Alcatel 6600 manual

Part No. 031729-00, Rev. A June 2005 *03172900* *A* OmniSwitch 6600 Family OmniSwitch 7700/7800 OmniSwitch 8800 User Guide Supplement Release 5.1.6.R02 www.alcatel.com[...]

ii Release 5.1.6.R02 User Guide Sup plement June 2005 This user guide docu ments OmniSwitch 6600 Fami ly, OmniSwitch 770 0/7800 , and OmniSwitch 8800 hardware and software. The information described in this guide are subject to change without notice. Copyright © 2005 by Alcatel Int ernetworking, Inc. All ri ghts reserved. This document may no t be[...]

Release 5.1.6.R02 User Guide Supplement June 2005 iii Contents Chapter 1 User Documentation Addendum ............. ................ ................... ................ ........... 1-1 OmniSwitch CLI Referenc e Guide ................... ................ ............... .................... ........... 1-1 Chapter 40, “High Availab ility VLAN Comm[...]

Contents iv Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 prefix ....................... ............... ................ ................... ................ ................ ..... 2-14 ipv6 route ............................. ............... .................... ............... ................ ................. 2-16 ping6 .............[...]

Contents Release 5.1.6.R02 User Guide Supplement June 2005 v High Availability Firewall Clusters ... ................ ............... .................... ................ ... 3-6 Traditional Firewall Implementation .......................... ................ .................... ... 3-7 Configuring High Availability VLANs on a Switch . ...........[...]

Contents vi Release 5.1.6.R02 User Guide Sup plement June 2005[...]

Release 5.1.6.R02 User Guide Supplement June 2005 page 1-1 1 User Documentation Addendum This chapter inclu des informatio n that should be added to or changed in the 5 .1.6 release of the set of use r guides for the OmniSwi tch 6600 Family, Omni Switch 7700/7 800, and OmniSwi tch 8800. OmniSwitch CLI Reference Guide The following mo difications sh[...]

User Documentation Addendum page 1-2 Release 5.1.6.R02 User Guid e Supplement June 2005 On page 40-5 the MIB Objects section for the vlan port-mac egress-port command should be replaced with the fol lowing: vlanHAPortTable vlanHAPortVlanId vlanHAPortType vlanHAPortIfIndex mac-address-table port-mac vlan mac On page 40-6 the following bullet should [...]

User Documentation Addend um vlan port-mac bandwidth Release 5.1.6.R02 User Guide Supplement June 2005 page 1-3 vlan port -mac bandwidth Configures the bandwi dth for the ingress floo d queue associated with hi gh availability (HA) VLANs. vlan vid port-mac ban dwidth mbps Syntax Definitions vid An existing HA VLAN ID number (1–409 4). mbps Bandwi[...]

vlan port-mac bandwidth User Documentation Addendum page 1-4 Release 5.1.6.R02 User Guid e Supplement June 2005 On page 40-9 and 40 -10 the Examples section for the show mac-addre ss-table port-mac command should be repl aced with th e following: -> show mac-address-table port-mac Port mac configuration for vlan 10 Bandwidth : 15 MB/sec Ingress [...]

User Documentation Addend um vlan port-mac bandwidth Release 5.1.6.R02 User Guide Supplement June 2005 page 1-5 vlanHAPortTable vlanHAPortVlanId vlanHAPortType vlanHAPortIfIndex slMacToPortMacTable vlanHAPortVlanId slMacToPortMacAddress vlanTable vlanNumber Chapter 42, “802.1X Commands” On page 42-11 re place the Exampl es section for the show [...]

802.1x guest-vlan User Documentation Addendum page 1-6 Release 5.1.6.R02 User Guid e Supplement June 2005 802.1x guest -vlan Configures a guest VLAN for an 802. 1x port. When non-802.1x t raffic is recei ved on the specifi ed port, it is assigned to the guest V LAN. 802.1x slot/port guest-vlan { vid | disable} Syntax Definitions slot The slot numbe[...]

User Documentation Addendum 802.1x guest-vlan Release 5.1.6.R02 User Guide Supplement June 2005 page 1-7 Related Commands MIB Objects alaDot1xGuestVlanConfTable alaDot1xGuestVlanNumber 802.1x Configures 802.1X p arameters on a parti cular slot/port. 802.1x supp-polling retry Configures the number of ti mes a device is polled for EAP frames. show 80[...]

802.1x supp-polling retry User Documentation Addendum page 1-8 Release 5.1.6.R02 User Guid e Supplement June 2005 802.1x supp -polling retry Configures the number of times to poll a device for EAP frames t o determine whether or not the dev ice is an 802.1x client. 802.1x slot/port supp-polling retry retries Syntax Definitions slot The slot number [...]

User Documentation Addendum 802.1x supp-polling retry Release 5.1.6.R02 User Guide Supplement June 2005 page 1-9 Related Commands MIB Objects alaDot1xGuestVlanConfTable alaDot1xSuppPollingCnt 802.1x guest-vl an Configures a guest VLAN to carry non-802.1x traffic that is received on an 802.1x port. show 802.1x Displays informatio n about ports confi[...]

show 802.1x non-supp User Documentation Addendum page 1-10 Release 5.1.6.R02 User Guide Sup plement June 2005 show 802.1x non- supp Displays a list of all non-802. 1x supplicant s learned on all 802.1x po rts. show 802.1x non-supp [ slot /port ] Syntax Definitions slot The slot of the port for which you want to display info rmation. port The port f[...]

User Documentation Addendum show 802.1x non-supp Release 5.1.6.R02 User Guide Supplement June 2005 page 1-11 Release History Release 5.1.6; command was introduced. Related Commands MIB Objects alaDot1xPortTable alaDot1xNonSupplicantSlotNum alaDot1xNonSupplicantPortNum alaDot1xNonSupplicantMACAddress alaDot1xNonSupplicantVlanID Chapter 22, “IP Com[...]

show 802.1x non-supp User Documentation Addendum page 1-12 Release 5.1.6.R02 User Guide Sup plement June 2005 Note the fo llowing wh en configuring the Loopbac k0 interface: • The interface name, “Loopb ack0”, is case sensiti ve. • The admin parameter is the only configurabl e parameter supported with this type of inte rface. • The Loopba[...]

User Documentation Addendum show 802.1x non-supp Release 5.1.6.R02 User Guide Supplement June 2005 page 1-13 Note . Verify the 8 02.1X port configurat ion using the show 802.1x command: -> show 802.1x 1/13 802.1x configuration for slot 1 po rt 13: direction = both, operational directions = both, port-control = auto, quiet-period (seconds) = 60, [...]

show 802.1x non-supp User Documentation Addendum page 1-14 Release 5.1.6.R02 User Guide Sup plement June 2005 Guest VLANs for No n-802.1x Supplicants For those supplicants that are not 80 2.1x devices— do not send/receive EA P frames—an opti onal guest VLAN feature is ava ilable to allow traffic from these devices on an 802.1x port. If the user[...]

User Documentation Addendum show 802.1x non-supp Release 5.1.6.R02 User Guide Supplement June 2005 page 1-15 • Only one guest VLAN is allow ed per 802.1x port. • The VLAN ID specified must al ready exist in the switch conf i guration. Use the vlan command to create a VLAN before conf iguring it as an 802.1x guest VLAN. • If a guest VLAN is al[...]

show 802.1x non-supp User Documentation Addendum page 1-16 Release 5.1.6.R02 User Guide Sup plement June 2005 The following example command co nfigures a BGP peerin g session using a Loopback0 IP int erface address: -> ip bgp neighbor 2.2.2.2 update- source Loopback0 See the OmniSwitch 7700 /7800/8800 Net work Configur ation Guide for more infor[...]

User Documentation Addendum show 802.1x non-supp Release 5.1.6.R02 User Guide Supplement June 2005 page 1-17 ->show 802.1x users Slot MAC Port User Port Address State Name -----+------------------+--------- -----------+--------------------- ---- 3/1 00:60:4f:11:22:33 Connecting user50 3/1 00:60:4f:44:55:66 Held user51 3/1 00:60:4f:77:88:99 Authe[...]

show 802.1x non-supp User Documentation Addendum page 1-18 Release 5.1.6.R02 User Guide Sup plement June 2005 • Once a non-802.1x sup plicant is learned on a guest VLA N, it is no longer el igible for Group Mo bility classification a n d assignment. • If a non-802.1x supplicant d evice becomes 80 2.1x capable when it is a memb er of a guest VLA[...]

User Documentation Addendum show 802.1x non-supp Release 5.1.6.R02 User Guide Supplement June 2005 page 1-19 802.1x port, the device is blocked from accessing that port and no other attempts are made to solicit EAP frames from the device. Note that the polling interval is set to 0.5 seconds between e ach retry and is no t a configura ble at this ti[...]

show 802.1x non-supp User Documentation Addendum page 1-20 Release 5.1.6.R02 User Guide Sup plement June 2005[...]

Release 5.1.6.R02 User Guide Supplement June 2005 page 2-1 2 IPv6 Commands This chapter det ails Internet Protoco l Version 6 (IPv6) commands for th e switch (inclu ding RIPng commands). IPv6 (documented in RFC 2460) is designed as a successor to IPv 4. The chan ges from IPv4 to IPv6 fall primarily into the follo wing categories: Expanded Routing a[...]

IPv6 Commands page 2-2 Release 5.1.6.R02 User Guid e Supplement June 2005 A summary of th e IPv6 commands i s listed here: IPv6 ipv6 interface ipv6 address ipv6 hop-limit ipv6 interfa ce tunnel source destination ipv6 hop-limit ipv6 pmtu-lifetime ipv6 host ipv6 neighbor ipv6 prefix ipv6 route ping6 traceroute6 debug ipv6 packet debug ipv6 trace-cat[...]

IPv6 Commands ipv6 interface Release 5.1.6.R02 User Guide Supplement June 2005 page 2-3 ipv6 interface Configures an IPv6 interface on a VLAN or IPv6 tu nnel. ipv6 interface if_n ame [vlan vid | tunnel { tid | 6to4}] [enable | disable] [mtu size ] [ra-send {yes | no}] [ra-max-interv al interval ] [ra-managed-config-flag {true | false}] [ra-other-co[...]

ipv6 interface IPv6 Commands page 2-4 Release 5.1.6.R02 User Guid e Supplement June 2005 ra-default-lifetime time Value, in seconds, t o be placed in the router lifetime field in router advertisements sent on t his interface. The time must be zero or between the value o f “ra-max- interval ” and 9,000 se conds. A valu e of zero in di- cates tha[...]

IPv6 Commands ipv6 interface Release 5.1.6.R02 User Guide Supplement June 2005 page 2-5 Example -> ipv6 interface Test vlan 1 -> ipv6 interface Test_Tunnel tunnel 2 -> ipv6 interface Test_6to4 tunnel 6 to4 Release History Release 5.1.6; command was introduced. Related Commands MIB Objects IPv6IfIndex alaIPv6InterfaceTable alaIPv6InterfaceN[...]

ipv6 address IPv6 Commands page 2-6 Release 5.1.6.R02 User Guid e Supplement June 2005 ipv6 address Configures an IPv6 address for an IPV6 interface on a VLAN, confi gured tunnel, or a 6to4 tunnel. There are different fo rmats for this command depend ing on the add ress type. ipv6 add ress ipv6_address /prefix_length [anycast] { if_name | loopback [...]

IPv6 Commands ipv6 address Release 5.1.6.R02 User Guide Supplement June 2005 page 2-7 Example -> ipv6 address 4132:86::19A/64 Test _Lab -> ipv6 address 2002:d423:2323::35/6 4 Test_6to4 Release History Release 5.1.6; command was introduced. Related Commands MIB Objects IPv6IfIndex alaIPv6InterfaceAddressTable alaIPv6InterfaceAddress alaIPv6Int[...]

ipv6 interface tunnel source destination IPv6 Commands page 2-8 Release 5.1.6.R02 User Guid e Supplement June 2005 ipv6 interface tunnel source destination Configures the source and destination IPv4 addresses for a configured tunnel. ipv6 interface if_nam e tunnel {[source ipv4_source ] [destination ipv4_destina tion ]} Syntax Definitions if_name N[...]

IPv6 Commands ipv6 dad-check Release 5.1.6.R02 User Guide Supplement June 2005 page 2-9 ipv6 dad-check Runs a Duplicate Address Detectio n (DAD) check on an address that w as marked as dupli cated. ipv6 dad- check ipv6_address if_n ame Syntax Definitions ipv6_address IPv6 ad dress. ip_name Name assigned to the interface. Defaults N/A. Platforms Sup[...]

ipv6 hop-limit IPv6 Commands page 2-10 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 hop -limit Configures the value placed in t he hop limit field in th e header of all IPv6 packet s that are originated by the switch. It also conf igures the value placed in th e hop limit fiel d in router adve rt isements. ipv6 hop- limit value no ipv6 h[...]

IPv6 Commands ipv6 pmtu-lifetime Release 5.1.6.R02 User Guide Supplement June 2005 page 2-11 ipv6 pmtu-lifetime Configures the c onfigure the mini mum lifetime for e ntries in the pat h MTU Table. ipv6 pmtu -lifetime time Syntax Definitions time Minimum path MTU en try lifetime, in minutes. Valid rang e is 10 - 1440. Defaults Platforms Support ed O[...]

ipv6 host IPv6 Commands page 2-12 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 host Configures a static host n ame to IPv6 address mapping to t he local host table. ipv6 host name ipv6_a ddress no ipv6 host name ipv6 _address Syntax Definitions name Host name associated with the IPv6 address (1 - 255 characters). ipv6_address IPv6 ad dre[...]

IPv6 Commands ipv6 neighbor Release 5.1.6.R02 User Guide Supplement June 2005 page 2-13 ipv6 neighbor Configures a static ent ry in the IPv6 Neighbor Table. ipv6 neighbor ipv6_address ha rdware_address { if_name } slot /port no ipv6 neighbor ipv6_address { if_name } Syntax Definitions ipv6_address IPv6 ad dress that correspo nds to the hardwa re ad[...]

ipv6 prefi x IPv6 Commands page 2-14 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 prefix Configures an IPv6 prefix on an interface. Us ed for configuring prefix es fo r router adve rtisements. ipv6 pre fix ipv6_a ddress /prefix_length if_name [valid-lifetime time ] [preferred-lifetime time ] [on-link-flag {true | false} [autonomous-flag [...]

IPv6 Commands ipv6 prefix Release 5.1.6.R02 User Guide Supplement June 2005 page 2-15 Release History Release 5.1.6; command was introduced. Related Commands MIB Objects IPv6IfIndex alaIPv6InterfacePrefixTable alaIP6vInterfacePrefix alaIP6vInterfacePrefixLength alaIP6vInterfacePrefixValidLifetim e alaIP6vInterfacePrefixPreferredLif etime alaIP6vInt[...]

ipv6 route IPv6 Commands page 2-16 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 route Configures a static ent ry in the IPv6 route. ipv6 route ipv6_prefix/prefix _length ipv6 _address [ if_ name ] no ipv6 route ipv6_prefix/prefix_length ipv6_address [ if_name ] Syntax Definitions ipv6_prefix IPv6 network that is the destina tion of this [...]

IPv6 Commands ping6 Release 5.1.6.R02 User Guide Supplement June 2005 page 2-17 ping6 Used to test whether an IPv6 destinati on can be re ach ed from the loca l switch . This command sends an ICMPv6 echo request to a destination and then wait s for a reply. To ping a destina tion, enter the ping6 command and enter e ither the dest ination’s IPv6 [...]

ping6 IPv6 Commands page 2-18 Release 5.1.6.R02 User Guide Sup plement June 2005 Example -> ping6 fe80::2d0:95ff:fe6a:f458/64 Release History Release 5.1.6; command was int roduced. Related Commands traceroute6 Used to find the path taken by an IPv6 packet from the loc al switch to a specified d estination.[...]

IPv6 Commands traceroute6 Release 5.1.6.R02 User Guide Supplement June 2005 page 2-19 traceroute6 Used to find the path ta ken by an IPv6 packet from the local switch to a sp ecified destination. Thi s command displays the in dividual hops to the destin ation as well as some timing informati on. traceroute6 { ipv6_address | hostname } [ if_n ame ] [...]

traceroute6 IPv6 Commands page 2-20 Release 5.1.6.R02 User Guide Sup plement June 2005 Related Commands ping6 Used to test whether an IPv6 de stination can be reached from the local switch.[...]

IPv6 Commands debug ipv6 packet Release 5.1.6.R02 User Guide Supplement June 2005 page 2-21 debug ipv6 pack et Configures the di splay of IPv6 debug messages. debug ipv6 packet [defaults] [v6header {concise | verbose}] [extheader {none | payload | concise | verbose}] [etherheader {yes | no}] [raw bytes ] [board {all | cmm | ni [ slot_n umber ] | no[...]

debug ipv6 packet IPv6 Commands page 2-22 Release 5.1.6.R02 User Guide Sup plement June 2005 direction Allows filtering of packets based on the direction of flo w: all - debug both incoming and ou tgoing packets in - debug incoming IPv6 packets out - debug outgoing packets from-cmm - debug packets received from the CMM. from-ipv4 - debug packe ts r[...]

IPv6 Commands debug ipv6 packet Release 5.1.6.R02 User Guide Supplement June 2005 page 2-23 Related Commands MIB Objects N/A. debug ipv6 trace-category Enables/disables spe cific IPv6 EDR trace categories.[...]

debug ipv6 trace-category IPv6 Commands page 2-24 Release 5.1.6.R02 User Guide Sup plement June 2005 debug ipv6 trace - category Enables/disables specific IPv6 EDR tr a ce categories. If a category is en abled (e. g ., vlan, tunnel), switch log messages generate d for that category are writte n to the switch log. debug ipv6 trace-category [all | de[...]

IPv6 Commands debug ipv6 trace-category Release 5.1.6.R02 User Guide Supplement June 2005 page 2-25 Usage Guidelines • Use the no form of the command to disable debug messages for a category. • The general and monitor cat egories are the on ly ones enabled by default. • Options are addi tive across multiple command lines until re set with the[...]

show ipv6 hosts IPv6 Commands page 2-26 Release 5.1.6.R02 User Guide Sup plement June 2005 show ipv6 hosts Displays IPv6 Local Hosts Table. show ipv6 hosts [ substring ] Syntax Definitions substring Limits the di splay to host names starting wi th the specifi ed substring. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 [...]

IPv6 Commands show ipv6 icmp statistics Release 5.1.6.R02 User Guide Supplement June 2005 page 2-27 show ipv6 icmp statistics Displays IPv6 I CMP statistics. show ipv6 i cmp stat istics [ if_name ] Syntax Definitions if_name Display statistics only for this interface. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage[...]

show ipv6 icmp statistics IPv6 Commands page 2-28 Release 5.1.6.R02 User Guide Sup plement June 2005 Release History Release 5.1.6; command was int roduced. Related Commands output definitions To t a l Total number of ICMPv6 messa ges the switch received or attempt ed to send. Erro rs N umber of ICMPv6 messages the swi tch sent or received but was [...]

IPv6 Commands show ipv6 icmp statistics Release 5.1.6.R02 User Guide Supplement June 2005 page 2-29 MIB Objects ipv6IfIcmpTable ipv6IfIcmpInMsgs ipv6IfIcmpInErrors ipv6IfIcmpInDestUnreachs ipv6IfIcmpInAdminProhibs ipv6IfIcmpInTimeExcds ipv6IfIcmpInParmProblems ipv6IfIcmpInPktTooBigs ipv6IfIcmpInEchos ipv6IfIcmpInEchoReplies ipv6IfIcmpInRouterSolici[...]

show ipv6 interface IPv6 Commands page 2-30 Release 5.1.6.R02 User Guide Sup plement June 2005 show ipv6 interface Displays IPv6 Interface Table. show ipv6 interfac e [ if_name | loopback ] Syntax Definitions if_name Interfa ce name. Limits the display to a specific interface. loopback Limits display to loopback interfaces. Defaults N/A. Platforms [...]

IPv6 Commands show ipv6 interface Release 5.1.6.R02 User Guide Supplement June 2005 page 2-31 -> show ipv6 interface v6if-6to4-137 v6if-6to4-137 IPv6 interface index = 1677 7216(0x01000000) Administrative status = Enab led Operational status = Acti ve Link-local address(es): Global unicast address(es): 2002:d423:2323::35/64 Anycast address(es): [...]

show ipv6 interface IPv6 Commands page 2-32 Release 5.1.6.R02 User Guide Sup plement June 2005 -> show ipv6 interface v6if-tunnel-1 37 v6if-tunnel-137 IPv6 interface index = 1677 7216(0x01000000) Administrative status = Disa bled Operational status = Inac tive Link-local address(es): fe80::2d0:95ff:fe12:f470/64 Global unicast address(es): 137:35[...]

IPv6 Commands show ipv6 interface Release 5.1.6.R02 User Guide Supplement June 2005 page 2-33 Release History Release 5.1.6; command was introduced. Related Commands MIB Objects ipv6InterfaceTable ipv6AdminStatus ipv6PhysicalAddress ipv6InterfaceAddress ipv6Address ipv6AddressPrefix ipv6IfEffectiveMtu ipv6IfStatsInReceives ipv6IfStatsOutRequests ip[...]

show ipv6 interface IPv6 Commands page 2-34 Release 5.1.6.R02 User Guide Sup plement June 2005 alaIPv6InterfaceTable alaIPv6InterfaceName alaIPv6InterfaceAddress alaIPv6InterfaceAdminStatus alaIPv6InterfaceRowStatus alaIPv6InterfaceDescription alaIPv6InterfaceMtu alaIPv6InterfaceType alaIPv6InterfaceAdminStatus alaIPv6InterfaceSendRouterAdvertis em[...]

IPv6 Commands show ipv6 pmtu table Release 5.1.6.R02 User Guide Supplement June 2005 page 2-35 show ipv6 pmtu table Displays the IPv6 Path MTU Tab le. show ipv6 pmtu table Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines N/A. Example -> show ipv6 pmtu table 1-PMTU Entry Destinat[...]

show ipv6 pmtu table IPv6 Commands page 2-36 Release 5.1.6.R02 User Guide Sup plement June 2005 Related Commands MIB Objects alaIPv6ConfigTable alaIPv6PMTUDest alaIPv6PMTUexpire ipv6 pmtu-l ifetime Configures the configu r e the minimum life time for entries in the path MTU Table. clear ipv6 pmtu table Removes all entries fro m the IPv6 path MTU Ta[...]

IPv6 Commands clear ipv6 pmtu table Release 5.1.6.R02 User Guide Supplement June 2005 page 2-37 clear ipv6 pmtu table Removes all en tries from the IP v6 path MTU Tabl e. clear ipv6 pmtu table Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines N/A. Example -> clear ipv6 pmtu table[...]

show ipv6 neighbors IPv6 Commands page 2-38 Release 5.1.6.R02 User Guide Sup plement June 2005 show ipv6 neighbors Displays IPv6 Ne ighbor Table. show ipv6 ne ighbors [ ipv6_prefix/pre fix_length | i f_name | hw hardware_address | static] Syntax Definitions ipv6_prefix/prefix_length IPv6 prefix. R estricts the display to those neighbors starti ng w[...]

IPv6 Commands show ipv6 neighbors Release 5.1.6.R02 User Guide Supplement June 2005 page 2-39 Release History Release 5.1.6; command was introduced. Related Commands MIB Objects ipv6IfIndex alaIPv6NeighborTable alaIPv6NeighborNetAddress alaIPv6NeighborPhysAddress alaIPv6NeighborSlot alaIPv6NeighborPort alaIPv6NeighborType alaIPv6NeighborState ipv6 [...]

clear ipv6 neighbors IPv6 Commands page 2-40 Release 5.1.6.R02 User Guide Sup plement June 2005 clear ipv6 neighbors Removes all ent ries, except static entries, from the IPv6 Neigh bor Table. clear ipv6 neighbors Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines This commands on ly[...]

IPv6 Commands show ipv6 prefixes Release 5.1.6.R02 User Guide Supplement June 2005 page 2-41 show ipv6 prefix es Displays IPv6 prefixes used in ro uter advertisements. show ipv6 prefixes Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines N/A. Example -> show ipv6 prefixes Legend: [...]

show ipv6 prefixes IPv6 Commands page 2-42 Release 5.1.6.R02 User Guide Sup plement June 2005 Release History Release 5.1.6; command was int roduced. Related Commands MIB Objects IPv6AddrPrefixTable IPv6AddressPrefixEntry IPv6AddressPrefixLength IPv6AddressPrefixLinkFlag IPv6AddressPrefixAdvvalidLifetime IPv6AddressPrefixAdvPreferredLifet ime alaIP[...]

IPv6 Commands show ipv6 routes Release 5.1.6.R02 User Guide Supplement June 2005 page 2-43 show ipv6 routes Displays IPv6 Forw arding Table. show ipv6 routes [ ipv6_prefix/prefix_lengt h | static] Syntax Definitions ipv6_prefix/prefix_length IPv6 prefix . Restricts the di splay to those routes starting with the speci - fied prefix. static Restricts[...]

show ipv6 routes IPv6 Commands page 2-44 Release 5.1.6.R02 User Guide Sup plement June 2005 Release History Release 5.1.6; command was int roduced. Related Commands MIB Objects IPv6RouteTable IPv6Routes IPv6RoutesPrefix IPV6RoutesStatic alaIPv6StaticRouteTable alaIPv6StaticRouteEntry ipv6 route Configures a stati c entry in the IPv6 rou te.[...]

IPv6 Commands show ipv6 tcp ports Release 5.1.6.R02 User Guide Supplement June 2005 page 2-45 show ipv6 tcp ports Displays TCP Over IPv6 Connect ion Table. This ta ble contains information about existing TCP c onnec- tions between IPv6 endpoints. show ipv6 tcp port s Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, [...]

show ipv6 tcp ports IPv6 Commands page 2-46 Release 5.1.6.R02 User Guide Sup plement June 2005 Related Commands MIB Objects IPv6TcpConnTable IPv6TcpConnEntry IPv6TcpConnLocalAddress IPv6TcpConnLocalPort IPv6TcpConnRemAddress IPv6TcpConnRemPort IPv6TcpConnIfIndex IPv6TcpConnState show ipv6 udp ports Displays the UDP Over IPv6 List ener Table.[...]

IPv6 Commands show ipv6 traffic Release 5.1.6.R02 User Guide Supplement June 2005 page 2-47 show ipv6 traffic Displays IPv6 traffic statistics. show ipv6 traffic [ if _name ] Syntax Definitions if_name Interface name. restricts the display to the specified interface instead of global statistics. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6[...]

show ipv6 traffic IPv6 Commands page 2-48 Release 5.1.6.R02 User Guide Sup plement June 2005 output definitions To t a l Total number of i nput packets rec eived, includ ing those receiv ed in error. Header err o rs Number of input packets discarde d due to errors in their IPv6 headers (e.g., version number mismatch, othe r format errors, hop count[...]

IPv6 Commands show ipv6 traffic Release 5.1.6.R02 User Guide Supplement June 2005 page 2-49 Release History Release 5.1.6; command was introduced. Related Commands MIB Objects ipv6IfStatsTable ipv6IfStatsInReceives ipv6IfStatsInHdrErrors ipv6IfStatsInTooBigErrors ipv6IfStatsInNoRoutes ipv6IfStatsInAddrErrors ipv6IfStatsInUnknownProtos ipv6IfStatsIn[...]

clear ipv6 traffic IPv6 Commands page 2-50 Release 5.1.6.R02 User Guide Sup plement June 2005 clear ipv6 traffic Resets all IPv6 traffic counters. clear ipv6 traffic Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines Use the show ipv6 traffic command to view current IPv6 traffic stat[...]

IPv6 Commands show ipv6 tunnel Release 5.1.6.R02 User Guide Supplement June 2005 page 2-51 show ipv6 tunnel Displays IPv6 Tunn el information and whether the 6t o4 tunnel is enabled . show ipv6 tunnel Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines N/A. Example -> show ipv6 tun[...]

show ipv6 tunnel IPv6 Commands page 2-52 Release 5.1.6.R02 User Guide Sup plement June 2005 Related Commands MIB Objects alaIPv6ConfigTunnelTable alaIPv6Tunnel6to4 alaIPv6ConfigTunnelv4Source alaIPv6ConfigTunnelv4Dest ipv6 interface tunnel sourc e destination Configures the so urce and destinatio n IPv4 addresses for a config- ured tunn el.[...]

IPv6 Commands show ipv6 udp ports Release 5.1.6.R02 User Guide Supplement June 2005 page 2-53 show ipv6 udp ports Displays the UDP Over IPv6 Listener Table. This tabl e contains informat ion about UDP/IPv6 endpoints. show ipv6 udp ports Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guideli[...]

show ipv6 udp ports IPv6 Commands page 2-54 Release 5.1.6.R02 User Guide Sup plement June 2005 MIB Objects IPv6UdpTable IPv6UdpEntry IPv6UdpLocalAddress IPv6UdpLocalPort IPv6UdpIfIndex[...]

IPv6 Commands ipv6 load rip Release 5.1.6.R02 User Guide Supplement June 2005 page 2-55 ipv6 load rip Loads RIPng into memory . When the switch i s initially co nfigured, you must lo ad RIPng into memory to enable RIPng routin g. ipv6 load rip Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage [...]

ipv6 rip status IPv6 Commands page 2-56 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 rip status Enables/disables RI Png on the switch. ipv6 rip status {enable | disable} Syntax Definitions N/A Defaults Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines RIPng must be loaded on the switch ( ipv6 l oad rip ) to e[...]

IPv6 Commands ipv6 rip invalid-ti mer Release 5.1.6.R02 User Guide Supplement June 2005 page 2-57 ipv6 rip invalid-timer Configures the amoun t of time a route remains active in RI B before being moved to the "Garbage" st ate. ipv6 rip invalid- timer seconds Syntax Definitions seconds Time, in seconds, that a route will remain in an “Ac[...]

ipv6 rip garbage-timer IPv6 Commands page 2-58 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 rip garbage-timer Configur es the RIPng garbage ti mer value. When a ro ute in the RIB exceeds the configured Inval id Timer Value, the route is move d to a “Gar bage” state in the the RIB. The garb age timer is the length of time a route will[...]

IPv6 Commands ipv6 rip holddown-timer Release 5.1.6.R02 User Guide Supplement June 2005 page 2-59 ipv6 rip holddown-timer Configures the amoun t of time a route is placed in a holddown state. Whenever a route is seen from the same gateway wit h a higher metric than the route in the RIB, the rout e goes into holddown. This excludes route updates wi [...]

ipv6 rip jitter IPv6 Commands page 2-60 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 rip jitter Configures an offset v alue for RIPng updates. Thi s is the maximum (po sitive or negative) value that can be used to offset th e update interval. For example, with an update in terval of 30 seconds, and a jitter value of 5 seconds, the RIPng [...]

IPv6 Commands ipv6 rip route-tag Release 5.1.6.R02 User Guide Supplement June 2005 page 2-61 ipv6 rip route -tag Configures the route t ag value for RIP routes generated by the switch. ipv6 rip route-tag value Syntax Definitions value Route tag value. Valid ra nge is 0 – 6 5535. Defaults Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 88[...]

ipv6 rip upda te-interval IPv6 Commands page 2-62 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 rip update -interval Configures th e RIPng update interval. Th is is the interv al, in seconds, that RIPng routing updat es will be sent out. ipv6 rip update-interval seconds Syntax Definitions seconds Interval, in second s, that RIPng routing [...]

IPv6 Commands ipv6 rip triggered-sends Release 5.1.6.R02 User Guide Supplement June 2005 page 2-63 ipv6 rip triggered- sends Configures the behavior of t riggered updates. ipv6 rip triggered-sends {all | updated-only | none} Syntax Definitions all All RIPng rou tes are added to any triggered updates. updated-only Only route changes that are causi n[...]

ipv6 rip interface IPv6 Commands page 2-64 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 rip interface Creates/delet es a RIPng interface. ipv6 rip interface if_name [no] ipv6 rip interface if_name Syntax Definitions if_name IPv6 in terface name. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines [...]

IPv6 Commands ipv6 rip interface Release 5.1.6.R02 User Guide Supplement June 2005 page 2-65 Related Commands MIB Objects alaRipngInterfaceTable alaRipngInterfaceStatus ipv6 load rip Loads RIPng into memory. ipv6 rip status Enables/disab les RIPng on the switch. ipv6 rip interface recv-status Configures IPv6 RIPng interf ace “R eceive” status. [...]

ipv6 rip interface metr ic IPv6 Commands page 2-66 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 rip interface metric Configures the RI Png metric or cost for a specified inte rface. You can set priorities for routes generated by a switch by assigning a metric val u e to routes gene rated by that swi tch’s RIPng interface. For example, [...]

IPv6 Commands ipv6 rip interface recv-status Release 5.1.6.R02 User Guide Supplement June 2005 page 2-67 ipv6 rip interface recv - status Configures IP v6 RIPng interface “Re ceive” status. When t his status is set to "enable", packets can be received on this interface. When it i s set to "disable", packets will not be recei[...]

ipv6 rip interface send-status IPv6 Commands page 2-68 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 rip interface send- status Configures IPv6 RIPng int erface “Send” status. When this status is set to "enable", packe ts can be sent from this interface. Whe n it is set to "di sable", packets will not be sent from [...]

IPv6 Commands ipv6 rip interface horizon Release 5.1.6.R02 User Guide Supplement June 2005 page 2-69 ipv6 rip interface horizon Configures the rou ting loop prev ention mechanisms. ipv6 rip interfac e if_name horizon {none | split-only | poison} Syntax Definitions if_name IPv6 in terface name. none | split-only | poison none - Disables loop prevent[...]

ipv6 rip debug-level IPv6 Commands page 2-70 Release 5.1.6.R02 User Guide Sup plement June 2005 ipv6 rip debug-level Configures the RI Png debug level fo r all debug ty pes. ipv6 rip debug-level level Syntax Definitions level Debug le vel. Valid range is 0 - 255. Defaults Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guideline[...]

IPv6 Commands ipv6 rip debug-type Release 5.1.6.R02 User Guide Supplement June 2005 page 2-71 ipv6 rip debug-type Configures the type of RIPng messages to debug. ipv6 rip debug-type [e rror] [warning] [r ecv] [s end] [rdb] [age] [mip] [in fo] [setup] [time] [tm] [all] Syntax Definitions error Includes error conditions, fail ures, processing errors,[...]

ipv6 rip debug-type IPv6 Commands page 2-72 Release 5.1.6.R02 User Guide Sup plement June 2005 Related Commands MIB Objects alaRipngDebug alaRipngDebugError alaRipngDebugWarn alaRipngDebugRecv alaRipngDebugSend alaRipngDebugRdb alaRipngDebugAge alaRipngDebugMip alaRipngDebugInfo alaRipngDebugSetup alaRipngDebugTime alaRipngDebugTm alaRipngDebugAll [...]

IPv6 Commands show ipv6 rip Release 5.1.6.R02 User Guide Supplement June 2005 page 2-73 show ipv6 rip Displays RIPng stat us and gene ral configurat ion parameters. show ipv6 rip Syntax Definitions N/A Defaults N/A Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines N/A Examples -> show ipv6 rip Status = Enabled, Numbe[...]

show ipv6 rip IPv6 Commands page 2-74 Release 5.1.6.R02 User Guide Sup plement June 2005 Release History Release 5.1; command was intr oduced. Related Commands MIB Objects alaRipngInterfaceTable alaRipngInterfaceStatus alaRipngRouteTag laRipngInvalidTimer alaRipngGarbageTimer alaRipngHolddownTimer alaRipngJitter alaRipngTriggeredSends ipv6 rip stat[...]

IPv6 Commands show ipv6 rip interface Release 5.1.6.R02 User Guide Supplement June 2005 page 2-75 show ipv6 rip interf ace Displays information for a ll or specified RIPng interfaces. show ipv6 rip in terface [ if_name ] Syntax Definitions if_name IPv6 in terface name. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usag[...]

show ipv6 rip interface IPv6 Commands page 2-76 Release 5.1.6.R02 User Guide Sup plement June 2005 Release History Release 5.1.6; command was int roduced. Related Commands Packets Sent Number of packets sent by the interfac e. Metric RIPng metric (cost) confi g ured for the inte rface. IPv6 interface index IPv6 interface index n umber . Interface s[...]

IPv6 Commands show ipv6 rip interface Release 5.1.6.R02 User Guide Supplement June 2005 page 2-77 MIB Objects alaRipngInterfaceTable alaRipngInterfaceEntry alaRipngInterfaceStatus alaRipngInterfacePacketsRcvd alaRipngInterfacePacketsSent alaRipngInterfaceMetric alaRipngInterfaceIndex alaRipngInterfaceNextUpdate alaRipngInterfaceHorizon alaRipngInte[...]

show ipv6 rip peer IPv6 Commands page 2-78 Release 5.1.6.R02 User Guide Sup plement June 2005 show ipv6 rip peer Displays a summary of the observed RIPng peers, or specific inform ati o n about a peer when a peer address is provided. show ipv6 rip peer [ ipv6_addresss ] Syntax Definitions ipv6_addresss IPv6 address of the peer. Defaults N/A. Platfo[...]

IPv6 Commands show ipv6 rip peer Release 5.1.6.R02 User Guide Supplement June 2005 page 2-79 Release History Release 5.1.6; command was introduced. Related Commands MIB Objects alaRipngPeerTable alaRipngPeerEntry alaRipngPeerAddress alaRipngPeerIndex alaRipngPeerLastUpdate alaRipngPeerNumUpdates alaRipngPeerBadPackets alaRipngPeerNumRoutes alaRipng[...]

show ipv6 rip routes IPv6 Commands page 2-80 Release 5.1.6.R02 User Guide Sup plement June 2005 show ipv6 rip routes Displays all or a specific set of ro u tes in the RIPng Routing Table. show ipv6 rip routes [dest <ipv6_prefix/prefix_l ength> ] | [gateway <ipv6_addr> ] | [detail <ipv6 prefix/prefix_ length> ] Syntax Definitions d[...]

IPv6 Commands show ipv6 rip routes Release 5.1.6.R02 User Guide Supplement June 2005 page 2-81 -> show ipv6 rip routes detail 9900: :/100 Destination = 9900::, Mask length = 100, Gateway(1) = fe80::2d0:95ff:fe1 2:e050, Protocol = Local, Out Interface = nssa23, Metric = 1, Status = Installed, State = Active, Age = 10544s, Tag = 0, Gateway(2) = fe[...]

show ipv6 rip routes IPv6 Commands page 2-82 Release 5.1.6.R02 User Guide Sup plement June 2005 MIB Objects alaRipngRouteTable alaRipngRouteEntry alaRipngRoutePrefixLen alaRipngRouteNextHop alaRipngRouteType alaRipngRouteAge alaRipngRouteTag alaRipngRouteStatus alaRipngRouteMetric[...]

IPv6 Commands show ipv6 rip debug Release 5.1.6.R02 User Guide Supplement June 2005 page 2-83 show ipv6 rip debug Displays the current RIPn g debug level and types. show ipv6 rip debug Syntax Definitions N/A. Defaults N/A. Platforms Support ed OmniSwitch 6624, 6648, 7 700, 7800, 8800 Usage Guidelines N/A. Example -> show ipv6 rip debug Debug Lev[...]

show ipv6 rip debug IPv6 Commands page 2-84 Release 5.1.6.R02 User Guide Sup plement June 2005 Release History Release 5.1.6; command was int roduced. Related Commands MIB Objects alaRipngDebug alaRipngDebugLevel alaRipngDebugError alaRipngDebugWarn alaRipngDebugRecv alaRipngDebugSend alaRipngDebugRdb alaRipngDebugAge alaRipngDebugMip alaRipngDebug[...]

Release 5.1.6.R02 User Guide Supplement June 2005 page 3-1 3 Configuring High A vailability VLANs High availability (HA) VLANs, u nlike standard VLANs, allow you to send traffic intended for a single destination MA C address to multiple switch ports. These high availability VLANs can be used to manage server clusters. In This Chapter This chapter d[...]

Configuring High Availability VLANs page 3-2 Release 5.1.6.R02 User Guid e Supplement June 2005 High A vailability VLANs Specifications The table below lists specifications for high availability VLAN software. High A vailability Default V alues The table below lists default values fo r high availability VLAN software. RFCs Supported 2674— Defini [...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-3 Quick Steps for Creating High A vailability VLANs Follow the steps b e low for a quick t utorial on configu r ing high availab ility (HA) VLANs. Additional information on how to configure each command is given in the se ctions tha t follow. 1 Create a def[...]

Configuring High Availability VLANs page 3-4 Release 5.1.6.R02 User Guid e Supplement June 2005 Note . Optional . You can display the configuration o f high availability VL ANs with the show mac- address-table port-mac command. For example: -> show mac-address-table port-mac 200 Port mac configuration for vlan 20 0 Bandwidth : 100 MB/sec Ingress[...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-5 High A vailability VLAN Over view High availabilit y (HA) VLANs send traffic intended for a si ngle destination MAC address t o multiple switch ports. This section prov ides a brief overview on ho w traffic flows in and out of high availability VLANs and [...]

Configuring High Availability VLANs page 3-6 Release 5.1.6.R02 User Guid e Supplement June 2005 Ingress and Egress T raffic Flows The figure below shows ho w ingress traffic is handled by high availability VLANs. Ingress to Egress Port Flow In the above example, pack ets recei ved on the ingress ports that are destined fo r the high a vailability V[...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-7 T raditional Firewall Implementation The figure below shows tw o high availabilit y VLANs th at are used to manage a th ird-party high av ailabil- ity firewa ll cluster. Unsecure traffic from t he Internet comes into the OmniSwitch th rough the ingre ss p[...]

Configuring High Availability VLANs page 3-8 Release 5.1.6.R02 User Guid e Supplement June 2005 Configuring High A vailability VLANs on a Switch This section describes how to use the Command Line Interface (CLI) commands to configure high avail- ability (HA) VLANs on a swit ch. For a brie f tutorial on configuring HA VLANs, see “Quic k Steps for [...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-9 • It is highly recommende d that all switches th at pa rt icipate in an HA VLAN configuration run in the same Spanning Tree mode an d use the same Spanning Tree protocol (STP, RSTP, MS TP). Use the show mac-address-table port-mac command to verify th e [...]

Configuring High Availability VLANs page 3-10 Release 5.1.6.R02 User Guide Sup plement June 2005 Deleting a VLAN To delete a VLAN use t he no form of the vlan command by entering no vlan followed by the VLAN’s ID number. For example, to delete high availability VLAN 10 enter: -> no vlan 10 Assigning and Removing Ingress Por ts The following su[...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-11 Removing Ingress Por ts To remove ingress ports from a high avail ability VLAN you use the no form of the vlan port-mac ingress-port command by entering vlan , followed by the V LAN’s ID number, port- mac no ingress-port , the slot number of the port, [...]

Configuring High Availability VLANs page 3-12 Release 5.1.6.R02 User Guide Sup plement June 2005 Assigning and Removing Egress Por ts The following su bsections describe how to assig n to and remove egress ports from a high availability VLAN with the vlan port-mac egress-port command. Note. Using the vlan port-mac egress-port command will change a [...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-13 You can also remove multiple egress ports by entering vlan , followed by the VLAN’s ID number, port- mac no egress-port , the slot number of the first port, a slas h ( / ), the port number of the first port, a space, the slot number of t he second port[...]

Configuring High Availability VLANs page 3-14 Release 5.1.6.R02 User Guide Sup plement June 2005 Removing MAC Addresses To remove a MAC address associate d wi th a high availab ility VLAN, use the no form of the mac- address-table port-m ac vlan mac command. For example, the fol l owing command removes MAC address 00:25: 9a:5c:2f:10 from VLAN 20: -[...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-15 Configuring the Flood Queue Bandwi dth When the first HA VLAN is created on the switch, an ingress flood queue is auto matically created for HA VLAN traffic. By default, the bandwidth si ze of this queue is set to 15mbps. To change the ban dwidth size, u[...]

Configuring High Availability VLANs page 3-16 Release 5.1.6.R02 User Guide Sup plement June 2005 Application Example 1: Firewall Cluster This section describ es how to configure the traditional firewal l implementation, which uses a third-party high availabi lity firewall cluster, described i n “Traditional Firew all Implementation” on page 3-7[...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-17 Application Example 2: Inter-Switch HA VLANs This section describes ho w to implemen t an HA VL AN configuration across t w o switches. As shown in the figure below: • Ports 3/7 and 5/4 connect Switch 1 and Switc h 2. Be cause these ports are both tagg[...]

Configuring High Availability VLANs page 3-18 Release 5.1.6.R02 User Guide Sup plement June 2005 -> vlan 2 port default 1/1-3 5/4 4 Configure VLAN 5, which will become an HA VLA N, on both Switch 1 and Switch 2 with the vlan command as shown below: -> vlan 5 5 Assign the ingress p orts 2/5, 2/6, and 2/7 to VLA N 5 on Switch 1 with the vlan po[...]

Configuring High Availability VLANs Release 5.1.6.R02 User Guide Supplement June 2005 page 3-19 Displaying High A vaila bility VLAN Status and Statistics You can use CLI show commands to display the current con figuration and statistics of high availability VLANs on a switch. These commands in clude the follow ing: To display the status and confi g[...]

Configuring High Availability VLANs page 3-20 Release 5.1.6.R02 User Guide Sup plement June 2005 A screen similar to th e following will be displayed: Port mac configuration for vlan 10 Bandwidth : 15 MB/sec Ingress Port list: 3/5 3/7 Egress Port list: 3/9 3/6 Mac Address list: 00:11:22:33:44:55 00:13:14:34:34:78 01:23:45:67:11:21 Note. See the Omn[...]