Ir para a página of
Manuais similares
-
Switch
Alcatel-Lucent 6850-P24
34 páginas 1.38 mb -
Switch
Alcatel-Lucent 1850 TSS-5
12 páginas 0.93 mb -
Switch
Alcatel-Lucent 6850-48
34 páginas 1.38 mb -
Switch
Alcatel-Lucent 7670 RSP
4 páginas 0.36 mb -
Switch
Alcatel-Lucent 7250 SAS
6 páginas 0.62 mb -
Switch
Alcatel-Lucent 4504
4 páginas 0.15 mb -
Switch
Alcatel-Lucent OmniSwitch 6850-48
34 páginas 1.45 mb -
Switch
Alcatel-Lucent 1662
12 páginas 1.27 mb
Bom manual de uso
As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Alcatel-Lucent 6600. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoAlcatel-Lucent 6600 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.
O que é a instrução?
A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Alcatel-Lucent 6600 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.
Infelizmente, pequenos usuários tomam o tempo para ler o manual Alcatel-Lucent 6600, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.
Então, o que deve conter o manual perfeito?
Primeiro, o manual Alcatel-Lucent 6600 deve conte:
- dados técnicos do dispositivo Alcatel-Lucent 6600
- nome do fabricante e ano de fabricação do dispositivo Alcatel-Lucent 6600
- instruções de utilização, regulação e manutenção do dispositivo Alcatel-Lucent 6600
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes
Por que você não ler manuais?
Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Alcatel-Lucent 6600 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Alcatel-Lucent 6600 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Alcatel-Lucent na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Alcatel-Lucent 6600, como para a versão papel.
Por que ler manuais?
Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Alcatel-Lucent 6600, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.
Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Alcatel-Lucent 6600. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação
Índice do manual
-
Página 1
Part No. 060179-10, Rev. F April 2006 OmniSwitch 6600 Family Network Configuration Guide www.alcatel.com[...]
-
Página 2
i i O mniSw i t ch 6 6 00 Fa m ily Network Co n f igu r ation Gui d e Ap r il 2 0 06 This user guide docume nts release 5.4 of the OmniSwitch 6600 Family Ne twork Configuration Guide. The functionality described in this guid e is subject to change without notice. Copyright © 2006 by Alcatel Internet working, Inc. All rights reserved . This documen[...]
-
Página 3
OmniSwitch 6600 Family Network Configurati on Guide April 2006 iii Contents About This Guide ...................... ................ ................ ................... ................ .............. xxv Supported Platforms ................... ............... .................... ............... .................... .............. xxv Who Should [...]
-
Página 4
Contents iv OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Setting Interface Line Sp eed .......... ................ ................... ................ ................... 15-16 Configuring Duplex Mode ............. ................ ................... ................ ................... 15-17 Enabling and Disabling Interfaces ..[...]
-
Página 5
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 v Configuring the Number of MAC Addresses Allowed .................... .................... ......... 17-8 Configuring Authorized MAC Addresses ......... ................ ................... ................ ......... 17-8 Configuring an Auth orized MAC Address Range ..........[...]
-
Página 6
Contents vi OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Spanning Tree Operating Modes .............................. ............... .................... ................ . 19-9 Using the Flat Spanning Tree Mode .......... ................ ................... ................ ......... 19-9 Using 1x1 Spanning Tree Mode ..........[...]
-
Página 7
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 vii MST Interoperability and Migration ..................... ................... ................ ................... 20-12 Migrating from Flat Mode STP/RSTP to Flat Mode MSTP ................. ............... 20-12 Migrating from 1x1 Mode to Flat Mode MSTP ....................[...]
-
Página 8
Contents viii OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Custom (User Defined) Rules ................. ................... ................ .................... . 22-7 Port Rules ................. ................... ................ ................... ................ ................. 22-7 Understanding VLAN Rule Precedence .[...]
-
Página 9
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 ix Chapter 10 Using Interswitch Protocols ............... ................ ................... ................ ................ . 24-1 In This Chapter ....... ................ ................... ................ ............... .................... ................ . 2 4-1 AI[...]
-
Página 10
Contents x OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Adding Ports to a Static Aggregate Gr oup .. ................... ................ ................. 26-9 Removing Ports from a Static Aggregat e Group ................ .................... ....... 26-14 Modifying Static Aggregatio n Group Parameters ..........................[...]
-
Página 11
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 xi Modifying the Partner Port System ID ....................... .................... ............... 27-30 Modifying the Partne r Port System Priority ........ ................... ................ ....... 27-31 Modifying the Partne r Port Administrative Status .................[...]
-
Página 12
Contents xii OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Displaying UDP Information ..... .................... ................... ................ ................... 28-24 Verifying the IP Configuration ............. .................... ............... .................... ............... 28-24 Chapter 15 Configuring IPv6 ....[...]
-
Página 13
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 xiii RIP Options .................... ............... .................... ................ ................... ................ ......... 30-9 Configuring the RIP Forced Hold-down Interval ...... ............... .................... ......... 30-9 Enabling a RIP Host Route ...[...]
-
Página 14
Contents xiv OmniSwi tch 6600 Family Network Configuration Guid e April 2006 DHCP Relay Overview ................. .................... ................ ................... ................ ......... 32-5 DHCP .............. .................... ............... ................ ................... ................ ................ . 32-5 DHCP and t[...]
-
Página 15
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 xv VRRP Tracking ............... ............... ............ .... ................... ................ ................ ..... 3 3-7 Interaction With Othe r Feature s .................... ................ ............... .................... ............. 33-7 Configuration Ove[...]
-
Página 16
Contents xvi O mniSwitch 6600 Family Network Configuration Guid e April 2006 Retrieving Directory Search Results ....................... ............... .................... ... 34-18 Directory Modificat ions .............. ................ ................... ................ ............... 34-18 Directory Compare and Sort ................ ......[...]
-
Página 17
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 xvii Configuring the Server Aut hority Mode ........... .................... ............... .................... ... 35-32 Configuring Single Mode ............... .................... ............... .................... ............... 35-32 Configuring Multiple Mode ....... [...]
-
Página 18
Contents xviii OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Modifying Policy Servers ...... ............... .................... ................... ................ ................. 37-4 Modifying LDAP Policy Server Parameters .................. ................... .................... . 37-4 Disabling the Policy Server From Dow[...]
-
Página 19
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 xi x Returning the Global Configuration to Defaults .... ....................... ................ ....... 38-18 Verifying Global Settings ............................... ................... ................ ................... 38-19 QoS Ports and Queues ........................[...]
-
Página 20
Contents xx O mniSwitch 6600 Family Network Configuration Guid e April 2006 Policy Applications ............................... ................ ................... ................ ................... 38-49 Basic QoS Policies ...... ................... ................ ................ ................... ................ ... 38-49 Basic Commands [...]
-
Página 21
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 xx i Chapter 26 Configuring IP Multicast Switching ..................... ............... ................ ................ . 40-1 In This Chapter ....... ................ ................... ................ ............... .................... ................ . 4 0-1 IPMS Spe[...]
-
Página 22
Contents xxii OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Chapter 27 Diagnosing Switch Problems ................ ................ ............... .................... ............. 41-1 In This Chapter ....... ................ ................... ................ ............... .................... ................ . 4 1-1 Port [...]
-
Página 23
Contents OmniSwitch 6600 Family Network Configurati on Guide April 2006 xxiii Enabling or Disabling RMON Probes ........................ ................... ................ ....... 41-27 Displaying RMON Tables .......................... ................ ................... ................ ....... 41-28 Displaying a List of RMON Probes ...........[...]
-
Página 24
Contents xxiv O mniSwitch 6600 Family Network Configuration Guide April 2006 Configuring Debug Memory Commands ...................... ............... .................... ............. 43-4 Enabling/Disabl ing Memory Monitoring Function s ...... ............... ................ ......... 43-4 Displaying the Memory Monitor Log ......................[...]
-
Página 25
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page xxv About This Guide This OmniSwitch 6600 F amily Network Con figuration Guid e describes how to set up and moni tor soft- ware features that will allow your sw itch to operate in a live network envi ronment. The so ftware feat ures described in this manual are shipped stan dard wi[...]
-
Página 26
Who Should Read this Manual? About This Guide page xxvi OmniSwitch 6600 Family Network Configuration Guide April 2006 Unsupported Platforms The information i n this guide d oes not app ly to the fo llowing prod ucts: • OmniSwitch (original version with no numeric model name) • OmniSwitch 6800-24 • OmniSwitch 6800-48 • OmniSwitch 6800-U 24 ?[...]
-
Página 27
About This Guide What is in this Manual? OmniSwitch 6600 Family Network Configurati on Guide April 2006 page xxvii What is in this Manual? This configuration guide includes informatio n about config uring the followi ng features: • VLANs, VLAN router ports, mob ile ports, and VLAN rules. • Basic Layer 2 functi ons, such as Ethern et port para m[...]
-
Página 28
What is Not in this Manual? About This Guide page xxviii OmniSwitch 6600 Family Network Configuration Guide April 2006 What is Not in this Manual? The configuration p rocedures in this manual use Command Line Interface (CLI) commands in all exam- ples. CLI commands are text-based commands used to manage the swit ch through serial (console port) con[...]
-
Página 29
About This Guide Documentation Roadmap OmniSwitch 6600 Family Network Configurati on Guide April 2006 page xxix Documentation Roadmap The OmniSwitch user document ation suite was designed to supply you with in formation at severa l critical junctures of t he configuration p rocess. The followi ng section outlines a roadma p of the manuals t hat wil[...]
-
Página 30
Documentation Roadmap About This Guide page xxx OmniSwitch 6600 Family Network Configuration Guide April 2006 Stage 3: Integrating the Switch Into a Network Pertinent Documentation: OmniSw itch 6600 Family Netw ork Configur ation Guide OmniSwitch 66 00 Family Adv anced Rout ing Configura tion Guide When you are ready to conn ect your switch to the [...]
-
Página 31
About This Guide Related Documentation OmniSwitch 6600 Family Network Configurati on Guide April 2006 page xxxi Related Documentation The following are the titl es an d descript ions of all the OmniSwitch 660 0 Family user ma nuals: • OmniSwitch 66 00 Family Getti ng Started Guid e Describes the hardware and software pro cedures for getti ng an O[...]
-
Página 32
Related Documentation About This Guide page xxxii OmniSwitch 6600 Family Network Configuration Guide April 2006 • OmniSwitch 66 00 Family Advanced Routing Config uration Gu ide Includes network configuration p rocedures and d escri ptive informa tion on all the software f eatures and protocols included in the advan ced routing softwa re package O[...]
-
Página 33
About This Guide User Manuals Web Site OmniSwitch 6600 Family Network Configurati on Guide April 2006 page xxxiii User Manuals W eb Site All related use r guides for the Omn iSwitch 6600 Fa mily can be found on ou r web site at http://www.alca tel.com/enterprise/e n/resource_lib rary/user_manuals.h tml All documenta tion on the Us er Manual web si [...]
-
Página 34
Technical Support About This Guide page xxxiv OmniSwitch 660 0 Family Network Configuration Guide April 2006[...]
-
Página 35
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-1 1 Configuring Ethernet Por ts The Ethernet software is re sponsible for a variety of funct ions that suppor t the Ethernet an d Gigabit Eth er- net ports on OmniSwitch 6600 Family switches. These functions include diagnostics, so ftware load ing, initializatio n, configuratio n[...]
-
Página 36
Ethernet Specifications Configuring Ethernet Ports page 1-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Ethernet Specifications IEEE Standards Supported 802.3 Carrier Sense Multiple Acce ss with Collision Detection (CSMA/CD) Ports Supported Ethernet (10 Mbps) Fast Ethernet (100 Mbps) Gigabit Ether net (1 Gb/1000 Mbps) . 2-Port Gi[...]
-
Página 37
Configuring Ethernet Ports Ethernet Port Defaults OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-3 Ethernet Por t Defaults The following ta ble shows Ethern et port defa ult values. Parameter Description Comma nd Default V alue/Comments T rap Port Link Messages trap port link Disabled Flow Control flow Disabled Flow Control W[...]
-
Página 38
Configuring Ethernet Ports Tutorial Configuring Ethernet Ports page 1-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Ethernet Por ts T utorial This tutoria l describes typic al steps involv ed in conf iguring an Ethern et port. This example pres umes that slot (switch) 1 , port 1 is an Ethernet po rt. 1 This step co nf[...]
-
Página 39
Configuring Ethernet Ports Configuring Ethernet Ports Tutorial OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-5 Note. Optional. To verify the Ethe rnet port co nfiguration, use the show interfaces command. The display is similar to the one shown belo w, and provides additi onal statistics ab out received and transmi tted byte[...]
-
Página 40
Ethernet Ports Overview Configuring Ethernet Ports page 1-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Ethernet Por ts Over view This chapter descri bes the Ethernet software CLI command s used for configuring and monitoring your switch’s Ethern et port paramete rs. These commands all ow you to ha ndle administ rative or port-[...]
-
Página 41
Configuring Ethernet Ports Et hernet Ports Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-7 OmniSwitch 6624 The OmniSwitch 6624 provi des 24 10/100 Mb ps ports and two expansi on slots. The expansion slot s are empty by default. Opt ionally, they can hold eit her four Gigabit Ethernet ports or two Gigabit Ethernet po[...]
-
Página 42
Ethernet Ports Overview Configuring Ethernet Ports page 1-8 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 OmniSwitch 6600-P24 The OmniSwi tch 6600-P24 provides 24 10/1 00 Mbps Power over Ethernet (PoE ) ports and t wo expansion slots. The expa nsion slots are empt y by defa ult. Optiona lly, they can hold either four Gigabit Ethern[...]
-
Página 43
Configuring Ethernet Ports Et hernet Ports Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-9 OmniSwitch 6602-48 The OmniSwi tch 6602-48 p rovides 48 10/1 00 Mbps po rts, two Gigabit M iniGBIC ports, and two stack - ing ports. Port number s 1 through 48 suppor t both 10 Mbps Ethernet and 100 Mbps Fast Eth ernet inter- [...]
-
Página 44
Ethernet Ports Overview Configuring Ethernet Ports page 1-10 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 V alid Port Settings This table below lists valid sp eed, duplex, an d auto nego tiation settings for the different O mniSwitch 66 00 Family port types. Chassis T ype (Port Nos.) Port T ype User -Specified Port Speed (Mbps) S[...]
-
Página 45
Configuring Ethernet Ports Et hernet Ports Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-11 OmniSwit ch 6600-U24 (ports 1–24) 100 Mbps fiber SFP ports 100 full/half Y es OmniSwit ch 6600-U24 (ports 25–26) W ire-rate when an OS6600- GNI-U2 is installed us ing LC fiber SFPs or copper 1000Base-T SFPs. 1000 full Y e[...]
-
Página 46
Ethernet Ports Overview Configuring Ethernet Ports page 1-12 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 OmniSwit ch 6602-24 (ports 1–24) Copper twisted pair (RJ-45) auto/10/100 auto/full/half Y es OmniSwit ch 6602-24 (ports 25–26) W ire-rate when an LC fiber SFP or copper 1000Base-T SFP is installed. 1000 full Y es (fiber) [...]
-
Página 47
Configuring Ethernet Ports Setti ng Ethernet Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-13 Setting Ethernet Por t Parameters When using CLI command s to set Ethernet port parameters, keep in mind tha t Ethernet and Fast Eth ernet are supporte d only on ports 1 through 48 on the OmniSwitch 6648 and OmniSw i[...]
-
Página 48
Setting Ethernet Port Parameters Configuring Ethernet Ports page 1-14 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Setting Flow Contr ol The flow command can be used to enable or di sable (the de fault) flow control on a specific port, a ra nge of ports, or all po rts on an enti re switch (slot). Wh en th e buffers on a receiving[...]
-
Página 49
Configuring Ethernet Ports Setti ng Ethernet Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-15 As an option, you can document the interface type by entering ethernet , fastethernet , or gigaethernet before the slot number. For example to disable flow co ntrol on the interface on slot 2 port 3 and document the [...]
-
Página 50
Setting Ethernet Port Parameters Configuring Ethernet Ports page 1-16 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Restoring the Flow Control W ait Time To restore the fl ow control wait time (i.e., set it back to 0) fo r an entire switch , enter flow followed by the slot number an d no wait . For exam ple, to resto re the flow c[...]
-
Página 51
Configuring Ethernet Ports Setti ng Ethernet Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-17 As an option, you can document the interface type by entering ethernet , fastethernet , or gigaethernet before the slot number. For example, to configure th e line speed o n slot 2 port 3 at 10 0 Mbps and docu- ment [...]
-
Página 52
Setting Ethernet Port Parameters Configuring Ethernet Ports page 1-18 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Enabling and Disabling Inter faces The interfaces a dmin command is used to enable (the default) or disable a specific po rt, a range of ports, or all ports on an ent ire switch (slot). To enable or disable an entire[...]
-
Página 53
Configuring Ethernet Ports Setti ng Ethernet Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-19 As an option, you can document the interface type by entering ethernet , fastethernet , or gigaethernet before the slot number. For example, to set the inter-f rame gap value o n port 52 on slot 2 to 10 bytes and doc[...]
-
Página 54
Setting Ethernet Port Parameters Configuring Ethernet Ports page 1-20 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuring Flood Rates The following su bsections descri be how to en able the maximum floo d rate (see “Enab ling the Maximum Flood Rate” on page 1-20 ), enab le the m aximu m flood rate for multicast traffic ([...]
-
Página 55
Configuring Ethernet Ports Setti ng Ethernet Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-21 Configuring Flood Rate V alues By default, the flood rate is 42 Mbp s on 10/100 ports and 49 6 Mbps on Gigabit po rts. The interfaces flood rate command can be used to configur e the peak flood ra te value on a spe c[...]
-
Página 56
Setting Ethernet Port Parameters Configuring Ethernet Ports page 1-22 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuring Auto Negotiation, Crossover , and Flow Contr ol Settings The following su bsections desc ribe how to enable and disab le auto negot iation (see “Enabling and Disabling Aut o Negotiatio n” on page 1-2 [...]
-
Página 57
Configuring Ethernet Ports Setti ng Ethernet Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-23 Configuring Crossover Settings To configure crossover settings on a single po rt, a range of ports, or an entire slot u se the interfaces crossover command. If au to negotiatio n is disabled, fl ow control, au to spe[...]
-
Página 58
Setting Ethernet Port Parameters Configuring Ethernet Ports page 1-24 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 As an option, you can document the interface type by entering ethernet , fastethernet , or gigaethernet before the slot number. For example, to enable flow control on port 3 on sl ot 2 and document the port as Fast E[...]
-
Página 59
Configuring Ethernet Ports Verifying Ethernet Port Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 1-25 V erifying Ethernet Por t Configuration To display information abo ut Ethernet port configurat ion settings, use the show commands listed in the following t able. These commands can be quite useful in troubl esho[...]
-
Página 60
Verifying Ethernet Port Configuration Configuring Ethernet Ports page 1-26 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006[...]
-
Página 61
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 2-1 2 Managing Source Learning Transparent b ridging rel ies on a proces s referred to as source learning to handle traffic flow. Netwo rk devices communicate by sending and receiving data pa ckets that e ach contain a source MAC address and a destination MAC address. When pack ets[...]
-
Página 62
Source Learning Specifications Managing Source Learning page 2-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Source Learning Specifications Source Learning Defaults Sample MAC Address T able Configuration The following ste ps provide a quick tutorial that will create a static MAC a ddress and change the MAC address aging timer fo[...]
-
Página 63
Managing Source Learning Sample MAC Address Table Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 2-3 2 Assign switch ports 2 t hrough 5 on slot 3 to VLAN 200--if they are not alread y assoc iated with VLAN 200--using the fol lowing command: -> vlan 200 port default 3/2-5 3 Create a static MAC address entry usin[...]
-
Página 64
MAC Address Table Overview Managing Source Learning page 2-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 MAC Address T able Over view Source learning bu ilds and maintains the MAC ad dress table on each swit ch. New MAC address table entries are created in one of two ways: they are dynamically learne d or statically assigned. Dyn[...]
-
Página 65
Managing Source Learning Using Static MAC Addresses OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 2-5 • There are two type s of static MAC address beh avior supported: bridging (default) or filtering . Enter filtering to set up a denial of service to block potential hostile attacks. Traffic sent to or from a filtered MAC add[...]
-
Página 66
Using Static Multicast MAC Addresses Managing Source Learning page 2-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Static MAC Addresses on Link Aggregate Ports Static MAC Addresses are not assigned to ph ysical ports th at belong to a link aggregate. Inste ad, they are assigned to a link aggregate ID that represent s a collection[...]
-
Página 67
Managing Source Learning Configuring MAC Address Table Aging Time OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 2-7 Use the no form of the mac-address-table static-multicast command to delete static multi cast MAC address en tries. For example, the following co mmand deletes a static multic ast address that is a ssigned to por[...]
-
Página 68
Configuring MAC Address Table Aging Time Managing Source Learning page 2-8 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. The MAC address table aging time is also use d as the t imeout value for t he Address Reso lution Protocol (ARP) table. Th is timeout value dete rmin es how long the switch re tains dynamically lea rned ARP[...]
-
Página 69
Managing Source Learning Displayi ng MAC Address Table Information OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 2-9 Displaying MAC Address T able Information To display MAC Address Tabl e entries, statistics, and aging time values, use the show commands listed below: For more information about the resulting di splays from the[...]
-
Página 70
Displaying MAC Address Table Info rmation Managing Source Learning page 2-10 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006[...]
-
Página 71
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 3-1 3 Configuring Learned Por t Security Learned Port Security (LPS) pr ovides a mechanis m for authorizing source lear ning of MAC addresses on Ethernet and Gigabi t Ethernet ports. The o nly types of Ethernet port s that LP S does not support are link aggregate and tagged (t runk[...]
-
Página 72
Learned Port Security Specifications Configuring Learned Port Security page 3-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Learned Por t Security Specifications Learned Por t Security Defaults RFCs supported Not applicable at this time. IEEE Standards supported Not applicable at this time. Ports eligible for Le arned Port Securi[...]
-
Página 73
Configuring Learned Port Securi ty Sample Learned Port Security Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 3-3 Sample Learned Por t Security Configuration This section provides a quick tutoria l that demonstrates the fo llowing tasks: • Enabling LPS on a se t of switch ports. • Defining the maximum num ber[...]
-
Página 74
Learned Port Security Overview Configuring Learned Port Security page 3-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Learned Por t Security Over view Learned Port Security (LPS) provides a mecha nism for controlling network de vice access on one or more switch ports. Co nfigurable LPS para meters allow the user to restrict the s[...]
-
Página 75
Configuring Learned Por t Security Learned Port Security Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 3-5 How LPS Authorizes Source MAC Addresses When a packet is received on a port that has LPS enabled, switc h software checks t he following crite ria to determine if the sourc e MAC address contained in the packe t [...]
-
Página 76
Learned Port Security Overview Configuring Learned Port Security page 3-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Static Configuration of Authorized MAC Addresses It is also possible to st atically configure aut horized source MAC a ddress entries into the LPS table. This type of entry behaves the same way as dynamically conf[...]
-
Página 77
Configuring Learned Port Security Enabling/Disabling Learned Port Security OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 3-7 Enabling/Disabling Learned Por t Security By default, LPS is disabled on all switch po rts. To enable LPS on a port, use the port-security command. For example, the followi ng command enab les LPS on por[...]
-
Página 78
Configuring the Number of MAC Addresses A llowed Configuring Learned Port Security page 3-8 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring the Number of MAC Addresses Allowed By default, one MAC address is allowed on an LPS port . To change this number, e nter port-security followed by the port’s slot /port designation[...]
-
Página 79
Configuring Learned Por t Security Config uring an Authorized MAC Address Range OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 3-9 Configuring an Authorized MAC Address Range By default, each LPS port is set to a range of 00:0 0:00:00:00:00–ff:ff:ff:ff:ff:ff , which includes all MAC addresses. If this defaul t is not changed,[...]
-
Página 80
Selecting the Security Violation Mode Configuring Learned Port Security page 3-10 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Selecting the Security V iolation Mode By default, the se curity violation mode for an LPS port is set to restr ict . In this mode, when an unautho- rized source MAC address is receive d on an LPS po rt, [...]
-
Página 81
Configuring Learned Port Securi ty Displaying Learned Port Security Informatio n OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 3-11 Displaying Learned Por t Security Information To display LPS port and tab le informatio n, use the show commands listed bel ow: For more information abou t the resulting display from th ese comman[...]
-
Página 82
Displaying Learned Port Security Inform ation Configuring Learned Port Security page 3-12 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006[...]
-
Página 83
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 4-1 4 Configuring VLANs In a flat bridged network, a broa dcast domain is c o nfined to a sing le LAN segment or even a spec ific physical loca tion, such as a department or bui lding floor. In a switch-based network, such as one comprised of Alcatel switching system s, a broadcast[...]
-
Página 84
VLAN Specifications Configuring VLANs page 4-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 VLAN Specifications VLAN Defaults RFCs Supported 2674 - Definitions of Managed Ob jects for Bridges with Traffic Classes, Multic ast Filtering and Virtual LAN Extensions IEEE Standards Supported 802.1Q - Virtual Bridged Local Area Networks [...]
-
Página 85
Configuring VLANs Sample VLAN Configuratio n OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 4-3 Sample VLAN Configuration The following steps p rovide a quick tutorial that will create VLAN 255 on a stack config uration that includes four switc hes. Also includ ed are steps to define a VLA N desc ription, IP router interface, a[...]
-
Página 86
Sample VLAN Configuration Configuring VLANs page 4-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 To verify that ports 3/2 -4 were assigned t o VLAN 255, use the show vlan port command. For example: -> show vlan 255 port port type status --------+---------+-------------- 3/2 default inactive 3/3 default inactive 3/4 default ina[...]
-
Página 87
Configuring VLANs VLAN Management Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 4-5 VLAN Management Over view One of the main benefi ts of using VLANs to segment network traffic, is that VLAN configuration and port assignment is han dled throu gh switch softwa re. This elimi nates the need to physically change a netwo[...]
-
Página 88
Creating/Modifying VL ANs Configuring VLANs page 4-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Creating/Modifying VLANs The initial con figuration fo r all Alcatel switche s consists of a defaul t VLAN 1 and all swit ch ports are initially assigne d to this VLAN. When a switching mo dule is added to the switch, th e module’s [...]
-
Página 89
Configuring VLANs Defining VLAN Port Assignments OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 4-7 Enabling/Disabling the VLAN Administrative Status To enable or disable the administrative status for an existing VLAN, enter vlan followed by a n existing VLAN ID and either enable or disable . -> vlan 755 disable -> vlan 2[...]
-
Página 90
Defining VLAN Port Assignments Configuring VLANs page 4-8 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Changing the Default VLAN Assignment for a Por t To assign a switch port to a new default VLAN, enter vlan followed by an existi ng VLAN ID number, port default , then the slot/port design ation. For exa mple, the foll owing comm[...]
-
Página 91
Configuring VLANs Defining VLAN Port Assignments OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 4-9 Configuring VLAN Ru le Classificati on VLAN rule classifi cation triggers dynamic VLAN po rt assignment when t raffic received on a mobile port matches the criteri a defined in a VLAN rule. Differen t rule types are avail able fo[...]
-
Página 92
Defining VLAN Port Assignments Configuring VLANs page 4-10 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Enabling/Disabling VLAN M obile T ag Classification Use the vlan mobile-tag command to enable or disable the cla ssi fication of mo bile port packets b ased on 802.1Q VLAN ID tag. For example, the fo llowing commands enable the[...]
-
Página 93
Configuring VLANs Enabling/Disabling Span ning Tree for a VLAN OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 4-11 Enabling/Disabling Spanning T ree for a VLAN When a VLAN is created, an 802.1D standard Spanning Tree Al gorithm and Prot ocol (STP) instance is enabled for the VLAN by default. The span ning tr ee operating mode s[...]
-
Página 94
Enabling/Disabling VLAN Authentication Configuring VLANs page 4-12 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Enabling/Disabling VLAN Authentication Layer 2 authentication uses VLAN membership to gr ant access to network re sources. Authentica ted VLANs control membership through a log-in process; th is is sometimes called user[...]
-
Página 95
Configuring VLANs Bridging VLANs Across Multiple Switches OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 4-13 Bridging VLANs Acr oss Multiple Switches To create a VLAN brid ging domai n that extends across multiple swi tches: 1 Create a VLAN on each switch wit h the same VLAN ID number (e.g., VL AN 10). 2 If using mobile ports [...]
-
Página 96
Verifying the VLAN Configuration Configuring VLANs page 4-14 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 The connection between Stack C and D is shown with a brok en line because the ports tha t provide this connection are in a bl ocking state. Spanning Tree is active by default on all stacks, VLANs and port s. The Spanning Tree[...]
-
Página 97
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-1 5 Configuring Spanning T ree Parameters The Spanning Tree Algorith m and Protocol (STP) is a self-configuring algorith m that maintains a loop- free topology while pr oviding data path redundancy and network scalabi lity. Based on the IEEE 802.1D standard, the Alcate l STP impl[...]
-
Página 98
Spanning Tree Specifications Conf iguring Spanning Tree Parameters page 5-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Spanning T ree Specifications Spanning T ree Bridge Parameter Defaults IEEE Standards supported 802.1D– Media Acce ss Control (MAC) Bridges 802.1w– Rapid Reconfigurati on (802.1D Am endment 2 ) 802.1Q– Vir[...]
-
Página 99
Configuring Spanning Tree Parameters Sp anning Tree Port Parameter Defaults OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-3 Spanning T ree Por t Parameter Defaults Multiple Spanning T ree (MST) Region Defaults Although the following parameter values are specific to the MSTP (802.1s), they are configurab le re gard- less of w[...]
-
Página 100
Spanning Tree Overview Configuring Spanning Tree Parameters page 5-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Spanning T ree Over view Alcatel switches sup port the use of the 802.1D Sp anning Tree Algorith m and Protocol (STP), th e 802.1w Rapid Spanning Tree Algo rithm and Protocol (RSTP), and the 802.1s Multiple Spanni ng T[...]
-
Página 101
Configuring Spanning Tree Parameters Spanning Tree Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-5 Note. The distinction between a backup port and an alternate port was introduced with the IEEE 802.1w standard to he lp define rapid transi tion of an alte rnate port to a root port. The role a port plays or may poten [...]
-
Página 102
Spanning Tree Overview Configuring Spanning Tree Parameters page 5-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 The sending and receiv ing of Configuratio n BPDU between switches part icipating in the b ridged network is how the roo t bridge is e lected and the best path to t he root is determin ed and then a dvertised to th e r[...]
-
Página 103
Configuring Spanning Tree Parameters Spanning Tree Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-7 2 The best root path cost. 3 If root path costs are equal, t he bridge ID of the bridge sendin g the BPDU. 4 If the previous three values ti e, then the port ID (lowest priority value , th en lowest port number). When [...]
-
Página 104
Spanning Tree Overview Configuring Spanning Tree Parameters page 5-8 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 The following d iagram shows the l ogical connectiv ity of the sa me physical to pology as det ermined by the Spanning Tree Algo rithm. Active Spanning T ree T opology Example In the above active Spanning Tree to polog[...]
-
Página 105
Configuring Spanning Tr ee Parame ters Spanning Tree Operating Modes OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-9 Spanning T ree Operating Modes The switch can operate in one o f two Spanning Tree modes: flat and 1x1 . Both modes apply to th e entire switch and determi ne whether a sin gle Spanning Tree insta nce is appli[...]
-
Página 106
Spanning Tree Operating Modes Confi guring Spanning Tree Parameters page 5-10 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Flat Spanning T ree Example In the above example , if port 8/3 co nnects to another switch and port 10/5 connects to th at same switch, the Spanni ng Tree Algo rithm woul d detect a re dundant p a th and tran[...]
-
Página 107
Configuring Spanning Tr ee Parame ters Spanning Tree Operating Modes OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-11 The following diagram shows a switch runn ing in the 1x1 Spanning Tree mode and sh ows Spanning Tree participation for bo th fixed and tagged ports. 1x1 (single and 802.1Q) Spanning T ree Example In the above[...]
-
Página 108
Configuring Spanning Tree Bridge Parame ters Configuring Spanning Tree Parameters page 5-12 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuring Spanning T ree Bridge Parameters The Spanning Tree software is active on all swi tches by defau lt and uses defau lt bridge and port parame- ter values to calculate a loop free topol[...]
-
Página 109
Configuring Spanning Tr ee Parameters Conf iguring Spanning Tree Bridge Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-13 Note that exp licit command s using the cist and msti keywords are required to define an MSTP (802.1s) configuration . Implicit commands are only allowed for defining STP or RSTP con figurations[...]
-
Página 110
Configuring Spanning Tree Bridge Parame ters Configuring Spanning Tree Parameters page 5-14 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 The following sec tions provide i nformation and pr ocedures fo r using implicit bridge configurat ion commands and also includes explicit comma nd examples. Note . When a snapshot is t aken of [...]
-
Página 111
Configuring Spanning Tr ee Parameters Conf iguring Spanning Tree Bridge Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-15 Note. Configurin g a Spanning Tree bridge instance with a priority value that will cause the instance to become the ro ot is recomme nded, instead o f relying on the comparis on of switch ba se [...]
-
Página 112
Configuring Spanning Tree Bridge Parame ters Configuring Spanning Tree Parameters page 5-16 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Note that lowering t he hello time i nterval improv es the robu stness of the Spanning Tree algorithm. Increasing the hell o time interval l owers the overhead of Spanning Tree processing. If th[...]
-
Página 113
Configuring Spanning Tr ee Parameters Conf iguring Spanning Tree Bridge Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-17 The explicit bridge 1x1 max age command configures the max age t i me for a VLAN instance when the switch is running in either mode (1x1 o r flat). Fo r example, the following comma nd performs [...]
-
Página 114
Configuring Spanning Tree Bridge Parame ters Configuring Spanning Tree Parameters page 5-18 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 -> bridge forward delay 10 -> bridge cist forward delay 10 As in previous releases, it is possible to configure the flat mode instance wit h the bridge forward delay command by specifying [...]
-
Página 115
Configuring Spanning Tr ee Parameters Co nfiguring Spanning Tree Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-19 Configuring Spanning T ree Por t Parameters The following sectio ns provide informat ion and procedures for using CLI commands to configure STP port parameters. These parameters de termine the beh[...]
-
Página 116
Configuring Spanning Tree Port Paramete rs Configuring Spanning Tree Parameters page 5-20 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 The following is a summary of Spanning Tree port configuratio n commands. For more information ab out these comman ds, see the Omn iSwitch CLI Reference Gu ide. Commands T ype Used for ... bridge [...]
-
Página 117
Configuring Spanning Tr ee Parameters Co nfiguring Spanning Tree Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-21 The following sec tions provide i nformation and proced ures for usi ng implicit Sp anning Tree po rt configu- ration command s and also inc lud es explicit command examples. Note . When a snapsho[...]
-
Página 118
Configuring Spanning Tree Port Paramete rs Configuring Spanning Tree Parameters page 5-22 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 To enable or disable the Spanning Tree status for a li nk aggreg ate, use the bridge slot/port commands described above but specify a link aggregate control nu mber instead of a slot an d port. Fo[...]
-
Página 119
Configuring Spanning Tr ee Parameters Co nfiguring Spanning Tree Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-23 STP or RSTP protocols are in use. See Chapter 6, “Using 802.1s Multiple Spanni ng Tree,” for more infor- mation. Port Priority on Li nk Aggregate Por ts Physical ports that belong to a link ag[...]
-
Página 120
Configuring Spanning Tree Port Paramete rs Configuring Spanning Tree Parameters page 5-24 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 By default, Span ning Tree is enab led on a port and the path cost is set to zero. If the switch i s running in the 1x1 Spannin g Tree mode, th en th e port pa th cost applies to the sp ecifi ed V[...]
-
Página 121
Configuring Spanning Tr ee Parameters Co nfiguring Spanning Tree Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-25 Path Cost for Link Aggregate Ports Physical ports that belong to a link aggregate do no t participate in the Span ning Tree Algorithm. Inste ad, the algorithm is applied to the aggreg ate logi cal[...]
-
Página 122
Configuring Spanning Tree Port Paramete rs Configuring Spanning Tree Parameters page 5-26 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 To change the path cost value for a link aggregate, use the bridge slot/port path cost commands described above, but specify a link aggregate cont ro l number instead of a slot and port. Fo r exam[...]
-
Página 123
Configuring Spanning Tr ee Parameters Co nfiguring Spanning Tree Port Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-27 Mode for Link Aggregate Ports Physical ports that belong to a link aggregate do no t participate in the Span ning Tree Algorithm. Inste ad, the algorithm is applied to the aggreg ate logi cal link[...]
-
Página 124
Configuring Spanning Tree Port Paramete rs Configuring Spanning Tree Parameters page 5-28 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 To change the port connection type for a VLAN insta nce, specify a VL AN ID with the bridge slot/port connection command when th e switch is runnin g in the 1x1 mode. For exam ple, the follow ing [...]
-
Página 125
Configuring Spanning Tr ee Parameters Sample Spanning Tree Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-29 Sample Spanning T ree Configuration This section provid es an example network configurati on in which Spanni ng Tree has calculated a loop - free topology. In a ddition, a tu torial is al so included that[...]
-
Página 126
Sample Spanning Tree Configuration C onfiguring Spanning Tree Parameters page 5-30 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 • Ports 2/1-3, 2 /8-10, 3/1-3, an d 3/8-10 provid e connection s to other swi tches and are all assigned to VLAN 255 on their respective switch es. The Spanning Tree administrati ve status for each por[...]
-
Página 127
Configuring Spanning Tr ee Parameters Sample Spanning Tree Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 5-31 -> bridge 255 priority 10 VLAN 255 on Switch D will ha ve the lowest Bri dge ID priority value of all four switches, whi ch will qualify it as the Spanni ng Tree root VLAN for the VLAN 255 broadcast do[...]
-
Página 128
Verifying the Spanning Tree Configurat ion Configuring Spanning Tree Parameters page 5-32 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 V erifying the Spanning T ree Configuration To display information abo ut the Spanning Tree configuration on the switch, use the show commands listed below: For more information about the resultin[...]
-
Página 129
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-1 6 Using 802.1s Multiple Spanning T ree The Alcatel Multiple Spanning Tree (M ST) implementation provides su pport for the IEEE 802.1s Multi- ple Spanni ng Tree Protocol (MSTP). In add ition to the 802.1D Span ning Tree Algo rithm and Prot ocol (STP) and the 802.1w Rap id Spanni[...]
-
Página 130
MST Specifications Using 802.1s Multiple Spanning Tree page 6-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 MST Specifications Spanning T ree Bridge Parameter Defaults IEEE Standards supported 802.1D– Media Acce ss Control (MAC) Bridges 802.1w– Rapid Reconfigurati on (802.1D Am endment 2 ) 802.1Q– Virtual Bridged Local Area[...]
-
Página 131
Using 802.1s Multiple Spanning T ree Spanning Tree Port Parameter Defaults OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-3 Spanning T ree Por t Parameter Defaults MST Region Defaults Although the following parameter values are specific to the MSTP (802.1s), they are configurab le re gard- less of which mode (flat or 1x1) o r[...]
-
Página 132
MST General Overview Using 802 .1s Multiple Spanning Tree page 6-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 MST General Over view The Multiple Span ning Tr ee (M ST) featur e allows fo r the mapping of one or more VLANs to a single Spanning Tree instance , referred to as a Multip le Spanning Tree Instance (MST I), when the swi[...]
-
Página 133
Using 802.1s Multiple Spanning T ree MST General Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-5 1x1 Mode STP/RSTP In the above 1x 1 mode example: • Both switches are running in the 1x1 mo de (one Spanning Tree inst ance per VLAN). • VLAN 100 and VLAN 200 are each associated with their own Spanning Tree instan c[...]
-
Página 134
MST General Overview Using 802 .1s Multiple Spanning Tree page 6-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Flat Mode MSTP (802.1s) In the above flat mode MSTP example: • Both switches are running in the flat mode and using MSTP. • VLANs 100 and 150 are no t associated with an MSTI. By defaul t they are con trolled by the [...]
-
Página 135
Using 802.1s Multiple Spanning T ree MST General Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-7 Comparing MSTP with STP and RSTP Using MSTP (802.1s) has the foll owing items in common wit h STP (802.1D) and RSTP (802.1 w) proto- cols: • Each protocol ensures one data pa th between any two switches within the netw[...]
-
Página 136
MST General Overview Using 802 .1s Multiple Spanning Tree page 6-8 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 What is a Multiple Spanning T ree Region A Multiple Sp anning Tree regio n re presents a group of 802.1s switches. An MST regio n appears as a single, flat mode instance to switc hes outside the region. A switch can belo[...]
-
Página 137
Using 802.1s Multiple Spanning T ree MST General Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-9 number of hops for the region, however, i s not one o f the attribut es that define s whether or not a switch is a member of a re gion. See “Quick Steps for Config uring an MST Reg ion” on page 6-14 for a tutori al o[...]
-
Página 138
MST Configuration Overvi ew Using 802.1s Multiple Spanning Tree page 6-10 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 MST Configuration Over view The following g eneral step s are requir ed to set up a Multiple Span ning Tree (MST) config uration: • Select the flat Spanning Tree mode. By default, each switch ru ns in the 1x1 m[...]
-
Página 139
Using 802.1s Multiple Spanning T ree MST Configuration Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-11 Implicit commands resemble previously implemen ted Spanning Tree co mmands, but appl y to the appro- priate instance based on t he current mode and protocol that is active on the switch. For example, if the 1x1 mo[...]
-
Página 140
MST Interoperability and Mi gration U sing 802.1s Multiple Spanning Tree page 6-12 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 MST Inter operability and Migration Connecting an MSTP (802.1s) swit ch to a non-MSTP flat mode switch is supp orted. Since the Common and Internal Span ning Tree (CIST) con trols the flat mode instance [...]
-
Página 141
Using 802.1s Multiple Spanning T ree MST Interoperability and Migratio n OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-13 Migrating fr om 1x1 Mode to Flat Mode MSTP As previously described, the 1x1 mo de is an Alcatel propri etary implementation th at applies one Span - ning Tree instance to each VLAN. For example, if five V[...]
-
Página 142
Quick Steps for Configuring an MST Reg ion Using 802.1s Multiple Spanning Tree page 6-14 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Quick Steps for Configuring an MST Region An MST region ident ifies a group of MSTP (80 2.1s) swit ches that is seen as a si ngle, flat mode instance by other regions and/ or non-MSTP switche s. A [...]
-
Página 143
Using 802.1s Multiple Spanning T ree Quick Step s for Configuring an MST Region OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-15 3 Map VLANs 100 and 200 to MSTI 2 and VLAN s 300 and 400 to MSTI 4 using t he bridge msti vl an command to define the con figuration digest. For exampl e: -> bridge msti 2 vlan 100 200 -> bri[...]
-
Página 144
Quick Steps for Configuring MSTIs Usi ng 802.1s Multiple Spanning Tree page 6-16 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Quick Steps for Configuring MSTIs By default the Spa nning Tree software is a ctive on all swit ches and op erating in the 1x1 mode using the standard 802.1D STP. As a result, a loop-free netw ork topology[...]
-
Página 145
Using 802.1s Multiple Spanning T ree Quick Steps for Configuring MSTIs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-17 The follow ing commands assign ports 2/1, 5/1 , 5/2, and 3/ 6 to VLANs 10 0, 150, 200 , and 250 o n Switch B: -> vlan 100 port default 2/1 -> vlan 150 port default 5/1 -> vlan 200 port default 5/2 [...]
-
Página 146
Quick Steps for Configuring MSTIs Usi ng 802.1s Multiple Spanning Tree page 6-18 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Note that of the two data paths a vailable to MSTI 1 VLANs, one is still b locked because i t is seen as redundant for that instance. In a ddition, the CIST data path st ill remains availa ble for CIST VLA[...]
-
Página 147
Using 802.1s Multiple Spanning T r ee Verifying the MST Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 6-19 V erifying the MST Configuration To display information abo ut the MST configurati on on the switch, use the show commands listed be low: For more information about the resulting di splays from these c omman[...]
-
Página 148
Verifying the MST Configuration Using 802 .1s Multiple Spanning Tree page 6-20 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006[...]
-
Página 149
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-1 7 Assigning Por ts to VLANs Initially all switch ports are no n-mobile and are assigned to VLAN 1, which is also their configured default VLAN. When additional VLANs ar e created on the switch, ports a re assigned to the VLANs so that traffi c from device s connected to these p[...]
-
Página 150
Port Assignment Specific ations Assigning Ports to VLANs page 7-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Por t Assignment Specifications Por t Assignment Defaults IEEE Standards Supported 802.1Q– Virtual Bridged Local Area Networks 802.1D– Media Access Control Bridges Maximum VLANs per switch 4094 (inclu ding default VLA[...]
-
Página 151
Assigning Ports to VLANs Sample VLAN Port Assignment OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-3 Sample VLAN Por t Assignment The following ste ps provide a qu ick tutorial th at will creat e a VLAN, statical ly assign ports to the VLAN, and configure mo bility on some of the VLAN p orts: 1 Create VLAN 255 with a descrip[...]
-
Página 152
Statically Assigning Ports to VLANs Assigning Ports to VLANs page 7-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Statically Assigning Por ts to VLANs The vlan port default command is used to static ally assign bot h mobile and non -mobile port s to another VLAN. When the assignment is made, the port drop s the previous VLAN assi[...]
-
Página 153
Assigning Ports to VLANs Dynamic ally Assigning Ports to VLANs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-5 How Dynamic Por t Assignment W orks Traffic received on mobile ports is classi fied using one of the following met hods: • Packet is ta gged with a VLAN ID that match es the ID of anot her VLAN that ha s mobile ta[...]
-
Página 154
Dynamically Assigning Ports to VLANs Assigning Ports to VLANs page 7-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 In the initial VLAN port assignment configuration shown below, • All three port s have worksta tions that ar e configured to se nd packets wi th an 802. 1Q VLAN ID tag fo r three differ ent VLANs (VLAN 2, 3, and 4)[...]
-
Página 155
Assigning Ports to VLANs Dynamic ally Assigning Ports to VLANs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-7 T agged Mobile Port T raffic T r iggers Dynamic VLAN Assignment OmniSwitch 6648 OmniSwitch 6648 OmniSwitch 6648 OmniSwitch 6648 OmniSwitch Port 2 VLAN 2 VLAN 1 VLAN 4 IP Network 130.0.0.0 Default VLAN IP Network 140[...]
-
Página 156
Dynamically Assigning Ports to VLANs Assigning Ports to VLANs page 7-8 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 VLAN Rule Classification VLAN rule classifi cation triggers dynamic VLAN po rt assignment when t raffic received on a mobile port matches the criteri a defined in a VLAN rule. Differen t rule types are avail able for[...]
-
Página 157
Assigning Ports to VLANs Dynamic ally Assigning Ports to VLANs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-9 VLAN Rule Cla ssification : Initial Configuratio n As soon as the workstations start se nding traffic, swi tch so ftware checks the source subnet of the frames and looks for a matc h with any configure d IP network [...]
-
Página 158
Dynamically Assigning Ports to VLANs Assigning Ports to VLANs page 7-10 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Mobile Port T raffic T rigge rs Dynamic VLAN Assignment Configuring Dynamic VLAN Por t Assignment Dynamic VLAN port assignment requires the following co nfiguration steps: 1 Use the vlan port mobile command to enab[...]
-
Página 159
Assigning Ports to VLANs Dynamic ally Assigning Ports to VLANs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-11 Enabling/Disabling Por t Mobility To enable mo bility on a port , use the vlan por t mobile command. For example, the following command enables mobility o n port 1 of slot 4: -> vlan port mobile 4/1 To enable mo[...]
-
Página 160
Dynamically Assigning Ports to VLANs Assigning Ports to VLANs page 7-12 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 When BPDU ignore is enabled and the mobile port r eceive s a BPDU, the following occurs: • The port reta ins its mobi le status and remai ns eligible fo r dynamic VLAN assignme nt. • The port is n ot included i[...]
-
Página 161
Assigning Ports to VLANs Underst anding Mobile Port Properties OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-13 Understanding Mobile Por t Pr oper ties Dynamic assignme nt of mobile ports occurs witho ut user interve ntion when mo bile port traffic matches VLAN criteria. When ports a re dynamically assi gned, howeve r, the f[...]
-
Página 162
Understanding Mobile Port Prop erties Assigning Ports to VLANs page 7-14 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 VLAN Management software on each switch tracks VPAs . When a mobile po rt link is disa bled and then enabled, all secondary VLAN assignments for that port are automa tically droppe d and the po rt’s original con[...]
-
Página 163
Assigning Ports to VLANs Underst anding Mobile Port Properties OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-15 How Mobile Port VLAN Assignments Age OmniSwitch OmniSwitch 6648 OmniSwitch 6648 OmniSwitch 6648 OmniSwitch OmniSwitch 6648 OmniSwitch 6648 OmniSwitch 6648 OmniSwitch OmniSwitch 6648 OmniSwitch 6648 OmniSwitch 6648 [...]
-
Página 164
Understanding Mobile Port Prop erties Assigning Ports to VLANs page 7-16 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuring Mobile Por t Properties Mobile port pr operties indicat e mobile port status a nd affect port beh avior when the port is dynamically assigned to one or more VLANs. For e xample, mobile p ort properties[...]
-
Página 165
Assigning Ports to VLANs Underst anding Mobile Port Properties OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-17 Enable/Disable De fault VLAN Restore To enable or disable defa ult VLAN restore, enter vlan port followed by the port’s slot/port designation then default vlan restore followed by enable or disable . For example,[...]
-
Página 166
Understanding Mobile Port Prop erties Assigning Ports to VLANs page 7-18 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Enable/Disable 802.1X Por t -Based Access Contr ol To enable or disab le 802.1X on a mobile port, enter vlan port followed by the port’s slot/port designa- tion then 802.1 x followed by enable or disable. For ex[...]
-
Página 167
Assigning Ports to VLANs Verifying VLAN Po rt Associations and Mobile Port Properties OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 7-19 V erifying VLAN Por t Associations and Mobile Por t Properties To display a list of VLAN port assi gnments or the status of mobile port properties, use the show commands list ed below: Unders[...]
-
Página 168
Verifying VLAN Port Associations and Mobile Port Properties Assigning Ports to VLANs page 7-20 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 The following ex ample uses the show vlan po rt command to display VP A in formation for all ports in VLAN 200: -> show vlan 200 port port type status --------+---------+-------------- 3/2[...]
-
Página 169
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-1 8 Defining VLAN Rules VLAN rules are used to classify mo bile port traffic for dy namic VLAN port assign ment. Rules are defi ned by specifying a port, MAC address, protoc ol, network address, user-defined, binding, or DHCP cr iteria to capture certain types of network device t[...]
-
Página 170
VLAN Rules Specifications Defining VLAN Rules page 8-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 VLAN Rules Specifications VLAN Rules Defaults IEEE Standards Supported 802.1Q– Virtual Bridged Local Area Networks 802.1v– VLAN Classification by Prot ocol and P ort 802.1D– Media Access Control Bridges Maximum number of VLANs[...]
-
Página 171
Defining VLAN Rules Sample VLAN Rule Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-3 Sample VLAN Rule Configuration The following steps p rovide a qu ick tutorial that wi ll create a n IP network address and DHCP MAC range rule for VLAN 255, an IPX pro tocol rule for VLAN 355, an d a MAC-IP-port bindi ng rule f[...]
-
Página 172
VLAN Rules Overview Defining VLAN Rules page 8-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 VLAN Rules Over view The mobile po rt feature availa ble on the swi tch allows dy namic VLAN po rt assignment ba sed on VLAN rules that are applied to mobile port traffic.When a port is defined as a mob ile port, switch softwa re compares[...]
-
Página 173
Defining VLAN Rules VLAN Rules Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-5 DHCP Rules Dynamic Host Config uration Protocol (DH CP) frames ar e sent from client workstations to request an IP address from a DHC P server. The serv er respond s with the same type of frames, whic h contain an IP address for t he clie[...]
-
Página 174
VLAN Rules Overview Defining VLAN Rules page 8-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Binding Rules Binding rules restrict VLAN a ssignme nt to specifi c devices by requiring that devic e traffic match all crite- ria specified in the rule. As a result, a separate binding rule is required for each devic e. An unlimite d num[...]
-
Página 175
Defining VLAN Rules VLAN Rules Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-7 IP protocol rules also c apture DHCP traffic, i f no other DHCP rule exists that would classify the DHCP traffic into anot her VLAN. Therefore, it is not necessary to c ombine DHCP rules with IP protoco l rules for the same VLAN. Custom ([...]
-
Página 176
VLAN Rules Overview Defining VLAN Rules page 8-8 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Understanding VLAN Rule Precedence In addition to configurable VLAN rule types, there are t wo internal rule types fo r processing mobile port frames. One is referred to as frame typ e and is used to identify Dyna mic Host Configuration P[...]
-
Página 177
Defining VLAN Rules VLAN Rules Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-9 Prece dence S tep/Rule T ype Condition Result 1. Frame T ype Frame is a DHCP frame. Frame is not a DHCP frame. Go to Step 2. Skip Steps 2, 3, 4, and 5. 2. DHCP MAC DHCP frame contains a matching source MAC address. Frame source is as si g[...]
-
Página 178
VLAN Rules Overview Defining VLAN Rules page 8-10 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 8. MAC-Port Bi nding Frame contains a matching sou rce MAC address and source port. Frame only contains a matching source MAC address; port does not match. Frame only contains a matching port; source MAC address does not match. Frame so[...]
-
Página 179
Defining VLAN Rules Configuring VLAN Rule Definitions OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-11 Configuring VLAN Rule Definitions Consider the followin g when config uring rule s for a VLAN: • The VLAN must already exist. Use t he vlan command to create a new VLAN or the sho w vlan command to verify a VLAN is alread[...]
-
Página 180
Configuring VLAN Rule Definitions Defining VLAN Rules page 8-12 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Refer to the following sections (liste d in the order of rule precedenc e) for instructions on h ow to define each type of VLAN rule: To display a list of VLAN rules already configured on the switch, use the show v lan rul[...]
-
Página 181
Defining VLAN Rules Configuring VLAN Rule Definitions OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-13 Defining DHCP MAC Range Rules A DHCP MAC rang e rule is similar t o a DHCP MAC ad dress rule, but allows the user to specify a ra nge of MAC addresses. This is useful when it is necessary to de fine rules for a large number[...]
-
Página 182
Configuring VLAN Rule Definitions Defining VLAN Rules page 8-14 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Defining DHCP Generic Rules DHCP generic rules capture all DHCP traffic t hat does no t match an existing DHCP MAC or DHCP port rule. If none of th ese other rules exist, t hen all DHCP frames are captured regardle ss of t[...]
-
Página 183
Defining VLAN Rules Configuring VLAN Rule Definitions OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-15 How to Define a MAC-Por t-IP Address Binding Rule To define a MAC-po rt-IP address binding ru le, enter vlan followed by an exis ting VLAN ID then binding mac-ip-port followed by a valid MA C ad dress, IP address, and a slo[...]
-
Página 184
Configuring VLAN Rule Definitions Defining VLAN Rules page 8-16 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 How to Define a MA C-Por t Binding Rule To define a MAC-port binding rule, enter vlan followed by a n existing VLAN ID then bind ing mac-po rt followed by a valid MAC address and a slot/port designat ion. For example, the [...]
-
Página 185
Defining VLAN Rules Configuring VLAN Rule Definitions OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-17 How to Define a Por t -Pro tocol Binding Rule To define a port- protocol bind ing rule, enter vlan followed by an existi ng VLAN ID then binding port-protocol followed by a va lid MAC address, a slot/port designation and a [...]
-
Página 186
Configuring VLAN Rule Definitions Defining VLAN Rules page 8-18 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Defining MAC Range Rules A MAC range rule is simi lar to a MAC address rul e, but allows th e user to specify a ran ge of MAC addresses. Th is is useful wh en it is necessary t o define rules for a large nu mber of sequent[...]
-
Página 187
Defining VLAN Rules Configuring VLAN Rule Definitions OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-19 Use the no form of the vlan ip command to remove an IP network addr ess rule. -> vlan 1200 no ip 134.10.0.0 Defining IPX Network Address Rules IPX network addre ss rules capture frames tha t contain an IPX network addres[...]
-
Página 188
Configuring VLAN Rule Definitions Defining VLAN Rules page 8-20 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Defining Protocol Rules Protocol rules cap ture frames that contain a prot ocol type that matches the protocol value specified in the rule. There are several generic protoc ol parameter valu es to select from; IP Et hernet[...]
-
Página 189
Defining VLAN Rules Configuring VLAN Rule Definitions OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-21 Defining Custom (User) Rules A custom rule captures mobile port fra mes that contai n a specified pattern of data at a specified location. Custom rules require the u ser to specify the fo llowing parameter values: To define[...]
-
Página 190
Application Example: DHCP Rules Defining VLAN Rules page 8-22 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Application Example: DHCP Rules This application example shows how Dynamic Host Co nfiguration Protocol (D HCP) port an d MAC address rules are used in a DHCP-ba s ed netwo rk. DHCP is buil t on a client-serve r model in whi[...]
-
Página 191
Defining VLAN Rules Applica tion Example: DHCP Rules OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-23 The following tabl e summarizes th e VLAN architectu re and rules fo r all devices in this network co nfigu- ration. The di agram on the follo wing page il lustrates th is network configurat ion. Device VLAN Membership Rule [...]
-
Página 192
Application Example: DHCP Rules Defining VLAN Rules page 8-24 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 DHCP Port and MAC Rule Application Example OmniSwitch 6648 OmniSwitch 6648 OmniSwitch 6648 OmniSwitch 6648 OmniSwitch Client 1 DHCP Port Rule Client 2 DHCP Port Rule Client 3 DHCP Port Rule Client 4 DHCP Port Rule Client 5 D[...]
-
Página 193
Defining VLAN Rules Verifying VLAN Rule Co nfiguration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 8-25 V erifying VLAN Rule Configuration To display info rmation about VLAN rules co nfigured on t he switch, use the show commands li sted below: For more information abou t the resulting display from th is command, see t he Om[...]
-
Página 194
Verifying VLAN Rule Configuration Defining VLAN Rules page 8-26 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006[...]
-
Página 195
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 9-1 9 Configuring Por t Mapping Port Mapping is a security feature, which controls communic ation betwee n p eer users. Each session comprises a session ID, a set of user ports, and/or a set of network ports. The user port s within a session cannot communicate with eac h othe r and[...]
-
Página 196
Port Mapping Specifications Configuring Port Mapping page 9-2 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Por t Mapping Specifications Por t Mapping Defaults The following ta ble shows port ma pping default values. Quick Steps for Configuring Por t Mapping Follow the step s below for a quick tutori al on configur ing port mapping[...]
-
Página 197
Configuring Port Mappin g Creating/ Deleting a Port Mapping Session OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 9-3 Creating/Deleting a Por t Mapping Session Before port mapping can be used, it is necessary to creat e a port mapping session. The following subsec- tions describe how to cr eate and dele te a port mapping sessi[...]
-
Página 198
Enabling/Disabling a Port Mapping Session Configuring Port Mapping page 9-4 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Enabling/Disabling a Por t Mapping Session By default, the port mapping session will be disabl ed. The following subsections descri be how to enable and disable the port mapping sessi on with the port mapping co[...]
-
Página 199
Configuring Port Mappin g Sample Port Mapping Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 9-5 Sample Por t Mapping Configuration This section provi des an example port mapping netwo rk configuratio n. In addition , a tutorial is also included that provides steps on how to config ure the example port mappi ng se[...]
-
Página 200
Verifying the Port Mapping Configuration Configuring Port Mapping page 9-6 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Example Por t Mapping Configuration Steps The following ste ps provide a quick tutorial that configures t he port mapping sessi on shown in the diagram on page 9-5 . 1 Create two port mappin g sessions on Switch [...]
-
Página 201
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 10-1 10 Using Interswitch Pr otocols Alcatel Interswitch Proto col s (AIP) are used to di scover adja cent switches and retain mobile port informa- tion across switches. The foll owing protoco l is supported: • Alcatel Mapping Adjacency Prot ocol (AMAP), which is used to discover[...]
-
Página 202
AIP Specifications Using Interswitch Protocols page 10-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 AIP Specifications AMAP Defaults Sta ndards Not applica ble at this time. AM AP is Alcatel pro pri- etary protocol. Maximum number of IP addr esses propagated by AMAP 255 Parameter Description Command Default AMAP status amap Ena[...]
-
Página 203
Using Interswitch Protocols AMAP Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 10-3 AMAP Over view The Alcatel Mapping Adjacency Prot ocol (AMAP) is used to discover the topology of Om niSwitches or Omni S/Rs in a particul ar installation. Using this protocol, each switch determines which Om niSwitches or Omni S/Rs ar[...]
-
Página 204
AMAP Overview Using Interswitch Protocols page 10-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 The transmission states are illu strated here. Discover y T r ansmission State When AMAP is active, at startup al l act ive switch ports are in the discov ery transmission state. In this state, ports send out Hello pack ets and wait f[...]
-
Página 205
Using Interswitch Protocols Config uring A MAP OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 10-5 Common T ransmission and Remote Switches If an AMAP switch is connected to multiple AM AP switches via a h u b, the switch sends and receives Hello traffic to and from t he remote switc hes throug h the same port . If one of the r[...]
-
Página 206
Configuring AMAP Using Interswitch Protocols page 10-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuring the AMAP Common Timeout Inter val The common timeout in terval is used on ly in the common transmission state to det ermine the time int er- val between sending Hell o update packets. A switch se nds an update for a por[...]
-
Página 207
Using Interswitch Protocols Config uring A MAP OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 10-7 Displaying AMAP Information Use the show amap command to view a list of adjacent sw itches and the ir associated MAC addresses, interfaces, VLANs, and IP addresses. For remote switc hes that stop sending He llo packets a nd that a[...]
-
Página 208
Configuring AMAP Using Interswitch Protocols page 10-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 A simplified vi sual illustrati on of these conn ections is show n here for exampl e purposes only: See the OmniSwitch CLI Reference Guide for informatio n about the show amap command. OmniSwitch 7800 Remo te Sw it ch B 0020da:032c[...]
-
Página 209
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 11-1 11 Configuring 802.1Q 802.1Q is the IEEE standard for se gmenting networks into VLANs. 80 2.1Q segmentation is done by adding a specific tag to a packet. In this Chapter This chapter describ es the basic components of 802.1 Q VLANs and how to configur e them through the Comman[...]
-
Página 210
802.1Q Specifications Configuring 802.1Q page 11-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 802.1Q Specifications Note. Up to 4093 V LANs can be assigned to a tagged port or link aggregation group. However, each assignment coun ts as a sing le VL AN port associ ation. Once the maxi mum number of VLAN port associa- tions is re[...]
-
Página 211
Configuring 802.1Q 802.1Q Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 11-3 802.1Q Over view Alcatel’s 802.1Q is an IEEE sta ndard for sending fra mes through the network ta gged with VL AN identifi - cation. This chap ter details procedure s for configuring and mon itoring 802.1Q tag ging on a single port in a swi[...]
-
Página 212
802.1Q Overview Configuring 802.1Q page 11-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 The port can only be assigned to one unta gged VLAN (in every case, this w ill be the defa ult VLAN). In the example above the de fault VLA N is VLAN 1. The po rt can be assigned to as many 802.1Q VLANs as necessary, up to 4093 per port or 3[...]
-
Página 213
Configuring 802.1Q Configuring an 802.1Q VLAN OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 11-5 Configuring an 802.1Q VLAN The following sec tions detail p rocedures for crea ting 802.1Q V LANs and assigni ng ports to 802.1Q VLANs. Enabling T agging on a Port To set a port to be a tagged port, yo u must specify a VLAN identi [...]
-
Página 214
Configuring an 802.1Q VLAN Configuring 802.1Q page 11-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Enabling T agging with Link Aggregation To enable tag ging on link a ggregation g roups, enter t he link aggr egation group identification number in place of the slot and port number, as shown: -> vlan 5 802.1q 8 (For further i[...]
-
Página 215
Configuring 802.1Q Configuring an 802.1Q VLAN OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 11-7 Configuring the Frame T ype Once a port has been set to receive and send tagged fra mes, it will be able to receive or send tagged or untagged traffic. Tagged traffic wi l l be subject to 802.1Q rules, wh ile untagged traffic will [...]
-
Página 216
Configuring an 802.1Q VLAN Configuring 802.1Q page 11-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Show 802.1Q Information After configur ing a port or link aggregation group to be a tagged port, y ou can view the settings by using the show 802.1q command, as demonstrated: -> show 802.1q 3/4 Acceptable Frame Type : Any Frame[...]
-
Página 217
Configuring 802.1Q Application Example OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 11-9 Application Example In this section the steps to create 8 02. 1Q conne ctions between switches are show n. The following d iagram shows a simple n etwork employing 802.1Q on both regular ports and li nk aggrega- tion groups. The following[...]
-
Página 218
Application Example Configuring 802.1Q page 11-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 The following steps apply to Stack 2. They wil l attach port 2/1 to VLAN 2, and set the port to accept 802.1Q tagged traf fic only: 1 Create VLAN 2 by enteri ng vlan 2 as shown below (VLAN 1 is the defa ult VLAN for the switch): -> vl[...]
-
Página 219
Configuring 802.1Q Verifying 802.1Q Configuratio n OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 11-11 The following steps ap ply to Stack 3. They will at tach ports 4/1 and 4/2 as link aggregation gro up 5 to VLAN 3. 1 Configure stati c link aggregation grou p 5 by entering th e following: -> static linkagg 5 size 2 2 Assi[...]
-
Página 220
Verifying 802.1Q Configuration Configuring 802.1Q page 11-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 221
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-1 12 Configuring Static Link Aggregation Alcatel’s static link aggregation software allows yo u to combine several physi cal links into one lar ge virtual link know n as a link aggregation gro up . Using link aggregation can provide th e following b enefits: • Scalability . [...]
-
Página 222
Static Link Aggregation Specifications Configuring Static Link Aggregation page 12-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Static Link Aggregation Specifications The table below lists specifi cations for stat ic groups. Static Link Aggregation Default V alues The table belo w lists default values and th e comman ds to modi[...]
-
Página 223
Configuring Static Link Aggregati on Quick Steps for Configuring Static L ink Aggregation OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-3 Quick Steps for Configuring Static Link Aggregation Follow the steps belo w for a quick tutorial on conf iguring a static aggregate link betwe en two switches. Additional informat ion on [...]
-
Página 224
Quick Steps for Configuring Static Link Aggr egation Configuring Static Link Aggregation page 12-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Note. Optional . You can verify your static link aggregation settin gs with the show linkagg command. For example: -> show linkagg 1 Static Aggregate SNMP Id : 400000 01, Aggregate Num[...]
-
Página 225
Configuring Static Link Aggregation Static Link Aggregation Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-5 Static Link Aggregation Over view Link aggregati on allows yo u to combine 2, 4 , or 8 physic al connection s on a single sw itch or 2, 4, 8, or 16 links in a stac k into large vi rtual connecti ons known as [...]
-
Página 226
Static Link Aggregation Overview Co nfiguring Static Link Aggregation page 12-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Relationship to Other Features Link aggregat ion groups are supported by other switch software featu res. The fo llowing fe atures have C LI commands or comma nd parameters that support lin k aggregation : [...]
-
Página 227
Configuring Static Link Aggregation Configuring Static Link Aggregation Groups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-7 Configuring Static Link Aggregation Gr oups This section describes how t o use Alcatel’s Command Line Interface (CLI) comman ds t o configure static link aggregate groups. See “Configuring Manda[...]
-
Página 228
Configuring Static Link Aggregation Grou ps Configuring Static Link Aggregation page 12-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Creating and Deleting a Static Link Aggregate Gr oup The following subsections desc ribe how to create and dele te static lin k aggregate groups with th e static linkagg size command. Creating a S[...]
-
Página 229
Configuring Static Link Aggregation Configuring Static Link Aggregation Groups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-9 Adding and Deleting Por ts in a Static Aggregate Group The following su bsections desc ribe how to add and dele te ports in a static agg regate group with the static agg agg num command. Adding Por [...]
-
Página 230
Configuring Static Link Aggregation Grou ps Configuring Static Link Aggregation page 12-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 OmniSwitch 6624/660 0-U24/6600-P24 V alid Port Assignme nt Locations Number of Links (Aggregate Size) OmniSwitch 6624/6600-U24 /6600-P24 Maximum V ali d Port Assignme nt (Port Spee d) 2 1–2 (10/[...]
-
Página 231
Configuring Static Link Aggregation Configuring Static Link Aggregation Groups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-11 OmniSwitch 66 48 V alid Port Assi gnment Locations Number of Links (Aggregate Size) OmniSwitch 6648 Maximum V alid Port Assignment (Port Spee d) 2 1–2 (10/100) 9–10 (10/ 100) 17–18 (10/10 0) [...]
-
Página 232
Configuring Static Link Aggregation Grou ps Configuring Static Link Aggregation page 12-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 OmniSwitch 6624/660 0-U24/6600 -P24 V alid Port Con figuration Locations Number of Links (Aggregate Size) OmniSwitch 6602-24 Maximum V alid Port Configuration (Port Spee d) 2 1–2 (10/100) 9–10[...]
-
Página 233
Configuring Static Link Aggregation Configuring Static Link Aggregation Groups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-13 OmniSwitch 66 02-48 V alid Port Config uration Locations Number of Links (Aggregate Size) OmniSwitch 6602-48 Maximum V alid Port Configuration (Port Spee d) 2 1–2 (10/100) 9–10 (10/ 100) 17–1[...]
-
Página 234
Configuring Static Link Aggregation Grou ps Configuring Static Link Aggregation page 12-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 On an OmniSwitch 66 24 or 6600-U24 you must install either an OS6600 -GNI-C2 or OS6600-GNI- U2 expansion module in th e left-hand expansi on slot before you can use ports 25 and 26 for link aggreg[...]
-
Página 235
Configuring Static Link Aggregati on Modif ying Static Aggregation Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-15 Modifying Static Aggregation Gr oup Parameters This section describes how to modify the follo wing static aggregat e group parameters: • Static aggregate group name (see “M odifying the St[...]
-
Página 236
Application Example Configuring Static L ink Aggregation page 12-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Application Example Static link aggregation groups are tr eated by the switch’s software the same way it treat s individual physi - cal ports. Th is section demo nstrates this b y providing a sample network co nfigura[...]
-
Página 237
Configuring Static Link Aggregati on Application Example OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 12-17 5 Repeat steps 1 through 4 on Switch B. All the co mmands wou ld be the same except yo u would substi - tute the appropriat e port numbers. Note. Optional . Use the sho w 802.1q command to display 802.1Q confi gurations[...]
-
Página 238
Displaying Static Link Aggregation Con figuration and Statistics Configuring Static Link Aggregation page 12-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Displaying Static Link Aggregation Configuration and Statistics You can use Command Line Interface (CLI) show commands to display the current configuration and statistics of l[...]
-
Página 239
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-1 13 Configuring Dynamic Link Aggregation Alcatel’s dynamic l ink aggregation software allows you to combine severa l physical link s into one large virtual link know n as a link aggregation gro up . Using link aggregation can provide th e following b enefits: • Scalability [...]
-
Página 240
Dynamic Link Aggregation Specifications C onfiguring Dynamic Link Aggregation page 13-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Dynamic Link Aggregation Specifications The table below lists specifications for dynami c aggregation gr oups and ports: IEEE Specifications Su pported 802.3ad — Ag gregation of Multi ple Link Seg[...]
-
Página 241
Configuring Dynamic Link Aggregation Dy namic Link Aggregation Default Values OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-3 Dynamic Link Aggregation Default V alues The table below lists default values fo r dynamic aggregate groups. Parameter Description Command Default V alue/Comments Group Admi nistrative S tat e lacp l[...]
-
Página 242
Quick Steps for Configuring Dynamic Lin k Aggr egation Configuring Dynamic Link Aggregation page 13-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Quick Steps for Configuring Dynamic Link Aggregation Follow the steps below for a quic k tutorial o n configurin g a dynamic aggregate link between two switches. Additional informat io[...]
-
Página 243
Configuring Dynamic Link Aggregation Quick Step s for Configur ing Dynamic Link Aggregation OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-5 Note. As an option, you can verify your dynamic aggregat ion group settings with the show linkagg command on ei ther the act or or partner switch. For ex ample: -> show linkagg 2 Dyn[...]
-
Página 244
Quick Steps for Configuring Dynamic Lin k Aggr egation Configuring Dynamic Link Aggregation page 13-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 An example of what these commands look like entered sequentiall y on the command line on the partner switch: -> lacp linkagg 2 size 8 admin key 5 -> lacp agg 2/9 actor admin key [...]
-
Página 245
Configuring Dynamic Link Aggregation Dynamic Link Aggregation Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-7 Dynamic Link Aggregation Over view Link aggregati on allows yo u to combine 2, 4 , or 8 physic al connection s on a single sw itch or 2, 4, 8, or 16 links in a stac k into large vi rtual connecti ons known [...]
-
Página 246
Dynamic Link Aggregation Overview Co nfiguring Dynamic Link Aggregation page 13-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Example of a Dyna mic Aggr egate Gr oup Network Dynamic aggregate groups can be creat ed between tw o OmniSwitc h 6600 Family switches, between an OmniSwitch 6600 Family swi tch and an OmniSwitch 7700 /78[...]
-
Página 247
Configuring Dynamic Link Aggregation Dynamic Link Aggregation Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-9 Relationship to Other Features Link aggregation groups are supp orted by other switch software features. For ex ampl e, you can co nfigure 802.1Q tag ging on link aggregation g roups in additi on to configu[...]
-
Página 248
Configuring Dynamic Link Aggregate Groups Configuring Dynamic Link Aggregation page 13-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Dynamic Link Aggregate Gr oups This section describes how t o use Alcatel’s Command Line Inte rface (CLI) commands to create, modi fy, and delete dynamic aggregate g roups. See “Con[...]
-
Página 249
Configuring Dynamic Link Aggregation Conf iguring Dynamic Link Aggregate Gr oups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-11 Creating and Deleting a Dynamic Aggregate Group The following su bsections descri be how to crea te and delete dynamic aggregat e groups with t he lacp linkagg size command. Creating a Dynamic Ag[...]
-
Página 250
Configuring Dynamic Link Aggregate Groups Configuring Dynamic Link Aggregation page 13-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Por ts to Join and Removing Ports in a Dynamic Aggregate Group The following subsec tions describe how to co nfigure ports with the same admi nistrative key (which al lows them to be ag[...]
-
Página 251
Configuring Dynamic Link Aggregation Conf iguring Dynamic Link Aggregate Gr oups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-13 OmniSwitch 6624 /6600-U24/660 0-P24 V alid Port Configuratio n Locations Number of Links (Aggregate Size) OmniSwitch 66 24/6600-U24/6600-P24 Maximum V alid Port Configur ation (Port Spee d) 2 1?[...]
-
Página 252
Configuring Dynamic Link Aggregate Groups Configuring Dynamic Link Aggregation page 13-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 OmniSwitch 6648 V alid Port Configuratio n Location s Number of Links (Aggregate Size) OmniSwitch 6648 Maximum V alid Port Configuration (Port Spee d) 2 1–2 (10/100) 9–10 (10/ 100) 17–18 (10/[...]
-
Página 253
Configuring Dynamic Link Aggregation Conf iguring Dynamic Link Aggregate Gr oups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-15 OmniSwitch 6624 /6600-U24/660 0-P24 V alid Port Configuratio n Locations Number of Links (Aggregate Size) OmniSwitch 6602-24 Maximum V alid Port Configuration (Port Spee d) 2 1–2 (10/100) 9–1[...]
-
Página 254
Configuring Dynamic Link Aggregate Groups Configuring Dynamic Link Aggregation page 13-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 OmniSwitch 6602-48 V alid Port Configur ation Locations Number of Links (Aggregate Size) OmniSwitch 6602-48 Maximum V alid Port Configuration (Port Spee d) 2 1–2 (10/100) 9–10 (10/ 100) 17–18[...]
-
Página 255
Configuring Dynamic Link Aggregation Conf iguring Dynamic Link Aggregate Gr oups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-17 On an OmniSwitch 6624, 6600-U24 , or 6600-P24 yo u must install either an OS6 600-GNI-C2 or OS66 00- GNI-U2 expan sion module in the left-han d expansion sl ot before y ou can use port s 25 and 2[...]
-
Página 256
Configuring Dynamic Link Aggregate Groups Configuring Dynamic Link Aggregation page 13-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 As an option, you can use the ethernet , fastethernet , and gigaethernet keywords before the slot and port number to document t he interface type or make the command look consiste nt with early-ge [...]
-
Página 257
Configuring Dynamic Link Aggregation Mo difyin g Dynamic Link Aggregate Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-19 Modifying Dynamic Link Aggregate Gr oup Parameters The table on page 13 -3 lists default group and port settings fo r Alcatel’s dynamic link aggregation soft- ware. These paramet ers en[...]
-
Página 258
Modifying Dynamic Link Aggregate Group Para meters Configuring Dynamic Link Aggregation page 13-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 For example, to n ame dynamic aggregat e group 4 “Eng ineering” you w ould enter: -> lacp linkagg 4 name Engineering Note. If you want to spec ify spaces within a name, t he name mu[...]
-
Página 259
Configuring Dynamic Link Aggregation Mo difyin g Dynamic Link Aggregate Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-21 Deleting a Dynamic Aggregate Actor Administrative Key To remove an act or switch administ rative key from a dynamic aggrega te group’s configu ration use the no form of the lacp linkagg[...]
-
Página 260
Modifying Dynamic Link Aggregate Group Para meters Configuring Dynamic Link Aggregation page 13-22 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Restoring the Dynamic Aggre gate Gr oup Actor System ID To remove the use r-configured a ctor switch system ID from a dynamic aggregate grou p’s configuration use the no form of the lacp[...]
-
Página 261
Configuring Dynamic Link Aggregation Mo difyin g Dynamic Link Aggregate Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-23 For example, to reset t he partner system priority of dynamic agg regate group 4 to its default value you would enter: -> lacp linkagg 4 no partner syste m priority Modifying the Dynam[...]
-
Página 262
Modifying Dynamic Link Aggregate Group Para meters Configuring Dynamic Link Aggregation page 13-24 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. A port may belong to only one aggregate grou p. In addition, mobile ports cann ot be aggregated. See Chapter 7, “Assi gning Ports to VLANs,” for more informatio n on mobile ports[...]
-
Página 263
Configuring Dynamic Link Aggregation Mo difyin g Dynamic Link Aggregate Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-25 Note. Specifying none remove s all administrativ e states from the LACPDU co nfigurat ion. For example: -> lacp agg 5/49 actor admin state none For exampl e, to set bits 0 ( active ) a[...]
-
Página 264
Modifying Dynamic Link Aggregate Group Para meters Configuring Dynamic Link Aggregation page 13-26 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 For exampl e, to modify the system ID of dyn amic aggr egate actor po rt 3 in slot 7 to 00:20:da:06:ba:d3 you would enter: -> lacp agg 7/3 actor system id 00 :20:da:06:ba:d3 As an optio[...]
-
Página 265
Configuring Dynamic Link Aggregation Mo difyin g Dynamic Link Aggregate Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-27 Modifying the Actor Port Priority By default, the actor port priority (used to converge dynamic key changes) is 0. The follow ing subsec- tions describe how to confi gure a user-specified[...]
-
Página 266
Modifying Dynamic Link Aggregate Group Para meters Configuring Dynamic Link Aggregation page 13-28 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Modifying Dynamic Aggregat e Par tner Por t Parameters This section describ es how to modify the following d ynamic aggregate partner po rt parameters: • Partner port system admi nistrat[...]
-
Página 267
Configuring Dynamic Link Aggregation Mo difyin g Dynamic Link Aggregate Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-29 Note. Specifying none remove s all administrativ e states from the LACPDU co nfigurat ion. For example: -> lacp agg 7/49 partner admin sta te none For exampl e, to set bits 0 ( active [...]
-
Página 268
Modifying Dynamic Link Aggregate Group Para meters Configuring Dynamic Link Aggregation page 13-30 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. Since indivi dual bits with the LACPDU frame are set with the lac p agg partner admin state command you can set some bits on and restore other bits to de fault values wi thin the sam[...]
-
Página 269
Configuring Dynamic Link Aggregation Mo difyin g Dynamic Link Aggregate Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-31 Configuring the Partner Por t System ID You can configure the part ner port system ID by entering la cp agg , the slot numbe r, a slash ( / ), the port number, partner admin system id , a[...]
-
Página 270
Modifying Dynamic Link Aggregate Group Para meters Configuring Dynamic Link Aggregation page 13-32 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Restoring the Partner Por t System Priority To remove a user-c onfigured syste m priority from a dyna mic aggregate grou p partner port’s con figuration use the no form of the lacp agg p[...]
-
Página 271
Configuring Dynamic Link Aggregation Mo difyin g Dynamic Link Aggregate Group Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-33 For example, to modify the port priority o f dynamic aggregat e partner port 3 in sl ot 4 to 100 you would enter: -> lacp agg 4/3 partner admin port priority 100 As an option, you can [...]
-
Página 272
Application Examples Configuring Dynamic Link Aggregation page 13-34 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Application Examples Dynamic link aggregatio n groups are treated by the switch’s software th e same way it tr eats individu al physical ports.Th is section demonstrates this feature by providing sample netwo rk conf[...]
-
Página 273
Configuring Dynamic Link A ggregation Application Examples OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-35 Link Aggregation and Spanning T ree Example As shown in the figu re on page 13-34 , VLAN 10, which uses the Spanning Tree Protocol (S TP) with a priority of 15, has been configu red to use dynamic aggrega te group 7. [...]
-
Página 274
Application Examples Configuring Dynamic Link Aggregation page 13-36 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Link Aggregation and QoS Example As shown in the figu re on page 13-34 , VLAN 12, wh ich uses 802 .1Q frame tagg ing and 802. 1p prioritiza- tion, has bee n configured to use dynami c aggregate group 7. The actual phys[...]
-
Página 275
Configuring Dynamic Link A ggregation Application Examples OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-37 10 Repeat steps 1 through 9 on Switch C. All the co mmands wou ld be the same except yo u would substi - tute the appropriat e port numbers. Note. If you do not use t he qos apply command any QoS policies yo u configu[...]
-
Página 276
Displaying Dynamic Link Aggregation Configuration a nd Statistics Configuring Dynamic Link Aggregatio n page 13-38 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Displaying Dynamic Link Aggregation Configuration and Statistics You can use Command Line Interface (CLI) show commands to display the current configuration and statistics [...]
-
Página 277
Configuring Dynamic Link Aggregat ion Displaying Dynami c Link Aggregation Configuration and Statistics OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 13-39 A screen similar to the follow ing would be display ed: Dynamic Aggregable Port SNMP Id : 2001, Slot/Port : 2/1, Administrative State : ENABLED, Operational State : DOWN, P[...]
-
Página 278
Displaying Dynamic Link Aggregation Configuration a nd Statistics Configuring Dynamic Link Aggregatio n page 13-40 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 279
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-1 14 Configuring IP Internet Protocol (IP) is primarily a ne twork-layer (La yer 3) protoco l that contain s addressing and control information that en ables packets to be forwarded. Al ong with Transmi ssion Contro l Protocol (TCP), IP represents the heart of the Internet proto[...]
-
Página 280
IP Specifications Configuring IP page 14-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 • Managing IP – “Internet Control M essage Protocol (ICMP)” on page 14-19 – “Using the Ping Command” on page 14-23 – “Tracing an IP Route” on page 14 -23 – “Displayin g TCP Information” o n page 14-23 – “Displayin[...]
-
Página 281
Configuring IP Quick Steps for Configuring IP Forwarding OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-3 Quick Steps for Configuring IP For warding Using only IP, which is always enabled on the switch, devi ces connected to ports on the same VLAN are able to commun icate at Laye r 2. The initi al configur ation for all Alca[...]
-
Página 282
IP Overview Configuring IP page 14-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 IP Over view IP is a network-layer (Laye r 3) protocol t hat contains add ressing and control information t hat enables packets to be forwarded on a netwo rk. IP is the prim ary network-layer pro tocol in t he Internet protocol suite. Along with TC [...]
-
Página 283
Configuring IP IP Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-5 Additional IP Protocols There are several additional IP-relate d protocols that may be used with IP forwarding. These protocols are included as part of the base code. • Address Resolution Prot ocol (ARP)—Used to matc h the IP address of a device [...]
-
Página 284
IP Forwarding Configuring IP page 14-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 IP For warding Network device traffic is br idged (switched) at the Layer 2 level between ports that are assig ned to the same VLAN. However, if a devic e n eeds to communicate with another de vice that belongs to a different VLAN, then Layer 3 ro[...]
-
Página 285
Configuring IP IP Forwarding OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-7 Configuring an IP Router Inter face IP is enabled by de fault. Using IP, devices connec ted to ports on the same VLAN are able to communi- cate. Howe ver, to forwa rd packets to a different VLA N, you must cr eate an IP route r interface on each VL[...]
-
Página 286
IP Forwarding Configuring IP page 14-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Note. Assign only ports to th e VLAN th at are ca pable of handling t he MTU size restrictions configured for the IP interface(s) asso ciated with the VLAN. For example, if an interface MTU size is gre ater than 1500, do not assign 10/100 Ethernet[...]
-
Página 287
Configuring IP IP Forwarding OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-9 Creating a Static Route Static routes are user-def in ed and carry a hi gher priority tha n routes created b y dynamic routing proto- cols.That is, stat ic routes always ha ve priority over dyn amic routes regardless o f the metric val ue. Static r[...]
-
Página 288
IP Forwarding Configuring IP page 14-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Address Resolution Protocol (ARP) To send packets on a locally connect ed network, the switch use s ARP to matc h the IP address of a devi ce with its physical (MAC) address. To send a data packet to a dev ice with whic h it has not p [...]
-
Página 289
Configuring IP IP Forwarding OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-11 Note. You can also use the no arp command to delete a dynami c entry from the table. Clearing Dynamic ARP Entries Dynamic entries can be cleared using t he clear arp-cache command. This command c lears all dynamic entries. Permanent entrie s must [...]
-
Página 290
IP Forwarding Configuring IP page 14-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 • An IP mask (e. g. 255.0.0.0 ) used to identi fy which pa rt of the ARP pa cket IP address is compa red to the filter IP address. • An optional VLAN ID to specify tha t the filter is only app lied to ARP packets from t hat VLAN. • Which ARP[...]
-
Página 291
Configuring IP IP Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-13 IP Configuration IP is enabled on the switch by de fault and th ere are few option s that can, or ne ed to be, c onfigured. This section provides instruct ions for some basic IP configurat ion options. Configuring the Router Primar y Address Th[...]
-
Página 292
IP Configuration Configuring IP page 14-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 IP-Directed Broadcasts An IP directed broadcast is an IP datagram th at has al l zeroes or a ll 1’s in the ho st portion of the destina- tion IP address. The packet is sent t o the broadcast add ress of a subnet to which t he sender is not di[...]
-
Página 293
Configuring IP IP Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-15 • Trap generation . If the total penalty v alue exceeds th e set port scan p enalty value threshold, a tra p is generated to alert the administrator tha t a port scan may be in progress. For example, imagine that a switch is se t so that TCP [...]
-
Página 294
IP Configuration Configuring IP page 14-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 In the next minute, 10 more T CP and UDP closed po rt packets are rec eived, along with 200 UDP open port packets. Th is would bring the total penalty valu e to 4300, as sh own with th e following eq uation: (100 previous minute value) + (10 TC[...]
-
Página 295
Configuring IP IP Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-17 Setting the Port Scan Penalty V alue Threshold The port scan pena lty value t hreshold is the h ighest point a the total pe nalty value for t he switch can reach before a trap is generated in forming the administrator that a port scan is in pro[...]
-
Página 296
IP Configuration Configuring IP page 14-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 The following ta ble lists ip servic e command options for specifying TCP/ UDP services and also includes the well-known port number a ssociated with each service: service port ftp 21 ssh 22 telnet 23 http 80 secure-http 44 3 avlan-http 260 avl[...]
-
Página 297
Configuring IP Managing IP OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-19 Managing IP The following sec tions descri be IP commands th at can be used t o monitor and trouble shoot IP forward ing on the switch. Internet Control Message Pr otocol (ICMP) ICMP is a network layer protocol with in the IP protocol suite that pro[...]
-
Página 298
Managing IP Configuring IP page 14-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Activating ICMP Contr ol Messages ICMP messages are ident ified by a type and a code . This number pa ir speci fies an ICMP message. For example, ICMP type 4, code 0, speci fies the source quench ICMP message. To enable or disable an IC MP message, [...]
-
Página 299
Configuring IP Managing IP OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-21 In additi on to th e icmp type command, several common ly used ICMP messages have been separate CLI commands for co nvenience . These comman ds are listed below with th e ICMP messag e name, type, and code: These commands are entered as the icmp typ[...]
-
Página 300
Managing IP Configuring IP page 14-22 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Setting the Minimum Packet Gap The minimum packet g ap is the time required between se nding messages of a like type. For instan ce, if the minimum packet gap for Ad dress Mask request messa ges is 40 microseconds, and an Address Mask message is sen[...]
-
Página 301
Configuring IP Managing IP OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 14-23 Using the Ping Command The ping command is used to test whethe r an IP destination can be reach ed from the loc al switch. This command sends an ICMP e cho request to a destination an d then waits for a reply. To p ing a destination , enter the ping[...]
-
Página 302
Verifying the IP Configuration Configuring IP page 14-24 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Displaying UDP Information UDP is a secondary transport-laye r pr otocol that uses IP for del ivery. UDP is not connection-o riented and does not prov ide reliable end-to-end de livery of data grams. But some appl ications can saf[...]
-
Página 303
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 15-1 15 Configuring IPv6 Internet Protocol version 6 (IPv6) is the ne xt generation of Internet Pr otocol version 4 (IPv4 ). Both versions are support ed along with the abilit y to tunnel IPv6 traffic over IPv4 . Implementing IPv6 solves the limited address problem currently fac in[...]
-
Página 304
IPv6 Specifications Configur ing IPv6 page 15-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 IPv6 Specifications IPv6 Defaults The following ta ble lists the de faults for IPv6 confi guration thro ugh the ip command. RFCs Supported 2460– Inte rnet Protoc ol, Version 6 (IPv6) Specifica tion 2461– Neighbor Discovery for IP Vers[...]
-
Página 305
Configuring IPv6 Quick Steps for Configuring IPv6 Routing OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 15-3 Quick Steps for Configuring IPv6 Routing The following tuto rial assumes that VLAN 200 and VLAN 300 already exist in the switch conf iguration. For information abo ut how to configure VLANs, see Chapter 4, “Configurin[...]
-
Página 306
IPv6 Overview Configur ing IPv6 page 15-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 IPv6 Over view IPv6 provides the b asic functiona lity that i s offered with IPv4 but includes the fol lowing enhance ments and features not available with IPv4: • Increased IP address size —IPv6 uses a 128-bit address, a subs tantial incre[...]
-
Página 307
Configuring IPv6 IPv6 Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 15-5 IPv6 Addressing One of the main differences between IP v6 and IPv4 is that the address si ze increased from 32 bits to 128 bits. Going to a 128-bit addre ss also increases th e si ze of the address space to the point wher e runnin g out of IPv6 a[...]
-
Página 308
IPv6 Overview Configur ing IPv6 page 15-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Since the last four words of the ab ove a ddress are uncompressed values, th e double colo n indicates tha t the first four words of the address all conta in zeros. Note that using the double colon is only allowed once within a single address. [...]
-
Página 309
Configuring IPv6 IPv6 Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 15-7 Stateless autoconfig uration is not a vailable for a ssigning a global unicast or an ycast address to an IPv6 interface. In other words, manu al configuratio n is required to a ssign a non-li nk-local add ress to an inte r- face. See “Assign in[...]
-
Página 310
IPv6 Overview Configur ing IPv6 page 15-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 6to4 Site to 6to4 Site over IPv4 Domain In this scenario, isolated IPv6 sites have connecti vity over an IPv4 network through 6to4 bor der routers. An IPv6 6to4 tunn el interface is configur ed on each border router an d assigned an IPv6 addr e[...]
-
Página 311
Configuring IPv6 IPv6 Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 15-9 In the above diagram: 1 6to4 relay router ad vertises a route to 2002:: /16 on its IPv6 router interface. 2 IPv6 host traffic received by the relay route r that has a n ext hop address that mat ches 2002::/16 i s routed to the 6to4 tunnel interfa[...]
-
Página 312
Configuring an IPv6 Interface Configuring IPv6 page 15-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring an IPv6 Inter face The ipv6 interface command is used t o create an IPv6 interfac e for a VLAN or a tunn el. Note the fo llow- ing when configuring an IPv6 interface: • A unique inte rface name is re quired for b ot[...]
-
Página 313
Configuring IPv6 Configuring an IPv6 Interface OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 15-11 Use the show ipv6 interf ace command to verify t he interface configu ration for the swit ch. For more info r- mation about this command, see the OmniSwitch CLI Reference Guide. Modifying an IPv6 Inter face The ipv6 interface com[...]
-
Página 314
Assigning IPv6 Addresses Configur ing IPv6 page 15-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Assigning IPv6 Addresses As was previously mentione d, when an IPv6 interface is crea ted for a VLAN or a configured tunnel, an IPv6 link-local a ddress is automatical ly created for that interface. This is also true when a devic e, [...]
-
Página 315
Configuring IPv6 Assigning IPv6 Addresses OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 15-13 Removing an IPv6 Address To remove an IPv6 address from an interfac e, use the no form of the ipv6 address command. -> no ipv6 address 4100:1000::20/6 4 v6if-v200 Note that the subnet router a nycas t address is automat ically dele[...]
-
Página 316
Configuring IPv6 Tunnel Interfaces Configuring IPv6 page 15-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring IPv6 T unnel Inter faces There are two type s of tunnels supp orted: 6to4 and conf igured . Both types fa cilitate the interaction of IPv6 with IPv4 networks by pr oviding a mechanism for car r ying IPv6 traffic [...]
-
Página 317
Configuring IPv6 Verifying the IPv6 Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 15-15 V erifying the IPv6 Configuration A summary of the show command s used for veri fying the IPv 6 configuration is given h ere: For more information abou t the display s that resu lt from these co mmands, see the OmniSwitch CLI [...]
-
Página 318
Verifying the IPv6 Configuration Configuring IPv6 page 15-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 319
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 16-1 16 Configuring RIP Routing Information Prot ocol (RIP) is a widely used Interior G ateway Protocol (IGP) th at uses hop count as its routin g metric. RIP-enab led routers update neighbo ring routers by transmitting a copy of their own routing table. The RIP rout ing table uses[...]
-
Página 320
RIP Specifications Configuring RIP page 16-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 RIP Specifications RIP Defaults The following table list s the defaults for RI P configuratio n through the ip ri p command. RFCs Supported RFC 1058–RIP v1 RFC 2453–RIP v2 RFC 1722–RIP v2 Prot ocol Applica bility S tatement RFC 1724–[...]
-
Página 321
Configuring RIP Quick Steps for Configuring RIP R outing OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 16-3 Quick Steps for Configuring RIP Routing To forward packets to a devic e on a different VLAN , you must create a router port on each VLAN. To route packets u sing RIP, you must en able RIP and create a RIP interface on th[...]
-
Página 322
RIP Overview Configuring RIP page 16-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 14 Use the ip rip redist-filter command to redistribute all local routes. For example: -> ip rip redist-filter local 0.0. 0.0 0.0.0.0 15 Enable RIP redistri bution using the ip rip redist status command. For example: -> ip rip redist status [...]
-
Página 323
Configuring RIP RIP Routing OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 16-5 RIP deletes rout es from the database if th e next switch to that destinati on says the route co ntains more than 15 hops. In addition, all ro utes through a gateway are delete d by RIP if no updates are received from that gateway for a specified ti[...]
-
Página 324
RIP Routing Configuring RIP page 16-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 RIP Routing Loading RIP When the switch i s initially co nfigured, RIP must be l oaded into switc h memory. Use th e ip load rip command to load RIP. To remove RIP from switch memo ry, you must manually ed it the boot.cfg file. The boot.cfg file is[...]
-
Página 325
Configuring RIP RIP Routing OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 16-7 Creating a RIP Inter face You must create a RIP interfa ce on a VLAN’s IP router p ort to enable RI P routing. Ente r the ip rip inter- face command followed by the IP ad dress of the VLAN ro uter port. For example, to create a RIP i nter- face on[...]
-
Página 326
RIP Routing Configuring RIP page 16-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuring the RIP In terface Receive Option The RIP receive option defi nes the type(s) of RIP packets that the interface wi ll accept. Using thi s command will overri de RIP default behavior. Other de vices must be able to inte rpret the info rm[...]
-
Página 327
Configuring RIP RIP Opti ons OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 16-9 RIP Options The following sec tions detail p rocedures for config uring RIP option s. RIP must be load ed and enabled o n the switch before you can configu re any of the RIP configurati on options. Configuring the RIP Forced Hold-down Inter val The[...]
-
Página 328
RIP Redistribution Configuring RIP page 16-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 3 Configuring a RIP Redistribut ion Filter – Creating a Filter – Configuri ng a Redistributio n Filter Action (o ptional) – Configuri ng a Redistribut ion Metric (opti onal). Enabling RIP Redistribution Use the ip rip redist status com[...]
-
Página 329
Configuring RIP RIP Redistribution OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 16-11 Configuring a Redistribution Metric When redist ributing routes into RIP, th e metric for th e redistributed route is calcula ted as a summation of the route’s met ric and the corre sponding metric in the redistrib ution polic y. This is t[...]
-
Página 330
RIP Redistribution Configuring RIP page 16-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Creating a Redistribution Filter Use the ip rip redist-filter command to create a RIP redist ribution fi lter. Enter the command, the ro ute type, and destin ation IP address and mask of the traffic you w ant to redi stribute. Only ro utes m[...]
-
Página 331
Configuring RIP RIP Redistribution OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 16-13 Configuring a Redistribu tion Filter Metric You can priori tize redistribu tion of route ty pes to a net work by assig ning a metric val ue to a route t ype(s). The default re distribution filter met ric is 1. How ever, you can low er the pr[...]
-
Página 332
RIP Security Configuring RIP page 16-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 RIP Security By default, th ere is no authen tication u sed for a RIP. Ho wever, you can configure a password for a RIP interface. To c onfigure a pa ssword, you must first select the authentication type (simple or MD5), then configure a passwo rd[...]
-
Página 333
Configuring RIP Verifying the RIP Co nfiguration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 16-15 Configuring Passwords If you configure si mple or MD5 aut hentication y ou must configure a t ext string that will be used a s the password for the R IP interface. If a pa ssword is used, all switches tha t are intend ed to com[...]
-
Página 334
Verifying the RIP Configuration Configuring RIP page 16-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 335
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 17-1 17 Configuring RDP The Router Discov ery Protocol (RDP) is an extensio n of ICMP that allows end hosts to dis cover routers on their networks. Th is implementation of R DP suppor ts th e router requ irements as defi ned in RFC 12 56. In This Chapter This chapter describes the [...]
-
Página 336
RDP Specifications Configuring RDP page 17-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 RDP Specifications RDP Defaults RFCs Supported RFC 1256–ICMP Route r Discovery Messages Router advertisem ents Supported Host solicitations Only responses to solicita tions support ed in this release. Maximum number of RDP interfaces per s[...]
-
Página 337
Configuring RDP Quick Steps for Configuring RDP OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 17-3 Quick Steps for Configuring RDP Configuring RDP i nvolves enabling RDP operation on the switch and creating RDP interfa ces to adver- tise VLAN route r IP addres ses on the LAN. Ther e is no ord er of config uration involved. F o[...]
-
Página 338
Quick Steps for Configuring RDP Configuring RDP page 17-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 -> show ip router-discovery interface Marketing Name = Marketing, IP Address = 11.255.4.1, IP Mask = 255.0.0.0, IP Interface status = Enabled, RDP Interface status = Enabled, VRRP Interface status = Disabled, Advertisement ad[...]
-
Página 339
Configuring RDP RDP Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 17-5 RDP Over view End hosts (clients) sen ding traffic to other n etworks need to forward their traffic to a router. In order to do this, hosts need t o find out if one or more ro uters ex ist o n their LAN and learn th eir IP addresses. One way to dis[...]
-
Página 340
RDP Overview Configuring RDP page 17-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 RDP Inter face s An RDP interface is created by enabling RDP on an IP router interface. Onc e en abled, the RDP interface becomes active and joins the all -ro uters IP mult icast group (224.0 .0.2). The interface then transmits 3 initial router ad[...]
-
Página 341
Configuring RDP RDP Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 17-7 Security Concerns ICMP RDP packets are not authenticated, whic h ma kes th em vulnerable to th e following attac ks: • Passive monitoring —Attackers can use RDP to re-route traffi c from vulnerable sy stems through the attacker’s sy stem. Thi[...]
-
Página 342
Enabling/Disabling RDP Configuring RDP page 17-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Enabling/Disabling RDP RDP is included in t he base softwa re and is av ailable when th e switch starts up . However, by defa ult this feature is no t operationa l until it is enab led on the swit ch. To enable RDP operatio n on the swit[...]
-
Página 343
Configuring RDP Creating an RDP Interface OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 17-9 When an RDP interface is created, it is automatical ly config ured with the following defau lt paramete r values: It is only necessary t o change the abo ve parameter value s if the defa ult value is no t sufficient . The follow- ing s[...]
-
Página 344
Creating an RDP Interface Configuring RDP page 17-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Setting the Maximum Advertisement Inter val To set the maximum amo unt of time, in secon ds, that RDP wi ll allow between adv ertisements, use the ip router-discovery interfa ce max-advertisement-interval command. Fo r example , the f[...]
-
Página 345
Configuring RDP Verifying the RDP Co nfiguration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 17-11 Setting the Preference Levels for Router IP Addresses A preferen ce level is a ssigned to ea ch router IP ad dress contai ned within a n advertise ment pack et. Hosts will select the IP ad dress with th is highest prefere nce l[...]
-
Página 346
Verifying the RDP Configuration Configuring RDP page 17-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 347
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-1 18 Configuring DHCP Relay The User Datagram Protocol (UDP) is a conn ectionless transpo rt protocol that runs on top of IP ne tworks. The DHCP Relay allows you to use nonroutable protocols (such as UDP) in a routing envir onment. UDP is used for applications that do not requir[...]
-
Página 348
DHCP Relay Specifications Configuring DHCP Relay page 18-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 DHCP Relay Specifications The following ta ble lists specifica tions for th e DHCP Relay. RFCs Supported 0951–Bootstrap Protocol 1534–Inter operation Between DHCP an d BOOTP 1541–Dynami c Host Configur ation Protoco l 154[...]
-
Página 349
Configuring DHCP Relay DHCP Relay Defaults OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-3 DHCP Relay Defaults The following tabl e describes the defa ult values of th e DHCP Relay parameters. Parameter Description Comma nd Default V alue/Comments Default UDP service. ip udp relay BOOTP/DHCP Forward delay time value for DHC[...]
-
Página 350
Quick Steps for Setting Up DHCP Relay Configuring DHCP Relay page 18-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Quick Steps for Setting Up DHCP Relay You should config ure DHCP Relay on switches wh ere packets are rout ed between IP ne tworks. There is no separat e command for enabl ing or disabling t he relay servic e. DHCP [...]
-
Página 351
Configuring DHCP Relay DHCP Relay Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-5 DHCP Relay Over view The DHCP Relay service, its correspond ing port numbers, and con figurable options are as follows: • DHCP Relay Service: BOOTP/DHCP • UDP Port Numbers 6 7/68 for Request/ Response • Configurable opti ons: DH[...]
-
Página 352
DHCP Relay Overview Configuring DHCP Relay page 18-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 DHCP and the OmniSwitch The unique characteristi cs of the DHCP protocol requ ire a good plan be fore setting up the switch in a DHCP environment. Since DHCP clients initially have no IP address, placeme nt of these clients in a VLAN[...]
-
Página 353
Configuring DHCP Relay DHCP Relay Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-7 External DHCP Relay Application The DHCP Relay may be configured on a router that is external to the switch. In this app licati on exampl e the switched ne twork has a single VLAN configured with mu ltiple segments. A ll of the n etwo[...]
-
Página 354
DHCP Relay Overview Configuring DHCP Relay page 18-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Internal DH CP Relay The intern al DHCP R elay is configur ed using the UDP forwarding feature in the switch, avail able through the ip helper address command. For more information, see “DHCP Relay Imple mentation” o n page 18-9 [...]
-
Página 355
Configuring DHCP Relay DHCP Relay Implementation OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-9 DHCP Relay Implementation The OmniSwitch allows you t o configure the DHCP Re lay feature in one of tw o ways. You can set up a global DHCP request or you can set up the DHCP Re lay based on the VLAN of the DHCP request. Bo th o[...]
-
Página 356
DHCP Relay Implementation Configuring DHCP Relay page 18-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Per-VLAN DHCP For the Per-VLAN DHCP service , you must identif y the number of the VLAN th at makes the relay request. Identifying the VLAN You may enter one or more server IP addresses to which p ackets will be sent from a spe[...]
-
Página 357
Configuring DHCP Relay DHCP Relay Implementation OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-11 Setting the For ward Delay Forward Delay is a time period that gives the local se rver a chance to respond to a client before the relay forwards it further out in the netw ork. The UDP packet that t he client sends contains the[...]
-
Página 358
Using Automatic IP Configuratio n Configuring DHCP Relay page 18-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Using Automatic IP Configuration An additional functio n of the DHCP Relay feature enables a switch to broadc ast a BootP or DHCP request packet at boot time to ob tain an IP address for default VLAN 1. Th is function i[...]
-
Página 359
Configuring DHCP Relay Configuring UDP Port Relay OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-13 Configuring UDP Por t Relay In addition to configuring a relay operatio n for BOOTP/DHCP traf fic on the switc h, it is also possi ble to configure rel ay for generic UD P se rvice ports (i.e., NBN S/NBDD, othe r well-known UD[...]
-
Página 360
Configuring UDP Port Relay Configuring DHCP Relay page 18-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Enabling/Disabling UDP Por t Relay By default, a global relay operation i s enabled for BOOTP/DHCP relay well-known ports 67 and 68, which becomes active when an IP network host addre ss for a DHCP server is sp ecified. To ena[...]
-
Página 361
Configuring DHCP Relay Configuring DHCP Security Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-15 Configuring DHCP Security Features There are two DHCP security features avai lable: DHCP re lay agent info rmation optio n (Optio n-82) and DHCP Snooping. The DHCP Opti on-82 feature enables th e relay agent to insert [...]
-
Página 362
Configuring DHCP Security Features Configuring DHCP Relay page 18-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 How the Relay Agent Processes DHCP Packets fr om the Client The following table describes how th e relay agent processes DHCP packet s received from client s when the Option-82 feature is e nabled for the switch: How t[...]
-
Página 363
Configuring DHCP Relay Configuring DHCP Security Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-17 Enabling the Relay Agent Information Option-82 Use the ip helper a gent-infor mation command to enable the DHCP Opti on-82 feature for the switch. For example: -> ip helper agent-information ena ble This same comman[...]
-
Página 364
Configuring DHCP Security Features Configuring DHCP Relay page 18-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 When DHCP Snooping is fi rst enabled, all ports are con sidered untr usted. It is important to then config ure ports connected to a DHCP server inside the network as a truste d port. See “Configuring th e Port Trust [...]
-
Página 365
Configuring DHCP Relay Configuring DHCP Security Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-19 • Make sure th at Option-8 2 data insert ion is alway s enabled a t the switch o r VLAN level. See “Enabling DHCP Snooping” on page 18-19 for more information. • The DHCP sever must su pport the Option-82 featu[...]
-
Página 366
Configuring DHCP Security Features Configuring DHCP Relay page 18-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 VLAN-Level DHCP Snooping To enable DHCP Snooping at the VLAN level, use the ip helper dhcp-snooping vlan command. For example, the following command enables DHCP Snooping for VLAN 200: -> ip helper dhcp-snooping vla[...]
-
Página 367
Configuring DHCP Relay Configuring DHCP Security Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-21 Note it is necessa ry to configure po rts that are connected to DHCP serv ers within the network and/or fire- wall as truste d ports so that necessary DHCP tr affic to /from the server is not bloc ked. Configurin g the[...]
-
Página 368
Configuring DHCP Security Features Configuring DHCP Relay page 18-22 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Synchronizing the Binding T able To synchronize the contents of t he dhcpBinding.db file with the bi nding table contents that resi des in memory, use the ip helper dhcp-snoo ping b inding action command. This command [...]
-
Página 369
Configuring DHCP Relay Verifying the DHCP Relay Co nfiguration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 18-23 V erifying the DHCP Relay Configuration To display information about the DHCP Relay and BOOTP/DHCP, use the show commands listed below. For more information about the resulting di splays from these c ommands, see [...]
-
Página 370
Verifying the DHCP Relay Configuration Configuring DHCP Relay page 18-24 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 371
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-1 19 Configuring VRRP The Virtual Route r Redundancy Pro tocol (VRRP) is a standard router redu ndancy protoco l supported in IP version 4. It is based on RFC 2338 an d provides redundancy by eliminating the single poi nt of failure inherent in a default route environment. In Th[...]
-
Página 372
VRRP Specifications Configuring VRRP page 19-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 VRRP Specifications VRRP Defaults The following ta ble lists the de faults for VRRP con figuration th rough the vrrp command and the rele vant command keywords: In addition, other defa ults fo r VRRP include: RFCs Supported RFC 2338–V ir[...]
-
Página 373
Configuring VRRP Quick Steps for Creating a Virtual Router OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-3 Quick Steps for Creating a V ir tual Router 1 Create a virtual router. Specify a virtual ro uter ID (VRID) and a VLAN ID. For example: -> vrrp 6 4 The VLAN must alre ady be created o n the switch. Fo r information a[...]
-
Página 374
VRRP Overview Configuring VRRP page 19-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 VRRP Over view VRRP allows rou ters on a LAN to ba ck up a defau lt route. VRRP dyn amically assi gns responsibi lity for a virtual router to a physical router (VRRP ro uter) on th e LAN. The virtual router is associated with an IP address (or s[...]
-
Página 375
Configuring VRRP VRRP Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-5 If OmniSwitch A becomes unavai lable, Omn iSwitch B beco mes the master r outer. OmniSwit ch B will then respond to ARP requests for IP addre ss A using the virtual router’s MAC address (00:00:5E:00:01 :01). It will also forward p ackets for IP[...]
-
Página 376
VRRP Overview Configuring VRRP page 19-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 If backup routers are configured with priori ty values th at are close in value, there may be a ti ming confli ct, and the first backup to take over may not be the one wi th the highest priority; a back up with a high er prior- ity will then pre[...]
-
Página 377
Configuring VRRP Interaction With Other Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-7 VRRP T racking A virtual router’s prior ity may be conditionally modified to prevent ano ther router from ta king over as master. Tracking policies are used to condit ionally modify the priority setting whenever a VLAN, slot/ [...]
-
Página 378
Configuration Overview Configuring VRRP page 19-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuration Over view VRRP is part of the base software . At startup, VRRP is loaded onto the switch and is enabled. Virtual routers must first be configured and enabled as desc ribed in the sections . Since VRRP is implemen ted on mu[...]
-
Página 379
Configuring VRRP Configuration Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-9 • Preempt mode . By default, p reempt mode is e nabled. Use no preempt to turn it off, and preempt to turn it back on. For more informati on about the p reempt mode, see “Setting Preemp tion for Virtua l Routers” on page 19-11 . ?[...]
-
Página 380
Configuration Overview Configuring VRRP page 19-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring the Adver tisement Inter val The advertisement interval is c onfigurable, b ut all vi rtual routers with the same VR ID should be confi g- ured with the same va lue. Mismatched values will create network problems. If you cha[...]
-
Página 381
Configuring VRRP Configuration Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-11 In the above example, virtual router 6 is disabled. (If you are modi fying an existi ng virtual ro uter, the virtual router m ust be disabled b efore it m ay be modified.) The virtual ro uter priority is then set to 50. The priority val[...]
-
Página 382
Configuration Overview Configuring VRRP page 19-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 A virtual router must be disabled before it may be modified. Use the vrrp command to disable the virtual router first; then use the command agai n to modify the parameters. For example: -> vrrp 7 3 disable -> vrrp 7 3 priority 200[...]
-
Página 383
Configuring VRRP Configuration Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-13 Creating T racking Policies To create a tracking poli cy, use the vrr p track command and specify the amou nt to decrease a virt ual router’s priority an d the slot/port, IP address, or IP int erface name to b e tracked. For ex ample:[...]
-
Página 384
Verifying the VRRP Configuration Configuring VRRP page 19-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 V erifying the VRRP Configuration A summary of the show commands used for verifying the VRRP co nfiguration is given h ere: For more information abou t the displays that result fro m these command s, see the OmniSwitch CLI Ref[...]
-
Página 385
Configuring VRRP VRRP Application Example OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-15 VRRP Application Example In addition to pro viding redund ancy, VRRP can assist in load balan cing outgoin g traffic. The figu re below shows two virtual rou ters with th eir hosts splitting traffic between t hem. Half of the hosts ar[...]
-
Página 386
VRRP Application Example Configuring VRRP page 19-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. The same VRRP configuration mu st be set up on each OmniSwitch 6600 stack. The VRRP router that contains, or owns, the IP address will automatica lly become the ma ster for that virtua l router. If the IP address is a virtual a [...]
-
Página 387
Configuring VRRP VRRP Application Example OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 19-17 VRRP T racking Example The figure below sh ows two VRRP routers with two virtu al routers backing up one IP address on each VRRP router respectivel y. Virtual router 1 serves as the defau lt gateway on Om niSwitch A for clien ts 1 and[...]
-
Página 388
VRRP Application Example Configuring VRRP page 19-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. The preempt o ption must be enabled on virtual r outer 1; otherwise the origi nal master will not be able to take over. See “Setting Preemption for Virtual Routers” on page 19 -11 for more information about enabling preempti[...]
-
Página 389
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-1 20 Managing Authentication Ser vers This chapter desc ribes authent ication servers a nd how th ey are used with t he swit ch. The types of servers described include Remote Authent ication Dial-In Us er Service (RADIUS), Lightweight Directory Access Protocol (LDAP), and SecurI[...]
-
Página 390
Authentication Server Specification s Managing Authentication Servers page 20-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Authentication Ser ver Specifications RADIUS RFCs Supported RFC 2865–Remote Authenticatio n Dial In User Service (RADIUS) RFC 2866–RADIUS Acco unting RFC 2867–RADI US Accounting Mo difications for T u[...]
-
Página 391
Managing Authentication Servers Server Defaults OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-3 Ser ver Defaults The defaults for authentica tion server configuration on the swit ch are listed in the t ables in the n ext sections. RADIUS Authentication Ser vers Defaults for the aaa radius-server co mmand are as follo ws: * [...]
-
Página 392
Quick Steps For Configuring Authentication Servers Managing Auth entication Servers page 20-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Quick Steps For Configuring Authentication Ser vers 1 For RADIUS or LDAP servers, config ure user attribute informati on on the servers. See “RADIUS Servers” on page 20-9 and “LDAP Serve[...]
-
Página 393
Managing Authentication Servers Se rver Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-5 Ser ver Over view Authentication servers are somet imes referred to as AAA servers (authenti cation, authorization, and accounting). These servers ar e us ed for storing informat ion about use rs who want to manage the swit ch ([...]
-
Página 394
Server Overview Managing Authentication Servers page 20-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 A RADIUS server supporting the chall enge and response mechanism as defined in RADIUS RFC 2865 may access an ACE/Server for authentication purposes. The ACE/Server i s then used for user authenti ca- tion, and the RADIUS server [...]
-
Página 395
Managing Authentication Servers Se rver Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-7 Por t-Based Network Access Contro l (802.1X) For devices authenticati ng on an 802.1X port on the switch, only RADIUS authenticati on servers are supported. The RADIUS server contains a database of user names and password s, and[...]
-
Página 396
ACE/Server Managing Authentication Servers page 20-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 ACE/Ser ver An external ACE/Server may be used for authenticat ed switch access. It cannot be used for Layer 2 authentication or for policy management. Attributes ar e not supported on ACE/Servers. These valu es must be configu red o[...]
-
Página 397
Managing Authentication Servers RADIUS Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-9 RADIUS Ser vers RADIUS is a st andard authent ication and accounting protocol de fined in RFC 2865 and RFC 286 6. A built-in RADIUS client is available in th e switch . A RADIUS server th at supports Vend or Specific Attributes (V[...]
-
Página 398
RADIUS Servers Managing Authentication Servers page 20-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 19 20 21 22 23 Callbac k-Num ber Callback-Id Unassigned Frame-Route Framed-IPX-Network Not supported. These attr ibutes are used fo r dial-up sessions; not applicab le to the RADIUS c lient in the sw itch. 24 State Sent in challe[...]
-
Página 399
Managing Authentication Servers RADIUS Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-11 V endor-Specific Attributes for RADIUS The Alcatel RADIUS c lient supports at tribute 26, wh ich includes a vendor ID and some a dditional sub - attributes call ed subtypes. The vendor ID and t he subtypes colle ctively are call [...]
-
Página 400
RADIUS Servers Managing Authentication Servers page 20-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Functional Pr ivileges on the Ser ver Configuring t he functional pr ivileges attribu tes ( Alcatel-Acce-Priv-F- x ) can be cumbersome because it requires using read and write bitmas ks for command families on the swi[...]
-
Página 401
Managing Authentication Servers RADIUS Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-13 RADIUS Accounting Serv er Attributes The following tabl e lists the standard a ttributes supp orted for RADIU S accounting serv ers. The attributes in the radius.ini file may be modified if necessary. Num. S tandard Attribute Des[...]
-
Página 402
RADIUS Servers Managing Authentication Servers page 20-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 The following table lists the VSAs supported for RADIUS accounting servers. Th e attributes in the radius.ini file may be modifi ed if ne cessary. Configuring the RADIUS Client Use the aaa radius-server command to co nfigure RADI[...]
-
Página 403
Managing Authentication Servers LDAP Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-15 LDAP Ser vers Lightweight Direct ory Access Protocol (LDAP) is a st an dard directory server protocol. The LDAP client in the switch is based on several RFCs: 179 8, 2247, 2251, 2252, 2253, 2254, 2255, and 22 56. The prot o- col wa[...]
-
Página 404
LDAP Servers Managing Au thentication Servers page 20-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 LDAP servers are a lso able to im port and expo rt di rectory dat abases using LDIF (LDAP Data Interchange Format). LDIF File Structure LDIF is used to transfer data to LDAP servers in order to build directories or modi fy LDAP da[...]
-
Página 405
Managing Authentication Servers LDAP Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-17 uid: yname ou: people description: <list of option al attributes> . . . Directory Entries Directory entries are used to store d ata in directory servers. LDAP–e nabled directory entries contain infor- mation about an object[...]
-
Página 406
LDAP Servers Managing Au thentication Servers page 20-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Directory Searches DNs are always the starting poi nt for searches un less indicate d otherwise in the directory schema. Searches involve the use of various criteria including scopes and filt ers which must be predefined, and util[...]
-
Página 407
Managing Authentication Servers LDAP Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-19 Modified attribute values ar e replaced with other giv en values by su bmitting repla ce requests to the se rver, which then translates an d pe rforms the requests. Directory Compare and Sor t LDAP will compare d irectory entries w[...]
-
Página 408
LDAP Servers Managing Au thentication Servers page 20-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Password Policies an d Directory Ser vers Password policies applied to user accounts va ry slightly from o ne director y server to ano ther. Normally, only the pa ssword ch anging poli cies can be set by users through the director[...]
-
Página 409
Managing Authentication Servers LDAP Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-21 Director y Ser ver Schema for LDAP Authentication Object classes and attribute s will need to be modifi ed according ly to include LDAP authentication in the network (object classes and att ributes are used specific all y here to m[...]
-
Página 410
LDAP Servers Managing Au thentication Servers page 20-22 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 For more information about configur ing users on the switch, see t he Switch Security chapter of the OmniSwitch 6600 Family Switch Ma nagement Guide . Configuring Authentication Key Attributes The alp2key tool is prov ided on the [...]
-
Página 411
Managing Authentication Servers LDAP Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-23 • Switch VLAN number cli ent joins in mu ltiple authorit y mode (0=single authority; 2=mu ltiple author- ity); variabl e-length d igits. • Switch slot number to wh ich client connects: n n • Switch port number to wh ich clien[...]
-
Página 412
LDAP Servers Managing Au thentication Servers page 20-24 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Dynamic Logging Dynamic loggin g may be performed by an LDAP-e nabled directory serve r if an LDAP server i s config- ured first in the list of auth entication servers configur ed through the aaa accounting vlan or aaa account- in[...]
-
Página 413
Managing Authentication Servers LDAP Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-25 For exampl e: “ASA 0 : CONSOLE IP 65.97.233.108 Jones” Configuring the LDAP Authentication Client Use the aaa ldap-server command to configure LD AP authenticati on parameters on the switch. The server name, host name or IP add[...]
-
Página 414
LDAP Servers Managing Au thentication Servers page 20-26 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. The distingu ished name must be di fferent from the searchbase name. Modifying an LDAP Authentication Server To modify an LDAP auth entication server, use the aaa ldap-se rver command wi th the server name; or, if you have j[...]
-
Página 415
Managing Authentication Servers Verifying the Authentication Server Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 20-27 V erifying the Authentication Ser ver Configuration To display information abo u t authenticat ion servers, use the following comman d: An example of the out put for this command i s given in ?[...]
-
Página 416
Verifying the Authentication Server Configuration Managing Authentication Servers page 20-28 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 417
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-1 21 Configuring Authenticated VLANs Authenticated VLANs control user access to network resources based on VLAN assignmen t and a user log-in process; the process is someti mes called user authenticat ion or Layer 2 Authe ntication. (Anot her type of security is device authent i[...]
-
Página 418
Authenticated Network Overview Co nfiguring Authenticated VLANs page 21-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Authenticated Network Over view An authenticat ed network invo lves several comp onents as show n in this illust ration. This chapter describes all o f these compon ents in deta il, except the external a uthentic[...]
-
Página 419
Configuring Authenticated VLANs A uthenticated Network Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-3 • Web browser client . Any standard Web browser may be used (Netscape or Internet Explorer). An IP address is required prio r to authenticatio n. See “Web Browser Authe ntication Client” on page 21-7 for mor[...]
-
Página 420
AVLAN Configuration Overview Configuring Authenticated VLANs page 21-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 A VLAN Configuration Over view Configuring authent icated VLANs requires several majo r steps. The steps are ou tlined here and descri bed throughout th is chapter. See “Sample AVLAN Configuration ” on page 21-5[...]
-
Página 421
Configuring Authenticated VLANs AVLAN Configuration Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-5 Sample A VLAN Configuration 1 Enable at lea st one authent icated VLAN: -> vlan 2 authentication enable Note that this command does not create a VLAN; th e VLAN must already be created. For information about creat[...]
-
Página 422
AVLAN Configuration Overview Configuring Authenticated VLANs page 21-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 6 Enable authe ntication by specifying the authentication mo de (single mode o r multiple mod e) and the server. Use the R ADIUS or LDAP serv er name(s) co nfigured in step 5. For exam ple: -> aaa authentication [...]
-
Página 423
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-7 Setting Up Authentication Clients The following sec tions describe the Telnet aut hentication c lient, Web bro wser authenticat ion client , and Alcatel’s proprietary AV-Client. For informa tion about removing[...]
-
Página 424
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 with one authenticated VLAN. The addres s may be a ssigned dynamically if a DHCP server is located in the netwo rk. DHCP is requir ed in netw orks with mul tiple authe nticated VL ANs. • Configure a DHCP serv[...]
-
Página 425
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-9 Installing Files for Mac OS 9.x Clients 1 In the browser URL command line, enter the au thentication DNS name (con figured through the aaa avlan dns command). The au thentication page displa ys. 2 Click on the l[...]
-
Página 426
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 To set root access: 1 Open the NetInfo from t he HardDisk/Applica tion/Utilities fol der. 2 Select Domain > Security > Authentic ate. Enter the admi nistrator’s password if req uired. 3 Select Domain &g[...]
-
Página 427
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-11 SSL for W eb Browser Clients A Secure Socket Layer (SSL) is used to authent icate Web browser clie nts. A certificate fro m a Certifica- tion Author ity (CA) or a self-si gned (private ) certificat e must be in[...]
-
Página 428
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Installing the A V -Client The AV-Client is a proprietary Windo ws-based applicat ion that i s installed on c lient end st ations. The installati on instructi ons are prov ided in this chapter. The AV-Client do[...]
-
Página 429
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-13 Windows 95 Install the 32-bit DLC pr otocol program and the update patch from the Microsoft FTP site (ftp.microsoft.com). Fro m the FTP site, download the MSDLC32.EXE an d DLC32UPD.EXE files (or the latest DLC [...]
-
Página 430
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 3 We recommend that you foll ow the instructions on the screen regarding closing all Wi ndows programs before proceedin g with the instal lation. Click on the Ne xt button. Th e following w indow displays.[...]
-
Página 431
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-15 4 From this window you may install the cl ient at the de fault destinat ion folder shown o n the screen or you may click the Brow se button to select a different directory. Clic k on the Next button. The softwa[...]
-
Página 432
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Windows 95 and Windows 98 1 Download the AV-Cl ient from the Alc atel website on to the Windows deskt op. 2 Double-click the AV-Client icon . The installation routine begin s and the followin g window displ ays[...]
-
Página 433
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-17 4 From this window you may install the cl ient at the de fault destinat ion folder shown o n the screen or you may click the Brow se button to select a different directory. Clic k on the Next button. The softwa[...]
-
Página 434
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Setting the A V -Client as Primar y Network Login Windows 95 and Windows 98 If your operating system is Windo ws 95 or Windows 98, yo u must configure the AV-C lient as the primary network logi n. This is do ne[...]
-
Página 435
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-19 Selecting a Dialog Mode The AV-Client has two dialo g modes, basic and extended . In basic dia log mode, the clie nt prompts the user for a username and a password onl y. In extended mode, which is requ ired fo[...]
-
Página 436
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Viewing A V -Client Components The configuration u tility includes a screen that lists each component, version and build date for the AV- Client. To vi ew this screen, click on the Ve rsion tab and a screen sim[...]
-
Página 437
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-21 Logging Into the Network Through an A V -Client Once the AV-Client softwa re has been loaded on a user’s PC workstat ion , an AV-Clien t icon will be created on the Windows deskto p in the task b ar. Follow t[...]
-
Página 438
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-22 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Logging Off the A V - Client 1 To log off the AV -Client, point yo ur mouse to the A V-Client icon in your Windows syst em tray and execute a right-cl ick to select Logo ff. The fo llowing scre en displays. 2 T[...]
-
Página 439
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-23 Configuring the A V -Client for DHCP For an AV-Client , DHCP configuratio n is not re quired. AV-Clients do not require an IP address t o authen- ticate, but they may want an IP address fo r IP communication i [...]
-
Página 440
Setting Up Authentication Clients Configuring Authenticated VLANs page 21-24 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 1 To configure the DHCP p arameters, access the AV-Client configu ration utility and select the DHCP tab. The following screen di splays: 2 Click the box ne xt to “Enable DHCP Operations ”. Several optio ns[...]
-
Página 441
Configuring Authenticated VLANs Setting Up Authentication Clients OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-25 4 To apply the change, click the Apply button. Wh en you clic k the OK button, the screen will close and the change will take effect. If you decide no t to impleme nt the ch ange, cli ck the Cancel button and t[...]
-
Página 442
Configuring Authenticated VLANs Configuring Authenticated VLANs page 21-26 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Authenticated VLANs At least one authenticat ed VLAN must be configured on the switch. For more informati on about VLANs in general, see Chapter 4, “Confi guring VLA Ns.” To configure an authent i[...]
-
Página 443
Configuring Authenticated VLANs Configuring Authenticated VLANs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-27 Configuring Authentication IP Addresses Authentication c lients connect to an IP address on the switch for authen tication. (Web bro wser clients ma y enter a DNS name rather th an the IP address; see “Setting [...]
-
Página 444
Configuring Authenticated Ports Configuring Authenticated VLANs page 21-28 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Por t Binding and Authenticated VLANs By default, au thenticated VLANs d o not support po rt binding rules. Th ese rules are used for assigning devices to authenticated VLANs when devic e traffic co ming in on an[...]
-
Página 445
Configuring Authenticated VLANs Setting Up a DNS Path OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-29 Setting Up a DNS Path A Domain Name Server (DNS) name may be configured so that Web browser clients may enter a URL on the browser co mmand line in stead of an au thentica tion IP address. A Domain Name Server must be set [...]
-
Página 446
Setting Up the DHCP Server Configuring Authenticated VLANs page 21-30 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Before Authentication Normally, authentic ation clients c annot traffic in th e default VLAN, so authenticati on clients do not belong to any VLAN whe n they connect to the switch. Eve n if DHCP relay is enable d, the[...]
-
Página 447
Configuring Authenticated VLANs Setting Up the DHCP Server OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-31 When this command is specified, the switch will act as a relay for aut hentication DHCP pack ets only; non- authentica tion DHCP pa ckets will not b e relayed. For more information about using t he ip helper avla n on[...]
-
Página 448
Configuring the Server Authority Mo de Configuring Authenticated VLANs page 21-32 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring the Ser ver Authority Mode Authenticatio n servers for Layer 2 authentication are configured in one of two mod es: single authorit y or multiple authorit y. Single authority mode uses a single [...]
-
Página 449
Configuring Authenticated VLANs Configuring the Server Authority Mode OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-33 To configure au thentication in single mode, use the aaa authentication vlan command with the single-mode keyword and name(s) of the relevant server an d any backups. At leas t one server must be specified;[...]
-
Página 450
Configuring the Server Authority Mo de Configuring Authenticated VLANs page 21-34 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Multiple Mode Multiple autho rity mode assoc iates different serve rs with particu lar VLANs. This mode is typically us ed when one party is pro viding the network and another is prov iding the[...]
-
Página 451
Configuring Authenticated VLANs Specifying Accounting Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 21-35 To configure au thentication in multiple mode, use the aaa authentication vlan command with the multiple-mode keyword, the relevant VLAN ID, an d the names of the servers. The VLAN ID is required, and at least one [...]
-
Página 452
Verifying the AVLAN Configuration C onfiguring Au thenticated VLANs page 21-36 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 V erifying the A VLAN Configuration To verify the authenticated VLAN configuration, use the following show commands: For more information about these commands, see the OmniSwitch CLI Reference Guide . show aa[...]
-
Página 453
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-1 22 Configuring 802.1X Physical devices attached to a LAN port on the swit ch throu gh a point- to-point LAN c onnection may be authentica ted through the switch thro ugh port-base d network acc ess control. Th is control is available through the IEEE 802.1X stan dard implement[...]
-
Página 454
802.1X Specifications Conf iguring 802.1X page 22-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 802.1X Specifications 802.1X Defaults The following table lists the defaults for 802 .1X port co nfiguration con figuration th rough the 802.1x command and the relevant command keywords: Note. By default, accounti ng is disabled for 8[...]
-
Página 455
Configuring 802.1X Quick Steps for Configuring 802 .1X OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-3 Quick Steps for Configuring 802.1X 1 Configure the port as a mobi le port and an 802.1X port usin g the following vlan port commands: -> vlan port mobile 3/1 -> vlan port 3/1 802.1x enable The port is set up automati[...]
-
Página 456
Quick Steps for Configuring 802.1X Configuring 802.1X page 22-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Optional. To display the number of 802.1x users on the switch, use the show 802.1x users command: ->show 802.1x users Slot MAC Port User Port Address State Name -----+------------------+--------- -----------+-----------[...]
-
Página 457
Configuring 802.1X 802.1X Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-5 802.1X Over view The 802.1X standard defines port-based network access controls, and provides th e structure for authe nti- cating physi cal devices atta ched to a LAN. It uses the Extensib le Authentica tion Protocol (EAP). There are three c[...]
-
Página 458
802.1X Overview Configuring 802.1X page 22-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 • If the authentication server doe s not return a VLAN ID, then the supplicant is classified according t o any device cla ssification policies tha t are configured for the port. See “Using Access Guardian Poli- cies” on pag e 22-8 for [...]
-
Página 459
Configuring 802.1X 802.1X Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-7 802.1X ports may also be init ialized if there a pro blem on the port. Init ializing a port dro ps connectivity to the port and requ ires the port to be re-authenticated. See “Initializing an 802.1X Port” on page 22 -13 . 802.1X Accountin[...]
-
Página 460
Using Access Guardian Po licies Configuring 802.1X page 22-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Using Access Guardian Policies In addition to the authent ication and VLAN classi fica tion of 802.1x clients (supplicants), the Access Guardian exten ds this type of functional ity to no n-802.1x cli ents (non-supplican ts).[...]
-
Página 461
Configuring 802.1X Using Access Guardian Poli cies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-9 The order in which policies are applied to cl ient traf fic i s determined by the order in which t he policy wa s configured. For example, if a comp ound non-supplicant poli cy is conf igured by specify ing MA C authenti- cati[...]
-
Página 462
Setting Up Port-Based Network A ccess Control Configu ring 802.1X page 22-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Setting Up Por t-Based Network Access Contro l For port-based network access cont rol, 802.1X must be enabl ed for the switch and the switch must know which servers to use for authent icating 802.1X supplicants[...]
-
Página 463
Configuring 802.1X Setting Up Port-Based Network Access Control OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-11 Configuring 802.1X Por t Parameters By default, when 802.1X is enabled o n a port, the po rt is configured for bidir ectional cont rol, automa tic authorization, a nd re-authentica tion. In additi on, there are s[...]
-
Página 464
Setting Up Port-Based Network A ccess Control Configu ring 802.1X page 22-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. The authentication server timeout ma y also be configured (with th e server-timeout keyword) but the value is always superseded by the va l ue set for the RADIUS server th rough the aaa radius-server comm[...]
-
Página 465
Configuring 802.1X Setting Up Port-Based Network Access Control OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-13 Initializing an 802.1X Por t An 802.1X port may be reinitializ ed. This is useful i f there is a pro blem on the port. The reinitializat ion process drop s connectivit y with the sup plicant an d forces the sup p[...]
-
Página 466
Configuring Access Guardian Policies Configuring 802.1X page 22-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Access Guardian Policies The Access Guardian provides fu nctionality that allows the confi guration of 802.1x device classification policies for supplicants (8 02.1x clients) and non-supplicants (n on-802.1x [...]
-
Página 467
Configuring 802.1X Configuring Access Guardian Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-15 Configuring Supplicant Policies Supplicant policies are used to cl assify 802. 1x devices c onnected to 802 .1x-enabled switc h ports when 802.1x authen tication does not return a VLAN ID o r authenticatio n fails. To co[...]
-
Página 468
Configuring Access Guardian Policies Configuring 802.1X page 22-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Non-supplicant Policies Non-supplicant policies are used to classify non-802.1x devices connected to 802.1x-enabl ed switch ports. There are two types of no n-suppli cant policies. One type uses MAC auth enti[...]
-
Página 469
Configuring 802.1X Configuring Access Guardian Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-17 Note that this type of policy d oes not use 802.1x or MAC authentication. As a re sul t, all of the avail able policy keywords restrict the assignment of the non-supplican t device to only those VLANs t hat are non- auth[...]
-
Página 470
Configuring Access Guardian Policies Configuring 802.1X page 22-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 802.1x 2/10 non-sup plicant policy aut hentication pass vlan 10 blo ck fail group-mob ility default-vl an If the MAC authentication process is successful but does not return a VLAN ID for the device, then the following o[...]
-
Página 471
Configuring 802.1X Verifying the 802.1X Port Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 22-19 V erifying the 802.1X Por t Configuration A summary of the show commands used for verifying the 80 2.1X port configuration is g iven here: For more information abou t the display s that resu lt from these co mmands, s[...]
-
Página 472
Verifying the 802.1X Port Configuration Configuring 802.1X page 22-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 473
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 23-1 23 Managing Policy Ser vers Quality of Service (QoS) policies that are configur ed through Alcatel’s PolicyView networ k management application are stored on a Lightweight Director y Access Protoco l (LDAP) server. PolicyV iew is an OmniVista application t hat runs on an att[...]
-
Página 474
Policy Server Specification s Managing Policy Servers page 23-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Policy Ser ver Specifications The following ta bles lists import ant information ab out LDAP policy serve rs: Policy Ser ver Defaults Defaults for the policy server command are as follows: LDAP Policy Se rvers RFCs Support[...]
-
Página 475
Managing Policy Servers Policy Server Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 23-3 Policy Server Over view The Lightweigh t Directory Acce ss Protocol (LDA P) is a stand ard directory server prot ocol. The LDAP policy server client in the sw itch is based on RFC 2251. Currently, only LDA P servers are supported [...]
-
Página 476
Modifying Policy Servers Managing Policy Ser vers page 23-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Modifying Policy Ser vers Policy servers are automatically conf igured when the server is installe d; however, policy server parame- ters may be modified i f necessary. Note. SSL configuratio n must be done manually throug h t[...]
-
Página 477
Managing Policy Servers Modifying Policy Servers OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 23-5 Modifying the Por t Number To modify the port, enter the policy server command with the port keyword an d the releva nt port number. -> policy server 10.10.2.3 port 50 00 Note that th e port numbe r must ma tch the port numbe[...]
-
Página 478
Modifying Policy Servers Managing Policy Ser vers page 23-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuring a Secure Socket Layer for a Policy Ser ver A Secure Socket Layer (SSL) may be configured be tween the polic y server an d the swit ch. If SSL is enabled, the PolicyVi ew applica tion can no longer write polici es t[...]
-
Página 479
Managing Policy Servers Verifying the Policy Server Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 23-7 Interaction With CLI Policies Policies configured via PolicyView can only be modi fied through PolicyView. Th ey cannot be modified through the CLI. Any policy management do ne throug h the CLI only affects poli[...]
-
Página 480
Verifying the Policy Server Conf iguration Managing Policy Servers page 23-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006[...]
-
Página 481
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-1 24 Configuring QoS Alcatel’s QoS software prov ides a way to manipulate flows coming th rough the switch based on user- configur ed policie s. The flow man ipu lation (generally referred to as Quali ty of Service or QoS ) may be as simple as allowi ng/denying traffic, or as [...]
-
Página 482
QoS Specifications Configuring QoS page 24-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 QoS Specifications Maximum number of po licy rules 128 Limits for Layer 3 rules with particular action s: ACL (Filter rules) Priority rules Bandwidth/ T o S rules 802.1p rules 62 30 64 29 Maximum number of poli cy condition s 2048 Maximum nu[...]
-
Página 483
Configuring QoS QoS General Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-3 QoS General Over view Quality of Service (QoS) refers to transmission quality and available service that is measured an d some- times guaranteed in advance for a particular ty pe of traffic in a network. QoS le nds itself to ci rcuit- switc[...]
-
Página 484
QoS Policy Overview Configuring QoS page 24-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 QoS Policy Over view A policy (or a policy rule ) is made up of a condition and an actio n. The condition specifi es pa rameters that the switch will examine in inc oming flows, such as destination address or Type of Serv ice (ToS) bits. Th[...]
-
Página 485
Configuring QoS Interaction With Other Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-5 It is possible to configure a vali d QoS rule that is ac tive on the swit ch, however the swit ch is not able to enforce the rule b ecause some ot her switch function (for example, rout ing) is disa bled. See the condition and co[...]
-
Página 486
Condition Combinations Configuring QoS page 24-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Condition Combinations The CLI prevents you from configuring in valid condition combinations that are never allowed; ho wever, it does allow you to create combinat ions that are supporte d in some scenario. For example, you might configu[...]
-
Página 487
Configuring QoS Condition /Action Combinations OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-7 Condition/Action Combinations Conditions and acti ons are combined in policy rules. The CLI prevents you fro m configurin g invalid condition/acti on combinations t hat are never allo wed; however, it doe s allow you to create com[...]
-
Página 488
Condition/Action Combinations Configuring QoS page 24-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 destination IP address or network group destination TCP/UDP port IP protocol 802.1p routing/bridging when qos classifyl3 bridged is enabled source MAC or MAC group source VLAN disposition priority bridging source VLAN maximum band[...]
-
Página 489
Configuring QoS QoS Defaults OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-9 QoS Defaults The following ta bles list the defa ults for global QoS p a rameters, individual port settin gs, policy rules, and default policy rules. Global QoS Defaults Use the qos reset command is to reset gl obal values to their defaults. Descri[...]
-
Página 490
QoS Defaults Configuring QoS page 24-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 QoS Por t Defaults Use the qos port reset command to reset port settings to the defaults. Policy Rule Defaults The following are default s for the poli cy rule command: * However, policy rules co nfigured with s ource and dest ination condit ions [...]
-
Página 491
Configuring QoS QoS Defaults OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-11 Policy Action Defaults The following are defaults for t he poli cy action command: Note that in the current software release, the deny and dr op options produce the same effect that is, the traffic is si lently drop ped. Note. There are no default[...]
-
Página 492
QoS Configuration Overview Configuring QoS page 24-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 QoS Configuration Over view QoS configuratio n involves the following general steps: 1 Configuring Global Par ameters . In addit ion to enabling/ disabling QoS, g lobal configurat ion includes settings such a s global po rt parameter[...]
-
Página 493
Configuring QoS Configurin g Global QoS Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-13 Configuring Global QoS Parameters This section describes the glob al QoS configurat ion, which includes enabling and disabl ing QoS, apply- ing and acti vating the co nfiguration, controlling th e QoS log d isplay, and co nfi[...]
-
Página 494
Configuring Global QoS Parameters Configuring QoS page 24-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Using the QoS Log The QoS software in the switch creates its own log for QoS-spe cific eve nts. You may modi fy the number of lines in the log or change the level of detail given in the log. Th e PolicyView app lication, which[...]
-
Página 495
Configuring QoS Configurin g Global QoS Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-15 Note. If you change the number of log l ines, the QoS log may be comp letely cleare d. To chang e the log lines without c learing the log, set the lo g lines in the boot.c fg file; the log will be set to the speci fied number[...]
-
Página 496
Configuring Global QoS Parameters Configuring QoS page 24-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Displaying the QoS Log To view the QoS log, use the show qos log command. The displa y is similar to the following: **QOS Log** Insert rule 0 Rule index at 0 Insert rule 1 Rule index at 1 Insert rule 2 Rule index at 2 Enable r[...]
-
Página 497
Configuring QoS Configurin g Global QoS Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-17 To change the flow timeout, enter the qos flow timeout com i mand with the desired number of seconds. For exampl e: -> qos flow timeout 100 The timeout will no t be active on the switch u ntil you enter th e qos apply comm[...]
-
Página 498
Configuring Global QoS Parameters Configuring QoS page 24-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Classifying Bridged T raffic as Layer 3 In some network configurati ons you may want to force the switch to cla ssify bridged traffic as routed (Layer 3) traffic. Typically this op tion is used for QoS filtering. See Chapter 2[...]
-
Página 499
Configuring QoS Configurin g Global QoS Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-19 V erifying Global Settings To display information abo ut the glob al configuration, use the following show commands: For more information abo ut the syntax and di splays of these comman ds, see the OmniSwitch CLI Refer- ence [...]
-
Página 500
QoS Ports and Queues Configuring QoS page 24-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 QoS Por ts and Queues Queue para meters may be mo dified on a port basis. Fo ur default queues are creat ed for each port on t he switch at start up. When a flow coming into the switch matches a policy , it is queued based on: • Paramete[...]
-
Página 501
Configuring QoS QoS Ports and Queues OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-21 To configure th e global settin g on the switch , use the qos trust ports command. For exampl e: -> qos trust ports To configure indivi dual ports as truste d, use the qos port trusted command with the desired sl ot/port number. For ex [...]
-
Página 502
Creating Policies Configuring QoS page 24-22 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Creating Policies This section describ es how to create polic ies in general. Fo r information about configuri ng specific types of policies, see “Policy Applications” on pa ge 24-49 . Basic commands for creating policies are as foll ows:[...]
-
Página 503
Configuring QoS Creating Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-23 4 Use the qos apply command to apply the po licy to the configuration. For example: -> qos apply Note. ( Optional ) To verify that the rule has been configured, use the show policy rule command. The display is similar to the following : -&[...]
-
Página 504
Creating Policies Configuring QoS page 24-24 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Creating Policy Conditions This section describ es how to create po licy condition s in general. C reating policy co nditions for partic ular types of network sit uations is described late r in this chapter. Note. Policy condition confi gurat[...]
-
Página 505
Configuring QoS Creating Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-25 Note. You cannot remove al l parameters from a polic y cond ition. A condition must be configured with at least one parameter. Deleting Policy Conditions To remove a policy condition, use the no form of the command. For example: -> no poli[...]
-
Página 506
Creating Policies Configuring QoS page 24-26 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. If you combine priority with 802.1p , dscp , tos , or map , in an action, the priority value is use d to prioritiz e the flow. Removing Action Parameters To remove an action parame ter or return the parame ter to its defau lt, use no wi[...]
-
Página 507
Configuring QoS Creating Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-27 In addition, a policy rule may be admi nistratively disabled or re-enabled using the policy rule command. By default rules are enab led. Fo r a list of rule defaults, see “Policy Rule Defaults” on page 24-10 . Information abo ut using the[...]
-
Página 508
Creating Policies Configuring QoS page 24-28 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Layer 3 Rules With Compatible Ac tions More than one rule may have the same co ndition. Fo r example, two La yer 3 rules may h ave the same IP address con dition but differen t actions. If the a ctions are comp atible, both rules wil l be app[...]
-
Página 509
Configuring QoS Creating Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-29 Saving Rules The save option marks the policy rule so that the rule will be captured in an ASCII text fil e (using the configuration snapshot command) and saved t o the working director y (using the write m emory command or copy running-confi[...]
-
Página 510
Creating Policies Configuring QoS page 24-30 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 V erifying Policy Configuration To view information ab out policy rules, conditions, a nd actions confi gured on the swit ch, use the follo w- ing commands: When the command is used to show output for all pending and applied poli cy configura[...]
-
Página 511
Configuring QoS Creating Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-31 In this example, the rule my_rule does not displa y because it is inactive . Rules are i nactive if they are administratively di sabled through the policy rule command, or if the rule cannot be enforced by the current h ardware. Alth ough my_[...]
-
Página 512
Creating Policies Configuring QoS page 24-32 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 T esting Conditions Before applying poli cies to the configuration thro ugh the qos apply command, you may want to see how the policies will be used to classify traffic. Or you ma y want to see how t heoretical traffic would be classi- fied b[...]
-
Página 513
Configuring QoS Creating Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-33 To test a theo retical con dition again st the set of applied policies, enter the command with the applied keyword. The switch will display info rmation ab out the pote ntial traffic and attempt to match it to a pol icy (applied policies only[...]
-
Página 514
Using Condition Groups in Policies Configuring QoS page 24-34 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Using Condition Gr oups in Policies Condition groups ar e made up of multiple IP addre sses, MAC addresses, servic es, or ports to which you want to apply the same action or poli cy rule. Instead of crea ting a separa te cond[...]
-
Página 515
Configuring QoS Using Condition Groups in Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-35 3 Attach the condi tion to a polic y rule. (For more i nformation about co nfiguring rule s, see “Creati ng Policy Rules” on page 24 -26 .) In this example, actio n act4 has alre ady been co nfigured. For example: -> p[...]
-
Página 516
Using Condition Groups in Policies Configuring QoS page 24-36 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 To remove addresses from a network group, use no and the rel evant address(es) . For example: -> policy network group netgroup3 no 173.21.4.39 This command deletes the 173.21 .4.39 address from netgroup3 af ter the next qo[...]
-
Página 517
Configuring QoS Using Condition Groups in Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-37 In this example, a policy service calle d telnet1 is created with the TCP protocol number ( 6 ) and the well- known Telnet destination por t number ( 23 ). -> policy service telnet1 protocol 6 destination ip port 23 A shor[...]
-
Página 518
Using Condition Groups in Policies Configuring QoS page 24-38 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 This command conf igures a conditi on called c6 with service grou p serv_group . All of the service s speci- fied in the service group will be included i n the condit ion. (For more informati on about con figuring c ondi- tio[...]
-
Página 519
Configuring QoS Using Condition Groups in Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-39 Note. MAC group configuration is not acti ve until the qos apply command is entered. To delete addresses from a MAC group, use no and the relevant address(es): -> policy mac group macgrp2 no 08: 00:20:00:00:00 This command[...]
-
Página 520
Using Condition Groups in Policies Configuring QoS page 24-40 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 This command specifies tha t port 2/1 will be d eleted from the techpubs port group at the next qos apply . To delete a port group, use the no form of the policy port gro up command with the relev ant port group name. The por[...]
-
Página 521
Configuring QoS Using Condition Groups in Policies OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-41 -> policy action MaxBw maximum ban dwidth 10k -> policy rule PortRule condition Ports action MaxBw In this example, if both ports 1 and 2 are active p orts, 10000 bps is distrib uted over the two p orts. If one of the p[...]
-
Página 522
Using Condition Groups in Policies Configuring QoS page 24-42 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 V erifying Condition Gr oup Configuration To display information abo ut condition gro ups, use the following show commands: See the OmniSwitch CLI Reference Guide for more information about th e syntax and output for t hese c[...]
-
Página 523
Configuring QoS Using Map Groups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-43 Using Map Gr oups Map groups are u sed to map 802. 1p, ToS, or DSCP va lues to different values. On the Om niSwitch 6600 , the followi ng mapping sc enarios are su pported: • 802.1p to 802. 1p • ToS or DSCP to 802.1p (the reve rse is not s[...]
-
Página 524
Using Map Groups Configuring QoS page 24-44 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 How Map Groups W ork When mapping from 802.1p to 802.1p, the acti on will result in remapping the sp ecified values. Any values that are not specified in th e map gr oup are preser ved. In this example, a map grou p is created for 802 .1p bits[...]
-
Página 525
Configuring QoS Using Map Groups OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-45 To delete a map group, use the no form of the policy map group command. The map grou p must not be associated with a policy action. For example: -> no policy map group tosGroup If tosGroup is currently associated with an actio n, an error m[...]
-
Página 526
Applying the Configuration Configuring QoS page 24-46 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Applying the Configuration Configuratio n for policy rules and many global QoS pa rameters must sp ecifically be ap plied to the config- uration with the qos apply command. Any parameters config ured without thi s command are mainta [...]
-
Página 527
Configuring QoS Applying the Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-47 Deleting the Pending Configuration Policy settings that have been configured but not applied thro ugh the qos apply command may be returned to the la st applied se ttings through the qos revert command. For example: -> qos revert [...]
-
Página 528
Applying the Configuration Configuring QoS page 24-48 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Interaction W ith LDAP Policies The qos apply , qos revert , and qos flush commands do not af fect policies created thro ugh the Policy- View application . Separate commands are use d for loading an d flushing LDAP policies on th e s[...]
-
Página 529
Configuring QoS Policy Applications OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-49 Policy Applications Policies are used to classify incoming flows and treat the relevant outgoing flows. There are many ways to classify the traffic and many ways to apply QoS parameters to the traffic. Classifying tr affic may be a s simple[...]
-
Página 530
Policy Applications Configuring QoS page 24-50 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Note. If multiple addresses, services, or po rts should be gi ven the same prio rity, use a policy condi tion group to specify the group and associat e the group wit h the condit ion. See “Using Condition Groups in Policies” on page 24-[...]
-
Página 531
Configuring QoS Policy Applications OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 24-51 -> policy condition ip_traffic2 so urce ip 10.10.5.3 -> policy action flowShape maximum bandwidth 1k -> policy rule rule2 condition tra ffic2 action flowShape Note that the bandwidth may be specified in abbreviated units, in this c[...]
-
Página 532
Policy Applications Configuring QoS page 24-52 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 -> policy condition my_condition s ource ip 10.10.3.0 mask 255.255.2 55.0 -> policy action my_action 802.1p 5 -> policy rule marking condition m y_condition action my_action In the next example, the policy map group command specifi[...]
-
Página 533
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-1 25 Configuring ACLs Access Control L ists (ACLs) are Quality o f Service (Qo S) policies used to control wh ether or not packets are allo wed or denied at the swit ch or router interf ace. ACLs are sometimes referred to as filtering lists. ACLs are distin guished by th e kind [...]
-
Página 534
ACL Specifications Configuring ACLs page 25-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 ACL Specifications These specifications are t he same as those for QoS in general: ACL Defaults The following ta ble shows the defaults for ACLs: Note that in the current software release, the deny and dr op options produce the same effect;[...]
-
Página 535
Configuring ACLs Quick Steps for Creating ACLs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-3 Quick Steps for Creating ACLs 1 Set the global disposi tion for bridged or rout ed traffic. By default, all flow s that do match any pol icies are allowed on t he switch. Typica lly, you may wan t to deny traffic fo r all Layer 3 [...]
-
Página 536
ACL Overview Configuring ACLs page 25-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 ACL Over view ACLs provide mo derate security bet ween networks. The following il lustration sho ws how ACLs may be used to filter sub network traffic throug h a private net work, func tioning like an internal fi rewall for LANs. When traffic arr[...]
-
Página 537
Configuring ACLs ACL Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-5 Rule Precedence The switch attempts to classify fl ows c oming into the switc h according to pre cedence. For Lay er 2 flows, the rule wi th the highe st precedence will be appli ed to the flow . For Layer 3 flow s, all rules that mat ch the flow [...]
-
Página 538
ACL Overview Configuring ACLs page 25-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Example: Layer 3 Rules With Compatible Actions More than one rule may have the same co ndition. Fo r example, two La yer 3 rules may h ave the same IP address con dition but differen t actions. If the a ctions are comp atible, both rules wil l be[...]
-
Página 539
Configuring ACLs ACL Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-7 Interaction With Other Features • IP Routing —IP routing must b e enabled on th e switch for Layer 3 ACLs. See Chapter 14, “Configur- ing IP,” for more information about setting up ro uting. • Routing Protocols —Layer 3 filtering is co[...]
-
Página 540
ACL Configuration Overview Configuring ACLs page 25-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 ACL Configuration Over view This section describes the QoS CLI commands used spec ifically to configure ACLs. ACLs are basically a type of QoS policy, and the commands used to co nfigure ACLs are a subset of the switch’s QoS comma[...]
-
Página 541
Configuring ACLs Setting the Global Disposition OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-9 Important. If you set the glob al bridged d isposition (u sing the q os defaul t bridge d dispos ition command) to deny or drop , it will result in droppi ng all Layer 2 t raffic from the switch that does not match any policy to [...]
-
Página 542
Creating Condition Groups For ACLs Configuring ACLs page 25-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Creating Condition Gr oups For ACLs Condition grou ps for ACLs are ma de up of multipl e IP addresses, MAC addresses, services, or IP ports to which you wan t to apply the sa me disposition . Instead of creating a separate c[...]
-
Página 543
Configuring ACLs Configuring ACLs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-11 For exampl e: -> policy port group pgroup1 3/1-2 4/3 5/4 -> policy condition c2 source port group pgroup1 In this example, a Layer 2 condition ( c2 ) specifies that traffic matche s the ports incl uded of the pgroup1 port group. The con[...]
-
Página 544
Configuring ACLs Configuring ACLs page 25-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 rule7 will take precedence over the other rules. (For more information about precedence, se e “Rule Prece- dence” on page 25-5 .) The action config ured for the rule, a1 , allows traffic from 10.10.4. 8, so the flow will be accepted on th[...]
-
Página 545
Configuring ACLs Configuring ACLs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-13 Layer 2 ACL: Example 1 In this example, the default bridge d disposition i s accept (the default). Since the default is accept , the qos default bridged disposition command would only need to be entered if the disposition had previously been [...]
-
Página 546
Configuring ACLs Configuring ACLs page 25-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Layer 3 ACLs The QoS software in the switch fi lters routed traffic at Layer 3. For Lay er 3 filters, ty pically IP routing must be enabled; however, the switc h may be configured to filt er Layer 3 headers in bridged traffic. Use the qos cla[...]
-
Página 547
Configuring ACLs Configuring ACLs OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-15 Layer 3 ACL: Example 2 This example uses condition gro ups to combine mult iple IP addre sses in a single co ndition. The default disposition is set to deny . -> qos default routed disposition deny -> policy network group GroupA 192 .60[...]
-
Página 548
Configuring ACLs Configuring ACLs page 25-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 To filter multicast cli ents, specify the mul ticast IP ad dre ss, which is the add ress of the multic ast group or stream, and sp ecify the cli ent IP address, VL AN, MAC address, or slot/port . For example: -> qos default multicast dispo[...]
-
Página 549
Configuring ACLs Using ACL Security Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-17 Using ACL Security Features The following ad ditional AC L features are available for improvi ng network security and prev enting mali- cious activit y on the network: • UserPorts —A port group that identi fies its members as u[...]
-
Página 550
Using ACL Security Features Configuring ACLs page 25-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring a DisablePor ts ACL An additional met hod for dealing with spoofed IP traffic is t o create a Disabl ePorts ACL that will adminis- tratively disab le ports that rece ive this type of traffic. To achieve this result, a p[...]
-
Página 551
Configuring ACLs Using ACL Security Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-19 5 Create a rule that denies all source IP addres ses rece iv ed on the port group defi ned in Step 1 a nd spec- ify a precedence for t his rule. For example: -> policy rule noSpoof condition d enyip action badDisablePorts prec e[...]
-
Página 552
Using ACL Security Features Configuring ACLs page 25-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 2 Add the services c reated in St ep 1 to a se rvice group ca lled DropServices using the policy service group command. For example: -> policy service group DropServices tcp135 tcp445 udp137 udp138 udp445 Note that the DropServi[...]
-
Página 553
Configuring ACLs Using ACL Security Features OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-21 Configuring ICMP Dr op Rules Combining a L ayer 2 condi tion for sour ce VLAN with a Layer 3 condition fo r IP protocol is supported. Use these two cond itions togeth er in a policy t o block ICMP echo req uest and reply p ackets w[...]
-
Página 554
Verifying the ACL Configuration Configuring ACLs page 25-22 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 V erifying the ACL Configuration To display information abo ut ACLs, use the same show commands that are used for displaying any QoS policies. These commands include: When a show command is used t o display out put for all pe n[...]
-
Página 555
Configuring ACLs Verifying the ACL Configuration OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 25-23 To display only policy rules th at are active (enabled) on the switch, use th e show active policy rule command. For example: -> show active policy rule Policy From Prec Enab Inact Refl Log Save Matches +my_rule5 cli 0 Yes N[...]
-
Página 556
ACL Application Exa mple Configuring ACLs page 25-24 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 ACL Application Example In this applica tion for IP filt ering, a policy is created to deny Telnet traffic from the outside world to an engineering group in a private network. Set up a polic y rule called outside to de ny Telnet traff[...]
-
Página 557
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 26-1 26 Configuring IP Multicast Switching IP Multicast Switc hing is a on e-to-many commu nication tech nique employ ed by emerging a pplications such as video distribution , news feeds, con ferencing, net casting, and resour ce discovery (OSPF, RIP2, BOOTP). Unlike unicast , whic[...]
-
Página 558
IPMS Specifications Configuring IP Multicast Switching page 26-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 IPMS Specifications The table below lists specifications for Alcatel’s IPMS software. IPMS Default V alues The table below lists default valu es for Alcatel’ s IPMS software. RFCs Supported RFC 2236 — Internet Gr ou[...]
-
Página 559
Configuring IP Multicast Switching IPMS Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 26-3 IPMS Over view A multicast group is defined by a multi cast group address, wh ich is a Class D IP address in the range 224.0.0.0 to 239.255.25 5.255. (Addresses in the ra nge 239.0.0.0 to 239 .255.255. 255 are reserved for bound[...]
-
Página 560
IPMS Overview Configuring IP Multicast Switching page 26-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Reserved Multicast Addresses The Internet Assigned Numbers Au thority (IANA) created the range fo r multicast addr esses, which is 224.0.0.0 to 239.25 5.255.255. Howe ver, as the table below shows, certain addresse s ar e reser[...]
-
Página 561
Configuring IP Multicast Switching Configuring IPMS on a Switch OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 26-5 Configuring IPMS on a Switch This section describes how to use Command Line Interface (CLI) commands to enable and disable IP Multicast Switchi ng (IPMS) switch wi de (see “ Enabling and Disabling IPMS on a Swit[...]
-
Página 562
Configuring IPMS on a Switch Configuring IP Multicast Switching page 26-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Configuring a Static Neighbor You can configure a port as an IPMS static neighb or port by entering ip multicast static-neighbor followed by the VLAN num ber (which must be between 0 and 4095), a space, the slot [...]
-
Página 563
Configuring IP Multicast Switching Configuring IPMS on a Switch OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 26-7 Removing a Static Querier To reset the port so th at it is no longer an IPMS static que rier port you use the no form of the ip multic ast static-querier command b y enterin g ip multicast no static-queri er follo[...]
-
Página 564
Modifying IPMS Parameters Configuring IP Multicast Switching page 26-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Modifying IPMS Parameters The table in “IPMS Default Values” on page 26-2 lists defa ult values for IPMS parameters. The fo llowing sections descri be how to use CLI commands to modi fy these parameters. Modifyi[...]
-
Página 565
Configuring IP Multicast Switch ing Modifying IPMS Parameters OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 26-9 Configuring the Membership Timeout You can modify the IPMS membership timeout from 0 to 42949672 95 seconds by entering ip multicast membership-timeout followed by the new value. For example, to set the membership t[...]
-
Página 566
Modifying IPMS Parameters Configuring IP Multicast Switching page 26-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Restoring the Querier Timeout To restore the neighbor querier to its default (i.e., 260 seconds) val ue you use the no form of the ip multicast querier-timeout command by entering: -> ip multicast no querier-time[...]
-
Página 567
Configuring IP Multicast Switching IPMS Application Example OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 26-11 IPMS Application Example The figure below shows a samp le network with the sw itch sending multicast video. A client attached to Port 5 needs to be configured as a static neighbor an d another client att ached to Por[...]
-
Página 568
IPMS Application Example C onfiguring IP Multicast Switching page 26-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 5 Modify the leave timeout from its default value of 10 seconds to 120 seco nds by entering: -> ip multicast leave-timeout 120 An example of what these commands look like entered sequenti ally on the co mmand lin[...]
-
Página 569
Configuring IP Multicast Switching Displaying IPMS Configurations and Statistics OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 26-13 Displaying IPMS Configurations and Statistics Alcatel’s IP Multicast Switching (IPMS ) show commands provide t ools to moni tor IPMS traf fic and settings and to t roubleshoot problems. These c[...]
-
Página 570
Displaying IPMS Configurations and Statis tics Configuring IP Multicast Switching page 26-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 571
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-1 27 Diagnosing Switch Pr oblems Several tools are available for diagn osing problems that may occur with the switch. These t ools include • Port Mi rroring • Port Moni toring • Remote Monitoring (RMON) probes • Switch Heal th Monito ring Port mirroring cop ies all incom[...]
-
Página 572
In This Chapter Diagnosing Switch Problems page 27-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 • Deleting a Po rt Monitoring Session —see “Deleting a Port Monito ring Sessio n” on page 27-21 . • Pausing a Port Mo nitoring Session —see “Pausing a Port Monitoring Session” on page 27-21 . • Configuring th e pers[...]
-
Página 573
Diagnosing Switch Problems Port Mirroring Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-3 Por t Mirroring Overview The following sectio ns detail the specificatio ns, defaults, a nd quick set u p steps for the po rt mirroring feature. Detaile d procedur es are found in “Port Mirroring” on page 27 -12 . Note. A [...]
-
Página 574
Port Mirroring Overview Diagnosing Switch Problems page 27-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Por t Mirroring Defaults The following table shows port mir roring default values. Global Port Mirr oring Defa ults Parameter Description CLI Co mmand Default V alue/Comments Mirroring Session Creation port mirroring sourc e [...]
-
Página 575
Diagnosing Switch Problems Port Mirroring Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-5 Quick Steps for Configuring Port Mirroring 1 Create a port mirrori ng session . Be sure to sp ecify the p ort mirror ing session ID , source (mirrored) and destination (mirroring) slot/ports, and unblock ed VLAN ID ( op tional[...]
-
Página 576
Port Monitoring Overview Diagnosing Switch Problems page 27-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Por t Monitoring Over view The following sec tions detail the specifica tions, defa ults, and quick se t up steps for the port mirroring feature. Detaile d procedur es are found in “Port Moni toring Overview ” on page 27[...]
-
Página 577
Diagnosing Switch Problems Port Monitoring Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-7 Quick Steps for Configuring Port Monitoring 1 To create a port monitori ng session use the port monitoring source command by entering port monitoring , followed by the port monitoring session ID, source , and the slot and por[...]
-
Página 578
Remote Monitoring (RMON) Overview Diagnosing Switch Problems page 27-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Remote Monitoring (RMON) Over view The following sec tions detail th e specifica tions, defaul ts, and quick set u p steps for the RMON feat ure. Detailed proc edures are found in “Remote Monitoring (RMON)” on p[...]
-
Página 579
Diagnosing Switch Problems Remote Monitoring (RMON) Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-9 RMON Probe Defaults The following ta ble shows Remote Network Moni toring defaul t values. Global RMON Probe Defaults Quick Steps for Enabling/Disabling RMON Probes 1 Enable an inactive (or disable an active) RMON pr[...]
-
Página 580
Switch Health Overview Di agnosing Switch Problems page 27-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Switch Health Over view The following sec tions detail the specifica tions, defa ults, and quick se t up steps for the switch health feature. Detaile d procedur es are found in “Monitoring Switch Hea lth” on page 27-32 . [...]
-
Página 581
Diagnosing Switch Problems Switch Health Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-11 Switch Health Defaults The following tabl e shows Switch Health d efault values. Global Swi tch Health D efaults Quick Steps for Configuring Switch Health 1 Display the heal th threshold li mits, health sampli ng interval sett[...]
-
Página 582
Port Mirroring Diagnosing Switch Problems page 27-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Por t Mirroring You can set u p port mirroring for any pair of Et hernet port s within the same switch chassi s. Ethernet port s supporting port mirro ring include 10BaseT/100BaseTX (RJ-45) and 1000BaseLX (LC) M iniGBIC connectors. Wh[...]
-
Página 583
Diagnosing Switch Problems Port Mirroring OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-13 How Por t Mirroring W orks When a frame is received on a mirrored port, it is copied and sent to the mi rroring port. The received frame is actually t ransmitted twice across t he switch backpl ane–once fo r normal bridging and t he[...]
-
Página 584
Port Mirroring Diagnosing Switch Problems page 27-14 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Using Por t Mirr oring with External RMON Pr obes Port mirroring is a help ful monitoring tool when used in co njunction with an external RMON probe. Once you set up port mirror ing, the probe can collect all relevant RMON statistics [...]
-
Página 585
Diagnosing Switch Problems Port Mirroring OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-15 Creating a Mirroring Session Before port mirroring can be used, it is nece ssary to create a port mirro ring session. The port mirroring source destina tion CLI command can be used to create a mirro ring session between a mirror ed (a[...]
-
Página 586
Port Mirroring Diagnosing Switch Problems page 27-16 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 This command line specifies mir roring session 6, with the source (m irrored) port located in slot 2/po rt 3, and the destination (mi rroring) port located in slot 2/port 4. The mirroring port on VLAN 750 is prot ected from Spanning T[...]
-
Página 587
Diagnosing Switch Problems Port Mirroring OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-17 In this example the command specifies port mirroring sessi on 6, with the mirro red (active) port locat ed in slot 2/port 3, and th e mirroring port l ocated in slot 6/port 4. The mi rroring status is di sabled (i.e., port mirroring i[...]
-
Página 588
Port Mirroring Diagnosing Switch Problems page 27-18 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Enabling or Disabling a Por t Mirroring Session (Shorthand) Once a port mirroring sessi on configuration has been created, th is command is useful fo r enabling or disabling it (tur ning port mirrorin g on or off) without having to re[...]
-
Página 589
Diagnosing Switch Problems Port Mirroring OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-19 Deleting A Mirr oring Session The no form of the port mirroring command can be used to delete a previously created mirro ring session configuratio n between a mi rrored port and a mirroring po rt. To delete a mirroring session, enter [...]
-
Página 590
Port Monitoring Diagnosin g Switch Problems page 27-20 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Por t Monitoring An essential tool of the network engineer is a net work packet capture device. A packet capture device i s usually a PC-based comput er, such as the Sniffer ® , tha t provides a me ans for unde rstanding an d measu[...]
-
Página 591
Diagnosing Switch Problems Port Monitoring OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-21 In addition, you can also sp ecify optional parameters sh own in the t able below. These parameters mu st be entered af ter the slot and port numbe r. For example, t o configure port monitoring session 6 on port 2/3 and admini strati[...]
-
Página 592
Port Monitoring Diagnosin g Switch Problems page 27-22 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Por t Monitoring Session Persistence By default, a p ort monitoring sessi on will neve r be disabled . To modify the le ngth of time befo re a port monitoring sessi on is disabled fro m 0 (the default, wh ere the session[...]
-
Página 593
Diagnosing Switch Problems Port Monitoring OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-23 For example, to c onfigure port mo nitoring session 6 o n port 2/3 with a data fil e called “use r_port” in th e /flash directory enter that will no t overwrite older packets if th e fil e size is exceeded e nter: -> port moni[...]
-
Página 594
Port Monitoring Diagnosin g Switch Problems page 27-24 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Displaying Por t Monitoring Status and Data A summary of the sho w commands used for displaying po rt monitoring sta tus and po rt monitoring d ata are given here: For example, to disp lay port monitoring data use the show port moni[...]
-
Página 595
Diagnosing Switch Problems Remote Monitoring (RMON) OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-25 Remote Monitoring (RMON) Remote Network Monit oring (RMON) is an SNMP protocol used to manage networks remo tely. RMON probes can be used to collect , interpret and forward statis tical data about network traffic from design[...]
-
Página 596
Remote Monitoring (RMON) Diagnosing Switch Pro blems page 27-26 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 RMON probes can be enabled or disabled via CLI commands. Configuratio n of Alarm threshold valu es for RMON traps is a function reserv ed for RMON-monitoring NMS stations. This feature support s basic RMON 4 group impl emen[...]
-
Página 597
Diagnosing Switch Problems Remote Monitoring (RMON) OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-27 Enabling or Disabling RMON Pr obes To enable or disable an indi vidual RMON probe, enter the rmon probes CLI command. Be sure to spec- ify the type of probe ( stats / history / alarm ), followed by the e ntry number (optiona[...]
-
Página 598
Remote Monitoring (RMON) Diagnosing Switch Pro blems page 27-28 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Displaying RMON T ables Two separate commands can be used to retrieve and vi ew Remote Monitoring data: show rmon probes and show rmon events . The retrieved statistics appear in a table format (a coll ection of re lated da[...]
-
Página 599
Diagnosing Switch Problems Remote Monitoring (RMON) OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-29 Displaying Statistics for a Particular RMON Probe To view statistics for a particul ar current RMON probe, e nter the show rmon probes command, specifying an entry number for a particular probe, such as: -> show rmon prob[...]
-
Página 600
Remote Monitoring (RMON) Diagnosing Switch Pro blems page 27-30 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Sample Display fo r Histor y Probe The display shown here identifies RMON Pro be 10325’s Owner descri ption and interfac e location (Analyzer-p:12 8.251.18.166 on slot 1, por t 35), the total number of Hi story Control Bu[...]
-
Página 601
Diagnosing Switch Problems Remote Monitoring (RMON) OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-31 Displaying a List of RMON Events RMON Events are actions that occur based on Alarm co nditions detect ed by an RMON probe. To view a list of logged RMON Events, ent er the show rmon events co mmand without sp ecifying an en [...]
-
Página 602
Monitoring Switch Health Diagnosing Switch Problems page 27-32 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Monitoring Switch Health To monitor resource availability, the NMS (Netwo rk Manageme nt System) nee ds to collect si gnificant amounts of data from each switch. As the nu mber of ports per switch (and the n umber of switche[...]
-
Página 603
Diagnosing Switch Problems Monitoring Switch Health OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-33 The following sections incl ude a discussion of CLI command s that can be used to conf igure resource parameters and monito r or reset statistics for switch resources. Thes e commands include: • health threshold —Configu[...]
-
Página 604
Monitoring Switch Health Diagnosing Switch Problems page 27-34 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Resource and T emperature Thresholds Health Monito ring software monitors threshold levels for the switch’s consumable resources— bandwidth, RAM memory, and CPU capacity —as well as the ambient chassis te m[...]
-
Página 605
Diagnosing Switch Problems Monitoring Switch Health OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-35 Displaying Health Threshold Limits The show health threshold command is used to view all current heal th thresholds on the switch, as well as individual th resholds for input t raffic (RX), output/input tr affic (TX/RX), mem[...]
-
Página 606
Monitoring Switch Health Diagnosing Switch Problems page 27-36 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Configuring Sampling Intervals The sampling interval is the period of time be tween polls of the switch’s consumable reso urces to moni- tor performance vis-a-vis previ o usly specified thresholds. The health interval comm[...]
-
Página 607
Diagnosing Switch Problems Monitoring Switch Health OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 27-37 V iewing Health Statistics for the Switch The show health command can be used t o display health statistics for the switch. To display he alth statistics, en ter the show health command, followed by the slot/port l ocation a[...]
-
Página 608
Monitoring Switch Health Diagnosing Switch Problems page 27-38 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 V iewing Health Statistics for a Specific Inter face To view health statistics fo r slot 4/port 3, ente r the show health command, followed by the approp riate slot and port numbers. A scre en similar to the following examp [...]
-
Página 609
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 28-1 28 Using Switch Logging Switch logging is a n event logg ing utility t hat is useful in ma intaining an d servicing th e switch. Switch logging uses a formatted string mech anism to either reco rd or discard ev ent data from switc h applications. The log records are copied to [...]
-
Página 610
Switch Logging Specifications Using Switch Logging page 28-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Switch Logging Specifications Functionality Sup ported High-level event logging mechanism that for- wards requests from applications to enabled logging devic es. Functionality Not Supported Not intended fo r debugging indi vi[...]
-
Página 611
Using Switch Logging Switch Logging Defaults OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 28-3 Switch Logging Defaults The following ta ble shows switch l ogging default v alues. Global Switch Logging Defaults Parameter Description CLI Co mmand Default V alue/Comments Enabling/Di sabling switch lo gging swlog Enabled Switch l[...]
-
Página 612
Quick Steps for Configuring Switc h Logging Using Switch Logging page 28-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Quick Steps for Configuring Switch Logging 1 Enable switch lo gging by usi ng the following c ommand: -> swlog 2 Specify the ID of the appl ication to be logged al ong with the logging se verity le vel. ->[...]
-
Página 613
Using Switch Logging Switch Logging Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 28-5 Switch Logging Over view Switch logging uses a format ted string me chanism to proc ess log requests fro m switch application s. When a log request i s received, swi tch logging co mpares the severity l evel included with the reques[...]
-
Página 614
Switch Logging Commands Overview Using Switch Logging page 28-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Switch Logging Commands Over view This section describ es the switch lo gging CLI comma nds, for enabling or disabling switc h logging, displaying th e current status of the switch logging feature, and di splaying stored l[...]
-
Página 615
Using Switch Logging Switch Logging Commands Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 28-7 STP 11 APPID_SP ANNI NG TREE LINKAGG 12 APPID_LINKAGG REGA TION QOS 13 APPID_QOS RSVP 14 APPID_RSVP IP 15 APPID_IP IPMS 17 APPID_IP MS AMAP 18 APPID_XMAP GMAP 19 APPID_GMAP AAA 20 APPID_ AAA IPC-MON 21 APPID_ IPC_MON IP-HEL[...]
-
Página 616
Switch Logging Commands Overview Using Switch Logging page 28-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 The level keywor d assigns the error-type severity level to the specified applica tion IDs. Values range from 2 (highest seve rity) to 9 (low est severity). The values are defined in t he following table: Specifying the Se[...]
-
Página 617
Using Switch Logging Switch Logging Commands Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 28-9 Removing the Severity Level To remove the switch l ogging severity l evel, enter the no swlog appid level command, including the application ID and severity-level values. The following is a t ypical example: -> no swlog [...]
-
Página 618
Switch Logging Commands Overview Using Switch Logging page 28-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Disabling an IP Address from Receiving Switch Logging Output To disable a partic ular IP address from rec eiving switch logg ing output, ent er the followin g command: -> no swlog output socket No confirmation message w[...]
-
Página 619
Using Switch Logging Switch Logging Commands Overview OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 28-11 Configuring the Switch Logging File Size By default, th e size of the switch logging file i s 128000 byt es. To configure the size of the switch loggin g file use the swlog output flash file- size command. To use this comm[...]
-
Página 620
Switch Logging Commands Overview Using Switch Logging page 28-12 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006 Displaying Switch Logging Records The show log swlog command can produce a display showin g all switch logging informatio n or you can display information ac cording to session , timestamp, appl ication ID or severi ty lev[...]
-
Página 621
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 29-1 29 Monitoring Memor y Debug memory mo nitor commands ca n monitor memory allocation an d free memory (such as detect ion of invalid free addresses and maintena nce of size statis tics). These commands are useful for monitoring logging of even ts, leak detect ion, classificat i[...]
-
Página 622
Memory Monitoring Specifications Monitoring Memory page 29-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Memor y Monitoring Specifications The following ta ble shows Memory Mo nitoring specific ations: Memor y Monitoring Defaults The following table shows M emory Monitoring default valu es: Functionality Supported Fence Post/ Ba[...]
-
Página 623
Monitoring Memory Quick Steps for Configuring Memory Monitoring OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 29-3 Quick Steps for Configuring Memor y Monitoring 1 Use the following com mands to enable Memory Mo nitoring. (Memory Monit oring is factory disabl ed by default.) For example: -> debug memory monitor enable 2 To [...]
-
Página 624
Debug Memory Commands Overview Monitoring Memory page 29-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Debug Memor y Commands Over view The Debug Memory Commands prov ide monitoring of memory allocat ion and free memory. By provid- ing a method to enable/di sable memory mon itoring and display memor y usage reports, these comman[...]
-
Página 625
Monitoring Memory Configuring Debug Memory Commands OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 29-5 Displaying the Memor y Monitor Log The debug memory monitor show log command displays memo ry monitoring lo g information. By enter- ing this command, a display similar to t he following will appear onscre en: -> debug mem[...]
-
Página 626
Configuring Debug Memory Commands Monitoring Memory page 29-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Displaying the Memor y Monitor Global Statistics The debug memory monitor show log global command can display memory monito ring global statis- tics. By specifyi ng the global varia ble to view global statistics, a display s[...]
-
Página 627
Monitoring Memory Configuring Debug Memory Commands OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 29-7 Displaying the Memor y Monitor T ask Statistics The debug memory monitor show log task command can disp lay memory monitoring task statistics. B y specifying the task variable to view task statisti cs, a display simil ar to t[...]
-
Página 628
Configuring Debug Memory Commands Monitoring Memory page 29-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Task Name Current Cumulative -------------+-------------+-------- --------- TrapMgr 4548 63976 Elpc 2336 2392 VlanMgr 208 149672 PortMgr 804 75424 Gateway 84 140 CfgMgr 228 897491 tCS_HSM 1240 2500 tCS_CMS 188 328 tCS_PRB 31[...]
-
Página 629
Monitoring Memory Configuring Debug Memory Commands OmniSwitch 6600 Family Network Configurati on Guide April 2006 page 29-9 Displaying the Memor y Monitor Size Statistics The debug memory moni tor show log size command can display memory monitoring size st atistics. By entering the size variable to view si ze statistics, a display simil ar to the [...]
-
Página 630
Configuring Debug Memory Commands Monitoring Memory page 29-10 OmniSwitch 6600 Fam ily Network Configuration Guide April 2006[...]
-
Página 631
OmniSwitch 6600 Family Network Configurati on Guide April 2006 page A-1 A Software License and Copyright Statements This appendix co ntains Alcate l and third-pa rty software ven dor license and copyright st atements. Alcatel License Agreement ALCA TEL INTERNETWORKING, INC. (“AII”) SOF TW ARE LICENSE AGREEMENT IMPORTANT. Please re ad the terms [...]
-
Página 632
Alcatel License Agreement Software License and Copyright Statements page A-2 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 3. Confidentiality. AII considers the Licensed File s to contain valuable t rade secrets of AII, t he unautho- rized disclosure of which could cause irrepa rable harm to AII. Except as expressly set forth here[...]
-
Página 633
Software License and Copyright St atements Alcatel License Agreement OmniSwitch 6600 Family Network Configurati on Guide April 2006 page A-3 10. Governing Law. This License Agreement shall be constr ued and governed in accordance with the laws of the Sta te of Califo rnia. 11. Severabil ity. Should a ny term of this Li cense Agreement be declared v[...]
-
Página 634
Third Party Licenses and Notices Software License and Copyright Statements page A-4 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 Third Par ty Licenses and Notices The licenses and notices related only to su ch third party software are set forth below: A. Booting and Debugging Non-Proprietary Software A small, separate software po[...]
-
Página 635
Software License and Copyright Statements Third Party Licenses and Notices OmniSwitch 6600 Family Network Configurati on Guide April 2006 page A-5 C. Linux Linux is wri tten and distrib uted under the GNU General Public License w hich means th at its source co de is freely- distrib uted and ava ilable to the general public. D. GNU GENERAL PUBLIC LI[...]
-
Página 636
Third Party Licenses and Notices Software License and Copyright Statements page A-6 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 verbatim or with mod ifications and/or t ranslated into another language. (Hereinafter , translation is included wi thout limitati on in the term “mo difi cation”. ) Each licensee is a ddressed as ?[...]
-
Página 637
Software License and Copyright Statements Third Party Licenses and Notices OmniSwitch 6600 Family Network Configurati on Guide April 2006 page A-7 b Accompany it wi th a written of fer, valid for at least three yea rs, to give any th ird party, for a charg e no more than your cost of physi cally performing source distri bution, a complete machine-r[...]
-
Página 638
Third Party Licenses and Notices Software License and Copyright Statements page A-8 OmniSwitch 6600 Fam ily Network Configur ation Guide April 2006 consistent application o f that syste m; it is up to th e author/do nor to decide i f he or she is willing to dist rib- ute software throug h any other system an d a licensee cannot impose t hat choice.[...]
-
Página 639
Software License and Copyright Statements Third Party Licenses and Notices OmniSwitch 6600 Family Network Configurati on Guide April 2006 page A-9 Appendix: How to Apply These T erms to Y our New Programs If you develop a new program, and you w ant it to be of th e greatest possible u se to the publ ic, the best way to achieve this is to make it fr[...]
-
Página 640
Third Party Licenses and Notices Software License and Copyright Statements page A-10 OmniSwitch 6600 Family Network Con figuration Guide April 2006 Material copyright Li nux Online Inc. Design and compilation copyright (c)1994-200 2 Linux Online Inc. Linux is a regist ered trad emark of Linus Torvalds Tux the Penguin, featured in our logo, wa s cre[...]
-
Página 641
Software License and Copyright Statements Third Party Licenses and Notices OmniSwitch 6600 Family Network Configurati on Guide April 2006 page A-11 H. Apptitude, Inc. Provided with th is product is certai n network moni toring software (“Me terWorks/RMON”) licensed from Apptitude, Inc., wh ose copyright notice is as follo ws: Copyright (C) 1 99[...]
-
Página 642
Third Party Licenses and Notices Software License and Copyright Statements page A-12 OmniSwitch 6600 Family Network Con figuration Guide April 2006 L. Wind River Systems, Inc. Provided with th is product is certain software (“ Run-Time Module”) licensed from Wind River Sy stems, Inc. Licensee is prohibited from: (i) copying the Ru n-Time Module[...]
-
Página 643
OmniSwitch 6600 Family Network Configurati on Guide April 2006 Index-1 Index Numerics 802.1p trusted ports 38-20 802.1Q 25-1 application examples 25-9 defaults 25-2 enabling tagging 25-5, 25-6 frame type 25-7 overview 25-3 specifications 25-2 trusted ports 38-5, 38-20 verify information about 25-11 802.1Q ports trusted 38-20 802.1X 36-1 Access Guar[...]
-
Página 644
Index Index-2 O mniSwitch 6600 Family Network Configuration Guid e Apr il 2006 policies 38-49 policy map groups 38-43 Port Mapping 23-2 port mirroring 41-5 port monitoring 41-7 QoS 38-22, 38-49 RIP 30-3 RMON 41-9 source learning 16-2 Spanning Tree Algorithm and Protocol 19-7, 19-29 static link aggreg ation 26-3, 26-16 switch health 41-11 switch log[...]
-
Página 645
Index OmniSwitch 6600 Family Network Configurati on Guide April 2006 Index-3 dynamic link aggregation 27-3 ethernet port 15-3 IP 28-2, 29-2 IPMS 40-2 memory monitoring 43-2 mobile ports 21-2 policy servers 37-2 Port Mapping 23-2 port mirroring 41-4 port monitoring 41-6 QoS 38-9 RDP 31-2 RDP interface 31-9 RIP 30-2 RMON 41-9 source learning 16-2, 17[...]
-
Página 646
Index Index-4 O mniSwitch 6600 Family Network Configuration Guid e Apr il 2006 F Fast Spanning Tree 19-4 filtering lists see ACLs flow command 15-14 flow control 15-14, 15-23 flow control wait time 15-15 flow wait time command 15-15 fragments built-in policies 38-1 1 classifying 38-17 frame type 25-7 H health interval command 41-36 health statistic[...]
-
Página 647
Index OmniSwitch 6600 Family Network Configurati on Guide April 2006 Index-5 ip multicast switc hing command 40-5 ip rip force-holddowntimer command 30-9 ip rip host-route command 30-9 ip rip interface au th-key command 30-15 ip rip interf ace auth- type command 30-14 ip rip interface command 30-7 ip rip interface me tric command 30-8 ip rip interf[...]
-
Página 648
Index Index-6 O mniSwitch 6600 Family Network Configuration Guid e Apr il 2006 LDAP servers see policy servers used for QoS policies 37-3 Lightweight Director y Access Protocol see LDAP servers line speed 15-16 link aggregation 802.1Q 25-6 dynamic link aggregation 27-1 enabling tagging 25-6 Spanning Tree parameters 19-21, 19-23, 19-25, 19-27, 19-28[...]
-
Página 649
Index OmniSwitch 6600 Family Network Configurati on Guide April 2006 Index-7 policy server flush command 37-6 compared to qos flush command 37-7 policy server load command 37-6 policy servers defaults 37-2 downloading policies 37-6 installing 37-3 SSL 37-6 policy service command 39-10 policy service group command 38-34, 39-10 policy service groups [...]
-
Página 650
Index Index-8 O mniSwitch 6600 Family Network Configuration Guid e Apr il 2006 qos stats interval command 38-18 qos trust ports command 38-21 Quality of Service see QoS queues shared 38-20 R RADIUS accounting servers standard attributes 34- 13 used for 802.1X 36-13 used for authenticated VLANs 35-35 VSAs 34-14 RADIUS authentic ation servers 34-9 fu[...]
-
Página 651
Index OmniSwitch 6600 Family Network Configurati on Guide April 2006 Index-9 show 802.1q command 25-8, 25-11 show 802.1x command 36-3 show aaa accounting vlan command 35-6 show aaa authentication alvan command 35-6 show amap command 24-7 show arp command 28-10 show avlan user command 35-26 show health command 41-37 show health interval command 41-3[...]
-
Página 652
Index Index-10 OmniSwi tch 6600 Family Network Configuration Guid e Apr il 2006 static VLAN port assignment 21-4 STP see Spanning Tree Algor ithm and Protocol subnet mask 28-9 switch health application examples 41-11 defaults 41-11 monitoring 41-32 specifications 41-10 switch health statistics resetting 41-38 viewing 41-37 switch logging applicatio[...]
-
Página 653
Index OmniSwitch 6600 Family Network Configurati on Guide April 2006 Index-11 VLANs 18-1, 18-6 802.1Q 25-3 administrative st atus 1 8-7 application examples 18-3, 18-13, 21-3 authentication 18-12 default VLAN 21-1, 21-13 defaults 18-2 description 18-7 enabling tagging 25-3 IP router ports 28-7 MAC address aging time 16-7 operational status 18-6 por[...]
-
Página 654
Index Index-12 OmniSwi tch 6600 Family Network Configuration Guid e Apr il 2006[...]