . Figure 11.2 shows ESRP groups. Figure 1 1.2: ESRP gr oups A [...]
-
Seite 203
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 177 Linking E SRP Switches Direct links between ES RP switches are useful under these conditi ons: • When the ESRP switches are routing and supp orting multiple VLANs (where th e master/standby configuration is sp lit so one switch is master for s ome VLANs and a second switch is mas[...]
-
Seite 204
178 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide you can comb ine ESRP and STP o n a networ k and a VLAN, but you must do so on se parate devices. Be carefu l to mainta in ESRP co nnectivit y between ESPR maste r and standby switches when yo u design a networ k that uses ES RP and STP. ESRP and VLA N Aggr egation Do not confi gure a[...]
-
Seite 205
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 179 • show esrp {detail} — V erifies ESRP is enabled and operational . ESRP Commands Table 11.1 describes the commands used t o configure ESRP. Press the Tab key in the command line inte rface for more com man d option s. Ta b l e 11 . 1 : ESRP Com mands Command Des cription config[...]
-
Seite 206
180 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure vl an <name> delete t rack-diagnosti c Disables t he priority of the diagnostic failover. configure vl an <name> delete t rack-environment Disables the priority o f the environmental failover . configure vlan <name> delete t rack-ping <ipaddress> f re[...]
-
Seite 207
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 181 configure vlan <name> esrp group <number > Configures the ESRP group number . configure vl an <name> esrp priority < value> Configur es the ESRP priority . The range is 0 to 25 5. The higher number has higher priorit y . The default sett ing is 0 . A settin [...]
-
Seite 208
182 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ESRP Examples This secti on provides e xamples of ESRP conf igurations. Single VLAN Using Layer 2 and Layer 3 Redund ancy This exampl e, shown in Figure 11.3, uses a number of switc hes that perform Layer 2 switch ing for VLAN Sales. The switch es are multi- homed to the VLAN Sales sw[...]
-
Seite 209
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 183 Figure 1 1.3: ESRP ex ample using L ayer 2 and Layer 3 redunda ncy The VLAN Sal es master switch, acting a s master for VLAN Sa les , performs both Layer 2 swit ching and Layer 3 routing services for VLAN Sales . The switch in stan dby mode for VLAN Sales performs neit her, thus pr[...]
-
Seite 210
184 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The following command s are used to configu re both VLAN Sales switches. The assumption is that the int er-router bac kbone is running OSPF , with other routed VLANs alrea dy properly configure d. Similar commands would be used to configure a switch on a netw ork runnin g RIP. The pri[...]
-
Seite 211
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 185 Figure 11.3 bui lds on Fig ure 11.4, but eli minates t he requirement of Layer 3 red undancy. It has these features: • An additional VLAN, Engineering , is added th at uses Layer 2 redundancy . • The VLAN Sales uses three active links to each upper sw itch. • The VLAN Enginee[...]
-
Seite 212
186 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create vlan sales configure sales add port 1-3 configure sales ipaddr 10.1.2.3/24 create vlan eng configure eng add port 1,4 configure eng ipaddr 10.4.5.6/24 enable esrp sales enable esrp eng configure eng esrp priority 5 Displaying ESRP Information To verify the operat ional state of[...]
-
Seite 213
C H A P T E R 11 Ente rprise St andby Route r Proto col (ES RP) 187 Then, se t the pri ority of environmenta l failover using t he command: configure vlan <vlan name> add track-environm ent failover <priority> Disable t he priority of environmen tal failove r, using this command: configure vlan <vlan name> delete track-envir onmen[...]
-
Seite 214
188 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 215
IP Unicast Routing This chapt er describe s how to config ure IP rou ting on the In tel ® NetS tructu re ™ 480T routing switch . It assumes that you are al ready familiar wi th IP unica st routing . If not, refer to the se publica tions for additi onal info rmation: • RFC 1256 — ICMP R outer Discovery Messag es • RFC 1812 — Requi r ement[...]
-
Seite 216
190 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Policy-Based Routing and Route Load-Sharing Policy-base d routing i s used to alte r the normal ly calculated n ext- hop route, whi ch is based on the route t able. This same a lteration can also load-share acr oss multiple routers. It im plies a set of ru les or policies that take pr[...]
-
Seite 217
C H A P T E R 12 IP Unicast Routing 191 Router Interfaces The rou ting softwar e and hardware mov e IP tra ffic between router interfaces. A router interface i s simply a VLAN that has an IP address assigned to it. As you create VLANs wi th IP addresses bel onging to di fferent IP subnets, you can also choose to route between the VLANs. Both the VL[...]
-
Seite 218
192 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Populating the Routing T able The 480T r outing switc h maintains an IP routing table for bot h network rou tes and host ro utes. The table is populated fr om these sources: If you defin e a default route, and later del ete the VLA N on t he su bnet associ ated wit h it, the now-inv a[...]
-
Seite 219
C H A P T E R 12 IP Unicast Routing 193 Multiple Rout es When there are multiple, conflict ing choices of equal-cost rout es to a partic ular destin ation, th e router p icks the ro ute with th e longe st matching networ k mask. If these are stil l equal, the rout er picks the route using these crite ria (in this or der): 1. Directly attached netwo[...]
-
Seite 220
194 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Direct • Static • RIP • OSPF • BGP These route maps mat ch the various characteristics of t he route based on the originati ng protocol and set the ac counting ind ices. Use this command to configure route maps: configure iproute route-map [bgp | direct | e-bgp | i-bgp | o[...]
-
Seite 221
C H A P T E R 12 IP Unicast Routing 195 enable ospf export [bgp | i-bgp | e-bgp] [[cost <metric> [ase-type-1 | ase-type-2] {tag <number>} | <route map>] enable ospf export vip [[cost <metric> [ase-type-1 | ase-type-2] {tag <number>} | <route map>] BGP and OSPF Route Map Support for T a gging The 480T rou ting swi[...]
-
Seite 222
196 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Proxy ARP Proxy Address Resolution Protoc ol (ARP) was f irst invent ed so that ARP-capable d evices could respon d to ARP request packets on behalf o f ARP-incapabl e devices. Proxy ARP can also be used t o achieve rout er redundan cy and simplif y IP client co nfigurat ion. The swit[...]
-
Seite 223
C H A P T E R 12 IP Unicast Routing 197 For example, an IP ho st is configured with a cl ass B address of 100.101. 102.103 and a ma sk of 255.255.0.0 : • The switch is configured with the I P address 100.101 .102.1 and a mask of 25 5.255.255. 0. • The switch is also conf igured with a proxy AR P entry of IP address 1 00.101.0.0 and mask 25 5.25[...]
-
Seite 224
198 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide To change the rel ative route priorit y, use this command: configure iproute priority [rip | bootp | icmp | static | ospf-intra | ospf-inter | e-bgp | i-bgp | ospf-extern1 | ospf-extern2] <priority> IP Multinetting IP mult inetting i s used in many lega cy IP netw orks to overla[...]
-
Seite 225
C H A P T E R 12 IP Unicast Routing 199 IP Mul tinetti ng Operat ion Multinett ed VLAN groups must conta in identical port assignm ents. To use IP multinett ing, follow these steps: 1. Select a port where you want IP multinettin g to run, for example, port 2. 2. Remove the port from th e default VLAN, using this command: configure default delete po[...]
-
Seite 226
200 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IP Mu ltinetting Examples This example co nfigures the switch to hav e one multinetted segment (po rt 5) that contains thr ee subnets (192 .67.34.0, 192.67.35.0, a nd 192.67.37.0 ): configure default delete port 5 create protocol mnet create vlan net34 create vlan net35 create vlan ne[...]
-
Seite 227
C H A P T E R 12 IP Unicast Routing 201 configure net35 protocol mnet configure net37 protocol mnet config net34 add port 5 config net35 add port 5 config net37 add port 5 configure default delete port 8,9,10 create vlan net36 create vlan net45 configure net36 ipaddress 192.67.36.1 configure net45 ipaddress 192.99.45.1 configure net36 protocol ip c[...]
-
Seite 228
202 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 5. T urn on RIP or OSPF using on e of these commands : enable rip enable ospf V erifying the IP Unicast Routing Configuration Use the show iproute command to d isplay the cu rrent configuration of IP unicast routing for t he switch and for each VLAN. The show iproute command displays [...]
-
Seite 229
C H A P T E R 12 IP Unicast Routing 203 • The subVLANs use the IP addres s of the superVLAN as the def ault rout er a ddre ss. • Groups of clients are then assig ned to subVLANs that h ave no IP address, but are member s of the superVLAN. • Clients can be informally allocated any valid IP addresses within the subnet. Optionally , you can prev[...]
-
Seite 230
204 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide In Figure 12.2, a ll stations are co nfigured to use t he address 10.3.2.1 for the defaul t router. VLAN Aggregation Pr operties These properties ap ply to VLAN aggregation o peration: • All broadcast and unknown tr af fic remains local to the subVLAN and d oes no t cros s the subVL[...]
-
Seite 231
C H A P T E R 12 IP Unicast Routing 205 SubVLAN Address Range Checking The use o f static A RP entries associ ated with superV LANs o r sub- VLANs is not su pported. Sub-VLAN address range s can be config ured on each subVLAN to prohibit the entry of I P addresses from hosts outside of th e configure d range. To configur e a subVLAN range u se this[...]
-
Seite 232
206 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide VLAN Aggregation Example The foll owing e xampl e illustra tes how to co nfigure VLAN aggregation. The VLAN vsuper i s created as a superVLAN, and subVLANs vsub1 , vsub 2 , and vsub3 are ad ded to it. 1. Create and ass ign an IP address to a VLAN des ignated as the sup erVL AN. Th is [...]
-
Seite 233
C H A P T E R 12 IP Unicast Routing 207 2. Create and add ports to the su bVLANs: create vlan vsub1 configure vsub1 add port 8-10 create vlan vsub2 configure vsub2 add port 11-13 create vlan vsub3 configure vsub3 add port 15-16 3. Configu re the su perVLAN by addi ng the subV LANs: configure vsuper add subvlan vsub1 configure vsuper add subvlan vsu[...]
-
Seite 234
208 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Configure the addr esses, where you want to d irect DHCP or BOOTP requests, using th is command: configure bootprelay add <ipaddress> To delete an entry, us e this command : configure bootprelay delete {<ipaddress> | all} V erifying the DHCP/BOOTP Relay Configuration T[...]
-
Seite 235
C H A P T E R 12 IP Unicast Routing 209 Configuring UDP Forwarding To configur e UDP forwar ding, the you mu st first create a UDP- forward dest ination profi le. The profil e describes the types of UDP packets (by po rt number) that are used, and where they are to be forwarded. You must give the profile a uniqu e name, in th e same manner as a VLA[...]
-
Seite 236
210 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Y ou can alter the default settings for security reasons, by restricting the su ccess of tools that could be used to find information on an importan t application, host, or topology . • For ICMP packets that are typically routed, you can app ly access lists to res trict forwardi[...]
-
Seite 237
C H A P T E R 12 IP Unicast Routing 211 IP Commands Table 12.4 describes the commands used t o configure basic IP settings. For more command options, press the Tab key in the command line interface. configure vlan <name> udp- profile <profile_name> Assigns a UDP-forwarding profile to the source VLAN. Once the UDP profile is associated w[...]
-
Seite 238
212 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 12.4: Ba sic I P Comm ands Command Des cription clear iparp {<ipadd ress> | vlan <name>} Removes dynamic en tries in the IP ARP table. Permanent IP ARP entries are not af fected. clear ipfdb {<ipadd ress> | vlan <name> } Removes t he dynamic entr ies in[...]
-
Seite 239
C H A P T E R 12 IP Unicast Routing 213 conf igur e iparp ti meout <m inut es> Confi gures the IP ARP timeout period. The defau lt setting is 20 mi nutes. A setting of 0 disables ARP agi ng. The maximum aging t ime is 32 minutes. configu re tcp-sync-r ate <number_sync_p er_sec> Configu res a limi t for the s witch to process TCP conn ec[...]
-
Seite 240
214 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Table 12.5 descri bes the commands used t o configure t he IP route table. Fo r more command op tions, press the T ab key in the command line in terface. enable boot prelay Enables t he forwarding of BOOTP and Dynamic Host Confi guration P rotocol (DHCP) requests. enable ipforward ing[...]
-
Seite 241
C H A P T E R 12 IP Unicast Routing 215 configure iproute add blackhole <ipaddress> <mask> Adds a blackhole address to the routing table. All traf fic destined for the configured IP address is d ropped, and no I nternet Control Message Protoco l (ICMP) messa ge is generate d. configure ip route add default < gateway> {<metric&g[...]
-
Seite 242
216 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T able 1 2.6 describes th e commands used to config ure IP options and the ICMP prot ocol . For more comman d options, press the Ta b key in the command line interface . T a ble 12.6: ICMP Config uration Comma nds Command Des cription configure ird p [multicast | broadcast ] Configure[...]
-
Seite 243
C H A P T E R 12 IP Unicast Routing 217 enable icmp add ress-mask vlan [<name> | all] Enables an ICMP address-mask rep ly (type 18, code 0) when an ICMP address mask request is received .The default settin g is enabled. If a VLAN is no t specified, the command applies to all IP interfaces. enable ic m p parameter -problem vlan [<nam e> [...]
-
Seite 244
218 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide enable icmp unrea chables vlan [<name> | all] Enables ICMP network-unreacha ble messages (type 3, c ode 0), and host unreachable messag es (type 3, code 1) when a packet cannot be forwarded to th e destination becau se of an unreachab le route or host. The default setting is ena[...]
-
Seite 245
C H A P T E R 12 IP Unicast Routing 219 Routing Configuration Example Figure 12.3 illustrates a 48 0T routin g switch with three VLA Ns defined as: • F inancea ddress 192.207.35.1 • protocol s ensitive V LAN using the IP protoco l • Ports 1 and 3 are assigned • IP ad dre ss 19 2.20 7.35 .1. • Personnel • Protocol-sensitive VLAN usin g t[...]
-
Seite 246
220 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The stati ons connected to po rts 1 through 4 gen erate a combinati on of IP traffic and NetBIOS traffic. The IP traffic is filtered by the protocol-s ensitive VLANs. All other traf fic is directed to the VLAN MyCompany . In this c onfigurati on, all IP traffic fr om stations c onnect[...]
-
Seite 247
C H A P T E R 12 IP Unicast Routing 221 Resetting and Disabling Route r Settings To retu rn router sett ings to their def aults and di sable routing functions, u se the commands l isted in Tab le 12.8. For mor e command opti ons, press the Tab key in the command line int erface. show iparp {<ipaddress | vl an <name> | permanent} Display s [...]
-
Seite 248
222 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide disable bo otp vlan [<name > | all] Disables the generat ion and proce ssing of BOOTP packets. disable bo otprelay Disables the forw arding of BOOTP req uests. disable icmp < packet-typ e> vlan [<name>] Disables ICMP pa rameter -problem message s. If a VLAN is not sp[...]
-
Seite 249
RIP and OSPF This chapt er describe s the inte rior routi ng protocol s available on the Intel ® Ne tStructure ™ 480T routi ng switch, RIP and OSPF. It assumes that you are already famili ar with IP unicast routing. If not, refer to these publicat ions: • RFC 1058 — Rout ing Informat ion Pr otocol (RIP) • RFC 1723 — RIP V er sion 2 • R[...]
-
Seite 250
224 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Distinguis hing RIP and OSPF The di stinction b etween R IP and OSPF lies in the fundame ntal difference s between distance -vector protoco ls and link- state protocols. Using a di stance-vector prot ocol, each router creates a unique r outing tab le from summariz ed informat ion obta[...]
-
Seite 251
C H A P T E R 13 RIP an d OSPF 225 Overvie w of RIP RIP is an IGP first used in compu ter routing in the Adva nced Research Projects Agency Network (ARPAnet) as early as 1969. It is primari ly intended for use in ho mogeneous netwo rks of moderate size. To determine the best path to a di stant network, a router usin g RIP always selects the path th[...]
-
Seite 252
226 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T riggered Updates Triggered updat es occur whenever a route r changes the metric for a route, and it is required to send an upda te message immediately, even if it is not yet time for a regular update message to be sent . This will general ly result in faster converg ence, but may a [...]
-
Seite 253
C H A P T E R 13 RIP an d OSPF 227 Link-State Database Upon initializ ation, each router tra nsmits a link-state advertisemen t (LSA) on each o f its interfaces. LSAs are collected by each router and entered into the LSDB of each rout er. OSPF uses flooding t o distr ibute LSAs betwee n rout ers. A ny cha nge in routin g infor matio n is sent to al[...]
-
Seite 254
228 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Area Border Router (ABR): An ABR has interfaces in multiple areas. It is r esponsible for ex changing summary advertisements with other ABRs. Y ou can create a maxi mum of 7 non-zer o areas. • Autonomous Sys tem Border Router (ASBR): An ASBR acts as a gate way be tween OSPF an d[...]
-
Seite 255
C H A P T E R 13 RIP an d OSPF 229 • External routes originating from an ASBR con nected to the NSSA can be advertised within the NSSA. • External routes originating from the NSSA can be propagated to other areas, in cluding the backbone ar ea. The comma nd to contro l the NSSA function is si milar to the command used for co nfiguring a stub ar[...]
-
Seite 256
230 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Figure 13.1: V irt ual li nk for stub area You can use virt ual links to repai r a discontiguo us backbone area. I n Figure 13.2, if th e connection between ABR1 and the backbone fails, the ABR2 co nnection pr ovides redunda ncy so the disco ntiguous area continues t o communicate wit[...]
-
Seite 257
C H A P T E R 13 RIP an d OSPF 231 OSPF Database Overflow The OSPF Databa se Overflow feat ure allows you to both li mit the size of the LSDB an d maintain a consistent LSDB across a ll the routers in the system. Maintaining a consistent L SDB across all the routers in t he domain ensures that all router s have a consist ent view of the network. Ma[...]
-
Seite 258
232 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide To reconfigure an OSPF interface as a normal interface: configure ospf add vlan <vlan name> area <area identifier> To display passive interface configurat ion: show ospf interfaces [detail] Routing with OSPF Set the RouterID We recommend manually se tting the rout erID of [...]
-
Seite 259
C H A P T E R 13 RIP an d OSPF 233 Figure 13.3: Ro ute re distr ibuti on Configuring Route Redistribution Exporting routes from OSPF to RIP, and from RIP to OSPF, are discrete co nfiguration func tions. To run OSPF and RIP simultaneousl y, first confi gure both p rotocols, and th en verify the independe nt operati on of each. Then you can configu r[...]
-
Seite 260
234 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide These commands enabl e or disable the exporting of RIP, static, and direct rout es by way of LSAs to other OSPF routers as Autonomous System ( AS)-external type 1 or t ype 2 routes. The d efault se tting is disabled. The cost metric is inserted for all RIP-learned, stat ic, and direct[...]
-
Seite 261
C H A P T E R 13 RIP an d OSPF 235 OSPF Timers and Authentication Configuri ng OSPF ti mers and aut hentication on a per-ar ea basis is a shortha nd for applyi ng the timer s and authenti cation to ea ch VLAN in the are a at the time of con figuration . If you add more VLANs to the area, be sure to configure t he timers and authent ication for the [...]
-
Seite 262
236 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can make dy namic changes to the ro ute map. Direct and Static route chan ges are reflected immedi ately, while RIP, OSPF, and BGP changes are refle cted within 30 seconds. Route Map Support for OSPF Export When OSPF is en abled the rout e map is applied on each and every route ex[...]
-
Seite 263
C H A P T E R 13 RIP an d OSPF 237 BGP and OSPF Route Map Support for DSB Accounting Route map supp ort for BGP and OSPF acco unting allows you t o set the cost and type of t he exported rou tes. Use this command t o enable account ing: configure route-map <route-map> <sequence number> [add | delete] set [as-path <as no> | communi[...]
-
Seite 264
238 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure rip Rxmode [no ne | v1only | v2only | any] {vlan [<name> | al l]} Changes the RIP receive mo de for one or all VLANs. Specify: • none — Drop all received RIP packets. • v1only — Accept only RIP v1 for mat packets. • v2only — Accept only RIP v2 for mat packe[...]
-
Seite 265
C H A P T E R 13 RIP an d OSPF 239 enable rip aggreg ation Enables agg regation of subnet inf ormation on interfac es configured t o send RIP v2 or RIP v2- compat ible traffic. The 48 0T routin g switch summarizes subnet routes t o the nearest class network route. These rules apply when u sing RIP aggre gation: • Subnet routes ar e aggregated to [...]
-
Seite 266
240 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide RIP Configuration Example Figure 13. 4 illustrates a switch that has three VLANs defined as follows: Financ e • Protoc ol-sensitiv e VLAN usi ng the IP pr otocol • Ports 1 and 3 have been assigned • IP address 192.207.35.1 Personnel • Protoc ol-sensitiv e VLAN usi ng the IP pr[...]
-
Seite 267
C H A P T E R 13 RIP an d OSPF 241 MyComp any • Port-based VLAN • All port s have been ass igned Figure 13.4: RIP configur ation ex ample The stations con nected to the system gen erate a combination of IP traffic and NetBIOS § traffic. The IP traffic is filtered by the protoco l- sensitive VLANs. All other t raffic is directed to the VLAN MyC[...]
-
Seite 268
242 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure Finance add port 1,3 configure Personnel add port 2,4 configure MyCompany add port all configure Finance ipaddress 192.207.35.1 configure Personnel ipaddress 192.207.36.1 enable ipforwarding configure rip add vlan all enable rip Displaying RIP Settings To display settings fo[...]
-
Seite 269
C H A P T E R 13 RIP an d OSPF 243 Configuring OSPF Each switch co nfigured t o run OSPF must hav e a unique r outerID. We recommended manuall y setting the routerID of the switc hes participat ing in OSPF, instead of having each swit ch automatically choose its rout erID based on the highest interface IP address. Not performing this c onfiguration[...]
-
Seite 270
244 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 13.5: O SPF Configu ration Com mands Command Descript ion configure ospf [area <areaid> | vlan [<name> | a ll]] cost [ automatic | <number>] Configures t he cost metri c of one or a ll VLAN(s). If an area is specified, the cost metric is applie d to all VLANs[...]
-
Seite 271
C H A P T E R 13 RIP an d OSPF 245 configure ospf [vl an <name> | area <areai d> | virtual -link <ro uterid> <ar eaid>] timer <re transmit_ interval> <t ransmit delay > <hello inte rval> <d ead interva l> Configures t he timers for one interfac e or all interfaces in th e same OSPF area. These are the[...]
-
Seite 272
246 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure ospf area <areaid> [interarea- filter | external-filter] [<access-profile> | none] Configures an OSPF area specifying filter and access profile. configure ospf asbr- filter [<access_prof ile> | none] Configures a r oute filter for non-OSPF routes exported i[...]
-
Seite 273
C H A P T E R 13 RIP an d OSPF 247 conf igur e osp f rout erid [aut omat ic | <rou terid> ] Configures the OSPF rout erID. If automa tic is specified, the 4 80T routing switch uses t he large st IP interface address as the OSPF routerID. Man ual routerI D setting is recommended. configure ospf spf-ho ld-time <seconds> Configures t he mi[...]
-
Seite 274
248 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide enable ospf export static cost <metric> [ase-type-1 | ase-type- 2] {tag <number>} Enables the d istributio n of static route s into the OSPF domain. Once enabled, the OSPF router is considered to be an ASB R. The default tag number is 0 . The default sett ing is disabled. [...]
-
Seite 275
C H A P T E R 13 RIP an d OSPF 249 OSPF Configuration Example Figure 13.5 sh ows an exampl e of an au tonomous syst em using OSPF routers. The details of thi s network follow. Figure 13.5: OSPF co nfiguration exampl e Area 0 is the backbone area and has these charact eristics: • 2 int ernal rout ers (IR1 and IR2) • 2 area border routers (ABR1 a[...]
-
Seite 276
250 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Network numbe r 10.0.x.x • 2 identif ied VLANs (A0_10_0_2 and A0_10 _0_3) Area 5 is conn ected to the backb one area throug h ABR1 and ABR2, having t hese characteristics: • Network numbe r 160.26.x.x • 1 identif ied VLAN (A5_160_2 6_26) • 2 intern al route rs • A virtua[...]
-
Seite 277
C H A P T E R 13 RIP an d OSPF 251 configure vlan A5_160_26_26 ipaddress 160.26.26.1 255.255.255.0 create ospf a rea 0.0.0.5 create ospf a rea 0.0.0.6 enable ipforwarding configure ospf area 0.0.0.6 stub nosummary stub- default-cost 10 configure ospf vlan A6_161_48_2 area 0.0.0.6 configure ospf vlan A5_160_26_26 area 0.0.0.5 configure ospf add virt[...]
-
Seite 278
252 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Displaying OSPF Settings To display settings f or OSPF, use the commands listed in Table 13.6. For more co mmand option s, press the Tab key i n the command li ne interface. T a ble 13.6: O SPF Show Commands Command Description show ospf Displays global OSPF infor mation. show ospf ar[...]
-
Seite 279
C H A P T E R 13 RIP an d OSPF 253 Resetting and Disabling OSPF Settings To return OSPF settings to th eir defaults, use the commands listed in Table 13. 7. For more command o ptions, press t he Tab key in the command line i nterface. T a ble 13.7: O SPF Reset an d Disable Commands Command Description delete ospf area [<areaid> | all] Deletes[...]
-
Seite 280
254 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 281
1 Border Gateway Protocol (BGP) This chapt er describe s how to config ure the Border Gat eway Protocol (BGP), an ex terior r outing pr otocol avai lable on the Inte l ® NetStr uctu re ™ 480T rou ting switch. For IEEE s tandards informa tion, refer to http://stan dards.ieee. org For more information on BGP , refer to these documents: • RFC 177[...]
-
Seite 282
256 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide You can use BGP a s an exterior border gateway protocol (E BGP), or you can u se it within an AS, as an interi or borde r gateway protocol (I BGP). BGP Attributes These well-kn own BGP attr ibutes are supp orted by the 480T routing swi tch: • Origin – Defines the origin of the ro [...]
-
Seite 283
C H A P T E R 14 Border G atewa y Protoco l (BG P) 257 BGP Featur es The BGP f eatures support ed by the 48 0T routing switch inc lude: • Route Reflectors • Route Confederations • Route Aggregation • Route Map Su pport • IGP Synch ronization • Loopback Inter face • OSPF- to-BG P Ro ute Redi strib ution • BGP Peer Grou ps Route Refle[...]
-
Seite 284
258 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Route Confederations BGP requir es networks to use a fully-meshed router configura tion. This requirement does not scale well, especially when BGP i s used as an inter ior gateway protocol. One way to reduce the size of a ful ly-meshed AS is to divide t he AS into mul tiple sub-autono[...]
-
Seite 285
C H A P T E R 14 Border G atewa y Protoco l (BG P) 259 Using the co nfederation, AS 200 is split into two sub-ASs: SubAS65001 and SubAS 65002. Each sub-AS is fully meshed , and IBG P (Int erna l BGP ) is ru nni ng amo ng it s memb ers. EBGP (Ext ernal BGP) is u sed between Sub 65001 and SubAS65002. Rou ter B and Router D are EBGP peers. EBGP is als[...]
-
Seite 286
260 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create vlan bd configure vlan bd add port 3 configure vlan bd ipaddress 192.1.1.9/30 enable ipforwarding vlan bd configure ospf add vlan bd area 0.0.0.0 disable bgp configure bgp as-number 65001 configure bgp routerid 192.1.1.22 configure bgp confederation-id 200 enable bgp create bgp[...]
-
Seite 287
C H A P T E R 14 Border G atewa y Protoco l (BG P) 261 To configure Route r D, use these commands: create vlan db configure vlan db add port 1 configure vlan db ipaddress 192.1.1.10/30 enable ipforwarding vlan db configure ospf add vlan db area 0.0.0.0 create vlan de configure vlan de add port 2 configure vlan de ipaddress 192.1.1.14/30 enable ipfo[...]
-
Seite 288
262 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Route Aggr egation Route aggreg ation in volves combinin g the sub-netwo rks of several routes so that they are advertised as a singl e route. Aggregation reduces t he amount of information that a BGP speak er must store and exchange wit h other BGP speaker s. Reducing t he informatio[...]
-
Seite 289
C H A P T E R 14 Border G atewa y Protoco l (BG P) 263 Using the Loopback Interface If you ar e using BGP as your interior gateway protocol , you may decide to adve rtise the interface a s available, rega rdless of the status of any particular interface. The loopback interface can also be used for EBGP multi hop. Using th e loopback interface elimi[...]
-
Seite 290
264 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Use these commands to c onfigure the parameters of t he peer group. configure bgp peer-group <peer-group> remote-as <number> configure bgp peer-group <peer-group> [route- reflector-client | no-route-reflector-client] configure bgp peer-group <peer-group> weight[...]
-
Seite 291
C H A P T E R 14 Border G atewa y Protoco l (BG P) 265 • Passwor d To create a new nei ghbor and include i t as a member of the pee r group, use thi s command: create bgp neighbor <ip address> peer-group <peer- group> {multi-hop} This cre ates th e new neighbor as part of t he peer group , and the neighbor inherits all exi sting param[...]
-
Seite 292
266 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide BGP Password Encryption The neighb or password for BGP is encrypted in upload /download configu ration. Configuring BGP Table 14.1 descri bes the commands used t o configure B GP. For more command op tions, press t he Tab key in the command line inte rfac e. T a ble 14.1: BG P Configu[...]
-
Seite 293
C H A P T E R 14 Border G atewa y Protoco l (BG P) 267 configure bgp delete networ k [<ipaddress> | <mask> | all] Deletes a network o riginat ed fro m this r outer . configure bgp as-number <as_ number> Changes the local AS number used by BGP . Y ou must disabl e BGP befor e the AS number can be changed. configure bgp cluster -id [...]
-
Seite 294
268 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure bgp neighbor [ <ipaddress> | all ] password [none | {encrypted} <password>] Configures a passwor d for a neighbo r . When the password is configured , TCP MD5 authenticat ion is enabl ed on the TCP connectio n established wit h the neighbor . The encrypte d keywo[...]
-
Seite 295
C H A P T E R 14 Border G atewa y Protoco l (BG P) 269 configure bgp neighbor [ <ipaddress> | all ] soft-reset {in | out} Applies th e current input or output r outing policy t o the rout ing informat ion already exchanged wit h the neighb or . The i nput/ output routin g policy is determin ed by th e nlri-filter , as-path-filter , and the ro[...]
-
Seite 296
270 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide disable bg p aggregation Disables BGP route-aggreg ation filtering. disable bgp al ways-compare-med Disa bles BGP use of the Mult i-Exit Discriminat or (MED) from n eighbors in diff erent autonomous syst ems in the route- selection algori thm. MED is only used when compar ing paths fr[...]
-
Seite 297
C H A P T E R 14 Border G atewa y Protoco l (BG P) 271 Displaying BGP Settings To display setting s for BGP, use the commands listed in T able 14.2. For more command op tions, pr ess the Tab key in th e command line inte rfac e. enable bgp synchronization Enables sync hronization be tween BGP and IGP . W hen enabled, BGP waits for IGP to provide th[...]
-
Seite 298
272 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Resetting and Disabling BGP To return BGP sett ings to their defau lts, or to disable BGP, use the commands listed i n Table 14.3. For more command opt ions, press the Tab key i n the command line i nterface. T a ble 14.3: BG P Reset an d Disable Commands Command Descript ion delete b[...]
-
Seite 299
C H A P T E R 14 Border G atewa y Protoco l (BG P) 273 BGP Route Selection BGP will select rout es based on the fol lowing precedence (from highest to lowest ): • W eight • Local preference • Shortest length (sho rtest AS path) • Lowest origin cod e • Lowest MED • Route from exter nal peer • Lowest co st to next hop • Lowest Rout er[...]
-
Seite 300
274 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 301
IP Multicast Routing This chapt er describe s the components of IP multicast routing, and how to conf igur e it on the In tel ® NetStructure ™ 480T routing swit ch. For mor e informatio n on IP mult icasting , refer to th ese publicatio ns: • RFC 1 11 2 — H ost Extension f or IP Multicasting • RFC 2236 — In ternet Gr oup Mana gement Prot[...]
-
Seite 302
276 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IP multi cast routing co nsists of these functi ons: Conf igur e IP unica st routing b efore you configur e IP multi cast routing. • A router that can f orward IP multicast packets. • A router -to-router multicast rou ting protocol, for example, Distance V ector M ultic ast Ro uti[...]
-
Seite 303
C H A P T E R 1 5 IP Multicast R outing 277 PIM Sparse Mode (PIM-SM) Y ou can run either P IM- DM or PIM-SM on eac h VLAN. Unlike PIM- DM, PIM-SM i s an explici t join and pr une protoco l, and supports shared tr ees as well as shortest path trees (SPTs). The routers must expl icitly be joined to one or mor e groups to en able communicat ion. This [...]
-
Seite 304
278 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The switch also forwards PIM-SM traffic to a PIM-DM network. The PMBR sends a join message to the RP and the PMBR then broadcasts traffic f rom the RP in to the PI M-DM netwo rk. There are no n ew commands that need to be entered to enab le PIM- SM to PIM-DM functio nality. By having [...]
-
Seite 305
C H A P T E R 1 5 IP Multicast R outing 279 IGMP snoop ing is di sabled, all IG MP and IP mult icast traffi c will flood wit hin a given VL AN. This is n ormal 802. 1d bridge beh avior. IGMP and IGMP snoop ing must be enabled wh en IP unicast or multic ast routing is c onfigur ed (the defau lt setting is enable d). IGMP snoop ing expect s at least [...]
-
Seite 306
280 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IGMP Query Interval The maximum val ue you can set for the IGMP q uery interval is 429,496,72 9. The values y ou can set for query response interval a nd the last member que ry interval are between 1 secon d and 25 seconds. IGMP Configuration Commands Table 15 .1 describes th e comman[...]
-
Seite 307
C H A P T E R 1 5 IP Multicast R outing 281 conf igur e igm p <qu ery _int erval > <query_ response_in terval> <last_member_que ry_interval > Configures the IGMP timer s. Ti mers are based on IEEE RFC22 36. Specify: • query_interval — The amount of t ime, in seconds, the system waits b etween sending out gener al querie s. The[...]
-
Seite 308
282 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configur ing IP Multicas ting Ro uting To config ure IP mult icast rout ing: 1. Configure the system for IP un icast routing. 2. Enable multicast rou ting on the interface, using this command: enable ipmcforwarding {vlan <name>} 3. Enable DVMRP or PIM on all IP multicast routing[...]
-
Seite 309
C H A P T E R 1 5 IP Multicast R outing 283 conf igure d vmrp time r <route _repor t_inte rval> <route_replaceme nt_time> Configures the glob al DVMRP timers. Specify the follow ing: • route_report_interval — how many seconds the system wait s between tran smi tting peri odic rout e rep ort p ack ets. The range is 1 to 2,147,48 3,64[...]
-
Seite 310
284 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide conf igur e dvm rp vl an <na me> ti mer <probe_in terval> <nei ghbor timeout > Configures DVMRP interface t imers. Specify: • probe_interval — How many seco nds the system waits between transmitting DVMRP probe messages. The range is 1 to 2,147,483,64 7 seconds ([...]
-
Seite 311
C H A P T E R 1 5 IP Multicast R outing 285 Configuration Examples See Chapter 13, "RIP and OSP F" on page 223 for in formation on configur ing OSPF . In the example b elow, the system labeled IR1 is configured fo r IP multica st routing using PIM-DM. l Figure 15.1: IP m ulti cast r outi ng PI M-DM co nfigur ation example Configuration fo[...]
-
Seite 312
286 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure vlan A0_10_0_2 ipaddress 10.0.2.2 255.255.255.0 configure ospf add vlan all enable ipforwarding enable ospf enable ipmcforwarding configure pim add vlan all enable pim PIM-SM Configuration Example In this exampl e, the system labeled ABR1 is con figured for IP multic ast rou[...]
-
Seite 313
C H A P T E R 1 5 IP Multicast R outing 287 Configuration for ABR1 The following is the configuration for the rou ter labeled ABR1: configure vlan A0_10_0_2 ipaddress 10.0.2.1 255.255.255.0 configure vlan A0_10_0_3 ipaddress 10.0.3.1 255.255.255.0 configure vlan A6_161_48_2 ipaddress 161.48.2.2 255.255.255.0 configure vlan A5_160_26_26 ipaddress 16[...]
-
Seite 314
288 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Deleting and Resetting IP Multicast Settings To return IP multic ast routin g setting s to their de faults an d disable IP multicast r outing functi ons, use the commands liste d in Table 15.4. For more comman d options, press the Tab key i n the command line interface. show igmp snoo[...]
-
Seite 315
C H A P T E R 1 5 IP Multicast R outing 289 disable dv mrp {[Rxmode | txmode ] vlan [<nam e> | all]} Disables DVMRP on the system. disable dv mrp Rxmode vlan [ <name> | all] Disables receivi ng of DVMRP packets on a per - VLAN basis. disable dv mrp txmode vla n [<name> | all] Disables transmitting o f DVMRP packets on a per- VLAN [...]
-
Seite 316
290 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 317
IPX Routing This chapt er describes how to configure IPX § , I PX/RIP, and IPX/SA P on the I ntel ® NetStructure ™ 480T rou ting switch. It assumes that you are familiar with IPX. If not, refer to yo ur Novell documentatio n. Overvi ew of IPX The 480T r outing swit ch provides sup port for I PX, IPX/RIP (R outing Informat ion Protoc ol), and IP[...]
-
Seite 318
292 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX NetID or an IP address. You also can configu re a VLAN for both IP X and IP routin g. Figure 16.1 shows the same switch discussed earlier in Figu re 12.1 on page 191. In Figur e 16.1, IPX routing is added to the switch, and two additio nal VLANs have been def ined — Exec and S u[...]
-
Seite 319
C H A P T E R 16 IPX Ro uting 293 IPX Encapsulation T ypes Novell NetWar e § supports f our types of fr ame encapsulatio n. The term for each type i s described in Table 16.1 . To configure a VLAN to use a particular enca psulation type, use this c ommand: configure vlan <name> xnetid <netid> [enet_ii | enet_8023 | enet_8022 | enet_sna[...]
-
Seite 320
294 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IP and IPX on the Same VLA N The switch supports IP and I PX routin g within the same VLAN. This feature does n ot require any special con figuration. T agged IPX VLAN The switch suppo rts tagged 802.1Q tra ffic on an IPX VLAN that is performing routing. Tagging is most commo nly used[...]
-
Seite 321
C H A P T E R 16 IPX Ro uting 295 Populating the Routing T able The routi ng switch b uilds and mai ntains an IPX routing t able. As in the case of IP, the tab le is populated u sing dyn amic and stati c entries. Dyna mic Ro utes Dynamic routes ar e typically learned u sing IPX/RIP. Routers th at use IPX/RIP exchange in formation in their routing t[...]
-
Seite 322
296 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX/RIP is auto matically enabled when a NetID is assign ed to the VLAN. To remove the advertisemen t of an IPX VLAN, use the command: configure ipxrip delete {vlan <name> | all} GNS Support The 480T r outing switch su pports the Get Near est Server ( GNS) reply func tion. When [...]
-
Seite 323
C H A P T E R 16 IPX Ro uting 297 Configuring IPX This secti on describes the c ommands associated wi th configuri ng IPX, IPX/RIP, and IPX/SAP on the 480T ro uting switch. Configur e IPX routing a s follows: 1. Create at least two VLANs (see "V irtual LANs (VLANs )" on page 95) . 2. If you are co mbining an IPX VLAN with anoth er VLAN on[...]
-
Seite 324
298 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • show ipxrip — Displays the enable status of I PX/RIP for the VLAN, including operational and administrative status. It als o lists identif ied IPX/RIP neig hbors, RIP packet statistics , and several other tim er settings. • show ipxservice — Displays the co ntents of the IPX[...]
-
Seite 325
C H A P T E R 16 IPX Ro uting 299 To increase route stab ility, you can inc rease the hold multipli er (default i s 3 for 180 seconds). To modify these para meters use CLI commands: configure ipxrip <vlan name> update-interval <time> hold-multiplier <number> configure ipxsap <vlan name> update-interval <time> hold-mult[...]
-
Seite 326
300 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX Commands Table 16.3 descri bes the commands used t o configure b asic IPX settings. For more command opt ions, press th e Tab key in the command line in terface. T a ble 16.3: Ba sic I PX § Com mands Command Des cription configure ipxmaxhops <numb er> Configures the IPX max[...]
-
Seite 327
C H A P T E R 16 IPX Ro uting 301 Table 16.4 describes the commands u sed to confi gure the I PX route table. Fo r more command op tions, press the T ab key in the command line in terface. configure ip xservice delete <servi ce_type> <servic e_name> <neti d> <node_ address> <socket> Deletes an IPX service from t he ser[...]
-
Seite 328
302 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Table 16.5 descri bes the commands used t o configure I PX/SAP. For more command op tions, pr ess the Tab key in th e command line inte rfac e. conf igure ipx rip vlan [all | <name >] [impo rt- filter | export- filter | trusted-g ateway] [ none | <access-profile>] Configur[...]
-
Seite 329
C H A P T E R 16 IPX Ro uting 303 configure ip xsap delete vlan [< name> | all] Disables IPX/SAP on an interface. conf igur e ipx sap vl an [< name > | al l] dela y <msec> Configures the time between each SAP packet within an update i nterval. T he defaul t setting is 55 mill isecond s. conf igur e ipx sap vl an [< nam e> | [...]
-
Seite 330
304 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX Configuration Example Figure 1 6.2 builds on t he example showin g the IP/RI P configura tion that was used in Figure 13.4 on page 241. Now, along with having IP VLANs configured, this example illustrates a switch that has tw o IPX VLANs defined. The first VLAN is Ex ec with these[...]
-
Seite 331
C H A P T E R 16 IPX Ro uting 305 The stations conn ected to the system generat e a combination o f IP traffic and IPX traffic. The IP t raffic is filtered by the IP VLANs. IPX traffic is filtered by the IPX VLANs. In this c onfigurati on, all IP traffic fr om stations c onnected to ports 1 and 3 have access to the IP router th rough the VLAN Fina [...]
-
Seite 332
306 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Resetting and Disabling IPX To retu rn IPX settings t o their default s and disable I PX function s, use the commands listed in Tabl e 16.7. show ipxrout e {vlan <name> | xnetid <neti d> | origin [sta tic | rip | local]} Displays th e IPX routes in the route t able. show i[...]
-
Seite 333
C H A P T E R 16 IPX Ro uting 307 unconfi gure ipxsap {vlan < name>} Resets the IP X/SAP setting s on one or all VLANs to the defaul t. Removes import an d export filters, and resets the MTU size, upd ate interva l, and inter-packe t delay . unconfi gure vlan <n ame> xnetid Removes the IPX NetID of a VLAN. T a ble 16.7: IP X § Rese t a[...]
-
Seite 334
308 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 335
Access Policies This chapter desc ribes access policies, a nd how they are create d and implement ed on the I ntel ® NetStructu re ™ 480T r outing switch. Overview of Access Policies Access policies are a generalized cat egory of features that i mpact forwarding an d route forwardi ng decisions. Acc ess policies ar e used primaril y for security[...]
-
Seite 336
310 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide profile or dropped. Usi ng access lists h as no impact on switch performance. Access lis ts are typical ly applied to traffic that cr osses Layer 3 router boundaries, bu t it is possible to use acce ss lists within a Layer 2 VLAN. Routing Access P olicies Routing access pol icies are [...]
-
Seite 337
C H A P T E R 1 7 Access Polici es 311 configure access-profile <access_profile> [ad d | delete] {seq-number} ipx-sap <ipx_sap_type_in _hex> <ipx_name_string> To assign IPX access profile s as either imp ort or expo rt filters to RIP or SAP, use these commands: configure ipxrip vlan [<vlan name> | all] imp ort- filter [<a[...]
-
Seite 338
312 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Physical source port • Precedence number ( optional) How IP Access Lists Work For each ac cess list entry, you can either per mit the packet to be forwarded, or deny th e packet (in which case, it is dropped). When you create a permit access list condit ion, you can optionall y [...]
-
Seite 339
C H A P T E R 1 7 Access Polici es 313 or dropped. If no defa ult rule is specified, the defaul t implici t behavior is to forwa rd the packet. This example shows a default entry used to speci fy an implicit deny: create access-list denyall ip destination 0.0.0.0/0 source 0.0.0.0/0 den y ports any Once the defaul t behavior of the access list i s e[...]
-
Seite 340
314 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide the keyw ord. For examp le, you could use this ent ry to permi t TCP sessions origi nated from anywher e in th e 10.1.0.0 netw ork only: create access-list TCPout tcp destination 10.1.0.0/ 16 ip-port any source 0.0.0.0/0 ip-port any permit-established ports any In this example, using [...]
-
Seite 341
C H A P T E R 1 7 Access Polici es 315 • IP source and destination address and mask • ICMP type cod e • Physical source port (option al) • Numbered preceden ce (optional) When using an acc ess control list with an IP deny any rule, al l ICMP traf fic will not be bloc ked (for ei ther La yer 2 or Layer 3). To block all traffic within Layer 2[...]
-
Seite 342
316 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 17.1: Ac cess L ist Configu ration Com mands Command Des cription create access-list <name> ip destination [<dst_ ipaddress>/<dst _mask> | any] sour ce [<src_ipaddress>/<src_mask> | any] [deny | permit <q osprofile> | deny] port s [<portl[...]
-
Seite 343
C H A P T E R 1 7 Access Polici es 317 create access-list <n ame> tcp destination [<dst_ ipaddress>/< dst_mask> | a ny] ip-port [<dst_ port> | rang e <dst_port _min> <dst_port _max> | any] sour ce [<src_ipaddress>/<src_mask> | any] ip-port [<src_port > | range <src _port_min> <src_port [...]
-
Seite 344
318 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create ac cess-list <name> udp destinati on [<dst_ ipaddress>/< dst_mask> | a ny] ip-port [<dst_ port> | rang e <dst_port _min> <dst_port _max> | any] sour ce [<src_ipaddress>/<src_mask> | any] ip-port [<src_port > | range <src [...]
-
Seite 345
C H A P T E R 1 7 Access Polici es 319 create access-list ic mp destination [<de st_i pad dres s>/<m ask> | any] sour ce [<src_ipaddress>/<source_mask> | any] type <icmp_t ype> code <i cmp_code> [permit | deny] {<port list>} {precedence <number>} Creates a named ICMP access list. The access list is ap[...]
-
Seite 346
320 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IP Access List Examples This section presents two IP access list exampl es: • Using the permit- establish keyword • Filtering ICMP packets Example 1: Usin g the Permit-Establis hed Keyword This example uses an access list that permits TCP sessions (Telne t, FTP, and HTT P) to be e[...]
-
Seite 347
C H A P T E R 1 7 Access Polici es 321 in conjunct ion with IP, it is technically no t an IP data packet. Thus, ICMP data traffic, such as pi ng traffic, is not affect ed. Use this command to creat e the access-list: create access-list denyall ip destination any source any deny ports any Figure 17.1: Acce ss list denies al l TCP and UDP traffic Ste[...]
-
Seite 348
322 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Step 3 - Permit-Established Access List When a TCP session begi ns, there is a three-way handshake that includes a sequen ce of a SYN, SYN/ACK and ACK packet s. Figure 17.3 show s an illustrati on of the handshak e that occurs when Host A init iates a T CP session to Ho st B. After th[...]
-
Seite 349
C H A P T E R 1 7 Access Polici es 323 Figure 17.4 shows the final outco me of this access list. Figure 17.4: Permit -establis hed acces s list filter s out SY N packet to desti nation Example 2: Fi ltering ICMP Packets This example creates an access lis t that filters out ping (ICMP echo) packets. ICMP echo packets are defined as type any code any[...]
-
Seite 350
324 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide See “ Creat ing an A ccess Profile ” on page 324. To use routing access policies 1. Create an access profile. 2. Configure the access profile to be of type permit , deny , or none . 3. Add entries to the acce ss profile. 4. Apply the access pro file. Creating an Access Profi le Th[...]
-
Seite 351
C H A P T E R 1 7 Access Polici es 325 with each entry in the list. Once a match is found, the o peration is either permitted or denied, depending on the configu ration of the matched entry . If no match is found, the operat ion is implicitly denied. To add or del ete IP addresses or VLANs from an access profile , use this c ommand: configure acces[...]
-
Seite 352
326 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide can be used when y ou wish to match only again st the subne t addre ss, and ignore a ll addresse s within the sub net. If you are using CIDR sub net masking, the same logic appl ies, but the configuration is more tricky. For exampl e, the address 141.251. 24.128/25 rep resents any hos[...]
-
Seite 353
C H A P T E R 1 7 Access Polici es 327 Deleting an Access Profile Entry To delete an access prof ile entry , use this comm and: configure access-profile <access_profile> delete <seq_number> Applying Access Pr ofiles After the access profile i s defined, apply it to one or more routing protocols or VLANs. When an access pr ofile is appli[...]
-
Seite 354
328 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure rip vlan [<name> | all] import-filter [<access_profile> | none] • Export Filter — Use an access pro file to determine which RIP routes are adve rtised into a particular VLAN, using this command: configure rip vlan [<name> | all] export-filter [<acces[...]
-
Seite 355
C H A P T E R 1 7 Access Polici es 329 Assuming the backbo ne VLAN interconnects all the routers in the company (and, therefore, the Int ernet router does not have the best routes for ot her loca l subnets), t he commands to build the acc ess policy for the switc h would b e: create access-profile nointernet type ipaddress configure access-profile [...]
-
Seite 356
330 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • External Filter — For switches configur ed to support multiple OSPF areas (an ABR function), yo u can apply an access profile to an OSPF area that filters a set of OSPF external rou tes from being advertised into that area. T o configure an external filter policy , use this com [...]
-
Seite 357
C H A P T E R 1 7 Access Polici es 331 Figure 17.7: OSPF ac cess p olicy exam ple Routing Access P olicies for DVMRP The access policy capabili ties for DVMRP resemble those for RIP. If the DVMR P protocol i s used for rout ing IP mul ticast traff ic, you can config ure the sw itch to use an access profile to determin e: • T rusted Neighb or — [...]
-
Seite 358
332 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Export Filter — Use an access pro file to determine which DVMRP routes are advertised into a p articular VLAN, using this command: configure dvmrp vlan [<name> | all] export- filter [<access_profile> | none] DVMRP Example In this example, the network used i n the pre[...]
-
Seite 359
C H A P T E R 1 7 Access Polici es 333 configure the switch to use an access pr ofile to determine trusted neighbor ( PIM) router n eighbors fo r the VLAN on th e switch running PIM. To configur e a trusted neighbor pol icy, use thi s command: configure pim vlan [<name> | all] trusted- gateway [<access_profile> | none] PIM Example With [...]
-
Seite 360
334 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide attributes of the NLR I. T o configure an autonomous s ystem path filter policy , use this command: configure bgp neighbor [<ipaddress> | all] as- path-filter [in | out] [<access_profile> | none] Y ou can apply the autono mous system path filter to the ingress or egress up[...]
-
Seite 361
C H A P T E R 1 7 Access Polici es 335 Routing Access Policy Commands Table 17.3 descri bes the commands used t o configure r outing access policies. Press the Tab key i n the command line interface for further command option s. T a ble 17.3: Rou ting Acc ess Policy Co nfiguration Command s Command Des cription configure access-pro file <access_[...]
-
Seite 362
336 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure access-profil e <access_profile> delete <s eq_number> Del etes an access prof ile entry using the sequence number . configure access-profil e <access_profile> mode [permit | deny | none] Configures t he access profile t o one of the follow ing: • permit ?[...]
-
Seite 363
C H A P T E R 1 7 Access Polici es 337 Using R oute Ma ps Route maps a re a mechanism you c an use to conditi onally contr ol the redi stribution of routes be tween two rout ing domain s, and to modify the routin g information that is redistributed . configure ospf area <area_id> interarea- filter [<access_profile> | none] Configures t [...]
-
Seite 364
338 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Route maps a re used in conjunc tion wit h the match and se t operations. A match opera tion specifies a criteria that must be matched. A set op eration specifies a chan ge that is made to the rout e when the matc h operation is successful. There are three basic ste ps to configuring [...]
-
Seite 365
C H A P T E R 1 7 Access Polici es 339 configure route-map <route-map> <sequence number> add match [nlri-list <access_profile> | as-path [access_profile <access-profile> | <as num>] | community [access-profile <access_profile> | <as_num>:<number> | number <community>] | next-hop <ipaddress>[...]
-
Seite 366
340 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide community [<access_profi le> | <community >] Match es the co mmuni ties in th e path attribu te aga inst the specified BGP community access profile or the community number . next -hop <ipad dre ss> Matches the next-ho p in the path attr ibute against t he specified I[...]
-
Seite 367
C H A P T E R 1 7 Access Polici es 341 Route Map Operation The entries in the route map are processed in the ascending order of the sequence number. W ithin the entry, t he match statements are processed fi rst. When the match ope ration is successful, the set and goto statement s within the entr y are processed, and the action associated wit h the[...]
-
Seite 368
342 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide These points ap ply to this exampl e: • R T A is a memb er of AS 1 11 1 and peers with a router in the Internet to receive the en tire Internet routing table. • R TB is a member of AS 2222, and has an EBGP connection with R T A through which it receives the Internet r outing table[...]
-
Seite 369
C H A P T E R 1 7 Access Polici es 343 You can apply the chan ges on the NLRI information that had been exchanged before t he policy changes, by issuing a soft reset on the ingress or eg ress side, dependi ng on the changes. For soft reset s to be applied on the ingr ess side, the changes must be previously enabl ed on the neighbor. Changes to t he[...]
-
Seite 370
344 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 17.6: Rou te Map Com mands Command Des cription configure route-map <rout e-map> [add | delete] < sequence number> [deny | pe rmit] {match-all | match one} Adds o r delete s entr ies to the rout e map. Specif y: • The sequence number uniquely identifies the entry[...]
-
Seite 371
C H A P T E R 1 7 Access Polici es 345 conf igur e rout e- map <ro ute- map > <seq uenc e number> add set [acco unting inde x <num> value <nu m> | as-path <as_num> | community [remove | {add | delete} [access- profil e <access_prof ile> | <as_num: number> | number <numbe r>]] | cost <num> | cost[...]
-
Seite 372
346 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure route-map <rout e-map> add <sequence nu mber> [permit | deny] {match- one | m atch- all] Adds a statement to t he route map with t he specified sequence number and action. The sequence number determines the order of the statement in th e route map, and th e actio[...]
-
Seite 373
Server Load Balancing (SLB) Overvie w The Server Load Balancing (S LB) feature of the Intel ® NetS truc ture ™ 480T routin g switch divides many cl ient requests among several servers. This act ivity is transp arent to th e client us ing the re source. It is mainly used for W eb hosting where several redunda nt servers a re used to incr ease the[...]
-
Seite 374
348 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Nodes A node is an individual service on a p hysical server that consists of an IP address a nd a port numbe r. Pools A pool is a group of nodes that i s mapped to a correspo nding vi rtual server. Pool s allow you to scale large ne tworks that c ontain many nodes. Pools may be confi [...]
-
Seite 375
C H A P T E R 18 Server Load Bala ncing ( SLB) 349 • The virtual port number Once you know whi ch virtual server o ptions are use ful in your network, y ou can: • Define standa rd virtual s ervers • Define wildcard virtual servers Each virt ual server maps to a single po ol, which can be a group of content servers, firewalls, rout ers, or cac[...]
-
Seite 376
350 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Table 18.1 summari zes the features su pported by each f orwarding mode. T ransparent Mode As wit h any server load balanci ng applicati on, the conten t must be dupl icated on all phy sical s erver s. Using transpar ent mode, the 4 80T routing swi tch does not modi fy the IP addresse[...]
-
Seite 377
C H A P T E R 18 Server Load Bala ncing ( SLB) 351 . Figure 18.1: T ransp arent mode In Figure 18.1, the 48 0T routing switc h is configur ed to respond to requests for t he VIP by forwardi ng them to t he load balance d servers. The servers are configured as follows: • The interface f or server 1 is 1 92.168.200 .1 • The interface f or server [...]
-
Seite 378
352 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Use these commands to cr eate a roun d-robin po ol called MyW eb , and add nodes t o the new pool : create slb pool MyWeb lb-method round configure slb pool MyWeb add 192.168.200.1:80 configure slb pool MyWeb add 192.168.200.2:80 Use this command to create a transparent mode VIP for t[...]
-
Seite 379
C H A P T E R 18 Server Load Bala ncing ( SLB) 353 To configur e translat ional mode, use this command: create slb vip <vipname> pool <poolname> mode translation <ipaddress>{-<upper_ipaddress>}: <L4Port> {unit <number>} Figure 18.2 shows translati onal mode. Figure 18.2: T ransl ational mo de In Figure 18.2, the [...]
-
Seite 380
354 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure vips ipaddress 192.168.201.1 /24 configure srvr add port 4-8 configure clnt add port 1-4 enable ipforwarding These commands create a roun d-robin pool called MyW eb , and add nodes to t he new pool: create slb pool MyWeb lb-method round configure slb pool MyWeb add 192.168.2[...]
-
Seite 381
C H A P T E R 18 Server Load Bala ncing ( SLB) 355 routing switch aut omatically chan ges the IP address and po rt address on incoming pac kets to that of the load balan ced servers. As with any serve r load bal ancing app lication, the content must be duplicat ed on all physical servers. Configur e port translat ion mode usi ng this command: creat[...]
-
Seite 382
356 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide In Figure 18.3, t he 480T routin g switch is config ured to bala nce all traffic sent to the VIP based on the client IP address. All servers have the same: • MAC address • IP address • Conte nt The commands used to configure the switch, as indicated in the example are: create vl[...]
-
Seite 383
C H A P T E R 18 Server Load Bala ncing ( SLB) 357 • Subnet-Ro ute - If your network configuration requires that the VIPs be pro paga ted thr oug h a rou ting p roto col by th e swi tch, you need to create a loop back VLAN with the VIP(s) being valid members of th e loopback VLAN ’ s subnet. When a r outing protocol is enab led, the subnet cont[...]
-
Seite 384
358 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Ratio If you ar e working with servers t hat differ si gnificantly in processing spee d and memor y, you may want to switch to t he ratio load bal ancing method. In rati o, the 480T routing swi tch distr ibutes connections amon g devices acco rding to ratio wei ghts that you set , whe[...]
-
Seite 385
C H A P T E R 18 Server Load Bala ncing ( SLB) 359 Prior ity Priority mode is a var iant of round -robin design ed to provid e redundant st andby nodes wi thin a pool. When you add a node to a pool, you can assig n a priorit y level. Priority n umbers range fr om 1 to 65,535, with the h ighest number indicating the highe st priorit y. The 48 0T rou[...]
-
Seite 386
360 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide conf igur e slb p ool <p oolna me> d elete <ipaddress> :<L4Port> Del etes a physica l server from a ser ver pool. conf igur e slb p ool <pool name > lb-m etho d [round- robin | ra tio | pri ority | l east- connections] Configures the SLB load-b alancing method.[...]
-
Seite 387
C H A P T E R 18 Server Load Bala ncing ( SLB) 361 disable slb Disables SLB processing. Disabling SLB: • Closes all connecti ons. • W ithdraws VIP routes or routes th at do not respond wit h proxy ARP response s of VIP addresses. • Disconnects t he switch from red undant SLB switches. disable slb go go-mode <p ort number> {al l | ping-c[...]
-
Seite 388
362 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide enable slb Enables SL B processing on t he switch, and activates these fun ctions for transparent, transla tional, and port translat ion modes: • Exportin g of VIP rout es or proxy ARP for VIP addresses. • Processing of VIP lo okup and con nection setup. • Establi shing communic[...]
-
Seite 389
C H A P T E R 18 Server Load Bala ncing ( SLB) 363 Advanced SLB Application Exam ple This e xample builds u pon the in troductor y SLB example . The advanced conce pts included i n this example are: • Multiple pools • Multiple VIPs • Multiple balancing algor ithms • Multiple types of health checking Figure 1 8.4 shows an example of an advan[...]
-
Seite 390
364 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Figure 18.4: Advanc ed SLB con figur ation The commands used to configure are described below. Use these commands to cre ate the VLAN from which outside connections wi ll come: create vlan outside configure vlan outside ipaddress 172.16.0.1 /16 configure vlan outside add ports 1-8 To [...]
-
Seite 391
C H A P T E R 18 Server Load Bala ncing ( SLB) 365 configure vlan sites ipaddress 192.168.201.254 /24 All VIPs is con figured to use this subnet . There are no p orts associated with t his VLAN. You can use the se commands to create the VLAN servers and enable IP forwarding: create vlan servers configure vlan servers ipaddress 192.168.200.254 / 24 [...]
-
Seite 392
366 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide enable slb node 192.168.200.2:443 tcp-port-check The next series of commands creates a second W eb site. This second site is similar to the first example; the difference is t hat content checkin g is enable d on this si te. For this typ e of health checking, the server downloads a spe[...]
-
Seite 393
C H A P T E R 18 Server Load Bala ncing ( SLB) 367 create slb vip myssl3 pool site3web mode transparent 192.168.201.4:443 The next examp le demonstrates th e series of commands yo u would use to create an F TP site. The site i s defined as h aving two serve rs: 192.168.200.3 an d 192.168. 200.4. Only FTP is being ser viced by the ser vers. The t wo[...]
-
Seite 394
368 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Health Checking The 480T rout ing switch suppo rts both int ernal and ext ernal health checking. Health check definitions For reference, the following health check s are available on all Server Loa d Balancing, Web Cach e Redirection and Poli cy-based Routing f unctions. SLB function [...]
-
Seite 395
C H A P T E R 18 Server Load Bala ncing ( SLB) 369 using the name and password suppl ied during t he configurat ion. The check will succ eed when the switch successfu lly logs into the next-hop. Layer 7 NNT P Check The NNTP health chec k connects to the serv er or next-hop, establishes a conn ection, and attache s to a user defined newsgroup. Layer[...]
-
Seite 396
370 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The 480T r outing swit ch also support s external health chec king. External health ch ecking uses an external servi ce configured by t he user to perform heal th checks and uses S NMP (Simple Network Management P rotocol) as a mech anism to noti fy the switch of a server failure. Pin[...]
-
Seite 397
C H A P T E R 18 Server Load Bala ncing ( SLB) 371 Service-Check Service-ch eck is Layer 7 -based and appli cation-depend ent. It is defined on a VIP and is performed on each node in the pool with which this VI P is associated. The default frequen cy is 60 second s and the def ault timeout is 180 seconds. Each service ch eck has associated pa ramet[...]
-
Seite 398
372 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide text f rom error t ext, we recommend that you specify an a ctual st ring to mat ch. For FTP, Teln et, and POP3, service-check attempts to log on and off the application o n the server using the sp ecified userID and password. For SMTP, service-check i dentifies the identity of the swi[...]
-
Seite 399
C H A P T E R 18 Server Load Bala ncing ( SLB) 373 enable slb gogo-mode maste r service-check [http | f tp | telnet | smtp | nntp | pop3 | all | tcpport ] Use these commands to d isable GoGo mode heal th checking: disable slb gogo-mode master ping-check disable slb gogo-mode master tcp-port-check [ port | all] disable slb gogo-mode master service-c[...]
-
Seite 400
374 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure slb gogo-mode master service-check pop3 {l4-port port} {userid userid password {encry pted} password} configure slb gogo-mode master service-check timer [http | ftp | telnet | smtp | nntp | pop3 | tcpport] frequency seconds timeout seconds Use these command to v iew your GoG[...]
-
Seite 401
C H A P T E R 18 Server Load Bala ncing ( SLB) 375 Health Checks for W e b Cache Redir ection and Policy Based Routing Heal th chec king works on the ports config ured by thei r assoc iated fl ow . For example , if you con figure a flow to re direct on por t 80 (HTTP ), but F TP is configur ed as the s ervice chec k, th e swit ch wi ll try to open [...]
-
Seite 402
376 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Layer 4 Flows Policy-base d routing an d Web cache redi rection suppor t an any option for the Layer 4 protocol t ype which allows the redi rection of TCP, UDP and other t raffic type s with the excep tion of I CMP traffic. To configure this capability , use the any option in the synt[...]
-
Seite 403
C H A P T E R 18 Server Load Bala ncing ( SLB) 377 To show conf iguration an d status of fl ow redirecti on rules, use t his command: show flow-redirect [<flow_rule_name | <cr>] Maintenance Mode You can easil y put a node or VIP into maintenan ce mode by disablin g the node or VIP . In maintenance mod e, existing connections remai n active[...]
-
Seite 404
378 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure slb proxy-client-persistent [add | delete] <ipaddress / mask> Stic ky Pe rsiste nce Sticky p ersistence provi des a special t ype of persis tence that is especially useful for c ache servers. Similar to client persistence, sticky persistence k eeps track of in coming c[...]
-
Seite 405
C H A P T E R 18 Server Load Bala ncing ( SLB) 379 Availabi lity mod e or havin g to introd uce anoth er interco nnecting switch), and recovery from a switch failure occurs in less t han 8 seconds. Figure 18.5 shows SLB enable d using ESRP an d dual-att ached servers. Figure 18.5: SLB us ing ESRP and dual-attac hed ser vers 34 2 1 78 6 5 11 12 10 9[...]
-
Seite 406
380 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configuring the Switches for SLB and ESRP The SL B and ESRP configur ations are i dentical on both sw itches , in relatio n to the po rts being used. The proce dure used to con figure t he Switch 1 and Switch 2 in Figure 1 8.5 is describ ed below. 1. Create the VLANs, using these comm[...]
-
Seite 407
C H A P T E R 18 Server Load Bala ncing ( SLB) 381 show slb stats vip site2 7. T o configure the ratio and priority of an ex isting pool memb er and to display the cur rent SLB pool statistics, use this co mmand for each pool member , fillin g in the ipaddress, port, ratio and prio- ity as needed: configure slb pool <poolname> member <ipad[...]
-
Seite 408
382 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Configuration of SLB w ith ESRP Note the following about t he conf igurat ions for swi tches r unning SLB and E SRP: • All switch ports connected directly to th e servers must be configured as ESRP host ports. • The link between the two s witches must be config ured as an ESRP hos[...]
-
Seite 409
C H A P T E R 18 Server Load Bala ncing ( SLB) 383 Redun dant SLB The 480T r outing switch su pports a fail over process that uses a redundant con figurati on of two swit ches. If one swit ch fails, t he second switch takes over the SLB duties of the first. By p reparing a redundan t switch for the possib ility of failo ver, you effectively maintai[...]
-
Seite 410
384 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide When both switches are active, each switch pe rforms SLB only for the VIPs assign ed to it. If a switch fails, the other switch takes o ver the VIPs assig ned to the fa iled switch. The basic fai lover conf igure command assi gns the swit ch ’ s u nit number: configure slb failover [...]
-
Seite 411
C H A P T E R 18 Server Load Bala ncing ( SLB) 385 Figure 18.6: Active -active configu ration In this samp le confi guration, fa ilover is en abled t o ensure fault tolerance. To co nfigure this example on t he first switch, use these commands: create vlan inside create vlan server configure vlan inside ipaddress 1.10.0.2 /16 configure vlan inside [...]
-
Seite 412
386 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide create slb pool testpool1 configure slb pool testpool1 add 1.205.1.1:80 configure slb pool testpool1 add 1.205.1.2:80 create slb vip site1 pool testpool1 mode transparent 1.10.1.1:80 create slb vip site2 pool testpool1 mode transparent 1.10.1.2:80 configure enable slb configure vlan i[...]
-
Seite 413
C H A P T E R 18 Server Load Bala ncing ( SLB) 387 enable slb failover enable slb fail ping configure slb vip site1 unit 1 configure slb vip site2 unit 2 configure slb fail ping-check 1.10.0.1 freq 1 The differences betwee n the configurations of these two switches are the IP addresses, and t he designation o f the first switch as the master of the[...]
-
Seite 414
388 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Figure 18.7: SLB fai lover conf iguratio n usin g SLB H/A Configurin g Clients The configuration used to connect cl ients to SLB virtu al sites with High Availability enabl ed is transparent to the accessing clients. As with normal SLB, the clients conn ect to the VIP believi ng that [...]
-
Seite 415
C H A P T E R 18 Server Load Bala ncing ( SLB) 389 Create the VLANs, using these commands: create vlan inside create vlan server The VLAN inside connec ts to the gateway and t he VLAN server contains all of the load balanc ed servers. The gateway is co nnected to the VLAN inside , using these commands: configure inside ipaddress 1.10.0.2 /16 config[...]
-
Seite 416
390 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide configure inside slb client configure server slb server Confi gure SLB H/A fo r the switch , using this co mmand: configure slb failover unit 1 remote 1.10.0.3 local 1.10.0.2 l4-port 1028 One switch in a High Ava ilability pai r is designated as unit 1 and the other is de signated as [...]
-
Seite 417
C H A P T E R 18 Server Load Bala ncing ( SLB) 391 in the load balancing scheme. Without ESRP , another switch interconnecting all the ser vers is necessary . • One switch is designated as u nit 1 and the other as unit 2. This designation determ ines which VIPs are active on eac h switch in the failover pair . • In this configuration, sit e1 is[...]
-
Seite 418
392 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide This configuration uses t ransparent mode. Therefore, the VIPs need to be added to the ser vers as loopbac k addresses. This i s done by configuring the net work interfaces on the servers. A det ailed descriptio n for do ing this is provided after Fi gure 18.1. Advanced SLB Commands T[...]
-
Seite 419
C H A P T E R 18 Server Load Bala ncing ( SLB) 393 configure slb failover uni t <number> {remot e- ip <ipaddress> local-ip <i paddress>: {<L4Port> }} Configures t he slb failover . Specify: • remote-ip-address — The re mote peer IP address. • local-ip-address — The addres s of a local IP interface used for the failov[...]
-
Seite 420
394 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide conf igure sl b globa l http u rl <url_str ing> match-string [<match_stri ng> | any-cont ent] Configures the d efault par ameters for L 7 service checking. configure slb global nn tp newsgrou p <newsgroup> Conf igures the d efault paramet er for L7 service checking. [...]
-
Seite 421
C H A P T E R 18 Server Load Bala ncing ( SLB) 395 configure slb vi p <vipname> service-check frequency < seconds> timeou t <seconds> Confi gures the L7 service check frequen cy and timeout par ameters for a part icular VIP . T o ret urn to the global valu es, specify 0 for frequency an d timeout. configure sl b vip <vipname>[...]
-
Seite 422
396 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide disable slb no de <ipaddre ss>:{<L4Port> | al l} tcp-port -check Disables L4 port checking. disable slb no de <ipaddress> p ing-check Disables L3 pingi ng. disable slb vi p [<vipn ame> | all] cl ient- persis tence Disables client-persist ence. disable slb vi p [...]
-
Seite 423
C H A P T E R 18 Server Load Bala ncing ( SLB) 397 enable slb vi p [<vipname> | all] cl ient- persistence {mask <ma sk>} Enables client persistence and specifi es the timeout and c lient address mask. I f the client sets up multiple sessions to a virtual server , all sessions must connect to the same physical node . Enabli ng client p e[...]
-
Seite 424
398 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide W eb Cache Redir ection Web cache redirection uses the TCP or UDP port number t o redirect client re quests to a target de vice (or group of devi ces). Web cache redirection tr ansparently redi rects traffic to Web c ache devices or to proxy servers and fi rewalls located in a demilit[...]
-
Seite 425
C H A P T E R 18 Server Load Bala ncing ( SLB) 399 Precedence of Flow Redir ec tion Rules Multiple f low redirect ion rules can ov erlap in making a redirect ion decision. In these cases, precedence is determined by "best match" where the most specific red irection rule that satisfi es the criteria will win. T he best match is d etermined[...]
-
Seite 426
400 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide In thi s case, Po licy 1 is the rule with the best ma tch as it contain s an explicit Dest ination IP Port even th ough the mask fo r the Destination IP Address is less specific. In thi s case, Po licy 4 is the rule with the best ma tch as it contain s an explic it destin ation IP P o[...]
-
Seite 427
C H A P T E R 18 Server Load Bala ncing ( SLB) 401 Flow Redir ection Example Figure 18.8 uses flow redi rection to re direct Web t raffic to Web cache servers. In this example, the clients and th e cache devices are located o n different net works. This i s done by c reating a dif ferent VLAN for the clients and cach e devices. Figure 18.8: Flow-re[...]
-
Seite 428
402 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide These commands are used t o configure the 480T routing switch in this example: create vlan client configure vlan client add port 1 configure vlan client ipaddress 10.10.10.1/24 create vlan cache configure vlan cache add port 2 configure vlan cache ipaddress 10.10.20.1/24 create vlan i[...]
-
Seite 429
Status Monitoring and Statistics This chapt er describes how to view the cur rent operating st atus of the Intel ® NetStr uctu re ™ 480T r outing switch , how to displa y informati on in the log, a nd how to ta ke advantage of availabl e Remote Moni toring (RMO N) capabilitie s. Viewing stat istics on a reg ular basis al lows you to se e how wel[...]
-
Seite 430
404 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide T a ble 19.1: St atus Mo nitoring Com mands Command Descri ption show log confi g Di splays the log configurati on, includin g the syslog host IP address, the pri ority level of messages being logged lo cally , and t he priority level of messa ges being sent t o the syslog host. show [...]
-
Seite 431
C H A P T E R 19 Status Monito ring a nd Stat istic s 405 Port Statistics The 480T r outing switch a llows you to view po rt statisti c information. The summary infor mation lists values for the current counter ag ainst each port on each operati onal module in t he system, and it i s refreshed appr oximately ev ery 2 seconds. Values are displayed t[...]
-
Seite 432
406 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Received Packet Count (Rx Pkt Count) — Th e total number of good packets that were r eceived by the port . • Received Byte Count (Rx Byte Count) — The tot al num ber of bytes that were receiv ed by the por t, including bad or lo st frames. This number includes bytes containe[...]
-
Seite 433
C H A P T E R 19 Status Monito ring a nd Stat istic s 407 To view port receive errors, use this command: show ports <portlist> rxerrors The following port receive error information is collected : • Receive Bad CRC Frames (Rx CRC) — The total number of frames received by the port that were of the co rrect length, but cont ained a bad FC S [...]
-
Seite 434
408 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Setting the System Recovery Level You can configu re the system to auto matically reboot afte r a software ta sk exception , using thi s command: configure sys-recovery-level [none | critical | all] Wh ere: • none — Configures the level to no recovery . • critical — Configures[...]
-
Seite 435
C H A P T E R 19 Status Monito ring a nd Stat istic s 409 form HH:MM:SS. If the event was caus ed by a user , the user name is also provid ed. • Fault level — T able 19.3 describes the three leve ls of importance that the system can assign to a fault. By default, log entries that are assig ned a critical or warning level remain in the lo g afte[...]
-
Seite 436
410 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Local Logging The 480T r outing switc h maintains 1 ,000 messages in it s intern al log. You can disp lay a snapshot of the l og at any time, u sing the command: show log {<priority>} Displa ys the curren t snapshot o f the log. Priority filters the log to display messages with [...]
-
Seite 437
C H A P T E R 19 Status Monito ring a nd Stat istic s 411 Real-Time Dis play Along with viewing a sn apshot of the lo g, you can conf igure th e system to maintain a running real-time display of log messa ges on the console. T o turn on the log d isplay, enter this command: enable log display To confi gure the lo g display, use this command: config[...]
-
Seite 438
412 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The priorities are the same as for l ocal logging. If not specified, only c riti cal priority message s are sent to the syslog host. Logging Configuration Changes The local management software allows you to record all configura- tion chan ges (and their sources) made thr ough the CLI [...]
-
Seite 439
C H A P T E R 19 Status Monito ring a nd Stat istic s 413 configu re log displ ay {<prior ity>} Configures the real- time log display . Displa ys the current snapshot of the log. Priority filters the log to displa y message s with the sele cted or higher (more critical) pri ority . Priorities include (i n order): • Critic al • Emerge ncy [...]
-
Seite 440
414 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide RMON Using the Re mote Monitori ng (RMON) capabi lities of t he 480T routing swi tch allows net work administ rators to improve system efficiency and reduc e the load on t he network. This secti ons explain more about the RMON co ncept and the RMON features suppo rted by the switch. R[...]
-
Seite 441
C H A P T E R 19 Status Monito ring a nd Stat istic s 415 A typical RM ON setup consist s of two componen ts: • RMON probe — An intelligent, remotely controlled device or software agent that continually collects statistics about a LAN segment or VLAN. The probe transfers the information to a management works tation on request, or when a predefi[...]
-
Seite 442
416 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide The History gr oup is useful for analysis of tr affic pattern s and trends on a LAN segment o r VLAN, and to establish basel ine informat ion indicat ing normal o perating par ameters. Alarms The Alarms g roup provides a versatile, g eneral mechani sm for setting th reshold and sampl [...]
-
Seite 443
417 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide network with out costing mo re than t raditional network management. The 48 0T routing sw itch accu rately ma intains RMON statistic s at the maximum line rat e of all of its port s. For example, stati stics can be rela ted to indi vidua l ports. RMON Pr ob e with Secu rity Feat ures [...]
-
Seite 444
418 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 445
Software Upgrade and Boot Options Overvie w This c hapter describe s the proce dure for u pgrading th e Intel ® NetS tructu re ™ 480T routing switch firmware image. It also inc ludes a discussion o f how to save and lo ad a primary and secondary ima ge and configu ration file on the switch. Saving Configuration Changes The configu ration is t he[...]
-
Seite 446
420 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide If you mak e a mistak e, or find you must rev ert to the configur ation as it was before you started makin g changes, you can set t he switch to use the secondary conf iguration on the next reboot. If the switc h is reboote d during a con figurati on save, the switch boots to fact ory[...]
-
Seite 447
C H A P T E R 20 Softw are Upg rade an d Boot Options 421 Once the TFT P server is runni ng, click the Server Dir. button. Verify that the active dire ctory is Pro gram Files IntelInt el Device ViewFirmware. Make sure that b oth the BootROM image (a file named ngboot nn .bin ) and the firmware ima ge (a file n amed v nnnn b nn .tfp ) are in this[...]
-
Seite 448
422 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Upgrading the Firmware To upgra de the firmware on the switch: 1. Download the latest image from your TF TP server . download image <TFTPserverIP> v<nnn>b<nn>.tfp primary 2. V e rify that primary imag e is now at th e latest version and that the secondary image is st[...]
-
Seite 449
C H A P T E R 20 Softw are Upg rade an d Boot Options 423 show switch • Reboot the switch using th e reboot com mand. If you have f ollowed upgrade instru ctions, you r origin al configu ration should b e operati onal. If you did not have an older conf iguration , you may perfo rm a minimal co nfiguratio n for the switc h through t he command lin[...]
-
Seite 450
424 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide specified, the current co nfiguration is immediately up loaded to the TF TP server . To cancel a scheduled configu ration upload , use the command: upload configuration cancel Using TF TP to Download th e Configuration To modify t he switch conf iguratio n, you can downl oad ASCII fil[...]
-
Seite 451
C H A P T E R 20 Softw are Upg rade an d Boot Options 425 connectio n (and not th e console port), your c onnection is terminat ed when the switch r eboots, but t he command execu tes normally. Downloading an Incremental Configuration You can make a part ial or incremental change to the swit ch configu ration usin g downloaded ASCII file s that con[...]
-
Seite 452
426 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Remember to Save Regardless of the downl oad option used , configurations are downloaded i nto switch runti me memory only. T he configurati on is saved only whe n the save command is i ssued, or if the config uration file itself in cludes the save command. If the con figuration curre[...]
-
Seite 453
C H A P T E R 20 Softw are Upg rade an d Boot Options 427 • Pre ss 2 for th e image stored in secon dary . Then, press th e f key to boo t from newly sel ected on-board f lash memory. To boot t o factory default con figuration : • Press the d key for defau lt, and • Press the f key to bo ot from th e configured o n-board flash . Boot Option C[...]
-
Seite 454
428 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide download i mage [<ipaddress> | <hostname> ] <filename> {primary | secondary} Downl oads a new image from a TF TP server over the network. If pa rameters are not specified, the imag e is saved to the current image . reboot {time < date> <time> | ca ncel} R[...]
-
Seite 455
C H A P T E R 20 Softw are Upg rade an d Boot Options 429 use configur ation [primar y | secondary] Configures the swit ch to use a parti cular configu ration on the n ext reboo t. Option s include the primary confi guration area or the secondary configurat ion area. use image [ primary | seconda ry] C onfigur es the switch to use a particular imag[...]
-
Seite 456
430 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 457
Technical Specifications and Supported Limits T echnical Specifications For IEEE s tandards informat ion refer to http://stan dards.ieee. org The following table list s specifications for the Intel ® NetStr ucture ™ 480T rou ting switch. Ta b l e A . 1 : S pecific ations Physic al Dimensio ns Height: 3.5 i nches x W idth: 17.36 i nches x Depth: [...]
-
Seite 458
432 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide CE (E urop ean Comm unit y) TUV/GS (German Notified Body) C-T ick (Australia n Communicati on Authori ty) Underwriters L aboratories (USA and Canada) Safety Agency Cert ifications UL 1950 3rd Ed ition, l isted cUL listed to CSA 22.2 #950 TUV GS mark safety approval to the following EN[...]
-
Seite 459
Appe ndix A Te chnical Spec ifica tions and Suppo rted Limi ts 433 Supported Standar ds, RFCs and Pr otocols Ta b l e A . 2 : S upported Standard s, RFCs and Pr otocols RFCs, Stan dards, and Protocols RFC 1058 RIP RFC 1723 RI P v2 RFC 1 1 12 IGMP RFC 2236 IGMP v2 DVMRP v3 - Draft IETF DVMRP v3-07 PIM-DM v2 - Draft IETF PIM-DM v2-dm-01 RFC 2362 P IM[...]
-
Seite 460
434 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Supported Limits The table below summarizes tested metrics for various features on the 480T rout ing swit ch. These met rics are l aborato ry results an d are for reference and compa rison only. T able A.3: Sup ported Lim its Metric Des cription Limit Access Profiles Used by SNMP , T [...]
-
Seite 461
Appe ndix A Te chnical Spec ifica tions and Suppo rted Limi ts 435 MAC-based VLANs – MAC addresses Maxi mum number of MAC addresses that can be downloaded t o the switch whe n using MAC- based VLANs. 7000 Proto col-sens itive VLANs – active protocol f ilters The number of simultaneousl y active protocol filters in th e switch. 15 Spanning T ree[...]
-
Seite 462
436 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ESRP – number of instances Maximum number of ESRP-sup ported VLANs for a single swi tch. 64 ESRP – number of ESRP group s Maximum number of ESRP groups withi n a broadcast domai n. 4 ESRP – number of VLANs in a single ESRP domain Maximum number o f VLANs that can be joined to a [...]
-
Seite 463
Appe ndix A Te chnical Spec ifica tions and Suppo rted Limi ts 437 OSPF virtu al links Maximum number o f OSPF virtual links supporte d. 32 B G P r o u t e s M a x i m u m n u m b e r o f r o u t e s c o n t a i n e d i n t h e BGP route t able. 500,000 BGP peers Maxim um number of BGP peers on a si ngle router . 64 Policy -Based Ro uting Maxim um [...]
-
Seite 464
438 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide IPX Router interfaces Maximum number of IPX router interfaces. 256 IPX Access control lists Maximum number of access lists in which all rules uti lize all ava ilable opt ions. worst case: 255 T able A.3: Sup ported Lim its[...]
-
Seite 465
Troubleshooting If you encou nter problems when using the In tel ® NetStructu re ™ 480T routing swi tch, this appe ndix may be he lpful. If y ou have a pr oblem not listed here or in the “ Late Break ing New s, ” contact your l ocal technical support rep resentative ( see "Intel Cust omer Support" o n page 491). LEDs Why do esn ’[...]
-
Seite 466
440 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide the link LED lit, and th e side with autonegotiation enabled will n ot have the LED lit. • The defaul t configur ation for a 1000 Mbps port is au tonego tiatio n enabled . V er ify by using this command: show port config Why won ’ t the switch power on? • The 480T ro uting swi t[...]
-
Seite 467
Appendix B T r o u b l e s h o o t i n g 441 Why won ’ t the Telnet workstation access the device? • Check that the dev ice IP address, sub net mask and default g ateway are configured correctly , and that the d evice has been reset. • Ensure that you enter the IP address of the switch correctly when invoking the T elnet facility . • Check [...]
-
Seite 468
442 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide How do I remove u nused default and static routes? • If you ha ve defined static or default ro utes, those routes will remain in th e configuration, ind ependent of whether the VLAN and VLAN IP address that us ed them remains. Y ou should manually delete the routes if no VLAN IP add[...]
-
Seite 469
Appendix B T r o u b l e s h o o t i n g 443 • T o establish a full-duplex l ink either force it at bo th sides, or run autonegotiation on both sides (us ing full-duplex as an advertised capability , the default setting). Always verify th at the switch an d the netw ork device matc h in configur ation for speed and duplex . • A mismatch of dupl[...]
-
Seite 470
444 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • Then conver t each octet into a decimal value. (for example, 0000000 0.0000000 0.0000001 .10010000 = 0.0.1.144 ). • Ther efore , 400 = 0.0. 1.14 4 VLANs What if I can ’ t add a port t o a VLAN? • If you attempt to add a port to a VLAN and g et an error message similar to: lo[...]
-
Seite 471
Appendix B T r o u b l e s h o o t i n g 445 VLAN Names There are restrict ions on VLAN names. They cann ot contain white spaces and ca nnot start with a n umeric value unless you use quotation marks around the name. If a name con tains white spaces , starts with a numbe r , or contains non- alphabeti cal character s, you m ust use qu otation marks[...]
-
Seite 472
446 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Why does the switch keep aging out endstation entries in the switch Fo rwar ding Da tabase (FD B)? • Reduce th e number of top ology changes by disabli ng STP on thos e systems that do not u se redundant paths. • Specify that the ends tation entries are static or permanent. ESRP W[...]
-
Seite 473
Regulatory Information Compliance statements Each of the follo wing com pliance sta tements applies on ly to produc ts that bea r the m ark or text require d by t he appr opriate c ertifica tion agen cy. FCC Part 15 Complianc e Statement This produ ct has bee n tested and foun d to comply with the limit s for a Class A digit al device pursuant to P[...]
-
Seite 474
448 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide This digital ap paratus do es not exceed the Class A limits for radio noi se emissions from digit al ap parat us set out in th e inte rfer ence- cau sing eq uipm ent st anda rd enti tled : "Dig ital Apparatus," ICES-003 of the Canadia n Departm ent of C ommunic ations. CE C [...]
-
Seite 475
Appendix C R e g u l a t o r y I n f o r m a t i o n 449 Wa r n i n g s WARNING This is a Class A pr oduct. In a dom estic environm ent this pr oduct may ca use radio interfe rence in wh ich case the use r may be req uired to ta ke adequ ate measure s. Inter nal a cce ss to the In tel NetS truct ure 4 80T routi ng s witch is in tend ed o nly fo r q[...]
-
Seite 476
450 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide • in Re gione n, in d enen elektr ische S t ü rme a uftrete n, mit einem Ü berspannu ngsschutzger ä t verbun den sein; w ä hrend ein es elek trisch en St urms sol lte keine V erbi ndung der T eleko mmunikation sleitung en mit dem Modem beste hen; • mit ei ner geer deten W echs[...]
-
Seite 477
Appendix C R e g u l a t o r y I n f o r m a t i o n 451 WARRANTY IS IN LIEU OF ANY OTHER WAR RANTY, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED T O, ANY WARRANTY OF NONINFRINGEMENT OF INTELLECTUAL PROPERTY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR ANY WARRANTY ARISING OUT OF ANY PROPOSAL, SPECIFICATION, SAMPLE OR[...]
-
Seite 478
452 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide syst ems) by License e or Su blice nsees, and such use is entir ely at the use r ’ s risk. Licensee agrees to defend, in demnify, a nd hold Intel ha rmless from and against an y and all cl aims arising out of use of the hardw are produc t in such applica tions by Licensee or Sublic [...]
-
Seite 479
Appendix C R e g u l a t o r y I n f o r m a t i o n 453 If the Custome r Support G roup verifies th at the produc t is defective, they will have the Return Ma terial Aut horization Departmen t issue you an RMA num ber to place on the oute r packag e of the pr oduct. Intel cannot acce pt any pr oduct wit hout an RM A number on the pack age. LIMITAT[...]
-
Seite 480
454 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide INTEL SE RESERVE LE DROIT DE VOUS LIVRER UN PRODUIT CONTENANT DES COMPOSANTS NOUVEAUX OU REPARES. CETTE GAR ANTIE REMPLACE TOUTES LES AUTRES GAR ANTIES, EXPRESSES, TACITES OU LEGALES, Y COMPRIS, MAIS SANS QUE CETTE ENUMERATION SOIT LIMITATIVE, LES GARANTIES CONCERNANT LE NON RESPECT D[...]
-
Seite 481
Appendix C R e g u l a t o r y I n f o r m a t i o n 455 CONCERNANT TOUS LES LI TIGES RELATIFS AU PRESENT ACCORD NE SE RA PAS SUPERIEURE AU PRIX PAYE POUR LE PR ODUIT. CES LIMITATIONS DE RESPONSABILITE POTENTIELLE ONT C ONSTITUE UN FACTEUR DETERMINANT LORS DE LA FIXATION DU PRIX DU PRODUIT. INTEL N ’ ASSUME AUCUNE AUTR E RESPONSABILITE ET N ’ A[...]
-
Seite 482
456 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide ricicl ate, co mpleta men te collaud ate e gara ntite c ome nu ove. Per m aggiori i nforma zioni sulla gara nzia, chi amare u no dei nu meri indi cati qu i sotto. Restituzione di prodo tti difettosi ( RMA) Prima di restitu ire un prodotto, c ontattare l ’ assistenz a tecnic a di Int[...]
-
Seite 483
Appendix C R e g u l a t o r y I n f o r m a t i o n 457 Beschr ä nkte Har dwaregarantie (Nur f ü r Eur o pa) Intel garan tiert dem ur spr ü nglic hen Ei gent ü mer, da ß die in diesem Pa ket en thalte ne Hardware ke ine Materi al- oder Herstel lungsfehle r aufweist. Die se Garantie gilt f ü r drei (3) Jahre (a) na ch dem K aufdat um, wenn di[...]
-
Seite 484
458 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Nachd em die Besch ä digung vo m Kundendie nst best ä tigt worden ist, wird von der zust ä ndi gen Abteilu ng eine R ü ckg abenum mer (RMA -Nummer) au sgegeb en, die a uf der ä u ß eren Ve rpackun g der Ha rdware a ngebracht werden mu ß . In tel ak zeptiert ke in Produ kt ohne [...]
-
Seite 485
Appendix C R e g u l a t o r y I n f o r m a t i o n 459 partir de la fe cha que re sulte m á s reciente de entre las opciones s iguient es: (i) la fe cha de com pra, s ó lo si de vuelve la ta rjeta de reg istro con prueba de compra de la forma in dicada al resp ecto pa ra reg istrarse; o bien ( ii) la fe cha de fabr icaci ó n; o (iii) la fecha [...]
-
Seite 486
460 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide LA IMPOSIBILIDAD DEL USO DE ESTE PRODUCTO, YA PROVENGA DE CONTRATO, NEGLIGENCIA, AGRAVIO O BAJO CUALQUIER GARANT Í A, SIN IMPORTAR QUE INTEL HAYA RECIBIDO PREVIO AVISO DE LA POSIBILIDAD DE DICHOS DA Ñ OS, INCLUIDOS, AUNQUE NO LIMITADOS A, P É RDIDAS DE USO, INFRINGIMIENTO DE LA P R[...]
-
Seite 487
Intel Customer Support Intel of fers a range of support servi ces for your Int el ® Ne tStruc ture ™ 480T rou ting switch. Yo u can learn abo ut the opt ions availab le for your area by visit ing the Intel suppor t Web site at http://www.int el.com/ network/ser vices . W orldwide A ccess to T echnical Support Intel has t echnical su pport center[...]
-
Seite 488
462 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide Other ar eas For suppor t in other count ries, use the foll owing table to dial the toll- free support number . Using the table , locate the country from wh ich you are callin g, dial the access number, awai t the dial tone, and t hen dial the l isted 800 number. Country Dialing I nfo[...]
-
Seite 489
Appendix D I n t e l C u s t o m e r S u p p o r t 463 United Kingd om (Mercury ) 3 0500-8 9-0011 awa it dial tone, th en 800-838- 7136 Vietnam 120 10288 awa it dial tone , then 800-8 38-7136 Notes: 1 Public phone s require co in deposit 2 Use phone s allowing i nternat ional acce ss 3 May not be available fro m ever y phone 4 Public phone s requir[...]
-
Seite 490
464 Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide[...]
-
Seite 491
Index Numerics 10/100 Mbps mana gement port ................................................ 10 802.1p con figuration command s (table) ................................... 150 802.1Q links , troubleshooting ................................................ 445 802.1Q VLAN tag ............................................................... 100 8021Q [...]
-
Seite 492
466 I N D E X access policy soft reset ......................................................................334 access profiles configuration comman ds (table) .......................................... 59 create .............................................................................59 example ................................................[...]
-
Seite 493
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 467 B backbone area , OSPF ............................................................228 bandwi dth ..........................................................................138 band widt h man ageme nt ......................................................... 163 bandwidth settin gs ..[...]
-
Seite 494
468 I N D E X show commands (table) ...................................................271 soft reset ......................................................................334 bi-directional r ate shapin g .....................................................163 blackhole ............................................................................1[...]
-
Seite 495
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 469 command histo ry ...........................................................................44 short cuts ........................................................................41 syntax, un derstandin g .......................................................39 command comp letion ..[...]
-
Seite 496
470 I N D E X control flow ........................... ...............................................80 controlling Telnet access .........................................................58 conversion of OSPF area .......................................................443 convert O SPF area .........................................................[...]
-
Seite 497
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 471 Device Tree ..........................................................................26 DF bit ..................................................................................82 DHCP multinetting .................................................................. 198 rela y, co nfig[...]
-
Seite 498
472 I N D E X enable log display ................................................................ 411 enable SLB .........................................................................354 enable slb .............................. ..................................... 367, 389 enable slb failover ...................................................[...]
-
Seite 499
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 473 master, failover ..............................................................170 master, priority .............................................................. 170 master, tracking .......... ................................................... 170 ping .............................[...]
-
Seite 500
474 I N D E X FDB handlin g .....................................................................119 file server appl ications, QoS ...................................................139 Filter button (Web Access) ......................................................38 filter, ICMP ..................................................................[...]
-
Seite 501
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 475 heat dissipation ....................................................................432 high avail abil ity ........................................................... 387, 388 high avail abil ity mo de, SLB ...................................................378 History .............[...]
-
Seite 502
476 I N D E X IP access rules ........................ ............................................. 309 IP address, enterin g ................................................................56 IP address, trou bleshooting ....... ............................................. 445 IP ARP Requ est .....................................................[...]
-
Seite 503
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 477 resetting ....................................................................... 221 router interfaces .......... ................................................... 191 router show commands (table) ..........................................220 routing table .........................[...]
-
Seite 504
478 I N D E X settings, display ing .........................................................305 show commands (table) ...................................................305 IRDP .................................................................................218 J jumbo frame .....................................................81, 87, 88, 112 mtu[...]
-
Seite 505
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 479 log display ..........................................................................411 logging and Telnet ................. ................................................... 411 commands (t able) ..........................................................412 configuration chang es[...]
-
Seite 506
480 I N D E X metro pol itan area net work .....................................................112 MGMT LED .........................................................................21 MIB ..................................................................................433 MIBs ......................................................................[...]
-
Seite 507
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 481 Origin, BGP ........................................................................256 OSPF advantages ....................................................................224 area 0 ..........................................................................228 areas ..................[...]
-
Seite 508
482 I N D E X permanent entries, FDB ............ ............................................. 121 permanent entry , troubleshooting ............................................441 persistence, SLB, client .........................................................377 PIM trusted neig hbor ............................................................[...]
-
Seite 509
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 483 master port ................ .....................................................85 mirrorin g ........................................................................90 monitoring .................................................................... 403 monitori ng display keys .....[...]
-
Seite 510
484 I N D E X band widt h man ageme nt ................................................... 135 bandwidth settin gs .........................................................161 blackhole ......................................................................146 broadcast/unknow n rate limiting .......................................147 buffer .......[...]
-
Seite 511
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 485 queries, router, I GMP ...........................................................278 query, gr oup specific, IGMP ..................................................281 R rack .....................................................................................18 rack mount ..........[...]
-
Seite 512
486 I N D E X split horizon ..................................................................225 timer ...........................................................................225 triggered updates ........................................................... 226 vers ion 2 ......................................................................226 [...]
-
Seite 513
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 487 access profile ................................................................324 access profile, applying ...................................................327 access profile, changing ..................................................334 access profile, configuring ...............[...]
-
Seite 514
488 I N D E X service-check ......................................................................371 sessions, deleti ng ...................................................................58 shortcuts, comm and ................................................................41 show flow-redirect ....................................................[...]
-
Seite 515
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 489 ratio weight ..................................................................358 redundant configuration ..................................................383 round-ro bin ...................................................................357 service-check ..........................[...]
-
Seite 516
490 I N D E X Greenwich Mean Time Offs ets (table) .................................. 74 soft re sets ........................................................................... 334 software fac tory de fau lts ................................................................12 Software Licensing ................. ...................................[...]
-
Seite 517
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 491 forward delay ............. ...................................................129 hel lo time .....................................................................129 initialization, trou bleshooting ........................................... 445 max age ............................[...]
-
Seite 518
492 I N D E X T TACA CS+ commands (t able) ............................................................71 desc ript ion ...................................................................... 70 servers, specifying ............ ...............................................70 tag .....................................................................[...]
-
Seite 519
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 493 Transparen t mode ................................................................ 349 transparent mode .............. ................................................... 349 transparent mode, SLB ..........................................................350 transparent private ne two[...]
-
Seite 520
494 I N D E X viewing accounts ...................................................................50 VIPs, SLB .......................................................................... 348 Virtual LANs. See VLANs virtual link, OSPF ................... ............................................. 229 VLAN debu g-tr acin g .........................[...]
-
Seite 521
Intel ® Ne tStructure ™ 480T Rou ting S witc h User Guide 495 name s ..........................................................................105 port , trou ble shoot ing ....................................................... 444 port-based ................. ..................................................... 97 protocol filters ...........[...]
-
Seite 522
496 I N D E X wildcard IP address ................. ............................................. 349[...]
-
Seite 523
A14542-001 100044-00 rev04 Intel ® NetStructure ™ 480T Routing Switch User Guide Intel ® NetStructur e ™ 480T Routing Switch User Guide User Guide User Guide User Guide User Guide[...]