Extreme Networks 200 Series manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Extreme Networks 200 Series. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Extreme Networks 200 Series ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Extreme Networks 200 Series décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation Extreme Networks 200 Series devrait contenir:
- informations sur les caractéristiques techniques du dispositif Extreme Networks 200 Series
- nom du fabricant et année de fabrication Extreme Networks 200 Series
- instructions d'utilisation, de réglage et d’entretien de l'équipement Extreme Networks 200 Series
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Extreme Networks 200 Series ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Extreme Networks 200 Series et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Extreme Networks en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Extreme Networks 200 Series, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Extreme Networks 200 Series, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Extreme Networks 200 Series. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    Extreme Networks, Inc. 3585 Monroe Street Santa Clara, California 95051 (888) 257-3000 http://www .e xtremenetworks.com Summit 200 Ser ies Switch Installation and User Guide Software Version 7.1e0 December , 2003 P art Number : 100149-00 Re v 02[...]

  • Page 2

    ii ©2003 Extreme Networks, Inc. All rights reserved. Extrem e N etworks, ExtremeW ar e and BlackDiamond ar e regis tered trademarks of Extreme Network s, Inc. in the United St ate s and certai n other juris diction s. Extr emeW are V ista, ExtremeW orks, Extr emeAssist, ExtremeA ssist1, ExtremeAss ist2 , PartnerAssist, Extreme Standby Router Proto[...]

  • Page 3

    Summit 200 Series Switch Inst allation and User Gu ide iii Contents Preface Introduction xi ii Conventions xiv Related Publications xiv Chapter 1 Summit 200 Series Switch Overview Summit 200 Series Switche s 15 Summary of Features 15 Summit 200-24 Switch Physical Features 16 Summit 200-24 Switch Front V iew 16 Summit 200-24 Switch Rear V iew 19 Sum[...]

  • Page 4

    iv Summit 200 Series Switch Installation and User Guid e Contents Creating a Stack 31 Connecting Equipment to the Console Port 32 Powering On the Switch 34 Checking the Installation 34 Logging In for the First T ime 34 Chapter 3 ExtremeW are Overview Summary of Features 37 V irtual LANs (VLANs) 38 Spanning T ree Protocol 38 Quality of Service 39 Un[...]

  • Page 5

    Summit 200 Series Switch Inst allation and User Gu ide v Contents Chapter 5 Managing the Switc h Overview 57 Using the Console Interface 58 Using T elnet 58 Connecting to Another Host Using T elnet 58 Configuring Switch IP Parameters 58 Disconnecting a T elnet Session 60 Controlling T elnet Access 61 Using Secure Shell 2 (SSH2) 61 Enabling SSH2 61 [...]

  • Page 6

    vi Summit 200 Series Switch Installation and User Guid e Contents Configuring Switch Port Speed and Duplex Setting 88 Switch Port Commands 89 Load Sharing on the Switc h 91 Load-Sharing Algorithms 92 Configuring Switch Load Sharing 93 Load-Sharing Example 93 V erifying the Load-Sharing Configuration 94 Switch Port-Mirror ing 94 Port-Mirroring Comma[...]

  • Page 7

    Summit 200 Series Switch Inst allation and User Gu ide vii Contents Displaying FDB Entries 1 12 Chapter 9 Access P olicies Overview of A ccess Policies 115 Access Control Lists 1 15 Rate Limits 11 5 Routing Access Policie s 1 16 Using Access Control Lists 1 16 Access Masks 1 16 Access Lists 1 16 Rate Limits 11 7 How Access Control Lists W ork 1 18 [...]

  • Page 8

    viii Summit 200 Series Switch Installation and User Guid e Contents Creating Portmap NA T Rules 139 Creating Auto-C onstrain NA T Rules 140 Advanced Rule Matching 140 Configuring T imeouts 141 Displaying NA T Settings 141 Disabling NA T 142 Chapter 11 Ethernet A u toma tic Pr otection Switching Overview of the EAPS Pr otocol 143 Optimizing Interope[...]

  • Page 9

    Summit 200 Series Switch Inst allation and User Gu ide ix Contents Modifying a QoS Confi guration 168 T raffic Rate-Limiting 168 Dynamic Link Context System 168 DLCS Guidelines 169 DLCS Limitations 169 DLCS Commands 169 Chapter 13 Status Moni toring and Statistics Status Monitoring 171 Port Statistics 173 Port Errors 173 Port Monitoring Di splay Ke[...]

  • Page 10

    x Summit 200 Series Switch Installation and User Guid e Contents Proxy ARP 194 ARP-Incapable Devices 195 Proxy ARP Between Subnets 195 Relative Route Priorities 195 Configuring IP Un icast Routing 196 V erifying the IP Unicast Routi ng Configuration 196 IP Commands 197 Routing Configuration Exampl e 201 Displaying Router Settings 202 Resetting and [...]

  • Page 11

    Summit 200 Series Switch Inst allation and User Gu ide xi Contents Configuring OSPF W ait Interval 225 Displaying OSPF Sett ings 226 OSPF LSD Display 2 26 Resetting and Disablin g OSPF Settings 227 Chapter 17 IP Multicast Routing and IGMP Snooping IP Multicast Ro uting Overview 229 PIM Sparse Mode (PIM-SM) Over view 230 Configuring PIM-SM 230 Enabl[...]

  • Page 12

    xii Summit 200 Series Switch Installation and User Guid e Contents Status Messages 251 Configuring th e Summit 200 using ExtremeW are V i sta 251 IP Forwarding 252 License 253 OSPF 254 Ports 261 RIP 263 SNMP 266 Spanning T ree 267 Switch 271 User Accounts 271 Vi r t u a l L A N 2 7 2 Reviewing ExtremeW are V ist a Statistical Re ports 274 Event Log[...]

  • Page 13

    Summit 200 Series Switch Inst allation and User Gu ide xiii Contents Appendix D Software Upgrade and Boot Options Downloading a New Image 307 Rebooting the Swit ch 308 Saving Configurat ion Changes 309 Returning to Factory Def aults 310 Using TF TP to Uploa d the Configuration 310 Using TF TP to Down load the Configuratio n 31 1 Downloading a Compl[...]

  • Page 14

    xiv Summit 200 Series Switch Installation and User Guid e Contents[...]

  • Page 15

    Summit 200 Series Switch Inst allation and User Gu ide xiii Pref ace This pref ace provide s an overview of this guide, describe s guide conventions, and lists other publications that may be usefu l. Introduction This guide pr ovides the requir ed informati on to in stall the Summit 200 series switch a nd configure the ExtremeW are ™ s o f t w a [...]

  • Page 16

    xiv Summit 200 Series Switch Installation and User Guid e Con v entions T a b l e 1 a n d T a b l e 2 l i s t c o n v e n t i o n s t h a t a r e u s e d t h r o u g h o u t t h i s g u i d e . Related Pub lications The publications related to this one are: • ExtremeW ar e Release Notes • Summit 200 Series Switch Release Notes Documentation for[...]

  • Page 17

    Summit 200 Series Switch Inst allation and User Gu ide 15 1 Summit 200 Ser ies Switch Ov er vie w This chapter describes the features and functi onality of the Summit 200 series switches: • Summit 200 Series Switches on page 15 • Summary of Features on page 15 • Summit 200-24 Switch Physical Fe atures on page 16 • Summit 200-48 Switch Physi[...]

  • Page 18

    16 Summit 200 Series Switch Installation and User Guid e Summit 2 00 Series S witch Overview • Access-policy support for routing pr otocols • Access list support for packet filtering • Access list support for rate-limi ting • IGMP snooping to contr ol IP multicast traf fic • Load sharing on mult iple ports • RADIUS client and per-comma [...]

  • Page 19

    Summit 200-24 Switch Ph ysical Fe atures Summit 200 Series Switch Inst allation and User Gu ide 17 NO TE See “Summit 200-24 Switch LEDs” on page 18 f or more details . Console P or t Use the console port (9-pin, “D” type connector) for connecting a terminal and carrying out local management. P or t Connections The Summit 200-24 switch has 2[...]

  • Page 20

    18 Summit 200 Series Switch Installation and User Guid e Summit 2 00 Series S witch Overview NO TE T o suppor t automatic f ailov er betw een the fibe r and copper por ts, you must use an Extr eme mini-GBIC connector . Full-Duple x The Summit 200-24 switch provides fu ll-duplex support for all ports. Fu ll-duplex allows fra mes to be transmitted an[...]

  • Page 21

    Summit 200-48 Switch Ph ysical Fe atures Summit 200 Series Switch Inst allation and User Gu ide 19 Summit 200-24 Switch Rear Vie w Figure 2 shows the rear view of the Summit 2 00-24 switch. Figure 2: Summit 200-24 s witch rear view P ower Socket The Summit 200-24 switch automat ically adjusts to the supply voltage. Th e power supply operates down t[...]

  • Page 22

    20 Summit 200 Series Switch Installation and User Guid e Summit 2 00 Series S witch Overview Figure 3: Summit 200-48 s witch front vie w NO TE See T able 5 f or inf ormation about suppor ted mini- GBIC types and dist ances. NO TE See “Summit 200- 48 Switch LEDs” on page 22 f or more details. Console P or t Use the console port (9-pin, “D” t[...]

  • Page 23

    Summit 200-48 Switch Ph ysical Fe atures Summit 200 Series Switch Inst allation and User Gu ide 21 NO TE When configuring the Summit 2 00-48 s witch, all p or ts specified as mirr ored por ts and mir roring por t, or A CL ingre ss por ts and egr ess por t, must b elong to the same por t group . P or t g roup 1 consists of por ts 1 through 24 and po[...]

  • Page 24

    22 Summit 200 Series Switch Installation and User Guid e Summit 2 00 Series S witch Overview Summit 200-48 Switch L EDs T able 4 describes the LED behavior on the Summit 200-48 switch. Summit 200-48 Switch Rear Vie w Figure 4 shows the rear view of the Summit 2 00-48 switch. Figure 4: Summit 200-48 s witch rear view P ower Socket The Summit 200-48 [...]

  • Page 25

    Mini-GBIC T ype and Hardware/ Software S upport Summit 200 Series Switch Inst allation and User Gu ide 23 Serial Number Use this serial number for fault-r eporting purposes. MA C Address This label shows th e unique Ethernet MAC address assigned to this device. NO TE The Summit 200-48 s witch cer tification and saf ety label is located on the botto[...]

  • Page 26

    24 Summit 200 Series Switch Installation and User Guid e Summit 2 00 Series S witch Overview SX Mini-GBIC Specifications T able 6 d escribes the specifications for the SX mini-GBIC. T otal optical system b udget for the SX mini-GBIC is 1 1.5 dB. Extr eme Networks recommends that 3 dB of the total budget be re served for losses induced by cable spli[...]

  • Page 27

    Mini-GBIC T ype and Hardware/ Software S upport Summit 200 Series Switch Inst allation and User Gu ide 25 ZX Mini-GBIC Specifications T able 8 de scribes the specifications for the ZX mini-GBIC. Long Range GBIC System Bud gets Measure cable plant losses with a 1550 nm light sour c e a n d v e r i f y t h i s t o b e w i t h i n b u d g e t . W h e [...]

  • Page 28

    26 Summit 200 Series Switch Installation and User Guid e Summit 2 00 Series S witch Overview T able 9 lists the minimum attenuation requir ements to pr event saturati on of the r eceiver for e ach type of long range GBIC. Ta b l e 9 : Minimum attenuation r equirements Receivers GBIC Type LX70 LX100 ZX (prior to Rev 03) ZX Rev 03 ZX mini T ransceive[...]

  • Page 29

    Summit 200 Series Switch Inst allation and User Gu ide 27 2 Switch Installation This chapter describes the foll owing topics: • Determining the Switch Locat ion on page 27 • Following Safety Information on page 28 • Installing the Switch on p age 28 • Creat ing a Stack on page 31 • Installing or Replacing a Mini-Gigabit In terface Connect[...]

  • Page 30

    28 Summit 200 Series Switch Installation and User Guid e Switch Installa tion F ollowing Saf ety Inf or mation Before installing or removing any componen ts of the switch, or befor e carrying out any maintenance procedur es, read the safety information provided in w of this gu ide. Installing the Switch The Summit 200 series switch switch can be mo[...]

  • Page 31

    Installing or Replacing a Mini-Gigabit Interf ace Connector (Mini-GBIC) Summit 200 Series Switch Inst allation and User Gu ide 29 Free-Standing T h e S u m m i t 2 0 0 s e r i e s s w i t c h i s s u p p l i e d w i t h f o u r self-adhesive r ubber pads. Apply the pads to the underside of the device by s ticking a pad in th e marked ar ea at each [...]

  • Page 32

    30 Summit 200 Series Switch Installation and User Guid e Switch Installa tion • M a k e s u r e t h e b e n d r a d i u s o f t h e f i b e r i s n o t l e s s t h a n 2 i n c h e s . In addition to the pr eviously descri bed tasks, Extr eme Networks recommends the following when installing or replacing mini-GBICs on an activ e network: • Use t[...]

  • Page 33

    Creating a Stac k Summit 200 Series Switch Inst allation and User Gu ide 31 Removin g a Mini-GBIC T o remove a mini-GBIC similar to the one lab eled “Module A” in Figure 7, gentl y pr ess and hold the black plastic tab at the bottom of the connector to release the mini-GBIC, and pull the mini-GBIC out of the SFP receptacle on the switch. T o re[...]

  • Page 34

    32 Summit 200 Series Switch Installation and User Guid e Switch Installa tion Figure 8: Stac king Summit 200-48 Connecting Equipment to the Console P or t Connection to the console port is used for direct lo cal management. The switch console port settings ar e set as follow s: • Baud rate —9600 •D a t a b i t s —8 •S t o p b i t —1 •[...]

  • Page 35

    Connecting Equipment t o the Console P or t Summit 200 Series Switch Inst allation and User Gu ide 33 Appropr iate cables are ava ilable fr om your local supplier . T o make your own cables, pinouts for a DB-9 male console connector are described in T able 10. Figure 9 shows the pin-outs for a 9-pi n to RS-232 25-pin null-modem cable. Figure 9: Nul[...]

  • Page 36

    34 Summit 200 Series Switch Installation and User Guid e Switch Installa tion P ow ering On the Switch T o turn on power to the switch, connect the AC power cable t o the switch and then to the wall outlet. T urn the on/off switch to the on position. Chec king the Installation After turning on power to the Summit 2 00 series switch, the device perf[...]

  • Page 37

    Logging In f or the First Time Summit 200 Series Switch Inst allation and User Gu ide 35 save NO TE F or more inf or mation on sa ving configur ation changes , see the ExtremeW are Softwa re User Guide . 7 When you are finis hed using the facili ty , logout of the switch by typing logout NO TE After two incorrect login attempts , th e Summit 200 se[...]

  • Page 38

    36 Summit 200 Series Switch Installation and User Guid e Switch Installa tion[...]

  • Page 39

    Summit 200 Series Switch Inst allation and User Gu ide 37 3 ExtremeW are Ov er vie w This chapter describes the foll owing topics: • Summary of Features on page 37 • Software Licens ing on page 40 • Security Licensing for Features Under License Contr ol on page 41 • Software Factory Defaults on page 42 ExtremeW are is the full-featured sof [...]

  • Page 40

    38 Summit 200 Series Switch Installation and User Guid e ExtremeW are Ov erview • RADIUS client and per-comma nd authentication support • T ACACS+ support • Network login • Console command-line interface (CLI) connection • T elnet CLI connection • SSH2 connection • Simple Network Management Pr otocol (SNMP) support • Remote Monitori[...]

  • Page 41

    Summary of Features Summit 200 Series Switch Inst allation and User Gu ide 39 Quality of Service ExtremeW are has Quality of Service (QoS) featur es that support IEEE 802.1p, MAC QoS, and four queues. These featur es enable you to specify service levels for differ ent traffi c gr oups. By default, all traffic is assigned the “normal” QoS policy[...]

  • Page 42

    40 Summit 200 Series Switch Installation and User Guid e ExtremeW are Ov erview If Extreme switches r unning ESRP are connecte d to layer 2 switches that are not manufactured by Extreme Networks (or Extr eme switches that ar e not running ExtremeW are 4.0 or above), the fail-over times seen for traf fic local to the segment may appear longer , depe[...]

  • Page 43

    Security Licensing f or F eatures Under License Control Summit 200 Series Switch Inst allation and User Gu ide 41 Enabling the Ad v anced Edge Functionality T o enable the Advanced Edge software featur e license, use the following command: enable license advanced-edge <licens e_key> where license_key is an integer . NO TE The command unconfig[...]

  • Page 44

    42 Summit 200 Series Switch Installation and User Guid e ExtremeW are Ov erview http://esupport.extremenetworks.com Fill out a contact form to indicate compliance or no ncompliance with the export r estrictions. If you ar e in compliance, you will be given information that will allow you to enable security features. Softw are F actor y Def aults T [...]

  • Page 45

    Software F actory Defaults Summit 200 Series Switch Inst allation and User Gu ide 43 NO TE F or def ault settings of individual Extre meW are feat u res, see the applicab le individual chapt ers in this guide.[...]

  • Page 46

    44 Summit 200 Series Switch Installation and User Guid e ExtremeW are Ov erview[...]

  • Page 47

    Summit 200 Series Switch Inst allation and User Gu ide 45 4 Accessing the Switch This chapter describes the foll owing topics: • Understanding the Command Syntax on page 45 • Line-Editing Ke ys on page 47 • Command History on page 48 • Common Commands on page 48 • Configuring Management Access on page 50 • Domain Name Service Client Ser[...]

  • Page 48

    46 Summit 200 Series Switch Installation and User Guid e Accessing the Switch Syntax Helper The CLI has a built-in syntax helper . If you are unsu r e o f t h e c om p l et e s y n ta x f o r a p ar t i cu l a r co m m a nd , enter as much of the com mand as possible and pr es s [Return]. The syntax helper provides a list of options for the r emain[...]

  • Page 49

    Line-Editing K eys Summit 200 Series Switch Inst allation and User Gu ide 47 Names All named components of the switch configuration must have a unique name. Names must begin with an alphabetical character and are delimited by whitespace, unless enclosed in quotation marks. Symbols Y ou may see a variety of symbols sh own as part of the command synt[...]

  • Page 50

    48 Summit 200 Series Switch Installation and User Guid e Accessing the Switch Command Histor y ExtremeW are “r emembers” the last 49 commands you enter ed. Y ou can display a list of these commands by using the following command: history Common Commands T able 14 describes common commands used to manage the switch. Commands specific to a partic[...]

  • Page 51

    Common Commands Summit 200 Series Switch Inst allation and User Gu ide 49 config sys-recovery-level [none | critical | all] Configures a reco very option for instances where an exception occurs in ExtremeWa re. Specify one of the following: • none —Recovery without system reboot. • critical —ExtremeWare logs an error to the syslog, and rebo[...]

  • Page 52

    50 Summit 200 Series Switch Installation and User Guid e Accessing the Switch Configur ing Management Access ExtremeW are supports the following two levels of management: • User • Administrator In addition to the management l evels, you can option ally use an external RADIUS server to pr ovide CLI command authorization checking for each command[...]

  • Page 53

    Configuring Management Access Summit 200 Series Switch Inst allation and User Gu ide 51 • User account database. • SNMP community strings. A user-level account can use the ping c o m m a n d t o t e s t d e v i c e r e a c h a bility , and change the passwor d a s s i g n e d t o t h e a c c o u n t n a m e . I f y o u h a v e l o g g e d on wi[...]

  • Page 54

    52 Summit 200 Series Switch Installation and User Guid e Accessing the Switch NO TE User names and pass words are case-sensitiv e. T o add a password to the default admin account, fol low these steps: 1 Log in to the switch using the name admin . 2 At the password pr ompt, pr ess [Return]. 3 Add a default admin password by ente ring the following c[...]

  • Page 55

    Domain Name Service Client Ser vices Summit 200 Series Switch Inst allation and User Gu ide 53 Viewing Acco unts T o view the accounts that have been created, you must have administrator privileges. Use the followi ng command to see the accounts: show accounts Deleting an Account T o delete a account, you must have admini strator privileg es. T o d[...]

  • Page 56

    54 Summit 200 Series Switch Installation and User Guid e Accessing the Switch Chec king Basic Connectivity The switch offer s the following commands for checking basic connectivity: • ping • traceroute Ping The ping command enables you to send Internet Contro l Messag e Protocol (ICMP ) echo messages to a rem ot e I P de vi ce . Th e ping comma[...]

  • Page 57

    Checkin g Basic Connectivity Summit 200 Series Switch Inst allation and User Gu ide 55 from Uses the specified source address in the ICMP p acket. If not specified, the address of the transmitti ng interface is used. ttl Configures the switch to trace up to the time-to-live number of the switch. port Uses the specified UDP port number.[...]

  • Page 58

    56 Summit 200 Series Switch Installation and User Guid e Accessing the Switch[...]

  • Page 59

    Summit 200 Series Switch Inst allation and User Gu ide 57 5 Managing the Switch This chapter describes the foll owing topics: • Overview on page 57 • Using the Console Interface on page 58 • Using T elnet on page 58 • Using Secur e Shell 2 (SS H2) on page 61 • Using SNMP on page 62 • Authenticating Users on page 64 • Network Login on [...]

  • Page 60

    58 Summit 200 Series Switch Installation and User Guid e Managing the Switch Using the Console Interf ace The CLI built into the switch is accessibl e by way of the 9-pin, RS-232 por t labeled console , located on the front of the Summit 200 series switch. Once the connection is established , you will see the switch pr ompt and you can log in. Usin[...]

  • Page 61

    Using T elnet Summit 200 Series Switch Inst allation and User Gu ide 59 Y ou can enable BOOTP on a per-VLAN basis by using the following command: enable bootp vlan [<name> | all] By default, BOOTP is enabled on the defau lt VLAN . If you configure the switch to use BOOTP , the switch IP addr ess is not r etained thr ough a power cycle, even i[...]

  • Page 62

    60 Summit 200 Series Switch Installation and User Guid e Managing the Switch 4 At the password pr ompt, enter th e passwor d and pr ess [Return]. When you have successfully log ged in to the switch, the command-line pr ompt displays the name of the switch in its pr ompt. 5 Assign an IP addr ess and subnetwork mask for the def ault VLAN by using the[...]

  • Page 63

    Using Secure Shell 2 (SSH2) Summit 200 Series Switch Inst allation and User Gu ide 61 Contr olling T elnet Access By default, T elnet services are enabled on the switch . T o dis play the status of T elnet, use t he following command: show management Y ou can choose to disable T elnet by using the following command: disable telnet T o re-enable T e[...]

  • Page 64

    62 Summit 200 Series Switch Installation and User Guid e Managing the Switch Y o u c a n s p e c i f y a T C P p o r t n u m b e r t o b e u s e d f o r S S H 2 c o m m u n i c a t i o n . B y d e f a u l t t h e T C P p o r t number is 22. The supported cipher is 3DES-CBC. Th e supported key excha nge is DSA. For additional information on the SSH [...]

  • Page 65

    Using SNMP Summit 200 Series Switch Inst allation and User Gu ide 63 switch for the trap r eceiver to rece ive switch-gen erated traps. SNMP community strings can contain up to 127 characters. • System contact (optional)—The system contact is a text fi eld that enables you to enter the name of the person(s) r esponsible for managing the switch.[...]

  • Page 66

    64 Summit 200 Series Switch Installation and User Guid e Managing the Switch Displa ying SNMP Settings T o disp lay the SNMP settings configu r ed on the switch, u se the following command: show management This command displays the f ollowing information: • Enable/disable state for T elnet , SSH2, and SNMP • SNMP community strings • Authorize[...]

  • Page 67

    Aut henticating Users Summit 200 Series Switch Inst allation and User Gu ide 65 P er -Command A uthentication Using RADI US The RADIUS implementation can be used to pe rform per -command authe ntication. Per -command authentication allows you to define several levels of user ca pabilities by controlling the permitted command sets based on the RADIU[...]

  • Page 68

    66 Summit 200 Series Switch Installation and User Guid e Managing the Switch RADIUS RFC 2138 Attributes The RADIUS RFC 2138 optional attributes supported are as follows: • User-Name • User-Passwor d • Service-T ype • Login-IP-Host config radius-accounting [primary | seco ndary] server [<ipaddress> | <hostname> ] {<udp_port>[...]

  • Page 69

    Aut henticating Users Summit 200 Series Switch Inst allation and User Gu ide 67 RADIUS Server Configuration Example (Merit) Many implementations of RADIUS serv er use the publicly available Merit © AAA server appli cation, available on the W orld W ide W eb at: http://w ww .mer it.edu/aaa I n c l u d e d b e l o w a r e e x c e r p t s f r o m r e[...]

  • Page 70

    68 Summit 200 Series Switch Installation and User Guid e Managing the Switch Wi t h i n t h e users configuration file, additional keywor ds are available for Profile-Name and Extreme-CLI-Authorization . T o use per-command authe ntication, enabl e the CLI authorization function and indicate a profile name for that user . If authorization is enable[...]

  • Page 71

    Aut henticating Users Summit 200 Series Switch Inst allation and User Gu ide 69 C o n t e n t s o f t h e f i l e “ p r o f i l e s ” : PROFILE1 deny { enable *, disable ipforwarding show switch } PROFILE2 { enable *, clear counters show management } PROFILE3 deny { create vlan *, configure iproute *, disable *, show fdb delete *, configure rip[...]

  • Page 72

    70 Summit 200 Series Switch Installation and User Guid e Managing the Switch Ta b l e 2 0 : T ACA CS+ Commands Command Description config tacacs [primary | se condary] server [<ipaddress> | <hostn ame>] {<udp_port>} client-ip <ipaddress> Configure the server information for a TACACS+ server. Specify the following: • primar[...]

  • Page 73

    Network Login Summit 200 Series Switch Inst allation and User Gu ide 71 Network Login Network login is a featur e designed to contr ol the admi ssion of user packets into a network by giving addresse s only to users that are pr operly authenticate d. Network login is controlled by an administrator on a per port, per VLAN basis. When network login i[...]

  • Page 74

    72 Summit 200 Series Switch Installation and User Guid e Managing the Switch i t h a s t o g o t o s o m e o t h e r D H C P s e r v e r i n t h e n e t w o r k t o o b t a i n a p e r m a n e n t a d d r e s s , a s i s n o r m a l l y done. DHCP is not requir ed for 802.1x, be cause 802.1x use only La yer 2 frames (EAPOL). UR L re dire cti on (ap[...]

  • Page 75

    Network Login Summit 200 Series Switch Inst allation and User Gu ide 73 • Supplicants cannot be re-authe nticated transpar ently . Can not be re-authenticated fr om the authenticator side. • Does not support more secur e methods of authentication A uthentication Methods The authentication methods supported are a ma tter between the supplicant ([...]

  • Page 76

    74 Summit 200 Series Switch Installation and User Guid e Managing the Switch Inter operability Requirements For network login to operate, the user (supplicant) sof tware and the authentication ser ver must support common authentication methods. Not all combinatio ns will provide the a ppr opriate functionality . Supplicant Side O n t h e c l i e n [...]

  • Page 77

    Network Login Summit 200 Series Switch Inst allation and User Gu ide 75 Again, any client with a web browser can in teroperate using web-based authentication. A uthentication Server Side The RADIUS server used for auth entication has to be EA P-capabl e. Consider the follow ing when choosing a RADIUS server: • The types of authentication methods [...]

  • Page 78

    76 Summit 200 Series Switch Installation and User Guid e Managing the Switch • A network login VLAN port shoul d be an untagge d Ethernet port and should not be a part of following protocols: — ESRP — STP • Rate-limiting is not supp orted on network login ports (both web-based and 802.1x). • AP-NAK cannot be used to negoti ate 802.1x auth[...]

  • Page 79

    Network Login Summit 200 Series Switch Inst allation and User Gu ide 77 configure vlan "corp" add port 10 un tagged configure vlan "corp" add port 11 un tagged configure vlan "corp" add port 12 un tagged configure vlan "corp" add port 13 un tagged configure vlan "corp" add port 14 un tagged # Networ[...]

  • Page 80

    78 Summit 200 Series Switch Installation and User Guid e Managing the Switch using a number for the adapter foll owing the ipconfig command. Y ou can find the adap ter number using the command ipconfig/all . At this point, the client will have its temporary IP address . In this example, the client shoul d have obtained the an IP address in the rang[...]

  • Page 81

    Network Login Summit 200 Series Switch Inst allation and User Gu ide 79 NO TE Because network login is sen sitiv e to sta te changes during the aut hentication p rocess , Extreme Networks recommends that y ou do not log out until the login p rocess is complete . The login process is complete when y ou receiv e a per manent address . DHCP Server on [...]

  • Page 82

    80 Summit 200 Series Switch Installation and User Guid e Managing the Switch Where <url> is the DNS name of the switch. For example, co nfigure netlogin base-url network-access.ne t makes the switch send DNS responses back t o the netlogin clients when a DNS query is made for network-access.net . T o config ur e the network login redirect pag[...]

  • Page 83

    Using EAPOL Floodin g Summit 200 Series Switch Inst allation and User Gu ide 81 Displa ying Netw ork Login Settings T o dis play the network login settings, use the foll owing command: show netlogin info {ports <portlist> vlan <name>} Example # show netlogin info ports 9 vlan tem porary Port 9: VLAN: temporary Port State: Not Authentica[...]

  • Page 84

    82 Summit 200 Series Switch Installation and User Guid e Managing the Switch authenticating server . The encapsulating mechanis m used for communication between the supplicant and the authenticator is referr ed to as EAP Over LANs , or EAPOL. By default (per IEEE 802.1D), Summit 200 series switches do not forwar d EAPOL frames. Also, if network log[...]

  • Page 85

    Using th e Simple Networ k Time Protocol Summit 200 Series Switch Inst allation and User Gu ide 83 for switches using SNTP to query the SNTP server (s) dir ectly . A combination of both methods i s possible. Y ou must identify the method that should be used for the switch being configur ed. 2 Configure the Gr eenwich Mean T ime (GMT) offset and Day[...]

  • Page 86

    84 Summit 200 Series Switch Installation and User Guid e Managing the Switch -2:00 -120 AT—Azores -3:00 -180 Brasilia, Brazil; Buenos Aires, Argentina; Georgetown, Guyana; -4:00 -240 AST—Atlantic Standard Caracas; La Paz -5:00 -300 EST—Eastern Standard Bogota, Columbia; Lima, Peru; New York, NY, Trevor City, MI USA -6:00 -360 CST—Central St[...]

  • Page 87

    Using th e Simple Networ k Time Protocol Summit 200 Series Switch Inst allation and User Gu ide 85 SNTP Configuration Commands T able 26 describes SNTP configuration commands. SNTP Example In this example, the switch queries a specific SNTP server and a backup SNTP server . The switch is located in Cupertino, CA, and an update occurs every 20 minut[...]

  • Page 88

    86 Summit 200 Series Switch Installation and User Guid e Managing the Switch[...]

  • Page 89

    Summit 200 Series Switch Inst allation and User Gu ide 87 6 Configur ing P or ts on a Switch This chapter describes the foll owing topics: • Enabling and Disabling Switch Ports on page 87 • Load Sharing on the Switch on p age 91 • Switch Port-Mirr oring on page 94 • Setting Up a Redundant Gigabit Uplink Port on page 9 5 • Extreme Discover[...]

  • Page 90

    88 Summit 200 Series Switch Installation and User Guid e Configuring P orts on a Switch disable ports 7:* For information about ports and port addressin g in stacked configurations, se e “Introducing Stacking” on page 237. Configuring Switch P ort Speed and Duplex Setting By default, the s witch is configur ed to use au tone gotiation to determ[...]

  • Page 91

    Enabling and Disabling Switch P or ts Summit 200 Series Switch Inst allation and User Gu ide 89 Under certain conditions, you might opt to turn autopolarity of f on one or more 10BASE-T and 100BASE-TX ports. The following example turns autopo larity off for ports 3-5 on a Summit 200 series switch: config ports 3-5 auto-polarity off NO TE If y ou at[...]

  • Page 92

    90 Summit 200 Series Switch Installation and User Guid e Configuring P orts on a Switch config ports <all | portli st> a uto-polarity <off | on> Disables or enables the autopol arity detection feature for one or more Ethernet ports. Sp ecify the following: • all —Specifies that the feature is either disabled or enabled for all of th[...]

  • Page 93

    Load Sharing on the Swit ch Summit 200 Series Switch Inst allation and User Gu ide 91 Load Shar ing on the Switch Load sharing with s witches allows you to increase bandwidth and r esiliency by using a group of ports to carry traffic in parall el between switches. The sharing algori thm allows the switch to use mult iple show ports {<portlist>[...]

  • Page 94

    92 Summit 200 Series Switch Installation and User Guid e Configuring P orts on a Switch ports as a single logical port. For exam ple, VLANs see the load-sharing group as a single logical port. Most load-sharing algorithms guarantee packet sequencing between clients. If a port in a load-sharing gr oup fails, traffic is redistributed to the remaining[...]

  • Page 95

    Load Sharing on the Swit ch Summit 200 Series Switch Inst allation and User Gu ide 93 This feature is available for the addr ess-based load-shar ing algorithm, only . T o verify your configuration, use the following command: show sharing address-based Configuring Switch Load Sharing T o s e t u p a s w i t c h t o l o a d s h a r e a m o n g p o r [...]

  • Page 96

    94 Summit 200 Series Switch Installation and User Guid e Configuring P orts on a Switch enable sharing 9 grouping 9-12 In this example, logical port 9 r epr esents physical ports 9 through 12. When using load sharing, you should always r efere nce the master logical port of the load-sharing gr oup (port 9 in the pr evious example) when configuring [...]

  • Page 97

    Setting Up a Red undant Gigabit Up link P ort Summit 200 Series Switch Inst allation and User Gu ide 95 On a stac k ed configur ation, the monitored port, VLAN, or vir tual por t that is being monitored, must be located on the same Summit 200- 24 or Summit 200- 48 s witch that has t he mirror port. Po r t - M i r r o r i n g C o m m a n d s Switch [...]

  • Page 98

    96 Summit 200 Series Switch Installation and User Guid e Configuring P orts on a Switch • Switch port number . EDP is supported acr oss all switches in a stacked configuration. EDP Commands T able 29 lists EDP commands. Ta b l e 2 9 : EDP Commands Command Description disable edp ports <portlist> Disab les the EDP on one or more ports. enabl[...]

  • Page 99

    Summit 200 Series Switch Inst allation and User Gu ide 97 7 Vir tual LANs (VLANs) This chapter describes the foll owing topics: • Overview of V irtual LANs on page 97 • T ypes of VLANs on page 98 • VLAN Names on page 102 • Configuring VLANs on the S witch on page 103 • Displaying VL AN Settings on page 104 • MAC-Based VLANs on page 105 [...]

  • Page 100

    98 Summit 200 Series Switch Installation and User Guid e Virtual LANs (VLANs) T ypes of VLANs VLANs can be created accor din g to the following criteria: • Physical port • 802.1Q tag • MAC address • A combination of these criteria P or t-Based VLANs In a port-based VLAN, a VLAN name is given to a gr oup of one or more por ts on the switch. [...]

  • Page 101

    T ype s of VLANs Summit 200 Series Switch Inst allation and User Gu ide 99 Figure 12: Single por t-based VLAN spanning two s witches T o c r e a t e m u l t i p l e V L A N s t h a t s p a n t w o s w i t c h e s i n a p o r t - b a s e d V L A N , a p o r t o n s y s t e m 1 m u s t b e c a b l e d t o a p o r t o n s y s t e m 2 f o r e a c h V L[...]

  • Page 102

    100 Summit 200 Series Switch Installat ion and User Guide Virtual LANs (VLANs) VLAN Accounting spa ns system 1 and system 2 by way of a connection between system 1, port 26 and system 2, slot 1, port 6 . VLAN Engineering spans system 1 and system 2 by way of a connection between system 1, port 25, and sy s t e m 2 , s l o t 8 , p o r t 6 . Using th[...]

  • Page 103

    T ype s of VLANs Summit 200 Series Switch Inst allation and User Gu ide 101 Figure 1 4 illustrates the physical vi ew of a ne twork that uses tagged and untagged traffic. Figure 14: Ph ysical diag ram of tag ged and untagged traffic Figure 15 is a logical diagram of the same network. Figure 15: Logical diag ram of tagged and unt agged tr affic In F[...]

  • Page 104

    102 Summit 200 Series Switch Installat ion and User Guide Virtual LANs (VLANs) • T h e s e r v e r c o n n e c t e d t o p o r t 1 6 o n s y s t e m 1 i s a m e m b e r o f b o t h V L A N Marketing and VLAN Sale s . • All other stations use unta gged traffic. As data passes out of the switch, the swi tch determines if the destination port r eq[...]

  • Page 105

    Configuring VLANs on the Switch Summit 200 Series Switch Inst allation and User Gu ide 103 Renaming a VLAN T o rename an existi ng VLAN, use the following command: config vlan <old_name> name <new_nam e> The following rul es apply to renaming VLANs: • Once you change the name of the defaul t VLAN, it cannot be changed back to default [...]

  • Page 106

    104 Summit 200 Series Switch Installat ion and User Guide Virtual LANs (VLANs) VLAN Configuration Examples The following Summit 200 serie s switch example creates a tag-based VL AN named video . It assigns the VLANid 1000. Ports 4 through 8 are added as tagged ports to the VLAN. create vlan video config video tag 1000 config video add port 4-8 tagg[...]

  • Page 107

    MAC-Ba sed VLANs Summit 200 Series Switch Inst allation and User Gu ide 105 MA C-Based VLANs MAC-Based VLANs allow physical por ts to be mapped to a VLAN based on the source MAC ad dres s learned in the FDB. Th is feature al lows you to designate a s et of ports that have their VLAN membership dynamically deter mined by the MAC a ddr ess of the end[...]

  • Page 108

    106 Summit 200 Series Switch Installat ion and User Guide Virtual LANs (VLANs) MA C-Based VLAN Limitations The following list contains the limi tations of MAC-based VLANs: • Ports participating in MAC VLANs must fi rst be removed fr om any static VLANs. • The MAC-to-VLAN mapping can on ly be associated with VLANs that exist on the switch. • A[...]

  • Page 109

    MAC-Ba sed VLANs Summit 200 Series Switch Inst allation and User Gu ide 107 Example I n r e l a t i o n t o M A C - b a s e d V L A N s , t h e d o w n l o a d e d f i l e i s a n A S C I I f i l e t h a t c o n s i s t s o f C L I c o m m a n d s used to confi gure the most recent MAC-to-VLAN database. This featur e is differ ent from the nor mal [...]

  • Page 110

    108 Summit 200 Series Switch Installat ion and User Guide Virtual LANs (VLANs)[...]

  • Page 111

    Summit 200 Series Switch Inst allation and User Gu ide 109 8 F orw arding Database (FDB) This chapter describes the foll owing topics: • Overview of the FDB on page 109 • Configuring FDB Entries on page 1 1 1 • Displaying FDB E ntries on page 1 12 Ov er vie w of the FDB The switch maintains a da tabase of all media access control (MAC) addr e[...]

  • Page 112

    110 Summit 200 Series Switch Installat ion and User Guide F orwarding Datab ase (FDB) interface are stor ed as permanent. The Summit 200 series switches support a maximum of 64 permanent entries. Once create d, permanent entries stay the same as when they wer e cr eated. For example, the permanent entry store is not updated when any of the followin[...]

  • Page 113

    Configuring FDB Entries Summit 200 Series Switch Inst allation and User Gu ide 111 Configur ing FDB Entries T o config ur e entries in the FDB, use the commands listed in T a ble 31. FDB Configuration Examples The following example adds a permanent entry to the FDB: Ta b l e 3 1 : FDB Configuration Commands Command Description clear fdb [{<mac_a[...]

  • Page 114

    112 Summit 200 Series Switch Installat ion and User Guide F orwarding Datab ase (FDB) create fdbentry 00:E0:2B:12:34:56 vl an marketing port 4 The permanent entry has the following characteristics : • MAC address is 00:E0:2B:12:34:56. • VLAN name is marketing . • Port number for this device is 4. This example associates the QoS profile qp2 wi[...]

  • Page 115

    Displayi ng FDB Entries Summit 200 Series Switch Inst allation and User Gu ide 113 T o dis play all the FDB entries on the entire stack, use t he following command: show fdb {<mac_address> | vlan <name > | ports <portlist> | permanent} where: If you enter the show fdb command with no options specif ied, the command displays all FD[...]

  • Page 116

    114 Summit 200 Series Switch Installat ion and User Guide F orwarding Datab ase (FDB)[...]

  • Page 117

    Summit 200 Series Switch Inst allation and User Gu ide 115 9 Access P olicies This chapter describes the foll owing topics: • Overview of Access Polici es on page 1 15 • Using Access Control Lists on page 1 16 • Using Routing Access Po licies on page 128 • Making Changes to a Routing Access Policy on page 132 • Removing a Routing Acces s [...]

  • Page 118

    116 Summit 200 Series Switch Installat ion and User Guide Access P olicies Routing Access P olicies Routing access policies are used to contr ol the advert is ement or r ecognition of r outing pr otocols, such as RIP or OSPF . Routing access policies can be used to ‘hide’ entire networks, or to trust only specific source s for r outes or ranges[...]

  • Page 119

    Using Access Control Lists Summit 200 Series Switch Inst allation and User Gu ide 117 For packets that match a particular access cont rol l ist, you can specify the foll owing actions: •D r o p —Dr op the packets. Matching packets are not forwar ded. • Permit-established —Drop the pack et if it would initiate a new TCP sessi on (see, “The[...]

  • Page 120

    118 Summit 200 Series Switch Installat ion and User Guide Access P olicies How Access Contr ol Lists W ork When a packet arrives on an ingre ss port, the fields of the packet corr esponding to an access mask ar e compared with the values specified by the as sociated access lists to determine a match. I t i s p o s s i b l e t h a t a p a c k e t w [...]

  • Page 121

    Using Access Control Lists Summit 200 Series Switch Inst allation and User Gu ide 119 NO TE F or an e xample of using the permit-established k eyword, ref er to “Using the P er mit-Estab lished K eyword” on page 124. The permit-established key word denie s the access contr ol list. Having a permit- established access control list blocks all tra[...]

  • Page 122

    120 Summit 200 Series Switch Installat ion and User Guide Access P olicies Deleting Access Mask, Access List, and Rate Limit Entries Entries can be deleted fr om access masks, ac cess lists, and rate limits. An access mas k entry cannot be deleted until all the access lists and rate limits that r efer ence it ar e also deleted. T o d e l e t e a n [...]

  • Page 123

    Using Access Control Lists Summit 200 Series Switch Inst allation and User Gu ide 121 Ta b l e 3 2 : Access Control List Configurat ion Commands Command Description create access-list <name> access-mask <access-mask name> {dest-mac <dest_mac>} {source-mac <src_mac>} {vlan <nam e>} {ethertype [IP | ARP | <hex_value&g[...]

  • Page 124

    122 Summit 200 Series Switch Installat ion and User Guide Access P olicies create access-mask <access-mask name> {dest-mac} {source-mac} {vlan} {ethertype} {tos | code-point} {ipprotocol} {dest-ip /<mask length>} {dest-L4port} {source-ip /<mask length>} {source-L4port | {icmp-type} {icmp-code}} {permit-established} {egressport} {p[...]

  • Page 125

    Using Access Control Lists Summit 200 Series Switch Inst allation and User Gu ide 123 create rate-limit <rule_name> access-mask <access-mask name> {dest-mac <dest_mac>} {source-mac <src_mac>} {vlan <nam e>} {ethertype [IP | ARP | <hex_value>]} {tos <ip_pr ecedence> | code-point <code _point>} {ipproto[...]

  • Page 126

    124 Summit 200 Series Switch Installat ion and User Guide Access P olicies Access Contr ol List Examples This section pres ents thr ee access contr ol list examples: • Using the permit-establish keywor d • Filtering ICMP packets • Using a rate limit Using the P ermit-Established K e yw ord T h i s e x a m p l e u s e s a n a c c e s s l i s t[...]

  • Page 127

    Using Access Control Lists Summit 200 Series Switch Inst allation and User Gu ide 125 Step 1—Den y IP T raffic. First, cr eate an acces s-mask that examines the IP pr otocol field for each packet. Then cr eate two a c ce s s -l is t s , o ne t h at bl o c k s a l l T CP , on e t h a t b lo c k s U DP . A lt h o ug h I C M P i s u s e d in c o n j[...]

  • Page 128

    126 Summit 200 Series Switch Installat ion and User Guide Access P olicies Figure 18: Access list allows TCP traffic Step 3 - P ermit-Established Access Li st. When a TCP session begi ns, there is a thr ee-way handshake that inclu des a sequence of a SYN, SYN/ACK, and ACK packets. Figure 19 shows an illustra tion of the handshake that occurs when h[...]

  • Page 129

    Using Access Control Lists Summit 200 Series Switch Inst allation and User Gu ide 127 Figure 20: P er mit-estab lished access list f ilters out SYN pac k et to destina tion Example 2: Filter ICMP P ackets This example creates an access list that filters out ping (ICMP echo) packets. ICMP echo packets ar e defined as type 8 code 0. The commands to c[...]

  • Page 130

    128 Summit 200 Series Switch Installat ion and User Guide Access P olicies Using Routing Access P olicies T o use routing access poli cies, you must perform the following steps: 1 Create an access pr ofile. 2 Configure the access pr ofile to be of type permit , deny , or none . 3 Add entries to the access pr ofile. Entries ar e IP addr esses and su[...]

  • Page 131

    Using Routing Access P olicies Summit 200 Series Switch Inst allation and User Gu ide 129 Specifying Subnet Masks The subnet mask specified in the access pr ofile command is interpreted as a reverse mas k . A reve rse mask indicates the bits that ar e significant in the IP addr ess. In other wor ds, a reverse mask specifies the part of the address [...]

  • Page 132

    130 Summit 200 Series Switch Installat ion and User Guide Access P olicies • Export Filter — U s e a n a c c e s s p r o f i l e t o d e t e r m i n e w h i c h R I P routes ar e advertised into a particular VLAN, using the following command: config rip vlan [<name> | all] export-filter [<access_profile> | none] Examples In the exam[...]

  • Page 133

    Using Routing Access P olicies Summit 200 Series Switch Inst allation and User Gu ide 131 In addition, if the administrator wants to restrict any user belong ing to the VLAN Engsvr s from reaching the VLAN Sal es (IP address 10.2.1.0/24), the additional access policy commands to build the access policy would be: create access-profile nosales ipaddr[...]

  • Page 134

    132 Summit 200 Series Switch Installat ion and User Guide Access P olicies Figure 23: OSPF access policy e xample T o configure the switch labeled Internet, the commands would be as follows: create access-profile okinternet ipa ddress config access-profile okinternet mod e permit config access-profile okinternet add 192.1.1.0/24 config ospf asbr-fi[...]

  • Page 135

    Routing Access P olicy Commands Summit 200 Series Switch Inst allation and User Gu ide 133 Routing Access P olicy Commands T able 33 describes the commands used to configure r outing access policies. Ta b l e 3 3 : Routing Access P olicy Configur ation Commands Command Description config access-profile <access_profile> add {<seq_number>[...]

  • Page 136

    134 Summit 200 Series Switch Installat ion and User Guide Access P olicies config ospf direct-filter [<access_profi le> | none] Configures the router to use the access policy to limit the routes that are advertised into OSPF for the switch as a whole for switches configure d to support direct route re-d istri bution into OSPF. config rip vlan[...]

  • Page 137

    Summit 200 Series Switch Inst allation and User Gu ide 135 10 Netw or k Address T r anslation (NA T) This chapter covers the following topics: • Overview on page 135 • I n t e r n e t I P A d d r e s s i n g o n p a g e 1 3 6 • Configuring VLANs for NA T on page 136 • Configuring NA T on page 138 • Configuring NA T Rules on page 138 • C[...]

  • Page 138

    136 Summit 200 Series Switch Installat ion and User Guide Network Address T ranslation (NA T) Y ou can configure NA T to conserve IP address spac e b y m a p p i n g a l a r g e n u m b e r o f i n s i d e ( p r i v a t e ) address es to a much smaller number of outside (public) addresses. In implementing NA T , you must configur e at le ast two se[...]

  • Page 139

    Configuring VLANs for NA T Summit 200 Series Switch Inst allation and User Gu ide 137 When a VLAN is configured to be outside , it r outes all traf fic destined for inside VLANs. Because the routed traf fic runs thr ough the CP U, it cannot run at line-rate. W h e n a V L A N i s c o n f i g u r e d t o b e none , all NA T functions are disabled an[...]

  • Page 140

    138 Summit 200 Series Switch Installat ion and User Guide Network Address T ranslation (NA T) B e c a u s e o f t h e l a r g e n u m b e r o f s i m u l t a n e o u s r e q u e s t s t h a t c a n b e m a d e f r o m a w e b b r o w s e r , i t i s n o t r e c o m m e n d e d t h a t t h i s m o d e b e u s e d w h e n a l a r g e n u m b e r o f [...]

  • Page 141

    Creating NA T Rules Summit 200 Series Switch Inst allation and User Gu ide 139 Creating NA T Rules This section describes how to configure the variou s types of NA T (static, dynamic, portmap, and auto-constrain). In the examples in this section, advanced port and destinat ion matching options have been removed. For information on how to use so me [...]

  • Page 142

    140 Summit 200 Series Switch Installat ion and User Guide Network Address T ranslation (NA T) Creating A u to-Constrain NA T Rules T o create auto-constrain NA T rule s, use the following command: config nat [add | delete] vlan <outside_vlan> map source [any | <ipaddress> [/<bits> | <netmask>]] to <ip> [/<mask> |[...]

  • Page 143

    Display ing NA T Settings Summit 200 Series Switch Inst allation and User Gu ide 141 Configuring Timeouts When an inside host initiates a session, a session table entry is cr eated. Depending on the type of traffic or the current TCP s tate, the table entries timeout after the configured timeout expires. T able 35 describes the commands used to con[...]

  • Page 144

    142 Summit 200 Series Switch Installat ion and User Guide Network Address T ranslation (NA T) Disab ling NA T T o disable NA T , use the following command: disable nat[...]

  • Page 145

    Summit 200 Series Switch Inst allation and User Gu ide 143 11 Ether net A utomatic Protection Switching This chapter describes the use of the Ethe rnet Automatic Pr otection Switching (EAPS ™ ) pr otocol, and includes information on the followi ng topics: • Overview of the EAPS Pr otocol on page 143 • Summit 200 Series Swi tches in Multi-ring[...]

  • Page 146

    144 Summit 200 Series Switch Installat ion and User Guide Ethernet Automatic Prot ection Switching E A P S p r o t e c t i o n s w i t c h i n g i s s i m i l a r t o w h a t c a n b e a c h i e v e d w i t h t h e S p a n n i n g T r e e P r o t o c o l ( S T P ) , but offe rs the advantage of converging in less than a second when a link in the ri[...]

  • Page 147

    Ov erview of the EAPS Pr otocol Summit 200 Series Switch Inst allation and User Gu ide 145 Optimizing Inter operability Y ou m ay either configur e a Summit 200 series switch as the EAPS master or you may configure another switch fr om Extr eme Networks as the EAPS maste r . If you configur e a switch other than the Summit 200 as the EAPS master , [...]

  • Page 148

    146 Summit 200 Series Switch Installat ion and User Guide Ethernet Automatic Prot ection Switching P olling The master node (including a Su mmit stack operating as the master node) transmits a health-check p a c k e t o n t h e c o n t r o l V L A N a t a u s e r - c o n f i g u r a b l e i n t e r v a l ( s e e F i g u r e 2 6 ) . I f t h e r i n [...]

  • Page 149

    Summit 200 Series Switches in Multi-ring T opologies Summit 200 Series Switch Inst allation and User Gu ide 147 Summit 200 Ser ies Switches in Multi-ring T opologies Figure 28 shows how a data VLAN could span two rings having two inter connecting switches in common. Figure 28: EAPS data VLAN spanning two rings. In this example, there is one EAPS do[...]

  • Page 150

    148 Summit 200 Series Switch Installat ion and User Guide Ethernet Automatic Prot ection Switching ring-connecting nodes. However , having EAPSv2 running on the node that inter connects the rings will prevent pr oblems with super-loops with out requiring STP . This configuration process is described in the EAPS chapter of the Extr emeW are Software[...]

  • Page 151

    Commands f or Configuring and Monitoring EAP S Summit 200 Series Switch Inst allation and User Gu ide 149 Creating and Deleti ng an EAPS Domain Each EAPS domain is identifi ed by a unique domain name. NO TE Only a single EAPS domain per s witch is support ed b y Summit 2 00 series switches . T o create an EAPS domain, use the following command: cre[...]

  • Page 152

    150 Summit 200 Series Switch Installat ion and User Guide Ethernet Automatic Prot ection Switching Use the hellotime keywor d and its assoc iated seconds parameter to specify the amount of time the master node waits between transmissions of health-check packe ts on the contr ol VLAN. seconds must be greater th an 0 when you are configur ing a maste[...]

  • Page 153

    Commands f or Configuring and Monitoring EAP S Summit 200 Series Switch Inst allation and User Gu ide 151 Configuring the EAPS Contr ol VLAN Y ou must configur e one control V L A N f o r e a c h E A P S d o m a i n . T h e c o n t r o l V L A N i s u s e d o n l y t o s e n d and receive E APS messages. NO TE A control VLAN cannot belong to more t[...]

  • Page 154

    152 Summit 200 Series Switch Installat ion and User Guide Ethernet Automatic Prot ection Switching T o configure an EAPS protected VLA N, use the following command: config eaps <name> add protect vlan <name> NO TE As long as the ring is complete , the master node b loc ks the protecte d VLANs on its seconda r y port. The following comma[...]

  • Page 155

    Commands f or Configuring and Monitoring EAP S Summit 200 Series Switch Inst allation and User Gu ide 153 NO TE The output d ispla y ed b y this co mmand depends o n whether the n ode is a tra nsit node or a mast er node. The displa y f or a t ransit n ode contains inf or mation fields t hat are not sho wn f or a master node. Also , some state valu[...]

  • Page 156

    154 Summit 200 Series Switch Installat ion and User Guide Ethernet Automatic Prot ection Switching Ta b l e 3 7 : show eaps Displa y Fields Field Description EAPS Enabled: Current state of EAPS on this switch: • Yes—EAPS is enabled on the switch. • no—EAPS is not enabled. Number of EAPS instances: Number of EAPS domains created. There can o[...]

  • Page 157

    Commands f or Configuring and Monitoring EAP S Summit 200 Series Switch Inst allation and User Gu ide 155 Port status: • Unknown—This EAPS domain is not running, so the port status has not yet been determined. • Up—The port is up and is forwarding data. • Down—The port is down. • Blocked—The port is up, but data is blocked from bein[...]

  • Page 158

    156 Summit 200 Series Switch Installat ion and User Guide Ethernet Automatic Prot ection Switching[...]

  • Page 159

    Summit 200 Series Switch Inst allation and User Gu ide 157 12 Quality of Ser vice (QoS) This chapter covers the following topics: • Overview of Policy-Base d Quality of Service on page 157 • Applications and T ypes of QoS on page 158 • Configuring QoS for a Port or VLAN on page 159 • T raffic Groupings on page 159 — MAC-Based T raf fic Gr[...]

  • Page 160

    158 Summit 200 Series Switch Installat ion and User Guide Quality of Service (QoS) NO TE As with all Extreme s witch products, QoS has n o impact on s witch perf or mance . Using e v en the mo st comple x traff ic groupings has no cost in terms of s witch perf or m ance. Applications and T ypes of QoS Differ ent applications have dif ferent QoS r e[...]

  • Page 161

    Configuring QoS f or a P or t or VLAN Summit 200 Series Switch Inst allation and User Gu ide 159 An exception to this may be cr eated by some Java ™ -based applications. In addition, W eb-based applications are generally tolerant of latency , jitt er , and some packet loss, however small packet-l oss may have a large impact on per ceived performa[...]

  • Page 162

    160 Summit 200 Series Switch Installat ion and User Guide Quality of Service (QoS) T raffic gr oupings are se parated into the following cate gories for discussion: • Access list based information ( IP source/d esti nation, TCP/UDP port information, and VLANid) • Destination MAC (MAC QoS gr oupings) • Explicit packet class of se rvice informa[...]

  • Page 163

    T raffic Groupings Summit 200 Series Switch Inst allation and User Gu ide 161 create fdbentry <mac_address> vlan <name> [blackhole | port <portlist> | dynamic] qosprofile <qosprofile> The MAC address options , defined below , are as follows: • Permanent • Dynamic • Blackhole P ermanent MA C addresses Permanent MAC addr[...]

  • Page 164

    162 Summit 200 Series Switch Installat ion and User Guide Quality of Service (QoS) An advantage of explicit packet marking is that the class of service i n formation can be carried throughout the network infrastructur e, without repeat ing what can be complex traf fic grouping policies at each switch location. Another advantage is that end stations[...]

  • Page 165

    T raffic Groupings Summit 200 Series Switch Inst allation and User Gu ide 163 802.1p Commands T able 42 shows the command used to configu r e 802.1p pr iority . This is explained in more detail in the following parag raphs. Configuring 802.1p Priority When a packet is transmitted by the switch, you can co nfigure the 802.1p priority field that is p[...]

  • Page 166

    164 Summit 200 Series Switch Installat ion and User Guide Quality of Service (QoS) Observing Dif fServ code points as a tr affi c gr ouping mechanism for defining QoS pol icies and overwriting the Dif fserv code point fields ar e supported in the Summit 200 series switch. Figure 30 shows the encapsulation of an IP packet header . Figure 30: IP pac [...]

  • Page 167

    T raffic Groupings Summit 200 Series Switch Inst allation and User Gu ide 165 NO TE DiffServ examination r equires one access m ask while it is enab led. See “Maximum Entries” on page 119 for m ore inf o rmation. Changing DiffServ Code point assignmen ts in the QoS Pr ofile The DiffSe rv code point has 64 possible values (2 6 = 64). By default,[...]

  • Page 168

    166 Summit 200 Series Switch Installat ion and User Guide Quality of Service (QoS) In the following example, all the traffic from networ k 10.1.2.x is assigned the Dif fServe code point 23 and the 802.1p value of 2: create access-mask SriIpMask source- ip/24 create access-list TenOneTwo access- mask SrcIpMask source-ip 10.1.2. 0/24 permit qp3 set c[...]

  • Page 169

    V erifying Configuration and P erformance Summit 200 Series Switch Inst allation and User Gu ide 167 V erifying Configuration and P erf or mance Once you have created QoS policies that manage the traf fic thr ough the switch, you can use the QoS monitor to determine w hether the applicat ion performance meets your expectations. QoS Monitor The QoS [...]

  • Page 170

    168 Summit 200 Series Switch Installat ion and User Guide Quality of Service (QoS) • Priority • A list of all traf fic gr oups to which the QoS pr ofile is applied Additionally , QoS information can be disp layed from the traf fic gr ouping perspective by using one or more of the fo llowing commands: • show fdb permanent —Displays destinati[...]

  • Page 171

    Dynamic Link Context System Summit 200 Series Switch Inst allation and User Gu ide 169 DLCS Guidelines Follow these guidelines when using DLCS: • Only one user is allowed on on e workstati on at a given time. • A user can be logged into m any workstations simultaneously . • An IP-address can be learned on on ly one port in the network at a gi[...]

  • Page 172

    170 Summit 200 Series Switch Installat ion and User Guide Quality of Service (QoS)[...]

  • Page 173

    Summit 200 Series Switch Inst allation and User Gu ide 171 13 Status Monitor ing and Statistics This chapter describes the foll owing topics: • Status Monitoring on p age 171 • Port Statistics on p age 173 • Port Errors on page 173 • Port Monitoring Display Keys on pa ge 174 • Setting the System Recovery Level on page 175 • Logging on p[...]

  • Page 174

    172 Summit 200 Series Switch Installat ion and User Guide Status Monitoring and Statistics T able 46 describes commands that are used to monitor the status of the switch. Ta b l e 4 6 : Status Monitoring Commands Command Description show diag Displays softw are diagnostics. show log {<priority> } Displays the current snapshot of the log. Spe [...]

  • Page 175

    Po r t S ta t is t i cs Summit 200 Series Switch Inst allation and User Gu ide 173 Po r t S t a t i s t i c s ExtremeW are provides a facility for viewing port statistic information. The summary information lists values for the current counter against each port on each operational module in the system, and it is refr eshed approximately every 2 sec[...]

  • Page 176

    174 Summit 200 Series Switch Installat ion and User Guide Status Monitoring and Statistics • T ransmit Collisions (TX Coll)— The total number of collisions see n by the port, r egar dless of whether a device connected to the port participated in any of the collisions. • T ransmit Lat e Collisions (TX Late Coll)— The total number of collisio[...]

  • Page 177

    Setting the System Recov ery Le vel Summit 200 Series Switch Inst allation and User Gu ide 175 Setting the System Recov er y Le v el Y ou can configure the system to automatically reb o o t a f t e r a s o f t w a r e t a s k e x c e p t i o n , u s i n g t h e following command: config sys-recovery-level [none | cr itical | all] where: The default[...]

  • Page 178

    176 Summit 200 Series Switch Installat ion and User Guide Status Monitoring and Statistics By default, log entries that ar e assigned a critical or war ning level r emain in the log after a switch reboot. Issuing a clear log command does not r emove these static entries. T o remove log entries of all levels (including warning or critical) , use the[...]

  • Page 179

    Logging Summit 200 Series Switch Inst allation and User Gu ide 177 that are logged into the switch on any port. T o view the log on a member switch, T elnet thr ough the StkMgmt VL AN. Real-Time Displa y In addition to viewing a snapshot of the log, you can configur e the system to maintain a r unning real -time display of log messages on the conso[...]

  • Page 180

    178 Summit 200 Series Switch Installat ion and User Guide Status Monitoring and Statistics Logging Configuration Changes ExtremeW are allows you to re cord all conf iguration changes and their sources that ar e made using the CLI by way of T elnet or the local console. The changes are logged to the system log. Each log entry includes the user accou[...]

  • Page 181

    RMON Summit 200 Series Switch Inst allation and User Gu ide 179 RMON Using the Remote Monitori ng (RMON) capabilities of the switch allows network a dministrators to improve system ef ficiency and r educe the load on the network. The f ollowing sections explain mor e about the RMON concept and the RMON features supported by the switch. NO TE Y ou c[...]

  • Page 182

    180 Summit 200 Series Switch Installat ion and User Guide Status Monitoring and Statistics •R M O N p r o b e —An intel ligent, remotely controlled device or software ag ent that continually collects statistics about a LAN segment or VLAN. The probe transfers the information to a management workstation on request, or wh en a predefined thr esho[...]

  • Page 183

    RMON Summit 200 Series Switch Inst allation and User Gu ide 181 Effe ctive use of the Events gr oup saves you time. Ra ther than having to watc h real-time graphs for important occurrences, you can depend on the Even t group for notification. Through the SNMP traps, events can trigger other actions, which provides a mechanism for an automated r esp[...]

  • Page 184

    182 Summit 200 Series Switch Installat ion and User Guide Status Monitoring and Statistics[...]

  • Page 185

    Summit 200 Series Switch Inst allation and User Gu ide 183 14 Spanning T ree Protocol (STP) This chapter describes the foll owing topics: • Overview of the Spanning T ree Pr otocol on page 183 • Spanning T ree Domains on page 183 • STP Configurations on page 184 • Configuring STP on the Switch on pag e 186 • Displaying STP Settings on pag[...]

  • Page 186

    184 Summit 200 Series Switch Installat ion and User Guide Spanning T ree Protocol (STP) The key points to remember when configuring VLANs and S TP are: • Each VLAN forms an independent broadcast domain • STP blocks paths to cr eate a loop-free en vironment • When STP blocks a path, no data can be tr ansmitted or received on the blocked port ?[...]

  • Page 187

    STP Configurations Summit 200 Series Switch Inst allation and User Gu ide 185 • Marketing is defined on all switches ( switch A, switch B, switch Y , switch Z, and swi tch M). Tw o S T P D s a r e d e f i n e d : • STPD1 contains VLANs Sales and Personnel. • STPD2 contains VLANs Manufacturing and Engineering. The VLAN Marketing is a member of[...]

  • Page 188

    186 Summit 200 Series Switch Installat ion and User Guide Spanning T ree Protocol (STP) Figure 32: T ag-based STP configur ation The tag-based network in Figur e 32 has the following configuration: • Switch 1 contains VLAN Marketing and VLAN Sales . • Switch 2 contains VLAN Engineering and VLAN Sales . • Switch 3 contains VLAN Marketing , VLA[...]

  • Page 189

    Configuring STP on the Switch Summit 200 Series Switch Inst allation and User Gu ide 187 3 Enable STP for one or mor e STP domains using the following command: enable stpd {<stpd_name>} NO TE All VLANs belong to a STPD . If you do not w ant to run STP on a VLAN, you must add the VL AN to a STPD that is disab led. Once you have created the STP[...]

  • Page 190

    188 Summit 200 Series Switch Installat ion and User Guide Spanning T ree Protocol (STP) config stpd <stpd_name> ma xage <value> Specifies the maximum age of a BPDU in this STPD. The range is 6 through 40. The default setting is 20 seconds. Note that the time must be greater than, or equal to 2 * (Hello Time + 1) and less than, or eq ual[...]

  • Page 191

    Display ing STP Settings Summit 200 Series Switch Inst allation and User Gu ide 189 STP Configuration Example The following Summit 200 series switch example creates and en ables an STPD named Backbone_st . It assigns the Manufacturing VLAN to the STPD. It disables STP on ports 1 through 7 and port 12. create stpd backbone_st config stpd backbone_st[...]

  • Page 192

    190 Summit 200 Series Switch Installat ion and User Guide Spanning T ree Protocol (STP)[...]

  • Page 193

    Summit 200 Series Switch Inst allation and User Gu ide 191 15 IP Unicast Routing This chapter describes the foll owing topics: • Overview of IP Unicast R outing on page 19 1 • Proxy ARP on page 194 • Relative Route Priorit ies on page 195 • Configuring IP Unicast Routi ng on page 196 • IP Commands on page 197 • Routing Configuration Exa[...]

  • Page 194

    192 Summit 200 Series Switch Installat ion and User Guide IP Unicast Routing Router Interfaces The routing softwar e and hardware r outes IP traf fic between r outer interfaces. A r outer interface is s i m p l y a V L A N t h a t h a s a n I P a d d r e s s a s s i g n e d t o i t . A s y o u c r e a t e V L A N s w i t h I P a d d r e s s e s b e[...]

  • Page 195

    Overview of IP Unicast Routing Summit 200 Series Switch Inst allation and User Gu ide 193 P opulating the Routing T able The switch maintains an IP r outing table for both network routes and host routes . The table is populated fr om the following sour ces: • Dynamically , by way of routing pr otocol packets or by ICMP redire cts exchanged with o[...]

  • Page 196

    194 Summit 200 Series Switch Installat ion and User Guide IP Unicast Routing NO TE If y ou define mult iple def ault rout es, the route that has the lowest metric is used. If multiple de f ault routes ha v e the same lo west met ric, the system pic ks one of the routes. Y ou can also configure blackhole r outes. T raffic to the se destinations is s[...]

  • Page 197

    Relative Route Priorities Summit 200 Series Switch Inst allation and User Gu ide 195 ARP-Incapable De vices T o c o n f i g u r e t h e s w i t c h t o r e s p o n d t o A R P R e q u e s t s o n b e h a l f o f d e v i c e s t h a t a r e i n c a p a b l e o f d o i n g s o , you must configure the IP addr ess and MAC addres s of the ARP- incapabl[...]

  • Page 198

    196 Summit 200 Series Switch Installat ion and User Guide IP Unicast Routing T o cha nge the r elative route priority , use the follow ing command: config iproute priority [rip | bootp | icmp | static | ospf-intra | ospf-inter | ospf-as-external | ospf-extern1 | os pf-extern2] <priority> Configur ing IP Unicast Routing This section describe s[...]

  • Page 199

    IP Commands Summit 200 Series Switch Inst allation and User Gu ide 197 Additional verifi cati on commands include: • show iparp —Displays the IP ARP table of the system. On a stacked set of switches, this co mmand displays the stat istics for the m aster switch an d for the IP ARP table of member switches by redir e cting the console output thr[...]

  • Page 200

    198 Summit 200 Series Switch Installat ion and User Guide IP Unicast Routing T able 56 describes the commands used to configure the IP r oute table. disable bootp vlan [<name > | all] Disables the generation and p rocessing of BOOTP packets. disable bootprelay Disables the f orwarding o f BOOTP requests. disable ipforwarding {vlan < name&g[...]

  • Page 201

    IP Commands Summit 200 Series Switch Inst allation and User Gu ide 199 T able 57 describes the commands used to configure IP options and the ICMP protocol. config iproute add default <gateway> {<metric>} Adds a default gateway to the routing ta ble. A default gateway mu st be located on a configured IP interface. If no metric is specifi[...]

  • Page 202

    200 Summit 200 Series Switch Installat ion and User Guide IP Unicast Routing disable icmp parameter-problem {vla n <name>} Disables the generation of ICMP messages for the parameter problem packet type. disable ip-option loose-source-rou te Disables the l oose source route IP opt ion. disable ip-option record-route Disables the record route I[...]

  • Page 203

    Routing Configuration Exampl e Summit 200 Series Switch Inst allation and User Gu ide 201 Routing Configuration Example Figure 34 illustrates a switch that has two VL ANs defined as follows: • Finance — Contains ports 2 and 4. — IP address 192.207.35.1. • Personnel — Contains ports 3 and 5. — IP address 192.207.36.1. enable icmp useredi[...]

  • Page 204

    202 Summit 200 Series Switch Installat ion and User Guide IP Unicast Routing Figure 34: Unicast ro uting configuration example In this configuration, all IP traffi c from stations con nected to ports 2 and 4 have access to the router by way of the VLAN Finance . Ports 3 and 5 r each the router by way of the VLAN Personnel . The example in Figu r e [...]

  • Page 205

    Resetting and Disabl ing Router Settings Summit 200 Series Switch Inst allation and User Gu ide 203 Resetting and Disab l ing Router Settings T o return router settings to their defaults and di sable r outing functions, use the commands lis ted in Ta b l e 5 9 Ta b l e 5 8 : Router Show Comma nds Command Description show iparp {<ipaddress | vl a[...]

  • Page 206

    204 Summit 200 Series Switch Installat ion and User Guide IP Unicast Routing Configur ing DHCP/BOO TP Rela y Once IP unicast routing is configured, you can configure the switch to forward Dynamic Host Configuration Protocol (DHCP) or BOOTP r equests co ming fr om clients on subnets being serviced by the switch and going to hosts on dif fer ent subn[...]

  • Page 207

    UDP-Forw arding Summit 200 Series Switch Inst allation and User Gu ide 205 UDP-F orwarding UDP-forward ing is a flexible and generalized r outing utility for handling the directed forwar ding of broadca st UDP packets. UDP- forward ing allows appl ications , such as multiple DHCP r elay services f r o m d i f f e r i n g s e t s o f V L A N s , t o[...]

  • Page 208

    206 Summit 200 Series Switch Installat ion and User Guide IP Unicast Routing ICMP P acket Pr ocessing A s I C M P p a c k e t s a r e r o u t e d o r g e n e r a t e d , y o u c a n take various actions t o control d istribution. For ICMP packets typically gene rated or observed as part of the rout ing function, you can assert control on a per-type[...]

  • Page 209

    Summit 200 Series Switch Inst allation and User Gu ide 207 16 Inter ior Gate w a y Routing Protocols This chapter describes the foll owing topics: • Overview on page 207 • Overview of RIP on page 208 • Overview of OSPF on page 210 • Route Re-Distribution on page 215 • Configuring RIP on page 217 • RIP Configuration Example on page 219 ?[...]

  • Page 210

    208 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols OSPF is a link-state protocol, based on the Dijkstra link-state algo rithm. OSPF is a ne wer Interior Gateway Protocol (IGP), and solv e s a n u m b e r o f p r o b l e m s a s s o c i a t e d w i t h u s i n g R I P o n t o d a y ’ s complex networks.[...]

  • Page 211

    Overview of RIP Summit 200 Series Switch Inst allation and User Gu ide 209 Routing T able The routing table in a r outer using RIP contains an entry for every known destination netw ork. Each routing table entry contains the following in formation: • IP address of the destination network • Metric (hop count) to the destination network • IP ad[...]

  • Page 212

    210 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols NO TE If y ou are using RIP with supernetting/Classless In ter-Domain Routing (CIDR), y ou must use RIPv2 only . In ad dition, RIP route ag gregation must be tur ned off. Ov er vie w of OSPF OSPF is a link-state protocol that distributes r out ing inform[...]

  • Page 213

    Overview of OSPF Summit 200 Series Switch Inst allation and User Gu ide 211 Database Overflow The OSPF database overflow featur e allows you to l imit the size of the LSDB and to maintain a consistent LSDB acr oss all the r outers in the domain , which ensures that all r outers have a consistent view of the network. Consistency is achieved by: • [...]

  • Page 214

    212 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols The three types of r outers defined by OSPF ar e as follows: • Internal Router ( IR) —An internal router has a ll of its interfaces w ithin the same area. • Area Bor der Router ( ABR) —An ABR has interfaces in mu ltiple areas. It is responsible f[...]

  • Page 215

    Overview of OSPF Summit 200 Series Switch Inst allation and User Gu ide 213 The translate option determines whether type 7 LSAs ar e translated i nto type 5 LSAs. Whe n configuring an OSPF area as an NSSA, the translate s h o u l d o n l y b e u s e d o n N S S A b o r d e r r o u t e r s , where tr anslation is to be enfor ced. If translate i s n [...]

  • Page 216

    214 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols Figure 36: Vir tual link pro viding redunda ncy P oint-to-P oint Suppor t Y ou can manually configure the OSPF link type for a VLAN. T able 62 describes the link types. NO TE The numbe r of routers in an OSPF p oint-to-point lin k is determined per-VLAN,[...]

  • Page 217

    Route Re-Distribution Summit 200 Series Switch Inst allation and User Gu ide 215 Route Re-Distr ib ution Both RIP and OSPF can be enabled simultaneously on the sw itch. Route re-di stribution allows the switch to exchange routes, including static r outes, between the two r outing protocols. Figur e 37 is an example of route r e-distribution between[...]

  • Page 218

    216 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols Re-Distributing Routes into OSPF Enable or disable the exporting of RIP , st atic, and di r ect (inter face) rout es to OSPF using the following commands: enable ospf export [static | rip | d irect] [cost <metric> [ase-type- 1 | ase-type-2] {tag &l[...]

  • Page 219

    Configuring RIP Summit 200 Series Switch Inst allation and User Gu ide 217 Configur ing RIP T able 63 describes the commands used to configure RIP . Ta b l e 6 3 : RIP Configuration Commands Command Description config rip add vlan [< name> | all] Con figures RIP on an IP interface. When an IP interface is created, per-inte rface RIP configura[...]

  • Page 220

    218 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols enable rip aggregatio n Enables aggrega tion of subnet information on interfaces configured to send RIP v2 or RIP v2-compatible traffic. The switch summarizes subnet routes to the nearest class network route. The following rules apply when using RIP aggr[...]

  • Page 221

    RIP Configuration Exampl e Summit 200 Series Switch Inst allation and User Gu ide 219 RIP Configuration Example Figure 38 illustrates a switch that has two VL ANs defined as follows: • Finance , which contains ports 2 a nd 4 an d has the IP address 192.207.35.1 • Personnel , which contains ports 3 and 5 and has the IP address 192.207.36.1 Figur[...]

  • Page 222

    220 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols Displa ying RIP Settings T o display settings for RIP , use th e commands listed in T able 64. Resetting and Disab ling RIP T o return RIP settings to their defaults, or to disable RIP , use the commands listed in T able 65. Configur ing OSPF E a c h s w[...]

  • Page 223

    Configuring OSPF Summit 200 Series Switch Inst allation and User Gu ide 221 T able 66 describes the commands used to configure OSPF . Ta b l e 6 6 : OSPF Configuration Commands Command Description config ospf add vlan <name> area <a reaid> link-type [auto | broa dcast | point-to-point] {passive} Configures the OSPF link type. Specify o [...]

  • Page 224

    222 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols config ospf [vlan <name> | area <areaid> | virtual-link <routerid> <areaid>] timer <retransmission_interval> <transmission_delay> <hello_interval > <dead_interval> Configures the timers for one inte rface o[...]

  • Page 225

    Configuring OSPF Summit 200 Series Switch Inst allation and User Gu ide 223 config ospf ase-summary delete <ipaddress> <mask> Deletes an aggregated OSPF external route . config ospf delete virtual-li nk <routerid> <areaid> Removes a virtual link. config ospf delete vlan [< name> | all] Disables OSPF on one or all VLANs[...]

  • Page 226

    224 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols config ospf vlan <vlan> timer <rxmtinterval> <transitdelay> <hellointerval> <routerdeadinterval> [<waiti nterval>] Configures the OSPF wait interval. Sp ecify the following: • rxmtinterval —The length of time that [...]

  • Page 227

    Configuring OSPF Summit 200 Series Switch Inst allation and User Gu ide 225 Configuring OSPF W ait Inter v al ExtremeW ar e allows yo u to configure the OS PF wait in terval, ra ther than using the router dead interval. CA UTION Do not configure OSPF ti mers unless y ou are comf or tab le e xceeding OSPF specifications . Non-standard sett ings migh[...]

  • Page 228

    226 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols Displa ying OSPF Settings T o display settings for OSPF , use the commands listed in T able 67. OSPF LSD Displa y ExtremeW are pr ovides several filtering cr iteria for the show ospf l sdb command. Y ou can specify multiple sear ch criteria and o nly re [...]

  • Page 229

    Resetting and Disab ling OSPF Settings Summit 200 Series Switch Inst allation and User Gu ide 227 Resetting and Disab ling OSPF Settings T o return OSPF settings to their defaul ts, use the commands listed in T able 68. Ta b l e 6 8 : OSPF Reset and Disable Commands Command Description delete ospf area [<areaid> | all] Deletes an OSPF a rea. [...]

  • Page 230

    228 Summit 200 Series Switch Installat ion and User Guide Interior Gatew a y Routing Proto cols[...]

  • Page 231

    Summit 200 Series Switch Inst allation and User Gu ide 229 17 IP Multicast Routing and IGMP Snooping This chapter describes the foll owing topics: • IP Multicast Routi ng Overview on page 229 • PIM Sparse Mode (PIM-SM ) Overview on page 230 • Configuring PIM-SM on page 230 • I G M P O v e r v i e w o n p a g e 2 3 3 • Configuring IGMP and[...]

  • Page 232

    230 Summit 200 Series Switch Installat ion and User Guide IP Multicast Routing and IGMP Snooping PIM Sparse Mode (PIM-SM) Ov er vie w Protocol independent Multicast-Spar se Mode (PIM-SM) routes multic ast packets to multicast groups. The sparse mode protocol is designed for installati ons wher e the multicast groups ar e scatter ed over a large ar [...]

  • Page 233

    Configuring PIM-SM Summit 200 Series Switch Inst allation and User Gu ide 231 For example, the following command s tatically configures an RP and its associated groups defined in access profile rp-list : configure pim crp static 10.0.3.1 rp-list T o configure the candidate RP advertising inte rval for PIM-SM timers, enter this co mmand: configure p[...]

  • Page 234

    232 Summit 200 Series Switch Installat ion and User Guide IP Multicast Routing and IGMP Snooping PIM-SM Commands T able 69 summaries the PIM-SM commands available on the Summit 200: Ta b l e 6 9 : PIM-SM Commands Command Description configure pim {add | delete} {vlan} <v lan name> sparse {passive} Configures or unconfigures PIM-SM on an IP in[...]

  • Page 235

    IGMP Ov erview Summit 200 Series Switch Inst allation and User Gu ide 233 IGMP Ov er vie w T o constra in the flooding of multicast traffic, conf igur e Summit 200 series sw itch interfaces to use Internet Group Management Pr otocol (IGMP) snooping so that multicast traffic is forwar ded only to i n t e r f a c e s a s s o c i a t e d w i t h I P m[...]

  • Page 236

    234 Summit 200 Series Switch Installat ion and User Guide IP Multicast Routing and IGMP Snooping flooded to parts of the network that do not need it . The switch does not reduce any IP multicast traffic in the local multicast d omain (224.0.0.x). I f I G M P s n o o p i n g i s d i s a b l e d , a l l IGMP and IP multicast traffic floods within a g[...]

  • Page 237

    Display ing IGMP Snooping Configurat ion Inf ormation Summit 200 Series Switch Inst allation and User Gu ide 235 Displa ying IGMP Snooping Configuration Inf or mation T o dis play IGMP snooping registration information and a summary of all IGMP timers and sta tes, use the following command: show igmp snooping {vlan <name>} {de tail} When you [...]

  • Page 238

    236 Summit 200 Series Switch Installat ion and User Guide IP Multicast Routing and IGMP Snooping unconfig igmp Resets all IGMP settings to their defaul t values and clears the IGMP group ta ble. Ta b l e 7 1 : IGMP Disable and Reset Comm ands (continued ) Command Description[...]

  • Page 239

    Summit 200 Series Switch Inst allation and User Gu ide 237 18 Configur ing Stac k ed Switches This chapter describes the foll owing topics: • Introducing Stacki ng on page 237 • Configuring a Stack on page 238 • Recovering a Stack on page 242 • Changing a Stack Configuration on page 243 • T estin g Images for a Stack on pa ge 245 • Usin[...]

  • Page 240

    238 Summit 200 Series Switch Installat ion and User Guide Configuring Stack ed Switches “ S t a c k D i s c o v e r y ” o n p a g e 2 3 9 f o r m o r e i n f o r m a t i o n o n c o n f i g u r i n g t h e m a s t e r i n t h e m i d d l e o f t h e stack. The stacking ports ar e tagged ports. When the st ack come s up, these ports become membe[...]

  • Page 241

    Configuring a Stac k Summit 200 Series Switch Inst allation and User Gu ide 239 Enabling a Stac k Member After connecting to the switch through either the co nsole port or thr ough a T elnet session, enter the following command on each of the stack members: enable stacking slave ports <portlist> The ports in the portlist must be Gigabit Ether[...]

  • Page 242

    240 Summit 200 Series Switch Installat ion and User Guide Configuring Stack ed Switches Figure 40: Slot Assignm ents with the Master in the Middle of a Chain T o manually assign a slot number to a switch, you can map the MAC address of the switch to a specific slot number in the stack by entering the following command: configure stacking slave slot[...]

  • Page 243

    Configuring a Stac k Summit 200 Series Switch Inst allation and User Gu ide 241 If you enter the traditional command of config vlan v1 add po * on the master you r eceive an error mess age. If stacking is unconfig ur ed, port numbers re sort back to their original format. Stacking increas es the number of ports, so seve ral commands now allow you t[...]

  • Page 244

    242 Summit 200 Series Switch Installat ion and User Guide Configuring Stack ed Switches Reco v er ing a Stac k Whenever the stack is active, the stack master monito rs the stack members for link state changes, such as a link changing from up to down. However , the master monitors the stacking links at all times for changes in stack topology . Ex am[...]

  • Page 245

    Changing a Stac k Configur ation Summit 200 Series Switch Inst allation and User Gu ide 243 command is later issued on the stack master , all memb er switches in the stack mus t also be enabled for stacking. If the unconfigure stacking command is i ssued on the stack mast er when th e stack is di sabled, only the stack master is unconfigured. Use t[...]

  • Page 246

    244 Summit 200 Series Switch Installat ion and User Guide Configuring Stack ed Switches Stac k Configuration Commands T able 72 su mmarizes the commands used to configure a stack. Ta b l e 7 2 : Stack Configura tion Commands Command Description configure slot <n> module <Summit200-24 | Summit200-48> Preconfigures a slot in the stack. Th[...]

  • Page 247

    T esting Images for a Stac k Summit 200 Series Switch Inst allation and User Gu ide 245 Running Features on a Stac k T o find information on how a pa rticular featur e impl ements stacking, see the description of the featur e in this manual. T esting Images f or a Stack Y o u c a n d o w n l o a d a n d t e s t a n i m a g e o n a s i n g l e s l o[...]

  • Page 248

    246 Summit 200 Series Switch Installat ion and User Guide Configuring Stack ed Switches Using the Console f or Managing the Stack The console port on the stack master works the s ame as it does on an non-st acked switch. If the user has administrative privileges then they ma y make configuration chan ges to the master . The console on a member swit[...]

  • Page 249

    Summit 200 Series Switch Inst allation and User Gu ide 247 19 Using ExtremeW are Vista on the Summit 200 This chapter describes the foll owing topics: • ExtremeW ar e V ista O verview on p age 247 • Accessing Extr emeW are V ista on page 248 • Navigating within Extr emeW are V ista on page 250 • Configuring the Summit 200 using ExtremeW ar [...]

  • Page 250

    248 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 • Check for newer versions of stor ed pages. Every visit to the page should be se lected as a cache setting. If you are usi ng Netscape Navigator , configur e th e cache option to check for changes “Every T ime” you request a page. If you are[...]

  • Page 251

    Accessing ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 249 Figure 41: Home P age for Extr emeW are Vista 2 Click Logon to open the Username and Password dialog box shown in Figure 42. Figure 42: Username and P ass word Dialog Bo x[...]

  • Page 252

    250 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 3 T ype your username and passwor d and cli ck OK . The main page for the switch opens as shown in Figure 43. I f y o u e n t e r t h e u s e r n a m e a n d p a s s w o r d o f a n a d m i n i s t r a t o r - l e v e l a c c o u n t , y o u h a v [...]

  • Page 253

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 251 When you choose a submenu link in the task frame, the content frame populates with t he corresponding d ata. However when you choose a new task, the content frame does not change until you choose a new a submenu link and r epopulate the fr[...]

  • Page 254

    252 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 • RIP on page 2 63 • SNMP on page 266 • Spanning T ree on page 267 • Switch on page 271 • User Accounts on page 271 • V irtual LAN on page 272 Figure 44: Configur ation Submen u Links IP Forwar ding From this window , you can enable or [...]

  • Page 255

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 253 • Configuring IP Unicast Routi ng on page 196 • Subnet-Dire cted Broadcast Forw ard ing on page 194 • IP Multicast Routi ng Overview on page 229 Figure 45: IP Interface Configuration License The License window allows you to enable th[...]

  • Page 256

    254 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Figure 46: License Window OSPF The OSPF configuration window allo ws you to perform a wide-range of OSPF config uration tasks. The window is divided into six functional areas : 1 Configur e global OSPF parameters inc luding enabling or disabling of[...]

  • Page 257

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 255 • Enable or disable the exporting of RIP , static, an d dir ect (interface) routes to OSPF . Be sure you disable exporting of static and RIP befor e setting other global OSPF paramete rs. • Enable or disable the exporting of static, di[...]

  • Page 258

    256 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Configure an Area Range This portion of the window allows you to confi gur e a range of IP addr esses in an OSPF ar ea. The example in Figur e 48 shows that six ar eas ar e defined: t he backbone (0.0.0.0), and ar ea IDs 1.1. 1.1, 2.2.2.2, 3.3.3.3,[...]

  • Page 259

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 257 Figure 49: OSPF Area Conf iguration For more information on ar ea types, see “Areas” on page 21 1. Configure an IP interface f or OSPF Using this portion of the window , you can: • Review the existing OSPF IP interface configuration [...]

  • Page 260

    258 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 T ransit delay —Fr om 1 to 3600 seconds Hello interval —Fr om 1 to 65535 seconds Router dead time —From 1 to 2147483647 seconds Retransmit inte rval —From 1 to 3600 seconds The three boxes that follow the table allow you to ch ange the valu[...]

  • Page 261

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 259 Figure 51: Miscellaneous P arameters an d Timers Use the next three sets of boxes, shown in Figure 52, to configure virtual links. Whe n non-default values are configur ed for a router ID or an area ID, the top table display s those values[...]

  • Page 262

    260 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Figure 52: OSPF Vir tual Links Configure OSPF A uthentication The final section in the OSPF configuration window allow s you to configure an interface. This section is shown at the bottom of Figure 53. The table displays the interface and whether a[...]

  • Page 263

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 261 Figure 53: OSPF A uthentication Po r t s Port configuration provides a convenient way to s ee all the pertinent information about a port in one place. Figure 54 shows the following field s in the port configuration window: Ports —The por[...]

  • Page 264

    262 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Redundant Media — T h e b a c k u p w i r i n g m e d i a , a l w a y s u n s h i e l d e d t w i s t e d - p a i r ( U T P ) QoS Profile —A QoS pr ofile in the format of QP n , wher e n i s f r o m 1 t o 8 Figure 54: P or t Configu ration Wind[...]

  • Page 265

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 263 Figure 55: Configure P or t P arameters RIP The RIP configuration window allows you to configur e global RIP parameters or RIP for an IP interface. Configure Global RIP P arameters Use the global parameters to set up RIP for the swit ch. S[...]

  • Page 266

    264 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Use the Unconfigure button to r eset the global RIP parameters to the defau lt values. Use the Submit button to submit the changes to the system. Figure 56: RIP Global Conf iguration For more information about setting RIP parameters globally , see [...]

  • Page 267

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 265 Figure 57: IP Interf ace Configuration f or RIP Using this portion of the window , you can: • Review the existing RIP config uration for an IP interface. Each VLAN shows: — The VLAN name — The IP address — Whether IP forwarding is [...]

  • Page 268

    266 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 • Use the Submit button to submit the changes to the system. SNMP The SNMP window is divided into two sections. Th e top section allows you to enter system gr oup information and au thentication inf ormation for the communi ty strings. The bottom[...]

  • Page 269

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 267 T rap Information As shown in Figure 59, the lowe r section of the SNMP window allows you to enable SNM P and configur e trap r eceivers. T o enable SNMP trap support, click the checkbox and submit the r equest. If authorized trap receiver[...]

  • Page 270

    268 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Figure 60: Spanning T ree Configur ation (1 of 4) In the bottom section, you can: • Review all STPD configu rations Each STPD shows the: — STPD name. — State of the domain, either enabled or disabled. — Priority level of the bridge, a valu [...]

  • Page 271

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 269 Figure 61: Spanning T ree Configur ation (2 of 4) • Review all ports be longing to STPDs. A port can belong to only one STPD. If a port is a member of multiple VLANs, then all those VLANs must belong to the same STPD. The Spanning T ree [...]

  • Page 272

    270 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Figure 62: Spanning T ree Configur ation (3 of 4) Figure 63: Spanning T ree Configur ation (4 of 4)[...]

  • Page 273

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 271 Switch This window , s hown in Figure 64, manages basic swit ch operation. The four sections are: • Set date and time • Enable or disable T elnet remote management and SNMP management • Select the image and configuration to use Y ou [...]

  • Page 274

    272 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Y ou can also manage user accounts thr ough this window . Each account requires a user name and password. User s with administrative access have re ad-write authority , where normally a user would have read-only access to the system. Only users wit[...]

  • Page 275

    Configuring the Summit 200 using ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 273 Figure 66: VLAN Administration (1 of 2) Renaming a VLAN The following section al lows you to re name a VLAN. When renamin g a VLAN, be sur e to following the naming guidelines descr ibed in “VLAN Names” on pa ge 102 . This ar ea of the[...]

  • Page 276

    274 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 T h e C o n f i g u r e V L A N P o r t s a r e a o f w i n d o w a l l o w s y o u t o r e m o v e V L A N p o r t s o r t o c h a n g e p o r t s b a c k and forth from tagge d-based to port-based. Figure 67 shows an example of the C onfigur e VL[...]

  • Page 277

    Revie wing ExtremeW are Vista S tatistical Repor ts Summit 200 Series Switch Inst allation and User Gu ide 275 Port Collisions —Contains Ethernet collision summary Port Errors —Contains Ethernet port err ors Port Utilization —Contains link utilization i nformation RIP —Contains global RIP statistics and router interface statistics Switch ?[...]

  • Page 278

    276 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 FDB T h i s w i n d o w a l l o w s y o u t o r e v i e w t h e c o n t e n t s o f the FDB table. It also gives su mmary information about the contents of the view and allows you tailor the view by various parameters. The view of the FDB, as shown[...]

  • Page 279

    Revie wing ExtremeW are Vista S tatistical Repor ts Summit 200 Series Switch Inst allation and User Gu ide 277 The V iew Options allow you to filter and r estrict the amount of information pr esented in the FDB view . Figure 70: FDB (2 of 2) For further information about the FDB, se e “Forwarding Database (FDB)” on page 109. IP ARP Use the IP A[...]

  • Page 280

    278 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Figure 71: IP ARP T able IP Configuration In this window you can review two dif ferent tables containing IP configuration information. The Global IP Configuration Statis tics table provides IP settin gs and summary statistics for the entire switch.[...]

  • Page 281

    Revie wing ExtremeW are Vista S tatistical Repor ts Summit 200 Series Switch Inst allation and User Gu ide 279 OSPF —The OSPF routing pr otocol for the switch. The setting is either enabled or disabled. Advertisement Address —The destination addr ess of the r outer advertisement messages. Maximum Interval —The maximum time between r outer adv[...]

  • Page 282

    280 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Netmask Broadcast —The br oadcast addr ess in dotted-quad notatio n Multicast TTL —The multicast time-to-live MTU —Maximum T ransmission Unit (MTU) size Metric —The hop count to the destination address IP Forwardin g —IP forwarding on thi[...]

  • Page 283

    Revie wing ExtremeW are Vista S tatistical Repor ts Summit 200 Series Switch Inst allation and User Gu ide 281 Use —The number of times the entry is used VLAN —VLAN name Origin —Route origin. One of the following: • direct • blackhole • static • ICMP • OSPFIntra • OSPFInter • RIP • OSPFExtern1 • OSPFExtern2 • BOOTP As show[...]

  • Page 284

    282 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Statistics” and “Global IP Statistics”. For informatio n about err or counts on an in terface, see “Gl obal ICMP Statistics”. Global IP Statistics The Global IP Statistics report IP traf fic flow thr o ugh the switch. As shown at the top [...]

  • Page 285

    Revie wing ExtremeW are Vista S tatistical Repor ts Summit 200 Series Switch Inst allation and User Gu ide 283 • Out Erro rs • Bad Checksums Router Interface IP Statistics The Router Interface IP Statistics give d etailed traf fic details at the VLAN level. For each interface the table provides: • VLAN name • Interface ID • IP Address •[...]

  • Page 286

    284 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Link State Received Packet Count T ransmitted Packet Count Received Byte Coun t T ransmitted Byte Count Collisions Figure 76: Ph ysical P or t Statistics P or t Collisions This window provides information ab out Ethernet collis ions that occu r whe[...]

  • Page 287

    Revie wing ExtremeW are Vista S tatistical Repor ts Summit 200 Series Switch Inst allation and User Gu ide 285 Figure 77: P or t Collisions Po r t E r ro r s In this window , you can review Ethernet link erro rs . As shown in Figur e 78, the table reflects the following information for each acti ve port: • Link State • Rx Lost • Rx Bad Cyclic[...]

  • Page 288

    286 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Figure 78: Ethernet P or t Errors P or t Utilization T h i s w i n d o w s h o w s p o r t u t i l i z a t i o n . A s s h o w n i n F i g u r e 7 9 , t h e r e p o r t f i e l d s a r e a s f o l l o w s : Port Number Speed —Configured port spee[...]

  • Page 289

    Revie wing ExtremeW are Vista S tatistical Repor ts Summit 200 Series Switch Inst allation and User Gu ide 287 Figure 79: Utilization A v erages RIP This window provides statistics ab out the Routing Information Pr otocol (RIP) both at the glo bal (switch level) and at the interface level. At the swit ch leve l, the Global Routing Inform ation Pr o[...]

  • Page 290

    288 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Bad Routes Figure 80: RIP Statistics Switch Use this window to locat e hardwar e status information. A s shown in Figure 81 , the Hardwar e Status table provides data about the following areas: System Name —Summit 200-24 or Summit 200-48 MAC Addr[...]

  • Page 291

    Locating Support Information Summit 200 Series Switch Inst allation and User Gu ide 289 Power Supply —Power supply information. If at full capacit y it is disp layed in gr een. If it installe d but not operating, it is displayed in r ed. Figure 81: Hardwar e Status Locating Suppor t Inf or mation ExtremeW ar e V ista p r ovides a cen tral locatio[...]

  • Page 292

    290 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Figure 82: Product Manu al Link TFTP Download Y ou can do wnload the latest software images using T rivial File T ransfer Pr otocol (TF TP) from this window . As shown in Figur e 84, you need to provide the fo llowing information: TF TP Server Addr[...]

  • Page 293

    Locating Support Information Summit 200 Series Switch Inst allation and User Gu ide 291 Figure 83: TFTP Download Contact Support The Contact Support window contains the mailing addr ess, telephone number , fax number , and URL for Customer Support. An example of this window is shown in Figur e 84.[...]

  • Page 294

    292 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0 Figure 84: Support Address Email Support When you click the submenu link for Email Support, the br owser closes the ExtremeW are V ista page and opens your browser ’s email window . Y ou can then s e n d a n e m a i l d i r e c t l y t o c u s t [...]

  • Page 295

    Logging Out of ExtremeW are Vista Summit 200 Series Switch Inst allation and User Gu ide 293 Figure 85: Email Suppor t Logging Out of ExtremeW are Vista When you click the Logout button in the task frame, it causes an immediate exit from Extr emeW are V i s t a . B e s u r e y o u w a n t t o e x i t t h e a p p l i c a t i o n b e c a u s e t h e [...]

  • Page 296

    294 Summit 200 Series Switch Installat ion and User Guide Using ExtremeW are Vista on the Summit 20 0[...]

  • Page 297

    Summit 200 Series Switch Inst allation and User Gu ide 295 A Saf ety Inf or mation Impor tant Saf ety Inf or mation W ARNING! Read the following safety inf ormation thoroughl y bef ore installi ng yo ur Extreme Ne tworks switch. F ailure to follow this safety inf ormation c a n l e a d t o p e r s o n a l i n j u r y o r d a m a g e t o t h e equip[...]

  • Page 298

    296 Summit 200 Series Switch Installat ion and User Guide Safety Information • This unit operates under Safety Extra Low V oltage (SEL V) conditions a ccording to IEC 950. The conditions ar e only maintained if the equipment to w h i c h i t i s c o n n e c t e d a l s o o p e r a t e s u n d e r S E L V conditions. • The appliance coupler (the[...]

  • Page 299

    Impor tant Safety Information Summit 200 Series Switch Inst allation and User Gu ide 297 W ARNING! Danger of e xplosion if battery is incorrectly replaced. Repl ace only with the same o r equiv alent type recommended b y the man uf acturer . Dispose of used batteries according to the man uf acturer ’ s instru ctions. • Disposal requir ements va[...]

  • Page 300

    298 Summit 200 Series Switch Installat ion and User Guide Safety Information[...]

  • Page 301

    Summit 200 Series Switch Inst allation and User Gu ide 299 B T echnical Specifications This appendix provides technical speci fications for the following Su mmit 200 series switches: • Summit 200-24 Switch on pag e 299 • Summit 200-48 Switch on pag e 302 Summit 200-24 Switch Physi cal and En vironment al Dimensions Height: 1.75 i nches (4.44 cm[...]

  • Page 302

    300 Summit 200 Series Switch Installat ion and User Guide T echnical Specifications Safety Certi fications North America UL 60950 3 rd Edition, l isted (US Safety) CAN/CSA-C22.2 No. 60950-00 (Canadian Safety) Europe Low Voltage Directive (LVD) TUV-R GS Mark by German Notified Body EN60950:2000 (Europea n Safety) International CB Scheme IEC60950:200[...]

  • Page 303

    Summit 200-24 Switch Summit 200 Series Switch Inst allation and User Gu ide 301 GOST (Russian Federation) ACN 090 029 066 C-Tick (Australian Communication Authority) Underwriters Laboratories (USA and Canada) MIC (South Korea) BSMI, Republic of Taiwan NOM (Mexican Official Normalization, El ectronic Certification and Normalization)[...]

  • Page 304

    302 Summit 200 Series Switch Installat ion and User Guide T echnical Specifications Summit 200-48 Switch Physical and En v ir onmental Dimensions He ight: 1.75 inches (4.44 cm) Width: 17.3 inches (43.94 cm) Depth: 12.2 inch es (31.00 cm) Weight Weight: 9.7 lbs (4.4 kg) Temperature and Humidity Operating Temper ature: 0° to 40° C (32° to 104° F)[...]

  • Page 305

    Summit 200-48 Switch Summit 200 Series Switch Inst allation and User Gu ide 303 Electromagnetic Compatibility North America FCC 47 CFR Part 15 Class A (US Emissions) ICES-003 Class A (Canada Emissions) Europe 89/336/EEC EMC Directive ETSI/EN 300 386:2001 (EU Telecommunications Emissions and Immunity) EN55022:1998 Class A (Europ ean Emissions) EN550[...]

  • Page 306

    304 Summit 200 Series Switch Installat ion and User Guide T echnical Specifications[...]

  • Page 307

    Summit 200 Series Switch Inst allation and User Gu ide 305 C Suppor ted Standards ExtremeW ar e supports the following st anda rds for the Summit 200 series switch. Standar ds and Pr otocols Management and Security RFC 1058 RIP RFC 783 TFTP RFC 1723 RIP v2 RFC 1542 BootP RFC 1112 IGMP RFC 854 Telnet RFC 2236 IGMP v2 RFC 768 UDP RFC 2328 OSPF v2 (in[...]

  • Page 308

    306 Summit 200 Series Switch Installat ion and User Guide Supported Standards[...]

  • Page 309

    Summit 200 Series Switch Inst allation and User Gu ide 307 D Softw are Upg r ade and Boot Options This appendix describes the foll owing topics: • Downloading a New Image on page 307 • Saving Configuration Changes on page 309 • Using TF TP to Upload the Confi guration on page 310 • Using TF TP to Download the Confi guration on page 31 1 •[...]

  • Page 310

    308 Summit 200 Series Switch Installat ion and User Guide Software Upg rade and Boot Options T o download the image, use the following command: download image [<ipaddress> | <hostn ame>] <filename> {primary | seco ndary} slot <n> | all where: The switch can store up to two images: a primary and a secondary . When you downloa[...]

  • Page 311

    Saving Conf iguration Chan ges Summit 200 Series Switch Inst allation and User Gu ide 309 where: If you do not specify a r eboot time, the r eboot occurs immediate ly following the command, and any previously scheduled reboots ar e cancelled. T o cancel a pr eviously scheduled r eboot, use the cancel option. T o reboot only an individual slot in th[...]

  • Page 312

    310 Summit 200 Series Switch Installat ion and User Guide Software Upg rade and Boot Options NO TE If the s witch is rebooted wh ile in the middle of a config uration sa ve, the s witch boots to f actory default settings . The conf iguration th at is not in the p rocess of being sa v ed is unaff ected. Returning to F actory Defaults T o return the [...]

  • Page 313

    Using TFTP to Download the Configur ation Summit 200 Series Switch Inst allation and User Gu ide 311 upload configuration cancel Using TFTP to Do wnload the Configuration Y ou can download ASCII files that contain CLI commands to the switch t o modify the switch configuration. Thr ee types of configur at ion scenarios that can be downloaded: • Co[...]

  • Page 314

    312 Summit 200 Series Switch Installat ion and User Guide Software Upg rade and Boot Options T o ena ble scheduled incremental do wnloads, use the following command: download configuration every <hour ( 0-23)> T o disp lay scheduled download inf ormation, use the following command: show switch T o cancel scheduled incremental downloads, use t[...]

  • Page 315

    Boot Option Commands Summit 200 Series Switch Inst allation and User Gu ide 313 For example, to change the image that the sw itch boots from in flash memory , press 1 for the image store d in primary or 2 for the image stored in secondar y . Then, press the f key to boot from newly selected on-board flash memory . T o boot to factory default config[...]

  • Page 316

    314 Summit 200 Series Switch Installat ion and User Guide Software Upg rade and Boot Options save {configuration} {primary | secondary} Saves the cu rrent configuration to nonvolatile storage. You can specify the primary or secondary configuration area. If not specified, the configuration is saved to th e primary configuration area. show configurat[...]

  • Page 317

    Summit 200 Series Switch Inst allation and User Gu ide 233 E T roub leshooting If you encounter pr oblems when using the switch, this appendix might be helpful. If you hav e a problem not li sted here or in the r elease note s, contact your local technical support r epres entative. LEDs Power LED does not light: Check that the power cable is firmly[...]

  • Page 318

    234 Summit 200 Series Switch Installat ion and User Guide T roubleshooting Stack LED changes to zero : On a stacked set of switches, the stack number LED on the S200-24 normally displays fro m one to eight. If the LED changes fr om the stack number to zer o it indicates that the stack is now down. T o recover: 1 Check that all of the stack cables a[...]

  • Page 319

    Using the Command-Line Inter f ace Summit 200 Series Switch Inst allation and User Gu ide 235 Check that the port through which you are trying to access the device is in a correctly configured VLAN. T ry accessing the dev ice thr ough a differ ent port. If you can now access the device, a problem with the original port is indicated. Re-e xamine the[...]

  • Page 320

    236 Summit 200 Series Switch Installat ion and User Guide T roubleshooting NO TE A mismatch of duple x mo de between the Extreme s witch and another netw ork de vice will cause poor network perf or mance . Vie wing statistics u sing the show port rx command on the Ext reme s witch ma y displa y a constant increment of CRC error s. This is char acte[...]

  • Page 321

    Debug T racing Summit 200 Series Switch Inst allation and User Gu ide 237 VLANs, IP Addresses and default routes: The system can have an IP address for each configur e d V L A N . I t i s n e c e s s a r y t o h a v e a n I P a d d r e s s a s s o c i a t e d w i t h a V L A N i f y o u i n t e n d t o m a n a g e ( T e l n e t , S N M P , p i n g [...]

  • Page 322

    238 Summit 200 Series Switch Installat ion and User Guide T roubleshooting or by email at: • support@extr emenetworks.com Y ou can also visit the support website at: • http://www .extremenetworks.com/e xtr eme/support/techsupport.asp to download software updates (requi re s a service contr act) and documentation.[...]

  • Page 323

    Summit 200 Series Switch Inst allation and User Gu ide 239 Inde x Numerics 802.1p configuration commands (table) 163 802.1x authentication co-existence with web-based 72 EAPOL flooding 81 requir ements 71 A access contr ol lists adding 119 configuration commands (table) 121 deleting 120 description 115 examples 124 ICMP filter example 127 permit-es[...]

  • Page 324

    240 Summit 200 Series Switch Installat ion and User Guide Inde x CIDR notation 60 CLI command authorization checking 50 command history 48 command shortcuts 46 disabling 49 enabling 50 line-editing keys 47 named components 47 numerical ranges, Summit 200 series switch 46 symbols 47 syntax helper 46 using 45 collisions 284 command history 48 prompt,[...]

  • Page 325

    Summit 200 Series Switch Inst allation and User Gu ide 241 Inde x error level messages in Extr emeW are V ista 251 errors, port 173 establishing a T eln et session 58 Ethernet collisions 284 Ethernet link errors 285 Ethernet ports, autopola rity detection fe ature 88 Events, RMON 180 export restrictions security licens ing 41 SSH2 encryption protoc[...]

  • Page 326

    242 Summit 200 Series Switch Installat ion and User Guide Inde x rack 28 verifying 34 interfaces, ro uter 192 Internet Group Management Pr otocol. See IGMP IP address, entering 59 IP ARP 277 IP configuration statistics 278 IP multicast groups and IGMP snooping 233 IP multicast routing description 229 PIM-SM 230 IP route sharing 194 IP routing table[...]

  • Page 327

    Summit 200 Series Switch Inst allation and User Gu ide 243 Inde x N names, VLANs 102 NA T configuration commands (table) 138 creating r ules 140 rule matching 140 timeout commands (table) 141 Netscape Navigator , using for ExtremeW are V ista 248 Network Address T ranslation. See NA T network login 71 campus mode 77 configuration commands (table) 8[...]

  • Page 328

    244 Summit 200 Series Switch Installat ion and User Guide Inde x examples MAC address 161 source port 166 VLAN 166 FDB entry association 110 file server applications 159 IP TOS configurat ion commands (table) 164 monitor description 167 real-time display 167 traffic gr oupings 159 access list 160 blackhole 161 by precedence (table) 160 explicit pac[...]

  • Page 329

    Summit 200 Series Switch Inst allation and User Gu ide 245 Inde x Simple Network Ma nagement Pr otocol. See SNMP slot assignment 239 slots 237 SNMP community strings 62 configuration commands (table) 63 configuring 62 , 266 settings, displaying 64 stacked configurations 63 supported MIBs 62 sysname, stacking 246 system contact 63 , 266 system locat[...]

  • Page 330

    246 Summit 200 Series Switch Installat ion and User Guide Inde x environme ntal requir ements 302 front view 19 heat dissipation 302 laser safety certifications 302 LEDs 22 MAC address 23 port connections 20 power safety certifications 302 power socket 22 power supply specifications 302 power-of f specifications 302 rear view 22 serial number 23 te[...]

  • Page 331

    Summit 200 Series Switch Inst allation and User Gu ide 247 Inde x groups 105 guidelines 105 limitations 106 timed configuratio n download 106 mixing port-based and tagged 102 names 102 network login 71 port-based 98 renaming 103 routing 196 StkIntern al and StkMgmt 241 tagged 100 trunks 100 types 98 UDP-Forwarding 205 W warning level messages in Ex[...]

  • Page 332

    248 Summit 200 Series Switch Installat ion and User Guide Inde x[...]

  • Page 333

    Summit 200 Series Switch Inst allation and User Gu ide 249 Inde x of Commands C clear counters 178 clear dlcs 169 clear fdb 111, 161 clear igmp snooping 235 clear iparp 197, 20 3 clear ipfdb 197, 203 clear log 178 clear session 48, 60 config access-profile 133 config access-profile add 128, 133 config access-profile delete 129, 133 config access-pr[...]

  • Page 334

    250 Summit 200 Series Switch Installat ion and User Guide Inde x of Commands config ospf delete virtual-link 223 config ospf delete vlan 223 config ospf direct-filter 131, 134, 22 3 config ospf lsa-batching-timer 223 config ospf metric-table 223 config ospf or iginate-default 225 config ospf routerid 223 config ospf s pf-hold-time 223 config ospf t[...]

  • Page 335

    Summit 200 Series Switch Inst allation and User Gu ide 251 Inde x of Commands D delete access-list 120, 124 delete access-mask 120, 124 delete access-profil e 134 delete account 49 delete eaps 148, 149 delete fdbentry 111 delete ospf area 227 delete rate-limit 120, 124 delete stpd 189 delete udp-profile 206 delete vlan 49, 104 disable bootp 49, 198[...]

  • Page 336

    252 Summit 200 Series Switch Installat ion and User Guide Inde x of Commands enable eapol-flooding 82 enable eaps 148, 15 2 enable edp ports 96 enable icmp address-mask 200 enable icmp parameter-problem 200 enable icmp port-unreachables 200 enable icmp redirects 200 enable icmp time-exceeded 200 enable icmp timestamp 200 enable icmp unreachables 20[...]

  • Page 337

    Summit 200 Series Switch Inst allation and User Gu ide 253 Inde x of Commands show configuration 314 show debug-trac ing 237 show diagnostics 172 show dlcs 16 9 show dns-client 53 show eapol-flooding 82 show eaps 148, 152 show edp 96 show fdb 112, 113 show fdb permanent 161, 168 show igmp snooping 235 show iparp 197 , 203 show iparp proxy 203 show [...]

  • Page 338

    254 Summit 200 Series Switch Installat ion and User Guide Inde x of Commands use image 245 , 314 use image slot 245[...]