Ir para a página of
Manuais similares
-
Switch
GarrettCom OSI
10 páginas 0.52 mb -
Switch
GarrettCom 6K25
68 páginas 0.77 mb -
Switch
GarrettCom P62
40 páginas 0.74 mb -
Switch
GarrettCom Magnum ST80
29 páginas 0.34 mb -
Switch
GarrettCom CSN14
76 páginas 0.76 mb -
Switch
GarrettCom CS14
76 páginas 0.76 mb -
Switch
GarrettCom 1024
44 páginas 0.59 mb -
Switch
GarrettCom P80F
28 páginas 0.19 mb
Bom manual de uso
As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto GarrettCom MNS-6K 4.1.4. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoGarrettCom MNS-6K 4.1.4 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.
O que é a instrução?
A palavra vem do latim "Instructio" ou instruir. Portanto, no manual GarrettCom MNS-6K 4.1.4 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.
Infelizmente, pequenos usuários tomam o tempo para ler o manual GarrettCom MNS-6K 4.1.4, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.
Então, o que deve conter o manual perfeito?
Primeiro, o manual GarrettCom MNS-6K 4.1.4 deve conte:
- dados técnicos do dispositivo GarrettCom MNS-6K 4.1.4
- nome do fabricante e ano de fabricação do dispositivo GarrettCom MNS-6K 4.1.4
- instruções de utilização, regulação e manutenção do dispositivo GarrettCom MNS-6K 4.1.4
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes
Por que você não ler manuais?
Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque GarrettCom MNS-6K 4.1.4 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos GarrettCom MNS-6K 4.1.4 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço GarrettCom na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas GarrettCom MNS-6K 4.1.4, como para a versão papel.
Por que ler manuais?
Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo GarrettCom MNS-6K 4.1.4, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.
Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual GarrettCom MNS-6K 4.1.4. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação
Índice do manual
-
Página 1
MAGNUM 6K F AMIL Y OF SWIT CHES Mana ged Netw or k Softw are (MNS) MNS-6K-SECURE 14.1.4 and MNS-6K 4.1.4 CLI User Guide[...]
-
Página 2
Pr eface This guide describes how to use the Command Line Interface (CLI) for the Magnum 6K family of switches. For the Web Management Interface please refer to the Web Management Guide. Some simple guidelines which will be use ful for configuring and using the Magnum 6K family of switches - If you need information on a specific command in the [...]
-
Página 3
ii T r ademar ks GarrettCom Inc. reserves the right to change spe cifications, perform ance characteristics and/or model offerings with out notice. GarrettCom, Magnum, S-Ring, Link-Loss-Learn, Converter Switch, Conve nient Switch and Personal Swit ch are trademarks and Person al Hub is a registered trademark of Garrett Com, Inc. NEBS is a registere[...]
-
Página 4
T able of Contents 1 – Conventions Followed ............................................................... 19 Flow of the User Guide .......................................................... 21 2 – Getting Started ............................................................................ 23 Before starting ..................................[...]
-
Página 5
Upgrading to MNS-6K-SECURE ......................................... 36 List of commands in this chapter .......................................... 37 3 – IP Address and System Information ..................................... 39 IP Addressing ............................................................................... 39 Importance of an IP a[...]
-
Página 6
Configuring IPv6 ...................................................................... 74 List of commands in this chapter .......................................... 75 5 – DHCP Server .................................................................. 77 Modes of Operation ................................................................ 78 Techn[...]
-
Página 7
8 – Access Using RADIUS ................................................. 106 RADIUS ..................................................................................... 106 802.1x ....................................................................................... 106 Configuring 802.1x .......................................................[...]
-
Página 8
Using STP ................................................................................ 148 List of commands in this chapter ........................................ 158 13 – Rapid Spanning Tree Pr otocol (RSTP) ...................... 159 RSTP concepts ........................................................................... 159 Transition f[...]
-
Página 9
Configuring QoS .................................................................... 208 List of commands in this chapter ........................................ 213 18 – IGMP ........................................................................... 214 IGMP concepts .......................................................................... 21[...]
-
Página 10
System Events ......................................................................... 272 MAC Address Table .............................................................. 277 List of commands in this chapter ........................................ 278 APPENDIX 1 - Command listing by Chapter .................. 281 Chapter 2 – Getting Started ..[...]
-
Página 11
x Using Mozilla Firefox (ver. 3.x) ........................................... 329 Using Internet Explorer (ver 7.x) ........................................ 333 Using Other Browsers ........................................................... 334 APPENDIX 5 – Updating MNS-6K Software .................... 335 1. Getting Started ...................[...]
-
Página 12
List of Figures F IGURE 1 - HyperTerminal screen showing the serial settings ................................................................. 25 F IGURE 2 - Prompt indicating the switch model number as well as mode of operation – note the commands to switch between the levels is not shown here. ...................................................[...]
-
Página 13
F IGURE 24 - Changing telnet access – note in this case , the enable command was repeated without any effect to the switch ................................................................................................................ 42 F IGURE 25 - Reviewing the console parameters – note telnet is enabled ....................................[...]
-
Página 14
F IGURE 46 – displaying configuration for different mo dules. Note – multiple modules can be specified on the command line ..................................................................................................... 64 F IGURE 47 – Hide or display system passwords ......................................................................[...]
-
Página 15
F IGURE 70 – securing the network using port access ............................................................................ 113 F IGURE 71 – Flow chart describing the interact ion between local users and TACACS authorization ....................................................................................................................[...]
-
Página 16
F IGURE 94 – More than one S-Ring pair can be selec ted and more than one S-Ring can be defined per switch. Note – the mP62 as we ll as the ES42 switches support LLL and can participate in S-Ring as an acc ess switch .................................................................................. 180 F IGURE 95 – Activating S-Ring on the sw[...]
-
Página 17
F IGURE 112 – The network for the ‘show lacp’ command listed below .................................................. 203 F IGURE 113 – LACP information over a network ............................................................................. 204 F IGURE 114 – ToS and DSCP ...............................................................[...]
-
Página 18
F IGURE 136 – Predefined conditions for the relay ................................................................................ 257 F IGURE 137 – Setting up the external electrical relay and alerts .......................................................... 260 F IGURE 138 – setting SMTP to receive SNMP trap information via email ..........[...]
-
Página 19
xviii F IGURE 163 – Make sure to select the Xmodem protoc ol and the proper directory where t he configuration is saved. Click on Receive. This starts the file transfer. ......................................... 345 F IGURE 164 – Status window for Xmodem (using HyperTerminal under Windows X P) .................... 346 F IGURE 165 – Message wh[...]
-
Página 20
Chapter 1 1 – Con v entions F ollo w ed Conventions followed in the manual… o best use this document, please review some of the conventions followed in the manual, including screen captures, inte ractions and commands with the switch, etc. T Box shows interaction with the switch comma nd line or screen captures from the switch or computer for c[...]
-
Página 21
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Re Re ab lated Topics lated topics show that GarrettCom strongly recommends reading out those topics. You may choose to skip those if you already have prior detailed knowledge on those subjects. j Tool box – Necessary software and hard ware components needed (or recommended to have) as a prerequisi te. These [...]
-
Página 22
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Flow of the User Guide The manual is designed to guide th e user through a sequence of events. Chapter 1 – this chapter Chapter 2 is the basic setup as required by the Magnum 6K family of switc hes. After completing Chapter 2, the configuration can be done using the web interface. Chapter 2 is perhaps the mos[...]
-
Página 23
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 22 Chapter 12 shows how STP can be setup and used. To day, RSTP is pref erred over STP. Chapter 13 shows how RSTP is setup and used as well as how RSTP can be used with legacy devices which support STP only. Chapter 14 focuses on S-Ring™ and setup of S-Ring. Chapter 15 talks about dual homing and how dual hom[...]
-
Página 24
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Chapter 2 2 – Getting Star ted First few sim ple steps … his section explains how the GarrettCom Magnum 6K family of switches can be setup using the console port on the switch. So me of the functionality includes setting up the IP address of the switch, securing the switch with a user na me and password, se[...]
-
Página 25
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE and a PC is networked to the switch, the switch’s command line interface (CLI) can be accessed via telnet. To manage the switch th rough in-band (networked) access (e.g. telnet, or Web Browser Interface), you should config ure the switch with an IP address an d subnet mask compatible with your network. You sh[...]
-
Página 26
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Once the switch is configured with an IP address, the Command Line Interface (or CLI) is also accessible using telnet as well as the serial port. Access to th e switch can be either through the console interface or remotely over the network. The Command Line Interface (CLI) enables local or remote unit installa[...]
-
Página 27
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The switch has three modes of operation – Operator (least privilege), Manager and Configuration. The prompts for the switches change as the switch changes modes from Operator to Manager to Configuration. The pr ompts are shown in Figure 2 below, with a brief explanation of what the different prompts indicate.[...]
-
Página 28
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Should a situation arise when there are mult iple new switches powered up at the same time, there could be a situati on of duplicate IP addresses. In this situation, only one Magnum switch will be assigned the IP address of 192.168.1.2 and netmask of 255.255.255.0. The other switches will not be assigned an IP [...]
-
Página 29
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE • Power on the switch • Once the login prompt appears, login as manager using default password (manager) • Configure the IP address, network mask and default gateway as per the IP addressing scheme for your network • Set the Manager Password (recommended–refer to next section) • Save the settings (w[...]
-
Página 30
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Version : Magnum 6K25 build 14.1 Jul 28 2008 07:51: 45 MAC Address : 00:20:06:25:b7:e0 IP Address : 192.168.1.150 Subnet Mask : 255.255.255.0 Gateway Address : 192.168.1.10 CLI Mode : Manager System Name : Magnum6K25 System Description : 25 Port Modular Ethernet Switch System Contact : support@garrettcom.com Sy[...]
-
Página 31
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE command is shown below in Figure 6 Magnum6K25> enable manager Password: ******* Magnum6K25# F IGURE 7 - Switching users and privilege levels. Note the prompt changes with the new privilege level. Operator Privileges Operator privileges allow views of the current configurations but do not allow changes to the[...]
-
Página 32
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# user Magnum6K25(user)## add user=peter level=2 Enter User Password :****** Confirm New Password :***** * Magnum6K25(user)## F IGURE 8 - Adding a user with Manager level privilege In this example, user ‘peter’ was added with Manager privilege. Delete User Syntax delete user=<name> Magnum6K2[...]
-
Página 33
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(user)## F IGURE 11 - Changing the privileg e levels for a user In this example, user ‘peter’ was modified to Operator privileges. Modifying Access Privile ges User access allows the network adm inistrators to control as to who has read and write access and for which set of command groups. T h e c[...]
-
Página 34
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25( u s e r )# # useraccess user=peter group=vlan,user,system type=read enable Access rules set for Read Operation. Groups: All Command Group s. ML2400(user)## show users Sl# Username Access Permissions --- -------- ------------------ 1 manager Manager Read Access: All Command Groups Write Access: All C[...]
-
Página 35
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Help Typing the ‘ help ’ command lists the commands you can execute at the current privilege level. For example, typing ‘ help ’ at the Operator level shows Magnum6K25> help logout ping set terminal telnet walk mib Contextless Commands: ! ? clear enable exit help show whoami alarm Magnum6K25> F IG[...]
-
Página 36
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE show active-vlan show address-table show ag e show alarm show ar p show auth <config|ports> show backpressure show bootmode --more-- F IGURE 16 - Options for the ‘show’ command Conte xt help Other ways to display help, specifically, wi th reference to a command or a set of commands, use the TAB key. S[...]
-
Página 37
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25> se<TAB> passwor d timeout vlan Magnum6K25> set F IGURE 19 - Listing commands options – note the comma nd was not completed and the TAB key completed the command. Exiting To exit from the CLI interface and terminate the console session use the ‘ logout ’ command. The logout command [...]
-
Página 38
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Saving current configuration Configuration saved Saving current event logs Event logs saved Magnum6K25# F IGURE 21 – Upgrading to MNS-6K-SECURE After the license key is entered – please use the save command to save the key in flash memory. It is recommended to preserve the information for future use. List o[...]
-
Página 39
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 38 Syntax <TAB> - listing all commands available at the privilege level Syntax <command string> <TAB> - options for a command Syntax <first character of the command> <TAB> - listing commands starting with the character Syntax logout – logout from the CLI session Syntax useraccess[...]
-
Página 40
Chapter 3 3 – IP Addr ess and System Inf or ma tion First simple steps to follow … his section explains how the Magnum 6K fam ily of switches can be setup using other automatic methods such as bootp and DHCP . Besides this, other parameters required for proper operation of the switch in a network are discussed. T IP Addressing It is assumed tha[...]
-
Página 41
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 40 To verify the IP address settings, the ‘show ipconfig’ command can be used. Magnum6K25> show ipconfig IP Address : 192.168.1.150 Subnet Mask : 255.255.255.0 Default Gateway : 192.168.1.10 Magnum6K25> F IGURE 22 - Checking the IP settings Besides manually assigning IP addresses, ther e are other mea[...]
-
Página 42
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE ht: is the “hardware type”. For the Magnum 6K family of switches, set this to ether (for Ethernet). This tag must precede the “ ha” ta g. ha: is the “hardware address”. Use th e switch’s 12-digit MAC address ip: is the IP address to be assigned to the switch sm: is the subnet mask of the subnet in[...]
-
Página 43
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE switch is put on a network and the speci fic configurations are loaded from a centralized BootP server Magnum6K25# set bootmode type=dhcp Save Configuration and Restart System Magnum6K25# set bootmode type=aut o Save Configuration and Restart System Magnum6K25# set bootmode type=bootp bo otimg=enable bootcfg=di[...]
-
Página 44
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# show console Console/Serial Link Inbound Telnet Enabled : Yes Outbound Telnet Enabled : Yes Web Console Enabled : Yes SNMP Enabled : Yes Terminal Type : VT100 Screen Refresh Interval (sec) : 3 Baud Rate : 38400 Flow Control : None Session Inactivity Time (min) : 10 Magnum6K25# F IGURE 25 - Reviewing[...]
-
Página 45
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# user Magnum6K25(us er)## useraccess user=peter service=telnet enable Telnet Access Enabled. Magnum6K25(us er)## exit Magnum6K25# show session Current Sessions: SL # Session Id Connection User Name User Mode 1 1 163.10.10.14 manager Manager 2 2 163.11. 11.15 peter Manager 3 3 163.12.12.16 operator Op[...]
-
Página 46
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE strong algorithms such as blowfish, 3DES, IDEA etc.). Encryption provides confidentiality and integrity of data. . The goal of SSH was to repl ace the earlier rlogin, Telnet and rsh protocols, which did not provide strong authentication or guarantee confidentiality. In 1995, Tatu Ylönen, a researcher at Helsin[...]
-
Página 47
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE • The user authentication layer (RFC 4252). This layer handles client authentication and provides a number of authentication methods. Authentica tion is client-driven , a fact commonly misunderstood by users; when one is prompted for a password, it may be the SSH client prompting, not the server. Th e server [...]
-
Página 48
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25 (access)# # ssh ? ssh <enable|disable > : Enable s or Di sa bles the SSH ssh keygen : Generate Security Keys. ssh port=<port|default> : Set TCP/IP Port Usage ssh <enable|disable|keygen> ssh port=<port|default> Magnum6K25 (access)# # show ssh SSH is disabled Magnum6K25 (access)[...]
-
Página 49
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Boot Mode : manual Inactivity Timeout(min) : 500 Address Age Interval(min) : 300 Inbound Telnet Enabled : Yes Web Agent Enabled : Yes SSH Server enabled : Yes Modbus Server Enabled : Yes Time Zone : GMT-08hours:00minutes Day Light Time Rule : None System UpTime : 0 Days 0 Hours 2 Mins 31 Secs ML2400# F IGURE 28[...]
-
Página 50
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# show dns DNS Server Address : 0.0.0.0 Domain Name : Not Set DNS Status : Disabled. Magnum6K25# set dns server=192.168.5.254 domain=customer-doma in.com Domain Name Server Set. Magnum6K25# show dns DNS Server Address : 192.168.5.254 Domain Name : cu stomer-domain.com DNS Status : Disabled. Magnum6K25[...]
-
Página 51
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Setting serial por t par ameter s To be compliant with IT or other policies the console parameters can be changed from the CLI interface. This is best done by setting the IP address and then telnet over to the switch. Once connected using telnet, the serial parameters can be changed. If you are using the serial[...]
-
Página 52
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE System Contact : support@garrettcom.com System Location : Fremont, CA System ObjectId : 1.3.6.1.4.1.553.12.6 Magnum6K25# F IGURE 31 - System parameters using the show setup co mmand. Most parameters here cannot be changed Magnum6K25# show sysconfig System Name : Magnum6K25 System Contact : support@garrettcom.co[...]
-
Página 53
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# snmp Magnum6K25(snmp)## setvar ? setvar : Configures system name, co ntact or location Usage: setvar [sysname|syscontac t|syslocation] =<string> Magnum6K25(snmp)## setvar syslocation=Fremont System variable(s) set successfully Magnum6K25(snmp)## exit Magnum6K25# F IGURE 33 - Setting the system[...]
-
Página 54
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax set timeformat format=<12|24> Syntax set daylight country=< country name> Magnum6K25# set daylight ? set daylight : Sets the day light loc ation Usage set daylight country=<name> Magnum6K25# set daylight country=USA Success in setting daylight savings to the given location/country USA M[...]
-
Página 55
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 54 Syntax sntp [enable|disable] For example, to set the SNTP server to be 204.65.129.201 2 (with a time out of 3 seconds and a number of retries set to 3 times); allowi ng the synchronization to be ever 5 hours, the following commands are used Magnum6K25# sntp Magnum6K25(sntp)## se tsntp server=204.65.129.201 t[...]
-
Página 56
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 55 To upgrade to MNS-6K 4.x or MNS-6K-SEC URE 14.x, make sure the switch is first upgraded to version 3.7 or higher Once the configuration is saved – the saved conf iguration can be loaded to restore back the settings. At this time the configuration parameter saved or loaded are not in a human readable format[...]
-
Página 57
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax show ftp - display the current ftp operation mode With MNS-6K additional capabilities have been added to save and load configurations. The commands are: Syntax ftp <get|put|list|del> [type=<app |config|oldconf|script|hos ts|log>] [host=<hostname>] [ip=<ipaddress>] [file=<filena[...]
-
Página 58
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE This can also perform the task of exporti ng a configuration file or uploading a new image to the switch [host=<hostname>] [ip=<ipa ddress>] [file=<filename>] – parameters associated with tftp server for pr oper communications with the server Syntax xmodem <get|put> [type=<app|confi[...]
-
Página 59
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE object or in a newer format as an ASCII (readable) file. The new format is preferred by GarrettCom and GarrettCom recommends all configuration f iles be saved in the new format. GarrettCom recommends saving the configuration in the old format only if there are multiple Magnum 6K family of switches on the networ[...]
-
Página 60
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE # of Magnum 6K switch configurations. As such, this script # provides insights into the configuratio n of Magnum 6K switch's # settings. GarrettCom recommends th at modifications of this # file and the commands should be verified by the User in a # test environment prior to use in a "live" produc[...]
-
Página 61
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE System portion of the file only. GarrettCom r ecommends editing the “scr ipt” file (see below) Note 2 – File names cannot have special characters such as *#!@$^&* space and control characters. Script files Script file is a file containing a set of CLI commands which are used to configure the switch. C[...]
-
Página 62
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE # System Manager - This area configures System rel ated # # i nformation. # ################### ######################### ############## set bootmode type=manual ipconfig ip=192.168.5.5 mask=0.0.0.0 dgw=0.0.0.0 set timeout=10 access telnet enable snmp enable web=enable exit ################### #################[...]
-
Página 63
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE ============== ================= ================ ==================== = 1 server 192.168.5.2 -- ****** 2 -- -- -- -- 3 -- -- -- -- 4 -- -- -- -- 5 -- -- -- -- 6 -- -- -- -- 7 -- -- -- -- 8 -- -- -- -- 9 -- -- -- -- 10 -- -- -- -- Magnum6K25(access)# # F IGURE 42 – Creating host entries on MNS-6K Syntax more [...]
-
Página 64
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE gvrp GVRP settings snmp SNMP settings web Web and SSL/TLS settings tacacs TACACS+ settings auth 802.1x Settings igmp IGMP Settings smtp SMTP settings If the module name is not specified the whole configuration is displayed. Magnum6K25# show config [HARDWARE] type=Magnum6K25 slotB=8 Port TP Mod ule ########### #[...]
-
Página 65
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE deftrapcomm=public authtrap=disa ble com2sec _cou nt=0 group_count =0 view_count=1 view1_name=all view1_type=inc luded view1_subtree=.1 view1_mask=ff --more— <additional lines deleted for succinct viewing> F IGURE 45 – displaying specific modules using the ‘show config’ command Magnum6K25# show co[...]
-
Página 66
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# set secrets hide Secrets will be hidden. Magnum6K25# set secrets show Secrets will be visible. Magnum6K25# F IGURE 47 – Hide or display system passwords Er asing configur ation To erase the configuration and reset the configurations to factory default, you can use the command ‘kill config’. Th[...]
-
Página 67
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE smtp SMTP settings If the module name is not specified the whole configuration is erased. For example, ‘kill config save=system’ preserves the system IP address, netmask and default gateway. Magnum6K25# kill config save=system Do you want to erase the c onfiguration? [ 'Y' or 'N'] Y Succ[...]
-
Página 68
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE List of commands in this c ha pter Syntax set bootmode type=<dhcp|bootp|manual |auto> [bootimg=<enable|disable>] [bootcfg=[<enable|disable>] – assign the boot mode for the switch Where <dhcp|bootp|manual|auto> - where dhcp – look only for DHCP servers on the network for the IP addres[...]
-
Página 69
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax set serial [baud=<rate>] [data=<5|6 |7|8>] [parity=<none|odd|even>] [stop=<1|1.5|2>] [flowctrl=<none|xonxoff> ] – sets serial port parameters Syntax snmp – enter the snmp configuration mode Syntax setvar [sysname|syscontact|syslocation]=<string> - sets the system n[...]
-
Página 70
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Where <get|put|list|del> - different ftp operations [type=<app|config|oldco nf|script|hosts|log>] – optional type field. This is useful to specify whether a log file or host file is uploaded or downloaded. This can also perform the task of exporting a configurat ion file or uploading a new image t[...]
-
Página 71
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Where <get|put> - different xmodem file transfer operations – get a file from the server or put the information on the server [type=<app|config|oldco nf|script|hosts|log>] – optional type field. This is useful to specify whether a log file or host file is uploaded or downloaded. This can also pe[...]
-
Página 72
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 71 Syntax show timezone – shows the system timezone Syntax show date – shows the system date Syntax show uptime – shows the amount of time the switch has been o perational[...]
-
Página 73
Chapter 4 4 – IPv6 Next generation IP addr essing his section explains how the access to the GarrettCom Magnum MNS-6K can setup using IPv6 instead of IPv4 addressing described earlie r. IPv6 provides a much larger address space and is required today by many. IPv6 is a vailable in MNS-6K-SECURE version only. T Assumptions It h o is assumed here th[...]
-
Página 74
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE incremental, with few or no critical interdepe ndencies. Most of today's internet uses IPv4, which is now nearly twenty years old. IPv4 has b een remarkably resilient in spite of its age, but it is beginning to have problems. Most importantly, there is a growing shortage of IPv4 addresses, which are needed[...]
-
Página 75
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 74 used as an identifier for the node. A single interface may be assigned multiple IPv6 addresses of any type. There are three types of IPv6 addresses. These are unicast, anycast, and multicast. Unicast addresses identify a single interface. Anycast a ddresses identify a set of interfaces such that a packet sen[...]
-
Página 76
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 75 Magnum6K25# ipconfig ip=fe80::220 :6ff:fe 25:ed80 mask=ffff:ffff:ffff:ffff:: Action Parameter Missing. "add" assumed. IPv6 Parameters Set. Magnum6K25# show ipv6 IPv6 Address : fe80::220:6 ff:fe25:ed80 mask : ffff:ffff:ffff :ffff:: Magnum6K25# show ipconfig IP Address : 192.168.5.5 Subnet Mask : 255[...]
-
Página 77
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 76[...]
-
Página 78
77 5 – DHCP Ser v er Access to other devices on the netw ork…. his feature is available in MNS-6K-SECUR E only. This section explains how DHCP services can be provided for devices on the network. MNS-6K can provide DHCP services. Network administrators use Dynamic Host Configur ation Protocol (DHCP) servers to administer IP addresses and other [...]
-
Página 79
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 78 As described earlier, the Dynamic Host Configuration Protocol (DHCP) automates the assignment of IP addresses, subnet masks, defa ult gateway, DNS servers and other IP parameters. When a DHCP configured machine boots up or regains connectivity after a power outage or network outage, the DHCP client sends a q[...]
-
Página 80
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE intervention. Most administrators prefer to use static IP addresses (which are allocated out for such purposes) instead of using the manual mode. Allocating specific IP address for specific network s or VLANs also aids in securing the network. Firewall rules or access rules can be written and designed for speci[...]
-
Página 81
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The client broadcasts on the physical subnet to find available servers. Network administrators can configure a local router to forward DHCP packets to a DHCP server on a different subnet. This client-implementation creates a UDP packet with th e broadcast destination of 255.255.255.255 or subnet broadcast addre[...]
-
Página 82
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE acknowledgement to the client. The system as a whole expects the client to configure its network interface with the supplied options. DHCP Inf or ma tion The client sends a request to the DHCP server: eith er to request more information than the server sent with the original DHCP ACK; or to repeat data for a pa[...]
-
Página 83
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax - reserve-ip ip=<ip> [mac=<mac>] - reserve a specific IP address for a device Syntax - clear-reserveip ip=<ip> - clear the reverse IP assigned Syntax - show dhcpsrv <config|stat us|leases> - display the DHCP server co nfiguration, leases as well as status DHCP Services are availab[...]
-
Página 84
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 83 Gateway : 192.168.10.1 Lease time : 8 Hours Magnum6K25(dhcpserv er)## dhcpsrv stop The Server takes few seconds to Stop...................... ........... Magnum6K25(dhcpserv er)## exit Magnum6K25# F IGURE 51 – Setting up DHCP Server on MNS-6K-SECURE List of commands in this c ha pter Syntax - dhcpsrv <s[...]
-
Página 85
Chapter 6 6 – SNTP Ser v er Synchr oniz ing the time…. fter discussing how to setup an SNTP client in an earlier chapter, it is important to figure out where the synchronizing server or the clock synchronization information comes from. This chapter discusses the details on how a Magnum switch can be setup as a SNTP server. A SNTP - prerequisite[...]
-
Página 86
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Time or Temps Atomique International (TAI) by inserting leap seconds at intervals of about 18 months. UTC time is disseminated by various m eans, including radio and satellite navigation systems, telephone modems and portable clocks. In 1981 the time synchronizati on technology was documented in the now histori[...]
-
Página 87
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Stratum 2 devices will peer with other Stratum 2 devices to provide more stable and robust time for all devices in the peer group. Stratum 2 devices normally act as servers for Stratum 3 NTP requests. Stratum 3 These devices employ exactly the same NTP functions of peering and data sampling as Stratum 2, and ca[...]
-
Página 88
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE MNS-6K-SECURE Implementa tion Syntax sntpserver – enter the SNTP Server configuration mode Syntax sntpsrv <start|stop> - Start or stop the SNTP Services Syntax show sntpsrv – display the status of SNTP server The usage of the commands are shown below. Magnum6K25# sntpserver Magnum6K25(sntpserv er)## M[...]
-
Página 89
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 88 List of commands in this c ha pter Syntax sntpserver – enter the SNTP Server configuration mode Syntax sntpsrv <start|stop> - Start or stop the SNTP Services Syntax show sntpsrv – display the status of SNTP server[...]
-
Página 90
Chapter 7 7 – Access Consider a tions Securing the switch access…. his section explains how the access to the GarrettCom Magnum MNS-6K can be secured. Further security considerations are also covered such as securing access by IP address or MAC address. T Securing access It as ac is assumed here that the user is familiar with issues concerning [...]
-
Página 91
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE P or t Security The port security feature can be used to bloc k computers from accessing the network by requiring the port to validate the MAC addre ss against a known list of MAC addresses. This port security feature is provided on an Et hernet, Fast Ethernet, or Gigabit Ethernet port. In case of a security vi[...]
-
Página 92
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(port-security )## F IGURE 56 – Port security configuration mode From the port-security configuration mode , the switch can be configured to: 1) Auto-learn the MAC addresses 2) Specify individual MAC addresses to allow access to the network 3) Validate or change the settings The commands for doing t[...]
-
Página 93
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Note 1: There is a limitation of 200 MA C addresses per port and 500 MAC addresses per Switch for Port Security. Note 2: All the commands listed above have to be executed under the port-security configuration mode. Syntax clear <history|log [1..5 |informational |activity |critical |fatal |debug] |terminal |a[...]
-
Página 94
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 11 ENABLE NONE NONE DISABLE 0 Not Configured 12 ENABLE NONE NONE DISABLE 0 Not Configured 13 ENABLE NONE NONE DISABLE 0 Not Configured 14 ENABLE NONE NONE DISABLE 0 Not Configured 15 ENABLE NONE NONE DISABLE 0 Not Configured 16 ENABLE NONE NONE DISABLE 0 Not Configured Magnum6K25(port-security )## F IGURE 60 ?[...]
-
Página 95
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 00:07:50:ef:31:40 00:e0:29:22:15:85 00:03:47:ca:ac:45 00:30:48:70:71:23 00:c1:00:7f:ec:00 11 ENABLE NONE NONE ENABLE 0 00:c1:00:7f:ec:00 13 ENABLE NONE NONE DISABLE 0 00:c1:00:7f:ec:00 F IGURE 62 – Allowing specific MAC address on specific ports. After the MAC addr ess is specified, the port or specific ports[...]
-
Página 96
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 9) (Optional step) Set the notification to notif y the management station on security breach attempts (Use command ‘signal port’ to make a log entry or send a trap) Magnum6K25# port-security Magnum6K25(port-security )## ps enable Port Security is already enabled Magnum6K25(port-se curity)## learn p ort=11 e[...]
-
Página 97
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Once port security is setup, it is important to manage the log and review the log often. If the signals are sent to the trap receiver, the traps should also be reviewed for intrusion and other infractions. Syslog and Logs Logs are available on MNS-6K as well as MNS-6K-SECURE. Syslog functionality is a feature o[...]
-
Página 98
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Code Description 0 Emergency (or Fatal) system is unusable – called “fatal” in show log command 1 Alert : action must be taken immediately 2 Critical : critical conditions 3 Error : error conditions 4 Warning : warning conditions 5 Notice : normal but significant condition – called “note” in show lo[...]
-
Página 99
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The ‘show log’ command displays the log information and the ‘clear log’ command clears the log entries. Syntax show log [fatal|alert|crit| error|warn|note|info|debug] – display the log Syntax clear log [fatal|alert|c rit|error|warn|note|info|debug] – clear the log Syntax set logsize size=<1-1000&[...]
-
Página 100
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Note 06-23-2007 05:59:02 P.M SNTP:SNTP Clie nt Started Note 06-23-2007 05:59:09 P.M SNTP:SNTP Time Synch roni zed Note 06-23-2007 05:59:10 P.M SNTP:SNTP Time Synch roni zed Note 06-23-2007 05:59:36 P.M CLI:Sessi on Started from Telnet: 192.168.5.2 Note 06-23-2007 05:59:39 P.M SNTP:SNTP Time Synch roni zed Note [...]
-
Página 101
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Server Added Magnum6K25 (syslog)## show syslog SysLog Status: Disabled Server ID: 1 SysLog Server Host : 192.168.5.2 Server Logging : Disabled Log Events : Default Server ID: 2 SysLog Server Host : 192.168.5.98 Server Logging : Disabled Log Events : Default Local Log Events : Default Magnum6K25 (syslog)## serve[...]
-
Página 102
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Server Enabled Magnum6K25 (syslog)## show syslog SysLog Status: Disabled Server ID: 2 SysLog Server Host : 192.168.5.98 Server Logging : Enabled Log Events : warn Local Log Events : Default Magnum6K25 (syslog)## syslog enable SysLog Enabled Magnum6K25 (syslog)## show syslog SysLog Status: Enabled Server ID: 2 S[...]
-
Página 103
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE attempts. This provides a chronological en try of all intrusions attempted on a specific port. The event log records events as single-line entries listed in chronological order, and serves as a tool for isolating problems. Each event log entry is composed of four fields Severity – the level of severity (see b[...]
-
Página 104
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE deny – deny specified services for specified IP addresses – IP addresses can be individua l stations, a group of stations or subnets. Th e range is determined by the IP address and netmask settings remove – eliminate specified entry fr om the authorized manager list removeall – remove all aut horized ma[...]
-
Página 105
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax configure port-security – sets the port authorization based on MAC addresses Syntax port-security – configure port security settings Syntax allow mac=<address|list|range> port=<num|list |range> - specify a specific MAC address or MAC address list Syntax learn port=<number-list> <[...]
-
Página 106
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 105 Syntax deny ip=<ipaddress> mask=< netmask> service=<name|li st> - deny specific IP address or range of IP addresses Syntax remove ip=<ipaddress> mask=<netmask> - delete a specific IP address from the access or trusted host list Syntax removeall – remove all IP addresses of tr[...]
-
Página 107
Chapter 8 8 – Access Using RADIUS Using a RADIUS ser ver to authenticate access…. his feature is available in MNS-6K-S ECURE only. The IEEE 802.1x standard, Port Based Network Access Control , defines a mechanism for port-based network access control that makes use of the physical access characteris tics of IEEE 802 LAN infrastructure. It provi[...]
-
Página 108
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE received from the supplicant to a suitable authentication server. This allows the verification of user credentials to determine the consequent port authorization state. It is important to note that the authenticator’s functionality is independent of the actual authentication method. It effectively acts as a p[...]
-
Página 109
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 108 F IGURE 69 – 802.1x authentication details 1. The supplicant (laptop/host) is initially blocked from accessing the network. The supplicant wanting to access these services starts with an EAPOL-Start frame 2. The authenticator (Magnum 6K switch), upon receiving an EAPOL-start frame, sends a response with a[...]
-
Página 110
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The Magnum MNS-6K software implements the 802. 1x authenticator. It fully conforms to the standards as described in IEEE 802.1x, implementing all the state machines needed for port- based authentication. The Magnum MNS-6K So ftware authenticator supports both EAPOL and EAP over RADIUS to communicate to a standa[...]
-
Página 111
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE maxreq – [optional] The maximum number of time s the authenticator will retransmit an EAP Request packet to the Supplicant before it times out the authentication session. Its default value is 2. It can be set to any integer value from 1 to 10. Syntax portaccess port=<num|list|range> [q uiet=<0-65535&[...]
-
Página 112
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(auth)## auth disable 802.1X Authenticator is disabled. Magnum6K25(auth)## au thserver ip=192.168.1.239 secret=secret This command is not necess ary, however is shown for completeness in case there wa s a RADIUS server defined and a previously se t authentication scheme Successfully set RADIUS Aut hen[...]
-
Página 113
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(auth)## show-port bac kend Port Supp Timeout Server Timeout Max Request (sec) (sec) ========== ================ ================= ====== 1 30 30 2 2 45 60 5 3 30 30 2 4 30 30 2 5 30 30 2 6 30 30 2 7 30 30 2 8 30 30 2 9 30 30 2 10 30 30 2 11 30 30 2 12 30 30 2 13 30 30 2 14 30 30 2 15 30 30 2 16 30 30[...]
-
Página 114
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(auth)## show-port reauth Port Reauth Status Reauth Period (sec) ========== ================ ================= ====== 1 Enabled 300 2 Enabled 3600 3 Enabled 3600 4 Enabled 3600 5 Enabled 3600 6 Enabled 3600 7 Enabled 3600 8 Enabled 3600 9 Enabled 3600 10 Enabled 3600 11 Enabled 3600 12 Enabled 3600 13[...]
-
Página 115
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE List of commands in this c ha pter Syntax auth - configuration mode to conf igure the 802.1x parameters Syntax show auth <config|ports> - show the 802.1x configuration or port status Syntax authserver [ip=<ip-addr>] [ udp=<num>] [secret=<string>] - define the RADIUS server – use UDP so[...]
-
Página 116
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 115 Syntax reauth port=<num|list|range> [status=<e nable|disable>] [period=<10-86400>] - set values on how the authenticator (Magnum 6K switch) does the re-authen tication with the supplicant or PC port – [mandatory] – ports to be configured status – [optional] This enables/disables re-a[...]
-
Página 117
Chapter 9 9 – Access Using T A CA CS+ Using a TACACS+ ser ver to authenticate access…. his feature is available in MNS-6K-SECURE. TACACS+, short for Terminal Access Controller Access Control System, protocol prov ides access control for routers, network access servers and other networked computing de vices via one or more centralized servers. T[...]
-
Página 118
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE T ACA CS+ F lo w TACACS works in conjunction with the local use r list on the MNS-6K software (operating system.) Please refer to User Management for adding users on the MNS-6K software. The process of authentication as well as authoriz ation is shown in the flow chart below. Login User in Local User Lis t? Yes[...]
-
Página 119
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE is authentication where the user is verified against the network user database. The second stage is authorization, where it is determined whether th e user has operator access or manager privileges. T ACA CS+ Pac k et Packet encryption is a supported and is a configurable option for the Magnum MNS-6K software. [...]
-
Página 120
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax tacplus <enable|disable> [ or der=<tac,local | local,tac>] - enable or disable TACACS authentication, specifying the order in which the serv er or local database is l ooked up where “tac,local” implies, first the TACAS+ server, then local logi ns on the device. Default order is Local then[...]
-
Página 121
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE ========== ================ ================= ===== 1 10.21.1.170 49 Enabled secret 2 10.21.1.123 49 Enabled some 3 -- -- -- -- 4 -- -- -- -- 5 -- -- -- -- Magnum6K25(user)## tacserver delete id=2 TACACS+ server is d elete d. Magnum6K25(user)## show tacplus servers ID TACACS+ Server Port Enc rypt Key ==========[...]
-
Página 122
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 121 [key=<string>] – [optional for add, mandatory with encrypt] when encryption is enabled, the secret shared key string must be supplied [mgrlevel=<level>] and [oprlevel=<level>] – [optional] specifies the manager and operator level as defined on the TACACS+ server for the respective leve[...]
-
Página 123
Chapter 10 10 – P or t Mir r oring and Setup Setup the ports for netw ork speeds , perfor mance as w ell as for monitoring…. his section explains how individual characteris tics of a port on the GarrettCom Magnum 6K family of switches are setup. For monitoring a specific port, the traffic on a port can be mirrored on another port and viewed by [...]
-
Página 124
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The set of commands show how port 11 is mirrored on port 13. Any traffic on port 11 is also sent on port 13. Magnum6K25# show port-mirror Sniffer Port : 0 Monitor Port : 0 Mirroring State : disabled Magnum6K25# port-mirror Magnum6K25(port-mirror)## setpor t monitor=11 sniffer=13 Port 11 set as Monitor Port Port[...]
-
Página 125
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE speed – specifically sets the speed to be 10 or 100Mbps. Note – this works only with 10/100 ports – with 10Mbps ports, the option is ignored. No error is shown. See speed settings section below. flow – sets up flow control on the port. See Flow Control section below bp – back pressure – enables back[...]
-
Página 126
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE with the 802.3u standard, then the port conf iguration on the switch must be manually set to match the port configuration on the other device. Possible port setting combinations for copper ports are: • 10HDx: 10 Mbps, Half-Duplex • 10FDx: 10 Mbps, Full-Duplex • 100HDx: 100 Mbps, Half-Duplex • 100FDx: 10[...]
-
Página 127
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE where xonlimit can be from 3 to 30, default value is 4 xofflimit from 3 to 127, default value is 6 Syntax show flowcontrol Bac k Pr essur e Back Pressure is for half duplex operations and the controls provided indicates the number of buffers allowed for incoming traffic before a xon/xoff message is sent. Disabl[...]
-
Página 128
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# device Magnum6K25(device)## show flowcontrol XOnLimit : 4 XOffLimit : 6 Magnum6K25(device)## flowcontrol xonlimit=10 xofflimit=15 XOn Limit set successf ully XOff Limit set success fully Magnum6K25(device)## show flowcontrol XOnLimit : 10 XOffLimit : 15 Magnum6K25(device)## show backpressure Rx Buff[...]
-
Página 129
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Port Back Pressure : Disable Port Events Notify : log,trap,alarm Magnum6K25(device)## setport port=11 flow=enable bp=enable Magnum6K25(device)## show port Keys: E = Enable D = Disable H = Half Duplex F = Full Duplex M = Multiple VLAN's NA = Not Applicable LI = Listening LE = Learning F = Forwarding B = Blo[...]
-
Página 130
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 129 programs (including some network games) ar e used. Storms can reduce network performance and cause bridges, routers, workstations, serv ers and PC's to slow down or even crash. Pr e v enting br oadcast stor ms The Magnum 6K family of switches is capa ble of detecting and limiting storms on each port. A[...]
-
Página 131
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 130 13 Enabled 19531 0 NO 14 Enabled 19531 0 NO 15 Enabled 19531 0 NO 16 Enabled 19531 0 NO Magnum 25(device ) # rate-threshold p rate 6K # ort=11 =3500 Broadcast Rate Threshold set Magnum6K25(de vice)## show broadcast-prote ct ======================= ========================== ===================== PORT | STAT[...]
-
Página 132
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 131 Syntax flowcontrol xonlimit=<value> xofflimit =<value> - configure flow control buffers yntax show flowcontrol – display flow control buffers yntax backpressure rxthreshold=<value> - configure backpressure b uffers yntax show backpressure – display backpressure buffers yntax broadcast-[...]
-
Página 133
132 11 – VLAN Cr eate separate netw ork segments (collision domains) across Magnum 6K family of switches….. hort for virtual LAN (VLAN) , a VLAN creates separate collision do mains or network segments that can span multiple Magnum 6K fami ly of switches. A VLAN is a group of ports designated by the switch as belonging to the same broadcast doma[...]
-
Página 134
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 133 A group of network users (ports) assigned to a VLAN form a broadcast domain. Packets are forwarded only between ports that are de signated for the same VLAN. Cross-domain broadcast traffic in the switch is elimina ted and bandwidth is saved by not allowing packets to flood out on all ports. For many reas on[...]
-
Página 135
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 134 MNS-6K-SECURE supports up to 256 VLANs. F IGURE 80 – routing between different VLANs is perfor med usi ng a router such as a Magnum DX device or a Layer 3 switch (L3-switch) MNS-6K supports up to 32 VLANs per switch. MNS-6K-SECURE supports up to 256 VLANs per switch. Cr ea ting VLANs Creating VLAN and to [...]
-
Página 136
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax add id=<vlan Id> [name=<v lan na me>] port=<number|list|range> [forbid=<number|list|range>] [<mgt|nomgt>] Disabling Management on VLAN Use the <nomgt> option when creating a VLAN as shown in the add id command abov e. Starting VLANs Syntax start vlan=<name|number|li[...]
-
Página 137
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE have access to that information. No one else can access that VLAN. Similarly, if another switch had video surveillance equipment on VL AN 20 then only ports with access to VLAN 20 can have access to the video surveillance information. Finally, one port can belong to multiple VLANs – so depending on the functi[...]
-
Página 138
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 1. A word of caution – when TAG VLAN filtering is enabled, there can be serious connectivity repercussions – the only way to recove r from that it is to reload the switch without saving the configuration or by modifying the configuration from the console (serial) port 2. There can be either TAG VLAN on MSN-[...]
-
Página 139
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE VLAN ID: 30 Name : marketing Status : Active ========== ============== PORT | STATUS ========== ============== 14 | DOWN Magnum6K25(port-v lan)## stop vlan=all All active VLAN's stopped. Magnum6K25(port-v lan)## exit Magnum6K25# show active-vlan Tag VLAN is currently active. Magnum6K25# show vlan VLAN ID: [...]
-
Página 140
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Tag based vlan Added Successfully. Vlan id :20 Vlan name : sales Ports :14-16 Magnum6K25(tag-vlan)## add id=20 name=marketing port=14-16 ERROR: Duplicate Vlan Id Magnum6K25(tag-vlan)## add id=30 name=marketing port=14-16 Tag based vlan Added Successfully. Vlan id :30 Vlan name : marketing Ports :14-16 Magnum6K2[...]
-
Página 141
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 14 | UNTAGGE D | DOWN 15 | UNTAGGE D | DOWN 16 | UNTAGGED | DOWN VLAN ID: 30 Name : marketing Status : Pending ---------- -------------- ---------------- ------------ PORT | MODE | STATUS ---------- -------------- ---------------- ------------ 14 | UNTAGGE D | DOWN 15 | UNTAGGE D | DOWN 16 | UNTAGGED | DOWN Mag[...]
-
Página 142
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE ---------- -------------- ---------------- ------- PORT | MODE | STATUS ---------- -------------- ---------------- ------- 14 | UNTAGGED | DOWN 15 | UNTAGGED | DOWN 16 | UNTAGGED | DOWN VLAN ID: 20 Name : sales Status : Active ---------- -------------- ---------------- ------- PORT | MODE | STATUS ---------- --[...]
-
Página 143
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 2 | UNTAGGED | DOWN 3 | UNTAGGED | DOWN 4 | UNTAGGED | DOWN 5 | UNTAGGED | DOWN 6 | UNTAGGED | DOWN 7 | UNTAGGED | DOWN 8 | UNTAGGED | DOWN 9 | UNTAGGED | DOWN 10 | UNTAGGED | DOWN 11 | UNTAGGED | DOWN 12 | UNTAGGED | DOWN 13 | UNTAGGED | DOWN 14 | UNTAGGED | DOWN 15 | UNTAGGED | DOWN 16 | UNTAGGED | DOWN VLAN [...]
-
Página 144
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Port 1 Default ID : 1 Filter Status : DISABLED. VLAN Memberships: Vlan: 1 Status : Active UNTAGGED Port 2 Default ID : 1 Filter Status : DISABLED. VLAN Memberships: Vlan: 1 Status : Active UNTAGGED <Deleting repeated information for port s 3 through 12> Port 13 Default ID : 1 Filter Status : DISABLED. VLA[...]
-
Página 145
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(tag-vlan)## show-port VLAN Port Status. Port 1 Default ID : 1 Filter Status : DISABLED. VLAN Memberships: Vlan: 1 Status : Active UNTAGGED Port 2 Default ID : 1 Filter Status : DISABLED. VLAN Memberships: Vlan: 1 Status : Active UNTAGGED <Deleting repeated information for port s 3 through 12> P[...]
-
Página 146
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE VLAN Port Status. Port 14 Default ID : 1 Filter Status : ENABLED. VLAN Memberships: Vlan: 1 Status : Active UNTAGGED Vlan: 10 Status : Active TAGGED Vlan: 20 Status : Active TAGGED Vlan: 30 Status : Active TAGGED In the above example, "s how-port" command provides a perspe ctive on which VLANs are ass[...]
-
Página 147
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax set-port port=<number|list|range> ta gging id=<number> status=<tagged| untagged> defines whether the outgoing packets from a port will be tagged or untagged. Syntax set-port port=<number|list |range> join id=<number> adds the specified port(s) to the specified VLAN id Syntax[...]
-
Página 148
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Chapter 12 12 – Spanning T r ee Pr otocol (STP) Cr eate and manage alter nate paths to the netw ork panning Tree Protocol was designed to avoi d loops in an Ethernet network. An Ethernet network using switches can have redundant pa ths – this may however cause loops and to prevent the loops MNS-6K software [...]
-
Página 149
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 148 V ariable or Attribute Default Value STP capabilities Disabled reconfiguring general operation priorit y 32768 Bridge maximum age 20 seconds Hello t ime 2 seconds Forward dela y 15 seconds R econfiguring per-port STP path cos t 0 Priorit y 32768 Mode Normal Monitoring of STP Not Available Root Por t Not se [...]
-
Página 150
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 149 Bridge ID : 80:00:00:20:06:25:ed:80 Bridge Priority : 32768 Bridge Forward Delay : 15 Bridge Hello Time : 2 Bridge Max Age : 20 Root Port : 0 Root Path Cost : 0 Designated Root : 80:00:00:20:06:25:ed:80 Designated Root Priority : 32768 Root Bridge Forward Delay : 15 Root Bridge Hello Time : 2 Root Bridge Ma[...]
-
Página 151
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 150 Designated Root : shows the MAC address of the bridge in the network elected or esignated as the root bridge. Normally when STP is not enabled the switch designates rity : shows the designated root brid ge’s priority. Default value is 2768 ridge Forward Delay : indicates the designated root bridge’s for[...]
-
Página 152
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 151 Priority: STP uses this to determine which por ts are used for forwarding. Lower the umber means higher priority. Value ranges from 0 to 255. Default is 128 mine the rwarding points. Values range from 1 to 65535 alues can be Listening, Learning, orwarding, Blocking and Disabled. ated root bridge nfiguration[...]
-
Página 153
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 152 STP CONFIGURATION ------------ -- --- Spanning Tree Enabled(Global) : YES Spanning Tree Enabled(Ports) : YES, 9,10,11,12,13,14,15,16 Protocol : Normal STP Bridge ID : 80:00:00:20:06:25:ed:80 Bridge Priority : 32768 Bridge Forward Delay : 15 Bridge Hello Time : 2 Bridge Max Age : 20 Root Port : 0 Root Path C[...]
-
Página 154
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 153 : specifies the switch (bridge) priority va lue. Priority This value is used along with the witch MAC address to determine which switch in the network is the root device. Lower h ports re the forwarding points. A higher cost me ans the link is “more expensive” to use and port from participat ing in STP [...]
-
Página 155
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 154 STP Port Configuration ---------- -------------- ---------------- -------------- ---------------- ---------------- -------------- ---------------- ---- Port# Type Priority Path Cost State Des. Bri dge Des. Port ---------- -------------- ---------------- -------------- ---------------- ---------------- -----[...]
-
Página 156
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 155 14 TP(10/100) 128 100 Disabled 80:00:00:20:06:25:ed:80 80:0e 15 TP(10/100) 128 100 Disabled 80:00:00:20:06:25:ed:80 80:0f 16 TP(10/100) 128 100 Disabled 8 0:00:00:20:06:25:ed:80 80:10 Magnum6K25(stp)## priority value= 15535 Successfully set the bridge priority Magnum6K25(stp)## show stp config STP CONFIGURA[...]
-
Página 157
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 156 Setting cost for STP...Successfully set the path cost for port 13 Magnum6K25(stp)## show stp ports STP Port Configuration ---------- -------------- ---------------- -------------- ---------------- ---------------- -------------- ---------------- ---- Port# Type Priority Path Cost State Des. Bri dge Des. Por[...]
-
Página 158
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 157 Magnum6K25(stp)## show stp config STP CONFIGURATION ------------ -- --- Spanning Tree Enabled(Global) : YES Spanning Tree Enabled(Ports) : YES, 9,10,11,12,13,14,15,16 Protocol : Normal STP Bridge ID : 80:00:00:20:06:25:ed:80 Bridge Priority : 15535 Bridge Forward Delay : 15 Bridge Hello Time : 2 Bridge Max [...]
-
Página 159
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 158 RSTP CONFIGURATION ------------ -- --- Rapid STP/STP Enabled(Global) : NO Magnum6K25(stp)## F IGURE 86 – Configuring STP parameters List of commands in this c ha pter his command lists the switch’s full STP configuration, including ge s rt (Enable) or stop (Disable) STP -65535> - specifies the port o[...]
-
Página 160
Chapter 13 13 – Rapid Spanning T r ee Pr otocol (RSTP) Cr eate and manage alter nate paths to the netw ork apid Spanning Tree Protocol (RTSP), like STP, was designed to avoid loops in an Ethernet network. Rapid Spanning Tree Protocol (RSTP) (IEEE 802.1w) is an evolution of the Spanning Tree Protocol (STP) (802.1d standard ) and provides for faste[...]
-
Página 161
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE • STP relays configuration messages receive d on the root port going out of its designated ports. If an STP switch (bridge) fails to receive a message from its neighbor it cannot be sure where along the path to the root a failure occurred. RSTP switches (bridges) generate their ow n configuration messages, ev[...]
-
Página 162
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Even though RSTP interoperates with STP, RSTP is so much more efficient at establ ishing the network path and the network convergence in case of a failure is very fast. For this reason, GarrettCom recommends that all your network devices be updated to support RSTP. RSTP offers convergence times typically of les[...]
-
Página 163
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax rstp <enable|disable> - enable RSTP – by default, this is disabled and has to be manually activated Syntax port port=<number|list|range> [status=<enable|disable>] [migration=<enable>] [edge=<enable|disable>] [p2p=<on|off|auto>] Example port port=<number|list|range[...]
-
Página 164
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE RSTP CONFIGURATION ------------ -- --- Rapid STP/STP Enabled(Global) : YES RSTP/STP Enabled Ports : 9,10,11,12,13,14,15,16 Protocol : Normal RSTP Bridge ID : 00:00:00:20:06:25:ed:89 Bridge Priority : 0 Bridge Forward Delay : 15 Bridge Hello Time : 02 Bridge Max Age : 20 Root Port : 0 Root Path Cost : 0 Designat[...]
-
Página 165
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Root Path Cost : a path cost is assigned to indivi dual ports for the switch to determine which ports are the forwarding points. A higher cost means more loops; a lower cost means fewer loops. More loops equal more traffic an d a tree which takes a long time to converge – resulting in a slower system Designat[...]
-
Página 166
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Port#: indicates the port number. Value ranges from 01 to max number of ports in the switch Type: indicates the type of port – TP indicates Twisted Pair Priority: STP uses this to determine which ports are used for forwarding. Lower the number means higher priority. Value ranges from 0 to 255. Default is 128 [...]
-
Página 167
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 06 TP(10/100) 128 200000 Forwar ding 80:00:00:2 0:06:30:00:01 00:06 07 TP(10/100) 128 200000 Discardi ng 80:00:00:20:06:2b:0f:e1 00:07 08 TP(10/100) 128 2000000 Disabled 00:08 09 Gigabit 128 20000 Forwarding 80:00:00:20:06:2b:0f:e1 00:09 10 Gigabit 128 20000 Forwarding 80:00:00:20:06:30:00:01 00:0a Magnum6K25# [...]
-
Página 168
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Status: Enables or disables a port from participat ing in STP discovery. It’s best to only allow trunk ports to participate in STP. End st ations need not participate in STP process. Forward-Delay : indicates the time duration the switch will wait from listening to learning states and from learning to forward[...]
-
Página 169
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Root Port : 0 Root Path Cost : 0 Designated Root : 00:00:00:20:06:25:ed:89 Designated Root Priority : 0 Root Bridge Forward Delay : 15 Root Bridge Hello Time : 02 Root Bridge Max Age : 20 Topology Change count : 0 Time Since topology Chg : 33 Magnum6K25(rstp)## show rstp ports RSTP Port Configuration ----------[...]
-
Página 170
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Root Bridge Max Age : 20 Topology Change count : 0 Time Since topology Chg : 100 Magnum6K25(rstp)## forceversion rstp Magnum6K25(rstp)## show-forceversion Force Version : Normal RSTP Magnum6K25(rstp)## show rstp config RSTP CONFIGURATION ------------ -- --- Rapid STP/STP Enabled(Global) : YES RSTP/STP Enabled P[...]
-
Página 171
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(rstp)## priority port=13 value=100 Magnum6K25(rstp)## show rstp ports RSTP Port Configuration ---------- -------------- ---------------- -------------- ---------------- ---------------- -------------- ------------- Port# Type Priority Path Cost State Des. Bridge Des . Port ---------- -------------- -[...]
-
Página 172
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 16 TP(10/100) 128 2000000 Disabled 00:10 Magnum6K25(rstp)## port port=9 status=enable Magnum6K25(rstp)## show rstp ports RSTP Port Configuration ---------- -------------- ---------------- -------------- ---------------- ---------------- -------------- -------------- Port# Type Priority Path Cost State Des. Brid[...]
-
Página 173
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE List of commands in this c ha pter Syntax set stp type=<stp|rstp> - Set the switch to support RSTP or chan ge it back to STP. Need to save and reboot the switch after this command Syntax rstp – enter the RSTP configuration mode Syntax rstp <enable|disable> - enable RSTP – by default, this is dis[...]
-
Página 174
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 173 Syntax timers forward-delay=<4-30> hello=<1-10> age=<6-160> - change the STP Forward delay, Hello timer and Aging timer values[...]
-
Página 175
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Chapter 14 14 – S-Ring™ and Link-Loss-Lear n™ (LLL) Speed up r ecover y fr om faults in Ether net networks S -Ring uses ring topology to provide fast recovery from faults. These are based on industry standard STP technologies. These technologies have been adapted to ring recovery applications by GarrettCo[...]
-
Página 176
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE S-Ring and LLL concepts S-Ring is built upon networking software standards such as IEEE 02.1d Spanning Tree Protocol (STP) or Rapid Spanning Tree Protocol STP) based on IEEE 802.1w. The pur pose of S-Ring is to define two orts which participate in the RSTP/STP tree structure in a ring topology as opposed to a m[...]
-
Página 177
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 3. There can be multiple S-Rings on a given Magnum 6K switch. There can be multiple ring topologies in a network. Each ring has to be a separate ring. Ring of rings or overlapping rings are not supported at this time 4. S-Ring topologies support one failure in the network. A second failure may create isolated n[...]
-
Página 178
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE S-Ring with LLL RSTP STP Resiliency Fast recovery from a single point of failure. Ring Master is responsible for decision making Multiple points of failure – each connected node can be in stand-by Multiple points of failure – each connected node can be in stand-by Software Cost Licensed per ring Included in[...]
-
Página 179
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE F IGURE 92 – Normal RSTP/STP operations in a series of sw itches. Note – this normal status is designated RING_CLOSED BP D U T r a ff i c Forward ing Port Bl ockin g Port BP D U T r a ff i c Forward ing Port Bl ockin g Port This normal status is designated as RING_CLOSED. Operations will continue this way i[...]
-
Página 180
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 179 F IGURE 93 – A fault in the ring interrupts traffic. The bl ocking port now becomes forwarding s o that traffic can reach all switches in the network Note – the mP62 as well as the ESD42 switches support LLL and can participate in S-Ring as an access switch When this change is made by RSTP/STP and bot h[...]
-
Página 181
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE F IGURE 94 – More than one S-Ring pair can be selected an d more than one S-Ring can be defined per switch. Note – the mP62 as well as the ES42 swit ches support LLL and can participate in S-Ring as an access switch Ring 1 Ring 2 Ring 1 Ring 2 More than one S-Ring port-pair may be selec ted per ring control[...]
-
Página 182
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE When the fault is cured, the re-emergence of th e ring structure enables the BPDU packets to flow again between the ring’s por t-pair. This is recognized by S-Ring (and RSTP/STP), and one of the ports in the ring’s port pair is changed to the bloc king state. S-Ring takes the recovery action immediately, no[...]
-
Página 183
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE please contact GarrettCom Inc. Sales (for purchasing the S-Ring feature) or Technical Support (to obtain the 12 character key.) If th e S-Ring capability was purchased along with the switch, the software license code will be included with the switch. Syntax authorize <module> key=<security key> - ac[...]
-
Página 184
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE • Same Duplex and • LLL - enable The necessary commands are Syntax stp – STP Configuration mode Syntax stp <enable|disable> - Start (Enable) or stop (Disable) ST P Syntax set stp type=<stp|rstp> - set the spanning tree protocol to be IEEE 802.1d or 802.1w (Spanning Tree Protocol or Rapid Spann[...]
-
Página 185
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Ports 1 and 7 Configured f or sRing O peration Magnum6K25# show s-ring Magnum Ring Status: sRing Status: ENABLED Port 1 Port 2 Status 1 7 CLOSED F IGURE 96 – S-Ring configuration commands for root switch If the BPDU stream is broken, or it finds the Link-Loss-Learn signal, the system will immediately force ST[...]
-
Página 186
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Link-Loss-Learn Enabled. Magnum6K25(stp)## lll a dd port=1,2,3 Added Ports: 1,2,3 Magnum6K25(stp)## show lll Link-Loss-Learn Status: LLL Status: ENABLED LLL Enabled on Ports: 1,2,3 Magnum6K25(stp)## lll d el port=2,3 Deleted Ports: 2,3 Magnum6K25(stp)## lll d isable Link-Loss-Learn Disa bled. F IGURE 97 – Lin[...]
-
Página 187
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 186 Syntax lll add port=<port|list|range> - enable LLL on the list of specified ports Syntax lll del port=<port|list|range> - disable LLL on the list of specified ports Syntax show lll – display the status of LLL Syntax rstp – STP Configuration mode Syntax rstp <enable|disable> - Start (En[...]
-
Página 188
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Chapter 15 15 – Dual-Homing F a ult tolerance options for edge devices esigning and implementing high-availa bility Ethernet LAN topologies in networks can be challenging. Traditi onally, the choices for redundancy for edge of the network devices were too limited, too expensive, and too complicated to be cons[...]
-
Página 189
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE F IGURE 98 – Dual-homing using ESD42 switch and Magnum 6K family of switches. In case of a connectivity break – the connection switch es to the standby path or standby link = Active li nk = Standby Link In those situations where the end device is a PoE device (for example, a video surveillance camera, as sh[...]
-
Página 190
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 189 switches upstream. With MNS-6K, the user has to define the set of ports which m ake up the dual-home ports. F IGURE 100 – Using S-Ring and dual-homing, it is possible to build networks resilient not only to a single link failure but also for one device failing on the network The following points should be[...]
-
Página 191
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Dual-Homing Modes There are two modes in which the dual-homing works. The first one is where the ports are “equivalent” i.e. if one port fa ils, the other one take over, however, if the first (failed) port recovers, the active port does not switch back. The second mode of operation is primary-sec ondary mod[...]
-
Página 192
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# dualhome ? dualhome : Configures Dual homing Usage dualhome <enter> Magnum6K25# show dualhome Dual Homing Status : DISABLED Magnum6K25# dualhome Magnum6K25(dualhome)## dualhome add port1=10 port2=11 Dual Homing Ports configured Magnum6K25(dualhome)## dualhome enable Dual Homing Enabled. Magnum[...]
-
Página 193
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 192 List of commands in this c ha pter Syntax dualhome – enter the dual-homing configuration sub-system Syntax dualhome <enable|disable> – enable or disable dual- homing Syntax dualhome add port1=<p ort#> port2=<port#> – dual-homing setup similar to that of unmanaged switches such as ESD[...]
-
Página 194
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Chapter 16 16 – Link Agg re ga tion Contr ol Pr otocol (LA CP) Incr ease Network thr oughput and r eliability ink aggregation Link Aggregation Control Pr otocol (LACP) is part of an IEEE specification (IEEE 802.3ad) that allows several physical ports to be grouped or bundled together to form a single logical [...]
-
Página 195
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The performance is improved because the capacity of an aggregated link is higher than each individual link alone. 10Mbps or 10/100Mbps or 100Mbps ports can be grouped together to form one logical link. Instead of adding new hardware to increase speed on a trunk – one can now use LACP to incrementally increase[...]
-
Página 196
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE F IGURE 102 – Some valid LACP configurations. Should trunks be created so as to span mu ltiple ports, a “tru nk mismatch” error message is printed on the console. An example of an incorrect configuration is shown below. Switch 1 Switch 2 F IGURE 103 – an incorrect LACP connection scheme for Magnum 6K fa[...]
-
Página 197
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE between the switches and hence the LACPDU cannot be transmitted. This configuration will not work in the LACP m ode. VLAN 20 VLAN 10 Switch 2 Switch 1 F IGURE 105 - In the figure above, there is no common VLAN between the two sets of ports, so packets from one VLAN to another cannot be forwarded. Th ere should [...]
-
Página 198
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE F IGURE 106 – This configuration is similar to the prev ious configuration, except there is a common VLAN (VLAN 1) between the two sets of LAC P ports. This is a valid configuration. Switch 1 Switch 2 Switch 3 F IGURE 107 – In the architecture above, using RSTP and LAC P allows multiple switches to be co nf[...]
-
Página 199
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 198 F IGURE 108 – LACP, along with RSTP/STP brings redund ancy to the network core or backbone. Using this reliable core with a dual -homed edge switch brings reliabilit y and redundancy to the edge of the network It is recommended not to use LA CP with S-Ring at this time. Since S-Ring and LACP use the same [...]
-
Página 200
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE S-Ring 2 S-Ring 1 F IGURE 109 – This architecture is not recommende d LACP can be used for creating a reliable ne twork between two fac ilities connected via a wireless bridge. As shown in the figure belo w, four trunk ports are connected to four wireless bridge pairs. This increases the e ffective throughput[...]
-
Página 201
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 200 F IGURE 110 – Creating a reliable infrastruc ture using wireless bridges (bet ween two facilities) and LACP. “A” indicates a Wi-Fi wireless Bridge or other wireless Bridges. The list of commands to c onfigure, edit and manage LACP on the Magnum 6K family of switches is the following: Syntax lacp - ena[...]
-
Página 202
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE the lowest priority value has the highest priority and is designated a s the primary port. If traffic analysis is required, it is recommende d to mirror the primary port (and physically disconnect the other ports if all traffic needs to be captured). If multiple ports have the sam e priority, the first port phy[...]
-
Página 203
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 15 32768 Link Down Magnum6K25(lacp)## ad d port=12 Port(s) added succ es sfully. Magnum6K25(lacp)## sh ow lacp Orphan Ports: Port Priority Trunk ========== =========== 12 32768 Link Down 13 32768 Link Down 14 32768 Link Down 15 32768 Link Down Magnum6K25(lacp)## exit Magnum6K25# show lacp Orphan Ports: Port Pri[...]
-
Página 204
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 203 The output of the LACP command in the network shown below F IGURE 112 – The network for the ‘show lacp’ command listed below In the figure shown above, Switch 1 has ports 11 and 15 forming the fi rst trunk, connecting to Switch 3. Switch 1 also has por ts 17 and 23 forming the second trunk on Switch 2[...]
-
Página 205
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 204 ========== =========== 17 32768 Primary Port 23 32768 Member Port F IGURE 113 – LACP information over a network List of commands in this c ha pter Syntax lacp - enable the LACP configur ation module within CLI Syntax lacp <enable | disable> - enable or disable LACP Syntax add port=<number|list|ra[...]
-
Página 206
Chapter 17 17 – Quality of Ser vice Prioritize traf fic in a network uality of Service (QoS) refers to the capa bility of a network to provide different priorities to different types of traffic. Not all traffic in the network has the same priority. Being able to differentiate different types of traffic and allowing this traffic to accelerate thro[...]
-
Página 207
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE the packet into one of the two qu eues, and depending on the precedence levels the queue could be rearranged to meet the QoS requirements. QoS refers to the level of preferential tr eatment a packet recei ves when it is being sent through a network. QoS allows time sensitive packets such as voice and video, to [...]
-
Página 208
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE IP Pr ecedence IP Precedence utilizes the three pr ecedence bits in the IPv4 head er's Type of Service (ToS) field to specify class of service for each packet. You can partition traffic in up to eight classes of service using IP precedence. The queuing technologies throughout the network can then use this [...]
-
Página 209
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Not all packets received on a port have high priority. IGMP and BPDU packets have high priority by default. The Magnum 6K family of switches has the capability to set the priorities based on three different functions. They are Port QoS : assigns a high priority to all packets received on a port, regardless of t[...]
-
Página 210
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax set-weight weight=<0-7> - sets the port priority weight for All the ports. Once the weight is set, all the ports will be the same weight across the switch. The valid value for weight is 0-7. A weight is a number calculated from the IP precedence setting for a packet. This weight is used in an algor[...]
-
Página 211
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 210 Syntax show qos [type=<port|tag|tos>] [port=<port|list|range>] – displays the QoS settings Sometimes it is necessary to change the prio rity of the packets going out of a switch. For example, when a packet is received untagged and has to be transmitted with an addition of the 802.1p priority t[...]
-
Página 212
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 211 10 | Port | DOWN 11 | None | DOWN 13 | None | DOWN 14 | None | DOWN 15 | None | DOWN Magnum6K25(qos)## show qos type=port ========== ================ ====== PORT | PRIORITY | STATUS =========== ================ ===== 1 | None | UP 2 | None | DOWN 3 | None | DOWN 5 | None | DOWN 6 | HIGH | DOWN 7 | None | DO[...]
-
Página 213
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 212 Magnum6K25(qos)## show qos type=tag ============== ================= ========= PORT | Pri for VPT | STATUS | 76543210 | ==== ============ ==== = =================== 1 | -------- | UP 2 | -------- | DOWN 3 | -------- | DOWN 5 | -------- | DOWN 6 | -------- | DOWN 7 | -------- | DOWN 9 | -------- | DOWN 10 | [...]
-
Página 214
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 213 Magnum6K25(qos)## show qos ============== ================= ========= PORT | QOS | STATUS ======= ==================== = ============ 1 | None | UP 2 | None | DOWN 3 | None | DOWN 5 | None | DOWN 6 | Port | DOWN 7 | None | DOWN 9 | None | DOWN 10 | Port | DOWN 11 | Tag | DOWN 13 | Tag | DOWN 14 | None | DOW[...]
-
Página 215
214 18 – IGMP Multicast traf fic on a network nternet G roup M anagement P rotocol (IGMP) is defined in RF C 1112 as the standard for IP multicasting in the Internet. It is used to establish host memberships in particular multicast groups on a single network. The mechanisms of the protocol allows a host to inform its local router, using Host Memb[...]
-
Página 216
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The creation of transient groups and the maintenance of group membership information is the responsibility of "multicast agents", entities th at reside in internet gateways or other special- purpose hosts. There is at least one multicast agen t directly attached to every IP network or sub- network tha[...]
-
Página 217
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE F IGURE 118 – IGMP concepts – advantages of using IGMP • PCs 1 and 4, switch 2, and all of the routers are members of an IP multicast group. (The routers operate as queriers.) • Switch 1 ignores IGMP traffic and does not distinguish between IP multicast group members and non-members. Thus, it is sending[...]
-
Página 218
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The next figure (below) shows a network running IP multicasting using IGMP without a multicast router. In this case, the IGMP-configured switch runs as a querier. PCs 2, 5, and 6 are members of the same IP multicast group. IGMP is configured on switches 3 and 4. Either of these switches can operate as querier b[...]
-
Página 219
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE groups in the IP address range of 224.0.0.0 to 224.0.0.255 will always be flooded because addresses in this range are “well known” or “reser ved” addresses. Thus, if IP Multicast is enabled and there is an IP multicast group within the rese rved address range, traffic to that group will be flooded inste[...]
-
Página 220
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE traffic only goes to the ports requesting the traf fic. The Magnum 6K family of switches, using IGMP-L2, can perform the similar tasks a Layer 3 device performs for IGMP. For a Layer 2 IGMP environment, all Magnum 6K fa mily of switches have to be enabled in the IGMP-L2. This is done using the CLI command &apos[...]
-
Página 221
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE With IGMP-L2 enabled on all Magnum 6K family of switches, this situation as shown above is prevented. This is explained in the figure below. R1 R2 R3 R4 R5 R6 T1 T1 T2 T2 L2 Mode L2 Mode L2 Mode L2 Mode F IGURE 121 - Using IGMP-L2 on Magnum 6K family of switches, a Layer 2 network can minimize multicast[...]
-
Página 222
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Since the query and the join information is exchanged between the neighboring switches, the topology does not matter. The design issue to consider is the timing difference between a topology recovery and IGMP refresh (recovery). GarrettCom Magnum 6K family of switches, connected in an S-Ring topology recovers v[...]
-
Página 223
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE group del ip=<group ip> - delete ports from a specific IGMP broadcast group Magnum6K25# igmp Magnum6K25(igmp)## igmp enable IGMP is enabled Magnum6K25(igmp)## show igmp IGMP State : Enabled ImmediateLeave : Disabled Querier : Enabled Querier Interval : 125 Querier Resp onse Interval : 10 Multicasting unkn[...]
-
Página 224
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The output of “show igmp” provide useful inform ation. The following information is provided: IGMP State shows if IGMP is turned on (Enable) or off (Disable). Immediate Leave provides a mechanism for a particular host that wants to leave a multicast group. It disables the port (wher e the leave message is r[...]
-
Página 225
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE • Auto – lets IGMP control whether the port should or should not participate sending multicast traffic • Block – manually configures the port to always block multicast traffic • Forward – manually configures the port to always forward multicast traffic To set the port characteristics, use the set-po[...]
-
Página 226
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 10 Forwarding 11 Forwarding 12 Forwarding 13 Auto 14 Blocking 15 Blocking 16 Blocking Magnum6K25(igmp)## igmp enable IGMP is enabled Magnum6K25(igmp)## show-router RouterIp PortNo Timer ------------ -------------- -- ---------- 10.21.1.250 9 25 Magnum6K25(igmp)## set-leave enable IGMP immediate leave status is [...]
-
Página 227
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 226 Querier Response Interval : 10 Magnum6K25(igmp)## set-querier disable IGMP querier status is disabled Magnum6K25(igmp)## show igmp IGMP State : Enabled ImmediateLeave : Disabled Querier : Disabled Querier Interval : 125 Querier Resp onse Interval : 10 Magnum6K25(igmp)## set-qi interval=127 Query interva l s[...]
-
Página 228
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 227 GroupIp PortNo Timer Vlanid LeavePending ------------ -------------- -- -------------- -- -------------- -- -------------- -- -- 0.0.0.0 1 155 1 0 239.0.1.10 10 STATIC 0 0 239.0.1.10 11 STATIC 0 0 239.0.1.10 12 STATIC 0 0 239.0.10.10 10 STATIC 0 0 239.0.10.10 11 STATIC 0 0 239.0.10.10 12 STATIC 0 0 239.0.10[...]
-
Página 229
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 228 Magnum6K25(igm p)## mode normal IGMP set to Normal Mode. Magnum6K25(igm p)## exit Magnum6K25# F IGURE 126 - Setting IGMP-L2 List of commands in this c ha pter Syntax igmp – IGMP configuration mode Syntax igmp <enable|disable> - enable or disabl e IGMP on the switch yntax show igmp – IGMP operation[...]
-
Página 230
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 229 group address, 224.0.0.1. The defa ult value is 125 seconds. The vali d range can be from 60 to 127 seconds. set-qri interval=<value> - Syntax The query response interval i s the maximum amount of ti me that can elapse between when the quer ier router sends a host-query message and when it rec eives a[...]
-
Página 231
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Chapter 19 19 – GVRP Generic Attribute Registration Protocol ( GARP) VLAN Registration Protocol (GVRP) eneric A ttribute R egistration P rotocol (GARP) and VLAN registration over GARP is called GVRP. GVRP is defined in the IE EE 802.1q and GARP in the IEEE 802.1p standards. In order to utilize the capab iliti[...]
-
Página 232
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE the default VLAN set to untagged and configure other static VLANs on the ports as either “Tagged or Forbid ” . (“Forbid” is discussed later in this chapter.) GVRP Oper a tions A GVRP-enabled port with a Tagged or Untagged st atic VLAN sends advertisements (BP DUs, or Bridge Protocol Data Units) advertis[...]
-
Página 233
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE If a static VLAN is configured on at leas t one port of a switch, and that port has established a link with another device, then all other ports of that switch will send advertisements for that VLAN. In the figure below, tagged VLAN ports on switch “A” and switch “C” advertise VLANs 22 and 33 to ports o[...]
-
Página 234
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE • If there is no static VLAN with the adve rtised VID on the receiving port, then dynamically create a VLAN with the same VID as in the advertisement, and allow th at VLAN’s traffic • If the switch already has a static VLAN with the same VID as in the advertisement, an d the port is configured to learn fo[...]
-
Página 235
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE ========== ================ ================= = VLAN ID | NAME | VLAN STATUS ========== ================ ================= = 1 | Default VLAN | Static Active 2 | Blue | Static Active 10 | dyn10 | Dynamic Active Magnum6K25(gvrp)## F IGURE 130 – Command to check for dynamically assigned VLANs Note that port 10 [...]
-
Página 236
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE configuration Learn Generate ad vertisements. Forward advertisements for other VLANs Receive advertisements and dynamically join any advertised VLAN Receive advertisements and dynamically join any advertised VLAN that has the same VID as the static VLAN Do not allow the port to become a member of this VLAN Bloc[...]
-
Página 237
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 236 Syntax show gvrp - shows whether GVRP is disabled, along with the current settings for the maximum number of VLANs and the current Primary VLAN Syntax gvrp <enable|disable > - enable or disable GVRP Syntax show-vlan – list all the VLANs (including dynamic VLANs) on the swi tch Syntax set-ports port=[...]
-
Página 238
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 237 Magnum6K25(gvrp)## set-forb id vlan=2 forbid=11-15 Magnum6K25(gvrp)## show-forb id ========== ================ ================= = VLAN ID | FORBIDDEN PORTS ========= ================== == === =========== = 1 | None 2 | 11, 12, 13, 14, 15 F IGURE VRP configuration ex 133 – G ample GVRP Oper a tions Notes [...]
-
Página 239
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 238 List of commands in this c ha pter Syntax show gvrp - shows whether GVRP is disabled, along with the current settings for the maximum number of VLANs and the current Primary VLAN Syntax gvrp <enable|disable > - enable or disable GVRP Syntax show-vlan – list all the VLANs (including dynamic VLANs) on[...]
-
Página 240
Chapter 20 20 – SNMP Managing y our netw ork using SNMP imple Network Management Protocol (SNMP) enables management of the network. There are many software packages which prov ide a graphical interface and a graphical view of the network and its devices. The graphi cal interface and view would not be possible without SNMP. SNMP is thus the buildi[...]
-
Página 241
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Simple Network Management Protocol Version 3 (SNMPv3) – The third version of SNMP, the enhancements made to secure access, different levels of access and security. SNMP engine – A copy of SNMP that can either reside on the local or remote device SNMP group – A collection of SNMP users that belong to a com[...]
-
Página 242
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Notification host – An SNMP entity to which notifications (traps and informs) are to be sent Notify view – A view name (not to exceed 64 characters) for each group that defines the list of notifications that can be sent to each user in the group Privacy – An encrypted state of the contents of an SNMP pack[...]
-
Página 243
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE • RMON MIB (RFC 1757) • RMON: groups 1, 2, 3, and 9 (Statistics, Events, Alarms, and History) • Version 1 traps (Warm Start, Cold Start, Li nk Up, Link Down, Authentication Failure, Rising Alarm, Falling Alarm) RFC 1901-1908 – SNMPv2 • RFC 1901, Introduction to Community-Ba sed SNMPv2. SNMPv2 Working [...]
-
Página 244
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax community [write=<write community>] [read=<read community>] [trap=<trap community>] – set the necessary community strings Syntax authtraps <enable|disable> - enables or disables authentication trap s generation Syntax traps <add|delete> type=<Snmp| Rmon|Snmp,Rmon|Enterp[...]
-
Página 245
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax com2sec <add|delete> id=<id> [secname=<name> ] [source=<source>] [community=<community>] - a part of the View based Acc ess control model (VACM) as defined in RFC 2275. This specifies the mapping from a source/community pair to a security name. On MNS- 6K, up to 10 entries c[...]
-
Página 246
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE SNMP MANAGERS INFO ------------ ------ SNMP TRAP STATIONS INFO ------------ ----------- Magnum6K25# snmp Magnum6K25(snmp)## comm unity write=private read=public SNMP Read community name successf ully set SNMP Write community name successfully set Magnum6K25(snmp)## show snmp SNMP CONFIGURATION INFORMATION -----[...]
-
Página 247
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE SNMP TRAP STATIONS INFO ------------ ----------- Magnum6K25(snmp)## traps add ty pe=Snmp,Rmon ip=192.168.1.2 Successfully Added. Magnum6K25(snmp)## show snmp SNMP CONFIGURATION INFORMATION ------------ -------------- -- -- SNMP Get Community Name : public SNMP Set Community Name : private SNMP Trap Community Na[...]
-
Página 248
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 6K SNMP Agent supports all (v1/v2c/v3) versions. Magnum6K25# show snmp SNMP v3 Configuration Information ========== ================ === System Name : Magnum6K25 System Location : Fremont, CA System Contact : support@garrettcom.com Authentication Trap : Disabled Default Trap Comm. : public V3 Engine ID : 6K_v3E[...]
-
Página 249
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(snmpv3)## show-trap ID Trap Type Hos t IP Community Port ========== ================ ================= ==================== = 1 v1 10.21.1.100 -- -- 2 -- -- -- -- 3 -- -- -- -- 4 -- -- -- -- 5 -- -- -- -- Magnum6K25(snmpv3)## show-trap id=1 Trap ID : 1 Trap Type : v1 Host IP : 10.21.1.100 Community :[...]
-
Página 250
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(snmpv3)## group add id=1 groupname=v1 model=v1 com2secid=1 Entry is added successfully Magnum6K25(snmpv3)## show-group ID Group Name Sec. Model Com2Sec ID ========== ================ ================= ======= 1 v1 v1 1 2 public v2c 1 3 public usm 1 4 -- -- -- 5 -- -- -- 6 -- -- -- 7 -- -- -- 8 -- -- [...]
-
Página 251
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(snmpv3)## access add id=1 accessname=v1 model=v1 level=noauth read=1 writ e=none notify=none Entry is added successfully Magnum6K25(snmpv3)## show-access ID View Name Model Level R/View W/View N/View Context Prefix ========== ================ ================= =================== 1 v1 v1 noauth 1 non[...]
-
Página 252
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(snmpv3)## show-user id=1 User ID : 1 User Name : jsmith User Type : read-write Auth. Pass s omething Priv. Pass : Auth. Type : MD5 Auth. Level : auth Subtree : Magnum6K25(snmpv3)## exit Magnum6K25# show snmp SNMPv3 Configuration Information ============== ================= === System Name : Magnum6K2[...]
-
Página 253
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE The following RMON communities, when defined, enable the specific RMON group as show above. Syntax rmon – enter the RMON configuration mode to setup RMON groups and communities Syntax history def-owner=<stri ng> def-comm=<string> - define the RMON history group and the community string associated [...]
-
Página 254
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax snmpv3 – enter the SNMP V3 configuration mode – note enable SNMP V3 by using the “set snmp” command which follows Syntax show active-snmp – shows the version of SNMP currently in use Syntax community [write=<write community>] [read=<read community>] [trap=<trap community>] –[...]
-
Página 255
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax trap <add|delete> id=<id> [type=<v 1|v2|inform>] [host=<host-ip>] [community=<string>] [port=<1-65534>] - define the trap and inform manager stations. The station can receive v1, v2 traps and/or inform notifications. An inform notification is an acknowledgments that a [...]
-
Página 256
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 255 Syntax statistics def-owner=<string> def-comm=<string> - define the RMON statistics group and the community string asso ciated with the group Syntax alarm def-owner=<string> def-comm=<string> - define the RMON alarm group and the community string associated with the group Syntax even[...]
-
Página 257
Chapter 21 21 – Miscellaneous Commands Impr oving pr oductivity and manageability here are several features built into the Magn um 6K family of switches which help with the overall productivity and manageability of the switch. These items are examined individually in this chapter. T Alar m R elays In a wiring closet, it would be helpful if there [...]
-
Página 258
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 257 Event ID Event Description Signal Type 1 S-RING OPEN SUSTAINED 2 Cold Start MOMENTARY 3 Warm Start MOMENTARY 4 Link Up MOMENTARY 5 Link Down MOMENTARY 6 Authentication Failure MOMENTARY 7 RMON Rising Alarm 9 MOMENTARY 8 RMON Falling Alarm MOMENTARY 9 Intruder Alarm MOMENTARY 10 Link Loss Learn Triggered MOM[...]
-
Página 259
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax period time=<1..10> - sets the duration of relay action for the momentary type signal. This may be needed to adjust to the behavior of the circuit or relay. Default is 3 secon ds. Time is in seconds Syntax del event=<event-id|list|range|all> - disables alarm action in response to the specifie[...]
-
Página 260
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 6 Authentication Failure MOMENTARY 7 RMON Raising Alarm MOMENTA RY 8 RMON Falling Alarm MOMENTARY 9 Intruder Alarm MOMENTARY 10 Link Loss Learn Triggered MOMENTARY 11 Broadcast Storm Detected MOMENTARY 12 STP/RSTP Reconfigured MOMENTA RY Magnum6K25(alarm)## add event=2 Alarm Event(s) Added: 2 Magnum6K25(alarm)#[...]
-
Página 261
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 9 Intruder Alarm MOMENTARY 10 Link Loss Learn Triggered MOMENTARY 11 Broadcast Storm Detected MOMENTARY 12 STP/RSTP Reconfigured MOMENTA RY Magnum6K25(alarm)## alarm disable Alarm system Disabled Magnum6K25(alarm)## d el event=1,3,5,7 Alarm Event(s) Deleted: 1, 3, 5, 7 Magnum6K25(alarm)## s how alarm Alarm Even[...]
-
Página 262
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE sending and receiving emails, it is extremely beneficial for a network administrator to receive emails in case of faults and alerts. The Magnum 6K family of switches can be setup to send a n email alert when a trap is generated. If this capability is used, please ensure th at SPAM filters and other filters are [...]
-
Página 263
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE traps – [optional] this is the trap filter. If valu e is “all”, all traps of any type will be sent to this recipient. If value is none, no traps are sent to this recipient. Value can also be a combination of ‘S’ (SNMP), ‘R’ (RMON) and ‘E’ (ENTERPRISE). For example, trap=SR means that SNMP and [...]
-
Página 264
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax smtp <enable|disable> - enables or disables SMTP to send SNMP alerts by email Magnum6K25# smtp Magnum6K25(smtp)## show smtp config SMTP Global Configuration ========== ================ ============== Status : Disabled SMTP Server IP : 67.109.247.195 SMTP Server Port : 25 Retry Count : 3 Magnum6K25([...]
-
Página 265
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25(smtp)## add id=2 email=jsmith@g arrettcom.com traps=S events=CF ip=192.168.10.13 Recipien t successfully a dded Magnum6K25(smtp)## show smtp recipients ID E-mail Address SMTP Server Port Traps Events ============== ================= ================ ============ 1 rk@gci,sys@gci.com 67.109.247.195 25[...]
-
Página 266
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 265 Magnum6K25# F IGURE 138 – setting SMTP to receive SNMP trap information via email Email alerts can be forwarded to be receiv ed by other devices such as Cell phones, pagers etc. Most interfaces to SMTP are already provided by the cell phone service provider or the paging service provider. Serial Connectiv[...]
-
Página 267
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 266 Banner Messa ge essage is available in MNS-6K-SECURE. t one as to deter unauthorized access. Some users may inadvertently connect to the MOTD stands for Message of the Day, a term used by system administrators to show the status f the system or inform the users of uses or abuses on the system. e Banner mess[...]
-
Página 268
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 267 Please disconnect if you are an unauthorized user. Thanks. MOTD Updated. It will be displayed at next login. Magnum6K25# show motd Motd : This is a secure device. Unaut hori zed access is prohibited. Please disconnect if you are an un auth orized user. Thanks. Magnum6K25# logout Logging out from the current[...]
-
Página 269
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 268 Syntax !! – repeat the last command Syntax !<n> - repeat the “n”th command (a s indicated by a show history) Syntax show history – show the last 25 commands executed – if less than 25 commands are executed, only hown If the user logs out or if the switch time s out – the history is erased.[...]
-
Página 270
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 269 Magnum 6K 5# se 2 t history ? set history : Set Histo ry Size Usage set history size=<1-100> Groups: All. Magnum 6K25# set history size=100 History Size is Set Magnum6K25# show history 1 : show version 2 : show setup 3 : show serial 4 : show history Magnum6K25# !1 show vers ion MNS-6K-Secure Ver: 14.1[...]
-
Página 271
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 270 $$ : $ Character $r : New Line $b : Space A f ow the system prompt can be setup is shown below. 6K25# snmp ew examples on h Magnum Magnum6K25(snmp)## setvar sysname=Core System variable(s) set successfully Magnum6K25(snmp)## exit Magnum6K25# set prompt $n Core# set prompt $n$b$i Core 192.168.5.5# set prompt[...]
-
Página 272
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 271 F IGURE 143 – Using the ping command Many devices do not respond to ping or block ping commands. Make sure that the target device does respond or the ne twork does allow the ping packets to ropagate through. p FTP m is supported on MNS. MNS supports normal ftp as well as y many companies today to work wit[...]
-
Página 273
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 272 System Ev ents All events occurring on the Magnum 6K family of switches are logged. The events can be escription as shown below Code D 0 Emergency (or Fatal) system is unusa ble – called “fatal” in show log command 1 Alert : action must be tak en immediately 2 Critical : critical conditions 3 nditions[...]
-
Página 274
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 273 arrettCom recommends that this capability should be used centralize the logs. Magnum6K2 # The system events can be sent to a Syslog server using the Sysl og capabilities in MNS-6K-SECURE. G to show log 5 S DATE TIME Log Description -- ------ -- -------- ------ ---------------- -------------- -- ------------[...]
-
Página 275
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 274 Do you wish to export the event logs? [ 'Y' or 'N'] Y Successfully uploaded the event log file. Magnum6K25# F IGURE 146 – Using exportlog to export the event log information In the table below, the following acronyms are used for Severity: E= Alert; C=Critical; F=Fail or Error conditio[...]
-
Página 276
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Subsystem Description Severity BRIDGE Unable to delete MAC address from FDB D BRIDGE Unable to insert MAC address to FDB D BRIDGE Bridge init failed for ethx F BRIDGE Bridge enable for ethx failed F BRIDGE Bridge MIB init is done I CLI Manager login at console I CLI Operator login at console I CLI Manager passw[...]
-
Página 277
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Subsystem Description Severity RMON Alarm : internal error , unable to get m emory F RMON Alarm : internal error, unable to get m emory for alarm entry F RMON History : internal error, unable to get memory for history contr ol entry F RMON History : internal error, unable to get memory for history data entry F [...]
-
Página 278
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Subsystem Description Severity TCP/IP Duplicate IP a.b.c.d se nt from MAC address XXXXXX C TCP/IP Unable to allocate memory for an ICMP packet C TCP/IP IP packet from a.b.c.d , with checksum error dropped D TCP/IP Bad IP fragments from a.b.c.d dropped D TCP/IP UDP checksum error in the received packet a.b.c.d D[...]
-
Página 279
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Magnum6K25# show address-table Sl# MAC Address Port ------------ -------------- -- -------------- -- --------- 1 01:00:5e:00:00:fb 0 2 00:0c:f1:b9:d1:dc 3 3 33:33:00:00:00:02 0 4 01:00:0c:cc:cc:cc 0 5 01:00:5e:00:00:16 0 6 00:07:50:ef:31:40 3 7 00:e0:81:52:85:96 3 8 01:40:96:ff:ff:ff 0 9 01:40:96:ff:ff:00 0 10 [...]
-
Página 280
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax show smtp <config|recipients> - config – displays the current SMTP global settings and recipients displays the currently config ured recipients of email alerts Syntax add id=<1-5> email=<email-addr> [t raps=<all|none|S|R|E >] [events=<all|none|I|A |C|F|D>] [ip=<ip-addr&[...]
-
Página 281
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 280 body – [mandatory] email body Syntax server ip=<ip-addr> [port =<1-65535>] [retry=<0-3>] – configure the global SMTP server settings ip – [mandatory] SMTP server IP address port – [mandatory] TCP port to be used for SMTP communications – default is 25 retry – [optional] specifi[...]
-
Página 282
APPENDIX 1 APPENDIX 1 - Command listing by Chapter A rich envir onment – this A ppendix provides a r ef er ence to the commands by chapter Chapter 2 – Getting Star ted Syntax ipconfig [ip=<ip-address> ] [mas k=<subnet-mask>] [dgw=<gateway>] – to set IP address on the switch Syntax save – save changes made to the configurat[...]
-
Página 283
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax useraccess groups – displays the current groups Syntax help <command string> - help for a specific command Syntax command <Enter> - options for a command Syntax <TAB> - listing all commands available at the privilege level Syntax <command string> <TAB> - options for a comm[...]
-
Página 284
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE bootcfg=<enable|disable> - valid with type=bootp only. This option allows the switch to load the configuration file from the BootP server. This is useful when a new switch is put on a network and the specific config urations are loaded from a centralized BootP server Syntax telnet <enable|disable> -[...]
-
Página 285
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax saveconf mode=<serial|tftp|ftp> [<ipaddress>] [file=<name>] – saves the configuration on the network usin g tftp, ftp or serial protocols Syntax loadconf mode=<serial|tftp|ftp> [<ipaddress>] [file=<name>] – loads the previously saved configuration from the network [...]
-
Página 286
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax tftp <get|put> [type=<app|confi g|oldconf| script|hosts|log>] [host=<hostname>] [ip=<ipa ddress>] [file=<filename>] – upload and download information using tftp command Where <get|put> - different tftp operations – get a file from the server or put the information [...]
-
Página 287
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax show sysconfig – reviews settabl e system parameters Syntax show time – shows the system time Syntax show timezone – shows the system timezone Syntax show date – shows the system date Syntax show uptime – shows the amount of time the switch has been o perational Syntax show config [module=<m[...]
-
Página 288
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax – addlease ip=<ip> mac=<mac> [leasetime=<lease time (1..10)>] – add a specific host with a specific IP address Syntax - reserve-ip ip=<ip> [mac=<mac>] - reserve a specific IP address for a device Syntax - clear-reserveip ip=<ip> - clear the reverse IP assigned Synt[...]
-
Página 289
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax signal port=<num|list|range> <none|log|trap|logandtrap> - port to monitor and signal to send in case of breach of port security Syntax ps <enable|disable> - enable or disable port security Syntax remove mac=<all|address|list|range> port=<num|list|range > - remove a MAC addre[...]
-
Página 290
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax clear <history|log [1..5 |informational |activity |critical |fatal |debug] |terminal |arp|portstats|addr] – clear command to clear various aspe cts of the MNS-6K information – most notably “clear addr” – clears the addr esses learnt or “clear log” to clea r the logs (and the type of logs[...]
-
Página 291
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE transmit – [optional] This is the transmit pe riod, this is the time in seconds the authenticator waits to transmit another reque st for identification from the supplicant. Default value is 30. Values can be from 1 to 65535 seconds Syntax reauth port=<num|list|range> [status=<e nable|disable>] [pe[...]
-
Página 292
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Chapter 10 – P or t mir r oring and setup Syntax show port-mirror – display port mirror settings Syntax port-mirror <enter> - configure port mirror settings Syntax setport monitor=<monitor port numbe r> sniffer=<sniffer port number> - set port mirror settings Syntax prtmr <enable|disabl[...]
-
Página 293
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax start vlan=<name|number|list|range> activate the VLAN configuration Syntax save save the configuration (inclu ding the VLAN configuration) Syntax edit id=<vlan id> [name=<vlan name>] port=<number|list|range> [<mgt|nomgt>] - edit existing VLAN name Syntax show vlan [<id=vl[...]
-
Página 294
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax port port=<number|list|range > status=<enable|disable> - specific ports may not need to participate in STP process. These ports typical ly would be end-stations. If you are not sure – let MNS-6K software make the decisions Syntax timers forward-delay=<4-30> hello=<1-10> age=<[...]
-
Página 295
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax priority [port=<number|list|ran ge>] value=<0-255 | 0-65535> - specifies the port or switch level priority. When a port(s) are specified the priority is associated with ports and their value is 0 - 255. If no ports are specified, then the switch (bridge) priority is specified and its value is[...]
-
Página 296
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax lll del port=<port|list|range> - disable LLL on the list of specified ports Syntax show lll – display the status of LLL Syntax rstp – STP Configuration mode Syntax rstp <enable|disable> - Start (Enable) or stop (Disable) STP Syntax set stp type=<stp|rstp> - set the spanning tree pro[...]
-
Página 297
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE priority, the higher the priority. The port with the hi ghest p riority is the primary port (over which certain types of traffic like IGMP is transmitted) Syntax del port=<number|list|range> - delete specified ports from the LACP membership Syntax edit port=<number|list|ran ge> [priority=<priorit[...]
-
Página 298
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax group add ip=<group ip> port=<num ber|list|range> vlan=<vlanid> - add ports to a specific IGMP broadcast group del ip=<group ip> - delete ports from a specific IGMP broadcast group Syntax show-group – shows the multicast groups Syntax set-port port=< port|list|rang e> mode[...]
-
Página 299
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax set-forbid vlan=<tag vlanid> fo rbid=<port-number|list|range> - sets the forbid GVRP capability on the ports specified Syntax show-forbid – display the ports with GVRP forbid capabilities Chapter 20 – SNMP Syntax snmp – enter the SNMP Configuration mode Syntax snmpv3 – enter the SNMP [...]
-
Página 300
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax authtrap <enable|disable> - enables or disables authen tication traps generation Syntax show-authtrap - displays the current value of authentication t rap status. Syntax deftrap community =<string> - defines the default community string to be used when sending traps. When user does not specif[...]
-
Página 301
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE to 5 users to be added. Right now, the MNS-6K agent only support noauth and auth-md5 for v3 authentication and auth-d es for priv authentication Syntax show-user [id=<id>] - display all or specific view entri es - id is optional and is the number corresponding to the view entry number in th e table Syntax[...]
-
Página 302
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Syntax smtp – configure the SNMP alerts to be sent via email Syntax show smtp <config|recipients> - config – displays the current SMTP global settings and recipients displays the currently config ured recipients of email alerts Syntax add id=<1-5> email=<email-addr> [t raps=<all|none|S|[...]
-
Página 303
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 302 subject – [mandatory] email subject or title body – [mandatory] email body Syntax server ip=<ip-addr> [port =<1-65535>] [retry=<0-3>] – configure the global SMTP server settings ip – [mandatory] SMTP server IP address port – [mandatory] TCP port to be used for SMTP communications[...]
-
Página 304
APPENDIX 2 APPENDIX 2 - Commands sor ted alpha beticall y Command Description !! repeat the last command !<n> repeat the “n”th command (as indicated by a show history) <command string> <TAB> options for a command <Down-arrow> opposite of Up-arrow key <first character of the command> <TAB> listing commands sta[...]
-
Página 305
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description add port=<number|list|range> [priority=<0-65535>] add the specified list of ports to form the logical LACP trunk. Default value for priority is 32768. The lower the value assigned to priority, the higher the priority. T he port with the highest priority is the primary port (over [...]
-
Página 306
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description clear <history|log [1..5 |informational |activity |critical |fatal |debug] |terminal |arp|portstats|addr] clear command to clear various aspects of the MNS-6K information – most notably “clear addr” – clears the addresses learnt or “clear log” to clear the logs (and the type o[...]
-
Página 307
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description del event=<event-id|list|range|all> disables ala rm action in response to the specified event ID del port=<number|list|range> delete specified ports from the LACP membership. Requires the lacp module. delete id=<1-5> delete the specific id specified. The deleted id no longe[...]
-
Página 308
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description enable <user-name> changing the privilege level engineid string = <string> Every agent has to have an engineID (name) to be able to respond to SNMPv3 messages. The default engine ID value is “6K_v3Engine”. This command allows the user to change the engine ID event def-owner=&[...]
-
Página 309
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description group <add|delete> id=<id> [groupname=<name>] [model=<v1|v2c|usm>] [com2secid=<com2sec-id>] a part of the View based Access control model (VACM) as defined in RFC 2275. This command defines the mappi ng from sec model or a sec name to a group. A sec model is one[...]
-
Página 310
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description lll <enable|disable> enable or disable LLL on the switch lll add port=<port|list|range> enable LLL on the list of specified ports lll del port=<port|list|range> disable LLL on the list of specified ports loadconf mode=<serial|tftp|ftp> [<ipaddress>] [file=<na[...]
-
Página 311
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description port-mirror <enter> configure port mirror settings port-security configure port security settings priority [port=<number|list|range>] value=<0-255 | 0-65535> specifies the port or switch level priority. When a port(s) are specified the priority is associated with ports and [...]
-
Página 312
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description rmon enter the RMON configuration mode to setup RMON groups and communities rstp enter the RSTP configuration mode rstp <enable|disable> enable RSTP – by defaul t, this is disabled and has to be manually activated save save changes made to the configuration saveconf mode=<serial|t[...]
-
Página 313
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description set date year=<2001-2035> month=<1- 12> day=<1-31> [format=<mmddyyyy|ddmmyyyy|yyyy mmdd>] sets the date and the format in which the dat e is displayed set daylight country=< country name> set the daylight saving time set dns [server=<ip>] [domain=<domai[...]
-
Página 314
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description set stp type=<stp|rstp> Set the switch to support RSTP or change it back to STP. Need to save and reboot the switch after this command set time hour=<0-23> min=<0-59> sec=<0-59> sets the time set timeformat format=<12|24> set the di splay time in the 12/24 hour [...]
-
Página 315
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description setport port=<num|list|range> [status=<enable|disable>] [control=<auto|for ceauth|forceunauth> ] [initialize=<assert|deassert>] setting the port characteristic for an 802.1x network setport port=<port#|list|range> [name=<name>] [speed=<10|100>] [dupl[...]
-
Página 316
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description set-qi interval=<value> The IGMP querier router periodically sends general host-query messages. These messages are sent to ask for group membership information. This is sent to the all-system multicast group address, 224.0.0.1 . The default value is 125 seconds. The valid range can be [...]
-
Página 317
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description set-untag port=<port|list|range> priority=<high|low> tag=<0-7> The 802.1p user priority assigned to unt agged received packets to be transmitted as tagged from the priority queue setvar [sysname|syscontact|syslocation]=<stri ng> set the system name, contact and locati[...]
-
Página 318
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description show address-table displays which mac address is associated with which port for packet switching show active-stp status whether STP or RSTP is running Show active-snmp display the version of SNMP currently in use show alarm displays the current status of Alarm system show auth <config|por[...]
-
Página 319
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description show host display the hosts table entries show igmp IGMP operation status show ip-access display all trusted hosts show ipconfig shows the IP parameters set i n the switch show lacp displays the status and other relevant LACP information show lll display the status of LLL show log [fatal|ale[...]
-
Página 320
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description show snmp displays the SNMP configuration information show sntpsrv display the status of SNTP server show ssh display ssh setting. For displaying the telnet setting use show console show s-ring show the status of S-Ring show stp <config|ports > regardless of whether STP is enabled or d[...]
-
Página 321
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description show-router displays detected IGMP-enabled rout er ports show-stats port=<num> displays 802.1x related statistics show-timers show the values of the timers set for RSTP show-trap [id=<id#>] shows the configured trap statio ns in tabular format - id is optional and is the number c[...]
-
Página 322
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description snmp enter the SNMP Configuration mode snmpv3 enter the SNMP V3 configuration mode – note enable SNMP V3 by using the “set snmp” command which follows sntp [enable|disable] enable or disable the SNTP services sntpserver enter the SNTP Server configuration mode sntpsrv <start|stop>[...]
-
Página 323
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description start vlan=<name|numb er|list|range> activate the VLAN configuration static vlan=<VID> convert a dynamic VLAN to a static VLAN statistics def-owner=<string> def- comm=<string> define the RMON statistics group and the community string associated with the group stp STP [...]
-
Página 324
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description telnet <ipaddress> [port=<port number>] telnet from the switch. The IP address can be an IPv4 address or an IPv6 address timers forward-delay=<4-30> hello=<1- 10> age=<6-160> change the STP Forward Delay, Hello timer and Aging timer values tftp <get|put> [[...]
-
Página 325
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE Command Description user <add|delete> id=<id> [username=<name>] [usertype=<readonly|readwrite>] [authpass=<pass-phrase>] [privpass=<pass-phrase>] [level=<noauth|auth|priv>] [subtree=<oid>] for quickly adding or deleting v3 USM based security, this command adds use[...]
-
Página 326
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE 325 Intentionally left blank[...]
-
Página 327
APPENDIX 3 APPENDIX 3 - Daylight Sa vings No time lik e the pr esent... Daylight Sa vings Time Magnum6K Switches provide a way to automatically adjust the system clock for Daylight Savings Time (DST) changes. In addition to the value " none" (no time changes), there are fifteen pre- defined settings, a few examples are: • Alaska • Can[...]
-
Página 328
DAYLIGHT SAVINGS TIME 327 Australia, Belgium, Canada, Chile, Cuba, Egypt, France, Finland, Germany, Greece, Iraq, Italy, London, Namibia, Portugal, Russia, Spai n, Sweden, Switzerland, Syria, USA Note – as of Release 3.7, the new daylight saving times dates enforced as of 2007, for the time zones and states in US, have been implemented in MNS-6K[...]
-
Página 329
APPENDIX 4 APPENDIX 4 – Br o wser Cer tificates You shouldn't overestimate the I.Q. of crooks — NYT: Stuart A. Baker, General Counsel for the NSA There is no security on this earth. Only opportunity. – Douglas MacArthur Cer tificates Certificates are means for authenticating the validity of sites, servers or other devices user can connec[...]
-
Página 330
BROWSER CERTIFICATES Using Mo zilla Fir efo x (v er . 3.x) Mozilla Firefox version 3.x ensures that the user validate the certificate before it allows the user to proceed to the site when the address (URL) does not match the information in the self signed certificate. F IGURE 149 – On finding a mismatch between the certificate and the acc esses s[...]
-
Página 331
BROWSER CERTIFICATES F IGURE 150 – Mozilla Firefox tries to warn the user agai n about the dangers of sites with improper certificates Once the “Add Exception” button is displayed, make sure you click on it. 330[...]
-
Página 332
BROWSER CERTIFICATES F IGURE 151 – Firefox forces you to get the certificat e before it lets you access the site Notice that the browser points out that valid sites such as banks, online web stores, government sites, secure sites etc. will not ask you to do that. Since the GarrettCom MNS- 6K is a self signed authenticated “site”, it is a good[...]
-
Página 333
BROWSER CERTIFICATES F IGURE 152 – Here, you can view the certificate, perm anently make an ex ception and confirm the exception. The locations to do tho se are identified in this figure The self signed certificate from GarrettCom is shown in the next figure. 332[...]
-
Página 334
BROWSER CERTIFICATES F IGURE 153 – Self signed certificate from GarrettCom Inc for MNS-6K Once accepted, the user does not need to go through these steps again. Using Inter net Explor er (v er 7.x) Internet Explorer version 7.x provides a warning when the certificates do not match. Ther e is no mechanism to create a permanent exception using IE 7[...]
-
Página 335
BROWSER CERTIFICATES 334 F IGURE 154 – Using IE 7 Using Other Br o wser s There are many other browsers such as Opera, Safari which are also widely used. There are similar mechanisms built into these browsers to inspect the certificate and create an exception. Please refer to their respective documentation for help.[...]
-
Página 336
APPENDIX 5 APPENDIX 5 – Upda ting MNS-6K Softw ar e Keep up to date.... The steps required to update the MNS-6K so ftware on your Magnum switch are listed. Intentionally left blank 335[...]
-
Página 337
UPDATING MNS-6K – STEP 1 Ste p 1 1. Getting Star ted Decide w hich version to use….. his document describes how to upgrade the MNS -6K software on a Magnum 6K switch. The methods described for updating the MNS-6K software are either locally at the console port on the Magnum 6K switch or remotely over the network using FTP or TFTP. This step inv[...]
-
Página 338
UPDATING MNS-6K – STEP 1 2) Enough disk space to store and retrieve the configuration files as well as copy software files from GarrettCom. We recomme nd at least 15MB of disk space for this purpose 3) Connection to the Internet. Make sure the connection does n ot block FTP file transfers 4) IP address of the switch that is being upgraded. Along [...]
-
Página 339
UPDATING MNS-6K – STEP 1 b) If the site uses another socket number for ftp connections, use the socket number at the end of the URL. For example, if the network administrator has setup a firewall to use socket number 1684, the URL would be as follows: ftp://ftp.garrettcom.com:1684 c) NOTE - You can use any other FTP progra m available on the Inte[...]
-
Página 340
UPDATING MNS-6K – STEP 1 F IGURE 155 – Accessing the GarrettCom site for download. Note – if the browser does not support th e login prompt, you ca n type in the user name and password on the URL as follows: ftp://m6kuser:m6kuser@ftp.garrettcom.com 3) After successful login, select the proper fo lder for downloading the proper MNS-6K software[...]
-
Página 341
UPDATING MNS-6K – STEP 1 F IGURE 156 – Select the proper version to use after successful login 4) Navigate to the folder MNS-6K. See Figure 3. (There are other folders with additional software, MIBs as well as additional useful information for the Magnum-6K switches which you may want to use later.) From the MNS-6K folder download the latest ?[...]
-
Página 342
UPDATING MNS-6K – STEP 1 341 F IGURE 158 – Use the copy command to copy t he files to the proper location 6) Make sure you remember where the files are stored as these files will be needed for the next step. Ne xt steps 1) Access the GarrettCom Magnum 6K switch. The access can be over the console port using the null modem cable or through the n[...]
-
Página 343
UPDATING SOFTWARE – STEP 2 Ste p 2 2. Pr eparing to load the software Backup y our existing configuration….. nce the MNS-6K software is downloaded fr om the GarrettCom site, it is strongly recommended that the existing configuration of the switch is preserved before the MNS-6K software upgrade is performed. Th is section will show you how to sa[...]
-
Página 344
UPDATING SOFTWARE – STEP 2 343 F IGURE 159 - HyperTerminal screen showing the serial settings Netw or k Access Prerequisites - a PC (or workst ation/computer) with telnet sof tware and the IP address of the Magnum 6K switch (or DNS name associated with the switch) to be upgraded. Access the Magnum 6K switch by using the telnet command. For exampl[...]
-
Página 345
UPDATING SOFTWARE – STEP 2 1) Serial file transfer capability such as X-m odem or equivalent 2) TFTP server 3) FTP server As a good practice, GarrettCom recommends that y ou should have all these capabilities ava ilable on your local computer if you plan to upgrade additional sw itches as well as switches in the future. The command used for savin[...]
-
Página 346
UPDATING SOFTWARE – STEP 2 F IGURE 162 – Invoke the “Receive File” to start the Xmodem transfer pr ogram. In the figure above the Windows XP based HyperTerminal screen is shown Once the “Receive File” is invoked (as shown in Figure above) follow the dialog to save the file in the proper directory with the proper name as shown in Figure [...]
-
Página 347
UPDATING SOFTWARE – STEP 2 F IGURE 164 – Status window for Xmodem (using HyperTerminal under Windows XP) When the file transfer is completed, the window shown in Figure 10 exits and the completion message is displayed as shown in Figure 11. Successfully uploaded the configuration Magnum6K25 # F IGURE 165 – Message which shows the completion o[...]
-
Página 348
UPDATING SOFTWARE – STEP 2 347 This will save the file 6kconfig-10.11 to the specified IP address (192.168.10.99) in the default TFTP fo lder. Using FTP would be the sa me as Figure 12, except replace 'mode=tftp' with 'mode=ftp' In some situations (e.g. routed netwo rks), TFTP or FTP services may be blocked. Check for network [...]
-
Página 349
UPDATING SOFTWARE – STEP 3 Ste p 3 3. Loading the MNS-6K softw are Load the new version of the MNS-6K image….. T this stage, the Magnum MNS-6K sof tware has been downloaded from the GarrettCom site, and the config uration saved. The Magnum-6K switch is now ready to upload the new MNS-6K software image. Bef or e loading the MNS-6K software A It [...]
-
Página 350
UPDATING SOFTWARE – STEP 3 Serial Connection Prerequisites - make sure the di rectory and the file name of the MNS-6K software image downloaded in steps 1 and 2 is known. To use the serial c onnection to update the MNS-6K image, the command dialog is shown below: Magnum6K25# show ve rsion MNS-6K-Secure Ve r: 14.1 Date:Jul 2 8 2008 Time:07:5 1:45 [...]
-
Página 351
UPDATING SOFTWARE – STEP 3 Upgrade is Succes sful. Please rebo ot Magnum 6Kxx to start the ap plication Magnum6K25# reboot Proceed on rebooting the swit ch? [ 'Y' or 'N' ] Y Do you wish to save current configuration? [ 'Y' or 'N' ] Y (The switch will now reboot. After the reboot, the Magnum 6K switch may pr[...]
-
Página 352
UPDATING SOFTWARE – STEP 3 351 Magnum6K25# show ve rsion MNS-6K-Secure Ve r: 14.1 Date:Jul 2 8 2008 Time:07:5 1:45 Build ID 1217 245902 Magnum6K25# upgrade mode=tftp 192.168.10.99 file=Rel4.2.bin Do you wish to upgrade th e image? [ 'Y' or 'N'] Y Upgrade is Successful. Please reb oot Magnum 6Kxx to sta rt the application Magnu[...]
-
Página 353
UPDATING SOFTWARE – STEP 4 Ste p 4 4. (Optional Step) R estoring the configur a tion Optionally , r estore back the original conf iguration and update the boot code….. t this optional step, the original configuration has been saved, MNS-6K image copied from the www.garrettcom.com site and then onto the Magnum 6K sw itch and finally, if required[...]
-
Página 354
UPDATING SOFTWARE – STEP 4 353 Upda ting boot code o v er the networ k As discussed in step 1 – selecting the proper version , with either upgrade path (to Version 2.7.1B or to Version 3.0), the boot code will be updated. At boot up time, the Ma gnum 6K sw itch identifies that there is a new version of the boot code and asks if the new boot cod[...]
-
Página 355
UPDATING SOFTWARE – STEP 4 354 Intentionally left blank[...]
-
Página 356
INDEX Inde x !!, 302 !<n>, 302 802.1d, 147, 151, 159, 160, 162, 165, 172, 293 802.1q, 230 802.1Q, 132, 147 802.1w, 159, 160, 165, 175 802.1x, 106, 107, 108, 109, 114 , 289 access, 46, 61, 102, 103, 104, 250, 288 action, 91, 92, 95, 104, 287 action port, 91 add, 30, 37, 94, 135, 138, 145, 200, 202, 204, 257, 258, 259, 261, 263, 264, 278, 279, [...]
-
Página 357
INDEX com2sec, 244, 248, 254, 299 community, 243, 253, 298, 305 community string, 239 config, 56, 57, 81, 82, 83, 284, 285, 286, 307, 324 config startip, 81, 83, 286 configure, 70, 104, 134, 285, 287 configure access, 42, 70, 285 CoS, 207 cost, 150, 152, 156, 158, 166, 170, 172, 292, 294 default user name, 26 DEFAULT-VLAN, 133 deftrap, 243, 247, 25[...]
-
Página 358
INDEX 223, 224, 227, 228, 240, 241, 244, 249, 252, 254, 255, 267, 281, 297, 299, 300, 304, 307, 308, 315, 318, 319, 322, 324 group add, 249 GSSAPI, 46 gvrp, 236, 297 GVRP, 230, 232 GVRP BPDUs, 230 help, 34, 37, 282 Helsinki University of Technology, 45 history, 252, 254, 300 History Group, 251 host, 61, 70 hosts, 56, 57, 284, 285, 307, 324 IEEE, 10[...]
-
Página 359
INDEX MIB, 109, 215, 239, 244, 251, 254, 299 mode, 221, 227, 229 mode L2, 227 mode normal, 228 modes of operation, 25 MOMENTARY, 256, 257, 258, 25 9, 260 more, 62, 70 MOTD, 266 NAS, 116 NTLM, 46 oldconf, 56, 57, 284, 285, 307, 324 OPEN, 184 OpenSSH, 46 Operator, 29 PAM, 46 passwd, 31, 37, 281 passwd user, 31 period, 258, 278, 300 PHB, 206 ping, 270[...]
-
Página 360
INDEX RFC 2273, 242 RFC 2274, 242 RFC 2275, 242 RFC 3164, 96, 97, 272 RFC 3315, 77 RFC 3396, 77 RFC 4251, 45 RFC 4252, 46 RFC 4253, 45 RFC 4254, 46 RFC 4256, 46 RFC 4391, 77 RFC 4541, 221 RFC 821, 260 RING_CLOSED, 178, 180 RING_OPEN, 179 rlogin, 44 rmon, 252, 254, 300 RMON, 251, 252, 254, 25 5, 257, 262, 300 RSA, 44, 46 rsh, 44, 45 RS-Ring, 174, 17[...]
-
Página 361
INDEX set serial, 50, 68, 283 set snmp, 242, 244, 253, 298 set stp, 151, 161, 172, 183, 185, 186, 293, 294, 295 set time, 52, 68, 283 set timeformat, 53, 68, 283 set timezone, 52, 68, 283 set vlan, 134, 145, 291 set-forbid, 236, 237, 298 set-leave, 225, 228, 297 setport, 109, 110, 114, 122, 123, 124, 128, 130, 289, 291 set-port, 136 set-port, 136 s[...]
-
Página 362
INDEX show active-snmp, 242, 244, 246, 253, 298 show active-stp, 151, 162, 167 , 172, 183, 185, 186, 293, 294, 295 show active-vlan, 138 show address-table, 277, 278 show alarm, 258, 259, 260, 300 show auth config, 110 show auth ports, 111 show backpressure, 126, 127, 131, 291 show broadcast-protect, 129, 130 show config, 37, 62, 63, 64, 70 , 281, [...]
-
Página 363
INDEX show-com2sec, 248 show-deftrap, 243, 247, 253, 299 show-forbid, 236, 237, 298 show-forceversion, 166, 168, 169, 172, 293 show-group, 223, 228, 244, 249, 254, 297, 299 show-port, 112, 113, 136, 142, 144, 146, 224, 228, 292, 297 show-portweight, 209, 212, 213, 296 show-router, 224, 225, 228, 297 show-stats, 113, 115, 290 show-timers, 166, 169, [...]
-
Página 364
INDEX 363 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 198, 210, 257, 259, 260, 292, 293, 294, 295, 307, 309, 313, 317, 319, 322, 323 stp enable, 151, 154 STP Path cost, 165 Stratum, 85, 86 supplicant, 106, 108, 109, 110, 114, 115, 289, 290 Supplicant, 106 SUSTAINED, 256, 257, 258, 259 sync, 53, 54, 68 syslog, 98, 99, [...]