Nortel Networks 8600 manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Nortel Networks 8600. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Nortel Networks 8600 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Nortel Networks 8600 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation Nortel Networks 8600 devrait contenir:
- informations sur les caractéristiques techniques du dispositif Nortel Networks 8600
- nom du fabricant et année de fabrication Nortel Networks 8600
- instructions d'utilisation, de réglage et d’entretien de l'équipement Nortel Networks 8600
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Nortel Networks 8600 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Nortel Networks 8600 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Nortel Networks en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Nortel Networks 8600, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Nortel Networks 8600, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Nortel Networks 8600. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    Nortel Ethernet Routing Switch 8600 Commissioning Release: 5.0 Document Revision: 01.01 www.nortel.com NN46205-319 323883-A Rev 01 .[...]

  • Page 2

    Nortel Ethernet Routing Switch 8600 Release: 5.0 Publication: NN46205-319 Document status: Standard Document release date: 30 May 2008 Copyright © 2008 Nortel Networks All Rights Reserved. Printed in Canada and the United States of America LEGAL NOTICE While the information in this document is believed to be accurate and reliable, except as otherw[...]

  • Page 3

    3 . Contents Software license 7 New in this release 11 Features 11 NNCLI 11 Other changes 11 Document changes 11 Introduction 13 Commissioning fundamentals 15 System connections 15 Terminal connection 16 Modem connection 16 System logon 19 hsecure mode 20 Setup utility 21 Secure and nonsecure protocols 25 Password encryption 26 Management port 26 S[...]

  • Page 4

    4 Connecting a modem 46 Procedure job aid: PPP file 49 Configuring the switch with the setup utility 54 Procedure job aid: setup utility prompts 54 Configuring system identification 60 Configuring the time zone 62 Configuring the date 63 Specifying the primary SF/CPU 64 Changing passwords 64 Resetting passwords 68 Initial steps using the NNCLI 69 I[...]

  • Page 5

    5 Assigning an IP address to the management port 116 Assigning static routes to the management interface 117 Example of assigning a static route to the management interface 118 Enabling remote access services 118 Enabling the Web management interface 119 Configuring the remote host logon 120 Commissioning verification 123 Pinging an IP device 123 U[...]

  • Page 6

    6 Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 7

    7 . Software license This section contains the Nortel Networks software license. Nortel Networks Inc. software license agreement This Software License Agreement ("License Agreement") is between you, the end-user ("Customer") and Nortel Networks Corporation and its subsidiaries and affiliates ("Nortel Networks"). PLEASE[...]

  • Page 8

    8 Software license of this Agreement. Customer shall not a) use, copy, modify, transfer or distribute the Software except as expressly authorized; b) reverse assemble, reverse compile, reverse engineer or otherwise translate the Software; c) create derivative works or modifications unless expressly authorized; or d) sublicense, rent or lease the So[...]

  • Page 9

    Nortel Networks Inc. software license agreement 9 software documentation and, in the event Software is licensed for or on behalf of the United States Government, the respective rights to the software and software documentation are governed by Nortel Networks standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sectio[...]

  • Page 10

    10 Software license Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 11

    11 . Ne w in this release The following sections detail what’s new in Nortel Routing Switch 8600 Commissioning, NN46205-319 for Release 5.0: • “Features” (page 11) • “Other changes” (page 11) Features See the following sections for information about feature changes. • “NNCLI” (page 11) NNCLI In Release 5.0, you can use the new N[...]

  • Page 12

    12 New in this release This document is restructured to align with Nortel Customer Documentation Standards (NCDS). Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 13

    13 . Intr oduction This guide provides procedures to commission the Nortel Ethernet Routing Switch 8600. Navigation • “Commissioning fundamentals” (page 15) • “Commissioning” (page 31) • “Initial steps using Device Manager” (page 33) • “Initial steps using the CLI” (page 41) • “Initial steps using the NNCLI” (page 69) [...]

  • Page 14

    14 Introduction Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 15

    15 . Commissioning fundamentals Commissioning follows hardware installation. Commissioning includes the minimal, but essential, configuration steps to provide a default, starting point configuration, set up a management interface, and establish basic security on the node. For more information about configuring security, see Nortel Ethernet Routing [...]

  • Page 16

    16 Commissioning fundamentals Terminal connection Connect the serial console interface (an RS-232 port) to a PC or terminal to monitor and configure the switch. The port uses a DB-9 connector that operates as data terminal equipment (DTE) or data communication equipment (DCE). The default communication protocol settings for the console port are: ?[...]

  • Page 17

    System connections 17 Table 1 DTE-to-DCE straight-through pin assignments (cont’d.) Switch Modem Signal Pin number DCE DB-9 pin number DCE DB-25 pin number Data terminal ready (DTR) 44 2 0 Ground (GND) 55 7 Data set ready (DSR) 66 6 Request to send (RTS) 77 4 Clear to send (CTS) 88 5 The default communication protocol settings for the modem port [...]

  • Page 18

    18 Commissioning fundamentals Figure 1 PPP configuration topology When you configure the modem port on the switch to use PPP, you must also specify a PPP file. The PPP file is a text document which includes all additional PPP configuration parameters to include when the switch reboots. Enter one configuration parameter on each line with any require[...]

  • Page 19

    System logon 19 If each user must use a different IP address, list each user with a different IP address in the file. Configure the client IP settings to use a static IP address that matches what you configure in the secrets file. An example secrets file looks like the following: long * long 47.133.223.200 william * william 47.133.223.200 System lo[...]

  • Page 20

    20 Commissioning fundamentals hsecure mode The Nortel Ethernet Routing Switch 8600 supports a flag called high secure (hsecure). hsecure introduces the following behaviors for the password: 10-character enforcement, aging time, limitation of failed logon attempts, and a protection mechanism to filter certain IP addresses. After you enable the hsecu[...]

  • Page 21

    Setup utility 21 Table 4 Default community strings (cont’d.) User ID New community string l3 privateonly rw privateonly rwa secretonly Aging enforcement When you enable the hsecure flag, you can configure a duration after which you must change your password. You configure the duration by using the aging parameter. For SNMP and FTP, after a passwo[...]

  • Page 22

    22 Commissioning fundamentals the switch reboots in the desired operating mode. The setup utility also provides error and warning messages to advise you of the ramifications of certain hardware and software configurations. For information about the supported operating modes, see Nortel Ethernet Routing Switch 8600 Administration, NN46205-605 . The [...]

  • Page 23

    Setup utility 23 Figure 2 Setup utility example one Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 24

    24 Commissioning fundamentals Figure 3 Setup utility example two Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 25

    Secure and nonsecure protocols 25 Figure 4 Setup utility example three Secure and nonsecure protocols The following table describes the secure and nonsecure protocols the Nortel Ethernet Routing Switch 8600 supports. Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 26

    26 Commissioning fundamentals Table 5 Secure and nonsecure protocols for IPv4 Nonsecure protocols Default status Equivalent secure protocols Default status FTP and TFTP Disabled SCP Disabled Telnet Disabled Secure SHell (SSH) v1, v2 Nortel recommends that you use SSHv2 instead of SSHv1. Disabled SNMPv1, SNMPv2 Enabled SNMPv3 You must load the DES/A[...]

  • Page 27

    Management port 27 The following lists provides configuration considerations. • You can configure the standby IP to a subnet other than that of the master IP using Device Manager only. Attempts to do so using CLI or NNCLI will generate a warning message. • If you use Device Manager, you can configure the standby IP to a different subnet than th[...]

  • Page 28

    28 Commissioning fundamentals Figure 5 OOB network management port default IP flowchart Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 29

    Device Manager 29 The switch first checks for the file pcmboot.cfg, in Personal Computer Memory Card International Association (PCMCIA). If not found, the switch checks for the file boot.cfg in flash. ATTENTION If you use the boot configuration file from PCMCIA, you must rename the file to pcmboot.cfg The boot.cfg file is no longer saved in PCMCIA.[...]

  • Page 30

    30 Commissioning fundamentals Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 31

    31 . Commissioning Commissioning follows hardware installation. The commissioning task includes all the initial procedures you must use to bring the Ethernet Routing Switch 8600 online and set up appropriate access for remote users. Commissioning tasks The following work flow shows the sequence of tasks you perform to commission the Nortel Ethernet[...]

  • Page 32

    32 Commissioning Figure 6 Commissioning tasks Commissioning navigation • “Initial steps using Device Manager” (page 33) • “Initial steps using the CLI” (page 41) • “Initial steps using the NNCLI” (page 69) • “Remote connection configuration using Device Manager” (page 95) • “Remote connection configuration using the CLI?[...]

  • Page 33

    33 . Initial steps using Device Mana ger The initial commissioning steps involve basic setting configuration. Prerequisites to initial steps • You must install the hardware. • You must install at least one cable to set up a remote connection to the switch. • You must power up the switch. Initial commissioning procedures The following task flo[...]

  • Page 34

    34 Initial steps using Device Manager Figure 7 Initial commissioning procedures Initial commissioning navigation • “Editing system information” (page 34) • “Configuring the date and time” (page 37) • “Changing passwords” (page 38) Editing system information You can edit system information, such as the contact person, the name of t[...]

  • Page 35

    Editing system information 35 The Chassis dialog box appears with the System tab displayed. 2 Type the contact information. 3 Type the system name. 4 Type the location information. 5 Click Apply . 6 Click Close . --End-- Variable definitions Use the data in the following table to configure the System tab. Variable Value sysDescr Shows the system as[...]

  • Page 36

    36 Initial steps using Device Manager Variable Value LastVlanChange Displays the time since the last VLAN change LastStatisticsReset Displays the time since the statistics counters were last reset LastRunTimeConfigSave Displays the last run-time configuration saved LastRunTimeConfigSaveToSlave Displays the last run-time configuration saved to the s[...]

  • Page 37

    Configuring the date and time 37 Variable Value • saveSlaveBootConfig—saves the current boot configuration to the standby SF/CPU • loadLicense—loads a software license file to enable features ActionGroup2 Can be one of the following actions: • resetlstStatCounters—resets the IST statistic counters • resetLspStats—resets the LSP stat[...]

  • Page 38

    38 Initial steps using Device Manager The User Set Time tab appears. 4 Type the correct details. 5 Click Apply . --End-- Variable definitions Use the data in the following table to configure the User Set Time tab. Variable Value Year Configures the year (integer 1998–2097) Month Configures the month (integer 1–12) Date Configures the day (integ[...]

  • Page 39

    Changing passwords 39 Variable definitions Use the data in the following table to configure the CLI tab. Variable Value RWAUserName Specifies the user name for the read/write/all CLI account. RWAPassword Specifies the password for the read/write/all CLI account. RWEnable Activates the read/write access level. RWUserName Specifies the user name for [...]

  • Page 40

    40 Initial steps using Device Manager Variable Value Timeout Indicates the number of seconds of inactivity for a Telnet or Rlogin session before automatic timeout and disconnect (30–65535 seconds). NumAccessViolations Indicates the number of CLI access violations detected by the system. This field is a read-only field. Nortel Ethernet Routing Swi[...]

  • Page 41

    41 . Initial steps using the CLI The initial commissioning steps involve basic configuration settings. Prerequisites to initial steps • You must install the hardware. • You must install at least one cable to set up a remote connection to the switch. • You must power up the switch. Initial commissioning procedures The following task flow shows[...]

  • Page 42

    42 Initial steps using the CLI Figure 8 Initial commissioning procedures Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 43

    Job aid: Roadmap of initial CLI commands 43 Initial commissioning navigation • “Job aid: Roadmap of initial CLI commands” (page 43) • “Connecting a terminal” (page 45) • “Connecting a modem” (page 46) • “Configuring the switch with the setup utility” (page 54) • “Configuring system identification” (page 60) • “Conf[...]

  • Page 44

    44 Initial steps using the CLI Table 6 Job aid: Roadmap of initial CLI commands (cont’d.) Command Parameter dst-end <Mm.n.d/hhmm|MMddhhmm> dst-name <dstname> dst-offset <minutes> dst-start <Mm.n.d/hhmm|MMddhhmm> info name <tz> config bootconfig tz offset-from-utc <minutes> access level <access level> <[...]

  • Page 45

    Connecting a terminal 45 Table 6 Job aid: Roadmap of initial CLI commands (cont’d.) Command Parameter contact <contact> clock-sync-time <minutes> contact <contact> ecn-compatibility <enable|disable> force-topology-ip-flag <true|false> global-filter <enable|disable> info location <location> max-vlan-resour[...]

  • Page 46

    46 Initial steps using the CLI Prerequisites • To use the console port, you need the following equipment: — A terminal or teletypewriter (TTY)-compatible terminal, or a portable computer with a serial port and terminal-emulation software. — An Underwriters Laboratories (UL)-listed straight-through or null modem RS-232 cable with a female DB-9[...]

  • Page 47

    Connecting a modem 47 Prerequisites • You need a DTE-to-DCE cable (straight or transmit cable) to connect the Nortel Ethernet Routing Switch 8600 to the modem. • You must configure your client dial-up settings to establish the connection to the modem. Procedure steps Step Action 1 In the run-time CLI, configure the modem port by using the follo[...]

  • Page 48

    48 Initial steps using the CLI 7 Save the boot configuration. 8 Reboot the switch. --End-- Variable definitions Use the data in the following table to use the config bootconfig sio command. Variable Value 8databits <true|false> Specifies either 8 (true) or 7 (false) data bits for each byte for software to interpret. The default is false. baud[...]

  • Page 49

    Connecting a modem 49 Variable Value peer-ip <ipaddr> Configures the peer (PC) IP address on the point-to-point link. The default is 0.0.0.0. The switch assigns this value to any PC that connects through the modem port with configured TCP/IP properties to obtain an IP address automatically. If the client uses a static IP address, the Nortel E[...]

  • Page 50

    50 Initial steps using the CLI Table 7 Job aid: PPP file options Option Description asyncmap <value> Configures the desired async map to the value you specify. chap_file <file> Obtains Challenge-Handshake Authentication Protocol (CHAP) secrets from the specified file. You require this option if either peer requires CHAP authentication. [...]

  • Page 51

    Connecting a modem 51 Table 7 Job aid: PPP file options (cont’d.) Option Description ipcp_max_failure <value> Configures the maximum number of IPCP configuration negative acknowledgements (NAK) to the value you specify. ipcp_max_terminate <value> Configures the maximum number of transmissions for IPCP termination requests to the value[...]

  • Page 52

    52 Initial steps using the CLI Table 7 Job aid: PPP file options (cont’d.) Option Description mtu <value> Configures the maximum transmission unit (MTU) size for negotiation to the value you specify. netmask <value> Configures the netmask value for negotiation to the value you specify. no_acc Disables address control compression. no_a[...]

  • Page 53

    Connecting a modem 53 Table 7 Job aid: PPP file options (cont’d.) Option Description pap_restart <value> Configures the timeout, in seconds, for PAP negotiation to the value you specify. pap_user_name <name> Configures the user name for PAP authentication with the peer to the specified name. passive_mode Configures passive mode. PPP w[...]

  • Page 54

    54 Initial steps using the CLI chap_file "my_chap" pap_file "my_pap" Configuring the switch with the setup utility Configure the switch with the setup utility to monitor system requirements and obtain the maximum system performance. Procedure steps Step Action 1 Start the setup utility by using the following command: install 2 [...]

  • Page 55

    Configuring the switch with the setup utility 55 Table 9 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action Please provide primary image-file path [/flash/p80a4100.img]: Description: Indicates the name of the primary image file. Action: Press Enter to accept the default (p80a4100.img), or type a different file name[...]

  • Page 56

    56 Initial steps using the CLI Table 9 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action Do you want to enable m-mode support [n] (y/n)? Description: Specifies if you want the chassis to run in 128 K mode. To run in 128 K mode, the CPU module must be an 8691 or higher and the switch must use at least one 8600 modu[...]

  • Page 57

    Configuring the switch with the setup utility 57 Table 9 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action Do you want to enable CPU High Availability mode [n] (y/n)? Description: Specifies if you want to enable CPU high availability (HA) mode. Use CPU HA mode to recover switches with two CPUs quickly from a failu[...]

  • Page 58

    58 Initial steps using the CLI Table 9 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action Do you want to enable TELNET [n] (y/n)? Description: Specifies if you want to access the switch by Telnet. Action: Enter y to enable Telnet. Accept the default ( n ) to not enable Telnet. Do you want to enable TFTP [n] (y/n)? [...]

  • Page 59

    Configuring the switch with the setup utility 59 Table 9 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action First net mgmt route [0.0.0.0:0.0.0.0]: Description: Specifies the IP address of the first network management route (static route from the network management port to a device in the network). Action: Type the[...]

  • Page 60

    60 Initial steps using the CLI Configuring system identification Configure system identification to specify the system name, contact person, and location of the switch. Procedure steps Step Action 1 Specify the system name by using the following command: config sys set name <prompt> 2 Specify the name of the contact person for the switch by[...]

  • Page 61

    Configuring system identification 61 Variable Value location <location> Changes the system location. max-vlan-resource-reservation <enable|disable> Enables MAX-VLAN feature. mgmt-virtual-ip <ipaddr/mask> Configures mgmt virtual IP. ipaddr/mask is the IP address and network mask {a.b.c.d/x | a.b.c.d/x.x.x.x | default}. mgmt-virtual[...]

  • Page 62

    62 Initial steps using the CLI Configuring the time zone Set the time zone to specify the time zone for your location and configure settings for Daylight Saving Time (DST). Procedure steps Step Action 1 Configure the time zone by using the following command: config bootconfig tz 2 Save the changed configuration to the boot.cfg and pcmboot.cfg file[...]

  • Page 63

    Configuring the date 63 Variable Value dst-offset <minutes> Configures the daylight saving adjustment in minutes. The default is 60 minutes. dst-start <Mm.n.d/hhmm|MMd dhhmm> Configures the starting date of daylight saving time. • Mm.n.d/hhmm specifies an hour on the nth occurrence of a weekday in a month. For example, M10.5.0/0200 me[...]

  • Page 64

    64 Initial steps using the CLI Action Configure the date by using the following command: config setdate <MMddyyyyhhmmss> Specifying the primary SF/CPU Specify the primary SF/CPU to determine which SF/CPU you use as the primary after the switch performs a full power cycle only. When the SF/CPU becomes the primary, the master LED for the SF/CPU[...]

  • Page 65

    Changing passwords 65 Prerequisites • You must use an account with read/write/all privileges to change passwords. For security, the switch saves passwords to a hidden file. The optional parameter password is the password associated with the user name or logon name. Procedure steps Action Change a password by using the following command: config cl[...]

  • Page 66

    66 Initial steps using the CLI l1 <username> [ <password> ] Changes the Layer 1 read/write logon or password. • username is the logon name • password is the password associated with the logon name. l2 <username> <password> Changes the Layer 2 read/write logon or password. • username is the logon name. l3 <username&g[...]

  • Page 67

    Changing passwords 67 min-passwd-len <integer> Configures the minimum length for passwords in high-secure mode. integer is in a minimum range of 10–20. oper <username> Configures the operator logon to connect to the WSM. For more information about the WSM, see Nortel Ethernet Routing Switch 8600 Web Switching Module Fundamentals, NN46[...]

  • Page 68

    68 Initial steps using the CLI slbadmin <username> Configures the SLB administrator logon to connect to the WSM. For more information about the WSM, see Nortel Ethernet Routing Switch 8600 Web Switching Module Fundamentals, NN46205-314 . ssladmin <username> Configures the ssladmin logon to connect to and configure the secure sockets lay[...]

  • Page 69

    69 . Initial steps using the NNCLI The initial commissioning steps involve basic setting configuration. Prerequisites to initial steps • You must install the hardware. • You must install at least one cable to set up a remote connection to the switch. • You must power up the switch. Initial commissioning procedures The following task flow show[...]

  • Page 70

    70 Initial steps using the NNCLI Figure 9 Initial commissioning procedures Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 71

    Job aid: Roadmap of initial NNCLI commands 71 Initial commissioning navigation • “Job aid: Roadmap of initial NNCLI commands” (page 71) • “Connecting a terminal” (page 73) • “Connecting a modem” (page 74) • “Configuring the switch with the setup utility” (page 81) • “Configuring system identification” (page 87) • “[...]

  • Page 72

    72 Initial steps using the NNCLI Table 10 Job aid: Roadmap of initial NNCLI commands (cont’d.) Command Parameter 8databits baud <rate> mode <ascii|slip|ppp> mtu <bytes> my-ip <ipaddr> peer-ip <ipaddr> pppfile <file> restart slip-compression boot config sio modem slip-rx-compression dst-end <Mm.n.d/hhmm|MMddh[...]

  • Page 73

    Connecting a terminal 73 Table 10 Job aid: Roadmap of initial NNCLI commands (cont’d.) Command Parameter community contact <WORD 0-255> force group host location <word> log enable|maxfilesize name <WORD 0-255> notify-filter <WORD 1-32> <WORD 1-32> sender-ip {A.B.C.D} {A.B.C.D} user view <WORD 1-32> <WORD 1-3[...]

  • Page 74

    74 Initial steps using the NNCLI Procedure steps Step Action 1 Configure the terminal protocol as follows: • 9600 baud • 8 data bits • 1 stop bit • No parity 2 Connect the RS-232 cable to the console port. 3 Connect the other end of the RS-232 cable to the terminal or computer serial port. 4 Turn on the terminal. 5 Log on to the NNCLI. --En[...]

  • Page 75

    Connecting a modem 75 ATTENTION Nortel recommends that before you configure the Serial Line Internet Protocol (SLIP) or the Point-to-Point Protocol (PPP), you familiarize yourself with these protocols. 2 If you configure the port mode to slip , use the following command to configure other SLIP parameters: boot config sio modem [slip-compression] [s[...]

  • Page 76

    76 Initial steps using the NNCLI Variable Value mode <ascii|slip|ppp> Configures the communication mode for the serial port. The default is American Standard Code for Information Interchange (ASCII). If you are configuring the modem port, you can configure the port to use either the SLIP or the PPP communication mode. To configure this option[...]

  • Page 77

    Connecting a modem 77 restart Shuts down and initializes the port. slip-compression Enables or disables Transmission Control Protocol over IP (TCP/IP) header compression for SLIP mode. The default is false. Use the no operator to remove this configuration. To configure this option to the default value, use the default operator with the command. sli[...]

  • Page 78

    78 Initial steps using the NNCLI Table 11 Job aid: PPP file options (cont’d.) Option Description default_route Adds a default route to the system routing table, after successful Internet Protocol Control Protocol (IPCP) negotiation. Use the peer as the gateway. After the PPP connection ends, the system removes this entry. driver_debug Activates P[...]

  • Page 79

    Connecting a modem 79 Table 11 Job aid: PPP file options (cont’d.) Option Description lcp_max_terminate <value> Configures the maximum number of transmissions for LCP termination requests to the value you specify. lcp_restart <value> Configures the timeout in seconds for the LCP negotiation to the value you specify. local_auth_name &l[...]

  • Page 80

    80 Initial steps using the NNCLI Table 11 Job aid: PPP file options (cont’d.) Option Description no_vjccomp Disables VJ connection ID compression. pap_file <file> Obtains PAP secrets from the specified file. You require this option if either peer requires PAP authentication. If your users must use the same IP address, the PAP and CHAP secre[...]

  • Page 81

    Configuring the switch with the setup utility 81 Table 11 Job aid: PPP file options (cont’d.) Option Description silent_mode Configures silent mode. PPP does not transmit LCP packets to initiate a connection until it receives a valid LCP packet from the peer. vj_max_slots <value> Configures the maximum number of VJ compression header slots [...]

  • Page 82

    82 Initial steps using the NNCLI For more information about the prompted questions, see “Procedure job aid: setup utility prompts” (page 82) . 3 Reboot the switch. --End-- Procedure job aid: setup utility prompts The following table lists the questions prompted by the setup utility and provides a description for each. Table 13 Job aid: Setup ut[...]

  • Page 83

    Configuring the switch with the setup utility 83 Table 13 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action Primary CPU mgmt port: autonegotiation [n] (y/n)? Description: Specifies if you want the primary CPU to use autonegotiation. Action: Enter n to accept the default, or enter y to indicate that you want the pr[...]

  • Page 84

    84 Initial steps using the NNCLI Table 13 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action Do you want to enable enhanced operation mode support [n] (y/n)? Description: Specifies if you want to enable enhanced operation mode. Enhanced operation mode increases the maximum number of VLANs when you use MultiLink Tru[...]

  • Page 85

    Configuring the switch with the setup utility 85 Table 13 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action Do you want to enable FTP [n] (y/n)? Description: Specifies if you want users to access the switch by File transfer Protocol (FTP). Action: Enter y to enable FTP for remote users. Accept the default ( n ) to[...]

  • Page 86

    86 Initial steps using the NNCLI Table 13 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action IP Address for mgmt-virtual-ip [0.0.0.0/0.0.0.0]: Description: Indicates the IP address for the virtual management port. Action: Type the IP address of the virtual management port. Accept the default (0.0.0.0/0.0.0.0) to no[...]

  • Page 87

    Configuring system identification 87 Table 13 Job aid: Setup utility prompt descriptions (cont’d.) Prompt Description and action IP address of the default VLAN [0.0.0.0/0.0.0.0]: Description: Specifies the IP address of the default Virtual Local Area Network (VLAN). Action: Type the IP address of the default VLAN. Do you want to save the changes [...]

  • Page 88

    88 Initial steps using the NNCLI Variable Value authentication-trap Enables or disables generation of authentication traps. bootstrap Sets SNMP initial user entry. community Sets community table. contact <word> Identifies the contact person who manages the node. To include blank spaces in the contact, use quotation marks (") around the t[...]

  • Page 89

    Configuring the time zone 89 Example of configuring system identification Procedure steps Step Action 1 Change the system name by using the following command: ERS-8610:5(config)# sys name ERS-8610 2 Configure the system contact by using the following command: ERS-8610:5(config)# snmp-server contact joe.smith@somecompany.com 3 Configure the system l[...]

  • Page 90

    90 Initial steps using the NNCLI Variable Value dst-end <Mm.n.d/hhmm|MMddh hmm> Configures the ending date of DST. You can specify the time in one of two ways: • Mm.n.d/hhmm specifies an hour on the nth occurrence of a weekday in a month. For example, M10.5.0/0200 means the fifth occurrence of Sunday in the tenth month (October) at 2:00 a.m[...]

  • Page 91

    Specifying the primary SF/CPU 91 Variable Value name <tz> Configures an abbreviated name for the local time zone name. tz is the name. For example, PST is Pacific Standard Time. To configure this option to the default value, use the default operator with the command. offset-from-utc <minutes> Configures the time zone offset in minutes t[...]

  • Page 92

    92 Initial steps using the NNCLI Procedure steps Step Action 1 View the current setting for the primary SF/CPU by using the following command: show boot config master 2 Specify the slot of the primary SF/CPU by using the following command: boot config master <cpu-slot> 3 Save the configuration to the boot.cfg and pcmboot.cfg files. 4 Reboot t[...]

  • Page 93

    Changing passwords 93 2 Configure password options by using the following command: password [access-level <word>] [aging-time day <1-365>] [default-lockout-time <60-65000>] [lockout <word> time <time>] [min-passwd-len <10-20>] [password-history <3-32>] --End-- Variable definitions Use the data in the follow[...]

  • Page 94

    94 Initial steps using the NNCLI Variable Value default-lockout-time <60-65000> Changes the default lockout time after three invalid attempts. Configures the lockout time, in seconds, and is in the 60–65000 range. The default is 60 seconds. To configure this option to the default value, use the default operator with the command. lockout <[...]

  • Page 95

    95 . Remote connection configuration using De vice Manager This section contains the minimum information required to configure a management interface for the purposes of setting up a remote connection. Remote connection configuration procedures The following task flow shows the sequence of procedures you perform to permit remote connections to th[...]

  • Page 96

    96 Remote connection configuration using Device Manager Figure 10 Remote connection configuration procedures Remote connection configuration navigation • “Assigning an IP address to the management port” (page 97) • “Assigning static routes to the management interface” (page 97) • “Configuring SNMP settings for Device Manager access?[...]

  • Page 97

    Assigning static routes to the management interface 97 Assigning an IP address to the management port Assign an IP address to the management port to use it for out-of-band (OOB) management. The standby IP must be in the same subnet as the master IP. Create a virtual management port in addition to the physical management ports on the switch manageme[...]

  • Page 98

    98 Remote connection configuration using Device Manager The Static Routes tab appears. 3 Click Insert . The Insert Static Routes dialog box appears. 4 Select the owner virtual router and forwarder (VRF). 5 In the Dest box, type the IP address. 6 In the Mask box, type the mask. 7 In the NextHop box, type the IP address of the router through which yo[...]

  • Page 99

    Configuring SNMP settings for Device Manager access 99 Variable Value NextHop Configures the IP address of the next hop of this route. In the case of a route bound to an interface realized through a broadcast media, the value of this box is the agent IP address on that interface. NextHopVrfId Indicates the next hop VRF ID in interVRF static-route c[...]

  • Page 100

    100 Remote connection configuration using Device Manager 4 Select the properties you want to change and configure their values. 5 Click OK . --End-- Variable definitions Use the data in the following table to configure the Properties dialog box. Variable Value Status Interval Interval you use to gather statistics and status information (default is [...]

  • Page 101

    Enabling the Web management interface 101 Variable Value Trap Port The number of the port where the switch captures trap messages. The default is 162. Listen for Syslogs If you select this variable, Device Manager monitors for syslogs. Confirm row deletion If you select this variable, Device Manager sends a message after you delete a system table r[...]

  • Page 102

    102 Remote connection configuration using Device Manager Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 103

    103 . Remote connection configuration using the CLI This section contains the minimum information required to configure a management interface to set up a remote connection. Remote connection configuration procedures The following task flow shows the sequence of procedures you perform to permit remote connections to the Nortel Ethernet Routing Sw[...]

  • Page 104

    104 Remote connection configuration using the CLI Figure 11 Remote connection configuration procedures Remote connection configuration navigation • “Job aid: Roadmap of remote connection CLI commands” (page 105) • “Assigning an IP address to the management port” (page 106) Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01[...]

  • Page 105

    Job aid: Roadmap of remote connection CLI commands 105 • “Assigning static routes to the management interface” (page 107) • “Enabling remote access services” (page 108) • “Enabling the Web management interface” (page 109) • “Configuring the remote host logon” (page 110) Job aid: Roadmap of remote connection CLI commands The [...]

  • Page 106

    106 Remote connection configuration using the CLI Table 14 Job aid: Roadmap of remote connection CLI commands (cont’d.) Command Parameter enable config web-server password <ro> <username> <password> ftpd <true|false> rlogind <true|false> sshd <true|false> telnetd <true|false> flags tftpd <true|false>[...]

  • Page 107

    Assigning static routes to the management interface 107 Variable Value cpu-slot <value> Specifies the Switch Fabric/Central Processor Unit (SF/CPU) module ( 8691SF/CPU or 8692SF/CPU), slot 5 or slot 6. If you do not specify a slot number for the IP address, the switch assigns the slot number to the currently active management module. ipaddr/m[...]

  • Page 108

    108 Remote connection configuration using the CLI Example of assigning a static route to the management interface Procedure steps Action If you locate a management station on the network of 11.0.0.0/255.0.0.0, and the next hop to that network from the management interface is 10.127.231.1, enter the following command to configure the management port[...]

  • Page 109

    Enabling the Web management interface 109 4 Enable or disable the access service by using the following command: flags <access-service> <true|false> 5 Save the boot configuration. --End-- Variable definitions Use the data in the following table to use the flags command. Variable Value access-service Specifies the type of remote access s[...]

  • Page 110

    110 Remote connection configuration using the CLI Variable Value enable Enables the Ethernet Routing Switch Web interface. password <ro> <username> <password> Configures passwords for access to the Web interface. username is the user logon name (up to 20 characters). password is the password associated with the logon name (up to 2[...]

  • Page 111

    Configuring the remote host logon 111 Variable Value password <value> Configures the password to enable FTP transfers. value is the password, up to 16 characters long. After you configure this password, only FTP is used for remote host logon. ATTENTION This password must match the password for the FTP server, or the FTP operation fails. Also,[...]

  • Page 112

    112 Remote connection configuration using the CLI Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 113

    113 . Remote connection configuration using the NNCLI This section contains the minimum information to configure a management interface to set up a remote connection. Remote connection configuration procedures The following task flow shows the sequence of procedures you perform to permit remote connections to the Nortel Ethernet Routing Switch 86[...]

  • Page 114

    114 Remote connection configuration using the NNCLI Figure 12 Remote connection configuration procedures Remote connection configuration navigation • “Job aid: Roadmap of remote connection NNCLI commands” (page 115) • “Assigning an IP address to the management port” (page 116) Nortel Ethernet Routing Switch 8600 Commissioning NN46205-31[...]

  • Page 115

    Job aid: Roadmap of remote connection NNCLI commands 115 • “Assigning static routes to the management interface” (page 117) • “Enabling remote access services” (page 118) • “Enabling the Web management interface ” (page 119) • “Configuring the remote host logon” (page 120) Job aid: Roadmap of remote connection NNCLI commands[...]

  • Page 116

    116 Remote connection configuration using the NNCLI Table 15 Job aid: Roadmap of remote connection NNCLI commands (cont’d.) Command Parameter enable password <rwa/rw/ro> <username> <passwd> enable help-tftp <WORD 0-256> http-port <1-49151> web-server http-port <1-49151> Assigning an IP address to the management[...]

  • Page 117

    Assigning static routes to the management interface 117 Variable definitions Use the data in the following table to use the boot config net mgmt ip and sys mgmt-virtual-ip commands. Variable Value cpu-slot <value> Specifies the Switch Fabric/Central Processor Unit (SF/CPU) module (8691SF/CPU or 8692SF/CPU), slot 5 or slot 6. If you do not spe[...]

  • Page 118

    118 Remote connection configuration using the NNCLI Variable definitions Use the data in the following table to use the boot config net mgmt route command. Variable Value gateway Configures the IP address of the default gateway. netaddr/mask Configures the IP address and mask of the destination network in the formats a.b.c.d/x | a.b.c.d/x.x.x.x | d[...]

  • Page 119

    Enabling the Web management interface 119 Procedure steps Step Action 1 Enable the access service by using the following command: boot config flags <access-service> See the following variable definitions table for more information. 2 Save the boot configuration. --End-- Variable definitions Use the data in the following table to use the boot [...]

  • Page 120

    120 Remote connection configuration using the NNCLI web-server enable 2 Configure the access password by using the following command: web-server password <ro> <username> <passwd> --End-- Variable definitions Use the data in the following table to use the web-server command. Variable Value def-display-rows Sets web server default d[...]

  • Page 121

    Configuring the remote host logon 121 3 Reboot the switch. --End-- Variable definitions Use the data in the following table to use the boot config host command. Variable Value ftp-debug Enables or disables debug mode on FTP. If you enable debug mode, debug messages appear on the management console screen. The default is disabled. Use the no operato[...]

  • Page 122

    122 Remote connection configuration using the NNCLI Variable Value tftp-timeout <seconds> Configures the TFTP timeout. The default value is 6 seconds. seconds is the number of seconds (1–120). To configure this option to the default value, use the default operator with the command. user <value> Configures the remote user logon. value [...]

  • Page 123

    123 . Commissioning verification This section contains information about how to verify your commissioning procedures result in a functional switch. Commissioning verification navigation • “Pinging an IP device” (page 123) • “Using Telnet to log on to the device” (page 124) • “Accessing the switch through the Web interface” (page[...]

  • Page 124

    124 Commissioning verification Variable Value -d Configures ping debug mode (for IPv4). datasize value Specifies the size of ping data sent in bytes (for IPv4) (16–4076). HostName/ipv4address/ipv6addre ss Specifies the host name or IPv4 (a.b.c.d) or IPv6 (x:x:x:x:x:x:x:x) address (string length 1–256). -I Specifies the interval between transmis[...]

  • Page 125

    Accessing the switch through the Web interface 125 Step Action 1 Start your Web browser. 2 Type the switch IP address as the URL in the Web address field. The Web logon page appears. 3 In the User Name and Password boxes, type ro . 4 Click Log On . The System page appears. This page provides general information about the switch and its configuratio[...]

  • Page 126

    126 Commissioning verification Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 127

    127 . Common pr ocedures using De vice Manager The following section describes common procedures you use while commissioning the Nortel Ethernet Routing Switch 8600. Common procedure na vigation • “Saving the configuration” (page 127) Saving the configuration After you change the boot configuration, you must save the changes to both the mast[...]

  • Page 128

    128 Common procedures using Device Manager Nortel Ethernet Routing Switch 8600 Commissioning NN46205-319 01.01 Standard 30 May 2008 Copyright © 2008 Nortel Networks .[...]

  • Page 129

    129 . Common pr ocedures using the CLI The following section describes common procedures you use while commissioning the Nortel Ethernet Routing Switch 8600. Common procedure na vigation • “Saving the configuration” (page 129) Saving the configuration After you change the boot configuration, you must save the changes to both the master and t[...]

  • Page 130

    130 Common procedures using the CLI Variable Value file <value> Specifies the file name in one of the following formats for value : • [a.b.c.d]: <file> • peer/<file> • /pcmcia/ <file> • /flash/ <file> file is a string of 1–99 characters. mode <cli|nncli> Saves the configuration as CLI or NNCLI. savetype[...]

  • Page 131

    131 . Common pr ocedures using the NNCLI The following section describes common procedures you use while commissioning the Nortel Ethernet Routing Switch 8600. Common procedure na vigation • “Saving the configuration” (page 131) Saving the configuration After you change the boot configuration, you must save the changes to both the master and[...]

  • Page 132

    132 Common procedures using the NNCLI Variable Value backup <word> Saves the specified file name and identifies the file as a backup file. word uses one of the following formats: • [a.b.c.d]:<file> • peer/<file> • /pcmcia/ <file> • /flash/ <file> file is a string of 1–99 characters. file <word> Specifie[...]

  • Page 133

    133 . Index B baud option 48, 75 baud rate, configuring 48, 75 boot configuration saving 37 C cable , serial 46, 74 CLI commands setdate 63 commands setdate 63 configuring the time 37 connection, testing 123 connector , modem 16 Console por t connecting 45, 73 RS-232 por t 16 console, reset 37 counters, reset 37 D da ylight saving time, configu[...]

  • Page 134

    134 offset-from-utc option 44, 63, 72, 91 P pass word commands 38, 64, 92 pass words def ault 19 peer-ip option 49, 76 pin assignments, Modem por t 16 point-to-point link 48, 76 pppfile option 49, 76 primar y command 64, 91 Primar y SF/CPU and primar y command 91 prompt root-le vel 88 protocol settings, terminal 46, 74 R remote host logon, defini[...]

  • Page 135

    [...]

  • Page 136

    Nortel Ethernet Routing Switch 8600 Commissioning Copyright © 2008 Nortel Networks All Rights Reserved. Printed in Canada and the United States of America Release: 5.0 Publication: NN46205-319 Document status: Standard Document revision: 01.01 Document release date: 30 May 2008 To provide feedback or to report a problem in this document, go to www[...]