Znyx Networks bh5700 manuel d'utilisation
- Voir en ligne ou télécharger le manuel d’utilisation
- 359 pages
- 2.75 mb
Aller à la page of
Les manuels d’utilisation similaires
Un bon manuel d’utilisation
Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Znyx Networks bh5700. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Znyx Networks bh5700 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.
Qu'est ce que le manuel d’utilisation?
Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Znyx Networks bh5700 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.
Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.
Donc, ce qui devrait contenir le manuel parfait?
Tout d'abord, le manuel d’utilisation Znyx Networks bh5700 devrait contenir:
- informations sur les caractéristiques techniques du dispositif Znyx Networks bh5700
- nom du fabricant et année de fabrication Znyx Networks bh5700
- instructions d'utilisation, de réglage et d’entretien de l'équipement Znyx Networks bh5700
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes
Pourquoi nous ne lisons pas les manuels d’utilisation?
Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Znyx Networks bh5700 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Znyx Networks bh5700 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Znyx Networks en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Znyx Networks bh5700, comme c’est le cas pour la version papier.
Pourquoi lire le manuel d’utilisation?
Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Znyx Networks bh5700, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.
Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Znyx Networks bh5700. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.
Table des matières du manuel d’utilisation
-
Page 1
HP bh5700 ATCA 14-Slot Blade Ser ver Ethernet Switch Blade First Edition Manufacturing Part Number: AD171-9603A June 2006[...]
-
Page 2
Ethernet Switch Blade User's Guide release 3.2.2j page ii[...]
-
Page 3
Legal Notices The information in this document is sub ject to change without notice. Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchanta bility and fitness for a particular purpose. Hewlett- Packard shall not be held liable for err ors contained herein or direc[...]
-
Page 4
About the Ethernet Sw itch Blade Manual This manual includes everything you need to begin usi ng the HP Ethernet Switch Blade with OpenArchitect software, Release 3.2.2j. Ethernet Switch Blade User's Guide release 3.2.2j page iv[...]
-
Page 5
Table of Contents Chapter 1 Overview of the Ethernet Switch Blade ........................................................... 17 High Performance Embedded Switching...................................................................... 17 Advanced TCA® Compliant........................................................................................[...]
-
Page 6
Rapid Spanning Tree................................................................................................ 50 To Enable Rapid Spanning Tree:......................................................................... 51 Port Path Cost...................................................................................................... 51 Laye[...]
-
Page 7
Chapter 5 Fabric Switch Administration........................................................................... 73 Setting the Root Password............................................................................................ 73 Adding Additional Users.........................................................................................[...]
-
Page 8
Example Configuration Scripts............................................................................ 92 Overview of OpenArchitect VLAN Interfaces.................................................... 93 Tagging and Untagging VLANs.......................................................................... 94 Switch Port Interfaces.................[...]
-
Page 9
Classical Targets................................................................................................ 111 ZNYX Targets................................................................................................... 112 ZACTION Examples......................................................................................... 112 Extens[...]
-
Page 10
SNMP and OpenArchitect Interface Definitions............................................... 134 ifStackTable Entries........................................................................................... 135 SNMP Configuration......................................................................................... 135 SNMP Applications.........[...]
-
Page 11
Booting the Duplicate Flash Image ............................................................................ 159 Chapter 13 Network Configuration Problems ............................................................... 160 Interface Overview...................................................................................................... 160 [...]
-
Page 12
Chapter 17 Restoring the Factory Default Configurat ion................................................ 188 Chapter 18 Before Calling Support..................................................................................189 Appendix A Fabric Switch Command Man Pages........................................................ 191 vrrpconfig .........[...]
-
Page 13
zgr................................................................................................................................ 297 zgvrpd.......................................................................................................................... 300 zl2d.............................................................................[...]
-
Page 14
Figure 6.3: Init Script Flow................................................................................................ 86 Figure 7.1: Multiple VLANs..............................................................................................94 Figure 7.2: Layer 2 Switch ........................................................................[...]
-
Page 15
Ethernet Switch Blade User's Guide release 3.2.2j page 15[...]
-
Page 16
Ethernet Switch Blade User's Guide release 3.2.2j page 16[...]
-
Page 17
Chapter 1 Overview of the Ethernet Swi tch Blade The Ethernet Switch Blade is a 72-port Adva ncedTCA® Hub and providing Gigabit Ethernet. Up to 14 ATCA node boards may be addressed via the PICMG 3.0 Base Interface and via the ATCA PICMG 3.1 fabric . The Base and Fabric switchi ng domains are kept totally separate, both on the physical layer and th[...]
-
Page 18
OpenArchitect Switch Management The OpenArchitect software component – open sourc e Linux, IP protocol stack, control applications and the OA Engine – runs on two embedde d PowerPC microprocessors. OpenArchitect provides extensive manage d IP routing protocols and other open standards for switch management. Examples include ne twork services; V[...]
-
Page 19
Ethernet Switch Blade P ort Configuration Base switch Quick Reference ShelfManager1 zre22 ShelfManager2 zre13 ISL channel ( Base node2 ) zre23 Base nodes 3-14 zre0-11 Base nodes 15,16 zre 20-21 Front panel zre12, zre14, zre15 Fabric Switch Quick Reference slot zre numbers 3 zre0-3 4 zre4-7 5 zre8-11 6 zre12-15 7 zre16-19 8 zre24-27 9 zre28-29 10 zr[...]
-
Page 20
You will find the Ethernet Switch Blade ha s a straightforward installation and configur ation. UNIX or Linux system management skills a nd some understanding of network protocols will be required. Configure the Ethernet Switch Blade s to your networking application before you begin using the OpenArchitect switch. OpenArchitect Switch Environment T[...]
-
Page 21
network-enabled Linux implementation. The purpose of the routing table is to tell the packet forwarding software where to forward the data packets. In Linux, the packet-forwa rding algorithm is operated in software. Normally, the routing tables are maintained by operator conf iguration and the various routing protocols that run in the application e[...]
-
Page 22
Figure 1.2: OpenArchitect Softwar e Structure OpenArchitect applications are used to progr am and configure the Ethernet Switch Blade. These applications are implemente d above the libraries and RMAPI. Ethernet Switch Blade User's Guide release 3.2.2j page 22 Linux Appli cation Level Software (routed, gated) ZNYX RAIN Mgt API RMA PI OpenArchit[...]
-
Page 23
Chapter 2 Port Cabling and LE D Indicators The PICMG 3.1 standard defines an embedded Ethe rnet environment for Telco chassis. This environment includes two switch fabric sl ots that create a dual star Ethernet net work to the fourteen node slots. Placing the Ethernet Sw itch Blade in a hub slot provides embedded Ethernet services to each node card[...]
-
Page 24
4. Reinsert the switch into the shelf chassis and power up. Use a terminal emulation program to access the switch console. Out of Band Ports (OOB P orts) Each switch, fabric and Base, in a Ethe rnet Switch Blade unit has out-of-band (OOB) Etherne t ports on the front panel. This is an alternat ive maintenance port supplying Ethernet connect ivity i[...]
-
Page 25
Ethernet Switch Blade User's Guide release 3.2.2j page 25 Figure 2.1: LED Reference[...]
-
Page 26
Ethernet Switch Blade User's Guide release 3.2.2j page 26[...]
-
Page 27
Chapter 3 High Availability Networkin g High availability networking is achieve d by eliminating any single point of failure through redundant connectivity: Redundant cable s, switches and network interfaces for hardware, combined with HA software solutions on both the hos ts and switches to control the HA hardware and maintain connectivity. An HA [...]
-
Page 28
VRRP Since most end nodes use default router addres ses, the change of the default router address during a switch failover would require the end nodes to reconfigure. Layer 3 switches that failover must maintain the default router address to ma intain the end node's IP transparent failover. The Vi rtual Router Redundancy Protocol (VRRP, RFC 23[...]
-
Page 29
Switch Replacement and Reconf iguration When a switch fails, it must be repl aced. The replacement switch will likely requi re proper configuration. For transparent switch replac ement, the newly replaced switch must le arn its configuration from its Surviving Partner. In a simple failover scenario, Host A a nd Host B are configured with failover b[...]
-
Page 30
The configuration and runtime scripts creat ed are as follows: • S70Surviving_partner Switch initialization script that is run at boot time. This script will restart the switc h with the original configuration given to zspconfig . Optionally, zspconfig will run this script from the i nitial invocation. • zsp.conf.<n> - zspconfig configura[...]
-
Page 31
When using a Linux Bonding driver on the node card, the bonding dri ver should be configured for Mode 1 (active/standby). See the Linux Bonding docum entation at http://sourceforge.net/project s/bonding/ for complete information. The two Base switches will be configure d as Surviving Partners, using VRRP to form a single virtual interface to the ho[...]
-
Page 32
sibling_addresses: zhp1 = 10.0.0.30, 10.0.0.31 netmask 255.0.0.0; Now configure the virtual address for each s ibling group. We are going to create a virtual interface across one VLAN, but not for the inte rconnect. This provides a single point to connect/route to the VLANs. vrrp_virtual_address: zhp1 = 10.0.0.42 netmask 255.0.0.0; Next come port d[...]
-
Page 33
#vrrp_mode: block_crossconnect; The next sections determines t he failover mode between the Surviving Partner switches. Ther e are three modes: • switch - Failover by switch. Failover from Maste r switch to Backup on any port failure. The switch with the most links becomes the new Master. One port failure will cause the switch to failover. • vl[...]
-
Page 34
#start_script:/etc/rcZ.d/SxxScript; #start_script:/etc/rcZ.d/SyyScript; # vrrpd_script: Allows the user to add scripts to be executed during # vrrpd state transitions. These scripts are run from the end of the # /etc/rcZ.d/surviving_partner/vrrpd.script file. The user provided # script must be well behaved. If it crashes, or hangs or delays it will[...]
-
Page 35
Once the configuration files are comple te, run the zspconfig utility on the Master to configure all the scripts: NOTE: This command can take 60 seconds or more with n o screen output. zspconfig –f zsp.conf You will see output similar to this: zspconfig -f zsp.conf …. Would you like to install the Surviving Partner startup script[y,n,?] y Would[...]
-
Page 36
# This script will likely need modification for your particular # network setup. # # In this example the Egress ports, zre20..23 and zre48..50 are # not managed by HA since how, or if, these ports are managed by HA is # dependent on the external devices they are connected to. Non-HA # egress ports can be brought up through conventional means by add[...]
-
Page 37
zconfig zre0, zre4, zre8, zre12, zre16, zre24, zre28, zre30, zre32, zre34, zre36, zre38, zre40, zre42 = untag1; zconfig zre1, zre5, zre9, zre13, zre17, zre25, zre29, zre31, zre33, zre35, zre37, zre39, zre41, zre43 = untag2; zconfig zre2, zre6, zre10, zre14, zre18, zre26 = untag3; zconfig zre3, zre7, zre11, zre15, zre19, zre27 = untag4; zconfig zre5[...]
-
Page 38
vrrp_virtual_address: zhp1 = 10.0.0.42 netmask 255.0.0.0; vrrp_virtual_address: zhp2 = 11.0.0.42 netmask 255.0.0.0; vrrp_virtual_address: zhp3 = 12.0.0.42 netmask 255.0.0.0; vrrp_virtual_address: zhp4 = 13.0.0.42 netmask 255.0.0.0; # Port definitions # Define to what the ports are connected. Specifications can be # by zhp or zre name. The zhp name [...]
-
Page 39
# crossconnect ports of the VRRP Backup. The block_crossconnect mode is # meant as a replacement for STP, however, the switches connected to the # crossconnect ports must be Ethernet Switch switches running Surviving Partner. # # The RAINlink_xmit_on_failover mode requires that the OpenNode blades # connected to RAINlink ports transmit a packet whe[...]
-
Page 40
failover_mode: port; # VRRP_msg_rate is the time in milliseconds between transmissions # VRRP messages on the interconnect. The VRRP protocol requires the # absence of 3 VRRP messages before concluding that the remote switch # has failed. The msg_rate must match the msg_rate of all siblings. # Anything other than multiples of seconds is non-conform[...]
-
Page 41
# Fabric portions of the 7100 switch. The actual coordination is dependent on the # setting of the board_synchronization_mode and the failover_mode. In # switch failover_mode the number of up links in both switch planes is # considered. In vlan and port failover mode they are not. In all # failover_modes, if the data plane or fabric plane switch re[...]
-
Page 42
# gated_template: Allows the user to provide a template for the # gated.conf file to be used by the sibling group. #gated_template: /etc/rcZ.d/surviving_partner/gated.template Once the configuration files are comple te, run the zspconfig utility on the Master to configure all the scripts: NOTE: This command can take 60 seconds or more with n o scre[...]
-
Page 43
Finally, it lets the currently saved S70Surviving_Partner script execute. This case would be the case of a power up of an already configured backup sw itch when the other HA switch is unavailable. This case could occur after losing power to the entire chassis. Central Authority Modifications can be made to the S60SP_startup script to use a third ma[...]
-
Page 44
"zsp.primary.conf"; } host SECONDARY { fixed-address 100.0.0.31; option dhcp-client-identifier "SECONDARY"; option vendor-encapsulated-options "zsp.secondary.conf"; } } The zsp.primary.conf and zsp.secondary.conf files must be placed in the tftp location on the machine, often /tftpboot . The zsp.primary.conf and zsp.se[...]
-
Page 45
request vendor-encapsulated-options; require vendor-encapsulated-options; The last step is to modify the start up scripts that run zspconfig to use the -c option. The -c option allows you to provide a dhclient.conf script rather then having zspconfig create a default. For example, the S60SP_startup script line that reads: echo y n | zspconfig -t 10[...]
-
Page 46
Chapter 4 Fabric Switch Configu ration Two switches, two consoles There are two separate switch port ions in the Ethernet Switch Blade units, the base s witch and the fabric switch. The fabric switch handles the data traffic for the ATCA rack over ports 0-47. It runs the Ethernet Switch Blade softwar e. Two or four GigE connections are provided to [...]
-
Page 47
Changing the Shell Prompt You may use standard bash shell procedures to change the prompts on your base switches. Many sites choose a system that distingui shes among the individual switches at their locati on. The same rules apply for saving your choice ( zsync) a s for all other configuration changes. Default Configuration Scripts As shipped the [...]
-
Page 48
Overview of OpenArchitect VLAN In terfaces A zhp device is associated with one VLAN. zhp ma y have one or more physical ports and their associated zre devices. A VLAN from the viewpoint of the switch is a logical mapping of ports based on intended use. The primary purpose of a VLAN is to is olate traffic and enable communication to flow more effici[...]
-
Page 49
Switch Port Interfaces For each switch port, OpenArchitect c reates a separate interface with its own MAC a ddress called a ZNYX raw Ethernet ( zre ). After the initial power up, 48 zre interfaces are created, one for each in band port. You cannot directly acce ss or modify the zre interfaces. During the initial power up of the switch, the de fault[...]
-
Page 50
ifconfig zhp1 0.0.0.0 # # At this point the system will act as a Layer 2 switch # across all ports. Also, the system will accept telnet() # connections on 10.0.0.43 on any port. Script(s) may then # be run to reinitialize the system and modify its # configuration. Using the S50layer2 Script The S50layer2 script can be used as an example, and edited[...]
-
Page 51
To Enable Rapid Spanning Tree: Create a VLAN containing the ports that will be a part of the Linux bridge running Rapid Spanning Tree. This example will use ports 0-3 (unta gged): zconfig zhp0: vlan1=zre0..3 zconfig zre0..3=untag1 Create a bridge device from the zhp de vice, zl2d start zhp0 A Bridge device named bzhp0 should now exist consist ing o[...]
-
Page 52
Layer 3 Switch Configuration The previous section outlines the Layer 2 switch configuration that is automatically confi gured when you initially bring up the OpenArchitec t switch. In order to communicate between Layer2 interfaces, you must properly setup routing. The steps to build a Layer 2 switch involve creating a group of switch ports in a VLA[...]
-
Page 53
In the S50layer3 script separate VLANs are set up for ea ch port. The VLANs, are labeled as zhp0..zhpn . Each VLAN is associated with an individua l zre interface. There is always a one to one connection between VLANs and zhp interfac es. Remember, zre and zhp interfaces can begin with a zero value but a VLAN cannot (t hat is, zhp0 has zre0 on vlan[...]
-
Page 54
the number of IP addresses as applicable. In the exam ple below, the IP address is changed for the interface in the ifconfig command line of the scr ipt. From: ifconfig zhp0 10.0.0.43 netmask 255.255.255.0 broadcast 10.0.0.255 up To: ifconfig zhp0 193.08.1.1 netmask 255.255.255.0 broadcast 193.08.1.255 up • Adjust the number of zhp interfaces, th[...]
-
Page 55
interface 10.0.1.42 passive interface 10.0.2.42 passive . . . interface 10.0.13.42 passive interface 10.0.14.42 passive interface 10.0.15.42 passive • Defines the netmask used in the interface . define 10.0.0.43 netmask 255.255.255.0; define 10.0.1.42 netmask 255.255.255.0; define 10.0.2.42 netmask 255.255.255.0; . . . define 10.0.13.42 netmask 2[...]
-
Page 56
. . interface 10.0.13.43 ripin ripout version 1; interface 10.0.14.43 ripin ripout version 1; interface 10.0.15.43 ripin ripout version 1; • Imports routes learned through the RIP protocol. import proto rip { all; }; • Exports all directly connected routes and routes l earned from the RIP protocol. export proto rip { proto direct } all; }; prot[...]
-
Page 57
Or for OSPF: cp /etc/rcZ.d/examples/S55gatedOspf /etc/rcZ.d cp /etc/rcZ.d/examples/gated.conf.ospf /etc/rcZ.d • Open and make configuration changes to the listed conf file to coincide with the current Layer 3 configuration (that is, adjust IP addresses and numbe r of interfaces available). See GateD documentation if you have questions regar ding [...]
-
Page 58
Marking and Re-marking The OpenArchitect switch can mark or rem ark packets using the TOS field or 802.1p tag. This is also controlled through the Linux iptables utili ty. Scheduling The servicing of configured queues by the switc hing fabric is referred to as scheduling. The OpenArchitect switch has three built-i n scheduling algorithms. The type [...]
-
Page 59
you may want to move your set of iptables commands t o a start up script to run upon initialization. This could be a ccomplished by creating a standalone " S " script and plac ing that script into / etc/rcZ.d . Restrictions on Implementation Several restrictions exist on the r ules that can be implemented on the FFP hardware. These includ[...]
-
Page 60
On the other hand, in the following sequence of rule s, the position of the rule that drops SYN packets is important. Since the set of fi elds it examines is not a subset of the fields exa mined by the ACCEPT rules, and visa versa, the order ing rule given above does not apply. In this case, the order it is applied will be the same as it s position[...]
-
Page 61
By default, INPUT, FORWARD and OUTPUT chains are insta lled on boot up. Additional rules can be installed for the other chains . Additionally, one can write software extensions to add mor e chains. Figure 4.2 provides an illustration of the Firewall Flow. When a packet reaches a circl e in the diagram, that chain is examined to decide the fate of t[...]
-
Page 62
send to CPU action is specified, it is sent to the INPUT chain for further processing. If there is no valid way to forward the packet, it is dropped. If t he switch is configured to forward the packet, it is sent to the FORWARD chain. Next the hardware FORWARD chain is walked. If ther e is a rule inserted that matches the packe t headers, then it i[...]
-
Page 63
The type can be preceded by ! to match a ny message except the type listed, for example, -- icmp-type ! 1 Specifying TCP or UDP po rts If the protocol is TCP or UDP, the -s ( or --sport ) and -d (or --dport ) opti ons specify the TCP or UDP ports to match. A range of ports can be specified by giving the first and last ports separated by a : , as in[...]
-
Page 64
--drop Drops the packet --accept Accepts the packet --set-prio <val> Set the 802.1p priority to <val> --use-prio <val> Use queue priority <val> --copy-cpu Send the packet to the CPU. This will force the full installed chains traversal in software --set-eport <val> Redirect the packet to port <val> --set-mport <[...]
-
Page 65
FORWARDING Chain supports all of them. tc and zqosd tc , which stands for Traffic Control, is a mec hanism for enabling Quality of Service on Linux. tc uses three functional objects: queuing dis ciplines , which comprise queuing and scheduling algorithms such as FIFO queues, priority queues, R ED queues, and token buckets; classes , which are leafs[...]
-
Page 66
qdisc pfifo 100: dev zhp0 limit 32p The tc command is applied to a device, so dev zhp0 must be specified. Note that a VLAN, such as zhp0 , and a port, such as zre0 , are eac h treated as devices. Breakdown of the options: handle 100:0 Defines the handle for the queuing discipl ine. This handle may be used to reference the pfifo queue. Note that the[...]
-
Page 67
The byte-limited FIFO queue case differs only s lightly from the packet-limited FIFO case. T he syntax is almost identical. In hardware the limit is based on 128-byte cells. The speci fied byte limit is divided by 128 to determine the cel l limit. Always specify a byte limit of at least 128 bytes to avoid setting the queue length to zer o. For exam[...]
-
Page 68
index of the list element (numbering f rom 0) and q is the value specified by that element. So, thi s example would read: Priority 0 maps to Queue 1 Priority 1 maps to Queue 2 Priority 2 maps to Queue 2 Priority 3 maps to Queue 2 Priority 4 maps to Queue 3 Note that the tc priority map applies to a 4- bit field. With the Ethernet Switc h Blade, the[...]
-
Page 69
The U32 Filter The U32 filter provides the capability to mat ch on fields in the L2, L3 or L4 header of a packet. Each match rule gives the locati on of the field to be tested, which is always a 32 bit word, a mas k selecting the bits to be test ed, and a value which is to be matched by the packet field. M any matches can be specified in one tc fi [...]
-
Page 70
Although the translation rules handle some inconsistency between software and hardware, a use r must define a combination of rules that is reasonable in hardware, to ensure predictable re sults. Handle Semantics All examples have illustrate d zqosd copying tc rules into hardware. In fact, the zqosd util ity also enables the user to add tc rules tha[...]
-
Page 71
• The PDP sends that policy to the PEP. • The PEP installs the policy and applie s it to future traffic. As long as COPS is running, a connection between the P EP and PDP should stay open. A PEP could query a PDP at any time asking for a policy deci sion. Alternatively, an administrator coul d modify the policy on a PDP, which would then push a[...]
-
Page 72
The pepd utility requires a PDP that has impl emented the above RFCs and drafts. Until all dra ft standards are approved, the certain COPS-PR data types will not be assigned OIDs. pepd uses non-standard OIDs for the unassigned values. Using pepd The pepd utility works by connection to a PDP, informing the PDP of its roles , and installing any rules[...]
-
Page 73
Chapter 5 Fabric Switch Administration One of the main benefits of the OpenArchite ct switch is that it runs Linux, so much of the switch administration is already familiar to most network or system administrators. It is a good i dea to complement these instructions wit h a standard Linux reference guide, such as Linux Net work Administrator’s Gu[...]
-
Page 74
Enter new password: Re-enter new password: Password changed. ZX7100-OA<release no.># zsync ZX7100-OA<release no.># Setting up a Default Route If you wish to access the switch from some pla ce other than a directly attached network, you may want to setup a default route. Use the rout e command to set a default gateway. route add default [...]
-
Page 75
dhcpd Consult Linux Network administration m anuals for more information on DHCP and configuration options. To use DHCP to set your IP addresses automatical ly on boot up, uncomment the the following line in /etc/init.d/rcS by removing the # sign dhcpd Network Time Protocol ( NTP) Client Configuration NTP is a protocol for setting the real time clo[...]
-
Page 76
/sbin/rpc.statd /usr/sbin/rpc.mountd -r Once the above servers are started, you c an mount a remote NFS file system. mount rhost:nfs_file_system local_mount_point If the remote NFS file system you’re mounting is on an OA switch, you should mount with caching disabled. mount rhost:nfs_file_system –o noac local_mount_point All the necessary serve[...]
-
Page 77
Now start nfsd to export the mount points and begin answer ing requests from remote clients. /sbin/rpc.nfsd –r To export file systems automatic ally on boot, edit /etc/init.d/rcS , uncomment the /sbin/rpc.nfsd command line by removing the #. /sbin/rpc.nfsd -r Connecting to the Switch Using FTP Use ftp to transfer files to or from the switch. Se e[...]
-
Page 78
SNMP Agent Simple Network Management Protocol (SNMP) is the defacto standard for network management. An SNMP agent maintains a structure of data for a network device in a virtual information database, called a Management Inf ormation Base (MIB). A network management station is capable of accessing the MIB of the net work device to monitor and confi[...]
-
Page 79
Supported MIBs RFC 2573: S NMP Applications RFC 2574: U ser-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) RFC 2575: V iew-based Security Model (VACM) for version 3 of the Simple Networ k Management Protocol (SNMP) RFC 2576: C oexistence between Version 1, Version 2 and Version 3 of the In ternet- standa[...]
-
Page 80
Supported Traps SNMPv2-MIB: coldStart SNMPv2-MIB: authenticationFailure IF-MIB: linkUp IF-MIB: linkDown UCD-SNMP-MIB: ucdShutdown RMON-MIB: risingAlarm RMON-MIB: fallingAlarm VRRP: vrrpTrapNewMaster VRRP: vrrpTrapAuthFailure EGP (rfc1213): egpNeighborLoss BGP4-MIB: bgpEstablished BGP4-MIB: bgpBackwardTransition Table 5.2: Supported Traps SNMP and O[...]
-
Page 81
Link and SNMP Status Physical Link Status SNMP Operational Status zre1 zre2 zre1 zre2 zhp0 down down down down down down u p down up up up down up down up up up up up up Table 5.3: Link and SNMP Status The administrative status i s directly controlled by ifconfig up/down. The administrative s tatus of the zhps and zres do not affect each other. ifS[...]
-
Page 82
response. The processing for link up and link down traps is now user c onfigurable. As the default, traps conform to RFC2863, meaning the trap conte nts will include: ifIndex, ifAdminStatus and ifOperstatus You can alter this behavior by specifying: cisco_link_traps on If cisco_link_traps are turned on as described then link up and link down traps [...]
-
Page 83
mirrored (copied and transmitted) to por t 12. This mirroring would be in addition to any Layer 3 or Layer 2 switching. zmirror zre0 zre12 zmirror zre1 zre12 zmirror zre2 zre12 To clear the current mirroring use the -t option. The -e option can be used to indicate that packets being sent on a given port should be copi ed to the mirror_to port. For [...]
-
Page 84
Chapter 6 Fabric Switch Maintenance This chapter includes basic informa tion about the OpenArchitect switch environment incl uding an overview of the file system structure, modi fying and updating switch files, upgrading the switch driver and kernel, and implementing a s ystem recovery. Overview of the OpenArchitect swi tch boot process The OpenArc[...]
-
Page 85
Figure 6.2: Boot Flow Chart Under normal circumstances, the booting up proc ess follows the process outlined in Figure 6.2. During boot up, the zmon bootloader reads the device boot string to locate and validate the correct application image to l oad. The bootstring command is in the following format: boot : X | [<options>] X represents the d[...]
-
Page 86
Saving Changes Any modifications made to the scripts for your particular configuration must be properly saved or your changes are lost when you reboot. The file syste m for the switch only exists in memory. A rewritable overlay is contained within t he upper four megabytes of the first application f lash. Modifying Files and Updating t he Switch An[...]
-
Page 87
configuration files contained in / e t c / r c Z . d In order to telnet into the box, there must be a configured interface with a proper IP address. For e xample, zhp0 is configured with the IP address 10.0.0.43 in the factory default configurati on. Booting with the –i option If you cannot telnet into the switch and Linux fails to boot, it is li[...]
-
Page 88
zsync /etc/hosts • Reboot the system. System Hangs During Boot After attaching the system console cabl e, if the system hangs during boot, try booting with the –i option as described in the previous section. It is possible that important Linux system fil es became corrupted and incorrectly save d in the flash overlay. Use zmnt as described in t[...]
-
Page 89
Download the OpenArchitect image to a local system. The OpenArchitect image is very cl ose to the limit of free space available on a default system so you may need to clear some space prior to downloadi ng the OpenArchitect image to the switch. Check for free space with the df c ommand. One of the easiest ways to create free space is to remove /usr[...]
-
Page 90
Using apt-get apt-get is a utility created by the Debia n Linux community to allow remote fetching and installation of software stored in a repository in Debian package format. It allows users to keep their software up-to-date with the latest binaries, and install new software without the need to recompile. Users may create their own repositories a[...]
-
Page 91
Chapter 7 Base Switch Configuration At this point, the OpenArchitect Ether net Switch Blade should be installed and powered up for the first time. This chapter helps you conne ct and configure the base switch by presenting command line examples as well as a disc ussion of the example configuration scripts . You may configure the fabric switch indep[...]
-
Page 92
files into flash for reloading. Changing the Shell Prompt You may use standard bash shell procedures to change the prompts on your base switches. Many sites choose a system that distingui shes among the individual switches at their locati on. The same rules apply for saving your choice ( zsync ) as for al l other configuration changes. Default Conf[...]
-
Page 93
• S50multivlan - Script which sets up multiple untagged VLANs. The first VLAN includes the first ten 10/100/1000 ports, the next contains the last ten 10/100/1000 ports, the third VLAN contains two 10/100/1000 ports, the last VLAN contains the last two 10/100/1000 ports. Layer 3 switching is enabled. • S55gatedRip1 - Script which is used with a[...]
-
Page 94
Tagging and Untagging VLANs The OpenArchitect switch is capabl e of switching VLAN tagged and untagged data packets. VLAN tagged packets conform to the 802.1q specific ation and the packet header contains an additional four bytes of VLAN tag information. A given port can be specified to accept VLAN tagged or untagged traffic. Internall y, all traff[...]
-
Page 95
Figure 7.2: Layer 2 Switch During the initial power up, a startup script called /etc/rcZ.d/S50layer2 is executed at boot time creating a single untagged VLA N (IP interface labeled as zhp0 ) which includes all Ethernet and gigabit ports as one Layer2 switch. The int erface to the host is then assigned the IP addres s of 10.0.0.42 to allow access to[...]
-
Page 96
Using the S50layer2 Script The S50layer2 script can be used and example, or edited to customiz e your Layer2 setup. For example, to reconfigure the IP address on your Layer 2 switch , • Open the S50Layer2 file in the Linux vi editor. • Change the IP address value listed under the Linux ifconfig(1M) command line. • Save your changes by running[...]
-
Page 97
brctl show brctl showbr bzhp0 Port Path Cost Each port has an associated cost that c ontributes to the total cost of the path to the Root Bridge when the port is the root port. The smaller the cost, the better the path. The Ethernet Switch Blade uses the following IEEE 802.1D recommendations base d on the connection speed of your port: Port Path Co[...]
-
Page 98
zconfig zhp1: vlan2=zre5..8 zconfig zre5..8=untag2 Now, use ifconfig to assign each zhp interface an IP address, ifconfig zhp0 10.0.0.1 ifconfig zhp1 11.0.0.1 At this point, the Linux host has enough informati on to route between the networks of the directly attached interfaces, 10.0.0.0 via zhp0 , and 11.0.0.0 via zhp1 . The next step is to enable[...]
-
Page 99
Linux IP zre1 VLAN 2 zre4 zre3 VLAN 3 zre2 VLAN 4 zre11 VLAN 11 zre7 VLAN 7 zre9 VLAN 9 zre6 VLAN 6 zre8 VLAN 8 zre10 VLAN 10 zre5 VLAN 5 VLAN 14 zre12 VLAN 12 zre13 VLAN 13 zhp0 - zhp2 3 zre20 VLAN 15 Each vlan interface (zhp) has only one switch port (zre) VLAN 1 zre0 zre15 VLAN16 zre16 VLAN17 zre17 VLAN18 zre19 VLAN20 VLAN19 VLAN23 VLAN22 VLAN21[...]
-
Page 100
• Runs the OpenArchitect zl3d . The zl3d application monitors the Linux routing tables and updates the switch routing tables for each inte rface configured above. /usr/sbin/zl3d zhp0..23 zl3d initially creates and adds eac h zhp interface (VLAN) to the switch routing tables. The zhp0..zhp23 is shorthand for the list of interfaces ( zhp0 , zhp1 , [...]
-
Page 101
• VLAN 4, zhp3: for last set of six ports, zre18- zre23 Each VLAN interface is labeled z h p N in the file, where N is a value from 0-3. Each interface is untagged and assigned its own IP address (see Figure 7.4) . Figure 7.4: Multiple VL AN Configuration The S50multivlan script executes the following c ommands: • Runs zconfig to create and sta[...]
-
Page 102
(10.0.0.42-10.0.3.42), assigns the netmask and brings them up. ifconfig zhp0 10.0.0.42 netmask 255.255.255.0 broadcast 10.0.0.255 up ifconfig zhp1 10.0.1.42 netmask 255.255.255.0 broadcast 10.0.1.255 up ifconfig zhp2 10.0.2.42 netmask 255.255.255.0 broadcast 10.0.2.255 up ifconfig zhp3 10.0.3.42 netmask 255.255.255.0 broadcast 10.0.3.255 up • Run[...]
-
Page 103
example): • Starts GateD with Rip1 using gated.conf.rip1 as the confi guration file: /usr/sbin/gated –f /etc/rcZ.d/gated.conf.rip1 The GateD conf file specifies the f ollowing configuration commands: • Implements the passive function so GateD is pre vented from rerouting information to a different interface if insufficient informat ion is rec[...]
-
Page 104
interface all noripin noripout • Opens sending and receiving packets for selected int erfaces. interface 10.0.0.42 ripin ripout version 1; interface 10.0.1.42 ripin ripout version 1; interface 10.0.2.42 ripin ripout version 1; . . . interface 10.0.13.42 ripin ripout version 1; interface 10.0.14.42 ripin ripout version 1; interface 10.0.15.42 ripi[...]
-
Page 105
cp /etc/rcZ.d/examples/gated.conf.rip1 /etc/rcZ.d Or for RIP2: cp /etc/rcZ.d/examples/S55gatedRip2 /etc/rcZ.d cp /etc/rcZ.d/examples/gated.conf.rip2 /etc/rcZ.d Or for OSPF: cp /etc/rcZ.d/examples/S55gatedOspf /etc/rcZ.d cp /etc/rcZ.d/examples/gated.conf.ospf /etc/rcZ.d • Open and make configuration changes to the listed c o n f file to coincide w[...]
-
Page 106
Marking and Re-marking The OpenArchitect switch can mark or rem ark packets using the TOS field or 802.1p tag. This is also controlled through the Linux iptables utili ty. Scheduling The servicing of configured queues by the switc hing fabric is referred to as scheduling. The OpenArchitect switch has three built-i n scheduling algorithms. The type [...]
-
Page 107
Running zfilterd Before starting zfilterd , ztmd must be running. Your can star t both from within a script, or directly from the command line . For example, ztmd zfilterd iptables rules can be entered at any time. If your iptables fi ltering rules set is extensive, you may want to move your set of iptables commands t o a start up script to run upo[...]
-
Page 108
action that will take place . For example, the rules: iptables -a FORWARD -i zhp3 -j DROP iptables -a FORWARD -i zhp3 -o zhp1 -p tcp --dport smtp -j ACCEPT result in SMTP packets received on any port in zhp3 to be sent for any port in zhp1 ; all other packets from zhp3 would be dropped. The order of the two rul es in the FORWARD chain does not matt[...]
-
Page 109
Introduction Firewall rules are stored in tables. The se tables are sometimes also known as firewal l chains or just chains . Tables normally store rules for what are known as hooks , which can be looked as packet-path junctions. There are five de fined hooks: PRE-ROUTE, POST-ROUTE, INPUT, OUTPUT and FORWARDING. The example below illustrat es the d[...]
-
Page 110
Packet Walk When a packet comes in via one of the int erface ports, the base switch makes a routi ng decision. If the packet was destined for the base switch itself or if the send to CPU action is speci fied, it is sent to the INPUT chain for further processing. If the re is no valid way to forward the packet, it is dropped. If the switch is config[...]
-
Page 111
--icmp-type ping The type can be preceded by ! to match a ny message except the type listed, for example: --icmp-type ! 1 Specifying TCP or UDP po rts If the protocol is TCP or UDP, the -s ( or --sport ) and -d (or --dport ) opti ons specify the TCP or UDP ports to match. A range of ports can be specified by giving the first and last ports separate[...]
-
Page 112
ZNYX Targets ZACTION This is the ZNYX Action target. Parameters for ZACTION: --drop Drops the packet --accept Accepts the packet --set-prio <val> Set the 802.1p priority to <val> --use-prio <val> Use queue priority <val> --copy-cpu Send the packet to the CPU. This will force the full installed chains traversal in software --[...]
-
Page 113
Extensions to the default matches These are described in the Linux packet filtering HOWTO at: http://netfilter.org/docume ntation/index.html#documentation-howto ZNYX FORWARDING Chain supports all of them. tc : Traffic Control The switch supports up to eight queues for each por t, including the cpu port. These queues hold packets waiting to be trans[...]
-
Page 114
queue number + 1 after the qdisc handle. So the highest priority queue in this example is 105:8. NOTE: 16 values must be provided for the priomap list. T his is a feature of the Linux priority system, which uses 16 priority level s. The last eight values given will be ignored. Weighted Round Robin Qdisc A weighted round robin qdisc builds on the ab[...]
-
Page 115
handle 100:0 Defines the handle for the queuing discipl ine. This handle may be used to reference the pfifo queue. Note that the ha ndle is included with the output of the qdisc ls command. (100:0 and 100: are equi valent in tc .) The choice of handle is significant for zqosd . root Tells tc that this is the base queuing discipline for the device, [...]
-
Page 116
match ip tos 0xa0 0xe0 would match an IP precedence of 5. Specific fields can also be speci fied by giving their offset from the beginning of the IP hea der and a field name of u8 , u16 , or u32 , depending on the width of the fiel d. For example, to match the SYN bit in the TCP flags, the specific ation is: match u8 2 0x02 at 33 Several IP fields [...]
-
Page 117
tc qdisc add dev zre1 ingress //ingress qdisc for zre1 tc qdisc add dev zhp2 ingress //ingress qdisc for vlan The filter add command changes slightly, the pa rent is now a special handle ffff:fff1, so using the same filter as the first example : tc filter add dev zre1 parent ffff:fff1 protocol ip u32 match ip dst 10.91.100.5/32 classid 105:2 This f[...]
-
Page 118
omitted, and the packet is not dropped, the e gress queue will be determined by the priority of t he packet, either from the 802.1p priority for ta gged packets or the default priority for untagged packets for the ingress port. Examples The following commands set up priority queues for packets sent to the CPU and then use filters with policing to d[...]
-
Page 119
specified numerically for eithe r out-of-profile or in-profile actions. The numeric val ue is a decimal integer action code shown in the table below. If the action requires a paramet er, the parameter value is multiplie d by 256 and added to the action code. Only a few of the actions are possible for out-of-profile. All can be used for in- profile.[...]
-
Page 120
for a u16 match. In many cases, there is a fiel d name that can be used for the match, elimina ting the need to specify the offset. U match selectors Field Match Equivalent ip src a.b.c.d/n u32 <value> <mask> at 12 ip dst a.b.c.d/n u32 <value> <mask> at 16 ip tos <value> <mask> u8 <value> <mask> at 1 [...]
-
Page 121
OpenArchitect switch though, because the norm al case is for packets to be switched in hardware. For that reason, zqosd must be used to shadow tc configurati on into hardware. Like zfilterd , zqosd works with ztmd , which provides the actual hardwar e interaction. If ztmd is not already running, start it:, then initiate t he zqosd daemon with no pa[...]
-
Page 122
In tc , the prio queuing discipline establishes multi ple queues and specifies their associate d priority map. Although WRR support is not part of the standard tc distribution, it has been added to the prio disciplinE. The following example illustrat es WRR. A strict priority scheduler is a simple r case that can be constructed easily from this exa[...]
-
Page 123
many packets sent as queue 0, queue 2 will have four times as many, and queue 3 will have six times as many. wrr parameters a re scaled such that the maximum value is no more t han 15. values which would be 0 are set to 1: • Queue 0 has a weight of 1000 bytes • Queue 1 has a weight of 2000 bytes • Queue 2 has a weight of 4000 bytes • Queue [...]
-
Page 124
tc filter add dev zhp0 protocol arp parent 100:0 u32 match u32 2 0xffff at +4 flowid 100:30 Combining Queuing Discip lines Any of the queue length limiting discipline s can be used with the bandwidth management queue disciplines, by defining them with the handle of one of the classes as their parent. For the htb queueing discipline, each class has [...]
-
Page 125
Figure 7.6: COPS Network Architecture A PDP contains all of the policy rulers for it s associated PEPs. A PDP typically stores rules in a data and is a dedicated server, not a f orwarding device. A PEP is any network device that has to enforce policy decisions. For example, a switch that restricts network access or prioriti zes traffic fits the def[...]
-
Page 126
and relaying those requests to its PDP. By contrast, the provisioning model is based on l onger lasting policy. The expectation is that policy should be administratively defi ned at the PDP and pushed to the PEPs as needed. OpenArchitect is a COPS-PR client. The most common use of COPS-PR is for distributing Differentiated Services (Diffserv) poli [...]
-
Page 127
where, PDP address: The IP address of the PDP. Default is loopback (127.0.0.1) PDP port: The destination port on which to open a COPS connection. Default is 3288. PEPID: The PEP Identifier Role-If: A mapping of roles to interfaces. The name of the role is followed by a comma-delineated list of interfaces. Multiple role- interface mappings are defin[...]
-
Page 128
Chapter 8 Base Switch Administration One of the main benefits of the OpenArchite ct switch is that it runs Linux, so much of the switch administration is already familiar to most network or system administrators. It is a good idea to complement these instructions wit h a standard Linux reference guide, such as Linux Net work Administrator’s Guide[...]
-
Page 129
ZX6000-OA<release no.># zsync ZX6000-OA<release no.># Setting up a Default Route If you wish to access the switch from some pla ce other than a directly attached network, you may want to setup a default route. Use the rout e command to set a default gateway. route add default gw 10.0.0.254 Put the entry into the /etc/init.d/rcS startup [...]
-
Page 130
Network Time Protocol ( NTP) Client Configuration NTP is a protocol for setting the real time clock on a system. There are numerous primary and secondary servers available on the network. F or more NTP information, and a list of available NTP servers, see the following URL: http://www.ntp.org/ You will need to have your network settings properly co[...]
-
Page 131
All the necessary servers are included in /etc/init.d/rcS but are commented out by default. To automatically start all NFS client services each time you boot, uncomment t he NFS Client servers. Go to the /etc/init.d/rcS file. Uncomment the following command lines by removing the # sign. /sbin/portmap /sbin/rpc.statd /usr/sbin/rpc.mountd -r You can [...]
-
Page 132
ftpd Server Configuration The switch itself can also be configured to run a n FTP server ( ftpd ). See the Linux Reference Guide for details of the ftpd command. You will ne ed to add a user to the switch in order to connect via ftp from a remote host, since root is not allowed ftp access. See the earlier section in this chapter regarding how to ad[...]
-
Page 133
Supported MIBS RFC 1155: Structure and Identification of Management Information for TC P/IP-based internets RFC 1227: SNMP MUX Protocol and MIB RFC 1493: Definitions of Managed Objects for Bridges (obsoletes RFC 1286) RFC 1657: Definitions of Managed Objects for the Fourth Version of th e Border Gateway Protocol (BGP-4) using SMI-V2 RFC 1724: RIP V[...]
-
Page 134
Supported MIBS ZNYX Networks Private MIB Custom ZNYX MIB to support software and hardware features not covered by standard MIBs. The Private MIBs are ZX7100BASE.MIB AND ZX7100FABRIC.MIB, pointed to by ZNYX-H.MIB. UCD-SNMP Enterprise MIB UCD-SNMP MIB related to management and monitoring of the LINUX ho st Table 8.1: Supported MIBs Supported Traps Up[...]
-
Page 135
status is down, then the operational status will be down independent of the underlying link state. You must ifconfig up the zres to see the operational link status for a zre . When the administrative status is up, the oper ational status is dependent on the underlying physical state. For example, Table 8.3 shows that if zhp0 contains zre1 and zre2 [...]
-
Page 136
IMPORTANT: For NET-SNMP agents, these objects ( sysLocation.0, sysContact.0 and sysName.0 ) ordinarily are read-write. However , specifying the value for one of these objects by giving the appropriat e token in snmpd.conf makes the corresponding object read-only, and attempts to set the value of the object will result in a notWritable error respons[...]
-
Page 137
zmirror mirror_from mirror_to After executing the following three c ommands, packets received on ports 0, 1 and 2 would be mirrored (copied and transmitted) to por t 12. This mirroring would be in addition to any Layer 3 or Layer 2 switching. zmirror zre0 zre12 zmirror zre1 zre12 zmirror zre2 zre12 To clear the current mirroring use the -t option. [...]
-
Page 138
Chapter 9 Base Switch Maintenance This chapter includes basic informa tion about the OpenArchitect switch environment incl uding an overview of the file system structure, modi fying and updating switch files, upgrading the switch driver and kernel, and implementing a s ystem recovery. Overview of the OpenArchitect switch boot process The OpenArchit[...]
-
Page 139
Under normal circumstances, the booting up proc ess follows the process outlined in Figure 6-2. During boot up, the zmon bootloader reads the device boot string to locate and validate the correct application image to l oad. The bootstring command is in the following format: boot : X | [<options>] X represents the device value 0, 1 or 2 The bo[...]
-
Page 140
Saving Changes Any modifications made to the scripts for your particular configuration must be properly saved or your changes are lost when you reboot. The file syste m for the switch only exists in memory. A rewritable overlay is contained within t he upper four megabytes of the first application f lash. Modifying Files and Updating th e Switch An[...]
-
Page 141
Booting with the –i option If you cannot telnet into the switch and Linux fails to boot, it is likely that a change saved by zsync has left the switch in an inaccessible state. To allow users to recover from mist akes saved in the overlay file system, a boot argument of –i passed to the init process will stop the untarring of the saved overlay [...]
-
Page 142
System Hangs During Boot After attaching the system console cabl e, if the system hangs during boot, try booting with the –i option as described in the previous section. It is possible that important Linux system fil es became corrupted and incorrectly save d in the flash overlay. Use zmnt as described in the previous section to fix or remove the[...]
-
Page 143
the limit of free space available on a default system, so you may need to clear some space prior to downloading the new OpenArchitect im age to the switch. CAUTION: Do not remove the existing copy of /usr/sbin/gated (as suggested in Step 5, below) until you have, in fact, determined that an OpenArchitect upgrade version is available for downloading[...]
-
Page 144
Using apt-get apt-get is a utility created by the Debia n Linux community to allow remote fetching and installation of software stored in a repository in Debian package format. It allows users to keep their software up-to-date with the latest binaries, and install new software without the need to recompile. Users may create their own repositories a[...]
-
Page 145
Chapter 10 Connecting to the Ethernet Switch Bl ade The Ethernet Switch Blade has two compl etely separate switching subsystems within one ATCA blade supporting both Base Interface and F abric Interfaces The Ethernet Switch Blade implement s an independent control processor and software environment for both Base and Fabric Interface switching subsy[...]
-
Page 146
console port. An RS-232 to RJ-45 adapter is required. Fabric Interface Hub System : A 48-port Gigabit Ethernet Switch that pr ovides PICMG 3.1 Option 2 (2.0 Gb/s) Ethernet service for a full 14-slot ATCA chassis. All connect ors for the fabric interface hub and it’s processor ar e labeled “fabric”. Ethernet Interfaces : The 3.1 Fabric Interfa[...]
-
Page 147
To attach the console cable to the Ethernet Swit ch Blade switch: 1. Plug the RJ-45 end of the console cable (P/N 6900-63006, shippe d with the HP bh5700 ATCA 14-Slot Blade Server) into the RJ-45 Consol e Port (1) on the front panel. 2. Connect the DB-9 end of console cable into a s tandard Modem Eliminator Cable (normally locally available). 3. Co[...]
-
Page 148
NOTE: The OOB port is not active by default with the factory c onfigured configuration. The first time you log into the switch either in-band or thr ough the console cable you must use the ifconfig command to make the port active. Connecting to the Fabric Interfa ce Fabric Interface Serial Port Connect ion The switch console can be accessed via one[...]
-
Page 149
9. Reinsert the switch into the system and power up. 10. Use a terminal emulation program to access the switch console. Fabric Interface Out of Band Eth ernet Connection Connect an Ethernet cable from the Ethernet S witch Blade front panel MGMT OOB (4 in Figure 10.3) to your PC. 1. Configure a host on the 10.0.0.0 network. 2. The OpenArchitect swit[...]
-
Page 150
Chapter 11 Diagnosing a Failed E thernet Switch Blade Activation The Ethernet Switch Blade must tra nsition through a series of states (M0–M4) to become act ive in an ATCA shelf. After the Ethernet Switc h Blade has reached the M4 state, it will becom e active and start the boot process of the Ope nArchitect Switch Management environment. If a fa[...]
-
Page 151
FRU State HotSwap LED Status Healthy LED Status Solution M0 OFF OFF No power. Board not inserted correctly. 1. Remove and re-insert board. 2. If board does not power-up after re-insertion, try a different slot. If board continues to fai l in the new slot and the problem does not affect other boards running in the chassis, return the Ethernet Switch[...]
-
Page 152
FRU State HotSwap LED Status Healthy LED Status Solution switch through a console cable. If OpenArchitect is running, and abnormal be havior is occurring, please see Network Configurati on Problems for information on network issues. If OpenArchitect cannot be accessed through the console port, please see Troubleshooting a Fa iled OpenArchitect Load[...]
-
Page 153
sensor information. Examine the System E vent Log (SEL) on the ShMM and determine if critica l sensor events have been logged for the switch in quest ion. If the switch has reported critical sensor data for temperature or voltage, the ShMM ca n prevent it from booting. To determine if the criti cal sensor events persist, it may be necessa ry to alt[...]
-
Page 154
clia board -v 7 or clia board -v 8 These commands generate an output that reports if the ShMM thinks it has granted access to ports on the switches. Check the Shelf Manager User’s Guide for the expected output. Ethernet Switch Blade User's Guide release 3.2.2j page 154[...]
-
Page 155
Chapter 12 Troubleshooting a Failed OpenArchitect Load The OpenArchitect operating system is loaded fr om the FlashROM memory into RAM when the Ethernet Switch Blade is activated by the Shelf Manager. If there is a problem with the loading of OpenArchitect due to a hardware failure or corrupt file s ystem, the back-up image can help to troubleshoot[...]
-
Page 156
The Ethernet Switch Blade is equipped with a Random Acce ss Memory (RAM) disk and three Read-Only Memory (ROM) devices, including, a boot ROM and two appli cation flash Ethernet Switch Blade User's Guide release 3.2.2j page 156 E t h er n et S w it ch b lade h as been e n abled by t h e S h M M a n d st a r t s t o bo o t Bo o t lo ader ex a m[...]
-
Page 157
The boot ROM is located on device 0 and contai ns the OpenArchitect zmon application that operates as a boot loader and include s a device bootstring. Device 1 contains the application fl ash 1 image of the Linux operating system and t he OpenArchitect overlay file system. Applicati on flash 1 is the primary working image for the switch. Device 2 c[...]
-
Page 158
properly attach the console cable. Booting Without the Overlay File If you cannot telnet into the switch and Linux fails to boot, it is likely that a change saved by zsync has left the switch in an inaccessible state. To allow users to recover from mist akes saved in the overlay file system, a boot argument of –i passed to the init process will s[...]
-
Page 159
If the switch still is unable to boot, s ee Booting the Duplicate Flash Image , below. Booting the Duplicate Flash Image Another recovery method, if Linux fails to boot, is to temporarily boot the factory-installed duplicate image located in the second fl ash device. 1. Connect through the console port. 2. When you see the number counter appear aft[...]
-
Page 160
Chapter 13 Network Configuration P roblems Many reported problems on a booted switch wil l ultimately be traced back to user errors in the layer 2 or layer 3 switch configuration. In some c ases, symptoms from an improperly configured switch can masquerade as potential ha rdware problems. Interface Overview On startup OpenArchitect creates inter fa[...]
-
Page 161
Physical Slot 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Fabric Port 3 19 11 - - 3 7 15 27 Fabric 51** * Base Interface Inter-Switch Link (I SL) ** 10 Gigabit Ethernet Fabric Interfac e - Update Channel Table 13.2: Additional Interfaces Additional Interfaces Base F abric Front Panel Egress (zre) 12 20 - 21 14 22 15 23 Shelf Manager 1 (zre) 22 - Shelf M[...]
-
Page 162
2. S30e1000 - Script that loads the e1000 driver module for the Out-of- Band Ethernet ports. (Editing this script is not recommended.) S40vpd - Script that checks the current OA version, and loads into t he Vital Product Data (VPD) area if necessary. (Editing this script is n ot recommended.) 3. S50layer2 - Script that sets up a basic Layer 2 switc[...]
-
Page 163
Default Fabric Interface Configuration Editing the S50layer2 script can change the Ethernet Switch Blade Fabric Interface default configuration. The S50Layer2 script and included example scr ipts ( /etc/rcZ.d/examples ) can be used as templates to create custom sc ripts. The default S50layer2 script configures the switch accordingly: 1. S20stack - [...]
-
Page 164
ifconfig Default Screen Output for the Bas e Interface Ethernet Switch Blade User's Guide release 3.2.2j page 164 Figure 13.2: Linux Networking Environ ment Interfaces [ZX7100-OA3.2.2h]# ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16144 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 fra[...]
-
Page 165
Configuration Troubleshooti ng Problem Solution No Connection Physical Link problem. Check to see if the port LED is lit. If the LED port is not lit, then you may have a bad cable connection. OR Configuration Error. Connect through the console port (See Chapter 10). Use the ifconfig command to see all of the configured interfaces on the Ethernet Sw[...]
-
Page 166
The following table will translate the zlc output t o link status. Link Port Status Link Speed Pause Faults OK Zre (x) EKEY_DISA BLED Auto Enable Internal Fault EKEY_ENAB LED 1000fd UP 1000hd DOWN 100fd 100hd 10fd 10hd Disable External Fault ON Link: zre(X) – physical interface Shelf Manager Status: EKEY_DISABLED - A s lot or device that has been[...]
-
Page 167
10hd – Ethernet Half Duplex Pause: Enable: a port that can temporarily suspend the data transmission between two network devices in the event t hat one of the devices becomes congested. Pause enabled devices can reduce bottlenecks by making the network more efficient. Disabled: The pause feature is not e nabled and will continue to transmit traff[...]
-
Page 168
NOTE: this is the zlc output for a single Etherne t Switch Blade Base Interface in the default configuration with no line cards installed in the chassis. Querying Fabric Interface ekey Status Link Status for a single port To query a link status for a single port type zre<x> query. For exam ple : zlc zre13 query Example Output: Link Status for[...]
-
Page 169
Ethernet Switch Blade User's Guide release 3.2.2j page 169 [ZX7100-OA3.2.2h]# zlc zre0..51 query zre0: <EKEY_DISABLED, AUTO, PAUSE ENABLE, EXT_FLT ON, OK ON> zre1: <EKEY_DISABLED, AUTO, PAUSE ENABLE, EXT_FLT ON, OK ON> zre2: <EKEY_DISABLED, AUTO, PAUSE ENABLE, EXT_FLT ON, OK ON> zre3: <EKEY_DISABLED, AUTO, PAUSE ENABLE, EX[...]
-
Page 170
Network Connectivity Troubleshooting No Connection If the port LED is lit on the front panel, the switch has established a physical connection and the problem is a network configuration error. Check t o see if both devices are configured to be on the same network (ex. 10.0.0.xxx) and that the subnet mask is set correctly. Diminished Network Through[...]
-
Page 171
have an active remote device att ached, then first bring down the ports which do not have active connections expected to make sure there is a legitimate EXT FLT condition. If loss of communications is suspected on an e xternally wired port, make sure to check and test affected cables. Network Tests Ping Test It is possible to test a network conne c[...]
-
Page 172
Traceroute Test It’s possible to trace a network path usi ng the traceroute command. The following is an example of a Layer 2 traceroute with only t wo devices. Ethernet Switch Blade User's Guide release 3.2.2j page 172 sh-2.04# traceroute 192.168.1.101 traceroute to 192.168.1.101 (192.168.1.101), 64 hops max, 40 byte packets 1 192.168.1.101[...]
-
Page 173
Chapter 14 Isolating Hardware Failures 1. Fl ash 10. Switch Chip (U69) 2. EEPROM 11. Zone 3 ATCA Connector 3. PH Y 12. Isolation Transformers 4. C PU 13. 4-port PHY 5. SDRAM 14. Zone 2 ATCA Connector 6. I solation Transformer 15. Zone 1 ATCA Connector 7. I PMI Controller 16. Isolation Transformers 8. Power Supply 17. 4 port PHY 9. Switch Chip (U56)[...]
-
Page 174
1. Isolation Transformer 2. Zone 3 ATCA Connector 3. Isolation Transformer 4. Switch Chip (U60) 5. SDRAM 6. Switch Chip (U59) 7. Isolation Transformer Ethernet Switch Blade User's Guide release 3.2.2j page 174 Figure 14.2: ZMC Daughter Card Outside View[...]
-
Page 175
1. Isolation Transformer 8. Flash ROMs 2. 4 Port PHY 9. FPGA 3. CPU (U22) 10. ZMC Connector 4. 10 Gigabit XFP 11. Zone 3 ATCA Connector 5. 10 Gigabit PHY 12. Power Supply Ethernet Switch Blade User's Guide release 3.2.2j page 175 Figure 14.3: ZMC Daughter Board Inside View[...]
-
Page 176
6. Isolation Transformer 13. Isolation Transformers 7. Power Supply 14. 4 Port PHY Hardware Subsystem In the following tables, refer to the ident ified component-area numbers on indicated in the pictures in the proceeding section. The indi cations of malfunction may be identified eit her during normal operation, or in response to a specific tes t. [...]
-
Page 177
Base ZM C 0 # ZMC 1 # Hardware Subsystem Indications of Malfunction any of the following indications: • Error message via OpenArchitect due to inability to access the registers within the switch chip, or a failure of DMA transfers. • Loss of switch functionality, such as the inability to forward packets, or forwarding packets in error. 8 12 Pow[...]
-
Page 178
Duplicate Flash Image . If the switch can succ essfully boot from FlashROM device 2, then FlashROM device 2 is fully operational. Testing the Switch Fabric You can test the functionality of the swit ch fabric by running the zlc command. The zlc command outputs the link status for any Ethe rnet Switch Blade interface. Link Status for a single port T[...]
-
Page 179
Example Output: NOTE: This is the zlc output for a single Ethern et Switch Blade Base Interface in the default configuration with no line cards installed in the chassis. Testing the onboard RAM You can test the onboard memory by running the free c ommand. The free command will output the current memory usage. h-2.04# Total Used Free Shared Buffers [...]
-
Page 180
If the “Used” and “Free” memory statis tics do not add up to the Total memory, the software environment may have a memory leak caus ed by a software error. Reboot the switch. If the problem persists after a reboot. R un the top command to list the memory utiliz ation of all current processes. sh-2.04# top The top command can help you isolat[...]
-
Page 181
To test the operational status of t he control processors you can do the following: Hardware Fault Connect to the console port of either the Bas e or Fabric Interface control processor (See Chapter 10 for more information). If you cannot communicate with the Ether net Switch Blade, the control processor may have encountered a software error. Reboot[...]
-
Page 182
INT FLT LED is illuminated, replace the switch and return it for repair. Ethernet Switch Blade User's Guide release 3.2.2j page 182[...]
-
Page 183
Chapter 15 High Availability Trou bleshooting The ATCA environment will usually contain a high-a vailability failover configuration betwee n two ATCA switches in the chassis. Note tha t the failover features are configurable and a switch can be directed to fail over all of it s processing when a single port or link goes down, or it can perform a po[...]
-
Page 184
Chapter 16 Switch Firmware Overview There are three components to the fir mware on the Ethernet Switch Blade: 1. Bootloader firmware ( zmon ) 2. OpenArchitect firmware 3. IPMI firmware Some hardware and software problems can be res olved by updating the firmware to the latest version. Check the Hewlett-Packard websit e for the latest version (see t[...]
-
Page 185
Key: PN: Base Interface Switch Assembly Number SN: Base Interface Switch Serial Numbe r V6: OpenArchitect Version Number VP: IPMI Firmware Version VZ: BootLoader Version Number The following output is shown for the 3.1 Fabric Inter face: 3.1 Fabric Interface Key: PN: Base Interface Switch Assembly Number SN: Base Interface Switch Serial Numbe r V6:[...]
-
Page 186
Updating the Switch Firmware Currently, the OpenArchitect and bootloader components are the only upgradeable firmware on the Ethernet Switch Blade. Upgrading t he IPMI software is not currently supported. BootLoader Firmware Upgrade: 1. Download the bootloader image to a local system. 2. FTP the bootloader image from the local system to your switch[...]
-
Page 187
Surviving Partner daemons to think there is a failure , resulting in link oscillation. Base Interface: zflash -d 1 rdr6000.zImage.initrd Fabric Interface: zflash –d 1 rdr7100.zImage.initrd IPMC Firmware Upgrade: Upgrading the IPMC Firmware through OpenArchitec t is not currently supported. Ethernet Switch Blade User's Guide release 3.2.2j pa[...]
-
Page 188
Chapter 17 Restoring the Factory Default Configuration You should use this procedure if the contents i n Flash Device 1 are corrupt and you need to restore the switch to the factory defaul t configuration. By restoring the factory default configuration, you will overwrite your main f ile system in Flash Device 1 and lose all previous configuration [...]
-
Page 189
Chapter 18 Before Calling Suppo rt Because of the highly customized confi gurations that can be applied by customers to their ATCA switch environment, the focus must be on dat a collection to get a snapshot of the current switc h configuration and network traffic activi ty. If support is needed, it is necessary to gather the following information f[...]
-
Page 190
Figure 18.1: ROM Devices in OpenAr chitect The boot ROM is located on device 0 and contai ns the OpenArchitect zmon application that operates as a boot loader and includes a device bootstring. Device1 contains the applicati on flash1 image of the Linux operating system and the OpenArchitect overlay file system. Application flash1 is the primary wor[...]
-
Page 191
Appendix A Fabric Swit ch Command Man Pages OpenArchitect applications are im plemented above the OpenArchitect libraries and the R MAPI interface. OpenArchitect applicati ons are used for normal operation of the switch, for runtime status and diagnostics, and for prototyping new a pplications development. For runtime operation, the OpenArchitect a[...]
-
Page 192
vrrpconfig NAME vrrpconfig – Configure and control the running vrrpd SYNOPSIS vrrpconfig [-d <level>] -- <vrrpd parameters> vrrpconfig [-d <level>] [-k] [-a] [-p] [-s <vid>] DESCRIPTION vrrpconfig provides communication with a running vrrpd daemon. T he -- option for vrrpconfig will pass all parameters to vrrpd a s would b[...]
-
Page 193
EXAMPLES Here is an example of using the -- invocat ion method that changes the priority to 99 for the Virtual Router associated with the Virtual Router Identifier 1: vrrpconfig -- -v 1 –p 99 SEE ALSO vrrpd Ethernet Switch Blade User's Guide release 3.2.2j page 193[...]
-
Page 194
vrrpd NAME vrrpd – Virtual Router Redundancy Protocol Daemon SYNOPSIS vrrpd -i ifname -v vrid [-f piddir] [-s] [-a auth] [-p prio] [-nhb] [-I ifname] [-d delay] [-m address] [-M ] [-B] [-S script] [-c conf_file] [-D level] ipaddr DESCRIPTION vrrpd is an implementation of Virtual Re dundant Routing Protocol (VRRPv2) as specified in RFC2338. It run[...]
-
Page 195
the –i option. -s Toggle preemption mode (Enabled by default). Preemption means that a Master switch will go to Backup if a current Backup has higher priority. -M Become MASTER when priority is equal. Be sure it is only set on one host or the switches will oscillate. Must set –B option on other hosts (requires preemption mode ! -s) -B Become BA[...]
-
Page 196
The result of which to use the native MAC address of the interface. Using the –n option is not recommended. -D <level> Set debugging output to the supplied level <ipaddr> the ip address(es) of the virtual server SEE ALSO vrrpconfig Ethernet Switch Blade User's Guide release 3.2.2j page 196[...]
-
Page 197
zbootcfg NAME zbootcfg − Modifies the boot parameters of t he OpenArchitect switch. SYNOPSIS zbootcfg -a | -d <device number> [<boot_string>] DESCRIPTION zbootcfg is used to display or modify the boot parame ters on the switch. The boot parameters are utilized by the minof boot loader a pplication to indicate on which device to find a[...]
-
Page 198
application flash. Typically this is required before updating application flash 1. B y booting the alternative image, if a fail ure occurs during the programming of application flash 1, rec overy is easier. zbootcfg -d 2 The next example passes the -i option t o the booting kernel. This is useful when recovering from a mistake saved to the read-wri[...]
-
Page 199
zconfig NAME zconfig - Configures the OpenArchitect switch. SYNOPSIS zconfig [-h <host_name>] [-d <level>] [-a] [-t] [{-f <file>} | <configuration>] DESCRIPTION zconfig creates Virtual Local Area Network (VLAN) groups of switch port s or trunks. Each VLAN group forms a Layer 2 switching domain. Each V LAN group has a VLAN Id[...]
-
Page 200
input. If the -f flag is not used, a single line of configuration data can be entered as parameters to zconfig . CONFIGURATION SYNTAX zconfig takes configuration data from standar d input or from a file with the -f option. In either case, the configuration syntax is the same. The zconfig configuration data consists of a list of semicolon-delimited [...]
-
Page 201
ports. teardown Removes the trunk interface, making the ports which were part of the trunk available for configuration in other trunks or VLANs. all mac [ source_address | destination_address ] ip [ source_address | destination_address ] port [ source_port | destination_port ] Further specifies the rules for selecting which port in the trunk a pack[...]
-
Page 202
The syntax for a network interface state ment is the interface name followed by a colon and a n action. Network interface state ments are used to create or tear down a VLAN group and can consist of one or a list of network interfac e names; followed by a colon and then an action. For example: zhp0: <Network Interface Action>; Network interfac[...]
-
Page 203
named zhp1 . This VLAN includes four switc h ports, zre1 , zre10 , zre11 , zre13 . zhp0: vlan100 = zre1,zre10,zre11,zre13; The next statement adds two switch port s, zre1 , zre2 and zre3 , to an existing network interface and VLAN. zhp0: vlan100 = zre1..3; The next statement deletes two sw itch ports, zre1 and zre2 , to an existing network interfac[...]
-
Page 204
zre1=untag1; If port 0 is also a member of VLAN 100, packets f or VLAN 100 are sent from this port with a VLAN tag as part of their header. In the next example, the switch ports 10, 11, and tr unk 2 are configured as untagged members of VLAN 100. zre10,zre11,zrl2=untag100; This statement is equivalent to the following three lines: zre10=untag100; z[...]
-
Page 205
The following statement creates 14 VLAN groups with VID numbers 1-14. Each VLAN contains the same switch port, port 1, represente d as zre1 . zhp0 ..13: vlan1..14 = zre1; The plus (+) wildcard can be used with the las t port listed to auto-increment that port number before each VLAN group is created. The followi ng network interface statement creat[...]
-
Page 206
The previous configuration can be used for creat ing a 14 port Layer 2 switch, all 14 ports assigned to the same VLAN. SEE ALSO zl3d Ethernet Switch Blade User's Guide release 3.2.2j page 206[...]
-
Page 207
zcos NAME zcos - class of service queue control SYNOPSIS zcos [-h <hostname>] [-d <level>] [ -u <default priority> ] [ -m q0,q1,q2,q3,q4,q5,q6,q7 ] [-n <queue length list in packets for each queue> | -b <Reserved space in bytes for each queue> | -s <limit on dynamic pool usage, in bytes>, <reset %>] [ -k PR[...]
-
Page 208
Each cos queue is limited in the number of packets it can hold waiting scheduling; the mem ory used by each queue is managed to provide a guarant eed space with additional space shared among all queues for a port. OPTIONS Most options are optionally followed by a <port list> , which may inc lude zre port ranges, like zre0..5 , individual port[...]
-
Page 209
Packets are first counted against the re served space for a queue. When that space is occupied, additional memory is used from the dynamic me mory pool until the dynamic pool usage limit f or the port is reached. Any additional packets received for the queue on this port are dropped. Metering and Scheduling -r <list of bandwidth guarantees in Kb[...]
-
Page 210
-q all | qmap | qinfo | scheduler [<port list>] Queries the current COS/QOS Settings. all - Displays all of the queue mappings, queue limi ts, metering and scheduling settings qmap - Displays the priority to COS queue mappings . qinfo - Displays queue limits for the COS queues . scheduler - Displays the traffic metering and s haping settings [...]
-
Page 211
zdog NAME zdog - Configure and send heartbeats to watch dog enabl ed drivers. SYNOPSIS zdog [-d <level>] -h | -i <interval> | -n <heartbeats> zdog [-d <level>] -b zdog [-d <level>] -a DESCRIPTION zdog is used to configure the Ethernet Switch Bla de watchdog timer functions and to send heartbeats to the Ethernet Switc h[...]
-
Page 212
component of zdog insures that the CPU is functioni ng well enough to execute something. The software component of zdog when launched from monit insures that monit is running to perform higher level tasks. And finally monit can be used to monitor any or all critical system resources and processes in the system. OPTIONS -d set debug level to <lev[...]
-
Page 213
zfilterd NAME zfilterd - A daemon to use the filter hardware of the OpenArchitect switch for filtering based on iptables(8) rules. SYNOPSIS zfilterd [-d <level>] [-p <port>] [-f] [-l] [-i <pid>] [-o <pid>] DESCRIPTION zfilterd is a daemon that intercepts filte ring rules entered by the user, using iptables(8) , checks them f[...]
-
Page 214
zflash NAME zflash − Loads images into the flash ROMs on the OpenArc hitect switch. SYNOPSIS zflash -d <dev> [-o|-O <offset>] <image_file> <upgradeipmi.img> DESCRIPTION zflash enables you to program the flash ROMs on the switch. The switc h contains 3 flash ROM devices: the boot ROM flash, applicat ion flash 1 and applicat[...]
-
Page 215
Exercise caution when using this command, a s an error can render your switch inoperable. Do not interrupt this process until complete. SEE ALSO zbootcfg Ethernet Switch Blade User's Guide release 3.2.2j page 215[...]
-
Page 216
zl2, zl2mc, zl3host, zl3net, zvlan NAME zl2, zl2mc, zl3host, zl3mc, zl3net, zvlan – Formatted display of OpenArchitect generic tables. zl2 displays the abstraction API’s layer 2 ta ble. zl2mc displays the abstraction API’s layer 2 multi cast table. zl3host displays the abstraction API’s layer 3 host route table. zl3mc displays the abstracti[...]
-
Page 217
display on the user console. The format of the output is table-dependent. Port mapping affects the ports referenced in the generic table s. (Ports listed in order from 1 to 15) Headers describing the column being displayed ar e printed after every 22 lines of output, which makes it easy to pipe through more(1). The abst raction layer tables grow an[...]
-
Page 218
The following command deletes the above ent ry: zl2 -c -m 00:c0:95:45:00:00 The following command displays all ent ries of the zl2 table: zl2 Be careful, the -c option does not ask. The fol lowing command deletes all entries in the zl2 table: zl2 -c SEE ALSO zal Ethernet Switch Blade User's Guide release 3.2.2j page 218[...]
-
Page 219
zgvrpd NAME zgvrpd - GARP VLAN Registration Protocol (GVRP) daemon fo r the OpenArchitect switch. SYNOPSIS zgvrpd [-d <level>] [-f] [-h <hostname>] [-p <ppa>] [-t <target>] DESCRIPTION zgvrpd is run after the network interfaces are created and initialized with zconfig , and started with ifconfig(1M) . zgvrpd starts a backgro[...]
-
Page 220
OPTIONS -d <level> Sets the level of debugging output required by zgvrpd. The default level is zero (0). Setting the debug level higher produces more output. Five (5) is currently the maximum output level. -f Run zgvrpd in foreground. Default is to run it in background. -h <hostname> Connect to remote host <hostname>. -p <ppa&g[...]
-
Page 221
zl2d NAME zl2d - Layer 2 daemon for the OpenArchitect switch. SYNOPSIS zl2d [start | stop] [-t <msecs>] [-d <level>] [-f] [-p <priority>] <iface..> DESCRIPTION zl2d is run after the network interfaces are created and initialized with zconfig . zl2d creates a Linux bridge for each interf ace using brctl(8) . The bridge name i[...]
-
Page 222
OPERATIONS zl2d manages the Spanning Tree state fi elds in the switch of each port within the bridge(s). Based on a timer, zl2d reads the port inform ation for each Linux bridge and updates the switch when necessary. EXAMPLES In the following example, zl2d creates a Linux bridge named b zhp0 which includes all of the zre<n> devices previously[...]
-
Page 223
zl3d NAME zl3d - Layer 3 daemon for the OpenArchitect switch. SYNOPSIS zl3d [-h <host_name>] [-t <msecs>] [-b] [-e] [-l] [-n] [-d <level>] <iface ..> DESCRIPTION zl3d is run after the network interfaces are created and initialized with zconfig , and started with ifconfig(1M).zl3d listens for Netlink messages from the ke rnel[...]
-
Page 224
produces more output. Four (4) is currently the maximum output level. <iface…> The network interfaces on which zl3d should operate. These network interfaces must first be created by zconfig. zl3d does not operate with standard network interface cards. It only works on switch network interfaces created by zconfig. It uses the same syntax as [...]
-
Page 225
zlc NAME zlc − link and LED control SYNOPSIS zlc [-h <hostname>][-d <level>][-x] <port_list> <action> [on | off ] zlc [-h <hostname>][-d <level>][-x] <action> [on | off |clear] zlc [-h <hostname>][-d <level>][-x] [state|query] DESCRIPTION The zlc application sets the link speed and s tate of i[...]
-
Page 226
EXAMPLES In the following example, zlc forces the line speed of port 1 t o 100 Full duplex. The interface must be down to change the speed. Assuming zre1 i s part of interface zhp0 , ifconfig zhp0 down zlc zre1 100fd The external fault, internal fault , and ok LEDs can be set on a per port basis or globally . To set the external fault LED for a par[...]
-
Page 227
SEE ALSO ifconfig(8) Ethernet Switch Blade User's Guide release 3.2.2j page 227[...]
-
Page 228
zlmd NAME zlmd − monitor link changes or hot swap events. SYNOPSIS zlmd [-h <hostname>] [-b] [-d <level>] {-f <file>} | <configuration> DESCRIPTION The zlmd application is intended to run as a daem on, waiting for a configured event to occur and then running the program configured for that event. The e vents monitored are [...]
-
Page 229
<port-list> A list of ports in the same forms supported by zconfig, e.g. zre1,zre2 or zre10..14 <program> Path to an executable program or script to be run when the event occurs. Note: An absolute path to <program> is required. The program will be called with the following parameters: For Link Changes: <program> <ppa> [...]
-
Page 230
zlogrotate NAME zlogrotate − Rotates log files. SYNOPSIS zlogrotate [-b] [-t time] [-s segment size] [-n # of files] [-f file to rotate] DESCRIPTION zlogrotate rotates the selected file every [t ime] seconds if the file is larger than [se gment size]. It will keep only the number of fi les selected. zlogrotate is called from /etc/init.d/rcS by de[...]
-
Page 231
zmirror NAME zmirror - Set packet mirroring on an ingress or egress port. SYNOPSIS zmirror -a | -t zmirror [-e] <from_list> <to_port> DESCRIPTION zmirror sets packet mirroring from a given set of ports to a given port . Turning on packet mirroring causes a copy of the packet to be se nt to the to port. Any number of from ports can be mi[...]
-
Page 232
zmirror is cumulative: zmirror zre1, zre2, zre3 cpu Is the same as: zmirror zre1 cpu zmirror zre2 cpu zmirror zre3 cpu Setting a different to port will ove rwrite the previous setting and direct previously mi rrored ports to a new to port. Given the last setup the fol lowing will change port 1 traffic to be forwarded to port 10. zmirror zre1 zre10 [...]
-
Page 233
zmnt NAME zmnt − Expands the read/write files onto the RAM dis k. SYNOPSIS zmnt [-c] <directory> zmnt [-c] -t <file> zmnt [-c] –l DESCRIPTION zmnt expands files from flash onto the RAM disk that have been previ ously saved with zsync . The init process runs zmnt to expand the files in fla sh onto RAM file system. The user may use zm[...]
-
Page 234
In the following example, zmnt the current overla y into a tar file called overlay.tar zmnt –t overlay.tar The resulting tar file can now be saved on a dif ferent host as a snapshot of the overlay at that point in time. Use zsync to restore the ove rlay on the switch: zsync –t overlay.tar The restored overlay will be used upon the ne xt reboot.[...]
-
Page 235
zpeer NAME zpeer – Application for High Availability comm unication between the Fabric and Data switches. SYNOPSIS zpeer [-d <level>] local|peer <command> <value>|query zpeer [-d <level>][-a][-r] DESCRIPTION zpeer is used to pass bidirectional High Availabi lity(HA) state and priority information between the base and fabri[...]
-
Page 236
displayed by query, but must be set at initial ization. After setting the healthy state, the query will retur n the backup state. backup Used to reflect the backup state of vrrpd master Used to reflect the master st ate of vrrpd The priority value is a value betwee n 0 and 255. In the HA suite, the value is set to 254 minus the number of ports that[...]
-
Page 237
be also reset. SEE ALSO zspconfig Ethernet Switch Blade User's Guide release 3.2.2j page 237[...]
-
Page 238
zqosd NAME zqosd – monitors tc(8) commands to implement classification filters and queuing disci plines in hardware. SYNOPSIS zqosd [-d <level>] [-p <port>] [-f] [-l] [-i <pid>] [-o <pid>] DESCRIPTION zqosd monitors commands entered by tc which set up queuing disciplines and c lassification filters for managing traffic in [...]
-
Page 239
SEE ALSO ztmd, tc(8), zfilterd Ethernet Switch Blade User's Guide release 3.2.2j page 239[...]
-
Page 240
zrc NAME zrc - Packet rate control SYNOPSIS zrc -b | -m | -d | -t | -a [-p <port>] [-v <vlan>] [-g <group>] [-M <mac_addr>] [-T <timeout>] [-D <level>] <rate> DESCRIPTION zrc sets rate control on Broadcast, Multicast and/or Destination Lookup Failure (DLF) packets. The rate is measured in the number of pac [...]
-
Page 241
zreg NAME zreg - Read and write registers and tables on the OpenArchite ct switch switching hardware. SYNOPSIS zreg [-p <ppa>] [-w] [-i <index>] [-t <index>] [-k] [-h <hostname>] [-d <level>] [-r 10] <reg> DESCRIPTION zreg allows a user to read and write direct and indi rect registers and tables on the resident s[...]
-
Page 242
default zreg configures the OpenArchitect switch that is locally connected (i.e., the one that is on the local PCI bus). -r 10 Sets numeric radix for registers to 10. Default is 16. -d <level> Set the level of debugging output produced by zreg. The default level is 1. Setting the debug level higher produces more output. The maximum level of o[...]
-
Page 243
zrld NAME zrld – ZNYX redirector daemon SYNOPSIS zrld [-d <level>] [-p <port>] [-f] DESCRIPTION zrld is used for remote management of OA/HA appl ications. OA/HA applications capable of remote management include zlc , ztats , zlmd . zrld only allows requests from hosts listed in /etc/rcZ.d/zrld_trusted_hosts . OPTIONS -d <level> [...]
-
Page 244
zsnoopd NAME zsnoopd - IGMP Snooping daemon for the OpenArchitect switch . SYNOPSIS zsnoopd [-d <level>] [-f] [-h <hostname>] [-p <ppa>] [-r <sec>] [-t <sec>] [-u <sec>] [-v <vlan_id>] DESCRIPTION zsnoopd is run after the network interfaces are created and initialized with zconfig , and started with ifconfi[...]
-
Page 245
-f Run zsnoopd in foreground. Default is to run it in background. -h <hostname> Connect to remote host <hostname>. -p <ppa> Start zsnoopd on switch <ppa>. Default is 0. -r <sec> Time to wait, in seconds, before removing a port with no router multicast traffic. Default is 260 seconds. -t <sec> Time to wait, in sec[...]
-
Page 246
zspconfig NAME zspconfig - configure and start surviving partner SYNOPSIS zspconfig [-d <level>] [-p <directory_path>] [-u <dhcp_interface>] [-c <dhclient.conf>] [-t <timeout>] [-s] [-v] -f <file> DESCRIPTION zspconfig is used to configure and start the Surviving Partner software. With the -f option a configurati[...]
-
Page 247
-t <timeout> Time to wait in seconds before giving up on finding a Surviving Partner to retrieve configuration information from. Only valid with the –u option. -s Do not ask for confirmation. Run from a script. -v Prints the current version of zspconfig. -f <file> The provided <file> is used as input to configure the Surviving P[...]
-
Page 248
A sibling_addresses statement is required for each VLAN created with t he zconfig commands. The two addresses in the list indic ate there are two switches in the Surviving Partner group. The first address 10.0.0.30 and 11.0.0.30 are assigned to the swit ch on which the configuration is being run. The remaining addresses are distri buted to the swit[...]
-
Page 249
monitor_only - Ports that are monitored but do not have a virtual address managed on them. They will not have their links brought down tempor arily during a failover scenario. These ports are only monitored. If a problem occ urs on this type of link it will cause a failover scenario. configure_only - Ports are configured as pe r the zconfig command[...]
-
Page 250
interconnect, it is not a bonding driver ena bled port, and therefore should be setup as an interconnect port type. To accompl ish this, the zre ports are listed to avoid conflicting port types. Note that a single line cannot contai n both zhp and zre definitions. Therefore rain link: zhp1, zre1..4 does not work and the definition zre1..8 is equiva[...]
-
Page 251
Additional startup scripts may be included in the configuration using the start_script command. The files in the start_script com mand will be placed in a location for tftp transfer to sibling switches that initialize us ing the –u option. A common use of the start_script comm and might be to propagate gated configurations to all m embers of the [...]
-
Page 252
distinguish potentially more than one backup switch. This configuration file is placed in /tftpboot, and is retrieved via DHCP by a replacement switch on boot up. /etc/rcZ.d/surviving_partner/dhcpd.conf Configuration script used by dhcpd when the switch becomes master. dhcpd is used to serve replacement switches their configuration scripts. Namely [...]
-
Page 253
zstack NAME zstack - Configures the OpenArchitect switch st acking. SYNOPSIS zstack [-h <host_name>] [-d <level>] [-a] [-t] [{-f <file>} | <configuration>] DESCRIPTION zstack combines multiple switch fabric chips into a s ingle virtual switch. zstack must be run before any other switch configuration. Speci fically it must be[...]
-
Page 254
semicolon-delimited statem ents. Each statement specifies an action to ta ke on a stack. A stack is a group of ports on a single switch fabric chip. Ac tions include stack creation, stack port association, stack configuration and sta ck control. Comments, spaces and new lines are i gnored. Comments begin with the # character and include characters [...]
-
Page 255
an equal number of ports in each list. Wild car ds may be used in the zre_lists . See below. Stack port association syntax for a Ether net Switch Blade: stack0: zre0..11 = zre0..11; stack1: zre12..23 = zre0..11; The first statement above configure s the first switch silicon chip, represented by stack0, to ha ve no translation between its physical p[...]
-
Page 256
are supported. enable; The enable statement turns on stac king that has been previously configured. This statement cannot be made until configuration is compl ete. disable; The disable statement turns off stacki ng. Before disabling stacking, all Ethernet Switc h Blade daemons must be stopped, and the VLAN configurations must be torn down using zco[...]
-
Page 257
zre lists . Example of stack0..3 representing stacks 0, 1, 2 and 3. SEE ALSO zconfig Ethernet Switch Blade User's Guide release 3.2.2j page 257[...]
-
Page 258
ztats NAME ztats − Display statistics and information about switch SYNOPSIS ztats [-d <level>] [-i <unit>] | [-m <port>] | [-v <vlan id>] | [-t <tgid>] | [-v] DESCRIPTION ztats displays MIB counters for a selected physic al port, trunk group or VLAN. It can also display information about the configurat ion of the swi[...]
-
Page 259
zsync NAME zsync − Saves changes to the flash. SYNOPSIS zsync [-c][-f][<dir_or_file>] zsync [-c][-f][-t <file>] zsync [-c][-f][-z] zsync [-c][-l] DESCRIPTION zsync is used to save a snapshot of the current file system to flash ROM. By default, zsync creates a compressed tar image of the files that have changed and saves the image in t[...]
-
Page 260
-t <file> Read files to be saved from a tar file. -z Zero the overlay area. -f Do not confirm with user and do not warn if saving failed. Exit code can be examined to determine success or failure. <dir_or_file> Save only the named file, or save the named directory to the overlay. Contents of directories must be created with zmnt . -l Li[...]
-
Page 261
ztmd NAME ztmd – traffic management daemon which accept s messages from traffic filtering and quality of service applications and se ts up hardware. SYNOPSIS ztmd [-d <level>] [-p <port>] [-f] [-i <pid>] [-o <pid>] [-a <addr>] [-l] DESCRIPTION ztmd listens for messages on a multicast port. These messages describe pac[...]
-
Page 262
SEE ALSO zqosd, iptables(8), tc(8), zfilterd Ethernet Switch Blade User's Guide release 3.2.2j page 262[...]
-
Page 263
brctl(8) NAME brctl - Bridge and Spanning Tree Protocol administration. SYNOPSIS brctl [options] DESCRIPTION brctl is used to set up, maintain, and display the bridge configuration in the Linux kernel. brctl is a standard command included wit h Linux bridge support which includes Rapid Spanning Tree Protocol (RSTP) support. A bridge is a device com[...]
-
Page 264
bridge will not send or receive BPDUs, and will thus not participate in the Spanning Tree Protocol. If your bridge isn't the only bridge on the LAN, or if there are loops in the LAN's topology, DO NOT turn this option off. Turning this option off may impair network traffic, so be careful. setbridgeprio <bridge> <priority> sets[...]
-
Page 265
SEE ALSO zconfig , zl2d Ethernet Switch Blade User's Guide release 3.2.2j page 265[...]
-
Page 266
Appendix B Base Switch Com mand Man Pages OpenArchitect applications are im plemented above the OpenArchitect libraries and the R MAPI interface. OpenArchitect applicati ons are used for normal operation of the switch, for runtime status and diagnostics, and for prototyping new a pplications development. For runtime operation, the OpenArchitect a p[...]
-
Page 267
vrrpconfig NAME vrrpconfig – Configure and control the running vrrpd SYNOPSIS vrrpconfig [-d <level>] -- <vrrpd parameters> vrrpconfig [-d <level>] [-k] [-a] [-p] [-s <vid>] DESCRIPTION vrrpconfig provides communication with a running vrrpd daemon. T he -- option for vrrpconfig will pass all parameters to vrrpd a s would b[...]
-
Page 268
EXAMPLES Here is an example of using the -- invocat ion method that changes the priority to 99 for the Virtual Router associated with the Virtual Router Identifier 1: vrrpconfig -- -v 1 –p 99 SEE ALSO vrrpd Ethernet Switch Blade User's Guide release 3.2.2j page 268[...]
-
Page 269
vrrpd NAME vrrpd – Virtual Router Redundancy Protocol Daemon SYNOPSIS vrrpd -i ifname -v vrid [-f piddir] [-s] [-a auth] [-p prio] [-nhb] [-I ifname] [-d delay] [-m address] [-M ] [-B] [-S script] [-c conf_file] [-D level] ipaddr DESCRIPTION vrrpd is an implementation of Virtual Re dundant Routing Protocol (VRRPv2) as specified in RFC2338. It run[...]
-
Page 270
other words there is a unique vrid to ifname associated with the –i option. -s Toggle preemption mode (Enabled by default). Preemption means that a Master switch will go to Backup if a current Backup has higher priority. -M Become MASTER when priority is equal. Be sure it is only set on one host or the switches will oscillate. Must set –B optio[...]
-
Page 271
spaces. The –n option overrides the change made with –m. The result of which to use the native MAC address of the interface. Using the –n option is not recommended. -D <level> Set debugging output to the supplied level <ipaddr> the ip address(es) of the virtual server SEE ALSO vrrpconfig Ethernet Switch Blade User's Guide rel[...]
-
Page 272
zbootcfg NAME zbootcfg − Modifies the boot parameters of t he OpenArchitect switch. SYNOPSIS zbootcfg -a | -d <device number> [<boot_string>] DESCRIPTION zbootcfg is used to display or modify the boot parame ters on the switch. The boot parameters are utilized by the minof boot loader a pplication to indicate on which device to find a[...]
-
Page 273
application flash. Typically this is required before updating application flash 1. B y booting the alternative image, if a fail ure occurs during the programming of application flash 1, rec overy is easier. zbootcfg -d 2 The next example passes the -i option to the booti ng kernel. This is useful when recovering from a mistake saved to the read-wri[...]
-
Page 274
zconfig NAME zconfig - Configures the OpenArchitect switch. SYNOPSIS zconfig [-h <host_name>] [-d <level>] [-a] [-t] [{-f <file>} | <configuration>] DESCRIPTION zconfig creates VLAN groups of switch ports or trunks. Each V LAN group forms a Layer 2 switching domain. Each VLAN group has a VLAN Identificat ion number (VID) tha[...]
-
Page 275
entered as parameters to zconfig . CONFIGURATION SYNTAX zconfig takes configuration data from standar d input or from a file with the -f option. In either case, the configuration syntax is the same. The zconfig configuration data consists of a list of semicolon-delimited sta tements. Each statement specifies an action to take globally or on an inte[...]
-
Page 276
A port member is identified with the zre<X> format, where x represents a port number between 0 and 23 for the in-band ports. The Out-of-Band ports cannot be included in the List of ports. teardown Removes the trunk interface, making the ports which were part of the trunk available for configuration in other trunks or VLANs. all mac [ source_a[...]
-
Page 277
Network Interface Statements The syntax for a network interface state ment is the interface name followed by a colon and a n action. Network interface state ments are used to create or tear down a VLAN group and can consist of one or a list of network interfac e names; followed by a colon and then an action. For example: zhp0: <Network Interface[...]
-
Page 278
The next statement creates a VLAN group with the VID number 100 and the network interface named zhp1 . This VLAN includes four switch ports, zre1, zre10, zre11, zre13. zhp0: vlan100 = zre1,zre10,zre11,zre13; The next statement adds two switch port s, zre1, zre2 and zre3, to an existing network interfac e and VLAN. zhp0: vlan100 = zre1..3; The next [...]
-
Page 279
tag are given the VLAN tag with the VID number 1, ent er: zre1=untag1; If port 0 is also a member of VLAN 100, packets f or VLAN 100 are sent from this port with a VLAN tag as part of their header. In the next example, the switch ports 10, 11, and tr unk 2 are configured as untagged members of VLAN 100. zre10,zre11,zrl2=untag100; This statement is [...]
-
Page 280
network interface, and all ports lis ted after the equal sign are included in each group. The following statement creates 14 VLAN groups with VID numbers 1-14. Each VLAN contains the same switch port, port 1, represente d as zre1 . zhp0 ..13: vlan1..14 = zre1; The plus (+) wildcard can be used with the las t port listed to auto-increment that port [...]
-
Page 281
The previous configuration can be used for creat ing a 14 port Layer 2 switch, all 14 ports assigned to the same VLAN. SEE ALSO zl3d Ethernet Switch Blade User's Guide release 3.2.2j page 281[...]
-
Page 282
zcos NAME zcos - class of service queue control SYNOPSIS zcos [-h <hostname>] [-d <level>] [ -u <default priority> ] [ -m q0,q1,q2,q3,q4,q5,q6,q7 ] [-n <queue length list in packets for each queue> | -b <Reserved space in bytes for each queue> | -s <limit on dynamic pool usage, in bytes>, <reset %>] [ -k PR[...]
-
Page 283
Each cos queue is limited in the numbe r of packets it can hold waiting scheduling; the memory used by each queue is managed to provide a guarant eed space with additional space shared among all queues for a port. OPTIONS Most options are optionally followed by a <port list>, which may include zre port ranges, like zre0..5 , individual ports,[...]
-
Page 284
Packets are first counted against the re served space for a queue. When that space is occupied, additional memory is used from the dynamic me mory pool until the dynamic pool usage limit f or the port is reached. Any additional packets received for the queue on this port are dropped. Metering and Scheduling -r <list of bandwidth guarantees in Kb[...]
-
Page 285
-q all | qmap | qinfo | scheduler [<port list>] Queries the current COS/QOS Settings. all - Displays all of the queue mappings, queue limi ts, metering and scheduling settings qmap - Displays the priority to COS queue mappings . qinfo - Displays queue limits for the COS queues . scheduler - Displays the traffic metering and s haping settings [...]
-
Page 286
zdog NAME zdog - Configure and send heartbeats to watchdog e nabled drivers. SYNOPSIS zdog [-d <level>] -h | -i <interval> | -n <heartbeats> zdog [-d <level>] -b zdog [-d <level>] -a DESCRIPTION zdog is used to configure the base switch wat chdog timer functions and to send heartbeats to the base switch watchdog driver[...]
-
Page 287
software component of zdog when launched from monit insures that monit is running to perform higher level tasks. And finally monit can be used to monitor any or all critical system resources and processes in the system. OPTIONS -d set debug level to <level> -h Toggle use of the hardware watchdog timer. Off by default. -i Time interval in mill[...]
-
Page 288
zffpcounter NAME zffpcounter —Query or clear one or more Fast Filter Processor (FFP) counters. SYNOPSIS zffpcounter -P <zre_port> [-p <ppa>] [-i <index>] [-h <hostname>] [-c] [-d <level>] DESCRIPTION The switch enforces filtering rules through the FFP. Each filtering rule may specify an FFP counter, to be incremented[...]
-
Page 289
EXAMPLES The first example queries all FFP counte r values. zffpcounter The output displays the initial stat e of the counters. Note that the counters are not initia lized on startup, Counter 0: 59602801 Counter 1: 83360091 Counter 2: 83361262 . . . Counter 29: 83074779 Counter 30: 81723249 Counter 31: 71007391 The next example clears all FFP count[...]
-
Page 290
Counter 30: 0 Counter 31: 0 iptables(8) is used to setup a rule, and associate that rule with a counter. For instance, add a rule to accept all packets from 10.0.0.11 a nd associate that rule with FFP Counter 1. iptables –A FORWARD –s 10.0.0.11 –j ZACTION -–accept –-counter 1 Start zfilterd to move the rule entere d with iptables(8) down [...]
-
Page 291
Counter 19: 0 Counter 20: 0 Counter 21: 0 SEE ALSO zirule, iptables(8) Ethernet Switch Blade User's Guide release 3.2.2j page 291[...]
-
Page 292
zfilterd NAME zfilterd - A daemon to use the filter hardware of the OpenArchitect switch for filtering based on iptables(8) rules. SYNOPSIS zfilterd [-d <level>] [-p <port>] [-f] [-l] [-i <pid>] [-o <pid>] DESCRIPTION zfilterd is a daemon that intercepts filte ring rules entered by the user, using iptables(8) , checks them f[...]
-
Page 293
zflash NAME zflash − Loads images into the flash ROMs on the OpenArc hitect switch. SYNOPSIS zflash -d <dev> [-o|-O <offset>] <image_file> <upgradeipmi.img> DESCRIPTION zflash enables you to program the flash ROMs on the switch. The switc h contains 3 flash ROM devices: the boot ROM flash, applicat ion flash 1 and applicat[...]
-
Page 294
Exercise caution when using this command, a s an error can render your switch inoperable. Do not interrupt this process until complete. SEE ALSO zbootcfg Ethernet Switch Blade User's Guide release 3.2.2j page 294[...]
-
Page 295
zgmrpd NAME zgmrpd - GARP Multicast Registration Protoc ol (GMRP) daemon for the OpenArchitect switch. (Partially supported in this release .) SYNOPSIS zgmrpd [-d <level>] [-f] [-h <hostname>] [-p <ppa>] [-t <target>] DESCRIPTION zgmrpd is run after the network interfaces are created and initialized with zconfig , and starte[...]
-
Page 296
Only the GARP normal registration mode is cur rently supported. Multiple instances of zgmrpd may run concurrent ly provided the targets are unique. However, zgmrpd cannot run concurrently with zsnoopd . See zsnoopd . OPTIONS -d <level> Sets the level of debugging output required by zgmrpd. The default level is zero (0). Setting the debug leve[...]
-
Page 297
zgr NAME zl2, zl2mc, zl3host, zl3net, zvlan – Formatted display of OpenArchitect generic tables. zl2 displays the abstraction API’s layer 2 ta ble. zl2mc displays the abstraction API’s layer 2 multi cast table. zl3host displays the abstraction API’s layer 3 host route table. zl3net displays the abstraction API’s layer 3 net work route tab[...]
-
Page 298
Several options are available whi ch enable the user to display only selected entries. Addit ionally, there is an option that clears user -specified entries in the table. OPTIONS -i <index> Displays the entry at the <index> position in the table. Valid for all tables. Cannot be combined with -m, -P or -v . -m <mac_address> Display[...]
-
Page 299
zl2 Be careful, the -c option does not ask. The foll owing command deletes all entries in the zl2 table: zl2 -c SEE ALSO zal Ethernet Switch Blade User's Guide release 3.2.2j page 299[...]
-
Page 300
zgvrpd NAME zgvrpd - GARP VLAN Registration Protocol (GVRP) da emon for the OpenArchitect switch. SYNOPSIS zgvrpd [-d <level>] [-f] [-h <hostname>] [-p <ppa>] [-t <target>] DESCRIPTION zgvrpd is run after the network interfaces are created and initialized with zconfig , and started with ifconfig(1M).zgvrpd starts a backgroun[...]
-
Page 301
default level is zero (0). Setting the debug level higher produces more output. Five (5) is currently the maximum output level. -f Run zgvrpd in foreground. Default is to run it in background. -h <hostname> Connect to remote host <hostname>. -p <ppa> Start zgvrpd on switch <ppa>. Default is 0. -t <target> Enable GVRP o[...]
-
Page 302
zl2d NAME zl2d - Layer 2 daemon for the OpenArchitect switch. SYNOPSIS zl2d [start | stop] [-t <msecs>] [-d <level>] [-f] [-p <priority>] <iface..> DESCRIPTION zl2d is run after the network interfaces are created and initialized with zconfig . zl2d creates a Linux bridge for each interf ace using brctl(8) . The bridge name i[...]
-
Page 303
OPERATIONS zl2d manages the Spanning Tree state fi elds in the switch of each port within the bridge(s). Based on a timer, zl2d reads the port inform ation for each Linux bridge and updates the switch when necessary. EXAMPLES In the following example, zl2d creates a Linux bridge named b zhp0 which includes all of the zre<n> devices previously[...]
-
Page 304
zl3d NAME zl3d - Layer 3 daemon for the OpenArchitect switch. SYNOPSIS zl3d [-h <host_name>] [-t <msecs>] [-b] [-e] [-l] [-n] [-d <level>] <iface ..> DESCRIPTION zl3d is run after the network interfaces are created and initialized with zconfig , and started with ifconfig(1M). zl3d listens for Netlink messages from the kernel[...]
-
Page 305
produces more output. Four (4) is currently the maximum output level. <iface…> The network interfaces on which zl3d should operate. These network interfaces must first be created by zconfig. zl3d does not operate with standard network interface cards. It only works on switch network interfaces created by zconfig. It uses the same syntax as [...]
-
Page 306
zlc NAME zlc − link and LED control SYNOPSIS zlc [-h <hostname>][-d <level>][-x] <port_list> <action> [on | off ] zlc [-h <hostname>][-d <level>][-x] <action> [on | off |clear] zlc [-h <hostname>][-d <level>][-x] [state|query] DESCRIPTION The zlc application sets the link speed a nd state of i[...]
-
Page 307
must be down to change the speed. Assuming zre1 i s part of interface zhp0 , ifconfig zhp0 down zlc zre1 100fd The external fault, internal fault , and ok LEDs can be set on a per port basis or globally . To set the external fault LED for a particul ar port, zlc zre1 extfault on To query the settings of a particular port, zlc zre1 query Global Sett[...]
-
Page 308
zlmd NAME zlmd − monitor link changes or hot swap events. SYNOPSIS zlmd [-h <hostname>] [-b] [-d <level>] {-f <file>} | <configuration> DESCRIPTION The zlmd application is intended to run as a daem on, waiting for a configured event to occur and then running the program configured for that event. The e vents monitored are [...]
-
Page 309
<port-list> A list of ports in the same forms supported by zconfig, e.g. zre1,zre2 or zre10..14 <program> Path to an executable program or script to be run when the event occurs. Note: An absolute path to <program> is required. The program will be called with the following parameters: For Link Changes: <program> <ppa> [...]
-
Page 310
zlogrotate NAME zlogrotate − Rotates log files. SYNOPSIS zlogrotate [-b] [-t time] [-s segment size] [-n # of files] [-f file to rotate] DESCRIPTION zlogrotate rotates the selected file every [t ime] seconds if the file is larger than [se gment size]. It will keep only the number of fi les selected. zlogrotate is called from /etc/init.d/r cS by d[...]
-
Page 311
zmirror NAME zmirror - Set packet mirroring on an ingress or egress port SYNOPSIS zmirror -a | -t zmirror [-e] <from_list> <to_port> DESCRIPTION zmirror sets packet mirroring from a given set of ports to one given port . Turning on packet mirroring causes a copy of the packet to be se nt to the to port. Any number of from ports can be m[...]
-
Page 312
zmirror zre1, zre2, zre3 cpu Is the same as: zmirror zre1 cpu zmirror zre2 cpu zmirror zre3 cpu Multiple mirroring setups can be ma de. The following example will mirror port 1 traffic to port 11 and port 2 traffic to port 12. zmirror zre1 zre10 zmirror zre2 zre11 Setting a different to port will ove rwrite the previous setting. Given the last setu[...]
-
Page 313
, (comma) Use for creating lists .. (dot-dot) Specifies an inclusive range Below are some examples for the correct usage of the comma (,) and dot-dot (..). Each line below produces the same results: zre1, zre2, zre3, zre4 zre1..4 zre1, zre2..4 zre1..2, zre3..4 SEE ALSO tcpdump(1M) Ethernet Switch Blade User's Guide release 3.2.2j page 313[...]
-
Page 314
zmnt NAME zmnt − Expands the read/write files onto the RAM dis k. SYNOPSIS zmnt [-c] <directory> zmnt [-c] -t <file> zmnt [-c] –l DESCRIPTION zmnt expands files from flash onto the RAM disk that have been previ ously saved with zsync . The init process runs zmnt to expand the files in fla sh onto RAM file system. The user may use zm[...]
-
Page 315
zmnt –t overlay.tar The resulting tar file can now be saved on a dif ferent host as a snapshot of the overlay at that point in time. Use zsync to restore the ove rlay on the switch: zsync –t overlay.tar The restored overlay will be used upon the ne xt reboot. SEE ALSO zsync Ethernet Switch Blade User's Guide release 3.2.2j page 315[...]
-
Page 316
zpeer NAME zpeer – Application for High Availability comm unication between the Fabric and Data switches. SYNOPSIS zpeer [-d <level>] local|peer <command> <value>|query zpeer [-d <level>][-a][-r] DESCRIPTION zpeer is used to pass bidirectional High Availabi lity(HA) state and priority information between the base and fabri[...]
-
Page 317
displayed by query, but must be set at initial ization. After setting the healthy state, the query will retur n the backup state. backup Used to reflect the backup state of vrrpd master Used to reflect the master st ate of vrrpd The priority value is a value betwee n 0 and 255. In the HA suite, the value is set to 254 minus the number of ports that[...]
-
Page 318
be also reset. SEE ALSO zspconfig Ethernet Switch Blade User's Guide release 3.2.2j page 318[...]
-
Page 319
zqosd NAME zqosd – monitors tc(8) commands to implement classification filters and queuing disci plines in hardware. SYNOPSIS zqosd [-d <level>] [-p <port>] [-f] [-l] [-i <pid>] [-o <pid>] DESCRIPTION zqosd monitors commands entered by tc which set up queuing disciplines and c lassification filters for managing traffic in [...]
-
Page 320
SEE ALSO ztmd, tc(8), zfilterd Ethernet Switch Blade User's Guide release 3.2.2j page 320[...]
-
Page 321
zrc NAME zrc - Packet rate control SYNOPSIS zrc -b | -m | -d | -t | -a [-p <port>] [-v <vlan>] [-g <group>] [-M <mac_addr>] [-T <timeout>] [-D <level>] <rate> DESCRIPTION zrc sets rate control on Broadcast, Multicast and/or Destination Lookup Failure (DLF) packets. The rate is measured in the number of pac [...]
-
Page 322
zreg NAME zreg - Read and write registers and tables on the OpenArchite ct switch switching hardware. SYNOPSIS zreg [-p <ppa>] [-w] [-i <index>] [-t <index>] [-k] [-h <hostname>] [-d <level>] [-r 10] <reg> DESCRIPTION zreg allows a user to read and write direct and indi rect registers and tables on the resident s[...]
-
Page 323
connected (i.e., the one that is on the local PCI bus). -r 10 Sets numeric radix for registers to 10. Default is 16. -d <level> Set the level of debugging output produced by zreg. The default level is 1. Setting the debug level higher produces more output. The maximum level of output is currently 4. OPERANDS <reg> If no –i, -t, or –[...]
-
Page 324
zrld NAME zrld – ZNYX redirector daemon SYNOPSIS zrld [-d <level>] [-p <port>] [-f] DESCRIPTION zrld is used for remote management of OA/HA appl ications. OA/HA applications capable of remote management include zlc , ztats , zlmd . zrld only allows requests from hosts listed in /etc/rcZ.d/zrld_trusted_hosts . OPTIONS -d <level> [...]
-
Page 325
zsnoopd NAME zsnoopd - IGMP Snooping daemon for the OpenArchitect switch . SYNOPSIS zsnoopd [-d <level>] [-f] [-h <hostname>] [-p <ppa>] [-r <sec>] [-t <sec>] [-u <sec>] [-v <vlan_id>] DESCRIPTION zsnoopd is run after the network interfaces are created and initialized with zconfig , and started with ifconfi[...]
-
Page 326
-f Run zsnoopd in foreground. Default is to run it in background. -h <hostname> Connect to remote host <hostname>. -p <ppa> Start zsnoopd on switch <ppa>. Default is 0. -r <sec> Time to wait, in seconds, before removing a port with no router multicast traffic. Default is 260 seconds. -t <sec> Time to wait, in sec[...]
-
Page 327
zpeer peer state query The output from the above command during the boot process would be “unhealthy” The -a option can be used to display a complete listing of all state and priority information and internal information that can be use d for debugging. Here is example output from the -a option. Local/Write Peer/Read priority 203 231 state mast[...]
-
Page 328
zspconfig NAME zspconfig - configure and start surviving partner SYNOPSIS zspconfig [-d <level>] [-p <directory_path>] [-u <dhcp_interface>] [-c <dhclient.conf>] [-t <timeout>] [-s] [-v] -f <file> DESCRIPTION zspconfig is used to configure and start the Surviving Partner soft ware. With the -f option a configurat[...]
-
Page 329
finding a Surviving Partner to retrieve configuration information from. Only valid with the –u option. -s Do not ask for confirmation. Run from a script. -v Prints the current version of zspconfig. -f <file> The provided <file> is used as input to configure the Surviving Partner. See the next section on CONFIGURATION FILE for the synt[...]
-
Page 330
A sibling_addresses statement is required for each VLAN c reated with the zconfig commands. The two addresses in the list indicate there are two switches in the Surviving Pa rtner group. The first address 10.0.0.30 and 11.0.0.30 are assigned to the sw itch on which the configuration is being run. The remaining addres ses are distributed to the swit[...]
-
Page 331
monitor_only - Ports that are monitored but do not have a virtual address managed on them. They will not have their links brought down tempor arily during a failover scenario. These ports are only monitored. If a problem occ urs on this type of link it will cause a failover scenario. configure_only - Ports are configured as pe r the zconfig command[...]
-
Page 332
interconnect, it is not a bonding driver ena bled port, and therefore should be setup as an interconnect port type. To accompl ish this, the zre ports are listed to avoid conflicting port types. Note that a single line cannot contai n both zhp and zre definitions. Therefore RAINlink: zhp1, zre1..4 does not work and the definition zre1..8 is equival[...]
-
Page 333
Coordination between the data and fabr ic switches can be enabled by setting the board_synchronization_mode . Possible modes are “off” and “basic”. B oard synchronization is off by default. When board sync hronization is put into basic mode, HA events on the base switch are coordinated with the HA events on the fabric switch. The behavior o[...]
-
Page 334
files run the Surviving Partner. This is a li st of all configuration and script files: /etc/rcZ.d/S70Surviving_partner The main startup script that starts the Surviving Partner by running zconfig, ifconfig, zlmd and vrrpd. zspconfig prompts the user to run this script. This file can be saved with zsync to automatically start the Surviving Partner [...]
-
Page 335
Ethernet Switch Blade User's Guide release 3.2.2j page 335[...]
-
Page 336
zstack NAME zstack - Configures the OpenArchitect switch st acking. SYNOPSIS zstack [-h <host_name>] [-d <level>] [-a] [-t] [{-f <file>} | <configuration>] DESCRIPTION zstack combines multiple switch fabric chips into a s ingle virtual switch. zstack must be run before any other switch configuration. Speci fically it must be[...]
-
Page 337
semicolon-delimited statem ents. Each statement specifies an action to ta ke on a stack. A stack is a group of ports on a single switch fabric chip. Ac tions include stack creation , stack port association , stack configuration and stack control . Comments, spaces and new lines are i gnored. Comments begin with the # character and include character[...]
-
Page 338
semicolon are two zre_lists separated by an equal si gn. The first is the list of virtual port names, the second is the physical port names. The assignment is done in order, and there must be an equal number of ports in each list. Wild car ds may be used in the zre_lists . See below. Stack port association syntax for a base sw itch: stack0: zre0..1[...]
-
Page 339
Stack Control Statements Finally after creating the sta ck, associating the ports, and setting the stack confi guration, the stack can be enabled using one of the Stack Cont rol statements. The following stack control state ments are supported. enable; The enable statement turns on stac king that has been previously configured. This statement canno[...]
-
Page 340
ztats NAME ztats − Display statistics and information about switch SYNOPSIS ztats [-d <level>] [-i <unit>] | [-m <port>] | [-v <vlan id>] | [-t <tgid>] | [-v] DESCRIPTION ztats displays MIB counters for a selected physic al port, trunk group or VLAN. It can also display information about the configurat ion of the swi[...]
-
Page 341
zsync NAME zsync − Saves changes to the flash. SYNOPSIS zsync [-c][-f][<dir_or_file>] zsync [-c][-f][-t <file>] zsync [-c][-f][-z] zsync [-c][-l] DESCRIPTION zsync is used to save a snapshot of the current file system to flash ROM. By default, zsync creates a compressed tar image of the files that have changed and saves the image in t[...]
-
Page 342
OPTIONS -c Save files to the custom overlay -t <file> Read files to be saved from a tar file. -z Zero the overlay area. -f Do not confirm with user and do not warn if saving failed. Exit code can be examined to determine success or failure. <dir_or_file> Save only the named file, or save the named directory to the overlay. Contents of d[...]
-
Page 343
ztmd NAME ztmd – traffic management daemon which acc epts messages from traffic filtering and qua lity of service applications and sets up hardwa re. SYNOPSIS ztmd [-d <level>] [-p <port>] [-f] [-i <pid>] [-o <pid>] [-a <addr>] [-l] DESCRIPTION ztmd listens for messages on a multicast port. These messages describe pa[...]
-
Page 344
SEE ALSO zqosd, iptables(8), tc(8), zfilterd Ethernet Switch Blade User's Guide release 3.2.2j page 344[...]
-
Page 345
brctl(8) NAME brctl - Bridge and Spanning Tree Protocol administration. SYNOPSIS brctl [options] DESCRIPTION brctl is used to set up, maintain, and display the bridge configuration in the Linux kernel. brctl is a standard command included wit h Linux bridge support including Rapid Spanning Tree Protocol (RSTP). A bridge is a device commonly used to[...]
-
Page 346
makes the interface a port of the bridge. This means that all frames received on the interface will be processed as if destined for the bridge. Also, when sending frames on the bridge, the interface will be considered as a potential output interface. For the OpenArchitect switch, <interface> is zhp0, zhp1, … IMPORTANT: This option must only[...]
-
Page 347
setmaxage <bridge> <time> sets the bridge's maximum message age to <time> seconds. setpathcost <bridge> <port> <cost> sets the port cost of the port to <cost>. This is a dimensionless metric. The path cost is set to 100 for all OpenArchitect switch ports by default. IEEE 802.d recommends the following:[...]
-
Page 348
Appendix C Intellig ent Platform Management Interface The Ethernet Switch Blade provides Inte lligent Platform Management Interface (I PMI) support. IPMI circuitry provides: • The communication channel between the Base board Management Controller (BMC) and the CPU for management. • Data storage, SDRR, FRU, access. • Sensor readings. IPMI circ[...]
-
Page 349
M States M5 Deactivation r equest (e.g. hot swap ejector opened) M6 Deactivation gr anted by ShMC M7 Unexpected los s of communication between FRU and ShMC Table C.1.: IPMI M States Peripheral Management Controller Functi onal Support The following IPMI commands are implemented in vers ion 1.00: PMC Controller Support Command Code Sensor # Status N[...]
-
Page 350
Sensor Reading Example This is an example of how to structure a c ommand and response to determine a sensor value. In this example, a GetSensorReading com mand is sent from BMC (address 20h in this example), to the switch in slot 2 (geographical addre ss is B2h) to read the temperature sensor, which is assigned to sensor number 60h. Standard IPMI C[...]
-
Page 351
Standard IPMI Response: GetSensorReading Byte Data Field D escription 1 rqAddr 20h 2 netFn/Lun 16h 3 check1 CAh 4 rsAddr B2h 5 seq no 06 6 command 2Dh 7 completion code 00h 8 sensor reading 1Bh -> 27 Celsius degree 9 optional data byte C0h scanning is enabled 10 optional data byte C0h 11 optional data byte 00 12 checksum2 80h Table C.4: GetSenso[...]
-
Page 352
Structure of Standard IPMI Commands: From BMC to PMC Structure of Standard IPMI Commands BMC - PMC Byte Data Field D escription 1 rsAddr <slot’s IPMB addr> 2 netFn/Lun <netFn> 3 check1 <chksm1> 4 rqAddr <sw_id> 5 seq no <seq> 6 command <cmd> 7 optional dat a byte <arg1> 7+x optional data bytes <argN>[...]
-
Page 353
Event Generator The PMC’s event generator is disabled until it receives a SetEventReceiver command from BMC for Event Receiver’s slave address and LUN. If the event generator is enabled, PMC reports significant events to the BMC a synchronously. The standard IPMI platform event message format is used. IPMB Event message format Structure of even[...]
-
Page 354
Version 2.x supports three FRU Inventory Device Com mands: Get FRU Inventory Area Info Read FRU Data Write FRU Data The spare SEEPROM space is allocated as fol lows: Spare SEEPROM Space Allocation Space for Start address End address Size Notes VPD 0 0x3FF 0x400 (1Kbytes) FRU 0x400 0x13FF 0x1000 (4kbytes) Parameters 0x1400 0x17FF 0x400 (1 Kbytes) At[...]
-
Page 355
IPMB Override Status Data 5= Clock low time out; 6=under test; 7=Undiagnosed communications failure Table C.9.: IPMB Override Status Data Ethernet Switch Blade User's Guide release 3.2.2j page 355[...]
-
Page 356
Index Index adduser........................................................................................................................................................................................... ...............................................................................................................................................[...]
-
Page 357
Index Network Time Protocol..................................................................................................................................................... 72, 131 NFS..................................................................................................................................................................[...]
-
Page 358
Index tc 62, 113 The U32 Filter................................................................................................................................................................... 66, 124 thttpd.............................................................................................................................................[...]
-
Page 359
Index ztmd......................................................................................................................................................................................... 301 zvlan.................................................................................................................................................[...]